---
# This manifest was generated by flux. DO NOT EDIT.
-# Flux Version: v2.4.0
+# Flux Version: v2.1.2
# Components: source-controller,kustomize-controller,helm-controller,notification-controller
apiVersion: v1
kind: Namespace
labels:
app.kubernetes.io/instance: flux-system
app.kubernetes.io/part-of: flux
- app.kubernetes.io/version: v2.4.0
+ app.kubernetes.io/version: v2.1.2
pod-security.kubernetes.io/warn: restricted
pod-security.kubernetes.io/warn-version: latest
name: flux-system
labels:
app.kubernetes.io/instance: flux-system
app.kubernetes.io/part-of: flux
- app.kubernetes.io/version: v2.4.0
+ app.kubernetes.io/version: v2.1.2
name: allow-egress
namespace: flux-system
spec:
labels:
app.kubernetes.io/instance: flux-system
app.kubernetes.io/part-of: flux
- app.kubernetes.io/version: v2.4.0
+ app.kubernetes.io/version: v2.1.2
name: allow-scraping
namespace: flux-system
spec:
labels:
app.kubernetes.io/instance: flux-system
app.kubernetes.io/part-of: flux
- app.kubernetes.io/version: v2.4.0
+ app.kubernetes.io/version: v2.1.2
name: allow-webhooks
namespace: flux-system
spec:
labels:
app.kubernetes.io/instance: flux-system
app.kubernetes.io/part-of: flux
- app.kubernetes.io/version: v2.4.0
+ app.kubernetes.io/version: v2.1.2
name: critical-pods-flux-system
namespace: flux-system
spec:
labels:
app.kubernetes.io/instance: flux-system
app.kubernetes.io/part-of: flux
- app.kubernetes.io/version: v2.4.0
+ app.kubernetes.io/version: v2.1.2
name: crd-controller-flux-system
rules:
- apiGroups:
- update
- patch
- delete
-- nonResourceURLs:
- - /livez/ping
- verbs:
- - head
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
labels:
app.kubernetes.io/instance: flux-system
app.kubernetes.io/part-of: flux
- app.kubernetes.io/version: v2.4.0
+ app.kubernetes.io/version: v2.1.2
rbac.authorization.k8s.io/aggregate-to-admin: "true"
rbac.authorization.k8s.io/aggregate-to-edit: "true"
name: flux-edit-flux-system
labels:
app.kubernetes.io/instance: flux-system
app.kubernetes.io/part-of: flux
- app.kubernetes.io/version: v2.4.0
+ app.kubernetes.io/version: v2.1.2
rbac.authorization.k8s.io/aggregate-to-admin: "true"
rbac.authorization.k8s.io/aggregate-to-edit: "true"
rbac.authorization.k8s.io/aggregate-to-view: "true"
labels:
app.kubernetes.io/instance: flux-system
app.kubernetes.io/part-of: flux
- app.kubernetes.io/version: v2.4.0
+ app.kubernetes.io/version: v2.1.2
name: cluster-reconciler-flux-system
roleRef:
apiGroup: rbac.authorization.k8s.io
labels:
app.kubernetes.io/instance: flux-system
app.kubernetes.io/part-of: flux
- app.kubernetes.io/version: v2.4.0
+ app.kubernetes.io/version: v2.1.2
name: crd-controller-flux-system
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: CustomResourceDefinition
metadata:
annotations:
- controller-gen.kubebuilder.io/version: v0.16.1
+ controller-gen.kubebuilder.io/version: v0.12.0
labels:
app.kubernetes.io/component: source-controller
app.kubernetes.io/instance: flux-system
app.kubernetes.io/part-of: flux
- app.kubernetes.io/version: v2.4.0
+ app.kubernetes.io/version: v2.1.2
name: buckets.source.toolkit.fluxcd.io
spec:
group: source.toolkit.fluxcd.io
singular: bucket
scope: Namespaced
versions:
- - additionalPrinterColumns:
- - jsonPath: .spec.endpoint
- name: Endpoint
- type: string
- - jsonPath: .metadata.creationTimestamp
- name: Age
- type: date
- - jsonPath: .status.conditions[?(@.type=="Ready")].status
- name: Ready
- type: string
- - jsonPath: .status.conditions[?(@.type=="Ready")].message
- name: Status
- type: string
- name: v1
- schema:
- openAPIV3Schema:
- description: Bucket is the Schema for the buckets API.
- properties:
- apiVersion:
- description: |-
- APIVersion defines the versioned schema of this representation of an object.
- Servers should convert recognized schemas to the latest internal value, and
- may reject unrecognized values.
- More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
- type: string
- kind:
- description: |-
- Kind is a string value representing the REST resource this object represents.
- Servers may infer this from the endpoint the client submits requests to.
- Cannot be updated.
- In CamelCase.
- More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
- type: string
- metadata:
- type: object
- spec:
- description: |-
- BucketSpec specifies the required configuration to produce an Artifact for
- an object storage bucket.
- properties:
- bucketName:
- description: BucketName is the name of the object storage bucket.
- type: string
- certSecretRef:
- description: |-
- CertSecretRef can be given the name of a Secret containing
- either or both of
-
- - a PEM-encoded client certificate (`tls.crt`) and private
- key (`tls.key`);
- - a PEM-encoded CA certificate (`ca.crt`)
-
- and whichever are supplied, will be used for connecting to the
- bucket. The client cert and key are useful if you are
- authenticating with a certificate; the CA cert is useful if
- you are using a self-signed server certificate. The Secret must
- be of type `Opaque` or `kubernetes.io/tls`.
-
- This field is only supported for the `generic` provider.
- properties:
- name:
- description: Name of the referent.
- type: string
- required:
- - name
- type: object
- endpoint:
- description: Endpoint is the object storage address the BucketName
- is located at.
- type: string
- ignore:
- description: |-
- Ignore overrides the set of excluded patterns in the .sourceignore format
- (which is the same as .gitignore). If not provided, a default will be used,
- consult the documentation for your version to find out what those are.
- type: string
- insecure:
- description: Insecure allows connecting to a non-TLS HTTP Endpoint.
- type: boolean
- interval:
- description: |-
- Interval at which the Bucket Endpoint is checked for updates.
- This interval is approximate and may be subject to jitter to ensure
- efficient use of resources.
- pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$
- type: string
- prefix:
- description: Prefix to use for server-side filtering of files in the
- Bucket.
- type: string
- provider:
- default: generic
- description: |-
- Provider of the object storage bucket.
- Defaults to 'generic', which expects an S3 (API) compatible object
- storage.
- enum:
- - generic
- - aws
- - gcp
- - azure
- type: string
- proxySecretRef:
- description: |-
- ProxySecretRef specifies the Secret containing the proxy configuration
- to use while communicating with the Bucket server.
- properties:
- name:
- description: Name of the referent.
- type: string
- required:
- - name
- type: object
- region:
- description: Region of the Endpoint where the BucketName is located
- in.
- type: string
- secretRef:
- description: |-
- SecretRef specifies the Secret containing authentication credentials
- for the Bucket.
- properties:
- name:
- description: Name of the referent.
- type: string
- required:
- - name
- type: object
- sts:
- description: |-
- STS specifies the required configuration to use a Security Token
- Service for fetching temporary credentials to authenticate in a
- Bucket provider.
-
- This field is only supported for the `aws` and `generic` providers.
- properties:
- certSecretRef:
- description: |-
- CertSecretRef can be given the name of a Secret containing
- either or both of
-
- - a PEM-encoded client certificate (`tls.crt`) and private
- key (`tls.key`);
- - a PEM-encoded CA certificate (`ca.crt`)
-
- and whichever are supplied, will be used for connecting to the
- STS endpoint. The client cert and key are useful if you are
- authenticating with a certificate; the CA cert is useful if
- you are using a self-signed server certificate. The Secret must
- be of type `Opaque` or `kubernetes.io/tls`.
-
- This field is only supported for the `ldap` provider.
- properties:
- name:
- description: Name of the referent.
- type: string
- required:
- - name
- type: object
- endpoint:
- description: |-
- Endpoint is the HTTP/S endpoint of the Security Token Service from
- where temporary credentials will be fetched.
- pattern: ^(http|https)://.*$
- type: string
- provider:
- description: Provider of the Security Token Service.
- enum:
- - aws
- - ldap
- type: string
- secretRef:
- description: |-
- SecretRef specifies the Secret containing authentication credentials
- for the STS endpoint. This Secret must contain the fields `username`
- and `password` and is supported only for the `ldap` provider.
- properties:
- name:
- description: Name of the referent.
- type: string
- required:
- - name
- type: object
- required:
- - endpoint
- - provider
- type: object
- suspend:
- description: |-
- Suspend tells the controller to suspend the reconciliation of this
- Bucket.
- type: boolean
- timeout:
- default: 60s
- description: Timeout for fetch operations, defaults to 60s.
- pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m))+$
- type: string
- required:
- - bucketName
- - endpoint
- - interval
- type: object
- x-kubernetes-validations:
- - message: STS configuration is only supported for the 'aws' and 'generic'
- Bucket providers
- rule: self.provider == 'aws' || self.provider == 'generic' || !has(self.sts)
- - message: '''aws'' is the only supported STS provider for the ''aws''
- Bucket provider'
- rule: self.provider != 'aws' || !has(self.sts) || self.sts.provider
- == 'aws'
- - message: '''ldap'' is the only supported STS provider for the ''generic''
- Bucket provider'
- rule: self.provider != 'generic' || !has(self.sts) || self.sts.provider
- == 'ldap'
- - message: spec.sts.secretRef is not required for the 'aws' STS provider
- rule: '!has(self.sts) || self.sts.provider != ''aws'' || !has(self.sts.secretRef)'
- - message: spec.sts.certSecretRef is not required for the 'aws' STS provider
- rule: '!has(self.sts) || self.sts.provider != ''aws'' || !has(self.sts.certSecretRef)'
- status:
- default:
- observedGeneration: -1
- description: BucketStatus records the observed state of a Bucket.
- properties:
- artifact:
- description: Artifact represents the last successful Bucket reconciliation.
- properties:
- digest:
- description: Digest is the digest of the file in the form of '<algorithm>:<checksum>'.
- pattern: ^[a-z0-9]+(?:[.+_-][a-z0-9]+)*:[a-zA-Z0-9=_-]+$
- type: string
- lastUpdateTime:
- description: |-
- LastUpdateTime is the timestamp corresponding to the last update of the
- Artifact.
- format: date-time
- type: string
- metadata:
- additionalProperties:
- type: string
- description: Metadata holds upstream information such as OCI annotations.
- type: object
- path:
- description: |-
- Path is the relative file path of the Artifact. It can be used to locate
- the file in the root of the Artifact storage on the local file system of
- the controller managing the Source.
- type: string
- revision:
- description: |-
- Revision is a human-readable identifier traceable in the origin source
- system. It can be a Git commit SHA, Git tag, a Helm chart version, etc.
- type: string
- size:
- description: Size is the number of bytes in the file.
- format: int64
- type: integer
- url:
- description: |-
- URL is the HTTP address of the Artifact as exposed by the controller
- managing the Source. It can be used to retrieve the Artifact for
- consumption, e.g. by another controller applying the Artifact contents.
- type: string
- required:
- - lastUpdateTime
- - path
- - revision
- - url
- type: object
- conditions:
- description: Conditions holds the conditions for the Bucket.
- items:
- description: Condition contains details for one aspect of the current
- state of this API Resource.
- properties:
- lastTransitionTime:
- description: |-
- lastTransitionTime is the last time the condition transitioned from one status to another.
- This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable.
- format: date-time
- type: string
- message:
- description: |-
- message is a human readable message indicating details about the transition.
- This may be an empty string.
- maxLength: 32768
- type: string
- observedGeneration:
- description: |-
- observedGeneration represents the .metadata.generation that the condition was set based upon.
- For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date
- with respect to the current state of the instance.
- format: int64
- minimum: 0
- type: integer
- reason:
- description: |-
- reason contains a programmatic identifier indicating the reason for the condition's last transition.
- Producers of specific condition types may define expected values and meanings for this field,
- and whether the values are considered a guaranteed API.
- The value should be a CamelCase string.
- This field may not be empty.
- maxLength: 1024
- minLength: 1
- pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$
- type: string
- status:
- description: status of the condition, one of True, False, Unknown.
- enum:
- - "True"
- - "False"
- - Unknown
- type: string
- type:
- description: type of condition in CamelCase or in foo.example.com/CamelCase.
- maxLength: 316
- pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$
- type: string
- required:
- - lastTransitionTime
- - message
- - reason
- - status
- - type
- type: object
- type: array
- lastHandledReconcileAt:
- description: |-
- LastHandledReconcileAt holds the value of the most recent
- reconcile request value, so a change of the annotation value
- can be detected.
- type: string
- observedGeneration:
- description: ObservedGeneration is the last observed generation of
- the Bucket object.
- format: int64
- type: integer
- observedIgnore:
- description: |-
- ObservedIgnore is the observed exclusion patterns used for constructing
- the source artifact.
- type: string
- url:
- description: |-
- URL is the dynamic fetch link for the latest Artifact.
- It is provided on a "best effort" basis, and using the precise
- BucketStatus.Artifact data is recommended.
- type: string
- type: object
- type: object
- served: true
- storage: true
- subresources:
- status: {}
- additionalPrinterColumns:
- jsonPath: .spec.endpoint
name: Endpoint
- jsonPath: .metadata.creationTimestamp
name: Age
type: date
- deprecated: true
- deprecationWarning: v1beta1 Bucket is deprecated, upgrade to v1
name: v1beta1
schema:
openAPIV3Schema:
description: Bucket is the Schema for the buckets API
properties:
apiVersion:
- description: |-
- APIVersion defines the versioned schema of this representation of an object.
- Servers should convert recognized schemas to the latest internal value, and
- may reject unrecognized values.
- More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
+ description: 'APIVersion defines the versioned schema of this representation
+ of an object. Servers should convert recognized schemas to the latest
+ internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
type: string
kind:
- description: |-
- Kind is a string value representing the REST resource this object represents.
- Servers may infer this from the endpoint the client submits requests to.
- Cannot be updated.
- In CamelCase.
- More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
+ description: 'Kind is a string value representing the REST resource this
+ object represents. Servers may infer this from the endpoint the client
+ submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
type: string
metadata:
type: object
cross-namespace references to this object.
properties:
namespaceSelectors:
- description: |-
- NamespaceSelectors is the list of namespace selectors to which this ACL applies.
- Items in this list are evaluated using a logical OR operation.
+ description: NamespaceSelectors is the list of namespace selectors
+ to which this ACL applies. Items in this list are evaluated
+ using a logical OR operation.
items:
- description: |-
- NamespaceSelector selects the namespaces to which this ACL applies.
- An empty map of MatchLabels matches all namespaces in a cluster.
+ description: NamespaceSelector selects the namespaces to which
+ this ACL applies. An empty map of MatchLabels matches all
+ namespaces in a cluster.
properties:
matchLabels:
additionalProperties:
type: string
- description: |-
- MatchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels
- map is equivalent to an element of matchExpressions, whose key field is "key", the
- operator is "In", and the values array contains only "value". The requirements are ANDed.
+ description: MatchLabels is a map of {key,value} pairs.
+ A single {key,value} in the matchLabels map is equivalent
+ to an element of matchExpressions, whose key field is
+ "key", the operator is "In", and the values array contains
+ only "value". The requirements are ANDed.
type: object
type: object
type: array
description: The bucket endpoint address.
type: string
ignore:
- description: |-
- Ignore overrides the set of excluded patterns in the .sourceignore format
- (which is the same as .gitignore). If not provided, a default will be used,
- consult the documentation for your version to find out what those are.
+ description: Ignore overrides the set of excluded patterns in the
+ .sourceignore format (which is the same as .gitignore). If not provided,
+ a default will be used, consult the documentation for your version
+ to find out what those are.
type: string
insecure:
description: Insecure allows connecting to a non-TLS S3 HTTP endpoint.
description: The bucket region.
type: string
secretRef:
- description: |-
- The name of the secret containing authentication credentials
+ description: The name of the secret containing authentication credentials
for the Bucket.
properties:
name:
description: Checksum is the SHA256 checksum of the artifact.
type: string
lastUpdateTime:
- description: |-
- LastUpdateTime is the timestamp corresponding to the last update of this
- artifact.
+ description: LastUpdateTime is the timestamp corresponding to
+ the last update of this artifact.
format: date-time
type: string
path:
description: Path is the relative file path of this artifact.
type: string
revision:
- description: |-
- Revision is a human readable identifier traceable in the origin source
- system. It can be a Git commit SHA, Git tag, a Helm index timestamp, a Helm
- chart version, etc.
+ description: Revision is a human readable identifier traceable
+ in the origin source system. It can be a Git commit SHA, Git
+ tag, a Helm index timestamp, a Helm chart version, etc.
type: string
url:
description: URL is the HTTP address of this artifact.
type: string
required:
- - lastUpdateTime
- path
- url
type: object
conditions:
description: Conditions holds the conditions for the Bucket.
items:
- description: Condition contains details for one aspect of the current
- state of this API Resource.
+ description: "Condition contains details for one aspect of the current
+ state of this API Resource. --- This struct is intended for direct
+ use as an array at the field path .status.conditions. For example,
+ \n type FooStatus struct{ // Represents the observations of a
+ foo's current state. // Known .status.conditions.type are: \"Available\",
+ \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge
+ // +listType=map // +listMapKey=type Conditions []metav1.Condition
+ `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\"
+ protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }"
properties:
lastTransitionTime:
- description: |-
- lastTransitionTime is the last time the condition transitioned from one status to another.
- This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable.
+ description: lastTransitionTime is the last time the condition
+ transitioned from one status to another. This should be when
+ the underlying condition changed. If that is not known, then
+ using the time when the API field changed is acceptable.
format: date-time
type: string
message:
- description: |-
- message is a human readable message indicating details about the transition.
- This may be an empty string.
+ description: message is a human readable message indicating
+ details about the transition. This may be an empty string.
maxLength: 32768
type: string
observedGeneration:
- description: |-
- observedGeneration represents the .metadata.generation that the condition was set based upon.
- For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date
- with respect to the current state of the instance.
+ description: observedGeneration represents the .metadata.generation
+ that the condition was set based upon. For instance, if .metadata.generation
+ is currently 12, but the .status.conditions[x].observedGeneration
+ is 9, the condition is out of date with respect to the current
+ state of the instance.
format: int64
minimum: 0
type: integer
reason:
- description: |-
- reason contains a programmatic identifier indicating the reason for the condition's last transition.
- Producers of specific condition types may define expected values and meanings for this field,
- and whether the values are considered a guaranteed API.
- The value should be a CamelCase string.
+ description: reason contains a programmatic identifier indicating
+ the reason for the condition's last transition. Producers
+ of specific condition types may define expected values and
+ meanings for this field, and whether the values are considered
+ a guaranteed API. The value should be a CamelCase string.
This field may not be empty.
maxLength: 1024
minLength: 1
type: string
type:
description: type of condition in CamelCase or in foo.example.com/CamelCase.
+ --- Many .condition.type values are consistent across resources
+ like Available, but because arbitrary conditions can be useful
+ (see .node.status.conditions), the ability to deconflict is
+ important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt)
maxLength: 316
pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$
type: string
type: object
type: array
lastHandledReconcileAt:
- description: |-
- LastHandledReconcileAt holds the value of the most recent
- reconcile request value, so a change of the annotation value
- can be detected.
+ description: LastHandledReconcileAt holds the value of the most recent
+ reconcile request value, so a change of the annotation value can
+ be detected.
type: string
observedGeneration:
description: ObservedGeneration is the last observed generation.
- jsonPath: .status.conditions[?(@.type=="Ready")].message
name: Status
type: string
- deprecated: true
- deprecationWarning: v1beta2 Bucket is deprecated, upgrade to v1
name: v1beta2
schema:
openAPIV3Schema:
description: Bucket is the Schema for the buckets API.
properties:
apiVersion:
- description: |-
- APIVersion defines the versioned schema of this representation of an object.
- Servers should convert recognized schemas to the latest internal value, and
- may reject unrecognized values.
- More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
+ description: 'APIVersion defines the versioned schema of this representation
+ of an object. Servers should convert recognized schemas to the latest
+ internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
type: string
kind:
- description: |-
- Kind is a string value representing the REST resource this object represents.
- Servers may infer this from the endpoint the client submits requests to.
- Cannot be updated.
- In CamelCase.
- More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
+ description: 'Kind is a string value representing the REST resource this
+ object represents. Servers may infer this from the endpoint the client
+ submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
type: string
metadata:
type: object
spec:
- description: |-
- BucketSpec specifies the required configuration to produce an Artifact for
- an object storage bucket.
+ description: BucketSpec specifies the required configuration to produce
+ an Artifact for an object storage bucket.
properties:
accessFrom:
- description: |-
- AccessFrom specifies an Access Control List for allowing cross-namespace
- references to this object.
- NOTE: Not implemented, provisional as of https://github.com/fluxcd/flux2/pull/2092
+ description: 'AccessFrom specifies an Access Control List for allowing
+ cross-namespace references to this object. NOTE: Not implemented,
+ provisional as of https://github.com/fluxcd/flux2/pull/2092'
properties:
namespaceSelectors:
- description: |-
- NamespaceSelectors is the list of namespace selectors to which this ACL applies.
- Items in this list are evaluated using a logical OR operation.
+ description: NamespaceSelectors is the list of namespace selectors
+ to which this ACL applies. Items in this list are evaluated
+ using a logical OR operation.
items:
- description: |-
- NamespaceSelector selects the namespaces to which this ACL applies.
- An empty map of MatchLabels matches all namespaces in a cluster.
+ description: NamespaceSelector selects the namespaces to which
+ this ACL applies. An empty map of MatchLabels matches all
+ namespaces in a cluster.
properties:
matchLabels:
additionalProperties:
type: string
- description: |-
- MatchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels
- map is equivalent to an element of matchExpressions, whose key field is "key", the
- operator is "In", and the values array contains only "value". The requirements are ANDed.
+ description: MatchLabels is a map of {key,value} pairs.
+ A single {key,value} in the matchLabels map is equivalent
+ to an element of matchExpressions, whose key field is
+ "key", the operator is "In", and the values array contains
+ only "value". The requirements are ANDed.
type: object
type: object
type: array
bucketName:
description: BucketName is the name of the object storage bucket.
type: string
- certSecretRef:
- description: |-
- CertSecretRef can be given the name of a Secret containing
- either or both of
-
- - a PEM-encoded client certificate (`tls.crt`) and private
- key (`tls.key`);
- - a PEM-encoded CA certificate (`ca.crt`)
-
- and whichever are supplied, will be used for connecting to the
- bucket. The client cert and key are useful if you are
- authenticating with a certificate; the CA cert is useful if
- you are using a self-signed server certificate. The Secret must
- be of type `Opaque` or `kubernetes.io/tls`.
-
- This field is only supported for the `generic` provider.
- properties:
- name:
- description: Name of the referent.
- type: string
- required:
- - name
- type: object
endpoint:
description: Endpoint is the object storage address the BucketName
is located at.
type: string
ignore:
- description: |-
- Ignore overrides the set of excluded patterns in the .sourceignore format
- (which is the same as .gitignore). If not provided, a default will be used,
- consult the documentation for your version to find out what those are.
+ description: Ignore overrides the set of excluded patterns in the
+ .sourceignore format (which is the same as .gitignore). If not provided,
+ a default will be used, consult the documentation for your version
+ to find out what those are.
type: string
insecure:
description: Insecure allows connecting to a non-TLS HTTP Endpoint.
type: boolean
interval:
- description: |-
- Interval at which the Bucket Endpoint is checked for updates.
- This interval is approximate and may be subject to jitter to ensure
- efficient use of resources.
+ description: Interval at which the Bucket Endpoint is checked for
+ updates. This interval is approximate and may be subject to jitter
+ to ensure efficient use of resources.
pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$
type: string
- prefix:
- description: Prefix to use for server-side filtering of files in the
- Bucket.
- type: string
provider:
default: generic
- description: |-
- Provider of the object storage bucket.
- Defaults to 'generic', which expects an S3 (API) compatible object
- storage.
+ description: Provider of the object storage bucket. Defaults to 'generic',
+ which expects an S3 (API) compatible object storage.
enum:
- generic
- aws
- gcp
- azure
type: string
- proxySecretRef:
- description: |-
- ProxySecretRef specifies the Secret containing the proxy configuration
- to use while communicating with the Bucket server.
- properties:
- name:
- description: Name of the referent.
- type: string
- required:
- - name
- type: object
region:
description: Region of the Endpoint where the BucketName is located
in.
type: string
secretRef:
- description: |-
- SecretRef specifies the Secret containing authentication credentials
- for the Bucket.
+ description: SecretRef specifies the Secret containing authentication
+ credentials for the Bucket.
properties:
name:
description: Name of the referent.
required:
- name
type: object
- sts:
- description: |-
- STS specifies the required configuration to use a Security Token
- Service for fetching temporary credentials to authenticate in a
- Bucket provider.
-
- This field is only supported for the `aws` and `generic` providers.
- properties:
- certSecretRef:
- description: |-
- CertSecretRef can be given the name of a Secret containing
- either or both of
-
- - a PEM-encoded client certificate (`tls.crt`) and private
- key (`tls.key`);
- - a PEM-encoded CA certificate (`ca.crt`)
-
- and whichever are supplied, will be used for connecting to the
- STS endpoint. The client cert and key are useful if you are
- authenticating with a certificate; the CA cert is useful if
- you are using a self-signed server certificate. The Secret must
- be of type `Opaque` or `kubernetes.io/tls`.
-
- This field is only supported for the `ldap` provider.
- properties:
- name:
- description: Name of the referent.
- type: string
- required:
- - name
- type: object
- endpoint:
- description: |-
- Endpoint is the HTTP/S endpoint of the Security Token Service from
- where temporary credentials will be fetched.
- pattern: ^(http|https)://.*$
- type: string
- provider:
- description: Provider of the Security Token Service.
- enum:
- - aws
- - ldap
- type: string
- secretRef:
- description: |-
- SecretRef specifies the Secret containing authentication credentials
- for the STS endpoint. This Secret must contain the fields `username`
- and `password` and is supported only for the `ldap` provider.
- properties:
- name:
- description: Name of the referent.
- type: string
- required:
- - name
- type: object
- required:
- - endpoint
- - provider
- type: object
suspend:
- description: |-
- Suspend tells the controller to suspend the reconciliation of this
- Bucket.
+ description: Suspend tells the controller to suspend the reconciliation
+ of this Bucket.
type: boolean
timeout:
default: 60s
- endpoint
- interval
type: object
- x-kubernetes-validations:
- - message: STS configuration is only supported for the 'aws' and 'generic'
- Bucket providers
- rule: self.provider == 'aws' || self.provider == 'generic' || !has(self.sts)
- - message: '''aws'' is the only supported STS provider for the ''aws''
- Bucket provider'
- rule: self.provider != 'aws' || !has(self.sts) || self.sts.provider
- == 'aws'
- - message: '''ldap'' is the only supported STS provider for the ''generic''
- Bucket provider'
- rule: self.provider != 'generic' || !has(self.sts) || self.sts.provider
- == 'ldap'
- - message: spec.sts.secretRef is not required for the 'aws' STS provider
- rule: '!has(self.sts) || self.sts.provider != ''aws'' || !has(self.sts.secretRef)'
- - message: spec.sts.certSecretRef is not required for the 'aws' STS provider
- rule: '!has(self.sts) || self.sts.provider != ''aws'' || !has(self.sts.certSecretRef)'
status:
default:
observedGeneration: -1
pattern: ^[a-z0-9]+(?:[.+_-][a-z0-9]+)*:[a-zA-Z0-9=_-]+$
type: string
lastUpdateTime:
- description: |-
- LastUpdateTime is the timestamp corresponding to the last update of the
- Artifact.
+ description: LastUpdateTime is the timestamp corresponding to
+ the last update of the Artifact.
format: date-time
type: string
metadata:
description: Metadata holds upstream information such as OCI annotations.
type: object
path:
- description: |-
- Path is the relative file path of the Artifact. It can be used to locate
- the file in the root of the Artifact storage on the local file system of
- the controller managing the Source.
+ description: Path is the relative file path of the Artifact. It
+ can be used to locate the file in the root of the Artifact storage
+ on the local file system of the controller managing the Source.
type: string
revision:
- description: |-
- Revision is a human-readable identifier traceable in the origin source
- system. It can be a Git commit SHA, Git tag, a Helm chart version, etc.
+ description: Revision is a human-readable identifier traceable
+ in the origin source system. It can be a Git commit SHA, Git
+ tag, a Helm chart version, etc.
type: string
size:
description: Size is the number of bytes in the file.
format: int64
type: integer
url:
- description: |-
- URL is the HTTP address of the Artifact as exposed by the controller
- managing the Source. It can be used to retrieve the Artifact for
- consumption, e.g. by another controller applying the Artifact contents.
+ description: URL is the HTTP address of the Artifact as exposed
+ by the controller managing the Source. It can be used to retrieve
+ the Artifact for consumption, e.g. by another controller applying
+ the Artifact contents.
type: string
required:
- lastUpdateTime
conditions:
description: Conditions holds the conditions for the Bucket.
items:
- description: Condition contains details for one aspect of the current
- state of this API Resource.
+ description: "Condition contains details for one aspect of the current
+ state of this API Resource. --- This struct is intended for direct
+ use as an array at the field path .status.conditions. For example,
+ \n type FooStatus struct{ // Represents the observations of a
+ foo's current state. // Known .status.conditions.type are: \"Available\",
+ \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge
+ // +listType=map // +listMapKey=type Conditions []metav1.Condition
+ `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\"
+ protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }"
properties:
lastTransitionTime:
- description: |-
- lastTransitionTime is the last time the condition transitioned from one status to another.
- This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable.
+ description: lastTransitionTime is the last time the condition
+ transitioned from one status to another. This should be when
+ the underlying condition changed. If that is not known, then
+ using the time when the API field changed is acceptable.
format: date-time
type: string
message:
- description: |-
- message is a human readable message indicating details about the transition.
- This may be an empty string.
+ description: message is a human readable message indicating
+ details about the transition. This may be an empty string.
maxLength: 32768
type: string
observedGeneration:
- description: |-
- observedGeneration represents the .metadata.generation that the condition was set based upon.
- For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date
- with respect to the current state of the instance.
+ description: observedGeneration represents the .metadata.generation
+ that the condition was set based upon. For instance, if .metadata.generation
+ is currently 12, but the .status.conditions[x].observedGeneration
+ is 9, the condition is out of date with respect to the current
+ state of the instance.
format: int64
minimum: 0
type: integer
reason:
- description: |-
- reason contains a programmatic identifier indicating the reason for the condition's last transition.
- Producers of specific condition types may define expected values and meanings for this field,
- and whether the values are considered a guaranteed API.
- The value should be a CamelCase string.
+ description: reason contains a programmatic identifier indicating
+ the reason for the condition's last transition. Producers
+ of specific condition types may define expected values and
+ meanings for this field, and whether the values are considered
+ a guaranteed API. The value should be a CamelCase string.
This field may not be empty.
maxLength: 1024
minLength: 1
type: string
type:
description: type of condition in CamelCase or in foo.example.com/CamelCase.
+ --- Many .condition.type values are consistent across resources
+ like Available, but because arbitrary conditions can be useful
+ (see .node.status.conditions), the ability to deconflict is
+ important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt)
maxLength: 316
pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$
type: string
type: object
type: array
lastHandledReconcileAt:
- description: |-
- LastHandledReconcileAt holds the value of the most recent
- reconcile request value, so a change of the annotation value
- can be detected.
+ description: LastHandledReconcileAt holds the value of the most recent
+ reconcile request value, so a change of the annotation value can
+ be detected.
type: string
observedGeneration:
description: ObservedGeneration is the last observed generation of
format: int64
type: integer
observedIgnore:
- description: |-
- ObservedIgnore is the observed exclusion patterns used for constructing
- the source artifact.
+ description: ObservedIgnore is the observed exclusion patterns used
+ for constructing the source artifact.
type: string
url:
- description: |-
- URL is the dynamic fetch link for the latest Artifact.
- It is provided on a "best effort" basis, and using the precise
- BucketStatus.Artifact data is recommended.
+ description: URL is the dynamic fetch link for the latest Artifact.
+ It is provided on a "best effort" basis, and using the precise BucketStatus.Artifact
+ data is recommended.
type: string
type: object
type: object
served: true
- storage: false
+ storage: true
subresources:
status: {}
---
kind: CustomResourceDefinition
metadata:
annotations:
- controller-gen.kubebuilder.io/version: v0.16.1
+ controller-gen.kubebuilder.io/version: v0.12.0
labels:
app.kubernetes.io/component: source-controller
app.kubernetes.io/instance: flux-system
app.kubernetes.io/part-of: flux
- app.kubernetes.io/version: v2.4.0
+ app.kubernetes.io/version: v2.1.2
name: gitrepositories.source.toolkit.fluxcd.io
spec:
group: source.toolkit.fluxcd.io
description: GitRepository is the Schema for the gitrepositories API.
properties:
apiVersion:
- description: |-
- APIVersion defines the versioned schema of this representation of an object.
- Servers should convert recognized schemas to the latest internal value, and
- may reject unrecognized values.
- More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
+ description: 'APIVersion defines the versioned schema of this representation
+ of an object. Servers should convert recognized schemas to the latest
+ internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
type: string
kind:
- description: |-
- Kind is a string value representing the REST resource this object represents.
- Servers may infer this from the endpoint the client submits requests to.
- Cannot be updated.
- In CamelCase.
- More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
+ description: 'Kind is a string value representing the REST resource this
+ object represents. Servers may infer this from the endpoint the client
+ submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
type: string
metadata:
type: object
spec:
- description: |-
- GitRepositorySpec specifies the required configuration to produce an
- Artifact for a Git repository.
+ description: GitRepositorySpec specifies the required configuration to
+ produce an Artifact for a Git repository.
properties:
ignore:
- description: |-
- Ignore overrides the set of excluded patterns in the .sourceignore format
- (which is the same as .gitignore). If not provided, a default will be used,
- consult the documentation for your version to find out what those are.
+ description: Ignore overrides the set of excluded patterns in the
+ .sourceignore format (which is the same as .gitignore). If not provided,
+ a default will be used, consult the documentation for your version
+ to find out what those are.
type: string
include:
- description: |-
- Include specifies a list of GitRepository resources which Artifacts
- should be included in the Artifact produced for this GitRepository.
+ description: Include specifies a list of GitRepository resources which
+ Artifacts should be included in the Artifact produced for this GitRepository.
items:
- description: |-
- GitRepositoryInclude specifies a local reference to a GitRepository which
- Artifact (sub-)contents must be included, and where they should be placed.
+ description: GitRepositoryInclude specifies a local reference to
+ a GitRepository which Artifact (sub-)contents must be included,
+ and where they should be placed.
properties:
fromPath:
- description: |-
- FromPath specifies the path to copy contents from, defaults to the root
- of the Artifact.
+ description: FromPath specifies the path to copy contents from,
+ defaults to the root of the Artifact.
type: string
repository:
- description: |-
- GitRepositoryRef specifies the GitRepository which Artifact contents
- must be included.
+ description: GitRepositoryRef specifies the GitRepository which
+ Artifact contents must be included.
properties:
name:
description: Name of the referent.
- name
type: object
toPath:
- description: |-
- ToPath specifies the path to copy contents to, defaults to the name of
- the GitRepositoryRef.
+ description: ToPath specifies the path to copy contents to,
+ defaults to the name of the GitRepositoryRef.
type: string
required:
- repository
type: object
type: array
interval:
- description: |-
- Interval at which the GitRepository URL is checked for updates.
- This interval is approximate and may be subject to jitter to ensure
- efficient use of resources.
+ description: Interval at which the GitRepository URL is checked for
+ updates. This interval is approximate and may be subject to jitter
+ to ensure efficient use of resources.
pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$
type: string
- provider:
- description: |-
- Provider used for authentication, can be 'azure', 'generic'.
- When not specified, defaults to 'generic'.
- enum:
- - generic
- - azure
- type: string
proxySecretRef:
- description: |-
- ProxySecretRef specifies the Secret containing the proxy configuration
- to use while communicating with the Git server.
+ description: ProxySecretRef specifies the Secret containing the proxy
+ configuration to use while communicating with the Git server.
properties:
name:
description: Name of the referent.
- name
type: object
recurseSubmodules:
- description: |-
- RecurseSubmodules enables the initialization of all submodules within
- the GitRepository as cloned from the URL, using their default settings.
+ description: RecurseSubmodules enables the initialization of all submodules
+ within the GitRepository as cloned from the URL, using their default
+ settings.
type: boolean
ref:
- description: |-
- Reference specifies the Git reference to resolve and monitor for
- changes, defaults to the 'master' branch.
+ description: Reference specifies the Git reference to resolve and
+ monitor for changes, defaults to the 'master' branch.
properties:
branch:
description: Branch to check out, defaults to 'master' if no other
field is defined.
type: string
commit:
- description: |-
- Commit SHA to check out, takes precedence over all reference fields.
-
- This can be combined with Branch to shallow clone the branch, in which
- the commit is expected to exist.
+ description: "Commit SHA to check out, takes precedence over all
+ reference fields. \n This can be combined with Branch to shallow
+ clone the branch, in which the commit is expected to exist."
type: string
name:
- description: |-
- Name of the reference to check out; takes precedence over Branch, Tag and SemVer.
-
- It must be a valid Git reference: https://git-scm.com/docs/git-check-ref-format#_description
- Examples: "refs/heads/main", "refs/tags/v0.1.0", "refs/pull/420/head", "refs/merge-requests/1/head"
+ description: "Name of the reference to check out; takes precedence
+ over Branch, Tag and SemVer. \n It must be a valid Git reference:
+ https://git-scm.com/docs/git-check-ref-format#_description Examples:
+ \"refs/heads/main\", \"refs/tags/v0.1.0\", \"refs/pull/420/head\",
+ \"refs/merge-requests/1/head\""
type: string
semver:
description: SemVer tag expression to check out, takes precedence
type: string
type: object
secretRef:
- description: |-
- SecretRef specifies the Secret containing authentication credentials for
- the GitRepository.
- For HTTPS repositories the Secret must contain 'username' and 'password'
- fields for basic auth or 'bearerToken' field for token auth.
- For SSH repositories the Secret must contain 'identity'
- and 'known_hosts' fields.
+ description: SecretRef specifies the Secret containing authentication
+ credentials for the GitRepository. For HTTPS repositories the Secret
+ must contain 'username' and 'password' fields for basic auth or
+ 'bearerToken' field for token auth. For SSH repositories the Secret
+ must contain 'identity' and 'known_hosts' fields.
properties:
name:
description: Name of the referent.
- name
type: object
suspend:
- description: |-
- Suspend tells the controller to suspend the reconciliation of this
- GitRepository.
+ description: Suspend tells the controller to suspend the reconciliation
+ of this GitRepository.
type: boolean
timeout:
default: 60s
pattern: ^(http|https|ssh)://.*$
type: string
verify:
- description: |-
- Verification specifies the configuration to verify the Git commit
- signature(s).
+ description: Verification specifies the configuration to verify the
+ Git commit signature(s).
properties:
mode:
default: HEAD
- description: |-
- Mode specifies which Git object(s) should be verified.
-
- The variants "head" and "HEAD" both imply the same thing, i.e. verify
- the commit that the HEAD of the Git repository points to. The variant
- "head" solely exists to ensure backwards compatibility.
+ description: "Mode specifies which Git object(s) should be verified.
+ \n The variants \"head\" and \"HEAD\" both imply the same thing,
+ i.e. verify the commit that the HEAD of the Git repository points
+ to. The variant \"head\" solely exists to ensure backwards compatibility."
enum:
- head
- HEAD
- TagAndHEAD
type: string
secretRef:
- description: |-
- SecretRef specifies the Secret containing the public keys of trusted Git
- authors.
+ description: SecretRef specifies the Secret containing the public
+ keys of trusted Git authors.
properties:
name:
description: Name of the referent.
pattern: ^[a-z0-9]+(?:[.+_-][a-z0-9]+)*:[a-zA-Z0-9=_-]+$
type: string
lastUpdateTime:
- description: |-
- LastUpdateTime is the timestamp corresponding to the last update of the
- Artifact.
+ description: LastUpdateTime is the timestamp corresponding to
+ the last update of the Artifact.
format: date-time
type: string
metadata:
description: Metadata holds upstream information such as OCI annotations.
type: object
path:
- description: |-
- Path is the relative file path of the Artifact. It can be used to locate
- the file in the root of the Artifact storage on the local file system of
- the controller managing the Source.
+ description: Path is the relative file path of the Artifact. It
+ can be used to locate the file in the root of the Artifact storage
+ on the local file system of the controller managing the Source.
type: string
revision:
- description: |-
- Revision is a human-readable identifier traceable in the origin source
- system. It can be a Git commit SHA, Git tag, a Helm chart version, etc.
+ description: Revision is a human-readable identifier traceable
+ in the origin source system. It can be a Git commit SHA, Git
+ tag, a Helm chart version, etc.
type: string
size:
description: Size is the number of bytes in the file.
format: int64
type: integer
url:
- description: |-
- URL is the HTTP address of the Artifact as exposed by the controller
- managing the Source. It can be used to retrieve the Artifact for
- consumption, e.g. by another controller applying the Artifact contents.
+ description: URL is the HTTP address of the Artifact as exposed
+ by the controller managing the Source. It can be used to retrieve
+ the Artifact for consumption, e.g. by another controller applying
+ the Artifact contents.
type: string
required:
- lastUpdateTime
conditions:
description: Conditions holds the conditions for the GitRepository.
items:
- description: Condition contains details for one aspect of the current
- state of this API Resource.
+ description: "Condition contains details for one aspect of the current
+ state of this API Resource. --- This struct is intended for direct
+ use as an array at the field path .status.conditions. For example,
+ \n type FooStatus struct{ // Represents the observations of a
+ foo's current state. // Known .status.conditions.type are: \"Available\",
+ \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge
+ // +listType=map // +listMapKey=type Conditions []metav1.Condition
+ `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\"
+ protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }"
properties:
lastTransitionTime:
- description: |-
- lastTransitionTime is the last time the condition transitioned from one status to another.
- This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable.
+ description: lastTransitionTime is the last time the condition
+ transitioned from one status to another. This should be when
+ the underlying condition changed. If that is not known, then
+ using the time when the API field changed is acceptable.
format: date-time
type: string
message:
- description: |-
- message is a human readable message indicating details about the transition.
- This may be an empty string.
+ description: message is a human readable message indicating
+ details about the transition. This may be an empty string.
maxLength: 32768
type: string
observedGeneration:
- description: |-
- observedGeneration represents the .metadata.generation that the condition was set based upon.
- For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date
- with respect to the current state of the instance.
+ description: observedGeneration represents the .metadata.generation
+ that the condition was set based upon. For instance, if .metadata.generation
+ is currently 12, but the .status.conditions[x].observedGeneration
+ is 9, the condition is out of date with respect to the current
+ state of the instance.
format: int64
minimum: 0
type: integer
reason:
- description: |-
- reason contains a programmatic identifier indicating the reason for the condition's last transition.
- Producers of specific condition types may define expected values and meanings for this field,
- and whether the values are considered a guaranteed API.
- The value should be a CamelCase string.
+ description: reason contains a programmatic identifier indicating
+ the reason for the condition's last transition. Producers
+ of specific condition types may define expected values and
+ meanings for this field, and whether the values are considered
+ a guaranteed API. The value should be a CamelCase string.
This field may not be empty.
maxLength: 1024
minLength: 1
type: string
type:
description: type of condition in CamelCase or in foo.example.com/CamelCase.
+ --- Many .condition.type values are consistent across resources
+ like Available, but because arbitrary conditions can be useful
+ (see .node.status.conditions), the ability to deconflict is
+ important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt)
maxLength: 316
pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$
type: string
type: object
type: array
includedArtifacts:
- description: |-
- IncludedArtifacts contains a list of the last successfully included
- Artifacts as instructed by GitRepositorySpec.Include.
+ description: IncludedArtifacts contains a list of the last successfully
+ included Artifacts as instructed by GitRepositorySpec.Include.
items:
description: Artifact represents the output of a Source reconciliation.
properties:
pattern: ^[a-z0-9]+(?:[.+_-][a-z0-9]+)*:[a-zA-Z0-9=_-]+$
type: string
lastUpdateTime:
- description: |-
- LastUpdateTime is the timestamp corresponding to the last update of the
- Artifact.
+ description: LastUpdateTime is the timestamp corresponding to
+ the last update of the Artifact.
format: date-time
type: string
metadata:
annotations.
type: object
path:
- description: |-
- Path is the relative file path of the Artifact. It can be used to locate
- the file in the root of the Artifact storage on the local file system of
- the controller managing the Source.
+ description: Path is the relative file path of the Artifact.
+ It can be used to locate the file in the root of the Artifact
+ storage on the local file system of the controller managing
+ the Source.
type: string
revision:
- description: |-
- Revision is a human-readable identifier traceable in the origin source
- system. It can be a Git commit SHA, Git tag, a Helm chart version, etc.
+ description: Revision is a human-readable identifier traceable
+ in the origin source system. It can be a Git commit SHA, Git
+ tag, a Helm chart version, etc.
type: string
size:
description: Size is the number of bytes in the file.
format: int64
type: integer
url:
- description: |-
- URL is the HTTP address of the Artifact as exposed by the controller
- managing the Source. It can be used to retrieve the Artifact for
- consumption, e.g. by another controller applying the Artifact contents.
+ description: URL is the HTTP address of the Artifact as exposed
+ by the controller managing the Source. It can be used to retrieve
+ the Artifact for consumption, e.g. by another controller applying
+ the Artifact contents.
type: string
required:
- lastUpdateTime
type: object
type: array
lastHandledReconcileAt:
- description: |-
- LastHandledReconcileAt holds the value of the most recent
- reconcile request value, so a change of the annotation value
- can be detected.
+ description: LastHandledReconcileAt holds the value of the most recent
+ reconcile request value, so a change of the annotation value can
+ be detected.
type: string
observedGeneration:
- description: |-
- ObservedGeneration is the last observed generation of the GitRepository
- object.
+ description: ObservedGeneration is the last observed generation of
+ the GitRepository object.
format: int64
type: integer
observedIgnore:
- description: |-
- ObservedIgnore is the observed exclusion patterns used for constructing
- the source artifact.
+ description: ObservedIgnore is the observed exclusion patterns used
+ for constructing the source artifact.
type: string
observedInclude:
- description: |-
- ObservedInclude is the observed list of GitRepository resources used to
- produce the current Artifact.
+ description: ObservedInclude is the observed list of GitRepository
+ resources used to produce the current Artifact.
items:
- description: |-
- GitRepositoryInclude specifies a local reference to a GitRepository which
- Artifact (sub-)contents must be included, and where they should be placed.
+ description: GitRepositoryInclude specifies a local reference to
+ a GitRepository which Artifact (sub-)contents must be included,
+ and where they should be placed.
properties:
fromPath:
- description: |-
- FromPath specifies the path to copy contents from, defaults to the root
- of the Artifact.
+ description: FromPath specifies the path to copy contents from,
+ defaults to the root of the Artifact.
type: string
repository:
- description: |-
- GitRepositoryRef specifies the GitRepository which Artifact contents
- must be included.
+ description: GitRepositoryRef specifies the GitRepository which
+ Artifact contents must be included.
properties:
name:
description: Name of the referent.
- name
type: object
toPath:
- description: |-
- ToPath specifies the path to copy contents to, defaults to the name of
- the GitRepositoryRef.
+ description: ToPath specifies the path to copy contents to,
+ defaults to the name of the GitRepositoryRef.
type: string
required:
- repository
type: object
type: array
observedRecurseSubmodules:
- description: |-
- ObservedRecurseSubmodules is the observed resource submodules
+ description: ObservedRecurseSubmodules is the observed resource submodules
configuration used to produce the current Artifact.
type: boolean
sourceVerificationMode:
- description: |-
- SourceVerificationMode is the last used verification mode indicating
- which Git object(s) have been verified.
+ description: SourceVerificationMode is the last used verification
+ mode indicating which Git object(s) have been verified.
type: string
type: object
type: object
description: GitRepository is the Schema for the gitrepositories API
properties:
apiVersion:
- description: |-
- APIVersion defines the versioned schema of this representation of an object.
- Servers should convert recognized schemas to the latest internal value, and
- may reject unrecognized values.
- More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
+ description: 'APIVersion defines the versioned schema of this representation
+ of an object. Servers should convert recognized schemas to the latest
+ internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
type: string
kind:
- description: |-
- Kind is a string value representing the REST resource this object represents.
- Servers may infer this from the endpoint the client submits requests to.
- Cannot be updated.
- In CamelCase.
- More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
+ description: 'Kind is a string value representing the REST resource this
+ object represents. Servers may infer this from the endpoint the client
+ submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
type: string
metadata:
type: object
cross-namespace references to this object.
properties:
namespaceSelectors:
- description: |-
- NamespaceSelectors is the list of namespace selectors to which this ACL applies.
- Items in this list are evaluated using a logical OR operation.
+ description: NamespaceSelectors is the list of namespace selectors
+ to which this ACL applies. Items in this list are evaluated
+ using a logical OR operation.
items:
- description: |-
- NamespaceSelector selects the namespaces to which this ACL applies.
- An empty map of MatchLabels matches all namespaces in a cluster.
+ description: NamespaceSelector selects the namespaces to which
+ this ACL applies. An empty map of MatchLabels matches all
+ namespaces in a cluster.
properties:
matchLabels:
additionalProperties:
type: string
- description: |-
- MatchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels
- map is equivalent to an element of matchExpressions, whose key field is "key", the
- operator is "In", and the values array contains only "value". The requirements are ANDed.
+ description: MatchLabels is a map of {key,value} pairs.
+ A single {key,value} in the matchLabels map is equivalent
+ to an element of matchExpressions, whose key field is
+ "key", the operator is "In", and the values array contains
+ only "value". The requirements are ANDed.
type: object
type: object
type: array
type: object
gitImplementation:
default: go-git
- description: |-
- Determines which git client library to use.
- Defaults to go-git, valid values are ('go-git', 'libgit2').
+ description: Determines which git client library to use. Defaults
+ to go-git, valid values are ('go-git', 'libgit2').
enum:
- go-git
- libgit2
type: string
ignore:
- description: |-
- Ignore overrides the set of excluded patterns in the .sourceignore format
- (which is the same as .gitignore). If not provided, a default will be used,
- consult the documentation for your version to find out what those are.
+ description: Ignore overrides the set of excluded patterns in the
+ .sourceignore format (which is the same as .gitignore). If not provided,
+ a default will be used, consult the documentation for your version
+ to find out what those are.
type: string
include:
description: Extra git repositories to map into the repository
description: The interval at which to check for repository updates.
type: string
recurseSubmodules:
- description: |-
- When enabled, after the clone is created, initializes all submodules within,
- using their default settings.
- This option is available only when using the 'go-git' GitImplementation.
+ description: When enabled, after the clone is created, initializes
+ all submodules within, using their default settings. This option
+ is available only when using the 'go-git' GitImplementation.
type: boolean
ref:
- description: |-
- The Git reference to checkout and monitor for changes, defaults to
- master branch.
+ description: The Git reference to checkout and monitor for changes,
+ defaults to master branch.
properties:
branch:
description: The Git branch to checkout, defaults to master.
type: string
type: object
secretRef:
- description: |-
- The secret name containing the Git credentials.
- For HTTPS repositories the secret must contain username and password
- fields.
+ description: The secret name containing the Git credentials. For HTTPS
+ repositories the secret must contain username and password fields.
For SSH repositories the secret must contain identity and known_hosts
fields.
properties:
description: Checksum is the SHA256 checksum of the artifact.
type: string
lastUpdateTime:
- description: |-
- LastUpdateTime is the timestamp corresponding to the last update of this
- artifact.
+ description: LastUpdateTime is the timestamp corresponding to
+ the last update of this artifact.
format: date-time
type: string
path:
description: Path is the relative file path of this artifact.
type: string
revision:
- description: |-
- Revision is a human readable identifier traceable in the origin source
- system. It can be a Git commit SHA, Git tag, a Helm index timestamp, a Helm
- chart version, etc.
+ description: Revision is a human readable identifier traceable
+ in the origin source system. It can be a Git commit SHA, Git
+ tag, a Helm index timestamp, a Helm chart version, etc.
type: string
url:
description: URL is the HTTP address of this artifact.
type: string
required:
- - lastUpdateTime
- path
- url
type: object
conditions:
description: Conditions holds the conditions for the GitRepository.
items:
- description: Condition contains details for one aspect of the current
- state of this API Resource.
+ description: "Condition contains details for one aspect of the current
+ state of this API Resource. --- This struct is intended for direct
+ use as an array at the field path .status.conditions. For example,
+ \n type FooStatus struct{ // Represents the observations of a
+ foo's current state. // Known .status.conditions.type are: \"Available\",
+ \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge
+ // +listType=map // +listMapKey=type Conditions []metav1.Condition
+ `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\"
+ protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }"
properties:
lastTransitionTime:
- description: |-
- lastTransitionTime is the last time the condition transitioned from one status to another.
- This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable.
+ description: lastTransitionTime is the last time the condition
+ transitioned from one status to another. This should be when
+ the underlying condition changed. If that is not known, then
+ using the time when the API field changed is acceptable.
format: date-time
type: string
message:
- description: |-
- message is a human readable message indicating details about the transition.
- This may be an empty string.
+ description: message is a human readable message indicating
+ details about the transition. This may be an empty string.
maxLength: 32768
type: string
observedGeneration:
- description: |-
- observedGeneration represents the .metadata.generation that the condition was set based upon.
- For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date
- with respect to the current state of the instance.
+ description: observedGeneration represents the .metadata.generation
+ that the condition was set based upon. For instance, if .metadata.generation
+ is currently 12, but the .status.conditions[x].observedGeneration
+ is 9, the condition is out of date with respect to the current
+ state of the instance.
format: int64
minimum: 0
type: integer
reason:
- description: |-
- reason contains a programmatic identifier indicating the reason for the condition's last transition.
- Producers of specific condition types may define expected values and meanings for this field,
- and whether the values are considered a guaranteed API.
- The value should be a CamelCase string.
+ description: reason contains a programmatic identifier indicating
+ the reason for the condition's last transition. Producers
+ of specific condition types may define expected values and
+ meanings for this field, and whether the values are considered
+ a guaranteed API. The value should be a CamelCase string.
This field may not be empty.
maxLength: 1024
minLength: 1
type: string
type:
description: type of condition in CamelCase or in foo.example.com/CamelCase.
+ --- Many .condition.type values are consistent across resources
+ like Available, but because arbitrary conditions can be useful
+ (see .node.status.conditions), the ability to deconflict is
+ important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt)
maxLength: 316
pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$
type: string
description: Checksum is the SHA256 checksum of the artifact.
type: string
lastUpdateTime:
- description: |-
- LastUpdateTime is the timestamp corresponding to the last update of this
- artifact.
+ description: LastUpdateTime is the timestamp corresponding to
+ the last update of this artifact.
format: date-time
type: string
path:
description: Path is the relative file path of this artifact.
type: string
revision:
- description: |-
- Revision is a human readable identifier traceable in the origin source
- system. It can be a Git commit SHA, Git tag, a Helm index timestamp, a Helm
- chart version, etc.
+ description: Revision is a human readable identifier traceable
+ in the origin source system. It can be a Git commit SHA, Git
+ tag, a Helm index timestamp, a Helm chart version, etc.
type: string
url:
description: URL is the HTTP address of this artifact.
type: string
required:
- - lastUpdateTime
- path
- url
type: object
type: array
lastHandledReconcileAt:
- description: |-
- LastHandledReconcileAt holds the value of the most recent
- reconcile request value, so a change of the annotation value
- can be detected.
+ description: LastHandledReconcileAt holds the value of the most recent
+ reconcile request value, so a change of the annotation value can
+ be detected.
type: string
observedGeneration:
description: ObservedGeneration is the last observed generation.
format: int64
type: integer
url:
- description: |-
- URL is the download link for the artifact output of the last repository
- sync.
+ description: URL is the download link for the artifact output of the
+ last repository sync.
type: string
type: object
type: object
description: GitRepository is the Schema for the gitrepositories API.
properties:
apiVersion:
- description: |-
- APIVersion defines the versioned schema of this representation of an object.
- Servers should convert recognized schemas to the latest internal value, and
- may reject unrecognized values.
- More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
+ description: 'APIVersion defines the versioned schema of this representation
+ of an object. Servers should convert recognized schemas to the latest
+ internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
type: string
kind:
- description: |-
- Kind is a string value representing the REST resource this object represents.
- Servers may infer this from the endpoint the client submits requests to.
- Cannot be updated.
- In CamelCase.
- More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
+ description: 'Kind is a string value representing the REST resource this
+ object represents. Servers may infer this from the endpoint the client
+ submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
type: string
metadata:
type: object
spec:
- description: |-
- GitRepositorySpec specifies the required configuration to produce an
- Artifact for a Git repository.
+ description: GitRepositorySpec specifies the required configuration to
+ produce an Artifact for a Git repository.
properties:
accessFrom:
- description: |-
- AccessFrom specifies an Access Control List for allowing cross-namespace
- references to this object.
- NOTE: Not implemented, provisional as of https://github.com/fluxcd/flux2/pull/2092
+ description: 'AccessFrom specifies an Access Control List for allowing
+ cross-namespace references to this object. NOTE: Not implemented,
+ provisional as of https://github.com/fluxcd/flux2/pull/2092'
properties:
namespaceSelectors:
- description: |-
- NamespaceSelectors is the list of namespace selectors to which this ACL applies.
- Items in this list are evaluated using a logical OR operation.
+ description: NamespaceSelectors is the list of namespace selectors
+ to which this ACL applies. Items in this list are evaluated
+ using a logical OR operation.
items:
- description: |-
- NamespaceSelector selects the namespaces to which this ACL applies.
- An empty map of MatchLabels matches all namespaces in a cluster.
+ description: NamespaceSelector selects the namespaces to which
+ this ACL applies. An empty map of MatchLabels matches all
+ namespaces in a cluster.
properties:
matchLabels:
additionalProperties:
type: string
- description: |-
- MatchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels
- map is equivalent to an element of matchExpressions, whose key field is "key", the
- operator is "In", and the values array contains only "value". The requirements are ANDed.
+ description: MatchLabels is a map of {key,value} pairs.
+ A single {key,value} in the matchLabels map is equivalent
+ to an element of matchExpressions, whose key field is
+ "key", the operator is "In", and the values array contains
+ only "value". The requirements are ANDed.
type: object
type: object
type: array
type: object
gitImplementation:
default: go-git
- description: |-
- GitImplementation specifies which Git client library implementation to
- use. Defaults to 'go-git', valid values are ('go-git', 'libgit2').
- Deprecated: gitImplementation is deprecated now that 'go-git' is the
- only supported implementation.
+ description: 'GitImplementation specifies which Git client library
+ implementation to use. Defaults to ''go-git'', valid values are
+ (''go-git'', ''libgit2''). Deprecated: gitImplementation is deprecated
+ now that ''go-git'' is the only supported implementation.'
enum:
- go-git
- libgit2
type: string
ignore:
- description: |-
- Ignore overrides the set of excluded patterns in the .sourceignore format
- (which is the same as .gitignore). If not provided, a default will be used,
- consult the documentation for your version to find out what those are.
+ description: Ignore overrides the set of excluded patterns in the
+ .sourceignore format (which is the same as .gitignore). If not provided,
+ a default will be used, consult the documentation for your version
+ to find out what those are.
type: string
include:
- description: |-
- Include specifies a list of GitRepository resources which Artifacts
- should be included in the Artifact produced for this GitRepository.
+ description: Include specifies a list of GitRepository resources which
+ Artifacts should be included in the Artifact produced for this GitRepository.
items:
- description: |-
- GitRepositoryInclude specifies a local reference to a GitRepository which
- Artifact (sub-)contents must be included, and where they should be placed.
+ description: GitRepositoryInclude specifies a local reference to
+ a GitRepository which Artifact (sub-)contents must be included,
+ and where they should be placed.
properties:
fromPath:
- description: |-
- FromPath specifies the path to copy contents from, defaults to the root
- of the Artifact.
+ description: FromPath specifies the path to copy contents from,
+ defaults to the root of the Artifact.
type: string
repository:
- description: |-
- GitRepositoryRef specifies the GitRepository which Artifact contents
- must be included.
+ description: GitRepositoryRef specifies the GitRepository which
+ Artifact contents must be included.
properties:
name:
description: Name of the referent.
- name
type: object
toPath:
- description: |-
- ToPath specifies the path to copy contents to, defaults to the name of
- the GitRepositoryRef.
+ description: ToPath specifies the path to copy contents to,
+ defaults to the name of the GitRepositoryRef.
type: string
required:
- repository
pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$
type: string
recurseSubmodules:
- description: |-
- RecurseSubmodules enables the initialization of all submodules within
- the GitRepository as cloned from the URL, using their default settings.
+ description: RecurseSubmodules enables the initialization of all submodules
+ within the GitRepository as cloned from the URL, using their default
+ settings.
type: boolean
ref:
- description: |-
- Reference specifies the Git reference to resolve and monitor for
- changes, defaults to the 'master' branch.
+ description: Reference specifies the Git reference to resolve and
+ monitor for changes, defaults to the 'master' branch.
properties:
branch:
description: Branch to check out, defaults to 'master' if no other
field is defined.
type: string
commit:
- description: |-
- Commit SHA to check out, takes precedence over all reference fields.
-
- This can be combined with Branch to shallow clone the branch, in which
- the commit is expected to exist.
+ description: "Commit SHA to check out, takes precedence over all
+ reference fields. \n This can be combined with Branch to shallow
+ clone the branch, in which the commit is expected to exist."
type: string
name:
- description: |-
- Name of the reference to check out; takes precedence over Branch, Tag and SemVer.
-
- It must be a valid Git reference: https://git-scm.com/docs/git-check-ref-format#_description
- Examples: "refs/heads/main", "refs/tags/v0.1.0", "refs/pull/420/head", "refs/merge-requests/1/head"
+ description: "Name of the reference to check out; takes precedence
+ over Branch, Tag and SemVer. \n It must be a valid Git reference:
+ https://git-scm.com/docs/git-check-ref-format#_description Examples:
+ \"refs/heads/main\", \"refs/tags/v0.1.0\", \"refs/pull/420/head\",
+ \"refs/merge-requests/1/head\""
type: string
semver:
description: SemVer tag expression to check out, takes precedence
type: string
type: object
secretRef:
- description: |-
- SecretRef specifies the Secret containing authentication credentials for
- the GitRepository.
- For HTTPS repositories the Secret must contain 'username' and 'password'
- fields for basic auth or 'bearerToken' field for token auth.
- For SSH repositories the Secret must contain 'identity'
- and 'known_hosts' fields.
+ description: SecretRef specifies the Secret containing authentication
+ credentials for the GitRepository. For HTTPS repositories the Secret
+ must contain 'username' and 'password' fields for basic auth or
+ 'bearerToken' field for token auth. For SSH repositories the Secret
+ must contain 'identity' and 'known_hosts' fields.
properties:
name:
description: Name of the referent.
- name
type: object
suspend:
- description: |-
- Suspend tells the controller to suspend the reconciliation of this
- GitRepository.
+ description: Suspend tells the controller to suspend the reconciliation
+ of this GitRepository.
type: boolean
timeout:
default: 60s
pattern: ^(http|https|ssh)://.*$
type: string
verify:
- description: |-
- Verification specifies the configuration to verify the Git commit
- signature(s).
+ description: Verification specifies the configuration to verify the
+ Git commit signature(s).
properties:
mode:
description: Mode specifies what Git object should be verified,
- head
type: string
secretRef:
- description: |-
- SecretRef specifies the Secret containing the public keys of trusted Git
- authors.
+ description: SecretRef specifies the Secret containing the public
+ keys of trusted Git authors.
properties:
name:
description: Name of the referent.
pattern: ^[a-z0-9]+(?:[.+_-][a-z0-9]+)*:[a-zA-Z0-9=_-]+$
type: string
lastUpdateTime:
- description: |-
- LastUpdateTime is the timestamp corresponding to the last update of the
- Artifact.
+ description: LastUpdateTime is the timestamp corresponding to
+ the last update of the Artifact.
format: date-time
type: string
metadata:
description: Metadata holds upstream information such as OCI annotations.
type: object
path:
- description: |-
- Path is the relative file path of the Artifact. It can be used to locate
- the file in the root of the Artifact storage on the local file system of
- the controller managing the Source.
+ description: Path is the relative file path of the Artifact. It
+ can be used to locate the file in the root of the Artifact storage
+ on the local file system of the controller managing the Source.
type: string
revision:
- description: |-
- Revision is a human-readable identifier traceable in the origin source
- system. It can be a Git commit SHA, Git tag, a Helm chart version, etc.
+ description: Revision is a human-readable identifier traceable
+ in the origin source system. It can be a Git commit SHA, Git
+ tag, a Helm chart version, etc.
type: string
size:
description: Size is the number of bytes in the file.
format: int64
type: integer
url:
- description: |-
- URL is the HTTP address of the Artifact as exposed by the controller
- managing the Source. It can be used to retrieve the Artifact for
- consumption, e.g. by another controller applying the Artifact contents.
+ description: URL is the HTTP address of the Artifact as exposed
+ by the controller managing the Source. It can be used to retrieve
+ the Artifact for consumption, e.g. by another controller applying
+ the Artifact contents.
type: string
required:
- lastUpdateTime
conditions:
description: Conditions holds the conditions for the GitRepository.
items:
- description: Condition contains details for one aspect of the current
- state of this API Resource.
+ description: "Condition contains details for one aspect of the current
+ state of this API Resource. --- This struct is intended for direct
+ use as an array at the field path .status.conditions. For example,
+ \n type FooStatus struct{ // Represents the observations of a
+ foo's current state. // Known .status.conditions.type are: \"Available\",
+ \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge
+ // +listType=map // +listMapKey=type Conditions []metav1.Condition
+ `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\"
+ protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }"
properties:
lastTransitionTime:
- description: |-
- lastTransitionTime is the last time the condition transitioned from one status to another.
- This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable.
+ description: lastTransitionTime is the last time the condition
+ transitioned from one status to another. This should be when
+ the underlying condition changed. If that is not known, then
+ using the time when the API field changed is acceptable.
format: date-time
type: string
message:
- description: |-
- message is a human readable message indicating details about the transition.
- This may be an empty string.
+ description: message is a human readable message indicating
+ details about the transition. This may be an empty string.
maxLength: 32768
type: string
observedGeneration:
- description: |-
- observedGeneration represents the .metadata.generation that the condition was set based upon.
- For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date
- with respect to the current state of the instance.
+ description: observedGeneration represents the .metadata.generation
+ that the condition was set based upon. For instance, if .metadata.generation
+ is currently 12, but the .status.conditions[x].observedGeneration
+ is 9, the condition is out of date with respect to the current
+ state of the instance.
format: int64
minimum: 0
type: integer
reason:
- description: |-
- reason contains a programmatic identifier indicating the reason for the condition's last transition.
- Producers of specific condition types may define expected values and meanings for this field,
- and whether the values are considered a guaranteed API.
- The value should be a CamelCase string.
+ description: reason contains a programmatic identifier indicating
+ the reason for the condition's last transition. Producers
+ of specific condition types may define expected values and
+ meanings for this field, and whether the values are considered
+ a guaranteed API. The value should be a CamelCase string.
This field may not be empty.
maxLength: 1024
minLength: 1
type: string
type:
description: type of condition in CamelCase or in foo.example.com/CamelCase.
+ --- Many .condition.type values are consistent across resources
+ like Available, but because arbitrary conditions can be useful
+ (see .node.status.conditions), the ability to deconflict is
+ important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt)
maxLength: 316
pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$
type: string
type: object
type: array
contentConfigChecksum:
- description: |-
- ContentConfigChecksum is a checksum of all the configurations related to
- the content of the source artifact:
- - .spec.ignore
- - .spec.recurseSubmodules
- - .spec.included and the checksum of the included artifacts
- observed in .status.observedGeneration version of the object. This can
- be used to determine if the content of the included repository has
- changed.
- It has the format of `<algo>:<checksum>`, for example: `sha256:<checksum>`.
-
- Deprecated: Replaced with explicit fields for observed artifact content
- config in the status.
+ description: "ContentConfigChecksum is a checksum of all the configurations
+ related to the content of the source artifact: - .spec.ignore -
+ .spec.recurseSubmodules - .spec.included and the checksum of the
+ included artifacts observed in .status.observedGeneration version
+ of the object. This can be used to determine if the content of the
+ included repository has changed. It has the format of `<algo>:<checksum>`,
+ for example: `sha256:<checksum>`. \n Deprecated: Replaced with explicit
+ fields for observed artifact content config in the status."
type: string
includedArtifacts:
- description: |-
- IncludedArtifacts contains a list of the last successfully included
- Artifacts as instructed by GitRepositorySpec.Include.
+ description: IncludedArtifacts contains a list of the last successfully
+ included Artifacts as instructed by GitRepositorySpec.Include.
items:
description: Artifact represents the output of a Source reconciliation.
properties:
pattern: ^[a-z0-9]+(?:[.+_-][a-z0-9]+)*:[a-zA-Z0-9=_-]+$
type: string
lastUpdateTime:
- description: |-
- LastUpdateTime is the timestamp corresponding to the last update of the
- Artifact.
+ description: LastUpdateTime is the timestamp corresponding to
+ the last update of the Artifact.
format: date-time
type: string
metadata:
annotations.
type: object
path:
- description: |-
- Path is the relative file path of the Artifact. It can be used to locate
- the file in the root of the Artifact storage on the local file system of
- the controller managing the Source.
+ description: Path is the relative file path of the Artifact.
+ It can be used to locate the file in the root of the Artifact
+ storage on the local file system of the controller managing
+ the Source.
type: string
revision:
- description: |-
- Revision is a human-readable identifier traceable in the origin source
- system. It can be a Git commit SHA, Git tag, a Helm chart version, etc.
+ description: Revision is a human-readable identifier traceable
+ in the origin source system. It can be a Git commit SHA, Git
+ tag, a Helm chart version, etc.
type: string
size:
description: Size is the number of bytes in the file.
format: int64
type: integer
url:
- description: |-
- URL is the HTTP address of the Artifact as exposed by the controller
- managing the Source. It can be used to retrieve the Artifact for
- consumption, e.g. by another controller applying the Artifact contents.
+ description: URL is the HTTP address of the Artifact as exposed
+ by the controller managing the Source. It can be used to retrieve
+ the Artifact for consumption, e.g. by another controller applying
+ the Artifact contents.
type: string
required:
- lastUpdateTime
type: object
type: array
lastHandledReconcileAt:
- description: |-
- LastHandledReconcileAt holds the value of the most recent
- reconcile request value, so a change of the annotation value
- can be detected.
+ description: LastHandledReconcileAt holds the value of the most recent
+ reconcile request value, so a change of the annotation value can
+ be detected.
type: string
observedGeneration:
- description: |-
- ObservedGeneration is the last observed generation of the GitRepository
- object.
+ description: ObservedGeneration is the last observed generation of
+ the GitRepository object.
format: int64
type: integer
observedIgnore:
- description: |-
- ObservedIgnore is the observed exclusion patterns used for constructing
- the source artifact.
+ description: ObservedIgnore is the observed exclusion patterns used
+ for constructing the source artifact.
type: string
observedInclude:
- description: |-
- ObservedInclude is the observed list of GitRepository resources used to
- to produce the current Artifact.
+ description: ObservedInclude is the observed list of GitRepository
+ resources used to to produce the current Artifact.
items:
- description: |-
- GitRepositoryInclude specifies a local reference to a GitRepository which
- Artifact (sub-)contents must be included, and where they should be placed.
+ description: GitRepositoryInclude specifies a local reference to
+ a GitRepository which Artifact (sub-)contents must be included,
+ and where they should be placed.
properties:
fromPath:
- description: |-
- FromPath specifies the path to copy contents from, defaults to the root
- of the Artifact.
+ description: FromPath specifies the path to copy contents from,
+ defaults to the root of the Artifact.
type: string
repository:
- description: |-
- GitRepositoryRef specifies the GitRepository which Artifact contents
- must be included.
+ description: GitRepositoryRef specifies the GitRepository which
+ Artifact contents must be included.
properties:
name:
description: Name of the referent.
- name
type: object
toPath:
- description: |-
- ToPath specifies the path to copy contents to, defaults to the name of
- the GitRepositoryRef.
+ description: ToPath specifies the path to copy contents to,
+ defaults to the name of the GitRepositoryRef.
type: string
required:
- repository
type: object
type: array
observedRecurseSubmodules:
- description: |-
- ObservedRecurseSubmodules is the observed resource submodules
+ description: ObservedRecurseSubmodules is the observed resource submodules
configuration used to produce the current Artifact.
type: boolean
url:
- description: |-
- URL is the dynamic fetch link for the latest Artifact.
- It is provided on a "best effort" basis, and using the precise
- GitRepositoryStatus.Artifact data is recommended.
+ description: URL is the dynamic fetch link for the latest Artifact.
+ It is provided on a "best effort" basis, and using the precise GitRepositoryStatus.Artifact
+ data is recommended.
type: string
type: object
type: object
kind: CustomResourceDefinition
metadata:
annotations:
- controller-gen.kubebuilder.io/version: v0.16.1
+ controller-gen.kubebuilder.io/version: v0.12.0
labels:
app.kubernetes.io/component: source-controller
app.kubernetes.io/instance: flux-system
app.kubernetes.io/part-of: flux
- app.kubernetes.io/version: v2.4.0
+ app.kubernetes.io/version: v2.1.2
name: helmcharts.source.toolkit.fluxcd.io
spec:
group: source.toolkit.fluxcd.io
singular: helmchart
scope: Namespaced
versions:
- - additionalPrinterColumns:
- - jsonPath: .spec.chart
- name: Chart
- type: string
- - jsonPath: .spec.version
- name: Version
- type: string
- - jsonPath: .spec.sourceRef.kind
- name: Source Kind
- type: string
- - jsonPath: .spec.sourceRef.name
- name: Source Name
- type: string
- - jsonPath: .metadata.creationTimestamp
- name: Age
- type: date
- - jsonPath: .status.conditions[?(@.type=="Ready")].status
- name: Ready
- type: string
- - jsonPath: .status.conditions[?(@.type=="Ready")].message
- name: Status
- type: string
- name: v1
- schema:
- openAPIV3Schema:
- description: HelmChart is the Schema for the helmcharts API.
- properties:
- apiVersion:
- description: |-
- APIVersion defines the versioned schema of this representation of an object.
- Servers should convert recognized schemas to the latest internal value, and
- may reject unrecognized values.
- More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
- type: string
- kind:
- description: |-
- Kind is a string value representing the REST resource this object represents.
- Servers may infer this from the endpoint the client submits requests to.
- Cannot be updated.
- In CamelCase.
- More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
- type: string
- metadata:
- type: object
- spec:
- description: HelmChartSpec specifies the desired state of a Helm chart.
- properties:
- chart:
- description: |-
- Chart is the name or path the Helm chart is available at in the
- SourceRef.
- type: string
- ignoreMissingValuesFiles:
- description: |-
- IgnoreMissingValuesFiles controls whether to silently ignore missing values
- files rather than failing.
- type: boolean
- interval:
- description: |-
- Interval at which the HelmChart SourceRef is checked for updates.
- This interval is approximate and may be subject to jitter to ensure
- efficient use of resources.
- pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$
- type: string
- reconcileStrategy:
- default: ChartVersion
- description: |-
- ReconcileStrategy determines what enables the creation of a new artifact.
- Valid values are ('ChartVersion', 'Revision').
- See the documentation of the values for an explanation on their behavior.
- Defaults to ChartVersion when omitted.
- enum:
- - ChartVersion
- - Revision
- type: string
- sourceRef:
- description: SourceRef is the reference to the Source the chart is
- available at.
- properties:
- apiVersion:
- description: APIVersion of the referent.
- type: string
- kind:
- description: |-
- Kind of the referent, valid values are ('HelmRepository', 'GitRepository',
- 'Bucket').
- enum:
- - HelmRepository
- - GitRepository
- - Bucket
- type: string
- name:
- description: Name of the referent.
- type: string
- required:
- - kind
- - name
- type: object
- suspend:
- description: |-
- Suspend tells the controller to suspend the reconciliation of this
- source.
- type: boolean
- valuesFiles:
- description: |-
- ValuesFiles is an alternative list of values files to use as the chart
- values (values.yaml is not included by default), expected to be a
- relative path in the SourceRef.
- Values files are merged in the order of this list with the last file
- overriding the first. Ignored when omitted.
- items:
- type: string
- type: array
- verify:
- description: |-
- Verify contains the secret name containing the trusted public keys
- used to verify the signature and specifies which provider to use to check
- whether OCI image is authentic.
- This field is only supported when using HelmRepository source with spec.type 'oci'.
- Chart dependencies, which are not bundled in the umbrella chart artifact, are not verified.
- properties:
- matchOIDCIdentity:
- description: |-
- MatchOIDCIdentity specifies the identity matching criteria to use
- while verifying an OCI artifact which was signed using Cosign keyless
- signing. The artifact's identity is deemed to be verified if any of the
- specified matchers match against the identity.
- items:
- description: |-
- OIDCIdentityMatch specifies options for verifying the certificate identity,
- i.e. the issuer and the subject of the certificate.
- properties:
- issuer:
- description: |-
- Issuer specifies the regex pattern to match against to verify
- the OIDC issuer in the Fulcio certificate. The pattern must be a
- valid Go regular expression.
- type: string
- subject:
- description: |-
- Subject specifies the regex pattern to match against to verify
- the identity subject in the Fulcio certificate. The pattern must
- be a valid Go regular expression.
- type: string
- required:
- - issuer
- - subject
- type: object
- type: array
- provider:
- default: cosign
- description: Provider specifies the technology used to sign the
- OCI Artifact.
- enum:
- - cosign
- - notation
- type: string
- secretRef:
- description: |-
- SecretRef specifies the Kubernetes Secret containing the
- trusted public keys.
- properties:
- name:
- description: Name of the referent.
- type: string
- required:
- - name
- type: object
- required:
- - provider
- type: object
- version:
- default: '*'
- description: |-
- Version is the chart version semver expression, ignored for charts from
- GitRepository and Bucket sources. Defaults to latest when omitted.
- type: string
- required:
- - chart
- - interval
- - sourceRef
- type: object
- status:
- default:
- observedGeneration: -1
- description: HelmChartStatus records the observed state of the HelmChart.
- properties:
- artifact:
- description: Artifact represents the output of the last successful
- reconciliation.
- properties:
- digest:
- description: Digest is the digest of the file in the form of '<algorithm>:<checksum>'.
- pattern: ^[a-z0-9]+(?:[.+_-][a-z0-9]+)*:[a-zA-Z0-9=_-]+$
- type: string
- lastUpdateTime:
- description: |-
- LastUpdateTime is the timestamp corresponding to the last update of the
- Artifact.
- format: date-time
- type: string
- metadata:
- additionalProperties:
- type: string
- description: Metadata holds upstream information such as OCI annotations.
- type: object
- path:
- description: |-
- Path is the relative file path of the Artifact. It can be used to locate
- the file in the root of the Artifact storage on the local file system of
- the controller managing the Source.
- type: string
- revision:
- description: |-
- Revision is a human-readable identifier traceable in the origin source
- system. It can be a Git commit SHA, Git tag, a Helm chart version, etc.
- type: string
- size:
- description: Size is the number of bytes in the file.
- format: int64
- type: integer
- url:
- description: |-
- URL is the HTTP address of the Artifact as exposed by the controller
- managing the Source. It can be used to retrieve the Artifact for
- consumption, e.g. by another controller applying the Artifact contents.
- type: string
- required:
- - lastUpdateTime
- - path
- - revision
- - url
- type: object
- conditions:
- description: Conditions holds the conditions for the HelmChart.
- items:
- description: Condition contains details for one aspect of the current
- state of this API Resource.
- properties:
- lastTransitionTime:
- description: |-
- lastTransitionTime is the last time the condition transitioned from one status to another.
- This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable.
- format: date-time
- type: string
- message:
- description: |-
- message is a human readable message indicating details about the transition.
- This may be an empty string.
- maxLength: 32768
- type: string
- observedGeneration:
- description: |-
- observedGeneration represents the .metadata.generation that the condition was set based upon.
- For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date
- with respect to the current state of the instance.
- format: int64
- minimum: 0
- type: integer
- reason:
- description: |-
- reason contains a programmatic identifier indicating the reason for the condition's last transition.
- Producers of specific condition types may define expected values and meanings for this field,
- and whether the values are considered a guaranteed API.
- The value should be a CamelCase string.
- This field may not be empty.
- maxLength: 1024
- minLength: 1
- pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$
- type: string
- status:
- description: status of the condition, one of True, False, Unknown.
- enum:
- - "True"
- - "False"
- - Unknown
- type: string
- type:
- description: type of condition in CamelCase or in foo.example.com/CamelCase.
- maxLength: 316
- pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$
- type: string
- required:
- - lastTransitionTime
- - message
- - reason
- - status
- - type
- type: object
- type: array
- lastHandledReconcileAt:
- description: |-
- LastHandledReconcileAt holds the value of the most recent
- reconcile request value, so a change of the annotation value
- can be detected.
- type: string
- observedChartName:
- description: |-
- ObservedChartName is the last observed chart name as specified by the
- resolved chart reference.
- type: string
- observedGeneration:
- description: |-
- ObservedGeneration is the last observed generation of the HelmChart
- object.
- format: int64
- type: integer
- observedSourceArtifactRevision:
- description: |-
- ObservedSourceArtifactRevision is the last observed Artifact.Revision
- of the HelmChartSpec.SourceRef.
- type: string
- observedValuesFiles:
- description: |-
- ObservedValuesFiles are the observed value files of the last successful
- reconciliation.
- It matches the chart in the last successfully reconciled artifact.
- items:
- type: string
- type: array
- url:
- description: |-
- URL is the dynamic fetch link for the latest Artifact.
- It is provided on a "best effort" basis, and using the precise
- BucketStatus.Artifact data is recommended.
- type: string
- type: object
- type: object
- served: true
- storage: true
- subresources:
- status: {}
- additionalPrinterColumns:
- jsonPath: .spec.chart
name: Chart
- jsonPath: .metadata.creationTimestamp
name: Age
type: date
- deprecated: true
- deprecationWarning: v1beta1 HelmChart is deprecated, upgrade to v1
name: v1beta1
schema:
openAPIV3Schema:
description: HelmChart is the Schema for the helmcharts API
properties:
apiVersion:
- description: |-
- APIVersion defines the versioned schema of this representation of an object.
- Servers should convert recognized schemas to the latest internal value, and
- may reject unrecognized values.
- More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
+ description: 'APIVersion defines the versioned schema of this representation
+ of an object. Servers should convert recognized schemas to the latest
+ internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
type: string
kind:
- description: |-
- Kind is a string value representing the REST resource this object represents.
- Servers may infer this from the endpoint the client submits requests to.
- Cannot be updated.
- In CamelCase.
- More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
+ description: 'Kind is a string value representing the REST resource this
+ object represents. Servers may infer this from the endpoint the client
+ submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
type: string
metadata:
type: object
cross-namespace references to this object.
properties:
namespaceSelectors:
- description: |-
- NamespaceSelectors is the list of namespace selectors to which this ACL applies.
- Items in this list are evaluated using a logical OR operation.
+ description: NamespaceSelectors is the list of namespace selectors
+ to which this ACL applies. Items in this list are evaluated
+ using a logical OR operation.
items:
- description: |-
- NamespaceSelector selects the namespaces to which this ACL applies.
- An empty map of MatchLabels matches all namespaces in a cluster.
+ description: NamespaceSelector selects the namespaces to which
+ this ACL applies. An empty map of MatchLabels matches all
+ namespaces in a cluster.
properties:
matchLabels:
additionalProperties:
type: string
- description: |-
- MatchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels
- map is equivalent to an element of matchExpressions, whose key field is "key", the
- operator is "In", and the values array contains only "value". The requirements are ANDed.
+ description: MatchLabels is a map of {key,value} pairs.
+ A single {key,value} in the matchLabels map is equivalent
+ to an element of matchExpressions, whose key field is
+ "key", the operator is "In", and the values array contains
+ only "value". The requirements are ANDed.
type: object
type: object
type: array
type: string
reconcileStrategy:
default: ChartVersion
- description: |-
- Determines what enables the creation of a new artifact. Valid values are
- ('ChartVersion', 'Revision').
- See the documentation of the values for an explanation on their behavior.
- Defaults to ChartVersion when omitted.
+ description: Determines what enables the creation of a new artifact.
+ Valid values are ('ChartVersion', 'Revision'). See the documentation
+ of the values for an explanation on their behavior. Defaults to
+ ChartVersion when omitted.
enum:
- ChartVersion
- Revision
description: APIVersion of the referent.
type: string
kind:
- description: |-
- Kind of the referent, valid values are ('HelmRepository', 'GitRepository',
- 'Bucket').
+ description: Kind of the referent, valid values are ('HelmRepository',
+ 'GitRepository', 'Bucket').
enum:
- HelmRepository
- GitRepository
of this source.
type: boolean
valuesFile:
- description: |-
- Alternative values file to use as the default chart values, expected to
- be a relative path in the SourceRef. Deprecated in favor of ValuesFiles,
- for backwards compatibility the file defined here is merged before the
- ValuesFiles items. Ignored when omitted.
+ description: Alternative values file to use as the default chart values,
+ expected to be a relative path in the SourceRef. Deprecated in favor
+ of ValuesFiles, for backwards compatibility the file defined here
+ is merged before the ValuesFiles items. Ignored when omitted.
type: string
valuesFiles:
- description: |-
- Alternative list of values files to use as the chart values (values.yaml
- is not included by default), expected to be a relative path in the SourceRef.
- Values files are merged in the order of this list with the last file overriding
- the first. Ignored when omitted.
+ description: Alternative list of values files to use as the chart
+ values (values.yaml is not included by default), expected to be
+ a relative path in the SourceRef. Values files are merged in the
+ order of this list with the last file overriding the first. Ignored
+ when omitted.
items:
type: string
type: array
version:
default: '*'
- description: |-
- The chart version semver expression, ignored for charts from GitRepository
- and Bucket sources. Defaults to latest when omitted.
+ description: The chart version semver expression, ignored for charts
+ from GitRepository and Bucket sources. Defaults to latest when omitted.
type: string
required:
- chart
description: Checksum is the SHA256 checksum of the artifact.
type: string
lastUpdateTime:
- description: |-
- LastUpdateTime is the timestamp corresponding to the last update of this
- artifact.
+ description: LastUpdateTime is the timestamp corresponding to
+ the last update of this artifact.
format: date-time
type: string
path:
description: Path is the relative file path of this artifact.
type: string
revision:
- description: |-
- Revision is a human readable identifier traceable in the origin source
- system. It can be a Git commit SHA, Git tag, a Helm index timestamp, a Helm
- chart version, etc.
+ description: Revision is a human readable identifier traceable
+ in the origin source system. It can be a Git commit SHA, Git
+ tag, a Helm index timestamp, a Helm chart version, etc.
type: string
url:
description: URL is the HTTP address of this artifact.
type: string
required:
- - lastUpdateTime
- path
- url
type: object
conditions:
description: Conditions holds the conditions for the HelmChart.
items:
- description: Condition contains details for one aspect of the current
- state of this API Resource.
+ description: "Condition contains details for one aspect of the current
+ state of this API Resource. --- This struct is intended for direct
+ use as an array at the field path .status.conditions. For example,
+ \n type FooStatus struct{ // Represents the observations of a
+ foo's current state. // Known .status.conditions.type are: \"Available\",
+ \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge
+ // +listType=map // +listMapKey=type Conditions []metav1.Condition
+ `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\"
+ protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }"
properties:
lastTransitionTime:
- description: |-
- lastTransitionTime is the last time the condition transitioned from one status to another.
- This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable.
+ description: lastTransitionTime is the last time the condition
+ transitioned from one status to another. This should be when
+ the underlying condition changed. If that is not known, then
+ using the time when the API field changed is acceptable.
format: date-time
type: string
message:
- description: |-
- message is a human readable message indicating details about the transition.
- This may be an empty string.
+ description: message is a human readable message indicating
+ details about the transition. This may be an empty string.
maxLength: 32768
type: string
observedGeneration:
- description: |-
- observedGeneration represents the .metadata.generation that the condition was set based upon.
- For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date
- with respect to the current state of the instance.
+ description: observedGeneration represents the .metadata.generation
+ that the condition was set based upon. For instance, if .metadata.generation
+ is currently 12, but the .status.conditions[x].observedGeneration
+ is 9, the condition is out of date with respect to the current
+ state of the instance.
format: int64
minimum: 0
type: integer
reason:
- description: |-
- reason contains a programmatic identifier indicating the reason for the condition's last transition.
- Producers of specific condition types may define expected values and meanings for this field,
- and whether the values are considered a guaranteed API.
- The value should be a CamelCase string.
+ description: reason contains a programmatic identifier indicating
+ the reason for the condition's last transition. Producers
+ of specific condition types may define expected values and
+ meanings for this field, and whether the values are considered
+ a guaranteed API. The value should be a CamelCase string.
This field may not be empty.
maxLength: 1024
minLength: 1
type: string
type:
description: type of condition in CamelCase or in foo.example.com/CamelCase.
+ --- Many .condition.type values are consistent across resources
+ like Available, but because arbitrary conditions can be useful
+ (see .node.status.conditions), the ability to deconflict is
+ important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt)
maxLength: 316
pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$
type: string
type: object
type: array
lastHandledReconcileAt:
- description: |-
- LastHandledReconcileAt holds the value of the most recent
- reconcile request value, so a change of the annotation value
- can be detected.
+ description: LastHandledReconcileAt holds the value of the most recent
+ reconcile request value, so a change of the annotation value can
+ be detected.
type: string
observedGeneration:
description: ObservedGeneration is the last observed generation.
- jsonPath: .status.conditions[?(@.type=="Ready")].message
name: Status
type: string
- deprecated: true
- deprecationWarning: v1beta2 HelmChart is deprecated, upgrade to v1
name: v1beta2
schema:
openAPIV3Schema:
description: HelmChart is the Schema for the helmcharts API.
properties:
apiVersion:
- description: |-
- APIVersion defines the versioned schema of this representation of an object.
- Servers should convert recognized schemas to the latest internal value, and
- may reject unrecognized values.
- More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
+ description: 'APIVersion defines the versioned schema of this representation
+ of an object. Servers should convert recognized schemas to the latest
+ internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
type: string
kind:
- description: |-
- Kind is a string value representing the REST resource this object represents.
- Servers may infer this from the endpoint the client submits requests to.
- Cannot be updated.
- In CamelCase.
- More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
+ description: 'Kind is a string value representing the REST resource this
+ object represents. Servers may infer this from the endpoint the client
+ submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
type: string
metadata:
type: object
description: HelmChartSpec specifies the desired state of a Helm chart.
properties:
accessFrom:
- description: |-
- AccessFrom specifies an Access Control List for allowing cross-namespace
- references to this object.
- NOTE: Not implemented, provisional as of https://github.com/fluxcd/flux2/pull/2092
+ description: 'AccessFrom specifies an Access Control List for allowing
+ cross-namespace references to this object. NOTE: Not implemented,
+ provisional as of https://github.com/fluxcd/flux2/pull/2092'
properties:
namespaceSelectors:
- description: |-
- NamespaceSelectors is the list of namespace selectors to which this ACL applies.
- Items in this list are evaluated using a logical OR operation.
+ description: NamespaceSelectors is the list of namespace selectors
+ to which this ACL applies. Items in this list are evaluated
+ using a logical OR operation.
items:
- description: |-
- NamespaceSelector selects the namespaces to which this ACL applies.
- An empty map of MatchLabels matches all namespaces in a cluster.
+ description: NamespaceSelector selects the namespaces to which
+ this ACL applies. An empty map of MatchLabels matches all
+ namespaces in a cluster.
properties:
matchLabels:
additionalProperties:
type: string
- description: |-
- MatchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels
- map is equivalent to an element of matchExpressions, whose key field is "key", the
- operator is "In", and the values array contains only "value". The requirements are ANDed.
+ description: MatchLabels is a map of {key,value} pairs.
+ A single {key,value} in the matchLabels map is equivalent
+ to an element of matchExpressions, whose key field is
+ "key", the operator is "In", and the values array contains
+ only "value". The requirements are ANDed.
type: object
type: object
type: array
- namespaceSelectors
type: object
chart:
- description: |-
- Chart is the name or path the Helm chart is available at in the
- SourceRef.
+ description: Chart is the name or path the Helm chart is available
+ at in the SourceRef.
type: string
- ignoreMissingValuesFiles:
- description: |-
- IgnoreMissingValuesFiles controls whether to silently ignore missing values
- files rather than failing.
- type: boolean
interval:
- description: |-
- Interval at which the HelmChart SourceRef is checked for updates.
- This interval is approximate and may be subject to jitter to ensure
- efficient use of resources.
+ description: Interval at which the HelmChart SourceRef is checked
+ for updates. This interval is approximate and may be subject to
+ jitter to ensure efficient use of resources.
pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$
type: string
reconcileStrategy:
default: ChartVersion
- description: |-
- ReconcileStrategy determines what enables the creation of a new artifact.
- Valid values are ('ChartVersion', 'Revision').
- See the documentation of the values for an explanation on their behavior.
- Defaults to ChartVersion when omitted.
+ description: ReconcileStrategy determines what enables the creation
+ of a new artifact. Valid values are ('ChartVersion', 'Revision').
+ See the documentation of the values for an explanation on their
+ behavior. Defaults to ChartVersion when omitted.
enum:
- ChartVersion
- Revision
description: APIVersion of the referent.
type: string
kind:
- description: |-
- Kind of the referent, valid values are ('HelmRepository', 'GitRepository',
- 'Bucket').
+ description: Kind of the referent, valid values are ('HelmRepository',
+ 'GitRepository', 'Bucket').
enum:
- HelmRepository
- GitRepository
- name
type: object
suspend:
- description: |-
- Suspend tells the controller to suspend the reconciliation of this
- source.
+ description: Suspend tells the controller to suspend the reconciliation
+ of this source.
type: boolean
valuesFile:
- description: |-
- ValuesFile is an alternative values file to use as the default chart
- values, expected to be a relative path in the SourceRef. Deprecated in
- favor of ValuesFiles, for backwards compatibility the file specified here
- is merged before the ValuesFiles items. Ignored when omitted.
+ description: ValuesFile is an alternative values file to use as the
+ default chart values, expected to be a relative path in the SourceRef.
+ Deprecated in favor of ValuesFiles, for backwards compatibility
+ the file specified here is merged before the ValuesFiles items.
+ Ignored when omitted.
type: string
valuesFiles:
- description: |-
- ValuesFiles is an alternative list of values files to use as the chart
- values (values.yaml is not included by default), expected to be a
- relative path in the SourceRef.
- Values files are merged in the order of this list with the last file
- overriding the first. Ignored when omitted.
+ description: ValuesFiles is an alternative list of values files to
+ use as the chart values (values.yaml is not included by default),
+ expected to be a relative path in the SourceRef. Values files are
+ merged in the order of this list with the last file overriding the
+ first. Ignored when omitted.
items:
type: string
type: array
verify:
- description: |-
- Verify contains the secret name containing the trusted public keys
- used to verify the signature and specifies which provider to use to check
- whether OCI image is authentic.
- This field is only supported when using HelmRepository source with spec.type 'oci'.
- Chart dependencies, which are not bundled in the umbrella chart artifact, are not verified.
+ description: Verify contains the secret name containing the trusted
+ public keys used to verify the signature and specifies which provider
+ to use to check whether OCI image is authentic. This field is only
+ supported when using HelmRepository source with spec.type 'oci'.
+ Chart dependencies, which are not bundled in the umbrella chart
+ artifact, are not verified.
properties:
- matchOIDCIdentity:
- description: |-
- MatchOIDCIdentity specifies the identity matching criteria to use
- while verifying an OCI artifact which was signed using Cosign keyless
- signing. The artifact's identity is deemed to be verified if any of the
- specified matchers match against the identity.
- items:
- description: |-
- OIDCIdentityMatch specifies options for verifying the certificate identity,
- i.e. the issuer and the subject of the certificate.
- properties:
- issuer:
- description: |-
- Issuer specifies the regex pattern to match against to verify
- the OIDC issuer in the Fulcio certificate. The pattern must be a
- valid Go regular expression.
- type: string
- subject:
- description: |-
- Subject specifies the regex pattern to match against to verify
- the identity subject in the Fulcio certificate. The pattern must
- be a valid Go regular expression.
- type: string
- required:
- - issuer
- - subject
- type: object
- type: array
provider:
default: cosign
description: Provider specifies the technology used to sign the
OCI Artifact.
enum:
- cosign
- - notation
type: string
secretRef:
- description: |-
- SecretRef specifies the Kubernetes Secret containing the
- trusted public keys.
+ description: SecretRef specifies the Kubernetes Secret containing
+ the trusted public keys.
properties:
name:
description: Name of the referent.
type: object
version:
default: '*'
- description: |-
- Version is the chart version semver expression, ignored for charts from
- GitRepository and Bucket sources. Defaults to latest when omitted.
+ description: Version is the chart version semver expression, ignored
+ for charts from GitRepository and Bucket sources. Defaults to latest
+ when omitted.
type: string
required:
- chart
pattern: ^[a-z0-9]+(?:[.+_-][a-z0-9]+)*:[a-zA-Z0-9=_-]+$
type: string
lastUpdateTime:
- description: |-
- LastUpdateTime is the timestamp corresponding to the last update of the
- Artifact.
+ description: LastUpdateTime is the timestamp corresponding to
+ the last update of the Artifact.
format: date-time
type: string
metadata:
description: Metadata holds upstream information such as OCI annotations.
type: object
path:
- description: |-
- Path is the relative file path of the Artifact. It can be used to locate
- the file in the root of the Artifact storage on the local file system of
- the controller managing the Source.
+ description: Path is the relative file path of the Artifact. It
+ can be used to locate the file in the root of the Artifact storage
+ on the local file system of the controller managing the Source.
type: string
revision:
- description: |-
- Revision is a human-readable identifier traceable in the origin source
- system. It can be a Git commit SHA, Git tag, a Helm chart version, etc.
+ description: Revision is a human-readable identifier traceable
+ in the origin source system. It can be a Git commit SHA, Git
+ tag, a Helm chart version, etc.
type: string
size:
description: Size is the number of bytes in the file.
format: int64
type: integer
url:
- description: |-
- URL is the HTTP address of the Artifact as exposed by the controller
- managing the Source. It can be used to retrieve the Artifact for
- consumption, e.g. by another controller applying the Artifact contents.
+ description: URL is the HTTP address of the Artifact as exposed
+ by the controller managing the Source. It can be used to retrieve
+ the Artifact for consumption, e.g. by another controller applying
+ the Artifact contents.
type: string
required:
- lastUpdateTime
conditions:
description: Conditions holds the conditions for the HelmChart.
items:
- description: Condition contains details for one aspect of the current
- state of this API Resource.
+ description: "Condition contains details for one aspect of the current
+ state of this API Resource. --- This struct is intended for direct
+ use as an array at the field path .status.conditions. For example,
+ \n type FooStatus struct{ // Represents the observations of a
+ foo's current state. // Known .status.conditions.type are: \"Available\",
+ \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge
+ // +listType=map // +listMapKey=type Conditions []metav1.Condition
+ `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\"
+ protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }"
properties:
lastTransitionTime:
- description: |-
- lastTransitionTime is the last time the condition transitioned from one status to another.
- This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable.
+ description: lastTransitionTime is the last time the condition
+ transitioned from one status to another. This should be when
+ the underlying condition changed. If that is not known, then
+ using the time when the API field changed is acceptable.
format: date-time
type: string
message:
- description: |-
- message is a human readable message indicating details about the transition.
- This may be an empty string.
+ description: message is a human readable message indicating
+ details about the transition. This may be an empty string.
maxLength: 32768
type: string
observedGeneration:
- description: |-
- observedGeneration represents the .metadata.generation that the condition was set based upon.
- For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date
- with respect to the current state of the instance.
+ description: observedGeneration represents the .metadata.generation
+ that the condition was set based upon. For instance, if .metadata.generation
+ is currently 12, but the .status.conditions[x].observedGeneration
+ is 9, the condition is out of date with respect to the current
+ state of the instance.
format: int64
minimum: 0
type: integer
reason:
- description: |-
- reason contains a programmatic identifier indicating the reason for the condition's last transition.
- Producers of specific condition types may define expected values and meanings for this field,
- and whether the values are considered a guaranteed API.
- The value should be a CamelCase string.
+ description: reason contains a programmatic identifier indicating
+ the reason for the condition's last transition. Producers
+ of specific condition types may define expected values and
+ meanings for this field, and whether the values are considered
+ a guaranteed API. The value should be a CamelCase string.
This field may not be empty.
maxLength: 1024
minLength: 1
type: string
type:
description: type of condition in CamelCase or in foo.example.com/CamelCase.
+ --- Many .condition.type values are consistent across resources
+ like Available, but because arbitrary conditions can be useful
+ (see .node.status.conditions), the ability to deconflict is
+ important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt)
maxLength: 316
pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$
type: string
type: object
type: array
lastHandledReconcileAt:
- description: |-
- LastHandledReconcileAt holds the value of the most recent
- reconcile request value, so a change of the annotation value
- can be detected.
+ description: LastHandledReconcileAt holds the value of the most recent
+ reconcile request value, so a change of the annotation value can
+ be detected.
type: string
observedChartName:
- description: |-
- ObservedChartName is the last observed chart name as specified by the
- resolved chart reference.
+ description: ObservedChartName is the last observed chart name as
+ specified by the resolved chart reference.
type: string
observedGeneration:
- description: |-
- ObservedGeneration is the last observed generation of the HelmChart
- object.
+ description: ObservedGeneration is the last observed generation of
+ the HelmChart object.
format: int64
type: integer
observedSourceArtifactRevision:
- description: |-
- ObservedSourceArtifactRevision is the last observed Artifact.Revision
+ description: ObservedSourceArtifactRevision is the last observed Artifact.Revision
of the HelmChartSpec.SourceRef.
type: string
- observedValuesFiles:
- description: |-
- ObservedValuesFiles are the observed value files of the last successful
- reconciliation.
- It matches the chart in the last successfully reconciled artifact.
- items:
- type: string
- type: array
url:
- description: |-
- URL is the dynamic fetch link for the latest Artifact.
- It is provided on a "best effort" basis, and using the precise
- BucketStatus.Artifact data is recommended.
+ description: URL is the dynamic fetch link for the latest Artifact.
+ It is provided on a "best effort" basis, and using the precise BucketStatus.Artifact
+ data is recommended.
type: string
type: object
type: object
served: true
- storage: false
+ storage: true
subresources:
status: {}
---
kind: CustomResourceDefinition
metadata:
annotations:
- controller-gen.kubebuilder.io/version: v0.16.1
+ controller-gen.kubebuilder.io/version: v0.12.0
labels:
app.kubernetes.io/component: source-controller
app.kubernetes.io/instance: flux-system
app.kubernetes.io/part-of: flux
- app.kubernetes.io/version: v2.4.0
+ app.kubernetes.io/version: v2.1.2
name: helmrepositories.source.toolkit.fluxcd.io
spec:
group: source.toolkit.fluxcd.io
singular: helmrepository
scope: Namespaced
versions:
- - additionalPrinterColumns:
- - jsonPath: .spec.url
- name: URL
- type: string
- - jsonPath: .metadata.creationTimestamp
- name: Age
- type: date
- - jsonPath: .status.conditions[?(@.type=="Ready")].status
- name: Ready
- type: string
- - jsonPath: .status.conditions[?(@.type=="Ready")].message
- name: Status
- type: string
- name: v1
- schema:
- openAPIV3Schema:
- description: HelmRepository is the Schema for the helmrepositories API.
- properties:
- apiVersion:
- description: |-
- APIVersion defines the versioned schema of this representation of an object.
- Servers should convert recognized schemas to the latest internal value, and
- may reject unrecognized values.
- More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
- type: string
- kind:
- description: |-
- Kind is a string value representing the REST resource this object represents.
- Servers may infer this from the endpoint the client submits requests to.
- Cannot be updated.
- In CamelCase.
- More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
- type: string
- metadata:
- type: object
- spec:
- description: |-
- HelmRepositorySpec specifies the required configuration to produce an
- Artifact for a Helm repository index YAML.
- properties:
- accessFrom:
- description: |-
- AccessFrom specifies an Access Control List for allowing cross-namespace
- references to this object.
- NOTE: Not implemented, provisional as of https://github.com/fluxcd/flux2/pull/2092
- properties:
- namespaceSelectors:
- description: |-
- NamespaceSelectors is the list of namespace selectors to which this ACL applies.
- Items in this list are evaluated using a logical OR operation.
- items:
- description: |-
- NamespaceSelector selects the namespaces to which this ACL applies.
- An empty map of MatchLabels matches all namespaces in a cluster.
- properties:
- matchLabels:
- additionalProperties:
- type: string
- description: |-
- MatchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels
- map is equivalent to an element of matchExpressions, whose key field is "key", the
- operator is "In", and the values array contains only "value". The requirements are ANDed.
- type: object
- type: object
- type: array
- required:
- - namespaceSelectors
- type: object
- certSecretRef:
- description: |-
- CertSecretRef can be given the name of a Secret containing
- either or both of
-
- - a PEM-encoded client certificate (`tls.crt`) and private
- key (`tls.key`);
- - a PEM-encoded CA certificate (`ca.crt`)
-
- and whichever are supplied, will be used for connecting to the
- registry. The client cert and key are useful if you are
- authenticating with a certificate; the CA cert is useful if
- you are using a self-signed server certificate. The Secret must
- be of type `Opaque` or `kubernetes.io/tls`.
-
- It takes precedence over the values specified in the Secret referred
- to by `.spec.secretRef`.
- properties:
- name:
- description: Name of the referent.
- type: string
- required:
- - name
- type: object
- insecure:
- description: |-
- Insecure allows connecting to a non-TLS HTTP container registry.
- This field is only taken into account if the .spec.type field is set to 'oci'.
- type: boolean
- interval:
- description: |-
- Interval at which the HelmRepository URL is checked for updates.
- This interval is approximate and may be subject to jitter to ensure
- efficient use of resources.
- pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$
- type: string
- passCredentials:
- description: |-
- PassCredentials allows the credentials from the SecretRef to be passed
- on to a host that does not match the host as defined in URL.
- This may be required if the host of the advertised chart URLs in the
- index differ from the defined URL.
- Enabling this should be done with caution, as it can potentially result
- in credentials getting stolen in a MITM-attack.
- type: boolean
- provider:
- default: generic
- description: |-
- Provider used for authentication, can be 'aws', 'azure', 'gcp' or 'generic'.
- This field is optional, and only taken into account if the .spec.type field is set to 'oci'.
- When not specified, defaults to 'generic'.
- enum:
- - generic
- - aws
- - azure
- - gcp
- type: string
- secretRef:
- description: |-
- SecretRef specifies the Secret containing authentication credentials
- for the HelmRepository.
- For HTTP/S basic auth the secret must contain 'username' and 'password'
- fields.
- Support for TLS auth using the 'certFile' and 'keyFile', and/or 'caFile'
- keys is deprecated. Please use `.spec.certSecretRef` instead.
- properties:
- name:
- description: Name of the referent.
- type: string
- required:
- - name
- type: object
- suspend:
- description: |-
- Suspend tells the controller to suspend the reconciliation of this
- HelmRepository.
- type: boolean
- timeout:
- description: |-
- Timeout is used for the index fetch operation for an HTTPS helm repository,
- and for remote OCI Repository operations like pulling for an OCI helm
- chart by the associated HelmChart.
- Its default value is 60s.
- pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m))+$
- type: string
- type:
- description: |-
- Type of the HelmRepository.
- When this field is set to "oci", the URL field value must be prefixed with "oci://".
- enum:
- - default
- - oci
- type: string
- url:
- description: |-
- URL of the Helm repository, a valid URL contains at least a protocol and
- host.
- pattern: ^(http|https|oci)://.*$
- type: string
- required:
- - url
- type: object
- status:
- default:
- observedGeneration: -1
- description: HelmRepositoryStatus records the observed state of the HelmRepository.
- properties:
- artifact:
- description: Artifact represents the last successful HelmRepository
- reconciliation.
- properties:
- digest:
- description: Digest is the digest of the file in the form of '<algorithm>:<checksum>'.
- pattern: ^[a-z0-9]+(?:[.+_-][a-z0-9]+)*:[a-zA-Z0-9=_-]+$
- type: string
- lastUpdateTime:
- description: |-
- LastUpdateTime is the timestamp corresponding to the last update of the
- Artifact.
- format: date-time
- type: string
- metadata:
- additionalProperties:
- type: string
- description: Metadata holds upstream information such as OCI annotations.
- type: object
- path:
- description: |-
- Path is the relative file path of the Artifact. It can be used to locate
- the file in the root of the Artifact storage on the local file system of
- the controller managing the Source.
- type: string
- revision:
- description: |-
- Revision is a human-readable identifier traceable in the origin source
- system. It can be a Git commit SHA, Git tag, a Helm chart version, etc.
- type: string
- size:
- description: Size is the number of bytes in the file.
- format: int64
- type: integer
- url:
- description: |-
- URL is the HTTP address of the Artifact as exposed by the controller
- managing the Source. It can be used to retrieve the Artifact for
- consumption, e.g. by another controller applying the Artifact contents.
- type: string
- required:
- - lastUpdateTime
- - path
- - revision
- - url
- type: object
- conditions:
- description: Conditions holds the conditions for the HelmRepository.
- items:
- description: Condition contains details for one aspect of the current
- state of this API Resource.
- properties:
- lastTransitionTime:
- description: |-
- lastTransitionTime is the last time the condition transitioned from one status to another.
- This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable.
- format: date-time
- type: string
- message:
- description: |-
- message is a human readable message indicating details about the transition.
- This may be an empty string.
- maxLength: 32768
- type: string
- observedGeneration:
- description: |-
- observedGeneration represents the .metadata.generation that the condition was set based upon.
- For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date
- with respect to the current state of the instance.
- format: int64
- minimum: 0
- type: integer
- reason:
- description: |-
- reason contains a programmatic identifier indicating the reason for the condition's last transition.
- Producers of specific condition types may define expected values and meanings for this field,
- and whether the values are considered a guaranteed API.
- The value should be a CamelCase string.
- This field may not be empty.
- maxLength: 1024
- minLength: 1
- pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$
- type: string
- status:
- description: status of the condition, one of True, False, Unknown.
- enum:
- - "True"
- - "False"
- - Unknown
- type: string
- type:
- description: type of condition in CamelCase or in foo.example.com/CamelCase.
- maxLength: 316
- pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$
- type: string
- required:
- - lastTransitionTime
- - message
- - reason
- - status
- - type
- type: object
- type: array
- lastHandledReconcileAt:
- description: |-
- LastHandledReconcileAt holds the value of the most recent
- reconcile request value, so a change of the annotation value
- can be detected.
- type: string
- observedGeneration:
- description: |-
- ObservedGeneration is the last observed generation of the HelmRepository
- object.
- format: int64
- type: integer
- url:
- description: |-
- URL is the dynamic fetch link for the latest Artifact.
- It is provided on a "best effort" basis, and using the precise
- HelmRepositoryStatus.Artifact data is recommended.
- type: string
- type: object
- type: object
- served: true
- storage: true
- subresources:
- status: {}
- additionalPrinterColumns:
- jsonPath: .spec.url
name: URL
- jsonPath: .metadata.creationTimestamp
name: Age
type: date
- deprecated: true
- deprecationWarning: v1beta1 HelmRepository is deprecated, upgrade to v1
name: v1beta1
schema:
openAPIV3Schema:
description: HelmRepository is the Schema for the helmrepositories API
properties:
apiVersion:
- description: |-
- APIVersion defines the versioned schema of this representation of an object.
- Servers should convert recognized schemas to the latest internal value, and
- may reject unrecognized values.
- More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
+ description: 'APIVersion defines the versioned schema of this representation
+ of an object. Servers should convert recognized schemas to the latest
+ internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
type: string
kind:
- description: |-
- Kind is a string value representing the REST resource this object represents.
- Servers may infer this from the endpoint the client submits requests to.
- Cannot be updated.
- In CamelCase.
- More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
+ description: 'Kind is a string value representing the REST resource this
+ object represents. Servers may infer this from the endpoint the client
+ submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
type: string
metadata:
type: object
cross-namespace references to this object.
properties:
namespaceSelectors:
- description: |-
- NamespaceSelectors is the list of namespace selectors to which this ACL applies.
- Items in this list are evaluated using a logical OR operation.
+ description: NamespaceSelectors is the list of namespace selectors
+ to which this ACL applies. Items in this list are evaluated
+ using a logical OR operation.
items:
- description: |-
- NamespaceSelector selects the namespaces to which this ACL applies.
- An empty map of MatchLabels matches all namespaces in a cluster.
+ description: NamespaceSelector selects the namespaces to which
+ this ACL applies. An empty map of MatchLabels matches all
+ namespaces in a cluster.
properties:
matchLabels:
additionalProperties:
type: string
- description: |-
- MatchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels
- map is equivalent to an element of matchExpressions, whose key field is "key", the
- operator is "In", and the values array contains only "value". The requirements are ANDed.
+ description: MatchLabels is a map of {key,value} pairs.
+ A single {key,value} in the matchLabels map is equivalent
+ to an element of matchExpressions, whose key field is
+ "key", the operator is "In", and the values array contains
+ only "value". The requirements are ANDed.
type: object
type: object
type: array
description: The interval at which to check the upstream for updates.
type: string
passCredentials:
- description: |-
- PassCredentials allows the credentials from the SecretRef to be passed on to
- a host that does not match the host as defined in URL.
- This may be required if the host of the advertised chart URLs in the index
- differ from the defined URL.
- Enabling this should be done with caution, as it can potentially result in
- credentials getting stolen in a MITM-attack.
+ description: PassCredentials allows the credentials from the SecretRef
+ to be passed on to a host that does not match the host as defined
+ in URL. This may be required if the host of the advertised chart
+ URLs in the index differ from the defined URL. Enabling this should
+ be done with caution, as it can potentially result in credentials
+ getting stolen in a MITM-attack.
type: boolean
secretRef:
- description: |-
- The name of the secret containing authentication credentials for the Helm
- repository.
- For HTTP/S basic auth the secret must contain username and
- password fields.
- For TLS the secret must contain a certFile and keyFile, and/or
- caFile fields.
+ description: The name of the secret containing authentication credentials
+ for the Helm repository. For HTTP/S basic auth the secret must contain
+ username and password fields. For TLS the secret must contain a
+ certFile and keyFile, and/or caFile fields.
properties:
name:
description: Name of the referent.
description: Checksum is the SHA256 checksum of the artifact.
type: string
lastUpdateTime:
- description: |-
- LastUpdateTime is the timestamp corresponding to the last update of this
- artifact.
+ description: LastUpdateTime is the timestamp corresponding to
+ the last update of this artifact.
format: date-time
type: string
path:
description: Path is the relative file path of this artifact.
type: string
revision:
- description: |-
- Revision is a human readable identifier traceable in the origin source
- system. It can be a Git commit SHA, Git tag, a Helm index timestamp, a Helm
- chart version, etc.
+ description: Revision is a human readable identifier traceable
+ in the origin source system. It can be a Git commit SHA, Git
+ tag, a Helm index timestamp, a Helm chart version, etc.
type: string
url:
description: URL is the HTTP address of this artifact.
type: string
required:
- - lastUpdateTime
- path
- url
type: object
conditions:
description: Conditions holds the conditions for the HelmRepository.
items:
- description: Condition contains details for one aspect of the current
- state of this API Resource.
+ description: "Condition contains details for one aspect of the current
+ state of this API Resource. --- This struct is intended for direct
+ use as an array at the field path .status.conditions. For example,
+ \n type FooStatus struct{ // Represents the observations of a
+ foo's current state. // Known .status.conditions.type are: \"Available\",
+ \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge
+ // +listType=map // +listMapKey=type Conditions []metav1.Condition
+ `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\"
+ protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }"
properties:
lastTransitionTime:
- description: |-
- lastTransitionTime is the last time the condition transitioned from one status to another.
- This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable.
+ description: lastTransitionTime is the last time the condition
+ transitioned from one status to another. This should be when
+ the underlying condition changed. If that is not known, then
+ using the time when the API field changed is acceptable.
format: date-time
type: string
message:
- description: |-
- message is a human readable message indicating details about the transition.
- This may be an empty string.
+ description: message is a human readable message indicating
+ details about the transition. This may be an empty string.
maxLength: 32768
type: string
observedGeneration:
- description: |-
- observedGeneration represents the .metadata.generation that the condition was set based upon.
- For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date
- with respect to the current state of the instance.
+ description: observedGeneration represents the .metadata.generation
+ that the condition was set based upon. For instance, if .metadata.generation
+ is currently 12, but the .status.conditions[x].observedGeneration
+ is 9, the condition is out of date with respect to the current
+ state of the instance.
format: int64
minimum: 0
type: integer
reason:
- description: |-
- reason contains a programmatic identifier indicating the reason for the condition's last transition.
- Producers of specific condition types may define expected values and meanings for this field,
- and whether the values are considered a guaranteed API.
- The value should be a CamelCase string.
+ description: reason contains a programmatic identifier indicating
+ the reason for the condition's last transition. Producers
+ of specific condition types may define expected values and
+ meanings for this field, and whether the values are considered
+ a guaranteed API. The value should be a CamelCase string.
This field may not be empty.
maxLength: 1024
minLength: 1
type: string
type:
description: type of condition in CamelCase or in foo.example.com/CamelCase.
+ --- Many .condition.type values are consistent across resources
+ like Available, but because arbitrary conditions can be useful
+ (see .node.status.conditions), the ability to deconflict is
+ important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt)
maxLength: 316
pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$
type: string
type: object
type: array
lastHandledReconcileAt:
- description: |-
- LastHandledReconcileAt holds the value of the most recent
- reconcile request value, so a change of the annotation value
- can be detected.
+ description: LastHandledReconcileAt holds the value of the most recent
+ reconcile request value, so a change of the annotation value can
+ be detected.
type: string
observedGeneration:
description: ObservedGeneration is the last observed generation.
- jsonPath: .status.conditions[?(@.type=="Ready")].message
name: Status
type: string
- deprecated: true
- deprecationWarning: v1beta2 HelmRepository is deprecated, upgrade to v1
name: v1beta2
schema:
openAPIV3Schema:
description: HelmRepository is the Schema for the helmrepositories API.
properties:
apiVersion:
- description: |-
- APIVersion defines the versioned schema of this representation of an object.
- Servers should convert recognized schemas to the latest internal value, and
- may reject unrecognized values.
- More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
+ description: 'APIVersion defines the versioned schema of this representation
+ of an object. Servers should convert recognized schemas to the latest
+ internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
type: string
kind:
- description: |-
- Kind is a string value representing the REST resource this object represents.
- Servers may infer this from the endpoint the client submits requests to.
- Cannot be updated.
- In CamelCase.
- More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
+ description: 'Kind is a string value representing the REST resource this
+ object represents. Servers may infer this from the endpoint the client
+ submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
type: string
metadata:
type: object
spec:
- description: |-
- HelmRepositorySpec specifies the required configuration to produce an
- Artifact for a Helm repository index YAML.
+ description: HelmRepositorySpec specifies the required configuration to
+ produce an Artifact for a Helm repository index YAML.
properties:
accessFrom:
- description: |-
- AccessFrom specifies an Access Control List for allowing cross-namespace
- references to this object.
- NOTE: Not implemented, provisional as of https://github.com/fluxcd/flux2/pull/2092
+ description: 'AccessFrom specifies an Access Control List for allowing
+ cross-namespace references to this object. NOTE: Not implemented,
+ provisional as of https://github.com/fluxcd/flux2/pull/2092'
properties:
namespaceSelectors:
- description: |-
- NamespaceSelectors is the list of namespace selectors to which this ACL applies.
- Items in this list are evaluated using a logical OR operation.
+ description: NamespaceSelectors is the list of namespace selectors
+ to which this ACL applies. Items in this list are evaluated
+ using a logical OR operation.
items:
- description: |-
- NamespaceSelector selects the namespaces to which this ACL applies.
- An empty map of MatchLabels matches all namespaces in a cluster.
+ description: NamespaceSelector selects the namespaces to which
+ this ACL applies. An empty map of MatchLabels matches all
+ namespaces in a cluster.
properties:
matchLabels:
additionalProperties:
type: string
- description: |-
- MatchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels
- map is equivalent to an element of matchExpressions, whose key field is "key", the
- operator is "In", and the values array contains only "value". The requirements are ANDed.
+ description: MatchLabels is a map of {key,value} pairs.
+ A single {key,value} in the matchLabels map is equivalent
+ to an element of matchExpressions, whose key field is
+ "key", the operator is "In", and the values array contains
+ only "value". The requirements are ANDed.
type: object
type: object
type: array
- namespaceSelectors
type: object
certSecretRef:
- description: |-
- CertSecretRef can be given the name of a Secret containing
- either or both of
-
- - a PEM-encoded client certificate (`tls.crt`) and private
- key (`tls.key`);
- - a PEM-encoded CA certificate (`ca.crt`)
-
- and whichever are supplied, will be used for connecting to the
- registry. The client cert and key are useful if you are
- authenticating with a certificate; the CA cert is useful if
- you are using a self-signed server certificate. The Secret must
- be of type `Opaque` or `kubernetes.io/tls`.
-
- It takes precedence over the values specified in the Secret referred
- to by `.spec.secretRef`.
+ description: "CertSecretRef can be given the name of a Secret containing
+ either or both of \n - a PEM-encoded client certificate (`tls.crt`)
+ and private key (`tls.key`); - a PEM-encoded CA certificate (`ca.crt`)
+ \n and whichever are supplied, will be used for connecting to the
+ registry. The client cert and key are useful if you are authenticating
+ with a certificate; the CA cert is useful if you are using a self-signed
+ server certificate. The Secret must be of type `Opaque` or `kubernetes.io/tls`.
+ \n It takes precedence over the values specified in the Secret referred
+ to by `.spec.secretRef`."
properties:
name:
description: Name of the referent.
required:
- name
type: object
- insecure:
- description: |-
- Insecure allows connecting to a non-TLS HTTP container registry.
- This field is only taken into account if the .spec.type field is set to 'oci'.
- type: boolean
interval:
- description: |-
- Interval at which the HelmRepository URL is checked for updates.
- This interval is approximate and may be subject to jitter to ensure
- efficient use of resources.
+ description: Interval at which the HelmRepository URL is checked for
+ updates. This interval is approximate and may be subject to jitter
+ to ensure efficient use of resources.
pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$
type: string
passCredentials:
- description: |-
- PassCredentials allows the credentials from the SecretRef to be passed
- on to a host that does not match the host as defined in URL.
- This may be required if the host of the advertised chart URLs in the
- index differ from the defined URL.
- Enabling this should be done with caution, as it can potentially result
- in credentials getting stolen in a MITM-attack.
+ description: PassCredentials allows the credentials from the SecretRef
+ to be passed on to a host that does not match the host as defined
+ in URL. This may be required if the host of the advertised chart
+ URLs in the index differ from the defined URL. Enabling this should
+ be done with caution, as it can potentially result in credentials
+ getting stolen in a MITM-attack.
type: boolean
provider:
default: generic
- description: |-
- Provider used for authentication, can be 'aws', 'azure', 'gcp' or 'generic'.
- This field is optional, and only taken into account if the .spec.type field is set to 'oci'.
- When not specified, defaults to 'generic'.
+ description: Provider used for authentication, can be 'aws', 'azure',
+ 'gcp' or 'generic'. This field is optional, and only taken into
+ account if the .spec.type field is set to 'oci'. When not specified,
+ defaults to 'generic'.
enum:
- generic
- aws
- gcp
type: string
secretRef:
- description: |-
- SecretRef specifies the Secret containing authentication credentials
- for the HelmRepository.
- For HTTP/S basic auth the secret must contain 'username' and 'password'
- fields.
- Support for TLS auth using the 'certFile' and 'keyFile', and/or 'caFile'
- keys is deprecated. Please use `.spec.certSecretRef` instead.
+ description: SecretRef specifies the Secret containing authentication
+ credentials for the HelmRepository. For HTTP/S basic auth the secret
+ must contain 'username' and 'password' fields. Support for TLS auth
+ using the 'certFile' and 'keyFile', and/or 'caFile' keys is deprecated.
+ Please use `.spec.certSecretRef` instead.
properties:
name:
description: Name of the referent.
- name
type: object
suspend:
- description: |-
- Suspend tells the controller to suspend the reconciliation of this
- HelmRepository.
+ description: Suspend tells the controller to suspend the reconciliation
+ of this HelmRepository.
type: boolean
timeout:
- description: |-
- Timeout is used for the index fetch operation for an HTTPS helm repository,
- and for remote OCI Repository operations like pulling for an OCI helm
- chart by the associated HelmChart.
- Its default value is 60s.
+ default: 60s
+ description: Timeout is used for the index fetch operation for an
+ HTTPS helm repository, and for remote OCI Repository operations
+ like pulling for an OCI helm repository. Its default value is 60s.
pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m))+$
type: string
type:
- description: |-
- Type of the HelmRepository.
- When this field is set to "oci", the URL field value must be prefixed with "oci://".
+ description: Type of the HelmRepository. When this field is set to "oci",
+ the URL field value must be prefixed with "oci://".
enum:
- default
- oci
type: string
url:
- description: |-
- URL of the Helm repository, a valid URL contains at least a protocol and
- host.
- pattern: ^(http|https|oci)://.*$
+ description: URL of the Helm repository, a valid URL contains at least
+ a protocol and host.
type: string
required:
+ - interval
- url
type: object
status:
pattern: ^[a-z0-9]+(?:[.+_-][a-z0-9]+)*:[a-zA-Z0-9=_-]+$
type: string
lastUpdateTime:
- description: |-
- LastUpdateTime is the timestamp corresponding to the last update of the
- Artifact.
+ description: LastUpdateTime is the timestamp corresponding to
+ the last update of the Artifact.
format: date-time
type: string
metadata:
description: Metadata holds upstream information such as OCI annotations.
type: object
path:
- description: |-
- Path is the relative file path of the Artifact. It can be used to locate
- the file in the root of the Artifact storage on the local file system of
- the controller managing the Source.
+ description: Path is the relative file path of the Artifact. It
+ can be used to locate the file in the root of the Artifact storage
+ on the local file system of the controller managing the Source.
type: string
revision:
- description: |-
- Revision is a human-readable identifier traceable in the origin source
- system. It can be a Git commit SHA, Git tag, a Helm chart version, etc.
+ description: Revision is a human-readable identifier traceable
+ in the origin source system. It can be a Git commit SHA, Git
+ tag, a Helm chart version, etc.
type: string
size:
description: Size is the number of bytes in the file.
format: int64
type: integer
url:
- description: |-
- URL is the HTTP address of the Artifact as exposed by the controller
- managing the Source. It can be used to retrieve the Artifact for
- consumption, e.g. by another controller applying the Artifact contents.
+ description: URL is the HTTP address of the Artifact as exposed
+ by the controller managing the Source. It can be used to retrieve
+ the Artifact for consumption, e.g. by another controller applying
+ the Artifact contents.
type: string
required:
- lastUpdateTime
conditions:
description: Conditions holds the conditions for the HelmRepository.
items:
- description: Condition contains details for one aspect of the current
- state of this API Resource.
+ description: "Condition contains details for one aspect of the current
+ state of this API Resource. --- This struct is intended for direct
+ use as an array at the field path .status.conditions. For example,
+ \n type FooStatus struct{ // Represents the observations of a
+ foo's current state. // Known .status.conditions.type are: \"Available\",
+ \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge
+ // +listType=map // +listMapKey=type Conditions []metav1.Condition
+ `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\"
+ protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }"
properties:
lastTransitionTime:
- description: |-
- lastTransitionTime is the last time the condition transitioned from one status to another.
- This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable.
+ description: lastTransitionTime is the last time the condition
+ transitioned from one status to another. This should be when
+ the underlying condition changed. If that is not known, then
+ using the time when the API field changed is acceptable.
format: date-time
type: string
message:
- description: |-
- message is a human readable message indicating details about the transition.
- This may be an empty string.
+ description: message is a human readable message indicating
+ details about the transition. This may be an empty string.
maxLength: 32768
type: string
observedGeneration:
- description: |-
- observedGeneration represents the .metadata.generation that the condition was set based upon.
- For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date
- with respect to the current state of the instance.
+ description: observedGeneration represents the .metadata.generation
+ that the condition was set based upon. For instance, if .metadata.generation
+ is currently 12, but the .status.conditions[x].observedGeneration
+ is 9, the condition is out of date with respect to the current
+ state of the instance.
format: int64
minimum: 0
type: integer
reason:
- description: |-
- reason contains a programmatic identifier indicating the reason for the condition's last transition.
- Producers of specific condition types may define expected values and meanings for this field,
- and whether the values are considered a guaranteed API.
- The value should be a CamelCase string.
+ description: reason contains a programmatic identifier indicating
+ the reason for the condition's last transition. Producers
+ of specific condition types may define expected values and
+ meanings for this field, and whether the values are considered
+ a guaranteed API. The value should be a CamelCase string.
This field may not be empty.
maxLength: 1024
minLength: 1
type: string
type:
description: type of condition in CamelCase or in foo.example.com/CamelCase.
+ --- Many .condition.type values are consistent across resources
+ like Available, but because arbitrary conditions can be useful
+ (see .node.status.conditions), the ability to deconflict is
+ important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt)
maxLength: 316
pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$
type: string
type: object
type: array
lastHandledReconcileAt:
- description: |-
- LastHandledReconcileAt holds the value of the most recent
- reconcile request value, so a change of the annotation value
- can be detected.
+ description: LastHandledReconcileAt holds the value of the most recent
+ reconcile request value, so a change of the annotation value can
+ be detected.
type: string
observedGeneration:
- description: |-
- ObservedGeneration is the last observed generation of the HelmRepository
- object.
+ description: ObservedGeneration is the last observed generation of
+ the HelmRepository object.
format: int64
type: integer
url:
- description: |-
- URL is the dynamic fetch link for the latest Artifact.
- It is provided on a "best effort" basis, and using the precise
- HelmRepositoryStatus.Artifact data is recommended.
+ description: URL is the dynamic fetch link for the latest Artifact.
+ It is provided on a "best effort" basis, and using the precise HelmRepositoryStatus.Artifact
+ data is recommended.
type: string
type: object
type: object
served: true
- storage: false
+ storage: true
subresources:
status: {}
---
kind: CustomResourceDefinition
metadata:
annotations:
- controller-gen.kubebuilder.io/version: v0.16.1
+ controller-gen.kubebuilder.io/version: v0.12.0
labels:
app.kubernetes.io/component: source-controller
app.kubernetes.io/instance: flux-system
app.kubernetes.io/part-of: flux
- app.kubernetes.io/version: v2.4.0
+ app.kubernetes.io/version: v2.1.2
name: ocirepositories.source.toolkit.fluxcd.io
spec:
group: source.toolkit.fluxcd.io
description: OCIRepository is the Schema for the ocirepositories API
properties:
apiVersion:
- description: |-
- APIVersion defines the versioned schema of this representation of an object.
- Servers should convert recognized schemas to the latest internal value, and
- may reject unrecognized values.
- More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
+ description: 'APIVersion defines the versioned schema of this representation
+ of an object. Servers should convert recognized schemas to the latest
+ internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
type: string
kind:
- description: |-
- Kind is a string value representing the REST resource this object represents.
- Servers may infer this from the endpoint the client submits requests to.
- Cannot be updated.
- In CamelCase.
- More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
+ description: 'Kind is a string value representing the REST resource this
+ object represents. Servers may infer this from the endpoint the client
+ submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
type: string
metadata:
type: object
description: OCIRepositorySpec defines the desired state of OCIRepository
properties:
certSecretRef:
- description: |-
- CertSecretRef can be given the name of a Secret containing
- either or both of
-
- - a PEM-encoded client certificate (`tls.crt`) and private
- key (`tls.key`);
- - a PEM-encoded CA certificate (`ca.crt`)
-
- and whichever are supplied, will be used for connecting to the
- registry. The client cert and key are useful if you are
- authenticating with a certificate; the CA cert is useful if
- you are using a self-signed server certificate. The Secret must
- be of type `Opaque` or `kubernetes.io/tls`.
-
- Note: Support for the `caFile`, `certFile` and `keyFile` keys have
- been deprecated.
+ description: "CertSecretRef can be given the name of a Secret containing
+ either or both of \n - a PEM-encoded client certificate (`tls.crt`)
+ and private key (`tls.key`); - a PEM-encoded CA certificate (`ca.crt`)
+ \n and whichever are supplied, will be used for connecting to the
+ registry. The client cert and key are useful if you are authenticating
+ with a certificate; the CA cert is useful if you are using a self-signed
+ server certificate. The Secret must be of type `Opaque` or `kubernetes.io/tls`.
+ \n Note: Support for the `caFile`, `certFile` and `keyFile` keys
+ have been deprecated."
properties:
name:
description: Name of the referent.
- name
type: object
ignore:
- description: |-
- Ignore overrides the set of excluded patterns in the .sourceignore format
- (which is the same as .gitignore). If not provided, a default will be used,
- consult the documentation for your version to find out what those are.
+ description: Ignore overrides the set of excluded patterns in the
+ .sourceignore format (which is the same as .gitignore). If not provided,
+ a default will be used, consult the documentation for your version
+ to find out what those are.
type: string
insecure:
description: Insecure allows connecting to a non-TLS HTTP container
registry.
type: boolean
interval:
- description: |-
- Interval at which the OCIRepository URL is checked for updates.
- This interval is approximate and may be subject to jitter to ensure
- efficient use of resources.
+ description: Interval at which the OCIRepository URL is checked for
+ updates. This interval is approximate and may be subject to jitter
+ to ensure efficient use of resources.
pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$
type: string
layerSelector:
- description: |-
- LayerSelector specifies which layer should be extracted from the OCI artifact.
- When not specified, the first layer found in the artifact is selected.
+ description: LayerSelector specifies which layer should be extracted
+ from the OCI artifact. When not specified, the first layer found
+ in the artifact is selected.
properties:
mediaType:
- description: |-
- MediaType specifies the OCI media type of the layer
- which should be extracted from the OCI Artifact. The
- first layer matching this type is selected.
+ description: MediaType specifies the OCI media type of the layer
+ which should be extracted from the OCI Artifact. The first layer
+ matching this type is selected.
type: string
operation:
- description: |-
- Operation specifies how the selected layer should be processed.
- By default, the layer compressed content is extracted to storage.
- When the operation is set to 'copy', the layer compressed content
- is persisted to storage as it is.
+ description: Operation specifies how the selected layer should
+ be processed. By default, the layer compressed content is extracted
+ to storage. When the operation is set to 'copy', the layer compressed
+ content is persisted to storage as it is.
enum:
- extract
- copy
type: object
provider:
default: generic
- description: |-
- The provider used for authentication, can be 'aws', 'azure', 'gcp' or 'generic'.
- When not specified, defaults to 'generic'.
+ description: The provider used for authentication, can be 'aws', 'azure',
+ 'gcp' or 'generic'. When not specified, defaults to 'generic'.
enum:
- generic
- aws
- azure
- gcp
type: string
- proxySecretRef:
- description: |-
- ProxySecretRef specifies the Secret containing the proxy configuration
- to use while communicating with the container registry.
- properties:
- name:
- description: Name of the referent.
- type: string
- required:
- - name
- type: object
ref:
- description: |-
- The OCI reference to pull and monitor for changes,
- defaults to the latest tag.
+ description: The OCI reference to pull and monitor for changes, defaults
+ to the latest tag.
properties:
digest:
- description: |-
- Digest is the image digest to pull, takes precedence over SemVer.
- The value should be in the format 'sha256:<HASH>'.
+ description: Digest is the image digest to pull, takes precedence
+ over SemVer. The value should be in the format 'sha256:<HASH>'.
type: string
semver:
- description: |-
- SemVer is the range of tags to pull selecting the latest within
- the range, takes precedence over Tag.
- type: string
- semverFilter:
- description: SemverFilter is a regex pattern to filter the tags
- within the SemVer range.
+ description: SemVer is the range of tags to pull selecting the
+ latest within the range, takes precedence over Tag.
type: string
tag:
description: Tag is the image tag to pull, defaults to latest.
type: string
type: object
secretRef:
- description: |-
- SecretRef contains the secret name containing the registry login
- credentials to resolve image metadata.
- The secret must be of type kubernetes.io/dockerconfigjson.
+ description: SecretRef contains the secret name containing the registry
+ login credentials to resolve image metadata. The secret must be
+ of type kubernetes.io/dockerconfigjson.
properties:
name:
description: Name of the referent.
- name
type: object
serviceAccountName:
- description: |-
- ServiceAccountName is the name of the Kubernetes ServiceAccount used to authenticate
- the image pull if the service account has attached pull secrets. For more information:
- https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/#add-imagepullsecrets-to-a-service-account
+ description: 'ServiceAccountName is the name of the Kubernetes ServiceAccount
+ used to authenticate the image pull if the service account has attached
+ pull secrets. For more information: https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/#add-imagepullsecrets-to-a-service-account'
type: string
suspend:
description: This flag tells the controller to suspend the reconciliation
pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m))+$
type: string
url:
- description: |-
- URL is a reference to an OCI artifact repository hosted
+ description: URL is a reference to an OCI artifact repository hosted
on a remote container registry.
pattern: ^oci://.*$
type: string
verify:
- description: |-
- Verify contains the secret name containing the trusted public keys
- used to verify the signature and specifies which provider to use to check
- whether OCI image is authentic.
+ description: Verify contains the secret name containing the trusted
+ public keys used to verify the signature and specifies which provider
+ to use to check whether OCI image is authentic.
properties:
- matchOIDCIdentity:
- description: |-
- MatchOIDCIdentity specifies the identity matching criteria to use
- while verifying an OCI artifact which was signed using Cosign keyless
- signing. The artifact's identity is deemed to be verified if any of the
- specified matchers match against the identity.
- items:
- description: |-
- OIDCIdentityMatch specifies options for verifying the certificate identity,
- i.e. the issuer and the subject of the certificate.
- properties:
- issuer:
- description: |-
- Issuer specifies the regex pattern to match against to verify
- the OIDC issuer in the Fulcio certificate. The pattern must be a
- valid Go regular expression.
- type: string
- subject:
- description: |-
- Subject specifies the regex pattern to match against to verify
- the identity subject in the Fulcio certificate. The pattern must
- be a valid Go regular expression.
- type: string
- required:
- - issuer
- - subject
- type: object
- type: array
provider:
default: cosign
description: Provider specifies the technology used to sign the
OCI Artifact.
enum:
- cosign
- - notation
type: string
secretRef:
- description: |-
- SecretRef specifies the Kubernetes Secret containing the
- trusted public keys.
+ description: SecretRef specifies the Kubernetes Secret containing
+ the trusted public keys.
properties:
name:
description: Name of the referent.
pattern: ^[a-z0-9]+(?:[.+_-][a-z0-9]+)*:[a-zA-Z0-9=_-]+$
type: string
lastUpdateTime:
- description: |-
- LastUpdateTime is the timestamp corresponding to the last update of the
- Artifact.
+ description: LastUpdateTime is the timestamp corresponding to
+ the last update of the Artifact.
format: date-time
type: string
metadata:
description: Metadata holds upstream information such as OCI annotations.
type: object
path:
- description: |-
- Path is the relative file path of the Artifact. It can be used to locate
- the file in the root of the Artifact storage on the local file system of
- the controller managing the Source.
+ description: Path is the relative file path of the Artifact. It
+ can be used to locate the file in the root of the Artifact storage
+ on the local file system of the controller managing the Source.
type: string
revision:
- description: |-
- Revision is a human-readable identifier traceable in the origin source
- system. It can be a Git commit SHA, Git tag, a Helm chart version, etc.
+ description: Revision is a human-readable identifier traceable
+ in the origin source system. It can be a Git commit SHA, Git
+ tag, a Helm chart version, etc.
type: string
size:
description: Size is the number of bytes in the file.
format: int64
type: integer
url:
- description: |-
- URL is the HTTP address of the Artifact as exposed by the controller
- managing the Source. It can be used to retrieve the Artifact for
- consumption, e.g. by another controller applying the Artifact contents.
+ description: URL is the HTTP address of the Artifact as exposed
+ by the controller managing the Source. It can be used to retrieve
+ the Artifact for consumption, e.g. by another controller applying
+ the Artifact contents.
type: string
required:
- lastUpdateTime
conditions:
description: Conditions holds the conditions for the OCIRepository.
items:
- description: Condition contains details for one aspect of the current
- state of this API Resource.
+ description: "Condition contains details for one aspect of the current
+ state of this API Resource. --- This struct is intended for direct
+ use as an array at the field path .status.conditions. For example,
+ \n type FooStatus struct{ // Represents the observations of a
+ foo's current state. // Known .status.conditions.type are: \"Available\",
+ \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge
+ // +listType=map // +listMapKey=type Conditions []metav1.Condition
+ `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\"
+ protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }"
properties:
lastTransitionTime:
- description: |-
- lastTransitionTime is the last time the condition transitioned from one status to another.
- This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable.
+ description: lastTransitionTime is the last time the condition
+ transitioned from one status to another. This should be when
+ the underlying condition changed. If that is not known, then
+ using the time when the API field changed is acceptable.
format: date-time
type: string
message:
- description: |-
- message is a human readable message indicating details about the transition.
- This may be an empty string.
+ description: message is a human readable message indicating
+ details about the transition. This may be an empty string.
maxLength: 32768
type: string
observedGeneration:
- description: |-
- observedGeneration represents the .metadata.generation that the condition was set based upon.
- For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date
- with respect to the current state of the instance.
+ description: observedGeneration represents the .metadata.generation
+ that the condition was set based upon. For instance, if .metadata.generation
+ is currently 12, but the .status.conditions[x].observedGeneration
+ is 9, the condition is out of date with respect to the current
+ state of the instance.
format: int64
minimum: 0
type: integer
reason:
- description: |-
- reason contains a programmatic identifier indicating the reason for the condition's last transition.
- Producers of specific condition types may define expected values and meanings for this field,
- and whether the values are considered a guaranteed API.
- The value should be a CamelCase string.
+ description: reason contains a programmatic identifier indicating
+ the reason for the condition's last transition. Producers
+ of specific condition types may define expected values and
+ meanings for this field, and whether the values are considered
+ a guaranteed API. The value should be a CamelCase string.
This field may not be empty.
maxLength: 1024
minLength: 1
type: string
type:
description: type of condition in CamelCase or in foo.example.com/CamelCase.
+ --- Many .condition.type values are consistent across resources
+ like Available, but because arbitrary conditions can be useful
+ (see .node.status.conditions), the ability to deconflict is
+ important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt)
maxLength: 316
pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$
type: string
type: object
type: array
contentConfigChecksum:
- description: |-
- ContentConfigChecksum is a checksum of all the configurations related to
- the content of the source artifact:
- - .spec.ignore
- - .spec.layerSelector
- observed in .status.observedGeneration version of the object. This can
- be used to determine if the content configuration has changed and the
- artifact needs to be rebuilt.
- It has the format of `<algo>:<checksum>`, for example: `sha256:<checksum>`.
-
- Deprecated: Replaced with explicit fields for observed artifact content
- config in the status.
+ description: "ContentConfigChecksum is a checksum of all the configurations
+ related to the content of the source artifact: - .spec.ignore -
+ .spec.layerSelector observed in .status.observedGeneration version
+ of the object. This can be used to determine if the content configuration
+ has changed and the artifact needs to be rebuilt. It has the format
+ of `<algo>:<checksum>`, for example: `sha256:<checksum>`. \n Deprecated:
+ Replaced with explicit fields for observed artifact content config
+ in the status."
type: string
lastHandledReconcileAt:
- description: |-
- LastHandledReconcileAt holds the value of the most recent
- reconcile request value, so a change of the annotation value
- can be detected.
+ description: LastHandledReconcileAt holds the value of the most recent
+ reconcile request value, so a change of the annotation value can
+ be detected.
type: string
observedGeneration:
description: ObservedGeneration is the last observed generation.
format: int64
type: integer
observedIgnore:
- description: |-
- ObservedIgnore is the observed exclusion patterns used for constructing
- the source artifact.
+ description: ObservedIgnore is the observed exclusion patterns used
+ for constructing the source artifact.
type: string
observedLayerSelector:
- description: |-
- ObservedLayerSelector is the observed layer selector used for constructing
- the source artifact.
+ description: ObservedLayerSelector is the observed layer selector
+ used for constructing the source artifact.
properties:
mediaType:
- description: |-
- MediaType specifies the OCI media type of the layer
- which should be extracted from the OCI Artifact. The
- first layer matching this type is selected.
+ description: MediaType specifies the OCI media type of the layer
+ which should be extracted from the OCI Artifact. The first layer
+ matching this type is selected.
type: string
operation:
- description: |-
- Operation specifies how the selected layer should be processed.
- By default, the layer compressed content is extracted to storage.
- When the operation is set to 'copy', the layer compressed content
- is persisted to storage as it is.
+ description: Operation specifies how the selected layer should
+ be processed. By default, the layer compressed content is extracted
+ to storage. When the operation is set to 'copy', the layer compressed
+ content is persisted to storage as it is.
enum:
- extract
- copy
app.kubernetes.io/component: source-controller
app.kubernetes.io/instance: flux-system
app.kubernetes.io/part-of: flux
- app.kubernetes.io/version: v2.4.0
+ app.kubernetes.io/version: v2.1.2
name: source-controller
namespace: flux-system
---
app.kubernetes.io/component: source-controller
app.kubernetes.io/instance: flux-system
app.kubernetes.io/part-of: flux
- app.kubernetes.io/version: v2.4.0
+ app.kubernetes.io/version: v2.1.2
control-plane: controller
name: source-controller
namespace: flux-system
app.kubernetes.io/component: source-controller
app.kubernetes.io/instance: flux-system
app.kubernetes.io/part-of: flux
- app.kubernetes.io/version: v2.4.0
+ app.kubernetes.io/version: v2.1.2
control-plane: controller
name: source-controller
namespace: flux-system
fieldPath: metadata.namespace
- name: TUF_ROOT
value: /tmp/.sigstore
- - name: GOMAXPROCS
- valueFrom:
- resourceFieldRef:
- containerName: manager
- resource: limits.cpu
- - name: GOMEMLIMIT
- valueFrom:
- resourceFieldRef:
- containerName: manager
- resource: limits.memory
- image: ghcr.io/fluxcd/source-controller:v1.4.1
+ image: ghcr.io/fluxcd/source-controller:v1.1.2
imagePullPolicy: IfNotPresent
livenessProbe:
httpGet:
kind: CustomResourceDefinition
metadata:
annotations:
- controller-gen.kubebuilder.io/version: v0.16.1
+ controller-gen.kubebuilder.io/version: v0.12.0
labels:
app.kubernetes.io/component: kustomize-controller
app.kubernetes.io/instance: flux-system
app.kubernetes.io/part-of: flux
- app.kubernetes.io/version: v2.4.0
+ app.kubernetes.io/version: v2.1.2
name: kustomizations.kustomize.toolkit.fluxcd.io
spec:
group: kustomize.toolkit.fluxcd.io
description: Kustomization is the Schema for the kustomizations API.
properties:
apiVersion:
- description: |-
- APIVersion defines the versioned schema of this representation of an object.
- Servers should convert recognized schemas to the latest internal value, and
- may reject unrecognized values.
- More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
+ description: 'APIVersion defines the versioned schema of this representation
+ of an object. Servers should convert recognized schemas to the latest
+ internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
type: string
kind:
- description: |-
- Kind is a string value representing the REST resource this object represents.
- Servers may infer this from the endpoint the client submits requests to.
- Cannot be updated.
- In CamelCase.
- More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
+ description: 'Kind is a string value representing the REST resource this
+ object represents. Servers may infer this from the endpoint the client
+ submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
type: string
metadata:
type: object
spec:
- description: |-
- KustomizationSpec defines the configuration to calculate the desired state
- from a Source using Kustomize.
+ description: KustomizationSpec defines the configuration to calculate
+ the desired state from a Source using Kustomize.
properties:
commonMetadata:
- description: |-
- CommonMetadata specifies the common labels and annotations that are
- applied to all resources. Any existing label or annotation will be
- overridden if its key matches a common one.
+ description: CommonMetadata specifies the common labels and annotations
+ that are applied to all resources. Any existing label or annotation
+ will be overridden if its key matches a common one.
properties:
annotations:
additionalProperties:
- provider
type: object
dependsOn:
- description: |-
- DependsOn may contain a meta.NamespacedObjectReference slice
- with references to Kustomization resources that must be ready before this
- Kustomization can be reconciled.
+ description: DependsOn may contain a meta.NamespacedObjectReference
+ slice with references to Kustomization resources that must be ready
+ before this Kustomization can be reconciled.
items:
- description: |-
- NamespacedObjectReference contains enough information to locate the referenced Kubernetes resource object in any
- namespace.
+ description: NamespacedObjectReference contains enough information
+ to locate the referenced Kubernetes resource object in any namespace.
properties:
name:
description: Name of the referent.
type: array
force:
default: false
- description: |-
- Force instructs the controller to recreate resources
+ description: Force instructs the controller to recreate resources
when patching fails due to an immutable field change.
type: boolean
healthChecks:
description: A list of resources to be included in the health assessment.
items:
- description: |-
- NamespacedObjectKindReference contains enough information to locate the typed referenced Kubernetes resource object
- in any namespace.
+ description: NamespacedObjectKindReference contains enough information
+ to locate the typed referenced Kubernetes resource object in any
+ namespace.
properties:
apiVersion:
description: API version of the referent, if not specified the
type: object
type: array
images:
- description: |-
- Images is a list of (image name, new name, new tag or digest)
- for changing image names, tags or digests. This can also be achieved with a
- patch, but this operator is simpler to specify.
+ description: Images is a list of (image name, new name, new tag or
+ digest) for changing image names, tags or digests. This can also
+ be achieved with a patch, but this operator is simpler to specify.
items:
description: Image contains an image name, a new name, a new tag
or digest, which will replace the original name and tag.
properties:
digest:
- description: |-
- Digest is the value used to replace the original image tag.
- If digest is present NewTag value is ignored.
+ description: Digest is the value used to replace the original
+ image tag. If digest is present NewTag value is ignored.
type: string
name:
description: Name is a tag-less image name.
type: object
type: array
interval:
- description: |-
- The interval at which to reconcile the Kustomization.
+ description: The interval at which to reconcile the Kustomization.
This interval is approximate and may be subject to jitter to ensure
efficient use of resources.
pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$
type: string
kubeConfig:
- description: |-
- The KubeConfig for reconciling the Kustomization on a remote cluster.
- When used in combination with KustomizationSpec.ServiceAccountName,
- forces the controller to act on behalf of that Service Account at the
- target cluster.
- If the --default-service-account flag is set, its value will be used as
- a controller level fallback for when KustomizationSpec.ServiceAccountName
+ description: The KubeConfig for reconciling the Kustomization on a
+ remote cluster. When used in combination with KustomizationSpec.ServiceAccountName,
+ forces the controller to act on behalf of that Service Account at
+ the target cluster. If the --default-service-account flag is set,
+ its value will be used as a controller level fallback for when KustomizationSpec.ServiceAccountName
is empty.
properties:
secretRef:
- description: |-
- SecretRef holds the name of a secret that contains a key with
- the kubeconfig file as the value. If no key is set, the key will default
- to 'value'.
- It is recommended that the kubeconfig is self-contained, and the secret
- is regularly updated if credentials such as a cloud-access-token expire.
- Cloud specific `cmd-path` auth helpers will not function without adding
- binaries and credentials to the Pod that is responsible for reconciling
+ description: SecretRef holds the name of a secret that contains
+ a key with the kubeconfig file as the value. If no key is set,
+ the key will default to 'value'. It is recommended that the
+ kubeconfig is self-contained, and the secret is regularly updated
+ if credentials such as a cloud-access-token expire. Cloud specific
+ `cmd-path` auth helpers will not function without adding binaries
+ and credentials to the Pod that is responsible for reconciling
Kubernetes resources.
properties:
key:
required:
- secretRef
type: object
- namePrefix:
- description: NamePrefix will prefix the names of all managed resources.
- maxLength: 200
- minLength: 1
- type: string
- nameSuffix:
- description: NameSuffix will suffix the names of all managed resources.
- maxLength: 200
- minLength: 1
- type: string
patches:
- description: |-
- Strategic merge and JSON patches, defined as inline YAML objects,
- capable of targeting objects based on kind, label and annotation selectors.
+ description: Strategic merge and JSON patches, defined as inline YAML
+ objects, capable of targeting objects based on kind, label and annotation
+ selectors.
items:
- description: |-
- Patch contains an inline StrategicMerge or JSON6902 patch, and the target the patch should
- be applied to.
+ description: Patch contains an inline StrategicMerge or JSON6902
+ patch, and the target the patch should be applied to.
properties:
patch:
- description: |-
- Patch contains an inline StrategicMerge patch or an inline JSON6902 patch with
- an array of operation objects.
+ description: Patch contains an inline StrategicMerge patch or
+ an inline JSON6902 patch with an array of operation objects.
type: string
target:
description: Target points to the resources that the patch document
should be applied to.
properties:
annotationSelector:
- description: |-
- AnnotationSelector is a string that follows the label selection expression
- https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#api
+ description: AnnotationSelector is a string that follows
+ the label selection expression https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#api
It matches with the resource annotations.
type: string
group:
- description: |-
- Group is the API group to select resources from.
- Together with Version and Kind it is capable of unambiguously identifying and/or selecting resources.
+ description: Group is the API group to select resources
+ from. Together with Version and Kind it is capable of
+ unambiguously identifying and/or selecting resources.
https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md
type: string
kind:
- description: |-
- Kind of the API Group to select resources from.
+ description: Kind of the API Group to select resources from.
Together with Group and Version it is capable of unambiguously
- identifying and/or selecting resources.
- https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md
+ identifying and/or selecting resources. https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md
type: string
labelSelector:
- description: |-
- LabelSelector is a string that follows the label selection expression
- https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#api
+ description: LabelSelector is a string that follows the
+ label selection expression https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#api
It matches with the resource labels.
type: string
name:
description: Namespace to select resources from.
type: string
version:
- description: |-
- Version of the API Group to select resources from.
- Together with Group and Kind it is capable of unambiguously identifying and/or selecting resources.
- https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md
+ description: Version of the API Group to select resources
+ from. Together with Group and Kind it is capable of unambiguously
+ identifying and/or selecting resources. https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md
type: string
type: object
required:
type: object
type: array
path:
- description: |-
- Path to the directory containing the kustomization.yaml file, or the
- set of plain YAMLs a kustomization.yaml should be generated for.
- Defaults to 'None', which translates to the root path of the SourceRef.
+ description: Path to the directory containing the kustomization.yaml
+ file, or the set of plain YAMLs a kustomization.yaml should be generated
+ for. Defaults to 'None', which translates to the root path of the
+ SourceRef.
type: string
postBuild:
- description: |-
- PostBuild describes which actions to perform on the YAML manifest
- generated by building the kustomize overlay.
+ description: PostBuild describes which actions to perform on the YAML
+ manifest generated by building the kustomize overlay.
properties:
substitute:
additionalProperties:
type: string
- description: |-
- Substitute holds a map of key/value pairs.
- The variables defined in your YAML manifests that match any of the keys
- defined in the map will be substituted with the set value.
- Includes support for bash string replacement functions
- e.g. ${var:=default}, ${var:position} and ${var/substring/replacement}.
+ description: Substitute holds a map of key/value pairs. The variables
+ defined in your YAML manifests that match any of the keys defined
+ in the map will be substituted with the set value. Includes
+ support for bash string replacement functions e.g. ${var:=default},
+ ${var:position} and ${var/substring/replacement}.
type: object
substituteFrom:
- description: |-
- SubstituteFrom holds references to ConfigMaps and Secrets containing
- the variables and their values to be substituted in the YAML manifests.
- The ConfigMap and the Secret data keys represent the var names, and they
- must match the vars declared in the manifests for the substitution to
- happen.
+ description: SubstituteFrom holds references to ConfigMaps and
+ Secrets containing the variables and their values to be substituted
+ in the YAML manifests. The ConfigMap and the Secret data keys
+ represent the var names, and they must match the vars declared
+ in the manifests for the substitution to happen.
items:
- description: |-
- SubstituteReference contains a reference to a resource containing
- the variables name and value.
+ description: SubstituteReference contains a reference to a resource
+ containing the variables name and value.
properties:
kind:
description: Kind of the values referent, valid values are
- ConfigMap
type: string
name:
- description: |-
- Name of the values referent. Should reside in the same namespace as the
- referring resource.
+ description: Name of the values referent. Should reside
+ in the same namespace as the referring resource.
maxLength: 253
minLength: 1
type: string
optional:
default: false
- description: |-
- Optional indicates whether the referenced resource must exist, or whether to
- tolerate its absence. If true and the referenced resource is absent, proceed
- as if the resource was present but empty, without any variables defined.
+ description: Optional indicates whether the referenced resource
+ must exist, or whether to tolerate its absence. If true
+ and the referenced resource is absent, proceed as if the
+ resource was present but empty, without any variables
+ defined.
type: boolean
required:
- kind
description: Prune enables garbage collection.
type: boolean
retryInterval:
- description: |-
- The interval at which to retry a previously failed reconciliation.
+ description: The interval at which to retry a previously failed reconciliation.
When not specified, the controller uses the KustomizationSpec.Interval
value to retry failures.
pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$
type: string
serviceAccountName:
- description: |-
- The name of the Kubernetes service account to impersonate
+ description: The name of the Kubernetes service account to impersonate
when reconciling this Kustomization.
type: string
sourceRef:
description: Name of the referent.
type: string
namespace:
- description: |-
- Namespace of the referent, defaults to the namespace of the Kubernetes
- resource object that contains the reference.
+ description: Namespace of the referent, defaults to the namespace
+ of the Kubernetes resource object that contains the reference.
type: string
required:
- kind
- name
type: object
suspend:
- description: |-
- This flag tells the controller to suspend subsequent kustomize executions,
- it does not apply to already started executions. Defaults to false.
+ description: This flag tells the controller to suspend subsequent
+ kustomize executions, it does not apply to already started executions.
+ Defaults to false.
type: boolean
targetNamespace:
- description: |-
- TargetNamespace sets or overrides the namespace in the
+ description: TargetNamespace sets or overrides the namespace in the
kustomization.yaml file.
maxLength: 63
minLength: 1
type: string
timeout:
- description: |-
- Timeout for validation, apply and health checking operations.
+ description: Timeout for validation, apply and health checking operations.
Defaults to 'Interval' duration.
pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$
type: string
wait:
- description: |-
- Wait instructs the controller to check the health of all the reconciled
- resources. When enabled, the HealthChecks are ignored. Defaults to false.
+ description: Wait instructs the controller to check the health of
+ all the reconciled resources. When enabled, the HealthChecks are
+ ignored. Defaults to false.
type: boolean
required:
- interval
properties:
conditions:
items:
- description: Condition contains details for one aspect of the current
- state of this API Resource.
+ description: "Condition contains details for one aspect of the current
+ state of this API Resource. --- This struct is intended for direct
+ use as an array at the field path .status.conditions. For example,
+ \n type FooStatus struct{ // Represents the observations of a
+ foo's current state. // Known .status.conditions.type are: \"Available\",
+ \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge
+ // +listType=map // +listMapKey=type Conditions []metav1.Condition
+ `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\"
+ protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }"
properties:
lastTransitionTime:
- description: |-
- lastTransitionTime is the last time the condition transitioned from one status to another.
- This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable.
+ description: lastTransitionTime is the last time the condition
+ transitioned from one status to another. This should be when
+ the underlying condition changed. If that is not known, then
+ using the time when the API field changed is acceptable.
format: date-time
type: string
message:
- description: |-
- message is a human readable message indicating details about the transition.
- This may be an empty string.
+ description: message is a human readable message indicating
+ details about the transition. This may be an empty string.
maxLength: 32768
type: string
observedGeneration:
- description: |-
- observedGeneration represents the .metadata.generation that the condition was set based upon.
- For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date
- with respect to the current state of the instance.
+ description: observedGeneration represents the .metadata.generation
+ that the condition was set based upon. For instance, if .metadata.generation
+ is currently 12, but the .status.conditions[x].observedGeneration
+ is 9, the condition is out of date with respect to the current
+ state of the instance.
format: int64
minimum: 0
type: integer
reason:
- description: |-
- reason contains a programmatic identifier indicating the reason for the condition's last transition.
- Producers of specific condition types may define expected values and meanings for this field,
- and whether the values are considered a guaranteed API.
- The value should be a CamelCase string.
+ description: reason contains a programmatic identifier indicating
+ the reason for the condition's last transition. Producers
+ of specific condition types may define expected values and
+ meanings for this field, and whether the values are considered
+ a guaranteed API. The value should be a CamelCase string.
This field may not be empty.
maxLength: 1024
minLength: 1
type: string
type:
description: type of condition in CamelCase or in foo.example.com/CamelCase.
+ --- Many .condition.type values are consistent across resources
+ like Available, but because arbitrary conditions can be useful
+ (see .node.status.conditions), the ability to deconflict is
+ important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt)
maxLength: 316
pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$
type: string
type: object
type: array
inventory:
- description: |-
- Inventory contains the list of Kubernetes resource object references that
- have been successfully applied.
+ description: Inventory contains the list of Kubernetes resource object
+ references that have been successfully applied.
properties:
entries:
description: Entries of Kubernetes resource object references.
to locate a resource within a cluster.
properties:
id:
- description: |-
- ID is the string representation of the Kubernetes resource object's metadata,
- in the format '<namespace>_<name>_<group>_<kind>'.
+ description: ID is the string representation of the Kubernetes
+ resource object's metadata, in the format '<namespace>_<name>_<group>_<kind>'.
type: string
v:
description: Version is the API version of the Kubernetes
- entries
type: object
lastAppliedRevision:
- description: |-
- The last successfully applied revision.
- Equals the Revision of the applied Artifact from the referenced Source.
+ description: The last successfully applied revision. Equals the Revision
+ of the applied Artifact from the referenced Source.
type: string
lastAttemptedRevision:
description: LastAttemptedRevision is the revision of the last reconciliation
attempt.
type: string
lastHandledReconcileAt:
- description: |-
- LastHandledReconcileAt holds the value of the most recent
- reconcile request value, so a change of the annotation value
- can be detected.
+ description: LastHandledReconcileAt holds the value of the most recent
+ reconcile request value, so a change of the annotation value can
+ be detected.
type: string
observedGeneration:
description: ObservedGeneration is the last reconciled generation.
description: Kustomization is the Schema for the kustomizations API.
properties:
apiVersion:
- description: |-
- APIVersion defines the versioned schema of this representation of an object.
- Servers should convert recognized schemas to the latest internal value, and
- may reject unrecognized values.
- More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
+ description: 'APIVersion defines the versioned schema of this representation
+ of an object. Servers should convert recognized schemas to the latest
+ internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
type: string
kind:
- description: |-
- Kind is a string value representing the REST resource this object represents.
- Servers may infer this from the endpoint the client submits requests to.
- Cannot be updated.
- In CamelCase.
- More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
+ description: 'Kind is a string value representing the REST resource this
+ object represents. Servers may infer this from the endpoint the client
+ submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
type: string
metadata:
type: object
- provider
type: object
dependsOn:
- description: |-
- DependsOn may contain a meta.NamespacedObjectReference slice
- with references to Kustomization resources that must be ready before this
- Kustomization can be reconciled.
+ description: DependsOn may contain a meta.NamespacedObjectReference
+ slice with references to Kustomization resources that must be ready
+ before this Kustomization can be reconciled.
items:
- description: |-
- NamespacedObjectReference contains enough information to locate the referenced Kubernetes resource object in any
- namespace.
+ description: NamespacedObjectReference contains enough information
+ to locate the referenced Kubernetes resource object in any namespace.
properties:
name:
description: Name of the referent.
type: array
force:
default: false
- description: |-
- Force instructs the controller to recreate resources
+ description: Force instructs the controller to recreate resources
when patching fails due to an immutable field change.
type: boolean
healthChecks:
description: A list of resources to be included in the health assessment.
items:
- description: |-
- NamespacedObjectKindReference contains enough information to locate the typed referenced Kubernetes resource object
- in any namespace.
+ description: NamespacedObjectKindReference contains enough information
+ to locate the typed referenced Kubernetes resource object in any
+ namespace.
properties:
apiVersion:
description: API version of the referent, if not specified the
type: object
type: array
images:
- description: |-
- Images is a list of (image name, new name, new tag or digest)
- for changing image names, tags or digests. This can also be achieved with a
- patch, but this operator is simpler to specify.
+ description: Images is a list of (image name, new name, new tag or
+ digest) for changing image names, tags or digests. This can also
+ be achieved with a patch, but this operator is simpler to specify.
items:
description: Image contains an image name, a new name, a new tag
or digest, which will replace the original name and tag.
properties:
digest:
- description: |-
- Digest is the value used to replace the original image tag.
- If digest is present NewTag value is ignored.
+ description: Digest is the value used to replace the original
+ image tag. If digest is present NewTag value is ignored.
type: string
name:
description: Name is a tag-less image name.
description: The interval at which to reconcile the Kustomization.
type: string
kubeConfig:
- description: |-
- The KubeConfig for reconciling the Kustomization on a remote cluster.
- When specified, KubeConfig takes precedence over ServiceAccountName.
+ description: The KubeConfig for reconciling the Kustomization on a
+ remote cluster. When specified, KubeConfig takes precedence over
+ ServiceAccountName.
properties:
secretRef:
- description: |-
- SecretRef holds the name to a secret that contains a 'value' key with
- the kubeconfig file as the value. It must be in the same namespace as
- the Kustomization.
- It is recommended that the kubeconfig is self-contained, and the secret
- is regularly updated if credentials such as a cloud-access-token expire.
- Cloud specific `cmd-path` auth helpers will not function without adding
- binaries and credentials to the Pod that is responsible for reconciling
- the Kustomization.
+ description: SecretRef holds the name to a secret that contains
+ a 'value' key with the kubeconfig file as the value. It must
+ be in the same namespace as the Kustomization. It is recommended
+ that the kubeconfig is self-contained, and the secret is regularly
+ updated if credentials such as a cloud-access-token expire.
+ Cloud specific `cmd-path` auth helpers will not function without
+ adding binaries and credentials to the Pod that is responsible
+ for reconciling the Kustomization.
properties:
name:
description: Name of the referent.
required:
- name
type: object
- required:
- - secretRef
type: object
patches:
- description: |-
- Strategic merge and JSON patches, defined as inline YAML objects,
- capable of targeting objects based on kind, label and annotation selectors.
+ description: Strategic merge and JSON patches, defined as inline YAML
+ objects, capable of targeting objects based on kind, label and annotation
+ selectors.
items:
- description: |-
- Patch contains an inline StrategicMerge or JSON6902 patch, and the target the patch should
- be applied to.
+ description: Patch contains an inline StrategicMerge or JSON6902
+ patch, and the target the patch should be applied to.
properties:
patch:
- description: |-
- Patch contains an inline StrategicMerge patch or an inline JSON6902 patch with
- an array of operation objects.
+ description: Patch contains an inline StrategicMerge patch or
+ an inline JSON6902 patch with an array of operation objects.
type: string
target:
description: Target points to the resources that the patch document
should be applied to.
properties:
annotationSelector:
- description: |-
- AnnotationSelector is a string that follows the label selection expression
- https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#api
+ description: AnnotationSelector is a string that follows
+ the label selection expression https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#api
It matches with the resource annotations.
type: string
group:
- description: |-
- Group is the API group to select resources from.
- Together with Version and Kind it is capable of unambiguously identifying and/or selecting resources.
+ description: Group is the API group to select resources
+ from. Together with Version and Kind it is capable of
+ unambiguously identifying and/or selecting resources.
https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md
type: string
kind:
- description: |-
- Kind of the API Group to select resources from.
+ description: Kind of the API Group to select resources from.
Together with Group and Version it is capable of unambiguously
- identifying and/or selecting resources.
- https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md
+ identifying and/or selecting resources. https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md
type: string
labelSelector:
- description: |-
- LabelSelector is a string that follows the label selection expression
- https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#api
+ description: LabelSelector is a string that follows the
+ label selection expression https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#api
It matches with the resource labels.
type: string
name:
description: Namespace to select resources from.
type: string
version:
- description: |-
- Version of the API Group to select resources from.
- Together with Group and Kind it is capable of unambiguously identifying and/or selecting resources.
- https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md
+ description: Version of the API Group to select resources
+ from. Together with Group and Kind it is capable of unambiguously
+ identifying and/or selecting resources. https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md
type: string
type: object
required:
description: Patch contains the JSON6902 patch document with
an array of operation objects.
items:
- description: |-
- JSON6902 is a JSON6902 operation object.
- https://datatracker.ietf.org/doc/html/rfc6902#section-4
+ description: JSON6902 is a JSON6902 operation object. https://datatracker.ietf.org/doc/html/rfc6902#section-4
properties:
from:
- description: |-
- From contains a JSON-pointer value that references a location within the target document where the operation is
- performed. The meaning of the value depends on the value of Op, and is NOT taken into account by all operations.
+ description: From contains a JSON-pointer value that references
+ a location within the target document where the operation
+ is performed. The meaning of the value depends on the
+ value of Op, and is NOT taken into account by all operations.
type: string
op:
- description: |-
- Op indicates the operation to perform. Its value MUST be one of "add", "remove", "replace", "move", "copy", or
- "test".
- https://datatracker.ietf.org/doc/html/rfc6902#section-4
+ description: Op indicates the operation to perform. Its
+ value MUST be one of "add", "remove", "replace", "move",
+ "copy", or "test". https://datatracker.ietf.org/doc/html/rfc6902#section-4
enum:
- test
- remove
- copy
type: string
path:
- description: |-
- Path contains the JSON-pointer value that references a location within the target document where the operation
- is performed. The meaning of the value depends on the value of Op.
+ description: Path contains the JSON-pointer value that
+ references a location within the target document where
+ the operation is performed. The meaning of the value
+ depends on the value of Op.
type: string
value:
- description: |-
- Value contains a valid JSON structure. The meaning of the value depends on the value of Op, and is NOT taken into
- account by all operations.
+ description: Value contains a valid JSON structure. The
+ meaning of the value depends on the value of Op, and
+ is NOT taken into account by all operations.
x-kubernetes-preserve-unknown-fields: true
required:
- op
should be applied to.
properties:
annotationSelector:
- description: |-
- AnnotationSelector is a string that follows the label selection expression
- https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#api
+ description: AnnotationSelector is a string that follows
+ the label selection expression https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#api
It matches with the resource annotations.
type: string
group:
- description: |-
- Group is the API group to select resources from.
- Together with Version and Kind it is capable of unambiguously identifying and/or selecting resources.
+ description: Group is the API group to select resources
+ from. Together with Version and Kind it is capable of
+ unambiguously identifying and/or selecting resources.
https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md
type: string
kind:
- description: |-
- Kind of the API Group to select resources from.
+ description: Kind of the API Group to select resources from.
Together with Group and Version it is capable of unambiguously
- identifying and/or selecting resources.
- https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md
+ identifying and/or selecting resources. https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md
type: string
labelSelector:
- description: |-
- LabelSelector is a string that follows the label selection expression
- https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#api
+ description: LabelSelector is a string that follows the
+ label selection expression https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#api
It matches with the resource labels.
type: string
name:
description: Namespace to select resources from.
type: string
version:
- description: |-
- Version of the API Group to select resources from.
- Together with Group and Kind it is capable of unambiguously identifying and/or selecting resources.
- https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md
+ description: Version of the API Group to select resources
+ from. Together with Group and Kind it is capable of unambiguously
+ identifying and/or selecting resources. https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md
type: string
type: object
required:
x-kubernetes-preserve-unknown-fields: true
type: array
path:
- description: |-
- Path to the directory containing the kustomization.yaml file, or the
- set of plain YAMLs a kustomization.yaml should be generated for.
- Defaults to 'None', which translates to the root path of the SourceRef.
+ description: Path to the directory containing the kustomization.yaml
+ file, or the set of plain YAMLs a kustomization.yaml should be generated
+ for. Defaults to 'None', which translates to the root path of the
+ SourceRef.
type: string
postBuild:
- description: |-
- PostBuild describes which actions to perform on the YAML manifest
- generated by building the kustomize overlay.
+ description: PostBuild describes which actions to perform on the YAML
+ manifest generated by building the kustomize overlay.
properties:
substitute:
additionalProperties:
type: string
- description: |-
- Substitute holds a map of key/value pairs.
- The variables defined in your YAML manifests
- that match any of the keys defined in the map
- will be substituted with the set value.
- Includes support for bash string replacement functions
- e.g. ${var:=default}, ${var:position} and ${var/substring/replacement}.
+ description: Substitute holds a map of key/value pairs. The variables
+ defined in your YAML manifests that match any of the keys defined
+ in the map will be substituted with the set value. Includes
+ support for bash string replacement functions e.g. ${var:=default},
+ ${var:position} and ${var/substring/replacement}.
type: object
substituteFrom:
- description: |-
- SubstituteFrom holds references to ConfigMaps and Secrets containing
- the variables and their values to be substituted in the YAML manifests.
- The ConfigMap and the Secret data keys represent the var names and they
- must match the vars declared in the manifests for the substitution to happen.
+ description: SubstituteFrom holds references to ConfigMaps and
+ Secrets containing the variables and their values to be substituted
+ in the YAML manifests. The ConfigMap and the Secret data keys
+ represent the var names and they must match the vars declared
+ in the manifests for the substitution to happen.
items:
- description: |-
- SubstituteReference contains a reference to a resource containing
- the variables name and value.
+ description: SubstituteReference contains a reference to a resource
+ containing the variables name and value.
properties:
kind:
description: Kind of the values referent, valid values are
- ConfigMap
type: string
name:
- description: |-
- Name of the values referent. Should reside in the same namespace as the
- referring resource.
+ description: Name of the values referent. Should reside
+ in the same namespace as the referring resource.
maxLength: 253
minLength: 1
type: string
description: Prune enables garbage collection.
type: boolean
retryInterval:
- description: |-
- The interval at which to retry a previously failed reconciliation.
+ description: The interval at which to retry a previously failed reconciliation.
When not specified, the controller uses the KustomizationSpec.Interval
value to retry failures.
type: string
serviceAccountName:
- description: |-
- The name of the Kubernetes service account to impersonate
+ description: The name of the Kubernetes service account to impersonate
when reconciling this Kustomization.
type: string
sourceRef:
- name
type: object
suspend:
- description: |-
- This flag tells the controller to suspend subsequent kustomize executions,
- it does not apply to already started executions. Defaults to false.
+ description: This flag tells the controller to suspend subsequent
+ kustomize executions, it does not apply to already started executions.
+ Defaults to false.
type: boolean
targetNamespace:
- description: |-
- TargetNamespace sets or overrides the namespace in the
+ description: TargetNamespace sets or overrides the namespace in the
kustomization.yaml file.
maxLength: 63
minLength: 1
type: string
timeout:
- description: |-
- Timeout for validation, apply and health checking operations.
+ description: Timeout for validation, apply and health checking operations.
Defaults to 'Interval' duration.
type: string
validation:
- description: |-
- Validate the Kubernetes objects before applying them on the cluster.
- The validation strategy can be 'client' (local dry-run), 'server'
- (APIServer dry-run) or 'none'.
- When 'Force' is 'true', validation will fallback to 'client' if set to
- 'server' because server-side validation is not supported in this scenario.
+ description: Validate the Kubernetes objects before applying them
+ on the cluster. The validation strategy can be 'client' (local dry-run),
+ 'server' (APIServer dry-run) or 'none'. When 'Force' is 'true',
+ validation will fallback to 'client' if set to 'server' because
+ server-side validation is not supported in this scenario.
enum:
- none
- client
properties:
conditions:
items:
- description: Condition contains details for one aspect of the current
- state of this API Resource.
+ description: "Condition contains details for one aspect of the current
+ state of this API Resource. --- This struct is intended for direct
+ use as an array at the field path .status.conditions. For example,
+ \n type FooStatus struct{ // Represents the observations of a
+ foo's current state. // Known .status.conditions.type are: \"Available\",
+ \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge
+ // +listType=map // +listMapKey=type Conditions []metav1.Condition
+ `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\"
+ protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }"
properties:
lastTransitionTime:
- description: |-
- lastTransitionTime is the last time the condition transitioned from one status to another.
- This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable.
+ description: lastTransitionTime is the last time the condition
+ transitioned from one status to another. This should be when
+ the underlying condition changed. If that is not known, then
+ using the time when the API field changed is acceptable.
format: date-time
type: string
message:
- description: |-
- message is a human readable message indicating details about the transition.
- This may be an empty string.
+ description: message is a human readable message indicating
+ details about the transition. This may be an empty string.
maxLength: 32768
type: string
observedGeneration:
- description: |-
- observedGeneration represents the .metadata.generation that the condition was set based upon.
- For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date
- with respect to the current state of the instance.
+ description: observedGeneration represents the .metadata.generation
+ that the condition was set based upon. For instance, if .metadata.generation
+ is currently 12, but the .status.conditions[x].observedGeneration
+ is 9, the condition is out of date with respect to the current
+ state of the instance.
format: int64
minimum: 0
type: integer
reason:
- description: |-
- reason contains a programmatic identifier indicating the reason for the condition's last transition.
- Producers of specific condition types may define expected values and meanings for this field,
- and whether the values are considered a guaranteed API.
- The value should be a CamelCase string.
+ description: reason contains a programmatic identifier indicating
+ the reason for the condition's last transition. Producers
+ of specific condition types may define expected values and
+ meanings for this field, and whether the values are considered
+ a guaranteed API. The value should be a CamelCase string.
This field may not be empty.
maxLength: 1024
minLength: 1
type: string
type:
description: type of condition in CamelCase or in foo.example.com/CamelCase.
+ --- Many .condition.type values are consistent across resources
+ like Available, but because arbitrary conditions can be useful
+ (see .node.status.conditions), the ability to deconflict is
+ important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt)
maxLength: 316
pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$
type: string
type: object
type: array
lastAppliedRevision:
- description: |-
- The last successfully applied revision.
- The revision format for Git sources is <branch|tag>/<commit-sha>.
+ description: The last successfully applied revision. The revision
+ format for Git sources is <branch|tag>/<commit-sha>.
type: string
lastAttemptedRevision:
description: LastAttemptedRevision is the revision of the last reconciliation
attempt.
type: string
lastHandledReconcileAt:
- description: |-
- LastHandledReconcileAt holds the value of the most recent
- reconcile request value, so a change of the annotation value
- can be detected.
+ description: LastHandledReconcileAt holds the value of the most recent
+ reconcile request value, so a change of the annotation value can
+ be detected.
type: string
observedGeneration:
description: ObservedGeneration is the last reconciled generation.
entries:
description: A list of Kubernetes kinds grouped by namespace.
items:
- description: |-
- Snapshot holds the metadata of namespaced
- Kubernetes objects
+ description: Snapshot holds the metadata of namespaced Kubernetes
+ objects
properties:
kinds:
additionalProperties:
description: Kustomization is the Schema for the kustomizations API.
properties:
apiVersion:
- description: |-
- APIVersion defines the versioned schema of this representation of an object.
- Servers should convert recognized schemas to the latest internal value, and
- may reject unrecognized values.
- More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
+ description: 'APIVersion defines the versioned schema of this representation
+ of an object. Servers should convert recognized schemas to the latest
+ internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
type: string
kind:
- description: |-
- Kind is a string value representing the REST resource this object represents.
- Servers may infer this from the endpoint the client submits requests to.
- Cannot be updated.
- In CamelCase.
- More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
+ description: 'Kind is a string value representing the REST resource this
+ object represents. Servers may infer this from the endpoint the client
+ submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
type: string
metadata:
type: object
the desired state from a Source using Kustomize.
properties:
commonMetadata:
- description: |-
- CommonMetadata specifies the common labels and annotations that are applied to all resources.
- Any existing label or annotation will be overridden if its key matches a common one.
+ description: CommonMetadata specifies the common labels and annotations
+ that are applied to all resources. Any existing label or annotation
+ will be overridden if its key matches a common one.
properties:
annotations:
additionalProperties:
- provider
type: object
dependsOn:
- description: |-
- DependsOn may contain a meta.NamespacedObjectReference slice
- with references to Kustomization resources that must be ready before this
- Kustomization can be reconciled.
+ description: DependsOn may contain a meta.NamespacedObjectReference
+ slice with references to Kustomization resources that must be ready
+ before this Kustomization can be reconciled.
items:
- description: |-
- NamespacedObjectReference contains enough information to locate the referenced Kubernetes resource object in any
- namespace.
+ description: NamespacedObjectReference contains enough information
+ to locate the referenced Kubernetes resource object in any namespace.
properties:
name:
description: Name of the referent.
type: array
force:
default: false
- description: |-
- Force instructs the controller to recreate resources
+ description: Force instructs the controller to recreate resources
when patching fails due to an immutable field change.
type: boolean
healthChecks:
description: A list of resources to be included in the health assessment.
items:
- description: |-
- NamespacedObjectKindReference contains enough information to locate the typed referenced Kubernetes resource object
- in any namespace.
+ description: NamespacedObjectKindReference contains enough information
+ to locate the typed referenced Kubernetes resource object in any
+ namespace.
properties:
apiVersion:
description: API version of the referent, if not specified the
type: object
type: array
images:
- description: |-
- Images is a list of (image name, new name, new tag or digest)
- for changing image names, tags or digests. This can also be achieved with a
- patch, but this operator is simpler to specify.
+ description: Images is a list of (image name, new name, new tag or
+ digest) for changing image names, tags or digests. This can also
+ be achieved with a patch, but this operator is simpler to specify.
items:
description: Image contains an image name, a new name, a new tag
or digest, which will replace the original name and tag.
properties:
digest:
- description: |-
- Digest is the value used to replace the original image tag.
- If digest is present NewTag value is ignored.
+ description: Digest is the value used to replace the original
+ image tag. If digest is present NewTag value is ignored.
type: string
name:
description: Name is a tag-less image name.
pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$
type: string
kubeConfig:
- description: |-
- The KubeConfig for reconciling the Kustomization on a remote cluster.
- When used in combination with KustomizationSpec.ServiceAccountName,
- forces the controller to act on behalf of that Service Account at the
- target cluster.
- If the --default-service-account flag is set, its value will be used as
- a controller level fallback for when KustomizationSpec.ServiceAccountName
+ description: The KubeConfig for reconciling the Kustomization on a
+ remote cluster. When used in combination with KustomizationSpec.ServiceAccountName,
+ forces the controller to act on behalf of that Service Account at
+ the target cluster. If the --default-service-account flag is set,
+ its value will be used as a controller level fallback for when KustomizationSpec.ServiceAccountName
is empty.
properties:
secretRef:
- description: |-
- SecretRef holds the name of a secret that contains a key with
- the kubeconfig file as the value. If no key is set, the key will default
- to 'value'.
- It is recommended that the kubeconfig is self-contained, and the secret
- is regularly updated if credentials such as a cloud-access-token expire.
- Cloud specific `cmd-path` auth helpers will not function without adding
- binaries and credentials to the Pod that is responsible for reconciling
+ description: SecretRef holds the name of a secret that contains
+ a key with the kubeconfig file as the value. If no key is set,
+ the key will default to 'value'. It is recommended that the
+ kubeconfig is self-contained, and the secret is regularly updated
+ if credentials such as a cloud-access-token expire. Cloud specific
+ `cmd-path` auth helpers will not function without adding binaries
+ and credentials to the Pod that is responsible for reconciling
Kubernetes resources.
properties:
key:
- secretRef
type: object
patches:
- description: |-
- Strategic merge and JSON patches, defined as inline YAML objects,
- capable of targeting objects based on kind, label and annotation selectors.
+ description: Strategic merge and JSON patches, defined as inline YAML
+ objects, capable of targeting objects based on kind, label and annotation
+ selectors.
items:
- description: |-
- Patch contains an inline StrategicMerge or JSON6902 patch, and the target the patch should
- be applied to.
+ description: Patch contains an inline StrategicMerge or JSON6902
+ patch, and the target the patch should be applied to.
properties:
patch:
- description: |-
- Patch contains an inline StrategicMerge patch or an inline JSON6902 patch with
- an array of operation objects.
+ description: Patch contains an inline StrategicMerge patch or
+ an inline JSON6902 patch with an array of operation objects.
type: string
target:
description: Target points to the resources that the patch document
should be applied to.
properties:
annotationSelector:
- description: |-
- AnnotationSelector is a string that follows the label selection expression
- https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#api
+ description: AnnotationSelector is a string that follows
+ the label selection expression https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#api
It matches with the resource annotations.
type: string
group:
- description: |-
- Group is the API group to select resources from.
- Together with Version and Kind it is capable of unambiguously identifying and/or selecting resources.
+ description: Group is the API group to select resources
+ from. Together with Version and Kind it is capable of
+ unambiguously identifying and/or selecting resources.
https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md
type: string
kind:
- description: |-
- Kind of the API Group to select resources from.
+ description: Kind of the API Group to select resources from.
Together with Group and Version it is capable of unambiguously
- identifying and/or selecting resources.
- https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md
+ identifying and/or selecting resources. https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md
type: string
labelSelector:
- description: |-
- LabelSelector is a string that follows the label selection expression
- https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#api
+ description: LabelSelector is a string that follows the
+ label selection expression https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#api
It matches with the resource labels.
type: string
name:
description: Namespace to select resources from.
type: string
version:
- description: |-
- Version of the API Group to select resources from.
- Together with Group and Kind it is capable of unambiguously identifying and/or selecting resources.
- https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md
+ description: Version of the API Group to select resources
+ from. Together with Group and Kind it is capable of unambiguously
+ identifying and/or selecting resources. https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md
type: string
type: object
required:
type: object
type: array
patchesJson6902:
- description: |-
- JSON 6902 patches, defined as inline YAML objects.
- Deprecated: Use Patches instead.
+ description: 'JSON 6902 patches, defined as inline YAML objects. Deprecated:
+ Use Patches instead.'
items:
description: JSON6902Patch contains a JSON6902 patch and the target
the patch should be applied to.
description: Patch contains the JSON6902 patch document with
an array of operation objects.
items:
- description: |-
- JSON6902 is a JSON6902 operation object.
- https://datatracker.ietf.org/doc/html/rfc6902#section-4
+ description: JSON6902 is a JSON6902 operation object. https://datatracker.ietf.org/doc/html/rfc6902#section-4
properties:
from:
- description: |-
- From contains a JSON-pointer value that references a location within the target document where the operation is
- performed. The meaning of the value depends on the value of Op, and is NOT taken into account by all operations.
+ description: From contains a JSON-pointer value that references
+ a location within the target document where the operation
+ is performed. The meaning of the value depends on the
+ value of Op, and is NOT taken into account by all operations.
type: string
op:
- description: |-
- Op indicates the operation to perform. Its value MUST be one of "add", "remove", "replace", "move", "copy", or
- "test".
- https://datatracker.ietf.org/doc/html/rfc6902#section-4
+ description: Op indicates the operation to perform. Its
+ value MUST be one of "add", "remove", "replace", "move",
+ "copy", or "test". https://datatracker.ietf.org/doc/html/rfc6902#section-4
enum:
- test
- remove
- copy
type: string
path:
- description: |-
- Path contains the JSON-pointer value that references a location within the target document where the operation
- is performed. The meaning of the value depends on the value of Op.
+ description: Path contains the JSON-pointer value that
+ references a location within the target document where
+ the operation is performed. The meaning of the value
+ depends on the value of Op.
type: string
value:
- description: |-
- Value contains a valid JSON structure. The meaning of the value depends on the value of Op, and is NOT taken into
- account by all operations.
+ description: Value contains a valid JSON structure. The
+ meaning of the value depends on the value of Op, and
+ is NOT taken into account by all operations.
x-kubernetes-preserve-unknown-fields: true
required:
- op
should be applied to.
properties:
annotationSelector:
- description: |-
- AnnotationSelector is a string that follows the label selection expression
- https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#api
+ description: AnnotationSelector is a string that follows
+ the label selection expression https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#api
It matches with the resource annotations.
type: string
group:
- description: |-
- Group is the API group to select resources from.
- Together with Version and Kind it is capable of unambiguously identifying and/or selecting resources.
+ description: Group is the API group to select resources
+ from. Together with Version and Kind it is capable of
+ unambiguously identifying and/or selecting resources.
https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md
type: string
kind:
- description: |-
- Kind of the API Group to select resources from.
+ description: Kind of the API Group to select resources from.
Together with Group and Version it is capable of unambiguously
- identifying and/or selecting resources.
- https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md
+ identifying and/or selecting resources. https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md
type: string
labelSelector:
- description: |-
- LabelSelector is a string that follows the label selection expression
- https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#api
+ description: LabelSelector is a string that follows the
+ label selection expression https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#api
It matches with the resource labels.
type: string
name:
description: Namespace to select resources from.
type: string
version:
- description: |-
- Version of the API Group to select resources from.
- Together with Group and Kind it is capable of unambiguously identifying and/or selecting resources.
- https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md
+ description: Version of the API Group to select resources
+ from. Together with Group and Kind it is capable of unambiguously
+ identifying and/or selecting resources. https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md
type: string
type: object
required:
type: object
type: array
patchesStrategicMerge:
- description: |-
- Strategic merge patches, defined as inline YAML objects.
- Deprecated: Use Patches instead.
+ description: 'Strategic merge patches, defined as inline YAML objects.
+ Deprecated: Use Patches instead.'
items:
x-kubernetes-preserve-unknown-fields: true
type: array
path:
- description: |-
- Path to the directory containing the kustomization.yaml file, or the
- set of plain YAMLs a kustomization.yaml should be generated for.
- Defaults to 'None', which translates to the root path of the SourceRef.
+ description: Path to the directory containing the kustomization.yaml
+ file, or the set of plain YAMLs a kustomization.yaml should be generated
+ for. Defaults to 'None', which translates to the root path of the
+ SourceRef.
type: string
postBuild:
- description: |-
- PostBuild describes which actions to perform on the YAML manifest
- generated by building the kustomize overlay.
+ description: PostBuild describes which actions to perform on the YAML
+ manifest generated by building the kustomize overlay.
properties:
substitute:
additionalProperties:
type: string
- description: |-
- Substitute holds a map of key/value pairs.
- The variables defined in your YAML manifests
- that match any of the keys defined in the map
- will be substituted with the set value.
- Includes support for bash string replacement functions
- e.g. ${var:=default}, ${var:position} and ${var/substring/replacement}.
+ description: Substitute holds a map of key/value pairs. The variables
+ defined in your YAML manifests that match any of the keys defined
+ in the map will be substituted with the set value. Includes
+ support for bash string replacement functions e.g. ${var:=default},
+ ${var:position} and ${var/substring/replacement}.
type: object
substituteFrom:
- description: |-
- SubstituteFrom holds references to ConfigMaps and Secrets containing
- the variables and their values to be substituted in the YAML manifests.
- The ConfigMap and the Secret data keys represent the var names and they
- must match the vars declared in the manifests for the substitution to happen.
+ description: SubstituteFrom holds references to ConfigMaps and
+ Secrets containing the variables and their values to be substituted
+ in the YAML manifests. The ConfigMap and the Secret data keys
+ represent the var names and they must match the vars declared
+ in the manifests for the substitution to happen.
items:
- description: |-
- SubstituteReference contains a reference to a resource containing
- the variables name and value.
+ description: SubstituteReference contains a reference to a resource
+ containing the variables name and value.
properties:
kind:
description: Kind of the values referent, valid values are
- ConfigMap
type: string
name:
- description: |-
- Name of the values referent. Should reside in the same namespace as the
- referring resource.
+ description: Name of the values referent. Should reside
+ in the same namespace as the referring resource.
maxLength: 253
minLength: 1
type: string
optional:
default: false
- description: |-
- Optional indicates whether the referenced resource must exist, or whether to
- tolerate its absence. If true and the referenced resource is absent, proceed
- as if the resource was present but empty, without any variables defined.
+ description: Optional indicates whether the referenced resource
+ must exist, or whether to tolerate its absence. If true
+ and the referenced resource is absent, proceed as if the
+ resource was present but empty, without any variables
+ defined.
type: boolean
required:
- kind
description: Prune enables garbage collection.
type: boolean
retryInterval:
- description: |-
- The interval at which to retry a previously failed reconciliation.
+ description: The interval at which to retry a previously failed reconciliation.
When not specified, the controller uses the KustomizationSpec.Interval
value to retry failures.
pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$
type: string
serviceAccountName:
- description: |-
- The name of the Kubernetes service account to impersonate
+ description: The name of the Kubernetes service account to impersonate
when reconciling this Kustomization.
type: string
sourceRef:
- name
type: object
suspend:
- description: |-
- This flag tells the controller to suspend subsequent kustomize executions,
- it does not apply to already started executions. Defaults to false.
+ description: This flag tells the controller to suspend subsequent
+ kustomize executions, it does not apply to already started executions.
+ Defaults to false.
type: boolean
targetNamespace:
- description: |-
- TargetNamespace sets or overrides the namespace in the
+ description: TargetNamespace sets or overrides the namespace in the
kustomization.yaml file.
maxLength: 63
minLength: 1
type: string
timeout:
- description: |-
- Timeout for validation, apply and health checking operations.
+ description: Timeout for validation, apply and health checking operations.
Defaults to 'Interval' duration.
pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$
type: string
- server
type: string
wait:
- description: |-
- Wait instructs the controller to check the health of all the reconciled resources.
- When enabled, the HealthChecks are ignored. Defaults to false.
+ description: Wait instructs the controller to check the health of
+ all the reconciled resources. When enabled, the HealthChecks are
+ ignored. Defaults to false.
type: boolean
required:
- interval
properties:
conditions:
items:
- description: Condition contains details for one aspect of the current
- state of this API Resource.
+ description: "Condition contains details for one aspect of the current
+ state of this API Resource. --- This struct is intended for direct
+ use as an array at the field path .status.conditions. For example,
+ \n type FooStatus struct{ // Represents the observations of a
+ foo's current state. // Known .status.conditions.type are: \"Available\",
+ \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge
+ // +listType=map // +listMapKey=type Conditions []metav1.Condition
+ `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\"
+ protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }"
properties:
lastTransitionTime:
- description: |-
- lastTransitionTime is the last time the condition transitioned from one status to another.
- This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable.
+ description: lastTransitionTime is the last time the condition
+ transitioned from one status to another. This should be when
+ the underlying condition changed. If that is not known, then
+ using the time when the API field changed is acceptable.
format: date-time
type: string
message:
- description: |-
- message is a human readable message indicating details about the transition.
- This may be an empty string.
+ description: message is a human readable message indicating
+ details about the transition. This may be an empty string.
maxLength: 32768
type: string
observedGeneration:
- description: |-
- observedGeneration represents the .metadata.generation that the condition was set based upon.
- For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date
- with respect to the current state of the instance.
+ description: observedGeneration represents the .metadata.generation
+ that the condition was set based upon. For instance, if .metadata.generation
+ is currently 12, but the .status.conditions[x].observedGeneration
+ is 9, the condition is out of date with respect to the current
+ state of the instance.
format: int64
minimum: 0
type: integer
reason:
- description: |-
- reason contains a programmatic identifier indicating the reason for the condition's last transition.
- Producers of specific condition types may define expected values and meanings for this field,
- and whether the values are considered a guaranteed API.
- The value should be a CamelCase string.
+ description: reason contains a programmatic identifier indicating
+ the reason for the condition's last transition. Producers
+ of specific condition types may define expected values and
+ meanings for this field, and whether the values are considered
+ a guaranteed API. The value should be a CamelCase string.
This field may not be empty.
maxLength: 1024
minLength: 1
type: string
type:
description: type of condition in CamelCase or in foo.example.com/CamelCase.
+ --- Many .condition.type values are consistent across resources
+ like Available, but because arbitrary conditions can be useful
+ (see .node.status.conditions), the ability to deconflict is
+ important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt)
maxLength: 316
pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$
- type: string
- required:
- - lastTransitionTime
- - message
- - reason
- - status
- - type
- type: object
- type: array
- inventory:
- description: Inventory contains the list of Kubernetes resource object
- references that have been successfully applied.
- properties:
- entries:
- description: Entries of Kubernetes resource object references.
- items:
- description: ResourceRef contains the information necessary
- to locate a resource within a cluster.
- properties:
- id:
- description: |-
- ID is the string representation of the Kubernetes resource object's metadata,
- in the format '<namespace>_<name>_<group>_<kind>'.
- type: string
- v:
- description: Version is the API version of the Kubernetes
- resource object's kind.
- type: string
- required:
- - id
- - v
- type: object
- type: array
- required:
- - entries
- type: object
- lastAppliedRevision:
- description: |-
- The last successfully applied revision.
- Equals the Revision of the applied Artifact from the referenced Source.
- type: string
- lastAttemptedRevision:
- description: LastAttemptedRevision is the revision of the last reconciliation
- attempt.
- type: string
- lastHandledReconcileAt:
- description: |-
- LastHandledReconcileAt holds the value of the most recent
- reconcile request value, so a change of the annotation value
- can be detected.
- type: string
- observedGeneration:
- description: ObservedGeneration is the last reconciled generation.
- format: int64
- type: integer
- type: object
- type: object
- served: true
- storage: false
- subresources:
- status: {}
----
-apiVersion: v1
-kind: ServiceAccount
-metadata:
- labels:
- app.kubernetes.io/component: kustomize-controller
- app.kubernetes.io/instance: flux-system
- app.kubernetes.io/part-of: flux
- app.kubernetes.io/version: v2.4.0
- name: kustomize-controller
- namespace: flux-system
----
-apiVersion: apps/v1
-kind: Deployment
-metadata:
- labels:
- app.kubernetes.io/component: kustomize-controller
- app.kubernetes.io/instance: flux-system
- app.kubernetes.io/part-of: flux
- app.kubernetes.io/version: v2.4.0
- control-plane: controller
- name: kustomize-controller
- namespace: flux-system
-spec:
- replicas: 1
- selector:
- matchLabels:
- app: kustomize-controller
- template:
- metadata:
- annotations:
- prometheus.io/port: "8080"
- prometheus.io/scrape: "true"
- labels:
- app: kustomize-controller
- spec:
- containers:
- - args:
- - --events-addr=http://notification-controller.flux-system.svc.cluster.local./
- - --watch-all-namespaces=true
- - --log-level=info
- - --log-encoding=json
- - --enable-leader-election
- env:
- - name: RUNTIME_NAMESPACE
- valueFrom:
- fieldRef:
- fieldPath: metadata.namespace
- - name: GOMAXPROCS
- valueFrom:
- resourceFieldRef:
- containerName: manager
- resource: limits.cpu
- - name: GOMEMLIMIT
- valueFrom:
- resourceFieldRef:
- containerName: manager
- resource: limits.memory
- image: ghcr.io/fluxcd/kustomize-controller:v1.4.0
- imagePullPolicy: IfNotPresent
- livenessProbe:
- httpGet:
- path: /healthz
- port: healthz
- name: manager
- ports:
- - containerPort: 8080
- name: http-prom
- protocol: TCP
- - containerPort: 9440
- name: healthz
- protocol: TCP
- readinessProbe:
- httpGet:
- path: /readyz
- port: healthz
- resources:
- limits:
- cpu: 1000m
- memory: 1Gi
- requests:
- cpu: 100m
- memory: 64Mi
- securityContext:
- allowPrivilegeEscalation: false
- capabilities:
- drop:
- - ALL
- readOnlyRootFilesystem: true
- runAsNonRoot: true
- seccompProfile:
- type: RuntimeDefault
- volumeMounts:
- - mountPath: /tmp
- name: temp
- nodeSelector:
- kubernetes.io/os: linux
- priorityClassName: system-cluster-critical
- securityContext:
- fsGroup: 1337
- serviceAccountName: kustomize-controller
- terminationGracePeriodSeconds: 60
- volumes:
- - emptyDir: {}
- name: temp
----
-apiVersion: apiextensions.k8s.io/v1
-kind: CustomResourceDefinition
-metadata:
- annotations:
- controller-gen.kubebuilder.io/version: v0.16.1
- labels:
- app.kubernetes.io/component: helm-controller
- app.kubernetes.io/instance: flux-system
- app.kubernetes.io/part-of: flux
- app.kubernetes.io/version: v2.4.0
- name: helmreleases.helm.toolkit.fluxcd.io
-spec:
- group: helm.toolkit.fluxcd.io
- names:
- kind: HelmRelease
- listKind: HelmReleaseList
- plural: helmreleases
- shortNames:
- - hr
- singular: helmrelease
- scope: Namespaced
- versions:
- - additionalPrinterColumns:
- - jsonPath: .metadata.creationTimestamp
- name: Age
- type: date
- - jsonPath: .status.conditions[?(@.type=="Ready")].status
- name: Ready
- type: string
- - jsonPath: .status.conditions[?(@.type=="Ready")].message
- name: Status
- type: string
- name: v2
- schema:
- openAPIV3Schema:
- description: HelmRelease is the Schema for the helmreleases API
- properties:
- apiVersion:
- description: |-
- APIVersion defines the versioned schema of this representation of an object.
- Servers should convert recognized schemas to the latest internal value, and
- may reject unrecognized values.
- More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
- type: string
- kind:
- description: |-
- Kind is a string value representing the REST resource this object represents.
- Servers may infer this from the endpoint the client submits requests to.
- Cannot be updated.
- In CamelCase.
- More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
- type: string
- metadata:
- type: object
- spec:
- description: HelmReleaseSpec defines the desired state of a Helm release.
- properties:
- chart:
- description: |-
- Chart defines the template of the v1.HelmChart that should be created
- for this HelmRelease.
- properties:
- metadata:
- description: ObjectMeta holds the template for metadata like labels
- and annotations.
- properties:
- annotations:
- additionalProperties:
- type: string
- description: |-
- Annotations is an unstructured key value map stored with a resource that may be
- set by external tools to store and retrieve arbitrary metadata. They are not
- queryable and should be preserved when modifying objects.
- More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations/
- type: object
- labels:
- additionalProperties:
- type: string
- description: |-
- Map of string keys and values that can be used to organize and categorize
- (scope and select) objects.
- More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/
- type: object
- type: object
- spec:
- description: Spec holds the template for the v1.HelmChartSpec
- for this HelmRelease.
- properties:
- chart:
- description: The name or path the Helm chart is available
- at in the SourceRef.
- maxLength: 2048
- minLength: 1
- type: string
- ignoreMissingValuesFiles:
- description: IgnoreMissingValuesFiles controls whether to
- silently ignore missing values files rather than failing.
- type: boolean
- interval:
- description: |-
- Interval at which to check the v1.Source for updates. Defaults to
- 'HelmReleaseSpec.Interval'.
- pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$
- type: string
- reconcileStrategy:
- default: ChartVersion
- description: |-
- Determines what enables the creation of a new artifact. Valid values are
- ('ChartVersion', 'Revision').
- See the documentation of the values for an explanation on their behavior.
- Defaults to ChartVersion when omitted.
- enum:
- - ChartVersion
- - Revision
- type: string
- sourceRef:
- description: The name and namespace of the v1.Source the chart
- is available at.
- properties:
- apiVersion:
- description: APIVersion of the referent.
- type: string
- kind:
- description: Kind of the referent.
- enum:
- - HelmRepository
- - GitRepository
- - Bucket
- type: string
- name:
- description: Name of the referent.
- maxLength: 253
- minLength: 1
- type: string
- namespace:
- description: Namespace of the referent.
- maxLength: 63
- minLength: 1
- type: string
- required:
- - kind
- - name
- type: object
- valuesFiles:
- description: |-
- Alternative list of values files to use as the chart values (values.yaml
- is not included by default), expected to be a relative path in the SourceRef.
- Values files are merged in the order of this list with the last file overriding
- the first. Ignored when omitted.
- items:
- type: string
- type: array
- verify:
- description: |-
- Verify contains the secret name containing the trusted public keys
- used to verify the signature and specifies which provider to use to check
- whether OCI image is authentic.
- This field is only supported for OCI sources.
- Chart dependencies, which are not bundled in the umbrella chart artifact,
- are not verified.
- properties:
- provider:
- default: cosign
- description: Provider specifies the technology used to
- sign the OCI Helm chart.
- enum:
- - cosign
- - notation
- type: string
- secretRef:
- description: |-
- SecretRef specifies the Kubernetes Secret containing the
- trusted public keys.
- properties:
- name:
- description: Name of the referent.
- type: string
- required:
- - name
- type: object
- required:
- - provider
- type: object
- version:
- default: '*'
- description: |-
- Version semver expression, ignored for charts from v1.GitRepository and
- v1beta2.Bucket sources. Defaults to latest when omitted.
- type: string
- required:
- - chart
- - sourceRef
- type: object
- required:
- - spec
- type: object
- chartRef:
- description: |-
- ChartRef holds a reference to a source controller resource containing the
- Helm chart artifact.
- properties:
- apiVersion:
- description: APIVersion of the referent.
- type: string
- kind:
- description: Kind of the referent.
- enum:
- - OCIRepository
- - HelmChart
- type: string
- name:
- description: Name of the referent.
- maxLength: 253
- minLength: 1
- type: string
- namespace:
- description: |-
- Namespace of the referent, defaults to the namespace of the Kubernetes
- resource object that contains the reference.
- maxLength: 63
- minLength: 1
- type: string
- required:
- - kind
- - name
- type: object
- dependsOn:
- description: |-
- DependsOn may contain a meta.NamespacedObjectReference slice with
- references to HelmRelease resources that must be ready before this HelmRelease
- can be reconciled.
- items:
- description: |-
- NamespacedObjectReference contains enough information to locate the referenced Kubernetes resource object in any
- namespace.
- properties:
- name:
- description: Name of the referent.
- type: string
- namespace:
- description: Namespace of the referent, when not specified it
- acts as LocalObjectReference.
- type: string
- required:
- - name
- type: object
- type: array
- driftDetection:
- description: |-
- DriftDetection holds the configuration for detecting and handling
- differences between the manifest in the Helm storage and the resources
- currently existing in the cluster.
- properties:
- ignore:
- description: |-
- Ignore contains a list of rules for specifying which changes to ignore
- during diffing.
- items:
- description: |-
- IgnoreRule defines a rule to selectively disregard specific changes during
- the drift detection process.
- properties:
- paths:
- description: |-
- Paths is a list of JSON Pointer (RFC 6901) paths to be excluded from
- consideration in a Kubernetes object.
- items:
- type: string
- type: array
- target:
- description: |-
- Target is a selector for specifying Kubernetes objects to which this
- rule applies.
- If Target is not set, the Paths will be ignored for all Kubernetes
- objects within the manifest of the Helm release.
- properties:
- annotationSelector:
- description: |-
- AnnotationSelector is a string that follows the label selection expression
- https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#api
- It matches with the resource annotations.
- type: string
- group:
- description: |-
- Group is the API group to select resources from.
- Together with Version and Kind it is capable of unambiguously identifying and/or selecting resources.
- https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md
- type: string
- kind:
- description: |-
- Kind of the API Group to select resources from.
- Together with Group and Version it is capable of unambiguously
- identifying and/or selecting resources.
- https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md
- type: string
- labelSelector:
- description: |-
- LabelSelector is a string that follows the label selection expression
- https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#api
- It matches with the resource labels.
- type: string
- name:
- description: Name to match resources with.
- type: string
- namespace:
- description: Namespace to select resources from.
- type: string
- version:
- description: |-
- Version of the API Group to select resources from.
- Together with Group and Kind it is capable of unambiguously identifying and/or selecting resources.
- https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md
- type: string
- type: object
- required:
- - paths
- type: object
- type: array
- mode:
- description: |-
- Mode defines how differences should be handled between the Helm manifest
- and the manifest currently applied to the cluster.
- If not explicitly set, it defaults to DiffModeDisabled.
- enum:
- - enabled
- - warn
- - disabled
- type: string
- type: object
- install:
- description: Install holds the configuration for Helm install actions
- for this HelmRelease.
- properties:
- crds:
- description: |-
- CRDs upgrade CRDs from the Helm Chart's crds directory according
- to the CRD upgrade policy provided here. Valid values are `Skip`,
- `Create` or `CreateReplace`. Default is `Create` and if omitted
- CRDs are installed but not updated.
-
- Skip: do neither install nor replace (update) any CRDs.
-
- Create: new CRDs are created, existing CRDs are neither updated nor deleted.
-
- CreateReplace: new CRDs are created, existing CRDs are updated (replaced)
- but not deleted.
-
- By default, CRDs are applied (installed) during Helm install action.
- With this option users can opt in to CRD replace existing CRDs on Helm
- install actions, which is not (yet) natively supported by Helm.
- https://helm.sh/docs/chart_best_practices/custom_resource_definitions.
- enum:
- - Skip
- - Create
- - CreateReplace
- type: string
- createNamespace:
- description: |-
- CreateNamespace tells the Helm install action to create the
- HelmReleaseSpec.TargetNamespace if it does not exist yet.
- On uninstall, the namespace will not be garbage collected.
- type: boolean
- disableHooks:
- description: DisableHooks prevents hooks from running during the
- Helm install action.
- type: boolean
- disableOpenAPIValidation:
- description: |-
- DisableOpenAPIValidation prevents the Helm install action from validating
- rendered templates against the Kubernetes OpenAPI Schema.
- type: boolean
- disableSchemaValidation:
- description: |-
- DisableSchemaValidation prevents the Helm install action from validating
- the values against the JSON Schema.
- type: boolean
- disableWait:
- description: |-
- DisableWait disables the waiting for resources to be ready after a Helm
- install has been performed.
- type: boolean
- disableWaitForJobs:
- description: |-
- DisableWaitForJobs disables waiting for jobs to complete after a Helm
- install has been performed.
- type: boolean
- remediation:
- description: |-
- Remediation holds the remediation configuration for when the Helm install
- action for the HelmRelease fails. The default is to not perform any action.
- properties:
- ignoreTestFailures:
- description: |-
- IgnoreTestFailures tells the controller to skip remediation when the Helm
- tests are run after an install action but fail. Defaults to
- 'Test.IgnoreFailures'.
- type: boolean
- remediateLastFailure:
- description: |-
- RemediateLastFailure tells the controller to remediate the last failure, when
- no retries remain. Defaults to 'false'.
- type: boolean
- retries:
- description: |-
- Retries is the number of retries that should be attempted on failures before
- bailing. Remediation, using an uninstall, is performed between each attempt.
- Defaults to '0', a negative integer equals to unlimited retries.
- type: integer
- type: object
- replace:
- description: |-
- Replace tells the Helm install action to re-use the 'ReleaseName', but only
- if that name is a deleted release which remains in the history.
- type: boolean
- skipCRDs:
- description: |-
- SkipCRDs tells the Helm install action to not install any CRDs. By default,
- CRDs are installed if not already present.
-
- Deprecated use CRD policy (`crds`) attribute with value `Skip` instead.
- type: boolean
- timeout:
- description: |-
- Timeout is the time to wait for any individual Kubernetes operation (like
- Jobs for hooks) during the performance of a Helm install action. Defaults to
- 'HelmReleaseSpec.Timeout'.
- pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$
- type: string
- type: object
- interval:
- description: Interval at which to reconcile the Helm release.
- pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$
- type: string
- kubeConfig:
- description: |-
- KubeConfig for reconciling the HelmRelease on a remote cluster.
- When used in combination with HelmReleaseSpec.ServiceAccountName,
- forces the controller to act on behalf of that Service Account at the
- target cluster.
- If the --default-service-account flag is set, its value will be used as
- a controller level fallback for when HelmReleaseSpec.ServiceAccountName
- is empty.
- properties:
- secretRef:
- description: |-
- SecretRef holds the name of a secret that contains a key with
- the kubeconfig file as the value. If no key is set, the key will default
- to 'value'.
- It is recommended that the kubeconfig is self-contained, and the secret
- is regularly updated if credentials such as a cloud-access-token expire.
- Cloud specific `cmd-path` auth helpers will not function without adding
- binaries and credentials to the Pod that is responsible for reconciling
- Kubernetes resources.
- properties:
- key:
- description: Key in the Secret, when not specified an implementation-specific
- default key is used.
- type: string
- name:
- description: Name of the Secret.
- type: string
- required:
- - name
- type: object
- required:
- - secretRef
- type: object
- maxHistory:
- description: |-
- MaxHistory is the number of revisions saved by Helm for this HelmRelease.
- Use '0' for an unlimited number of revisions; defaults to '5'.
- type: integer
- persistentClient:
- description: |-
- PersistentClient tells the controller to use a persistent Kubernetes
- client for this release. When enabled, the client will be reused for the
- duration of the reconciliation, instead of being created and destroyed
- for each (step of a) Helm action.
-
- This can improve performance, but may cause issues with some Helm charts
- that for example do create Custom Resource Definitions during installation
- outside Helm's CRD lifecycle hooks, which are then not observed to be
- available by e.g. post-install hooks.
-
- If not set, it defaults to true.
- type: boolean
- postRenderers:
- description: |-
- PostRenderers holds an array of Helm PostRenderers, which will be applied in order
- of their definition.
- items:
- description: PostRenderer contains a Helm PostRenderer specification.
- properties:
- kustomize:
- description: Kustomization to apply as PostRenderer.
- properties:
- images:
- description: |-
- Images is a list of (image name, new name, new tag or digest)
- for changing image names, tags or digests. This can also be achieved with a
- patch, but this operator is simpler to specify.
- items:
- description: Image contains an image name, a new name,
- a new tag or digest, which will replace the original
- name and tag.
- properties:
- digest:
- description: |-
- Digest is the value used to replace the original image tag.
- If digest is present NewTag value is ignored.
- type: string
- name:
- description: Name is a tag-less image name.
- type: string
- newName:
- description: NewName is the value used to replace
- the original name.
- type: string
- newTag:
- description: NewTag is the value used to replace the
- original tag.
- type: string
- required:
- - name
- type: object
- type: array
- patches:
- description: |-
- Strategic merge and JSON patches, defined as inline YAML objects,
- capable of targeting objects based on kind, label and annotation selectors.
- items:
- description: |-
- Patch contains an inline StrategicMerge or JSON6902 patch, and the target the patch should
- be applied to.
- properties:
- patch:
- description: |-
- Patch contains an inline StrategicMerge patch or an inline JSON6902 patch with
- an array of operation objects.
- type: string
- target:
- description: Target points to the resources that the
- patch document should be applied to.
- properties:
- annotationSelector:
- description: |-
- AnnotationSelector is a string that follows the label selection expression
- https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#api
- It matches with the resource annotations.
- type: string
- group:
- description: |-
- Group is the API group to select resources from.
- Together with Version and Kind it is capable of unambiguously identifying and/or selecting resources.
- https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md
- type: string
- kind:
- description: |-
- Kind of the API Group to select resources from.
- Together with Group and Version it is capable of unambiguously
- identifying and/or selecting resources.
- https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md
- type: string
- labelSelector:
- description: |-
- LabelSelector is a string that follows the label selection expression
- https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#api
- It matches with the resource labels.
- type: string
- name:
- description: Name to match resources with.
- type: string
- namespace:
- description: Namespace to select resources from.
- type: string
- version:
- description: |-
- Version of the API Group to select resources from.
- Together with Group and Kind it is capable of unambiguously identifying and/or selecting resources.
- https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md
- type: string
- type: object
- required:
- - patch
- type: object
- type: array
- type: object
- type: object
- type: array
- releaseName:
- description: |-
- ReleaseName used for the Helm release. Defaults to a composition of
- '[TargetNamespace-]Name'.
- maxLength: 53
- minLength: 1
- type: string
- rollback:
- description: Rollback holds the configuration for Helm rollback actions
- for this HelmRelease.
- properties:
- cleanupOnFail:
- description: |-
- CleanupOnFail allows deletion of new resources created during the Helm
- rollback action when it fails.
- type: boolean
- disableHooks:
- description: DisableHooks prevents hooks from running during the
- Helm rollback action.
- type: boolean
- disableWait:
- description: |-
- DisableWait disables the waiting for resources to be ready after a Helm
- rollback has been performed.
- type: boolean
- disableWaitForJobs:
- description: |-
- DisableWaitForJobs disables waiting for jobs to complete after a Helm
- rollback has been performed.
- type: boolean
- force:
- description: Force forces resource updates through a replacement
- strategy.
- type: boolean
- recreate:
- description: Recreate performs pod restarts for the resource if
- applicable.
- type: boolean
- timeout:
- description: |-
- Timeout is the time to wait for any individual Kubernetes operation (like
- Jobs for hooks) during the performance of a Helm rollback action. Defaults to
- 'HelmReleaseSpec.Timeout'.
- pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$
- type: string
- type: object
- serviceAccountName:
- description: |-
- The name of the Kubernetes service account to impersonate
- when reconciling this HelmRelease.
- maxLength: 253
- minLength: 1
- type: string
- storageNamespace:
- description: |-
- StorageNamespace used for the Helm storage.
- Defaults to the namespace of the HelmRelease.
- maxLength: 63
- minLength: 1
- type: string
- suspend:
- description: |-
- Suspend tells the controller to suspend reconciliation for this HelmRelease,
- it does not apply to already started reconciliations. Defaults to false.
- type: boolean
- targetNamespace:
- description: |-
- TargetNamespace to target when performing operations for the HelmRelease.
- Defaults to the namespace of the HelmRelease.
- maxLength: 63
- minLength: 1
- type: string
- test:
- description: Test holds the configuration for Helm test actions for
- this HelmRelease.
- properties:
- enable:
- description: |-
- Enable enables Helm test actions for this HelmRelease after an Helm install
- or upgrade action has been performed.
- type: boolean
- filters:
- description: Filters is a list of tests to run or exclude from
- running.
- items:
- description: Filter holds the configuration for individual Helm
- test filters.
- properties:
- exclude:
- description: Exclude specifies whether the named test should
- be excluded.
- type: boolean
- name:
- description: Name is the name of the test.
- maxLength: 253
- minLength: 1
- type: string
- required:
- - name
- type: object
- type: array
- ignoreFailures:
- description: |-
- IgnoreFailures tells the controller to skip remediation when the Helm tests
- are run but fail. Can be overwritten for tests run after install or upgrade
- actions in 'Install.IgnoreTestFailures' and 'Upgrade.IgnoreTestFailures'.
- type: boolean
- timeout:
- description: |-
- Timeout is the time to wait for any individual Kubernetes operation during
- the performance of a Helm test action. Defaults to 'HelmReleaseSpec.Timeout'.
- pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$
- type: string
- type: object
- timeout:
- description: |-
- Timeout is the time to wait for any individual Kubernetes operation (like Jobs
- for hooks) during the performance of a Helm action. Defaults to '5m0s'.
- pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$
- type: string
- uninstall:
- description: Uninstall holds the configuration for Helm uninstall
- actions for this HelmRelease.
- properties:
- deletionPropagation:
- default: background
- description: |-
- DeletionPropagation specifies the deletion propagation policy when
- a Helm uninstall is performed.
- enum:
- - background
- - foreground
- - orphan
- type: string
- disableHooks:
- description: DisableHooks prevents hooks from running during the
- Helm rollback action.
- type: boolean
- disableWait:
- description: |-
- DisableWait disables waiting for all the resources to be deleted after
- a Helm uninstall is performed.
- type: boolean
- keepHistory:
- description: |-
- KeepHistory tells Helm to remove all associated resources and mark the
- release as deleted, but retain the release history.
- type: boolean
- timeout:
- description: |-
- Timeout is the time to wait for any individual Kubernetes operation (like
- Jobs for hooks) during the performance of a Helm uninstall action. Defaults
- to 'HelmReleaseSpec.Timeout'.
- pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$
- type: string
- type: object
- upgrade:
- description: Upgrade holds the configuration for Helm upgrade actions
- for this HelmRelease.
- properties:
- cleanupOnFail:
- description: |-
- CleanupOnFail allows deletion of new resources created during the Helm
- upgrade action when it fails.
- type: boolean
- crds:
- description: |-
- CRDs upgrade CRDs from the Helm Chart's crds directory according
- to the CRD upgrade policy provided here. Valid values are `Skip`,
- `Create` or `CreateReplace`. Default is `Skip` and if omitted
- CRDs are neither installed nor upgraded.
-
- Skip: do neither install nor replace (update) any CRDs.
-
- Create: new CRDs are created, existing CRDs are neither updated nor deleted.
-
- CreateReplace: new CRDs are created, existing CRDs are updated (replaced)
- but not deleted.
-
- By default, CRDs are not applied during Helm upgrade action. With this
- option users can opt-in to CRD upgrade, which is not (yet) natively supported by Helm.
- https://helm.sh/docs/chart_best_practices/custom_resource_definitions.
- enum:
- - Skip
- - Create
- - CreateReplace
- type: string
- disableHooks:
- description: DisableHooks prevents hooks from running during the
- Helm upgrade action.
- type: boolean
- disableOpenAPIValidation:
- description: |-
- DisableOpenAPIValidation prevents the Helm upgrade action from validating
- rendered templates against the Kubernetes OpenAPI Schema.
- type: boolean
- disableSchemaValidation:
- description: |-
- DisableSchemaValidation prevents the Helm upgrade action from validating
- the values against the JSON Schema.
- type: boolean
- disableWait:
- description: |-
- DisableWait disables the waiting for resources to be ready after a Helm
- upgrade has been performed.
- type: boolean
- disableWaitForJobs:
- description: |-
- DisableWaitForJobs disables waiting for jobs to complete after a Helm
- upgrade has been performed.
- type: boolean
- force:
- description: Force forces resource updates through a replacement
- strategy.
- type: boolean
- preserveValues:
- description: |-
- PreserveValues will make Helm reuse the last release's values and merge in
- overrides from 'Values'. Setting this flag makes the HelmRelease
- non-declarative.
- type: boolean
- remediation:
- description: |-
- Remediation holds the remediation configuration for when the Helm upgrade
- action for the HelmRelease fails. The default is to not perform any action.
- properties:
- ignoreTestFailures:
- description: |-
- IgnoreTestFailures tells the controller to skip remediation when the Helm
- tests are run after an upgrade action but fail.
- Defaults to 'Test.IgnoreFailures'.
- type: boolean
- remediateLastFailure:
- description: |-
- RemediateLastFailure tells the controller to remediate the last failure, when
- no retries remain. Defaults to 'false' unless 'Retries' is greater than 0.
- type: boolean
- retries:
- description: |-
- Retries is the number of retries that should be attempted on failures before
- bailing. Remediation, using 'Strategy', is performed between each attempt.
- Defaults to '0', a negative integer equals to unlimited retries.
- type: integer
- strategy:
- description: Strategy to use for failure remediation. Defaults
- to 'rollback'.
- enum:
- - rollback
- - uninstall
- type: string
- type: object
- timeout:
- description: |-
- Timeout is the time to wait for any individual Kubernetes operation (like
- Jobs for hooks) during the performance of a Helm upgrade action. Defaults to
- 'HelmReleaseSpec.Timeout'.
- pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$
- type: string
- type: object
- values:
- description: Values holds the values for this Helm release.
- x-kubernetes-preserve-unknown-fields: true
- valuesFrom:
- description: |-
- ValuesFrom holds references to resources containing Helm values for this HelmRelease,
- and information about how they should be merged.
- items:
- description: |-
- ValuesReference contains a reference to a resource containing Helm values,
- and optionally the key they can be found at.
- properties:
- kind:
- description: Kind of the values referent, valid values are ('Secret',
- 'ConfigMap').
- enum:
- - Secret
- - ConfigMap
- type: string
- name:
- description: |-
- Name of the values referent. Should reside in the same namespace as the
- referring resource.
- maxLength: 253
- minLength: 1
- type: string
- optional:
- description: |-
- Optional marks this ValuesReference as optional. When set, a not found error
- for the values reference is ignored, but any ValuesKey, TargetPath or
- transient error will still result in a reconciliation failure.
- type: boolean
- targetPath:
- description: |-
- TargetPath is the YAML dot notation path the value should be merged at. When
- set, the ValuesKey is expected to be a single flat value. Defaults to 'None',
- which results in the values getting merged at the root.
- maxLength: 250
- pattern: ^([a-zA-Z0-9_\-.\\\/]|\[[0-9]{1,5}\])+$
- type: string
- valuesKey:
- description: |-
- ValuesKey is the data key where the values.yaml or a specific value can be
- found at. Defaults to 'values.yaml'.
- maxLength: 253
- pattern: ^[\-._a-zA-Z0-9]+$
- type: string
- required:
- - kind
- - name
- type: object
- type: array
- required:
- - interval
- type: object
- x-kubernetes-validations:
- - message: either chart or chartRef must be set
- rule: (has(self.chart) && !has(self.chartRef)) || (!has(self.chart)
- && has(self.chartRef))
- status:
- default:
- observedGeneration: -1
- description: HelmReleaseStatus defines the observed state of a HelmRelease.
- properties:
- conditions:
- description: Conditions holds the conditions for the HelmRelease.
- items:
- description: Condition contains details for one aspect of the current
- state of this API Resource.
- properties:
- lastTransitionTime:
- description: |-
- lastTransitionTime is the last time the condition transitioned from one status to another.
- This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable.
- format: date-time
- type: string
- message:
- description: |-
- message is a human readable message indicating details about the transition.
- This may be an empty string.
- maxLength: 32768
- type: string
- observedGeneration:
- description: |-
- observedGeneration represents the .metadata.generation that the condition was set based upon.
- For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date
- with respect to the current state of the instance.
- format: int64
- minimum: 0
- type: integer
- reason:
- description: |-
- reason contains a programmatic identifier indicating the reason for the condition's last transition.
- Producers of specific condition types may define expected values and meanings for this field,
- and whether the values are considered a guaranteed API.
- The value should be a CamelCase string.
- This field may not be empty.
- maxLength: 1024
- minLength: 1
- pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$
- type: string
- status:
- description: status of the condition, one of True, False, Unknown.
- enum:
- - "True"
- - "False"
- - Unknown
- type: string
- type:
- description: type of condition in CamelCase or in foo.example.com/CamelCase.
- maxLength: 316
- pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$
- type: string
- required:
- - lastTransitionTime
- - message
- - reason
- - status
- - type
- type: object
- type: array
- failures:
- description: |-
- Failures is the reconciliation failure count against the latest desired
- state. It is reset after a successful reconciliation.
- format: int64
- type: integer
- helmChart:
- description: |-
- HelmChart is the namespaced name of the HelmChart resource created by
- the controller for the HelmRelease.
- type: string
- history:
- description: |-
- History holds the history of Helm releases performed for this HelmRelease
- up to the last successfully completed release.
- items:
- description: |-
- Snapshot captures a point-in-time copy of the status information for a Helm release,
- as managed by the controller.
- properties:
- apiVersion:
- description: |-
- APIVersion is the API version of the Snapshot.
- Provisional: when the calculation method of the Digest field is changed,
- this field will be used to distinguish between the old and new methods.
- type: string
- appVersion:
- description: AppVersion is the chart app version of the release
- object in storage.
- type: string
- chartName:
- description: ChartName is the chart name of the release object
- in storage.
- type: string
- chartVersion:
- description: |-
- ChartVersion is the chart version of the release object in
- storage.
- type: string
- configDigest:
- description: |-
- ConfigDigest is the checksum of the config (better known as
- "values") of the release object in storage.
- It has the format of `<algo>:<checksum>`.
- type: string
- deleted:
- description: Deleted is when the release was deleted.
- format: date-time
- type: string
- digest:
- description: |-
- Digest is the checksum of the release object in storage.
- It has the format of `<algo>:<checksum>`.
- type: string
- firstDeployed:
- description: FirstDeployed is when the release was first deployed.
- format: date-time
- type: string
- lastDeployed:
- description: LastDeployed is when the release was last deployed.
- format: date-time
- type: string
- name:
- description: Name is the name of the release.
- type: string
- namespace:
- description: Namespace is the namespace the release is deployed
- to.
- type: string
- ociDigest:
- description: OCIDigest is the digest of the OCI artifact associated
- with the release.
- type: string
- status:
- description: Status is the current state of the release.
- type: string
- testHooks:
- additionalProperties:
- description: |-
- TestHookStatus holds the status information for a test hook as observed
- to be run by the controller.
- properties:
- lastCompleted:
- description: LastCompleted is the time the test hook last
- completed.
- format: date-time
- type: string
- lastStarted:
- description: LastStarted is the time the test hook was
- last started.
- format: date-time
- type: string
- phase:
- description: Phase the test hook was observed to be in.
- type: string
- type: object
- description: |-
- TestHooks is the list of test hooks for the release as observed to be
- run by the controller.
- type: object
- version:
- description: Version is the version of the release object in
- storage.
- type: integer
- required:
- - chartName
- - chartVersion
- - configDigest
- - digest
- - firstDeployed
- - lastDeployed
- - name
- - namespace
- - status
- - version
- type: object
- type: array
- installFailures:
- description: |-
- InstallFailures is the install failure count against the latest desired
- state. It is reset after a successful reconciliation.
- format: int64
- type: integer
- lastAttemptedConfigDigest:
- description: |-
- LastAttemptedConfigDigest is the digest for the config (better known as
- "values") of the last reconciliation attempt.
- type: string
- lastAttemptedGeneration:
- description: |-
- LastAttemptedGeneration is the last generation the controller attempted
- to reconcile.
- format: int64
- type: integer
- lastAttemptedReleaseAction:
- description: |-
- LastAttemptedReleaseAction is the last release action performed for this
- HelmRelease. It is used to determine the active remediation strategy.
- enum:
- - install
- - upgrade
- type: string
- lastAttemptedRevision:
- description: |-
- LastAttemptedRevision is the Source revision of the last reconciliation
- attempt. For OCIRepository sources, the 12 first characters of the digest are
- appended to the chart version e.g. "1.2.3+1234567890ab".
- type: string
- lastAttemptedRevisionDigest:
- description: |-
- LastAttemptedRevisionDigest is the digest of the last reconciliation attempt.
- This is only set for OCIRepository sources.
- type: string
- lastAttemptedValuesChecksum:
- description: |-
- LastAttemptedValuesChecksum is the SHA1 checksum for the values of the last
- reconciliation attempt.
- Deprecated: Use LastAttemptedConfigDigest instead.
- type: string
- lastHandledForceAt:
- description: |-
- LastHandledForceAt holds the value of the most recent force request
- value, so a change of the annotation value can be detected.
- type: string
- lastHandledReconcileAt:
- description: |-
- LastHandledReconcileAt holds the value of the most recent
- reconcile request value, so a change of the annotation value
- can be detected.
- type: string
- lastHandledResetAt:
- description: |-
- LastHandledResetAt holds the value of the most recent reset request
- value, so a change of the annotation value can be detected.
- type: string
- lastReleaseRevision:
- description: |-
- LastReleaseRevision is the revision of the last successful Helm release.
- Deprecated: Use History instead.
- type: integer
- observedGeneration:
- description: ObservedGeneration is the last observed generation.
- format: int64
- type: integer
- observedPostRenderersDigest:
- description: |-
- ObservedPostRenderersDigest is the digest for the post-renderers of
- the last successful reconciliation attempt.
- type: string
- storageNamespace:
- description: |-
- StorageNamespace is the namespace of the Helm release storage for the
- current release.
- maxLength: 63
- minLength: 1
- type: string
- upgradeFailures:
- description: |-
- UpgradeFailures is the upgrade failure count against the latest desired
- state. It is reset after a successful reconciliation.
- format: int64
- type: integer
- type: object
- type: object
- served: true
- storage: true
- subresources:
- status: {}
- - additionalPrinterColumns:
- - jsonPath: .metadata.creationTimestamp
- name: Age
- type: date
- - jsonPath: .status.conditions[?(@.type=="Ready")].status
- name: Ready
- type: string
- - jsonPath: .status.conditions[?(@.type=="Ready")].message
- name: Status
- type: string
- deprecated: true
- deprecationWarning: v2beta1 HelmRelease is deprecated, upgrade to v2
- name: v2beta1
- schema:
- openAPIV3Schema:
- description: HelmRelease is the Schema for the helmreleases API
- properties:
- apiVersion:
- description: |-
- APIVersion defines the versioned schema of this representation of an object.
- Servers should convert recognized schemas to the latest internal value, and
- may reject unrecognized values.
- More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
- type: string
- kind:
- description: |-
- Kind is a string value representing the REST resource this object represents.
- Servers may infer this from the endpoint the client submits requests to.
- Cannot be updated.
- In CamelCase.
- More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
- type: string
- metadata:
- type: object
- spec:
- description: HelmReleaseSpec defines the desired state of a Helm release.
- properties:
- chart:
- description: |-
- Chart defines the template of the v1beta2.HelmChart that should be created
- for this HelmRelease.
- properties:
- metadata:
- description: ObjectMeta holds the template for metadata like labels
- and annotations.
- properties:
- annotations:
- additionalProperties:
- type: string
- description: |-
- Annotations is an unstructured key value map stored with a resource that may be
- set by external tools to store and retrieve arbitrary metadata. They are not
- queryable and should be preserved when modifying objects.
- More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations/
- type: object
- labels:
- additionalProperties:
- type: string
- description: |-
- Map of string keys and values that can be used to organize and categorize
- (scope and select) objects.
- More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/
- type: object
- type: object
- spec:
- description: Spec holds the template for the v1beta2.HelmChartSpec
- for this HelmRelease.
- properties:
- chart:
- description: The name or path the Helm chart is available
- at in the SourceRef.
- type: string
- interval:
- description: |-
- Interval at which to check the v1beta2.Source for updates. Defaults to
- 'HelmReleaseSpec.Interval'.
- pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$
- type: string
- reconcileStrategy:
- default: ChartVersion
- description: |-
- Determines what enables the creation of a new artifact. Valid values are
- ('ChartVersion', 'Revision').
- See the documentation of the values for an explanation on their behavior.
- Defaults to ChartVersion when omitted.
- enum:
- - ChartVersion
- - Revision
- type: string
- sourceRef:
- description: The name and namespace of the v1beta2.Source
- the chart is available at.
- properties:
- apiVersion:
- description: APIVersion of the referent.
- type: string
- kind:
- description: Kind of the referent.
- enum:
- - HelmRepository
- - GitRepository
- - Bucket
- type: string
- name:
- description: Name of the referent.
- maxLength: 253
- minLength: 1
- type: string
- namespace:
- description: Namespace of the referent.
- maxLength: 63
- minLength: 1
- type: string
- required:
- - kind
- - name
- type: object
- valuesFile:
- description: |-
- Alternative values file to use as the default chart values, expected to
- be a relative path in the SourceRef. Deprecated in favor of ValuesFiles,
- for backwards compatibility the file defined here is merged before the
- ValuesFiles items. Ignored when omitted.
- type: string
- valuesFiles:
- description: |-
- Alternative list of values files to use as the chart values (values.yaml
- is not included by default), expected to be a relative path in the SourceRef.
- Values files are merged in the order of this list with the last file overriding
- the first. Ignored when omitted.
- items:
- type: string
- type: array
- verify:
- description: |-
- Verify contains the secret name containing the trusted public keys
- used to verify the signature and specifies which provider to use to check
- whether OCI image is authentic.
- This field is only supported for OCI sources.
- Chart dependencies, which are not bundled in the umbrella chart artifact, are not verified.
- properties:
- provider:
- default: cosign
- description: Provider specifies the technology used to
- sign the OCI Helm chart.
- enum:
- - cosign
- type: string
- secretRef:
- description: |-
- SecretRef specifies the Kubernetes Secret containing the
- trusted public keys.
- properties:
- name:
- description: Name of the referent.
- type: string
- required:
- - name
- type: object
- required:
- - provider
- type: object
- version:
- default: '*'
- description: |-
- Version semver expression, ignored for charts from v1beta2.GitRepository and
- v1beta2.Bucket sources. Defaults to latest when omitted.
- type: string
- required:
- - chart
- - sourceRef
- type: object
- required:
- - spec
- type: object
- chartRef:
- description: |-
- ChartRef holds a reference to a source controller resource containing the
- Helm chart artifact.
-
- Note: this field is provisional to the v2 API, and not actively used
- by v2beta1 HelmReleases.
- properties:
- apiVersion:
- description: APIVersion of the referent.
- type: string
- kind:
- description: Kind of the referent.
- enum:
- - OCIRepository
- - HelmChart
- type: string
- name:
- description: Name of the referent.
- maxLength: 253
- minLength: 1
- type: string
- namespace:
- description: |-
- Namespace of the referent, defaults to the namespace of the Kubernetes
- resource object that contains the reference.
- maxLength: 63
- minLength: 1
- type: string
- required:
- - kind
- - name
- type: object
- dependsOn:
- description: |-
- DependsOn may contain a meta.NamespacedObjectReference slice with
- references to HelmRelease resources that must be ready before this HelmRelease
- can be reconciled.
- items:
- description: |-
- NamespacedObjectReference contains enough information to locate the referenced Kubernetes resource object in any
- namespace.
- properties:
- name:
- description: Name of the referent.
- type: string
- namespace:
- description: Namespace of the referent, when not specified it
- acts as LocalObjectReference.
- type: string
- required:
- - name
- type: object
- type: array
- driftDetection:
- description: |-
- DriftDetection holds the configuration for detecting and handling
- differences between the manifest in the Helm storage and the resources
- currently existing in the cluster.
-
- Note: this field is provisional to the v2beta2 API, and not actively used
- by v2beta1 HelmReleases.
- properties:
- ignore:
- description: |-
- Ignore contains a list of rules for specifying which changes to ignore
- during diffing.
- items:
- description: |-
- IgnoreRule defines a rule to selectively disregard specific changes during
- the drift detection process.
- properties:
- paths:
- description: |-
- Paths is a list of JSON Pointer (RFC 6901) paths to be excluded from
- consideration in a Kubernetes object.
- items:
- type: string
- type: array
- target:
- description: |-
- Target is a selector for specifying Kubernetes objects to which this
- rule applies.
- If Target is not set, the Paths will be ignored for all Kubernetes
- objects within the manifest of the Helm release.
- properties:
- annotationSelector:
- description: |-
- AnnotationSelector is a string that follows the label selection expression
- https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#api
- It matches with the resource annotations.
- type: string
- group:
- description: |-
- Group is the API group to select resources from.
- Together with Version and Kind it is capable of unambiguously identifying and/or selecting resources.
- https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md
- type: string
- kind:
- description: |-
- Kind of the API Group to select resources from.
- Together with Group and Version it is capable of unambiguously
- identifying and/or selecting resources.
- https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md
- type: string
- labelSelector:
- description: |-
- LabelSelector is a string that follows the label selection expression
- https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#api
- It matches with the resource labels.
- type: string
- name:
- description: Name to match resources with.
- type: string
- namespace:
- description: Namespace to select resources from.
- type: string
- version:
- description: |-
- Version of the API Group to select resources from.
- Together with Group and Kind it is capable of unambiguously identifying and/or selecting resources.
- https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md
- type: string
- type: object
- required:
- - paths
- type: object
- type: array
- mode:
- description: |-
- Mode defines how differences should be handled between the Helm manifest
- and the manifest currently applied to the cluster.
- If not explicitly set, it defaults to DiffModeDisabled.
- enum:
- - enabled
- - warn
- - disabled
- type: string
- type: object
- install:
- description: Install holds the configuration for Helm install actions
- for this HelmRelease.
- properties:
- crds:
- description: |-
- CRDs upgrade CRDs from the Helm Chart's crds directory according
- to the CRD upgrade policy provided here. Valid values are `Skip`,
- `Create` or `CreateReplace`. Default is `Create` and if omitted
- CRDs are installed but not updated.
-
- Skip: do neither install nor replace (update) any CRDs.
-
- Create: new CRDs are created, existing CRDs are neither updated nor deleted.
-
- CreateReplace: new CRDs are created, existing CRDs are updated (replaced)
- but not deleted.
-
- By default, CRDs are applied (installed) during Helm install action.
- With this option users can opt-in to CRD replace existing CRDs on Helm
- install actions, which is not (yet) natively supported by Helm.
- https://helm.sh/docs/chart_best_practices/custom_resource_definitions.
- enum:
- - Skip
- - Create
- - CreateReplace
- type: string
- createNamespace:
- description: |-
- CreateNamespace tells the Helm install action to create the
- HelmReleaseSpec.TargetNamespace if it does not exist yet.
- On uninstall, the namespace will not be garbage collected.
- type: boolean
- disableHooks:
- description: DisableHooks prevents hooks from running during the
- Helm install action.
- type: boolean
- disableOpenAPIValidation:
- description: |-
- DisableOpenAPIValidation prevents the Helm install action from validating
- rendered templates against the Kubernetes OpenAPI Schema.
- type: boolean
- disableWait:
- description: |-
- DisableWait disables the waiting for resources to be ready after a Helm
- install has been performed.
- type: boolean
- disableWaitForJobs:
- description: |-
- DisableWaitForJobs disables waiting for jobs to complete after a Helm
- install has been performed.
- type: boolean
- remediation:
- description: |-
- Remediation holds the remediation configuration for when the Helm install
- action for the HelmRelease fails. The default is to not perform any action.
- properties:
- ignoreTestFailures:
- description: |-
- IgnoreTestFailures tells the controller to skip remediation when the Helm
- tests are run after an install action but fail. Defaults to
- 'Test.IgnoreFailures'.
- type: boolean
- remediateLastFailure:
- description: |-
- RemediateLastFailure tells the controller to remediate the last failure, when
- no retries remain. Defaults to 'false'.
- type: boolean
- retries:
- description: |-
- Retries is the number of retries that should be attempted on failures before
- bailing. Remediation, using an uninstall, is performed between each attempt.
- Defaults to '0', a negative integer equals to unlimited retries.
- type: integer
- type: object
- replace:
- description: |-
- Replace tells the Helm install action to re-use the 'ReleaseName', but only
- if that name is a deleted release which remains in the history.
- type: boolean
- skipCRDs:
- description: |-
- SkipCRDs tells the Helm install action to not install any CRDs. By default,
- CRDs are installed if not already present.
-
- Deprecated use CRD policy (`crds`) attribute with value `Skip` instead.
- type: boolean
- timeout:
- description: |-
- Timeout is the time to wait for any individual Kubernetes operation (like
- Jobs for hooks) during the performance of a Helm install action. Defaults to
- 'HelmReleaseSpec.Timeout'.
- pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$
- type: string
- type: object
- interval:
- description: |-
- Interval at which to reconcile the Helm release.
- This interval is approximate and may be subject to jitter to ensure
- efficient use of resources.
- pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$
- type: string
- kubeConfig:
- description: |-
- KubeConfig for reconciling the HelmRelease on a remote cluster.
- When used in combination with HelmReleaseSpec.ServiceAccountName,
- forces the controller to act on behalf of that Service Account at the
- target cluster.
- If the --default-service-account flag is set, its value will be used as
- a controller level fallback for when HelmReleaseSpec.ServiceAccountName
- is empty.
- properties:
- secretRef:
- description: |-
- SecretRef holds the name of a secret that contains a key with
- the kubeconfig file as the value. If no key is set, the key will default
- to 'value'.
- It is recommended that the kubeconfig is self-contained, and the secret
- is regularly updated if credentials such as a cloud-access-token expire.
- Cloud specific `cmd-path` auth helpers will not function without adding
- binaries and credentials to the Pod that is responsible for reconciling
- Kubernetes resources.
- properties:
- key:
- description: Key in the Secret, when not specified an implementation-specific
- default key is used.
- type: string
- name:
- description: Name of the Secret.
- type: string
- required:
- - name
- type: object
- required:
- - secretRef
- type: object
- maxHistory:
- description: |-
- MaxHistory is the number of revisions saved by Helm for this HelmRelease.
- Use '0' for an unlimited number of revisions; defaults to '10'.
- type: integer
- persistentClient:
- description: |-
- PersistentClient tells the controller to use a persistent Kubernetes
- client for this release. When enabled, the client will be reused for the
- duration of the reconciliation, instead of being created and destroyed
- for each (step of a) Helm action.
-
- This can improve performance, but may cause issues with some Helm charts
- that for example do create Custom Resource Definitions during installation
- outside Helm's CRD lifecycle hooks, which are then not observed to be
- available by e.g. post-install hooks.
-
- If not set, it defaults to true.
- type: boolean
- postRenderers:
- description: |-
- PostRenderers holds an array of Helm PostRenderers, which will be applied in order
- of their definition.
- items:
- description: PostRenderer contains a Helm PostRenderer specification.
- properties:
- kustomize:
- description: Kustomization to apply as PostRenderer.
- properties:
- images:
- description: |-
- Images is a list of (image name, new name, new tag or digest)
- for changing image names, tags or digests. This can also be achieved with a
- patch, but this operator is simpler to specify.
- items:
- description: Image contains an image name, a new name,
- a new tag or digest, which will replace the original
- name and tag.
- properties:
- digest:
- description: |-
- Digest is the value used to replace the original image tag.
- If digest is present NewTag value is ignored.
- type: string
- name:
- description: Name is a tag-less image name.
- type: string
- newName:
- description: NewName is the value used to replace
- the original name.
- type: string
- newTag:
- description: NewTag is the value used to replace the
- original tag.
- type: string
- required:
- - name
- type: object
- type: array
- patches:
- description: |-
- Strategic merge and JSON patches, defined as inline YAML objects,
- capable of targeting objects based on kind, label and annotation selectors.
- items:
- description: |-
- Patch contains an inline StrategicMerge or JSON6902 patch, and the target the patch should
- be applied to.
- properties:
- patch:
- description: |-
- Patch contains an inline StrategicMerge patch or an inline JSON6902 patch with
- an array of operation objects.
- type: string
- target:
- description: Target points to the resources that the
- patch document should be applied to.
- properties:
- annotationSelector:
- description: |-
- AnnotationSelector is a string that follows the label selection expression
- https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#api
- It matches with the resource annotations.
- type: string
- group:
- description: |-
- Group is the API group to select resources from.
- Together with Version and Kind it is capable of unambiguously identifying and/or selecting resources.
- https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md
- type: string
- kind:
- description: |-
- Kind of the API Group to select resources from.
- Together with Group and Version it is capable of unambiguously
- identifying and/or selecting resources.
- https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md
- type: string
- labelSelector:
- description: |-
- LabelSelector is a string that follows the label selection expression
- https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#api
- It matches with the resource labels.
- type: string
- name:
- description: Name to match resources with.
- type: string
- namespace:
- description: Namespace to select resources from.
- type: string
- version:
- description: |-
- Version of the API Group to select resources from.
- Together with Group and Kind it is capable of unambiguously identifying and/or selecting resources.
- https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md
- type: string
- type: object
- required:
- - patch
- type: object
- type: array
- patchesJson6902:
- description: JSON 6902 patches, defined as inline YAML objects.
- items:
- description: JSON6902Patch contains a JSON6902 patch and
- the target the patch should be applied to.
- properties:
- patch:
- description: Patch contains the JSON6902 patch document
- with an array of operation objects.
- items:
- description: |-
- JSON6902 is a JSON6902 operation object.
- https://datatracker.ietf.org/doc/html/rfc6902#section-4
- properties:
- from:
- description: |-
- From contains a JSON-pointer value that references a location within the target document where the operation is
- performed. The meaning of the value depends on the value of Op, and is NOT taken into account by all operations.
- type: string
- op:
- description: |-
- Op indicates the operation to perform. Its value MUST be one of "add", "remove", "replace", "move", "copy", or
- "test".
- https://datatracker.ietf.org/doc/html/rfc6902#section-4
- enum:
- - test
- - remove
- - add
- - replace
- - move
- - copy
- type: string
- path:
- description: |-
- Path contains the JSON-pointer value that references a location within the target document where the operation
- is performed. The meaning of the value depends on the value of Op.
- type: string
- value:
- description: |-
- Value contains a valid JSON structure. The meaning of the value depends on the value of Op, and is NOT taken into
- account by all operations.
- x-kubernetes-preserve-unknown-fields: true
- required:
- - op
- - path
- type: object
- type: array
- target:
- description: Target points to the resources that the
- patch document should be applied to.
- properties:
- annotationSelector:
- description: |-
- AnnotationSelector is a string that follows the label selection expression
- https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#api
- It matches with the resource annotations.
- type: string
- group:
- description: |-
- Group is the API group to select resources from.
- Together with Version and Kind it is capable of unambiguously identifying and/or selecting resources.
- https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md
- type: string
- kind:
- description: |-
- Kind of the API Group to select resources from.
- Together with Group and Version it is capable of unambiguously
- identifying and/or selecting resources.
- https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md
- type: string
- labelSelector:
- description: |-
- LabelSelector is a string that follows the label selection expression
- https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#api
- It matches with the resource labels.
- type: string
- name:
- description: Name to match resources with.
- type: string
- namespace:
- description: Namespace to select resources from.
- type: string
- version:
- description: |-
- Version of the API Group to select resources from.
- Together with Group and Kind it is capable of unambiguously identifying and/or selecting resources.
- https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md
- type: string
- type: object
- required:
- - patch
- - target
- type: object
- type: array
- patchesStrategicMerge:
- description: Strategic merge patches, defined as inline
- YAML objects.
- items:
- x-kubernetes-preserve-unknown-fields: true
- type: array
- type: object
- type: object
- type: array
- releaseName:
- description: |-
- ReleaseName used for the Helm release. Defaults to a composition of
- '[TargetNamespace-]Name'.
- maxLength: 53
- minLength: 1
- type: string
- rollback:
- description: Rollback holds the configuration for Helm rollback actions
- for this HelmRelease.
- properties:
- cleanupOnFail:
- description: |-
- CleanupOnFail allows deletion of new resources created during the Helm
- rollback action when it fails.
- type: boolean
- disableHooks:
- description: DisableHooks prevents hooks from running during the
- Helm rollback action.
- type: boolean
- disableWait:
- description: |-
- DisableWait disables the waiting for resources to be ready after a Helm
- rollback has been performed.
- type: boolean
- disableWaitForJobs:
- description: |-
- DisableWaitForJobs disables waiting for jobs to complete after a Helm
- rollback has been performed.
- type: boolean
- force:
- description: Force forces resource updates through a replacement
- strategy.
- type: boolean
- recreate:
- description: Recreate performs pod restarts for the resource if
- applicable.
- type: boolean
- timeout:
- description: |-
- Timeout is the time to wait for any individual Kubernetes operation (like
- Jobs for hooks) during the performance of a Helm rollback action. Defaults to
- 'HelmReleaseSpec.Timeout'.
- pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$
- type: string
- type: object
- serviceAccountName:
- description: |-
- The name of the Kubernetes service account to impersonate
- when reconciling this HelmRelease.
- type: string
- storageNamespace:
- description: |-
- StorageNamespace used for the Helm storage.
- Defaults to the namespace of the HelmRelease.
- maxLength: 63
- minLength: 1
- type: string
- suspend:
- description: |-
- Suspend tells the controller to suspend reconciliation for this HelmRelease,
- it does not apply to already started reconciliations. Defaults to false.
- type: boolean
- targetNamespace:
- description: |-
- TargetNamespace to target when performing operations for the HelmRelease.
- Defaults to the namespace of the HelmRelease.
- maxLength: 63
- minLength: 1
- type: string
- test:
- description: Test holds the configuration for Helm test actions for
- this HelmRelease.
- properties:
- enable:
- description: |-
- Enable enables Helm test actions for this HelmRelease after an Helm install
- or upgrade action has been performed.
- type: boolean
- ignoreFailures:
- description: |-
- IgnoreFailures tells the controller to skip remediation when the Helm tests
- are run but fail. Can be overwritten for tests run after install or upgrade
- actions in 'Install.IgnoreTestFailures' and 'Upgrade.IgnoreTestFailures'.
- type: boolean
- timeout:
- description: |-
- Timeout is the time to wait for any individual Kubernetes operation during
- the performance of a Helm test action. Defaults to 'HelmReleaseSpec.Timeout'.
- pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$
- type: string
- type: object
- timeout:
- description: |-
- Timeout is the time to wait for any individual Kubernetes operation (like Jobs
- for hooks) during the performance of a Helm action. Defaults to '5m0s'.
- pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$
- type: string
- uninstall:
- description: Uninstall holds the configuration for Helm uninstall
- actions for this HelmRelease.
- properties:
- deletionPropagation:
- default: background
- description: |-
- DeletionPropagation specifies the deletion propagation policy when
- a Helm uninstall is performed.
- enum:
- - background
- - foreground
- - orphan
- type: string
- disableHooks:
- description: DisableHooks prevents hooks from running during the
- Helm rollback action.
- type: boolean
- disableWait:
- description: |-
- DisableWait disables waiting for all the resources to be deleted after
- a Helm uninstall is performed.
- type: boolean
- keepHistory:
- description: |-
- KeepHistory tells Helm to remove all associated resources and mark the
- release as deleted, but retain the release history.
- type: boolean
- timeout:
- description: |-
- Timeout is the time to wait for any individual Kubernetes operation (like
- Jobs for hooks) during the performance of a Helm uninstall action. Defaults
- to 'HelmReleaseSpec.Timeout'.
- pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$
- type: string
- type: object
- upgrade:
- description: Upgrade holds the configuration for Helm upgrade actions
- for this HelmRelease.
- properties:
- cleanupOnFail:
- description: |-
- CleanupOnFail allows deletion of new resources created during the Helm
- upgrade action when it fails.
- type: boolean
- crds:
- description: |-
- CRDs upgrade CRDs from the Helm Chart's crds directory according
- to the CRD upgrade policy provided here. Valid values are `Skip`,
- `Create` or `CreateReplace`. Default is `Skip` and if omitted
- CRDs are neither installed nor upgraded.
-
- Skip: do neither install nor replace (update) any CRDs.
-
- Create: new CRDs are created, existing CRDs are neither updated nor deleted.
-
- CreateReplace: new CRDs are created, existing CRDs are updated (replaced)
- but not deleted.
-
- By default, CRDs are not applied during Helm upgrade action. With this
- option users can opt-in to CRD upgrade, which is not (yet) natively supported by Helm.
- https://helm.sh/docs/chart_best_practices/custom_resource_definitions.
- enum:
- - Skip
- - Create
- - CreateReplace
- type: string
- disableHooks:
- description: DisableHooks prevents hooks from running during the
- Helm upgrade action.
- type: boolean
- disableOpenAPIValidation:
- description: |-
- DisableOpenAPIValidation prevents the Helm upgrade action from validating
- rendered templates against the Kubernetes OpenAPI Schema.
- type: boolean
- disableWait:
- description: |-
- DisableWait disables the waiting for resources to be ready after a Helm
- upgrade has been performed.
- type: boolean
- disableWaitForJobs:
- description: |-
- DisableWaitForJobs disables waiting for jobs to complete after a Helm
- upgrade has been performed.
- type: boolean
- force:
- description: Force forces resource updates through a replacement
- strategy.
- type: boolean
- preserveValues:
- description: |-
- PreserveValues will make Helm reuse the last release's values and merge in
- overrides from 'Values'. Setting this flag makes the HelmRelease
- non-declarative.
- type: boolean
- remediation:
- description: |-
- Remediation holds the remediation configuration for when the Helm upgrade
- action for the HelmRelease fails. The default is to not perform any action.
- properties:
- ignoreTestFailures:
- description: |-
- IgnoreTestFailures tells the controller to skip remediation when the Helm
- tests are run after an upgrade action but fail.
- Defaults to 'Test.IgnoreFailures'.
- type: boolean
- remediateLastFailure:
- description: |-
- RemediateLastFailure tells the controller to remediate the last failure, when
- no retries remain. Defaults to 'false' unless 'Retries' is greater than 0.
- type: boolean
- retries:
- description: |-
- Retries is the number of retries that should be attempted on failures before
- bailing. Remediation, using 'Strategy', is performed between each attempt.
- Defaults to '0', a negative integer equals to unlimited retries.
- type: integer
- strategy:
- description: Strategy to use for failure remediation. Defaults
- to 'rollback'.
- enum:
- - rollback
- - uninstall
- type: string
- type: object
- timeout:
- description: |-
- Timeout is the time to wait for any individual Kubernetes operation (like
- Jobs for hooks) during the performance of a Helm upgrade action. Defaults to
- 'HelmReleaseSpec.Timeout'.
- pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$
- type: string
- type: object
- values:
- description: Values holds the values for this Helm release.
- x-kubernetes-preserve-unknown-fields: true
- valuesFrom:
- description: |-
- ValuesFrom holds references to resources containing Helm values for this HelmRelease,
- and information about how they should be merged.
- items:
- description: |-
- ValuesReference contains a reference to a resource containing Helm values,
- and optionally the key they can be found at.
- properties:
- kind:
- description: Kind of the values referent, valid values are ('Secret',
- 'ConfigMap').
- enum:
- - Secret
- - ConfigMap
- type: string
- name:
- description: |-
- Name of the values referent. Should reside in the same namespace as the
- referring resource.
- maxLength: 253
- minLength: 1
- type: string
- optional:
- description: |-
- Optional marks this ValuesReference as optional. When set, a not found error
- for the values reference is ignored, but any ValuesKey, TargetPath or
- transient error will still result in a reconciliation failure.
- type: boolean
- targetPath:
- description: |-
- TargetPath is the YAML dot notation path the value should be merged at. When
- set, the ValuesKey is expected to be a single flat value. Defaults to 'None',
- which results in the values getting merged at the root.
- maxLength: 250
- pattern: ^([a-zA-Z0-9_\-.\\\/]|\[[0-9]{1,5}\])+$
- type: string
- valuesKey:
- description: |-
- ValuesKey is the data key where the values.yaml or a specific value can be
- found at. Defaults to 'values.yaml'.
- When set, must be a valid Data Key, consisting of alphanumeric characters,
- '-', '_' or '.'.
- maxLength: 253
- pattern: ^[\-._a-zA-Z0-9]+$
- type: string
- required:
- - kind
- - name
- type: object
- type: array
- required:
- - chart
- - interval
- type: object
- status:
- default:
- observedGeneration: -1
- description: HelmReleaseStatus defines the observed state of a HelmRelease.
- properties:
- conditions:
- description: Conditions holds the conditions for the HelmRelease.
- items:
- description: Condition contains details for one aspect of the current
- state of this API Resource.
- properties:
- lastTransitionTime:
- description: |-
- lastTransitionTime is the last time the condition transitioned from one status to another.
- This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable.
- format: date-time
- type: string
- message:
- description: |-
- message is a human readable message indicating details about the transition.
- This may be an empty string.
- maxLength: 32768
- type: string
- observedGeneration:
- description: |-
- observedGeneration represents the .metadata.generation that the condition was set based upon.
- For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date
- with respect to the current state of the instance.
- format: int64
- minimum: 0
- type: integer
- reason:
- description: |-
- reason contains a programmatic identifier indicating the reason for the condition's last transition.
- Producers of specific condition types may define expected values and meanings for this field,
- and whether the values are considered a guaranteed API.
- The value should be a CamelCase string.
- This field may not be empty.
- maxLength: 1024
- minLength: 1
- pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$
- type: string
- status:
- description: status of the condition, one of True, False, Unknown.
- enum:
- - "True"
- - "False"
- - Unknown
- type: string
- type:
- description: type of condition in CamelCase or in foo.example.com/CamelCase.
- maxLength: 316
- pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$
- type: string
- required:
- - lastTransitionTime
- - message
- - reason
- - status
- - type
- type: object
- type: array
- failures:
- description: |-
- Failures is the reconciliation failure count against the latest desired
- state. It is reset after a successful reconciliation.
- format: int64
- type: integer
- helmChart:
- description: |-
- HelmChart is the namespaced name of the HelmChart resource created by
- the controller for the HelmRelease.
- type: string
- history:
- description: |-
- History holds the history of Helm releases performed for this HelmRelease
- up to the last successfully completed release.
-
- Note: this field is provisional to the v2beta2 API, and not actively used
- by v2beta1 HelmReleases.
- items:
- description: |-
- Snapshot captures a point-in-time copy of the status information for a Helm release,
- as managed by the controller.
- properties:
- apiVersion:
- description: |-
- APIVersion is the API version of the Snapshot.
- Provisional: when the calculation method of the Digest field is changed,
- this field will be used to distinguish between the old and new methods.
- type: string
- appVersion:
- description: AppVersion is the chart app version of the release
- object in storage.
- type: string
- chartName:
- description: ChartName is the chart name of the release object
- in storage.
- type: string
- chartVersion:
- description: |-
- ChartVersion is the chart version of the release object in
- storage.
- type: string
- configDigest:
- description: |-
- ConfigDigest is the checksum of the config (better known as
- "values") of the release object in storage.
- It has the format of `<algo>:<checksum>`.
- type: string
- deleted:
- description: Deleted is when the release was deleted.
- format: date-time
- type: string
- digest:
- description: |-
- Digest is the checksum of the release object in storage.
- It has the format of `<algo>:<checksum>`.
- type: string
- firstDeployed:
- description: FirstDeployed is when the release was first deployed.
- format: date-time
- type: string
- lastDeployed:
- description: LastDeployed is when the release was last deployed.
- format: date-time
- type: string
- name:
- description: Name is the name of the release.
- type: string
- namespace:
- description: Namespace is the namespace the release is deployed
- to.
- type: string
- ociDigest:
- description: OCIDigest is the digest of the OCI artifact associated
- with the release.
- type: string
- status:
- description: Status is the current state of the release.
- type: string
- testHooks:
- additionalProperties:
- description: |-
- TestHookStatus holds the status information for a test hook as observed
- to be run by the controller.
- properties:
- lastCompleted:
- description: LastCompleted is the time the test hook last
- completed.
- format: date-time
- type: string
- lastStarted:
- description: LastStarted is the time the test hook was
- last started.
- format: date-time
- type: string
- phase:
- description: Phase the test hook was observed to be in.
- type: string
- type: object
- description: |-
- TestHooks is the list of test hooks for the release as observed to be
- run by the controller.
- type: object
- version:
- description: Version is the version of the release object in
- storage.
- type: integer
+ type: string
required:
- - chartName
- - chartVersion
- - configDigest
- - digest
- - firstDeployed
- - lastDeployed
- - name
- - namespace
+ - lastTransitionTime
+ - message
+ - reason
- status
- - version
+ - type
type: object
type: array
- installFailures:
- description: |-
- InstallFailures is the install failure count against the latest desired
- state. It is reset after a successful reconciliation.
- format: int64
- type: integer
+ inventory:
+ description: Inventory contains the list of Kubernetes resource object
+ references that have been successfully applied.
+ properties:
+ entries:
+ description: Entries of Kubernetes resource object references.
+ items:
+ description: ResourceRef contains the information necessary
+ to locate a resource within a cluster.
+ properties:
+ id:
+ description: ID is the string representation of the Kubernetes
+ resource object's metadata, in the format '<namespace>_<name>_<group>_<kind>'.
+ type: string
+ v:
+ description: Version is the API version of the Kubernetes
+ resource object's kind.
+ type: string
+ required:
+ - id
+ - v
+ type: object
+ type: array
+ required:
+ - entries
+ type: object
lastAppliedRevision:
- description: LastAppliedRevision is the revision of the last successfully
- applied source.
- type: string
- lastAttemptedConfigDigest:
- description: |-
- LastAttemptedConfigDigest is the digest for the config (better known as
- "values") of the last reconciliation attempt.
-
- Note: this field is provisional to the v2beta2 API, and not actively used
- by v2beta1 HelmReleases.
- type: string
- lastAttemptedGeneration:
- description: |-
- LastAttemptedGeneration is the last generation the controller attempted
- to reconcile.
-
- Note: this field is provisional to the v2beta2 API, and not actively used
- by v2beta1 HelmReleases.
- format: int64
- type: integer
- lastAttemptedReleaseAction:
- description: |-
- LastAttemptedReleaseAction is the last release action performed for this
- HelmRelease. It is used to determine the active remediation strategy.
-
- Note: this field is provisional to the v2beta2 API, and not actively used
- by v2beta1 HelmReleases.
+ description: The last successfully applied revision. Equals the Revision
+ of the applied Artifact from the referenced Source.
type: string
lastAttemptedRevision:
description: LastAttemptedRevision is the revision of the last reconciliation
attempt.
type: string
- lastAttemptedValuesChecksum:
- description: |-
- LastAttemptedValuesChecksum is the SHA1 checksum of the values of the last
- reconciliation attempt.
- type: string
- lastHandledForceAt:
- description: |-
- LastHandledForceAt holds the value of the most recent force request
- value, so a change of the annotation value can be detected.
-
- Note: this field is provisional to the v2beta2 API, and not actively used
- by v2beta1 HelmReleases.
- type: string
lastHandledReconcileAt:
- description: |-
- LastHandledReconcileAt holds the value of the most recent
- reconcile request value, so a change of the annotation value
- can be detected.
- type: string
- lastHandledResetAt:
- description: |-
- LastHandledResetAt holds the value of the most recent reset request
- value, so a change of the annotation value can be detected.
-
- Note: this field is provisional to the v2beta2 API, and not actively used
- by v2beta1 HelmReleases.
+ description: LastHandledReconcileAt holds the value of the most recent
+ reconcile request value, so a change of the annotation value can
+ be detected.
type: string
- lastReleaseRevision:
- description: LastReleaseRevision is the revision of the last successful
- Helm release.
- type: integer
observedGeneration:
- description: ObservedGeneration is the last observed generation.
- format: int64
- type: integer
- observedPostRenderersDigest:
- description: |-
- ObservedPostRenderersDigest is the digest for the post-renderers of
- the last successful reconciliation attempt.
- type: string
- storageNamespace:
- description: |-
- StorageNamespace is the namespace of the Helm release storage for the
- current release.
-
- Note: this field is provisional to the v2beta2 API, and not actively used
- by v2beta1 HelmReleases.
- type: string
- upgradeFailures:
- description: |-
- UpgradeFailures is the upgrade failure count against the latest desired
- state. It is reset after a successful reconciliation.
+ description: ObservedGeneration is the last reconciled generation.
format: int64
type: integer
type: object
storage: false
subresources:
status: {}
+---
+apiVersion: v1
+kind: ServiceAccount
+metadata:
+ labels:
+ app.kubernetes.io/component: kustomize-controller
+ app.kubernetes.io/instance: flux-system
+ app.kubernetes.io/part-of: flux
+ app.kubernetes.io/version: v2.1.2
+ name: kustomize-controller
+ namespace: flux-system
+---
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+ labels:
+ app.kubernetes.io/component: kustomize-controller
+ app.kubernetes.io/instance: flux-system
+ app.kubernetes.io/part-of: flux
+ app.kubernetes.io/version: v2.1.2
+ control-plane: controller
+ name: kustomize-controller
+ namespace: flux-system
+spec:
+ replicas: 1
+ selector:
+ matchLabels:
+ app: kustomize-controller
+ template:
+ metadata:
+ annotations:
+ prometheus.io/port: "8080"
+ prometheus.io/scrape: "true"
+ labels:
+ app: kustomize-controller
+ spec:
+ containers:
+ - args:
+ - --events-addr=http://notification-controller.flux-system.svc.cluster.local./
+ - --watch-all-namespaces=true
+ - --log-level=info
+ - --log-encoding=json
+ - --enable-leader-election
+ env:
+ - name: RUNTIME_NAMESPACE
+ valueFrom:
+ fieldRef:
+ fieldPath: metadata.namespace
+ image: ghcr.io/fluxcd/kustomize-controller:v1.1.1
+ imagePullPolicy: IfNotPresent
+ livenessProbe:
+ httpGet:
+ path: /healthz
+ port: healthz
+ name: manager
+ ports:
+ - containerPort: 8080
+ name: http-prom
+ protocol: TCP
+ - containerPort: 9440
+ name: healthz
+ protocol: TCP
+ readinessProbe:
+ httpGet:
+ path: /readyz
+ port: healthz
+ resources:
+ limits:
+ cpu: 1000m
+ memory: 1Gi
+ requests:
+ cpu: 100m
+ memory: 64Mi
+ securityContext:
+ allowPrivilegeEscalation: false
+ capabilities:
+ drop:
+ - ALL
+ readOnlyRootFilesystem: true
+ runAsNonRoot: true
+ seccompProfile:
+ type: RuntimeDefault
+ volumeMounts:
+ - mountPath: /tmp
+ name: temp
+ nodeSelector:
+ kubernetes.io/os: linux
+ priorityClassName: system-cluster-critical
+ securityContext:
+ fsGroup: 1337
+ serviceAccountName: kustomize-controller
+ terminationGracePeriodSeconds: 60
+ volumes:
+ - emptyDir: {}
+ name: temp
+---
+apiVersion: apiextensions.k8s.io/v1
+kind: CustomResourceDefinition
+metadata:
+ annotations:
+ controller-gen.kubebuilder.io/version: v0.12.0
+ labels:
+ app.kubernetes.io/component: helm-controller
+ app.kubernetes.io/instance: flux-system
+ app.kubernetes.io/part-of: flux
+ app.kubernetes.io/version: v2.1.2
+ name: helmreleases.helm.toolkit.fluxcd.io
+spec:
+ group: helm.toolkit.fluxcd.io
+ names:
+ kind: HelmRelease
+ listKind: HelmReleaseList
+ plural: helmreleases
+ shortNames:
+ - hr
+ singular: helmrelease
+ scope: Namespaced
+ versions:
- additionalPrinterColumns:
- jsonPath: .metadata.creationTimestamp
name: Age
- jsonPath: .status.conditions[?(@.type=="Ready")].message
name: Status
type: string
- deprecated: true
- deprecationWarning: v2beta2 HelmRelease is deprecated, upgrade to v2
- name: v2beta2
+ name: v2beta1
schema:
openAPIV3Schema:
description: HelmRelease is the Schema for the helmreleases API
properties:
apiVersion:
- description: |-
- APIVersion defines the versioned schema of this representation of an object.
- Servers should convert recognized schemas to the latest internal value, and
- may reject unrecognized values.
- More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
+ description: 'APIVersion defines the versioned schema of this representation
+ of an object. Servers should convert recognized schemas to the latest
+ internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
type: string
kind:
- description: |-
- Kind is a string value representing the REST resource this object represents.
- Servers may infer this from the endpoint the client submits requests to.
- Cannot be updated.
- In CamelCase.
- More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
+ description: 'Kind is a string value representing the REST resource this
+ object represents. Servers may infer this from the endpoint the client
+ submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
type: string
metadata:
type: object
description: HelmReleaseSpec defines the desired state of a Helm release.
properties:
chart:
- description: |-
- Chart defines the template of the v1beta2.HelmChart that should be created
- for this HelmRelease.
+ description: Chart defines the template of the v1beta2.HelmChart that
+ should be created for this HelmRelease.
properties:
metadata:
description: ObjectMeta holds the template for metadata like labels
annotations:
additionalProperties:
type: string
- description: |-
- Annotations is an unstructured key value map stored with a resource that may be
- set by external tools to store and retrieve arbitrary metadata. They are not
- queryable and should be preserved when modifying objects.
- More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations/
+ description: 'Annotations is an unstructured key value map
+ stored with a resource that may be set by external tools
+ to store and retrieve arbitrary metadata. They are not queryable
+ and should be preserved when modifying objects. More info:
+ https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations/'
type: object
labels:
additionalProperties:
type: string
- description: |-
- Map of string keys and values that can be used to organize and categorize
- (scope and select) objects.
- More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/
+ description: 'Map of string keys and values that can be used
+ to organize and categorize (scope and select) objects. More
+ info: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/'
type: object
type: object
spec:
chart:
description: The name or path the Helm chart is available
at in the SourceRef.
- maxLength: 2048
- minLength: 1
type: string
- ignoreMissingValuesFiles:
- description: IgnoreMissingValuesFiles controls whether to
- silently ignore missing values files rather than failing.
- type: boolean
interval:
- description: |-
- Interval at which to check the v1.Source for updates. Defaults to
- 'HelmReleaseSpec.Interval'.
+ description: Interval at which to check the v1beta2.Source
+ for updates. Defaults to 'HelmReleaseSpec.Interval'.
pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$
type: string
reconcileStrategy:
default: ChartVersion
- description: |-
- Determines what enables the creation of a new artifact. Valid values are
- ('ChartVersion', 'Revision').
- See the documentation of the values for an explanation on their behavior.
- Defaults to ChartVersion when omitted.
+ description: Determines what enables the creation of a new
+ artifact. Valid values are ('ChartVersion', 'Revision').
+ See the documentation of the values for an explanation on
+ their behavior. Defaults to ChartVersion when omitted.
enum:
- ChartVersion
- Revision
type: string
sourceRef:
- description: The name and namespace of the v1.Source the chart
- is available at.
+ description: The name and namespace of the v1beta2.Source
+ the chart is available at.
properties:
apiVersion:
description: APIVersion of the referent.
minLength: 1
type: string
required:
- - kind
- name
type: object
valuesFile:
- description: |-
- Alternative values file to use as the default chart values, expected to
- be a relative path in the SourceRef. Deprecated in favor of ValuesFiles,
- for backwards compatibility the file defined here is merged before the
- ValuesFiles items. Ignored when omitted.
+ description: Alternative values file to use as the default
+ chart values, expected to be a relative path in the SourceRef.
+ Deprecated in favor of ValuesFiles, for backwards compatibility
+ the file defined here is merged before the ValuesFiles items.
+ Ignored when omitted.
type: string
valuesFiles:
- description: |-
- Alternative list of values files to use as the chart values (values.yaml
- is not included by default), expected to be a relative path in the SourceRef.
- Values files are merged in the order of this list with the last file overriding
+ description: Alternative list of values files to use as the
+ chart values (values.yaml is not included by default), expected
+ to be a relative path in the SourceRef. Values files are
+ merged in the order of this list with the last file overriding
the first. Ignored when omitted.
items:
type: string
type: array
verify:
- description: |-
- Verify contains the secret name containing the trusted public keys
- used to verify the signature and specifies which provider to use to check
- whether OCI image is authentic.
- This field is only supported for OCI sources.
- Chart dependencies, which are not bundled in the umbrella chart artifact,
- are not verified.
+ description: Verify contains the secret name containing the
+ trusted public keys used to verify the signature and specifies
+ which provider to use to check whether OCI image is authentic.
+ This field is only supported for OCI sources. Chart dependencies,
+ which are not bundled in the umbrella chart artifact, are
+ not verified.
properties:
provider:
default: cosign
sign the OCI Helm chart.
enum:
- cosign
- - notation
type: string
secretRef:
- description: |-
- SecretRef specifies the Kubernetes Secret containing the
- trusted public keys.
+ description: SecretRef specifies the Kubernetes Secret
+ containing the trusted public keys.
properties:
name:
description: Name of the referent.
type: object
version:
default: '*'
- description: |-
- Version semver expression, ignored for charts from v1beta2.GitRepository and
- v1beta2.Bucket sources. Defaults to latest when omitted.
+ description: Version semver expression, ignored for charts
+ from v1beta2.GitRepository and v1beta2.Bucket sources. Defaults
+ to latest when omitted.
type: string
required:
- chart
required:
- spec
type: object
- chartRef:
- description: |-
- ChartRef holds a reference to a source controller resource containing the
- Helm chart artifact.
-
- Note: this field is provisional to the v2 API, and not actively used
- by v2beta2 HelmReleases.
- properties:
- apiVersion:
- description: APIVersion of the referent.
- type: string
- kind:
- description: Kind of the referent.
- enum:
- - OCIRepository
- - HelmChart
- type: string
- name:
- description: Name of the referent.
- maxLength: 253
- minLength: 1
- type: string
- namespace:
- description: |-
- Namespace of the referent, defaults to the namespace of the Kubernetes
- resource object that contains the reference.
- maxLength: 63
- minLength: 1
- type: string
- required:
- - kind
- - name
- type: object
dependsOn:
- description: |-
- DependsOn may contain a meta.NamespacedObjectReference slice with
- references to HelmRelease resources that must be ready before this HelmRelease
- can be reconciled.
+ description: DependsOn may contain a meta.NamespacedObjectReference
+ slice with references to HelmRelease resources that must be ready
+ before this HelmRelease can be reconciled.
items:
- description: |-
- NamespacedObjectReference contains enough information to locate the referenced Kubernetes resource object in any
- namespace.
+ description: NamespacedObjectReference contains enough information
+ to locate the referenced Kubernetes resource object in any namespace.
properties:
name:
description: Name of the referent.
- name
type: object
type: array
- driftDetection:
- description: |-
- DriftDetection holds the configuration for detecting and handling
- differences between the manifest in the Helm storage and the resources
- currently existing in the cluster.
- properties:
- ignore:
- description: |-
- Ignore contains a list of rules for specifying which changes to ignore
- during diffing.
- items:
- description: |-
- IgnoreRule defines a rule to selectively disregard specific changes during
- the drift detection process.
- properties:
- paths:
- description: |-
- Paths is a list of JSON Pointer (RFC 6901) paths to be excluded from
- consideration in a Kubernetes object.
- items:
- type: string
- type: array
- target:
- description: |-
- Target is a selector for specifying Kubernetes objects to which this
- rule applies.
- If Target is not set, the Paths will be ignored for all Kubernetes
- objects within the manifest of the Helm release.
- properties:
- annotationSelector:
- description: |-
- AnnotationSelector is a string that follows the label selection expression
- https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#api
- It matches with the resource annotations.
- type: string
- group:
- description: |-
- Group is the API group to select resources from.
- Together with Version and Kind it is capable of unambiguously identifying and/or selecting resources.
- https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md
- type: string
- kind:
- description: |-
- Kind of the API Group to select resources from.
- Together with Group and Version it is capable of unambiguously
- identifying and/or selecting resources.
- https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md
- type: string
- labelSelector:
- description: |-
- LabelSelector is a string that follows the label selection expression
- https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#api
- It matches with the resource labels.
- type: string
- name:
- description: Name to match resources with.
- type: string
- namespace:
- description: Namespace to select resources from.
- type: string
- version:
- description: |-
- Version of the API Group to select resources from.
- Together with Group and Kind it is capable of unambiguously identifying and/or selecting resources.
- https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md
- type: string
- type: object
- required:
- - paths
- type: object
- type: array
- mode:
- description: |-
- Mode defines how differences should be handled between the Helm manifest
- and the manifest currently applied to the cluster.
- If not explicitly set, it defaults to DiffModeDisabled.
- enum:
- - enabled
- - warn
- - disabled
- type: string
- type: object
install:
description: Install holds the configuration for Helm install actions
for this HelmRelease.
properties:
crds:
- description: |-
- CRDs upgrade CRDs from the Helm Chart's crds directory according
- to the CRD upgrade policy provided here. Valid values are `Skip`,
- `Create` or `CreateReplace`. Default is `Create` and if omitted
- CRDs are installed but not updated.
-
- Skip: do neither install nor replace (update) any CRDs.
-
- Create: new CRDs are created, existing CRDs are neither updated nor deleted.
-
- CreateReplace: new CRDs are created, existing CRDs are updated (replaced)
- but not deleted.
-
- By default, CRDs are applied (installed) during Helm install action.
- With this option users can opt in to CRD replace existing CRDs on Helm
+ description: "CRDs upgrade CRDs from the Helm Chart's crds directory
+ according to the CRD upgrade policy provided here. Valid values
+ are `Skip`, `Create` or `CreateReplace`. Default is `Create`
+ and if omitted CRDs are installed but not updated. \n Skip:
+ do neither install nor replace (update) any CRDs. \n Create:
+ new CRDs are created, existing CRDs are neither updated nor
+ deleted. \n CreateReplace: new CRDs are created, existing CRDs
+ are updated (replaced) but not deleted. \n By default, CRDs
+ are applied (installed) during Helm install action. With this
+ option users can opt-in to CRD replace existing CRDs on Helm
install actions, which is not (yet) natively supported by Helm.
- https://helm.sh/docs/chart_best_practices/custom_resource_definitions.
+ https://helm.sh/docs/chart_best_practices/custom_resource_definitions."
enum:
- Skip
- Create
- CreateReplace
type: string
createNamespace:
- description: |-
- CreateNamespace tells the Helm install action to create the
- HelmReleaseSpec.TargetNamespace if it does not exist yet.
- On uninstall, the namespace will not be garbage collected.
+ description: CreateNamespace tells the Helm install action to
+ create the HelmReleaseSpec.TargetNamespace if it does not exist
+ yet. On uninstall, the namespace will not be garbage collected.
type: boolean
disableHooks:
description: DisableHooks prevents hooks from running during the
Helm install action.
type: boolean
disableOpenAPIValidation:
- description: |-
- DisableOpenAPIValidation prevents the Helm install action from validating
- rendered templates against the Kubernetes OpenAPI Schema.
+ description: DisableOpenAPIValidation prevents the Helm install
+ action from validating rendered templates against the Kubernetes
+ OpenAPI Schema.
type: boolean
disableWait:
- description: |-
- DisableWait disables the waiting for resources to be ready after a Helm
- install has been performed.
+ description: DisableWait disables the waiting for resources to
+ be ready after a Helm install has been performed.
type: boolean
disableWaitForJobs:
- description: |-
- DisableWaitForJobs disables waiting for jobs to complete after a Helm
- install has been performed.
+ description: DisableWaitForJobs disables waiting for jobs to complete
+ after a Helm install has been performed.
type: boolean
remediation:
- description: |-
- Remediation holds the remediation configuration for when the Helm install
- action for the HelmRelease fails. The default is to not perform any action.
+ description: Remediation holds the remediation configuration for
+ when the Helm install action for the HelmRelease fails. The
+ default is to not perform any action.
properties:
ignoreTestFailures:
- description: |-
- IgnoreTestFailures tells the controller to skip remediation when the Helm
- tests are run after an install action but fail. Defaults to
- 'Test.IgnoreFailures'.
+ description: IgnoreTestFailures tells the controller to skip
+ remediation when the Helm tests are run after an install
+ action but fail. Defaults to 'Test.IgnoreFailures'.
type: boolean
remediateLastFailure:
- description: |-
- RemediateLastFailure tells the controller to remediate the last failure, when
- no retries remain. Defaults to 'false'.
+ description: RemediateLastFailure tells the controller to
+ remediate the last failure, when no retries remain. Defaults
+ to 'false'.
type: boolean
retries:
- description: |-
- Retries is the number of retries that should be attempted on failures before
- bailing. Remediation, using an uninstall, is performed between each attempt.
- Defaults to '0', a negative integer equals to unlimited retries.
+ description: Retries is the number of retries that should
+ be attempted on failures before bailing. Remediation, using
+ an uninstall, is performed between each attempt. Defaults
+ to '0', a negative integer equals to unlimited retries.
type: integer
type: object
replace:
- description: |-
- Replace tells the Helm install action to re-use the 'ReleaseName', but only
- if that name is a deleted release which remains in the history.
+ description: Replace tells the Helm install action to re-use the
+ 'ReleaseName', but only if that name is a deleted release which
+ remains in the history.
type: boolean
skipCRDs:
- description: |-
- SkipCRDs tells the Helm install action to not install any CRDs. By default,
- CRDs are installed if not already present.
-
- Deprecated use CRD policy (`crds`) attribute with value `Skip` instead.
+ description: "SkipCRDs tells the Helm install action to not install
+ any CRDs. By default, CRDs are installed if not already present.
+ \n Deprecated use CRD policy (`crds`) attribute with value `Skip`
+ instead."
type: boolean
timeout:
- description: |-
- Timeout is the time to wait for any individual Kubernetes operation (like
- Jobs for hooks) during the performance of a Helm install action. Defaults to
- 'HelmReleaseSpec.Timeout'.
+ description: Timeout is the time to wait for any individual Kubernetes
+ operation (like Jobs for hooks) during the performance of a
+ Helm install action. Defaults to 'HelmReleaseSpec.Timeout'.
pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$
type: string
type: object
interval:
- description: Interval at which to reconcile the Helm release.
+ description: Interval at which to reconcile the Helm release. This
+ interval is approximate and may be subject to jitter to ensure efficient
+ use of resources.
pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$
type: string
kubeConfig:
- description: |-
- KubeConfig for reconciling the HelmRelease on a remote cluster.
- When used in combination with HelmReleaseSpec.ServiceAccountName,
- forces the controller to act on behalf of that Service Account at the
- target cluster.
- If the --default-service-account flag is set, its value will be used as
- a controller level fallback for when HelmReleaseSpec.ServiceAccountName
+ description: KubeConfig for reconciling the HelmRelease on a remote
+ cluster. When used in combination with HelmReleaseSpec.ServiceAccountName,
+ forces the controller to act on behalf of that Service Account at
+ the target cluster. If the --default-service-account flag is set,
+ its value will be used as a controller level fallback for when HelmReleaseSpec.ServiceAccountName
is empty.
properties:
secretRef:
- description: |-
- SecretRef holds the name of a secret that contains a key with
- the kubeconfig file as the value. If no key is set, the key will default
- to 'value'.
- It is recommended that the kubeconfig is self-contained, and the secret
- is regularly updated if credentials such as a cloud-access-token expire.
- Cloud specific `cmd-path` auth helpers will not function without adding
- binaries and credentials to the Pod that is responsible for reconciling
+ description: SecretRef holds the name of a secret that contains
+ a key with the kubeconfig file as the value. If no key is set,
+ the key will default to 'value'. It is recommended that the
+ kubeconfig is self-contained, and the secret is regularly updated
+ if credentials such as a cloud-access-token expire. Cloud specific
+ `cmd-path` auth helpers will not function without adding binaries
+ and credentials to the Pod that is responsible for reconciling
Kubernetes resources.
properties:
key:
- secretRef
type: object
maxHistory:
- description: |-
- MaxHistory is the number of revisions saved by Helm for this HelmRelease.
- Use '0' for an unlimited number of revisions; defaults to '5'.
+ description: MaxHistory is the number of revisions saved by Helm for
+ this HelmRelease. Use '0' for an unlimited number of revisions;
+ defaults to '10'.
type: integer
persistentClient:
- description: |-
- PersistentClient tells the controller to use a persistent Kubernetes
- client for this release. When enabled, the client will be reused for the
- duration of the reconciliation, instead of being created and destroyed
- for each (step of a) Helm action.
-
- This can improve performance, but may cause issues with some Helm charts
+ description: "PersistentClient tells the controller to use a persistent
+ Kubernetes client for this release. When enabled, the client will
+ be reused for the duration of the reconciliation, instead of being
+ created and destroyed for each (step of a) Helm action. \n This
+ can improve performance, but may cause issues with some Helm charts
that for example do create Custom Resource Definitions during installation
- outside Helm's CRD lifecycle hooks, which are then not observed to be
- available by e.g. post-install hooks.
-
- If not set, it defaults to true.
+ outside Helm's CRD lifecycle hooks, which are then not observed
+ to be available by e.g. post-install hooks. \n If not set, it defaults
+ to true."
type: boolean
postRenderers:
- description: |-
- PostRenderers holds an array of Helm PostRenderers, which will be applied in order
- of their definition.
+ description: PostRenderers holds an array of Helm PostRenderers, which
+ will be applied in order of their definition.
items:
description: PostRenderer contains a Helm PostRenderer specification.
properties:
description: Kustomization to apply as PostRenderer.
properties:
images:
- description: |-
- Images is a list of (image name, new name, new tag or digest)
- for changing image names, tags or digests. This can also be achieved with a
- patch, but this operator is simpler to specify.
+ description: Images is a list of (image name, new name,
+ new tag or digest) for changing image names, tags or digests.
+ This can also be achieved with a patch, but this operator
+ is simpler to specify.
items:
description: Image contains an image name, a new name,
a new tag or digest, which will replace the original
name and tag.
properties:
digest:
- description: |-
- Digest is the value used to replace the original image tag.
- If digest is present NewTag value is ignored.
+ description: Digest is the value used to replace the
+ original image tag. If digest is present NewTag
+ value is ignored.
type: string
name:
description: Name is a tag-less image name.
type: object
type: array
patches:
- description: |-
- Strategic merge and JSON patches, defined as inline YAML objects,
- capable of targeting objects based on kind, label and annotation selectors.
+ description: Strategic merge and JSON patches, defined as
+ inline YAML objects, capable of targeting objects based
+ on kind, label and annotation selectors.
items:
- description: |-
- Patch contains an inline StrategicMerge or JSON6902 patch, and the target the patch should
- be applied to.
+ description: Patch contains an inline StrategicMerge or
+ JSON6902 patch, and the target the patch should be applied
+ to.
properties:
patch:
- description: |-
- Patch contains an inline StrategicMerge patch or an inline JSON6902 patch with
- an array of operation objects.
+ description: Patch contains an inline StrategicMerge
+ patch or an inline JSON6902 patch with an array
+ of operation objects.
type: string
target:
description: Target points to the resources that the
patch document should be applied to.
properties:
annotationSelector:
- description: |-
- AnnotationSelector is a string that follows the label selection expression
- https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#api
+ description: AnnotationSelector is a string that
+ follows the label selection expression https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#api
It matches with the resource annotations.
type: string
group:
- description: |-
- Group is the API group to select resources from.
- Together with Version and Kind it is capable of unambiguously identifying and/or selecting resources.
- https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md
+ description: Group is the API group to select
+ resources from. Together with Version and Kind
+ it is capable of unambiguously identifying and/or
+ selecting resources. https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md
type: string
kind:
- description: |-
- Kind of the API Group to select resources from.
- Together with Group and Version it is capable of unambiguously
- identifying and/or selecting resources.
- https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md
+ description: Kind of the API Group to select resources
+ from. Together with Group and Version it is
+ capable of unambiguously identifying and/or
+ selecting resources. https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md
type: string
labelSelector:
- description: |-
- LabelSelector is a string that follows the label selection expression
- https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#api
+ description: LabelSelector is a string that follows
+ the label selection expression https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#api
It matches with the resource labels.
type: string
name:
description: Namespace to select resources from.
type: string
version:
- description: |-
- Version of the API Group to select resources from.
- Together with Group and Kind it is capable of unambiguously identifying and/or selecting resources.
- https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md
+ description: Version of the API Group to select
+ resources from. Together with Group and Kind
+ it is capable of unambiguously identifying and/or
+ selecting resources. https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md
type: string
type: object
required:
type: object
type: array
patchesJson6902:
- description: |-
- JSON 6902 patches, defined as inline YAML objects.
- Deprecated: use Patches instead.
+ description: JSON 6902 patches, defined as inline YAML objects.
items:
description: JSON6902Patch contains a JSON6902 patch and
the target the patch should be applied to.
description: Patch contains the JSON6902 patch document
with an array of operation objects.
items:
- description: |-
- JSON6902 is a JSON6902 operation object.
+ description: JSON6902 is a JSON6902 operation object.
https://datatracker.ietf.org/doc/html/rfc6902#section-4
properties:
from:
- description: |-
- From contains a JSON-pointer value that references a location within the target document where the operation is
- performed. The meaning of the value depends on the value of Op, and is NOT taken into account by all operations.
+ description: From contains a JSON-pointer value
+ that references a location within the target
+ document where the operation is performed.
+ The meaning of the value depends on the value
+ of Op, and is NOT taken into account by all
+ operations.
type: string
op:
- description: |-
- Op indicates the operation to perform. Its value MUST be one of "add", "remove", "replace", "move", "copy", or
- "test".
- https://datatracker.ietf.org/doc/html/rfc6902#section-4
+ description: Op indicates the operation to perform.
+ Its value MUST be one of "add", "remove",
+ "replace", "move", "copy", or "test". https://datatracker.ietf.org/doc/html/rfc6902#section-4
enum:
- test
- remove
- copy
type: string
path:
- description: |-
- Path contains the JSON-pointer value that references a location within the target document where the operation
- is performed. The meaning of the value depends on the value of Op.
+ description: Path contains the JSON-pointer
+ value that references a location within the
+ target document where the operation is performed.
+ The meaning of the value depends on the value
+ of Op.
type: string
value:
- description: |-
- Value contains a valid JSON structure. The meaning of the value depends on the value of Op, and is NOT taken into
- account by all operations.
+ description: Value contains a valid JSON structure.
+ The meaning of the value depends on the value
+ of Op, and is NOT taken into account by all
+ operations.
x-kubernetes-preserve-unknown-fields: true
required:
- op
patch document should be applied to.
properties:
annotationSelector:
- description: |-
- AnnotationSelector is a string that follows the label selection expression
- https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#api
+ description: AnnotationSelector is a string that
+ follows the label selection expression https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#api
It matches with the resource annotations.
type: string
group:
- description: |-
- Group is the API group to select resources from.
- Together with Version and Kind it is capable of unambiguously identifying and/or selecting resources.
- https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md
+ description: Group is the API group to select
+ resources from. Together with Version and Kind
+ it is capable of unambiguously identifying and/or
+ selecting resources. https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md
type: string
kind:
- description: |-
- Kind of the API Group to select resources from.
- Together with Group and Version it is capable of unambiguously
- identifying and/or selecting resources.
- https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md
+ description: Kind of the API Group to select resources
+ from. Together with Group and Version it is
+ capable of unambiguously identifying and/or
+ selecting resources. https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md
type: string
labelSelector:
- description: |-
- LabelSelector is a string that follows the label selection expression
- https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#api
+ description: LabelSelector is a string that follows
+ the label selection expression https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#api
It matches with the resource labels.
type: string
name:
description: Namespace to select resources from.
type: string
version:
- description: |-
- Version of the API Group to select resources from.
- Together with Group and Kind it is capable of unambiguously identifying and/or selecting resources.
- https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md
+ description: Version of the API Group to select
+ resources from. Together with Group and Kind
+ it is capable of unambiguously identifying and/or
+ selecting resources. https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md
type: string
type: object
required:
type: object
type: array
patchesStrategicMerge:
- description: |-
- Strategic merge patches, defined as inline YAML objects.
- Deprecated: use Patches instead.
+ description: Strategic merge patches, defined as inline
+ YAML objects.
items:
x-kubernetes-preserve-unknown-fields: true
type: array
type: object
type: array
releaseName:
- description: |-
- ReleaseName used for the Helm release. Defaults to a composition of
- '[TargetNamespace-]Name'.
+ description: ReleaseName used for the Helm release. Defaults to a
+ composition of '[TargetNamespace-]Name'.
maxLength: 53
minLength: 1
type: string
for this HelmRelease.
properties:
cleanupOnFail:
- description: |-
- CleanupOnFail allows deletion of new resources created during the Helm
- rollback action when it fails.
+ description: CleanupOnFail allows deletion of new resources created
+ during the Helm rollback action when it fails.
type: boolean
disableHooks:
description: DisableHooks prevents hooks from running during the
Helm rollback action.
type: boolean
disableWait:
- description: |-
- DisableWait disables the waiting for resources to be ready after a Helm
- rollback has been performed.
+ description: DisableWait disables the waiting for resources to
+ be ready after a Helm rollback has been performed.
type: boolean
disableWaitForJobs:
- description: |-
- DisableWaitForJobs disables waiting for jobs to complete after a Helm
- rollback has been performed.
+ description: DisableWaitForJobs disables waiting for jobs to complete
+ after a Helm rollback has been performed.
type: boolean
force:
description: Force forces resource updates through a replacement
applicable.
type: boolean
timeout:
- description: |-
- Timeout is the time to wait for any individual Kubernetes operation (like
- Jobs for hooks) during the performance of a Helm rollback action. Defaults to
- 'HelmReleaseSpec.Timeout'.
+ description: Timeout is the time to wait for any individual Kubernetes
+ operation (like Jobs for hooks) during the performance of a
+ Helm rollback action. Defaults to 'HelmReleaseSpec.Timeout'.
pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$
type: string
type: object
serviceAccountName:
- description: |-
- The name of the Kubernetes service account to impersonate
+ description: The name of the Kubernetes service account to impersonate
when reconciling this HelmRelease.
- maxLength: 253
- minLength: 1
type: string
storageNamespace:
- description: |-
- StorageNamespace used for the Helm storage.
- Defaults to the namespace of the HelmRelease.
+ description: StorageNamespace used for the Helm storage. Defaults
+ to the namespace of the HelmRelease.
maxLength: 63
minLength: 1
type: string
suspend:
- description: |-
- Suspend tells the controller to suspend reconciliation for this HelmRelease,
- it does not apply to already started reconciliations. Defaults to false.
+ description: Suspend tells the controller to suspend reconciliation
+ for this HelmRelease, it does not apply to already started reconciliations.
+ Defaults to false.
type: boolean
targetNamespace:
- description: |-
- TargetNamespace to target when performing operations for the HelmRelease.
- Defaults to the namespace of the HelmRelease.
+ description: TargetNamespace to target when performing operations
+ for the HelmRelease. Defaults to the namespace of the HelmRelease.
maxLength: 63
minLength: 1
type: string
this HelmRelease.
properties:
enable:
- description: |-
- Enable enables Helm test actions for this HelmRelease after an Helm install
- or upgrade action has been performed.
+ description: Enable enables Helm test actions for this HelmRelease
+ after an Helm install or upgrade action has been performed.
type: boolean
- filters:
- description: Filters is a list of tests to run or exclude from
- running.
- items:
- description: Filter holds the configuration for individual Helm
- test filters.
- properties:
- exclude:
- description: Exclude specifies whether the named test should
- be excluded.
- type: boolean
- name:
- description: Name is the name of the test.
- maxLength: 253
- minLength: 1
- type: string
- required:
- - name
- type: object
- type: array
ignoreFailures:
- description: |-
- IgnoreFailures tells the controller to skip remediation when the Helm tests
- are run but fail. Can be overwritten for tests run after install or upgrade
- actions in 'Install.IgnoreTestFailures' and 'Upgrade.IgnoreTestFailures'.
+ description: IgnoreFailures tells the controller to skip remediation
+ when the Helm tests are run but fail. Can be overwritten for
+ tests run after install or upgrade actions in 'Install.IgnoreTestFailures'
+ and 'Upgrade.IgnoreTestFailures'.
type: boolean
timeout:
- description: |-
- Timeout is the time to wait for any individual Kubernetes operation during
- the performance of a Helm test action. Defaults to 'HelmReleaseSpec.Timeout'.
+ description: Timeout is the time to wait for any individual Kubernetes
+ operation during the performance of a Helm test action. Defaults
+ to 'HelmReleaseSpec.Timeout'.
pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$
type: string
type: object
timeout:
- description: |-
- Timeout is the time to wait for any individual Kubernetes operation (like Jobs
- for hooks) during the performance of a Helm action. Defaults to '5m0s'.
+ description: Timeout is the time to wait for any individual Kubernetes
+ operation (like Jobs for hooks) during the performance of a Helm
+ action. Defaults to '5m0s'.
pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$
type: string
uninstall:
properties:
deletionPropagation:
default: background
- description: |-
- DeletionPropagation specifies the deletion propagation policy when
- a Helm uninstall is performed.
+ description: DeletionPropagation specifies the deletion propagation
+ policy when a Helm uninstall is performed.
enum:
- background
- foreground
Helm rollback action.
type: boolean
disableWait:
- description: |-
- DisableWait disables waiting for all the resources to be deleted after
- a Helm uninstall is performed.
+ description: DisableWait disables waiting for all the resources
+ to be deleted after a Helm uninstall is performed.
type: boolean
keepHistory:
- description: |-
- KeepHistory tells Helm to remove all associated resources and mark the
- release as deleted, but retain the release history.
+ description: KeepHistory tells Helm to remove all associated resources
+ and mark the release as deleted, but retain the release history.
type: boolean
timeout:
- description: |-
- Timeout is the time to wait for any individual Kubernetes operation (like
- Jobs for hooks) during the performance of a Helm uninstall action. Defaults
- to 'HelmReleaseSpec.Timeout'.
+ description: Timeout is the time to wait for any individual Kubernetes
+ operation (like Jobs for hooks) during the performance of a
+ Helm uninstall action. Defaults to 'HelmReleaseSpec.Timeout'.
pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$
type: string
type: object
for this HelmRelease.
properties:
cleanupOnFail:
- description: |-
- CleanupOnFail allows deletion of new resources created during the Helm
- upgrade action when it fails.
+ description: CleanupOnFail allows deletion of new resources created
+ during the Helm upgrade action when it fails.
type: boolean
crds:
- description: |-
- CRDs upgrade CRDs from the Helm Chart's crds directory according
- to the CRD upgrade policy provided here. Valid values are `Skip`,
- `Create` or `CreateReplace`. Default is `Skip` and if omitted
- CRDs are neither installed nor upgraded.
-
- Skip: do neither install nor replace (update) any CRDs.
-
- Create: new CRDs are created, existing CRDs are neither updated nor deleted.
-
- CreateReplace: new CRDs are created, existing CRDs are updated (replaced)
- but not deleted.
-
- By default, CRDs are not applied during Helm upgrade action. With this
- option users can opt-in to CRD upgrade, which is not (yet) natively supported by Helm.
- https://helm.sh/docs/chart_best_practices/custom_resource_definitions.
+ description: "CRDs upgrade CRDs from the Helm Chart's crds directory
+ according to the CRD upgrade policy provided here. Valid values
+ are `Skip`, `Create` or `CreateReplace`. Default is `Skip` and
+ if omitted CRDs are neither installed nor upgraded. \n Skip:
+ do neither install nor replace (update) any CRDs. \n Create:
+ new CRDs are created, existing CRDs are neither updated nor
+ deleted. \n CreateReplace: new CRDs are created, existing CRDs
+ are updated (replaced) but not deleted. \n By default, CRDs
+ are not applied during Helm upgrade action. With this option
+ users can opt-in to CRD upgrade, which is not (yet) natively
+ supported by Helm. https://helm.sh/docs/chart_best_practices/custom_resource_definitions."
enum:
- Skip
- Create
Helm upgrade action.
type: boolean
disableOpenAPIValidation:
- description: |-
- DisableOpenAPIValidation prevents the Helm upgrade action from validating
- rendered templates against the Kubernetes OpenAPI Schema.
+ description: DisableOpenAPIValidation prevents the Helm upgrade
+ action from validating rendered templates against the Kubernetes
+ OpenAPI Schema.
type: boolean
disableWait:
- description: |-
- DisableWait disables the waiting for resources to be ready after a Helm
- upgrade has been performed.
+ description: DisableWait disables the waiting for resources to
+ be ready after a Helm upgrade has been performed.
type: boolean
disableWaitForJobs:
- description: |-
- DisableWaitForJobs disables waiting for jobs to complete after a Helm
- upgrade has been performed.
+ description: DisableWaitForJobs disables waiting for jobs to complete
+ after a Helm upgrade has been performed.
type: boolean
force:
description: Force forces resource updates through a replacement
strategy.
type: boolean
preserveValues:
- description: |-
- PreserveValues will make Helm reuse the last release's values and merge in
- overrides from 'Values'. Setting this flag makes the HelmRelease
- non-declarative.
+ description: PreserveValues will make Helm reuse the last release's
+ values and merge in overrides from 'Values'. Setting this flag
+ makes the HelmRelease non-declarative.
type: boolean
remediation:
- description: |-
- Remediation holds the remediation configuration for when the Helm upgrade
- action for the HelmRelease fails. The default is to not perform any action.
+ description: Remediation holds the remediation configuration for
+ when the Helm upgrade action for the HelmRelease fails. The
+ default is to not perform any action.
properties:
ignoreTestFailures:
- description: |-
- IgnoreTestFailures tells the controller to skip remediation when the Helm
- tests are run after an upgrade action but fail.
- Defaults to 'Test.IgnoreFailures'.
+ description: IgnoreTestFailures tells the controller to skip
+ remediation when the Helm tests are run after an upgrade
+ action but fail. Defaults to 'Test.IgnoreFailures'.
type: boolean
remediateLastFailure:
- description: |-
- RemediateLastFailure tells the controller to remediate the last failure, when
- no retries remain. Defaults to 'false' unless 'Retries' is greater than 0.
+ description: RemediateLastFailure tells the controller to
+ remediate the last failure, when no retries remain. Defaults
+ to 'false' unless 'Retries' is greater than 0.
type: boolean
retries:
- description: |-
- Retries is the number of retries that should be attempted on failures before
- bailing. Remediation, using 'Strategy', is performed between each attempt.
- Defaults to '0', a negative integer equals to unlimited retries.
+ description: Retries is the number of retries that should
+ be attempted on failures before bailing. Remediation, using
+ 'Strategy', is performed between each attempt. Defaults
+ to '0', a negative integer equals to unlimited retries.
type: integer
strategy:
description: Strategy to use for failure remediation. Defaults
type: string
type: object
timeout:
- description: |-
- Timeout is the time to wait for any individual Kubernetes operation (like
- Jobs for hooks) during the performance of a Helm upgrade action. Defaults to
- 'HelmReleaseSpec.Timeout'.
+ description: Timeout is the time to wait for any individual Kubernetes
+ operation (like Jobs for hooks) during the performance of a
+ Helm upgrade action. Defaults to 'HelmReleaseSpec.Timeout'.
pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$
type: string
type: object
description: Values holds the values for this Helm release.
x-kubernetes-preserve-unknown-fields: true
valuesFrom:
- description: |-
- ValuesFrom holds references to resources containing Helm values for this HelmRelease,
- and information about how they should be merged.
+ description: ValuesFrom holds references to resources containing Helm
+ values for this HelmRelease, and information about how they should
+ be merged.
items:
- description: |-
- ValuesReference contains a reference to a resource containing Helm values,
- and optionally the key they can be found at.
+ description: ValuesReference contains a reference to a resource
+ containing Helm values, and optionally the key they can be found
+ at.
properties:
kind:
description: Kind of the values referent, valid values are ('Secret',
- ConfigMap
type: string
name:
- description: |-
- Name of the values referent. Should reside in the same namespace as the
- referring resource.
+ description: Name of the values referent. Should reside in the
+ same namespace as the referring resource.
maxLength: 253
minLength: 1
type: string
optional:
- description: |-
- Optional marks this ValuesReference as optional. When set, a not found error
- for the values reference is ignored, but any ValuesKey, TargetPath or
- transient error will still result in a reconciliation failure.
+ description: Optional marks this ValuesReference as optional.
+ When set, a not found error for the values reference is ignored,
+ but any ValuesKey, TargetPath or transient error will still
+ result in a reconciliation failure.
type: boolean
targetPath:
- description: |-
- TargetPath is the YAML dot notation path the value should be merged at. When
- set, the ValuesKey is expected to be a single flat value. Defaults to 'None',
- which results in the values getting merged at the root.
+ description: TargetPath is the YAML dot notation path the value
+ should be merged at. When set, the ValuesKey is expected to
+ be a single flat value. Defaults to 'None', which results
+ in the values getting merged at the root.
maxLength: 250
pattern: ^([a-zA-Z0-9_\-.\\\/]|\[[0-9]{1,5}\])+$
type: string
valuesKey:
- description: |-
- ValuesKey is the data key where the values.yaml or a specific value can be
- found at. Defaults to 'values.yaml'.
+ description: ValuesKey is the data key where the values.yaml
+ or a specific value can be found at. Defaults to 'values.yaml'.
+ When set, must be a valid Data Key, consisting of alphanumeric
+ characters, '-', '_' or '.'.
maxLength: 253
pattern: ^[\-._a-zA-Z0-9]+$
type: string
type: object
type: array
required:
+ - chart
- interval
type: object
- x-kubernetes-validations:
- - message: either chart or chartRef must be set
- rule: (has(self.chart) && !has(self.chartRef)) || (!has(self.chart)
- && has(self.chartRef))
status:
default:
observedGeneration: -1
conditions:
description: Conditions holds the conditions for the HelmRelease.
items:
- description: Condition contains details for one aspect of the current
- state of this API Resource.
+ description: "Condition contains details for one aspect of the current
+ state of this API Resource. --- This struct is intended for direct
+ use as an array at the field path .status.conditions. For example,
+ \n type FooStatus struct{ // Represents the observations of a
+ foo's current state. // Known .status.conditions.type are: \"Available\",
+ \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge
+ // +listType=map // +listMapKey=type Conditions []metav1.Condition
+ `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\"
+ protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }"
properties:
lastTransitionTime:
- description: |-
- lastTransitionTime is the last time the condition transitioned from one status to another.
- This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable.
+ description: lastTransitionTime is the last time the condition
+ transitioned from one status to another. This should be when
+ the underlying condition changed. If that is not known, then
+ using the time when the API field changed is acceptable.
format: date-time
type: string
message:
- description: |-
- message is a human readable message indicating details about the transition.
- This may be an empty string.
+ description: message is a human readable message indicating
+ details about the transition. This may be an empty string.
maxLength: 32768
type: string
observedGeneration:
- description: |-
- observedGeneration represents the .metadata.generation that the condition was set based upon.
- For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date
- with respect to the current state of the instance.
+ description: observedGeneration represents the .metadata.generation
+ that the condition was set based upon. For instance, if .metadata.generation
+ is currently 12, but the .status.conditions[x].observedGeneration
+ is 9, the condition is out of date with respect to the current
+ state of the instance.
format: int64
minimum: 0
type: integer
reason:
- description: |-
- reason contains a programmatic identifier indicating the reason for the condition's last transition.
- Producers of specific condition types may define expected values and meanings for this field,
- and whether the values are considered a guaranteed API.
- The value should be a CamelCase string.
+ description: reason contains a programmatic identifier indicating
+ the reason for the condition's last transition. Producers
+ of specific condition types may define expected values and
+ meanings for this field, and whether the values are considered
+ a guaranteed API. The value should be a CamelCase string.
This field may not be empty.
maxLength: 1024
minLength: 1
- Unknown
type: string
type:
- description: type of condition in CamelCase or in foo.example.com/CamelCase.
- maxLength: 316
- pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$
- type: string
- required:
- - lastTransitionTime
- - message
- - reason
- - status
- - type
- type: object
- type: array
- failures:
- description: |-
- Failures is the reconciliation failure count against the latest desired
- state. It is reset after a successful reconciliation.
- format: int64
- type: integer
- helmChart:
- description: |-
- HelmChart is the namespaced name of the HelmChart resource created by
- the controller for the HelmRelease.
- type: string
- history:
- description: |-
- History holds the history of Helm releases performed for this HelmRelease
- up to the last successfully completed release.
- items:
- description: |-
- Snapshot captures a point-in-time copy of the status information for a Helm release,
- as managed by the controller.
- properties:
- apiVersion:
- description: |-
- APIVersion is the API version of the Snapshot.
- Provisional: when the calculation method of the Digest field is changed,
- this field will be used to distinguish between the old and new methods.
- type: string
- appVersion:
- description: AppVersion is the chart app version of the release
- object in storage.
- type: string
- chartName:
- description: ChartName is the chart name of the release object
- in storage.
- type: string
- chartVersion:
- description: |-
- ChartVersion is the chart version of the release object in
- storage.
- type: string
- configDigest:
- description: |-
- ConfigDigest is the checksum of the config (better known as
- "values") of the release object in storage.
- It has the format of `<algo>:<checksum>`.
- type: string
- deleted:
- description: Deleted is when the release was deleted.
- format: date-time
- type: string
- digest:
- description: |-
- Digest is the checksum of the release object in storage.
- It has the format of `<algo>:<checksum>`.
- type: string
- firstDeployed:
- description: FirstDeployed is when the release was first deployed.
- format: date-time
- type: string
- lastDeployed:
- description: LastDeployed is when the release was last deployed.
- format: date-time
- type: string
- name:
- description: Name is the name of the release.
- type: string
- namespace:
- description: Namespace is the namespace the release is deployed
- to.
- type: string
- ociDigest:
- description: OCIDigest is the digest of the OCI artifact associated
- with the release.
- type: string
- status:
- description: Status is the current state of the release.
+ description: type of condition in CamelCase or in foo.example.com/CamelCase.
+ --- Many .condition.type values are consistent across resources
+ like Available, but because arbitrary conditions can be useful
+ (see .node.status.conditions), the ability to deconflict is
+ important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt)
+ maxLength: 316
+ pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$
type: string
- testHooks:
- additionalProperties:
- description: |-
- TestHookStatus holds the status information for a test hook as observed
- to be run by the controller.
- properties:
- lastCompleted:
- description: LastCompleted is the time the test hook last
- completed.
- format: date-time
- type: string
- lastStarted:
- description: LastStarted is the time the test hook was
- last started.
- format: date-time
- type: string
- phase:
- description: Phase the test hook was observed to be in.
- type: string
- type: object
- description: |-
- TestHooks is the list of test hooks for the release as observed to be
- run by the controller.
- type: object
- version:
- description: Version is the version of the release object in
- storage.
- type: integer
required:
- - chartName
- - chartVersion
- - configDigest
- - digest
- - firstDeployed
- - lastDeployed
- - name
- - namespace
+ - lastTransitionTime
+ - message
+ - reason
- status
- - version
+ - type
type: object
type: array
- installFailures:
- description: |-
- InstallFailures is the install failure count against the latest desired
- state. It is reset after a successful reconciliation.
+ failures:
+ description: Failures is the reconciliation failure count against
+ the latest desired state. It is reset after a successful reconciliation.
format: int64
type: integer
- lastAppliedRevision:
- description: |-
- LastAppliedRevision is the revision of the last successfully applied
- source.
- Deprecated: the revision can now be found in the History.
- type: string
- lastAttemptedConfigDigest:
- description: |-
- LastAttemptedConfigDigest is the digest for the config (better known as
- "values") of the last reconciliation attempt.
- type: string
- lastAttemptedGeneration:
- description: |-
- LastAttemptedGeneration is the last generation the controller attempted
- to reconcile.
+ helmChart:
+ description: HelmChart is the namespaced name of the HelmChart resource
+ created by the controller for the HelmRelease.
+ type: string
+ installFailures:
+ description: InstallFailures is the install failure count against
+ the latest desired state. It is reset after a successful reconciliation.
format: int64
type: integer
- lastAttemptedReleaseAction:
- description: |-
- LastAttemptedReleaseAction is the last release action performed for this
- HelmRelease. It is used to determine the active remediation strategy.
- enum:
- - install
- - upgrade
+ lastAppliedRevision:
+ description: LastAppliedRevision is the revision of the last successfully
+ applied source.
type: string
lastAttemptedRevision:
- description: |-
- LastAttemptedRevision is the Source revision of the last reconciliation
- attempt. For OCIRepository sources, the 12 first characters of the digest are
- appended to the chart version e.g. "1.2.3+1234567890ab".
- type: string
- lastAttemptedRevisionDigest:
- description: |-
- LastAttemptedRevisionDigest is the digest of the last reconciliation attempt.
- This is only set for OCIRepository sources.
+ description: LastAttemptedRevision is the revision of the last reconciliation
+ attempt.
type: string
lastAttemptedValuesChecksum:
- description: |-
- LastAttemptedValuesChecksum is the SHA1 checksum for the values of the last
- reconciliation attempt.
- Deprecated: Use LastAttemptedConfigDigest instead.
- type: string
- lastHandledForceAt:
- description: |-
- LastHandledForceAt holds the value of the most recent force request
- value, so a change of the annotation value can be detected.
+ description: LastAttemptedValuesChecksum is the SHA1 checksum of the
+ values of the last reconciliation attempt.
type: string
lastHandledReconcileAt:
- description: |-
- LastHandledReconcileAt holds the value of the most recent
- reconcile request value, so a change of the annotation value
- can be detected.
- type: string
- lastHandledResetAt:
- description: |-
- LastHandledResetAt holds the value of the most recent reset request
- value, so a change of the annotation value can be detected.
+ description: LastHandledReconcileAt holds the value of the most recent
+ reconcile request value, so a change of the annotation value can
+ be detected.
type: string
lastReleaseRevision:
- description: |-
- LastReleaseRevision is the revision of the last successful Helm release.
- Deprecated: Use History instead.
+ description: LastReleaseRevision is the revision of the last successful
+ Helm release.
type: integer
observedGeneration:
description: ObservedGeneration is the last observed generation.
format: int64
type: integer
- observedPostRenderersDigest:
- description: |-
- ObservedPostRenderersDigest is the digest for the post-renderers of
- the last successful reconciliation attempt.
- type: string
- storageNamespace:
- description: |-
- StorageNamespace is the namespace of the Helm release storage for the
- current release.
- maxLength: 63
- minLength: 1
- type: string
upgradeFailures:
- description: |-
- UpgradeFailures is the upgrade failure count against the latest desired
- state. It is reset after a successful reconciliation.
+ description: UpgradeFailures is the upgrade failure count against
+ the latest desired state. It is reset after a successful reconciliation.
format: int64
type: integer
type: object
type: object
served: true
- storage: false
+ storage: true
subresources:
status: {}
---
app.kubernetes.io/component: helm-controller
app.kubernetes.io/instance: flux-system
app.kubernetes.io/part-of: flux
- app.kubernetes.io/version: v2.4.0
+ app.kubernetes.io/version: v2.1.2
name: helm-controller
namespace: flux-system
---
app.kubernetes.io/component: helm-controller
app.kubernetes.io/instance: flux-system
app.kubernetes.io/part-of: flux
- app.kubernetes.io/version: v2.4.0
+ app.kubernetes.io/version: v2.1.2
control-plane: controller
name: helm-controller
namespace: flux-system
valueFrom:
fieldRef:
fieldPath: metadata.namespace
- - name: GOMAXPROCS
- valueFrom:
- resourceFieldRef:
- containerName: manager
- resource: limits.cpu
- - name: GOMEMLIMIT
- valueFrom:
- resourceFieldRef:
- containerName: manager
- resource: limits.memory
- image: ghcr.io/fluxcd/helm-controller:v1.1.0
+ image: ghcr.io/fluxcd/helm-controller:v0.36.2
imagePullPolicy: IfNotPresent
livenessProbe:
httpGet:
kind: CustomResourceDefinition
metadata:
annotations:
- controller-gen.kubebuilder.io/version: v0.16.1
+ controller-gen.kubebuilder.io/version: v0.12.0
labels:
app.kubernetes.io/component: notification-controller
app.kubernetes.io/instance: flux-system
app.kubernetes.io/part-of: flux
- app.kubernetes.io/version: v2.4.0
+ app.kubernetes.io/version: v2.1.2
name: alerts.notification.toolkit.fluxcd.io
spec:
group: notification.toolkit.fluxcd.io
- jsonPath: .status.conditions[?(@.type=="Ready")].message
name: Status
type: string
- deprecated: true
- deprecationWarning: v1beta1 Alert is deprecated, upgrade to v1beta3
name: v1beta1
schema:
openAPIV3Schema:
description: Alert is the Schema for the alerts API
properties:
apiVersion:
- description: |-
- APIVersion defines the versioned schema of this representation of an object.
- Servers should convert recognized schemas to the latest internal value, and
- may reject unrecognized values.
- More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
+ description: 'APIVersion defines the versioned schema of this representation
+ of an object. Servers should convert recognized schemas to the latest
+ internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
type: string
kind:
- description: |-
- Kind is a string value representing the REST resource this object represents.
- Servers may infer this from the endpoint the client submits requests to.
- Cannot be updated.
- In CamelCase.
- More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
+ description: 'Kind is a string value representing the REST resource this
+ object represents. Servers may infer this from the endpoint the client
+ submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
type: string
metadata:
type: object
properties:
eventSeverity:
default: info
- description: |-
- Filter events based on severity, defaults to ('info').
+ description: Filter events based on severity, defaults to ('info').
If set to 'info' no events will be filtered.
enum:
- info
eventSources:
description: Filter events based on the involved objects.
items:
- description: |-
- CrossNamespaceObjectReference contains enough information to let you locate the
- typed referenced object at cluster level
+ description: CrossNamespaceObjectReference contains enough information
+ to let you locate the typed referenced object at cluster level
properties:
apiVersion:
description: API version of the referent
matchLabels:
additionalProperties:
type: string
- description: |-
- MatchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels
- map is equivalent to an element of matchExpressions, whose key field is "key", the
- operator is "In", and the values array contains only "value". The requirements are ANDed.
+ description: MatchLabels is a map of {key,value} pairs. A single
+ {key,value} in the matchLabels map is equivalent to an element
+ of matchExpressions, whose key field is "key", the operator
+ is "In", and the values array contains only "value". The requirements
+ are ANDed.
type: object
name:
description: Name of the referent
minLength: 1
type: string
required:
- - kind
- name
type: object
type: array
description: Short description of the impact and affected cluster.
type: string
suspend:
- description: |-
- This flag tells the controller to suspend subsequent events dispatching.
- Defaults to false.
+ description: This flag tells the controller to suspend subsequent
+ events dispatching. Defaults to false.
type: boolean
required:
- eventSources
properties:
conditions:
items:
- description: Condition contains details for one aspect of the current
- state of this API Resource.
+ description: "Condition contains details for one aspect of the current
+ state of this API Resource. --- This struct is intended for direct
+ use as an array at the field path .status.conditions. For example,
+ \n type FooStatus struct{ // Represents the observations of a
+ foo's current state. // Known .status.conditions.type are: \"Available\",
+ \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge
+ // +listType=map // +listMapKey=type Conditions []metav1.Condition
+ `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\"
+ protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }"
properties:
lastTransitionTime:
- description: |-
- lastTransitionTime is the last time the condition transitioned from one status to another.
- This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable.
+ description: lastTransitionTime is the last time the condition
+ transitioned from one status to another. This should be when
+ the underlying condition changed. If that is not known, then
+ using the time when the API field changed is acceptable.
format: date-time
type: string
message:
- description: |-
- message is a human readable message indicating details about the transition.
- This may be an empty string.
+ description: message is a human readable message indicating
+ details about the transition. This may be an empty string.
maxLength: 32768
type: string
observedGeneration:
- description: |-
- observedGeneration represents the .metadata.generation that the condition was set based upon.
- For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date
- with respect to the current state of the instance.
+ description: observedGeneration represents the .metadata.generation
+ that the condition was set based upon. For instance, if .metadata.generation
+ is currently 12, but the .status.conditions[x].observedGeneration
+ is 9, the condition is out of date with respect to the current
+ state of the instance.
format: int64
minimum: 0
type: integer
reason:
- description: |-
- reason contains a programmatic identifier indicating the reason for the condition's last transition.
- Producers of specific condition types may define expected values and meanings for this field,
- and whether the values are considered a guaranteed API.
- The value should be a CamelCase string.
+ description: reason contains a programmatic identifier indicating
+ the reason for the condition's last transition. Producers
+ of specific condition types may define expected values and
+ meanings for this field, and whether the values are considered
+ a guaranteed API. The value should be a CamelCase string.
This field may not be empty.
maxLength: 1024
minLength: 1
type: string
type:
description: type of condition in CamelCase or in foo.example.com/CamelCase.
+ --- Many .condition.type values are consistent across resources
+ like Available, but because arbitrary conditions can be useful
+ (see .node.status.conditions), the ability to deconflict is
+ important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt)
maxLength: 316
pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$
type: string
- jsonPath: .status.conditions[?(@.type=="Ready")].message
name: Status
type: string
- deprecated: true
- deprecationWarning: v1beta2 Alert is deprecated, upgrade to v1beta3
name: v1beta2
schema:
openAPIV3Schema:
description: Alert is the Schema for the alerts API
properties:
apiVersion:
- description: |-
- APIVersion defines the versioned schema of this representation of an object.
- Servers should convert recognized schemas to the latest internal value, and
- may reject unrecognized values.
- More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
+ description: 'APIVersion defines the versioned schema of this representation
+ of an object. Servers should convert recognized schemas to the latest
+ internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
type: string
kind:
- description: |-
- Kind is a string value representing the REST resource this object represents.
- Servers may infer this from the endpoint the client submits requests to.
- Cannot be updated.
- In CamelCase.
- More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
+ description: 'Kind is a string value representing the REST resource this
+ object represents. Servers may infer this from the endpoint the client
+ submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
type: string
metadata:
type: object
eventMetadata:
additionalProperties:
type: string
- description: |-
- EventMetadata is an optional field for adding metadata to events dispatched by the
- controller. This can be used for enhancing the context of the event. If a field
- would override one already present on the original event as generated by the emitter,
- then the override doesn't happen, i.e. the original value is preserved, and an info
- log is printed.
+ description: EventMetadata is an optional field for adding metadata
+ to events dispatched by the controller. This can be used for enhancing
+ the context of the event. If a field would override one already
+ present on the original event as generated by the emitter, then
+ the override doesn't happen, i.e. the original value is preserved,
+ and an info log is printed.
type: object
eventSeverity:
default: info
- description: |-
- EventSeverity specifies how to filter events based on severity.
- If set to 'info' no events will be filtered.
+ description: EventSeverity specifies how to filter events based on
+ severity. If set to 'info' no events will be filtered.
enum:
- info
- error
type: string
eventSources:
- description: |-
- EventSources specifies how to filter events based
- on the involved object kind, name and namespace.
+ description: EventSources specifies how to filter events based on
+ the involved object kind, name and namespace.
items:
- description: |-
- CrossNamespaceObjectReference contains enough information to let you locate the
- typed referenced object at cluster level
+ description: CrossNamespaceObjectReference contains enough information
+ to let you locate the typed referenced object at cluster level
properties:
apiVersion:
description: API version of the referent
matchLabels:
additionalProperties:
type: string
- description: |-
- MatchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels
- map is equivalent to an element of matchExpressions, whose key field is "key", the
- operator is "In", and the values array contains only "value". The requirements are ANDed.
- MatchLabels requires the name to be set to `*`.
+ description: MatchLabels is a map of {key,value} pairs. A single
+ {key,value} in the matchLabels map is equivalent to an element
+ of matchExpressions, whose key field is "key", the operator
+ is "In", and the values array contains only "value". The requirements
+ are ANDed. MatchLabels requires the name to be set to `*`.
type: object
name:
- description: |-
- Name of the referent
- If multiple resources are targeted `*` may be set.
+ description: Name of the referent If multiple resources are
+ targeted `*` may be set.
maxLength: 53
minLength: 1
type: string
type: object
type: array
exclusionList:
- description: |-
- ExclusionList specifies a list of Golang regular expressions
+ description: ExclusionList specifies a list of Golang regular expressions
to be used for excluding messages.
items:
type: string
type: array
inclusionList:
- description: |-
- InclusionList specifies a list of Golang regular expressions
+ description: InclusionList specifies a list of Golang regular expressions
to be used for including messages.
items:
type: string
maxLength: 255
type: string
suspend:
- description: |-
- Suspend tells the controller to suspend subsequent
- events handling for this Alert.
+ description: Suspend tells the controller to suspend subsequent events
+ handling for this Alert.
type: boolean
required:
- eventSources
conditions:
description: Conditions holds the conditions for the Alert.
items:
- description: Condition contains details for one aspect of the current
- state of this API Resource.
+ description: "Condition contains details for one aspect of the current
+ state of this API Resource. --- This struct is intended for direct
+ use as an array at the field path .status.conditions. For example,
+ \n type FooStatus struct{ // Represents the observations of a
+ foo's current state. // Known .status.conditions.type are: \"Available\",
+ \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge
+ // +listType=map // +listMapKey=type Conditions []metav1.Condition
+ `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\"
+ protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }"
properties:
lastTransitionTime:
- description: |-
- lastTransitionTime is the last time the condition transitioned from one status to another.
- This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable.
+ description: lastTransitionTime is the last time the condition
+ transitioned from one status to another. This should be when
+ the underlying condition changed. If that is not known, then
+ using the time when the API field changed is acceptable.
format: date-time
type: string
message:
- description: |-
- message is a human readable message indicating details about the transition.
- This may be an empty string.
+ description: message is a human readable message indicating
+ details about the transition. This may be an empty string.
maxLength: 32768
type: string
observedGeneration:
- description: |-
- observedGeneration represents the .metadata.generation that the condition was set based upon.
- For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date
- with respect to the current state of the instance.
+ description: observedGeneration represents the .metadata.generation
+ that the condition was set based upon. For instance, if .metadata.generation
+ is currently 12, but the .status.conditions[x].observedGeneration
+ is 9, the condition is out of date with respect to the current
+ state of the instance.
format: int64
minimum: 0
type: integer
reason:
- description: |-
- reason contains a programmatic identifier indicating the reason for the condition's last transition.
- Producers of specific condition types may define expected values and meanings for this field,
- and whether the values are considered a guaranteed API.
- The value should be a CamelCase string.
+ description: reason contains a programmatic identifier indicating
+ the reason for the condition's last transition. Producers
+ of specific condition types may define expected values and
+ meanings for this field, and whether the values are considered
+ a guaranteed API. The value should be a CamelCase string.
This field may not be empty.
maxLength: 1024
minLength: 1
type: string
type:
description: type of condition in CamelCase or in foo.example.com/CamelCase.
+ --- Many .condition.type values are consistent across resources
+ like Available, but because arbitrary conditions can be useful
+ (see .node.status.conditions), the ability to deconflict is
+ important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt)
maxLength: 316
pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$
type: string
type: object
type: array
lastHandledReconcileAt:
- description: |-
- LastHandledReconcileAt holds the value of the most recent
- reconcile request value, so a change of the annotation value
- can be detected.
+ description: LastHandledReconcileAt holds the value of the most recent
+ reconcile request value, so a change of the annotation value can
+ be detected.
type: string
observedGeneration:
description: ObservedGeneration is the last observed generation.
type: object
type: object
served: true
- storage: false
+ storage: true
subresources:
status: {}
- - additionalPrinterColumns:
- - jsonPath: .metadata.creationTimestamp
- name: Age
- type: date
- name: v1beta3
- schema:
- openAPIV3Schema:
- description: Alert is the Schema for the alerts API
- properties:
- apiVersion:
- description: |-
- APIVersion defines the versioned schema of this representation of an object.
- Servers should convert recognized schemas to the latest internal value, and
- may reject unrecognized values.
- More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
- type: string
- kind:
- description: |-
- Kind is a string value representing the REST resource this object represents.
- Servers may infer this from the endpoint the client submits requests to.
- Cannot be updated.
- In CamelCase.
- More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
- type: string
- metadata:
- type: object
- spec:
- description: AlertSpec defines an alerting rule for events involving a
- list of objects.
- properties:
- eventMetadata:
- additionalProperties:
- type: string
- description: |-
- EventMetadata is an optional field for adding metadata to events dispatched by the
- controller. This can be used for enhancing the context of the event. If a field
- would override one already present on the original event as generated by the emitter,
- then the override doesn't happen, i.e. the original value is preserved, and an info
- log is printed.
- type: object
- eventSeverity:
- default: info
- description: |-
- EventSeverity specifies how to filter events based on severity.
- If set to 'info' no events will be filtered.
- enum:
- - info
- - error
- type: string
- eventSources:
- description: |-
- EventSources specifies how to filter events based
- on the involved object kind, name and namespace.
- items:
- description: |-
- CrossNamespaceObjectReference contains enough information to let you locate the
- typed referenced object at cluster level
- properties:
- apiVersion:
- description: API version of the referent
- type: string
- kind:
- description: Kind of the referent
- enum:
- - Bucket
- - GitRepository
- - Kustomization
- - HelmRelease
- - HelmChart
- - HelmRepository
- - ImageRepository
- - ImagePolicy
- - ImageUpdateAutomation
- - OCIRepository
- type: string
- matchLabels:
- additionalProperties:
- type: string
- description: |-
- MatchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels
- map is equivalent to an element of matchExpressions, whose key field is "key", the
- operator is "In", and the values array contains only "value". The requirements are ANDed.
- MatchLabels requires the name to be set to `*`.
- type: object
- name:
- description: |-
- Name of the referent
- If multiple resources are targeted `*` may be set.
- maxLength: 53
- minLength: 1
- type: string
- namespace:
- description: Namespace of the referent
- maxLength: 53
- minLength: 1
- type: string
- required:
- - kind
- - name
- type: object
- type: array
- exclusionList:
- description: |-
- ExclusionList specifies a list of Golang regular expressions
- to be used for excluding messages.
- items:
- type: string
- type: array
- inclusionList:
- description: |-
- InclusionList specifies a list of Golang regular expressions
- to be used for including messages.
- items:
- type: string
- type: array
- providerRef:
- description: ProviderRef specifies which Provider this Alert should
- use.
- properties:
- name:
- description: Name of the referent.
- type: string
- required:
- - name
- type: object
- summary:
- description: Summary holds a short description of the impact and affected
- cluster.
- maxLength: 255
- type: string
- suspend:
- description: |-
- Suspend tells the controller to suspend subsequent
- events handling for this Alert.
- type: boolean
- required:
- - eventSources
- - providerRef
- type: object
- type: object
- served: true
- storage: true
- subresources: {}
---
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
annotations:
- controller-gen.kubebuilder.io/version: v0.16.1
+ controller-gen.kubebuilder.io/version: v0.12.0
labels:
app.kubernetes.io/component: notification-controller
app.kubernetes.io/instance: flux-system
app.kubernetes.io/part-of: flux
- app.kubernetes.io/version: v2.4.0
+ app.kubernetes.io/version: v2.1.2
name: providers.notification.toolkit.fluxcd.io
spec:
group: notification.toolkit.fluxcd.io
- jsonPath: .status.conditions[?(@.type=="Ready")].message
name: Status
type: string
- deprecated: true
- deprecationWarning: v1beta1 Provider is deprecated, upgrade to v1beta3
name: v1beta1
schema:
openAPIV3Schema:
description: Provider is the Schema for the providers API
properties:
apiVersion:
- description: |-
- APIVersion defines the versioned schema of this representation of an object.
- Servers should convert recognized schemas to the latest internal value, and
- may reject unrecognized values.
- More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
+ description: 'APIVersion defines the versioned schema of this representation
+ of an object. Servers should convert recognized schemas to the latest
+ internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
type: string
kind:
- description: |-
- Kind is a string value representing the REST resource this object represents.
- Servers may infer this from the endpoint the client submits requests to.
- Cannot be updated.
- In CamelCase.
- More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
+ description: 'Kind is a string value representing the REST resource this
+ object represents. Servers may infer this from the endpoint the client
+ submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
type: string
metadata:
type: object
pattern: ^(http|https)://
type: string
certSecretRef:
- description: |-
- CertSecretRef can be given the name of a secret containing
+ description: CertSecretRef can be given the name of a secret containing
a PEM-encoded CA certificate (`caFile`)
properties:
name:
pattern: ^(http|https)://
type: string
secretRef:
- description: |-
- Secret reference containing the provider webhook URL
+ description: Secret reference containing the provider webhook URL
using "address" as data key
properties:
name:
- name
type: object
suspend:
- description: |-
- This flag tells the controller to suspend subsequent events handling.
- Defaults to false.
+ description: This flag tells the controller to suspend subsequent
+ events handling. Defaults to false.
type: boolean
timeout:
description: Timeout for sending alerts to the provider.
properties:
conditions:
items:
- description: Condition contains details for one aspect of the current
- state of this API Resource.
+ description: "Condition contains details for one aspect of the current
+ state of this API Resource. --- This struct is intended for direct
+ use as an array at the field path .status.conditions. For example,
+ \n type FooStatus struct{ // Represents the observations of a
+ foo's current state. // Known .status.conditions.type are: \"Available\",
+ \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge
+ // +listType=map // +listMapKey=type Conditions []metav1.Condition
+ `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\"
+ protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }"
properties:
lastTransitionTime:
- description: |-
- lastTransitionTime is the last time the condition transitioned from one status to another.
- This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable.
+ description: lastTransitionTime is the last time the condition
+ transitioned from one status to another. This should be when
+ the underlying condition changed. If that is not known, then
+ using the time when the API field changed is acceptable.
format: date-time
type: string
message:
- description: |-
- message is a human readable message indicating details about the transition.
- This may be an empty string.
+ description: message is a human readable message indicating
+ details about the transition. This may be an empty string.
maxLength: 32768
type: string
observedGeneration:
- description: |-
- observedGeneration represents the .metadata.generation that the condition was set based upon.
- For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date
- with respect to the current state of the instance.
+ description: observedGeneration represents the .metadata.generation
+ that the condition was set based upon. For instance, if .metadata.generation
+ is currently 12, but the .status.conditions[x].observedGeneration
+ is 9, the condition is out of date with respect to the current
+ state of the instance.
format: int64
minimum: 0
type: integer
reason:
- description: |-
- reason contains a programmatic identifier indicating the reason for the condition's last transition.
- Producers of specific condition types may define expected values and meanings for this field,
- and whether the values are considered a guaranteed API.
- The value should be a CamelCase string.
+ description: reason contains a programmatic identifier indicating
+ the reason for the condition's last transition. Producers
+ of specific condition types may define expected values and
+ meanings for this field, and whether the values are considered
+ a guaranteed API. The value should be a CamelCase string.
This field may not be empty.
maxLength: 1024
minLength: 1
type: string
type:
description: type of condition in CamelCase or in foo.example.com/CamelCase.
+ --- Many .condition.type values are consistent across resources
+ like Available, but because arbitrary conditions can be useful
+ (see .node.status.conditions), the ability to deconflict is
+ important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt)
maxLength: 316
pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$
type: string
- jsonPath: .status.conditions[?(@.type=="Ready")].message
name: Status
type: string
- deprecated: true
- deprecationWarning: v1beta2 Provider is deprecated, upgrade to v1beta3
name: v1beta2
schema:
openAPIV3Schema:
description: Provider is the Schema for the providers API.
properties:
apiVersion:
- description: |-
- APIVersion defines the versioned schema of this representation of an object.
- Servers should convert recognized schemas to the latest internal value, and
- may reject unrecognized values.
- More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
+ description: 'APIVersion defines the versioned schema of this representation
+ of an object. Servers should convert recognized schemas to the latest
+ internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
type: string
kind:
- description: |-
- Kind is a string value representing the REST resource this object represents.
- Servers may infer this from the endpoint the client submits requests to.
- Cannot be updated.
- In CamelCase.
- More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
+ description: 'Kind is a string value representing the REST resource this
+ object represents. Servers may infer this from the endpoint the client
+ submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
type: string
metadata:
type: object
description: ProviderSpec defines the desired state of the Provider.
properties:
address:
- description: |-
- Address specifies the endpoint, in a generic sense, to where alerts are sent.
- What kind of endpoint depends on the specific Provider type being used.
- For the generic Provider, for example, this is an HTTP/S address.
- For other Provider types this could be a project ID or a namespace.
+ description: Address specifies the endpoint, in a generic sense, to
+ where alerts are sent. What kind of endpoint depends on the specific
+ Provider type being used. For the generic Provider, for example,
+ this is an HTTP/S address. For other Provider types this could be
+ a project ID or a namespace.
maxLength: 2048
type: string
certSecretRef:
- description: |-
- CertSecretRef specifies the Secret containing
- a PEM-encoded CA certificate (in the `ca.crt` key).
-
- Note: Support for the `caFile` key has
- been deprecated.
+ description: "CertSecretRef specifies the Secret containing a PEM-encoded
+ CA certificate (in the `ca.crt` key). \n Note: Support for the `caFile`
+ key has been deprecated."
properties:
name:
description: Name of the referent.
pattern: ^(http|https)://.*$
type: string
secretRef:
- description: |-
- SecretRef specifies the Secret containing the authentication
+ description: SecretRef specifies the Secret containing the authentication
credentials for this Provider.
properties:
name:
- name
type: object
suspend:
- description: |-
- Suspend tells the controller to suspend subsequent
- events handling for this Provider.
+ description: Suspend tells the controller to suspend subsequent events
+ handling for this Provider.
type: boolean
timeout:
description: Timeout for sending alerts to the Provider.
- github
- gitlab
- gitea
- - bitbucketserver
- bitbucket
- azuredevops
- googlechat
conditions:
description: Conditions holds the conditions for the Provider.
items:
- description: Condition contains details for one aspect of the current
- state of this API Resource.
+ description: "Condition contains details for one aspect of the current
+ state of this API Resource. --- This struct is intended for direct
+ use as an array at the field path .status.conditions. For example,
+ \n type FooStatus struct{ // Represents the observations of a
+ foo's current state. // Known .status.conditions.type are: \"Available\",
+ \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge
+ // +listType=map // +listMapKey=type Conditions []metav1.Condition
+ `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\"
+ protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }"
properties:
lastTransitionTime:
- description: |-
- lastTransitionTime is the last time the condition transitioned from one status to another.
- This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable.
+ description: lastTransitionTime is the last time the condition
+ transitioned from one status to another. This should be when
+ the underlying condition changed. If that is not known, then
+ using the time when the API field changed is acceptable.
format: date-time
type: string
message:
- description: |-
- message is a human readable message indicating details about the transition.
- This may be an empty string.
+ description: message is a human readable message indicating
+ details about the transition. This may be an empty string.
maxLength: 32768
type: string
observedGeneration:
- description: |-
- observedGeneration represents the .metadata.generation that the condition was set based upon.
- For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date
- with respect to the current state of the instance.
+ description: observedGeneration represents the .metadata.generation
+ that the condition was set based upon. For instance, if .metadata.generation
+ is currently 12, but the .status.conditions[x].observedGeneration
+ is 9, the condition is out of date with respect to the current
+ state of the instance.
format: int64
minimum: 0
type: integer
reason:
- description: |-
- reason contains a programmatic identifier indicating the reason for the condition's last transition.
- Producers of specific condition types may define expected values and meanings for this field,
- and whether the values are considered a guaranteed API.
- The value should be a CamelCase string.
+ description: reason contains a programmatic identifier indicating
+ the reason for the condition's last transition. Producers
+ of specific condition types may define expected values and
+ meanings for this field, and whether the values are considered
+ a guaranteed API. The value should be a CamelCase string.
This field may not be empty.
maxLength: 1024
minLength: 1
type: string
type:
description: type of condition in CamelCase or in foo.example.com/CamelCase.
+ --- Many .condition.type values are consistent across resources
+ like Available, but because arbitrary conditions can be useful
+ (see .node.status.conditions), the ability to deconflict is
+ important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt)
maxLength: 316
pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$
type: string
type: object
type: array
lastHandledReconcileAt:
- description: |-
- LastHandledReconcileAt holds the value of the most recent
- reconcile request value, so a change of the annotation value
- can be detected.
+ description: LastHandledReconcileAt holds the value of the most recent
+ reconcile request value, so a change of the annotation value can
+ be detected.
type: string
observedGeneration:
description: ObservedGeneration is the last reconciled generation.
type: object
type: object
served: true
- storage: false
+ storage: true
subresources:
status: {}
- - additionalPrinterColumns:
- - jsonPath: .metadata.creationTimestamp
- name: Age
- type: date
- name: v1beta3
- schema:
- openAPIV3Schema:
- description: Provider is the Schema for the providers API
- properties:
- apiVersion:
- description: |-
- APIVersion defines the versioned schema of this representation of an object.
- Servers should convert recognized schemas to the latest internal value, and
- may reject unrecognized values.
- More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
- type: string
- kind:
- description: |-
- Kind is a string value representing the REST resource this object represents.
- Servers may infer this from the endpoint the client submits requests to.
- Cannot be updated.
- In CamelCase.
- More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
- type: string
- metadata:
- type: object
- spec:
- description: ProviderSpec defines the desired state of the Provider.
- properties:
- address:
- description: |-
- Address specifies the endpoint, in a generic sense, to where alerts are sent.
- What kind of endpoint depends on the specific Provider type being used.
- For the generic Provider, for example, this is an HTTP/S address.
- For other Provider types this could be a project ID or a namespace.
- maxLength: 2048
- type: string
- certSecretRef:
- description: |-
- CertSecretRef specifies the Secret containing
- a PEM-encoded CA certificate (in the `ca.crt` key).
-
- Note: Support for the `caFile` key has
- been deprecated.
- properties:
- name:
- description: Name of the referent.
- type: string
- required:
- - name
- type: object
- channel:
- description: Channel specifies the destination channel where events
- should be posted.
- maxLength: 2048
- type: string
- interval:
- description: |-
- Interval at which to reconcile the Provider with its Secret references.
- Deprecated and not used in v1beta3.
- pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$
- type: string
- proxy:
- description: Proxy the HTTP/S address of the proxy server.
- maxLength: 2048
- pattern: ^(http|https)://.*$
- type: string
- secretRef:
- description: |-
- SecretRef specifies the Secret containing the authentication
- credentials for this Provider.
- properties:
- name:
- description: Name of the referent.
- type: string
- required:
- - name
- type: object
- suspend:
- description: |-
- Suspend tells the controller to suspend subsequent
- events handling for this Provider.
- type: boolean
- timeout:
- description: Timeout for sending alerts to the Provider.
- pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m))+$
- type: string
- type:
- description: Type specifies which Provider implementation to use.
- enum:
- - slack
- - discord
- - msteams
- - rocket
- - generic
- - generic-hmac
- - github
- - gitlab
- - gitea
- - bitbucketserver
- - bitbucket
- - azuredevops
- - googlechat
- - googlepubsub
- - webex
- - sentry
- - azureeventhub
- - telegram
- - lark
- - matrix
- - opsgenie
- - alertmanager
- - grafana
- - githubdispatch
- - pagerduty
- - datadog
- - nats
- type: string
- username:
- description: Username specifies the name under which events are posted.
- maxLength: 2048
- type: string
- required:
- - type
- type: object
- type: object
- served: true
- storage: true
- subresources: {}
---
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
annotations:
- controller-gen.kubebuilder.io/version: v0.16.1
+ controller-gen.kubebuilder.io/version: v0.12.0
labels:
app.kubernetes.io/component: notification-controller
app.kubernetes.io/instance: flux-system
app.kubernetes.io/part-of: flux
- app.kubernetes.io/version: v2.4.0
+ app.kubernetes.io/version: v2.1.2
name: receivers.notification.toolkit.fluxcd.io
spec:
group: notification.toolkit.fluxcd.io
description: Receiver is the Schema for the receivers API.
properties:
apiVersion:
- description: |-
- APIVersion defines the versioned schema of this representation of an object.
- Servers should convert recognized schemas to the latest internal value, and
- may reject unrecognized values.
- More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
+ description: 'APIVersion defines the versioned schema of this representation
+ of an object. Servers should convert recognized schemas to the latest
+ internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
type: string
kind:
- description: |-
- Kind is a string value representing the REST resource this object represents.
- Servers may infer this from the endpoint the client submits requests to.
- Cannot be updated.
- In CamelCase.
- More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
+ description: 'Kind is a string value representing the REST resource this
+ object represents. Servers may infer this from the endpoint the client
+ submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
type: string
metadata:
type: object
description: ReceiverSpec defines the desired state of the Receiver.
properties:
events:
- description: |-
- Events specifies the list of event types to handle,
- e.g. 'push' for GitHub or 'Push Hook' for GitLab.
+ description: Events specifies the list of event types to handle, e.g.
+ 'push' for GitHub or 'Push Hook' for GitLab.
items:
type: string
type: array
resources:
description: A list of resources to be notified about changes.
items:
- description: |-
- CrossNamespaceObjectReference contains enough information to let you locate the
- typed referenced object at cluster level
+ description: CrossNamespaceObjectReference contains enough information
+ to let you locate the typed referenced object at cluster level
properties:
apiVersion:
description: API version of the referent
matchLabels:
additionalProperties:
type: string
- description: |-
- MatchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels
- map is equivalent to an element of matchExpressions, whose key field is "key", the
- operator is "In", and the values array contains only "value". The requirements are ANDed.
- MatchLabels requires the name to be set to `*`.
+ description: MatchLabels is a map of {key,value} pairs. A single
+ {key,value} in the matchLabels map is equivalent to an element
+ of matchExpressions, whose key field is "key", the operator
+ is "In", and the values array contains only "value". The requirements
+ are ANDed. MatchLabels requires the name to be set to `*`.
type: object
name:
- description: |-
- Name of the referent
- If multiple resources are targeted `*` may be set.
+ description: Name of the referent If multiple resources are
+ targeted `*` may be set.
maxLength: 53
minLength: 1
type: string
type: object
type: array
secretRef:
- description: |-
- SecretRef specifies the Secret containing the token used
+ description: SecretRef specifies the Secret containing the token used
to validate the payload authenticity.
properties:
name:
- name
type: object
suspend:
- description: |-
- Suspend tells the controller to suspend subsequent
- events handling for this receiver.
+ description: Suspend tells the controller to suspend subsequent events
+ handling for this receiver.
type: boolean
type:
- description: |-
- Type of webhook sender, used to determine
- the validation procedure and payload deserialization.
+ description: Type of webhook sender, used to determine the validation
+ procedure and payload deserialization.
enum:
- generic
- generic-hmac
- gcr
- nexus
- acr
- - cdevents
type: string
required:
- resources
conditions:
description: Conditions holds the conditions for the Receiver.
items:
- description: Condition contains details for one aspect of the current
- state of this API Resource.
+ description: "Condition contains details for one aspect of the current
+ state of this API Resource. --- This struct is intended for direct
+ use as an array at the field path .status.conditions. For example,
+ \n type FooStatus struct{ // Represents the observations of a
+ foo's current state. // Known .status.conditions.type are: \"Available\",
+ \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge
+ // +listType=map // +listMapKey=type Conditions []metav1.Condition
+ `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\"
+ protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }"
properties:
lastTransitionTime:
- description: |-
- lastTransitionTime is the last time the condition transitioned from one status to another.
- This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable.
+ description: lastTransitionTime is the last time the condition
+ transitioned from one status to another. This should be when
+ the underlying condition changed. If that is not known, then
+ using the time when the API field changed is acceptable.
format: date-time
type: string
message:
- description: |-
- message is a human readable message indicating details about the transition.
- This may be an empty string.
+ description: message is a human readable message indicating
+ details about the transition. This may be an empty string.
maxLength: 32768
type: string
observedGeneration:
- description: |-
- observedGeneration represents the .metadata.generation that the condition was set based upon.
- For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date
- with respect to the current state of the instance.
+ description: observedGeneration represents the .metadata.generation
+ that the condition was set based upon. For instance, if .metadata.generation
+ is currently 12, but the .status.conditions[x].observedGeneration
+ is 9, the condition is out of date with respect to the current
+ state of the instance.
format: int64
minimum: 0
type: integer
reason:
- description: |-
- reason contains a programmatic identifier indicating the reason for the condition's last transition.
- Producers of specific condition types may define expected values and meanings for this field,
- and whether the values are considered a guaranteed API.
- The value should be a CamelCase string.
+ description: reason contains a programmatic identifier indicating
+ the reason for the condition's last transition. Producers
+ of specific condition types may define expected values and
+ meanings for this field, and whether the values are considered
+ a guaranteed API. The value should be a CamelCase string.
This field may not be empty.
maxLength: 1024
minLength: 1
type: string
type:
description: type of condition in CamelCase or in foo.example.com/CamelCase.
+ --- Many .condition.type values are consistent across resources
+ like Available, but because arbitrary conditions can be useful
+ (see .node.status.conditions), the ability to deconflict is
+ important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt)
maxLength: 316
pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$
type: string
type: object
type: array
lastHandledReconcileAt:
- description: |-
- LastHandledReconcileAt holds the value of the most recent
- reconcile request value, so a change of the annotation value
- can be detected.
+ description: LastHandledReconcileAt holds the value of the most recent
+ reconcile request value, so a change of the annotation value can
+ be detected.
type: string
observedGeneration:
description: ObservedGeneration is the last observed generation of
format: int64
type: integer
webhookPath:
- description: |-
- WebhookPath is the generated incoming webhook address in the format
- of '/hook/sha256sum(token+name+namespace)'.
+ description: WebhookPath is the generated incoming webhook address
+ in the format of '/hook/sha256sum(token+name+namespace)'.
type: string
type: object
type: object
description: Receiver is the Schema for the receivers API
properties:
apiVersion:
- description: |-
- APIVersion defines the versioned schema of this representation of an object.
- Servers should convert recognized schemas to the latest internal value, and
- may reject unrecognized values.
- More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
+ description: 'APIVersion defines the versioned schema of this representation
+ of an object. Servers should convert recognized schemas to the latest
+ internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
type: string
kind:
- description: |-
- Kind is a string value representing the REST resource this object represents.
- Servers may infer this from the endpoint the client submits requests to.
- Cannot be updated.
- In CamelCase.
- More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
+ description: 'Kind is a string value representing the REST resource this
+ object represents. Servers may infer this from the endpoint the client
+ submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
type: string
metadata:
type: object
description: ReceiverSpec defines the desired state of Receiver
properties:
events:
- description: |-
- A list of events to handle,
- e.g. 'push' for GitHub or 'Push Hook' for GitLab.
+ description: A list of events to handle, e.g. 'push' for GitHub or
+ 'Push Hook' for GitLab.
items:
type: string
type: array
resources:
description: A list of resources to be notified about changes.
items:
- description: |-
- CrossNamespaceObjectReference contains enough information to let you locate the
- typed referenced object at cluster level
+ description: CrossNamespaceObjectReference contains enough information
+ to let you locate the typed referenced object at cluster level
properties:
apiVersion:
description: API version of the referent
matchLabels:
additionalProperties:
type: string
- description: |-
- MatchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels
- map is equivalent to an element of matchExpressions, whose key field is "key", the
- operator is "In", and the values array contains only "value". The requirements are ANDed.
+ description: MatchLabels is a map of {key,value} pairs. A single
+ {key,value} in the matchLabels map is equivalent to an element
+ of matchExpressions, whose key field is "key", the operator
+ is "In", and the values array contains only "value". The requirements
+ are ANDed.
type: object
name:
description: Name of the referent
minLength: 1
type: string
required:
- - kind
- name
type: object
type: array
secretRef:
- description: |-
- Secret reference containing the token used
- to validate the payload authenticity
+ description: Secret reference containing the token used to validate
+ the payload authenticity
properties:
name:
description: Name of the referent.
- name
type: object
suspend:
- description: |-
- This flag tells the controller to suspend subsequent events handling.
- Defaults to false.
+ description: This flag tells the controller to suspend subsequent
+ events handling. Defaults to false.
type: boolean
type:
- description: |-
- Type of webhook sender, used to determine
- the validation procedure and payload deserialization.
+ description: Type of webhook sender, used to determine the validation
+ procedure and payload deserialization.
enum:
- generic
- generic-hmac
type: string
required:
- resources
- - secretRef
- type
type: object
status:
properties:
conditions:
items:
- description: Condition contains details for one aspect of the current
- state of this API Resource.
+ description: "Condition contains details for one aspect of the current
+ state of this API Resource. --- This struct is intended for direct
+ use as an array at the field path .status.conditions. For example,
+ \n type FooStatus struct{ // Represents the observations of a
+ foo's current state. // Known .status.conditions.type are: \"Available\",
+ \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge
+ // +listType=map // +listMapKey=type Conditions []metav1.Condition
+ `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\"
+ protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }"
properties:
lastTransitionTime:
- description: |-
- lastTransitionTime is the last time the condition transitioned from one status to another.
- This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable.
+ description: lastTransitionTime is the last time the condition
+ transitioned from one status to another. This should be when
+ the underlying condition changed. If that is not known, then
+ using the time when the API field changed is acceptable.
format: date-time
type: string
message:
- description: |-
- message is a human readable message indicating details about the transition.
- This may be an empty string.
+ description: message is a human readable message indicating
+ details about the transition. This may be an empty string.
maxLength: 32768
type: string
observedGeneration:
- description: |-
- observedGeneration represents the .metadata.generation that the condition was set based upon.
- For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date
- with respect to the current state of the instance.
+ description: observedGeneration represents the .metadata.generation
+ that the condition was set based upon. For instance, if .metadata.generation
+ is currently 12, but the .status.conditions[x].observedGeneration
+ is 9, the condition is out of date with respect to the current
+ state of the instance.
format: int64
minimum: 0
type: integer
reason:
- description: |-
- reason contains a programmatic identifier indicating the reason for the condition's last transition.
- Producers of specific condition types may define expected values and meanings for this field,
- and whether the values are considered a guaranteed API.
- The value should be a CamelCase string.
+ description: reason contains a programmatic identifier indicating
+ the reason for the condition's last transition. Producers
+ of specific condition types may define expected values and
+ meanings for this field, and whether the values are considered
+ a guaranteed API. The value should be a CamelCase string.
This field may not be empty.
maxLength: 1024
minLength: 1
type: string
type:
description: type of condition in CamelCase or in foo.example.com/CamelCase.
+ --- Many .condition.type values are consistent across resources
+ like Available, but because arbitrary conditions can be useful
+ (see .node.status.conditions), the ability to deconflict is
+ important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt)
maxLength: 316
pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$
type: string
format: int64
type: integer
url:
- description: |-
- Generated webhook URL in the format
- of '/hook/sha256sum(token+name+namespace)'.
+ description: Generated webhook URL in the format of '/hook/sha256sum(token+name+namespace)'.
type: string
type: object
type: object
description: Receiver is the Schema for the receivers API.
properties:
apiVersion:
- description: |-
- APIVersion defines the versioned schema of this representation of an object.
- Servers should convert recognized schemas to the latest internal value, and
- may reject unrecognized values.
- More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
+ description: 'APIVersion defines the versioned schema of this representation
+ of an object. Servers should convert recognized schemas to the latest
+ internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
type: string
kind:
- description: |-
- Kind is a string value representing the REST resource this object represents.
- Servers may infer this from the endpoint the client submits requests to.
- Cannot be updated.
- In CamelCase.
- More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
+ description: 'Kind is a string value representing the REST resource this
+ object represents. Servers may infer this from the endpoint the client
+ submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
type: string
metadata:
type: object
description: ReceiverSpec defines the desired state of the Receiver.
properties:
events:
- description: |-
- Events specifies the list of event types to handle,
- e.g. 'push' for GitHub or 'Push Hook' for GitLab.
+ description: Events specifies the list of event types to handle, e.g.
+ 'push' for GitHub or 'Push Hook' for GitLab.
items:
type: string
type: array
resources:
description: A list of resources to be notified about changes.
items:
- description: |-
- CrossNamespaceObjectReference contains enough information to let you locate the
- typed referenced object at cluster level
+ description: CrossNamespaceObjectReference contains enough information
+ to let you locate the typed referenced object at cluster level
properties:
apiVersion:
description: API version of the referent
matchLabels:
additionalProperties:
type: string
- description: |-
- MatchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels
- map is equivalent to an element of matchExpressions, whose key field is "key", the
- operator is "In", and the values array contains only "value". The requirements are ANDed.
- MatchLabels requires the name to be set to `*`.
+ description: MatchLabels is a map of {key,value} pairs. A single
+ {key,value} in the matchLabels map is equivalent to an element
+ of matchExpressions, whose key field is "key", the operator
+ is "In", and the values array contains only "value". The requirements
+ are ANDed. MatchLabels requires the name to be set to `*`.
type: object
name:
- description: |-
- Name of the referent
- If multiple resources are targeted `*` may be set.
+ description: Name of the referent If multiple resources are
+ targeted `*` may be set.
maxLength: 53
minLength: 1
type: string
type: object
type: array
secretRef:
- description: |-
- SecretRef specifies the Secret containing the token used
+ description: SecretRef specifies the Secret containing the token used
to validate the payload authenticity.
properties:
name:
- name
type: object
suspend:
- description: |-
- Suspend tells the controller to suspend subsequent
- events handling for this receiver.
+ description: Suspend tells the controller to suspend subsequent events
+ handling for this receiver.
type: boolean
type:
- description: |-
- Type of webhook sender, used to determine
- the validation procedure and payload deserialization.
+ description: Type of webhook sender, used to determine the validation
+ procedure and payload deserialization.
enum:
- generic
- generic-hmac
type: string
required:
- resources
- - secretRef
- type
type: object
status:
conditions:
description: Conditions holds the conditions for the Receiver.
items:
- description: Condition contains details for one aspect of the current
- state of this API Resource.
+ description: "Condition contains details for one aspect of the current
+ state of this API Resource. --- This struct is intended for direct
+ use as an array at the field path .status.conditions. For example,
+ \n type FooStatus struct{ // Represents the observations of a
+ foo's current state. // Known .status.conditions.type are: \"Available\",
+ \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge
+ // +listType=map // +listMapKey=type Conditions []metav1.Condition
+ `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\"
+ protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }"
properties:
lastTransitionTime:
- description: |-
- lastTransitionTime is the last time the condition transitioned from one status to another.
- This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable.
+ description: lastTransitionTime is the last time the condition
+ transitioned from one status to another. This should be when
+ the underlying condition changed. If that is not known, then
+ using the time when the API field changed is acceptable.
format: date-time
type: string
message:
- description: |-
- message is a human readable message indicating details about the transition.
- This may be an empty string.
+ description: message is a human readable message indicating
+ details about the transition. This may be an empty string.
maxLength: 32768
type: string
observedGeneration:
- description: |-
- observedGeneration represents the .metadata.generation that the condition was set based upon.
- For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date
- with respect to the current state of the instance.
+ description: observedGeneration represents the .metadata.generation
+ that the condition was set based upon. For instance, if .metadata.generation
+ is currently 12, but the .status.conditions[x].observedGeneration
+ is 9, the condition is out of date with respect to the current
+ state of the instance.
format: int64
minimum: 0
type: integer
reason:
- description: |-
- reason contains a programmatic identifier indicating the reason for the condition's last transition.
- Producers of specific condition types may define expected values and meanings for this field,
- and whether the values are considered a guaranteed API.
- The value should be a CamelCase string.
+ description: reason contains a programmatic identifier indicating
+ the reason for the condition's last transition. Producers
+ of specific condition types may define expected values and
+ meanings for this field, and whether the values are considered
+ a guaranteed API. The value should be a CamelCase string.
This field may not be empty.
maxLength: 1024
minLength: 1
type: string
type:
description: type of condition in CamelCase or in foo.example.com/CamelCase.
+ --- Many .condition.type values are consistent across resources
+ like Available, but because arbitrary conditions can be useful
+ (see .node.status.conditions), the ability to deconflict is
+ important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt)
maxLength: 316
pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$
type: string
type: object
type: array
lastHandledReconcileAt:
- description: |-
- LastHandledReconcileAt holds the value of the most recent
- reconcile request value, so a change of the annotation value
- can be detected.
+ description: LastHandledReconcileAt holds the value of the most recent
+ reconcile request value, so a change of the annotation value can
+ be detected.
type: string
observedGeneration:
description: ObservedGeneration is the last observed generation of
format: int64
type: integer
url:
- description: |-
- URL is the generated incoming webhook address in the format
- of '/hook/sha256sum(token+name+namespace)'.
- Deprecated: Replaced by WebhookPath.
+ description: 'URL is the generated incoming webhook address in the
+ format of ''/hook/sha256sum(token+name+namespace)''. Deprecated:
+ Replaced by WebhookPath.'
type: string
webhookPath:
- description: |-
- WebhookPath is the generated incoming webhook address in the format
- of '/hook/sha256sum(token+name+namespace)'.
+ description: WebhookPath is the generated incoming webhook address
+ in the format of '/hook/sha256sum(token+name+namespace)'.
type: string
type: object
type: object
app.kubernetes.io/component: notification-controller
app.kubernetes.io/instance: flux-system
app.kubernetes.io/part-of: flux
- app.kubernetes.io/version: v2.4.0
+ app.kubernetes.io/version: v2.1.2
name: notification-controller
namespace: flux-system
---
app.kubernetes.io/component: notification-controller
app.kubernetes.io/instance: flux-system
app.kubernetes.io/part-of: flux
- app.kubernetes.io/version: v2.4.0
+ app.kubernetes.io/version: v2.1.2
control-plane: controller
name: notification-controller
namespace: flux-system
app.kubernetes.io/component: notification-controller
app.kubernetes.io/instance: flux-system
app.kubernetes.io/part-of: flux
- app.kubernetes.io/version: v2.4.0
+ app.kubernetes.io/version: v2.1.2
control-plane: controller
name: webhook-receiver
namespace: flux-system
app.kubernetes.io/component: notification-controller
app.kubernetes.io/instance: flux-system
app.kubernetes.io/part-of: flux
- app.kubernetes.io/version: v2.4.0
+ app.kubernetes.io/version: v2.1.2
control-plane: controller
name: notification-controller
namespace: flux-system
valueFrom:
fieldRef:
fieldPath: metadata.namespace
- - name: GOMAXPROCS
- valueFrom:
- resourceFieldRef:
- containerName: manager
- resource: limits.cpu
- - name: GOMEMLIMIT
- valueFrom:
- resourceFieldRef:
- containerName: manager
- resource: limits.memory
- image: ghcr.io/fluxcd/notification-controller:v1.4.0
+ image: ghcr.io/fluxcd/notification-controller:v1.1.0
imagePullPolicy: IfNotPresent
livenessProbe:
httpGet:
---
# This manifest was generated by flux. DO NOT EDIT.
-# Flux Version: v2.4.0
+# Flux Version: v2.1.2
# Components: source-controller,kustomize-controller,helm-controller,notification-controller
apiVersion: v1
kind: Namespace
labels:
app.kubernetes.io/instance: flux-system
app.kubernetes.io/part-of: flux
- app.kubernetes.io/version: v2.4.0
+ app.kubernetes.io/version: v2.1.2
pod-security.kubernetes.io/warn: restricted
pod-security.kubernetes.io/warn-version: latest
name: flux-system
labels:
app.kubernetes.io/instance: flux-system
app.kubernetes.io/part-of: flux
- app.kubernetes.io/version: v2.4.0
+ app.kubernetes.io/version: v2.1.2
name: allow-egress
namespace: flux-system
spec:
labels:
app.kubernetes.io/instance: flux-system
app.kubernetes.io/part-of: flux
- app.kubernetes.io/version: v2.4.0
+ app.kubernetes.io/version: v2.1.2
name: allow-scraping
namespace: flux-system
spec:
labels:
app.kubernetes.io/instance: flux-system
app.kubernetes.io/part-of: flux
- app.kubernetes.io/version: v2.4.0
+ app.kubernetes.io/version: v2.1.2
name: allow-webhooks
namespace: flux-system
spec:
labels:
app.kubernetes.io/instance: flux-system
app.kubernetes.io/part-of: flux
- app.kubernetes.io/version: v2.4.0
+ app.kubernetes.io/version: v2.1.2
name: critical-pods-flux-system
namespace: flux-system
spec:
labels:
app.kubernetes.io/instance: flux-system
app.kubernetes.io/part-of: flux
- app.kubernetes.io/version: v2.4.0
+ app.kubernetes.io/version: v2.1.2
name: crd-controller-flux-system
rules:
- apiGroups:
- update
- patch
- delete
-- nonResourceURLs:
- - /livez/ping
- verbs:
- - head
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
labels:
app.kubernetes.io/instance: flux-system
app.kubernetes.io/part-of: flux
- app.kubernetes.io/version: v2.4.0
+ app.kubernetes.io/version: v2.1.2
rbac.authorization.k8s.io/aggregate-to-admin: "true"
rbac.authorization.k8s.io/aggregate-to-edit: "true"
name: flux-edit-flux-system
labels:
app.kubernetes.io/instance: flux-system
app.kubernetes.io/part-of: flux
- app.kubernetes.io/version: v2.4.0
+ app.kubernetes.io/version: v2.1.2
rbac.authorization.k8s.io/aggregate-to-admin: "true"
rbac.authorization.k8s.io/aggregate-to-edit: "true"
rbac.authorization.k8s.io/aggregate-to-view: "true"
labels:
app.kubernetes.io/instance: flux-system
app.kubernetes.io/part-of: flux
- app.kubernetes.io/version: v2.4.0
+ app.kubernetes.io/version: v2.1.2
name: cluster-reconciler-flux-system
roleRef:
apiGroup: rbac.authorization.k8s.io
labels:
app.kubernetes.io/instance: flux-system
app.kubernetes.io/part-of: flux
- app.kubernetes.io/version: v2.4.0
+ app.kubernetes.io/version: v2.1.2
name: crd-controller-flux-system
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: CustomResourceDefinition
metadata:
annotations:
- controller-gen.kubebuilder.io/version: v0.16.1
+ controller-gen.kubebuilder.io/version: v0.12.0
labels:
app.kubernetes.io/component: source-controller
app.kubernetes.io/instance: flux-system
app.kubernetes.io/part-of: flux
- app.kubernetes.io/version: v2.4.0
+ app.kubernetes.io/version: v2.1.2
name: buckets.source.toolkit.fluxcd.io
spec:
group: source.toolkit.fluxcd.io
singular: bucket
scope: Namespaced
versions:
- - additionalPrinterColumns:
- - jsonPath: .spec.endpoint
- name: Endpoint
- type: string
- - jsonPath: .metadata.creationTimestamp
- name: Age
- type: date
- - jsonPath: .status.conditions[?(@.type=="Ready")].status
- name: Ready
- type: string
- - jsonPath: .status.conditions[?(@.type=="Ready")].message
- name: Status
- type: string
- name: v1
- schema:
- openAPIV3Schema:
- description: Bucket is the Schema for the buckets API.
- properties:
- apiVersion:
- description: |-
- APIVersion defines the versioned schema of this representation of an object.
- Servers should convert recognized schemas to the latest internal value, and
- may reject unrecognized values.
- More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
- type: string
- kind:
- description: |-
- Kind is a string value representing the REST resource this object represents.
- Servers may infer this from the endpoint the client submits requests to.
- Cannot be updated.
- In CamelCase.
- More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
- type: string
- metadata:
- type: object
- spec:
- description: |-
- BucketSpec specifies the required configuration to produce an Artifact for
- an object storage bucket.
- properties:
- bucketName:
- description: BucketName is the name of the object storage bucket.
- type: string
- certSecretRef:
- description: |-
- CertSecretRef can be given the name of a Secret containing
- either or both of
-
- - a PEM-encoded client certificate (`tls.crt`) and private
- key (`tls.key`);
- - a PEM-encoded CA certificate (`ca.crt`)
-
- and whichever are supplied, will be used for connecting to the
- bucket. The client cert and key are useful if you are
- authenticating with a certificate; the CA cert is useful if
- you are using a self-signed server certificate. The Secret must
- be of type `Opaque` or `kubernetes.io/tls`.
-
- This field is only supported for the `generic` provider.
- properties:
- name:
- description: Name of the referent.
- type: string
- required:
- - name
- type: object
- endpoint:
- description: Endpoint is the object storage address the BucketName
- is located at.
- type: string
- ignore:
- description: |-
- Ignore overrides the set of excluded patterns in the .sourceignore format
- (which is the same as .gitignore). If not provided, a default will be used,
- consult the documentation for your version to find out what those are.
- type: string
- insecure:
- description: Insecure allows connecting to a non-TLS HTTP Endpoint.
- type: boolean
- interval:
- description: |-
- Interval at which the Bucket Endpoint is checked for updates.
- This interval is approximate and may be subject to jitter to ensure
- efficient use of resources.
- pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$
- type: string
- prefix:
- description: Prefix to use for server-side filtering of files in the
- Bucket.
- type: string
- provider:
- default: generic
- description: |-
- Provider of the object storage bucket.
- Defaults to 'generic', which expects an S3 (API) compatible object
- storage.
- enum:
- - generic
- - aws
- - gcp
- - azure
- type: string
- proxySecretRef:
- description: |-
- ProxySecretRef specifies the Secret containing the proxy configuration
- to use while communicating with the Bucket server.
- properties:
- name:
- description: Name of the referent.
- type: string
- required:
- - name
- type: object
- region:
- description: Region of the Endpoint where the BucketName is located
- in.
- type: string
- secretRef:
- description: |-
- SecretRef specifies the Secret containing authentication credentials
- for the Bucket.
- properties:
- name:
- description: Name of the referent.
- type: string
- required:
- - name
- type: object
- sts:
- description: |-
- STS specifies the required configuration to use a Security Token
- Service for fetching temporary credentials to authenticate in a
- Bucket provider.
-
- This field is only supported for the `aws` and `generic` providers.
- properties:
- certSecretRef:
- description: |-
- CertSecretRef can be given the name of a Secret containing
- either or both of
-
- - a PEM-encoded client certificate (`tls.crt`) and private
- key (`tls.key`);
- - a PEM-encoded CA certificate (`ca.crt`)
-
- and whichever are supplied, will be used for connecting to the
- STS endpoint. The client cert and key are useful if you are
- authenticating with a certificate; the CA cert is useful if
- you are using a self-signed server certificate. The Secret must
- be of type `Opaque` or `kubernetes.io/tls`.
-
- This field is only supported for the `ldap` provider.
- properties:
- name:
- description: Name of the referent.
- type: string
- required:
- - name
- type: object
- endpoint:
- description: |-
- Endpoint is the HTTP/S endpoint of the Security Token Service from
- where temporary credentials will be fetched.
- pattern: ^(http|https)://.*$
- type: string
- provider:
- description: Provider of the Security Token Service.
- enum:
- - aws
- - ldap
- type: string
- secretRef:
- description: |-
- SecretRef specifies the Secret containing authentication credentials
- for the STS endpoint. This Secret must contain the fields `username`
- and `password` and is supported only for the `ldap` provider.
- properties:
- name:
- description: Name of the referent.
- type: string
- required:
- - name
- type: object
- required:
- - endpoint
- - provider
- type: object
- suspend:
- description: |-
- Suspend tells the controller to suspend the reconciliation of this
- Bucket.
- type: boolean
- timeout:
- default: 60s
- description: Timeout for fetch operations, defaults to 60s.
- pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m))+$
- type: string
- required:
- - bucketName
- - endpoint
- - interval
- type: object
- x-kubernetes-validations:
- - message: STS configuration is only supported for the 'aws' and 'generic'
- Bucket providers
- rule: self.provider == 'aws' || self.provider == 'generic' || !has(self.sts)
- - message: '''aws'' is the only supported STS provider for the ''aws''
- Bucket provider'
- rule: self.provider != 'aws' || !has(self.sts) || self.sts.provider
- == 'aws'
- - message: '''ldap'' is the only supported STS provider for the ''generic''
- Bucket provider'
- rule: self.provider != 'generic' || !has(self.sts) || self.sts.provider
- == 'ldap'
- - message: spec.sts.secretRef is not required for the 'aws' STS provider
- rule: '!has(self.sts) || self.sts.provider != ''aws'' || !has(self.sts.secretRef)'
- - message: spec.sts.certSecretRef is not required for the 'aws' STS provider
- rule: '!has(self.sts) || self.sts.provider != ''aws'' || !has(self.sts.certSecretRef)'
- status:
- default:
- observedGeneration: -1
- description: BucketStatus records the observed state of a Bucket.
- properties:
- artifact:
- description: Artifact represents the last successful Bucket reconciliation.
- properties:
- digest:
- description: Digest is the digest of the file in the form of '<algorithm>:<checksum>'.
- pattern: ^[a-z0-9]+(?:[.+_-][a-z0-9]+)*:[a-zA-Z0-9=_-]+$
- type: string
- lastUpdateTime:
- description: |-
- LastUpdateTime is the timestamp corresponding to the last update of the
- Artifact.
- format: date-time
- type: string
- metadata:
- additionalProperties:
- type: string
- description: Metadata holds upstream information such as OCI annotations.
- type: object
- path:
- description: |-
- Path is the relative file path of the Artifact. It can be used to locate
- the file in the root of the Artifact storage on the local file system of
- the controller managing the Source.
- type: string
- revision:
- description: |-
- Revision is a human-readable identifier traceable in the origin source
- system. It can be a Git commit SHA, Git tag, a Helm chart version, etc.
- type: string
- size:
- description: Size is the number of bytes in the file.
- format: int64
- type: integer
- url:
- description: |-
- URL is the HTTP address of the Artifact as exposed by the controller
- managing the Source. It can be used to retrieve the Artifact for
- consumption, e.g. by another controller applying the Artifact contents.
- type: string
- required:
- - lastUpdateTime
- - path
- - revision
- - url
- type: object
- conditions:
- description: Conditions holds the conditions for the Bucket.
- items:
- description: Condition contains details for one aspect of the current
- state of this API Resource.
- properties:
- lastTransitionTime:
- description: |-
- lastTransitionTime is the last time the condition transitioned from one status to another.
- This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable.
- format: date-time
- type: string
- message:
- description: |-
- message is a human readable message indicating details about the transition.
- This may be an empty string.
- maxLength: 32768
- type: string
- observedGeneration:
- description: |-
- observedGeneration represents the .metadata.generation that the condition was set based upon.
- For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date
- with respect to the current state of the instance.
- format: int64
- minimum: 0
- type: integer
- reason:
- description: |-
- reason contains a programmatic identifier indicating the reason for the condition's last transition.
- Producers of specific condition types may define expected values and meanings for this field,
- and whether the values are considered a guaranteed API.
- The value should be a CamelCase string.
- This field may not be empty.
- maxLength: 1024
- minLength: 1
- pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$
- type: string
- status:
- description: status of the condition, one of True, False, Unknown.
- enum:
- - "True"
- - "False"
- - Unknown
- type: string
- type:
- description: type of condition in CamelCase or in foo.example.com/CamelCase.
- maxLength: 316
- pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$
- type: string
- required:
- - lastTransitionTime
- - message
- - reason
- - status
- - type
- type: object
- type: array
- lastHandledReconcileAt:
- description: |-
- LastHandledReconcileAt holds the value of the most recent
- reconcile request value, so a change of the annotation value
- can be detected.
- type: string
- observedGeneration:
- description: ObservedGeneration is the last observed generation of
- the Bucket object.
- format: int64
- type: integer
- observedIgnore:
- description: |-
- ObservedIgnore is the observed exclusion patterns used for constructing
- the source artifact.
- type: string
- url:
- description: |-
- URL is the dynamic fetch link for the latest Artifact.
- It is provided on a "best effort" basis, and using the precise
- BucketStatus.Artifact data is recommended.
- type: string
- type: object
- type: object
- served: true
- storage: true
- subresources:
- status: {}
- additionalPrinterColumns:
- jsonPath: .spec.endpoint
name: Endpoint
- jsonPath: .metadata.creationTimestamp
name: Age
type: date
- deprecated: true
- deprecationWarning: v1beta1 Bucket is deprecated, upgrade to v1
name: v1beta1
schema:
openAPIV3Schema:
description: Bucket is the Schema for the buckets API
properties:
apiVersion:
- description: |-
- APIVersion defines the versioned schema of this representation of an object.
- Servers should convert recognized schemas to the latest internal value, and
- may reject unrecognized values.
- More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
+ description: 'APIVersion defines the versioned schema of this representation
+ of an object. Servers should convert recognized schemas to the latest
+ internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
type: string
kind:
- description: |-
- Kind is a string value representing the REST resource this object represents.
- Servers may infer this from the endpoint the client submits requests to.
- Cannot be updated.
- In CamelCase.
- More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
+ description: 'Kind is a string value representing the REST resource this
+ object represents. Servers may infer this from the endpoint the client
+ submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
type: string
metadata:
type: object
cross-namespace references to this object.
properties:
namespaceSelectors:
- description: |-
- NamespaceSelectors is the list of namespace selectors to which this ACL applies.
- Items in this list are evaluated using a logical OR operation.
+ description: NamespaceSelectors is the list of namespace selectors
+ to which this ACL applies. Items in this list are evaluated
+ using a logical OR operation.
items:
- description: |-
- NamespaceSelector selects the namespaces to which this ACL applies.
- An empty map of MatchLabels matches all namespaces in a cluster.
+ description: NamespaceSelector selects the namespaces to which
+ this ACL applies. An empty map of MatchLabels matches all
+ namespaces in a cluster.
properties:
matchLabels:
additionalProperties:
type: string
- description: |-
- MatchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels
- map is equivalent to an element of matchExpressions, whose key field is "key", the
- operator is "In", and the values array contains only "value". The requirements are ANDed.
+ description: MatchLabels is a map of {key,value} pairs.
+ A single {key,value} in the matchLabels map is equivalent
+ to an element of matchExpressions, whose key field is
+ "key", the operator is "In", and the values array contains
+ only "value". The requirements are ANDed.
type: object
type: object
type: array
description: The bucket endpoint address.
type: string
ignore:
- description: |-
- Ignore overrides the set of excluded patterns in the .sourceignore format
- (which is the same as .gitignore). If not provided, a default will be used,
- consult the documentation for your version to find out what those are.
+ description: Ignore overrides the set of excluded patterns in the
+ .sourceignore format (which is the same as .gitignore). If not provided,
+ a default will be used, consult the documentation for your version
+ to find out what those are.
type: string
insecure:
description: Insecure allows connecting to a non-TLS S3 HTTP endpoint.
description: The bucket region.
type: string
secretRef:
- description: |-
- The name of the secret containing authentication credentials
+ description: The name of the secret containing authentication credentials
for the Bucket.
properties:
name:
description: Checksum is the SHA256 checksum of the artifact.
type: string
lastUpdateTime:
- description: |-
- LastUpdateTime is the timestamp corresponding to the last update of this
- artifact.
+ description: LastUpdateTime is the timestamp corresponding to
+ the last update of this artifact.
format: date-time
type: string
path:
description: Path is the relative file path of this artifact.
type: string
revision:
- description: |-
- Revision is a human readable identifier traceable in the origin source
- system. It can be a Git commit SHA, Git tag, a Helm index timestamp, a Helm
- chart version, etc.
+ description: Revision is a human readable identifier traceable
+ in the origin source system. It can be a Git commit SHA, Git
+ tag, a Helm index timestamp, a Helm chart version, etc.
type: string
url:
description: URL is the HTTP address of this artifact.
type: string
required:
- - lastUpdateTime
- path
- url
type: object
conditions:
description: Conditions holds the conditions for the Bucket.
items:
- description: Condition contains details for one aspect of the current
- state of this API Resource.
+ description: "Condition contains details for one aspect of the current
+ state of this API Resource. --- This struct is intended for direct
+ use as an array at the field path .status.conditions. For example,
+ \n type FooStatus struct{ // Represents the observations of a
+ foo's current state. // Known .status.conditions.type are: \"Available\",
+ \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge
+ // +listType=map // +listMapKey=type Conditions []metav1.Condition
+ `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\"
+ protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }"
properties:
lastTransitionTime:
- description: |-
- lastTransitionTime is the last time the condition transitioned from one status to another.
- This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable.
+ description: lastTransitionTime is the last time the condition
+ transitioned from one status to another. This should be when
+ the underlying condition changed. If that is not known, then
+ using the time when the API field changed is acceptable.
format: date-time
type: string
message:
- description: |-
- message is a human readable message indicating details about the transition.
- This may be an empty string.
+ description: message is a human readable message indicating
+ details about the transition. This may be an empty string.
maxLength: 32768
type: string
observedGeneration:
- description: |-
- observedGeneration represents the .metadata.generation that the condition was set based upon.
- For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date
- with respect to the current state of the instance.
+ description: observedGeneration represents the .metadata.generation
+ that the condition was set based upon. For instance, if .metadata.generation
+ is currently 12, but the .status.conditions[x].observedGeneration
+ is 9, the condition is out of date with respect to the current
+ state of the instance.
format: int64
minimum: 0
type: integer
reason:
- description: |-
- reason contains a programmatic identifier indicating the reason for the condition's last transition.
- Producers of specific condition types may define expected values and meanings for this field,
- and whether the values are considered a guaranteed API.
- The value should be a CamelCase string.
+ description: reason contains a programmatic identifier indicating
+ the reason for the condition's last transition. Producers
+ of specific condition types may define expected values and
+ meanings for this field, and whether the values are considered
+ a guaranteed API. The value should be a CamelCase string.
This field may not be empty.
maxLength: 1024
minLength: 1
type: string
type:
description: type of condition in CamelCase or in foo.example.com/CamelCase.
+ --- Many .condition.type values are consistent across resources
+ like Available, but because arbitrary conditions can be useful
+ (see .node.status.conditions), the ability to deconflict is
+ important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt)
maxLength: 316
pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$
type: string
type: object
type: array
lastHandledReconcileAt:
- description: |-
- LastHandledReconcileAt holds the value of the most recent
- reconcile request value, so a change of the annotation value
- can be detected.
+ description: LastHandledReconcileAt holds the value of the most recent
+ reconcile request value, so a change of the annotation value can
+ be detected.
type: string
observedGeneration:
description: ObservedGeneration is the last observed generation.
- jsonPath: .status.conditions[?(@.type=="Ready")].message
name: Status
type: string
- deprecated: true
- deprecationWarning: v1beta2 Bucket is deprecated, upgrade to v1
name: v1beta2
schema:
openAPIV3Schema:
description: Bucket is the Schema for the buckets API.
properties:
apiVersion:
- description: |-
- APIVersion defines the versioned schema of this representation of an object.
- Servers should convert recognized schemas to the latest internal value, and
- may reject unrecognized values.
- More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
+ description: 'APIVersion defines the versioned schema of this representation
+ of an object. Servers should convert recognized schemas to the latest
+ internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
type: string
kind:
- description: |-
- Kind is a string value representing the REST resource this object represents.
- Servers may infer this from the endpoint the client submits requests to.
- Cannot be updated.
- In CamelCase.
- More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
+ description: 'Kind is a string value representing the REST resource this
+ object represents. Servers may infer this from the endpoint the client
+ submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
type: string
metadata:
type: object
spec:
- description: |-
- BucketSpec specifies the required configuration to produce an Artifact for
- an object storage bucket.
+ description: BucketSpec specifies the required configuration to produce
+ an Artifact for an object storage bucket.
properties:
accessFrom:
- description: |-
- AccessFrom specifies an Access Control List for allowing cross-namespace
- references to this object.
- NOTE: Not implemented, provisional as of https://github.com/fluxcd/flux2/pull/2092
+ description: 'AccessFrom specifies an Access Control List for allowing
+ cross-namespace references to this object. NOTE: Not implemented,
+ provisional as of https://github.com/fluxcd/flux2/pull/2092'
properties:
namespaceSelectors:
- description: |-
- NamespaceSelectors is the list of namespace selectors to which this ACL applies.
- Items in this list are evaluated using a logical OR operation.
+ description: NamespaceSelectors is the list of namespace selectors
+ to which this ACL applies. Items in this list are evaluated
+ using a logical OR operation.
items:
- description: |-
- NamespaceSelector selects the namespaces to which this ACL applies.
- An empty map of MatchLabels matches all namespaces in a cluster.
+ description: NamespaceSelector selects the namespaces to which
+ this ACL applies. An empty map of MatchLabels matches all
+ namespaces in a cluster.
properties:
matchLabels:
additionalProperties:
type: string
- description: |-
- MatchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels
- map is equivalent to an element of matchExpressions, whose key field is "key", the
- operator is "In", and the values array contains only "value". The requirements are ANDed.
+ description: MatchLabels is a map of {key,value} pairs.
+ A single {key,value} in the matchLabels map is equivalent
+ to an element of matchExpressions, whose key field is
+ "key", the operator is "In", and the values array contains
+ only "value". The requirements are ANDed.
type: object
type: object
type: array
bucketName:
description: BucketName is the name of the object storage bucket.
type: string
- certSecretRef:
- description: |-
- CertSecretRef can be given the name of a Secret containing
- either or both of
-
- - a PEM-encoded client certificate (`tls.crt`) and private
- key (`tls.key`);
- - a PEM-encoded CA certificate (`ca.crt`)
-
- and whichever are supplied, will be used for connecting to the
- bucket. The client cert and key are useful if you are
- authenticating with a certificate; the CA cert is useful if
- you are using a self-signed server certificate. The Secret must
- be of type `Opaque` or `kubernetes.io/tls`.
-
- This field is only supported for the `generic` provider.
- properties:
- name:
- description: Name of the referent.
- type: string
- required:
- - name
- type: object
endpoint:
description: Endpoint is the object storage address the BucketName
is located at.
type: string
ignore:
- description: |-
- Ignore overrides the set of excluded patterns in the .sourceignore format
- (which is the same as .gitignore). If not provided, a default will be used,
- consult the documentation for your version to find out what those are.
+ description: Ignore overrides the set of excluded patterns in the
+ .sourceignore format (which is the same as .gitignore). If not provided,
+ a default will be used, consult the documentation for your version
+ to find out what those are.
type: string
insecure:
description: Insecure allows connecting to a non-TLS HTTP Endpoint.
type: boolean
interval:
- description: |-
- Interval at which the Bucket Endpoint is checked for updates.
- This interval is approximate and may be subject to jitter to ensure
- efficient use of resources.
+ description: Interval at which the Bucket Endpoint is checked for
+ updates. This interval is approximate and may be subject to jitter
+ to ensure efficient use of resources.
pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$
type: string
- prefix:
- description: Prefix to use for server-side filtering of files in the
- Bucket.
- type: string
provider:
default: generic
- description: |-
- Provider of the object storage bucket.
- Defaults to 'generic', which expects an S3 (API) compatible object
- storage.
+ description: Provider of the object storage bucket. Defaults to 'generic',
+ which expects an S3 (API) compatible object storage.
enum:
- generic
- aws
- gcp
- azure
type: string
- proxySecretRef:
- description: |-
- ProxySecretRef specifies the Secret containing the proxy configuration
- to use while communicating with the Bucket server.
- properties:
- name:
- description: Name of the referent.
- type: string
- required:
- - name
- type: object
region:
description: Region of the Endpoint where the BucketName is located
in.
type: string
secretRef:
- description: |-
- SecretRef specifies the Secret containing authentication credentials
- for the Bucket.
+ description: SecretRef specifies the Secret containing authentication
+ credentials for the Bucket.
properties:
name:
description: Name of the referent.
required:
- name
type: object
- sts:
- description: |-
- STS specifies the required configuration to use a Security Token
- Service for fetching temporary credentials to authenticate in a
- Bucket provider.
-
- This field is only supported for the `aws` and `generic` providers.
- properties:
- certSecretRef:
- description: |-
- CertSecretRef can be given the name of a Secret containing
- either or both of
-
- - a PEM-encoded client certificate (`tls.crt`) and private
- key (`tls.key`);
- - a PEM-encoded CA certificate (`ca.crt`)
-
- and whichever are supplied, will be used for connecting to the
- STS endpoint. The client cert and key are useful if you are
- authenticating with a certificate; the CA cert is useful if
- you are using a self-signed server certificate. The Secret must
- be of type `Opaque` or `kubernetes.io/tls`.
-
- This field is only supported for the `ldap` provider.
- properties:
- name:
- description: Name of the referent.
- type: string
- required:
- - name
- type: object
- endpoint:
- description: |-
- Endpoint is the HTTP/S endpoint of the Security Token Service from
- where temporary credentials will be fetched.
- pattern: ^(http|https)://.*$
- type: string
- provider:
- description: Provider of the Security Token Service.
- enum:
- - aws
- - ldap
- type: string
- secretRef:
- description: |-
- SecretRef specifies the Secret containing authentication credentials
- for the STS endpoint. This Secret must contain the fields `username`
- and `password` and is supported only for the `ldap` provider.
- properties:
- name:
- description: Name of the referent.
- type: string
- required:
- - name
- type: object
- required:
- - endpoint
- - provider
- type: object
suspend:
- description: |-
- Suspend tells the controller to suspend the reconciliation of this
- Bucket.
+ description: Suspend tells the controller to suspend the reconciliation
+ of this Bucket.
type: boolean
timeout:
default: 60s
- endpoint
- interval
type: object
- x-kubernetes-validations:
- - message: STS configuration is only supported for the 'aws' and 'generic'
- Bucket providers
- rule: self.provider == 'aws' || self.provider == 'generic' || !has(self.sts)
- - message: '''aws'' is the only supported STS provider for the ''aws''
- Bucket provider'
- rule: self.provider != 'aws' || !has(self.sts) || self.sts.provider
- == 'aws'
- - message: '''ldap'' is the only supported STS provider for the ''generic''
- Bucket provider'
- rule: self.provider != 'generic' || !has(self.sts) || self.sts.provider
- == 'ldap'
- - message: spec.sts.secretRef is not required for the 'aws' STS provider
- rule: '!has(self.sts) || self.sts.provider != ''aws'' || !has(self.sts.secretRef)'
- - message: spec.sts.certSecretRef is not required for the 'aws' STS provider
- rule: '!has(self.sts) || self.sts.provider != ''aws'' || !has(self.sts.certSecretRef)'
status:
default:
observedGeneration: -1
pattern: ^[a-z0-9]+(?:[.+_-][a-z0-9]+)*:[a-zA-Z0-9=_-]+$
type: string
lastUpdateTime:
- description: |-
- LastUpdateTime is the timestamp corresponding to the last update of the
- Artifact.
+ description: LastUpdateTime is the timestamp corresponding to
+ the last update of the Artifact.
format: date-time
type: string
metadata:
description: Metadata holds upstream information such as OCI annotations.
type: object
path:
- description: |-
- Path is the relative file path of the Artifact. It can be used to locate
- the file in the root of the Artifact storage on the local file system of
- the controller managing the Source.
+ description: Path is the relative file path of the Artifact. It
+ can be used to locate the file in the root of the Artifact storage
+ on the local file system of the controller managing the Source.
type: string
revision:
- description: |-
- Revision is a human-readable identifier traceable in the origin source
- system. It can be a Git commit SHA, Git tag, a Helm chart version, etc.
+ description: Revision is a human-readable identifier traceable
+ in the origin source system. It can be a Git commit SHA, Git
+ tag, a Helm chart version, etc.
type: string
size:
description: Size is the number of bytes in the file.
format: int64
type: integer
url:
- description: |-
- URL is the HTTP address of the Artifact as exposed by the controller
- managing the Source. It can be used to retrieve the Artifact for
- consumption, e.g. by another controller applying the Artifact contents.
+ description: URL is the HTTP address of the Artifact as exposed
+ by the controller managing the Source. It can be used to retrieve
+ the Artifact for consumption, e.g. by another controller applying
+ the Artifact contents.
type: string
required:
- lastUpdateTime
conditions:
description: Conditions holds the conditions for the Bucket.
items:
- description: Condition contains details for one aspect of the current
- state of this API Resource.
+ description: "Condition contains details for one aspect of the current
+ state of this API Resource. --- This struct is intended for direct
+ use as an array at the field path .status.conditions. For example,
+ \n type FooStatus struct{ // Represents the observations of a
+ foo's current state. // Known .status.conditions.type are: \"Available\",
+ \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge
+ // +listType=map // +listMapKey=type Conditions []metav1.Condition
+ `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\"
+ protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }"
properties:
lastTransitionTime:
- description: |-
- lastTransitionTime is the last time the condition transitioned from one status to another.
- This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable.
+ description: lastTransitionTime is the last time the condition
+ transitioned from one status to another. This should be when
+ the underlying condition changed. If that is not known, then
+ using the time when the API field changed is acceptable.
format: date-time
type: string
message:
- description: |-
- message is a human readable message indicating details about the transition.
- This may be an empty string.
+ description: message is a human readable message indicating
+ details about the transition. This may be an empty string.
maxLength: 32768
type: string
observedGeneration:
- description: |-
- observedGeneration represents the .metadata.generation that the condition was set based upon.
- For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date
- with respect to the current state of the instance.
+ description: observedGeneration represents the .metadata.generation
+ that the condition was set based upon. For instance, if .metadata.generation
+ is currently 12, but the .status.conditions[x].observedGeneration
+ is 9, the condition is out of date with respect to the current
+ state of the instance.
format: int64
minimum: 0
type: integer
reason:
- description: |-
- reason contains a programmatic identifier indicating the reason for the condition's last transition.
- Producers of specific condition types may define expected values and meanings for this field,
- and whether the values are considered a guaranteed API.
- The value should be a CamelCase string.
+ description: reason contains a programmatic identifier indicating
+ the reason for the condition's last transition. Producers
+ of specific condition types may define expected values and
+ meanings for this field, and whether the values are considered
+ a guaranteed API. The value should be a CamelCase string.
This field may not be empty.
maxLength: 1024
minLength: 1
type: string
type:
description: type of condition in CamelCase or in foo.example.com/CamelCase.
+ --- Many .condition.type values are consistent across resources
+ like Available, but because arbitrary conditions can be useful
+ (see .node.status.conditions), the ability to deconflict is
+ important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt)
maxLength: 316
pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$
type: string
type: object
type: array
lastHandledReconcileAt:
- description: |-
- LastHandledReconcileAt holds the value of the most recent
- reconcile request value, so a change of the annotation value
- can be detected.
+ description: LastHandledReconcileAt holds the value of the most recent
+ reconcile request value, so a change of the annotation value can
+ be detected.
type: string
observedGeneration:
description: ObservedGeneration is the last observed generation of
format: int64
type: integer
observedIgnore:
- description: |-
- ObservedIgnore is the observed exclusion patterns used for constructing
- the source artifact.
+ description: ObservedIgnore is the observed exclusion patterns used
+ for constructing the source artifact.
type: string
url:
- description: |-
- URL is the dynamic fetch link for the latest Artifact.
- It is provided on a "best effort" basis, and using the precise
- BucketStatus.Artifact data is recommended.
+ description: URL is the dynamic fetch link for the latest Artifact.
+ It is provided on a "best effort" basis, and using the precise BucketStatus.Artifact
+ data is recommended.
type: string
type: object
type: object
served: true
- storage: false
+ storage: true
subresources:
status: {}
---
kind: CustomResourceDefinition
metadata:
annotations:
- controller-gen.kubebuilder.io/version: v0.16.1
+ controller-gen.kubebuilder.io/version: v0.12.0
labels:
app.kubernetes.io/component: source-controller
app.kubernetes.io/instance: flux-system
app.kubernetes.io/part-of: flux
- app.kubernetes.io/version: v2.4.0
+ app.kubernetes.io/version: v2.1.2
name: gitrepositories.source.toolkit.fluxcd.io
spec:
group: source.toolkit.fluxcd.io
description: GitRepository is the Schema for the gitrepositories API.
properties:
apiVersion:
- description: |-
- APIVersion defines the versioned schema of this representation of an object.
- Servers should convert recognized schemas to the latest internal value, and
- may reject unrecognized values.
- More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
+ description: 'APIVersion defines the versioned schema of this representation
+ of an object. Servers should convert recognized schemas to the latest
+ internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
type: string
kind:
- description: |-
- Kind is a string value representing the REST resource this object represents.
- Servers may infer this from the endpoint the client submits requests to.
- Cannot be updated.
- In CamelCase.
- More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
+ description: 'Kind is a string value representing the REST resource this
+ object represents. Servers may infer this from the endpoint the client
+ submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
type: string
metadata:
type: object
spec:
- description: |-
- GitRepositorySpec specifies the required configuration to produce an
- Artifact for a Git repository.
+ description: GitRepositorySpec specifies the required configuration to
+ produce an Artifact for a Git repository.
properties:
ignore:
- description: |-
- Ignore overrides the set of excluded patterns in the .sourceignore format
- (which is the same as .gitignore). If not provided, a default will be used,
- consult the documentation for your version to find out what those are.
+ description: Ignore overrides the set of excluded patterns in the
+ .sourceignore format (which is the same as .gitignore). If not provided,
+ a default will be used, consult the documentation for your version
+ to find out what those are.
type: string
include:
- description: |-
- Include specifies a list of GitRepository resources which Artifacts
- should be included in the Artifact produced for this GitRepository.
+ description: Include specifies a list of GitRepository resources which
+ Artifacts should be included in the Artifact produced for this GitRepository.
items:
- description: |-
- GitRepositoryInclude specifies a local reference to a GitRepository which
- Artifact (sub-)contents must be included, and where they should be placed.
+ description: GitRepositoryInclude specifies a local reference to
+ a GitRepository which Artifact (sub-)contents must be included,
+ and where they should be placed.
properties:
fromPath:
- description: |-
- FromPath specifies the path to copy contents from, defaults to the root
- of the Artifact.
+ description: FromPath specifies the path to copy contents from,
+ defaults to the root of the Artifact.
type: string
repository:
- description: |-
- GitRepositoryRef specifies the GitRepository which Artifact contents
- must be included.
+ description: GitRepositoryRef specifies the GitRepository which
+ Artifact contents must be included.
properties:
name:
description: Name of the referent.
- name
type: object
toPath:
- description: |-
- ToPath specifies the path to copy contents to, defaults to the name of
- the GitRepositoryRef.
+ description: ToPath specifies the path to copy contents to,
+ defaults to the name of the GitRepositoryRef.
type: string
required:
- repository
type: object
type: array
interval:
- description: |-
- Interval at which the GitRepository URL is checked for updates.
- This interval is approximate and may be subject to jitter to ensure
- efficient use of resources.
+ description: Interval at which the GitRepository URL is checked for
+ updates. This interval is approximate and may be subject to jitter
+ to ensure efficient use of resources.
pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$
type: string
- provider:
- description: |-
- Provider used for authentication, can be 'azure', 'generic'.
- When not specified, defaults to 'generic'.
- enum:
- - generic
- - azure
- type: string
proxySecretRef:
- description: |-
- ProxySecretRef specifies the Secret containing the proxy configuration
- to use while communicating with the Git server.
+ description: ProxySecretRef specifies the Secret containing the proxy
+ configuration to use while communicating with the Git server.
properties:
name:
description: Name of the referent.
- name
type: object
recurseSubmodules:
- description: |-
- RecurseSubmodules enables the initialization of all submodules within
- the GitRepository as cloned from the URL, using their default settings.
+ description: RecurseSubmodules enables the initialization of all submodules
+ within the GitRepository as cloned from the URL, using their default
+ settings.
type: boolean
ref:
- description: |-
- Reference specifies the Git reference to resolve and monitor for
- changes, defaults to the 'master' branch.
+ description: Reference specifies the Git reference to resolve and
+ monitor for changes, defaults to the 'master' branch.
properties:
branch:
description: Branch to check out, defaults to 'master' if no other
field is defined.
type: string
commit:
- description: |-
- Commit SHA to check out, takes precedence over all reference fields.
-
- This can be combined with Branch to shallow clone the branch, in which
- the commit is expected to exist.
+ description: "Commit SHA to check out, takes precedence over all
+ reference fields. \n This can be combined with Branch to shallow
+ clone the branch, in which the commit is expected to exist."
type: string
name:
- description: |-
- Name of the reference to check out; takes precedence over Branch, Tag and SemVer.
-
- It must be a valid Git reference: https://git-scm.com/docs/git-check-ref-format#_description
- Examples: "refs/heads/main", "refs/tags/v0.1.0", "refs/pull/420/head", "refs/merge-requests/1/head"
+ description: "Name of the reference to check out; takes precedence
+ over Branch, Tag and SemVer. \n It must be a valid Git reference:
+ https://git-scm.com/docs/git-check-ref-format#_description Examples:
+ \"refs/heads/main\", \"refs/tags/v0.1.0\", \"refs/pull/420/head\",
+ \"refs/merge-requests/1/head\""
type: string
semver:
description: SemVer tag expression to check out, takes precedence
type: string
type: object
secretRef:
- description: |-
- SecretRef specifies the Secret containing authentication credentials for
- the GitRepository.
- For HTTPS repositories the Secret must contain 'username' and 'password'
- fields for basic auth or 'bearerToken' field for token auth.
- For SSH repositories the Secret must contain 'identity'
- and 'known_hosts' fields.
+ description: SecretRef specifies the Secret containing authentication
+ credentials for the GitRepository. For HTTPS repositories the Secret
+ must contain 'username' and 'password' fields for basic auth or
+ 'bearerToken' field for token auth. For SSH repositories the Secret
+ must contain 'identity' and 'known_hosts' fields.
properties:
name:
description: Name of the referent.
- name
type: object
suspend:
- description: |-
- Suspend tells the controller to suspend the reconciliation of this
- GitRepository.
+ description: Suspend tells the controller to suspend the reconciliation
+ of this GitRepository.
type: boolean
timeout:
default: 60s
pattern: ^(http|https|ssh)://.*$
type: string
verify:
- description: |-
- Verification specifies the configuration to verify the Git commit
- signature(s).
+ description: Verification specifies the configuration to verify the
+ Git commit signature(s).
properties:
mode:
default: HEAD
- description: |-
- Mode specifies which Git object(s) should be verified.
-
- The variants "head" and "HEAD" both imply the same thing, i.e. verify
- the commit that the HEAD of the Git repository points to. The variant
- "head" solely exists to ensure backwards compatibility.
+ description: "Mode specifies which Git object(s) should be verified.
+ \n The variants \"head\" and \"HEAD\" both imply the same thing,
+ i.e. verify the commit that the HEAD of the Git repository points
+ to. The variant \"head\" solely exists to ensure backwards compatibility."
enum:
- head
- HEAD
- TagAndHEAD
type: string
secretRef:
- description: |-
- SecretRef specifies the Secret containing the public keys of trusted Git
- authors.
+ description: SecretRef specifies the Secret containing the public
+ keys of trusted Git authors.
properties:
name:
description: Name of the referent.
pattern: ^[a-z0-9]+(?:[.+_-][a-z0-9]+)*:[a-zA-Z0-9=_-]+$
type: string
lastUpdateTime:
- description: |-
- LastUpdateTime is the timestamp corresponding to the last update of the
- Artifact.
+ description: LastUpdateTime is the timestamp corresponding to
+ the last update of the Artifact.
format: date-time
type: string
metadata:
description: Metadata holds upstream information such as OCI annotations.
type: object
path:
- description: |-
- Path is the relative file path of the Artifact. It can be used to locate
- the file in the root of the Artifact storage on the local file system of
- the controller managing the Source.
+ description: Path is the relative file path of the Artifact. It
+ can be used to locate the file in the root of the Artifact storage
+ on the local file system of the controller managing the Source.
type: string
revision:
- description: |-
- Revision is a human-readable identifier traceable in the origin source
- system. It can be a Git commit SHA, Git tag, a Helm chart version, etc.
+ description: Revision is a human-readable identifier traceable
+ in the origin source system. It can be a Git commit SHA, Git
+ tag, a Helm chart version, etc.
type: string
size:
description: Size is the number of bytes in the file.
format: int64
type: integer
url:
- description: |-
- URL is the HTTP address of the Artifact as exposed by the controller
- managing the Source. It can be used to retrieve the Artifact for
- consumption, e.g. by another controller applying the Artifact contents.
+ description: URL is the HTTP address of the Artifact as exposed
+ by the controller managing the Source. It can be used to retrieve
+ the Artifact for consumption, e.g. by another controller applying
+ the Artifact contents.
type: string
required:
- lastUpdateTime
conditions:
description: Conditions holds the conditions for the GitRepository.
items:
- description: Condition contains details for one aspect of the current
- state of this API Resource.
+ description: "Condition contains details for one aspect of the current
+ state of this API Resource. --- This struct is intended for direct
+ use as an array at the field path .status.conditions. For example,
+ \n type FooStatus struct{ // Represents the observations of a
+ foo's current state. // Known .status.conditions.type are: \"Available\",
+ \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge
+ // +listType=map // +listMapKey=type Conditions []metav1.Condition
+ `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\"
+ protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }"
properties:
lastTransitionTime:
- description: |-
- lastTransitionTime is the last time the condition transitioned from one status to another.
- This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable.
+ description: lastTransitionTime is the last time the condition
+ transitioned from one status to another. This should be when
+ the underlying condition changed. If that is not known, then
+ using the time when the API field changed is acceptable.
format: date-time
type: string
message:
- description: |-
- message is a human readable message indicating details about the transition.
- This may be an empty string.
+ description: message is a human readable message indicating
+ details about the transition. This may be an empty string.
maxLength: 32768
type: string
observedGeneration:
- description: |-
- observedGeneration represents the .metadata.generation that the condition was set based upon.
- For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date
- with respect to the current state of the instance.
+ description: observedGeneration represents the .metadata.generation
+ that the condition was set based upon. For instance, if .metadata.generation
+ is currently 12, but the .status.conditions[x].observedGeneration
+ is 9, the condition is out of date with respect to the current
+ state of the instance.
format: int64
minimum: 0
type: integer
reason:
- description: |-
- reason contains a programmatic identifier indicating the reason for the condition's last transition.
- Producers of specific condition types may define expected values and meanings for this field,
- and whether the values are considered a guaranteed API.
- The value should be a CamelCase string.
+ description: reason contains a programmatic identifier indicating
+ the reason for the condition's last transition. Producers
+ of specific condition types may define expected values and
+ meanings for this field, and whether the values are considered
+ a guaranteed API. The value should be a CamelCase string.
This field may not be empty.
maxLength: 1024
minLength: 1
type: string
type:
description: type of condition in CamelCase or in foo.example.com/CamelCase.
+ --- Many .condition.type values are consistent across resources
+ like Available, but because arbitrary conditions can be useful
+ (see .node.status.conditions), the ability to deconflict is
+ important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt)
maxLength: 316
pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$
type: string
type: object
type: array
includedArtifacts:
- description: |-
- IncludedArtifacts contains a list of the last successfully included
- Artifacts as instructed by GitRepositorySpec.Include.
+ description: IncludedArtifacts contains a list of the last successfully
+ included Artifacts as instructed by GitRepositorySpec.Include.
items:
description: Artifact represents the output of a Source reconciliation.
properties:
pattern: ^[a-z0-9]+(?:[.+_-][a-z0-9]+)*:[a-zA-Z0-9=_-]+$
type: string
lastUpdateTime:
- description: |-
- LastUpdateTime is the timestamp corresponding to the last update of the
- Artifact.
+ description: LastUpdateTime is the timestamp corresponding to
+ the last update of the Artifact.
format: date-time
type: string
metadata:
annotations.
type: object
path:
- description: |-
- Path is the relative file path of the Artifact. It can be used to locate
- the file in the root of the Artifact storage on the local file system of
- the controller managing the Source.
+ description: Path is the relative file path of the Artifact.
+ It can be used to locate the file in the root of the Artifact
+ storage on the local file system of the controller managing
+ the Source.
type: string
revision:
- description: |-
- Revision is a human-readable identifier traceable in the origin source
- system. It can be a Git commit SHA, Git tag, a Helm chart version, etc.
+ description: Revision is a human-readable identifier traceable
+ in the origin source system. It can be a Git commit SHA, Git
+ tag, a Helm chart version, etc.
type: string
size:
description: Size is the number of bytes in the file.
format: int64
type: integer
url:
- description: |-
- URL is the HTTP address of the Artifact as exposed by the controller
- managing the Source. It can be used to retrieve the Artifact for
- consumption, e.g. by another controller applying the Artifact contents.
+ description: URL is the HTTP address of the Artifact as exposed
+ by the controller managing the Source. It can be used to retrieve
+ the Artifact for consumption, e.g. by another controller applying
+ the Artifact contents.
type: string
required:
- lastUpdateTime
type: object
type: array
lastHandledReconcileAt:
- description: |-
- LastHandledReconcileAt holds the value of the most recent
- reconcile request value, so a change of the annotation value
- can be detected.
+ description: LastHandledReconcileAt holds the value of the most recent
+ reconcile request value, so a change of the annotation value can
+ be detected.
type: string
observedGeneration:
- description: |-
- ObservedGeneration is the last observed generation of the GitRepository
- object.
+ description: ObservedGeneration is the last observed generation of
+ the GitRepository object.
format: int64
type: integer
observedIgnore:
- description: |-
- ObservedIgnore is the observed exclusion patterns used for constructing
- the source artifact.
+ description: ObservedIgnore is the observed exclusion patterns used
+ for constructing the source artifact.
type: string
observedInclude:
- description: |-
- ObservedInclude is the observed list of GitRepository resources used to
- produce the current Artifact.
+ description: ObservedInclude is the observed list of GitRepository
+ resources used to produce the current Artifact.
items:
- description: |-
- GitRepositoryInclude specifies a local reference to a GitRepository which
- Artifact (sub-)contents must be included, and where they should be placed.
+ description: GitRepositoryInclude specifies a local reference to
+ a GitRepository which Artifact (sub-)contents must be included,
+ and where they should be placed.
properties:
fromPath:
- description: |-
- FromPath specifies the path to copy contents from, defaults to the root
- of the Artifact.
+ description: FromPath specifies the path to copy contents from,
+ defaults to the root of the Artifact.
type: string
repository:
- description: |-
- GitRepositoryRef specifies the GitRepository which Artifact contents
- must be included.
+ description: GitRepositoryRef specifies the GitRepository which
+ Artifact contents must be included.
properties:
name:
description: Name of the referent.
- name
type: object
toPath:
- description: |-
- ToPath specifies the path to copy contents to, defaults to the name of
- the GitRepositoryRef.
+ description: ToPath specifies the path to copy contents to,
+ defaults to the name of the GitRepositoryRef.
type: string
required:
- repository
type: object
type: array
observedRecurseSubmodules:
- description: |-
- ObservedRecurseSubmodules is the observed resource submodules
+ description: ObservedRecurseSubmodules is the observed resource submodules
configuration used to produce the current Artifact.
type: boolean
sourceVerificationMode:
- description: |-
- SourceVerificationMode is the last used verification mode indicating
- which Git object(s) have been verified.
+ description: SourceVerificationMode is the last used verification
+ mode indicating which Git object(s) have been verified.
type: string
type: object
type: object
description: GitRepository is the Schema for the gitrepositories API
properties:
apiVersion:
- description: |-
- APIVersion defines the versioned schema of this representation of an object.
- Servers should convert recognized schemas to the latest internal value, and
- may reject unrecognized values.
- More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
+ description: 'APIVersion defines the versioned schema of this representation
+ of an object. Servers should convert recognized schemas to the latest
+ internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
type: string
kind:
- description: |-
- Kind is a string value representing the REST resource this object represents.
- Servers may infer this from the endpoint the client submits requests to.
- Cannot be updated.
- In CamelCase.
- More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
+ description: 'Kind is a string value representing the REST resource this
+ object represents. Servers may infer this from the endpoint the client
+ submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
type: string
metadata:
type: object
cross-namespace references to this object.
properties:
namespaceSelectors:
- description: |-
- NamespaceSelectors is the list of namespace selectors to which this ACL applies.
- Items in this list are evaluated using a logical OR operation.
+ description: NamespaceSelectors is the list of namespace selectors
+ to which this ACL applies. Items in this list are evaluated
+ using a logical OR operation.
items:
- description: |-
- NamespaceSelector selects the namespaces to which this ACL applies.
- An empty map of MatchLabels matches all namespaces in a cluster.
+ description: NamespaceSelector selects the namespaces to which
+ this ACL applies. An empty map of MatchLabels matches all
+ namespaces in a cluster.
properties:
matchLabels:
additionalProperties:
type: string
- description: |-
- MatchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels
- map is equivalent to an element of matchExpressions, whose key field is "key", the
- operator is "In", and the values array contains only "value". The requirements are ANDed.
+ description: MatchLabels is a map of {key,value} pairs.
+ A single {key,value} in the matchLabels map is equivalent
+ to an element of matchExpressions, whose key field is
+ "key", the operator is "In", and the values array contains
+ only "value". The requirements are ANDed.
type: object
type: object
type: array
type: object
gitImplementation:
default: go-git
- description: |-
- Determines which git client library to use.
- Defaults to go-git, valid values are ('go-git', 'libgit2').
+ description: Determines which git client library to use. Defaults
+ to go-git, valid values are ('go-git', 'libgit2').
enum:
- go-git
- libgit2
type: string
ignore:
- description: |-
- Ignore overrides the set of excluded patterns in the .sourceignore format
- (which is the same as .gitignore). If not provided, a default will be used,
- consult the documentation for your version to find out what those are.
+ description: Ignore overrides the set of excluded patterns in the
+ .sourceignore format (which is the same as .gitignore). If not provided,
+ a default will be used, consult the documentation for your version
+ to find out what those are.
type: string
include:
description: Extra git repositories to map into the repository
description: The interval at which to check for repository updates.
type: string
recurseSubmodules:
- description: |-
- When enabled, after the clone is created, initializes all submodules within,
- using their default settings.
- This option is available only when using the 'go-git' GitImplementation.
+ description: When enabled, after the clone is created, initializes
+ all submodules within, using their default settings. This option
+ is available only when using the 'go-git' GitImplementation.
type: boolean
ref:
- description: |-
- The Git reference to checkout and monitor for changes, defaults to
- master branch.
+ description: The Git reference to checkout and monitor for changes,
+ defaults to master branch.
properties:
branch:
description: The Git branch to checkout, defaults to master.
type: string
type: object
secretRef:
- description: |-
- The secret name containing the Git credentials.
- For HTTPS repositories the secret must contain username and password
- fields.
+ description: The secret name containing the Git credentials. For HTTPS
+ repositories the secret must contain username and password fields.
For SSH repositories the secret must contain identity and known_hosts
fields.
properties:
description: Checksum is the SHA256 checksum of the artifact.
type: string
lastUpdateTime:
- description: |-
- LastUpdateTime is the timestamp corresponding to the last update of this
- artifact.
+ description: LastUpdateTime is the timestamp corresponding to
+ the last update of this artifact.
format: date-time
type: string
path:
description: Path is the relative file path of this artifact.
type: string
revision:
- description: |-
- Revision is a human readable identifier traceable in the origin source
- system. It can be a Git commit SHA, Git tag, a Helm index timestamp, a Helm
- chart version, etc.
+ description: Revision is a human readable identifier traceable
+ in the origin source system. It can be a Git commit SHA, Git
+ tag, a Helm index timestamp, a Helm chart version, etc.
type: string
url:
description: URL is the HTTP address of this artifact.
type: string
required:
- - lastUpdateTime
- path
- url
type: object
conditions:
description: Conditions holds the conditions for the GitRepository.
items:
- description: Condition contains details for one aspect of the current
- state of this API Resource.
+ description: "Condition contains details for one aspect of the current
+ state of this API Resource. --- This struct is intended for direct
+ use as an array at the field path .status.conditions. For example,
+ \n type FooStatus struct{ // Represents the observations of a
+ foo's current state. // Known .status.conditions.type are: \"Available\",
+ \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge
+ // +listType=map // +listMapKey=type Conditions []metav1.Condition
+ `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\"
+ protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }"
properties:
lastTransitionTime:
- description: |-
- lastTransitionTime is the last time the condition transitioned from one status to another.
- This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable.
+ description: lastTransitionTime is the last time the condition
+ transitioned from one status to another. This should be when
+ the underlying condition changed. If that is not known, then
+ using the time when the API field changed is acceptable.
format: date-time
type: string
message:
- description: |-
- message is a human readable message indicating details about the transition.
- This may be an empty string.
+ description: message is a human readable message indicating
+ details about the transition. This may be an empty string.
maxLength: 32768
type: string
observedGeneration:
- description: |-
- observedGeneration represents the .metadata.generation that the condition was set based upon.
- For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date
- with respect to the current state of the instance.
+ description: observedGeneration represents the .metadata.generation
+ that the condition was set based upon. For instance, if .metadata.generation
+ is currently 12, but the .status.conditions[x].observedGeneration
+ is 9, the condition is out of date with respect to the current
+ state of the instance.
format: int64
minimum: 0
type: integer
reason:
- description: |-
- reason contains a programmatic identifier indicating the reason for the condition's last transition.
- Producers of specific condition types may define expected values and meanings for this field,
- and whether the values are considered a guaranteed API.
- The value should be a CamelCase string.
+ description: reason contains a programmatic identifier indicating
+ the reason for the condition's last transition. Producers
+ of specific condition types may define expected values and
+ meanings for this field, and whether the values are considered
+ a guaranteed API. The value should be a CamelCase string.
This field may not be empty.
maxLength: 1024
minLength: 1
type: string
type:
description: type of condition in CamelCase or in foo.example.com/CamelCase.
+ --- Many .condition.type values are consistent across resources
+ like Available, but because arbitrary conditions can be useful
+ (see .node.status.conditions), the ability to deconflict is
+ important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt)
maxLength: 316
pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$
type: string
description: Checksum is the SHA256 checksum of the artifact.
type: string
lastUpdateTime:
- description: |-
- LastUpdateTime is the timestamp corresponding to the last update of this
- artifact.
+ description: LastUpdateTime is the timestamp corresponding to
+ the last update of this artifact.
format: date-time
type: string
path:
description: Path is the relative file path of this artifact.
type: string
revision:
- description: |-
- Revision is a human readable identifier traceable in the origin source
- system. It can be a Git commit SHA, Git tag, a Helm index timestamp, a Helm
- chart version, etc.
+ description: Revision is a human readable identifier traceable
+ in the origin source system. It can be a Git commit SHA, Git
+ tag, a Helm index timestamp, a Helm chart version, etc.
type: string
url:
description: URL is the HTTP address of this artifact.
type: string
required:
- - lastUpdateTime
- path
- url
type: object
type: array
lastHandledReconcileAt:
- description: |-
- LastHandledReconcileAt holds the value of the most recent
- reconcile request value, so a change of the annotation value
- can be detected.
+ description: LastHandledReconcileAt holds the value of the most recent
+ reconcile request value, so a change of the annotation value can
+ be detected.
type: string
observedGeneration:
description: ObservedGeneration is the last observed generation.
format: int64
type: integer
url:
- description: |-
- URL is the download link for the artifact output of the last repository
- sync.
+ description: URL is the download link for the artifact output of the
+ last repository sync.
type: string
type: object
type: object
description: GitRepository is the Schema for the gitrepositories API.
properties:
apiVersion:
- description: |-
- APIVersion defines the versioned schema of this representation of an object.
- Servers should convert recognized schemas to the latest internal value, and
- may reject unrecognized values.
- More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
+ description: 'APIVersion defines the versioned schema of this representation
+ of an object. Servers should convert recognized schemas to the latest
+ internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
type: string
kind:
- description: |-
- Kind is a string value representing the REST resource this object represents.
- Servers may infer this from the endpoint the client submits requests to.
- Cannot be updated.
- In CamelCase.
- More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
+ description: 'Kind is a string value representing the REST resource this
+ object represents. Servers may infer this from the endpoint the client
+ submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
type: string
metadata:
type: object
spec:
- description: |-
- GitRepositorySpec specifies the required configuration to produce an
- Artifact for a Git repository.
+ description: GitRepositorySpec specifies the required configuration to
+ produce an Artifact for a Git repository.
properties:
accessFrom:
- description: |-
- AccessFrom specifies an Access Control List for allowing cross-namespace
- references to this object.
- NOTE: Not implemented, provisional as of https://github.com/fluxcd/flux2/pull/2092
+ description: 'AccessFrom specifies an Access Control List for allowing
+ cross-namespace references to this object. NOTE: Not implemented,
+ provisional as of https://github.com/fluxcd/flux2/pull/2092'
properties:
namespaceSelectors:
- description: |-
- NamespaceSelectors is the list of namespace selectors to which this ACL applies.
- Items in this list are evaluated using a logical OR operation.
+ description: NamespaceSelectors is the list of namespace selectors
+ to which this ACL applies. Items in this list are evaluated
+ using a logical OR operation.
items:
- description: |-
- NamespaceSelector selects the namespaces to which this ACL applies.
- An empty map of MatchLabels matches all namespaces in a cluster.
+ description: NamespaceSelector selects the namespaces to which
+ this ACL applies. An empty map of MatchLabels matches all
+ namespaces in a cluster.
properties:
matchLabels:
additionalProperties:
type: string
- description: |-
- MatchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels
- map is equivalent to an element of matchExpressions, whose key field is "key", the
- operator is "In", and the values array contains only "value". The requirements are ANDed.
+ description: MatchLabels is a map of {key,value} pairs.
+ A single {key,value} in the matchLabels map is equivalent
+ to an element of matchExpressions, whose key field is
+ "key", the operator is "In", and the values array contains
+ only "value". The requirements are ANDed.
type: object
type: object
type: array
type: object
gitImplementation:
default: go-git
- description: |-
- GitImplementation specifies which Git client library implementation to
- use. Defaults to 'go-git', valid values are ('go-git', 'libgit2').
- Deprecated: gitImplementation is deprecated now that 'go-git' is the
- only supported implementation.
+ description: 'GitImplementation specifies which Git client library
+ implementation to use. Defaults to ''go-git'', valid values are
+ (''go-git'', ''libgit2''). Deprecated: gitImplementation is deprecated
+ now that ''go-git'' is the only supported implementation.'
enum:
- go-git
- libgit2
type: string
ignore:
- description: |-
- Ignore overrides the set of excluded patterns in the .sourceignore format
- (which is the same as .gitignore). If not provided, a default will be used,
- consult the documentation for your version to find out what those are.
+ description: Ignore overrides the set of excluded patterns in the
+ .sourceignore format (which is the same as .gitignore). If not provided,
+ a default will be used, consult the documentation for your version
+ to find out what those are.
type: string
include:
- description: |-
- Include specifies a list of GitRepository resources which Artifacts
- should be included in the Artifact produced for this GitRepository.
+ description: Include specifies a list of GitRepository resources which
+ Artifacts should be included in the Artifact produced for this GitRepository.
items:
- description: |-
- GitRepositoryInclude specifies a local reference to a GitRepository which
- Artifact (sub-)contents must be included, and where they should be placed.
+ description: GitRepositoryInclude specifies a local reference to
+ a GitRepository which Artifact (sub-)contents must be included,
+ and where they should be placed.
properties:
fromPath:
- description: |-
- FromPath specifies the path to copy contents from, defaults to the root
- of the Artifact.
+ description: FromPath specifies the path to copy contents from,
+ defaults to the root of the Artifact.
type: string
repository:
- description: |-
- GitRepositoryRef specifies the GitRepository which Artifact contents
- must be included.
+ description: GitRepositoryRef specifies the GitRepository which
+ Artifact contents must be included.
properties:
name:
description: Name of the referent.
- name
type: object
toPath:
- description: |-
- ToPath specifies the path to copy contents to, defaults to the name of
- the GitRepositoryRef.
+ description: ToPath specifies the path to copy contents to,
+ defaults to the name of the GitRepositoryRef.
type: string
required:
- repository
pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$
type: string
recurseSubmodules:
- description: |-
- RecurseSubmodules enables the initialization of all submodules within
- the GitRepository as cloned from the URL, using their default settings.
+ description: RecurseSubmodules enables the initialization of all submodules
+ within the GitRepository as cloned from the URL, using their default
+ settings.
type: boolean
ref:
- description: |-
- Reference specifies the Git reference to resolve and monitor for
- changes, defaults to the 'master' branch.
+ description: Reference specifies the Git reference to resolve and
+ monitor for changes, defaults to the 'master' branch.
properties:
branch:
description: Branch to check out, defaults to 'master' if no other
field is defined.
type: string
commit:
- description: |-
- Commit SHA to check out, takes precedence over all reference fields.
-
- This can be combined with Branch to shallow clone the branch, in which
- the commit is expected to exist.
+ description: "Commit SHA to check out, takes precedence over all
+ reference fields. \n This can be combined with Branch to shallow
+ clone the branch, in which the commit is expected to exist."
type: string
name:
- description: |-
- Name of the reference to check out; takes precedence over Branch, Tag and SemVer.
-
- It must be a valid Git reference: https://git-scm.com/docs/git-check-ref-format#_description
- Examples: "refs/heads/main", "refs/tags/v0.1.0", "refs/pull/420/head", "refs/merge-requests/1/head"
+ description: "Name of the reference to check out; takes precedence
+ over Branch, Tag and SemVer. \n It must be a valid Git reference:
+ https://git-scm.com/docs/git-check-ref-format#_description Examples:
+ \"refs/heads/main\", \"refs/tags/v0.1.0\", \"refs/pull/420/head\",
+ \"refs/merge-requests/1/head\""
type: string
semver:
description: SemVer tag expression to check out, takes precedence
type: string
type: object
secretRef:
- description: |-
- SecretRef specifies the Secret containing authentication credentials for
- the GitRepository.
- For HTTPS repositories the Secret must contain 'username' and 'password'
- fields for basic auth or 'bearerToken' field for token auth.
- For SSH repositories the Secret must contain 'identity'
- and 'known_hosts' fields.
+ description: SecretRef specifies the Secret containing authentication
+ credentials for the GitRepository. For HTTPS repositories the Secret
+ must contain 'username' and 'password' fields for basic auth or
+ 'bearerToken' field for token auth. For SSH repositories the Secret
+ must contain 'identity' and 'known_hosts' fields.
properties:
name:
description: Name of the referent.
- name
type: object
suspend:
- description: |-
- Suspend tells the controller to suspend the reconciliation of this
- GitRepository.
+ description: Suspend tells the controller to suspend the reconciliation
+ of this GitRepository.
type: boolean
timeout:
default: 60s
pattern: ^(http|https|ssh)://.*$
type: string
verify:
- description: |-
- Verification specifies the configuration to verify the Git commit
- signature(s).
+ description: Verification specifies the configuration to verify the
+ Git commit signature(s).
properties:
mode:
description: Mode specifies what Git object should be verified,
- head
type: string
secretRef:
- description: |-
- SecretRef specifies the Secret containing the public keys of trusted Git
- authors.
+ description: SecretRef specifies the Secret containing the public
+ keys of trusted Git authors.
properties:
name:
description: Name of the referent.
pattern: ^[a-z0-9]+(?:[.+_-][a-z0-9]+)*:[a-zA-Z0-9=_-]+$
type: string
lastUpdateTime:
- description: |-
- LastUpdateTime is the timestamp corresponding to the last update of the
- Artifact.
+ description: LastUpdateTime is the timestamp corresponding to
+ the last update of the Artifact.
format: date-time
type: string
metadata:
description: Metadata holds upstream information such as OCI annotations.
type: object
path:
- description: |-
- Path is the relative file path of the Artifact. It can be used to locate
- the file in the root of the Artifact storage on the local file system of
- the controller managing the Source.
+ description: Path is the relative file path of the Artifact. It
+ can be used to locate the file in the root of the Artifact storage
+ on the local file system of the controller managing the Source.
type: string
revision:
- description: |-
- Revision is a human-readable identifier traceable in the origin source
- system. It can be a Git commit SHA, Git tag, a Helm chart version, etc.
+ description: Revision is a human-readable identifier traceable
+ in the origin source system. It can be a Git commit SHA, Git
+ tag, a Helm chart version, etc.
type: string
size:
description: Size is the number of bytes in the file.
format: int64
type: integer
url:
- description: |-
- URL is the HTTP address of the Artifact as exposed by the controller
- managing the Source. It can be used to retrieve the Artifact for
- consumption, e.g. by another controller applying the Artifact contents.
+ description: URL is the HTTP address of the Artifact as exposed
+ by the controller managing the Source. It can be used to retrieve
+ the Artifact for consumption, e.g. by another controller applying
+ the Artifact contents.
type: string
required:
- lastUpdateTime
conditions:
description: Conditions holds the conditions for the GitRepository.
items:
- description: Condition contains details for one aspect of the current
- state of this API Resource.
+ description: "Condition contains details for one aspect of the current
+ state of this API Resource. --- This struct is intended for direct
+ use as an array at the field path .status.conditions. For example,
+ \n type FooStatus struct{ // Represents the observations of a
+ foo's current state. // Known .status.conditions.type are: \"Available\",
+ \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge
+ // +listType=map // +listMapKey=type Conditions []metav1.Condition
+ `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\"
+ protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }"
properties:
lastTransitionTime:
- description: |-
- lastTransitionTime is the last time the condition transitioned from one status to another.
- This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable.
+ description: lastTransitionTime is the last time the condition
+ transitioned from one status to another. This should be when
+ the underlying condition changed. If that is not known, then
+ using the time when the API field changed is acceptable.
format: date-time
type: string
message:
- description: |-
- message is a human readable message indicating details about the transition.
- This may be an empty string.
+ description: message is a human readable message indicating
+ details about the transition. This may be an empty string.
maxLength: 32768
type: string
observedGeneration:
- description: |-
- observedGeneration represents the .metadata.generation that the condition was set based upon.
- For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date
- with respect to the current state of the instance.
+ description: observedGeneration represents the .metadata.generation
+ that the condition was set based upon. For instance, if .metadata.generation
+ is currently 12, but the .status.conditions[x].observedGeneration
+ is 9, the condition is out of date with respect to the current
+ state of the instance.
format: int64
minimum: 0
type: integer
reason:
- description: |-
- reason contains a programmatic identifier indicating the reason for the condition's last transition.
- Producers of specific condition types may define expected values and meanings for this field,
- and whether the values are considered a guaranteed API.
- The value should be a CamelCase string.
+ description: reason contains a programmatic identifier indicating
+ the reason for the condition's last transition. Producers
+ of specific condition types may define expected values and
+ meanings for this field, and whether the values are considered
+ a guaranteed API. The value should be a CamelCase string.
This field may not be empty.
maxLength: 1024
minLength: 1
type: string
type:
description: type of condition in CamelCase or in foo.example.com/CamelCase.
+ --- Many .condition.type values are consistent across resources
+ like Available, but because arbitrary conditions can be useful
+ (see .node.status.conditions), the ability to deconflict is
+ important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt)
maxLength: 316
pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$
type: string
type: object
type: array
contentConfigChecksum:
- description: |-
- ContentConfigChecksum is a checksum of all the configurations related to
- the content of the source artifact:
- - .spec.ignore
- - .spec.recurseSubmodules
- - .spec.included and the checksum of the included artifacts
- observed in .status.observedGeneration version of the object. This can
- be used to determine if the content of the included repository has
- changed.
- It has the format of `<algo>:<checksum>`, for example: `sha256:<checksum>`.
-
- Deprecated: Replaced with explicit fields for observed artifact content
- config in the status.
+ description: "ContentConfigChecksum is a checksum of all the configurations
+ related to the content of the source artifact: - .spec.ignore -
+ .spec.recurseSubmodules - .spec.included and the checksum of the
+ included artifacts observed in .status.observedGeneration version
+ of the object. This can be used to determine if the content of the
+ included repository has changed. It has the format of `<algo>:<checksum>`,
+ for example: `sha256:<checksum>`. \n Deprecated: Replaced with explicit
+ fields for observed artifact content config in the status."
type: string
includedArtifacts:
- description: |-
- IncludedArtifacts contains a list of the last successfully included
- Artifacts as instructed by GitRepositorySpec.Include.
+ description: IncludedArtifacts contains a list of the last successfully
+ included Artifacts as instructed by GitRepositorySpec.Include.
items:
description: Artifact represents the output of a Source reconciliation.
properties:
pattern: ^[a-z0-9]+(?:[.+_-][a-z0-9]+)*:[a-zA-Z0-9=_-]+$
type: string
lastUpdateTime:
- description: |-
- LastUpdateTime is the timestamp corresponding to the last update of the
- Artifact.
+ description: LastUpdateTime is the timestamp corresponding to
+ the last update of the Artifact.
format: date-time
type: string
metadata:
annotations.
type: object
path:
- description: |-
- Path is the relative file path of the Artifact. It can be used to locate
- the file in the root of the Artifact storage on the local file system of
- the controller managing the Source.
+ description: Path is the relative file path of the Artifact.
+ It can be used to locate the file in the root of the Artifact
+ storage on the local file system of the controller managing
+ the Source.
type: string
revision:
- description: |-
- Revision is a human-readable identifier traceable in the origin source
- system. It can be a Git commit SHA, Git tag, a Helm chart version, etc.
+ description: Revision is a human-readable identifier traceable
+ in the origin source system. It can be a Git commit SHA, Git
+ tag, a Helm chart version, etc.
type: string
size:
description: Size is the number of bytes in the file.
format: int64
type: integer
url:
- description: |-
- URL is the HTTP address of the Artifact as exposed by the controller
- managing the Source. It can be used to retrieve the Artifact for
- consumption, e.g. by another controller applying the Artifact contents.
+ description: URL is the HTTP address of the Artifact as exposed
+ by the controller managing the Source. It can be used to retrieve
+ the Artifact for consumption, e.g. by another controller applying
+ the Artifact contents.
type: string
required:
- lastUpdateTime
type: object
type: array
lastHandledReconcileAt:
- description: |-
- LastHandledReconcileAt holds the value of the most recent
- reconcile request value, so a change of the annotation value
- can be detected.
+ description: LastHandledReconcileAt holds the value of the most recent
+ reconcile request value, so a change of the annotation value can
+ be detected.
type: string
observedGeneration:
- description: |-
- ObservedGeneration is the last observed generation of the GitRepository
- object.
+ description: ObservedGeneration is the last observed generation of
+ the GitRepository object.
format: int64
type: integer
observedIgnore:
- description: |-
- ObservedIgnore is the observed exclusion patterns used for constructing
- the source artifact.
+ description: ObservedIgnore is the observed exclusion patterns used
+ for constructing the source artifact.
type: string
observedInclude:
- description: |-
- ObservedInclude is the observed list of GitRepository resources used to
- to produce the current Artifact.
+ description: ObservedInclude is the observed list of GitRepository
+ resources used to to produce the current Artifact.
items:
- description: |-
- GitRepositoryInclude specifies a local reference to a GitRepository which
- Artifact (sub-)contents must be included, and where they should be placed.
+ description: GitRepositoryInclude specifies a local reference to
+ a GitRepository which Artifact (sub-)contents must be included,
+ and where they should be placed.
properties:
fromPath:
- description: |-
- FromPath specifies the path to copy contents from, defaults to the root
- of the Artifact.
+ description: FromPath specifies the path to copy contents from,
+ defaults to the root of the Artifact.
type: string
repository:
- description: |-
- GitRepositoryRef specifies the GitRepository which Artifact contents
- must be included.
+ description: GitRepositoryRef specifies the GitRepository which
+ Artifact contents must be included.
properties:
name:
description: Name of the referent.
- name
type: object
toPath:
- description: |-
- ToPath specifies the path to copy contents to, defaults to the name of
- the GitRepositoryRef.
+ description: ToPath specifies the path to copy contents to,
+ defaults to the name of the GitRepositoryRef.
type: string
required:
- repository
type: object
type: array
observedRecurseSubmodules:
- description: |-
- ObservedRecurseSubmodules is the observed resource submodules
+ description: ObservedRecurseSubmodules is the observed resource submodules
configuration used to produce the current Artifact.
type: boolean
url:
- description: |-
- URL is the dynamic fetch link for the latest Artifact.
- It is provided on a "best effort" basis, and using the precise
- GitRepositoryStatus.Artifact data is recommended.
+ description: URL is the dynamic fetch link for the latest Artifact.
+ It is provided on a "best effort" basis, and using the precise GitRepositoryStatus.Artifact
+ data is recommended.
type: string
type: object
type: object
kind: CustomResourceDefinition
metadata:
annotations:
- controller-gen.kubebuilder.io/version: v0.16.1
+ controller-gen.kubebuilder.io/version: v0.12.0
labels:
app.kubernetes.io/component: source-controller
app.kubernetes.io/instance: flux-system
app.kubernetes.io/part-of: flux
- app.kubernetes.io/version: v2.4.0
+ app.kubernetes.io/version: v2.1.2
name: helmcharts.source.toolkit.fluxcd.io
spec:
group: source.toolkit.fluxcd.io
singular: helmchart
scope: Namespaced
versions:
- - additionalPrinterColumns:
- - jsonPath: .spec.chart
- name: Chart
- type: string
- - jsonPath: .spec.version
- name: Version
- type: string
- - jsonPath: .spec.sourceRef.kind
- name: Source Kind
- type: string
- - jsonPath: .spec.sourceRef.name
- name: Source Name
- type: string
- - jsonPath: .metadata.creationTimestamp
- name: Age
- type: date
- - jsonPath: .status.conditions[?(@.type=="Ready")].status
- name: Ready
- type: string
- - jsonPath: .status.conditions[?(@.type=="Ready")].message
- name: Status
- type: string
- name: v1
- schema:
- openAPIV3Schema:
- description: HelmChart is the Schema for the helmcharts API.
- properties:
- apiVersion:
- description: |-
- APIVersion defines the versioned schema of this representation of an object.
- Servers should convert recognized schemas to the latest internal value, and
- may reject unrecognized values.
- More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
- type: string
- kind:
- description: |-
- Kind is a string value representing the REST resource this object represents.
- Servers may infer this from the endpoint the client submits requests to.
- Cannot be updated.
- In CamelCase.
- More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
- type: string
- metadata:
- type: object
- spec:
- description: HelmChartSpec specifies the desired state of a Helm chart.
- properties:
- chart:
- description: |-
- Chart is the name or path the Helm chart is available at in the
- SourceRef.
- type: string
- ignoreMissingValuesFiles:
- description: |-
- IgnoreMissingValuesFiles controls whether to silently ignore missing values
- files rather than failing.
- type: boolean
- interval:
- description: |-
- Interval at which the HelmChart SourceRef is checked for updates.
- This interval is approximate and may be subject to jitter to ensure
- efficient use of resources.
- pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$
- type: string
- reconcileStrategy:
- default: ChartVersion
- description: |-
- ReconcileStrategy determines what enables the creation of a new artifact.
- Valid values are ('ChartVersion', 'Revision').
- See the documentation of the values for an explanation on their behavior.
- Defaults to ChartVersion when omitted.
- enum:
- - ChartVersion
- - Revision
- type: string
- sourceRef:
- description: SourceRef is the reference to the Source the chart is
- available at.
- properties:
- apiVersion:
- description: APIVersion of the referent.
- type: string
- kind:
- description: |-
- Kind of the referent, valid values are ('HelmRepository', 'GitRepository',
- 'Bucket').
- enum:
- - HelmRepository
- - GitRepository
- - Bucket
- type: string
- name:
- description: Name of the referent.
- type: string
- required:
- - kind
- - name
- type: object
- suspend:
- description: |-
- Suspend tells the controller to suspend the reconciliation of this
- source.
- type: boolean
- valuesFiles:
- description: |-
- ValuesFiles is an alternative list of values files to use as the chart
- values (values.yaml is not included by default), expected to be a
- relative path in the SourceRef.
- Values files are merged in the order of this list with the last file
- overriding the first. Ignored when omitted.
- items:
- type: string
- type: array
- verify:
- description: |-
- Verify contains the secret name containing the trusted public keys
- used to verify the signature and specifies which provider to use to check
- whether OCI image is authentic.
- This field is only supported when using HelmRepository source with spec.type 'oci'.
- Chart dependencies, which are not bundled in the umbrella chart artifact, are not verified.
- properties:
- matchOIDCIdentity:
- description: |-
- MatchOIDCIdentity specifies the identity matching criteria to use
- while verifying an OCI artifact which was signed using Cosign keyless
- signing. The artifact's identity is deemed to be verified if any of the
- specified matchers match against the identity.
- items:
- description: |-
- OIDCIdentityMatch specifies options for verifying the certificate identity,
- i.e. the issuer and the subject of the certificate.
- properties:
- issuer:
- description: |-
- Issuer specifies the regex pattern to match against to verify
- the OIDC issuer in the Fulcio certificate. The pattern must be a
- valid Go regular expression.
- type: string
- subject:
- description: |-
- Subject specifies the regex pattern to match against to verify
- the identity subject in the Fulcio certificate. The pattern must
- be a valid Go regular expression.
- type: string
- required:
- - issuer
- - subject
- type: object
- type: array
- provider:
- default: cosign
- description: Provider specifies the technology used to sign the
- OCI Artifact.
- enum:
- - cosign
- - notation
- type: string
- secretRef:
- description: |-
- SecretRef specifies the Kubernetes Secret containing the
- trusted public keys.
- properties:
- name:
- description: Name of the referent.
- type: string
- required:
- - name
- type: object
- required:
- - provider
- type: object
- version:
- default: '*'
- description: |-
- Version is the chart version semver expression, ignored for charts from
- GitRepository and Bucket sources. Defaults to latest when omitted.
- type: string
- required:
- - chart
- - interval
- - sourceRef
- type: object
- status:
- default:
- observedGeneration: -1
- description: HelmChartStatus records the observed state of the HelmChart.
- properties:
- artifact:
- description: Artifact represents the output of the last successful
- reconciliation.
- properties:
- digest:
- description: Digest is the digest of the file in the form of '<algorithm>:<checksum>'.
- pattern: ^[a-z0-9]+(?:[.+_-][a-z0-9]+)*:[a-zA-Z0-9=_-]+$
- type: string
- lastUpdateTime:
- description: |-
- LastUpdateTime is the timestamp corresponding to the last update of the
- Artifact.
- format: date-time
- type: string
- metadata:
- additionalProperties:
- type: string
- description: Metadata holds upstream information such as OCI annotations.
- type: object
- path:
- description: |-
- Path is the relative file path of the Artifact. It can be used to locate
- the file in the root of the Artifact storage on the local file system of
- the controller managing the Source.
- type: string
- revision:
- description: |-
- Revision is a human-readable identifier traceable in the origin source
- system. It can be a Git commit SHA, Git tag, a Helm chart version, etc.
- type: string
- size:
- description: Size is the number of bytes in the file.
- format: int64
- type: integer
- url:
- description: |-
- URL is the HTTP address of the Artifact as exposed by the controller
- managing the Source. It can be used to retrieve the Artifact for
- consumption, e.g. by another controller applying the Artifact contents.
- type: string
- required:
- - lastUpdateTime
- - path
- - revision
- - url
- type: object
- conditions:
- description: Conditions holds the conditions for the HelmChart.
- items:
- description: Condition contains details for one aspect of the current
- state of this API Resource.
- properties:
- lastTransitionTime:
- description: |-
- lastTransitionTime is the last time the condition transitioned from one status to another.
- This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable.
- format: date-time
- type: string
- message:
- description: |-
- message is a human readable message indicating details about the transition.
- This may be an empty string.
- maxLength: 32768
- type: string
- observedGeneration:
- description: |-
- observedGeneration represents the .metadata.generation that the condition was set based upon.
- For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date
- with respect to the current state of the instance.
- format: int64
- minimum: 0
- type: integer
- reason:
- description: |-
- reason contains a programmatic identifier indicating the reason for the condition's last transition.
- Producers of specific condition types may define expected values and meanings for this field,
- and whether the values are considered a guaranteed API.
- The value should be a CamelCase string.
- This field may not be empty.
- maxLength: 1024
- minLength: 1
- pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$
- type: string
- status:
- description: status of the condition, one of True, False, Unknown.
- enum:
- - "True"
- - "False"
- - Unknown
- type: string
- type:
- description: type of condition in CamelCase or in foo.example.com/CamelCase.
- maxLength: 316
- pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$
- type: string
- required:
- - lastTransitionTime
- - message
- - reason
- - status
- - type
- type: object
- type: array
- lastHandledReconcileAt:
- description: |-
- LastHandledReconcileAt holds the value of the most recent
- reconcile request value, so a change of the annotation value
- can be detected.
- type: string
- observedChartName:
- description: |-
- ObservedChartName is the last observed chart name as specified by the
- resolved chart reference.
- type: string
- observedGeneration:
- description: |-
- ObservedGeneration is the last observed generation of the HelmChart
- object.
- format: int64
- type: integer
- observedSourceArtifactRevision:
- description: |-
- ObservedSourceArtifactRevision is the last observed Artifact.Revision
- of the HelmChartSpec.SourceRef.
- type: string
- observedValuesFiles:
- description: |-
- ObservedValuesFiles are the observed value files of the last successful
- reconciliation.
- It matches the chart in the last successfully reconciled artifact.
- items:
- type: string
- type: array
- url:
- description: |-
- URL is the dynamic fetch link for the latest Artifact.
- It is provided on a "best effort" basis, and using the precise
- BucketStatus.Artifact data is recommended.
- type: string
- type: object
- type: object
- served: true
- storage: true
- subresources:
- status: {}
- additionalPrinterColumns:
- jsonPath: .spec.chart
name: Chart
- jsonPath: .metadata.creationTimestamp
name: Age
type: date
- deprecated: true
- deprecationWarning: v1beta1 HelmChart is deprecated, upgrade to v1
name: v1beta1
schema:
openAPIV3Schema:
description: HelmChart is the Schema for the helmcharts API
properties:
apiVersion:
- description: |-
- APIVersion defines the versioned schema of this representation of an object.
- Servers should convert recognized schemas to the latest internal value, and
- may reject unrecognized values.
- More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
+ description: 'APIVersion defines the versioned schema of this representation
+ of an object. Servers should convert recognized schemas to the latest
+ internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
type: string
kind:
- description: |-
- Kind is a string value representing the REST resource this object represents.
- Servers may infer this from the endpoint the client submits requests to.
- Cannot be updated.
- In CamelCase.
- More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
+ description: 'Kind is a string value representing the REST resource this
+ object represents. Servers may infer this from the endpoint the client
+ submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
type: string
metadata:
type: object
cross-namespace references to this object.
properties:
namespaceSelectors:
- description: |-
- NamespaceSelectors is the list of namespace selectors to which this ACL applies.
- Items in this list are evaluated using a logical OR operation.
+ description: NamespaceSelectors is the list of namespace selectors
+ to which this ACL applies. Items in this list are evaluated
+ using a logical OR operation.
items:
- description: |-
- NamespaceSelector selects the namespaces to which this ACL applies.
- An empty map of MatchLabels matches all namespaces in a cluster.
+ description: NamespaceSelector selects the namespaces to which
+ this ACL applies. An empty map of MatchLabels matches all
+ namespaces in a cluster.
properties:
matchLabels:
additionalProperties:
type: string
- description: |-
- MatchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels
- map is equivalent to an element of matchExpressions, whose key field is "key", the
- operator is "In", and the values array contains only "value". The requirements are ANDed.
+ description: MatchLabels is a map of {key,value} pairs.
+ A single {key,value} in the matchLabels map is equivalent
+ to an element of matchExpressions, whose key field is
+ "key", the operator is "In", and the values array contains
+ only "value". The requirements are ANDed.
type: object
type: object
type: array
type: string
reconcileStrategy:
default: ChartVersion
- description: |-
- Determines what enables the creation of a new artifact. Valid values are
- ('ChartVersion', 'Revision').
- See the documentation of the values for an explanation on their behavior.
- Defaults to ChartVersion when omitted.
+ description: Determines what enables the creation of a new artifact.
+ Valid values are ('ChartVersion', 'Revision'). See the documentation
+ of the values for an explanation on their behavior. Defaults to
+ ChartVersion when omitted.
enum:
- ChartVersion
- Revision
description: APIVersion of the referent.
type: string
kind:
- description: |-
- Kind of the referent, valid values are ('HelmRepository', 'GitRepository',
- 'Bucket').
+ description: Kind of the referent, valid values are ('HelmRepository',
+ 'GitRepository', 'Bucket').
enum:
- HelmRepository
- GitRepository
of this source.
type: boolean
valuesFile:
- description: |-
- Alternative values file to use as the default chart values, expected to
- be a relative path in the SourceRef. Deprecated in favor of ValuesFiles,
- for backwards compatibility the file defined here is merged before the
- ValuesFiles items. Ignored when omitted.
+ description: Alternative values file to use as the default chart values,
+ expected to be a relative path in the SourceRef. Deprecated in favor
+ of ValuesFiles, for backwards compatibility the file defined here
+ is merged before the ValuesFiles items. Ignored when omitted.
type: string
valuesFiles:
- description: |-
- Alternative list of values files to use as the chart values (values.yaml
- is not included by default), expected to be a relative path in the SourceRef.
- Values files are merged in the order of this list with the last file overriding
- the first. Ignored when omitted.
+ description: Alternative list of values files to use as the chart
+ values (values.yaml is not included by default), expected to be
+ a relative path in the SourceRef. Values files are merged in the
+ order of this list with the last file overriding the first. Ignored
+ when omitted.
items:
type: string
type: array
version:
default: '*'
- description: |-
- The chart version semver expression, ignored for charts from GitRepository
- and Bucket sources. Defaults to latest when omitted.
+ description: The chart version semver expression, ignored for charts
+ from GitRepository and Bucket sources. Defaults to latest when omitted.
type: string
required:
- chart
description: Checksum is the SHA256 checksum of the artifact.
type: string
lastUpdateTime:
- description: |-
- LastUpdateTime is the timestamp corresponding to the last update of this
- artifact.
+ description: LastUpdateTime is the timestamp corresponding to
+ the last update of this artifact.
format: date-time
type: string
path:
description: Path is the relative file path of this artifact.
type: string
revision:
- description: |-
- Revision is a human readable identifier traceable in the origin source
- system. It can be a Git commit SHA, Git tag, a Helm index timestamp, a Helm
- chart version, etc.
+ description: Revision is a human readable identifier traceable
+ in the origin source system. It can be a Git commit SHA, Git
+ tag, a Helm index timestamp, a Helm chart version, etc.
type: string
url:
description: URL is the HTTP address of this artifact.
type: string
required:
- - lastUpdateTime
- path
- url
type: object
conditions:
description: Conditions holds the conditions for the HelmChart.
items:
- description: Condition contains details for one aspect of the current
- state of this API Resource.
+ description: "Condition contains details for one aspect of the current
+ state of this API Resource. --- This struct is intended for direct
+ use as an array at the field path .status.conditions. For example,
+ \n type FooStatus struct{ // Represents the observations of a
+ foo's current state. // Known .status.conditions.type are: \"Available\",
+ \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge
+ // +listType=map // +listMapKey=type Conditions []metav1.Condition
+ `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\"
+ protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }"
properties:
lastTransitionTime:
- description: |-
- lastTransitionTime is the last time the condition transitioned from one status to another.
- This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable.
+ description: lastTransitionTime is the last time the condition
+ transitioned from one status to another. This should be when
+ the underlying condition changed. If that is not known, then
+ using the time when the API field changed is acceptable.
format: date-time
type: string
message:
- description: |-
- message is a human readable message indicating details about the transition.
- This may be an empty string.
+ description: message is a human readable message indicating
+ details about the transition. This may be an empty string.
maxLength: 32768
type: string
observedGeneration:
- description: |-
- observedGeneration represents the .metadata.generation that the condition was set based upon.
- For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date
- with respect to the current state of the instance.
+ description: observedGeneration represents the .metadata.generation
+ that the condition was set based upon. For instance, if .metadata.generation
+ is currently 12, but the .status.conditions[x].observedGeneration
+ is 9, the condition is out of date with respect to the current
+ state of the instance.
format: int64
minimum: 0
type: integer
reason:
- description: |-
- reason contains a programmatic identifier indicating the reason for the condition's last transition.
- Producers of specific condition types may define expected values and meanings for this field,
- and whether the values are considered a guaranteed API.
- The value should be a CamelCase string.
+ description: reason contains a programmatic identifier indicating
+ the reason for the condition's last transition. Producers
+ of specific condition types may define expected values and
+ meanings for this field, and whether the values are considered
+ a guaranteed API. The value should be a CamelCase string.
This field may not be empty.
maxLength: 1024
minLength: 1
type: string
type:
description: type of condition in CamelCase or in foo.example.com/CamelCase.
+ --- Many .condition.type values are consistent across resources
+ like Available, but because arbitrary conditions can be useful
+ (see .node.status.conditions), the ability to deconflict is
+ important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt)
maxLength: 316
pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$
type: string
type: object
type: array
lastHandledReconcileAt:
- description: |-
- LastHandledReconcileAt holds the value of the most recent
- reconcile request value, so a change of the annotation value
- can be detected.
+ description: LastHandledReconcileAt holds the value of the most recent
+ reconcile request value, so a change of the annotation value can
+ be detected.
type: string
observedGeneration:
description: ObservedGeneration is the last observed generation.
- jsonPath: .status.conditions[?(@.type=="Ready")].message
name: Status
type: string
- deprecated: true
- deprecationWarning: v1beta2 HelmChart is deprecated, upgrade to v1
name: v1beta2
schema:
openAPIV3Schema:
description: HelmChart is the Schema for the helmcharts API.
properties:
apiVersion:
- description: |-
- APIVersion defines the versioned schema of this representation of an object.
- Servers should convert recognized schemas to the latest internal value, and
- may reject unrecognized values.
- More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
+ description: 'APIVersion defines the versioned schema of this representation
+ of an object. Servers should convert recognized schemas to the latest
+ internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
type: string
kind:
- description: |-
- Kind is a string value representing the REST resource this object represents.
- Servers may infer this from the endpoint the client submits requests to.
- Cannot be updated.
- In CamelCase.
- More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
+ description: 'Kind is a string value representing the REST resource this
+ object represents. Servers may infer this from the endpoint the client
+ submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
type: string
metadata:
type: object
description: HelmChartSpec specifies the desired state of a Helm chart.
properties:
accessFrom:
- description: |-
- AccessFrom specifies an Access Control List for allowing cross-namespace
- references to this object.
- NOTE: Not implemented, provisional as of https://github.com/fluxcd/flux2/pull/2092
+ description: 'AccessFrom specifies an Access Control List for allowing
+ cross-namespace references to this object. NOTE: Not implemented,
+ provisional as of https://github.com/fluxcd/flux2/pull/2092'
properties:
namespaceSelectors:
- description: |-
- NamespaceSelectors is the list of namespace selectors to which this ACL applies.
- Items in this list are evaluated using a logical OR operation.
+ description: NamespaceSelectors is the list of namespace selectors
+ to which this ACL applies. Items in this list are evaluated
+ using a logical OR operation.
items:
- description: |-
- NamespaceSelector selects the namespaces to which this ACL applies.
- An empty map of MatchLabels matches all namespaces in a cluster.
+ description: NamespaceSelector selects the namespaces to which
+ this ACL applies. An empty map of MatchLabels matches all
+ namespaces in a cluster.
properties:
matchLabels:
additionalProperties:
type: string
- description: |-
- MatchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels
- map is equivalent to an element of matchExpressions, whose key field is "key", the
- operator is "In", and the values array contains only "value". The requirements are ANDed.
+ description: MatchLabels is a map of {key,value} pairs.
+ A single {key,value} in the matchLabels map is equivalent
+ to an element of matchExpressions, whose key field is
+ "key", the operator is "In", and the values array contains
+ only "value". The requirements are ANDed.
type: object
type: object
type: array
- namespaceSelectors
type: object
chart:
- description: |-
- Chart is the name or path the Helm chart is available at in the
- SourceRef.
+ description: Chart is the name or path the Helm chart is available
+ at in the SourceRef.
type: string
- ignoreMissingValuesFiles:
- description: |-
- IgnoreMissingValuesFiles controls whether to silently ignore missing values
- files rather than failing.
- type: boolean
interval:
- description: |-
- Interval at which the HelmChart SourceRef is checked for updates.
- This interval is approximate and may be subject to jitter to ensure
- efficient use of resources.
+ description: Interval at which the HelmChart SourceRef is checked
+ for updates. This interval is approximate and may be subject to
+ jitter to ensure efficient use of resources.
pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$
type: string
reconcileStrategy:
default: ChartVersion
- description: |-
- ReconcileStrategy determines what enables the creation of a new artifact.
- Valid values are ('ChartVersion', 'Revision').
- See the documentation of the values for an explanation on their behavior.
- Defaults to ChartVersion when omitted.
+ description: ReconcileStrategy determines what enables the creation
+ of a new artifact. Valid values are ('ChartVersion', 'Revision').
+ See the documentation of the values for an explanation on their
+ behavior. Defaults to ChartVersion when omitted.
enum:
- ChartVersion
- Revision
description: APIVersion of the referent.
type: string
kind:
- description: |-
- Kind of the referent, valid values are ('HelmRepository', 'GitRepository',
- 'Bucket').
+ description: Kind of the referent, valid values are ('HelmRepository',
+ 'GitRepository', 'Bucket').
enum:
- HelmRepository
- GitRepository
- name
type: object
suspend:
- description: |-
- Suspend tells the controller to suspend the reconciliation of this
- source.
+ description: Suspend tells the controller to suspend the reconciliation
+ of this source.
type: boolean
valuesFile:
- description: |-
- ValuesFile is an alternative values file to use as the default chart
- values, expected to be a relative path in the SourceRef. Deprecated in
- favor of ValuesFiles, for backwards compatibility the file specified here
- is merged before the ValuesFiles items. Ignored when omitted.
+ description: ValuesFile is an alternative values file to use as the
+ default chart values, expected to be a relative path in the SourceRef.
+ Deprecated in favor of ValuesFiles, for backwards compatibility
+ the file specified here is merged before the ValuesFiles items.
+ Ignored when omitted.
type: string
valuesFiles:
- description: |-
- ValuesFiles is an alternative list of values files to use as the chart
- values (values.yaml is not included by default), expected to be a
- relative path in the SourceRef.
- Values files are merged in the order of this list with the last file
- overriding the first. Ignored when omitted.
+ description: ValuesFiles is an alternative list of values files to
+ use as the chart values (values.yaml is not included by default),
+ expected to be a relative path in the SourceRef. Values files are
+ merged in the order of this list with the last file overriding the
+ first. Ignored when omitted.
items:
type: string
type: array
verify:
- description: |-
- Verify contains the secret name containing the trusted public keys
- used to verify the signature and specifies which provider to use to check
- whether OCI image is authentic.
- This field is only supported when using HelmRepository source with spec.type 'oci'.
- Chart dependencies, which are not bundled in the umbrella chart artifact, are not verified.
+ description: Verify contains the secret name containing the trusted
+ public keys used to verify the signature and specifies which provider
+ to use to check whether OCI image is authentic. This field is only
+ supported when using HelmRepository source with spec.type 'oci'.
+ Chart dependencies, which are not bundled in the umbrella chart
+ artifact, are not verified.
properties:
- matchOIDCIdentity:
- description: |-
- MatchOIDCIdentity specifies the identity matching criteria to use
- while verifying an OCI artifact which was signed using Cosign keyless
- signing. The artifact's identity is deemed to be verified if any of the
- specified matchers match against the identity.
- items:
- description: |-
- OIDCIdentityMatch specifies options for verifying the certificate identity,
- i.e. the issuer and the subject of the certificate.
- properties:
- issuer:
- description: |-
- Issuer specifies the regex pattern to match against to verify
- the OIDC issuer in the Fulcio certificate. The pattern must be a
- valid Go regular expression.
- type: string
- subject:
- description: |-
- Subject specifies the regex pattern to match against to verify
- the identity subject in the Fulcio certificate. The pattern must
- be a valid Go regular expression.
- type: string
- required:
- - issuer
- - subject
- type: object
- type: array
provider:
default: cosign
description: Provider specifies the technology used to sign the
OCI Artifact.
enum:
- cosign
- - notation
type: string
secretRef:
- description: |-
- SecretRef specifies the Kubernetes Secret containing the
- trusted public keys.
+ description: SecretRef specifies the Kubernetes Secret containing
+ the trusted public keys.
properties:
name:
description: Name of the referent.
type: object
version:
default: '*'
- description: |-
- Version is the chart version semver expression, ignored for charts from
- GitRepository and Bucket sources. Defaults to latest when omitted.
+ description: Version is the chart version semver expression, ignored
+ for charts from GitRepository and Bucket sources. Defaults to latest
+ when omitted.
type: string
required:
- chart
pattern: ^[a-z0-9]+(?:[.+_-][a-z0-9]+)*:[a-zA-Z0-9=_-]+$
type: string
lastUpdateTime:
- description: |-
- LastUpdateTime is the timestamp corresponding to the last update of the
- Artifact.
+ description: LastUpdateTime is the timestamp corresponding to
+ the last update of the Artifact.
format: date-time
type: string
metadata:
description: Metadata holds upstream information such as OCI annotations.
type: object
path:
- description: |-
- Path is the relative file path of the Artifact. It can be used to locate
- the file in the root of the Artifact storage on the local file system of
- the controller managing the Source.
+ description: Path is the relative file path of the Artifact. It
+ can be used to locate the file in the root of the Artifact storage
+ on the local file system of the controller managing the Source.
type: string
revision:
- description: |-
- Revision is a human-readable identifier traceable in the origin source
- system. It can be a Git commit SHA, Git tag, a Helm chart version, etc.
+ description: Revision is a human-readable identifier traceable
+ in the origin source system. It can be a Git commit SHA, Git
+ tag, a Helm chart version, etc.
type: string
size:
description: Size is the number of bytes in the file.
format: int64
type: integer
url:
- description: |-
- URL is the HTTP address of the Artifact as exposed by the controller
- managing the Source. It can be used to retrieve the Artifact for
- consumption, e.g. by another controller applying the Artifact contents.
+ description: URL is the HTTP address of the Artifact as exposed
+ by the controller managing the Source. It can be used to retrieve
+ the Artifact for consumption, e.g. by another controller applying
+ the Artifact contents.
type: string
required:
- lastUpdateTime
conditions:
description: Conditions holds the conditions for the HelmChart.
items:
- description: Condition contains details for one aspect of the current
- state of this API Resource.
+ description: "Condition contains details for one aspect of the current
+ state of this API Resource. --- This struct is intended for direct
+ use as an array at the field path .status.conditions. For example,
+ \n type FooStatus struct{ // Represents the observations of a
+ foo's current state. // Known .status.conditions.type are: \"Available\",
+ \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge
+ // +listType=map // +listMapKey=type Conditions []metav1.Condition
+ `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\"
+ protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }"
properties:
lastTransitionTime:
- description: |-
- lastTransitionTime is the last time the condition transitioned from one status to another.
- This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable.
+ description: lastTransitionTime is the last time the condition
+ transitioned from one status to another. This should be when
+ the underlying condition changed. If that is not known, then
+ using the time when the API field changed is acceptable.
format: date-time
type: string
message:
- description: |-
- message is a human readable message indicating details about the transition.
- This may be an empty string.
+ description: message is a human readable message indicating
+ details about the transition. This may be an empty string.
maxLength: 32768
type: string
observedGeneration:
- description: |-
- observedGeneration represents the .metadata.generation that the condition was set based upon.
- For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date
- with respect to the current state of the instance.
+ description: observedGeneration represents the .metadata.generation
+ that the condition was set based upon. For instance, if .metadata.generation
+ is currently 12, but the .status.conditions[x].observedGeneration
+ is 9, the condition is out of date with respect to the current
+ state of the instance.
format: int64
minimum: 0
type: integer
reason:
- description: |-
- reason contains a programmatic identifier indicating the reason for the condition's last transition.
- Producers of specific condition types may define expected values and meanings for this field,
- and whether the values are considered a guaranteed API.
- The value should be a CamelCase string.
+ description: reason contains a programmatic identifier indicating
+ the reason for the condition's last transition. Producers
+ of specific condition types may define expected values and
+ meanings for this field, and whether the values are considered
+ a guaranteed API. The value should be a CamelCase string.
This field may not be empty.
maxLength: 1024
minLength: 1
type: string
type:
description: type of condition in CamelCase or in foo.example.com/CamelCase.
+ --- Many .condition.type values are consistent across resources
+ like Available, but because arbitrary conditions can be useful
+ (see .node.status.conditions), the ability to deconflict is
+ important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt)
maxLength: 316
pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$
type: string
type: object
type: array
lastHandledReconcileAt:
- description: |-
- LastHandledReconcileAt holds the value of the most recent
- reconcile request value, so a change of the annotation value
- can be detected.
+ description: LastHandledReconcileAt holds the value of the most recent
+ reconcile request value, so a change of the annotation value can
+ be detected.
type: string
observedChartName:
- description: |-
- ObservedChartName is the last observed chart name as specified by the
- resolved chart reference.
+ description: ObservedChartName is the last observed chart name as
+ specified by the resolved chart reference.
type: string
observedGeneration:
- description: |-
- ObservedGeneration is the last observed generation of the HelmChart
- object.
+ description: ObservedGeneration is the last observed generation of
+ the HelmChart object.
format: int64
type: integer
observedSourceArtifactRevision:
- description: |-
- ObservedSourceArtifactRevision is the last observed Artifact.Revision
+ description: ObservedSourceArtifactRevision is the last observed Artifact.Revision
of the HelmChartSpec.SourceRef.
type: string
- observedValuesFiles:
- description: |-
- ObservedValuesFiles are the observed value files of the last successful
- reconciliation.
- It matches the chart in the last successfully reconciled artifact.
- items:
- type: string
- type: array
url:
- description: |-
- URL is the dynamic fetch link for the latest Artifact.
- It is provided on a "best effort" basis, and using the precise
- BucketStatus.Artifact data is recommended.
+ description: URL is the dynamic fetch link for the latest Artifact.
+ It is provided on a "best effort" basis, and using the precise BucketStatus.Artifact
+ data is recommended.
type: string
type: object
type: object
served: true
- storage: false
+ storage: true
subresources:
status: {}
---
kind: CustomResourceDefinition
metadata:
annotations:
- controller-gen.kubebuilder.io/version: v0.16.1
+ controller-gen.kubebuilder.io/version: v0.12.0
labels:
app.kubernetes.io/component: source-controller
app.kubernetes.io/instance: flux-system
app.kubernetes.io/part-of: flux
- app.kubernetes.io/version: v2.4.0
+ app.kubernetes.io/version: v2.1.2
name: helmrepositories.source.toolkit.fluxcd.io
spec:
group: source.toolkit.fluxcd.io
singular: helmrepository
scope: Namespaced
versions:
- - additionalPrinterColumns:
- - jsonPath: .spec.url
- name: URL
- type: string
- - jsonPath: .metadata.creationTimestamp
- name: Age
- type: date
- - jsonPath: .status.conditions[?(@.type=="Ready")].status
- name: Ready
- type: string
- - jsonPath: .status.conditions[?(@.type=="Ready")].message
- name: Status
- type: string
- name: v1
- schema:
- openAPIV3Schema:
- description: HelmRepository is the Schema for the helmrepositories API.
- properties:
- apiVersion:
- description: |-
- APIVersion defines the versioned schema of this representation of an object.
- Servers should convert recognized schemas to the latest internal value, and
- may reject unrecognized values.
- More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
- type: string
- kind:
- description: |-
- Kind is a string value representing the REST resource this object represents.
- Servers may infer this from the endpoint the client submits requests to.
- Cannot be updated.
- In CamelCase.
- More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
- type: string
- metadata:
- type: object
- spec:
- description: |-
- HelmRepositorySpec specifies the required configuration to produce an
- Artifact for a Helm repository index YAML.
- properties:
- accessFrom:
- description: |-
- AccessFrom specifies an Access Control List for allowing cross-namespace
- references to this object.
- NOTE: Not implemented, provisional as of https://github.com/fluxcd/flux2/pull/2092
- properties:
- namespaceSelectors:
- description: |-
- NamespaceSelectors is the list of namespace selectors to which this ACL applies.
- Items in this list are evaluated using a logical OR operation.
- items:
- description: |-
- NamespaceSelector selects the namespaces to which this ACL applies.
- An empty map of MatchLabels matches all namespaces in a cluster.
- properties:
- matchLabels:
- additionalProperties:
- type: string
- description: |-
- MatchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels
- map is equivalent to an element of matchExpressions, whose key field is "key", the
- operator is "In", and the values array contains only "value". The requirements are ANDed.
- type: object
- type: object
- type: array
- required:
- - namespaceSelectors
- type: object
- certSecretRef:
- description: |-
- CertSecretRef can be given the name of a Secret containing
- either or both of
-
- - a PEM-encoded client certificate (`tls.crt`) and private
- key (`tls.key`);
- - a PEM-encoded CA certificate (`ca.crt`)
-
- and whichever are supplied, will be used for connecting to the
- registry. The client cert and key are useful if you are
- authenticating with a certificate; the CA cert is useful if
- you are using a self-signed server certificate. The Secret must
- be of type `Opaque` or `kubernetes.io/tls`.
-
- It takes precedence over the values specified in the Secret referred
- to by `.spec.secretRef`.
- properties:
- name:
- description: Name of the referent.
- type: string
- required:
- - name
- type: object
- insecure:
- description: |-
- Insecure allows connecting to a non-TLS HTTP container registry.
- This field is only taken into account if the .spec.type field is set to 'oci'.
- type: boolean
- interval:
- description: |-
- Interval at which the HelmRepository URL is checked for updates.
- This interval is approximate and may be subject to jitter to ensure
- efficient use of resources.
- pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$
- type: string
- passCredentials:
- description: |-
- PassCredentials allows the credentials from the SecretRef to be passed
- on to a host that does not match the host as defined in URL.
- This may be required if the host of the advertised chart URLs in the
- index differ from the defined URL.
- Enabling this should be done with caution, as it can potentially result
- in credentials getting stolen in a MITM-attack.
- type: boolean
- provider:
- default: generic
- description: |-
- Provider used for authentication, can be 'aws', 'azure', 'gcp' or 'generic'.
- This field is optional, and only taken into account if the .spec.type field is set to 'oci'.
- When not specified, defaults to 'generic'.
- enum:
- - generic
- - aws
- - azure
- - gcp
- type: string
- secretRef:
- description: |-
- SecretRef specifies the Secret containing authentication credentials
- for the HelmRepository.
- For HTTP/S basic auth the secret must contain 'username' and 'password'
- fields.
- Support for TLS auth using the 'certFile' and 'keyFile', and/or 'caFile'
- keys is deprecated. Please use `.spec.certSecretRef` instead.
- properties:
- name:
- description: Name of the referent.
- type: string
- required:
- - name
- type: object
- suspend:
- description: |-
- Suspend tells the controller to suspend the reconciliation of this
- HelmRepository.
- type: boolean
- timeout:
- description: |-
- Timeout is used for the index fetch operation for an HTTPS helm repository,
- and for remote OCI Repository operations like pulling for an OCI helm
- chart by the associated HelmChart.
- Its default value is 60s.
- pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m))+$
- type: string
- type:
- description: |-
- Type of the HelmRepository.
- When this field is set to "oci", the URL field value must be prefixed with "oci://".
- enum:
- - default
- - oci
- type: string
- url:
- description: |-
- URL of the Helm repository, a valid URL contains at least a protocol and
- host.
- pattern: ^(http|https|oci)://.*$
- type: string
- required:
- - url
- type: object
- status:
- default:
- observedGeneration: -1
- description: HelmRepositoryStatus records the observed state of the HelmRepository.
- properties:
- artifact:
- description: Artifact represents the last successful HelmRepository
- reconciliation.
- properties:
- digest:
- description: Digest is the digest of the file in the form of '<algorithm>:<checksum>'.
- pattern: ^[a-z0-9]+(?:[.+_-][a-z0-9]+)*:[a-zA-Z0-9=_-]+$
- type: string
- lastUpdateTime:
- description: |-
- LastUpdateTime is the timestamp corresponding to the last update of the
- Artifact.
- format: date-time
- type: string
- metadata:
- additionalProperties:
- type: string
- description: Metadata holds upstream information such as OCI annotations.
- type: object
- path:
- description: |-
- Path is the relative file path of the Artifact. It can be used to locate
- the file in the root of the Artifact storage on the local file system of
- the controller managing the Source.
- type: string
- revision:
- description: |-
- Revision is a human-readable identifier traceable in the origin source
- system. It can be a Git commit SHA, Git tag, a Helm chart version, etc.
- type: string
- size:
- description: Size is the number of bytes in the file.
- format: int64
- type: integer
- url:
- description: |-
- URL is the HTTP address of the Artifact as exposed by the controller
- managing the Source. It can be used to retrieve the Artifact for
- consumption, e.g. by another controller applying the Artifact contents.
- type: string
- required:
- - lastUpdateTime
- - path
- - revision
- - url
- type: object
- conditions:
- description: Conditions holds the conditions for the HelmRepository.
- items:
- description: Condition contains details for one aspect of the current
- state of this API Resource.
- properties:
- lastTransitionTime:
- description: |-
- lastTransitionTime is the last time the condition transitioned from one status to another.
- This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable.
- format: date-time
- type: string
- message:
- description: |-
- message is a human readable message indicating details about the transition.
- This may be an empty string.
- maxLength: 32768
- type: string
- observedGeneration:
- description: |-
- observedGeneration represents the .metadata.generation that the condition was set based upon.
- For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date
- with respect to the current state of the instance.
- format: int64
- minimum: 0
- type: integer
- reason:
- description: |-
- reason contains a programmatic identifier indicating the reason for the condition's last transition.
- Producers of specific condition types may define expected values and meanings for this field,
- and whether the values are considered a guaranteed API.
- The value should be a CamelCase string.
- This field may not be empty.
- maxLength: 1024
- minLength: 1
- pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$
- type: string
- status:
- description: status of the condition, one of True, False, Unknown.
- enum:
- - "True"
- - "False"
- - Unknown
- type: string
- type:
- description: type of condition in CamelCase or in foo.example.com/CamelCase.
- maxLength: 316
- pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$
- type: string
- required:
- - lastTransitionTime
- - message
- - reason
- - status
- - type
- type: object
- type: array
- lastHandledReconcileAt:
- description: |-
- LastHandledReconcileAt holds the value of the most recent
- reconcile request value, so a change of the annotation value
- can be detected.
- type: string
- observedGeneration:
- description: |-
- ObservedGeneration is the last observed generation of the HelmRepository
- object.
- format: int64
- type: integer
- url:
- description: |-
- URL is the dynamic fetch link for the latest Artifact.
- It is provided on a "best effort" basis, and using the precise
- HelmRepositoryStatus.Artifact data is recommended.
- type: string
- type: object
- type: object
- served: true
- storage: true
- subresources:
- status: {}
- additionalPrinterColumns:
- jsonPath: .spec.url
name: URL
- jsonPath: .metadata.creationTimestamp
name: Age
type: date
- deprecated: true
- deprecationWarning: v1beta1 HelmRepository is deprecated, upgrade to v1
name: v1beta1
schema:
openAPIV3Schema:
description: HelmRepository is the Schema for the helmrepositories API
properties:
apiVersion:
- description: |-
- APIVersion defines the versioned schema of this representation of an object.
- Servers should convert recognized schemas to the latest internal value, and
- may reject unrecognized values.
- More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
+ description: 'APIVersion defines the versioned schema of this representation
+ of an object. Servers should convert recognized schemas to the latest
+ internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
type: string
kind:
- description: |-
- Kind is a string value representing the REST resource this object represents.
- Servers may infer this from the endpoint the client submits requests to.
- Cannot be updated.
- In CamelCase.
- More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
+ description: 'Kind is a string value representing the REST resource this
+ object represents. Servers may infer this from the endpoint the client
+ submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
type: string
metadata:
type: object
cross-namespace references to this object.
properties:
namespaceSelectors:
- description: |-
- NamespaceSelectors is the list of namespace selectors to which this ACL applies.
- Items in this list are evaluated using a logical OR operation.
+ description: NamespaceSelectors is the list of namespace selectors
+ to which this ACL applies. Items in this list are evaluated
+ using a logical OR operation.
items:
- description: |-
- NamespaceSelector selects the namespaces to which this ACL applies.
- An empty map of MatchLabels matches all namespaces in a cluster.
+ description: NamespaceSelector selects the namespaces to which
+ this ACL applies. An empty map of MatchLabels matches all
+ namespaces in a cluster.
properties:
matchLabels:
additionalProperties:
type: string
- description: |-
- MatchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels
- map is equivalent to an element of matchExpressions, whose key field is "key", the
- operator is "In", and the values array contains only "value". The requirements are ANDed.
+ description: MatchLabels is a map of {key,value} pairs.
+ A single {key,value} in the matchLabels map is equivalent
+ to an element of matchExpressions, whose key field is
+ "key", the operator is "In", and the values array contains
+ only "value". The requirements are ANDed.
type: object
type: object
type: array
description: The interval at which to check the upstream for updates.
type: string
passCredentials:
- description: |-
- PassCredentials allows the credentials from the SecretRef to be passed on to
- a host that does not match the host as defined in URL.
- This may be required if the host of the advertised chart URLs in the index
- differ from the defined URL.
- Enabling this should be done with caution, as it can potentially result in
- credentials getting stolen in a MITM-attack.
+ description: PassCredentials allows the credentials from the SecretRef
+ to be passed on to a host that does not match the host as defined
+ in URL. This may be required if the host of the advertised chart
+ URLs in the index differ from the defined URL. Enabling this should
+ be done with caution, as it can potentially result in credentials
+ getting stolen in a MITM-attack.
type: boolean
secretRef:
- description: |-
- The name of the secret containing authentication credentials for the Helm
- repository.
- For HTTP/S basic auth the secret must contain username and
- password fields.
- For TLS the secret must contain a certFile and keyFile, and/or
- caFile fields.
+ description: The name of the secret containing authentication credentials
+ for the Helm repository. For HTTP/S basic auth the secret must contain
+ username and password fields. For TLS the secret must contain a
+ certFile and keyFile, and/or caFile fields.
properties:
name:
description: Name of the referent.
description: Checksum is the SHA256 checksum of the artifact.
type: string
lastUpdateTime:
- description: |-
- LastUpdateTime is the timestamp corresponding to the last update of this
- artifact.
+ description: LastUpdateTime is the timestamp corresponding to
+ the last update of this artifact.
format: date-time
type: string
path:
description: Path is the relative file path of this artifact.
type: string
revision:
- description: |-
- Revision is a human readable identifier traceable in the origin source
- system. It can be a Git commit SHA, Git tag, a Helm index timestamp, a Helm
- chart version, etc.
+ description: Revision is a human readable identifier traceable
+ in the origin source system. It can be a Git commit SHA, Git
+ tag, a Helm index timestamp, a Helm chart version, etc.
type: string
url:
description: URL is the HTTP address of this artifact.
type: string
required:
- - lastUpdateTime
- path
- url
type: object
conditions:
description: Conditions holds the conditions for the HelmRepository.
items:
- description: Condition contains details for one aspect of the current
- state of this API Resource.
+ description: "Condition contains details for one aspect of the current
+ state of this API Resource. --- This struct is intended for direct
+ use as an array at the field path .status.conditions. For example,
+ \n type FooStatus struct{ // Represents the observations of a
+ foo's current state. // Known .status.conditions.type are: \"Available\",
+ \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge
+ // +listType=map // +listMapKey=type Conditions []metav1.Condition
+ `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\"
+ protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }"
properties:
lastTransitionTime:
- description: |-
- lastTransitionTime is the last time the condition transitioned from one status to another.
- This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable.
+ description: lastTransitionTime is the last time the condition
+ transitioned from one status to another. This should be when
+ the underlying condition changed. If that is not known, then
+ using the time when the API field changed is acceptable.
format: date-time
type: string
message:
- description: |-
- message is a human readable message indicating details about the transition.
- This may be an empty string.
+ description: message is a human readable message indicating
+ details about the transition. This may be an empty string.
maxLength: 32768
type: string
observedGeneration:
- description: |-
- observedGeneration represents the .metadata.generation that the condition was set based upon.
- For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date
- with respect to the current state of the instance.
+ description: observedGeneration represents the .metadata.generation
+ that the condition was set based upon. For instance, if .metadata.generation
+ is currently 12, but the .status.conditions[x].observedGeneration
+ is 9, the condition is out of date with respect to the current
+ state of the instance.
format: int64
minimum: 0
type: integer
reason:
- description: |-
- reason contains a programmatic identifier indicating the reason for the condition's last transition.
- Producers of specific condition types may define expected values and meanings for this field,
- and whether the values are considered a guaranteed API.
- The value should be a CamelCase string.
+ description: reason contains a programmatic identifier indicating
+ the reason for the condition's last transition. Producers
+ of specific condition types may define expected values and
+ meanings for this field, and whether the values are considered
+ a guaranteed API. The value should be a CamelCase string.
This field may not be empty.
maxLength: 1024
minLength: 1
type: string
type:
description: type of condition in CamelCase or in foo.example.com/CamelCase.
+ --- Many .condition.type values are consistent across resources
+ like Available, but because arbitrary conditions can be useful
+ (see .node.status.conditions), the ability to deconflict is
+ important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt)
maxLength: 316
pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$
type: string
type: object
type: array
lastHandledReconcileAt:
- description: |-
- LastHandledReconcileAt holds the value of the most recent
- reconcile request value, so a change of the annotation value
- can be detected.
+ description: LastHandledReconcileAt holds the value of the most recent
+ reconcile request value, so a change of the annotation value can
+ be detected.
type: string
observedGeneration:
description: ObservedGeneration is the last observed generation.
- jsonPath: .status.conditions[?(@.type=="Ready")].message
name: Status
type: string
- deprecated: true
- deprecationWarning: v1beta2 HelmRepository is deprecated, upgrade to v1
name: v1beta2
schema:
openAPIV3Schema:
description: HelmRepository is the Schema for the helmrepositories API.
properties:
apiVersion:
- description: |-
- APIVersion defines the versioned schema of this representation of an object.
- Servers should convert recognized schemas to the latest internal value, and
- may reject unrecognized values.
- More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
+ description: 'APIVersion defines the versioned schema of this representation
+ of an object. Servers should convert recognized schemas to the latest
+ internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
type: string
kind:
- description: |-
- Kind is a string value representing the REST resource this object represents.
- Servers may infer this from the endpoint the client submits requests to.
- Cannot be updated.
- In CamelCase.
- More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
+ description: 'Kind is a string value representing the REST resource this
+ object represents. Servers may infer this from the endpoint the client
+ submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
type: string
metadata:
type: object
spec:
- description: |-
- HelmRepositorySpec specifies the required configuration to produce an
- Artifact for a Helm repository index YAML.
+ description: HelmRepositorySpec specifies the required configuration to
+ produce an Artifact for a Helm repository index YAML.
properties:
accessFrom:
- description: |-
- AccessFrom specifies an Access Control List for allowing cross-namespace
- references to this object.
- NOTE: Not implemented, provisional as of https://github.com/fluxcd/flux2/pull/2092
+ description: 'AccessFrom specifies an Access Control List for allowing
+ cross-namespace references to this object. NOTE: Not implemented,
+ provisional as of https://github.com/fluxcd/flux2/pull/2092'
properties:
namespaceSelectors:
- description: |-
- NamespaceSelectors is the list of namespace selectors to which this ACL applies.
- Items in this list are evaluated using a logical OR operation.
+ description: NamespaceSelectors is the list of namespace selectors
+ to which this ACL applies. Items in this list are evaluated
+ using a logical OR operation.
items:
- description: |-
- NamespaceSelector selects the namespaces to which this ACL applies.
- An empty map of MatchLabels matches all namespaces in a cluster.
+ description: NamespaceSelector selects the namespaces to which
+ this ACL applies. An empty map of MatchLabels matches all
+ namespaces in a cluster.
properties:
matchLabels:
additionalProperties:
type: string
- description: |-
- MatchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels
- map is equivalent to an element of matchExpressions, whose key field is "key", the
- operator is "In", and the values array contains only "value". The requirements are ANDed.
+ description: MatchLabels is a map of {key,value} pairs.
+ A single {key,value} in the matchLabels map is equivalent
+ to an element of matchExpressions, whose key field is
+ "key", the operator is "In", and the values array contains
+ only "value". The requirements are ANDed.
type: object
type: object
type: array
- namespaceSelectors
type: object
certSecretRef:
- description: |-
- CertSecretRef can be given the name of a Secret containing
- either or both of
-
- - a PEM-encoded client certificate (`tls.crt`) and private
- key (`tls.key`);
- - a PEM-encoded CA certificate (`ca.crt`)
-
- and whichever are supplied, will be used for connecting to the
- registry. The client cert and key are useful if you are
- authenticating with a certificate; the CA cert is useful if
- you are using a self-signed server certificate. The Secret must
- be of type `Opaque` or `kubernetes.io/tls`.
-
- It takes precedence over the values specified in the Secret referred
- to by `.spec.secretRef`.
+ description: "CertSecretRef can be given the name of a Secret containing
+ either or both of \n - a PEM-encoded client certificate (`tls.crt`)
+ and private key (`tls.key`); - a PEM-encoded CA certificate (`ca.crt`)
+ \n and whichever are supplied, will be used for connecting to the
+ registry. The client cert and key are useful if you are authenticating
+ with a certificate; the CA cert is useful if you are using a self-signed
+ server certificate. The Secret must be of type `Opaque` or `kubernetes.io/tls`.
+ \n It takes precedence over the values specified in the Secret referred
+ to by `.spec.secretRef`."
properties:
name:
description: Name of the referent.
required:
- name
type: object
- insecure:
- description: |-
- Insecure allows connecting to a non-TLS HTTP container registry.
- This field is only taken into account if the .spec.type field is set to 'oci'.
- type: boolean
interval:
- description: |-
- Interval at which the HelmRepository URL is checked for updates.
- This interval is approximate and may be subject to jitter to ensure
- efficient use of resources.
+ description: Interval at which the HelmRepository URL is checked for
+ updates. This interval is approximate and may be subject to jitter
+ to ensure efficient use of resources.
pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$
type: string
passCredentials:
- description: |-
- PassCredentials allows the credentials from the SecretRef to be passed
- on to a host that does not match the host as defined in URL.
- This may be required if the host of the advertised chart URLs in the
- index differ from the defined URL.
- Enabling this should be done with caution, as it can potentially result
- in credentials getting stolen in a MITM-attack.
+ description: PassCredentials allows the credentials from the SecretRef
+ to be passed on to a host that does not match the host as defined
+ in URL. This may be required if the host of the advertised chart
+ URLs in the index differ from the defined URL. Enabling this should
+ be done with caution, as it can potentially result in credentials
+ getting stolen in a MITM-attack.
type: boolean
provider:
default: generic
- description: |-
- Provider used for authentication, can be 'aws', 'azure', 'gcp' or 'generic'.
- This field is optional, and only taken into account if the .spec.type field is set to 'oci'.
- When not specified, defaults to 'generic'.
+ description: Provider used for authentication, can be 'aws', 'azure',
+ 'gcp' or 'generic'. This field is optional, and only taken into
+ account if the .spec.type field is set to 'oci'. When not specified,
+ defaults to 'generic'.
enum:
- generic
- aws
- gcp
type: string
secretRef:
- description: |-
- SecretRef specifies the Secret containing authentication credentials
- for the HelmRepository.
- For HTTP/S basic auth the secret must contain 'username' and 'password'
- fields.
- Support for TLS auth using the 'certFile' and 'keyFile', and/or 'caFile'
- keys is deprecated. Please use `.spec.certSecretRef` instead.
+ description: SecretRef specifies the Secret containing authentication
+ credentials for the HelmRepository. For HTTP/S basic auth the secret
+ must contain 'username' and 'password' fields. Support for TLS auth
+ using the 'certFile' and 'keyFile', and/or 'caFile' keys is deprecated.
+ Please use `.spec.certSecretRef` instead.
properties:
name:
description: Name of the referent.
- name
type: object
suspend:
- description: |-
- Suspend tells the controller to suspend the reconciliation of this
- HelmRepository.
+ description: Suspend tells the controller to suspend the reconciliation
+ of this HelmRepository.
type: boolean
timeout:
- description: |-
- Timeout is used for the index fetch operation for an HTTPS helm repository,
- and for remote OCI Repository operations like pulling for an OCI helm
- chart by the associated HelmChart.
- Its default value is 60s.
+ default: 60s
+ description: Timeout is used for the index fetch operation for an
+ HTTPS helm repository, and for remote OCI Repository operations
+ like pulling for an OCI helm repository. Its default value is 60s.
pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m))+$
type: string
type:
- description: |-
- Type of the HelmRepository.
- When this field is set to "oci", the URL field value must be prefixed with "oci://".
+ description: Type of the HelmRepository. When this field is set to "oci",
+ the URL field value must be prefixed with "oci://".
enum:
- default
- oci
type: string
url:
- description: |-
- URL of the Helm repository, a valid URL contains at least a protocol and
- host.
- pattern: ^(http|https|oci)://.*$
+ description: URL of the Helm repository, a valid URL contains at least
+ a protocol and host.
type: string
required:
+ - interval
- url
type: object
status:
pattern: ^[a-z0-9]+(?:[.+_-][a-z0-9]+)*:[a-zA-Z0-9=_-]+$
type: string
lastUpdateTime:
- description: |-
- LastUpdateTime is the timestamp corresponding to the last update of the
- Artifact.
+ description: LastUpdateTime is the timestamp corresponding to
+ the last update of the Artifact.
format: date-time
type: string
metadata:
description: Metadata holds upstream information such as OCI annotations.
type: object
path:
- description: |-
- Path is the relative file path of the Artifact. It can be used to locate
- the file in the root of the Artifact storage on the local file system of
- the controller managing the Source.
+ description: Path is the relative file path of the Artifact. It
+ can be used to locate the file in the root of the Artifact storage
+ on the local file system of the controller managing the Source.
type: string
revision:
- description: |-
- Revision is a human-readable identifier traceable in the origin source
- system. It can be a Git commit SHA, Git tag, a Helm chart version, etc.
+ description: Revision is a human-readable identifier traceable
+ in the origin source system. It can be a Git commit SHA, Git
+ tag, a Helm chart version, etc.
type: string
size:
description: Size is the number of bytes in the file.
format: int64
type: integer
url:
- description: |-
- URL is the HTTP address of the Artifact as exposed by the controller
- managing the Source. It can be used to retrieve the Artifact for
- consumption, e.g. by another controller applying the Artifact contents.
+ description: URL is the HTTP address of the Artifact as exposed
+ by the controller managing the Source. It can be used to retrieve
+ the Artifact for consumption, e.g. by another controller applying
+ the Artifact contents.
type: string
required:
- lastUpdateTime
conditions:
description: Conditions holds the conditions for the HelmRepository.
items:
- description: Condition contains details for one aspect of the current
- state of this API Resource.
+ description: "Condition contains details for one aspect of the current
+ state of this API Resource. --- This struct is intended for direct
+ use as an array at the field path .status.conditions. For example,
+ \n type FooStatus struct{ // Represents the observations of a
+ foo's current state. // Known .status.conditions.type are: \"Available\",
+ \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge
+ // +listType=map // +listMapKey=type Conditions []metav1.Condition
+ `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\"
+ protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }"
properties:
lastTransitionTime:
- description: |-
- lastTransitionTime is the last time the condition transitioned from one status to another.
- This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable.
+ description: lastTransitionTime is the last time the condition
+ transitioned from one status to another. This should be when
+ the underlying condition changed. If that is not known, then
+ using the time when the API field changed is acceptable.
format: date-time
type: string
message:
- description: |-
- message is a human readable message indicating details about the transition.
- This may be an empty string.
+ description: message is a human readable message indicating
+ details about the transition. This may be an empty string.
maxLength: 32768
type: string
observedGeneration:
- description: |-
- observedGeneration represents the .metadata.generation that the condition was set based upon.
- For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date
- with respect to the current state of the instance.
+ description: observedGeneration represents the .metadata.generation
+ that the condition was set based upon. For instance, if .metadata.generation
+ is currently 12, but the .status.conditions[x].observedGeneration
+ is 9, the condition is out of date with respect to the current
+ state of the instance.
format: int64
minimum: 0
type: integer
reason:
- description: |-
- reason contains a programmatic identifier indicating the reason for the condition's last transition.
- Producers of specific condition types may define expected values and meanings for this field,
- and whether the values are considered a guaranteed API.
- The value should be a CamelCase string.
+ description: reason contains a programmatic identifier indicating
+ the reason for the condition's last transition. Producers
+ of specific condition types may define expected values and
+ meanings for this field, and whether the values are considered
+ a guaranteed API. The value should be a CamelCase string.
This field may not be empty.
maxLength: 1024
minLength: 1
type: string
type:
description: type of condition in CamelCase or in foo.example.com/CamelCase.
+ --- Many .condition.type values are consistent across resources
+ like Available, but because arbitrary conditions can be useful
+ (see .node.status.conditions), the ability to deconflict is
+ important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt)
maxLength: 316
pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$
type: string
type: object
type: array
lastHandledReconcileAt:
- description: |-
- LastHandledReconcileAt holds the value of the most recent
- reconcile request value, so a change of the annotation value
- can be detected.
+ description: LastHandledReconcileAt holds the value of the most recent
+ reconcile request value, so a change of the annotation value can
+ be detected.
type: string
observedGeneration:
- description: |-
- ObservedGeneration is the last observed generation of the HelmRepository
- object.
+ description: ObservedGeneration is the last observed generation of
+ the HelmRepository object.
format: int64
type: integer
url:
- description: |-
- URL is the dynamic fetch link for the latest Artifact.
- It is provided on a "best effort" basis, and using the precise
- HelmRepositoryStatus.Artifact data is recommended.
+ description: URL is the dynamic fetch link for the latest Artifact.
+ It is provided on a "best effort" basis, and using the precise HelmRepositoryStatus.Artifact
+ data is recommended.
type: string
type: object
type: object
served: true
- storage: false
+ storage: true
subresources:
status: {}
---
kind: CustomResourceDefinition
metadata:
annotations:
- controller-gen.kubebuilder.io/version: v0.16.1
+ controller-gen.kubebuilder.io/version: v0.12.0
labels:
app.kubernetes.io/component: source-controller
app.kubernetes.io/instance: flux-system
app.kubernetes.io/part-of: flux
- app.kubernetes.io/version: v2.4.0
+ app.kubernetes.io/version: v2.1.2
name: ocirepositories.source.toolkit.fluxcd.io
spec:
group: source.toolkit.fluxcd.io
description: OCIRepository is the Schema for the ocirepositories API
properties:
apiVersion:
- description: |-
- APIVersion defines the versioned schema of this representation of an object.
- Servers should convert recognized schemas to the latest internal value, and
- may reject unrecognized values.
- More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
+ description: 'APIVersion defines the versioned schema of this representation
+ of an object. Servers should convert recognized schemas to the latest
+ internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
type: string
kind:
- description: |-
- Kind is a string value representing the REST resource this object represents.
- Servers may infer this from the endpoint the client submits requests to.
- Cannot be updated.
- In CamelCase.
- More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
+ description: 'Kind is a string value representing the REST resource this
+ object represents. Servers may infer this from the endpoint the client
+ submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
type: string
metadata:
type: object
description: OCIRepositorySpec defines the desired state of OCIRepository
properties:
certSecretRef:
- description: |-
- CertSecretRef can be given the name of a Secret containing
- either or both of
-
- - a PEM-encoded client certificate (`tls.crt`) and private
- key (`tls.key`);
- - a PEM-encoded CA certificate (`ca.crt`)
-
- and whichever are supplied, will be used for connecting to the
- registry. The client cert and key are useful if you are
- authenticating with a certificate; the CA cert is useful if
- you are using a self-signed server certificate. The Secret must
- be of type `Opaque` or `kubernetes.io/tls`.
-
- Note: Support for the `caFile`, `certFile` and `keyFile` keys have
- been deprecated.
+ description: "CertSecretRef can be given the name of a Secret containing
+ either or both of \n - a PEM-encoded client certificate (`tls.crt`)
+ and private key (`tls.key`); - a PEM-encoded CA certificate (`ca.crt`)
+ \n and whichever are supplied, will be used for connecting to the
+ registry. The client cert and key are useful if you are authenticating
+ with a certificate; the CA cert is useful if you are using a self-signed
+ server certificate. The Secret must be of type `Opaque` or `kubernetes.io/tls`.
+ \n Note: Support for the `caFile`, `certFile` and `keyFile` keys
+ have been deprecated."
properties:
name:
description: Name of the referent.
- name
type: object
ignore:
- description: |-
- Ignore overrides the set of excluded patterns in the .sourceignore format
- (which is the same as .gitignore). If not provided, a default will be used,
- consult the documentation for your version to find out what those are.
+ description: Ignore overrides the set of excluded patterns in the
+ .sourceignore format (which is the same as .gitignore). If not provided,
+ a default will be used, consult the documentation for your version
+ to find out what those are.
type: string
insecure:
description: Insecure allows connecting to a non-TLS HTTP container
registry.
type: boolean
interval:
- description: |-
- Interval at which the OCIRepository URL is checked for updates.
- This interval is approximate and may be subject to jitter to ensure
- efficient use of resources.
+ description: Interval at which the OCIRepository URL is checked for
+ updates. This interval is approximate and may be subject to jitter
+ to ensure efficient use of resources.
pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$
type: string
layerSelector:
- description: |-
- LayerSelector specifies which layer should be extracted from the OCI artifact.
- When not specified, the first layer found in the artifact is selected.
+ description: LayerSelector specifies which layer should be extracted
+ from the OCI artifact. When not specified, the first layer found
+ in the artifact is selected.
properties:
mediaType:
- description: |-
- MediaType specifies the OCI media type of the layer
- which should be extracted from the OCI Artifact. The
- first layer matching this type is selected.
+ description: MediaType specifies the OCI media type of the layer
+ which should be extracted from the OCI Artifact. The first layer
+ matching this type is selected.
type: string
operation:
- description: |-
- Operation specifies how the selected layer should be processed.
- By default, the layer compressed content is extracted to storage.
- When the operation is set to 'copy', the layer compressed content
- is persisted to storage as it is.
+ description: Operation specifies how the selected layer should
+ be processed. By default, the layer compressed content is extracted
+ to storage. When the operation is set to 'copy', the layer compressed
+ content is persisted to storage as it is.
enum:
- extract
- copy
type: object
provider:
default: generic
- description: |-
- The provider used for authentication, can be 'aws', 'azure', 'gcp' or 'generic'.
- When not specified, defaults to 'generic'.
+ description: The provider used for authentication, can be 'aws', 'azure',
+ 'gcp' or 'generic'. When not specified, defaults to 'generic'.
enum:
- generic
- aws
- azure
- gcp
type: string
- proxySecretRef:
- description: |-
- ProxySecretRef specifies the Secret containing the proxy configuration
- to use while communicating with the container registry.
- properties:
- name:
- description: Name of the referent.
- type: string
- required:
- - name
- type: object
ref:
- description: |-
- The OCI reference to pull and monitor for changes,
- defaults to the latest tag.
+ description: The OCI reference to pull and monitor for changes, defaults
+ to the latest tag.
properties:
digest:
- description: |-
- Digest is the image digest to pull, takes precedence over SemVer.
- The value should be in the format 'sha256:<HASH>'.
+ description: Digest is the image digest to pull, takes precedence
+ over SemVer. The value should be in the format 'sha256:<HASH>'.
type: string
semver:
- description: |-
- SemVer is the range of tags to pull selecting the latest within
- the range, takes precedence over Tag.
- type: string
- semverFilter:
- description: SemverFilter is a regex pattern to filter the tags
- within the SemVer range.
+ description: SemVer is the range of tags to pull selecting the
+ latest within the range, takes precedence over Tag.
type: string
tag:
description: Tag is the image tag to pull, defaults to latest.
type: string
type: object
secretRef:
- description: |-
- SecretRef contains the secret name containing the registry login
- credentials to resolve image metadata.
- The secret must be of type kubernetes.io/dockerconfigjson.
+ description: SecretRef contains the secret name containing the registry
+ login credentials to resolve image metadata. The secret must be
+ of type kubernetes.io/dockerconfigjson.
properties:
name:
description: Name of the referent.
- name
type: object
serviceAccountName:
- description: |-
- ServiceAccountName is the name of the Kubernetes ServiceAccount used to authenticate
- the image pull if the service account has attached pull secrets. For more information:
- https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/#add-imagepullsecrets-to-a-service-account
+ description: 'ServiceAccountName is the name of the Kubernetes ServiceAccount
+ used to authenticate the image pull if the service account has attached
+ pull secrets. For more information: https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/#add-imagepullsecrets-to-a-service-account'
type: string
suspend:
description: This flag tells the controller to suspend the reconciliation
pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m))+$
type: string
url:
- description: |-
- URL is a reference to an OCI artifact repository hosted
+ description: URL is a reference to an OCI artifact repository hosted
on a remote container registry.
pattern: ^oci://.*$
type: string
verify:
- description: |-
- Verify contains the secret name containing the trusted public keys
- used to verify the signature and specifies which provider to use to check
- whether OCI image is authentic.
+ description: Verify contains the secret name containing the trusted
+ public keys used to verify the signature and specifies which provider
+ to use to check whether OCI image is authentic.
properties:
- matchOIDCIdentity:
- description: |-
- MatchOIDCIdentity specifies the identity matching criteria to use
- while verifying an OCI artifact which was signed using Cosign keyless
- signing. The artifact's identity is deemed to be verified if any of the
- specified matchers match against the identity.
- items:
- description: |-
- OIDCIdentityMatch specifies options for verifying the certificate identity,
- i.e. the issuer and the subject of the certificate.
- properties:
- issuer:
- description: |-
- Issuer specifies the regex pattern to match against to verify
- the OIDC issuer in the Fulcio certificate. The pattern must be a
- valid Go regular expression.
- type: string
- subject:
- description: |-
- Subject specifies the regex pattern to match against to verify
- the identity subject in the Fulcio certificate. The pattern must
- be a valid Go regular expression.
- type: string
- required:
- - issuer
- - subject
- type: object
- type: array
provider:
default: cosign
description: Provider specifies the technology used to sign the
OCI Artifact.
enum:
- cosign
- - notation
type: string
secretRef:
- description: |-
- SecretRef specifies the Kubernetes Secret containing the
- trusted public keys.
+ description: SecretRef specifies the Kubernetes Secret containing
+ the trusted public keys.
properties:
name:
description: Name of the referent.
pattern: ^[a-z0-9]+(?:[.+_-][a-z0-9]+)*:[a-zA-Z0-9=_-]+$
type: string
lastUpdateTime:
- description: |-
- LastUpdateTime is the timestamp corresponding to the last update of the
- Artifact.
+ description: LastUpdateTime is the timestamp corresponding to
+ the last update of the Artifact.
format: date-time
type: string
metadata:
description: Metadata holds upstream information such as OCI annotations.
type: object
path:
- description: |-
- Path is the relative file path of the Artifact. It can be used to locate
- the file in the root of the Artifact storage on the local file system of
- the controller managing the Source.
+ description: Path is the relative file path of the Artifact. It
+ can be used to locate the file in the root of the Artifact storage
+ on the local file system of the controller managing the Source.
type: string
revision:
- description: |-
- Revision is a human-readable identifier traceable in the origin source
- system. It can be a Git commit SHA, Git tag, a Helm chart version, etc.
+ description: Revision is a human-readable identifier traceable
+ in the origin source system. It can be a Git commit SHA, Git
+ tag, a Helm chart version, etc.
type: string
size:
description: Size is the number of bytes in the file.
format: int64
type: integer
url:
- description: |-
- URL is the HTTP address of the Artifact as exposed by the controller
- managing the Source. It can be used to retrieve the Artifact for
- consumption, e.g. by another controller applying the Artifact contents.
+ description: URL is the HTTP address of the Artifact as exposed
+ by the controller managing the Source. It can be used to retrieve
+ the Artifact for consumption, e.g. by another controller applying
+ the Artifact contents.
type: string
required:
- lastUpdateTime
conditions:
description: Conditions holds the conditions for the OCIRepository.
items:
- description: Condition contains details for one aspect of the current
- state of this API Resource.
+ description: "Condition contains details for one aspect of the current
+ state of this API Resource. --- This struct is intended for direct
+ use as an array at the field path .status.conditions. For example,
+ \n type FooStatus struct{ // Represents the observations of a
+ foo's current state. // Known .status.conditions.type are: \"Available\",
+ \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge
+ // +listType=map // +listMapKey=type Conditions []metav1.Condition
+ `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\"
+ protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }"
properties:
lastTransitionTime:
- description: |-
- lastTransitionTime is the last time the condition transitioned from one status to another.
- This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable.
+ description: lastTransitionTime is the last time the condition
+ transitioned from one status to another. This should be when
+ the underlying condition changed. If that is not known, then
+ using the time when the API field changed is acceptable.
format: date-time
type: string
message:
- description: |-
- message is a human readable message indicating details about the transition.
- This may be an empty string.
+ description: message is a human readable message indicating
+ details about the transition. This may be an empty string.
maxLength: 32768
type: string
observedGeneration:
- description: |-
- observedGeneration represents the .metadata.generation that the condition was set based upon.
- For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date
- with respect to the current state of the instance.
+ description: observedGeneration represents the .metadata.generation
+ that the condition was set based upon. For instance, if .metadata.generation
+ is currently 12, but the .status.conditions[x].observedGeneration
+ is 9, the condition is out of date with respect to the current
+ state of the instance.
format: int64
minimum: 0
type: integer
reason:
- description: |-
- reason contains a programmatic identifier indicating the reason for the condition's last transition.
- Producers of specific condition types may define expected values and meanings for this field,
- and whether the values are considered a guaranteed API.
- The value should be a CamelCase string.
+ description: reason contains a programmatic identifier indicating
+ the reason for the condition's last transition. Producers
+ of specific condition types may define expected values and
+ meanings for this field, and whether the values are considered
+ a guaranteed API. The value should be a CamelCase string.
This field may not be empty.
maxLength: 1024
minLength: 1
type: string
type:
description: type of condition in CamelCase or in foo.example.com/CamelCase.
+ --- Many .condition.type values are consistent across resources
+ like Available, but because arbitrary conditions can be useful
+ (see .node.status.conditions), the ability to deconflict is
+ important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt)
maxLength: 316
pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$
type: string
type: object
type: array
contentConfigChecksum:
- description: |-
- ContentConfigChecksum is a checksum of all the configurations related to
- the content of the source artifact:
- - .spec.ignore
- - .spec.layerSelector
- observed in .status.observedGeneration version of the object. This can
- be used to determine if the content configuration has changed and the
- artifact needs to be rebuilt.
- It has the format of `<algo>:<checksum>`, for example: `sha256:<checksum>`.
-
- Deprecated: Replaced with explicit fields for observed artifact content
- config in the status.
+ description: "ContentConfigChecksum is a checksum of all the configurations
+ related to the content of the source artifact: - .spec.ignore -
+ .spec.layerSelector observed in .status.observedGeneration version
+ of the object. This can be used to determine if the content configuration
+ has changed and the artifact needs to be rebuilt. It has the format
+ of `<algo>:<checksum>`, for example: `sha256:<checksum>`. \n Deprecated:
+ Replaced with explicit fields for observed artifact content config
+ in the status."
type: string
lastHandledReconcileAt:
- description: |-
- LastHandledReconcileAt holds the value of the most recent
- reconcile request value, so a change of the annotation value
- can be detected.
+ description: LastHandledReconcileAt holds the value of the most recent
+ reconcile request value, so a change of the annotation value can
+ be detected.
type: string
observedGeneration:
description: ObservedGeneration is the last observed generation.
format: int64
type: integer
observedIgnore:
- description: |-
- ObservedIgnore is the observed exclusion patterns used for constructing
- the source artifact.
+ description: ObservedIgnore is the observed exclusion patterns used
+ for constructing the source artifact.
type: string
observedLayerSelector:
- description: |-
- ObservedLayerSelector is the observed layer selector used for constructing
- the source artifact.
+ description: ObservedLayerSelector is the observed layer selector
+ used for constructing the source artifact.
properties:
mediaType:
- description: |-
- MediaType specifies the OCI media type of the layer
- which should be extracted from the OCI Artifact. The
- first layer matching this type is selected.
+ description: MediaType specifies the OCI media type of the layer
+ which should be extracted from the OCI Artifact. The first layer
+ matching this type is selected.
type: string
operation:
- description: |-
- Operation specifies how the selected layer should be processed.
- By default, the layer compressed content is extracted to storage.
- When the operation is set to 'copy', the layer compressed content
- is persisted to storage as it is.
+ description: Operation specifies how the selected layer should
+ be processed. By default, the layer compressed content is extracted
+ to storage. When the operation is set to 'copy', the layer compressed
+ content is persisted to storage as it is.
enum:
- extract
- copy
app.kubernetes.io/component: source-controller
app.kubernetes.io/instance: flux-system
app.kubernetes.io/part-of: flux
- app.kubernetes.io/version: v2.4.0
+ app.kubernetes.io/version: v2.1.2
name: source-controller
namespace: flux-system
---
app.kubernetes.io/component: source-controller
app.kubernetes.io/instance: flux-system
app.kubernetes.io/part-of: flux
- app.kubernetes.io/version: v2.4.0
+ app.kubernetes.io/version: v2.1.2
control-plane: controller
name: source-controller
namespace: flux-system
app.kubernetes.io/component: source-controller
app.kubernetes.io/instance: flux-system
app.kubernetes.io/part-of: flux
- app.kubernetes.io/version: v2.4.0
+ app.kubernetes.io/version: v2.1.2
control-plane: controller
name: source-controller
namespace: flux-system
fieldPath: metadata.namespace
- name: TUF_ROOT
value: /tmp/.sigstore
- - name: GOMAXPROCS
- valueFrom:
- resourceFieldRef:
- containerName: manager
- resource: limits.cpu
- - name: GOMEMLIMIT
- valueFrom:
- resourceFieldRef:
- containerName: manager
- resource: limits.memory
- image: ghcr.io/fluxcd/source-controller:v1.4.1
+ image: ghcr.io/fluxcd/source-controller:v1.1.2
imagePullPolicy: IfNotPresent
livenessProbe:
httpGet:
kind: CustomResourceDefinition
metadata:
annotations:
- controller-gen.kubebuilder.io/version: v0.16.1
+ controller-gen.kubebuilder.io/version: v0.12.0
labels:
app.kubernetes.io/component: kustomize-controller
app.kubernetes.io/instance: flux-system
app.kubernetes.io/part-of: flux
- app.kubernetes.io/version: v2.4.0
+ app.kubernetes.io/version: v2.1.2
name: kustomizations.kustomize.toolkit.fluxcd.io
spec:
group: kustomize.toolkit.fluxcd.io
description: Kustomization is the Schema for the kustomizations API.
properties:
apiVersion:
- description: |-
- APIVersion defines the versioned schema of this representation of an object.
- Servers should convert recognized schemas to the latest internal value, and
- may reject unrecognized values.
- More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
+ description: 'APIVersion defines the versioned schema of this representation
+ of an object. Servers should convert recognized schemas to the latest
+ internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
type: string
kind:
- description: |-
- Kind is a string value representing the REST resource this object represents.
- Servers may infer this from the endpoint the client submits requests to.
- Cannot be updated.
- In CamelCase.
- More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
+ description: 'Kind is a string value representing the REST resource this
+ object represents. Servers may infer this from the endpoint the client
+ submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
type: string
metadata:
type: object
spec:
- description: |-
- KustomizationSpec defines the configuration to calculate the desired state
- from a Source using Kustomize.
+ description: KustomizationSpec defines the configuration to calculate
+ the desired state from a Source using Kustomize.
properties:
commonMetadata:
- description: |-
- CommonMetadata specifies the common labels and annotations that are
- applied to all resources. Any existing label or annotation will be
- overridden if its key matches a common one.
+ description: CommonMetadata specifies the common labels and annotations
+ that are applied to all resources. Any existing label or annotation
+ will be overridden if its key matches a common one.
properties:
annotations:
additionalProperties:
- provider
type: object
dependsOn:
- description: |-
- DependsOn may contain a meta.NamespacedObjectReference slice
- with references to Kustomization resources that must be ready before this
- Kustomization can be reconciled.
+ description: DependsOn may contain a meta.NamespacedObjectReference
+ slice with references to Kustomization resources that must be ready
+ before this Kustomization can be reconciled.
items:
- description: |-
- NamespacedObjectReference contains enough information to locate the referenced Kubernetes resource object in any
- namespace.
+ description: NamespacedObjectReference contains enough information
+ to locate the referenced Kubernetes resource object in any namespace.
properties:
name:
description: Name of the referent.
type: array
force:
default: false
- description: |-
- Force instructs the controller to recreate resources
+ description: Force instructs the controller to recreate resources
when patching fails due to an immutable field change.
type: boolean
healthChecks:
description: A list of resources to be included in the health assessment.
items:
- description: |-
- NamespacedObjectKindReference contains enough information to locate the typed referenced Kubernetes resource object
- in any namespace.
+ description: NamespacedObjectKindReference contains enough information
+ to locate the typed referenced Kubernetes resource object in any
+ namespace.
properties:
apiVersion:
description: API version of the referent, if not specified the
type: object
type: array
images:
- description: |-
- Images is a list of (image name, new name, new tag or digest)
- for changing image names, tags or digests. This can also be achieved with a
- patch, but this operator is simpler to specify.
+ description: Images is a list of (image name, new name, new tag or
+ digest) for changing image names, tags or digests. This can also
+ be achieved with a patch, but this operator is simpler to specify.
items:
description: Image contains an image name, a new name, a new tag
or digest, which will replace the original name and tag.
properties:
digest:
- description: |-
- Digest is the value used to replace the original image tag.
- If digest is present NewTag value is ignored.
+ description: Digest is the value used to replace the original
+ image tag. If digest is present NewTag value is ignored.
type: string
name:
description: Name is a tag-less image name.
type: object
type: array
interval:
- description: |-
- The interval at which to reconcile the Kustomization.
+ description: The interval at which to reconcile the Kustomization.
This interval is approximate and may be subject to jitter to ensure
efficient use of resources.
pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$
type: string
kubeConfig:
- description: |-
- The KubeConfig for reconciling the Kustomization on a remote cluster.
- When used in combination with KustomizationSpec.ServiceAccountName,
- forces the controller to act on behalf of that Service Account at the
- target cluster.
- If the --default-service-account flag is set, its value will be used as
- a controller level fallback for when KustomizationSpec.ServiceAccountName
+ description: The KubeConfig for reconciling the Kustomization on a
+ remote cluster. When used in combination with KustomizationSpec.ServiceAccountName,
+ forces the controller to act on behalf of that Service Account at
+ the target cluster. If the --default-service-account flag is set,
+ its value will be used as a controller level fallback for when KustomizationSpec.ServiceAccountName
is empty.
properties:
secretRef:
- description: |-
- SecretRef holds the name of a secret that contains a key with
- the kubeconfig file as the value. If no key is set, the key will default
- to 'value'.
- It is recommended that the kubeconfig is self-contained, and the secret
- is regularly updated if credentials such as a cloud-access-token expire.
- Cloud specific `cmd-path` auth helpers will not function without adding
- binaries and credentials to the Pod that is responsible for reconciling
+ description: SecretRef holds the name of a secret that contains
+ a key with the kubeconfig file as the value. If no key is set,
+ the key will default to 'value'. It is recommended that the
+ kubeconfig is self-contained, and the secret is regularly updated
+ if credentials such as a cloud-access-token expire. Cloud specific
+ `cmd-path` auth helpers will not function without adding binaries
+ and credentials to the Pod that is responsible for reconciling
Kubernetes resources.
properties:
key:
required:
- secretRef
type: object
- namePrefix:
- description: NamePrefix will prefix the names of all managed resources.
- maxLength: 200
- minLength: 1
- type: string
- nameSuffix:
- description: NameSuffix will suffix the names of all managed resources.
- maxLength: 200
- minLength: 1
- type: string
patches:
- description: |-
- Strategic merge and JSON patches, defined as inline YAML objects,
- capable of targeting objects based on kind, label and annotation selectors.
+ description: Strategic merge and JSON patches, defined as inline YAML
+ objects, capable of targeting objects based on kind, label and annotation
+ selectors.
items:
- description: |-
- Patch contains an inline StrategicMerge or JSON6902 patch, and the target the patch should
- be applied to.
+ description: Patch contains an inline StrategicMerge or JSON6902
+ patch, and the target the patch should be applied to.
properties:
patch:
- description: |-
- Patch contains an inline StrategicMerge patch or an inline JSON6902 patch with
- an array of operation objects.
+ description: Patch contains an inline StrategicMerge patch or
+ an inline JSON6902 patch with an array of operation objects.
type: string
target:
description: Target points to the resources that the patch document
should be applied to.
properties:
annotationSelector:
- description: |-
- AnnotationSelector is a string that follows the label selection expression
- https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#api
+ description: AnnotationSelector is a string that follows
+ the label selection expression https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#api
It matches with the resource annotations.
type: string
group:
- description: |-
- Group is the API group to select resources from.
- Together with Version and Kind it is capable of unambiguously identifying and/or selecting resources.
+ description: Group is the API group to select resources
+ from. Together with Version and Kind it is capable of
+ unambiguously identifying and/or selecting resources.
https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md
type: string
kind:
- description: |-
- Kind of the API Group to select resources from.
+ description: Kind of the API Group to select resources from.
Together with Group and Version it is capable of unambiguously
- identifying and/or selecting resources.
- https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md
+ identifying and/or selecting resources. https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md
type: string
labelSelector:
- description: |-
- LabelSelector is a string that follows the label selection expression
- https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#api
+ description: LabelSelector is a string that follows the
+ label selection expression https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#api
It matches with the resource labels.
type: string
name:
description: Namespace to select resources from.
type: string
version:
- description: |-
- Version of the API Group to select resources from.
- Together with Group and Kind it is capable of unambiguously identifying and/or selecting resources.
- https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md
+ description: Version of the API Group to select resources
+ from. Together with Group and Kind it is capable of unambiguously
+ identifying and/or selecting resources. https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md
type: string
type: object
required:
type: object
type: array
path:
- description: |-
- Path to the directory containing the kustomization.yaml file, or the
- set of plain YAMLs a kustomization.yaml should be generated for.
- Defaults to 'None', which translates to the root path of the SourceRef.
+ description: Path to the directory containing the kustomization.yaml
+ file, or the set of plain YAMLs a kustomization.yaml should be generated
+ for. Defaults to 'None', which translates to the root path of the
+ SourceRef.
type: string
postBuild:
- description: |-
- PostBuild describes which actions to perform on the YAML manifest
- generated by building the kustomize overlay.
+ description: PostBuild describes which actions to perform on the YAML
+ manifest generated by building the kustomize overlay.
properties:
substitute:
additionalProperties:
type: string
- description: |-
- Substitute holds a map of key/value pairs.
- The variables defined in your YAML manifests that match any of the keys
- defined in the map will be substituted with the set value.
- Includes support for bash string replacement functions
- e.g. ${var:=default}, ${var:position} and ${var/substring/replacement}.
+ description: Substitute holds a map of key/value pairs. The variables
+ defined in your YAML manifests that match any of the keys defined
+ in the map will be substituted with the set value. Includes
+ support for bash string replacement functions e.g. ${var:=default},
+ ${var:position} and ${var/substring/replacement}.
type: object
substituteFrom:
- description: |-
- SubstituteFrom holds references to ConfigMaps and Secrets containing
- the variables and their values to be substituted in the YAML manifests.
- The ConfigMap and the Secret data keys represent the var names, and they
- must match the vars declared in the manifests for the substitution to
- happen.
+ description: SubstituteFrom holds references to ConfigMaps and
+ Secrets containing the variables and their values to be substituted
+ in the YAML manifests. The ConfigMap and the Secret data keys
+ represent the var names, and they must match the vars declared
+ in the manifests for the substitution to happen.
items:
- description: |-
- SubstituteReference contains a reference to a resource containing
- the variables name and value.
+ description: SubstituteReference contains a reference to a resource
+ containing the variables name and value.
properties:
kind:
description: Kind of the values referent, valid values are
- ConfigMap
type: string
name:
- description: |-
- Name of the values referent. Should reside in the same namespace as the
- referring resource.
+ description: Name of the values referent. Should reside
+ in the same namespace as the referring resource.
maxLength: 253
minLength: 1
type: string
optional:
default: false
- description: |-
- Optional indicates whether the referenced resource must exist, or whether to
- tolerate its absence. If true and the referenced resource is absent, proceed
- as if the resource was present but empty, without any variables defined.
+ description: Optional indicates whether the referenced resource
+ must exist, or whether to tolerate its absence. If true
+ and the referenced resource is absent, proceed as if the
+ resource was present but empty, without any variables
+ defined.
type: boolean
required:
- kind
description: Prune enables garbage collection.
type: boolean
retryInterval:
- description: |-
- The interval at which to retry a previously failed reconciliation.
+ description: The interval at which to retry a previously failed reconciliation.
When not specified, the controller uses the KustomizationSpec.Interval
value to retry failures.
pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$
type: string
serviceAccountName:
- description: |-
- The name of the Kubernetes service account to impersonate
+ description: The name of the Kubernetes service account to impersonate
when reconciling this Kustomization.
type: string
sourceRef:
description: Name of the referent.
type: string
namespace:
- description: |-
- Namespace of the referent, defaults to the namespace of the Kubernetes
- resource object that contains the reference.
+ description: Namespace of the referent, defaults to the namespace
+ of the Kubernetes resource object that contains the reference.
type: string
required:
- kind
- name
type: object
suspend:
- description: |-
- This flag tells the controller to suspend subsequent kustomize executions,
- it does not apply to already started executions. Defaults to false.
+ description: This flag tells the controller to suspend subsequent
+ kustomize executions, it does not apply to already started executions.
+ Defaults to false.
type: boolean
targetNamespace:
- description: |-
- TargetNamespace sets or overrides the namespace in the
+ description: TargetNamespace sets or overrides the namespace in the
kustomization.yaml file.
maxLength: 63
minLength: 1
type: string
timeout:
- description: |-
- Timeout for validation, apply and health checking operations.
+ description: Timeout for validation, apply and health checking operations.
Defaults to 'Interval' duration.
pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$
type: string
wait:
- description: |-
- Wait instructs the controller to check the health of all the reconciled
- resources. When enabled, the HealthChecks are ignored. Defaults to false.
+ description: Wait instructs the controller to check the health of
+ all the reconciled resources. When enabled, the HealthChecks are
+ ignored. Defaults to false.
type: boolean
required:
- interval
properties:
conditions:
items:
- description: Condition contains details for one aspect of the current
- state of this API Resource.
+ description: "Condition contains details for one aspect of the current
+ state of this API Resource. --- This struct is intended for direct
+ use as an array at the field path .status.conditions. For example,
+ \n type FooStatus struct{ // Represents the observations of a
+ foo's current state. // Known .status.conditions.type are: \"Available\",
+ \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge
+ // +listType=map // +listMapKey=type Conditions []metav1.Condition
+ `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\"
+ protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }"
properties:
lastTransitionTime:
- description: |-
- lastTransitionTime is the last time the condition transitioned from one status to another.
- This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable.
+ description: lastTransitionTime is the last time the condition
+ transitioned from one status to another. This should be when
+ the underlying condition changed. If that is not known, then
+ using the time when the API field changed is acceptable.
format: date-time
type: string
message:
- description: |-
- message is a human readable message indicating details about the transition.
- This may be an empty string.
+ description: message is a human readable message indicating
+ details about the transition. This may be an empty string.
maxLength: 32768
type: string
observedGeneration:
- description: |-
- observedGeneration represents the .metadata.generation that the condition was set based upon.
- For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date
- with respect to the current state of the instance.
+ description: observedGeneration represents the .metadata.generation
+ that the condition was set based upon. For instance, if .metadata.generation
+ is currently 12, but the .status.conditions[x].observedGeneration
+ is 9, the condition is out of date with respect to the current
+ state of the instance.
format: int64
minimum: 0
type: integer
reason:
- description: |-
- reason contains a programmatic identifier indicating the reason for the condition's last transition.
- Producers of specific condition types may define expected values and meanings for this field,
- and whether the values are considered a guaranteed API.
- The value should be a CamelCase string.
+ description: reason contains a programmatic identifier indicating
+ the reason for the condition's last transition. Producers
+ of specific condition types may define expected values and
+ meanings for this field, and whether the values are considered
+ a guaranteed API. The value should be a CamelCase string.
This field may not be empty.
maxLength: 1024
minLength: 1
type: string
type:
description: type of condition in CamelCase or in foo.example.com/CamelCase.
+ --- Many .condition.type values are consistent across resources
+ like Available, but because arbitrary conditions can be useful
+ (see .node.status.conditions), the ability to deconflict is
+ important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt)
maxLength: 316
pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$
type: string
type: object
type: array
inventory:
- description: |-
- Inventory contains the list of Kubernetes resource object references that
- have been successfully applied.
+ description: Inventory contains the list of Kubernetes resource object
+ references that have been successfully applied.
properties:
entries:
description: Entries of Kubernetes resource object references.
to locate a resource within a cluster.
properties:
id:
- description: |-
- ID is the string representation of the Kubernetes resource object's metadata,
- in the format '<namespace>_<name>_<group>_<kind>'.
+ description: ID is the string representation of the Kubernetes
+ resource object's metadata, in the format '<namespace>_<name>_<group>_<kind>'.
type: string
v:
description: Version is the API version of the Kubernetes
- entries
type: object
lastAppliedRevision:
- description: |-
- The last successfully applied revision.
- Equals the Revision of the applied Artifact from the referenced Source.
+ description: The last successfully applied revision. Equals the Revision
+ of the applied Artifact from the referenced Source.
type: string
lastAttemptedRevision:
description: LastAttemptedRevision is the revision of the last reconciliation
attempt.
type: string
lastHandledReconcileAt:
- description: |-
- LastHandledReconcileAt holds the value of the most recent
- reconcile request value, so a change of the annotation value
- can be detected.
+ description: LastHandledReconcileAt holds the value of the most recent
+ reconcile request value, so a change of the annotation value can
+ be detected.
type: string
observedGeneration:
description: ObservedGeneration is the last reconciled generation.
description: Kustomization is the Schema for the kustomizations API.
properties:
apiVersion:
- description: |-
- APIVersion defines the versioned schema of this representation of an object.
- Servers should convert recognized schemas to the latest internal value, and
- may reject unrecognized values.
- More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
+ description: 'APIVersion defines the versioned schema of this representation
+ of an object. Servers should convert recognized schemas to the latest
+ internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
type: string
kind:
- description: |-
- Kind is a string value representing the REST resource this object represents.
- Servers may infer this from the endpoint the client submits requests to.
- Cannot be updated.
- In CamelCase.
- More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
+ description: 'Kind is a string value representing the REST resource this
+ object represents. Servers may infer this from the endpoint the client
+ submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
type: string
metadata:
type: object
- provider
type: object
dependsOn:
- description: |-
- DependsOn may contain a meta.NamespacedObjectReference slice
- with references to Kustomization resources that must be ready before this
- Kustomization can be reconciled.
+ description: DependsOn may contain a meta.NamespacedObjectReference
+ slice with references to Kustomization resources that must be ready
+ before this Kustomization can be reconciled.
items:
- description: |-
- NamespacedObjectReference contains enough information to locate the referenced Kubernetes resource object in any
- namespace.
+ description: NamespacedObjectReference contains enough information
+ to locate the referenced Kubernetes resource object in any namespace.
properties:
name:
description: Name of the referent.
type: array
force:
default: false
- description: |-
- Force instructs the controller to recreate resources
+ description: Force instructs the controller to recreate resources
when patching fails due to an immutable field change.
type: boolean
healthChecks:
description: A list of resources to be included in the health assessment.
items:
- description: |-
- NamespacedObjectKindReference contains enough information to locate the typed referenced Kubernetes resource object
- in any namespace.
+ description: NamespacedObjectKindReference contains enough information
+ to locate the typed referenced Kubernetes resource object in any
+ namespace.
properties:
apiVersion:
description: API version of the referent, if not specified the
type: object
type: array
images:
- description: |-
- Images is a list of (image name, new name, new tag or digest)
- for changing image names, tags or digests. This can also be achieved with a
- patch, but this operator is simpler to specify.
+ description: Images is a list of (image name, new name, new tag or
+ digest) for changing image names, tags or digests. This can also
+ be achieved with a patch, but this operator is simpler to specify.
items:
description: Image contains an image name, a new name, a new tag
or digest, which will replace the original name and tag.
properties:
digest:
- description: |-
- Digest is the value used to replace the original image tag.
- If digest is present NewTag value is ignored.
+ description: Digest is the value used to replace the original
+ image tag. If digest is present NewTag value is ignored.
type: string
name:
description: Name is a tag-less image name.
description: The interval at which to reconcile the Kustomization.
type: string
kubeConfig:
- description: |-
- The KubeConfig for reconciling the Kustomization on a remote cluster.
- When specified, KubeConfig takes precedence over ServiceAccountName.
+ description: The KubeConfig for reconciling the Kustomization on a
+ remote cluster. When specified, KubeConfig takes precedence over
+ ServiceAccountName.
properties:
secretRef:
- description: |-
- SecretRef holds the name to a secret that contains a 'value' key with
- the kubeconfig file as the value. It must be in the same namespace as
- the Kustomization.
- It is recommended that the kubeconfig is self-contained, and the secret
- is regularly updated if credentials such as a cloud-access-token expire.
- Cloud specific `cmd-path` auth helpers will not function without adding
- binaries and credentials to the Pod that is responsible for reconciling
- the Kustomization.
+ description: SecretRef holds the name to a secret that contains
+ a 'value' key with the kubeconfig file as the value. It must
+ be in the same namespace as the Kustomization. It is recommended
+ that the kubeconfig is self-contained, and the secret is regularly
+ updated if credentials such as a cloud-access-token expire.
+ Cloud specific `cmd-path` auth helpers will not function without
+ adding binaries and credentials to the Pod that is responsible
+ for reconciling the Kustomization.
properties:
name:
description: Name of the referent.
required:
- name
type: object
- required:
- - secretRef
type: object
patches:
- description: |-
- Strategic merge and JSON patches, defined as inline YAML objects,
- capable of targeting objects based on kind, label and annotation selectors.
+ description: Strategic merge and JSON patches, defined as inline YAML
+ objects, capable of targeting objects based on kind, label and annotation
+ selectors.
items:
- description: |-
- Patch contains an inline StrategicMerge or JSON6902 patch, and the target the patch should
- be applied to.
+ description: Patch contains an inline StrategicMerge or JSON6902
+ patch, and the target the patch should be applied to.
properties:
patch:
- description: |-
- Patch contains an inline StrategicMerge patch or an inline JSON6902 patch with
- an array of operation objects.
+ description: Patch contains an inline StrategicMerge patch or
+ an inline JSON6902 patch with an array of operation objects.
type: string
target:
description: Target points to the resources that the patch document
should be applied to.
properties:
annotationSelector:
- description: |-
- AnnotationSelector is a string that follows the label selection expression
- https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#api
+ description: AnnotationSelector is a string that follows
+ the label selection expression https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#api
It matches with the resource annotations.
type: string
group:
- description: |-
- Group is the API group to select resources from.
- Together with Version and Kind it is capable of unambiguously identifying and/or selecting resources.
+ description: Group is the API group to select resources
+ from. Together with Version and Kind it is capable of
+ unambiguously identifying and/or selecting resources.
https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md
type: string
kind:
- description: |-
- Kind of the API Group to select resources from.
+ description: Kind of the API Group to select resources from.
Together with Group and Version it is capable of unambiguously
- identifying and/or selecting resources.
- https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md
+ identifying and/or selecting resources. https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md
type: string
labelSelector:
- description: |-
- LabelSelector is a string that follows the label selection expression
- https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#api
+ description: LabelSelector is a string that follows the
+ label selection expression https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#api
It matches with the resource labels.
type: string
name:
description: Namespace to select resources from.
type: string
version:
- description: |-
- Version of the API Group to select resources from.
- Together with Group and Kind it is capable of unambiguously identifying and/or selecting resources.
- https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md
+ description: Version of the API Group to select resources
+ from. Together with Group and Kind it is capable of unambiguously
+ identifying and/or selecting resources. https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md
type: string
type: object
required:
description: Patch contains the JSON6902 patch document with
an array of operation objects.
items:
- description: |-
- JSON6902 is a JSON6902 operation object.
- https://datatracker.ietf.org/doc/html/rfc6902#section-4
+ description: JSON6902 is a JSON6902 operation object. https://datatracker.ietf.org/doc/html/rfc6902#section-4
properties:
from:
- description: |-
- From contains a JSON-pointer value that references a location within the target document where the operation is
- performed. The meaning of the value depends on the value of Op, and is NOT taken into account by all operations.
+ description: From contains a JSON-pointer value that references
+ a location within the target document where the operation
+ is performed. The meaning of the value depends on the
+ value of Op, and is NOT taken into account by all operations.
type: string
op:
- description: |-
- Op indicates the operation to perform. Its value MUST be one of "add", "remove", "replace", "move", "copy", or
- "test".
- https://datatracker.ietf.org/doc/html/rfc6902#section-4
+ description: Op indicates the operation to perform. Its
+ value MUST be one of "add", "remove", "replace", "move",
+ "copy", or "test". https://datatracker.ietf.org/doc/html/rfc6902#section-4
enum:
- test
- remove
- copy
type: string
path:
- description: |-
- Path contains the JSON-pointer value that references a location within the target document where the operation
- is performed. The meaning of the value depends on the value of Op.
+ description: Path contains the JSON-pointer value that
+ references a location within the target document where
+ the operation is performed. The meaning of the value
+ depends on the value of Op.
type: string
value:
- description: |-
- Value contains a valid JSON structure. The meaning of the value depends on the value of Op, and is NOT taken into
- account by all operations.
+ description: Value contains a valid JSON structure. The
+ meaning of the value depends on the value of Op, and
+ is NOT taken into account by all operations.
x-kubernetes-preserve-unknown-fields: true
required:
- op
should be applied to.
properties:
annotationSelector:
- description: |-
- AnnotationSelector is a string that follows the label selection expression
- https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#api
+ description: AnnotationSelector is a string that follows
+ the label selection expression https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#api
It matches with the resource annotations.
type: string
group:
- description: |-
- Group is the API group to select resources from.
- Together with Version and Kind it is capable of unambiguously identifying and/or selecting resources.
+ description: Group is the API group to select resources
+ from. Together with Version and Kind it is capable of
+ unambiguously identifying and/or selecting resources.
https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md
type: string
kind:
- description: |-
- Kind of the API Group to select resources from.
+ description: Kind of the API Group to select resources from.
Together with Group and Version it is capable of unambiguously
- identifying and/or selecting resources.
- https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md
+ identifying and/or selecting resources. https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md
type: string
labelSelector:
- description: |-
- LabelSelector is a string that follows the label selection expression
- https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#api
+ description: LabelSelector is a string that follows the
+ label selection expression https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#api
It matches with the resource labels.
type: string
name:
description: Namespace to select resources from.
type: string
version:
- description: |-
- Version of the API Group to select resources from.
- Together with Group and Kind it is capable of unambiguously identifying and/or selecting resources.
- https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md
+ description: Version of the API Group to select resources
+ from. Together with Group and Kind it is capable of unambiguously
+ identifying and/or selecting resources. https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md
type: string
type: object
required:
x-kubernetes-preserve-unknown-fields: true
type: array
path:
- description: |-
- Path to the directory containing the kustomization.yaml file, or the
- set of plain YAMLs a kustomization.yaml should be generated for.
- Defaults to 'None', which translates to the root path of the SourceRef.
+ description: Path to the directory containing the kustomization.yaml
+ file, or the set of plain YAMLs a kustomization.yaml should be generated
+ for. Defaults to 'None', which translates to the root path of the
+ SourceRef.
type: string
postBuild:
- description: |-
- PostBuild describes which actions to perform on the YAML manifest
- generated by building the kustomize overlay.
+ description: PostBuild describes which actions to perform on the YAML
+ manifest generated by building the kustomize overlay.
properties:
substitute:
additionalProperties:
type: string
- description: |-
- Substitute holds a map of key/value pairs.
- The variables defined in your YAML manifests
- that match any of the keys defined in the map
- will be substituted with the set value.
- Includes support for bash string replacement functions
- e.g. ${var:=default}, ${var:position} and ${var/substring/replacement}.
+ description: Substitute holds a map of key/value pairs. The variables
+ defined in your YAML manifests that match any of the keys defined
+ in the map will be substituted with the set value. Includes
+ support for bash string replacement functions e.g. ${var:=default},
+ ${var:position} and ${var/substring/replacement}.
type: object
substituteFrom:
- description: |-
- SubstituteFrom holds references to ConfigMaps and Secrets containing
- the variables and their values to be substituted in the YAML manifests.
- The ConfigMap and the Secret data keys represent the var names and they
- must match the vars declared in the manifests for the substitution to happen.
+ description: SubstituteFrom holds references to ConfigMaps and
+ Secrets containing the variables and their values to be substituted
+ in the YAML manifests. The ConfigMap and the Secret data keys
+ represent the var names and they must match the vars declared
+ in the manifests for the substitution to happen.
items:
- description: |-
- SubstituteReference contains a reference to a resource containing
- the variables name and value.
+ description: SubstituteReference contains a reference to a resource
+ containing the variables name and value.
properties:
kind:
description: Kind of the values referent, valid values are
- ConfigMap
type: string
name:
- description: |-
- Name of the values referent. Should reside in the same namespace as the
- referring resource.
+ description: Name of the values referent. Should reside
+ in the same namespace as the referring resource.
maxLength: 253
minLength: 1
type: string
description: Prune enables garbage collection.
type: boolean
retryInterval:
- description: |-
- The interval at which to retry a previously failed reconciliation.
+ description: The interval at which to retry a previously failed reconciliation.
When not specified, the controller uses the KustomizationSpec.Interval
value to retry failures.
type: string
serviceAccountName:
- description: |-
- The name of the Kubernetes service account to impersonate
+ description: The name of the Kubernetes service account to impersonate
when reconciling this Kustomization.
type: string
sourceRef:
- name
type: object
suspend:
- description: |-
- This flag tells the controller to suspend subsequent kustomize executions,
- it does not apply to already started executions. Defaults to false.
+ description: This flag tells the controller to suspend subsequent
+ kustomize executions, it does not apply to already started executions.
+ Defaults to false.
type: boolean
targetNamespace:
- description: |-
- TargetNamespace sets or overrides the namespace in the
+ description: TargetNamespace sets or overrides the namespace in the
kustomization.yaml file.
maxLength: 63
minLength: 1
type: string
timeout:
- description: |-
- Timeout for validation, apply and health checking operations.
+ description: Timeout for validation, apply and health checking operations.
Defaults to 'Interval' duration.
type: string
validation:
- description: |-
- Validate the Kubernetes objects before applying them on the cluster.
- The validation strategy can be 'client' (local dry-run), 'server'
- (APIServer dry-run) or 'none'.
- When 'Force' is 'true', validation will fallback to 'client' if set to
- 'server' because server-side validation is not supported in this scenario.
+ description: Validate the Kubernetes objects before applying them
+ on the cluster. The validation strategy can be 'client' (local dry-run),
+ 'server' (APIServer dry-run) or 'none'. When 'Force' is 'true',
+ validation will fallback to 'client' if set to 'server' because
+ server-side validation is not supported in this scenario.
enum:
- none
- client
properties:
conditions:
items:
- description: Condition contains details for one aspect of the current
- state of this API Resource.
+ description: "Condition contains details for one aspect of the current
+ state of this API Resource. --- This struct is intended for direct
+ use as an array at the field path .status.conditions. For example,
+ \n type FooStatus struct{ // Represents the observations of a
+ foo's current state. // Known .status.conditions.type are: \"Available\",
+ \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge
+ // +listType=map // +listMapKey=type Conditions []metav1.Condition
+ `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\"
+ protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }"
properties:
lastTransitionTime:
- description: |-
- lastTransitionTime is the last time the condition transitioned from one status to another.
- This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable.
+ description: lastTransitionTime is the last time the condition
+ transitioned from one status to another. This should be when
+ the underlying condition changed. If that is not known, then
+ using the time when the API field changed is acceptable.
format: date-time
type: string
message:
- description: |-
- message is a human readable message indicating details about the transition.
- This may be an empty string.
+ description: message is a human readable message indicating
+ details about the transition. This may be an empty string.
maxLength: 32768
type: string
observedGeneration:
- description: |-
- observedGeneration represents the .metadata.generation that the condition was set based upon.
- For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date
- with respect to the current state of the instance.
+ description: observedGeneration represents the .metadata.generation
+ that the condition was set based upon. For instance, if .metadata.generation
+ is currently 12, but the .status.conditions[x].observedGeneration
+ is 9, the condition is out of date with respect to the current
+ state of the instance.
format: int64
minimum: 0
type: integer
reason:
- description: |-
- reason contains a programmatic identifier indicating the reason for the condition's last transition.
- Producers of specific condition types may define expected values and meanings for this field,
- and whether the values are considered a guaranteed API.
- The value should be a CamelCase string.
+ description: reason contains a programmatic identifier indicating
+ the reason for the condition's last transition. Producers
+ of specific condition types may define expected values and
+ meanings for this field, and whether the values are considered
+ a guaranteed API. The value should be a CamelCase string.
This field may not be empty.
maxLength: 1024
minLength: 1
type: string
type:
description: type of condition in CamelCase or in foo.example.com/CamelCase.
+ --- Many .condition.type values are consistent across resources
+ like Available, but because arbitrary conditions can be useful
+ (see .node.status.conditions), the ability to deconflict is
+ important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt)
maxLength: 316
pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$
type: string
type: object
type: array
lastAppliedRevision:
- description: |-
- The last successfully applied revision.
- The revision format for Git sources is <branch|tag>/<commit-sha>.
+ description: The last successfully applied revision. The revision
+ format for Git sources is <branch|tag>/<commit-sha>.
type: string
lastAttemptedRevision:
description: LastAttemptedRevision is the revision of the last reconciliation
attempt.
type: string
lastHandledReconcileAt:
- description: |-
- LastHandledReconcileAt holds the value of the most recent
- reconcile request value, so a change of the annotation value
- can be detected.
+ description: LastHandledReconcileAt holds the value of the most recent
+ reconcile request value, so a change of the annotation value can
+ be detected.
type: string
observedGeneration:
description: ObservedGeneration is the last reconciled generation.
entries:
description: A list of Kubernetes kinds grouped by namespace.
items:
- description: |-
- Snapshot holds the metadata of namespaced
- Kubernetes objects
+ description: Snapshot holds the metadata of namespaced Kubernetes
+ objects
properties:
kinds:
additionalProperties:
description: Kustomization is the Schema for the kustomizations API.
properties:
apiVersion:
- description: |-
- APIVersion defines the versioned schema of this representation of an object.
- Servers should convert recognized schemas to the latest internal value, and
- may reject unrecognized values.
- More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
+ description: 'APIVersion defines the versioned schema of this representation
+ of an object. Servers should convert recognized schemas to the latest
+ internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
type: string
kind:
- description: |-
- Kind is a string value representing the REST resource this object represents.
- Servers may infer this from the endpoint the client submits requests to.
- Cannot be updated.
- In CamelCase.
- More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
+ description: 'Kind is a string value representing the REST resource this
+ object represents. Servers may infer this from the endpoint the client
+ submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
type: string
metadata:
type: object
the desired state from a Source using Kustomize.
properties:
commonMetadata:
- description: |-
- CommonMetadata specifies the common labels and annotations that are applied to all resources.
- Any existing label or annotation will be overridden if its key matches a common one.
+ description: CommonMetadata specifies the common labels and annotations
+ that are applied to all resources. Any existing label or annotation
+ will be overridden if its key matches a common one.
properties:
annotations:
additionalProperties:
- provider
type: object
dependsOn:
- description: |-
- DependsOn may contain a meta.NamespacedObjectReference slice
- with references to Kustomization resources that must be ready before this
- Kustomization can be reconciled.
+ description: DependsOn may contain a meta.NamespacedObjectReference
+ slice with references to Kustomization resources that must be ready
+ before this Kustomization can be reconciled.
items:
- description: |-
- NamespacedObjectReference contains enough information to locate the referenced Kubernetes resource object in any
- namespace.
+ description: NamespacedObjectReference contains enough information
+ to locate the referenced Kubernetes resource object in any namespace.
properties:
name:
description: Name of the referent.
type: array
force:
default: false
- description: |-
- Force instructs the controller to recreate resources
+ description: Force instructs the controller to recreate resources
when patching fails due to an immutable field change.
type: boolean
healthChecks:
description: A list of resources to be included in the health assessment.
items:
- description: |-
- NamespacedObjectKindReference contains enough information to locate the typed referenced Kubernetes resource object
- in any namespace.
+ description: NamespacedObjectKindReference contains enough information
+ to locate the typed referenced Kubernetes resource object in any
+ namespace.
properties:
apiVersion:
description: API version of the referent, if not specified the
type: object
type: array
images:
- description: |-
- Images is a list of (image name, new name, new tag or digest)
- for changing image names, tags or digests. This can also be achieved with a
- patch, but this operator is simpler to specify.
+ description: Images is a list of (image name, new name, new tag or
+ digest) for changing image names, tags or digests. This can also
+ be achieved with a patch, but this operator is simpler to specify.
items:
description: Image contains an image name, a new name, a new tag
or digest, which will replace the original name and tag.
properties:
digest:
- description: |-
- Digest is the value used to replace the original image tag.
- If digest is present NewTag value is ignored.
+ description: Digest is the value used to replace the original
+ image tag. If digest is present NewTag value is ignored.
type: string
name:
description: Name is a tag-less image name.
pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$
type: string
kubeConfig:
- description: |-
- The KubeConfig for reconciling the Kustomization on a remote cluster.
- When used in combination with KustomizationSpec.ServiceAccountName,
- forces the controller to act on behalf of that Service Account at the
- target cluster.
- If the --default-service-account flag is set, its value will be used as
- a controller level fallback for when KustomizationSpec.ServiceAccountName
+ description: The KubeConfig for reconciling the Kustomization on a
+ remote cluster. When used in combination with KustomizationSpec.ServiceAccountName,
+ forces the controller to act on behalf of that Service Account at
+ the target cluster. If the --default-service-account flag is set,
+ its value will be used as a controller level fallback for when KustomizationSpec.ServiceAccountName
is empty.
properties:
secretRef:
- description: |-
- SecretRef holds the name of a secret that contains a key with
- the kubeconfig file as the value. If no key is set, the key will default
- to 'value'.
- It is recommended that the kubeconfig is self-contained, and the secret
- is regularly updated if credentials such as a cloud-access-token expire.
- Cloud specific `cmd-path` auth helpers will not function without adding
- binaries and credentials to the Pod that is responsible for reconciling
+ description: SecretRef holds the name of a secret that contains
+ a key with the kubeconfig file as the value. If no key is set,
+ the key will default to 'value'. It is recommended that the
+ kubeconfig is self-contained, and the secret is regularly updated
+ if credentials such as a cloud-access-token expire. Cloud specific
+ `cmd-path` auth helpers will not function without adding binaries
+ and credentials to the Pod that is responsible for reconciling
Kubernetes resources.
properties:
key:
- secretRef
type: object
patches:
- description: |-
- Strategic merge and JSON patches, defined as inline YAML objects,
- capable of targeting objects based on kind, label and annotation selectors.
+ description: Strategic merge and JSON patches, defined as inline YAML
+ objects, capable of targeting objects based on kind, label and annotation
+ selectors.
items:
- description: |-
- Patch contains an inline StrategicMerge or JSON6902 patch, and the target the patch should
- be applied to.
+ description: Patch contains an inline StrategicMerge or JSON6902
+ patch, and the target the patch should be applied to.
properties:
patch:
- description: |-
- Patch contains an inline StrategicMerge patch or an inline JSON6902 patch with
- an array of operation objects.
+ description: Patch contains an inline StrategicMerge patch or
+ an inline JSON6902 patch with an array of operation objects.
type: string
target:
description: Target points to the resources that the patch document
should be applied to.
properties:
annotationSelector:
- description: |-
- AnnotationSelector is a string that follows the label selection expression
- https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#api
+ description: AnnotationSelector is a string that follows
+ the label selection expression https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#api
It matches with the resource annotations.
type: string
group:
- description: |-
- Group is the API group to select resources from.
- Together with Version and Kind it is capable of unambiguously identifying and/or selecting resources.
+ description: Group is the API group to select resources
+ from. Together with Version and Kind it is capable of
+ unambiguously identifying and/or selecting resources.
https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md
type: string
kind:
- description: |-
- Kind of the API Group to select resources from.
+ description: Kind of the API Group to select resources from.
Together with Group and Version it is capable of unambiguously
- identifying and/or selecting resources.
- https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md
+ identifying and/or selecting resources. https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md
type: string
labelSelector:
- description: |-
- LabelSelector is a string that follows the label selection expression
- https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#api
+ description: LabelSelector is a string that follows the
+ label selection expression https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#api
It matches with the resource labels.
type: string
name:
description: Namespace to select resources from.
type: string
version:
- description: |-
- Version of the API Group to select resources from.
- Together with Group and Kind it is capable of unambiguously identifying and/or selecting resources.
- https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md
+ description: Version of the API Group to select resources
+ from. Together with Group and Kind it is capable of unambiguously
+ identifying and/or selecting resources. https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md
type: string
type: object
required:
type: object
type: array
patchesJson6902:
- description: |-
- JSON 6902 patches, defined as inline YAML objects.
- Deprecated: Use Patches instead.
+ description: 'JSON 6902 patches, defined as inline YAML objects. Deprecated:
+ Use Patches instead.'
items:
description: JSON6902Patch contains a JSON6902 patch and the target
the patch should be applied to.
description: Patch contains the JSON6902 patch document with
an array of operation objects.
items:
- description: |-
- JSON6902 is a JSON6902 operation object.
- https://datatracker.ietf.org/doc/html/rfc6902#section-4
+ description: JSON6902 is a JSON6902 operation object. https://datatracker.ietf.org/doc/html/rfc6902#section-4
properties:
from:
- description: |-
- From contains a JSON-pointer value that references a location within the target document where the operation is
- performed. The meaning of the value depends on the value of Op, and is NOT taken into account by all operations.
+ description: From contains a JSON-pointer value that references
+ a location within the target document where the operation
+ is performed. The meaning of the value depends on the
+ value of Op, and is NOT taken into account by all operations.
type: string
op:
- description: |-
- Op indicates the operation to perform. Its value MUST be one of "add", "remove", "replace", "move", "copy", or
- "test".
- https://datatracker.ietf.org/doc/html/rfc6902#section-4
+ description: Op indicates the operation to perform. Its
+ value MUST be one of "add", "remove", "replace", "move",
+ "copy", or "test". https://datatracker.ietf.org/doc/html/rfc6902#section-4
enum:
- test
- remove
- copy
type: string
path:
- description: |-
- Path contains the JSON-pointer value that references a location within the target document where the operation
- is performed. The meaning of the value depends on the value of Op.
+ description: Path contains the JSON-pointer value that
+ references a location within the target document where
+ the operation is performed. The meaning of the value
+ depends on the value of Op.
type: string
value:
- description: |-
- Value contains a valid JSON structure. The meaning of the value depends on the value of Op, and is NOT taken into
- account by all operations.
+ description: Value contains a valid JSON structure. The
+ meaning of the value depends on the value of Op, and
+ is NOT taken into account by all operations.
x-kubernetes-preserve-unknown-fields: true
required:
- op
should be applied to.
properties:
annotationSelector:
- description: |-
- AnnotationSelector is a string that follows the label selection expression
- https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#api
+ description: AnnotationSelector is a string that follows
+ the label selection expression https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#api
It matches with the resource annotations.
type: string
group:
- description: |-
- Group is the API group to select resources from.
- Together with Version and Kind it is capable of unambiguously identifying and/or selecting resources.
+ description: Group is the API group to select resources
+ from. Together with Version and Kind it is capable of
+ unambiguously identifying and/or selecting resources.
https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md
type: string
kind:
- description: |-
- Kind of the API Group to select resources from.
+ description: Kind of the API Group to select resources from.
Together with Group and Version it is capable of unambiguously
- identifying and/or selecting resources.
- https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md
+ identifying and/or selecting resources. https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md
type: string
labelSelector:
- description: |-
- LabelSelector is a string that follows the label selection expression
- https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#api
+ description: LabelSelector is a string that follows the
+ label selection expression https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#api
It matches with the resource labels.
type: string
name:
description: Namespace to select resources from.
type: string
version:
- description: |-
- Version of the API Group to select resources from.
- Together with Group and Kind it is capable of unambiguously identifying and/or selecting resources.
- https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md
+ description: Version of the API Group to select resources
+ from. Together with Group and Kind it is capable of unambiguously
+ identifying and/or selecting resources. https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md
type: string
type: object
required:
type: object
type: array
patchesStrategicMerge:
- description: |-
- Strategic merge patches, defined as inline YAML objects.
- Deprecated: Use Patches instead.
+ description: 'Strategic merge patches, defined as inline YAML objects.
+ Deprecated: Use Patches instead.'
items:
x-kubernetes-preserve-unknown-fields: true
type: array
path:
- description: |-
- Path to the directory containing the kustomization.yaml file, or the
- set of plain YAMLs a kustomization.yaml should be generated for.
- Defaults to 'None', which translates to the root path of the SourceRef.
+ description: Path to the directory containing the kustomization.yaml
+ file, or the set of plain YAMLs a kustomization.yaml should be generated
+ for. Defaults to 'None', which translates to the root path of the
+ SourceRef.
type: string
postBuild:
- description: |-
- PostBuild describes which actions to perform on the YAML manifest
- generated by building the kustomize overlay.
+ description: PostBuild describes which actions to perform on the YAML
+ manifest generated by building the kustomize overlay.
properties:
substitute:
additionalProperties:
type: string
- description: |-
- Substitute holds a map of key/value pairs.
- The variables defined in your YAML manifests
- that match any of the keys defined in the map
- will be substituted with the set value.
- Includes support for bash string replacement functions
- e.g. ${var:=default}, ${var:position} and ${var/substring/replacement}.
+ description: Substitute holds a map of key/value pairs. The variables
+ defined in your YAML manifests that match any of the keys defined
+ in the map will be substituted with the set value. Includes
+ support for bash string replacement functions e.g. ${var:=default},
+ ${var:position} and ${var/substring/replacement}.
type: object
substituteFrom:
- description: |-
- SubstituteFrom holds references to ConfigMaps and Secrets containing
- the variables and their values to be substituted in the YAML manifests.
- The ConfigMap and the Secret data keys represent the var names and they
- must match the vars declared in the manifests for the substitution to happen.
+ description: SubstituteFrom holds references to ConfigMaps and
+ Secrets containing the variables and their values to be substituted
+ in the YAML manifests. The ConfigMap and the Secret data keys
+ represent the var names and they must match the vars declared
+ in the manifests for the substitution to happen.
items:
- description: |-
- SubstituteReference contains a reference to a resource containing
- the variables name and value.
+ description: SubstituteReference contains a reference to a resource
+ containing the variables name and value.
properties:
kind:
description: Kind of the values referent, valid values are
- ConfigMap
type: string
name:
- description: |-
- Name of the values referent. Should reside in the same namespace as the
- referring resource.
+ description: Name of the values referent. Should reside
+ in the same namespace as the referring resource.
maxLength: 253
minLength: 1
type: string
optional:
default: false
- description: |-
- Optional indicates whether the referenced resource must exist, or whether to
- tolerate its absence. If true and the referenced resource is absent, proceed
- as if the resource was present but empty, without any variables defined.
+ description: Optional indicates whether the referenced resource
+ must exist, or whether to tolerate its absence. If true
+ and the referenced resource is absent, proceed as if the
+ resource was present but empty, without any variables
+ defined.
type: boolean
required:
- kind
description: Prune enables garbage collection.
type: boolean
retryInterval:
- description: |-
- The interval at which to retry a previously failed reconciliation.
+ description: The interval at which to retry a previously failed reconciliation.
When not specified, the controller uses the KustomizationSpec.Interval
value to retry failures.
pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$
type: string
serviceAccountName:
- description: |-
- The name of the Kubernetes service account to impersonate
+ description: The name of the Kubernetes service account to impersonate
when reconciling this Kustomization.
type: string
sourceRef:
- name
type: object
suspend:
- description: |-
- This flag tells the controller to suspend subsequent kustomize executions,
- it does not apply to already started executions. Defaults to false.
+ description: This flag tells the controller to suspend subsequent
+ kustomize executions, it does not apply to already started executions.
+ Defaults to false.
type: boolean
targetNamespace:
- description: |-
- TargetNamespace sets or overrides the namespace in the
+ description: TargetNamespace sets or overrides the namespace in the
kustomization.yaml file.
maxLength: 63
minLength: 1
type: string
timeout:
- description: |-
- Timeout for validation, apply and health checking operations.
+ description: Timeout for validation, apply and health checking operations.
Defaults to 'Interval' duration.
pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$
type: string
- server
type: string
wait:
- description: |-
- Wait instructs the controller to check the health of all the reconciled resources.
- When enabled, the HealthChecks are ignored. Defaults to false.
+ description: Wait instructs the controller to check the health of
+ all the reconciled resources. When enabled, the HealthChecks are
+ ignored. Defaults to false.
type: boolean
required:
- interval
properties:
conditions:
items:
- description: Condition contains details for one aspect of the current
- state of this API Resource.
+ description: "Condition contains details for one aspect of the current
+ state of this API Resource. --- This struct is intended for direct
+ use as an array at the field path .status.conditions. For example,
+ \n type FooStatus struct{ // Represents the observations of a
+ foo's current state. // Known .status.conditions.type are: \"Available\",
+ \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge
+ // +listType=map // +listMapKey=type Conditions []metav1.Condition
+ `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\"
+ protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }"
properties:
lastTransitionTime:
- description: |-
- lastTransitionTime is the last time the condition transitioned from one status to another.
- This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable.
+ description: lastTransitionTime is the last time the condition
+ transitioned from one status to another. This should be when
+ the underlying condition changed. If that is not known, then
+ using the time when the API field changed is acceptable.
format: date-time
type: string
message:
- description: |-
- message is a human readable message indicating details about the transition.
- This may be an empty string.
+ description: message is a human readable message indicating
+ details about the transition. This may be an empty string.
maxLength: 32768
type: string
observedGeneration:
- description: |-
- observedGeneration represents the .metadata.generation that the condition was set based upon.
- For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date
- with respect to the current state of the instance.
+ description: observedGeneration represents the .metadata.generation
+ that the condition was set based upon. For instance, if .metadata.generation
+ is currently 12, but the .status.conditions[x].observedGeneration
+ is 9, the condition is out of date with respect to the current
+ state of the instance.
format: int64
minimum: 0
type: integer
reason:
- description: |-
- reason contains a programmatic identifier indicating the reason for the condition's last transition.
- Producers of specific condition types may define expected values and meanings for this field,
- and whether the values are considered a guaranteed API.
- The value should be a CamelCase string.
+ description: reason contains a programmatic identifier indicating
+ the reason for the condition's last transition. Producers
+ of specific condition types may define expected values and
+ meanings for this field, and whether the values are considered
+ a guaranteed API. The value should be a CamelCase string.
This field may not be empty.
maxLength: 1024
minLength: 1
type: string
type:
description: type of condition in CamelCase or in foo.example.com/CamelCase.
+ --- Many .condition.type values are consistent across resources
+ like Available, but because arbitrary conditions can be useful
+ (see .node.status.conditions), the ability to deconflict is
+ important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt)
maxLength: 316
pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$
- type: string
- required:
- - lastTransitionTime
- - message
- - reason
- - status
- - type
- type: object
- type: array
- inventory:
- description: Inventory contains the list of Kubernetes resource object
- references that have been successfully applied.
- properties:
- entries:
- description: Entries of Kubernetes resource object references.
- items:
- description: ResourceRef contains the information necessary
- to locate a resource within a cluster.
- properties:
- id:
- description: |-
- ID is the string representation of the Kubernetes resource object's metadata,
- in the format '<namespace>_<name>_<group>_<kind>'.
- type: string
- v:
- description: Version is the API version of the Kubernetes
- resource object's kind.
- type: string
- required:
- - id
- - v
- type: object
- type: array
- required:
- - entries
- type: object
- lastAppliedRevision:
- description: |-
- The last successfully applied revision.
- Equals the Revision of the applied Artifact from the referenced Source.
- type: string
- lastAttemptedRevision:
- description: LastAttemptedRevision is the revision of the last reconciliation
- attempt.
- type: string
- lastHandledReconcileAt:
- description: |-
- LastHandledReconcileAt holds the value of the most recent
- reconcile request value, so a change of the annotation value
- can be detected.
- type: string
- observedGeneration:
- description: ObservedGeneration is the last reconciled generation.
- format: int64
- type: integer
- type: object
- type: object
- served: true
- storage: false
- subresources:
- status: {}
----
-apiVersion: v1
-kind: ServiceAccount
-metadata:
- labels:
- app.kubernetes.io/component: kustomize-controller
- app.kubernetes.io/instance: flux-system
- app.kubernetes.io/part-of: flux
- app.kubernetes.io/version: v2.4.0
- name: kustomize-controller
- namespace: flux-system
----
-apiVersion: apps/v1
-kind: Deployment
-metadata:
- labels:
- app.kubernetes.io/component: kustomize-controller
- app.kubernetes.io/instance: flux-system
- app.kubernetes.io/part-of: flux
- app.kubernetes.io/version: v2.4.0
- control-plane: controller
- name: kustomize-controller
- namespace: flux-system
-spec:
- replicas: 1
- selector:
- matchLabels:
- app: kustomize-controller
- template:
- metadata:
- annotations:
- prometheus.io/port: "8080"
- prometheus.io/scrape: "true"
- labels:
- app: kustomize-controller
- spec:
- containers:
- - args:
- - --events-addr=http://notification-controller.flux-system.svc.cluster.local./
- - --watch-all-namespaces=true
- - --log-level=info
- - --log-encoding=json
- - --enable-leader-election
- env:
- - name: RUNTIME_NAMESPACE
- valueFrom:
- fieldRef:
- fieldPath: metadata.namespace
- - name: GOMAXPROCS
- valueFrom:
- resourceFieldRef:
- containerName: manager
- resource: limits.cpu
- - name: GOMEMLIMIT
- valueFrom:
- resourceFieldRef:
- containerName: manager
- resource: limits.memory
- image: ghcr.io/fluxcd/kustomize-controller:v1.4.0
- imagePullPolicy: IfNotPresent
- livenessProbe:
- httpGet:
- path: /healthz
- port: healthz
- name: manager
- ports:
- - containerPort: 8080
- name: http-prom
- protocol: TCP
- - containerPort: 9440
- name: healthz
- protocol: TCP
- readinessProbe:
- httpGet:
- path: /readyz
- port: healthz
- resources:
- limits:
- cpu: 1000m
- memory: 1Gi
- requests:
- cpu: 100m
- memory: 64Mi
- securityContext:
- allowPrivilegeEscalation: false
- capabilities:
- drop:
- - ALL
- readOnlyRootFilesystem: true
- runAsNonRoot: true
- seccompProfile:
- type: RuntimeDefault
- volumeMounts:
- - mountPath: /tmp
- name: temp
- nodeSelector:
- kubernetes.io/os: linux
- priorityClassName: system-cluster-critical
- securityContext:
- fsGroup: 1337
- serviceAccountName: kustomize-controller
- terminationGracePeriodSeconds: 60
- volumes:
- - emptyDir: {}
- name: temp
----
-apiVersion: apiextensions.k8s.io/v1
-kind: CustomResourceDefinition
-metadata:
- annotations:
- controller-gen.kubebuilder.io/version: v0.16.1
- labels:
- app.kubernetes.io/component: helm-controller
- app.kubernetes.io/instance: flux-system
- app.kubernetes.io/part-of: flux
- app.kubernetes.io/version: v2.4.0
- name: helmreleases.helm.toolkit.fluxcd.io
-spec:
- group: helm.toolkit.fluxcd.io
- names:
- kind: HelmRelease
- listKind: HelmReleaseList
- plural: helmreleases
- shortNames:
- - hr
- singular: helmrelease
- scope: Namespaced
- versions:
- - additionalPrinterColumns:
- - jsonPath: .metadata.creationTimestamp
- name: Age
- type: date
- - jsonPath: .status.conditions[?(@.type=="Ready")].status
- name: Ready
- type: string
- - jsonPath: .status.conditions[?(@.type=="Ready")].message
- name: Status
- type: string
- name: v2
- schema:
- openAPIV3Schema:
- description: HelmRelease is the Schema for the helmreleases API
- properties:
- apiVersion:
- description: |-
- APIVersion defines the versioned schema of this representation of an object.
- Servers should convert recognized schemas to the latest internal value, and
- may reject unrecognized values.
- More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
- type: string
- kind:
- description: |-
- Kind is a string value representing the REST resource this object represents.
- Servers may infer this from the endpoint the client submits requests to.
- Cannot be updated.
- In CamelCase.
- More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
- type: string
- metadata:
- type: object
- spec:
- description: HelmReleaseSpec defines the desired state of a Helm release.
- properties:
- chart:
- description: |-
- Chart defines the template of the v1.HelmChart that should be created
- for this HelmRelease.
- properties:
- metadata:
- description: ObjectMeta holds the template for metadata like labels
- and annotations.
- properties:
- annotations:
- additionalProperties:
- type: string
- description: |-
- Annotations is an unstructured key value map stored with a resource that may be
- set by external tools to store and retrieve arbitrary metadata. They are not
- queryable and should be preserved when modifying objects.
- More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations/
- type: object
- labels:
- additionalProperties:
- type: string
- description: |-
- Map of string keys and values that can be used to organize and categorize
- (scope and select) objects.
- More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/
- type: object
- type: object
- spec:
- description: Spec holds the template for the v1.HelmChartSpec
- for this HelmRelease.
- properties:
- chart:
- description: The name or path the Helm chart is available
- at in the SourceRef.
- maxLength: 2048
- minLength: 1
- type: string
- ignoreMissingValuesFiles:
- description: IgnoreMissingValuesFiles controls whether to
- silently ignore missing values files rather than failing.
- type: boolean
- interval:
- description: |-
- Interval at which to check the v1.Source for updates. Defaults to
- 'HelmReleaseSpec.Interval'.
- pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$
- type: string
- reconcileStrategy:
- default: ChartVersion
- description: |-
- Determines what enables the creation of a new artifact. Valid values are
- ('ChartVersion', 'Revision').
- See the documentation of the values for an explanation on their behavior.
- Defaults to ChartVersion when omitted.
- enum:
- - ChartVersion
- - Revision
- type: string
- sourceRef:
- description: The name and namespace of the v1.Source the chart
- is available at.
- properties:
- apiVersion:
- description: APIVersion of the referent.
- type: string
- kind:
- description: Kind of the referent.
- enum:
- - HelmRepository
- - GitRepository
- - Bucket
- type: string
- name:
- description: Name of the referent.
- maxLength: 253
- minLength: 1
- type: string
- namespace:
- description: Namespace of the referent.
- maxLength: 63
- minLength: 1
- type: string
- required:
- - kind
- - name
- type: object
- valuesFiles:
- description: |-
- Alternative list of values files to use as the chart values (values.yaml
- is not included by default), expected to be a relative path in the SourceRef.
- Values files are merged in the order of this list with the last file overriding
- the first. Ignored when omitted.
- items:
- type: string
- type: array
- verify:
- description: |-
- Verify contains the secret name containing the trusted public keys
- used to verify the signature and specifies which provider to use to check
- whether OCI image is authentic.
- This field is only supported for OCI sources.
- Chart dependencies, which are not bundled in the umbrella chart artifact,
- are not verified.
- properties:
- provider:
- default: cosign
- description: Provider specifies the technology used to
- sign the OCI Helm chart.
- enum:
- - cosign
- - notation
- type: string
- secretRef:
- description: |-
- SecretRef specifies the Kubernetes Secret containing the
- trusted public keys.
- properties:
- name:
- description: Name of the referent.
- type: string
- required:
- - name
- type: object
- required:
- - provider
- type: object
- version:
- default: '*'
- description: |-
- Version semver expression, ignored for charts from v1.GitRepository and
- v1beta2.Bucket sources. Defaults to latest when omitted.
- type: string
- required:
- - chart
- - sourceRef
- type: object
- required:
- - spec
- type: object
- chartRef:
- description: |-
- ChartRef holds a reference to a source controller resource containing the
- Helm chart artifact.
- properties:
- apiVersion:
- description: APIVersion of the referent.
- type: string
- kind:
- description: Kind of the referent.
- enum:
- - OCIRepository
- - HelmChart
- type: string
- name:
- description: Name of the referent.
- maxLength: 253
- minLength: 1
- type: string
- namespace:
- description: |-
- Namespace of the referent, defaults to the namespace of the Kubernetes
- resource object that contains the reference.
- maxLength: 63
- minLength: 1
- type: string
- required:
- - kind
- - name
- type: object
- dependsOn:
- description: |-
- DependsOn may contain a meta.NamespacedObjectReference slice with
- references to HelmRelease resources that must be ready before this HelmRelease
- can be reconciled.
- items:
- description: |-
- NamespacedObjectReference contains enough information to locate the referenced Kubernetes resource object in any
- namespace.
- properties:
- name:
- description: Name of the referent.
- type: string
- namespace:
- description: Namespace of the referent, when not specified it
- acts as LocalObjectReference.
- type: string
- required:
- - name
- type: object
- type: array
- driftDetection:
- description: |-
- DriftDetection holds the configuration for detecting and handling
- differences between the manifest in the Helm storage and the resources
- currently existing in the cluster.
- properties:
- ignore:
- description: |-
- Ignore contains a list of rules for specifying which changes to ignore
- during diffing.
- items:
- description: |-
- IgnoreRule defines a rule to selectively disregard specific changes during
- the drift detection process.
- properties:
- paths:
- description: |-
- Paths is a list of JSON Pointer (RFC 6901) paths to be excluded from
- consideration in a Kubernetes object.
- items:
- type: string
- type: array
- target:
- description: |-
- Target is a selector for specifying Kubernetes objects to which this
- rule applies.
- If Target is not set, the Paths will be ignored for all Kubernetes
- objects within the manifest of the Helm release.
- properties:
- annotationSelector:
- description: |-
- AnnotationSelector is a string that follows the label selection expression
- https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#api
- It matches with the resource annotations.
- type: string
- group:
- description: |-
- Group is the API group to select resources from.
- Together with Version and Kind it is capable of unambiguously identifying and/or selecting resources.
- https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md
- type: string
- kind:
- description: |-
- Kind of the API Group to select resources from.
- Together with Group and Version it is capable of unambiguously
- identifying and/or selecting resources.
- https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md
- type: string
- labelSelector:
- description: |-
- LabelSelector is a string that follows the label selection expression
- https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#api
- It matches with the resource labels.
- type: string
- name:
- description: Name to match resources with.
- type: string
- namespace:
- description: Namespace to select resources from.
- type: string
- version:
- description: |-
- Version of the API Group to select resources from.
- Together with Group and Kind it is capable of unambiguously identifying and/or selecting resources.
- https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md
- type: string
- type: object
- required:
- - paths
- type: object
- type: array
- mode:
- description: |-
- Mode defines how differences should be handled between the Helm manifest
- and the manifest currently applied to the cluster.
- If not explicitly set, it defaults to DiffModeDisabled.
- enum:
- - enabled
- - warn
- - disabled
- type: string
- type: object
- install:
- description: Install holds the configuration for Helm install actions
- for this HelmRelease.
- properties:
- crds:
- description: |-
- CRDs upgrade CRDs from the Helm Chart's crds directory according
- to the CRD upgrade policy provided here. Valid values are `Skip`,
- `Create` or `CreateReplace`. Default is `Create` and if omitted
- CRDs are installed but not updated.
-
- Skip: do neither install nor replace (update) any CRDs.
-
- Create: new CRDs are created, existing CRDs are neither updated nor deleted.
-
- CreateReplace: new CRDs are created, existing CRDs are updated (replaced)
- but not deleted.
-
- By default, CRDs are applied (installed) during Helm install action.
- With this option users can opt in to CRD replace existing CRDs on Helm
- install actions, which is not (yet) natively supported by Helm.
- https://helm.sh/docs/chart_best_practices/custom_resource_definitions.
- enum:
- - Skip
- - Create
- - CreateReplace
- type: string
- createNamespace:
- description: |-
- CreateNamespace tells the Helm install action to create the
- HelmReleaseSpec.TargetNamespace if it does not exist yet.
- On uninstall, the namespace will not be garbage collected.
- type: boolean
- disableHooks:
- description: DisableHooks prevents hooks from running during the
- Helm install action.
- type: boolean
- disableOpenAPIValidation:
- description: |-
- DisableOpenAPIValidation prevents the Helm install action from validating
- rendered templates against the Kubernetes OpenAPI Schema.
- type: boolean
- disableSchemaValidation:
- description: |-
- DisableSchemaValidation prevents the Helm install action from validating
- the values against the JSON Schema.
- type: boolean
- disableWait:
- description: |-
- DisableWait disables the waiting for resources to be ready after a Helm
- install has been performed.
- type: boolean
- disableWaitForJobs:
- description: |-
- DisableWaitForJobs disables waiting for jobs to complete after a Helm
- install has been performed.
- type: boolean
- remediation:
- description: |-
- Remediation holds the remediation configuration for when the Helm install
- action for the HelmRelease fails. The default is to not perform any action.
- properties:
- ignoreTestFailures:
- description: |-
- IgnoreTestFailures tells the controller to skip remediation when the Helm
- tests are run after an install action but fail. Defaults to
- 'Test.IgnoreFailures'.
- type: boolean
- remediateLastFailure:
- description: |-
- RemediateLastFailure tells the controller to remediate the last failure, when
- no retries remain. Defaults to 'false'.
- type: boolean
- retries:
- description: |-
- Retries is the number of retries that should be attempted on failures before
- bailing. Remediation, using an uninstall, is performed between each attempt.
- Defaults to '0', a negative integer equals to unlimited retries.
- type: integer
- type: object
- replace:
- description: |-
- Replace tells the Helm install action to re-use the 'ReleaseName', but only
- if that name is a deleted release which remains in the history.
- type: boolean
- skipCRDs:
- description: |-
- SkipCRDs tells the Helm install action to not install any CRDs. By default,
- CRDs are installed if not already present.
-
- Deprecated use CRD policy (`crds`) attribute with value `Skip` instead.
- type: boolean
- timeout:
- description: |-
- Timeout is the time to wait for any individual Kubernetes operation (like
- Jobs for hooks) during the performance of a Helm install action. Defaults to
- 'HelmReleaseSpec.Timeout'.
- pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$
- type: string
- type: object
- interval:
- description: Interval at which to reconcile the Helm release.
- pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$
- type: string
- kubeConfig:
- description: |-
- KubeConfig for reconciling the HelmRelease on a remote cluster.
- When used in combination with HelmReleaseSpec.ServiceAccountName,
- forces the controller to act on behalf of that Service Account at the
- target cluster.
- If the --default-service-account flag is set, its value will be used as
- a controller level fallback for when HelmReleaseSpec.ServiceAccountName
- is empty.
- properties:
- secretRef:
- description: |-
- SecretRef holds the name of a secret that contains a key with
- the kubeconfig file as the value. If no key is set, the key will default
- to 'value'.
- It is recommended that the kubeconfig is self-contained, and the secret
- is regularly updated if credentials such as a cloud-access-token expire.
- Cloud specific `cmd-path` auth helpers will not function without adding
- binaries and credentials to the Pod that is responsible for reconciling
- Kubernetes resources.
- properties:
- key:
- description: Key in the Secret, when not specified an implementation-specific
- default key is used.
- type: string
- name:
- description: Name of the Secret.
- type: string
- required:
- - name
- type: object
- required:
- - secretRef
- type: object
- maxHistory:
- description: |-
- MaxHistory is the number of revisions saved by Helm for this HelmRelease.
- Use '0' for an unlimited number of revisions; defaults to '5'.
- type: integer
- persistentClient:
- description: |-
- PersistentClient tells the controller to use a persistent Kubernetes
- client for this release. When enabled, the client will be reused for the
- duration of the reconciliation, instead of being created and destroyed
- for each (step of a) Helm action.
-
- This can improve performance, but may cause issues with some Helm charts
- that for example do create Custom Resource Definitions during installation
- outside Helm's CRD lifecycle hooks, which are then not observed to be
- available by e.g. post-install hooks.
-
- If not set, it defaults to true.
- type: boolean
- postRenderers:
- description: |-
- PostRenderers holds an array of Helm PostRenderers, which will be applied in order
- of their definition.
- items:
- description: PostRenderer contains a Helm PostRenderer specification.
- properties:
- kustomize:
- description: Kustomization to apply as PostRenderer.
- properties:
- images:
- description: |-
- Images is a list of (image name, new name, new tag or digest)
- for changing image names, tags or digests. This can also be achieved with a
- patch, but this operator is simpler to specify.
- items:
- description: Image contains an image name, a new name,
- a new tag or digest, which will replace the original
- name and tag.
- properties:
- digest:
- description: |-
- Digest is the value used to replace the original image tag.
- If digest is present NewTag value is ignored.
- type: string
- name:
- description: Name is a tag-less image name.
- type: string
- newName:
- description: NewName is the value used to replace
- the original name.
- type: string
- newTag:
- description: NewTag is the value used to replace the
- original tag.
- type: string
- required:
- - name
- type: object
- type: array
- patches:
- description: |-
- Strategic merge and JSON patches, defined as inline YAML objects,
- capable of targeting objects based on kind, label and annotation selectors.
- items:
- description: |-
- Patch contains an inline StrategicMerge or JSON6902 patch, and the target the patch should
- be applied to.
- properties:
- patch:
- description: |-
- Patch contains an inline StrategicMerge patch or an inline JSON6902 patch with
- an array of operation objects.
- type: string
- target:
- description: Target points to the resources that the
- patch document should be applied to.
- properties:
- annotationSelector:
- description: |-
- AnnotationSelector is a string that follows the label selection expression
- https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#api
- It matches with the resource annotations.
- type: string
- group:
- description: |-
- Group is the API group to select resources from.
- Together with Version and Kind it is capable of unambiguously identifying and/or selecting resources.
- https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md
- type: string
- kind:
- description: |-
- Kind of the API Group to select resources from.
- Together with Group and Version it is capable of unambiguously
- identifying and/or selecting resources.
- https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md
- type: string
- labelSelector:
- description: |-
- LabelSelector is a string that follows the label selection expression
- https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#api
- It matches with the resource labels.
- type: string
- name:
- description: Name to match resources with.
- type: string
- namespace:
- description: Namespace to select resources from.
- type: string
- version:
- description: |-
- Version of the API Group to select resources from.
- Together with Group and Kind it is capable of unambiguously identifying and/or selecting resources.
- https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md
- type: string
- type: object
- required:
- - patch
- type: object
- type: array
- type: object
- type: object
- type: array
- releaseName:
- description: |-
- ReleaseName used for the Helm release. Defaults to a composition of
- '[TargetNamespace-]Name'.
- maxLength: 53
- minLength: 1
- type: string
- rollback:
- description: Rollback holds the configuration for Helm rollback actions
- for this HelmRelease.
- properties:
- cleanupOnFail:
- description: |-
- CleanupOnFail allows deletion of new resources created during the Helm
- rollback action when it fails.
- type: boolean
- disableHooks:
- description: DisableHooks prevents hooks from running during the
- Helm rollback action.
- type: boolean
- disableWait:
- description: |-
- DisableWait disables the waiting for resources to be ready after a Helm
- rollback has been performed.
- type: boolean
- disableWaitForJobs:
- description: |-
- DisableWaitForJobs disables waiting for jobs to complete after a Helm
- rollback has been performed.
- type: boolean
- force:
- description: Force forces resource updates through a replacement
- strategy.
- type: boolean
- recreate:
- description: Recreate performs pod restarts for the resource if
- applicable.
- type: boolean
- timeout:
- description: |-
- Timeout is the time to wait for any individual Kubernetes operation (like
- Jobs for hooks) during the performance of a Helm rollback action. Defaults to
- 'HelmReleaseSpec.Timeout'.
- pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$
- type: string
- type: object
- serviceAccountName:
- description: |-
- The name of the Kubernetes service account to impersonate
- when reconciling this HelmRelease.
- maxLength: 253
- minLength: 1
- type: string
- storageNamespace:
- description: |-
- StorageNamespace used for the Helm storage.
- Defaults to the namespace of the HelmRelease.
- maxLength: 63
- minLength: 1
- type: string
- suspend:
- description: |-
- Suspend tells the controller to suspend reconciliation for this HelmRelease,
- it does not apply to already started reconciliations. Defaults to false.
- type: boolean
- targetNamespace:
- description: |-
- TargetNamespace to target when performing operations for the HelmRelease.
- Defaults to the namespace of the HelmRelease.
- maxLength: 63
- minLength: 1
- type: string
- test:
- description: Test holds the configuration for Helm test actions for
- this HelmRelease.
- properties:
- enable:
- description: |-
- Enable enables Helm test actions for this HelmRelease after an Helm install
- or upgrade action has been performed.
- type: boolean
- filters:
- description: Filters is a list of tests to run or exclude from
- running.
- items:
- description: Filter holds the configuration for individual Helm
- test filters.
- properties:
- exclude:
- description: Exclude specifies whether the named test should
- be excluded.
- type: boolean
- name:
- description: Name is the name of the test.
- maxLength: 253
- minLength: 1
- type: string
- required:
- - name
- type: object
- type: array
- ignoreFailures:
- description: |-
- IgnoreFailures tells the controller to skip remediation when the Helm tests
- are run but fail. Can be overwritten for tests run after install or upgrade
- actions in 'Install.IgnoreTestFailures' and 'Upgrade.IgnoreTestFailures'.
- type: boolean
- timeout:
- description: |-
- Timeout is the time to wait for any individual Kubernetes operation during
- the performance of a Helm test action. Defaults to 'HelmReleaseSpec.Timeout'.
- pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$
- type: string
- type: object
- timeout:
- description: |-
- Timeout is the time to wait for any individual Kubernetes operation (like Jobs
- for hooks) during the performance of a Helm action. Defaults to '5m0s'.
- pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$
- type: string
- uninstall:
- description: Uninstall holds the configuration for Helm uninstall
- actions for this HelmRelease.
- properties:
- deletionPropagation:
- default: background
- description: |-
- DeletionPropagation specifies the deletion propagation policy when
- a Helm uninstall is performed.
- enum:
- - background
- - foreground
- - orphan
- type: string
- disableHooks:
- description: DisableHooks prevents hooks from running during the
- Helm rollback action.
- type: boolean
- disableWait:
- description: |-
- DisableWait disables waiting for all the resources to be deleted after
- a Helm uninstall is performed.
- type: boolean
- keepHistory:
- description: |-
- KeepHistory tells Helm to remove all associated resources and mark the
- release as deleted, but retain the release history.
- type: boolean
- timeout:
- description: |-
- Timeout is the time to wait for any individual Kubernetes operation (like
- Jobs for hooks) during the performance of a Helm uninstall action. Defaults
- to 'HelmReleaseSpec.Timeout'.
- pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$
- type: string
- type: object
- upgrade:
- description: Upgrade holds the configuration for Helm upgrade actions
- for this HelmRelease.
- properties:
- cleanupOnFail:
- description: |-
- CleanupOnFail allows deletion of new resources created during the Helm
- upgrade action when it fails.
- type: boolean
- crds:
- description: |-
- CRDs upgrade CRDs from the Helm Chart's crds directory according
- to the CRD upgrade policy provided here. Valid values are `Skip`,
- `Create` or `CreateReplace`. Default is `Skip` and if omitted
- CRDs are neither installed nor upgraded.
-
- Skip: do neither install nor replace (update) any CRDs.
-
- Create: new CRDs are created, existing CRDs are neither updated nor deleted.
-
- CreateReplace: new CRDs are created, existing CRDs are updated (replaced)
- but not deleted.
-
- By default, CRDs are not applied during Helm upgrade action. With this
- option users can opt-in to CRD upgrade, which is not (yet) natively supported by Helm.
- https://helm.sh/docs/chart_best_practices/custom_resource_definitions.
- enum:
- - Skip
- - Create
- - CreateReplace
- type: string
- disableHooks:
- description: DisableHooks prevents hooks from running during the
- Helm upgrade action.
- type: boolean
- disableOpenAPIValidation:
- description: |-
- DisableOpenAPIValidation prevents the Helm upgrade action from validating
- rendered templates against the Kubernetes OpenAPI Schema.
- type: boolean
- disableSchemaValidation:
- description: |-
- DisableSchemaValidation prevents the Helm upgrade action from validating
- the values against the JSON Schema.
- type: boolean
- disableWait:
- description: |-
- DisableWait disables the waiting for resources to be ready after a Helm
- upgrade has been performed.
- type: boolean
- disableWaitForJobs:
- description: |-
- DisableWaitForJobs disables waiting for jobs to complete after a Helm
- upgrade has been performed.
- type: boolean
- force:
- description: Force forces resource updates through a replacement
- strategy.
- type: boolean
- preserveValues:
- description: |-
- PreserveValues will make Helm reuse the last release's values and merge in
- overrides from 'Values'. Setting this flag makes the HelmRelease
- non-declarative.
- type: boolean
- remediation:
- description: |-
- Remediation holds the remediation configuration for when the Helm upgrade
- action for the HelmRelease fails. The default is to not perform any action.
- properties:
- ignoreTestFailures:
- description: |-
- IgnoreTestFailures tells the controller to skip remediation when the Helm
- tests are run after an upgrade action but fail.
- Defaults to 'Test.IgnoreFailures'.
- type: boolean
- remediateLastFailure:
- description: |-
- RemediateLastFailure tells the controller to remediate the last failure, when
- no retries remain. Defaults to 'false' unless 'Retries' is greater than 0.
- type: boolean
- retries:
- description: |-
- Retries is the number of retries that should be attempted on failures before
- bailing. Remediation, using 'Strategy', is performed between each attempt.
- Defaults to '0', a negative integer equals to unlimited retries.
- type: integer
- strategy:
- description: Strategy to use for failure remediation. Defaults
- to 'rollback'.
- enum:
- - rollback
- - uninstall
- type: string
- type: object
- timeout:
- description: |-
- Timeout is the time to wait for any individual Kubernetes operation (like
- Jobs for hooks) during the performance of a Helm upgrade action. Defaults to
- 'HelmReleaseSpec.Timeout'.
- pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$
- type: string
- type: object
- values:
- description: Values holds the values for this Helm release.
- x-kubernetes-preserve-unknown-fields: true
- valuesFrom:
- description: |-
- ValuesFrom holds references to resources containing Helm values for this HelmRelease,
- and information about how they should be merged.
- items:
- description: |-
- ValuesReference contains a reference to a resource containing Helm values,
- and optionally the key they can be found at.
- properties:
- kind:
- description: Kind of the values referent, valid values are ('Secret',
- 'ConfigMap').
- enum:
- - Secret
- - ConfigMap
- type: string
- name:
- description: |-
- Name of the values referent. Should reside in the same namespace as the
- referring resource.
- maxLength: 253
- minLength: 1
- type: string
- optional:
- description: |-
- Optional marks this ValuesReference as optional. When set, a not found error
- for the values reference is ignored, but any ValuesKey, TargetPath or
- transient error will still result in a reconciliation failure.
- type: boolean
- targetPath:
- description: |-
- TargetPath is the YAML dot notation path the value should be merged at. When
- set, the ValuesKey is expected to be a single flat value. Defaults to 'None',
- which results in the values getting merged at the root.
- maxLength: 250
- pattern: ^([a-zA-Z0-9_\-.\\\/]|\[[0-9]{1,5}\])+$
- type: string
- valuesKey:
- description: |-
- ValuesKey is the data key where the values.yaml or a specific value can be
- found at. Defaults to 'values.yaml'.
- maxLength: 253
- pattern: ^[\-._a-zA-Z0-9]+$
- type: string
- required:
- - kind
- - name
- type: object
- type: array
- required:
- - interval
- type: object
- x-kubernetes-validations:
- - message: either chart or chartRef must be set
- rule: (has(self.chart) && !has(self.chartRef)) || (!has(self.chart)
- && has(self.chartRef))
- status:
- default:
- observedGeneration: -1
- description: HelmReleaseStatus defines the observed state of a HelmRelease.
- properties:
- conditions:
- description: Conditions holds the conditions for the HelmRelease.
- items:
- description: Condition contains details for one aspect of the current
- state of this API Resource.
- properties:
- lastTransitionTime:
- description: |-
- lastTransitionTime is the last time the condition transitioned from one status to another.
- This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable.
- format: date-time
- type: string
- message:
- description: |-
- message is a human readable message indicating details about the transition.
- This may be an empty string.
- maxLength: 32768
- type: string
- observedGeneration:
- description: |-
- observedGeneration represents the .metadata.generation that the condition was set based upon.
- For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date
- with respect to the current state of the instance.
- format: int64
- minimum: 0
- type: integer
- reason:
- description: |-
- reason contains a programmatic identifier indicating the reason for the condition's last transition.
- Producers of specific condition types may define expected values and meanings for this field,
- and whether the values are considered a guaranteed API.
- The value should be a CamelCase string.
- This field may not be empty.
- maxLength: 1024
- minLength: 1
- pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$
- type: string
- status:
- description: status of the condition, one of True, False, Unknown.
- enum:
- - "True"
- - "False"
- - Unknown
- type: string
- type:
- description: type of condition in CamelCase or in foo.example.com/CamelCase.
- maxLength: 316
- pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$
- type: string
- required:
- - lastTransitionTime
- - message
- - reason
- - status
- - type
- type: object
- type: array
- failures:
- description: |-
- Failures is the reconciliation failure count against the latest desired
- state. It is reset after a successful reconciliation.
- format: int64
- type: integer
- helmChart:
- description: |-
- HelmChart is the namespaced name of the HelmChart resource created by
- the controller for the HelmRelease.
- type: string
- history:
- description: |-
- History holds the history of Helm releases performed for this HelmRelease
- up to the last successfully completed release.
- items:
- description: |-
- Snapshot captures a point-in-time copy of the status information for a Helm release,
- as managed by the controller.
- properties:
- apiVersion:
- description: |-
- APIVersion is the API version of the Snapshot.
- Provisional: when the calculation method of the Digest field is changed,
- this field will be used to distinguish between the old and new methods.
- type: string
- appVersion:
- description: AppVersion is the chart app version of the release
- object in storage.
- type: string
- chartName:
- description: ChartName is the chart name of the release object
- in storage.
- type: string
- chartVersion:
- description: |-
- ChartVersion is the chart version of the release object in
- storage.
- type: string
- configDigest:
- description: |-
- ConfigDigest is the checksum of the config (better known as
- "values") of the release object in storage.
- It has the format of `<algo>:<checksum>`.
- type: string
- deleted:
- description: Deleted is when the release was deleted.
- format: date-time
- type: string
- digest:
- description: |-
- Digest is the checksum of the release object in storage.
- It has the format of `<algo>:<checksum>`.
- type: string
- firstDeployed:
- description: FirstDeployed is when the release was first deployed.
- format: date-time
- type: string
- lastDeployed:
- description: LastDeployed is when the release was last deployed.
- format: date-time
- type: string
- name:
- description: Name is the name of the release.
- type: string
- namespace:
- description: Namespace is the namespace the release is deployed
- to.
- type: string
- ociDigest:
- description: OCIDigest is the digest of the OCI artifact associated
- with the release.
- type: string
- status:
- description: Status is the current state of the release.
- type: string
- testHooks:
- additionalProperties:
- description: |-
- TestHookStatus holds the status information for a test hook as observed
- to be run by the controller.
- properties:
- lastCompleted:
- description: LastCompleted is the time the test hook last
- completed.
- format: date-time
- type: string
- lastStarted:
- description: LastStarted is the time the test hook was
- last started.
- format: date-time
- type: string
- phase:
- description: Phase the test hook was observed to be in.
- type: string
- type: object
- description: |-
- TestHooks is the list of test hooks for the release as observed to be
- run by the controller.
- type: object
- version:
- description: Version is the version of the release object in
- storage.
- type: integer
- required:
- - chartName
- - chartVersion
- - configDigest
- - digest
- - firstDeployed
- - lastDeployed
- - name
- - namespace
- - status
- - version
- type: object
- type: array
- installFailures:
- description: |-
- InstallFailures is the install failure count against the latest desired
- state. It is reset after a successful reconciliation.
- format: int64
- type: integer
- lastAttemptedConfigDigest:
- description: |-
- LastAttemptedConfigDigest is the digest for the config (better known as
- "values") of the last reconciliation attempt.
- type: string
- lastAttemptedGeneration:
- description: |-
- LastAttemptedGeneration is the last generation the controller attempted
- to reconcile.
- format: int64
- type: integer
- lastAttemptedReleaseAction:
- description: |-
- LastAttemptedReleaseAction is the last release action performed for this
- HelmRelease. It is used to determine the active remediation strategy.
- enum:
- - install
- - upgrade
- type: string
- lastAttemptedRevision:
- description: |-
- LastAttemptedRevision is the Source revision of the last reconciliation
- attempt. For OCIRepository sources, the 12 first characters of the digest are
- appended to the chart version e.g. "1.2.3+1234567890ab".
- type: string
- lastAttemptedRevisionDigest:
- description: |-
- LastAttemptedRevisionDigest is the digest of the last reconciliation attempt.
- This is only set for OCIRepository sources.
- type: string
- lastAttemptedValuesChecksum:
- description: |-
- LastAttemptedValuesChecksum is the SHA1 checksum for the values of the last
- reconciliation attempt.
- Deprecated: Use LastAttemptedConfigDigest instead.
- type: string
- lastHandledForceAt:
- description: |-
- LastHandledForceAt holds the value of the most recent force request
- value, so a change of the annotation value can be detected.
- type: string
- lastHandledReconcileAt:
- description: |-
- LastHandledReconcileAt holds the value of the most recent
- reconcile request value, so a change of the annotation value
- can be detected.
- type: string
- lastHandledResetAt:
- description: |-
- LastHandledResetAt holds the value of the most recent reset request
- value, so a change of the annotation value can be detected.
- type: string
- lastReleaseRevision:
- description: |-
- LastReleaseRevision is the revision of the last successful Helm release.
- Deprecated: Use History instead.
- type: integer
- observedGeneration:
- description: ObservedGeneration is the last observed generation.
- format: int64
- type: integer
- observedPostRenderersDigest:
- description: |-
- ObservedPostRenderersDigest is the digest for the post-renderers of
- the last successful reconciliation attempt.
- type: string
- storageNamespace:
- description: |-
- StorageNamespace is the namespace of the Helm release storage for the
- current release.
- maxLength: 63
- minLength: 1
- type: string
- upgradeFailures:
- description: |-
- UpgradeFailures is the upgrade failure count against the latest desired
- state. It is reset after a successful reconciliation.
- format: int64
- type: integer
- type: object
- type: object
- served: true
- storage: true
- subresources:
- status: {}
- - additionalPrinterColumns:
- - jsonPath: .metadata.creationTimestamp
- name: Age
- type: date
- - jsonPath: .status.conditions[?(@.type=="Ready")].status
- name: Ready
- type: string
- - jsonPath: .status.conditions[?(@.type=="Ready")].message
- name: Status
- type: string
- deprecated: true
- deprecationWarning: v2beta1 HelmRelease is deprecated, upgrade to v2
- name: v2beta1
- schema:
- openAPIV3Schema:
- description: HelmRelease is the Schema for the helmreleases API
- properties:
- apiVersion:
- description: |-
- APIVersion defines the versioned schema of this representation of an object.
- Servers should convert recognized schemas to the latest internal value, and
- may reject unrecognized values.
- More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
- type: string
- kind:
- description: |-
- Kind is a string value representing the REST resource this object represents.
- Servers may infer this from the endpoint the client submits requests to.
- Cannot be updated.
- In CamelCase.
- More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
- type: string
- metadata:
- type: object
- spec:
- description: HelmReleaseSpec defines the desired state of a Helm release.
- properties:
- chart:
- description: |-
- Chart defines the template of the v1beta2.HelmChart that should be created
- for this HelmRelease.
- properties:
- metadata:
- description: ObjectMeta holds the template for metadata like labels
- and annotations.
- properties:
- annotations:
- additionalProperties:
- type: string
- description: |-
- Annotations is an unstructured key value map stored with a resource that may be
- set by external tools to store and retrieve arbitrary metadata. They are not
- queryable and should be preserved when modifying objects.
- More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations/
- type: object
- labels:
- additionalProperties:
- type: string
- description: |-
- Map of string keys and values that can be used to organize and categorize
- (scope and select) objects.
- More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/
- type: object
- type: object
- spec:
- description: Spec holds the template for the v1beta2.HelmChartSpec
- for this HelmRelease.
- properties:
- chart:
- description: The name or path the Helm chart is available
- at in the SourceRef.
- type: string
- interval:
- description: |-
- Interval at which to check the v1beta2.Source for updates. Defaults to
- 'HelmReleaseSpec.Interval'.
- pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$
- type: string
- reconcileStrategy:
- default: ChartVersion
- description: |-
- Determines what enables the creation of a new artifact. Valid values are
- ('ChartVersion', 'Revision').
- See the documentation of the values for an explanation on their behavior.
- Defaults to ChartVersion when omitted.
- enum:
- - ChartVersion
- - Revision
- type: string
- sourceRef:
- description: The name and namespace of the v1beta2.Source
- the chart is available at.
- properties:
- apiVersion:
- description: APIVersion of the referent.
- type: string
- kind:
- description: Kind of the referent.
- enum:
- - HelmRepository
- - GitRepository
- - Bucket
- type: string
- name:
- description: Name of the referent.
- maxLength: 253
- minLength: 1
- type: string
- namespace:
- description: Namespace of the referent.
- maxLength: 63
- minLength: 1
- type: string
- required:
- - kind
- - name
- type: object
- valuesFile:
- description: |-
- Alternative values file to use as the default chart values, expected to
- be a relative path in the SourceRef. Deprecated in favor of ValuesFiles,
- for backwards compatibility the file defined here is merged before the
- ValuesFiles items. Ignored when omitted.
- type: string
- valuesFiles:
- description: |-
- Alternative list of values files to use as the chart values (values.yaml
- is not included by default), expected to be a relative path in the SourceRef.
- Values files are merged in the order of this list with the last file overriding
- the first. Ignored when omitted.
- items:
- type: string
- type: array
- verify:
- description: |-
- Verify contains the secret name containing the trusted public keys
- used to verify the signature and specifies which provider to use to check
- whether OCI image is authentic.
- This field is only supported for OCI sources.
- Chart dependencies, which are not bundled in the umbrella chart artifact, are not verified.
- properties:
- provider:
- default: cosign
- description: Provider specifies the technology used to
- sign the OCI Helm chart.
- enum:
- - cosign
- type: string
- secretRef:
- description: |-
- SecretRef specifies the Kubernetes Secret containing the
- trusted public keys.
- properties:
- name:
- description: Name of the referent.
- type: string
- required:
- - name
- type: object
- required:
- - provider
- type: object
- version:
- default: '*'
- description: |-
- Version semver expression, ignored for charts from v1beta2.GitRepository and
- v1beta2.Bucket sources. Defaults to latest when omitted.
- type: string
- required:
- - chart
- - sourceRef
- type: object
- required:
- - spec
- type: object
- chartRef:
- description: |-
- ChartRef holds a reference to a source controller resource containing the
- Helm chart artifact.
-
- Note: this field is provisional to the v2 API, and not actively used
- by v2beta1 HelmReleases.
- properties:
- apiVersion:
- description: APIVersion of the referent.
- type: string
- kind:
- description: Kind of the referent.
- enum:
- - OCIRepository
- - HelmChart
- type: string
- name:
- description: Name of the referent.
- maxLength: 253
- minLength: 1
- type: string
- namespace:
- description: |-
- Namespace of the referent, defaults to the namespace of the Kubernetes
- resource object that contains the reference.
- maxLength: 63
- minLength: 1
- type: string
- required:
- - kind
- - name
- type: object
- dependsOn:
- description: |-
- DependsOn may contain a meta.NamespacedObjectReference slice with
- references to HelmRelease resources that must be ready before this HelmRelease
- can be reconciled.
- items:
- description: |-
- NamespacedObjectReference contains enough information to locate the referenced Kubernetes resource object in any
- namespace.
- properties:
- name:
- description: Name of the referent.
- type: string
- namespace:
- description: Namespace of the referent, when not specified it
- acts as LocalObjectReference.
- type: string
- required:
- - name
- type: object
- type: array
- driftDetection:
- description: |-
- DriftDetection holds the configuration for detecting and handling
- differences between the manifest in the Helm storage and the resources
- currently existing in the cluster.
-
- Note: this field is provisional to the v2beta2 API, and not actively used
- by v2beta1 HelmReleases.
- properties:
- ignore:
- description: |-
- Ignore contains a list of rules for specifying which changes to ignore
- during diffing.
- items:
- description: |-
- IgnoreRule defines a rule to selectively disregard specific changes during
- the drift detection process.
- properties:
- paths:
- description: |-
- Paths is a list of JSON Pointer (RFC 6901) paths to be excluded from
- consideration in a Kubernetes object.
- items:
- type: string
- type: array
- target:
- description: |-
- Target is a selector for specifying Kubernetes objects to which this
- rule applies.
- If Target is not set, the Paths will be ignored for all Kubernetes
- objects within the manifest of the Helm release.
- properties:
- annotationSelector:
- description: |-
- AnnotationSelector is a string that follows the label selection expression
- https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#api
- It matches with the resource annotations.
- type: string
- group:
- description: |-
- Group is the API group to select resources from.
- Together with Version and Kind it is capable of unambiguously identifying and/or selecting resources.
- https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md
- type: string
- kind:
- description: |-
- Kind of the API Group to select resources from.
- Together with Group and Version it is capable of unambiguously
- identifying and/or selecting resources.
- https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md
- type: string
- labelSelector:
- description: |-
- LabelSelector is a string that follows the label selection expression
- https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#api
- It matches with the resource labels.
- type: string
- name:
- description: Name to match resources with.
- type: string
- namespace:
- description: Namespace to select resources from.
- type: string
- version:
- description: |-
- Version of the API Group to select resources from.
- Together with Group and Kind it is capable of unambiguously identifying and/or selecting resources.
- https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md
- type: string
- type: object
- required:
- - paths
- type: object
- type: array
- mode:
- description: |-
- Mode defines how differences should be handled between the Helm manifest
- and the manifest currently applied to the cluster.
- If not explicitly set, it defaults to DiffModeDisabled.
- enum:
- - enabled
- - warn
- - disabled
- type: string
- type: object
- install:
- description: Install holds the configuration for Helm install actions
- for this HelmRelease.
- properties:
- crds:
- description: |-
- CRDs upgrade CRDs from the Helm Chart's crds directory according
- to the CRD upgrade policy provided here. Valid values are `Skip`,
- `Create` or `CreateReplace`. Default is `Create` and if omitted
- CRDs are installed but not updated.
-
- Skip: do neither install nor replace (update) any CRDs.
-
- Create: new CRDs are created, existing CRDs are neither updated nor deleted.
-
- CreateReplace: new CRDs are created, existing CRDs are updated (replaced)
- but not deleted.
-
- By default, CRDs are applied (installed) during Helm install action.
- With this option users can opt-in to CRD replace existing CRDs on Helm
- install actions, which is not (yet) natively supported by Helm.
- https://helm.sh/docs/chart_best_practices/custom_resource_definitions.
- enum:
- - Skip
- - Create
- - CreateReplace
- type: string
- createNamespace:
- description: |-
- CreateNamespace tells the Helm install action to create the
- HelmReleaseSpec.TargetNamespace if it does not exist yet.
- On uninstall, the namespace will not be garbage collected.
- type: boolean
- disableHooks:
- description: DisableHooks prevents hooks from running during the
- Helm install action.
- type: boolean
- disableOpenAPIValidation:
- description: |-
- DisableOpenAPIValidation prevents the Helm install action from validating
- rendered templates against the Kubernetes OpenAPI Schema.
- type: boolean
- disableWait:
- description: |-
- DisableWait disables the waiting for resources to be ready after a Helm
- install has been performed.
- type: boolean
- disableWaitForJobs:
- description: |-
- DisableWaitForJobs disables waiting for jobs to complete after a Helm
- install has been performed.
- type: boolean
- remediation:
- description: |-
- Remediation holds the remediation configuration for when the Helm install
- action for the HelmRelease fails. The default is to not perform any action.
- properties:
- ignoreTestFailures:
- description: |-
- IgnoreTestFailures tells the controller to skip remediation when the Helm
- tests are run after an install action but fail. Defaults to
- 'Test.IgnoreFailures'.
- type: boolean
- remediateLastFailure:
- description: |-
- RemediateLastFailure tells the controller to remediate the last failure, when
- no retries remain. Defaults to 'false'.
- type: boolean
- retries:
- description: |-
- Retries is the number of retries that should be attempted on failures before
- bailing. Remediation, using an uninstall, is performed between each attempt.
- Defaults to '0', a negative integer equals to unlimited retries.
- type: integer
- type: object
- replace:
- description: |-
- Replace tells the Helm install action to re-use the 'ReleaseName', but only
- if that name is a deleted release which remains in the history.
- type: boolean
- skipCRDs:
- description: |-
- SkipCRDs tells the Helm install action to not install any CRDs. By default,
- CRDs are installed if not already present.
-
- Deprecated use CRD policy (`crds`) attribute with value `Skip` instead.
- type: boolean
- timeout:
- description: |-
- Timeout is the time to wait for any individual Kubernetes operation (like
- Jobs for hooks) during the performance of a Helm install action. Defaults to
- 'HelmReleaseSpec.Timeout'.
- pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$
- type: string
- type: object
- interval:
- description: |-
- Interval at which to reconcile the Helm release.
- This interval is approximate and may be subject to jitter to ensure
- efficient use of resources.
- pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$
- type: string
- kubeConfig:
- description: |-
- KubeConfig for reconciling the HelmRelease on a remote cluster.
- When used in combination with HelmReleaseSpec.ServiceAccountName,
- forces the controller to act on behalf of that Service Account at the
- target cluster.
- If the --default-service-account flag is set, its value will be used as
- a controller level fallback for when HelmReleaseSpec.ServiceAccountName
- is empty.
- properties:
- secretRef:
- description: |-
- SecretRef holds the name of a secret that contains a key with
- the kubeconfig file as the value. If no key is set, the key will default
- to 'value'.
- It is recommended that the kubeconfig is self-contained, and the secret
- is regularly updated if credentials such as a cloud-access-token expire.
- Cloud specific `cmd-path` auth helpers will not function without adding
- binaries and credentials to the Pod that is responsible for reconciling
- Kubernetes resources.
- properties:
- key:
- description: Key in the Secret, when not specified an implementation-specific
- default key is used.
- type: string
- name:
- description: Name of the Secret.
- type: string
- required:
- - name
- type: object
- required:
- - secretRef
- type: object
- maxHistory:
- description: |-
- MaxHistory is the number of revisions saved by Helm for this HelmRelease.
- Use '0' for an unlimited number of revisions; defaults to '10'.
- type: integer
- persistentClient:
- description: |-
- PersistentClient tells the controller to use a persistent Kubernetes
- client for this release. When enabled, the client will be reused for the
- duration of the reconciliation, instead of being created and destroyed
- for each (step of a) Helm action.
-
- This can improve performance, but may cause issues with some Helm charts
- that for example do create Custom Resource Definitions during installation
- outside Helm's CRD lifecycle hooks, which are then not observed to be
- available by e.g. post-install hooks.
-
- If not set, it defaults to true.
- type: boolean
- postRenderers:
- description: |-
- PostRenderers holds an array of Helm PostRenderers, which will be applied in order
- of their definition.
- items:
- description: PostRenderer contains a Helm PostRenderer specification.
- properties:
- kustomize:
- description: Kustomization to apply as PostRenderer.
- properties:
- images:
- description: |-
- Images is a list of (image name, new name, new tag or digest)
- for changing image names, tags or digests. This can also be achieved with a
- patch, but this operator is simpler to specify.
- items:
- description: Image contains an image name, a new name,
- a new tag or digest, which will replace the original
- name and tag.
- properties:
- digest:
- description: |-
- Digest is the value used to replace the original image tag.
- If digest is present NewTag value is ignored.
- type: string
- name:
- description: Name is a tag-less image name.
- type: string
- newName:
- description: NewName is the value used to replace
- the original name.
- type: string
- newTag:
- description: NewTag is the value used to replace the
- original tag.
- type: string
- required:
- - name
- type: object
- type: array
- patches:
- description: |-
- Strategic merge and JSON patches, defined as inline YAML objects,
- capable of targeting objects based on kind, label and annotation selectors.
- items:
- description: |-
- Patch contains an inline StrategicMerge or JSON6902 patch, and the target the patch should
- be applied to.
- properties:
- patch:
- description: |-
- Patch contains an inline StrategicMerge patch or an inline JSON6902 patch with
- an array of operation objects.
- type: string
- target:
- description: Target points to the resources that the
- patch document should be applied to.
- properties:
- annotationSelector:
- description: |-
- AnnotationSelector is a string that follows the label selection expression
- https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#api
- It matches with the resource annotations.
- type: string
- group:
- description: |-
- Group is the API group to select resources from.
- Together with Version and Kind it is capable of unambiguously identifying and/or selecting resources.
- https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md
- type: string
- kind:
- description: |-
- Kind of the API Group to select resources from.
- Together with Group and Version it is capable of unambiguously
- identifying and/or selecting resources.
- https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md
- type: string
- labelSelector:
- description: |-
- LabelSelector is a string that follows the label selection expression
- https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#api
- It matches with the resource labels.
- type: string
- name:
- description: Name to match resources with.
- type: string
- namespace:
- description: Namespace to select resources from.
- type: string
- version:
- description: |-
- Version of the API Group to select resources from.
- Together with Group and Kind it is capable of unambiguously identifying and/or selecting resources.
- https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md
- type: string
- type: object
- required:
- - patch
- type: object
- type: array
- patchesJson6902:
- description: JSON 6902 patches, defined as inline YAML objects.
- items:
- description: JSON6902Patch contains a JSON6902 patch and
- the target the patch should be applied to.
- properties:
- patch:
- description: Patch contains the JSON6902 patch document
- with an array of operation objects.
- items:
- description: |-
- JSON6902 is a JSON6902 operation object.
- https://datatracker.ietf.org/doc/html/rfc6902#section-4
- properties:
- from:
- description: |-
- From contains a JSON-pointer value that references a location within the target document where the operation is
- performed. The meaning of the value depends on the value of Op, and is NOT taken into account by all operations.
- type: string
- op:
- description: |-
- Op indicates the operation to perform. Its value MUST be one of "add", "remove", "replace", "move", "copy", or
- "test".
- https://datatracker.ietf.org/doc/html/rfc6902#section-4
- enum:
- - test
- - remove
- - add
- - replace
- - move
- - copy
- type: string
- path:
- description: |-
- Path contains the JSON-pointer value that references a location within the target document where the operation
- is performed. The meaning of the value depends on the value of Op.
- type: string
- value:
- description: |-
- Value contains a valid JSON structure. The meaning of the value depends on the value of Op, and is NOT taken into
- account by all operations.
- x-kubernetes-preserve-unknown-fields: true
- required:
- - op
- - path
- type: object
- type: array
- target:
- description: Target points to the resources that the
- patch document should be applied to.
- properties:
- annotationSelector:
- description: |-
- AnnotationSelector is a string that follows the label selection expression
- https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#api
- It matches with the resource annotations.
- type: string
- group:
- description: |-
- Group is the API group to select resources from.
- Together with Version and Kind it is capable of unambiguously identifying and/or selecting resources.
- https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md
- type: string
- kind:
- description: |-
- Kind of the API Group to select resources from.
- Together with Group and Version it is capable of unambiguously
- identifying and/or selecting resources.
- https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md
- type: string
- labelSelector:
- description: |-
- LabelSelector is a string that follows the label selection expression
- https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#api
- It matches with the resource labels.
- type: string
- name:
- description: Name to match resources with.
- type: string
- namespace:
- description: Namespace to select resources from.
- type: string
- version:
- description: |-
- Version of the API Group to select resources from.
- Together with Group and Kind it is capable of unambiguously identifying and/or selecting resources.
- https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md
- type: string
- type: object
- required:
- - patch
- - target
- type: object
- type: array
- patchesStrategicMerge:
- description: Strategic merge patches, defined as inline
- YAML objects.
- items:
- x-kubernetes-preserve-unknown-fields: true
- type: array
- type: object
- type: object
- type: array
- releaseName:
- description: |-
- ReleaseName used for the Helm release. Defaults to a composition of
- '[TargetNamespace-]Name'.
- maxLength: 53
- minLength: 1
- type: string
- rollback:
- description: Rollback holds the configuration for Helm rollback actions
- for this HelmRelease.
- properties:
- cleanupOnFail:
- description: |-
- CleanupOnFail allows deletion of new resources created during the Helm
- rollback action when it fails.
- type: boolean
- disableHooks:
- description: DisableHooks prevents hooks from running during the
- Helm rollback action.
- type: boolean
- disableWait:
- description: |-
- DisableWait disables the waiting for resources to be ready after a Helm
- rollback has been performed.
- type: boolean
- disableWaitForJobs:
- description: |-
- DisableWaitForJobs disables waiting for jobs to complete after a Helm
- rollback has been performed.
- type: boolean
- force:
- description: Force forces resource updates through a replacement
- strategy.
- type: boolean
- recreate:
- description: Recreate performs pod restarts for the resource if
- applicable.
- type: boolean
- timeout:
- description: |-
- Timeout is the time to wait for any individual Kubernetes operation (like
- Jobs for hooks) during the performance of a Helm rollback action. Defaults to
- 'HelmReleaseSpec.Timeout'.
- pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$
- type: string
- type: object
- serviceAccountName:
- description: |-
- The name of the Kubernetes service account to impersonate
- when reconciling this HelmRelease.
- type: string
- storageNamespace:
- description: |-
- StorageNamespace used for the Helm storage.
- Defaults to the namespace of the HelmRelease.
- maxLength: 63
- minLength: 1
- type: string
- suspend:
- description: |-
- Suspend tells the controller to suspend reconciliation for this HelmRelease,
- it does not apply to already started reconciliations. Defaults to false.
- type: boolean
- targetNamespace:
- description: |-
- TargetNamespace to target when performing operations for the HelmRelease.
- Defaults to the namespace of the HelmRelease.
- maxLength: 63
- minLength: 1
- type: string
- test:
- description: Test holds the configuration for Helm test actions for
- this HelmRelease.
- properties:
- enable:
- description: |-
- Enable enables Helm test actions for this HelmRelease after an Helm install
- or upgrade action has been performed.
- type: boolean
- ignoreFailures:
- description: |-
- IgnoreFailures tells the controller to skip remediation when the Helm tests
- are run but fail. Can be overwritten for tests run after install or upgrade
- actions in 'Install.IgnoreTestFailures' and 'Upgrade.IgnoreTestFailures'.
- type: boolean
- timeout:
- description: |-
- Timeout is the time to wait for any individual Kubernetes operation during
- the performance of a Helm test action. Defaults to 'HelmReleaseSpec.Timeout'.
- pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$
- type: string
- type: object
- timeout:
- description: |-
- Timeout is the time to wait for any individual Kubernetes operation (like Jobs
- for hooks) during the performance of a Helm action. Defaults to '5m0s'.
- pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$
- type: string
- uninstall:
- description: Uninstall holds the configuration for Helm uninstall
- actions for this HelmRelease.
- properties:
- deletionPropagation:
- default: background
- description: |-
- DeletionPropagation specifies the deletion propagation policy when
- a Helm uninstall is performed.
- enum:
- - background
- - foreground
- - orphan
- type: string
- disableHooks:
- description: DisableHooks prevents hooks from running during the
- Helm rollback action.
- type: boolean
- disableWait:
- description: |-
- DisableWait disables waiting for all the resources to be deleted after
- a Helm uninstall is performed.
- type: boolean
- keepHistory:
- description: |-
- KeepHistory tells Helm to remove all associated resources and mark the
- release as deleted, but retain the release history.
- type: boolean
- timeout:
- description: |-
- Timeout is the time to wait for any individual Kubernetes operation (like
- Jobs for hooks) during the performance of a Helm uninstall action. Defaults
- to 'HelmReleaseSpec.Timeout'.
- pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$
- type: string
- type: object
- upgrade:
- description: Upgrade holds the configuration for Helm upgrade actions
- for this HelmRelease.
- properties:
- cleanupOnFail:
- description: |-
- CleanupOnFail allows deletion of new resources created during the Helm
- upgrade action when it fails.
- type: boolean
- crds:
- description: |-
- CRDs upgrade CRDs from the Helm Chart's crds directory according
- to the CRD upgrade policy provided here. Valid values are `Skip`,
- `Create` or `CreateReplace`. Default is `Skip` and if omitted
- CRDs are neither installed nor upgraded.
-
- Skip: do neither install nor replace (update) any CRDs.
-
- Create: new CRDs are created, existing CRDs are neither updated nor deleted.
-
- CreateReplace: new CRDs are created, existing CRDs are updated (replaced)
- but not deleted.
-
- By default, CRDs are not applied during Helm upgrade action. With this
- option users can opt-in to CRD upgrade, which is not (yet) natively supported by Helm.
- https://helm.sh/docs/chart_best_practices/custom_resource_definitions.
- enum:
- - Skip
- - Create
- - CreateReplace
- type: string
- disableHooks:
- description: DisableHooks prevents hooks from running during the
- Helm upgrade action.
- type: boolean
- disableOpenAPIValidation:
- description: |-
- DisableOpenAPIValidation prevents the Helm upgrade action from validating
- rendered templates against the Kubernetes OpenAPI Schema.
- type: boolean
- disableWait:
- description: |-
- DisableWait disables the waiting for resources to be ready after a Helm
- upgrade has been performed.
- type: boolean
- disableWaitForJobs:
- description: |-
- DisableWaitForJobs disables waiting for jobs to complete after a Helm
- upgrade has been performed.
- type: boolean
- force:
- description: Force forces resource updates through a replacement
- strategy.
- type: boolean
- preserveValues:
- description: |-
- PreserveValues will make Helm reuse the last release's values and merge in
- overrides from 'Values'. Setting this flag makes the HelmRelease
- non-declarative.
- type: boolean
- remediation:
- description: |-
- Remediation holds the remediation configuration for when the Helm upgrade
- action for the HelmRelease fails. The default is to not perform any action.
- properties:
- ignoreTestFailures:
- description: |-
- IgnoreTestFailures tells the controller to skip remediation when the Helm
- tests are run after an upgrade action but fail.
- Defaults to 'Test.IgnoreFailures'.
- type: boolean
- remediateLastFailure:
- description: |-
- RemediateLastFailure tells the controller to remediate the last failure, when
- no retries remain. Defaults to 'false' unless 'Retries' is greater than 0.
- type: boolean
- retries:
- description: |-
- Retries is the number of retries that should be attempted on failures before
- bailing. Remediation, using 'Strategy', is performed between each attempt.
- Defaults to '0', a negative integer equals to unlimited retries.
- type: integer
- strategy:
- description: Strategy to use for failure remediation. Defaults
- to 'rollback'.
- enum:
- - rollback
- - uninstall
- type: string
- type: object
- timeout:
- description: |-
- Timeout is the time to wait for any individual Kubernetes operation (like
- Jobs for hooks) during the performance of a Helm upgrade action. Defaults to
- 'HelmReleaseSpec.Timeout'.
- pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$
- type: string
- type: object
- values:
- description: Values holds the values for this Helm release.
- x-kubernetes-preserve-unknown-fields: true
- valuesFrom:
- description: |-
- ValuesFrom holds references to resources containing Helm values for this HelmRelease,
- and information about how they should be merged.
- items:
- description: |-
- ValuesReference contains a reference to a resource containing Helm values,
- and optionally the key they can be found at.
- properties:
- kind:
- description: Kind of the values referent, valid values are ('Secret',
- 'ConfigMap').
- enum:
- - Secret
- - ConfigMap
- type: string
- name:
- description: |-
- Name of the values referent. Should reside in the same namespace as the
- referring resource.
- maxLength: 253
- minLength: 1
- type: string
- optional:
- description: |-
- Optional marks this ValuesReference as optional. When set, a not found error
- for the values reference is ignored, but any ValuesKey, TargetPath or
- transient error will still result in a reconciliation failure.
- type: boolean
- targetPath:
- description: |-
- TargetPath is the YAML dot notation path the value should be merged at. When
- set, the ValuesKey is expected to be a single flat value. Defaults to 'None',
- which results in the values getting merged at the root.
- maxLength: 250
- pattern: ^([a-zA-Z0-9_\-.\\\/]|\[[0-9]{1,5}\])+$
- type: string
- valuesKey:
- description: |-
- ValuesKey is the data key where the values.yaml or a specific value can be
- found at. Defaults to 'values.yaml'.
- When set, must be a valid Data Key, consisting of alphanumeric characters,
- '-', '_' or '.'.
- maxLength: 253
- pattern: ^[\-._a-zA-Z0-9]+$
- type: string
- required:
- - kind
- - name
- type: object
- type: array
- required:
- - chart
- - interval
- type: object
- status:
- default:
- observedGeneration: -1
- description: HelmReleaseStatus defines the observed state of a HelmRelease.
- properties:
- conditions:
- description: Conditions holds the conditions for the HelmRelease.
- items:
- description: Condition contains details for one aspect of the current
- state of this API Resource.
- properties:
- lastTransitionTime:
- description: |-
- lastTransitionTime is the last time the condition transitioned from one status to another.
- This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable.
- format: date-time
- type: string
- message:
- description: |-
- message is a human readable message indicating details about the transition.
- This may be an empty string.
- maxLength: 32768
- type: string
- observedGeneration:
- description: |-
- observedGeneration represents the .metadata.generation that the condition was set based upon.
- For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date
- with respect to the current state of the instance.
- format: int64
- minimum: 0
- type: integer
- reason:
- description: |-
- reason contains a programmatic identifier indicating the reason for the condition's last transition.
- Producers of specific condition types may define expected values and meanings for this field,
- and whether the values are considered a guaranteed API.
- The value should be a CamelCase string.
- This field may not be empty.
- maxLength: 1024
- minLength: 1
- pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$
- type: string
- status:
- description: status of the condition, one of True, False, Unknown.
- enum:
- - "True"
- - "False"
- - Unknown
- type: string
- type:
- description: type of condition in CamelCase or in foo.example.com/CamelCase.
- maxLength: 316
- pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$
- type: string
- required:
- - lastTransitionTime
- - message
- - reason
- - status
- - type
- type: object
- type: array
- failures:
- description: |-
- Failures is the reconciliation failure count against the latest desired
- state. It is reset after a successful reconciliation.
- format: int64
- type: integer
- helmChart:
- description: |-
- HelmChart is the namespaced name of the HelmChart resource created by
- the controller for the HelmRelease.
- type: string
- history:
- description: |-
- History holds the history of Helm releases performed for this HelmRelease
- up to the last successfully completed release.
-
- Note: this field is provisional to the v2beta2 API, and not actively used
- by v2beta1 HelmReleases.
- items:
- description: |-
- Snapshot captures a point-in-time copy of the status information for a Helm release,
- as managed by the controller.
- properties:
- apiVersion:
- description: |-
- APIVersion is the API version of the Snapshot.
- Provisional: when the calculation method of the Digest field is changed,
- this field will be used to distinguish between the old and new methods.
- type: string
- appVersion:
- description: AppVersion is the chart app version of the release
- object in storage.
- type: string
- chartName:
- description: ChartName is the chart name of the release object
- in storage.
- type: string
- chartVersion:
- description: |-
- ChartVersion is the chart version of the release object in
- storage.
- type: string
- configDigest:
- description: |-
- ConfigDigest is the checksum of the config (better known as
- "values") of the release object in storage.
- It has the format of `<algo>:<checksum>`.
- type: string
- deleted:
- description: Deleted is when the release was deleted.
- format: date-time
- type: string
- digest:
- description: |-
- Digest is the checksum of the release object in storage.
- It has the format of `<algo>:<checksum>`.
- type: string
- firstDeployed:
- description: FirstDeployed is when the release was first deployed.
- format: date-time
- type: string
- lastDeployed:
- description: LastDeployed is when the release was last deployed.
- format: date-time
- type: string
- name:
- description: Name is the name of the release.
- type: string
- namespace:
- description: Namespace is the namespace the release is deployed
- to.
- type: string
- ociDigest:
- description: OCIDigest is the digest of the OCI artifact associated
- with the release.
- type: string
- status:
- description: Status is the current state of the release.
- type: string
- testHooks:
- additionalProperties:
- description: |-
- TestHookStatus holds the status information for a test hook as observed
- to be run by the controller.
- properties:
- lastCompleted:
- description: LastCompleted is the time the test hook last
- completed.
- format: date-time
- type: string
- lastStarted:
- description: LastStarted is the time the test hook was
- last started.
- format: date-time
- type: string
- phase:
- description: Phase the test hook was observed to be in.
- type: string
- type: object
- description: |-
- TestHooks is the list of test hooks for the release as observed to be
- run by the controller.
- type: object
- version:
- description: Version is the version of the release object in
- storage.
- type: integer
+ type: string
required:
- - chartName
- - chartVersion
- - configDigest
- - digest
- - firstDeployed
- - lastDeployed
- - name
- - namespace
+ - lastTransitionTime
+ - message
+ - reason
- status
- - version
+ - type
type: object
type: array
- installFailures:
- description: |-
- InstallFailures is the install failure count against the latest desired
- state. It is reset after a successful reconciliation.
- format: int64
- type: integer
+ inventory:
+ description: Inventory contains the list of Kubernetes resource object
+ references that have been successfully applied.
+ properties:
+ entries:
+ description: Entries of Kubernetes resource object references.
+ items:
+ description: ResourceRef contains the information necessary
+ to locate a resource within a cluster.
+ properties:
+ id:
+ description: ID is the string representation of the Kubernetes
+ resource object's metadata, in the format '<namespace>_<name>_<group>_<kind>'.
+ type: string
+ v:
+ description: Version is the API version of the Kubernetes
+ resource object's kind.
+ type: string
+ required:
+ - id
+ - v
+ type: object
+ type: array
+ required:
+ - entries
+ type: object
lastAppliedRevision:
- description: LastAppliedRevision is the revision of the last successfully
- applied source.
- type: string
- lastAttemptedConfigDigest:
- description: |-
- LastAttemptedConfigDigest is the digest for the config (better known as
- "values") of the last reconciliation attempt.
-
- Note: this field is provisional to the v2beta2 API, and not actively used
- by v2beta1 HelmReleases.
- type: string
- lastAttemptedGeneration:
- description: |-
- LastAttemptedGeneration is the last generation the controller attempted
- to reconcile.
-
- Note: this field is provisional to the v2beta2 API, and not actively used
- by v2beta1 HelmReleases.
- format: int64
- type: integer
- lastAttemptedReleaseAction:
- description: |-
- LastAttemptedReleaseAction is the last release action performed for this
- HelmRelease. It is used to determine the active remediation strategy.
-
- Note: this field is provisional to the v2beta2 API, and not actively used
- by v2beta1 HelmReleases.
+ description: The last successfully applied revision. Equals the Revision
+ of the applied Artifact from the referenced Source.
type: string
lastAttemptedRevision:
description: LastAttemptedRevision is the revision of the last reconciliation
attempt.
type: string
- lastAttemptedValuesChecksum:
- description: |-
- LastAttemptedValuesChecksum is the SHA1 checksum of the values of the last
- reconciliation attempt.
- type: string
- lastHandledForceAt:
- description: |-
- LastHandledForceAt holds the value of the most recent force request
- value, so a change of the annotation value can be detected.
-
- Note: this field is provisional to the v2beta2 API, and not actively used
- by v2beta1 HelmReleases.
- type: string
lastHandledReconcileAt:
- description: |-
- LastHandledReconcileAt holds the value of the most recent
- reconcile request value, so a change of the annotation value
- can be detected.
- type: string
- lastHandledResetAt:
- description: |-
- LastHandledResetAt holds the value of the most recent reset request
- value, so a change of the annotation value can be detected.
-
- Note: this field is provisional to the v2beta2 API, and not actively used
- by v2beta1 HelmReleases.
+ description: LastHandledReconcileAt holds the value of the most recent
+ reconcile request value, so a change of the annotation value can
+ be detected.
type: string
- lastReleaseRevision:
- description: LastReleaseRevision is the revision of the last successful
- Helm release.
- type: integer
observedGeneration:
- description: ObservedGeneration is the last observed generation.
- format: int64
- type: integer
- observedPostRenderersDigest:
- description: |-
- ObservedPostRenderersDigest is the digest for the post-renderers of
- the last successful reconciliation attempt.
- type: string
- storageNamespace:
- description: |-
- StorageNamespace is the namespace of the Helm release storage for the
- current release.
-
- Note: this field is provisional to the v2beta2 API, and not actively used
- by v2beta1 HelmReleases.
- type: string
- upgradeFailures:
- description: |-
- UpgradeFailures is the upgrade failure count against the latest desired
- state. It is reset after a successful reconciliation.
+ description: ObservedGeneration is the last reconciled generation.
format: int64
type: integer
type: object
storage: false
subresources:
status: {}
+---
+apiVersion: v1
+kind: ServiceAccount
+metadata:
+ labels:
+ app.kubernetes.io/component: kustomize-controller
+ app.kubernetes.io/instance: flux-system
+ app.kubernetes.io/part-of: flux
+ app.kubernetes.io/version: v2.1.2
+ name: kustomize-controller
+ namespace: flux-system
+---
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+ labels:
+ app.kubernetes.io/component: kustomize-controller
+ app.kubernetes.io/instance: flux-system
+ app.kubernetes.io/part-of: flux
+ app.kubernetes.io/version: v2.1.2
+ control-plane: controller
+ name: kustomize-controller
+ namespace: flux-system
+spec:
+ replicas: 1
+ selector:
+ matchLabels:
+ app: kustomize-controller
+ template:
+ metadata:
+ annotations:
+ prometheus.io/port: "8080"
+ prometheus.io/scrape: "true"
+ labels:
+ app: kustomize-controller
+ spec:
+ containers:
+ - args:
+ - --events-addr=http://notification-controller.flux-system.svc.cluster.local./
+ - --watch-all-namespaces=true
+ - --log-level=info
+ - --log-encoding=json
+ - --enable-leader-election
+ env:
+ - name: RUNTIME_NAMESPACE
+ valueFrom:
+ fieldRef:
+ fieldPath: metadata.namespace
+ image: ghcr.io/fluxcd/kustomize-controller:v1.1.1
+ imagePullPolicy: IfNotPresent
+ livenessProbe:
+ httpGet:
+ path: /healthz
+ port: healthz
+ name: manager
+ ports:
+ - containerPort: 8080
+ name: http-prom
+ protocol: TCP
+ - containerPort: 9440
+ name: healthz
+ protocol: TCP
+ readinessProbe:
+ httpGet:
+ path: /readyz
+ port: healthz
+ resources:
+ limits:
+ cpu: 1000m
+ memory: 1Gi
+ requests:
+ cpu: 100m
+ memory: 64Mi
+ securityContext:
+ allowPrivilegeEscalation: false
+ capabilities:
+ drop:
+ - ALL
+ readOnlyRootFilesystem: true
+ runAsNonRoot: true
+ seccompProfile:
+ type: RuntimeDefault
+ volumeMounts:
+ - mountPath: /tmp
+ name: temp
+ nodeSelector:
+ kubernetes.io/os: linux
+ priorityClassName: system-cluster-critical
+ securityContext:
+ fsGroup: 1337
+ serviceAccountName: kustomize-controller
+ terminationGracePeriodSeconds: 60
+ volumes:
+ - emptyDir: {}
+ name: temp
+---
+apiVersion: apiextensions.k8s.io/v1
+kind: CustomResourceDefinition
+metadata:
+ annotations:
+ controller-gen.kubebuilder.io/version: v0.12.0
+ labels:
+ app.kubernetes.io/component: helm-controller
+ app.kubernetes.io/instance: flux-system
+ app.kubernetes.io/part-of: flux
+ app.kubernetes.io/version: v2.1.2
+ name: helmreleases.helm.toolkit.fluxcd.io
+spec:
+ group: helm.toolkit.fluxcd.io
+ names:
+ kind: HelmRelease
+ listKind: HelmReleaseList
+ plural: helmreleases
+ shortNames:
+ - hr
+ singular: helmrelease
+ scope: Namespaced
+ versions:
- additionalPrinterColumns:
- jsonPath: .metadata.creationTimestamp
name: Age
- jsonPath: .status.conditions[?(@.type=="Ready")].message
name: Status
type: string
- deprecated: true
- deprecationWarning: v2beta2 HelmRelease is deprecated, upgrade to v2
- name: v2beta2
+ name: v2beta1
schema:
openAPIV3Schema:
description: HelmRelease is the Schema for the helmreleases API
properties:
apiVersion:
- description: |-
- APIVersion defines the versioned schema of this representation of an object.
- Servers should convert recognized schemas to the latest internal value, and
- may reject unrecognized values.
- More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
+ description: 'APIVersion defines the versioned schema of this representation
+ of an object. Servers should convert recognized schemas to the latest
+ internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
type: string
kind:
- description: |-
- Kind is a string value representing the REST resource this object represents.
- Servers may infer this from the endpoint the client submits requests to.
- Cannot be updated.
- In CamelCase.
- More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
+ description: 'Kind is a string value representing the REST resource this
+ object represents. Servers may infer this from the endpoint the client
+ submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
type: string
metadata:
type: object
description: HelmReleaseSpec defines the desired state of a Helm release.
properties:
chart:
- description: |-
- Chart defines the template of the v1beta2.HelmChart that should be created
- for this HelmRelease.
+ description: Chart defines the template of the v1beta2.HelmChart that
+ should be created for this HelmRelease.
properties:
metadata:
description: ObjectMeta holds the template for metadata like labels
annotations:
additionalProperties:
type: string
- description: |-
- Annotations is an unstructured key value map stored with a resource that may be
- set by external tools to store and retrieve arbitrary metadata. They are not
- queryable and should be preserved when modifying objects.
- More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations/
+ description: 'Annotations is an unstructured key value map
+ stored with a resource that may be set by external tools
+ to store and retrieve arbitrary metadata. They are not queryable
+ and should be preserved when modifying objects. More info:
+ https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations/'
type: object
labels:
additionalProperties:
type: string
- description: |-
- Map of string keys and values that can be used to organize and categorize
- (scope and select) objects.
- More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/
+ description: 'Map of string keys and values that can be used
+ to organize and categorize (scope and select) objects. More
+ info: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/'
type: object
type: object
spec:
chart:
description: The name or path the Helm chart is available
at in the SourceRef.
- maxLength: 2048
- minLength: 1
type: string
- ignoreMissingValuesFiles:
- description: IgnoreMissingValuesFiles controls whether to
- silently ignore missing values files rather than failing.
- type: boolean
interval:
- description: |-
- Interval at which to check the v1.Source for updates. Defaults to
- 'HelmReleaseSpec.Interval'.
+ description: Interval at which to check the v1beta2.Source
+ for updates. Defaults to 'HelmReleaseSpec.Interval'.
pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$
type: string
reconcileStrategy:
default: ChartVersion
- description: |-
- Determines what enables the creation of a new artifact. Valid values are
- ('ChartVersion', 'Revision').
- See the documentation of the values for an explanation on their behavior.
- Defaults to ChartVersion when omitted.
+ description: Determines what enables the creation of a new
+ artifact. Valid values are ('ChartVersion', 'Revision').
+ See the documentation of the values for an explanation on
+ their behavior. Defaults to ChartVersion when omitted.
enum:
- ChartVersion
- Revision
type: string
sourceRef:
- description: The name and namespace of the v1.Source the chart
- is available at.
+ description: The name and namespace of the v1beta2.Source
+ the chart is available at.
properties:
apiVersion:
description: APIVersion of the referent.
minLength: 1
type: string
required:
- - kind
- name
type: object
valuesFile:
- description: |-
- Alternative values file to use as the default chart values, expected to
- be a relative path in the SourceRef. Deprecated in favor of ValuesFiles,
- for backwards compatibility the file defined here is merged before the
- ValuesFiles items. Ignored when omitted.
+ description: Alternative values file to use as the default
+ chart values, expected to be a relative path in the SourceRef.
+ Deprecated in favor of ValuesFiles, for backwards compatibility
+ the file defined here is merged before the ValuesFiles items.
+ Ignored when omitted.
type: string
valuesFiles:
- description: |-
- Alternative list of values files to use as the chart values (values.yaml
- is not included by default), expected to be a relative path in the SourceRef.
- Values files are merged in the order of this list with the last file overriding
+ description: Alternative list of values files to use as the
+ chart values (values.yaml is not included by default), expected
+ to be a relative path in the SourceRef. Values files are
+ merged in the order of this list with the last file overriding
the first. Ignored when omitted.
items:
type: string
type: array
verify:
- description: |-
- Verify contains the secret name containing the trusted public keys
- used to verify the signature and specifies which provider to use to check
- whether OCI image is authentic.
- This field is only supported for OCI sources.
- Chart dependencies, which are not bundled in the umbrella chart artifact,
- are not verified.
+ description: Verify contains the secret name containing the
+ trusted public keys used to verify the signature and specifies
+ which provider to use to check whether OCI image is authentic.
+ This field is only supported for OCI sources. Chart dependencies,
+ which are not bundled in the umbrella chart artifact, are
+ not verified.
properties:
provider:
default: cosign
sign the OCI Helm chart.
enum:
- cosign
- - notation
type: string
secretRef:
- description: |-
- SecretRef specifies the Kubernetes Secret containing the
- trusted public keys.
+ description: SecretRef specifies the Kubernetes Secret
+ containing the trusted public keys.
properties:
name:
description: Name of the referent.
type: object
version:
default: '*'
- description: |-
- Version semver expression, ignored for charts from v1beta2.GitRepository and
- v1beta2.Bucket sources. Defaults to latest when omitted.
+ description: Version semver expression, ignored for charts
+ from v1beta2.GitRepository and v1beta2.Bucket sources. Defaults
+ to latest when omitted.
type: string
required:
- chart
required:
- spec
type: object
- chartRef:
- description: |-
- ChartRef holds a reference to a source controller resource containing the
- Helm chart artifact.
-
- Note: this field is provisional to the v2 API, and not actively used
- by v2beta2 HelmReleases.
- properties:
- apiVersion:
- description: APIVersion of the referent.
- type: string
- kind:
- description: Kind of the referent.
- enum:
- - OCIRepository
- - HelmChart
- type: string
- name:
- description: Name of the referent.
- maxLength: 253
- minLength: 1
- type: string
- namespace:
- description: |-
- Namespace of the referent, defaults to the namespace of the Kubernetes
- resource object that contains the reference.
- maxLength: 63
- minLength: 1
- type: string
- required:
- - kind
- - name
- type: object
dependsOn:
- description: |-
- DependsOn may contain a meta.NamespacedObjectReference slice with
- references to HelmRelease resources that must be ready before this HelmRelease
- can be reconciled.
+ description: DependsOn may contain a meta.NamespacedObjectReference
+ slice with references to HelmRelease resources that must be ready
+ before this HelmRelease can be reconciled.
items:
- description: |-
- NamespacedObjectReference contains enough information to locate the referenced Kubernetes resource object in any
- namespace.
+ description: NamespacedObjectReference contains enough information
+ to locate the referenced Kubernetes resource object in any namespace.
properties:
name:
description: Name of the referent.
- name
type: object
type: array
- driftDetection:
- description: |-
- DriftDetection holds the configuration for detecting and handling
- differences between the manifest in the Helm storage and the resources
- currently existing in the cluster.
- properties:
- ignore:
- description: |-
- Ignore contains a list of rules for specifying which changes to ignore
- during diffing.
- items:
- description: |-
- IgnoreRule defines a rule to selectively disregard specific changes during
- the drift detection process.
- properties:
- paths:
- description: |-
- Paths is a list of JSON Pointer (RFC 6901) paths to be excluded from
- consideration in a Kubernetes object.
- items:
- type: string
- type: array
- target:
- description: |-
- Target is a selector for specifying Kubernetes objects to which this
- rule applies.
- If Target is not set, the Paths will be ignored for all Kubernetes
- objects within the manifest of the Helm release.
- properties:
- annotationSelector:
- description: |-
- AnnotationSelector is a string that follows the label selection expression
- https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#api
- It matches with the resource annotations.
- type: string
- group:
- description: |-
- Group is the API group to select resources from.
- Together with Version and Kind it is capable of unambiguously identifying and/or selecting resources.
- https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md
- type: string
- kind:
- description: |-
- Kind of the API Group to select resources from.
- Together with Group and Version it is capable of unambiguously
- identifying and/or selecting resources.
- https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md
- type: string
- labelSelector:
- description: |-
- LabelSelector is a string that follows the label selection expression
- https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#api
- It matches with the resource labels.
- type: string
- name:
- description: Name to match resources with.
- type: string
- namespace:
- description: Namespace to select resources from.
- type: string
- version:
- description: |-
- Version of the API Group to select resources from.
- Together with Group and Kind it is capable of unambiguously identifying and/or selecting resources.
- https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md
- type: string
- type: object
- required:
- - paths
- type: object
- type: array
- mode:
- description: |-
- Mode defines how differences should be handled between the Helm manifest
- and the manifest currently applied to the cluster.
- If not explicitly set, it defaults to DiffModeDisabled.
- enum:
- - enabled
- - warn
- - disabled
- type: string
- type: object
install:
description: Install holds the configuration for Helm install actions
for this HelmRelease.
properties:
crds:
- description: |-
- CRDs upgrade CRDs from the Helm Chart's crds directory according
- to the CRD upgrade policy provided here. Valid values are `Skip`,
- `Create` or `CreateReplace`. Default is `Create` and if omitted
- CRDs are installed but not updated.
-
- Skip: do neither install nor replace (update) any CRDs.
-
- Create: new CRDs are created, existing CRDs are neither updated nor deleted.
-
- CreateReplace: new CRDs are created, existing CRDs are updated (replaced)
- but not deleted.
-
- By default, CRDs are applied (installed) during Helm install action.
- With this option users can opt in to CRD replace existing CRDs on Helm
+ description: "CRDs upgrade CRDs from the Helm Chart's crds directory
+ according to the CRD upgrade policy provided here. Valid values
+ are `Skip`, `Create` or `CreateReplace`. Default is `Create`
+ and if omitted CRDs are installed but not updated. \n Skip:
+ do neither install nor replace (update) any CRDs. \n Create:
+ new CRDs are created, existing CRDs are neither updated nor
+ deleted. \n CreateReplace: new CRDs are created, existing CRDs
+ are updated (replaced) but not deleted. \n By default, CRDs
+ are applied (installed) during Helm install action. With this
+ option users can opt-in to CRD replace existing CRDs on Helm
install actions, which is not (yet) natively supported by Helm.
- https://helm.sh/docs/chart_best_practices/custom_resource_definitions.
+ https://helm.sh/docs/chart_best_practices/custom_resource_definitions."
enum:
- Skip
- Create
- CreateReplace
type: string
createNamespace:
- description: |-
- CreateNamespace tells the Helm install action to create the
- HelmReleaseSpec.TargetNamespace if it does not exist yet.
- On uninstall, the namespace will not be garbage collected.
+ description: CreateNamespace tells the Helm install action to
+ create the HelmReleaseSpec.TargetNamespace if it does not exist
+ yet. On uninstall, the namespace will not be garbage collected.
type: boolean
disableHooks:
description: DisableHooks prevents hooks from running during the
Helm install action.
type: boolean
disableOpenAPIValidation:
- description: |-
- DisableOpenAPIValidation prevents the Helm install action from validating
- rendered templates against the Kubernetes OpenAPI Schema.
+ description: DisableOpenAPIValidation prevents the Helm install
+ action from validating rendered templates against the Kubernetes
+ OpenAPI Schema.
type: boolean
disableWait:
- description: |-
- DisableWait disables the waiting for resources to be ready after a Helm
- install has been performed.
+ description: DisableWait disables the waiting for resources to
+ be ready after a Helm install has been performed.
type: boolean
disableWaitForJobs:
- description: |-
- DisableWaitForJobs disables waiting for jobs to complete after a Helm
- install has been performed.
+ description: DisableWaitForJobs disables waiting for jobs to complete
+ after a Helm install has been performed.
type: boolean
remediation:
- description: |-
- Remediation holds the remediation configuration for when the Helm install
- action for the HelmRelease fails. The default is to not perform any action.
+ description: Remediation holds the remediation configuration for
+ when the Helm install action for the HelmRelease fails. The
+ default is to not perform any action.
properties:
ignoreTestFailures:
- description: |-
- IgnoreTestFailures tells the controller to skip remediation when the Helm
- tests are run after an install action but fail. Defaults to
- 'Test.IgnoreFailures'.
+ description: IgnoreTestFailures tells the controller to skip
+ remediation when the Helm tests are run after an install
+ action but fail. Defaults to 'Test.IgnoreFailures'.
type: boolean
remediateLastFailure:
- description: |-
- RemediateLastFailure tells the controller to remediate the last failure, when
- no retries remain. Defaults to 'false'.
+ description: RemediateLastFailure tells the controller to
+ remediate the last failure, when no retries remain. Defaults
+ to 'false'.
type: boolean
retries:
- description: |-
- Retries is the number of retries that should be attempted on failures before
- bailing. Remediation, using an uninstall, is performed between each attempt.
- Defaults to '0', a negative integer equals to unlimited retries.
+ description: Retries is the number of retries that should
+ be attempted on failures before bailing. Remediation, using
+ an uninstall, is performed between each attempt. Defaults
+ to '0', a negative integer equals to unlimited retries.
type: integer
type: object
replace:
- description: |-
- Replace tells the Helm install action to re-use the 'ReleaseName', but only
- if that name is a deleted release which remains in the history.
+ description: Replace tells the Helm install action to re-use the
+ 'ReleaseName', but only if that name is a deleted release which
+ remains in the history.
type: boolean
skipCRDs:
- description: |-
- SkipCRDs tells the Helm install action to not install any CRDs. By default,
- CRDs are installed if not already present.
-
- Deprecated use CRD policy (`crds`) attribute with value `Skip` instead.
+ description: "SkipCRDs tells the Helm install action to not install
+ any CRDs. By default, CRDs are installed if not already present.
+ \n Deprecated use CRD policy (`crds`) attribute with value `Skip`
+ instead."
type: boolean
timeout:
- description: |-
- Timeout is the time to wait for any individual Kubernetes operation (like
- Jobs for hooks) during the performance of a Helm install action. Defaults to
- 'HelmReleaseSpec.Timeout'.
+ description: Timeout is the time to wait for any individual Kubernetes
+ operation (like Jobs for hooks) during the performance of a
+ Helm install action. Defaults to 'HelmReleaseSpec.Timeout'.
pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$
type: string
type: object
interval:
- description: Interval at which to reconcile the Helm release.
+ description: Interval at which to reconcile the Helm release. This
+ interval is approximate and may be subject to jitter to ensure efficient
+ use of resources.
pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$
type: string
kubeConfig:
- description: |-
- KubeConfig for reconciling the HelmRelease on a remote cluster.
- When used in combination with HelmReleaseSpec.ServiceAccountName,
- forces the controller to act on behalf of that Service Account at the
- target cluster.
- If the --default-service-account flag is set, its value will be used as
- a controller level fallback for when HelmReleaseSpec.ServiceAccountName
+ description: KubeConfig for reconciling the HelmRelease on a remote
+ cluster. When used in combination with HelmReleaseSpec.ServiceAccountName,
+ forces the controller to act on behalf of that Service Account at
+ the target cluster. If the --default-service-account flag is set,
+ its value will be used as a controller level fallback for when HelmReleaseSpec.ServiceAccountName
is empty.
properties:
secretRef:
- description: |-
- SecretRef holds the name of a secret that contains a key with
- the kubeconfig file as the value. If no key is set, the key will default
- to 'value'.
- It is recommended that the kubeconfig is self-contained, and the secret
- is regularly updated if credentials such as a cloud-access-token expire.
- Cloud specific `cmd-path` auth helpers will not function without adding
- binaries and credentials to the Pod that is responsible for reconciling
+ description: SecretRef holds the name of a secret that contains
+ a key with the kubeconfig file as the value. If no key is set,
+ the key will default to 'value'. It is recommended that the
+ kubeconfig is self-contained, and the secret is regularly updated
+ if credentials such as a cloud-access-token expire. Cloud specific
+ `cmd-path` auth helpers will not function without adding binaries
+ and credentials to the Pod that is responsible for reconciling
Kubernetes resources.
properties:
key:
- secretRef
type: object
maxHistory:
- description: |-
- MaxHistory is the number of revisions saved by Helm for this HelmRelease.
- Use '0' for an unlimited number of revisions; defaults to '5'.
+ description: MaxHistory is the number of revisions saved by Helm for
+ this HelmRelease. Use '0' for an unlimited number of revisions;
+ defaults to '10'.
type: integer
persistentClient:
- description: |-
- PersistentClient tells the controller to use a persistent Kubernetes
- client for this release. When enabled, the client will be reused for the
- duration of the reconciliation, instead of being created and destroyed
- for each (step of a) Helm action.
-
- This can improve performance, but may cause issues with some Helm charts
+ description: "PersistentClient tells the controller to use a persistent
+ Kubernetes client for this release. When enabled, the client will
+ be reused for the duration of the reconciliation, instead of being
+ created and destroyed for each (step of a) Helm action. \n This
+ can improve performance, but may cause issues with some Helm charts
that for example do create Custom Resource Definitions during installation
- outside Helm's CRD lifecycle hooks, which are then not observed to be
- available by e.g. post-install hooks.
-
- If not set, it defaults to true.
+ outside Helm's CRD lifecycle hooks, which are then not observed
+ to be available by e.g. post-install hooks. \n If not set, it defaults
+ to true."
type: boolean
postRenderers:
- description: |-
- PostRenderers holds an array of Helm PostRenderers, which will be applied in order
- of their definition.
+ description: PostRenderers holds an array of Helm PostRenderers, which
+ will be applied in order of their definition.
items:
description: PostRenderer contains a Helm PostRenderer specification.
properties:
description: Kustomization to apply as PostRenderer.
properties:
images:
- description: |-
- Images is a list of (image name, new name, new tag or digest)
- for changing image names, tags or digests. This can also be achieved with a
- patch, but this operator is simpler to specify.
+ description: Images is a list of (image name, new name,
+ new tag or digest) for changing image names, tags or digests.
+ This can also be achieved with a patch, but this operator
+ is simpler to specify.
items:
description: Image contains an image name, a new name,
a new tag or digest, which will replace the original
name and tag.
properties:
digest:
- description: |-
- Digest is the value used to replace the original image tag.
- If digest is present NewTag value is ignored.
+ description: Digest is the value used to replace the
+ original image tag. If digest is present NewTag
+ value is ignored.
type: string
name:
description: Name is a tag-less image name.
type: object
type: array
patches:
- description: |-
- Strategic merge and JSON patches, defined as inline YAML objects,
- capable of targeting objects based on kind, label and annotation selectors.
+ description: Strategic merge and JSON patches, defined as
+ inline YAML objects, capable of targeting objects based
+ on kind, label and annotation selectors.
items:
- description: |-
- Patch contains an inline StrategicMerge or JSON6902 patch, and the target the patch should
- be applied to.
+ description: Patch contains an inline StrategicMerge or
+ JSON6902 patch, and the target the patch should be applied
+ to.
properties:
patch:
- description: |-
- Patch contains an inline StrategicMerge patch or an inline JSON6902 patch with
- an array of operation objects.
+ description: Patch contains an inline StrategicMerge
+ patch or an inline JSON6902 patch with an array
+ of operation objects.
type: string
target:
description: Target points to the resources that the
patch document should be applied to.
properties:
annotationSelector:
- description: |-
- AnnotationSelector is a string that follows the label selection expression
- https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#api
+ description: AnnotationSelector is a string that
+ follows the label selection expression https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#api
It matches with the resource annotations.
type: string
group:
- description: |-
- Group is the API group to select resources from.
- Together with Version and Kind it is capable of unambiguously identifying and/or selecting resources.
- https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md
+ description: Group is the API group to select
+ resources from. Together with Version and Kind
+ it is capable of unambiguously identifying and/or
+ selecting resources. https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md
type: string
kind:
- description: |-
- Kind of the API Group to select resources from.
- Together with Group and Version it is capable of unambiguously
- identifying and/or selecting resources.
- https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md
+ description: Kind of the API Group to select resources
+ from. Together with Group and Version it is
+ capable of unambiguously identifying and/or
+ selecting resources. https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md
type: string
labelSelector:
- description: |-
- LabelSelector is a string that follows the label selection expression
- https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#api
+ description: LabelSelector is a string that follows
+ the label selection expression https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#api
It matches with the resource labels.
type: string
name:
description: Namespace to select resources from.
type: string
version:
- description: |-
- Version of the API Group to select resources from.
- Together with Group and Kind it is capable of unambiguously identifying and/or selecting resources.
- https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md
+ description: Version of the API Group to select
+ resources from. Together with Group and Kind
+ it is capable of unambiguously identifying and/or
+ selecting resources. https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md
type: string
type: object
required:
type: object
type: array
patchesJson6902:
- description: |-
- JSON 6902 patches, defined as inline YAML objects.
- Deprecated: use Patches instead.
+ description: JSON 6902 patches, defined as inline YAML objects.
items:
description: JSON6902Patch contains a JSON6902 patch and
the target the patch should be applied to.
description: Patch contains the JSON6902 patch document
with an array of operation objects.
items:
- description: |-
- JSON6902 is a JSON6902 operation object.
+ description: JSON6902 is a JSON6902 operation object.
https://datatracker.ietf.org/doc/html/rfc6902#section-4
properties:
from:
- description: |-
- From contains a JSON-pointer value that references a location within the target document where the operation is
- performed. The meaning of the value depends on the value of Op, and is NOT taken into account by all operations.
+ description: From contains a JSON-pointer value
+ that references a location within the target
+ document where the operation is performed.
+ The meaning of the value depends on the value
+ of Op, and is NOT taken into account by all
+ operations.
type: string
op:
- description: |-
- Op indicates the operation to perform. Its value MUST be one of "add", "remove", "replace", "move", "copy", or
- "test".
- https://datatracker.ietf.org/doc/html/rfc6902#section-4
+ description: Op indicates the operation to perform.
+ Its value MUST be one of "add", "remove",
+ "replace", "move", "copy", or "test". https://datatracker.ietf.org/doc/html/rfc6902#section-4
enum:
- test
- remove
- copy
type: string
path:
- description: |-
- Path contains the JSON-pointer value that references a location within the target document where the operation
- is performed. The meaning of the value depends on the value of Op.
+ description: Path contains the JSON-pointer
+ value that references a location within the
+ target document where the operation is performed.
+ The meaning of the value depends on the value
+ of Op.
type: string
value:
- description: |-
- Value contains a valid JSON structure. The meaning of the value depends on the value of Op, and is NOT taken into
- account by all operations.
+ description: Value contains a valid JSON structure.
+ The meaning of the value depends on the value
+ of Op, and is NOT taken into account by all
+ operations.
x-kubernetes-preserve-unknown-fields: true
required:
- op
patch document should be applied to.
properties:
annotationSelector:
- description: |-
- AnnotationSelector is a string that follows the label selection expression
- https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#api
+ description: AnnotationSelector is a string that
+ follows the label selection expression https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#api
It matches with the resource annotations.
type: string
group:
- description: |-
- Group is the API group to select resources from.
- Together with Version and Kind it is capable of unambiguously identifying and/or selecting resources.
- https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md
+ description: Group is the API group to select
+ resources from. Together with Version and Kind
+ it is capable of unambiguously identifying and/or
+ selecting resources. https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md
type: string
kind:
- description: |-
- Kind of the API Group to select resources from.
- Together with Group and Version it is capable of unambiguously
- identifying and/or selecting resources.
- https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md
+ description: Kind of the API Group to select resources
+ from. Together with Group and Version it is
+ capable of unambiguously identifying and/or
+ selecting resources. https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md
type: string
labelSelector:
- description: |-
- LabelSelector is a string that follows the label selection expression
- https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#api
+ description: LabelSelector is a string that follows
+ the label selection expression https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#api
It matches with the resource labels.
type: string
name:
description: Namespace to select resources from.
type: string
version:
- description: |-
- Version of the API Group to select resources from.
- Together with Group and Kind it is capable of unambiguously identifying and/or selecting resources.
- https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md
+ description: Version of the API Group to select
+ resources from. Together with Group and Kind
+ it is capable of unambiguously identifying and/or
+ selecting resources. https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md
type: string
type: object
required:
type: object
type: array
patchesStrategicMerge:
- description: |-
- Strategic merge patches, defined as inline YAML objects.
- Deprecated: use Patches instead.
+ description: Strategic merge patches, defined as inline
+ YAML objects.
items:
x-kubernetes-preserve-unknown-fields: true
type: array
type: object
type: array
releaseName:
- description: |-
- ReleaseName used for the Helm release. Defaults to a composition of
- '[TargetNamespace-]Name'.
+ description: ReleaseName used for the Helm release. Defaults to a
+ composition of '[TargetNamespace-]Name'.
maxLength: 53
minLength: 1
type: string
for this HelmRelease.
properties:
cleanupOnFail:
- description: |-
- CleanupOnFail allows deletion of new resources created during the Helm
- rollback action when it fails.
+ description: CleanupOnFail allows deletion of new resources created
+ during the Helm rollback action when it fails.
type: boolean
disableHooks:
description: DisableHooks prevents hooks from running during the
Helm rollback action.
type: boolean
disableWait:
- description: |-
- DisableWait disables the waiting for resources to be ready after a Helm
- rollback has been performed.
+ description: DisableWait disables the waiting for resources to
+ be ready after a Helm rollback has been performed.
type: boolean
disableWaitForJobs:
- description: |-
- DisableWaitForJobs disables waiting for jobs to complete after a Helm
- rollback has been performed.
+ description: DisableWaitForJobs disables waiting for jobs to complete
+ after a Helm rollback has been performed.
type: boolean
force:
description: Force forces resource updates through a replacement
applicable.
type: boolean
timeout:
- description: |-
- Timeout is the time to wait for any individual Kubernetes operation (like
- Jobs for hooks) during the performance of a Helm rollback action. Defaults to
- 'HelmReleaseSpec.Timeout'.
+ description: Timeout is the time to wait for any individual Kubernetes
+ operation (like Jobs for hooks) during the performance of a
+ Helm rollback action. Defaults to 'HelmReleaseSpec.Timeout'.
pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$
type: string
type: object
serviceAccountName:
- description: |-
- The name of the Kubernetes service account to impersonate
+ description: The name of the Kubernetes service account to impersonate
when reconciling this HelmRelease.
- maxLength: 253
- minLength: 1
type: string
storageNamespace:
- description: |-
- StorageNamespace used for the Helm storage.
- Defaults to the namespace of the HelmRelease.
+ description: StorageNamespace used for the Helm storage. Defaults
+ to the namespace of the HelmRelease.
maxLength: 63
minLength: 1
type: string
suspend:
- description: |-
- Suspend tells the controller to suspend reconciliation for this HelmRelease,
- it does not apply to already started reconciliations. Defaults to false.
+ description: Suspend tells the controller to suspend reconciliation
+ for this HelmRelease, it does not apply to already started reconciliations.
+ Defaults to false.
type: boolean
targetNamespace:
- description: |-
- TargetNamespace to target when performing operations for the HelmRelease.
- Defaults to the namespace of the HelmRelease.
+ description: TargetNamespace to target when performing operations
+ for the HelmRelease. Defaults to the namespace of the HelmRelease.
maxLength: 63
minLength: 1
type: string
this HelmRelease.
properties:
enable:
- description: |-
- Enable enables Helm test actions for this HelmRelease after an Helm install
- or upgrade action has been performed.
+ description: Enable enables Helm test actions for this HelmRelease
+ after an Helm install or upgrade action has been performed.
type: boolean
- filters:
- description: Filters is a list of tests to run or exclude from
- running.
- items:
- description: Filter holds the configuration for individual Helm
- test filters.
- properties:
- exclude:
- description: Exclude specifies whether the named test should
- be excluded.
- type: boolean
- name:
- description: Name is the name of the test.
- maxLength: 253
- minLength: 1
- type: string
- required:
- - name
- type: object
- type: array
ignoreFailures:
- description: |-
- IgnoreFailures tells the controller to skip remediation when the Helm tests
- are run but fail. Can be overwritten for tests run after install or upgrade
- actions in 'Install.IgnoreTestFailures' and 'Upgrade.IgnoreTestFailures'.
+ description: IgnoreFailures tells the controller to skip remediation
+ when the Helm tests are run but fail. Can be overwritten for
+ tests run after install or upgrade actions in 'Install.IgnoreTestFailures'
+ and 'Upgrade.IgnoreTestFailures'.
type: boolean
timeout:
- description: |-
- Timeout is the time to wait for any individual Kubernetes operation during
- the performance of a Helm test action. Defaults to 'HelmReleaseSpec.Timeout'.
+ description: Timeout is the time to wait for any individual Kubernetes
+ operation during the performance of a Helm test action. Defaults
+ to 'HelmReleaseSpec.Timeout'.
pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$
type: string
type: object
timeout:
- description: |-
- Timeout is the time to wait for any individual Kubernetes operation (like Jobs
- for hooks) during the performance of a Helm action. Defaults to '5m0s'.
+ description: Timeout is the time to wait for any individual Kubernetes
+ operation (like Jobs for hooks) during the performance of a Helm
+ action. Defaults to '5m0s'.
pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$
type: string
uninstall:
properties:
deletionPropagation:
default: background
- description: |-
- DeletionPropagation specifies the deletion propagation policy when
- a Helm uninstall is performed.
+ description: DeletionPropagation specifies the deletion propagation
+ policy when a Helm uninstall is performed.
enum:
- background
- foreground
Helm rollback action.
type: boolean
disableWait:
- description: |-
- DisableWait disables waiting for all the resources to be deleted after
- a Helm uninstall is performed.
+ description: DisableWait disables waiting for all the resources
+ to be deleted after a Helm uninstall is performed.
type: boolean
keepHistory:
- description: |-
- KeepHistory tells Helm to remove all associated resources and mark the
- release as deleted, but retain the release history.
+ description: KeepHistory tells Helm to remove all associated resources
+ and mark the release as deleted, but retain the release history.
type: boolean
timeout:
- description: |-
- Timeout is the time to wait for any individual Kubernetes operation (like
- Jobs for hooks) during the performance of a Helm uninstall action. Defaults
- to 'HelmReleaseSpec.Timeout'.
+ description: Timeout is the time to wait for any individual Kubernetes
+ operation (like Jobs for hooks) during the performance of a
+ Helm uninstall action. Defaults to 'HelmReleaseSpec.Timeout'.
pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$
type: string
type: object
for this HelmRelease.
properties:
cleanupOnFail:
- description: |-
- CleanupOnFail allows deletion of new resources created during the Helm
- upgrade action when it fails.
+ description: CleanupOnFail allows deletion of new resources created
+ during the Helm upgrade action when it fails.
type: boolean
crds:
- description: |-
- CRDs upgrade CRDs from the Helm Chart's crds directory according
- to the CRD upgrade policy provided here. Valid values are `Skip`,
- `Create` or `CreateReplace`. Default is `Skip` and if omitted
- CRDs are neither installed nor upgraded.
-
- Skip: do neither install nor replace (update) any CRDs.
-
- Create: new CRDs are created, existing CRDs are neither updated nor deleted.
-
- CreateReplace: new CRDs are created, existing CRDs are updated (replaced)
- but not deleted.
-
- By default, CRDs are not applied during Helm upgrade action. With this
- option users can opt-in to CRD upgrade, which is not (yet) natively supported by Helm.
- https://helm.sh/docs/chart_best_practices/custom_resource_definitions.
+ description: "CRDs upgrade CRDs from the Helm Chart's crds directory
+ according to the CRD upgrade policy provided here. Valid values
+ are `Skip`, `Create` or `CreateReplace`. Default is `Skip` and
+ if omitted CRDs are neither installed nor upgraded. \n Skip:
+ do neither install nor replace (update) any CRDs. \n Create:
+ new CRDs are created, existing CRDs are neither updated nor
+ deleted. \n CreateReplace: new CRDs are created, existing CRDs
+ are updated (replaced) but not deleted. \n By default, CRDs
+ are not applied during Helm upgrade action. With this option
+ users can opt-in to CRD upgrade, which is not (yet) natively
+ supported by Helm. https://helm.sh/docs/chart_best_practices/custom_resource_definitions."
enum:
- Skip
- Create
Helm upgrade action.
type: boolean
disableOpenAPIValidation:
- description: |-
- DisableOpenAPIValidation prevents the Helm upgrade action from validating
- rendered templates against the Kubernetes OpenAPI Schema.
+ description: DisableOpenAPIValidation prevents the Helm upgrade
+ action from validating rendered templates against the Kubernetes
+ OpenAPI Schema.
type: boolean
disableWait:
- description: |-
- DisableWait disables the waiting for resources to be ready after a Helm
- upgrade has been performed.
+ description: DisableWait disables the waiting for resources to
+ be ready after a Helm upgrade has been performed.
type: boolean
disableWaitForJobs:
- description: |-
- DisableWaitForJobs disables waiting for jobs to complete after a Helm
- upgrade has been performed.
+ description: DisableWaitForJobs disables waiting for jobs to complete
+ after a Helm upgrade has been performed.
type: boolean
force:
description: Force forces resource updates through a replacement
strategy.
type: boolean
preserveValues:
- description: |-
- PreserveValues will make Helm reuse the last release's values and merge in
- overrides from 'Values'. Setting this flag makes the HelmRelease
- non-declarative.
+ description: PreserveValues will make Helm reuse the last release's
+ values and merge in overrides from 'Values'. Setting this flag
+ makes the HelmRelease non-declarative.
type: boolean
remediation:
- description: |-
- Remediation holds the remediation configuration for when the Helm upgrade
- action for the HelmRelease fails. The default is to not perform any action.
+ description: Remediation holds the remediation configuration for
+ when the Helm upgrade action for the HelmRelease fails. The
+ default is to not perform any action.
properties:
ignoreTestFailures:
- description: |-
- IgnoreTestFailures tells the controller to skip remediation when the Helm
- tests are run after an upgrade action but fail.
- Defaults to 'Test.IgnoreFailures'.
+ description: IgnoreTestFailures tells the controller to skip
+ remediation when the Helm tests are run after an upgrade
+ action but fail. Defaults to 'Test.IgnoreFailures'.
type: boolean
remediateLastFailure:
- description: |-
- RemediateLastFailure tells the controller to remediate the last failure, when
- no retries remain. Defaults to 'false' unless 'Retries' is greater than 0.
+ description: RemediateLastFailure tells the controller to
+ remediate the last failure, when no retries remain. Defaults
+ to 'false' unless 'Retries' is greater than 0.
type: boolean
retries:
- description: |-
- Retries is the number of retries that should be attempted on failures before
- bailing. Remediation, using 'Strategy', is performed between each attempt.
- Defaults to '0', a negative integer equals to unlimited retries.
+ description: Retries is the number of retries that should
+ be attempted on failures before bailing. Remediation, using
+ 'Strategy', is performed between each attempt. Defaults
+ to '0', a negative integer equals to unlimited retries.
type: integer
strategy:
description: Strategy to use for failure remediation. Defaults
type: string
type: object
timeout:
- description: |-
- Timeout is the time to wait for any individual Kubernetes operation (like
- Jobs for hooks) during the performance of a Helm upgrade action. Defaults to
- 'HelmReleaseSpec.Timeout'.
+ description: Timeout is the time to wait for any individual Kubernetes
+ operation (like Jobs for hooks) during the performance of a
+ Helm upgrade action. Defaults to 'HelmReleaseSpec.Timeout'.
pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$
type: string
type: object
description: Values holds the values for this Helm release.
x-kubernetes-preserve-unknown-fields: true
valuesFrom:
- description: |-
- ValuesFrom holds references to resources containing Helm values for this HelmRelease,
- and information about how they should be merged.
+ description: ValuesFrom holds references to resources containing Helm
+ values for this HelmRelease, and information about how they should
+ be merged.
items:
- description: |-
- ValuesReference contains a reference to a resource containing Helm values,
- and optionally the key they can be found at.
+ description: ValuesReference contains a reference to a resource
+ containing Helm values, and optionally the key they can be found
+ at.
properties:
kind:
description: Kind of the values referent, valid values are ('Secret',
- ConfigMap
type: string
name:
- description: |-
- Name of the values referent. Should reside in the same namespace as the
- referring resource.
+ description: Name of the values referent. Should reside in the
+ same namespace as the referring resource.
maxLength: 253
minLength: 1
type: string
optional:
- description: |-
- Optional marks this ValuesReference as optional. When set, a not found error
- for the values reference is ignored, but any ValuesKey, TargetPath or
- transient error will still result in a reconciliation failure.
+ description: Optional marks this ValuesReference as optional.
+ When set, a not found error for the values reference is ignored,
+ but any ValuesKey, TargetPath or transient error will still
+ result in a reconciliation failure.
type: boolean
targetPath:
- description: |-
- TargetPath is the YAML dot notation path the value should be merged at. When
- set, the ValuesKey is expected to be a single flat value. Defaults to 'None',
- which results in the values getting merged at the root.
+ description: TargetPath is the YAML dot notation path the value
+ should be merged at. When set, the ValuesKey is expected to
+ be a single flat value. Defaults to 'None', which results
+ in the values getting merged at the root.
maxLength: 250
pattern: ^([a-zA-Z0-9_\-.\\\/]|\[[0-9]{1,5}\])+$
type: string
valuesKey:
- description: |-
- ValuesKey is the data key where the values.yaml or a specific value can be
- found at. Defaults to 'values.yaml'.
+ description: ValuesKey is the data key where the values.yaml
+ or a specific value can be found at. Defaults to 'values.yaml'.
+ When set, must be a valid Data Key, consisting of alphanumeric
+ characters, '-', '_' or '.'.
maxLength: 253
pattern: ^[\-._a-zA-Z0-9]+$
type: string
type: object
type: array
required:
+ - chart
- interval
type: object
- x-kubernetes-validations:
- - message: either chart or chartRef must be set
- rule: (has(self.chart) && !has(self.chartRef)) || (!has(self.chart)
- && has(self.chartRef))
status:
default:
observedGeneration: -1
conditions:
description: Conditions holds the conditions for the HelmRelease.
items:
- description: Condition contains details for one aspect of the current
- state of this API Resource.
+ description: "Condition contains details for one aspect of the current
+ state of this API Resource. --- This struct is intended for direct
+ use as an array at the field path .status.conditions. For example,
+ \n type FooStatus struct{ // Represents the observations of a
+ foo's current state. // Known .status.conditions.type are: \"Available\",
+ \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge
+ // +listType=map // +listMapKey=type Conditions []metav1.Condition
+ `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\"
+ protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }"
properties:
lastTransitionTime:
- description: |-
- lastTransitionTime is the last time the condition transitioned from one status to another.
- This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable.
+ description: lastTransitionTime is the last time the condition
+ transitioned from one status to another. This should be when
+ the underlying condition changed. If that is not known, then
+ using the time when the API field changed is acceptable.
format: date-time
type: string
message:
- description: |-
- message is a human readable message indicating details about the transition.
- This may be an empty string.
+ description: message is a human readable message indicating
+ details about the transition. This may be an empty string.
maxLength: 32768
type: string
observedGeneration:
- description: |-
- observedGeneration represents the .metadata.generation that the condition was set based upon.
- For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date
- with respect to the current state of the instance.
+ description: observedGeneration represents the .metadata.generation
+ that the condition was set based upon. For instance, if .metadata.generation
+ is currently 12, but the .status.conditions[x].observedGeneration
+ is 9, the condition is out of date with respect to the current
+ state of the instance.
format: int64
minimum: 0
type: integer
reason:
- description: |-
- reason contains a programmatic identifier indicating the reason for the condition's last transition.
- Producers of specific condition types may define expected values and meanings for this field,
- and whether the values are considered a guaranteed API.
- The value should be a CamelCase string.
+ description: reason contains a programmatic identifier indicating
+ the reason for the condition's last transition. Producers
+ of specific condition types may define expected values and
+ meanings for this field, and whether the values are considered
+ a guaranteed API. The value should be a CamelCase string.
This field may not be empty.
maxLength: 1024
minLength: 1
- Unknown
type: string
type:
- description: type of condition in CamelCase or in foo.example.com/CamelCase.
- maxLength: 316
- pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$
- type: string
- required:
- - lastTransitionTime
- - message
- - reason
- - status
- - type
- type: object
- type: array
- failures:
- description: |-
- Failures is the reconciliation failure count against the latest desired
- state. It is reset after a successful reconciliation.
- format: int64
- type: integer
- helmChart:
- description: |-
- HelmChart is the namespaced name of the HelmChart resource created by
- the controller for the HelmRelease.
- type: string
- history:
- description: |-
- History holds the history of Helm releases performed for this HelmRelease
- up to the last successfully completed release.
- items:
- description: |-
- Snapshot captures a point-in-time copy of the status information for a Helm release,
- as managed by the controller.
- properties:
- apiVersion:
- description: |-
- APIVersion is the API version of the Snapshot.
- Provisional: when the calculation method of the Digest field is changed,
- this field will be used to distinguish between the old and new methods.
- type: string
- appVersion:
- description: AppVersion is the chart app version of the release
- object in storage.
- type: string
- chartName:
- description: ChartName is the chart name of the release object
- in storage.
- type: string
- chartVersion:
- description: |-
- ChartVersion is the chart version of the release object in
- storage.
- type: string
- configDigest:
- description: |-
- ConfigDigest is the checksum of the config (better known as
- "values") of the release object in storage.
- It has the format of `<algo>:<checksum>`.
- type: string
- deleted:
- description: Deleted is when the release was deleted.
- format: date-time
- type: string
- digest:
- description: |-
- Digest is the checksum of the release object in storage.
- It has the format of `<algo>:<checksum>`.
- type: string
- firstDeployed:
- description: FirstDeployed is when the release was first deployed.
- format: date-time
- type: string
- lastDeployed:
- description: LastDeployed is when the release was last deployed.
- format: date-time
- type: string
- name:
- description: Name is the name of the release.
- type: string
- namespace:
- description: Namespace is the namespace the release is deployed
- to.
- type: string
- ociDigest:
- description: OCIDigest is the digest of the OCI artifact associated
- with the release.
- type: string
- status:
- description: Status is the current state of the release.
+ description: type of condition in CamelCase or in foo.example.com/CamelCase.
+ --- Many .condition.type values are consistent across resources
+ like Available, but because arbitrary conditions can be useful
+ (see .node.status.conditions), the ability to deconflict is
+ important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt)
+ maxLength: 316
+ pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$
type: string
- testHooks:
- additionalProperties:
- description: |-
- TestHookStatus holds the status information for a test hook as observed
- to be run by the controller.
- properties:
- lastCompleted:
- description: LastCompleted is the time the test hook last
- completed.
- format: date-time
- type: string
- lastStarted:
- description: LastStarted is the time the test hook was
- last started.
- format: date-time
- type: string
- phase:
- description: Phase the test hook was observed to be in.
- type: string
- type: object
- description: |-
- TestHooks is the list of test hooks for the release as observed to be
- run by the controller.
- type: object
- version:
- description: Version is the version of the release object in
- storage.
- type: integer
required:
- - chartName
- - chartVersion
- - configDigest
- - digest
- - firstDeployed
- - lastDeployed
- - name
- - namespace
+ - lastTransitionTime
+ - message
+ - reason
- status
- - version
+ - type
type: object
type: array
- installFailures:
- description: |-
- InstallFailures is the install failure count against the latest desired
- state. It is reset after a successful reconciliation.
+ failures:
+ description: Failures is the reconciliation failure count against
+ the latest desired state. It is reset after a successful reconciliation.
format: int64
type: integer
- lastAppliedRevision:
- description: |-
- LastAppliedRevision is the revision of the last successfully applied
- source.
- Deprecated: the revision can now be found in the History.
- type: string
- lastAttemptedConfigDigest:
- description: |-
- LastAttemptedConfigDigest is the digest for the config (better known as
- "values") of the last reconciliation attempt.
- type: string
- lastAttemptedGeneration:
- description: |-
- LastAttemptedGeneration is the last generation the controller attempted
- to reconcile.
+ helmChart:
+ description: HelmChart is the namespaced name of the HelmChart resource
+ created by the controller for the HelmRelease.
+ type: string
+ installFailures:
+ description: InstallFailures is the install failure count against
+ the latest desired state. It is reset after a successful reconciliation.
format: int64
type: integer
- lastAttemptedReleaseAction:
- description: |-
- LastAttemptedReleaseAction is the last release action performed for this
- HelmRelease. It is used to determine the active remediation strategy.
- enum:
- - install
- - upgrade
+ lastAppliedRevision:
+ description: LastAppliedRevision is the revision of the last successfully
+ applied source.
type: string
lastAttemptedRevision:
- description: |-
- LastAttemptedRevision is the Source revision of the last reconciliation
- attempt. For OCIRepository sources, the 12 first characters of the digest are
- appended to the chart version e.g. "1.2.3+1234567890ab".
- type: string
- lastAttemptedRevisionDigest:
- description: |-
- LastAttemptedRevisionDigest is the digest of the last reconciliation attempt.
- This is only set for OCIRepository sources.
+ description: LastAttemptedRevision is the revision of the last reconciliation
+ attempt.
type: string
lastAttemptedValuesChecksum:
- description: |-
- LastAttemptedValuesChecksum is the SHA1 checksum for the values of the last
- reconciliation attempt.
- Deprecated: Use LastAttemptedConfigDigest instead.
- type: string
- lastHandledForceAt:
- description: |-
- LastHandledForceAt holds the value of the most recent force request
- value, so a change of the annotation value can be detected.
+ description: LastAttemptedValuesChecksum is the SHA1 checksum of the
+ values of the last reconciliation attempt.
type: string
lastHandledReconcileAt:
- description: |-
- LastHandledReconcileAt holds the value of the most recent
- reconcile request value, so a change of the annotation value
- can be detected.
- type: string
- lastHandledResetAt:
- description: |-
- LastHandledResetAt holds the value of the most recent reset request
- value, so a change of the annotation value can be detected.
+ description: LastHandledReconcileAt holds the value of the most recent
+ reconcile request value, so a change of the annotation value can
+ be detected.
type: string
lastReleaseRevision:
- description: |-
- LastReleaseRevision is the revision of the last successful Helm release.
- Deprecated: Use History instead.
+ description: LastReleaseRevision is the revision of the last successful
+ Helm release.
type: integer
observedGeneration:
description: ObservedGeneration is the last observed generation.
format: int64
type: integer
- observedPostRenderersDigest:
- description: |-
- ObservedPostRenderersDigest is the digest for the post-renderers of
- the last successful reconciliation attempt.
- type: string
- storageNamespace:
- description: |-
- StorageNamespace is the namespace of the Helm release storage for the
- current release.
- maxLength: 63
- minLength: 1
- type: string
upgradeFailures:
- description: |-
- UpgradeFailures is the upgrade failure count against the latest desired
- state. It is reset after a successful reconciliation.
+ description: UpgradeFailures is the upgrade failure count against
+ the latest desired state. It is reset after a successful reconciliation.
format: int64
type: integer
type: object
type: object
served: true
- storage: false
+ storage: true
subresources:
status: {}
---
app.kubernetes.io/component: helm-controller
app.kubernetes.io/instance: flux-system
app.kubernetes.io/part-of: flux
- app.kubernetes.io/version: v2.4.0
+ app.kubernetes.io/version: v2.1.2
name: helm-controller
namespace: flux-system
---
app.kubernetes.io/component: helm-controller
app.kubernetes.io/instance: flux-system
app.kubernetes.io/part-of: flux
- app.kubernetes.io/version: v2.4.0
+ app.kubernetes.io/version: v2.1.2
control-plane: controller
name: helm-controller
namespace: flux-system
valueFrom:
fieldRef:
fieldPath: metadata.namespace
- - name: GOMAXPROCS
- valueFrom:
- resourceFieldRef:
- containerName: manager
- resource: limits.cpu
- - name: GOMEMLIMIT
- valueFrom:
- resourceFieldRef:
- containerName: manager
- resource: limits.memory
- image: ghcr.io/fluxcd/helm-controller:v1.1.0
+ image: ghcr.io/fluxcd/helm-controller:v0.36.2
imagePullPolicy: IfNotPresent
livenessProbe:
httpGet:
kind: CustomResourceDefinition
metadata:
annotations:
- controller-gen.kubebuilder.io/version: v0.16.1
+ controller-gen.kubebuilder.io/version: v0.12.0
labels:
app.kubernetes.io/component: notification-controller
app.kubernetes.io/instance: flux-system
app.kubernetes.io/part-of: flux
- app.kubernetes.io/version: v2.4.0
+ app.kubernetes.io/version: v2.1.2
name: alerts.notification.toolkit.fluxcd.io
spec:
group: notification.toolkit.fluxcd.io
- jsonPath: .status.conditions[?(@.type=="Ready")].message
name: Status
type: string
- deprecated: true
- deprecationWarning: v1beta1 Alert is deprecated, upgrade to v1beta3
name: v1beta1
schema:
openAPIV3Schema:
description: Alert is the Schema for the alerts API
properties:
apiVersion:
- description: |-
- APIVersion defines the versioned schema of this representation of an object.
- Servers should convert recognized schemas to the latest internal value, and
- may reject unrecognized values.
- More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
+ description: 'APIVersion defines the versioned schema of this representation
+ of an object. Servers should convert recognized schemas to the latest
+ internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
type: string
kind:
- description: |-
- Kind is a string value representing the REST resource this object represents.
- Servers may infer this from the endpoint the client submits requests to.
- Cannot be updated.
- In CamelCase.
- More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
+ description: 'Kind is a string value representing the REST resource this
+ object represents. Servers may infer this from the endpoint the client
+ submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
type: string
metadata:
type: object
properties:
eventSeverity:
default: info
- description: |-
- Filter events based on severity, defaults to ('info').
+ description: Filter events based on severity, defaults to ('info').
If set to 'info' no events will be filtered.
enum:
- info
eventSources:
description: Filter events based on the involved objects.
items:
- description: |-
- CrossNamespaceObjectReference contains enough information to let you locate the
- typed referenced object at cluster level
+ description: CrossNamespaceObjectReference contains enough information
+ to let you locate the typed referenced object at cluster level
properties:
apiVersion:
description: API version of the referent
matchLabels:
additionalProperties:
type: string
- description: |-
- MatchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels
- map is equivalent to an element of matchExpressions, whose key field is "key", the
- operator is "In", and the values array contains only "value". The requirements are ANDed.
+ description: MatchLabels is a map of {key,value} pairs. A single
+ {key,value} in the matchLabels map is equivalent to an element
+ of matchExpressions, whose key field is "key", the operator
+ is "In", and the values array contains only "value". The requirements
+ are ANDed.
type: object
name:
description: Name of the referent
minLength: 1
type: string
required:
- - kind
- name
type: object
type: array
description: Short description of the impact and affected cluster.
type: string
suspend:
- description: |-
- This flag tells the controller to suspend subsequent events dispatching.
- Defaults to false.
+ description: This flag tells the controller to suspend subsequent
+ events dispatching. Defaults to false.
type: boolean
required:
- eventSources
properties:
conditions:
items:
- description: Condition contains details for one aspect of the current
- state of this API Resource.
+ description: "Condition contains details for one aspect of the current
+ state of this API Resource. --- This struct is intended for direct
+ use as an array at the field path .status.conditions. For example,
+ \n type FooStatus struct{ // Represents the observations of a
+ foo's current state. // Known .status.conditions.type are: \"Available\",
+ \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge
+ // +listType=map // +listMapKey=type Conditions []metav1.Condition
+ `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\"
+ protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }"
properties:
lastTransitionTime:
- description: |-
- lastTransitionTime is the last time the condition transitioned from one status to another.
- This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable.
+ description: lastTransitionTime is the last time the condition
+ transitioned from one status to another. This should be when
+ the underlying condition changed. If that is not known, then
+ using the time when the API field changed is acceptable.
format: date-time
type: string
message:
- description: |-
- message is a human readable message indicating details about the transition.
- This may be an empty string.
+ description: message is a human readable message indicating
+ details about the transition. This may be an empty string.
maxLength: 32768
type: string
observedGeneration:
- description: |-
- observedGeneration represents the .metadata.generation that the condition was set based upon.
- For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date
- with respect to the current state of the instance.
+ description: observedGeneration represents the .metadata.generation
+ that the condition was set based upon. For instance, if .metadata.generation
+ is currently 12, but the .status.conditions[x].observedGeneration
+ is 9, the condition is out of date with respect to the current
+ state of the instance.
format: int64
minimum: 0
type: integer
reason:
- description: |-
- reason contains a programmatic identifier indicating the reason for the condition's last transition.
- Producers of specific condition types may define expected values and meanings for this field,
- and whether the values are considered a guaranteed API.
- The value should be a CamelCase string.
+ description: reason contains a programmatic identifier indicating
+ the reason for the condition's last transition. Producers
+ of specific condition types may define expected values and
+ meanings for this field, and whether the values are considered
+ a guaranteed API. The value should be a CamelCase string.
This field may not be empty.
maxLength: 1024
minLength: 1
type: string
type:
description: type of condition in CamelCase or in foo.example.com/CamelCase.
+ --- Many .condition.type values are consistent across resources
+ like Available, but because arbitrary conditions can be useful
+ (see .node.status.conditions), the ability to deconflict is
+ important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt)
maxLength: 316
pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$
type: string
- jsonPath: .status.conditions[?(@.type=="Ready")].message
name: Status
type: string
- deprecated: true
- deprecationWarning: v1beta2 Alert is deprecated, upgrade to v1beta3
name: v1beta2
schema:
openAPIV3Schema:
description: Alert is the Schema for the alerts API
properties:
apiVersion:
- description: |-
- APIVersion defines the versioned schema of this representation of an object.
- Servers should convert recognized schemas to the latest internal value, and
- may reject unrecognized values.
- More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
+ description: 'APIVersion defines the versioned schema of this representation
+ of an object. Servers should convert recognized schemas to the latest
+ internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
type: string
kind:
- description: |-
- Kind is a string value representing the REST resource this object represents.
- Servers may infer this from the endpoint the client submits requests to.
- Cannot be updated.
- In CamelCase.
- More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
+ description: 'Kind is a string value representing the REST resource this
+ object represents. Servers may infer this from the endpoint the client
+ submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
type: string
metadata:
type: object
eventMetadata:
additionalProperties:
type: string
- description: |-
- EventMetadata is an optional field for adding metadata to events dispatched by the
- controller. This can be used for enhancing the context of the event. If a field
- would override one already present on the original event as generated by the emitter,
- then the override doesn't happen, i.e. the original value is preserved, and an info
- log is printed.
+ description: EventMetadata is an optional field for adding metadata
+ to events dispatched by the controller. This can be used for enhancing
+ the context of the event. If a field would override one already
+ present on the original event as generated by the emitter, then
+ the override doesn't happen, i.e. the original value is preserved,
+ and an info log is printed.
type: object
eventSeverity:
default: info
- description: |-
- EventSeverity specifies how to filter events based on severity.
- If set to 'info' no events will be filtered.
+ description: EventSeverity specifies how to filter events based on
+ severity. If set to 'info' no events will be filtered.
enum:
- info
- error
type: string
eventSources:
- description: |-
- EventSources specifies how to filter events based
- on the involved object kind, name and namespace.
+ description: EventSources specifies how to filter events based on
+ the involved object kind, name and namespace.
items:
- description: |-
- CrossNamespaceObjectReference contains enough information to let you locate the
- typed referenced object at cluster level
+ description: CrossNamespaceObjectReference contains enough information
+ to let you locate the typed referenced object at cluster level
properties:
apiVersion:
description: API version of the referent
matchLabels:
additionalProperties:
type: string
- description: |-
- MatchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels
- map is equivalent to an element of matchExpressions, whose key field is "key", the
- operator is "In", and the values array contains only "value". The requirements are ANDed.
- MatchLabels requires the name to be set to `*`.
+ description: MatchLabels is a map of {key,value} pairs. A single
+ {key,value} in the matchLabels map is equivalent to an element
+ of matchExpressions, whose key field is "key", the operator
+ is "In", and the values array contains only "value". The requirements
+ are ANDed. MatchLabels requires the name to be set to `*`.
type: object
name:
- description: |-
- Name of the referent
- If multiple resources are targeted `*` may be set.
+ description: Name of the referent If multiple resources are
+ targeted `*` may be set.
maxLength: 53
minLength: 1
type: string
type: object
type: array
exclusionList:
- description: |-
- ExclusionList specifies a list of Golang regular expressions
+ description: ExclusionList specifies a list of Golang regular expressions
to be used for excluding messages.
items:
type: string
type: array
inclusionList:
- description: |-
- InclusionList specifies a list of Golang regular expressions
+ description: InclusionList specifies a list of Golang regular expressions
to be used for including messages.
items:
type: string
maxLength: 255
type: string
suspend:
- description: |-
- Suspend tells the controller to suspend subsequent
- events handling for this Alert.
+ description: Suspend tells the controller to suspend subsequent events
+ handling for this Alert.
type: boolean
required:
- eventSources
conditions:
description: Conditions holds the conditions for the Alert.
items:
- description: Condition contains details for one aspect of the current
- state of this API Resource.
+ description: "Condition contains details for one aspect of the current
+ state of this API Resource. --- This struct is intended for direct
+ use as an array at the field path .status.conditions. For example,
+ \n type FooStatus struct{ // Represents the observations of a
+ foo's current state. // Known .status.conditions.type are: \"Available\",
+ \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge
+ // +listType=map // +listMapKey=type Conditions []metav1.Condition
+ `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\"
+ protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }"
properties:
lastTransitionTime:
- description: |-
- lastTransitionTime is the last time the condition transitioned from one status to another.
- This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable.
+ description: lastTransitionTime is the last time the condition
+ transitioned from one status to another. This should be when
+ the underlying condition changed. If that is not known, then
+ using the time when the API field changed is acceptable.
format: date-time
type: string
message:
- description: |-
- message is a human readable message indicating details about the transition.
- This may be an empty string.
+ description: message is a human readable message indicating
+ details about the transition. This may be an empty string.
maxLength: 32768
type: string
observedGeneration:
- description: |-
- observedGeneration represents the .metadata.generation that the condition was set based upon.
- For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date
- with respect to the current state of the instance.
+ description: observedGeneration represents the .metadata.generation
+ that the condition was set based upon. For instance, if .metadata.generation
+ is currently 12, but the .status.conditions[x].observedGeneration
+ is 9, the condition is out of date with respect to the current
+ state of the instance.
format: int64
minimum: 0
type: integer
reason:
- description: |-
- reason contains a programmatic identifier indicating the reason for the condition's last transition.
- Producers of specific condition types may define expected values and meanings for this field,
- and whether the values are considered a guaranteed API.
- The value should be a CamelCase string.
+ description: reason contains a programmatic identifier indicating
+ the reason for the condition's last transition. Producers
+ of specific condition types may define expected values and
+ meanings for this field, and whether the values are considered
+ a guaranteed API. The value should be a CamelCase string.
This field may not be empty.
maxLength: 1024
minLength: 1
type: string
type:
description: type of condition in CamelCase or in foo.example.com/CamelCase.
+ --- Many .condition.type values are consistent across resources
+ like Available, but because arbitrary conditions can be useful
+ (see .node.status.conditions), the ability to deconflict is
+ important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt)
maxLength: 316
pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$
type: string
type: object
type: array
lastHandledReconcileAt:
- description: |-
- LastHandledReconcileAt holds the value of the most recent
- reconcile request value, so a change of the annotation value
- can be detected.
+ description: LastHandledReconcileAt holds the value of the most recent
+ reconcile request value, so a change of the annotation value can
+ be detected.
type: string
observedGeneration:
description: ObservedGeneration is the last observed generation.
type: object
type: object
served: true
- storage: false
+ storage: true
subresources:
status: {}
- - additionalPrinterColumns:
- - jsonPath: .metadata.creationTimestamp
- name: Age
- type: date
- name: v1beta3
- schema:
- openAPIV3Schema:
- description: Alert is the Schema for the alerts API
- properties:
- apiVersion:
- description: |-
- APIVersion defines the versioned schema of this representation of an object.
- Servers should convert recognized schemas to the latest internal value, and
- may reject unrecognized values.
- More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
- type: string
- kind:
- description: |-
- Kind is a string value representing the REST resource this object represents.
- Servers may infer this from the endpoint the client submits requests to.
- Cannot be updated.
- In CamelCase.
- More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
- type: string
- metadata:
- type: object
- spec:
- description: AlertSpec defines an alerting rule for events involving a
- list of objects.
- properties:
- eventMetadata:
- additionalProperties:
- type: string
- description: |-
- EventMetadata is an optional field for adding metadata to events dispatched by the
- controller. This can be used for enhancing the context of the event. If a field
- would override one already present on the original event as generated by the emitter,
- then the override doesn't happen, i.e. the original value is preserved, and an info
- log is printed.
- type: object
- eventSeverity:
- default: info
- description: |-
- EventSeverity specifies how to filter events based on severity.
- If set to 'info' no events will be filtered.
- enum:
- - info
- - error
- type: string
- eventSources:
- description: |-
- EventSources specifies how to filter events based
- on the involved object kind, name and namespace.
- items:
- description: |-
- CrossNamespaceObjectReference contains enough information to let you locate the
- typed referenced object at cluster level
- properties:
- apiVersion:
- description: API version of the referent
- type: string
- kind:
- description: Kind of the referent
- enum:
- - Bucket
- - GitRepository
- - Kustomization
- - HelmRelease
- - HelmChart
- - HelmRepository
- - ImageRepository
- - ImagePolicy
- - ImageUpdateAutomation
- - OCIRepository
- type: string
- matchLabels:
- additionalProperties:
- type: string
- description: |-
- MatchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels
- map is equivalent to an element of matchExpressions, whose key field is "key", the
- operator is "In", and the values array contains only "value". The requirements are ANDed.
- MatchLabels requires the name to be set to `*`.
- type: object
- name:
- description: |-
- Name of the referent
- If multiple resources are targeted `*` may be set.
- maxLength: 53
- minLength: 1
- type: string
- namespace:
- description: Namespace of the referent
- maxLength: 53
- minLength: 1
- type: string
- required:
- - kind
- - name
- type: object
- type: array
- exclusionList:
- description: |-
- ExclusionList specifies a list of Golang regular expressions
- to be used for excluding messages.
- items:
- type: string
- type: array
- inclusionList:
- description: |-
- InclusionList specifies a list of Golang regular expressions
- to be used for including messages.
- items:
- type: string
- type: array
- providerRef:
- description: ProviderRef specifies which Provider this Alert should
- use.
- properties:
- name:
- description: Name of the referent.
- type: string
- required:
- - name
- type: object
- summary:
- description: Summary holds a short description of the impact and affected
- cluster.
- maxLength: 255
- type: string
- suspend:
- description: |-
- Suspend tells the controller to suspend subsequent
- events handling for this Alert.
- type: boolean
- required:
- - eventSources
- - providerRef
- type: object
- type: object
- served: true
- storage: true
- subresources: {}
---
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
annotations:
- controller-gen.kubebuilder.io/version: v0.16.1
+ controller-gen.kubebuilder.io/version: v0.12.0
labels:
app.kubernetes.io/component: notification-controller
app.kubernetes.io/instance: flux-system
app.kubernetes.io/part-of: flux
- app.kubernetes.io/version: v2.4.0
+ app.kubernetes.io/version: v2.1.2
name: providers.notification.toolkit.fluxcd.io
spec:
group: notification.toolkit.fluxcd.io
- jsonPath: .status.conditions[?(@.type=="Ready")].message
name: Status
type: string
- deprecated: true
- deprecationWarning: v1beta1 Provider is deprecated, upgrade to v1beta3
name: v1beta1
schema:
openAPIV3Schema:
description: Provider is the Schema for the providers API
properties:
apiVersion:
- description: |-
- APIVersion defines the versioned schema of this representation of an object.
- Servers should convert recognized schemas to the latest internal value, and
- may reject unrecognized values.
- More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
+ description: 'APIVersion defines the versioned schema of this representation
+ of an object. Servers should convert recognized schemas to the latest
+ internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
type: string
kind:
- description: |-
- Kind is a string value representing the REST resource this object represents.
- Servers may infer this from the endpoint the client submits requests to.
- Cannot be updated.
- In CamelCase.
- More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
+ description: 'Kind is a string value representing the REST resource this
+ object represents. Servers may infer this from the endpoint the client
+ submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
type: string
metadata:
type: object
pattern: ^(http|https)://
type: string
certSecretRef:
- description: |-
- CertSecretRef can be given the name of a secret containing
+ description: CertSecretRef can be given the name of a secret containing
a PEM-encoded CA certificate (`caFile`)
properties:
name:
pattern: ^(http|https)://
type: string
secretRef:
- description: |-
- Secret reference containing the provider webhook URL
+ description: Secret reference containing the provider webhook URL
using "address" as data key
properties:
name:
- name
type: object
suspend:
- description: |-
- This flag tells the controller to suspend subsequent events handling.
- Defaults to false.
+ description: This flag tells the controller to suspend subsequent
+ events handling. Defaults to false.
type: boolean
timeout:
description: Timeout for sending alerts to the provider.
properties:
conditions:
items:
- description: Condition contains details for one aspect of the current
- state of this API Resource.
+ description: "Condition contains details for one aspect of the current
+ state of this API Resource. --- This struct is intended for direct
+ use as an array at the field path .status.conditions. For example,
+ \n type FooStatus struct{ // Represents the observations of a
+ foo's current state. // Known .status.conditions.type are: \"Available\",
+ \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge
+ // +listType=map // +listMapKey=type Conditions []metav1.Condition
+ `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\"
+ protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }"
properties:
lastTransitionTime:
- description: |-
- lastTransitionTime is the last time the condition transitioned from one status to another.
- This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable.
+ description: lastTransitionTime is the last time the condition
+ transitioned from one status to another. This should be when
+ the underlying condition changed. If that is not known, then
+ using the time when the API field changed is acceptable.
format: date-time
type: string
message:
- description: |-
- message is a human readable message indicating details about the transition.
- This may be an empty string.
+ description: message is a human readable message indicating
+ details about the transition. This may be an empty string.
maxLength: 32768
type: string
observedGeneration:
- description: |-
- observedGeneration represents the .metadata.generation that the condition was set based upon.
- For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date
- with respect to the current state of the instance.
+ description: observedGeneration represents the .metadata.generation
+ that the condition was set based upon. For instance, if .metadata.generation
+ is currently 12, but the .status.conditions[x].observedGeneration
+ is 9, the condition is out of date with respect to the current
+ state of the instance.
format: int64
minimum: 0
type: integer
reason:
- description: |-
- reason contains a programmatic identifier indicating the reason for the condition's last transition.
- Producers of specific condition types may define expected values and meanings for this field,
- and whether the values are considered a guaranteed API.
- The value should be a CamelCase string.
+ description: reason contains a programmatic identifier indicating
+ the reason for the condition's last transition. Producers
+ of specific condition types may define expected values and
+ meanings for this field, and whether the values are considered
+ a guaranteed API. The value should be a CamelCase string.
This field may not be empty.
maxLength: 1024
minLength: 1
type: string
type:
description: type of condition in CamelCase or in foo.example.com/CamelCase.
+ --- Many .condition.type values are consistent across resources
+ like Available, but because arbitrary conditions can be useful
+ (see .node.status.conditions), the ability to deconflict is
+ important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt)
maxLength: 316
pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$
type: string
- jsonPath: .status.conditions[?(@.type=="Ready")].message
name: Status
type: string
- deprecated: true
- deprecationWarning: v1beta2 Provider is deprecated, upgrade to v1beta3
name: v1beta2
schema:
openAPIV3Schema:
description: Provider is the Schema for the providers API.
properties:
apiVersion:
- description: |-
- APIVersion defines the versioned schema of this representation of an object.
- Servers should convert recognized schemas to the latest internal value, and
- may reject unrecognized values.
- More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
+ description: 'APIVersion defines the versioned schema of this representation
+ of an object. Servers should convert recognized schemas to the latest
+ internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
type: string
kind:
- description: |-
- Kind is a string value representing the REST resource this object represents.
- Servers may infer this from the endpoint the client submits requests to.
- Cannot be updated.
- In CamelCase.
- More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
+ description: 'Kind is a string value representing the REST resource this
+ object represents. Servers may infer this from the endpoint the client
+ submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
type: string
metadata:
type: object
description: ProviderSpec defines the desired state of the Provider.
properties:
address:
- description: |-
- Address specifies the endpoint, in a generic sense, to where alerts are sent.
- What kind of endpoint depends on the specific Provider type being used.
- For the generic Provider, for example, this is an HTTP/S address.
- For other Provider types this could be a project ID or a namespace.
+ description: Address specifies the endpoint, in a generic sense, to
+ where alerts are sent. What kind of endpoint depends on the specific
+ Provider type being used. For the generic Provider, for example,
+ this is an HTTP/S address. For other Provider types this could be
+ a project ID or a namespace.
maxLength: 2048
type: string
certSecretRef:
- description: |-
- CertSecretRef specifies the Secret containing
- a PEM-encoded CA certificate (in the `ca.crt` key).
-
- Note: Support for the `caFile` key has
- been deprecated.
+ description: "CertSecretRef specifies the Secret containing a PEM-encoded
+ CA certificate (in the `ca.crt` key). \n Note: Support for the `caFile`
+ key has been deprecated."
properties:
name:
description: Name of the referent.
pattern: ^(http|https)://.*$
type: string
secretRef:
- description: |-
- SecretRef specifies the Secret containing the authentication
+ description: SecretRef specifies the Secret containing the authentication
credentials for this Provider.
properties:
name:
- name
type: object
suspend:
- description: |-
- Suspend tells the controller to suspend subsequent
- events handling for this Provider.
+ description: Suspend tells the controller to suspend subsequent events
+ handling for this Provider.
type: boolean
timeout:
description: Timeout for sending alerts to the Provider.
- github
- gitlab
- gitea
- - bitbucketserver
- bitbucket
- azuredevops
- googlechat
conditions:
description: Conditions holds the conditions for the Provider.
items:
- description: Condition contains details for one aspect of the current
- state of this API Resource.
+ description: "Condition contains details for one aspect of the current
+ state of this API Resource. --- This struct is intended for direct
+ use as an array at the field path .status.conditions. For example,
+ \n type FooStatus struct{ // Represents the observations of a
+ foo's current state. // Known .status.conditions.type are: \"Available\",
+ \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge
+ // +listType=map // +listMapKey=type Conditions []metav1.Condition
+ `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\"
+ protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }"
properties:
lastTransitionTime:
- description: |-
- lastTransitionTime is the last time the condition transitioned from one status to another.
- This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable.
+ description: lastTransitionTime is the last time the condition
+ transitioned from one status to another. This should be when
+ the underlying condition changed. If that is not known, then
+ using the time when the API field changed is acceptable.
format: date-time
type: string
message:
- description: |-
- message is a human readable message indicating details about the transition.
- This may be an empty string.
+ description: message is a human readable message indicating
+ details about the transition. This may be an empty string.
maxLength: 32768
type: string
observedGeneration:
- description: |-
- observedGeneration represents the .metadata.generation that the condition was set based upon.
- For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date
- with respect to the current state of the instance.
+ description: observedGeneration represents the .metadata.generation
+ that the condition was set based upon. For instance, if .metadata.generation
+ is currently 12, but the .status.conditions[x].observedGeneration
+ is 9, the condition is out of date with respect to the current
+ state of the instance.
format: int64
minimum: 0
type: integer
reason:
- description: |-
- reason contains a programmatic identifier indicating the reason for the condition's last transition.
- Producers of specific condition types may define expected values and meanings for this field,
- and whether the values are considered a guaranteed API.
- The value should be a CamelCase string.
+ description: reason contains a programmatic identifier indicating
+ the reason for the condition's last transition. Producers
+ of specific condition types may define expected values and
+ meanings for this field, and whether the values are considered
+ a guaranteed API. The value should be a CamelCase string.
This field may not be empty.
maxLength: 1024
minLength: 1
type: string
type:
description: type of condition in CamelCase or in foo.example.com/CamelCase.
+ --- Many .condition.type values are consistent across resources
+ like Available, but because arbitrary conditions can be useful
+ (see .node.status.conditions), the ability to deconflict is
+ important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt)
maxLength: 316
pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$
type: string
type: object
type: array
lastHandledReconcileAt:
- description: |-
- LastHandledReconcileAt holds the value of the most recent
- reconcile request value, so a change of the annotation value
- can be detected.
+ description: LastHandledReconcileAt holds the value of the most recent
+ reconcile request value, so a change of the annotation value can
+ be detected.
type: string
observedGeneration:
description: ObservedGeneration is the last reconciled generation.
type: object
type: object
served: true
- storage: false
+ storage: true
subresources:
status: {}
- - additionalPrinterColumns:
- - jsonPath: .metadata.creationTimestamp
- name: Age
- type: date
- name: v1beta3
- schema:
- openAPIV3Schema:
- description: Provider is the Schema for the providers API
- properties:
- apiVersion:
- description: |-
- APIVersion defines the versioned schema of this representation of an object.
- Servers should convert recognized schemas to the latest internal value, and
- may reject unrecognized values.
- More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
- type: string
- kind:
- description: |-
- Kind is a string value representing the REST resource this object represents.
- Servers may infer this from the endpoint the client submits requests to.
- Cannot be updated.
- In CamelCase.
- More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
- type: string
- metadata:
- type: object
- spec:
- description: ProviderSpec defines the desired state of the Provider.
- properties:
- address:
- description: |-
- Address specifies the endpoint, in a generic sense, to where alerts are sent.
- What kind of endpoint depends on the specific Provider type being used.
- For the generic Provider, for example, this is an HTTP/S address.
- For other Provider types this could be a project ID or a namespace.
- maxLength: 2048
- type: string
- certSecretRef:
- description: |-
- CertSecretRef specifies the Secret containing
- a PEM-encoded CA certificate (in the `ca.crt` key).
-
- Note: Support for the `caFile` key has
- been deprecated.
- properties:
- name:
- description: Name of the referent.
- type: string
- required:
- - name
- type: object
- channel:
- description: Channel specifies the destination channel where events
- should be posted.
- maxLength: 2048
- type: string
- interval:
- description: |-
- Interval at which to reconcile the Provider with its Secret references.
- Deprecated and not used in v1beta3.
- pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$
- type: string
- proxy:
- description: Proxy the HTTP/S address of the proxy server.
- maxLength: 2048
- pattern: ^(http|https)://.*$
- type: string
- secretRef:
- description: |-
- SecretRef specifies the Secret containing the authentication
- credentials for this Provider.
- properties:
- name:
- description: Name of the referent.
- type: string
- required:
- - name
- type: object
- suspend:
- description: |-
- Suspend tells the controller to suspend subsequent
- events handling for this Provider.
- type: boolean
- timeout:
- description: Timeout for sending alerts to the Provider.
- pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m))+$
- type: string
- type:
- description: Type specifies which Provider implementation to use.
- enum:
- - slack
- - discord
- - msteams
- - rocket
- - generic
- - generic-hmac
- - github
- - gitlab
- - gitea
- - bitbucketserver
- - bitbucket
- - azuredevops
- - googlechat
- - googlepubsub
- - webex
- - sentry
- - azureeventhub
- - telegram
- - lark
- - matrix
- - opsgenie
- - alertmanager
- - grafana
- - githubdispatch
- - pagerduty
- - datadog
- - nats
- type: string
- username:
- description: Username specifies the name under which events are posted.
- maxLength: 2048
- type: string
- required:
- - type
- type: object
- type: object
- served: true
- storage: true
- subresources: {}
---
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
annotations:
- controller-gen.kubebuilder.io/version: v0.16.1
+ controller-gen.kubebuilder.io/version: v0.12.0
labels:
app.kubernetes.io/component: notification-controller
app.kubernetes.io/instance: flux-system
app.kubernetes.io/part-of: flux
- app.kubernetes.io/version: v2.4.0
+ app.kubernetes.io/version: v2.1.2
name: receivers.notification.toolkit.fluxcd.io
spec:
group: notification.toolkit.fluxcd.io
description: Receiver is the Schema for the receivers API.
properties:
apiVersion:
- description: |-
- APIVersion defines the versioned schema of this representation of an object.
- Servers should convert recognized schemas to the latest internal value, and
- may reject unrecognized values.
- More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
+ description: 'APIVersion defines the versioned schema of this representation
+ of an object. Servers should convert recognized schemas to the latest
+ internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
type: string
kind:
- description: |-
- Kind is a string value representing the REST resource this object represents.
- Servers may infer this from the endpoint the client submits requests to.
- Cannot be updated.
- In CamelCase.
- More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
+ description: 'Kind is a string value representing the REST resource this
+ object represents. Servers may infer this from the endpoint the client
+ submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
type: string
metadata:
type: object
description: ReceiverSpec defines the desired state of the Receiver.
properties:
events:
- description: |-
- Events specifies the list of event types to handle,
- e.g. 'push' for GitHub or 'Push Hook' for GitLab.
+ description: Events specifies the list of event types to handle, e.g.
+ 'push' for GitHub or 'Push Hook' for GitLab.
items:
type: string
type: array
resources:
description: A list of resources to be notified about changes.
items:
- description: |-
- CrossNamespaceObjectReference contains enough information to let you locate the
- typed referenced object at cluster level
+ description: CrossNamespaceObjectReference contains enough information
+ to let you locate the typed referenced object at cluster level
properties:
apiVersion:
description: API version of the referent
matchLabels:
additionalProperties:
type: string
- description: |-
- MatchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels
- map is equivalent to an element of matchExpressions, whose key field is "key", the
- operator is "In", and the values array contains only "value". The requirements are ANDed.
- MatchLabels requires the name to be set to `*`.
+ description: MatchLabels is a map of {key,value} pairs. A single
+ {key,value} in the matchLabels map is equivalent to an element
+ of matchExpressions, whose key field is "key", the operator
+ is "In", and the values array contains only "value". The requirements
+ are ANDed. MatchLabels requires the name to be set to `*`.
type: object
name:
- description: |-
- Name of the referent
- If multiple resources are targeted `*` may be set.
+ description: Name of the referent If multiple resources are
+ targeted `*` may be set.
maxLength: 53
minLength: 1
type: string
type: object
type: array
secretRef:
- description: |-
- SecretRef specifies the Secret containing the token used
+ description: SecretRef specifies the Secret containing the token used
to validate the payload authenticity.
properties:
name:
- name
type: object
suspend:
- description: |-
- Suspend tells the controller to suspend subsequent
- events handling for this receiver.
+ description: Suspend tells the controller to suspend subsequent events
+ handling for this receiver.
type: boolean
type:
- description: |-
- Type of webhook sender, used to determine
- the validation procedure and payload deserialization.
+ description: Type of webhook sender, used to determine the validation
+ procedure and payload deserialization.
enum:
- generic
- generic-hmac
- gcr
- nexus
- acr
- - cdevents
type: string
required:
- resources
conditions:
description: Conditions holds the conditions for the Receiver.
items:
- description: Condition contains details for one aspect of the current
- state of this API Resource.
+ description: "Condition contains details for one aspect of the current
+ state of this API Resource. --- This struct is intended for direct
+ use as an array at the field path .status.conditions. For example,
+ \n type FooStatus struct{ // Represents the observations of a
+ foo's current state. // Known .status.conditions.type are: \"Available\",
+ \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge
+ // +listType=map // +listMapKey=type Conditions []metav1.Condition
+ `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\"
+ protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }"
properties:
lastTransitionTime:
- description: |-
- lastTransitionTime is the last time the condition transitioned from one status to another.
- This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable.
+ description: lastTransitionTime is the last time the condition
+ transitioned from one status to another. This should be when
+ the underlying condition changed. If that is not known, then
+ using the time when the API field changed is acceptable.
format: date-time
type: string
message:
- description: |-
- message is a human readable message indicating details about the transition.
- This may be an empty string.
+ description: message is a human readable message indicating
+ details about the transition. This may be an empty string.
maxLength: 32768
type: string
observedGeneration:
- description: |-
- observedGeneration represents the .metadata.generation that the condition was set based upon.
- For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date
- with respect to the current state of the instance.
+ description: observedGeneration represents the .metadata.generation
+ that the condition was set based upon. For instance, if .metadata.generation
+ is currently 12, but the .status.conditions[x].observedGeneration
+ is 9, the condition is out of date with respect to the current
+ state of the instance.
format: int64
minimum: 0
type: integer
reason:
- description: |-
- reason contains a programmatic identifier indicating the reason for the condition's last transition.
- Producers of specific condition types may define expected values and meanings for this field,
- and whether the values are considered a guaranteed API.
- The value should be a CamelCase string.
+ description: reason contains a programmatic identifier indicating
+ the reason for the condition's last transition. Producers
+ of specific condition types may define expected values and
+ meanings for this field, and whether the values are considered
+ a guaranteed API. The value should be a CamelCase string.
This field may not be empty.
maxLength: 1024
minLength: 1
type: string
type:
description: type of condition in CamelCase or in foo.example.com/CamelCase.
+ --- Many .condition.type values are consistent across resources
+ like Available, but because arbitrary conditions can be useful
+ (see .node.status.conditions), the ability to deconflict is
+ important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt)
maxLength: 316
pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$
type: string
type: object
type: array
lastHandledReconcileAt:
- description: |-
- LastHandledReconcileAt holds the value of the most recent
- reconcile request value, so a change of the annotation value
- can be detected.
+ description: LastHandledReconcileAt holds the value of the most recent
+ reconcile request value, so a change of the annotation value can
+ be detected.
type: string
observedGeneration:
description: ObservedGeneration is the last observed generation of
format: int64
type: integer
webhookPath:
- description: |-
- WebhookPath is the generated incoming webhook address in the format
- of '/hook/sha256sum(token+name+namespace)'.
+ description: WebhookPath is the generated incoming webhook address
+ in the format of '/hook/sha256sum(token+name+namespace)'.
type: string
type: object
type: object
description: Receiver is the Schema for the receivers API
properties:
apiVersion:
- description: |-
- APIVersion defines the versioned schema of this representation of an object.
- Servers should convert recognized schemas to the latest internal value, and
- may reject unrecognized values.
- More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
+ description: 'APIVersion defines the versioned schema of this representation
+ of an object. Servers should convert recognized schemas to the latest
+ internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
type: string
kind:
- description: |-
- Kind is a string value representing the REST resource this object represents.
- Servers may infer this from the endpoint the client submits requests to.
- Cannot be updated.
- In CamelCase.
- More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
+ description: 'Kind is a string value representing the REST resource this
+ object represents. Servers may infer this from the endpoint the client
+ submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
type: string
metadata:
type: object
description: ReceiverSpec defines the desired state of Receiver
properties:
events:
- description: |-
- A list of events to handle,
- e.g. 'push' for GitHub or 'Push Hook' for GitLab.
+ description: A list of events to handle, e.g. 'push' for GitHub or
+ 'Push Hook' for GitLab.
items:
type: string
type: array
resources:
description: A list of resources to be notified about changes.
items:
- description: |-
- CrossNamespaceObjectReference contains enough information to let you locate the
- typed referenced object at cluster level
+ description: CrossNamespaceObjectReference contains enough information
+ to let you locate the typed referenced object at cluster level
properties:
apiVersion:
description: API version of the referent
matchLabels:
additionalProperties:
type: string
- description: |-
- MatchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels
- map is equivalent to an element of matchExpressions, whose key field is "key", the
- operator is "In", and the values array contains only "value". The requirements are ANDed.
+ description: MatchLabels is a map of {key,value} pairs. A single
+ {key,value} in the matchLabels map is equivalent to an element
+ of matchExpressions, whose key field is "key", the operator
+ is "In", and the values array contains only "value". The requirements
+ are ANDed.
type: object
name:
description: Name of the referent
minLength: 1
type: string
required:
- - kind
- name
type: object
type: array
secretRef:
- description: |-
- Secret reference containing the token used
- to validate the payload authenticity
+ description: Secret reference containing the token used to validate
+ the payload authenticity
properties:
name:
description: Name of the referent.
- name
type: object
suspend:
- description: |-
- This flag tells the controller to suspend subsequent events handling.
- Defaults to false.
+ description: This flag tells the controller to suspend subsequent
+ events handling. Defaults to false.
type: boolean
type:
- description: |-
- Type of webhook sender, used to determine
- the validation procedure and payload deserialization.
+ description: Type of webhook sender, used to determine the validation
+ procedure and payload deserialization.
enum:
- generic
- generic-hmac
type: string
required:
- resources
- - secretRef
- type
type: object
status:
properties:
conditions:
items:
- description: Condition contains details for one aspect of the current
- state of this API Resource.
+ description: "Condition contains details for one aspect of the current
+ state of this API Resource. --- This struct is intended for direct
+ use as an array at the field path .status.conditions. For example,
+ \n type FooStatus struct{ // Represents the observations of a
+ foo's current state. // Known .status.conditions.type are: \"Available\",
+ \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge
+ // +listType=map // +listMapKey=type Conditions []metav1.Condition
+ `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\"
+ protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }"
properties:
lastTransitionTime:
- description: |-
- lastTransitionTime is the last time the condition transitioned from one status to another.
- This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable.
+ description: lastTransitionTime is the last time the condition
+ transitioned from one status to another. This should be when
+ the underlying condition changed. If that is not known, then
+ using the time when the API field changed is acceptable.
format: date-time
type: string
message:
- description: |-
- message is a human readable message indicating details about the transition.
- This may be an empty string.
+ description: message is a human readable message indicating
+ details about the transition. This may be an empty string.
maxLength: 32768
type: string
observedGeneration:
- description: |-
- observedGeneration represents the .metadata.generation that the condition was set based upon.
- For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date
- with respect to the current state of the instance.
+ description: observedGeneration represents the .metadata.generation
+ that the condition was set based upon. For instance, if .metadata.generation
+ is currently 12, but the .status.conditions[x].observedGeneration
+ is 9, the condition is out of date with respect to the current
+ state of the instance.
format: int64
minimum: 0
type: integer
reason:
- description: |-
- reason contains a programmatic identifier indicating the reason for the condition's last transition.
- Producers of specific condition types may define expected values and meanings for this field,
- and whether the values are considered a guaranteed API.
- The value should be a CamelCase string.
+ description: reason contains a programmatic identifier indicating
+ the reason for the condition's last transition. Producers
+ of specific condition types may define expected values and
+ meanings for this field, and whether the values are considered
+ a guaranteed API. The value should be a CamelCase string.
This field may not be empty.
maxLength: 1024
minLength: 1
type: string
type:
description: type of condition in CamelCase or in foo.example.com/CamelCase.
+ --- Many .condition.type values are consistent across resources
+ like Available, but because arbitrary conditions can be useful
+ (see .node.status.conditions), the ability to deconflict is
+ important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt)
maxLength: 316
pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$
type: string
format: int64
type: integer
url:
- description: |-
- Generated webhook URL in the format
- of '/hook/sha256sum(token+name+namespace)'.
+ description: Generated webhook URL in the format of '/hook/sha256sum(token+name+namespace)'.
type: string
type: object
type: object
description: Receiver is the Schema for the receivers API.
properties:
apiVersion:
- description: |-
- APIVersion defines the versioned schema of this representation of an object.
- Servers should convert recognized schemas to the latest internal value, and
- may reject unrecognized values.
- More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
+ description: 'APIVersion defines the versioned schema of this representation
+ of an object. Servers should convert recognized schemas to the latest
+ internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
type: string
kind:
- description: |-
- Kind is a string value representing the REST resource this object represents.
- Servers may infer this from the endpoint the client submits requests to.
- Cannot be updated.
- In CamelCase.
- More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
+ description: 'Kind is a string value representing the REST resource this
+ object represents. Servers may infer this from the endpoint the client
+ submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
type: string
metadata:
type: object
description: ReceiverSpec defines the desired state of the Receiver.
properties:
events:
- description: |-
- Events specifies the list of event types to handle,
- e.g. 'push' for GitHub or 'Push Hook' for GitLab.
+ description: Events specifies the list of event types to handle, e.g.
+ 'push' for GitHub or 'Push Hook' for GitLab.
items:
type: string
type: array
resources:
description: A list of resources to be notified about changes.
items:
- description: |-
- CrossNamespaceObjectReference contains enough information to let you locate the
- typed referenced object at cluster level
+ description: CrossNamespaceObjectReference contains enough information
+ to let you locate the typed referenced object at cluster level
properties:
apiVersion:
description: API version of the referent
matchLabels:
additionalProperties:
type: string
- description: |-
- MatchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels
- map is equivalent to an element of matchExpressions, whose key field is "key", the
- operator is "In", and the values array contains only "value". The requirements are ANDed.
- MatchLabels requires the name to be set to `*`.
+ description: MatchLabels is a map of {key,value} pairs. A single
+ {key,value} in the matchLabels map is equivalent to an element
+ of matchExpressions, whose key field is "key", the operator
+ is "In", and the values array contains only "value". The requirements
+ are ANDed. MatchLabels requires the name to be set to `*`.
type: object
name:
- description: |-
- Name of the referent
- If multiple resources are targeted `*` may be set.
+ description: Name of the referent If multiple resources are
+ targeted `*` may be set.
maxLength: 53
minLength: 1
type: string
type: object
type: array
secretRef:
- description: |-
- SecretRef specifies the Secret containing the token used
+ description: SecretRef specifies the Secret containing the token used
to validate the payload authenticity.
properties:
name:
- name
type: object
suspend:
- description: |-
- Suspend tells the controller to suspend subsequent
- events handling for this receiver.
+ description: Suspend tells the controller to suspend subsequent events
+ handling for this receiver.
type: boolean
type:
- description: |-
- Type of webhook sender, used to determine
- the validation procedure and payload deserialization.
+ description: Type of webhook sender, used to determine the validation
+ procedure and payload deserialization.
enum:
- generic
- generic-hmac
type: string
required:
- resources
- - secretRef
- type
type: object
status:
conditions:
description: Conditions holds the conditions for the Receiver.
items:
- description: Condition contains details for one aspect of the current
- state of this API Resource.
+ description: "Condition contains details for one aspect of the current
+ state of this API Resource. --- This struct is intended for direct
+ use as an array at the field path .status.conditions. For example,
+ \n type FooStatus struct{ // Represents the observations of a
+ foo's current state. // Known .status.conditions.type are: \"Available\",
+ \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge
+ // +listType=map // +listMapKey=type Conditions []metav1.Condition
+ `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\"
+ protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }"
properties:
lastTransitionTime:
- description: |-
- lastTransitionTime is the last time the condition transitioned from one status to another.
- This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable.
+ description: lastTransitionTime is the last time the condition
+ transitioned from one status to another. This should be when
+ the underlying condition changed. If that is not known, then
+ using the time when the API field changed is acceptable.
format: date-time
type: string
message:
- description: |-
- message is a human readable message indicating details about the transition.
- This may be an empty string.
+ description: message is a human readable message indicating
+ details about the transition. This may be an empty string.
maxLength: 32768
type: string
observedGeneration:
- description: |-
- observedGeneration represents the .metadata.generation that the condition was set based upon.
- For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date
- with respect to the current state of the instance.
+ description: observedGeneration represents the .metadata.generation
+ that the condition was set based upon. For instance, if .metadata.generation
+ is currently 12, but the .status.conditions[x].observedGeneration
+ is 9, the condition is out of date with respect to the current
+ state of the instance.
format: int64
minimum: 0
type: integer
reason:
- description: |-
- reason contains a programmatic identifier indicating the reason for the condition's last transition.
- Producers of specific condition types may define expected values and meanings for this field,
- and whether the values are considered a guaranteed API.
- The value should be a CamelCase string.
+ description: reason contains a programmatic identifier indicating
+ the reason for the condition's last transition. Producers
+ of specific condition types may define expected values and
+ meanings for this field, and whether the values are considered
+ a guaranteed API. The value should be a CamelCase string.
This field may not be empty.
maxLength: 1024
minLength: 1
type: string
type:
description: type of condition in CamelCase or in foo.example.com/CamelCase.
+ --- Many .condition.type values are consistent across resources
+ like Available, but because arbitrary conditions can be useful
+ (see .node.status.conditions), the ability to deconflict is
+ important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt)
maxLength: 316
pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$
type: string
type: object
type: array
lastHandledReconcileAt:
- description: |-
- LastHandledReconcileAt holds the value of the most recent
- reconcile request value, so a change of the annotation value
- can be detected.
+ description: LastHandledReconcileAt holds the value of the most recent
+ reconcile request value, so a change of the annotation value can
+ be detected.
type: string
observedGeneration:
description: ObservedGeneration is the last observed generation of
format: int64
type: integer
url:
- description: |-
- URL is the generated incoming webhook address in the format
- of '/hook/sha256sum(token+name+namespace)'.
- Deprecated: Replaced by WebhookPath.
+ description: 'URL is the generated incoming webhook address in the
+ format of ''/hook/sha256sum(token+name+namespace)''. Deprecated:
+ Replaced by WebhookPath.'
type: string
webhookPath:
- description: |-
- WebhookPath is the generated incoming webhook address in the format
- of '/hook/sha256sum(token+name+namespace)'.
+ description: WebhookPath is the generated incoming webhook address
+ in the format of '/hook/sha256sum(token+name+namespace)'.
type: string
type: object
type: object
app.kubernetes.io/component: notification-controller
app.kubernetes.io/instance: flux-system
app.kubernetes.io/part-of: flux
- app.kubernetes.io/version: v2.4.0
+ app.kubernetes.io/version: v2.1.2
name: notification-controller
namespace: flux-system
---
app.kubernetes.io/component: notification-controller
app.kubernetes.io/instance: flux-system
app.kubernetes.io/part-of: flux
- app.kubernetes.io/version: v2.4.0
+ app.kubernetes.io/version: v2.1.2
control-plane: controller
name: notification-controller
namespace: flux-system
app.kubernetes.io/component: notification-controller
app.kubernetes.io/instance: flux-system
app.kubernetes.io/part-of: flux
- app.kubernetes.io/version: v2.4.0
+ app.kubernetes.io/version: v2.1.2
control-plane: controller
name: webhook-receiver
namespace: flux-system
app.kubernetes.io/component: notification-controller
app.kubernetes.io/instance: flux-system
app.kubernetes.io/part-of: flux
- app.kubernetes.io/version: v2.4.0
+ app.kubernetes.io/version: v2.1.2
control-plane: controller
name: notification-controller
namespace: flux-system
valueFrom:
fieldRef:
fieldPath: metadata.namespace
- - name: GOMAXPROCS
- valueFrom:
- resourceFieldRef:
- containerName: manager
- resource: limits.cpu
- - name: GOMEMLIMIT
- valueFrom:
- resourceFieldRef:
- containerName: manager
- resource: limits.memory
- image: ghcr.io/fluxcd/notification-controller:v1.4.0
+ image: ghcr.io/fluxcd/notification-controller:v1.1.0
imagePullPolicy: IfNotPresent
livenessProbe:
httpGet:
projects / osm / devops.git / commitdiff