From e078ffcce2325e454638f5a05a705dfa7fc66c88 Mon Sep 17 00:00:00 2001 From: "phisco-renovate[bot]" <167612840+phisco-renovate[bot]@users.noreply.github.com> Date: Fri, 26 Jul 2024 08:24:08 +0000 Subject: [PATCH] chore(deps): update module github.com/go-jose/go-jose/v3 to v3.0.3 [security] --- ...plane.io_compositeresourcedefinitions.yaml | 514 --- ...ns.crossplane.io_compositionrevisions.yaml | 2975 --------------- ...extensions.crossplane.io_compositions.yaml | 1457 -------- ...ions.crossplane.io_environmentconfigs.yaml | 51 - ....crossplane.io_configurationrevisions.yaml | 283 -- .../pkg.crossplane.io_configurations.yaml | 165 - .../pkg.crossplane.io_controllerconfigs.yaml | 3203 ----------------- cluster/crds/pkg.crossplane.io_locks.yaml | 93 - .../pkg.crossplane.io_providerrevisions.yaml | 283 -- cluster/crds/pkg.crossplane.io_providers.yaml | 174 - .../secrets.crossplane.io_storeconfigs.yaml | 302 -- cluster/webhookconfigurations/manifests.yaml | 45 - go.mod | 10 +- go.sum | 28 +- 14 files changed, 21 insertions(+), 9562 deletions(-) delete mode 100644 cluster/crds/apiextensions.crossplane.io_compositeresourcedefinitions.yaml delete mode 100644 cluster/crds/apiextensions.crossplane.io_compositionrevisions.yaml delete mode 100644 cluster/crds/apiextensions.crossplane.io_compositions.yaml delete mode 100644 cluster/crds/apiextensions.crossplane.io_environmentconfigs.yaml delete mode 100644 cluster/crds/pkg.crossplane.io_configurationrevisions.yaml delete mode 100644 cluster/crds/pkg.crossplane.io_configurations.yaml delete mode 100644 cluster/crds/pkg.crossplane.io_controllerconfigs.yaml delete mode 100644 cluster/crds/pkg.crossplane.io_locks.yaml delete mode 100644 cluster/crds/pkg.crossplane.io_providerrevisions.yaml delete mode 100644 cluster/crds/pkg.crossplane.io_providers.yaml delete mode 100644 cluster/crds/secrets.crossplane.io_storeconfigs.yaml delete mode 100644 cluster/webhookconfigurations/manifests.yaml diff --git a/cluster/crds/apiextensions.crossplane.io_compositeresourcedefinitions.yaml b/cluster/crds/apiextensions.crossplane.io_compositeresourcedefinitions.yaml deleted file mode 100644 index 99e5e0e0c31..00000000000 --- a/cluster/crds/apiextensions.crossplane.io_compositeresourcedefinitions.yaml +++ /dev/null @@ -1,514 +0,0 @@ -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - annotations: - controller-gen.kubebuilder.io/version: v0.12.1 - name: compositeresourcedefinitions.apiextensions.crossplane.io -spec: - group: apiextensions.crossplane.io - names: - categories: - - crossplane - kind: CompositeResourceDefinition - listKind: CompositeResourceDefinitionList - plural: compositeresourcedefinitions - shortNames: - - xrd - - xrds - singular: compositeresourcedefinition - scope: Cluster - versions: - - additionalPrinterColumns: - - jsonPath: .status.conditions[?(@.type=='Established')].status - name: ESTABLISHED - type: string - - jsonPath: .status.conditions[?(@.type=='Offered')].status - name: OFFERED - type: string - - jsonPath: .metadata.creationTimestamp - name: AGE - type: date - name: v1 - schema: - openAPIV3Schema: - description: A CompositeResourceDefinition defines a new kind of composite - infrastructure resource. The new resource is composed of other composite - or managed infrastructure resources. - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: CompositeResourceDefinitionSpec specifies the desired state - of the definition. - properties: - claimNames: - description: ClaimNames specifies the names of an optional composite - resource claim. When claim names are specified Crossplane will create - a namespaced 'composite resource claim' CRD that corresponds to - the defined composite resource. This composite resource claim acts - as a namespaced proxy for the composite resource; creating, updating, - or deleting the claim will create, update, or delete a corresponding - composite resource. You may add claim names to an existing CompositeResourceDefinition, - but they cannot be changed or removed once they have been set. - properties: - categories: - description: categories is a list of grouped resources this custom - resource belongs to (e.g. 'all'). This is published in API discovery - documents, and used by clients to support invocations like `kubectl - get all`. - items: - type: string - type: array - kind: - description: kind is the serialized kind of the resource. It is - normally CamelCase and singular. Custom resource instances will - use this value as the `kind` attribute in API calls. - type: string - listKind: - description: listKind is the serialized kind of the list for this - resource. Defaults to "`kind`List". - type: string - plural: - description: plural is the plural name of the resource to serve. - The custom resources are served under `/apis///.../`. - Must match the name of the CustomResourceDefinition (in the - form `.`). Must be all lowercase. - type: string - shortNames: - description: shortNames are short names for the resource, exposed - in API discovery documents, and used by clients to support invocations - like `kubectl get `. It must be all lowercase. - items: - type: string - type: array - singular: - description: singular is the singular name of the resource. It - must be all lowercase. Defaults to lowercased `kind`. - type: string - required: - - kind - - plural - type: object - connectionSecretKeys: - description: ConnectionSecretKeys is the list of keys that will be - exposed to the end user of the defined kind. If the list is empty, - all keys will be published. - items: - type: string - type: array - conversion: - description: Conversion defines all conversion settings for the defined - Composite resource. - properties: - strategy: - description: 'strategy specifies how custom resources are converted - between versions. Allowed values are: - `"None"`: The converter - only change the apiVersion and would not touch any other field - in the custom resource. - `"Webhook"`: API Server will call - to an external webhook to do the conversion. Additional information - is needed for this option. This requires spec.preserveUnknownFields - to be false, and spec.conversion.webhook to be set.' - type: string - webhook: - description: webhook describes how to call the conversion webhook. - Required when `strategy` is set to `"Webhook"`. - properties: - clientConfig: - description: clientConfig is the instructions for how to call - the webhook if strategy is `Webhook`. - properties: - caBundle: - description: caBundle is a PEM encoded CA bundle which - will be used to validate the webhook's server certificate. - If unspecified, system trust roots on the apiserver - are used. - format: byte - type: string - service: - description: "service is a reference to the service for - this webhook. Either service or url must be specified. - \n If the webhook is running within the cluster, then - you should use `service`." - properties: - name: - description: name is the name of the service. Required - type: string - namespace: - description: namespace is the namespace of the service. - Required - type: string - path: - description: path is an optional URL path at which - the webhook will be contacted. - type: string - port: - description: port is an optional service port at which - the webhook will be contacted. `port` should be - a valid port number (1-65535, inclusive). Defaults - to 443 for backward compatibility. - format: int32 - type: integer - required: - - name - - namespace - type: object - url: - description: "url gives the location of the webhook, in - standard URL form (`scheme://host:port/path`). Exactly - one of `url` or `service` must be specified. \n The - `host` should not refer to a service running in the - cluster; use the `service` field instead. The host might - be resolved via external DNS in some apiservers (e.g., - `kube-apiserver` cannot resolve in-cluster DNS as that - would be a layering violation). `host` may also be an - IP address. \n Please note that using `localhost` or - `127.0.0.1` as a `host` is risky unless you take great - care to run this webhook on all hosts which run an apiserver - which might need to make calls to this webhook. Such - installs are likely to be non-portable, i.e., not easy - to turn up in a new cluster. \n The scheme must be \"https\"; - the URL must begin with \"https://\". \n A path is optional, - and if present may be any string permissible in a URL. - You may use the path to pass an arbitrary string to - the webhook, for example, a cluster identifier. \n Attempting - to use a user or basic auth e.g. \"user:password@\" - is not allowed. Fragments (\"#...\") and query parameters - (\"?...\") are not allowed, either." - type: string - type: object - conversionReviewVersions: - description: conversionReviewVersions is an ordered list of - preferred `ConversionReview` versions the Webhook expects. - The API server will use the first version in the list which - it supports. If none of the versions specified in this list - are supported by API server, conversion will fail for the - custom resource. If a persisted Webhook configuration specifies - allowed versions and does not include any versions known - to the API Server, calls to the webhook will fail. - items: - type: string - type: array - required: - - conversionReviewVersions - type: object - required: - - strategy - type: object - defaultCompositeDeletePolicy: - default: Background - description: DefaultCompositeDeletePolicy is the policy used when - deleting the Composite that is associated with the Claim if no policy - has been specified. - enum: - - Background - - Foreground - type: string - defaultCompositionRef: - description: DefaultCompositionRef refers to the Composition resource - that will be used in case no composition selector is given. - properties: - name: - description: Name of the Composition. - type: string - required: - - name - type: object - defaultCompositionUpdatePolicy: - default: Automatic - description: DefaultCompositionUpdatePolicy is the policy used when - updating composites after a new Composition Revision has been created - if no policy has been specified on the composite. - enum: - - Automatic - - Manual - type: string - enforcedCompositionRef: - description: EnforcedCompositionRef refers to the Composition resource - that will be used by all composite instances whose schema is defined - by this definition. - properties: - name: - description: Name of the Composition. - type: string - required: - - name - type: object - group: - description: Group specifies the API group of the defined composite - resource. Composite resources are served under `/apis//...`. - Must match the name of the XRD (in the form `.`). - type: string - metadata: - description: Metadata specifies the desired metadata for the defined - composite resource and claim CRD's. - properties: - annotations: - additionalProperties: - type: string - description: 'Annotations is an unstructured key value map stored - with a resource that may be set by external tools to store and - retrieve arbitrary metadata. They are not queryable and should - be preserved when modifying objects. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations' - type: object - labels: - additionalProperties: - type: string - description: 'Map of string keys and values that can be used to - organize and categorize (scope and select) objects. May match - selectors of replication controllers More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels - and services. These labels are added to the composite resource - and claim CRD''s in addition to any labels defined by `CompositionResourceDefinition` - `metadata.labels`.' - type: object - type: object - names: - description: Names specifies the resource and kind names of the defined - composite resource. - properties: - categories: - description: categories is a list of grouped resources this custom - resource belongs to (e.g. 'all'). This is published in API discovery - documents, and used by clients to support invocations like `kubectl - get all`. - items: - type: string - type: array - kind: - description: kind is the serialized kind of the resource. It is - normally CamelCase and singular. Custom resource instances will - use this value as the `kind` attribute in API calls. - type: string - listKind: - description: listKind is the serialized kind of the list for this - resource. Defaults to "`kind`List". - type: string - plural: - description: plural is the plural name of the resource to serve. - The custom resources are served under `/apis///.../`. - Must match the name of the CustomResourceDefinition (in the - form `.`). Must be all lowercase. - type: string - shortNames: - description: shortNames are short names for the resource, exposed - in API discovery documents, and used by clients to support invocations - like `kubectl get `. It must be all lowercase. - items: - type: string - type: array - singular: - description: singular is the singular name of the resource. It - must be all lowercase. Defaults to lowercased `kind`. - type: string - required: - - kind - - plural - type: object - versions: - description: 'Versions is the list of all API versions of the defined - composite resource. Version names are used to compute the order - in which served versions are listed in API discovery. If the version - string is "kube-like", it will sort above non "kube-like" version - strings, which are ordered lexicographically. "Kube-like" versions - start with a "v", then are followed by a number (the major version), - then optionally the string "alpha" or "beta" and another number - (the minor version). These are sorted first by GA > beta > alpha - (where GA is a version with no suffix such as beta or alpha), and - then by comparing major version, then minor version. An example - sorted list of versions: v10, v2, v1, v11beta2, v10beta3, v3beta1, - v12alpha1, v11alpha2, foo1, foo10.' - items: - description: CompositeResourceDefinitionVersion describes a version - of an XR. - properties: - additionalPrinterColumns: - description: 'AdditionalPrinterColumns specifies additional - columns returned in Table output. If no columns are specified, - a single column displaying the age of the custom resource - is used. See the following link for details: https://kubernetes.io/docs/reference/using-api/api-concepts/#receiving-resources-as-tables' - items: - description: CustomResourceColumnDefinition specifies a column - for server side printing. - properties: - description: - description: description is a human readable description - of this column. - type: string - format: - description: format is an optional OpenAPI type definition - for this column. The 'name' format is applied to the - primary identifier column to assist in clients identifying - column is the resource name. See https://github.com/OAI/OpenAPI-Specification/blob/master/versions/2.0.md#data-types - for details. - type: string - jsonPath: - description: jsonPath is a simple JSON path (i.e. with - array notation) which is evaluated against each custom - resource to produce the value for this column. - type: string - name: - description: name is a human readable name for the column. - type: string - priority: - description: priority is an integer defining the relative - importance of this column compared to others. Lower - numbers are considered higher priority. Columns that - may be omitted in limited space scenarios should be - given a priority greater than 0. - format: int32 - type: integer - type: - description: type is an OpenAPI type definition for this - column. See https://github.com/OAI/OpenAPI-Specification/blob/master/versions/2.0.md#data-types - for details. - type: string - required: - - jsonPath - - name - - type - type: object - type: array - deprecated: - description: The deprecated field specifies that this version - is deprecated and should not be used. - type: boolean - deprecationWarning: - description: DeprecationWarning specifies the message that should - be shown to the user when using this version. - type: string - name: - description: Name of this version, e.g. “v1”, “v2beta1”, etc. - Composite resources are served under this version at `/apis///...` - if `served` is true. - type: string - referenceable: - description: Referenceable specifies that this version may be - referenced by a Composition in order to configure which resources - an XR may be composed of. Exactly one version must be marked - as referenceable; all Compositions must target only the referenceable - version. The referenceable version must be served. It's mapped - to the CRD's `spec.versions[*].storage` field. - type: boolean - schema: - description: Schema describes the schema used for validation, - pruning, and defaulting of this version of the defined composite - resource. Fields required by all composite resources will - be injected into this schema automatically, and will override - equivalently named fields in this schema. Omitting this schema - results in a schema that contains only the fields required - by all composite resources. - properties: - openAPIV3Schema: - description: OpenAPIV3Schema is the OpenAPI v3 schema to - use for validation and pruning. - type: object - x-kubernetes-preserve-unknown-fields: true - type: object - served: - description: Served specifies that this version should be served - via REST APIs. - type: boolean - required: - - name - - referenceable - - served - type: object - type: array - required: - - group - - names - - versions - type: object - status: - description: CompositeResourceDefinitionStatus shows the observed state - of the definition. - properties: - conditions: - description: Conditions of the resource. - items: - description: A Condition that may apply to a resource. - properties: - lastTransitionTime: - description: LastTransitionTime is the last time this condition - transitioned from one status to another. - format: date-time - type: string - message: - description: A Message containing details about this condition's - last transition from one status to another, if any. - type: string - reason: - description: A Reason for this condition's last transition from - one status to another. - type: string - status: - description: Status of this condition; is it currently True, - False, or Unknown? - type: string - type: - description: Type of this condition. At most one of each condition - type may apply to a resource at any point in time. - type: string - required: - - lastTransitionTime - - reason - - status - - type - type: object - type: array - controllers: - description: Controllers represents the status of the controllers - that power this composite resource definition. - properties: - compositeResourceClaimType: - description: The CompositeResourceClaimTypeRef is the type of - composite resource claim that Crossplane is currently reconciling - for this definition. Its version will eventually become consistent - with the definition's referenceable version. Note that clients - may interact with any served type; this is simply the type that - Crossplane interacts with. - properties: - apiVersion: - description: APIVersion of the type. - type: string - kind: - description: Kind of the type. - type: string - required: - - apiVersion - - kind - type: object - compositeResourceType: - description: The CompositeResourceTypeRef is the type of composite - resource that Crossplane is currently reconciling for this definition. - Its version will eventually become consistent with the definition's - referenceable version. Note that clients may interact with any - served type; this is simply the type that Crossplane interacts - with. - properties: - apiVersion: - description: APIVersion of the type. - type: string - kind: - description: Kind of the type. - type: string - required: - - apiVersion - - kind - type: object - type: object - type: object - type: object - served: true - storage: true - subresources: - status: {} diff --git a/cluster/crds/apiextensions.crossplane.io_compositionrevisions.yaml b/cluster/crds/apiextensions.crossplane.io_compositionrevisions.yaml deleted file mode 100644 index d9947e7f2f8..00000000000 --- a/cluster/crds/apiextensions.crossplane.io_compositionrevisions.yaml +++ /dev/null @@ -1,2975 +0,0 @@ -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - annotations: - controller-gen.kubebuilder.io/version: v0.12.1 - name: compositionrevisions.apiextensions.crossplane.io -spec: - group: apiextensions.crossplane.io - names: - categories: - - crossplane - kind: CompositionRevision - listKind: CompositionRevisionList - plural: compositionrevisions - shortNames: - - comprev - singular: compositionrevision - scope: Cluster - versions: - - additionalPrinterColumns: - - jsonPath: .spec.revision - name: REVISION - type: string - - jsonPath: .spec.compositeTypeRef.kind - name: XR-KIND - type: string - - jsonPath: .spec.compositeTypeRef.apiVersion - name: XR-APIVERSION - type: string - - jsonPath: .metadata.creationTimestamp - name: AGE - type: date - name: v1 - schema: - openAPIV3Schema: - description: A CompositionRevision represents a revision in time of a Composition. - Revisions are created by Crossplane; they should be treated as immutable. - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: CompositionRevisionSpec specifies the desired state of the - composition revision. - properties: - compositeTypeRef: - description: CompositeTypeRef specifies the type of composite resource - that this composition is compatible with. - properties: - apiVersion: - description: APIVersion of the type. - type: string - kind: - description: Kind of the type. - type: string - required: - - apiVersion - - kind - type: object - environment: - description: Environment configures the environment in which resources - are rendered. - properties: - environmentConfigs: - description: "EnvironmentConfigs selects a list of `EnvironmentConfig`s. - The resolved resources are stored in the composite resource - at `spec.environmentConfigRefs` and is only updated if it is - null. \n The list of references is used to compute an in-memory - environment at compose time. The data of all object is merged - in the order they are listed, meaning the values of EnvironmentConfigs - with a larger index take priority over ones with smaller indices. - \n The computed environment can be accessed in a composition - using `FromEnvironmentFieldPath` and `CombineFromEnvironment` - patches." - items: - description: EnvironmentSource selects a EnvironmentConfig resource. - properties: - ref: - description: Ref is a named reference to a single EnvironmentConfig. - Either Ref or Selector is required. - properties: - name: - description: The name of the object. - type: string - required: - - name - type: object - selector: - description: Selector selects EnvironmentConfig(s) via labels. - properties: - matchLabels: - description: MatchLabels ensures an object with matching - labels is selected. - items: - description: An EnvironmentSourceSelectorLabelMatcher - acts like a k8s label selector but can draw the - label value from a different path. - properties: - key: - description: Key of the label to match. - type: string - type: - default: FromCompositeFieldPath - description: Type specifies where the value for - a label comes from. - enum: - - FromCompositeFieldPath - - Value - type: string - value: - description: Value specifies a literal label value. - type: string - valueFromFieldPath: - description: ValueFromFieldPath specifies the - field path to look for the label value. - type: string - required: - - key - type: object - type: array - maxMatch: - description: MaxMatch specifies the number of extracted - EnvironmentConfigs in Multiple mode, extracts all - if nil. - format: int64 - type: integer - mode: - default: Single - description: 'Mode specifies retrieval strategy: "Single" - or "Multiple".' - enum: - - Single - - Multiple - type: string - sortByFieldPath: - default: metadata.name - description: SortByFieldPath is the path to the field - based on which list of EnvironmentConfigs is alphabetically - sorted. - type: string - type: object - type: - default: Reference - description: Type specifies the way the EnvironmentConfig - is selected. Default is `Reference` - enum: - - Reference - - Selector - type: string - type: object - type: array - patches: - description: Patches is a list of environment patches that are - executed before a composition's resources are composed. - items: - description: EnvironmentPatch is a patch for a Composition environment. - properties: - combine: - description: Combine is the patch configuration for a CombineFromComposite - or CombineToComposite patch. - properties: - strategy: - description: Strategy defines the strategy to use to - combine the input variable values. Currently only - string is supported. - enum: - - string - type: string - string: - description: String declares that input variables should - be combined into a single string, using the relevant - settings for formatting purposes. - properties: - fmt: - description: Format the input using a Go format - string. See https://golang.org/pkg/fmt/ for details. - type: string - required: - - fmt - type: object - variables: - description: Variables are the list of variables whose - values will be retrieved and combined. - items: - description: A CombineVariable defines the source - of a value that is combined with others to form - and patch an output value. Currently, this only - supports retrieving values from a field path. - properties: - fromFieldPath: - description: FromFieldPath is the path of the - field on the source whose value is to be used - as input. - type: string - required: - - fromFieldPath - type: object - minItems: 1 - type: array - required: - - strategy - - variables - type: object - fromFieldPath: - description: FromFieldPath is the path of the field on the - resource whose value is to be used as input. Required - when type is FromCompositeFieldPath or ToCompositeFieldPath. - type: string - policy: - description: Policy configures the specifics of patching - behaviour. - properties: - fromFieldPath: - description: FromFieldPath specifies how to patch from - a field path. The default is 'Optional', which means - the patch will be a no-op if the specified fromFieldPath - does not exist. Use 'Required' if the patch should - fail if the specified path does not exist. - enum: - - Optional - - Required - type: string - mergeOptions: - description: MergeOptions Specifies merge options on - a field path - properties: - appendSlice: - description: Specifies that already existing elements - in a merged slice should be preserved - type: boolean - keepMapValues: - description: Specifies that already existing values - in a merged map should be preserved - type: boolean - type: object - type: object - toFieldPath: - description: ToFieldPath is the path of the field on the - resource whose value will be changed with the result of - transforms. Leave empty if you'd like to propagate to - the same path as fromFieldPath. - type: string - transforms: - description: Transforms are the list of functions that are - used as a FIFO pipe for the input to be transformed. - items: - description: Transform is a unit of process whose input - is transformed into an output with the supplied configuration. - properties: - convert: - description: Convert is used to cast the input into - the given output type. - properties: - format: - description: "The expected input format. \n * - `quantity` - parses the input as a K8s [`resource.Quantity`](https://pkg.go.dev/k8s.io/apimachinery/pkg/api/resource#Quantity). - Only used during `string -> float64` conversions. - \n If this property is null, the default conversion - is applied." - enum: - - none - - quantity - type: string - toType: - description: ToType is the type of the output - of this transform. - enum: - - string - - int - - int64 - - bool - - float64 - type: string - required: - - toType - type: object - map: - additionalProperties: - x-kubernetes-preserve-unknown-fields: true - description: Map uses the input as a key in the given - map and returns the value. - type: object - match: - description: Match is a more complex version of Map - that matches a list of patterns. - properties: - fallbackTo: - default: Value - description: Determines to what value the transform - should fallback if no pattern matches. - enum: - - Value - - Input - type: string - fallbackValue: - description: The fallback value that should be - returned by the transform if now pattern matches. - x-kubernetes-preserve-unknown-fields: true - patterns: - description: The patterns that should be tested - against the input string. Patterns are tested - in order. The value of the first match is used - as result of this transform. - items: - description: MatchTransformPattern is a transform - that returns the value that matches a pattern. - properties: - literal: - description: Literal exactly matches the - input string (case sensitive). Is required - if `type` is `literal`. - type: string - regexp: - description: Regexp to match against the - input string. Is required if `type` is - `regexp`. - type: string - result: - description: The value that is used as result - of the transform if the pattern matches. - x-kubernetes-preserve-unknown-fields: true - type: - default: literal - description: "Type specifies how the pattern - matches the input. \n * `literal` - the - pattern value has to exactly match (case - sensitive) the input string. This is the - default. \n * `regexp` - the pattern treated - as a regular expression against which - the input string is tested. Crossplane - will throw an error if the key is not - a valid regexp." - enum: - - literal - - regexp - type: string - required: - - result - - type - type: object - type: array - type: object - math: - description: Math is used to transform the input via - mathematical operations such as multiplication. - properties: - clampMax: - description: ClampMax makes sure that the value - is not bigger than the given value. - format: int64 - type: integer - clampMin: - description: ClampMin makes sure that the value - is not smaller than the given value. - format: int64 - type: integer - multiply: - description: Multiply the value. - format: int64 - type: integer - type: - default: Multiply - description: Type of the math transform to be - run. - enum: - - Multiply - - ClampMin - - ClampMax - type: string - type: object - string: - description: String is used to transform the input - into a string or a different kind of string. Note - that the input does not necessarily need to be a - string. - properties: - convert: - description: Optional conversion method to be - specified. `ToUpper` and `ToLower` change the - letter case of the input string. `ToBase64` - and `FromBase64` perform a base64 conversion - based on the input string. `ToJson` converts - any input value into its raw JSON representation. - `ToSha1`, `ToSha256` and `ToSha512` generate - a hash value based on the input converted to - JSON. - enum: - - ToUpper - - ToLower - - ToBase64 - - FromBase64 - - ToJson - - ToSha1 - - ToSha256 - - ToSha512 - type: string - fmt: - description: Format the input using a Go format - string. See https://golang.org/pkg/fmt/ for - details. - type: string - regexp: - description: Extract a match from the input using - a regular expression. - properties: - group: - description: Group number to match. 0 (the - default) matches the entire expression. - type: integer - match: - description: Match string. May optionally - include submatches, aka capture groups. - See https://pkg.go.dev/regexp/ for details. - type: string - required: - - match - type: object - trim: - description: Trim the prefix or suffix from the - input - type: string - type: - default: Format - description: Type of the string transform to be - run. - enum: - - Format - - Convert - - TrimPrefix - - TrimSuffix - - Regexp - type: string - type: object - type: - description: Type of the transform to be run. - enum: - - map - - match - - math - - string - - convert - type: string - required: - - type - type: object - type: array - type: - default: FromCompositeFieldPath - description: Type sets the patching behaviour to be used. - Each patch type may require its own fields to be set on - the Patch object. - enum: - - FromCompositeFieldPath - - ToCompositeFieldPath - - CombineFromComposite - - CombineToComposite - type: string - type: object - type: array - policy: - description: Policy represents the Resolve and Resolution policies - which apply to all EnvironmentSourceReferences in EnvironmentConfigs - list. - properties: - resolution: - default: Required - description: Resolution specifies whether resolution of this - reference is required. The default is 'Required', which - means the reconcile will fail if the reference cannot be - resolved. 'Optional' means this reference will be a no-op - if it cannot be resolved. - enum: - - Required - - Optional - type: string - resolve: - description: Resolve specifies when this reference should - be resolved. The default is 'IfNotPresent', which will attempt - to resolve the reference only when the corresponding field - is not present. Use 'Always' to resolve the reference on - every reconcile. - enum: - - Always - - IfNotPresent - type: string - type: object - type: object - functions: - description: Functions is list of Composition Functions that will - be used when a composite resource referring to this composition - is created. At least one of resources and functions must be specified. - If both are specified the resources will be rendered first, then - passed to the functions for further processing. - items: - description: A Function represents a Composition Function. - properties: - config: - description: Config is an optional, arbitrary Kubernetes resource - (i.e. a resource with an apiVersion and kind) that will be - passed to the Composition Function as the 'config' block of - its FunctionIO. - type: object - x-kubernetes-embedded-resource: true - x-kubernetes-preserve-unknown-fields: true - container: - description: Container configuration of this function. - properties: - image: - description: Image specifies the OCI image in which the - function is packaged. The image should include an entrypoint - that reads a FunctionIO from stdin and emits it, optionally - mutated, to stdout. - type: string - imagePullPolicy: - default: IfNotPresent - description: ImagePullPolicy defines the pull policy for - the function image. - enum: - - IfNotPresent - - Always - - Never - type: string - imagePullSecrets: - description: ImagePullSecrets are used to pull images from - private OCI registries. - items: - description: LocalObjectReference contains enough information - to let you locate the referenced object inside the same - namespace. - properties: - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, - uid?' - type: string - type: object - x-kubernetes-map-type: atomic - type: array - network: - description: Network configuration for the Composition Function. - properties: - policy: - default: Isolated - description: Policy specifies the network policy under - which the Composition Function will run. Defaults - to 'Isolated' - i.e. no network access. Specify 'Runner' - to allow the function the same network access as its - runner. - enum: - - Isolated - - Runner - type: string - type: object - resources: - description: Resources that may be used by the Composition - Function. - properties: - limits: - description: Limits specify the maximum compute resources - that may be used by the Composition Function. - properties: - cpu: - anyOf: - - type: integer - - type: string - default: 100m - description: CPU, in cores. (500m = .5 cores) - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - memory: - anyOf: - - type: integer - - type: string - default: 128Mi - description: Memory, in bytes. (500Gi = 500GiB = - 500 * 1024 * 1024 * 1024) - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - type: object - type: object - runner: - description: Runner configuration for the Composition Function. - properties: - endpoint: - default: unix-abstract:crossplane/fn/default.sock - description: Endpoint specifies how and where Crossplane - should reach the runner it uses to invoke containerized - Composition Functions. - type: string - type: object - timeout: - default: 20s - description: Timeout after which the Composition Function - will be killed. - type: string - required: - - image - type: object - name: - description: Name of this function. Must be unique within its - Composition. - type: string - type: - description: Type of this function. - enum: - - Container - type: string - required: - - name - - type - type: object - type: array - patchSets: - description: PatchSets define a named set of patches that may be included - by any resource in this Composition. PatchSets cannot themselves - refer to other PatchSets. - items: - description: A PatchSet is a set of patches that can be reused from - all resources within a Composition. - properties: - name: - description: Name of this PatchSet. - type: string - patches: - description: Patches will be applied as an overlay to the base - resource. - items: - description: Patch objects are applied between composite and - composed resources. Their behaviour depends on the Type - selected. The default Type, FromCompositeFieldPath, copies - a value from the composite resource to the composed resource, - applying any defined transformers. - properties: - combine: - description: Combine is the patch configuration for a - CombineFromComposite, CombineFromEnvironment, CombineToComposite - or CombineToEnvironment patch. - properties: - strategy: - description: Strategy defines the strategy to use - to combine the input variable values. Currently - only string is supported. - enum: - - string - type: string - string: - description: String declares that input variables - should be combined into a single string, using the - relevant settings for formatting purposes. - properties: - fmt: - description: Format the input using a Go format - string. See https://golang.org/pkg/fmt/ for - details. - type: string - required: - - fmt - type: object - variables: - description: Variables are the list of variables whose - values will be retrieved and combined. - items: - description: A CombineVariable defines the source - of a value that is combined with others to form - and patch an output value. Currently, this only - supports retrieving values from a field path. - properties: - fromFieldPath: - description: FromFieldPath is the path of the - field on the source whose value is to be used - as input. - type: string - required: - - fromFieldPath - type: object - minItems: 1 - type: array - required: - - strategy - - variables - type: object - fromFieldPath: - description: FromFieldPath is the path of the field on - the resource whose value is to be used as input. Required - when type is FromCompositeFieldPath, FromEnvironmentFieldPath, - ToCompositeFieldPath, ToEnvironmentFieldPath. - type: string - patchSetName: - description: PatchSetName to include patches from. Required - when type is PatchSet. - type: string - policy: - description: Policy configures the specifics of patching - behaviour. - properties: - fromFieldPath: - description: FromFieldPath specifies how to patch - from a field path. The default is 'Optional', which - means the patch will be a no-op if the specified - fromFieldPath does not exist. Use 'Required' if - the patch should fail if the specified path does - not exist. - enum: - - Optional - - Required - type: string - mergeOptions: - description: MergeOptions Specifies merge options - on a field path - properties: - appendSlice: - description: Specifies that already existing elements - in a merged slice should be preserved - type: boolean - keepMapValues: - description: Specifies that already existing values - in a merged map should be preserved - type: boolean - type: object - type: object - toFieldPath: - description: ToFieldPath is the path of the field on the - resource whose value will be changed with the result - of transforms. Leave empty if you'd like to propagate - to the same path as fromFieldPath. - type: string - transforms: - description: Transforms are the list of functions that - are used as a FIFO pipe for the input to be transformed. - items: - description: Transform is a unit of process whose input - is transformed into an output with the supplied configuration. - properties: - convert: - description: Convert is used to cast the input into - the given output type. - properties: - format: - description: "The expected input format. \n - * `quantity` - parses the input as a K8s [`resource.Quantity`](https://pkg.go.dev/k8s.io/apimachinery/pkg/api/resource#Quantity). - Only used during `string -> float64` conversions. - \n If this property is null, the default conversion - is applied." - enum: - - none - - quantity - type: string - toType: - description: ToType is the type of the output - of this transform. - enum: - - string - - int - - int64 - - bool - - float64 - type: string - required: - - toType - type: object - map: - additionalProperties: - x-kubernetes-preserve-unknown-fields: true - description: Map uses the input as a key in the - given map and returns the value. - type: object - match: - description: Match is a more complex version of - Map that matches a list of patterns. - properties: - fallbackTo: - default: Value - description: Determines to what value the transform - should fallback if no pattern matches. - enum: - - Value - - Input - type: string - fallbackValue: - description: The fallback value that should - be returned by the transform if now pattern - matches. - x-kubernetes-preserve-unknown-fields: true - patterns: - description: The patterns that should be tested - against the input string. Patterns are tested - in order. The value of the first match is - used as result of this transform. - items: - description: MatchTransformPattern is a transform - that returns the value that matches a pattern. - properties: - literal: - description: Literal exactly matches the - input string (case sensitive). Is required - if `type` is `literal`. - type: string - regexp: - description: Regexp to match against the - input string. Is required if `type` - is `regexp`. - type: string - result: - description: The value that is used as - result of the transform if the pattern - matches. - x-kubernetes-preserve-unknown-fields: true - type: - default: literal - description: "Type specifies how the pattern - matches the input. \n * `literal` - - the pattern value has to exactly match - (case sensitive) the input string. This - is the default. \n * `regexp` - the - pattern treated as a regular expression - against which the input string is tested. - Crossplane will throw an error if the - key is not a valid regexp." - enum: - - literal - - regexp - type: string - required: - - result - - type - type: object - type: array - type: object - math: - description: Math is used to transform the input - via mathematical operations such as multiplication. - properties: - clampMax: - description: ClampMax makes sure that the value - is not bigger than the given value. - format: int64 - type: integer - clampMin: - description: ClampMin makes sure that the value - is not smaller than the given value. - format: int64 - type: integer - multiply: - description: Multiply the value. - format: int64 - type: integer - type: - default: Multiply - description: Type of the math transform to be - run. - enum: - - Multiply - - ClampMin - - ClampMax - type: string - type: object - string: - description: String is used to transform the input - into a string or a different kind of string. Note - that the input does not necessarily need to be - a string. - properties: - convert: - description: Optional conversion method to be - specified. `ToUpper` and `ToLower` change - the letter case of the input string. `ToBase64` - and `FromBase64` perform a base64 conversion - based on the input string. `ToJson` converts - any input value into its raw JSON representation. - `ToSha1`, `ToSha256` and `ToSha512` generate - a hash value based on the input converted - to JSON. - enum: - - ToUpper - - ToLower - - ToBase64 - - FromBase64 - - ToJson - - ToSha1 - - ToSha256 - - ToSha512 - type: string - fmt: - description: Format the input using a Go format - string. See https://golang.org/pkg/fmt/ for - details. - type: string - regexp: - description: Extract a match from the input - using a regular expression. - properties: - group: - description: Group number to match. 0 (the - default) matches the entire expression. - type: integer - match: - description: Match string. May optionally - include submatches, aka capture groups. - See https://pkg.go.dev/regexp/ for details. - type: string - required: - - match - type: object - trim: - description: Trim the prefix or suffix from - the input - type: string - type: - default: Format - description: Type of the string transform to - be run. - enum: - - Format - - Convert - - TrimPrefix - - TrimSuffix - - Regexp - type: string - type: object - type: - description: Type of the transform to be run. - enum: - - map - - match - - math - - string - - convert - type: string - required: - - type - type: object - type: array - type: - default: FromCompositeFieldPath - description: Type sets the patching behaviour to be used. - Each patch type may require its own fields to be set - on the Patch object. - enum: - - FromCompositeFieldPath - - FromEnvironmentFieldPath - - PatchSet - - ToCompositeFieldPath - - ToEnvironmentFieldPath - - CombineFromEnvironment - - CombineFromComposite - - CombineToComposite - - CombineToEnvironment - type: string - type: object - type: array - required: - - name - - patches - type: object - type: array - publishConnectionDetailsWithStoreConfigRef: - default: - name: default - description: PublishConnectionDetailsWithStoreConfig specifies the - secret store config with which the connection details of composite - resources dynamically provisioned using this composition will be - published. - properties: - name: - description: Name of the referenced StoreConfig. - type: string - required: - - name - type: object - resources: - description: Resources is the list of resource templates that will - be used when a composite resource referring to this composition - is created. - items: - description: ComposedTemplate is used to provide information about - how the composed resource should be processed. - properties: - base: - description: Base is the target resource that the patches will - be applied on. - type: object - x-kubernetes-embedded-resource: true - x-kubernetes-preserve-unknown-fields: true - connectionDetails: - description: ConnectionDetails lists the propagation secret - keys from this target resource to the composition instance - connection secret. - items: - description: ConnectionDetail includes the information about - the propagation of the connection information from one secret - to another. - properties: - fromConnectionSecretKey: - description: FromConnectionSecretKey is the key that will - be used to fetch the value from the composed resource's - connection secret. - type: string - fromFieldPath: - description: FromFieldPath is the path of the field on - the composed resource whose value to be used as input. - Name must be specified if the type is FromFieldPath. - type: string - name: - description: Name of the connection secret key that will - be propagated to the connection secret of the composition - instance. Leave empty if you'd like to use the same - key name. - type: string - type: - description: 'Type sets the connection detail fetching - behaviour to be used. Each connection detail type may - require its own fields to be set on the ConnectionDetail - object. If the type is omitted Crossplane will attempt - to infer it based on which other fields were specified. - If multiple fields are specified the order of precedence - is: 1. FromValue 2. FromConnectionSecretKey 3. FromFieldPath' - enum: - - FromConnectionSecretKey - - FromFieldPath - - FromValue - type: string - value: - description: Value that will be propagated to the connection - secret of the composite resource. May be set to inject - a fixed, non-sensitive connection secret value, for - example a well-known port. - type: string - type: object - type: array - name: - description: A Name uniquely identifies this entry within its - Composition's resources array. Names are optional but *strongly* - recommended. When all entries in the resources array are named - entries may added, deleted, and reordered as long as their - names do not change. When entries are not named the length - and order of the resources array should be treated as immutable. - Either all or no entries must be named. - type: string - patches: - description: Patches will be applied as overlay to the base - resource. - items: - description: Patch objects are applied between composite and - composed resources. Their behaviour depends on the Type - selected. The default Type, FromCompositeFieldPath, copies - a value from the composite resource to the composed resource, - applying any defined transformers. - properties: - combine: - description: Combine is the patch configuration for a - CombineFromComposite, CombineFromEnvironment, CombineToComposite - or CombineToEnvironment patch. - properties: - strategy: - description: Strategy defines the strategy to use - to combine the input variable values. Currently - only string is supported. - enum: - - string - type: string - string: - description: String declares that input variables - should be combined into a single string, using the - relevant settings for formatting purposes. - properties: - fmt: - description: Format the input using a Go format - string. See https://golang.org/pkg/fmt/ for - details. - type: string - required: - - fmt - type: object - variables: - description: Variables are the list of variables whose - values will be retrieved and combined. - items: - description: A CombineVariable defines the source - of a value that is combined with others to form - and patch an output value. Currently, this only - supports retrieving values from a field path. - properties: - fromFieldPath: - description: FromFieldPath is the path of the - field on the source whose value is to be used - as input. - type: string - required: - - fromFieldPath - type: object - minItems: 1 - type: array - required: - - strategy - - variables - type: object - fromFieldPath: - description: FromFieldPath is the path of the field on - the resource whose value is to be used as input. Required - when type is FromCompositeFieldPath, FromEnvironmentFieldPath, - ToCompositeFieldPath, ToEnvironmentFieldPath. - type: string - patchSetName: - description: PatchSetName to include patches from. Required - when type is PatchSet. - type: string - policy: - description: Policy configures the specifics of patching - behaviour. - properties: - fromFieldPath: - description: FromFieldPath specifies how to patch - from a field path. The default is 'Optional', which - means the patch will be a no-op if the specified - fromFieldPath does not exist. Use 'Required' if - the patch should fail if the specified path does - not exist. - enum: - - Optional - - Required - type: string - mergeOptions: - description: MergeOptions Specifies merge options - on a field path - properties: - appendSlice: - description: Specifies that already existing elements - in a merged slice should be preserved - type: boolean - keepMapValues: - description: Specifies that already existing values - in a merged map should be preserved - type: boolean - type: object - type: object - toFieldPath: - description: ToFieldPath is the path of the field on the - resource whose value will be changed with the result - of transforms. Leave empty if you'd like to propagate - to the same path as fromFieldPath. - type: string - transforms: - description: Transforms are the list of functions that - are used as a FIFO pipe for the input to be transformed. - items: - description: Transform is a unit of process whose input - is transformed into an output with the supplied configuration. - properties: - convert: - description: Convert is used to cast the input into - the given output type. - properties: - format: - description: "The expected input format. \n - * `quantity` - parses the input as a K8s [`resource.Quantity`](https://pkg.go.dev/k8s.io/apimachinery/pkg/api/resource#Quantity). - Only used during `string -> float64` conversions. - \n If this property is null, the default conversion - is applied." - enum: - - none - - quantity - type: string - toType: - description: ToType is the type of the output - of this transform. - enum: - - string - - int - - int64 - - bool - - float64 - type: string - required: - - toType - type: object - map: - additionalProperties: - x-kubernetes-preserve-unknown-fields: true - description: Map uses the input as a key in the - given map and returns the value. - type: object - match: - description: Match is a more complex version of - Map that matches a list of patterns. - properties: - fallbackTo: - default: Value - description: Determines to what value the transform - should fallback if no pattern matches. - enum: - - Value - - Input - type: string - fallbackValue: - description: The fallback value that should - be returned by the transform if now pattern - matches. - x-kubernetes-preserve-unknown-fields: true - patterns: - description: The patterns that should be tested - against the input string. Patterns are tested - in order. The value of the first match is - used as result of this transform. - items: - description: MatchTransformPattern is a transform - that returns the value that matches a pattern. - properties: - literal: - description: Literal exactly matches the - input string (case sensitive). Is required - if `type` is `literal`. - type: string - regexp: - description: Regexp to match against the - input string. Is required if `type` - is `regexp`. - type: string - result: - description: The value that is used as - result of the transform if the pattern - matches. - x-kubernetes-preserve-unknown-fields: true - type: - default: literal - description: "Type specifies how the pattern - matches the input. \n * `literal` - - the pattern value has to exactly match - (case sensitive) the input string. This - is the default. \n * `regexp` - the - pattern treated as a regular expression - against which the input string is tested. - Crossplane will throw an error if the - key is not a valid regexp." - enum: - - literal - - regexp - type: string - required: - - result - - type - type: object - type: array - type: object - math: - description: Math is used to transform the input - via mathematical operations such as multiplication. - properties: - clampMax: - description: ClampMax makes sure that the value - is not bigger than the given value. - format: int64 - type: integer - clampMin: - description: ClampMin makes sure that the value - is not smaller than the given value. - format: int64 - type: integer - multiply: - description: Multiply the value. - format: int64 - type: integer - type: - default: Multiply - description: Type of the math transform to be - run. - enum: - - Multiply - - ClampMin - - ClampMax - type: string - type: object - string: - description: String is used to transform the input - into a string or a different kind of string. Note - that the input does not necessarily need to be - a string. - properties: - convert: - description: Optional conversion method to be - specified. `ToUpper` and `ToLower` change - the letter case of the input string. `ToBase64` - and `FromBase64` perform a base64 conversion - based on the input string. `ToJson` converts - any input value into its raw JSON representation. - `ToSha1`, `ToSha256` and `ToSha512` generate - a hash value based on the input converted - to JSON. - enum: - - ToUpper - - ToLower - - ToBase64 - - FromBase64 - - ToJson - - ToSha1 - - ToSha256 - - ToSha512 - type: string - fmt: - description: Format the input using a Go format - string. See https://golang.org/pkg/fmt/ for - details. - type: string - regexp: - description: Extract a match from the input - using a regular expression. - properties: - group: - description: Group number to match. 0 (the - default) matches the entire expression. - type: integer - match: - description: Match string. May optionally - include submatches, aka capture groups. - See https://pkg.go.dev/regexp/ for details. - type: string - required: - - match - type: object - trim: - description: Trim the prefix or suffix from - the input - type: string - type: - default: Format - description: Type of the string transform to - be run. - enum: - - Format - - Convert - - TrimPrefix - - TrimSuffix - - Regexp - type: string - type: object - type: - description: Type of the transform to be run. - enum: - - map - - match - - math - - string - - convert - type: string - required: - - type - type: object - type: array - type: - default: FromCompositeFieldPath - description: Type sets the patching behaviour to be used. - Each patch type may require its own fields to be set - on the Patch object. - enum: - - FromCompositeFieldPath - - FromEnvironmentFieldPath - - PatchSet - - ToCompositeFieldPath - - ToEnvironmentFieldPath - - CombineFromEnvironment - - CombineFromComposite - - CombineToComposite - - CombineToEnvironment - type: string - type: object - type: array - readinessChecks: - default: - - matchCondition: - status: "True" - type: Ready - type: MatchCondition - description: ReadinessChecks allows users to define custom readiness - checks. All checks have to return true in order for resource - to be considered ready. The default readiness check is to - have the "Ready" condition to be "True". - items: - description: ReadinessCheck is used to indicate how to tell - whether a resource is ready for consumption - properties: - fieldPath: - description: FieldPath shows the path of the field whose - value will be used. - type: string - matchCondition: - description: MatchCondition specifies the condition you'd - like to match if you're using "MatchCondition" type. - properties: - status: - default: "True" - description: Status is the status of the condition - you'd like to match. - type: string - type: - default: Ready - description: Type indicates the type of condition - you'd like to use. - type: string - required: - - status - - type - type: object - matchInteger: - description: MatchInt is the value you'd like to match - if you're using "MatchInt" type. - format: int64 - type: integer - matchString: - description: MatchString is the value you'd like to match - if you're using "MatchString" type. - type: string - type: - description: Type indicates the type of probe you'd like - to use. - enum: - - MatchString - - MatchInteger - - NonEmpty - - MatchCondition - - None - type: string - required: - - type - type: object - type: array - required: - - base - type: object - type: array - revision: - description: Revision number. Newer revisions have larger numbers. - format: int64 - type: integer - writeConnectionSecretsToNamespace: - description: WriteConnectionSecretsToNamespace specifies the namespace - in which the connection secrets of composite resource dynamically - provisioned using this composition will be created. This field is - planned to be removed in a future release in favor of PublishConnectionDetailsWithStoreConfigRef. - Currently, both could be set independently and connection details - would be published to both without affecting each other as long - as related fields at MR level specified. - type: string - required: - - compositeTypeRef - - revision - type: object - status: - description: CompositionRevisionStatus shows the observed state of the - composition revision. - properties: - conditions: - description: Conditions of the resource. - items: - description: A Condition that may apply to a resource. - properties: - lastTransitionTime: - description: LastTransitionTime is the last time this condition - transitioned from one status to another. - format: date-time - type: string - message: - description: A Message containing details about this condition's - last transition from one status to another, if any. - type: string - reason: - description: A Reason for this condition's last transition from - one status to another. - type: string - status: - description: Status of this condition; is it currently True, - False, or Unknown? - type: string - type: - description: Type of this condition. At most one of each condition - type may apply to a resource at any point in time. - type: string - required: - - lastTransitionTime - - reason - - status - - type - type: object - type: array - type: object - type: object - served: true - storage: true - subresources: - status: {} - - additionalPrinterColumns: - - jsonPath: .spec.revision - name: REVISION - type: string - - jsonPath: .spec.compositeTypeRef.kind - name: XR-KIND - type: string - - jsonPath: .spec.compositeTypeRef.apiVersion - name: XR-APIVERSION - type: string - - jsonPath: .metadata.creationTimestamp - name: AGE - type: date - name: v1beta1 - schema: - openAPIV3Schema: - description: A CompositionRevision represents a revision in time of a Composition. - Revisions are created by Crossplane; they should be treated as immutable. - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: CompositionRevisionSpec specifies the desired state of the - composition revision. - properties: - compositeTypeRef: - description: CompositeTypeRef specifies the type of composite resource - that this composition is compatible with. - properties: - apiVersion: - description: APIVersion of the type. - type: string - kind: - description: Kind of the type. - type: string - required: - - apiVersion - - kind - type: object - environment: - description: Environment configures the environment in which resources - are rendered. - properties: - environmentConfigs: - description: "EnvironmentConfigs selects a list of `EnvironmentConfig`s. - The resolved resources are stored in the composite resource - at `spec.environmentConfigRefs` and is only updated if it is - null. \n The list of references is used to compute an in-memory - environment at compose time. The data of all object is merged - in the order they are listed, meaning the values of EnvironmentConfigs - with a larger index take priority over ones with smaller indices. - \n The computed environment can be accessed in a composition - using `FromEnvironmentFieldPath` and `CombineFromEnvironment` - patches." - items: - description: EnvironmentSource selects a EnvironmentConfig resource. - properties: - ref: - description: Ref is a named reference to a single EnvironmentConfig. - Either Ref or Selector is required. - properties: - name: - description: The name of the object. - type: string - required: - - name - type: object - selector: - description: Selector selects EnvironmentConfig(s) via labels. - properties: - matchLabels: - description: MatchLabels ensures an object with matching - labels is selected. - items: - description: An EnvironmentSourceSelectorLabelMatcher - acts like a k8s label selector but can draw the - label value from a different path. - properties: - key: - description: Key of the label to match. - type: string - type: - default: FromCompositeFieldPath - description: Type specifies where the value for - a label comes from. - enum: - - FromCompositeFieldPath - - Value - type: string - value: - description: Value specifies a literal label value. - type: string - valueFromFieldPath: - description: ValueFromFieldPath specifies the - field path to look for the label value. - type: string - required: - - key - type: object - type: array - maxMatch: - description: MaxMatch specifies the number of extracted - EnvironmentConfigs in Multiple mode, extracts all - if nil. - format: int64 - type: integer - mode: - default: Single - description: 'Mode specifies retrieval strategy: "Single" - or "Multiple".' - enum: - - Single - - Multiple - type: string - sortByFieldPath: - default: metadata.name - description: SortByFieldPath is the path to the field - based on which list of EnvironmentConfigs is alphabetically - sorted. - type: string - type: object - type: - default: Reference - description: Type specifies the way the EnvironmentConfig - is selected. Default is `Reference` - enum: - - Reference - - Selector - type: string - type: object - type: array - patches: - description: Patches is a list of environment patches that are - executed before a composition's resources are composed. - items: - description: EnvironmentPatch is a patch for a Composition environment. - properties: - combine: - description: Combine is the patch configuration for a CombineFromComposite - or CombineToComposite patch. - properties: - strategy: - description: Strategy defines the strategy to use to - combine the input variable values. Currently only - string is supported. - enum: - - string - type: string - string: - description: String declares that input variables should - be combined into a single string, using the relevant - settings for formatting purposes. - properties: - fmt: - description: Format the input using a Go format - string. See https://golang.org/pkg/fmt/ for details. - type: string - required: - - fmt - type: object - variables: - description: Variables are the list of variables whose - values will be retrieved and combined. - items: - description: A CombineVariable defines the source - of a value that is combined with others to form - and patch an output value. Currently, this only - supports retrieving values from a field path. - properties: - fromFieldPath: - description: FromFieldPath is the path of the - field on the source whose value is to be used - as input. - type: string - required: - - fromFieldPath - type: object - minItems: 1 - type: array - required: - - strategy - - variables - type: object - fromFieldPath: - description: FromFieldPath is the path of the field on the - resource whose value is to be used as input. Required - when type is FromCompositeFieldPath or ToCompositeFieldPath. - type: string - policy: - description: Policy configures the specifics of patching - behaviour. - properties: - fromFieldPath: - description: FromFieldPath specifies how to patch from - a field path. The default is 'Optional', which means - the patch will be a no-op if the specified fromFieldPath - does not exist. Use 'Required' if the patch should - fail if the specified path does not exist. - enum: - - Optional - - Required - type: string - mergeOptions: - description: MergeOptions Specifies merge options on - a field path - properties: - appendSlice: - description: Specifies that already existing elements - in a merged slice should be preserved - type: boolean - keepMapValues: - description: Specifies that already existing values - in a merged map should be preserved - type: boolean - type: object - type: object - toFieldPath: - description: ToFieldPath is the path of the field on the - resource whose value will be changed with the result of - transforms. Leave empty if you'd like to propagate to - the same path as fromFieldPath. - type: string - transforms: - description: Transforms are the list of functions that are - used as a FIFO pipe for the input to be transformed. - items: - description: Transform is a unit of process whose input - is transformed into an output with the supplied configuration. - properties: - convert: - description: Convert is used to cast the input into - the given output type. - properties: - format: - description: "The expected input format. \n * - `quantity` - parses the input as a K8s [`resource.Quantity`](https://pkg.go.dev/k8s.io/apimachinery/pkg/api/resource#Quantity). - Only used during `string -> float64` conversions. - \n If this property is null, the default conversion - is applied." - enum: - - none - - quantity - type: string - toType: - description: ToType is the type of the output - of this transform. - enum: - - string - - int - - int64 - - bool - - float64 - type: string - required: - - toType - type: object - map: - additionalProperties: - x-kubernetes-preserve-unknown-fields: true - description: Map uses the input as a key in the given - map and returns the value. - type: object - match: - description: Match is a more complex version of Map - that matches a list of patterns. - properties: - fallbackTo: - default: Value - description: Determines to what value the transform - should fallback if no pattern matches. - enum: - - Value - - Input - type: string - fallbackValue: - description: The fallback value that should be - returned by the transform if now pattern matches. - x-kubernetes-preserve-unknown-fields: true - patterns: - description: The patterns that should be tested - against the input string. Patterns are tested - in order. The value of the first match is used - as result of this transform. - items: - description: MatchTransformPattern is a transform - that returns the value that matches a pattern. - properties: - literal: - description: Literal exactly matches the - input string (case sensitive). Is required - if `type` is `literal`. - type: string - regexp: - description: Regexp to match against the - input string. Is required if `type` is - `regexp`. - type: string - result: - description: The value that is used as result - of the transform if the pattern matches. - x-kubernetes-preserve-unknown-fields: true - type: - default: literal - description: "Type specifies how the pattern - matches the input. \n * `literal` - the - pattern value has to exactly match (case - sensitive) the input string. This is the - default. \n * `regexp` - the pattern treated - as a regular expression against which - the input string is tested. Crossplane - will throw an error if the key is not - a valid regexp." - enum: - - literal - - regexp - type: string - required: - - result - - type - type: object - type: array - type: object - math: - description: Math is used to transform the input via - mathematical operations such as multiplication. - properties: - clampMax: - description: ClampMax makes sure that the value - is not bigger than the given value. - format: int64 - type: integer - clampMin: - description: ClampMin makes sure that the value - is not smaller than the given value. - format: int64 - type: integer - multiply: - description: Multiply the value. - format: int64 - type: integer - type: - default: Multiply - description: Type of the math transform to be - run. - enum: - - Multiply - - ClampMin - - ClampMax - type: string - type: object - string: - description: String is used to transform the input - into a string or a different kind of string. Note - that the input does not necessarily need to be a - string. - properties: - convert: - description: Optional conversion method to be - specified. `ToUpper` and `ToLower` change the - letter case of the input string. `ToBase64` - and `FromBase64` perform a base64 conversion - based on the input string. `ToJson` converts - any input value into its raw JSON representation. - `ToSha1`, `ToSha256` and `ToSha512` generate - a hash value based on the input converted to - JSON. - enum: - - ToUpper - - ToLower - - ToBase64 - - FromBase64 - - ToJson - - ToSha1 - - ToSha256 - - ToSha512 - type: string - fmt: - description: Format the input using a Go format - string. See https://golang.org/pkg/fmt/ for - details. - type: string - regexp: - description: Extract a match from the input using - a regular expression. - properties: - group: - description: Group number to match. 0 (the - default) matches the entire expression. - type: integer - match: - description: Match string. May optionally - include submatches, aka capture groups. - See https://pkg.go.dev/regexp/ for details. - type: string - required: - - match - type: object - trim: - description: Trim the prefix or suffix from the - input - type: string - type: - default: Format - description: Type of the string transform to be - run. - enum: - - Format - - Convert - - TrimPrefix - - TrimSuffix - - Regexp - type: string - type: object - type: - description: Type of the transform to be run. - enum: - - map - - match - - math - - string - - convert - type: string - required: - - type - type: object - type: array - type: - default: FromCompositeFieldPath - description: Type sets the patching behaviour to be used. - Each patch type may require its own fields to be set on - the Patch object. - enum: - - FromCompositeFieldPath - - ToCompositeFieldPath - - CombineFromComposite - - CombineToComposite - type: string - type: object - type: array - policy: - description: Policy represents the Resolve and Resolution policies - which apply to all EnvironmentSourceReferences in EnvironmentConfigs - list. - properties: - resolution: - default: Required - description: Resolution specifies whether resolution of this - reference is required. The default is 'Required', which - means the reconcile will fail if the reference cannot be - resolved. 'Optional' means this reference will be a no-op - if it cannot be resolved. - enum: - - Required - - Optional - type: string - resolve: - description: Resolve specifies when this reference should - be resolved. The default is 'IfNotPresent', which will attempt - to resolve the reference only when the corresponding field - is not present. Use 'Always' to resolve the reference on - every reconcile. - enum: - - Always - - IfNotPresent - type: string - type: object - type: object - functions: - description: Functions is list of Composition Functions that will - be used when a composite resource referring to this composition - is created. At least one of resources and functions must be specified. - If both are specified the resources will be rendered first, then - passed to the functions for further processing. - items: - description: A Function represents a Composition Function. - properties: - config: - description: Config is an optional, arbitrary Kubernetes resource - (i.e. a resource with an apiVersion and kind) that will be - passed to the Composition Function as the 'config' block of - its FunctionIO. - type: object - x-kubernetes-embedded-resource: true - x-kubernetes-preserve-unknown-fields: true - container: - description: Container configuration of this function. - properties: - image: - description: Image specifies the OCI image in which the - function is packaged. The image should include an entrypoint - that reads a FunctionIO from stdin and emits it, optionally - mutated, to stdout. - type: string - imagePullPolicy: - default: IfNotPresent - description: ImagePullPolicy defines the pull policy for - the function image. - enum: - - IfNotPresent - - Always - - Never - type: string - imagePullSecrets: - description: ImagePullSecrets are used to pull images from - private OCI registries. - items: - description: LocalObjectReference contains enough information - to let you locate the referenced object inside the same - namespace. - properties: - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, - uid?' - type: string - type: object - x-kubernetes-map-type: atomic - type: array - network: - description: Network configuration for the Composition Function. - properties: - policy: - default: Isolated - description: Policy specifies the network policy under - which the Composition Function will run. Defaults - to 'Isolated' - i.e. no network access. Specify 'Runner' - to allow the function the same network access as its - runner. - enum: - - Isolated - - Runner - type: string - type: object - resources: - description: Resources that may be used by the Composition - Function. - properties: - limits: - description: Limits specify the maximum compute resources - that may be used by the Composition Function. - properties: - cpu: - anyOf: - - type: integer - - type: string - default: 100m - description: CPU, in cores. (500m = .5 cores) - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - memory: - anyOf: - - type: integer - - type: string - default: 128Mi - description: Memory, in bytes. (500Gi = 500GiB = - 500 * 1024 * 1024 * 1024) - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - type: object - type: object - runner: - description: Runner configuration for the Composition Function. - properties: - endpoint: - default: unix-abstract:crossplane/fn/default.sock - description: Endpoint specifies how and where Crossplane - should reach the runner it uses to invoke containerized - Composition Functions. - type: string - type: object - timeout: - default: 20s - description: Timeout after which the Composition Function - will be killed. - type: string - required: - - image - type: object - name: - description: Name of this function. Must be unique within its - Composition. - type: string - type: - description: Type of this function. - enum: - - Container - type: string - required: - - name - - type - type: object - type: array - patchSets: - description: PatchSets define a named set of patches that may be included - by any resource in this Composition. PatchSets cannot themselves - refer to other PatchSets. - items: - description: A PatchSet is a set of patches that can be reused from - all resources within a Composition. - properties: - name: - description: Name of this PatchSet. - type: string - patches: - description: Patches will be applied as an overlay to the base - resource. - items: - description: Patch objects are applied between composite and - composed resources. Their behaviour depends on the Type - selected. The default Type, FromCompositeFieldPath, copies - a value from the composite resource to the composed resource, - applying any defined transformers. - properties: - combine: - description: Combine is the patch configuration for a - CombineFromComposite, CombineFromEnvironment, CombineToComposite - or CombineToEnvironment patch. - properties: - strategy: - description: Strategy defines the strategy to use - to combine the input variable values. Currently - only string is supported. - enum: - - string - type: string - string: - description: String declares that input variables - should be combined into a single string, using the - relevant settings for formatting purposes. - properties: - fmt: - description: Format the input using a Go format - string. See https://golang.org/pkg/fmt/ for - details. - type: string - required: - - fmt - type: object - variables: - description: Variables are the list of variables whose - values will be retrieved and combined. - items: - description: A CombineVariable defines the source - of a value that is combined with others to form - and patch an output value. Currently, this only - supports retrieving values from a field path. - properties: - fromFieldPath: - description: FromFieldPath is the path of the - field on the source whose value is to be used - as input. - type: string - required: - - fromFieldPath - type: object - minItems: 1 - type: array - required: - - strategy - - variables - type: object - fromFieldPath: - description: FromFieldPath is the path of the field on - the resource whose value is to be used as input. Required - when type is FromCompositeFieldPath, FromEnvironmentFieldPath, - ToCompositeFieldPath, ToEnvironmentFieldPath. - type: string - patchSetName: - description: PatchSetName to include patches from. Required - when type is PatchSet. - type: string - policy: - description: Policy configures the specifics of patching - behaviour. - properties: - fromFieldPath: - description: FromFieldPath specifies how to patch - from a field path. The default is 'Optional', which - means the patch will be a no-op if the specified - fromFieldPath does not exist. Use 'Required' if - the patch should fail if the specified path does - not exist. - enum: - - Optional - - Required - type: string - mergeOptions: - description: MergeOptions Specifies merge options - on a field path - properties: - appendSlice: - description: Specifies that already existing elements - in a merged slice should be preserved - type: boolean - keepMapValues: - description: Specifies that already existing values - in a merged map should be preserved - type: boolean - type: object - type: object - toFieldPath: - description: ToFieldPath is the path of the field on the - resource whose value will be changed with the result - of transforms. Leave empty if you'd like to propagate - to the same path as fromFieldPath. - type: string - transforms: - description: Transforms are the list of functions that - are used as a FIFO pipe for the input to be transformed. - items: - description: Transform is a unit of process whose input - is transformed into an output with the supplied configuration. - properties: - convert: - description: Convert is used to cast the input into - the given output type. - properties: - format: - description: "The expected input format. \n - * `quantity` - parses the input as a K8s [`resource.Quantity`](https://pkg.go.dev/k8s.io/apimachinery/pkg/api/resource#Quantity). - Only used during `string -> float64` conversions. - \n If this property is null, the default conversion - is applied." - enum: - - none - - quantity - type: string - toType: - description: ToType is the type of the output - of this transform. - enum: - - string - - int - - int64 - - bool - - float64 - type: string - required: - - toType - type: object - map: - additionalProperties: - x-kubernetes-preserve-unknown-fields: true - description: Map uses the input as a key in the - given map and returns the value. - type: object - match: - description: Match is a more complex version of - Map that matches a list of patterns. - properties: - fallbackTo: - default: Value - description: Determines to what value the transform - should fallback if no pattern matches. - enum: - - Value - - Input - type: string - fallbackValue: - description: The fallback value that should - be returned by the transform if now pattern - matches. - x-kubernetes-preserve-unknown-fields: true - patterns: - description: The patterns that should be tested - against the input string. Patterns are tested - in order. The value of the first match is - used as result of this transform. - items: - description: MatchTransformPattern is a transform - that returns the value that matches a pattern. - properties: - literal: - description: Literal exactly matches the - input string (case sensitive). Is required - if `type` is `literal`. - type: string - regexp: - description: Regexp to match against the - input string. Is required if `type` - is `regexp`. - type: string - result: - description: The value that is used as - result of the transform if the pattern - matches. - x-kubernetes-preserve-unknown-fields: true - type: - default: literal - description: "Type specifies how the pattern - matches the input. \n * `literal` - - the pattern value has to exactly match - (case sensitive) the input string. This - is the default. \n * `regexp` - the - pattern treated as a regular expression - against which the input string is tested. - Crossplane will throw an error if the - key is not a valid regexp." - enum: - - literal - - regexp - type: string - required: - - result - - type - type: object - type: array - type: object - math: - description: Math is used to transform the input - via mathematical operations such as multiplication. - properties: - clampMax: - description: ClampMax makes sure that the value - is not bigger than the given value. - format: int64 - type: integer - clampMin: - description: ClampMin makes sure that the value - is not smaller than the given value. - format: int64 - type: integer - multiply: - description: Multiply the value. - format: int64 - type: integer - type: - default: Multiply - description: Type of the math transform to be - run. - enum: - - Multiply - - ClampMin - - ClampMax - type: string - type: object - string: - description: String is used to transform the input - into a string or a different kind of string. Note - that the input does not necessarily need to be - a string. - properties: - convert: - description: Optional conversion method to be - specified. `ToUpper` and `ToLower` change - the letter case of the input string. `ToBase64` - and `FromBase64` perform a base64 conversion - based on the input string. `ToJson` converts - any input value into its raw JSON representation. - `ToSha1`, `ToSha256` and `ToSha512` generate - a hash value based on the input converted - to JSON. - enum: - - ToUpper - - ToLower - - ToBase64 - - FromBase64 - - ToJson - - ToSha1 - - ToSha256 - - ToSha512 - type: string - fmt: - description: Format the input using a Go format - string. See https://golang.org/pkg/fmt/ for - details. - type: string - regexp: - description: Extract a match from the input - using a regular expression. - properties: - group: - description: Group number to match. 0 (the - default) matches the entire expression. - type: integer - match: - description: Match string. May optionally - include submatches, aka capture groups. - See https://pkg.go.dev/regexp/ for details. - type: string - required: - - match - type: object - trim: - description: Trim the prefix or suffix from - the input - type: string - type: - default: Format - description: Type of the string transform to - be run. - enum: - - Format - - Convert - - TrimPrefix - - TrimSuffix - - Regexp - type: string - type: object - type: - description: Type of the transform to be run. - enum: - - map - - match - - math - - string - - convert - type: string - required: - - type - type: object - type: array - type: - default: FromCompositeFieldPath - description: Type sets the patching behaviour to be used. - Each patch type may require its own fields to be set - on the Patch object. - enum: - - FromCompositeFieldPath - - FromEnvironmentFieldPath - - PatchSet - - ToCompositeFieldPath - - ToEnvironmentFieldPath - - CombineFromEnvironment - - CombineFromComposite - - CombineToComposite - - CombineToEnvironment - type: string - type: object - type: array - required: - - name - - patches - type: object - type: array - publishConnectionDetailsWithStoreConfigRef: - default: - name: default - description: PublishConnectionDetailsWithStoreConfig specifies the - secret store config with which the connection details of composite - resources dynamically provisioned using this composition will be - published. - properties: - name: - description: Name of the referenced StoreConfig. - type: string - required: - - name - type: object - resources: - description: Resources is the list of resource templates that will - be used when a composite resource referring to this composition - is created. - items: - description: ComposedTemplate is used to provide information about - how the composed resource should be processed. - properties: - base: - description: Base is the target resource that the patches will - be applied on. - type: object - x-kubernetes-embedded-resource: true - x-kubernetes-preserve-unknown-fields: true - connectionDetails: - description: ConnectionDetails lists the propagation secret - keys from this target resource to the composition instance - connection secret. - items: - description: ConnectionDetail includes the information about - the propagation of the connection information from one secret - to another. - properties: - fromConnectionSecretKey: - description: FromConnectionSecretKey is the key that will - be used to fetch the value from the composed resource's - connection secret. - type: string - fromFieldPath: - description: FromFieldPath is the path of the field on - the composed resource whose value to be used as input. - Name must be specified if the type is FromFieldPath. - type: string - name: - description: Name of the connection secret key that will - be propagated to the connection secret of the composition - instance. Leave empty if you'd like to use the same - key name. - type: string - type: - description: 'Type sets the connection detail fetching - behaviour to be used. Each connection detail type may - require its own fields to be set on the ConnectionDetail - object. If the type is omitted Crossplane will attempt - to infer it based on which other fields were specified. - If multiple fields are specified the order of precedence - is: 1. FromValue 2. FromConnectionSecretKey 3. FromFieldPath' - enum: - - FromConnectionSecretKey - - FromFieldPath - - FromValue - type: string - value: - description: Value that will be propagated to the connection - secret of the composite resource. May be set to inject - a fixed, non-sensitive connection secret value, for - example a well-known port. - type: string - type: object - type: array - name: - description: A Name uniquely identifies this entry within its - Composition's resources array. Names are optional but *strongly* - recommended. When all entries in the resources array are named - entries may added, deleted, and reordered as long as their - names do not change. When entries are not named the length - and order of the resources array should be treated as immutable. - Either all or no entries must be named. - type: string - patches: - description: Patches will be applied as overlay to the base - resource. - items: - description: Patch objects are applied between composite and - composed resources. Their behaviour depends on the Type - selected. The default Type, FromCompositeFieldPath, copies - a value from the composite resource to the composed resource, - applying any defined transformers. - properties: - combine: - description: Combine is the patch configuration for a - CombineFromComposite, CombineFromEnvironment, CombineToComposite - or CombineToEnvironment patch. - properties: - strategy: - description: Strategy defines the strategy to use - to combine the input variable values. Currently - only string is supported. - enum: - - string - type: string - string: - description: String declares that input variables - should be combined into a single string, using the - relevant settings for formatting purposes. - properties: - fmt: - description: Format the input using a Go format - string. See https://golang.org/pkg/fmt/ for - details. - type: string - required: - - fmt - type: object - variables: - description: Variables are the list of variables whose - values will be retrieved and combined. - items: - description: A CombineVariable defines the source - of a value that is combined with others to form - and patch an output value. Currently, this only - supports retrieving values from a field path. - properties: - fromFieldPath: - description: FromFieldPath is the path of the - field on the source whose value is to be used - as input. - type: string - required: - - fromFieldPath - type: object - minItems: 1 - type: array - required: - - strategy - - variables - type: object - fromFieldPath: - description: FromFieldPath is the path of the field on - the resource whose value is to be used as input. Required - when type is FromCompositeFieldPath, FromEnvironmentFieldPath, - ToCompositeFieldPath, ToEnvironmentFieldPath. - type: string - patchSetName: - description: PatchSetName to include patches from. Required - when type is PatchSet. - type: string - policy: - description: Policy configures the specifics of patching - behaviour. - properties: - fromFieldPath: - description: FromFieldPath specifies how to patch - from a field path. The default is 'Optional', which - means the patch will be a no-op if the specified - fromFieldPath does not exist. Use 'Required' if - the patch should fail if the specified path does - not exist. - enum: - - Optional - - Required - type: string - mergeOptions: - description: MergeOptions Specifies merge options - on a field path - properties: - appendSlice: - description: Specifies that already existing elements - in a merged slice should be preserved - type: boolean - keepMapValues: - description: Specifies that already existing values - in a merged map should be preserved - type: boolean - type: object - type: object - toFieldPath: - description: ToFieldPath is the path of the field on the - resource whose value will be changed with the result - of transforms. Leave empty if you'd like to propagate - to the same path as fromFieldPath. - type: string - transforms: - description: Transforms are the list of functions that - are used as a FIFO pipe for the input to be transformed. - items: - description: Transform is a unit of process whose input - is transformed into an output with the supplied configuration. - properties: - convert: - description: Convert is used to cast the input into - the given output type. - properties: - format: - description: "The expected input format. \n - * `quantity` - parses the input as a K8s [`resource.Quantity`](https://pkg.go.dev/k8s.io/apimachinery/pkg/api/resource#Quantity). - Only used during `string -> float64` conversions. - \n If this property is null, the default conversion - is applied." - enum: - - none - - quantity - type: string - toType: - description: ToType is the type of the output - of this transform. - enum: - - string - - int - - int64 - - bool - - float64 - type: string - required: - - toType - type: object - map: - additionalProperties: - x-kubernetes-preserve-unknown-fields: true - description: Map uses the input as a key in the - given map and returns the value. - type: object - match: - description: Match is a more complex version of - Map that matches a list of patterns. - properties: - fallbackTo: - default: Value - description: Determines to what value the transform - should fallback if no pattern matches. - enum: - - Value - - Input - type: string - fallbackValue: - description: The fallback value that should - be returned by the transform if now pattern - matches. - x-kubernetes-preserve-unknown-fields: true - patterns: - description: The patterns that should be tested - against the input string. Patterns are tested - in order. The value of the first match is - used as result of this transform. - items: - description: MatchTransformPattern is a transform - that returns the value that matches a pattern. - properties: - literal: - description: Literal exactly matches the - input string (case sensitive). Is required - if `type` is `literal`. - type: string - regexp: - description: Regexp to match against the - input string. Is required if `type` - is `regexp`. - type: string - result: - description: The value that is used as - result of the transform if the pattern - matches. - x-kubernetes-preserve-unknown-fields: true - type: - default: literal - description: "Type specifies how the pattern - matches the input. \n * `literal` - - the pattern value has to exactly match - (case sensitive) the input string. This - is the default. \n * `regexp` - the - pattern treated as a regular expression - against which the input string is tested. - Crossplane will throw an error if the - key is not a valid regexp." - enum: - - literal - - regexp - type: string - required: - - result - - type - type: object - type: array - type: object - math: - description: Math is used to transform the input - via mathematical operations such as multiplication. - properties: - clampMax: - description: ClampMax makes sure that the value - is not bigger than the given value. - format: int64 - type: integer - clampMin: - description: ClampMin makes sure that the value - is not smaller than the given value. - format: int64 - type: integer - multiply: - description: Multiply the value. - format: int64 - type: integer - type: - default: Multiply - description: Type of the math transform to be - run. - enum: - - Multiply - - ClampMin - - ClampMax - type: string - type: object - string: - description: String is used to transform the input - into a string or a different kind of string. Note - that the input does not necessarily need to be - a string. - properties: - convert: - description: Optional conversion method to be - specified. `ToUpper` and `ToLower` change - the letter case of the input string. `ToBase64` - and `FromBase64` perform a base64 conversion - based on the input string. `ToJson` converts - any input value into its raw JSON representation. - `ToSha1`, `ToSha256` and `ToSha512` generate - a hash value based on the input converted - to JSON. - enum: - - ToUpper - - ToLower - - ToBase64 - - FromBase64 - - ToJson - - ToSha1 - - ToSha256 - - ToSha512 - type: string - fmt: - description: Format the input using a Go format - string. See https://golang.org/pkg/fmt/ for - details. - type: string - regexp: - description: Extract a match from the input - using a regular expression. - properties: - group: - description: Group number to match. 0 (the - default) matches the entire expression. - type: integer - match: - description: Match string. May optionally - include submatches, aka capture groups. - See https://pkg.go.dev/regexp/ for details. - type: string - required: - - match - type: object - trim: - description: Trim the prefix or suffix from - the input - type: string - type: - default: Format - description: Type of the string transform to - be run. - enum: - - Format - - Convert - - TrimPrefix - - TrimSuffix - - Regexp - type: string - type: object - type: - description: Type of the transform to be run. - enum: - - map - - match - - math - - string - - convert - type: string - required: - - type - type: object - type: array - type: - default: FromCompositeFieldPath - description: Type sets the patching behaviour to be used. - Each patch type may require its own fields to be set - on the Patch object. - enum: - - FromCompositeFieldPath - - FromEnvironmentFieldPath - - PatchSet - - ToCompositeFieldPath - - ToEnvironmentFieldPath - - CombineFromEnvironment - - CombineFromComposite - - CombineToComposite - - CombineToEnvironment - type: string - type: object - type: array - readinessChecks: - default: - - matchCondition: - status: "True" - type: Ready - type: MatchCondition - description: ReadinessChecks allows users to define custom readiness - checks. All checks have to return true in order for resource - to be considered ready. The default readiness check is to - have the "Ready" condition to be "True". - items: - description: ReadinessCheck is used to indicate how to tell - whether a resource is ready for consumption - properties: - fieldPath: - description: FieldPath shows the path of the field whose - value will be used. - type: string - matchCondition: - description: MatchCondition specifies the condition you'd - like to match if you're using "MatchCondition" type. - properties: - status: - default: "True" - description: Status is the status of the condition - you'd like to match. - type: string - type: - default: Ready - description: Type indicates the type of condition - you'd like to use. - type: string - required: - - status - - type - type: object - matchInteger: - description: MatchInt is the value you'd like to match - if you're using "MatchInt" type. - format: int64 - type: integer - matchString: - description: MatchString is the value you'd like to match - if you're using "MatchString" type. - type: string - type: - description: Type indicates the type of probe you'd like - to use. - enum: - - MatchString - - MatchInteger - - NonEmpty - - MatchCondition - - None - type: string - required: - - type - type: object - type: array - required: - - base - type: object - type: array - revision: - description: Revision number. Newer revisions have larger numbers. - format: int64 - type: integer - writeConnectionSecretsToNamespace: - description: WriteConnectionSecretsToNamespace specifies the namespace - in which the connection secrets of composite resource dynamically - provisioned using this composition will be created. This field is - planned to be removed in a future release in favor of PublishConnectionDetailsWithStoreConfigRef. - Currently, both could be set independently and connection details - would be published to both without affecting each other as long - as related fields at MR level specified. - type: string - required: - - compositeTypeRef - - revision - type: object - status: - description: CompositionRevisionStatus shows the observed state of the - composition revision. - properties: - conditions: - description: Conditions of the resource. - items: - description: A Condition that may apply to a resource. - properties: - lastTransitionTime: - description: LastTransitionTime is the last time this condition - transitioned from one status to another. - format: date-time - type: string - message: - description: A Message containing details about this condition's - last transition from one status to another, if any. - type: string - reason: - description: A Reason for this condition's last transition from - one status to another. - type: string - status: - description: Status of this condition; is it currently True, - False, or Unknown? - type: string - type: - description: Type of this condition. At most one of each condition - type may apply to a resource at any point in time. - type: string - required: - - lastTransitionTime - - reason - - status - - type - type: object - type: array - type: object - type: object - served: true - storage: false - subresources: - status: {} diff --git a/cluster/crds/apiextensions.crossplane.io_compositions.yaml b/cluster/crds/apiextensions.crossplane.io_compositions.yaml deleted file mode 100644 index aaf2bcd3fe7..00000000000 --- a/cluster/crds/apiextensions.crossplane.io_compositions.yaml +++ /dev/null @@ -1,1457 +0,0 @@ -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - annotations: - controller-gen.kubebuilder.io/version: v0.12.1 - name: compositions.apiextensions.crossplane.io -spec: - group: apiextensions.crossplane.io - names: - categories: - - crossplane - kind: Composition - listKind: CompositionList - plural: compositions - shortNames: - - comp - singular: composition - scope: Cluster - versions: - - additionalPrinterColumns: - - jsonPath: .spec.compositeTypeRef.kind - name: XR-KIND - type: string - - jsonPath: .spec.compositeTypeRef.apiVersion - name: XR-APIVERSION - type: string - - jsonPath: .metadata.creationTimestamp - name: AGE - type: date - name: v1 - schema: - openAPIV3Schema: - description: A Composition specifies how a composite resource should be composed. - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: CompositionSpec specifies desired state of a composition. - properties: - compositeTypeRef: - description: CompositeTypeRef specifies the type of composite resource - that this composition is compatible with. - properties: - apiVersion: - description: APIVersion of the type. - type: string - kind: - description: Kind of the type. - type: string - required: - - apiVersion - - kind - type: object - environment: - description: Environment configures the environment in which resources - are rendered. THIS IS AN ALPHA FIELD. Do not use it in production. - It is not honored unless the relevant Crossplane feature flag is - enabled, and may be changed or removed without notice. - properties: - environmentConfigs: - description: "EnvironmentConfigs selects a list of `EnvironmentConfig`s. - The resolved resources are stored in the composite resource - at `spec.environmentConfigRefs` and is only updated if it is - null. \n The list of references is used to compute an in-memory - environment at compose time. The data of all object is merged - in the order they are listed, meaning the values of EnvironmentConfigs - with a larger index take priority over ones with smaller indices. - \n The computed environment can be accessed in a composition - using `FromEnvironmentFieldPath` and `CombineFromEnvironment` - patches." - items: - description: EnvironmentSource selects a EnvironmentConfig resource. - properties: - ref: - description: Ref is a named reference to a single EnvironmentConfig. - Either Ref or Selector is required. - properties: - name: - description: The name of the object. - type: string - required: - - name - type: object - selector: - description: Selector selects EnvironmentConfig(s) via labels. - properties: - matchLabels: - description: MatchLabels ensures an object with matching - labels is selected. - items: - description: An EnvironmentSourceSelectorLabelMatcher - acts like a k8s label selector but can draw the - label value from a different path. - properties: - key: - description: Key of the label to match. - type: string - type: - default: FromCompositeFieldPath - description: Type specifies where the value for - a label comes from. - enum: - - FromCompositeFieldPath - - Value - type: string - value: - description: Value specifies a literal label value. - type: string - valueFromFieldPath: - description: ValueFromFieldPath specifies the - field path to look for the label value. - type: string - required: - - key - type: object - type: array - maxMatch: - description: MaxMatch specifies the number of extracted - EnvironmentConfigs in Multiple mode, extracts all - if nil. - format: int64 - type: integer - mode: - default: Single - description: 'Mode specifies retrieval strategy: "Single" - or "Multiple".' - enum: - - Single - - Multiple - type: string - sortByFieldPath: - default: metadata.name - description: SortByFieldPath is the path to the field - based on which list of EnvironmentConfigs is alphabetically - sorted. - type: string - type: object - type: - default: Reference - description: Type specifies the way the EnvironmentConfig - is selected. Default is `Reference` - enum: - - Reference - - Selector - type: string - type: object - type: array - patches: - description: Patches is a list of environment patches that are - executed before a composition's resources are composed. - items: - description: EnvironmentPatch is a patch for a Composition environment. - properties: - combine: - description: Combine is the patch configuration for a CombineFromComposite - or CombineToComposite patch. - properties: - strategy: - description: Strategy defines the strategy to use to - combine the input variable values. Currently only - string is supported. - enum: - - string - type: string - string: - description: String declares that input variables should - be combined into a single string, using the relevant - settings for formatting purposes. - properties: - fmt: - description: Format the input using a Go format - string. See https://golang.org/pkg/fmt/ for details. - type: string - required: - - fmt - type: object - variables: - description: Variables are the list of variables whose - values will be retrieved and combined. - items: - description: A CombineVariable defines the source - of a value that is combined with others to form - and patch an output value. Currently, this only - supports retrieving values from a field path. - properties: - fromFieldPath: - description: FromFieldPath is the path of the - field on the source whose value is to be used - as input. - type: string - required: - - fromFieldPath - type: object - minItems: 1 - type: array - required: - - strategy - - variables - type: object - fromFieldPath: - description: FromFieldPath is the path of the field on the - resource whose value is to be used as input. Required - when type is FromCompositeFieldPath or ToCompositeFieldPath. - type: string - policy: - description: Policy configures the specifics of patching - behaviour. - properties: - fromFieldPath: - description: FromFieldPath specifies how to patch from - a field path. The default is 'Optional', which means - the patch will be a no-op if the specified fromFieldPath - does not exist. Use 'Required' if the patch should - fail if the specified path does not exist. - enum: - - Optional - - Required - type: string - mergeOptions: - description: MergeOptions Specifies merge options on - a field path - properties: - appendSlice: - description: Specifies that already existing elements - in a merged slice should be preserved - type: boolean - keepMapValues: - description: Specifies that already existing values - in a merged map should be preserved - type: boolean - type: object - type: object - toFieldPath: - description: ToFieldPath is the path of the field on the - resource whose value will be changed with the result of - transforms. Leave empty if you'd like to propagate to - the same path as fromFieldPath. - type: string - transforms: - description: Transforms are the list of functions that are - used as a FIFO pipe for the input to be transformed. - items: - description: Transform is a unit of process whose input - is transformed into an output with the supplied configuration. - properties: - convert: - description: Convert is used to cast the input into - the given output type. - properties: - format: - description: "The expected input format. \n * - `quantity` - parses the input as a K8s [`resource.Quantity`](https://pkg.go.dev/k8s.io/apimachinery/pkg/api/resource#Quantity). - Only used during `string -> float64` conversions. - \n If this property is null, the default conversion - is applied." - enum: - - none - - quantity - type: string - toType: - description: ToType is the type of the output - of this transform. - enum: - - string - - int - - int64 - - bool - - float64 - type: string - required: - - toType - type: object - map: - additionalProperties: - x-kubernetes-preserve-unknown-fields: true - description: Map uses the input as a key in the given - map and returns the value. - type: object - match: - description: Match is a more complex version of Map - that matches a list of patterns. - properties: - fallbackTo: - default: Value - description: Determines to what value the transform - should fallback if no pattern matches. - enum: - - Value - - Input - type: string - fallbackValue: - description: The fallback value that should be - returned by the transform if now pattern matches. - x-kubernetes-preserve-unknown-fields: true - patterns: - description: The patterns that should be tested - against the input string. Patterns are tested - in order. The value of the first match is used - as result of this transform. - items: - description: MatchTransformPattern is a transform - that returns the value that matches a pattern. - properties: - literal: - description: Literal exactly matches the - input string (case sensitive). Is required - if `type` is `literal`. - type: string - regexp: - description: Regexp to match against the - input string. Is required if `type` is - `regexp`. - type: string - result: - description: The value that is used as result - of the transform if the pattern matches. - x-kubernetes-preserve-unknown-fields: true - type: - default: literal - description: "Type specifies how the pattern - matches the input. \n * `literal` - the - pattern value has to exactly match (case - sensitive) the input string. This is the - default. \n * `regexp` - the pattern treated - as a regular expression against which - the input string is tested. Crossplane - will throw an error if the key is not - a valid regexp." - enum: - - literal - - regexp - type: string - required: - - result - - type - type: object - type: array - type: object - math: - description: Math is used to transform the input via - mathematical operations such as multiplication. - properties: - clampMax: - description: ClampMax makes sure that the value - is not bigger than the given value. - format: int64 - type: integer - clampMin: - description: ClampMin makes sure that the value - is not smaller than the given value. - format: int64 - type: integer - multiply: - description: Multiply the value. - format: int64 - type: integer - type: - default: Multiply - description: Type of the math transform to be - run. - enum: - - Multiply - - ClampMin - - ClampMax - type: string - type: object - string: - description: String is used to transform the input - into a string or a different kind of string. Note - that the input does not necessarily need to be a - string. - properties: - convert: - description: Optional conversion method to be - specified. `ToUpper` and `ToLower` change the - letter case of the input string. `ToBase64` - and `FromBase64` perform a base64 conversion - based on the input string. `ToJson` converts - any input value into its raw JSON representation. - `ToSha1`, `ToSha256` and `ToSha512` generate - a hash value based on the input converted to - JSON. - enum: - - ToUpper - - ToLower - - ToBase64 - - FromBase64 - - ToJson - - ToSha1 - - ToSha256 - - ToSha512 - type: string - fmt: - description: Format the input using a Go format - string. See https://golang.org/pkg/fmt/ for - details. - type: string - regexp: - description: Extract a match from the input using - a regular expression. - properties: - group: - description: Group number to match. 0 (the - default) matches the entire expression. - type: integer - match: - description: Match string. May optionally - include submatches, aka capture groups. - See https://pkg.go.dev/regexp/ for details. - type: string - required: - - match - type: object - trim: - description: Trim the prefix or suffix from the - input - type: string - type: - default: Format - description: Type of the string transform to be - run. - enum: - - Format - - Convert - - TrimPrefix - - TrimSuffix - - Regexp - type: string - type: object - type: - description: Type of the transform to be run. - enum: - - map - - match - - math - - string - - convert - type: string - required: - - type - type: object - type: array - type: - default: FromCompositeFieldPath - description: Type sets the patching behaviour to be used. - Each patch type may require its own fields to be set on - the Patch object. - enum: - - FromCompositeFieldPath - - ToCompositeFieldPath - - CombineFromComposite - - CombineToComposite - type: string - type: object - type: array - policy: - description: Policy represents the Resolve and Resolution policies - which apply to all EnvironmentSourceReferences in EnvironmentConfigs - list. - properties: - resolution: - default: Required - description: Resolution specifies whether resolution of this - reference is required. The default is 'Required', which - means the reconcile will fail if the reference cannot be - resolved. 'Optional' means this reference will be a no-op - if it cannot be resolved. - enum: - - Required - - Optional - type: string - resolve: - description: Resolve specifies when this reference should - be resolved. The default is 'IfNotPresent', which will attempt - to resolve the reference only when the corresponding field - is not present. Use 'Always' to resolve the reference on - every reconcile. - enum: - - Always - - IfNotPresent - type: string - type: object - type: object - functions: - description: "Functions is list of Composition Functions that will - be used when a composite resource referring to this composition - is created. At least one of resources and functions must be specified. - If both are specified the resources will be rendered first, then - passed to the functions for further processing. \n THIS IS AN ALPHA - FIELD. Do not use it in production. It is not honored unless the - relevant Crossplane feature flag is enabled, and may be changed - or removed without notice." - items: - description: A Function represents a Composition Function. - properties: - config: - description: Config is an optional, arbitrary Kubernetes resource - (i.e. a resource with an apiVersion and kind) that will be - passed to the Composition Function as the 'config' block of - its FunctionIO. - type: object - x-kubernetes-embedded-resource: true - x-kubernetes-preserve-unknown-fields: true - container: - description: Container configuration of this function. - properties: - image: - description: Image specifies the OCI image in which the - function is packaged. The image should include an entrypoint - that reads a FunctionIO from stdin and emits it, optionally - mutated, to stdout. - type: string - imagePullPolicy: - default: IfNotPresent - description: ImagePullPolicy defines the pull policy for - the function image. - enum: - - IfNotPresent - - Always - - Never - type: string - imagePullSecrets: - description: ImagePullSecrets are used to pull images from - private OCI registries. - items: - description: LocalObjectReference contains enough information - to let you locate the referenced object inside the same - namespace. - properties: - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, - uid?' - type: string - type: object - x-kubernetes-map-type: atomic - type: array - network: - description: Network configuration for the Composition Function. - properties: - policy: - default: Isolated - description: Policy specifies the network policy under - which the Composition Function will run. Defaults - to 'Isolated' - i.e. no network access. Specify 'Runner' - to allow the function the same network access as its - runner. - enum: - - Isolated - - Runner - type: string - type: object - resources: - description: Resources that may be used by the Composition - Function. - properties: - limits: - description: Limits specify the maximum compute resources - that may be used by the Composition Function. - properties: - cpu: - anyOf: - - type: integer - - type: string - default: 100m - description: CPU, in cores. (500m = .5 cores) - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - memory: - anyOf: - - type: integer - - type: string - default: 128Mi - description: Memory, in bytes. (500Gi = 500GiB = - 500 * 1024 * 1024 * 1024) - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - type: object - type: object - runner: - description: Runner configuration for the Composition Function. - properties: - endpoint: - default: unix-abstract:crossplane/fn/default.sock - description: Endpoint specifies how and where Crossplane - should reach the runner it uses to invoke containerized - Composition Functions. - type: string - type: object - timeout: - default: 20s - description: Timeout after which the Composition Function - will be killed. - type: string - required: - - image - type: object - name: - description: Name of this function. Must be unique within its - Composition. - type: string - type: - description: Type of this function. - enum: - - Container - type: string - required: - - name - - type - type: object - type: array - patchSets: - description: PatchSets define a named set of patches that may be included - by any resource in this Composition. PatchSets cannot themselves - refer to other PatchSets. - items: - description: A PatchSet is a set of patches that can be reused from - all resources within a Composition. - properties: - name: - description: Name of this PatchSet. - type: string - patches: - description: Patches will be applied as an overlay to the base - resource. - items: - description: Patch objects are applied between composite and - composed resources. Their behaviour depends on the Type - selected. The default Type, FromCompositeFieldPath, copies - a value from the composite resource to the composed resource, - applying any defined transformers. - properties: - combine: - description: Combine is the patch configuration for a - CombineFromComposite, CombineFromEnvironment, CombineToComposite - or CombineToEnvironment patch. - properties: - strategy: - description: Strategy defines the strategy to use - to combine the input variable values. Currently - only string is supported. - enum: - - string - type: string - string: - description: String declares that input variables - should be combined into a single string, using the - relevant settings for formatting purposes. - properties: - fmt: - description: Format the input using a Go format - string. See https://golang.org/pkg/fmt/ for - details. - type: string - required: - - fmt - type: object - variables: - description: Variables are the list of variables whose - values will be retrieved and combined. - items: - description: A CombineVariable defines the source - of a value that is combined with others to form - and patch an output value. Currently, this only - supports retrieving values from a field path. - properties: - fromFieldPath: - description: FromFieldPath is the path of the - field on the source whose value is to be used - as input. - type: string - required: - - fromFieldPath - type: object - minItems: 1 - type: array - required: - - strategy - - variables - type: object - fromFieldPath: - description: FromFieldPath is the path of the field on - the resource whose value is to be used as input. Required - when type is FromCompositeFieldPath, FromEnvironmentFieldPath, - ToCompositeFieldPath, ToEnvironmentFieldPath. - type: string - patchSetName: - description: PatchSetName to include patches from. Required - when type is PatchSet. - type: string - policy: - description: Policy configures the specifics of patching - behaviour. - properties: - fromFieldPath: - description: FromFieldPath specifies how to patch - from a field path. The default is 'Optional', which - means the patch will be a no-op if the specified - fromFieldPath does not exist. Use 'Required' if - the patch should fail if the specified path does - not exist. - enum: - - Optional - - Required - type: string - mergeOptions: - description: MergeOptions Specifies merge options - on a field path - properties: - appendSlice: - description: Specifies that already existing elements - in a merged slice should be preserved - type: boolean - keepMapValues: - description: Specifies that already existing values - in a merged map should be preserved - type: boolean - type: object - type: object - toFieldPath: - description: ToFieldPath is the path of the field on the - resource whose value will be changed with the result - of transforms. Leave empty if you'd like to propagate - to the same path as fromFieldPath. - type: string - transforms: - description: Transforms are the list of functions that - are used as a FIFO pipe for the input to be transformed. - items: - description: Transform is a unit of process whose input - is transformed into an output with the supplied configuration. - properties: - convert: - description: Convert is used to cast the input into - the given output type. - properties: - format: - description: "The expected input format. \n - * `quantity` - parses the input as a K8s [`resource.Quantity`](https://pkg.go.dev/k8s.io/apimachinery/pkg/api/resource#Quantity). - Only used during `string -> float64` conversions. - \n If this property is null, the default conversion - is applied." - enum: - - none - - quantity - type: string - toType: - description: ToType is the type of the output - of this transform. - enum: - - string - - int - - int64 - - bool - - float64 - type: string - required: - - toType - type: object - map: - additionalProperties: - x-kubernetes-preserve-unknown-fields: true - description: Map uses the input as a key in the - given map and returns the value. - type: object - match: - description: Match is a more complex version of - Map that matches a list of patterns. - properties: - fallbackTo: - default: Value - description: Determines to what value the transform - should fallback if no pattern matches. - enum: - - Value - - Input - type: string - fallbackValue: - description: The fallback value that should - be returned by the transform if now pattern - matches. - x-kubernetes-preserve-unknown-fields: true - patterns: - description: The patterns that should be tested - against the input string. Patterns are tested - in order. The value of the first match is - used as result of this transform. - items: - description: MatchTransformPattern is a transform - that returns the value that matches a pattern. - properties: - literal: - description: Literal exactly matches the - input string (case sensitive). Is required - if `type` is `literal`. - type: string - regexp: - description: Regexp to match against the - input string. Is required if `type` - is `regexp`. - type: string - result: - description: The value that is used as - result of the transform if the pattern - matches. - x-kubernetes-preserve-unknown-fields: true - type: - default: literal - description: "Type specifies how the pattern - matches the input. \n * `literal` - - the pattern value has to exactly match - (case sensitive) the input string. This - is the default. \n * `regexp` - the - pattern treated as a regular expression - against which the input string is tested. - Crossplane will throw an error if the - key is not a valid regexp." - enum: - - literal - - regexp - type: string - required: - - result - - type - type: object - type: array - type: object - math: - description: Math is used to transform the input - via mathematical operations such as multiplication. - properties: - clampMax: - description: ClampMax makes sure that the value - is not bigger than the given value. - format: int64 - type: integer - clampMin: - description: ClampMin makes sure that the value - is not smaller than the given value. - format: int64 - type: integer - multiply: - description: Multiply the value. - format: int64 - type: integer - type: - default: Multiply - description: Type of the math transform to be - run. - enum: - - Multiply - - ClampMin - - ClampMax - type: string - type: object - string: - description: String is used to transform the input - into a string or a different kind of string. Note - that the input does not necessarily need to be - a string. - properties: - convert: - description: Optional conversion method to be - specified. `ToUpper` and `ToLower` change - the letter case of the input string. `ToBase64` - and `FromBase64` perform a base64 conversion - based on the input string. `ToJson` converts - any input value into its raw JSON representation. - `ToSha1`, `ToSha256` and `ToSha512` generate - a hash value based on the input converted - to JSON. - enum: - - ToUpper - - ToLower - - ToBase64 - - FromBase64 - - ToJson - - ToSha1 - - ToSha256 - - ToSha512 - type: string - fmt: - description: Format the input using a Go format - string. See https://golang.org/pkg/fmt/ for - details. - type: string - regexp: - description: Extract a match from the input - using a regular expression. - properties: - group: - description: Group number to match. 0 (the - default) matches the entire expression. - type: integer - match: - description: Match string. May optionally - include submatches, aka capture groups. - See https://pkg.go.dev/regexp/ for details. - type: string - required: - - match - type: object - trim: - description: Trim the prefix or suffix from - the input - type: string - type: - default: Format - description: Type of the string transform to - be run. - enum: - - Format - - Convert - - TrimPrefix - - TrimSuffix - - Regexp - type: string - type: object - type: - description: Type of the transform to be run. - enum: - - map - - match - - math - - string - - convert - type: string - required: - - type - type: object - type: array - type: - default: FromCompositeFieldPath - description: Type sets the patching behaviour to be used. - Each patch type may require its own fields to be set - on the Patch object. - enum: - - FromCompositeFieldPath - - FromEnvironmentFieldPath - - PatchSet - - ToCompositeFieldPath - - ToEnvironmentFieldPath - - CombineFromEnvironment - - CombineFromComposite - - CombineToComposite - - CombineToEnvironment - type: string - type: object - type: array - required: - - name - - patches - type: object - type: array - publishConnectionDetailsWithStoreConfigRef: - default: - name: default - description: "PublishConnectionDetailsWithStoreConfig specifies the - secret store config with which the connection details of composite - resources dynamically provisioned using this composition will be - published. \n THIS IS AN ALPHA FIELD. Do not use it in production. - It is not honored unless the relevant Crossplane feature flag is - enabled, and may be changed or removed without notice." - properties: - name: - description: Name of the referenced StoreConfig. - type: string - required: - - name - type: object - resources: - description: Resources is a list of resource templates that will be - used when a composite resource referring to this composition is - created. At least one of resources and functions must be specififed. - If both are specified the resources will be rendered first, then - passed to the functions for further processing. - items: - description: ComposedTemplate is used to provide information about - how the composed resource should be processed. - properties: - base: - description: Base is the target resource that the patches will - be applied on. - type: object - x-kubernetes-embedded-resource: true - x-kubernetes-preserve-unknown-fields: true - connectionDetails: - description: ConnectionDetails lists the propagation secret - keys from this target resource to the composition instance - connection secret. - items: - description: ConnectionDetail includes the information about - the propagation of the connection information from one secret - to another. - properties: - fromConnectionSecretKey: - description: FromConnectionSecretKey is the key that will - be used to fetch the value from the composed resource's - connection secret. - type: string - fromFieldPath: - description: FromFieldPath is the path of the field on - the composed resource whose value to be used as input. - Name must be specified if the type is FromFieldPath. - type: string - name: - description: Name of the connection secret key that will - be propagated to the connection secret of the composition - instance. Leave empty if you'd like to use the same - key name. - type: string - type: - description: 'Type sets the connection detail fetching - behaviour to be used. Each connection detail type may - require its own fields to be set on the ConnectionDetail - object. If the type is omitted Crossplane will attempt - to infer it based on which other fields were specified. - If multiple fields are specified the order of precedence - is: 1. FromValue 2. FromConnectionSecretKey 3. FromFieldPath' - enum: - - FromConnectionSecretKey - - FromFieldPath - - FromValue - type: string - value: - description: Value that will be propagated to the connection - secret of the composite resource. May be set to inject - a fixed, non-sensitive connection secret value, for - example a well-known port. - type: string - type: object - type: array - name: - description: A Name uniquely identifies this entry within its - Composition's resources array. Names are optional but *strongly* - recommended. When all entries in the resources array are named - entries may added, deleted, and reordered as long as their - names do not change. When entries are not named the length - and order of the resources array should be treated as immutable. - Either all or no entries must be named. - type: string - patches: - description: Patches will be applied as overlay to the base - resource. - items: - description: Patch objects are applied between composite and - composed resources. Their behaviour depends on the Type - selected. The default Type, FromCompositeFieldPath, copies - a value from the composite resource to the composed resource, - applying any defined transformers. - properties: - combine: - description: Combine is the patch configuration for a - CombineFromComposite, CombineFromEnvironment, CombineToComposite - or CombineToEnvironment patch. - properties: - strategy: - description: Strategy defines the strategy to use - to combine the input variable values. Currently - only string is supported. - enum: - - string - type: string - string: - description: String declares that input variables - should be combined into a single string, using the - relevant settings for formatting purposes. - properties: - fmt: - description: Format the input using a Go format - string. See https://golang.org/pkg/fmt/ for - details. - type: string - required: - - fmt - type: object - variables: - description: Variables are the list of variables whose - values will be retrieved and combined. - items: - description: A CombineVariable defines the source - of a value that is combined with others to form - and patch an output value. Currently, this only - supports retrieving values from a field path. - properties: - fromFieldPath: - description: FromFieldPath is the path of the - field on the source whose value is to be used - as input. - type: string - required: - - fromFieldPath - type: object - minItems: 1 - type: array - required: - - strategy - - variables - type: object - fromFieldPath: - description: FromFieldPath is the path of the field on - the resource whose value is to be used as input. Required - when type is FromCompositeFieldPath, FromEnvironmentFieldPath, - ToCompositeFieldPath, ToEnvironmentFieldPath. - type: string - patchSetName: - description: PatchSetName to include patches from. Required - when type is PatchSet. - type: string - policy: - description: Policy configures the specifics of patching - behaviour. - properties: - fromFieldPath: - description: FromFieldPath specifies how to patch - from a field path. The default is 'Optional', which - means the patch will be a no-op if the specified - fromFieldPath does not exist. Use 'Required' if - the patch should fail if the specified path does - not exist. - enum: - - Optional - - Required - type: string - mergeOptions: - description: MergeOptions Specifies merge options - on a field path - properties: - appendSlice: - description: Specifies that already existing elements - in a merged slice should be preserved - type: boolean - keepMapValues: - description: Specifies that already existing values - in a merged map should be preserved - type: boolean - type: object - type: object - toFieldPath: - description: ToFieldPath is the path of the field on the - resource whose value will be changed with the result - of transforms. Leave empty if you'd like to propagate - to the same path as fromFieldPath. - type: string - transforms: - description: Transforms are the list of functions that - are used as a FIFO pipe for the input to be transformed. - items: - description: Transform is a unit of process whose input - is transformed into an output with the supplied configuration. - properties: - convert: - description: Convert is used to cast the input into - the given output type. - properties: - format: - description: "The expected input format. \n - * `quantity` - parses the input as a K8s [`resource.Quantity`](https://pkg.go.dev/k8s.io/apimachinery/pkg/api/resource#Quantity). - Only used during `string -> float64` conversions. - \n If this property is null, the default conversion - is applied." - enum: - - none - - quantity - type: string - toType: - description: ToType is the type of the output - of this transform. - enum: - - string - - int - - int64 - - bool - - float64 - type: string - required: - - toType - type: object - map: - additionalProperties: - x-kubernetes-preserve-unknown-fields: true - description: Map uses the input as a key in the - given map and returns the value. - type: object - match: - description: Match is a more complex version of - Map that matches a list of patterns. - properties: - fallbackTo: - default: Value - description: Determines to what value the transform - should fallback if no pattern matches. - enum: - - Value - - Input - type: string - fallbackValue: - description: The fallback value that should - be returned by the transform if now pattern - matches. - x-kubernetes-preserve-unknown-fields: true - patterns: - description: The patterns that should be tested - against the input string. Patterns are tested - in order. The value of the first match is - used as result of this transform. - items: - description: MatchTransformPattern is a transform - that returns the value that matches a pattern. - properties: - literal: - description: Literal exactly matches the - input string (case sensitive). Is required - if `type` is `literal`. - type: string - regexp: - description: Regexp to match against the - input string. Is required if `type` - is `regexp`. - type: string - result: - description: The value that is used as - result of the transform if the pattern - matches. - x-kubernetes-preserve-unknown-fields: true - type: - default: literal - description: "Type specifies how the pattern - matches the input. \n * `literal` - - the pattern value has to exactly match - (case sensitive) the input string. This - is the default. \n * `regexp` - the - pattern treated as a regular expression - against which the input string is tested. - Crossplane will throw an error if the - key is not a valid regexp." - enum: - - literal - - regexp - type: string - required: - - result - - type - type: object - type: array - type: object - math: - description: Math is used to transform the input - via mathematical operations such as multiplication. - properties: - clampMax: - description: ClampMax makes sure that the value - is not bigger than the given value. - format: int64 - type: integer - clampMin: - description: ClampMin makes sure that the value - is not smaller than the given value. - format: int64 - type: integer - multiply: - description: Multiply the value. - format: int64 - type: integer - type: - default: Multiply - description: Type of the math transform to be - run. - enum: - - Multiply - - ClampMin - - ClampMax - type: string - type: object - string: - description: String is used to transform the input - into a string or a different kind of string. Note - that the input does not necessarily need to be - a string. - properties: - convert: - description: Optional conversion method to be - specified. `ToUpper` and `ToLower` change - the letter case of the input string. `ToBase64` - and `FromBase64` perform a base64 conversion - based on the input string. `ToJson` converts - any input value into its raw JSON representation. - `ToSha1`, `ToSha256` and `ToSha512` generate - a hash value based on the input converted - to JSON. - enum: - - ToUpper - - ToLower - - ToBase64 - - FromBase64 - - ToJson - - ToSha1 - - ToSha256 - - ToSha512 - type: string - fmt: - description: Format the input using a Go format - string. See https://golang.org/pkg/fmt/ for - details. - type: string - regexp: - description: Extract a match from the input - using a regular expression. - properties: - group: - description: Group number to match. 0 (the - default) matches the entire expression. - type: integer - match: - description: Match string. May optionally - include submatches, aka capture groups. - See https://pkg.go.dev/regexp/ for details. - type: string - required: - - match - type: object - trim: - description: Trim the prefix or suffix from - the input - type: string - type: - default: Format - description: Type of the string transform to - be run. - enum: - - Format - - Convert - - TrimPrefix - - TrimSuffix - - Regexp - type: string - type: object - type: - description: Type of the transform to be run. - enum: - - map - - match - - math - - string - - convert - type: string - required: - - type - type: object - type: array - type: - default: FromCompositeFieldPath - description: Type sets the patching behaviour to be used. - Each patch type may require its own fields to be set - on the Patch object. - enum: - - FromCompositeFieldPath - - FromEnvironmentFieldPath - - PatchSet - - ToCompositeFieldPath - - ToEnvironmentFieldPath - - CombineFromEnvironment - - CombineFromComposite - - CombineToComposite - - CombineToEnvironment - type: string - type: object - type: array - readinessChecks: - default: - - matchCondition: - status: "True" - type: Ready - type: MatchCondition - description: ReadinessChecks allows users to define custom readiness - checks. All checks have to return true in order for resource - to be considered ready. The default readiness check is to - have the "Ready" condition to be "True". - items: - description: ReadinessCheck is used to indicate how to tell - whether a resource is ready for consumption - properties: - fieldPath: - description: FieldPath shows the path of the field whose - value will be used. - type: string - matchCondition: - description: MatchCondition specifies the condition you'd - like to match if you're using "MatchCondition" type. - properties: - status: - default: "True" - description: Status is the status of the condition - you'd like to match. - type: string - type: - default: Ready - description: Type indicates the type of condition - you'd like to use. - type: string - required: - - status - - type - type: object - matchInteger: - description: MatchInt is the value you'd like to match - if you're using "MatchInt" type. - format: int64 - type: integer - matchString: - description: MatchString is the value you'd like to match - if you're using "MatchString" type. - type: string - type: - description: Type indicates the type of probe you'd like - to use. - enum: - - MatchString - - MatchInteger - - NonEmpty - - MatchCondition - - None - type: string - required: - - type - type: object - type: array - required: - - base - type: object - type: array - writeConnectionSecretsToNamespace: - description: WriteConnectionSecretsToNamespace specifies the namespace - in which the connection secrets of composite resource dynamically - provisioned using this composition will be created. This field is - planned to be replaced in a future release in favor of PublishConnectionDetailsWithStoreConfigRef. - Currently, both could be set independently and connection details - would be published to both without affecting each other as long - as related fields at MR level specified. - type: string - required: - - compositeTypeRef - type: object - type: object - served: true - storage: true - subresources: {} diff --git a/cluster/crds/apiextensions.crossplane.io_environmentconfigs.yaml b/cluster/crds/apiextensions.crossplane.io_environmentconfigs.yaml deleted file mode 100644 index 3884d62c274..00000000000 --- a/cluster/crds/apiextensions.crossplane.io_environmentconfigs.yaml +++ /dev/null @@ -1,51 +0,0 @@ -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - annotations: - controller-gen.kubebuilder.io/version: v0.12.1 - name: environmentconfigs.apiextensions.crossplane.io -spec: - group: apiextensions.crossplane.io - names: - categories: - - crossplane - kind: EnvironmentConfig - listKind: EnvironmentConfigList - plural: environmentconfigs - shortNames: - - envcfg - singular: environmentconfig - scope: Cluster - versions: - - additionalPrinterColumns: - - jsonPath: .metadata.creationTimestamp - name: AGE - type: date - name: v1alpha1 - schema: - openAPIV3Schema: - description: A EnvironmentConfig contains a set of arbitrary, unstructured - values. - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - data: - additionalProperties: - x-kubernetes-preserve-unknown-fields: true - description: The data of this EnvironmentConfig. This may contain any - kind of structure that can be serialized into JSON. - type: object - kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - type: object - served: true - storage: true - subresources: {} diff --git a/cluster/crds/pkg.crossplane.io_configurationrevisions.yaml b/cluster/crds/pkg.crossplane.io_configurationrevisions.yaml deleted file mode 100644 index 1291804fddf..00000000000 --- a/cluster/crds/pkg.crossplane.io_configurationrevisions.yaml +++ /dev/null @@ -1,283 +0,0 @@ -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - annotations: - controller-gen.kubebuilder.io/version: v0.12.1 - name: configurationrevisions.pkg.crossplane.io -spec: - group: pkg.crossplane.io - names: - categories: - - crossplane - - pkgrev - kind: ConfigurationRevision - listKind: ConfigurationRevisionList - plural: configurationrevisions - singular: configurationrevision - scope: Cluster - versions: - - additionalPrinterColumns: - - jsonPath: .status.conditions[?(@.type=='Healthy')].status - name: HEALTHY - type: string - - jsonPath: .spec.revision - name: REVISION - type: string - - jsonPath: .spec.image - name: IMAGE - type: string - - jsonPath: .spec.desiredState - name: STATE - type: string - - jsonPath: .status.foundDependencies - name: DEP-FOUND - type: string - - jsonPath: .status.installedDependencies - name: DEP-INSTALLED - type: string - - jsonPath: .metadata.creationTimestamp - name: AGE - type: date - name: v1 - schema: - openAPIV3Schema: - description: A ConfigurationRevision that has been added to Crossplane. - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: PackageRevisionSpec specifies the desired state of a PackageRevision. - properties: - commonLabels: - additionalProperties: - type: string - description: 'Map of string keys and values that can be used to organize - and categorize (scope and select) objects. May match selectors of - replication controllers and services. More info: http://kubernetes.io/docs/user-guide/labels' - type: object - controllerConfigRef: - description: ControllerConfigRef references a ControllerConfig resource - that will be used to configure the packaged controller Deployment. - properties: - name: - description: Name of the ControllerConfig. - type: string - required: - - name - type: object - desiredState: - description: DesiredState of the PackageRevision. Can be either Active - or Inactive. - type: string - essTLSSecretName: - description: ESSTLSSecretName is the secret name of the TLS certificates - that will be used by the provider for External Secret Stores. - type: string - ignoreCrossplaneConstraints: - default: false - description: IgnoreCrossplaneConstraints indicates to the package - manager whether to honor Crossplane version constrains specified - by the package. Default is false. - type: boolean - image: - description: Package image used by install Pod to extract package - contents. - type: string - packagePullPolicy: - default: IfNotPresent - description: PackagePullPolicy defines the pull policy for the package. - It is also applied to any images pulled for the package, such as - a provider's controller image. Default is IfNotPresent. - type: string - packagePullSecrets: - description: PackagePullSecrets are named secrets in the same namespace - that can be used to fetch packages from private registries. They - are also applied to any images pulled for the package, such as a - provider's controller image. - items: - description: LocalObjectReference contains enough information to - let you locate the referenced object inside the same namespace. - properties: - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid?' - type: string - type: object - x-kubernetes-map-type: atomic - type: array - revision: - description: Revision number. Indicates when the revision will be - garbage collected based on the parent's RevisionHistoryLimit. - format: int64 - type: integer - skipDependencyResolution: - default: false - description: SkipDependencyResolution indicates to the package manager - whether to skip resolving dependencies for a package. Setting this - value to true may have unintended consequences. Default is false. - type: boolean - webhookTLSSecretName: - description: WebhookTLSSecretName is the name of the TLS Secret that - will be used by the provider to serve a TLS-enabled webhook server. - The certificate will be injected to webhook configurations as well - as CRD conversion webhook strategy if needed. If it's not given, - provider will not have a certificate mounted to its filesystem, - webhook configurations won't be deployed and if there is a CRD with - webhook conversion strategy, the installation will fail. - type: string - required: - - desiredState - - image - - revision - type: object - status: - description: PackageRevisionStatus represents the observed state of a - PackageRevision. - properties: - conditions: - description: Conditions of the resource. - items: - description: A Condition that may apply to a resource. - properties: - lastTransitionTime: - description: LastTransitionTime is the last time this condition - transitioned from one status to another. - format: date-time - type: string - message: - description: A Message containing details about this condition's - last transition from one status to another, if any. - type: string - reason: - description: A Reason for this condition's last transition from - one status to another. - type: string - status: - description: Status of this condition; is it currently True, - False, or Unknown? - type: string - type: - description: Type of this condition. At most one of each condition - type may apply to a resource at any point in time. - type: string - required: - - lastTransitionTime - - reason - - status - - type - type: object - type: array - controllerRef: - description: ControllerRef references the controller (e.g. Deployment), - if any, that is responsible for reconciling the objects this package - revision installed. - properties: - name: - description: Name of the controller. - type: string - required: - - name - type: object - foundDependencies: - description: Dependency information. - format: int64 - type: integer - installedDependencies: - format: int64 - type: integer - invalidDependencies: - format: int64 - type: integer - objectRefs: - description: References to objects owned by PackageRevision. - items: - description: A TypedReference refers to an object by Name, Kind, - and APIVersion. It is commonly used to reference cluster-scoped - objects or objects where the namespace is already known. - properties: - apiVersion: - description: APIVersion of the referenced object. - type: string - kind: - description: Kind of the referenced object. - type: string - name: - description: Name of the referenced object. - type: string - uid: - description: UID of the referenced object. - type: string - required: - - apiVersion - - kind - - name - type: object - type: array - permissionRequests: - description: PermissionRequests made by this package. The package - declares that its controller needs these permissions to run. The - RBAC manager is responsible for granting them. - items: - description: PolicyRule holds information that describes a policy - rule, but does not contain information about who the rule applies - to or which namespace the rule applies to. - properties: - apiGroups: - description: APIGroups is the name of the APIGroup that contains - the resources. If multiple API groups are specified, any - action requested against one of the enumerated resources in - any API group will be allowed. "" represents the core API - group and "*" represents all API groups. - items: - type: string - type: array - nonResourceURLs: - description: NonResourceURLs is a set of partial urls that a - user should have access to. *s are allowed, but only as the - full, final step in the path Since non-resource URLs are not - namespaced, this field is only applicable for ClusterRoles - referenced from a ClusterRoleBinding. Rules can either apply - to API resources (such as "pods" or "secrets") or non-resource - URL paths (such as "/api"), but not both. - items: - type: string - type: array - resourceNames: - description: ResourceNames is an optional white list of names - that the rule applies to. An empty set means that everything - is allowed. - items: - type: string - type: array - resources: - description: Resources is a list of resources this rule applies - to. '*' represents all resources. - items: - type: string - type: array - verbs: - description: Verbs is a list of Verbs that apply to ALL the - ResourceKinds contained in this rule. '*' represents all verbs. - items: - type: string - type: array - required: - - verbs - type: object - type: array - type: object - type: object - served: true - storage: true - subresources: - status: {} diff --git a/cluster/crds/pkg.crossplane.io_configurations.yaml b/cluster/crds/pkg.crossplane.io_configurations.yaml deleted file mode 100644 index 6817f895663..00000000000 --- a/cluster/crds/pkg.crossplane.io_configurations.yaml +++ /dev/null @@ -1,165 +0,0 @@ -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - annotations: - controller-gen.kubebuilder.io/version: v0.12.1 - name: configurations.pkg.crossplane.io -spec: - group: pkg.crossplane.io - names: - categories: - - crossplane - - pkg - kind: Configuration - listKind: ConfigurationList - plural: configurations - singular: configuration - scope: Cluster - versions: - - additionalPrinterColumns: - - jsonPath: .status.conditions[?(@.type=='Installed')].status - name: INSTALLED - type: string - - jsonPath: .status.conditions[?(@.type=='Healthy')].status - name: HEALTHY - type: string - - jsonPath: .spec.package - name: PACKAGE - type: string - - jsonPath: .metadata.creationTimestamp - name: AGE - type: date - name: v1 - schema: - openAPIV3Schema: - description: Configuration is the CRD type for a request to add a configuration - to Crossplane. - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: ConfigurationSpec specifies details about a request to install - a configuration to Crossplane. - properties: - commonLabels: - additionalProperties: - type: string - description: 'Map of string keys and values that can be used to organize - and categorize (scope and select) objects. May match selectors of - replication controllers and services. More info: http://kubernetes.io/docs/user-guide/labels' - type: object - ignoreCrossplaneConstraints: - default: false - description: IgnoreCrossplaneConstraints indicates to the package - manager whether to honor Crossplane version constrains specified - by the package. Default is false. - type: boolean - package: - description: Package is the name of the package that is being requested. - type: string - packagePullPolicy: - default: IfNotPresent - description: PackagePullPolicy defines the pull policy for the package. - Default is IfNotPresent. - type: string - packagePullSecrets: - description: PackagePullSecrets are named secrets in the same namespace - that can be used to fetch packages from private registries. - items: - description: LocalObjectReference contains enough information to - let you locate the referenced object inside the same namespace. - properties: - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid?' - type: string - type: object - x-kubernetes-map-type: atomic - type: array - revisionActivationPolicy: - default: Automatic - description: RevisionActivationPolicy specifies how the package controller - should update from one revision to the next. Options are Automatic - or Manual. Default is Automatic. - type: string - revisionHistoryLimit: - default: 1 - description: RevisionHistoryLimit dictates how the package controller - cleans up old inactive package revisions. Defaults to 1. Can be - disabled by explicitly setting to 0. - format: int64 - type: integer - skipDependencyResolution: - default: false - description: SkipDependencyResolution indicates to the package manager - whether to skip resolving dependencies for a package. Setting this - value to true may have unintended consequences. Default is false. - type: boolean - required: - - package - type: object - status: - description: ConfigurationStatus represents the observed state of a Configuration. - properties: - conditions: - description: Conditions of the resource. - items: - description: A Condition that may apply to a resource. - properties: - lastTransitionTime: - description: LastTransitionTime is the last time this condition - transitioned from one status to another. - format: date-time - type: string - message: - description: A Message containing details about this condition's - last transition from one status to another, if any. - type: string - reason: - description: A Reason for this condition's last transition from - one status to another. - type: string - status: - description: Status of this condition; is it currently True, - False, or Unknown? - type: string - type: - description: Type of this condition. At most one of each condition - type may apply to a resource at any point in time. - type: string - required: - - lastTransitionTime - - reason - - status - - type - type: object - type: array - currentIdentifier: - description: CurrentIdentifier is the most recent package source that - was used to produce a revision. The package manager uses this field - to determine whether to check for package updates for a given source - when packagePullPolicy is set to IfNotPresent. Manually removing - this field will cause the package manager to check that the current - revision is correct for the given package source. - type: string - currentRevision: - description: CurrentRevision is the name of the current package revision. - It will reflect the most up to date revision, whether it has been - activated or not. - type: string - type: object - type: object - served: true - storage: true - subresources: - status: {} diff --git a/cluster/crds/pkg.crossplane.io_controllerconfigs.yaml b/cluster/crds/pkg.crossplane.io_controllerconfigs.yaml deleted file mode 100644 index 6810e70ee7b..00000000000 --- a/cluster/crds/pkg.crossplane.io_controllerconfigs.yaml +++ /dev/null @@ -1,3203 +0,0 @@ -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - annotations: - controller-gen.kubebuilder.io/version: v0.12.1 - name: controllerconfigs.pkg.crossplane.io -spec: - group: pkg.crossplane.io - names: - kind: ControllerConfig - listKind: ControllerConfigList - plural: controllerconfigs - singular: controllerconfig - scope: Cluster - versions: - - additionalPrinterColumns: - - jsonPath: .metadata.creationTimestamp - name: AGE - type: date - deprecated: true - deprecationWarning: ControllerConfig.pkg.crossplane.io/v1alpha1 has been deprecated - and will be removed in a future release, but only after a comparable alternative - is available. - name: v1alpha1 - schema: - openAPIV3Schema: - description: 'ControllerConfig is the CRD type for a packaged controller configuration. - Deprecated: This API is scheduled to be removed in a future release. See - https://github.com/crossplane/crossplane/issues/3601 for more information.' - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: ControllerConfigSpec specifies the configuration for a packaged - controller. Values provided will override package manager defaults. - Labels and annotations are passed to both the controller Deployment - and ServiceAccount. - properties: - affinity: - description: If specified, the pod's scheduling constraints - properties: - nodeAffinity: - description: Describes node affinity scheduling rules for the - pod. - properties: - preferredDuringSchedulingIgnoredDuringExecution: - description: The scheduler will prefer to schedule pods to - nodes that satisfy the affinity expressions specified by - this field, but it may choose a node that violates one or - more of the expressions. The node that is most preferred - is the one with the greatest sum of weights, i.e. for each - node that meets all of the scheduling requirements (resource - request, requiredDuringScheduling affinity expressions, - etc.), compute a sum by iterating through the elements of - this field and adding "weight" to the sum if the node matches - the corresponding matchExpressions; the node(s) with the - highest sum are the most preferred. - items: - description: An empty preferred scheduling term matches - all objects with implicit weight 0 (i.e. it's a no-op). - A null preferred scheduling term matches no objects (i.e. - is also a no-op). - properties: - preference: - description: A node selector term, associated with the - corresponding weight. - properties: - matchExpressions: - description: A list of node selector requirements - by node's labels. - items: - description: A node selector requirement is a - selector that contains values, a key, and an - operator that relates the key and values. - properties: - key: - description: The label key that the selector - applies to. - type: string - operator: - description: Represents a key's relationship - to a set of values. Valid operators are - In, NotIn, Exists, DoesNotExist. Gt, and - Lt. - type: string - values: - description: An array of string values. If - the operator is In or NotIn, the values - array must be non-empty. If the operator - is Exists or DoesNotExist, the values array - must be empty. If the operator is Gt or - Lt, the values array must have a single - element, which will be interpreted as an - integer. This array is replaced during a - strategic merge patch. - items: - type: string - type: array - required: - - key - - operator - type: object - type: array - matchFields: - description: A list of node selector requirements - by node's fields. - items: - description: A node selector requirement is a - selector that contains values, a key, and an - operator that relates the key and values. - properties: - key: - description: The label key that the selector - applies to. - type: string - operator: - description: Represents a key's relationship - to a set of values. Valid operators are - In, NotIn, Exists, DoesNotExist. Gt, and - Lt. - type: string - values: - description: An array of string values. If - the operator is In or NotIn, the values - array must be non-empty. If the operator - is Exists or DoesNotExist, the values array - must be empty. If the operator is Gt or - Lt, the values array must have a single - element, which will be interpreted as an - integer. This array is replaced during a - strategic merge patch. - items: - type: string - type: array - required: - - key - - operator - type: object - type: array - type: object - x-kubernetes-map-type: atomic - weight: - description: Weight associated with matching the corresponding - nodeSelectorTerm, in the range 1-100. - format: int32 - type: integer - required: - - preference - - weight - type: object - type: array - requiredDuringSchedulingIgnoredDuringExecution: - description: If the affinity requirements specified by this - field are not met at scheduling time, the pod will not be - scheduled onto the node. If the affinity requirements specified - by this field cease to be met at some point during pod execution - (e.g. due to an update), the system may or may not try to - eventually evict the pod from its node. - properties: - nodeSelectorTerms: - description: Required. A list of node selector terms. - The terms are ORed. - items: - description: A null or empty node selector term matches - no objects. The requirements of them are ANDed. The - TopologySelectorTerm type implements a subset of the - NodeSelectorTerm. - properties: - matchExpressions: - description: A list of node selector requirements - by node's labels. - items: - description: A node selector requirement is a - selector that contains values, a key, and an - operator that relates the key and values. - properties: - key: - description: The label key that the selector - applies to. - type: string - operator: - description: Represents a key's relationship - to a set of values. Valid operators are - In, NotIn, Exists, DoesNotExist. Gt, and - Lt. - type: string - values: - description: An array of string values. If - the operator is In or NotIn, the values - array must be non-empty. If the operator - is Exists or DoesNotExist, the values array - must be empty. If the operator is Gt or - Lt, the values array must have a single - element, which will be interpreted as an - integer. This array is replaced during a - strategic merge patch. - items: - type: string - type: array - required: - - key - - operator - type: object - type: array - matchFields: - description: A list of node selector requirements - by node's fields. - items: - description: A node selector requirement is a - selector that contains values, a key, and an - operator that relates the key and values. - properties: - key: - description: The label key that the selector - applies to. - type: string - operator: - description: Represents a key's relationship - to a set of values. Valid operators are - In, NotIn, Exists, DoesNotExist. Gt, and - Lt. - type: string - values: - description: An array of string values. If - the operator is In or NotIn, the values - array must be non-empty. If the operator - is Exists or DoesNotExist, the values array - must be empty. If the operator is Gt or - Lt, the values array must have a single - element, which will be interpreted as an - integer. This array is replaced during a - strategic merge patch. - items: - type: string - type: array - required: - - key - - operator - type: object - type: array - type: object - x-kubernetes-map-type: atomic - type: array - required: - - nodeSelectorTerms - type: object - x-kubernetes-map-type: atomic - type: object - podAffinity: - description: Describes pod affinity scheduling rules (e.g. co-locate - this pod in the same node, zone, etc. as some other pod(s)). - properties: - preferredDuringSchedulingIgnoredDuringExecution: - description: The scheduler will prefer to schedule pods to - nodes that satisfy the affinity expressions specified by - this field, but it may choose a node that violates one or - more of the expressions. The node that is most preferred - is the one with the greatest sum of weights, i.e. for each - node that meets all of the scheduling requirements (resource - request, requiredDuringScheduling affinity expressions, - etc.), compute a sum by iterating through the elements of - this field and adding "weight" to the sum if the node has - pods which matches the corresponding podAffinityTerm; the - node(s) with the highest sum are the most preferred. - items: - description: The weights of all of the matched WeightedPodAffinityTerm - fields are added per-node to find the most preferred node(s) - properties: - podAffinityTerm: - description: Required. A pod affinity term, associated - with the corresponding weight. - properties: - labelSelector: - description: A label query over a set of resources, - in this case pods. - properties: - matchExpressions: - description: matchExpressions is a list of label - selector requirements. The requirements are - ANDed. - items: - description: A label selector requirement - is a selector that contains values, a key, - and an operator that relates the key and - values. - properties: - key: - description: key is the label key that - the selector applies to. - type: string - operator: - description: operator represents a key's - relationship to a set of values. Valid - operators are In, NotIn, Exists and - DoesNotExist. - type: string - values: - description: values is an array of string - values. If the operator is In or NotIn, - the values array must be non-empty. - If the operator is Exists or DoesNotExist, - the values array must be empty. This - array is replaced during a strategic - merge patch. - items: - type: string - type: array - required: - - key - - operator - type: object - type: array - matchLabels: - additionalProperties: - type: string - description: matchLabels is a map of {key,value} - pairs. A single {key,value} in the matchLabels - map is equivalent to an element of matchExpressions, - whose key field is "key", the operator is - "In", and the values array contains only "value". - The requirements are ANDed. - type: object - type: object - x-kubernetes-map-type: atomic - namespaceSelector: - description: A label query over the set of namespaces - that the term applies to. The term is applied - to the union of the namespaces selected by this - field and the ones listed in the namespaces field. - null selector and null or empty namespaces list - means "this pod's namespace". An empty selector - ({}) matches all namespaces. - properties: - matchExpressions: - description: matchExpressions is a list of label - selector requirements. The requirements are - ANDed. - items: - description: A label selector requirement - is a selector that contains values, a key, - and an operator that relates the key and - values. - properties: - key: - description: key is the label key that - the selector applies to. - type: string - operator: - description: operator represents a key's - relationship to a set of values. Valid - operators are In, NotIn, Exists and - DoesNotExist. - type: string - values: - description: values is an array of string - values. If the operator is In or NotIn, - the values array must be non-empty. - If the operator is Exists or DoesNotExist, - the values array must be empty. This - array is replaced during a strategic - merge patch. - items: - type: string - type: array - required: - - key - - operator - type: object - type: array - matchLabels: - additionalProperties: - type: string - description: matchLabels is a map of {key,value} - pairs. A single {key,value} in the matchLabels - map is equivalent to an element of matchExpressions, - whose key field is "key", the operator is - "In", and the values array contains only "value". - The requirements are ANDed. - type: object - type: object - x-kubernetes-map-type: atomic - namespaces: - description: namespaces specifies a static list - of namespace names that the term applies to. The - term is applied to the union of the namespaces - listed in this field and the ones selected by - namespaceSelector. null or empty namespaces list - and null namespaceSelector means "this pod's namespace". - items: - type: string - type: array - topologyKey: - description: This pod should be co-located (affinity) - or not co-located (anti-affinity) with the pods - matching the labelSelector in the specified namespaces, - where co-located is defined as running on a node - whose value of the label with key topologyKey - matches that of any node on which any of the selected - pods is running. Empty topologyKey is not allowed. - type: string - required: - - topologyKey - type: object - weight: - description: weight associated with matching the corresponding - podAffinityTerm, in the range 1-100. - format: int32 - type: integer - required: - - podAffinityTerm - - weight - type: object - type: array - requiredDuringSchedulingIgnoredDuringExecution: - description: If the affinity requirements specified by this - field are not met at scheduling time, the pod will not be - scheduled onto the node. If the affinity requirements specified - by this field cease to be met at some point during pod execution - (e.g. due to a pod label update), the system may or may - not try to eventually evict the pod from its node. When - there are multiple elements, the lists of nodes corresponding - to each podAffinityTerm are intersected, i.e. all terms - must be satisfied. - items: - description: Defines a set of pods (namely those matching - the labelSelector relative to the given namespace(s)) - that this pod should be co-located (affinity) or not co-located - (anti-affinity) with, where co-located is defined as running - on a node whose value of the label with key - matches that of any node on which a pod of the set of - pods is running - properties: - labelSelector: - description: A label query over a set of resources, - in this case pods. - properties: - matchExpressions: - description: matchExpressions is a list of label - selector requirements. The requirements are ANDed. - items: - description: A label selector requirement is a - selector that contains values, a key, and an - operator that relates the key and values. - properties: - key: - description: key is the label key that the - selector applies to. - type: string - operator: - description: operator represents a key's relationship - to a set of values. Valid operators are - In, NotIn, Exists and DoesNotExist. - type: string - values: - description: values is an array of string - values. If the operator is In or NotIn, - the values array must be non-empty. If the - operator is Exists or DoesNotExist, the - values array must be empty. This array is - replaced during a strategic merge patch. - items: - type: string - type: array - required: - - key - - operator - type: object - type: array - matchLabels: - additionalProperties: - type: string - description: matchLabels is a map of {key,value} - pairs. A single {key,value} in the matchLabels - map is equivalent to an element of matchExpressions, - whose key field is "key", the operator is "In", - and the values array contains only "value". The - requirements are ANDed. - type: object - type: object - x-kubernetes-map-type: atomic - namespaceSelector: - description: A label query over the set of namespaces - that the term applies to. The term is applied to the - union of the namespaces selected by this field and - the ones listed in the namespaces field. null selector - and null or empty namespaces list means "this pod's - namespace". An empty selector ({}) matches all namespaces. - properties: - matchExpressions: - description: matchExpressions is a list of label - selector requirements. The requirements are ANDed. - items: - description: A label selector requirement is a - selector that contains values, a key, and an - operator that relates the key and values. - properties: - key: - description: key is the label key that the - selector applies to. - type: string - operator: - description: operator represents a key's relationship - to a set of values. Valid operators are - In, NotIn, Exists and DoesNotExist. - type: string - values: - description: values is an array of string - values. If the operator is In or NotIn, - the values array must be non-empty. If the - operator is Exists or DoesNotExist, the - values array must be empty. This array is - replaced during a strategic merge patch. - items: - type: string - type: array - required: - - key - - operator - type: object - type: array - matchLabels: - additionalProperties: - type: string - description: matchLabels is a map of {key,value} - pairs. A single {key,value} in the matchLabels - map is equivalent to an element of matchExpressions, - whose key field is "key", the operator is "In", - and the values array contains only "value". The - requirements are ANDed. - type: object - type: object - x-kubernetes-map-type: atomic - namespaces: - description: namespaces specifies a static list of namespace - names that the term applies to. The term is applied - to the union of the namespaces listed in this field - and the ones selected by namespaceSelector. null or - empty namespaces list and null namespaceSelector means - "this pod's namespace". - items: - type: string - type: array - topologyKey: - description: This pod should be co-located (affinity) - or not co-located (anti-affinity) with the pods matching - the labelSelector in the specified namespaces, where - co-located is defined as running on a node whose value - of the label with key topologyKey matches that of - any node on which any of the selected pods is running. - Empty topologyKey is not allowed. - type: string - required: - - topologyKey - type: object - type: array - type: object - podAntiAffinity: - description: Describes pod anti-affinity scheduling rules (e.g. - avoid putting this pod in the same node, zone, etc. as some - other pod(s)). - properties: - preferredDuringSchedulingIgnoredDuringExecution: - description: The scheduler will prefer to schedule pods to - nodes that satisfy the anti-affinity expressions specified - by this field, but it may choose a node that violates one - or more of the expressions. The node that is most preferred - is the one with the greatest sum of weights, i.e. for each - node that meets all of the scheduling requirements (resource - request, requiredDuringScheduling anti-affinity expressions, - etc.), compute a sum by iterating through the elements of - this field and adding "weight" to the sum if the node has - pods which matches the corresponding podAffinityTerm; the - node(s) with the highest sum are the most preferred. - items: - description: The weights of all of the matched WeightedPodAffinityTerm - fields are added per-node to find the most preferred node(s) - properties: - podAffinityTerm: - description: Required. A pod affinity term, associated - with the corresponding weight. - properties: - labelSelector: - description: A label query over a set of resources, - in this case pods. - properties: - matchExpressions: - description: matchExpressions is a list of label - selector requirements. The requirements are - ANDed. - items: - description: A label selector requirement - is a selector that contains values, a key, - and an operator that relates the key and - values. - properties: - key: - description: key is the label key that - the selector applies to. - type: string - operator: - description: operator represents a key's - relationship to a set of values. Valid - operators are In, NotIn, Exists and - DoesNotExist. - type: string - values: - description: values is an array of string - values. If the operator is In or NotIn, - the values array must be non-empty. - If the operator is Exists or DoesNotExist, - the values array must be empty. This - array is replaced during a strategic - merge patch. - items: - type: string - type: array - required: - - key - - operator - type: object - type: array - matchLabels: - additionalProperties: - type: string - description: matchLabels is a map of {key,value} - pairs. A single {key,value} in the matchLabels - map is equivalent to an element of matchExpressions, - whose key field is "key", the operator is - "In", and the values array contains only "value". - The requirements are ANDed. - type: object - type: object - x-kubernetes-map-type: atomic - namespaceSelector: - description: A label query over the set of namespaces - that the term applies to. The term is applied - to the union of the namespaces selected by this - field and the ones listed in the namespaces field. - null selector and null or empty namespaces list - means "this pod's namespace". An empty selector - ({}) matches all namespaces. - properties: - matchExpressions: - description: matchExpressions is a list of label - selector requirements. The requirements are - ANDed. - items: - description: A label selector requirement - is a selector that contains values, a key, - and an operator that relates the key and - values. - properties: - key: - description: key is the label key that - the selector applies to. - type: string - operator: - description: operator represents a key's - relationship to a set of values. Valid - operators are In, NotIn, Exists and - DoesNotExist. - type: string - values: - description: values is an array of string - values. If the operator is In or NotIn, - the values array must be non-empty. - If the operator is Exists or DoesNotExist, - the values array must be empty. This - array is replaced during a strategic - merge patch. - items: - type: string - type: array - required: - - key - - operator - type: object - type: array - matchLabels: - additionalProperties: - type: string - description: matchLabels is a map of {key,value} - pairs. A single {key,value} in the matchLabels - map is equivalent to an element of matchExpressions, - whose key field is "key", the operator is - "In", and the values array contains only "value". - The requirements are ANDed. - type: object - type: object - x-kubernetes-map-type: atomic - namespaces: - description: namespaces specifies a static list - of namespace names that the term applies to. The - term is applied to the union of the namespaces - listed in this field and the ones selected by - namespaceSelector. null or empty namespaces list - and null namespaceSelector means "this pod's namespace". - items: - type: string - type: array - topologyKey: - description: This pod should be co-located (affinity) - or not co-located (anti-affinity) with the pods - matching the labelSelector in the specified namespaces, - where co-located is defined as running on a node - whose value of the label with key topologyKey - matches that of any node on which any of the selected - pods is running. Empty topologyKey is not allowed. - type: string - required: - - topologyKey - type: object - weight: - description: weight associated with matching the corresponding - podAffinityTerm, in the range 1-100. - format: int32 - type: integer - required: - - podAffinityTerm - - weight - type: object - type: array - requiredDuringSchedulingIgnoredDuringExecution: - description: If the anti-affinity requirements specified by - this field are not met at scheduling time, the pod will - not be scheduled onto the node. If the anti-affinity requirements - specified by this field cease to be met at some point during - pod execution (e.g. due to a pod label update), the system - may or may not try to eventually evict the pod from its - node. When there are multiple elements, the lists of nodes - corresponding to each podAffinityTerm are intersected, i.e. - all terms must be satisfied. - items: - description: Defines a set of pods (namely those matching - the labelSelector relative to the given namespace(s)) - that this pod should be co-located (affinity) or not co-located - (anti-affinity) with, where co-located is defined as running - on a node whose value of the label with key - matches that of any node on which a pod of the set of - pods is running - properties: - labelSelector: - description: A label query over a set of resources, - in this case pods. - properties: - matchExpressions: - description: matchExpressions is a list of label - selector requirements. The requirements are ANDed. - items: - description: A label selector requirement is a - selector that contains values, a key, and an - operator that relates the key and values. - properties: - key: - description: key is the label key that the - selector applies to. - type: string - operator: - description: operator represents a key's relationship - to a set of values. Valid operators are - In, NotIn, Exists and DoesNotExist. - type: string - values: - description: values is an array of string - values. If the operator is In or NotIn, - the values array must be non-empty. If the - operator is Exists or DoesNotExist, the - values array must be empty. This array is - replaced during a strategic merge patch. - items: - type: string - type: array - required: - - key - - operator - type: object - type: array - matchLabels: - additionalProperties: - type: string - description: matchLabels is a map of {key,value} - pairs. A single {key,value} in the matchLabels - map is equivalent to an element of matchExpressions, - whose key field is "key", the operator is "In", - and the values array contains only "value". The - requirements are ANDed. - type: object - type: object - x-kubernetes-map-type: atomic - namespaceSelector: - description: A label query over the set of namespaces - that the term applies to. The term is applied to the - union of the namespaces selected by this field and - the ones listed in the namespaces field. null selector - and null or empty namespaces list means "this pod's - namespace". An empty selector ({}) matches all namespaces. - properties: - matchExpressions: - description: matchExpressions is a list of label - selector requirements. The requirements are ANDed. - items: - description: A label selector requirement is a - selector that contains values, a key, and an - operator that relates the key and values. - properties: - key: - description: key is the label key that the - selector applies to. - type: string - operator: - description: operator represents a key's relationship - to a set of values. Valid operators are - In, NotIn, Exists and DoesNotExist. - type: string - values: - description: values is an array of string - values. If the operator is In or NotIn, - the values array must be non-empty. If the - operator is Exists or DoesNotExist, the - values array must be empty. This array is - replaced during a strategic merge patch. - items: - type: string - type: array - required: - - key - - operator - type: object - type: array - matchLabels: - additionalProperties: - type: string - description: matchLabels is a map of {key,value} - pairs. A single {key,value} in the matchLabels - map is equivalent to an element of matchExpressions, - whose key field is "key", the operator is "In", - and the values array contains only "value". The - requirements are ANDed. - type: object - type: object - x-kubernetes-map-type: atomic - namespaces: - description: namespaces specifies a static list of namespace - names that the term applies to. The term is applied - to the union of the namespaces listed in this field - and the ones selected by namespaceSelector. null or - empty namespaces list and null namespaceSelector means - "this pod's namespace". - items: - type: string - type: array - topologyKey: - description: This pod should be co-located (affinity) - or not co-located (anti-affinity) with the pods matching - the labelSelector in the specified namespaces, where - co-located is defined as running on a node whose value - of the label with key topologyKey matches that of - any node on which any of the selected pods is running. - Empty topologyKey is not allowed. - type: string - required: - - topologyKey - type: object - type: array - type: object - type: object - args: - description: 'Arguments to the entrypoint. The docker image''s CMD - is used if this is not provided. Variable references $(VAR_NAME) - are expanded using the container''s environment. If a variable cannot - be resolved, the reference in the input string will be unchanged. - The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). - Escaped references will never be expanded, regardless of whether - the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell' - items: - type: string - type: array - env: - description: List of environment variables to set in the container. - Cannot be updated. - items: - description: EnvVar represents an environment variable present in - a Container. - properties: - name: - description: Name of the environment variable. Must be a C_IDENTIFIER. - type: string - value: - description: 'Variable references $(VAR_NAME) are expanded using - the previously defined environment variables in the container - and any service environment variables. If a variable cannot - be resolved, the reference in the input string will be unchanged. - Double $$ are reduced to a single $, which allows for escaping - the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" will produce the - string literal "$(VAR_NAME)". Escaped references will never - be expanded, regardless of whether the variable exists or - not. Defaults to "".' - type: string - valueFrom: - description: Source for the environment variable's value. Cannot - be used if value is not empty. - properties: - configMapKeyRef: - description: Selects a key of a ConfigMap. - properties: - key: - description: The key to select. - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid?' - type: string - optional: - description: Specify whether the ConfigMap or its key - must be defined - type: boolean - required: - - key - type: object - x-kubernetes-map-type: atomic - fieldRef: - description: 'Selects a field of the pod: supports metadata.name, - metadata.namespace, `metadata.labels['''']`, `metadata.annotations['''']`, - spec.nodeName, spec.serviceAccountName, status.hostIP, - status.podIP, status.podIPs.' - properties: - apiVersion: - description: Version of the schema the FieldPath is - written in terms of, defaults to "v1". - type: string - fieldPath: - description: Path of the field to select in the specified - API version. - type: string - required: - - fieldPath - type: object - x-kubernetes-map-type: atomic - resourceFieldRef: - description: 'Selects a resource of the container: only - resources limits and requests (limits.cpu, limits.memory, - limits.ephemeral-storage, requests.cpu, requests.memory - and requests.ephemeral-storage) are currently supported.' - properties: - containerName: - description: 'Container name: required for volumes, - optional for env vars' - type: string - divisor: - anyOf: - - type: integer - - type: string - description: Specifies the output format of the exposed - resources, defaults to "1" - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - resource: - description: 'Required: resource to select' - type: string - required: - - resource - type: object - x-kubernetes-map-type: atomic - secretKeyRef: - description: Selects a key of a secret in the pod's namespace - properties: - key: - description: The key of the secret to select from. Must - be a valid secret key. - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid?' - type: string - optional: - description: Specify whether the Secret or its key must - be defined - type: boolean - required: - - key - type: object - x-kubernetes-map-type: atomic - type: object - required: - - name - type: object - type: array - envFrom: - description: List of sources to populate environment variables in - the container. The keys defined within a source must be a C_IDENTIFIER. - All invalid keys will be reported as an event when the container - is starting. When a key exists in multiple sources, the value associated - with the last source will take precedence. Values defined by an - Env with a duplicate key will take precedence. Cannot be updated. - items: - description: EnvFromSource represents the source of a set of ConfigMaps - properties: - configMapRef: - description: The ConfigMap to select from - properties: - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid?' - type: string - optional: - description: Specify whether the ConfigMap must be defined - type: boolean - type: object - x-kubernetes-map-type: atomic - prefix: - description: An optional identifier to prepend to each key in - the ConfigMap. Must be a C_IDENTIFIER. - type: string - secretRef: - description: The Secret to select from - properties: - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid?' - type: string - optional: - description: Specify whether the Secret must be defined - type: boolean - type: object - x-kubernetes-map-type: atomic - type: object - type: array - image: - description: 'Docker image name. More info: https://kubernetes.io/docs/concepts/containers/images - This field is optional to allow higher level config management to - default or override container images in workload controllers like - Deployments and StatefulSets.' - type: string - imagePullPolicy: - description: 'Image pull policy. One of Always, Never, IfNotPresent. - Defaults to Always if :latest tag is specified, or IfNotPresent - otherwise. Cannot be updated. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images' - type: string - imagePullSecrets: - description: 'ImagePullSecrets is an optional list of references to - secrets in the same namespace to use for pulling any of the images - used by this PodSpec. If specified, these secrets will be passed - to individual puller implementations for them to use. For example, - in the case of docker, only DockerConfig type secrets are honored. - More info: https://kubernetes.io/docs/concepts/containers/images#specifying-imagepullsecrets-on-a-pod - Setting ImagePullSecrets will replace any secrets that have been - propagated to a controller Deployment, typically via packagePullSecrets.' - items: - description: LocalObjectReference contains enough information to - let you locate the referenced object inside the same namespace. - properties: - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid?' - type: string - type: object - x-kubernetes-map-type: atomic - type: array - metadata: - description: Metadata that will be added to the provider Pod. - properties: - annotations: - additionalProperties: - type: string - description: 'Annotations is an unstructured key value map stored - with a resource that may be set by external tools to store and - retrieve arbitrary metadata. They are not queryable and should - be preserved when modifying objects. More info: http://kubernetes.io/docs/user-guide/annotations' - type: object - labels: - additionalProperties: - type: string - description: 'Map of string keys and values that can be used to - organize and categorize (scope and select) objects. This will - only affect labels on the pod, not the pod selector. Labels - will be merged with internal labels used by crossplane, and - labels with a crossplane.io key might be overwritten. More info: - http://kubernetes.io/docs/user-guide/labels' - type: object - type: object - nodeName: - description: NodeName is a request to schedule this pod onto a specific - node. If it is non-empty, the scheduler simply schedules this pod - onto that node, assuming that it fits resource requirements. - type: string - nodeSelector: - additionalProperties: - type: string - description: 'NodeSelector is a selector which must be true for the - pod to fit on a node. Selector which must match a node''s labels - for the pod to be scheduled on that node. More info: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/' - type: object - podSecurityContext: - description: 'PodSecurityContext holds pod-level security attributes - and common container settings. Optional: Defaults to empty. See - type description for default values of each field.' - properties: - fsGroup: - description: "A special supplemental group that applies to all - containers in a pod. Some volume types allow the Kubelet to - change the ownership of that volume to be owned by the pod: - \n 1. The owning GID will be the FSGroup 2. The setgid bit is - set (new files created in the volume will be owned by FSGroup) - 3. The permission bits are OR'd with rw-rw---- \n If unset, - the Kubelet will not modify the ownership and permissions of - any volume. Note that this field cannot be set when spec.os.name - is windows." - format: int64 - type: integer - fsGroupChangePolicy: - description: 'fsGroupChangePolicy defines behavior of changing - ownership and permission of the volume before being exposed - inside Pod. This field will only apply to volume types which - support fsGroup based ownership(and permissions). It will have - no effect on ephemeral volume types such as: secret, configmaps - and emptydir. Valid values are "OnRootMismatch" and "Always". - If not specified, "Always" is used. Note that this field cannot - be set when spec.os.name is windows.' - type: string - runAsGroup: - description: The GID to run the entrypoint of the container process. - Uses runtime default if unset. May also be set in SecurityContext. If - set in both SecurityContext and PodSecurityContext, the value - specified in SecurityContext takes precedence for that container. - Note that this field cannot be set when spec.os.name is windows. - format: int64 - type: integer - runAsNonRoot: - description: Indicates that the container must run as a non-root - user. If true, the Kubelet will validate the image at runtime - to ensure that it does not run as UID 0 (root) and fail to start - the container if it does. If unset or false, no such validation - will be performed. May also be set in SecurityContext. If set - in both SecurityContext and PodSecurityContext, the value specified - in SecurityContext takes precedence. - type: boolean - runAsUser: - description: The UID to run the entrypoint of the container process. - Defaults to user specified in image metadata if unspecified. - May also be set in SecurityContext. If set in both SecurityContext - and PodSecurityContext, the value specified in SecurityContext - takes precedence for that container. Note that this field cannot - be set when spec.os.name is windows. - format: int64 - type: integer - seLinuxOptions: - description: The SELinux context to be applied to all containers. - If unspecified, the container runtime will allocate a random - SELinux context for each container. May also be set in SecurityContext. If - set in both SecurityContext and PodSecurityContext, the value - specified in SecurityContext takes precedence for that container. - Note that this field cannot be set when spec.os.name is windows. - properties: - level: - description: Level is SELinux level label that applies to - the container. - type: string - role: - description: Role is a SELinux role label that applies to - the container. - type: string - type: - description: Type is a SELinux type label that applies to - the container. - type: string - user: - description: User is a SELinux user label that applies to - the container. - type: string - type: object - seccompProfile: - description: The seccomp options to use by the containers in this - pod. Note that this field cannot be set when spec.os.name is - windows. - properties: - localhostProfile: - description: localhostProfile indicates a profile defined - in a file on the node should be used. The profile must be - preconfigured on the node to work. Must be a descending - path, relative to the kubelet's configured seccomp profile - location. Must only be set if type is "Localhost". - type: string - type: - description: "type indicates which kind of seccomp profile - will be applied. Valid options are: \n Localhost - a profile - defined in a file on the node should be used. RuntimeDefault - - the container runtime default profile should be used. - Unconfined - no profile should be applied." - type: string - required: - - type - type: object - supplementalGroups: - description: A list of groups applied to the first process run - in each container, in addition to the container's primary GID, - the fsGroup (if specified), and group memberships defined in - the container image for the uid of the container process. If - unspecified, no additional groups are added to any container. - Note that group memberships defined in the container image for - the uid of the container process are still effective, even if - they are not included in this list. Note that this field cannot - be set when spec.os.name is windows. - items: - format: int64 - type: integer - type: array - sysctls: - description: Sysctls hold a list of namespaced sysctls used for - the pod. Pods with unsupported sysctls (by the container runtime) - might fail to launch. Note that this field cannot be set when - spec.os.name is windows. - items: - description: Sysctl defines a kernel parameter to be set - properties: - name: - description: Name of a property to set - type: string - value: - description: Value of a property to set - type: string - required: - - name - - value - type: object - type: array - windowsOptions: - description: The Windows specific settings applied to all containers. - If unspecified, the options within a container's SecurityContext - will be used. If set in both SecurityContext and PodSecurityContext, - the value specified in SecurityContext takes precedence. Note - that this field cannot be set when spec.os.name is linux. - properties: - gmsaCredentialSpec: - description: GMSACredentialSpec is where the GMSA admission - webhook (https://github.com/kubernetes-sigs/windows-gmsa) - inlines the contents of the GMSA credential spec named by - the GMSACredentialSpecName field. - type: string - gmsaCredentialSpecName: - description: GMSACredentialSpecName is the name of the GMSA - credential spec to use. - type: string - hostProcess: - description: HostProcess determines if a container should - be run as a 'Host Process' container. This field is alpha-level - and will only be honored by components that enable the WindowsHostProcessContainers - feature flag. Setting this field without the feature flag - will result in errors when validating the Pod. All of a - Pod's containers must have the same effective HostProcess - value (it is not allowed to have a mix of HostProcess containers - and non-HostProcess containers). In addition, if HostProcess - is true then HostNetwork must also be set to true. - type: boolean - runAsUserName: - description: The UserName in Windows to run the entrypoint - of the container process. Defaults to the user specified - in image metadata if unspecified. May also be set in PodSecurityContext. - If set in both SecurityContext and PodSecurityContext, the - value specified in SecurityContext takes precedence. - type: string - type: object - type: object - ports: - description: List of container ports to expose on the container - items: - description: ContainerPort represents a network port in a single - container. - properties: - containerPort: - description: Number of port to expose on the pod's IP address. - This must be a valid port number, 0 < x < 65536. - format: int32 - type: integer - hostIP: - description: What host IP to bind the external port to. - type: string - hostPort: - description: Number of port to expose on the host. If specified, - this must be a valid port number, 0 < x < 65536. If HostNetwork - is specified, this must match ContainerPort. Most containers - do not need this. - format: int32 - type: integer - name: - description: If specified, this must be an IANA_SVC_NAME and - unique within the pod. Each named port in a pod must have - a unique name. Name for the port that can be referred to by - services. - type: string - protocol: - default: TCP - description: Protocol for port. Must be UDP, TCP, or SCTP. Defaults - to "TCP". - type: string - required: - - containerPort - type: object - type: array - priorityClassName: - description: If specified, indicates the pod's priority. "system-node-critical" - and "system-cluster-critical" are two special keywords which indicate - the highest priorities with the former being the highest priority. - Any other name must be defined by creating a PriorityClass object - with that name. If not specified, the pod priority will be default - or zero if there is no default. - type: string - replicas: - description: 'Number of desired pods. This is a pointer to distinguish - between explicit zero and not specified. Defaults to 1. Note: If - more than 1 replica is set and leader election is not enabled then - controllers could conflict. Environment variable "LEADER_ELECTION" - can be used to enable leader election process.' - format: int32 - type: integer - resources: - description: 'Compute Resources required by this container. Cannot - be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' - properties: - claims: - description: "Claims lists the names of resources, defined in - spec.resourceClaims, that are used by this container. \n This - is an alpha field and requires enabling the DynamicResourceAllocation - feature gate. \n This field is immutable. It can only be set - for containers." - items: - description: ResourceClaim references one entry in PodSpec.ResourceClaims. - properties: - name: - description: Name must match the name of one entry in pod.spec.resourceClaims - of the Pod where this field is used. It makes that resource - available inside a container. - type: string - required: - - name - type: object - type: array - x-kubernetes-list-map-keys: - - name - x-kubernetes-list-type: map - limits: - additionalProperties: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - description: 'Limits describes the maximum amount of compute resources - allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' - type: object - requests: - additionalProperties: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - description: 'Requests describes the minimum amount of compute - resources required. If Requests is omitted for a container, - it defaults to Limits if that is explicitly specified, otherwise - to an implementation-defined value. Requests cannot exceed Limits. - More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' - type: object - type: object - runtimeClassName: - description: 'RuntimeClassName refers to a RuntimeClass object in - the node.k8s.io group, which should be used to run this pod. If - no RuntimeClass resource matches the named class, the pod will not - be run. If unset or empty, the "legacy" RuntimeClass will be used, - which is an implicit class with an empty definition that uses the - default runtime handler. More info: https://git.k8s.io/enhancements/keps/sig-node/runtime-class.md - This is a beta feature as of Kubernetes v1.14.' - type: string - securityContext: - description: 'SecurityContext holds container-level security attributes - and common container settings. Optional: Defaults to empty. See - type description for default values of each field.' - properties: - allowPrivilegeEscalation: - description: 'AllowPrivilegeEscalation controls whether a process - can gain more privileges than its parent process. This bool - directly controls if the no_new_privs flag will be set on the - container process. AllowPrivilegeEscalation is true always when - the container is: 1) run as Privileged 2) has CAP_SYS_ADMIN - Note that this field cannot be set when spec.os.name is windows.' - type: boolean - capabilities: - description: The capabilities to add/drop when running containers. - Defaults to the default set of capabilities granted by the container - runtime. Note that this field cannot be set when spec.os.name - is windows. - properties: - add: - description: Added capabilities - items: - description: Capability represent POSIX capabilities type - type: string - type: array - drop: - description: Removed capabilities - items: - description: Capability represent POSIX capabilities type - type: string - type: array - type: object - privileged: - description: Run container in privileged mode. Processes in privileged - containers are essentially equivalent to root on the host. Defaults - to false. Note that this field cannot be set when spec.os.name - is windows. - type: boolean - procMount: - description: procMount denotes the type of proc mount to use for - the containers. The default is DefaultProcMount which uses the - container runtime defaults for readonly paths and masked paths. - This requires the ProcMountType feature flag to be enabled. - Note that this field cannot be set when spec.os.name is windows. - type: string - readOnlyRootFilesystem: - description: Whether this container has a read-only root filesystem. - Default is false. Note that this field cannot be set when spec.os.name - is windows. - type: boolean - runAsGroup: - description: The GID to run the entrypoint of the container process. - Uses runtime default if unset. May also be set in PodSecurityContext. If - set in both SecurityContext and PodSecurityContext, the value - specified in SecurityContext takes precedence. Note that this - field cannot be set when spec.os.name is windows. - format: int64 - type: integer - runAsNonRoot: - description: Indicates that the container must run as a non-root - user. If true, the Kubelet will validate the image at runtime - to ensure that it does not run as UID 0 (root) and fail to start - the container if it does. If unset or false, no such validation - will be performed. May also be set in PodSecurityContext. If - set in both SecurityContext and PodSecurityContext, the value - specified in SecurityContext takes precedence. - type: boolean - runAsUser: - description: The UID to run the entrypoint of the container process. - Defaults to user specified in image metadata if unspecified. - May also be set in PodSecurityContext. If set in both SecurityContext - and PodSecurityContext, the value specified in SecurityContext - takes precedence. Note that this field cannot be set when spec.os.name - is windows. - format: int64 - type: integer - seLinuxOptions: - description: The SELinux context to be applied to the container. - If unspecified, the container runtime will allocate a random - SELinux context for each container. May also be set in PodSecurityContext. If - set in both SecurityContext and PodSecurityContext, the value - specified in SecurityContext takes precedence. Note that this - field cannot be set when spec.os.name is windows. - properties: - level: - description: Level is SELinux level label that applies to - the container. - type: string - role: - description: Role is a SELinux role label that applies to - the container. - type: string - type: - description: Type is a SELinux type label that applies to - the container. - type: string - user: - description: User is a SELinux user label that applies to - the container. - type: string - type: object - seccompProfile: - description: The seccomp options to use by this container. If - seccomp options are provided at both the pod & container level, - the container options override the pod options. Note that this - field cannot be set when spec.os.name is windows. - properties: - localhostProfile: - description: localhostProfile indicates a profile defined - in a file on the node should be used. The profile must be - preconfigured on the node to work. Must be a descending - path, relative to the kubelet's configured seccomp profile - location. Must only be set if type is "Localhost". - type: string - type: - description: "type indicates which kind of seccomp profile - will be applied. Valid options are: \n Localhost - a profile - defined in a file on the node should be used. RuntimeDefault - - the container runtime default profile should be used. - Unconfined - no profile should be applied." - type: string - required: - - type - type: object - windowsOptions: - description: The Windows specific settings applied to all containers. - If unspecified, the options from the PodSecurityContext will - be used. If set in both SecurityContext and PodSecurityContext, - the value specified in SecurityContext takes precedence. Note - that this field cannot be set when spec.os.name is linux. - properties: - gmsaCredentialSpec: - description: GMSACredentialSpec is where the GMSA admission - webhook (https://github.com/kubernetes-sigs/windows-gmsa) - inlines the contents of the GMSA credential spec named by - the GMSACredentialSpecName field. - type: string - gmsaCredentialSpecName: - description: GMSACredentialSpecName is the name of the GMSA - credential spec to use. - type: string - hostProcess: - description: HostProcess determines if a container should - be run as a 'Host Process' container. This field is alpha-level - and will only be honored by components that enable the WindowsHostProcessContainers - feature flag. Setting this field without the feature flag - will result in errors when validating the Pod. All of a - Pod's containers must have the same effective HostProcess - value (it is not allowed to have a mix of HostProcess containers - and non-HostProcess containers). In addition, if HostProcess - is true then HostNetwork must also be set to true. - type: boolean - runAsUserName: - description: The UserName in Windows to run the entrypoint - of the container process. Defaults to the user specified - in image metadata if unspecified. May also be set in PodSecurityContext. - If set in both SecurityContext and PodSecurityContext, the - value specified in SecurityContext takes precedence. - type: string - type: object - type: object - serviceAccountName: - description: 'ServiceAccountName is the name of the ServiceAccount - to use to run this pod. More info: https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/ - If specified, a ServiceAccount named this ServiceAccountName will - be used for the spec.serviceAccountName field in Pods to be created - and for the subjects.name field in a ClusterRoleBinding to be created. - If there is no ServiceAccount named this ServiceAccountName, a new - ServiceAccount will be created. If there is a pre-existing ServiceAccount - named this ServiceAccountName, the ServiceAccount will be used. - The annotations in the ControllerConfig will be copied to the ServiceAccount - and pre-existing annotations will be kept. Regardless of whether - there is a ServiceAccount created by Crossplane or is in place already, - the ServiceAccount will be deleted once the Provider and ControllerConfig - are deleted.' - type: string - tolerations: - description: If specified, the pod's tolerations. - items: - description: The pod this Toleration is attached to tolerates any - taint that matches the triple using the matching - operator . - properties: - effect: - description: Effect indicates the taint effect to match. Empty - means match all taint effects. When specified, allowed values - are NoSchedule, PreferNoSchedule and NoExecute. - type: string - key: - description: Key is the taint key that the toleration applies - to. Empty means match all taint keys. If the key is empty, - operator must be Exists; this combination means to match all - values and all keys. - type: string - operator: - description: Operator represents a key's relationship to the - value. Valid operators are Exists and Equal. Defaults to Equal. - Exists is equivalent to wildcard for value, so that a pod - can tolerate all taints of a particular category. - type: string - tolerationSeconds: - description: TolerationSeconds represents the period of time - the toleration (which must be of effect NoExecute, otherwise - this field is ignored) tolerates the taint. By default, it - is not set, which means tolerate the taint forever (do not - evict). Zero and negative values will be treated as 0 (evict - immediately) by the system. - format: int64 - type: integer - value: - description: Value is the taint value the toleration matches - to. If the operator is Exists, the value should be empty, - otherwise just a regular string. - type: string - type: object - type: array - volumeMounts: - description: List of VolumeMounts to mount into the container's filesystem. - Cannot be updated. - items: - description: VolumeMount describes a mounting of a Volume within - a container. - properties: - mountPath: - description: Path within the container at which the volume should - be mounted. Must not contain ':'. - type: string - mountPropagation: - description: mountPropagation determines how mounts are propagated - from the host to container and the other way around. When - not set, MountPropagationNone is used. This field is beta - in 1.10. - type: string - name: - description: This must match the Name of a Volume. - type: string - readOnly: - description: Mounted read-only if true, read-write otherwise - (false or unspecified). Defaults to false. - type: boolean - subPath: - description: Path within the volume from which the container's - volume should be mounted. Defaults to "" (volume's root). - type: string - subPathExpr: - description: Expanded path within the volume from which the - container's volume should be mounted. Behaves similarly to - SubPath but environment variable references $(VAR_NAME) are - expanded using the container's environment. Defaults to "" - (volume's root). SubPathExpr and SubPath are mutually exclusive. - type: string - required: - - mountPath - - name - type: object - type: array - volumes: - description: 'List of volumes that can be mounted by containers belonging - to the pod. More info: https://kubernetes.io/docs/concepts/storage/volumes' - items: - description: Volume represents a named volume in a pod that may - be accessed by any container in the pod. - properties: - awsElasticBlockStore: - description: 'awsElasticBlockStore represents an AWS Disk resource - that is attached to a kubelet''s host machine and then exposed - to the pod. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore' - properties: - fsType: - description: 'fsType is the filesystem type of the volume - that you want to mount. Tip: Ensure that the filesystem - type is supported by the host operating system. Examples: - "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" - if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore - TODO: how do we prevent errors in the filesystem from - compromising the machine' - type: string - partition: - description: 'partition is the partition in the volume that - you want to mount. If omitted, the default is to mount - by volume name. Examples: For volume /dev/sda1, you specify - the partition as "1". Similarly, the volume partition - for /dev/sda is "0" (or you can leave the property empty).' - format: int32 - type: integer - readOnly: - description: 'readOnly value true will force the readOnly - setting in VolumeMounts. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore' - type: boolean - volumeID: - description: 'volumeID is unique ID of the persistent disk - resource in AWS (Amazon EBS volume). More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore' - type: string - required: - - volumeID - type: object - azureDisk: - description: azureDisk represents an Azure Data Disk mount on - the host and bind mount to the pod. - properties: - cachingMode: - description: 'cachingMode is the Host Caching mode: None, - Read Only, Read Write.' - type: string - diskName: - description: diskName is the Name of the data disk in the - blob storage - type: string - diskURI: - description: diskURI is the URI of data disk in the blob - storage - type: string - fsType: - description: fsType is Filesystem type to mount. Must be - a filesystem type supported by the host operating system. - Ex. "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" - if unspecified. - type: string - kind: - description: 'kind expected values are Shared: multiple - blob disks per storage account Dedicated: single blob - disk per storage account Managed: azure managed data - disk (only in managed availability set). defaults to shared' - type: string - readOnly: - description: readOnly Defaults to false (read/write). ReadOnly - here will force the ReadOnly setting in VolumeMounts. - type: boolean - required: - - diskName - - diskURI - type: object - azureFile: - description: azureFile represents an Azure File Service mount - on the host and bind mount to the pod. - properties: - readOnly: - description: readOnly defaults to false (read/write). ReadOnly - here will force the ReadOnly setting in VolumeMounts. - type: boolean - secretName: - description: secretName is the name of secret that contains - Azure Storage Account Name and Key - type: string - shareName: - description: shareName is the azure share Name - type: string - required: - - secretName - - shareName - type: object - cephfs: - description: cephFS represents a Ceph FS mount on the host that - shares a pod's lifetime - properties: - monitors: - description: 'monitors is Required: Monitors is a collection - of Ceph monitors More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it' - items: - type: string - type: array - path: - description: 'path is Optional: Used as the mounted root, - rather than the full Ceph tree, default is /' - type: string - readOnly: - description: 'readOnly is Optional: Defaults to false (read/write). - ReadOnly here will force the ReadOnly setting in VolumeMounts. - More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it' - type: boolean - secretFile: - description: 'secretFile is Optional: SecretFile is the - path to key ring for User, default is /etc/ceph/user.secret - More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it' - type: string - secretRef: - description: 'secretRef is Optional: SecretRef is reference - to the authentication secret for User, default is empty. - More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it' - properties: - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid?' - type: string - type: object - x-kubernetes-map-type: atomic - user: - description: 'user is optional: User is the rados user name, - default is admin More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it' - type: string - required: - - monitors - type: object - cinder: - description: 'cinder represents a cinder volume attached and - mounted on kubelets host machine. More info: https://examples.k8s.io/mysql-cinder-pd/README.md' - properties: - fsType: - description: 'fsType is the filesystem type to mount. Must - be a filesystem type supported by the host operating system. - Examples: "ext4", "xfs", "ntfs". Implicitly inferred to - be "ext4" if unspecified. More info: https://examples.k8s.io/mysql-cinder-pd/README.md' - type: string - readOnly: - description: 'readOnly defaults to false (read/write). ReadOnly - here will force the ReadOnly setting in VolumeMounts. - More info: https://examples.k8s.io/mysql-cinder-pd/README.md' - type: boolean - secretRef: - description: 'secretRef is optional: points to a secret - object containing parameters used to connect to OpenStack.' - properties: - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid?' - type: string - type: object - x-kubernetes-map-type: atomic - volumeID: - description: 'volumeID used to identify the volume in cinder. - More info: https://examples.k8s.io/mysql-cinder-pd/README.md' - type: string - required: - - volumeID - type: object - configMap: - description: configMap represents a configMap that should populate - this volume - properties: - defaultMode: - description: 'defaultMode is optional: mode bits used to - set permissions on created files by default. Must be an - octal value between 0000 and 0777 or a decimal value between - 0 and 511. YAML accepts both octal and decimal values, - JSON requires decimal values for mode bits. Defaults to - 0644. Directories within the path are not affected by - this setting. This might be in conflict with other options - that affect the file mode, like fsGroup, and the result - can be other mode bits set.' - format: int32 - type: integer - items: - description: items if unspecified, each key-value pair in - the Data field of the referenced ConfigMap will be projected - into the volume as a file whose name is the key and content - is the value. If specified, the listed keys will be projected - into the specified paths, and unlisted keys will not be - present. If a key is specified which is not present in - the ConfigMap, the volume setup will error unless it is - marked optional. Paths must be relative and may not contain - the '..' path or start with '..'. - items: - description: Maps a string key to a path within a volume. - properties: - key: - description: key is the key to project. - type: string - mode: - description: 'mode is Optional: mode bits used to - set permissions on this file. Must be an octal value - between 0000 and 0777 or a decimal value between - 0 and 511. YAML accepts both octal and decimal values, - JSON requires decimal values for mode bits. If not - specified, the volume defaultMode will be used. - This might be in conflict with other options that - affect the file mode, like fsGroup, and the result - can be other mode bits set.' - format: int32 - type: integer - path: - description: path is the relative path of the file - to map the key to. May not be an absolute path. - May not contain the path element '..'. May not start - with the string '..'. - type: string - required: - - key - - path - type: object - type: array - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid?' - type: string - optional: - description: optional specify whether the ConfigMap or its - keys must be defined - type: boolean - type: object - x-kubernetes-map-type: atomic - csi: - description: csi (Container Storage Interface) represents ephemeral - storage that is handled by certain external CSI drivers (Beta - feature). - properties: - driver: - description: driver is the name of the CSI driver that handles - this volume. Consult with your admin for the correct name - as registered in the cluster. - type: string - fsType: - description: fsType to mount. Ex. "ext4", "xfs", "ntfs". - If not provided, the empty value is passed to the associated - CSI driver which will determine the default filesystem - to apply. - type: string - nodePublishSecretRef: - description: nodePublishSecretRef is a reference to the - secret object containing sensitive information to pass - to the CSI driver to complete the CSI NodePublishVolume - and NodeUnpublishVolume calls. This field is optional, - and may be empty if no secret is required. If the secret - object contains more than one secret, all secret references - are passed. - properties: - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid?' - type: string - type: object - x-kubernetes-map-type: atomic - readOnly: - description: readOnly specifies a read-only configuration - for the volume. Defaults to false (read/write). - type: boolean - volumeAttributes: - additionalProperties: - type: string - description: volumeAttributes stores driver-specific properties - that are passed to the CSI driver. Consult your driver's - documentation for supported values. - type: object - required: - - driver - type: object - downwardAPI: - description: downwardAPI represents downward API about the pod - that should populate this volume - properties: - defaultMode: - description: 'Optional: mode bits to use on created files - by default. Must be a Optional: mode bits used to set - permissions on created files by default. Must be an octal - value between 0000 and 0777 or a decimal value between - 0 and 511. YAML accepts both octal and decimal values, - JSON requires decimal values for mode bits. Defaults to - 0644. Directories within the path are not affected by - this setting. This might be in conflict with other options - that affect the file mode, like fsGroup, and the result - can be other mode bits set.' - format: int32 - type: integer - items: - description: Items is a list of downward API volume file - items: - description: DownwardAPIVolumeFile represents information - to create the file containing the pod field - properties: - fieldRef: - description: 'Required: Selects a field of the pod: - only annotations, labels, name and namespace are - supported.' - properties: - apiVersion: - description: Version of the schema the FieldPath - is written in terms of, defaults to "v1". - type: string - fieldPath: - description: Path of the field to select in the - specified API version. - type: string - required: - - fieldPath - type: object - x-kubernetes-map-type: atomic - mode: - description: 'Optional: mode bits used to set permissions - on this file, must be an octal value between 0000 - and 0777 or a decimal value between 0 and 511. YAML - accepts both octal and decimal values, JSON requires - decimal values for mode bits. If not specified, - the volume defaultMode will be used. This might - be in conflict with other options that affect the - file mode, like fsGroup, and the result can be other - mode bits set.' - format: int32 - type: integer - path: - description: 'Required: Path is the relative path - name of the file to be created. Must not be absolute - or contain the ''..'' path. Must be utf-8 encoded. - The first item of the relative path must not start - with ''..''' - type: string - resourceFieldRef: - description: 'Selects a resource of the container: - only resources limits and requests (limits.cpu, - limits.memory, requests.cpu and requests.memory) - are currently supported.' - properties: - containerName: - description: 'Container name: required for volumes, - optional for env vars' - type: string - divisor: - anyOf: - - type: integer - - type: string - description: Specifies the output format of the - exposed resources, defaults to "1" - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - resource: - description: 'Required: resource to select' - type: string - required: - - resource - type: object - x-kubernetes-map-type: atomic - required: - - path - type: object - type: array - type: object - emptyDir: - description: 'emptyDir represents a temporary directory that - shares a pod''s lifetime. More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir' - properties: - medium: - description: 'medium represents what type of storage medium - should back this directory. The default is "" which means - to use the node''s default medium. Must be an empty string - (default) or Memory. More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir' - type: string - sizeLimit: - anyOf: - - type: integer - - type: string - description: 'sizeLimit is the total amount of local storage - required for this EmptyDir volume. The size limit is also - applicable for memory medium. The maximum usage on memory - medium EmptyDir would be the minimum value between the - SizeLimit specified here and the sum of memory limits - of all containers in a pod. The default is nil which means - that the limit is undefined. More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir' - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - type: object - ephemeral: - description: "ephemeral represents a volume that is handled - by a cluster storage driver. The volume's lifecycle is tied - to the pod that defines it - it will be created before the - pod starts, and deleted when the pod is removed. \n Use this - if: a) the volume is only needed while the pod runs, b) features - of normal volumes like restoring from snapshot or capacity - tracking are needed, c) the storage driver is specified through - a storage class, and d) the storage driver supports dynamic - volume provisioning through a PersistentVolumeClaim (see EphemeralVolumeSource - for more information on the connection between this volume - type and PersistentVolumeClaim). \n Use PersistentVolumeClaim - or one of the vendor-specific APIs for volumes that persist - for longer than the lifecycle of an individual pod. \n Use - CSI for light-weight local ephemeral volumes if the CSI driver - is meant to be used that way - see the documentation of the - driver for more information. \n A pod can use both types of - ephemeral volumes and persistent volumes at the same time." - properties: - volumeClaimTemplate: - description: "Will be used to create a stand-alone PVC to - provision the volume. The pod in which this EphemeralVolumeSource - is embedded will be the owner of the PVC, i.e. the PVC - will be deleted together with the pod. The name of the - PVC will be `-` where `` is the name from the `PodSpec.Volumes` array entry. - Pod validation will reject the pod if the concatenated - name is not valid for a PVC (for example, too long). \n - An existing PVC with that name that is not owned by the - pod will *not* be used for the pod to avoid using an unrelated - volume by mistake. Starting the pod is then blocked until - the unrelated PVC is removed. If such a pre-created PVC - is meant to be used by the pod, the PVC has to updated - with an owner reference to the pod once the pod exists. - Normally this should not be necessary, but it may be useful - when manually reconstructing a broken cluster. \n This - field is read-only and no changes will be made by Kubernetes - to the PVC after it has been created. \n Required, must - not be nil." - properties: - metadata: - description: May contain labels and annotations that - will be copied into the PVC when creating it. No other - fields are allowed and will be rejected during validation. - type: object - spec: - description: The specification for the PersistentVolumeClaim. - The entire content is copied unchanged into the PVC - that gets created from this template. The same fields - as in a PersistentVolumeClaim are also valid here. - properties: - accessModes: - description: 'accessModes contains the desired access - modes the volume should have. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1' - items: - type: string - type: array - dataSource: - description: 'dataSource field can be used to specify - either: * An existing VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot) - * An existing PVC (PersistentVolumeClaim) If the - provisioner or an external controller can support - the specified data source, it will create a new - volume based on the contents of the specified - data source. When the AnyVolumeDataSource feature - gate is enabled, dataSource contents will be copied - to dataSourceRef, and dataSourceRef contents will - be copied to dataSource when dataSourceRef.namespace - is not specified. If the namespace is specified, - then dataSourceRef will not be copied to dataSource.' - properties: - apiGroup: - description: APIGroup is the group for the resource - being referenced. If APIGroup is not specified, - the specified Kind must be in the core API - group. For any other third-party types, APIGroup - is required. - type: string - kind: - description: Kind is the type of resource being - referenced - type: string - name: - description: Name is the name of resource being - referenced - type: string - required: - - kind - - name - type: object - x-kubernetes-map-type: atomic - dataSourceRef: - description: 'dataSourceRef specifies the object - from which to populate the volume with data, if - a non-empty volume is desired. This may be any - object from a non-empty API group (non core object) - or a PersistentVolumeClaim object. When this field - is specified, volume binding will only succeed - if the type of the specified object matches some - installed volume populator or dynamic provisioner. - This field will replace the functionality of the - dataSource field and as such if both fields are - non-empty, they must have the same value. For - backwards compatibility, when namespace isn''t - specified in dataSourceRef, both fields (dataSource - and dataSourceRef) will be set to the same value - automatically if one of them is empty and the - other is non-empty. When namespace is specified - in dataSourceRef, dataSource isn''t set to the - same value and must be empty. There are three - important differences between dataSource and dataSourceRef: - * While dataSource only allows two specific types - of objects, dataSourceRef allows any non-core - object, as well as PersistentVolumeClaim objects. - * While dataSource ignores disallowed values (dropping - them), dataSourceRef preserves all values, and - generates an error if a disallowed value is specified. - * While dataSource only allows local objects, - dataSourceRef allows objects in any namespaces. - (Beta) Using this field requires the AnyVolumeDataSource - feature gate to be enabled. (Alpha) Using the - namespace field of dataSourceRef requires the - CrossNamespaceVolumeDataSource feature gate to - be enabled.' - properties: - apiGroup: - description: APIGroup is the group for the resource - being referenced. If APIGroup is not specified, - the specified Kind must be in the core API - group. For any other third-party types, APIGroup - is required. - type: string - kind: - description: Kind is the type of resource being - referenced - type: string - name: - description: Name is the name of resource being - referenced - type: string - namespace: - description: Namespace is the namespace of resource - being referenced Note that when a namespace - is specified, a gateway.networking.k8s.io/ReferenceGrant - object is required in the referent namespace - to allow that namespace's owner to accept - the reference. See the ReferenceGrant documentation - for details. (Alpha) This field requires the - CrossNamespaceVolumeDataSource feature gate - to be enabled. - type: string - required: - - kind - - name - type: object - resources: - description: 'resources represents the minimum resources - the volume should have. If RecoverVolumeExpansionFailure - feature is enabled users are allowed to specify - resource requirements that are lower than previous - value but must still be higher than capacity recorded - in the status field of the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources' - properties: - claims: - description: "Claims lists the names of resources, - defined in spec.resourceClaims, that are used - by this container. \n This is an alpha field - and requires enabling the DynamicResourceAllocation - feature gate. \n This field is immutable. - It can only be set for containers." - items: - description: ResourceClaim references one - entry in PodSpec.ResourceClaims. - properties: - name: - description: Name must match the name - of one entry in pod.spec.resourceClaims - of the Pod where this field is used. - It makes that resource available inside - a container. - type: string - required: - - name - type: object - type: array - x-kubernetes-list-map-keys: - - name - x-kubernetes-list-type: map - limits: - additionalProperties: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - description: 'Limits describes the maximum amount - of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' - type: object - requests: - additionalProperties: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - description: 'Requests describes the minimum - amount of compute resources required. If Requests - is omitted for a container, it defaults to - Limits if that is explicitly specified, otherwise - to an implementation-defined value. Requests - cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' - type: object - type: object - selector: - description: selector is a label query over volumes - to consider for binding. - properties: - matchExpressions: - description: matchExpressions is a list of label - selector requirements. The requirements are - ANDed. - items: - description: A label selector requirement - is a selector that contains values, a key, - and an operator that relates the key and - values. - properties: - key: - description: key is the label key that - the selector applies to. - type: string - operator: - description: operator represents a key's - relationship to a set of values. Valid - operators are In, NotIn, Exists and - DoesNotExist. - type: string - values: - description: values is an array of string - values. If the operator is In or NotIn, - the values array must be non-empty. - If the operator is Exists or DoesNotExist, - the values array must be empty. This - array is replaced during a strategic - merge patch. - items: - type: string - type: array - required: - - key - - operator - type: object - type: array - matchLabels: - additionalProperties: - type: string - description: matchLabels is a map of {key,value} - pairs. A single {key,value} in the matchLabels - map is equivalent to an element of matchExpressions, - whose key field is "key", the operator is - "In", and the values array contains only "value". - The requirements are ANDed. - type: object - type: object - x-kubernetes-map-type: atomic - storageClassName: - description: 'storageClassName is the name of the - StorageClass required by the claim. More info: - https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1' - type: string - volumeMode: - description: volumeMode defines what type of volume - is required by the claim. Value of Filesystem - is implied when not included in claim spec. - type: string - volumeName: - description: volumeName is the binding reference - to the PersistentVolume backing this claim. - type: string - type: object - required: - - spec - type: object - type: object - fc: - description: fc represents a Fibre Channel resource that is - attached to a kubelet's host machine and then exposed to the - pod. - properties: - fsType: - description: 'fsType is the filesystem type to mount. Must - be a filesystem type supported by the host operating system. - Ex. "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" - if unspecified. TODO: how do we prevent errors in the - filesystem from compromising the machine' - type: string - lun: - description: 'lun is Optional: FC target lun number' - format: int32 - type: integer - readOnly: - description: 'readOnly is Optional: Defaults to false (read/write). - ReadOnly here will force the ReadOnly setting in VolumeMounts.' - type: boolean - targetWWNs: - description: 'targetWWNs is Optional: FC target worldwide - names (WWNs)' - items: - type: string - type: array - wwids: - description: 'wwids Optional: FC volume world wide identifiers - (wwids) Either wwids or combination of targetWWNs and - lun must be set, but not both simultaneously.' - items: - type: string - type: array - type: object - flexVolume: - description: flexVolume represents a generic volume resource - that is provisioned/attached using an exec based plugin. - properties: - driver: - description: driver is the name of the driver to use for - this volume. - type: string - fsType: - description: fsType is the filesystem type to mount. Must - be a filesystem type supported by the host operating system. - Ex. "ext4", "xfs", "ntfs". The default filesystem depends - on FlexVolume script. - type: string - options: - additionalProperties: - type: string - description: 'options is Optional: this field holds extra - command options if any.' - type: object - readOnly: - description: 'readOnly is Optional: defaults to false (read/write). - ReadOnly here will force the ReadOnly setting in VolumeMounts.' - type: boolean - secretRef: - description: 'secretRef is Optional: secretRef is reference - to the secret object containing sensitive information - to pass to the plugin scripts. This may be empty if no - secret object is specified. If the secret object contains - more than one secret, all secrets are passed to the plugin - scripts.' - properties: - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid?' - type: string - type: object - x-kubernetes-map-type: atomic - required: - - driver - type: object - flocker: - description: flocker represents a Flocker volume attached to - a kubelet's host machine. This depends on the Flocker control - service being running - properties: - datasetName: - description: datasetName is Name of the dataset stored as - metadata -> name on the dataset for Flocker should be - considered as deprecated - type: string - datasetUUID: - description: datasetUUID is the UUID of the dataset. This - is unique identifier of a Flocker dataset - type: string - type: object - gcePersistentDisk: - description: 'gcePersistentDisk represents a GCE Disk resource - that is attached to a kubelet''s host machine and then exposed - to the pod. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk' - properties: - fsType: - description: 'fsType is filesystem type of the volume that - you want to mount. Tip: Ensure that the filesystem type - is supported by the host operating system. Examples: "ext4", - "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. - More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk - TODO: how do we prevent errors in the filesystem from - compromising the machine' - type: string - partition: - description: 'partition is the partition in the volume that - you want to mount. If omitted, the default is to mount - by volume name. Examples: For volume /dev/sda1, you specify - the partition as "1". Similarly, the volume partition - for /dev/sda is "0" (or you can leave the property empty). - More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk' - format: int32 - type: integer - pdName: - description: 'pdName is unique name of the PD resource in - GCE. Used to identify the disk in GCE. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk' - type: string - readOnly: - description: 'readOnly here will force the ReadOnly setting - in VolumeMounts. Defaults to false. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk' - type: boolean - required: - - pdName - type: object - gitRepo: - description: 'gitRepo represents a git repository at a particular - revision. DEPRECATED: GitRepo is deprecated. To provision - a container with a git repo, mount an EmptyDir into an InitContainer - that clones the repo using git, then mount the EmptyDir into - the Pod''s container.' - properties: - directory: - description: directory is the target directory name. Must - not contain or start with '..'. If '.' is supplied, the - volume directory will be the git repository. Otherwise, - if specified, the volume will contain the git repository - in the subdirectory with the given name. - type: string - repository: - description: repository is the URL - type: string - revision: - description: revision is the commit hash for the specified - revision. - type: string - required: - - repository - type: object - glusterfs: - description: 'glusterfs represents a Glusterfs mount on the - host that shares a pod''s lifetime. More info: https://examples.k8s.io/volumes/glusterfs/README.md' - properties: - endpoints: - description: 'endpoints is the endpoint name that details - Glusterfs topology. More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod' - type: string - path: - description: 'path is the Glusterfs volume path. More info: - https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod' - type: string - readOnly: - description: 'readOnly here will force the Glusterfs volume - to be mounted with read-only permissions. Defaults to - false. More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod' - type: boolean - required: - - endpoints - - path - type: object - hostPath: - description: 'hostPath represents a pre-existing file or directory - on the host machine that is directly exposed to the container. - This is generally used for system agents or other privileged - things that are allowed to see the host machine. Most containers - will NOT need this. More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath - --- TODO(jonesdl) We need to restrict who can use host directory - mounts and who can/can not mount host directories as read/write.' - properties: - path: - description: 'path of the directory on the host. If the - path is a symlink, it will follow the link to the real - path. More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath' - type: string - type: - description: 'type for HostPath Volume Defaults to "" More - info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath' - type: string - required: - - path - type: object - iscsi: - description: 'iscsi represents an ISCSI Disk resource that is - attached to a kubelet''s host machine and then exposed to - the pod. More info: https://examples.k8s.io/volumes/iscsi/README.md' - properties: - chapAuthDiscovery: - description: chapAuthDiscovery defines whether support iSCSI - Discovery CHAP authentication - type: boolean - chapAuthSession: - description: chapAuthSession defines whether support iSCSI - Session CHAP authentication - type: boolean - fsType: - description: 'fsType is the filesystem type of the volume - that you want to mount. Tip: Ensure that the filesystem - type is supported by the host operating system. Examples: - "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" - if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#iscsi - TODO: how do we prevent errors in the filesystem from - compromising the machine' - type: string - initiatorName: - description: initiatorName is the custom iSCSI Initiator - Name. If initiatorName is specified with iscsiInterface - simultaneously, new iSCSI interface : will be created for the connection. - type: string - iqn: - description: iqn is the target iSCSI Qualified Name. - type: string - iscsiInterface: - description: iscsiInterface is the interface Name that uses - an iSCSI transport. Defaults to 'default' (tcp). - type: string - lun: - description: lun represents iSCSI Target Lun number. - format: int32 - type: integer - portals: - description: portals is the iSCSI Target Portal List. The - portal is either an IP or ip_addr:port if the port is - other than default (typically TCP ports 860 and 3260). - items: - type: string - type: array - readOnly: - description: readOnly here will force the ReadOnly setting - in VolumeMounts. Defaults to false. - type: boolean - secretRef: - description: secretRef is the CHAP Secret for iSCSI target - and initiator authentication - properties: - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid?' - type: string - type: object - x-kubernetes-map-type: atomic - targetPortal: - description: targetPortal is iSCSI Target Portal. The Portal - is either an IP or ip_addr:port if the port is other than - default (typically TCP ports 860 and 3260). - type: string - required: - - iqn - - lun - - targetPortal - type: object - name: - description: 'name of the volume. Must be a DNS_LABEL and unique - within the pod. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - nfs: - description: 'nfs represents an NFS mount on the host that shares - a pod''s lifetime More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs' - properties: - path: - description: 'path that is exported by the NFS server. More - info: https://kubernetes.io/docs/concepts/storage/volumes#nfs' - type: string - readOnly: - description: 'readOnly here will force the NFS export to - be mounted with read-only permissions. Defaults to false. - More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs' - type: boolean - server: - description: 'server is the hostname or IP address of the - NFS server. More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs' - type: string - required: - - path - - server - type: object - persistentVolumeClaim: - description: 'persistentVolumeClaimVolumeSource represents a - reference to a PersistentVolumeClaim in the same namespace. - More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims' - properties: - claimName: - description: 'claimName is the name of a PersistentVolumeClaim - in the same namespace as the pod using this volume. More - info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims' - type: string - readOnly: - description: readOnly Will force the ReadOnly setting in - VolumeMounts. Default false. - type: boolean - required: - - claimName - type: object - photonPersistentDisk: - description: photonPersistentDisk represents a PhotonController - persistent disk attached and mounted on kubelets host machine - properties: - fsType: - description: fsType is the filesystem type to mount. Must - be a filesystem type supported by the host operating system. - Ex. "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" - if unspecified. - type: string - pdID: - description: pdID is the ID that identifies Photon Controller - persistent disk - type: string - required: - - pdID - type: object - portworxVolume: - description: portworxVolume represents a portworx volume attached - and mounted on kubelets host machine - properties: - fsType: - description: fSType represents the filesystem type to mount - Must be a filesystem type supported by the host operating - system. Ex. "ext4", "xfs". Implicitly inferred to be "ext4" - if unspecified. - type: string - readOnly: - description: readOnly defaults to false (read/write). ReadOnly - here will force the ReadOnly setting in VolumeMounts. - type: boolean - volumeID: - description: volumeID uniquely identifies a Portworx volume - type: string - required: - - volumeID - type: object - projected: - description: projected items for all in one resources secrets, - configmaps, and downward API - properties: - defaultMode: - description: defaultMode are the mode bits used to set permissions - on created files by default. Must be an octal value between - 0000 and 0777 or a decimal value between 0 and 511. YAML - accepts both octal and decimal values, JSON requires decimal - values for mode bits. Directories within the path are - not affected by this setting. This might be in conflict - with other options that affect the file mode, like fsGroup, - and the result can be other mode bits set. - format: int32 - type: integer - sources: - description: sources is the list of volume projections - items: - description: Projection that may be projected along with - other supported volume types - properties: - configMap: - description: configMap information about the configMap - data to project - properties: - items: - description: items if unspecified, each key-value - pair in the Data field of the referenced ConfigMap - will be projected into the volume as a file - whose name is the key and content is the value. - If specified, the listed keys will be projected - into the specified paths, and unlisted keys - will not be present. If a key is specified which - is not present in the ConfigMap, the volume - setup will error unless it is marked optional. - Paths must be relative and may not contain the - '..' path or start with '..'. - items: - description: Maps a string key to a path within - a volume. - properties: - key: - description: key is the key to project. - type: string - mode: - description: 'mode is Optional: mode bits - used to set permissions on this file. - Must be an octal value between 0000 and - 0777 or a decimal value between 0 and - 511. YAML accepts both octal and decimal - values, JSON requires decimal values for - mode bits. If not specified, the volume - defaultMode will be used. This might be - in conflict with other options that affect - the file mode, like fsGroup, and the result - can be other mode bits set.' - format: int32 - type: integer - path: - description: path is the relative path of - the file to map the key to. May not be - an absolute path. May not contain the - path element '..'. May not start with - the string '..'. - type: string - required: - - key - - path - type: object - type: array - name: - description: 'Name of the referent. More info: - https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, - uid?' - type: string - optional: - description: optional specify whether the ConfigMap - or its keys must be defined - type: boolean - type: object - x-kubernetes-map-type: atomic - downwardAPI: - description: downwardAPI information about the downwardAPI - data to project - properties: - items: - description: Items is a list of DownwardAPIVolume - file - items: - description: DownwardAPIVolumeFile represents - information to create the file containing - the pod field - properties: - fieldRef: - description: 'Required: Selects a field - of the pod: only annotations, labels, - name and namespace are supported.' - properties: - apiVersion: - description: Version of the schema the - FieldPath is written in terms of, - defaults to "v1". - type: string - fieldPath: - description: Path of the field to select - in the specified API version. - type: string - required: - - fieldPath - type: object - x-kubernetes-map-type: atomic - mode: - description: 'Optional: mode bits used to - set permissions on this file, must be - an octal value between 0000 and 0777 or - a decimal value between 0 and 511. YAML - accepts both octal and decimal values, - JSON requires decimal values for mode - bits. If not specified, the volume defaultMode - will be used. This might be in conflict - with other options that affect the file - mode, like fsGroup, and the result can - be other mode bits set.' - format: int32 - type: integer - path: - description: 'Required: Path is the relative - path name of the file to be created. Must - not be absolute or contain the ''..'' - path. Must be utf-8 encoded. The first - item of the relative path must not start - with ''..''' - type: string - resourceFieldRef: - description: 'Selects a resource of the - container: only resources limits and requests - (limits.cpu, limits.memory, requests.cpu - and requests.memory) are currently supported.' - properties: - containerName: - description: 'Container name: required - for volumes, optional for env vars' - type: string - divisor: - anyOf: - - type: integer - - type: string - description: Specifies the output format - of the exposed resources, defaults - to "1" - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - resource: - description: 'Required: resource to - select' - type: string - required: - - resource - type: object - x-kubernetes-map-type: atomic - required: - - path - type: object - type: array - type: object - secret: - description: secret information about the secret data - to project - properties: - items: - description: items if unspecified, each key-value - pair in the Data field of the referenced Secret - will be projected into the volume as a file - whose name is the key and content is the value. - If specified, the listed keys will be projected - into the specified paths, and unlisted keys - will not be present. If a key is specified which - is not present in the Secret, the volume setup - will error unless it is marked optional. Paths - must be relative and may not contain the '..' - path or start with '..'. - items: - description: Maps a string key to a path within - a volume. - properties: - key: - description: key is the key to project. - type: string - mode: - description: 'mode is Optional: mode bits - used to set permissions on this file. - Must be an octal value between 0000 and - 0777 or a decimal value between 0 and - 511. YAML accepts both octal and decimal - values, JSON requires decimal values for - mode bits. If not specified, the volume - defaultMode will be used. This might be - in conflict with other options that affect - the file mode, like fsGroup, and the result - can be other mode bits set.' - format: int32 - type: integer - path: - description: path is the relative path of - the file to map the key to. May not be - an absolute path. May not contain the - path element '..'. May not start with - the string '..'. - type: string - required: - - key - - path - type: object - type: array - name: - description: 'Name of the referent. More info: - https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, - uid?' - type: string - optional: - description: optional field specify whether the - Secret or its key must be defined - type: boolean - type: object - x-kubernetes-map-type: atomic - serviceAccountToken: - description: serviceAccountToken is information about - the serviceAccountToken data to project - properties: - audience: - description: audience is the intended audience - of the token. A recipient of a token must identify - itself with an identifier specified in the audience - of the token, and otherwise should reject the - token. The audience defaults to the identifier - of the apiserver. - type: string - expirationSeconds: - description: expirationSeconds is the requested - duration of validity of the service account - token. As the token approaches expiration, the - kubelet volume plugin will proactively rotate - the service account token. The kubelet will - start trying to rotate the token if the token - is older than 80 percent of its time to live - or if the token is older than 24 hours.Defaults - to 1 hour and must be at least 10 minutes. - format: int64 - type: integer - path: - description: path is the path relative to the - mount point of the file to project the token - into. - type: string - required: - - path - type: object - type: object - type: array - type: object - quobyte: - description: quobyte represents a Quobyte mount on the host - that shares a pod's lifetime - properties: - group: - description: group to map volume access to Default is no - group - type: string - readOnly: - description: readOnly here will force the Quobyte volume - to be mounted with read-only permissions. Defaults to - false. - type: boolean - registry: - description: registry represents a single or multiple Quobyte - Registry services specified as a string as host:port pair - (multiple entries are separated with commas) which acts - as the central registry for volumes - type: string - tenant: - description: tenant owning the given Quobyte volume in the - Backend Used with dynamically provisioned Quobyte volumes, - value is set by the plugin - type: string - user: - description: user to map volume access to Defaults to serivceaccount - user - type: string - volume: - description: volume is a string that references an already - created Quobyte volume by name. - type: string - required: - - registry - - volume - type: object - rbd: - description: 'rbd represents a Rados Block Device mount on the - host that shares a pod''s lifetime. More info: https://examples.k8s.io/volumes/rbd/README.md' - properties: - fsType: - description: 'fsType is the filesystem type of the volume - that you want to mount. Tip: Ensure that the filesystem - type is supported by the host operating system. Examples: - "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" - if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#rbd - TODO: how do we prevent errors in the filesystem from - compromising the machine' - type: string - image: - description: 'image is the rados image name. More info: - https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' - type: string - keyring: - description: 'keyring is the path to key ring for RBDUser. - Default is /etc/ceph/keyring. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' - type: string - monitors: - description: 'monitors is a collection of Ceph monitors. - More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' - items: - type: string - type: array - pool: - description: 'pool is the rados pool name. Default is rbd. - More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' - type: string - readOnly: - description: 'readOnly here will force the ReadOnly setting - in VolumeMounts. Defaults to false. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' - type: boolean - secretRef: - description: 'secretRef is name of the authentication secret - for RBDUser. If provided overrides keyring. Default is - nil. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' - properties: - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid?' - type: string - type: object - x-kubernetes-map-type: atomic - user: - description: 'user is the rados user name. Default is admin. - More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' - type: string - required: - - image - - monitors - type: object - scaleIO: - description: scaleIO represents a ScaleIO persistent volume - attached and mounted on Kubernetes nodes. - properties: - fsType: - description: fsType is the filesystem type to mount. Must - be a filesystem type supported by the host operating system. - Ex. "ext4", "xfs", "ntfs". Default is "xfs". - type: string - gateway: - description: gateway is the host address of the ScaleIO - API Gateway. - type: string - protectionDomain: - description: protectionDomain is the name of the ScaleIO - Protection Domain for the configured storage. - type: string - readOnly: - description: readOnly Defaults to false (read/write). ReadOnly - here will force the ReadOnly setting in VolumeMounts. - type: boolean - secretRef: - description: secretRef references to the secret for ScaleIO - user and other sensitive information. If this is not provided, - Login operation will fail. - properties: - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid?' - type: string - type: object - x-kubernetes-map-type: atomic - sslEnabled: - description: sslEnabled Flag enable/disable SSL communication - with Gateway, default false - type: boolean - storageMode: - description: storageMode indicates whether the storage for - a volume should be ThickProvisioned or ThinProvisioned. - Default is ThinProvisioned. - type: string - storagePool: - description: storagePool is the ScaleIO Storage Pool associated - with the protection domain. - type: string - system: - description: system is the name of the storage system as - configured in ScaleIO. - type: string - volumeName: - description: volumeName is the name of a volume already - created in the ScaleIO system that is associated with - this volume source. - type: string - required: - - gateway - - secretRef - - system - type: object - secret: - description: 'secret represents a secret that should populate - this volume. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret' - properties: - defaultMode: - description: 'defaultMode is Optional: mode bits used to - set permissions on created files by default. Must be an - octal value between 0000 and 0777 or a decimal value between - 0 and 511. YAML accepts both octal and decimal values, - JSON requires decimal values for mode bits. Defaults to - 0644. Directories within the path are not affected by - this setting. This might be in conflict with other options - that affect the file mode, like fsGroup, and the result - can be other mode bits set.' - format: int32 - type: integer - items: - description: items If unspecified, each key-value pair in - the Data field of the referenced Secret will be projected - into the volume as a file whose name is the key and content - is the value. If specified, the listed keys will be projected - into the specified paths, and unlisted keys will not be - present. If a key is specified which is not present in - the Secret, the volume setup will error unless it is marked - optional. Paths must be relative and may not contain the - '..' path or start with '..'. - items: - description: Maps a string key to a path within a volume. - properties: - key: - description: key is the key to project. - type: string - mode: - description: 'mode is Optional: mode bits used to - set permissions on this file. Must be an octal value - between 0000 and 0777 or a decimal value between - 0 and 511. YAML accepts both octal and decimal values, - JSON requires decimal values for mode bits. If not - specified, the volume defaultMode will be used. - This might be in conflict with other options that - affect the file mode, like fsGroup, and the result - can be other mode bits set.' - format: int32 - type: integer - path: - description: path is the relative path of the file - to map the key to. May not be an absolute path. - May not contain the path element '..'. May not start - with the string '..'. - type: string - required: - - key - - path - type: object - type: array - optional: - description: optional field specify whether the Secret or - its keys must be defined - type: boolean - secretName: - description: 'secretName is the name of the secret in the - pod''s namespace to use. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret' - type: string - type: object - storageos: - description: storageOS represents a StorageOS volume attached - and mounted on Kubernetes nodes. - properties: - fsType: - description: fsType is the filesystem type to mount. Must - be a filesystem type supported by the host operating system. - Ex. "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" - if unspecified. - type: string - readOnly: - description: readOnly defaults to false (read/write). ReadOnly - here will force the ReadOnly setting in VolumeMounts. - type: boolean - secretRef: - description: secretRef specifies the secret to use for obtaining - the StorageOS API credentials. If not specified, default - values will be attempted. - properties: - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid?' - type: string - type: object - x-kubernetes-map-type: atomic - volumeName: - description: volumeName is the human-readable name of the - StorageOS volume. Volume names are only unique within - a namespace. - type: string - volumeNamespace: - description: volumeNamespace specifies the scope of the - volume within StorageOS. If no namespace is specified - then the Pod's namespace will be used. This allows the - Kubernetes name scoping to be mirrored within StorageOS - for tighter integration. Set VolumeName to any name to - override the default behaviour. Set to "default" if you - are not using namespaces within StorageOS. Namespaces - that do not pre-exist within StorageOS will be created. - type: string - type: object - vsphereVolume: - description: vsphereVolume represents a vSphere volume attached - and mounted on kubelets host machine - properties: - fsType: - description: fsType is filesystem type to mount. Must be - a filesystem type supported by the host operating system. - Ex. "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" - if unspecified. - type: string - storagePolicyID: - description: storagePolicyID is the storage Policy Based - Management (SPBM) profile ID associated with the StoragePolicyName. - type: string - storagePolicyName: - description: storagePolicyName is the storage Policy Based - Management (SPBM) profile name. - type: string - volumePath: - description: volumePath is the path that identifies vSphere - volume vmdk - type: string - required: - - volumePath - type: object - required: - - name - type: object - type: array - type: object - type: object - served: true - storage: true - subresources: {} diff --git a/cluster/crds/pkg.crossplane.io_locks.yaml b/cluster/crds/pkg.crossplane.io_locks.yaml deleted file mode 100644 index 35b9bdce5bf..00000000000 --- a/cluster/crds/pkg.crossplane.io_locks.yaml +++ /dev/null @@ -1,93 +0,0 @@ -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - annotations: - controller-gen.kubebuilder.io/version: v0.12.1 - name: locks.pkg.crossplane.io -spec: - group: pkg.crossplane.io - names: - kind: Lock - listKind: LockList - plural: locks - singular: lock - scope: Cluster - versions: - - additionalPrinterColumns: - - jsonPath: .metadata.creationTimestamp - name: AGE - type: date - name: v1beta1 - schema: - openAPIV3Schema: - description: Lock is the CRD type that tracks package dependencies. - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - packages: - items: - description: LockPackage is a package that is in the lock. - properties: - dependencies: - description: Dependencies are the list of dependencies of this package. - The order of the dependencies will dictate the order in which - they are resolved. - items: - description: A Dependency is a dependency of a package in the - lock. - properties: - constraints: - description: Constraints is a valid semver range, which will - be used to select a valid dependency version. - type: string - package: - description: Package is the OCI image name without a tag or - digest. - type: string - type: - description: Type is the type of package. Can be either Configuration - or Provider. - type: string - required: - - constraints - - package - - type - type: object - type: array - name: - description: Name corresponds to the name of the package revision - for this package. - type: string - source: - description: Source is the OCI image name without a tag or digest. - type: string - type: - description: Type is the type of package. Can be either Configuration - or Provider. - type: string - version: - description: Version is the tag or digest of the OCI image. - type: string - required: - - dependencies - - name - - source - - type - - version - type: object - type: array - type: object - served: true - storage: true - subresources: - status: {} diff --git a/cluster/crds/pkg.crossplane.io_providerrevisions.yaml b/cluster/crds/pkg.crossplane.io_providerrevisions.yaml deleted file mode 100644 index 09ed346da44..00000000000 --- a/cluster/crds/pkg.crossplane.io_providerrevisions.yaml +++ /dev/null @@ -1,283 +0,0 @@ -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - annotations: - controller-gen.kubebuilder.io/version: v0.12.1 - name: providerrevisions.pkg.crossplane.io -spec: - group: pkg.crossplane.io - names: - categories: - - crossplane - - pkgrev - kind: ProviderRevision - listKind: ProviderRevisionList - plural: providerrevisions - singular: providerrevision - scope: Cluster - versions: - - additionalPrinterColumns: - - jsonPath: .status.conditions[?(@.type=='Healthy')].status - name: HEALTHY - type: string - - jsonPath: .spec.revision - name: REVISION - type: string - - jsonPath: .spec.image - name: IMAGE - type: string - - jsonPath: .spec.desiredState - name: STATE - type: string - - jsonPath: .status.foundDependencies - name: DEP-FOUND - type: string - - jsonPath: .status.installedDependencies - name: DEP-INSTALLED - type: string - - jsonPath: .metadata.creationTimestamp - name: AGE - type: date - name: v1 - schema: - openAPIV3Schema: - description: A ProviderRevision that has been added to Crossplane. - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: PackageRevisionSpec specifies the desired state of a PackageRevision. - properties: - commonLabels: - additionalProperties: - type: string - description: 'Map of string keys and values that can be used to organize - and categorize (scope and select) objects. May match selectors of - replication controllers and services. More info: http://kubernetes.io/docs/user-guide/labels' - type: object - controllerConfigRef: - description: ControllerConfigRef references a ControllerConfig resource - that will be used to configure the packaged controller Deployment. - properties: - name: - description: Name of the ControllerConfig. - type: string - required: - - name - type: object - desiredState: - description: DesiredState of the PackageRevision. Can be either Active - or Inactive. - type: string - essTLSSecretName: - description: ESSTLSSecretName is the secret name of the TLS certificates - that will be used by the provider for External Secret Stores. - type: string - ignoreCrossplaneConstraints: - default: false - description: IgnoreCrossplaneConstraints indicates to the package - manager whether to honor Crossplane version constrains specified - by the package. Default is false. - type: boolean - image: - description: Package image used by install Pod to extract package - contents. - type: string - packagePullPolicy: - default: IfNotPresent - description: PackagePullPolicy defines the pull policy for the package. - It is also applied to any images pulled for the package, such as - a provider's controller image. Default is IfNotPresent. - type: string - packagePullSecrets: - description: PackagePullSecrets are named secrets in the same namespace - that can be used to fetch packages from private registries. They - are also applied to any images pulled for the package, such as a - provider's controller image. - items: - description: LocalObjectReference contains enough information to - let you locate the referenced object inside the same namespace. - properties: - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid?' - type: string - type: object - x-kubernetes-map-type: atomic - type: array - revision: - description: Revision number. Indicates when the revision will be - garbage collected based on the parent's RevisionHistoryLimit. - format: int64 - type: integer - skipDependencyResolution: - default: false - description: SkipDependencyResolution indicates to the package manager - whether to skip resolving dependencies for a package. Setting this - value to true may have unintended consequences. Default is false. - type: boolean - webhookTLSSecretName: - description: WebhookTLSSecretName is the name of the TLS Secret that - will be used by the provider to serve a TLS-enabled webhook server. - The certificate will be injected to webhook configurations as well - as CRD conversion webhook strategy if needed. If it's not given, - provider will not have a certificate mounted to its filesystem, - webhook configurations won't be deployed and if there is a CRD with - webhook conversion strategy, the installation will fail. - type: string - required: - - desiredState - - image - - revision - type: object - status: - description: PackageRevisionStatus represents the observed state of a - PackageRevision. - properties: - conditions: - description: Conditions of the resource. - items: - description: A Condition that may apply to a resource. - properties: - lastTransitionTime: - description: LastTransitionTime is the last time this condition - transitioned from one status to another. - format: date-time - type: string - message: - description: A Message containing details about this condition's - last transition from one status to another, if any. - type: string - reason: - description: A Reason for this condition's last transition from - one status to another. - type: string - status: - description: Status of this condition; is it currently True, - False, or Unknown? - type: string - type: - description: Type of this condition. At most one of each condition - type may apply to a resource at any point in time. - type: string - required: - - lastTransitionTime - - reason - - status - - type - type: object - type: array - controllerRef: - description: ControllerRef references the controller (e.g. Deployment), - if any, that is responsible for reconciling the objects this package - revision installed. - properties: - name: - description: Name of the controller. - type: string - required: - - name - type: object - foundDependencies: - description: Dependency information. - format: int64 - type: integer - installedDependencies: - format: int64 - type: integer - invalidDependencies: - format: int64 - type: integer - objectRefs: - description: References to objects owned by PackageRevision. - items: - description: A TypedReference refers to an object by Name, Kind, - and APIVersion. It is commonly used to reference cluster-scoped - objects or objects where the namespace is already known. - properties: - apiVersion: - description: APIVersion of the referenced object. - type: string - kind: - description: Kind of the referenced object. - type: string - name: - description: Name of the referenced object. - type: string - uid: - description: UID of the referenced object. - type: string - required: - - apiVersion - - kind - - name - type: object - type: array - permissionRequests: - description: PermissionRequests made by this package. The package - declares that its controller needs these permissions to run. The - RBAC manager is responsible for granting them. - items: - description: PolicyRule holds information that describes a policy - rule, but does not contain information about who the rule applies - to or which namespace the rule applies to. - properties: - apiGroups: - description: APIGroups is the name of the APIGroup that contains - the resources. If multiple API groups are specified, any - action requested against one of the enumerated resources in - any API group will be allowed. "" represents the core API - group and "*" represents all API groups. - items: - type: string - type: array - nonResourceURLs: - description: NonResourceURLs is a set of partial urls that a - user should have access to. *s are allowed, but only as the - full, final step in the path Since non-resource URLs are not - namespaced, this field is only applicable for ClusterRoles - referenced from a ClusterRoleBinding. Rules can either apply - to API resources (such as "pods" or "secrets") or non-resource - URL paths (such as "/api"), but not both. - items: - type: string - type: array - resourceNames: - description: ResourceNames is an optional white list of names - that the rule applies to. An empty set means that everything - is allowed. - items: - type: string - type: array - resources: - description: Resources is a list of resources this rule applies - to. '*' represents all resources. - items: - type: string - type: array - verbs: - description: Verbs is a list of Verbs that apply to ALL the - ResourceKinds contained in this rule. '*' represents all verbs. - items: - type: string - type: array - required: - - verbs - type: object - type: array - type: object - type: object - served: true - storage: true - subresources: - status: {} diff --git a/cluster/crds/pkg.crossplane.io_providers.yaml b/cluster/crds/pkg.crossplane.io_providers.yaml deleted file mode 100644 index 3c688ed086c..00000000000 --- a/cluster/crds/pkg.crossplane.io_providers.yaml +++ /dev/null @@ -1,174 +0,0 @@ -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - annotations: - controller-gen.kubebuilder.io/version: v0.12.1 - name: providers.pkg.crossplane.io -spec: - group: pkg.crossplane.io - names: - categories: - - crossplane - - pkg - kind: Provider - listKind: ProviderList - plural: providers - singular: provider - scope: Cluster - versions: - - additionalPrinterColumns: - - jsonPath: .status.conditions[?(@.type=='Installed')].status - name: INSTALLED - type: string - - jsonPath: .status.conditions[?(@.type=='Healthy')].status - name: HEALTHY - type: string - - jsonPath: .spec.package - name: PACKAGE - type: string - - jsonPath: .metadata.creationTimestamp - name: AGE - type: date - name: v1 - schema: - openAPIV3Schema: - description: Provider is the CRD type for a request to add a provider to Crossplane. - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: ProviderSpec specifies details about a request to install - a provider to Crossplane. - properties: - commonLabels: - additionalProperties: - type: string - description: 'Map of string keys and values that can be used to organize - and categorize (scope and select) objects. May match selectors of - replication controllers and services. More info: http://kubernetes.io/docs/user-guide/labels' - type: object - controllerConfigRef: - description: ControllerConfigRef references a ControllerConfig resource - that will be used to configure the packaged controller Deployment. - properties: - name: - description: Name of the ControllerConfig. - type: string - required: - - name - type: object - ignoreCrossplaneConstraints: - default: false - description: IgnoreCrossplaneConstraints indicates to the package - manager whether to honor Crossplane version constrains specified - by the package. Default is false. - type: boolean - package: - description: Package is the name of the package that is being requested. - type: string - packagePullPolicy: - default: IfNotPresent - description: PackagePullPolicy defines the pull policy for the package. - Default is IfNotPresent. - type: string - packagePullSecrets: - description: PackagePullSecrets are named secrets in the same namespace - that can be used to fetch packages from private registries. - items: - description: LocalObjectReference contains enough information to - let you locate the referenced object inside the same namespace. - properties: - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid?' - type: string - type: object - x-kubernetes-map-type: atomic - type: array - revisionActivationPolicy: - default: Automatic - description: RevisionActivationPolicy specifies how the package controller - should update from one revision to the next. Options are Automatic - or Manual. Default is Automatic. - type: string - revisionHistoryLimit: - default: 1 - description: RevisionHistoryLimit dictates how the package controller - cleans up old inactive package revisions. Defaults to 1. Can be - disabled by explicitly setting to 0. - format: int64 - type: integer - skipDependencyResolution: - default: false - description: SkipDependencyResolution indicates to the package manager - whether to skip resolving dependencies for a package. Setting this - value to true may have unintended consequences. Default is false. - type: boolean - required: - - package - type: object - status: - description: ProviderStatus represents the observed state of a Provider. - properties: - conditions: - description: Conditions of the resource. - items: - description: A Condition that may apply to a resource. - properties: - lastTransitionTime: - description: LastTransitionTime is the last time this condition - transitioned from one status to another. - format: date-time - type: string - message: - description: A Message containing details about this condition's - last transition from one status to another, if any. - type: string - reason: - description: A Reason for this condition's last transition from - one status to another. - type: string - status: - description: Status of this condition; is it currently True, - False, or Unknown? - type: string - type: - description: Type of this condition. At most one of each condition - type may apply to a resource at any point in time. - type: string - required: - - lastTransitionTime - - reason - - status - - type - type: object - type: array - currentIdentifier: - description: CurrentIdentifier is the most recent package source that - was used to produce a revision. The package manager uses this field - to determine whether to check for package updates for a given source - when packagePullPolicy is set to IfNotPresent. Manually removing - this field will cause the package manager to check that the current - revision is correct for the given package source. - type: string - currentRevision: - description: CurrentRevision is the name of the current package revision. - It will reflect the most up to date revision, whether it has been - activated or not. - type: string - type: object - type: object - served: true - storage: true - subresources: - status: {} diff --git a/cluster/crds/secrets.crossplane.io_storeconfigs.yaml b/cluster/crds/secrets.crossplane.io_storeconfigs.yaml deleted file mode 100644 index 8ac52a44a45..00000000000 --- a/cluster/crds/secrets.crossplane.io_storeconfigs.yaml +++ /dev/null @@ -1,302 +0,0 @@ -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - annotations: - controller-gen.kubebuilder.io/version: v0.12.1 - name: storeconfigs.secrets.crossplane.io -spec: - group: secrets.crossplane.io - names: - categories: - - crossplane - - store - kind: StoreConfig - listKind: StoreConfigList - plural: storeconfigs - singular: storeconfig - scope: Cluster - versions: - - additionalPrinterColumns: - - jsonPath: .metadata.creationTimestamp - name: AGE - type: date - - jsonPath: .spec.type - name: TYPE - type: string - - jsonPath: .spec.defaultScope - name: DEFAULT-SCOPE - type: string - name: v1alpha1 - schema: - openAPIV3Schema: - description: A StoreConfig configures how Crossplane controllers should store - connection details. - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: A StoreConfigSpec defines the desired state of a StoreConfig. - properties: - defaultScope: - description: DefaultScope used for scoping secrets for "cluster-scoped" - resources. If store type is "Kubernetes", this would mean the default - namespace to store connection secrets for cluster scoped resources. - In case of "Vault", this would be used as the default parent path. - Typically, should be set as Crossplane installation namespace. - type: string - kubernetes: - description: Kubernetes configures a Kubernetes secret store. If the - "type" is "Kubernetes" but no config provided, in cluster config - will be used. - properties: - auth: - description: Credentials used to connect to the Kubernetes API. - properties: - env: - description: Env is a reference to an environment variable - that contains credentials that must be used to connect to - the provider. - properties: - name: - description: Name is the name of an environment variable. - type: string - required: - - name - type: object - fs: - description: Fs is a reference to a filesystem location that - contains credentials that must be used to connect to the - provider. - properties: - path: - description: Path is a filesystem path. - type: string - required: - - path - type: object - secretRef: - description: A SecretRef is a reference to a secret key that - contains the credentials that must be used to connect to - the provider. - properties: - key: - description: The key to select. - type: string - name: - description: Name of the secret. - type: string - namespace: - description: Namespace of the secret. - type: string - required: - - key - - name - - namespace - type: object - source: - description: Source of the credentials. - enum: - - None - - Secret - - Environment - - Filesystem - type: string - required: - - source - type: object - required: - - auth - type: object - plugin: - description: Plugin configures External secret store as a plugin. - properties: - configRef: - description: ConfigRef contains store config reference info. - properties: - apiVersion: - description: APIVersion of the referenced config. - type: string - kind: - description: Kind of the referenced config. - type: string - name: - description: Name of the referenced config. - type: string - required: - - apiVersion - - kind - - name - type: object - endpoint: - description: Endpoint is the endpoint of the gRPC server. - type: string - type: object - type: - default: Kubernetes - description: Type configures which secret store to be used. Only the - configuration block for this store will be used and others will - be ignored if provided. Default is Kubernetes. - enum: - - Kubernetes - - Vault - - Plugin - type: string - vault: - description: 'Vault configures a Vault secret store. Deprecated: This - API is scheduled to be removed in a future release. Vault should - be used as a plugin going forward. See https://github.com/crossplane-contrib/ess-plugin-vault - for more information.' - properties: - auth: - description: Auth configures an authentication method for Vault. - properties: - method: - description: Method configures which auth method will be used. - type: string - token: - description: Token configures Token Auth for Vault. - properties: - env: - description: Env is a reference to an environment variable - that contains credentials that must be used to connect - to the provider. - properties: - name: - description: Name is the name of an environment variable. - type: string - required: - - name - type: object - fs: - description: Fs is a reference to a filesystem location - that contains credentials that must be used to connect - to the provider. - properties: - path: - description: Path is a filesystem path. - type: string - required: - - path - type: object - secretRef: - description: A SecretRef is a reference to a secret key - that contains the credentials that must be used to connect - to the provider. - properties: - key: - description: The key to select. - type: string - name: - description: Name of the secret. - type: string - namespace: - description: Namespace of the secret. - type: string - required: - - key - - name - - namespace - type: object - source: - description: Source of the credentials. - enum: - - None - - Secret - - Environment - - Filesystem - type: string - required: - - source - type: object - required: - - method - type: object - caBundle: - description: CABundle configures CA bundle for Vault Server. - properties: - env: - description: Env is a reference to an environment variable - that contains credentials that must be used to connect to - the provider. - properties: - name: - description: Name is the name of an environment variable. - type: string - required: - - name - type: object - fs: - description: Fs is a reference to a filesystem location that - contains credentials that must be used to connect to the - provider. - properties: - path: - description: Path is a filesystem path. - type: string - required: - - path - type: object - secretRef: - description: A SecretRef is a reference to a secret key that - contains the credentials that must be used to connect to - the provider. - properties: - key: - description: The key to select. - type: string - name: - description: Name of the secret. - type: string - namespace: - description: Namespace of the secret. - type: string - required: - - key - - name - - namespace - type: object - source: - description: Source of the credentials. - enum: - - None - - Secret - - Environment - - Filesystem - type: string - required: - - source - type: object - mountPath: - description: MountPath is the mount path of the KV secrets engine. - type: string - server: - description: Server is the url of the Vault server, e.g. "https://vault.acme.org" - type: string - version: - default: v2 - description: Version of the KV Secrets engine of Vault. https://www.vaultproject.io/docs/secrets/kv - type: string - required: - - auth - - mountPath - - server - type: object - required: - - defaultScope - type: object - required: - - spec - type: object - served: true - storage: true - subresources: {} diff --git a/cluster/webhookconfigurations/manifests.yaml b/cluster/webhookconfigurations/manifests.yaml deleted file mode 100644 index 1047ac81437..00000000000 --- a/cluster/webhookconfigurations/manifests.yaml +++ /dev/null @@ -1,45 +0,0 @@ ---- -apiVersion: admissionregistration.k8s.io/v1 -kind: ValidatingWebhookConfiguration -metadata: - name: validating-webhook-configuration -webhooks: -- admissionReviewVersions: - - v1 - clientConfig: - service: - name: webhook-service - namespace: system - path: /validate-apiextensions-crossplane-io-v1-compositeresourcedefinition - failurePolicy: Fail - name: compositeresourcedefinitions.apiextensions.crossplane.io - rules: - - apiGroups: - - apiextensions.crossplane.io - apiVersions: - - v1 - operations: - - UPDATE - resources: - - compositeresourcedefinitions - sideEffects: None -- admissionReviewVersions: - - v1 - clientConfig: - service: - name: webhook-service - namespace: system - path: /validate-apiextensions-crossplane-io-v1-composition - failurePolicy: Fail - name: compositions.apiextensions.crossplane.io - rules: - - apiGroups: - - apiextensions.crossplane.io - apiVersions: - - v1 - operations: - - UPDATE - - CREATE - resources: - - compositions - sideEffects: None diff --git a/go.mod b/go.mod index 9ac334dadb0..6faefcbf0e7 100644 --- a/go.mod +++ b/go.mod @@ -20,7 +20,7 @@ require ( github.com/sirupsen/logrus v1.9.3 github.com/spf13/afero v1.9.5 golang.org/x/sync v0.3.0 - golang.org/x/sys v0.10.0 + golang.org/x/sys v0.17.0 google.golang.org/grpc v1.56.2 google.golang.org/grpc/cmd/protoc-gen-go-grpc v1.3.0 google.golang.org/protobuf v1.31.0 @@ -92,7 +92,7 @@ require ( github.com/felixge/fgprof v0.9.3 // indirect github.com/fsnotify/fsnotify v1.6.0 // indirect github.com/go-chi/chi/v5 v5.0.8 // indirect - github.com/go-jose/go-jose/v3 v3.0.0 // indirect + github.com/go-jose/go-jose/v3 v3.0.3 // indirect github.com/go-logr/logr v1.2.4 // indirect github.com/go-logr/stdr v1.2.2 // indirect github.com/go-logr/zapr v1.2.4 // indirect @@ -163,12 +163,12 @@ require ( go.uber.org/atomic v1.11.0 // indirect go.uber.org/multierr v1.11.0 // indirect go.uber.org/zap v1.24.0 // indirect - golang.org/x/crypto v0.11.0 // indirect + golang.org/x/crypto v0.19.0 // indirect golang.org/x/mod v0.12.0 // indirect golang.org/x/net v0.12.0 // indirect; indirect // indirect golang.org/x/oauth2 v0.8.0 // indirect - golang.org/x/term v0.10.0 // indirect - golang.org/x/text v0.11.0 // indirect + golang.org/x/term v0.17.0 // indirect + golang.org/x/text v0.14.0 // indirect golang.org/x/time v0.3.0 // indirect golang.org/x/tools v0.11.0 // indirect gomodules.xyz/jsonpatch/v2 v2.3.0 // indirect diff --git a/go.sum b/go.sum index 3267c1123db..fbcd5329ea1 100644 --- a/go.sum +++ b/go.sum @@ -214,8 +214,8 @@ github.com/go-chi/chi/v5 v5.0.8/go.mod h1:DslCQbL2OYiznFReuXYUmQ2hGd1aDpCnlMNITL github.com/go-gl/glfw v0.0.0-20190409004039-e6da0acd62b1/go.mod h1:vR7hzQXu2zJy9AVAgeJqvqgH9Q5CA+iKCZ2gyEVpxRU= github.com/go-gl/glfw/v3.3/glfw v0.0.0-20191125211704-12ad95a8df72/go.mod h1:tQ2UAYgL5IevRw8kRxooKSPJfGvJ9fJQFa0TUsXzTg8= github.com/go-gl/glfw/v3.3/glfw v0.0.0-20200222043503-6f7a984d4dc4/go.mod h1:tQ2UAYgL5IevRw8kRxooKSPJfGvJ9fJQFa0TUsXzTg8= -github.com/go-jose/go-jose/v3 v3.0.0 h1:s6rrhirfEP/CGIoc6p+PZAeogN2SxKav6Wp7+dyMWVo= -github.com/go-jose/go-jose/v3 v3.0.0/go.mod h1:RNkWWRld676jZEYoV3+XK8L2ZnNSvIsxFMht0mSX+u8= +github.com/go-jose/go-jose/v3 v3.0.3 h1:fFKWeig/irsp7XD2zBxvnmA/XaRWp5V3CBsZXJF7G7k= +github.com/go-jose/go-jose/v3 v3.0.3/go.mod h1:5b+7YgP7ZICgJDBdfjZaIt+H/9L9T/YQrVfLAMboGkQ= github.com/go-logr/logr v0.2.0/go.mod h1:z6/tIYblkpsD+a4lm/fGIIU9mZ+XfAiaFtq7xTgseGU= github.com/go-logr/logr v1.2.0/go.mod h1:jdQByPbusPIv2/zmleS9BjJVeZ6kBagPoEUsqbVz/1A= github.com/go-logr/logr v1.2.2/go.mod h1:jdQByPbusPIv2/zmleS9BjJVeZ6kBagPoEUsqbVz/1A= @@ -493,7 +493,6 @@ github.com/stretchr/testify v1.2.2/go.mod h1:a8OnRcib4nhh0OaRAV+Yts87kKdq0PP7pXf github.com/stretchr/testify v1.3.0/go.mod h1:M5WIy9Dh21IEIfnGCwXGc5bZfKNJtfHm1UVUgZn+9EI= github.com/stretchr/testify v1.4.0/go.mod h1:j7eGeouHqKxXV5pUuKE4zz7dFj8WfuZ+81PSLYec5m4= github.com/stretchr/testify v1.5.1/go.mod h1:5W2xD1RspED5o8YsWQXVCued0rvSQ+mT+I5cxcmMvtA= -github.com/stretchr/testify v1.6.1/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg= github.com/stretchr/testify v1.7.0/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg= github.com/stretchr/testify v1.7.1/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg= github.com/stretchr/testify v1.8.0/go.mod h1:yNjHg4UonilssWZ8iaSj1OCr/vHnekPRkoO+kdMU+MU= @@ -546,7 +545,6 @@ go.uber.org/zap v1.24.0/go.mod h1:2kMP+WWQ8aoFoedH3T2sq6iJ2yDWpHbP0f6MQbS9Gkg= golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w= golang.org/x/crypto v0.0.0-20190510104115-cbcb75029529/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI= golang.org/x/crypto v0.0.0-20190605123033-f99c8df09eb5/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI= -golang.org/x/crypto v0.0.0-20190911031432-227b76d455e7/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI= golang.org/x/crypto v0.0.0-20191011191535-87dc89f01550/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI= golang.org/x/crypto v0.0.0-20200622213623-75b288015ac9/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto= golang.org/x/crypto v0.0.0-20210421170649-83a5a9bb288b/go.mod h1:T9bdIzuCu7OtxOm1hfPfRQxPLYneinmdGuTeoZ9dtd4= @@ -554,8 +552,8 @@ golang.org/x/crypto v0.0.0-20210921155107-089bfa567519/go.mod h1:GvvjBRRGRdwPK5y golang.org/x/crypto v0.0.0-20211215153901-e495a2d5b3d3/go.mod h1:IxCIyHEi3zRg3s0A5j5BB6A9Jmi73HwBIUl50j+osU4= golang.org/x/crypto v0.0.0-20220722155217-630584e8d5aa/go.mod h1:IxCIyHEi3zRg3s0A5j5BB6A9Jmi73HwBIUl50j+osU4= golang.org/x/crypto v0.6.0/go.mod h1:OFC/31mSvZgRz0V1QTNCzfAI1aIRzbiufJtkMIlEp58= -golang.org/x/crypto v0.11.0 h1:6Ewdq3tDic1mg5xRO4milcWCfMVQhI4NkqWWvqejpuA= -golang.org/x/crypto v0.11.0/go.mod h1:xgJhtzW8F9jGdVFWZESrid1U1bjeNy4zgy5cRr/CIio= +golang.org/x/crypto v0.19.0 h1:ENy+Az/9Y1vSrlrvBSyna3PITt4tiZLf7sgCjZBX7Wo= +golang.org/x/crypto v0.19.0/go.mod h1:Iy9bg/ha4yyC70EfRS8jz+B6ybOBKMaSxLj6P6oBDfU= golang.org/x/exp v0.0.0-20190121172915-509febef88a4/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA= golang.org/x/exp v0.0.0-20190306152737-a1d7652674e8/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA= golang.org/x/exp v0.0.0-20190510132918-efd6b22b2522/go.mod h1:ZjyILWgesfNpC6sMxTJOJm9Kp84zZh5NQWvqDGG3Qr8= @@ -593,6 +591,7 @@ golang.org/x/mod v0.4.2/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA= golang.org/x/mod v0.5.1/go.mod h1:5OXOZSfqPIIbmVBIIKWRFfZjPR0E5r58TLhUjH0a2Ro= golang.org/x/mod v0.6.0-dev.0.20220419223038-86c51ed26bb4/go.mod h1:jJ57K6gSWd91VN4djpZkiMVwK6gcyfeH4XE8wZrZaV4= golang.org/x/mod v0.7.0/go.mod h1:iBbtSCu2XBx23ZKBPSOrRkjjQPZFPuis4dIYUhu/chs= +golang.org/x/mod v0.8.0/go.mod h1:iBbtSCu2XBx23ZKBPSOrRkjjQPZFPuis4dIYUhu/chs= golang.org/x/mod v0.12.0 h1:rmsUpXtvNzj340zd98LZ4KntptpfRHwpFOHG188oHXc= golang.org/x/mod v0.12.0/go.mod h1:iBbtSCu2XBx23ZKBPSOrRkjjQPZFPuis4dIYUhu/chs= golang.org/x/net v0.0.0-20180724234803-3673e40ba225/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= @@ -633,6 +632,7 @@ golang.org/x/net v0.0.0-20211112202133-69e39bad7dc2/go.mod h1:9nx3DQGgdP8bBQD5qx golang.org/x/net v0.0.0-20220722155237-a158d28d115b/go.mod h1:XRhObCWvk6IyKnWLug+ECip1KBveYUHfp+8e9klMJ9c= golang.org/x/net v0.5.0/go.mod h1:DivGGAXEgPSlEBzxGzZI+ZLohi+xUj054jfeKui00ws= golang.org/x/net v0.6.0/go.mod h1:2Tu9+aMcznHK/AK1HMvgo6xiTLG5rD5rZLDS+rp2Bjs= +golang.org/x/net v0.10.0/go.mod h1:0qNGK6F8kojg2nk9dLZ2mShWaEBan6FAoqfSigmmuDg= golang.org/x/net v0.12.0 h1:cfawfvKITfUsFCeJIHJrbSxpeu/E81khclypR0GVT50= golang.org/x/net v0.12.0/go.mod h1:zEVYFnQC7m/vmpQFELhcD1EWkZlX69l4oqgmer6hfKA= golang.org/x/oauth2 v0.0.0-20180821212333-d2e6202438be/go.mod h1:N/0e6XlmueqKjAGxoOufVs8QHGRruUQn6yWY3a++T0U= @@ -716,14 +716,16 @@ golang.org/x/sys v0.0.0-20220906165534-d0df966e6959/go.mod h1:oPkhp1MJrh7nUepCBc golang.org/x/sys v0.0.0-20220908164124-27713097b956/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.4.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.5.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= -golang.org/x/sys v0.10.0 h1:SqMFp9UcQJZa+pmYuAKjd9xq1f0j5rLcDIk0mj4qAsA= -golang.org/x/sys v0.10.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= +golang.org/x/sys v0.8.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= +golang.org/x/sys v0.17.0 h1:25cE3gD+tdBA7lp7QfhuV+rJiE9YXTcS3VG1SqssI/Y= +golang.org/x/sys v0.17.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA= golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo= golang.org/x/term v0.0.0-20210927222741-03fcf44c2211/go.mod h1:jbD1KX2456YbFQfuXm/mYQcufACuNUgVhRMnK/tPxf8= golang.org/x/term v0.4.0/go.mod h1:9P2UbLfCdcvo3p/nzKvsmas4TnlujnuoV9hGgYzW1lQ= golang.org/x/term v0.5.0/go.mod h1:jMB1sMXY+tzblOD4FWmEbocvup2/aLOaQEp7JmGp78k= -golang.org/x/term v0.10.0 h1:3R7pNqamzBraeqj/Tj8qt1aQ2HpmlC+Cx/qL/7hn4/c= -golang.org/x/term v0.10.0/go.mod h1:lpqdcUyK/oCiQxvxVrppt5ggO2KCZ5QblwqPnfZ6d5o= +golang.org/x/term v0.8.0/go.mod h1:xPskH00ivmX89bAKVGSKKtLOWNx2+17Eiy94tnKShWo= +golang.org/x/term v0.17.0 h1:mkTF7LCd6WGJNL3K1Ad7kwxNfYAW6a8a8QqtMblp/4U= +golang.org/x/term v0.17.0/go.mod h1:lLRBjIVuehSbZlaOtGMbcMncT+aqLLLmKrsjNrUguwk= golang.org/x/text v0.0.0-20170915032832-14c0d48ead0c/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= golang.org/x/text v0.3.1-0.20180807135948-17ff2d5776d2/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= @@ -735,8 +737,9 @@ golang.org/x/text v0.3.6/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ= golang.org/x/text v0.3.7/go.mod h1:u+2+/6zg+i71rQMx5EYifcz6MCKuco9NR6JIITiCfzQ= golang.org/x/text v0.6.0/go.mod h1:mrYo+phRRbMaCq/xk9113O4dZlRixOauAjOtrjsXDZ8= golang.org/x/text v0.7.0/go.mod h1:mrYo+phRRbMaCq/xk9113O4dZlRixOauAjOtrjsXDZ8= -golang.org/x/text v0.11.0 h1:LAntKIrcmeSKERyiOh0XMV39LXS8IE9UL2yP7+f5ij4= -golang.org/x/text v0.11.0/go.mod h1:TvPlkZtksWOMsz7fbANvkp4WM8x/WCo/om8BMLbz+aE= +golang.org/x/text v0.9.0/go.mod h1:e1OnstbJyHTd6l/uOt8jFFHp6TRDWZR/bV3emEE/zU8= +golang.org/x/text v0.14.0 h1:ScX5w1eTa3QqT8oi6+ziP7dTV1S2+ALU0bI+0zXKWiQ= +golang.org/x/text v0.14.0/go.mod h1:18ZOQIKpY8NJVqYksKHtTdi31H5itFRjB5/qKTNYzSU= golang.org/x/time v0.0.0-20181108054448-85acf8d2951c/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ= golang.org/x/time v0.0.0-20190308202827-9d24e82272b4/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ= golang.org/x/time v0.0.0-20191024005414-555d28b269f0/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ= @@ -796,6 +799,7 @@ golang.org/x/tools v0.1.5/go.mod h1:o0xws9oXOQQZyjljx8fwUC0k7L1pTE6eaCbjGeHmOkk= golang.org/x/tools v0.1.8/go.mod h1:nABZi5QlRsZVlzPpHl034qft6wpY4eDcsTt5AaioBiU= golang.org/x/tools v0.1.12/go.mod h1:hNGJHUnrk76NpqgfD5Aqm5Crs+Hm0VOH/i9J2+nxYbc= golang.org/x/tools v0.5.0/go.mod h1:N+Kgy78s5I24c24dU8OfWNEotWjutIs8SnJvn5IDq+k= +golang.org/x/tools v0.6.0/go.mod h1:Xwgl3UAJ/d3gWutnCtw505GrjyAbvKui8lOU390QaIU= golang.org/x/tools v0.11.0 h1:EMCa6U9S2LtZXLAMoWiR/R8dAQFRqbAitmbJ2UKhoi8= golang.org/x/tools v0.11.0/go.mod h1:anzJrxPjNtfgiYQYirP2CPGzGLxrH2u2QBhn6Bf3qY8= golang.org/x/xerrors v0.0.0-20190717185122-a985d3407aa7/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=