From cc859c385d6dae1b601a9957a9ffa054ed6d2325 Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Mon, 13 May 2024 15:25:40 +0000 Subject: [PATCH] chore(deps): update fluxcd/flux2 action to v2.3.0 Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> --- .github/workflows/flux-e2e.yml | 2 +- .../local/flux-system/gotk-components.yaml | 8578 +++++++++++++---- .../gcp/dev/flux-system/gotk-components.yaml | 8578 +++++++++++++---- .../flux/flux-system/gotk-components.yaml | 8578 +++++++++++++---- .../homelab/flux-system/gotk-components.yaml | 8578 +++++++++++++---- .../local/flux-system/gotk-components.yaml | 8578 +++++++++++++---- 6 files changed, 34481 insertions(+), 8411 deletions(-) diff --git a/.github/workflows/flux-e2e.yml b/.github/workflows/flux-e2e.yml index 225b555ee2..68a0327a8a 100644 --- a/.github/workflows/flux-e2e.yml +++ b/.github/workflows/flux-e2e.yml @@ -80,7 +80,7 @@ jobs: helm list - name: Setup Flux CLI - uses: fluxcd/flux2/action@v2.1.1 + uses: fluxcd/flux2/action@v2.3.0 - name: Install Flux in Kubernetes run: flux install diff --git a/gitops/fluxcd/bootstrap/kind/local/flux-system/gotk-components.yaml b/gitops/fluxcd/bootstrap/kind/local/flux-system/gotk-components.yaml index 0c12f6afe8..8fd99ab9db 100644 --- a/gitops/fluxcd/bootstrap/kind/local/flux-system/gotk-components.yaml +++ b/gitops/fluxcd/bootstrap/kind/local/flux-system/gotk-components.yaml @@ -1,22 +1,6 @@ --- -# Copyright (C) Nicolas Lamirault -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -# SPDX-License-Identifier: Apache-2.0 - # This manifest was generated by flux. DO NOT EDIT. -# Flux Version: v2.1.1 +# Flux Version: v2.3.0 # Components: source-controller,kustomize-controller,helm-controller,notification-controller apiVersion: v1 kind: Namespace @@ -24,7 +8,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v2.1.1 + app.kubernetes.io/version: v2.3.0 pod-security.kubernetes.io/warn: restricted pod-security.kubernetes.io/warn-version: latest name: flux-system @@ -35,7 +19,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v2.1.1 + app.kubernetes.io/version: v2.3.0 name: allow-egress namespace: flux-system spec: @@ -55,7 +39,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v2.1.1 + app.kubernetes.io/version: v2.3.0 name: allow-scraping namespace: flux-system spec: @@ -75,7 +59,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v2.1.1 + app.kubernetes.io/version: v2.3.0 name: allow-webhooks namespace: flux-system spec: @@ -94,7 +78,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v2.1.1 + app.kubernetes.io/version: v2.3.0 name: critical-pods-flux-system namespace: flux-system spec: @@ -114,7 +98,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v2.1.1 + app.kubernetes.io/version: v2.3.0 name: crd-controller-flux-system rules: - apiGroups: @@ -197,6 +181,10 @@ rules: - update - patch - delete +- nonResourceURLs: + - /livez/ping + verbs: + - head --- apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRole @@ -204,7 +192,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v2.1.1 + app.kubernetes.io/version: v2.3.0 rbac.authorization.k8s.io/aggregate-to-admin: "true" rbac.authorization.k8s.io/aggregate-to-edit: "true" name: flux-edit-flux-system @@ -230,7 +218,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v2.1.1 + app.kubernetes.io/version: v2.3.0 rbac.authorization.k8s.io/aggregate-to-admin: "true" rbac.authorization.k8s.io/aggregate-to-edit: "true" rbac.authorization.k8s.io/aggregate-to-view: "true" @@ -255,7 +243,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v2.1.1 + app.kubernetes.io/version: v2.3.0 name: cluster-reconciler-flux-system roleRef: apiGroup: rbac.authorization.k8s.io @@ -275,7 +263,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v2.1.1 + app.kubernetes.io/version: v2.3.0 name: crd-controller-flux-system roleRef: apiGroup: rbac.authorization.k8s.io @@ -305,12 +293,12 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.12.0 + controller-gen.kubebuilder.io/version: v0.15.0 labels: app.kubernetes.io/component: source-controller app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v2.1.1 + app.kubernetes.io/version: v2.3.0 name: buckets.source.toolkit.fluxcd.io spec: group: source.toolkit.fluxcd.io @@ -334,40 +322,54 @@ spec: - jsonPath: .metadata.creationTimestamp name: Age type: date + deprecated: true + deprecationWarning: v1beta1 Bucket is deprecated, upgrade to v1beta2 name: v1beta1 schema: openAPIV3Schema: description: Bucket is the Schema for the buckets API properties: apiVersion: - description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert - recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string kind: - description: 'Kind is a string value representing the REST resource this object represents. Servers may infer - this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string metadata: type: object spec: - description: BucketSpec defines the desired state of an S3 compatible bucket + description: BucketSpec defines the desired state of an S3 compatible + bucket properties: accessFrom: - description: AccessFrom defines an Access Control List for allowing cross-namespace references to this object. + description: AccessFrom defines an Access Control List for allowing + cross-namespace references to this object. properties: namespaceSelectors: - description: NamespaceSelectors is the list of namespace selectors to which this ACL applies. Items in - this list are evaluated using a logical OR operation. + description: |- + NamespaceSelectors is the list of namespace selectors to which this ACL applies. + Items in this list are evaluated using a logical OR operation. items: - description: NamespaceSelector selects the namespaces to which this ACL applies. An empty map of MatchLabels - matches all namespaces in a cluster. + description: |- + NamespaceSelector selects the namespaces to which this ACL applies. + An empty map of MatchLabels matches all namespaces in a cluster. properties: matchLabels: additionalProperties: type: string - description: MatchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels - map is equivalent to an element of matchExpressions, whose key field is "key", the operator is - "In", and the values array contains only "value". The requirements are ANDed. + description: |- + MatchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, whose key field is "key", the + operator is "In", and the values array contains only "value". The requirements are ANDed. type: object type: object type: array @@ -381,9 +383,10 @@ spec: description: The bucket endpoint address. type: string ignore: - description: Ignore overrides the set of excluded patterns in the .sourceignore format (which is the same - as .gitignore). If not provided, a default will be used, consult the documentation for your version to find - out what those are. + description: |- + Ignore overrides the set of excluded patterns in the .sourceignore format + (which is the same as .gitignore). If not provided, a default will be used, + consult the documentation for your version to find out what those are. type: string insecure: description: Insecure allows connecting to a non-TLS S3 HTTP endpoint. @@ -403,7 +406,9 @@ spec: description: The bucket region. type: string secretRef: - description: The name of the secret containing authentication credentials for the Bucket. + description: |- + The name of the secret containing authentication credentials + for the Bucket. properties: name: description: Name of the referent. @@ -412,7 +417,8 @@ spec: - name type: object suspend: - description: This flag tells the controller to suspend the reconciliation of this source. + description: This flag tells the controller to suspend the reconciliation + of this source. type: boolean timeout: default: 60s @@ -429,21 +435,26 @@ spec: description: BucketStatus defines the observed state of a bucket properties: artifact: - description: Artifact represents the output of the last successful Bucket sync. + description: Artifact represents the output of the last successful + Bucket sync. properties: checksum: description: Checksum is the SHA256 checksum of the artifact. type: string lastUpdateTime: - description: LastUpdateTime is the timestamp corresponding to the last update of this artifact. + description: |- + LastUpdateTime is the timestamp corresponding to the last update of this + artifact. format: date-time type: string path: description: Path is the relative file path of this artifact. type: string revision: - description: Revision is a human readable identifier traceable in the origin source system. It can be - a Git commit SHA, Git tag, a Helm index timestamp, a Helm chart version, etc. + description: |- + Revision is a human readable identifier traceable in the origin source + system. It can be a Git commit SHA, Git tag, a Helm index timestamp, a Helm + chart version, etc. type: string url: description: URL is the HTTP address of this artifact. @@ -455,35 +466,43 @@ spec: conditions: description: Conditions holds the conditions for the Bucket. items: - description: "Condition contains details for one aspect of the current state of this API Resource. --- This - struct is intended for direct use as an array at the field path .status.conditions. For example, \n type - FooStatus struct{ // Represents the observations of a foo's current state. // Known .status.conditions.type - are: \"Available\", \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge // - +listType=map // +listMapKey=type Conditions []metav1.Condition `json:\"conditions,omitempty\" patchStrategy:\"merge\" - patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" + description: "Condition contains details for one aspect of the current + state of this API Resource.\n---\nThis struct is intended for + direct use as an array at the field path .status.conditions. For + example,\n\n\n\ttype FooStatus struct{\n\t // Represents the + observations of a foo's current state.\n\t // Known .status.conditions.type + are: \"Available\", \"Progressing\", and \"Degraded\"\n\t // + +patchMergeKey=type\n\t // +patchStrategy=merge\n\t // +listType=map\n\t + \ // +listMapKey=type\n\t Conditions []metav1.Condition `json:\"conditions,omitempty\" + patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"`\n\n\n\t + \ // other fields\n\t}" properties: lastTransitionTime: - description: lastTransitionTime is the last time the condition transitioned from one status to another. - This should be when the underlying condition changed. If that is not known, then using the time when - the API field changed is acceptable. + description: |- + lastTransitionTime is the last time the condition transitioned from one status to another. + This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. format: date-time type: string message: - description: message is a human readable message indicating details about the transition. This may be - an empty string. + description: |- + message is a human readable message indicating details about the transition. + This may be an empty string. maxLength: 32768 type: string observedGeneration: - description: observedGeneration represents the .metadata.generation that the condition was set based - upon. For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration - is 9, the condition is out of date with respect to the current state of the instance. + description: |- + observedGeneration represents the .metadata.generation that the condition was set based upon. + For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date + with respect to the current state of the instance. format: int64 minimum: 0 type: integer reason: - description: reason contains a programmatic identifier indicating the reason for the condition's last - transition. Producers of specific condition types may define expected values and meanings for this - field, and whether the values are considered a guaranteed API. The value should be a CamelCase string. + description: |- + reason contains a programmatic identifier indicating the reason for the condition's last transition. + Producers of specific condition types may define expected values and meanings for this field, + and whether the values are considered a guaranteed API. + The value should be a CamelCase string. This field may not be empty. maxLength: 1024 minLength: 1 @@ -497,9 +516,12 @@ spec: - Unknown type: string type: - description: type of condition in CamelCase or in foo.example.com/CamelCase. --- Many .condition.type - values are consistent across resources like Available, but because arbitrary conditions can be useful - (see .node.status.conditions), the ability to deconflict is important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + description: |- + type of condition in CamelCase or in foo.example.com/CamelCase. + --- + Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be + useful (see .node.status.conditions), the ability to deconflict is important. + The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) maxLength: 316 pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ type: string @@ -512,15 +534,18 @@ spec: type: object type: array lastHandledReconcileAt: - description: LastHandledReconcileAt holds the value of the most recent reconcile request value, so a change - of the annotation value can be detected. + description: |- + LastHandledReconcileAt holds the value of the most recent + reconcile request value, so a change of the annotation value + can be detected. type: string observedGeneration: description: ObservedGeneration is the last observed generation. format: int64 type: integer url: - description: URL is the download link for the artifact output of the last Bucket sync. + description: URL is the download link for the artifact output of the + last Bucket sync. type: string type: object type: object @@ -547,35 +572,49 @@ spec: description: Bucket is the Schema for the buckets API. properties: apiVersion: - description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert - recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string kind: - description: 'Kind is a string value representing the REST resource this object represents. Servers may infer - this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string metadata: type: object spec: - description: BucketSpec specifies the required configuration to produce an Artifact for an object storage bucket. + description: |- + BucketSpec specifies the required configuration to produce an Artifact for + an object storage bucket. properties: accessFrom: - description: 'AccessFrom specifies an Access Control List for allowing cross-namespace references to this - object. NOTE: Not implemented, provisional as of https://github.com/fluxcd/flux2/pull/2092' + description: |- + AccessFrom specifies an Access Control List for allowing cross-namespace + references to this object. + NOTE: Not implemented, provisional as of https://github.com/fluxcd/flux2/pull/2092 properties: namespaceSelectors: - description: NamespaceSelectors is the list of namespace selectors to which this ACL applies. Items in - this list are evaluated using a logical OR operation. + description: |- + NamespaceSelectors is the list of namespace selectors to which this ACL applies. + Items in this list are evaluated using a logical OR operation. items: - description: NamespaceSelector selects the namespaces to which this ACL applies. An empty map of MatchLabels - matches all namespaces in a cluster. + description: |- + NamespaceSelector selects the namespaces to which this ACL applies. + An empty map of MatchLabels matches all namespaces in a cluster. properties: matchLabels: additionalProperties: type: string - description: MatchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels - map is equivalent to an element of matchExpressions, whose key field is "key", the operator is - "In", and the values array contains only "value". The requirements are ANDed. + description: |- + MatchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, whose key field is "key", the + operator is "In", and the values array contains only "value". The requirements are ANDed. type: object type: object type: array @@ -586,25 +625,35 @@ spec: description: BucketName is the name of the object storage bucket. type: string endpoint: - description: Endpoint is the object storage address the BucketName is located at. + description: Endpoint is the object storage address the BucketName + is located at. type: string ignore: - description: Ignore overrides the set of excluded patterns in the .sourceignore format (which is the same - as .gitignore). If not provided, a default will be used, consult the documentation for your version to find - out what those are. + description: |- + Ignore overrides the set of excluded patterns in the .sourceignore format + (which is the same as .gitignore). If not provided, a default will be used, + consult the documentation for your version to find out what those are. type: string insecure: description: Insecure allows connecting to a non-TLS HTTP Endpoint. type: boolean interval: - description: Interval at which the Bucket Endpoint is checked for updates. This interval is approximate and - may be subject to jitter to ensure efficient use of resources. + description: |- + Interval at which the Bucket Endpoint is checked for updates. + This interval is approximate and may be subject to jitter to ensure + efficient use of resources. pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$ type: string + prefix: + description: Prefix to use for server-side filtering of files in the + Bucket. + type: string provider: default: generic - description: Provider of the object storage bucket. Defaults to 'generic', which expects an S3 (API) compatible - object storage. + description: |- + Provider of the object storage bucket. + Defaults to 'generic', which expects an S3 (API) compatible object + storage. enum: - generic - aws @@ -612,10 +661,13 @@ spec: - azure type: string region: - description: Region of the Endpoint where the BucketName is located in. + description: Region of the Endpoint where the BucketName is located + in. type: string secretRef: - description: SecretRef specifies the Secret containing authentication credentials for the Bucket. + description: |- + SecretRef specifies the Secret containing authentication credentials + for the Bucket. properties: name: description: Name of the referent. @@ -624,7 +676,9 @@ spec: - name type: object suspend: - description: Suspend tells the controller to suspend the reconciliation of this Bucket. + description: |- + Suspend tells the controller to suspend the reconciliation of this + Bucket. type: boolean timeout: default: 60s @@ -649,7 +703,9 @@ spec: pattern: ^[a-z0-9]+(?:[.+_-][a-z0-9]+)*:[a-zA-Z0-9=_-]+$ type: string lastUpdateTime: - description: LastUpdateTime is the timestamp corresponding to the last update of the Artifact. + description: |- + LastUpdateTime is the timestamp corresponding to the last update of the + Artifact. format: date-time type: string metadata: @@ -658,21 +714,25 @@ spec: description: Metadata holds upstream information such as OCI annotations. type: object path: - description: Path is the relative file path of the Artifact. It can be used to locate the file in the - root of the Artifact storage on the local file system of the controller managing the Source. + description: |- + Path is the relative file path of the Artifact. It can be used to locate + the file in the root of the Artifact storage on the local file system of + the controller managing the Source. type: string revision: - description: Revision is a human-readable identifier traceable in the origin source system. It can be - a Git commit SHA, Git tag, a Helm chart version, etc. + description: |- + Revision is a human-readable identifier traceable in the origin source + system. It can be a Git commit SHA, Git tag, a Helm chart version, etc. type: string size: description: Size is the number of bytes in the file. format: int64 type: integer url: - description: URL is the HTTP address of the Artifact as exposed by the controller managing the Source. - It can be used to retrieve the Artifact for consumption, e.g. by another controller applying the Artifact - contents. + description: |- + URL is the HTTP address of the Artifact as exposed by the controller + managing the Source. It can be used to retrieve the Artifact for + consumption, e.g. by another controller applying the Artifact contents. type: string required: - lastUpdateTime @@ -683,35 +743,43 @@ spec: conditions: description: Conditions holds the conditions for the Bucket. items: - description: "Condition contains details for one aspect of the current state of this API Resource. --- This - struct is intended for direct use as an array at the field path .status.conditions. For example, \n type - FooStatus struct{ // Represents the observations of a foo's current state. // Known .status.conditions.type - are: \"Available\", \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge // - +listType=map // +listMapKey=type Conditions []metav1.Condition `json:\"conditions,omitempty\" patchStrategy:\"merge\" - patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" + description: "Condition contains details for one aspect of the current + state of this API Resource.\n---\nThis struct is intended for + direct use as an array at the field path .status.conditions. For + example,\n\n\n\ttype FooStatus struct{\n\t // Represents the + observations of a foo's current state.\n\t // Known .status.conditions.type + are: \"Available\", \"Progressing\", and \"Degraded\"\n\t // + +patchMergeKey=type\n\t // +patchStrategy=merge\n\t // +listType=map\n\t + \ // +listMapKey=type\n\t Conditions []metav1.Condition `json:\"conditions,omitempty\" + patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"`\n\n\n\t + \ // other fields\n\t}" properties: lastTransitionTime: - description: lastTransitionTime is the last time the condition transitioned from one status to another. - This should be when the underlying condition changed. If that is not known, then using the time when - the API field changed is acceptable. + description: |- + lastTransitionTime is the last time the condition transitioned from one status to another. + This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. format: date-time type: string message: - description: message is a human readable message indicating details about the transition. This may be - an empty string. + description: |- + message is a human readable message indicating details about the transition. + This may be an empty string. maxLength: 32768 type: string observedGeneration: - description: observedGeneration represents the .metadata.generation that the condition was set based - upon. For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration - is 9, the condition is out of date with respect to the current state of the instance. + description: |- + observedGeneration represents the .metadata.generation that the condition was set based upon. + For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date + with respect to the current state of the instance. format: int64 minimum: 0 type: integer reason: - description: reason contains a programmatic identifier indicating the reason for the condition's last - transition. Producers of specific condition types may define expected values and meanings for this - field, and whether the values are considered a guaranteed API. The value should be a CamelCase string. + description: |- + reason contains a programmatic identifier indicating the reason for the condition's last transition. + Producers of specific condition types may define expected values and meanings for this field, + and whether the values are considered a guaranteed API. + The value should be a CamelCase string. This field may not be empty. maxLength: 1024 minLength: 1 @@ -725,9 +793,12 @@ spec: - Unknown type: string type: - description: type of condition in CamelCase or in foo.example.com/CamelCase. --- Many .condition.type - values are consistent across resources like Available, but because arbitrary conditions can be useful - (see .node.status.conditions), the ability to deconflict is important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + description: |- + type of condition in CamelCase or in foo.example.com/CamelCase. + --- + Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be + useful (see .node.status.conditions), the ability to deconflict is important. + The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) maxLength: 316 pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ type: string @@ -740,19 +811,26 @@ spec: type: object type: array lastHandledReconcileAt: - description: LastHandledReconcileAt holds the value of the most recent reconcile request value, so a change - of the annotation value can be detected. + description: |- + LastHandledReconcileAt holds the value of the most recent + reconcile request value, so a change of the annotation value + can be detected. type: string observedGeneration: - description: ObservedGeneration is the last observed generation of the Bucket object. + description: ObservedGeneration is the last observed generation of + the Bucket object. format: int64 type: integer observedIgnore: - description: ObservedIgnore is the observed exclusion patterns used for constructing the source artifact. + description: |- + ObservedIgnore is the observed exclusion patterns used for constructing + the source artifact. type: string url: - description: URL is the dynamic fetch link for the latest Artifact. It is provided on a "best effort" basis, - and using the precise BucketStatus.Artifact data is recommended. + description: |- + URL is the dynamic fetch link for the latest Artifact. + It is provided on a "best effort" basis, and using the precise + BucketStatus.Artifact data is recommended. type: string type: object type: object @@ -765,12 +843,12 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.12.0 + controller-gen.kubebuilder.io/version: v0.15.0 labels: app.kubernetes.io/component: source-controller app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v2.1.1 + app.kubernetes.io/version: v2.3.0 name: gitrepositories.source.toolkit.fluxcd.io spec: group: source.toolkit.fluxcd.io @@ -802,35 +880,51 @@ spec: description: GitRepository is the Schema for the gitrepositories API. properties: apiVersion: - description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert - recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string kind: - description: 'Kind is a string value representing the REST resource this object represents. Servers may infer - this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string metadata: type: object spec: - description: GitRepositorySpec specifies the required configuration to produce an Artifact for a Git repository. + description: |- + GitRepositorySpec specifies the required configuration to produce an + Artifact for a Git repository. properties: ignore: - description: Ignore overrides the set of excluded patterns in the .sourceignore format (which is the same - as .gitignore). If not provided, a default will be used, consult the documentation for your version to find - out what those are. + description: |- + Ignore overrides the set of excluded patterns in the .sourceignore format + (which is the same as .gitignore). If not provided, a default will be used, + consult the documentation for your version to find out what those are. type: string include: - description: Include specifies a list of GitRepository resources which Artifacts should be included in the - Artifact produced for this GitRepository. + description: |- + Include specifies a list of GitRepository resources which Artifacts + should be included in the Artifact produced for this GitRepository. items: - description: GitRepositoryInclude specifies a local reference to a GitRepository which Artifact (sub-)contents - must be included, and where they should be placed. + description: |- + GitRepositoryInclude specifies a local reference to a GitRepository which + Artifact (sub-)contents must be included, and where they should be placed. properties: fromPath: - description: FromPath specifies the path to copy contents from, defaults to the root of the Artifact. + description: |- + FromPath specifies the path to copy contents from, defaults to the root + of the Artifact. type: string repository: - description: GitRepositoryRef specifies the GitRepository which Artifact contents must be included. + description: |- + GitRepositoryRef specifies the GitRepository which Artifact contents + must be included. properties: name: description: Name of the referent. @@ -839,20 +933,25 @@ spec: - name type: object toPath: - description: ToPath specifies the path to copy contents to, defaults to the name of the GitRepositoryRef. + description: |- + ToPath specifies the path to copy contents to, defaults to the name of + the GitRepositoryRef. type: string required: - repository type: object type: array interval: - description: Interval at which the GitRepository URL is checked for updates. This interval is approximate - and may be subject to jitter to ensure efficient use of resources. + description: |- + Interval at which the GitRepository URL is checked for updates. + This interval is approximate and may be subject to jitter to ensure + efficient use of resources. pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$ type: string proxySecretRef: - description: ProxySecretRef specifies the Secret containing the proxy configuration to use while communicating - with the Git server. + description: |- + ProxySecretRef specifies the Secret containing the proxy configuration + to use while communicating with the Git server. properties: name: description: Name of the referent. @@ -861,36 +960,51 @@ spec: - name type: object recurseSubmodules: - description: RecurseSubmodules enables the initialization of all submodules within the GitRepository as cloned - from the URL, using their default settings. + description: |- + RecurseSubmodules enables the initialization of all submodules within + the GitRepository as cloned from the URL, using their default settings. type: boolean ref: - description: Reference specifies the Git reference to resolve and monitor for changes, defaults to the 'master' - branch. + description: |- + Reference specifies the Git reference to resolve and monitor for + changes, defaults to the 'master' branch. properties: branch: - description: Branch to check out, defaults to 'master' if no other field is defined. + description: Branch to check out, defaults to 'master' if no other + field is defined. type: string commit: - description: "Commit SHA to check out, takes precedence over all reference fields. \n This can be combined - with Branch to shallow clone the branch, in which the commit is expected to exist." + description: |- + Commit SHA to check out, takes precedence over all reference fields. + + + This can be combined with Branch to shallow clone the branch, in which + the commit is expected to exist. type: string name: - description: "Name of the reference to check out; takes precedence over Branch, Tag and SemVer. \n It - must be a valid Git reference: https://git-scm.com/docs/git-check-ref-format#_description Examples: - \"refs/heads/main\", \"refs/tags/v0.1.0\", \"refs/pull/420/head\", \"refs/merge-requests/1/head\"" + description: |- + Name of the reference to check out; takes precedence over Branch, Tag and SemVer. + + + It must be a valid Git reference: https://git-scm.com/docs/git-check-ref-format#_description + Examples: "refs/heads/main", "refs/tags/v0.1.0", "refs/pull/420/head", "refs/merge-requests/1/head" type: string semver: - description: SemVer tag expression to check out, takes precedence over Tag. + description: SemVer tag expression to check out, takes precedence + over Tag. type: string tag: description: Tag to check out, takes precedence over Branch. type: string type: object secretRef: - description: SecretRef specifies the Secret containing authentication credentials for the GitRepository. For - HTTPS repositories the Secret must contain 'username' and 'password' fields for basic auth or 'bearerToken' - field for token auth. For SSH repositories the Secret must contain 'identity' and 'known_hosts' fields. + description: |- + SecretRef specifies the Secret containing authentication credentials for + the GitRepository. + For HTTPS repositories the Secret must contain 'username' and 'password' + fields for basic auth or 'bearerToken' field for token auth. + For SSH repositories the Secret must contain 'identity' + and 'known_hosts' fields. properties: name: description: Name of the referent. @@ -899,25 +1013,35 @@ spec: - name type: object suspend: - description: Suspend tells the controller to suspend the reconciliation of this GitRepository. + description: |- + Suspend tells the controller to suspend the reconciliation of this + GitRepository. type: boolean timeout: default: 60s - description: Timeout for Git operations like cloning, defaults to 60s. + description: Timeout for Git operations like cloning, defaults to + 60s. pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m))+$ type: string url: - description: URL specifies the Git repository URL, it can be an HTTP/S or SSH address. + description: URL specifies the Git repository URL, it can be an HTTP/S + or SSH address. pattern: ^(http|https|ssh)://.*$ type: string verify: - description: Verification specifies the configuration to verify the Git commit signature(s). + description: |- + Verification specifies the configuration to verify the Git commit + signature(s). properties: mode: default: HEAD - description: "Mode specifies which Git object(s) should be verified. \n The variants \"head\" and \"HEAD\" - both imply the same thing, i.e. verify the commit that the HEAD of the Git repository points to. The - variant \"head\" solely exists to ensure backwards compatibility." + description: |- + Mode specifies which Git object(s) should be verified. + + + The variants "head" and "HEAD" both imply the same thing, i.e. verify + the commit that the HEAD of the Git repository points to. The variant + "head" solely exists to ensure backwards compatibility. enum: - head - HEAD @@ -925,7 +1049,9 @@ spec: - TagAndHEAD type: string secretRef: - description: SecretRef specifies the Secret containing the public keys of trusted Git authors. + description: |- + SecretRef specifies the Secret containing the public keys of trusted Git + authors. properties: name: description: Name of the referent. @@ -946,14 +1072,17 @@ spec: description: GitRepositoryStatus records the observed state of a Git repository. properties: artifact: - description: Artifact represents the last successful GitRepository reconciliation. + description: Artifact represents the last successful GitRepository + reconciliation. properties: digest: description: Digest is the digest of the file in the form of ':'. pattern: ^[a-z0-9]+(?:[.+_-][a-z0-9]+)*:[a-zA-Z0-9=_-]+$ type: string lastUpdateTime: - description: LastUpdateTime is the timestamp corresponding to the last update of the Artifact. + description: |- + LastUpdateTime is the timestamp corresponding to the last update of the + Artifact. format: date-time type: string metadata: @@ -962,21 +1091,25 @@ spec: description: Metadata holds upstream information such as OCI annotations. type: object path: - description: Path is the relative file path of the Artifact. It can be used to locate the file in the - root of the Artifact storage on the local file system of the controller managing the Source. + description: |- + Path is the relative file path of the Artifact. It can be used to locate + the file in the root of the Artifact storage on the local file system of + the controller managing the Source. type: string revision: - description: Revision is a human-readable identifier traceable in the origin source system. It can be - a Git commit SHA, Git tag, a Helm chart version, etc. + description: |- + Revision is a human-readable identifier traceable in the origin source + system. It can be a Git commit SHA, Git tag, a Helm chart version, etc. type: string size: description: Size is the number of bytes in the file. format: int64 type: integer url: - description: URL is the HTTP address of the Artifact as exposed by the controller managing the Source. - It can be used to retrieve the Artifact for consumption, e.g. by another controller applying the Artifact - contents. + description: |- + URL is the HTTP address of the Artifact as exposed by the controller + managing the Source. It can be used to retrieve the Artifact for + consumption, e.g. by another controller applying the Artifact contents. type: string required: - lastUpdateTime @@ -987,35 +1120,43 @@ spec: conditions: description: Conditions holds the conditions for the GitRepository. items: - description: "Condition contains details for one aspect of the current state of this API Resource. --- This - struct is intended for direct use as an array at the field path .status.conditions. For example, \n type - FooStatus struct{ // Represents the observations of a foo's current state. // Known .status.conditions.type - are: \"Available\", \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge // - +listType=map // +listMapKey=type Conditions []metav1.Condition `json:\"conditions,omitempty\" patchStrategy:\"merge\" - patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" + description: "Condition contains details for one aspect of the current + state of this API Resource.\n---\nThis struct is intended for + direct use as an array at the field path .status.conditions. For + example,\n\n\n\ttype FooStatus struct{\n\t // Represents the + observations of a foo's current state.\n\t // Known .status.conditions.type + are: \"Available\", \"Progressing\", and \"Degraded\"\n\t // + +patchMergeKey=type\n\t // +patchStrategy=merge\n\t // +listType=map\n\t + \ // +listMapKey=type\n\t Conditions []metav1.Condition `json:\"conditions,omitempty\" + patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"`\n\n\n\t + \ // other fields\n\t}" properties: lastTransitionTime: - description: lastTransitionTime is the last time the condition transitioned from one status to another. - This should be when the underlying condition changed. If that is not known, then using the time when - the API field changed is acceptable. + description: |- + lastTransitionTime is the last time the condition transitioned from one status to another. + This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. format: date-time type: string message: - description: message is a human readable message indicating details about the transition. This may be - an empty string. + description: |- + message is a human readable message indicating details about the transition. + This may be an empty string. maxLength: 32768 type: string observedGeneration: - description: observedGeneration represents the .metadata.generation that the condition was set based - upon. For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration - is 9, the condition is out of date with respect to the current state of the instance. + description: |- + observedGeneration represents the .metadata.generation that the condition was set based upon. + For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date + with respect to the current state of the instance. format: int64 minimum: 0 type: integer reason: - description: reason contains a programmatic identifier indicating the reason for the condition's last - transition. Producers of specific condition types may define expected values and meanings for this - field, and whether the values are considered a guaranteed API. The value should be a CamelCase string. + description: |- + reason contains a programmatic identifier indicating the reason for the condition's last transition. + Producers of specific condition types may define expected values and meanings for this field, + and whether the values are considered a guaranteed API. + The value should be a CamelCase string. This field may not be empty. maxLength: 1024 minLength: 1 @@ -1029,9 +1170,12 @@ spec: - Unknown type: string type: - description: type of condition in CamelCase or in foo.example.com/CamelCase. --- Many .condition.type - values are consistent across resources like Available, but because arbitrary conditions can be useful - (see .node.status.conditions), the ability to deconflict is important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + description: |- + type of condition in CamelCase or in foo.example.com/CamelCase. + --- + Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be + useful (see .node.status.conditions), the ability to deconflict is important. + The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) maxLength: 316 pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ type: string @@ -1044,40 +1188,49 @@ spec: type: object type: array includedArtifacts: - description: IncludedArtifacts contains a list of the last successfully included Artifacts as instructed by - GitRepositorySpec.Include. + description: |- + IncludedArtifacts contains a list of the last successfully included + Artifacts as instructed by GitRepositorySpec.Include. items: description: Artifact represents the output of a Source reconciliation. properties: digest: - description: Digest is the digest of the file in the form of ':'. + description: Digest is the digest of the file in the form of + ':'. pattern: ^[a-z0-9]+(?:[.+_-][a-z0-9]+)*:[a-zA-Z0-9=_-]+$ type: string lastUpdateTime: - description: LastUpdateTime is the timestamp corresponding to the last update of the Artifact. + description: |- + LastUpdateTime is the timestamp corresponding to the last update of the + Artifact. format: date-time type: string metadata: additionalProperties: type: string - description: Metadata holds upstream information such as OCI annotations. + description: Metadata holds upstream information such as OCI + annotations. type: object path: - description: Path is the relative file path of the Artifact. It can be used to locate the file in the - root of the Artifact storage on the local file system of the controller managing the Source. + description: |- + Path is the relative file path of the Artifact. It can be used to locate + the file in the root of the Artifact storage on the local file system of + the controller managing the Source. type: string revision: - description: Revision is a human-readable identifier traceable in the origin source system. It can be - a Git commit SHA, Git tag, a Helm chart version, etc. + description: |- + Revision is a human-readable identifier traceable in the origin source + system. It can be a Git commit SHA, Git tag, a Helm chart version, etc. type: string size: description: Size is the number of bytes in the file. format: int64 type: integer url: - description: URL is the HTTP address of the Artifact as exposed by the controller managing the Source. - It can be used to retrieve the Artifact for consumption, e.g. by another controller applying the Artifact - contents. + description: |- + URL is the HTTP address of the Artifact as exposed by the controller + managing the Source. It can be used to retrieve the Artifact for + consumption, e.g. by another controller applying the Artifact contents. type: string required: - lastUpdateTime @@ -1087,27 +1240,40 @@ spec: type: object type: array lastHandledReconcileAt: - description: LastHandledReconcileAt holds the value of the most recent reconcile request value, so a change - of the annotation value can be detected. + description: |- + LastHandledReconcileAt holds the value of the most recent + reconcile request value, so a change of the annotation value + can be detected. type: string observedGeneration: - description: ObservedGeneration is the last observed generation of the GitRepository object. + description: |- + ObservedGeneration is the last observed generation of the GitRepository + object. format: int64 type: integer observedIgnore: - description: ObservedIgnore is the observed exclusion patterns used for constructing the source artifact. + description: |- + ObservedIgnore is the observed exclusion patterns used for constructing + the source artifact. type: string observedInclude: - description: ObservedInclude is the observed list of GitRepository resources used to produce the current Artifact. + description: |- + ObservedInclude is the observed list of GitRepository resources used to + produce the current Artifact. items: - description: GitRepositoryInclude specifies a local reference to a GitRepository which Artifact (sub-)contents - must be included, and where they should be placed. + description: |- + GitRepositoryInclude specifies a local reference to a GitRepository which + Artifact (sub-)contents must be included, and where they should be placed. properties: fromPath: - description: FromPath specifies the path to copy contents from, defaults to the root of the Artifact. + description: |- + FromPath specifies the path to copy contents from, defaults to the root + of the Artifact. type: string repository: - description: GitRepositoryRef specifies the GitRepository which Artifact contents must be included. + description: |- + GitRepositoryRef specifies the GitRepository which Artifact contents + must be included. properties: name: description: Name of the referent. @@ -1116,19 +1282,23 @@ spec: - name type: object toPath: - description: ToPath specifies the path to copy contents to, defaults to the name of the GitRepositoryRef. + description: |- + ToPath specifies the path to copy contents to, defaults to the name of + the GitRepositoryRef. type: string required: - repository type: object type: array observedRecurseSubmodules: - description: ObservedRecurseSubmodules is the observed resource submodules configuration used to produce the - current Artifact. + description: |- + ObservedRecurseSubmodules is the observed resource submodules + configuration used to produce the current Artifact. type: boolean sourceVerificationMode: - description: SourceVerificationMode is the last used verification mode indicating which Git object(s) have - been verified. + description: |- + SourceVerificationMode is the last used verification mode indicating + which Git object(s) have been verified. type: string type: object type: object @@ -1157,12 +1327,19 @@ spec: description: GitRepository is the Schema for the gitrepositories API properties: apiVersion: - description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert - recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string kind: - description: 'Kind is a string value representing the REST resource this object represents. Servers may infer - this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string metadata: type: object @@ -1170,21 +1347,25 @@ spec: description: GitRepositorySpec defines the desired state of a Git repository. properties: accessFrom: - description: AccessFrom defines an Access Control List for allowing cross-namespace references to this object. + description: AccessFrom defines an Access Control List for allowing + cross-namespace references to this object. properties: namespaceSelectors: - description: NamespaceSelectors is the list of namespace selectors to which this ACL applies. Items in - this list are evaluated using a logical OR operation. + description: |- + NamespaceSelectors is the list of namespace selectors to which this ACL applies. + Items in this list are evaluated using a logical OR operation. items: - description: NamespaceSelector selects the namespaces to which this ACL applies. An empty map of MatchLabels - matches all namespaces in a cluster. + description: |- + NamespaceSelector selects the namespaces to which this ACL applies. + An empty map of MatchLabels matches all namespaces in a cluster. properties: matchLabels: additionalProperties: type: string - description: MatchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels - map is equivalent to an element of matchExpressions, whose key field is "key", the operator is - "In", and the values array contains only "value". The requirements are ANDed. + description: |- + MatchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, whose key field is "key", the + operator is "In", and the values array contains only "value". The requirements are ANDed. type: object type: object type: array @@ -1193,23 +1374,28 @@ spec: type: object gitImplementation: default: go-git - description: Determines which git client library to use. Defaults to go-git, valid values are ('go-git', 'libgit2'). + description: |- + Determines which git client library to use. + Defaults to go-git, valid values are ('go-git', 'libgit2'). enum: - go-git - libgit2 type: string ignore: - description: Ignore overrides the set of excluded patterns in the .sourceignore format (which is the same - as .gitignore). If not provided, a default will be used, consult the documentation for your version to find - out what those are. + description: |- + Ignore overrides the set of excluded patterns in the .sourceignore format + (which is the same as .gitignore). If not provided, a default will be used, + consult the documentation for your version to find out what those are. type: string include: description: Extra git repositories to map into the repository items: - description: GitRepositoryInclude defines a source with a from and to path. + description: GitRepositoryInclude defines a source with a from and + to path. properties: fromPath: - description: The path to copy contents from, defaults to the root directory. + description: The path to copy contents from, defaults to the + root directory. type: string repository: description: Reference to a GitRepository to include. @@ -1221,7 +1407,8 @@ spec: - name type: object toPath: - description: The path to copy contents to, defaults to the name of the source ref. + description: The path to copy contents to, defaults to the name + of the source ref. type: string required: - repository @@ -1231,28 +1418,38 @@ spec: description: The interval at which to check for repository updates. type: string recurseSubmodules: - description: When enabled, after the clone is created, initializes all submodules within, using their default - settings. This option is available only when using the 'go-git' GitImplementation. + description: |- + When enabled, after the clone is created, initializes all submodules within, + using their default settings. + This option is available only when using the 'go-git' GitImplementation. type: boolean ref: - description: The Git reference to checkout and monitor for changes, defaults to master branch. + description: |- + The Git reference to checkout and monitor for changes, defaults to + master branch. properties: branch: description: The Git branch to checkout, defaults to master. type: string commit: - description: The Git commit SHA to checkout, if specified Tag filters will be ignored. + description: The Git commit SHA to checkout, if specified Tag + filters will be ignored. type: string semver: - description: The Git tag semver expression, takes precedence over Tag. + description: The Git tag semver expression, takes precedence over + Tag. type: string tag: description: The Git tag to checkout, takes precedence over Branch. type: string type: object secretRef: - description: The secret name containing the Git credentials. For HTTPS repositories the secret must contain - username and password fields. For SSH repositories the secret must contain identity and known_hosts fields. + description: |- + The secret name containing the Git credentials. + For HTTPS repositories the secret must contain username and password + fields. + For SSH repositories the secret must contain identity and known_hosts + fields. properties: name: description: Name of the referent. @@ -1261,26 +1458,31 @@ spec: - name type: object suspend: - description: This flag tells the controller to suspend the reconciliation of this source. + description: This flag tells the controller to suspend the reconciliation + of this source. type: boolean timeout: default: 60s - description: The timeout for remote Git operations like cloning, defaults to 60s. + description: The timeout for remote Git operations like cloning, defaults + to 60s. type: string url: description: The repository URL, can be a HTTP/S or SSH address. pattern: ^(http|https|ssh)://.*$ type: string verify: - description: Verify OpenPGP signature for the Git commit HEAD points to. + description: Verify OpenPGP signature for the Git commit HEAD points + to. properties: mode: - description: Mode describes what git object should be verified, currently ('head'). + description: Mode describes what git object should be verified, + currently ('head'). enum: - head type: string secretRef: - description: The secret name containing the public keys of all trusted Git authors. + description: The secret name containing the public keys of all + trusted Git authors. properties: name: description: Name of the referent. @@ -1301,21 +1503,26 @@ spec: description: GitRepositoryStatus defines the observed state of a Git repository. properties: artifact: - description: Artifact represents the output of the last successful repository sync. + description: Artifact represents the output of the last successful + repository sync. properties: checksum: description: Checksum is the SHA256 checksum of the artifact. type: string lastUpdateTime: - description: LastUpdateTime is the timestamp corresponding to the last update of this artifact. + description: |- + LastUpdateTime is the timestamp corresponding to the last update of this + artifact. format: date-time type: string path: description: Path is the relative file path of this artifact. type: string revision: - description: Revision is a human readable identifier traceable in the origin source system. It can be - a Git commit SHA, Git tag, a Helm index timestamp, a Helm chart version, etc. + description: |- + Revision is a human readable identifier traceable in the origin source + system. It can be a Git commit SHA, Git tag, a Helm index timestamp, a Helm + chart version, etc. type: string url: description: URL is the HTTP address of this artifact. @@ -1327,35 +1534,43 @@ spec: conditions: description: Conditions holds the conditions for the GitRepository. items: - description: "Condition contains details for one aspect of the current state of this API Resource. --- This - struct is intended for direct use as an array at the field path .status.conditions. For example, \n type - FooStatus struct{ // Represents the observations of a foo's current state. // Known .status.conditions.type - are: \"Available\", \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge // - +listType=map // +listMapKey=type Conditions []metav1.Condition `json:\"conditions,omitempty\" patchStrategy:\"merge\" - patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" + description: "Condition contains details for one aspect of the current + state of this API Resource.\n---\nThis struct is intended for + direct use as an array at the field path .status.conditions. For + example,\n\n\n\ttype FooStatus struct{\n\t // Represents the + observations of a foo's current state.\n\t // Known .status.conditions.type + are: \"Available\", \"Progressing\", and \"Degraded\"\n\t // + +patchMergeKey=type\n\t // +patchStrategy=merge\n\t // +listType=map\n\t + \ // +listMapKey=type\n\t Conditions []metav1.Condition `json:\"conditions,omitempty\" + patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"`\n\n\n\t + \ // other fields\n\t}" properties: lastTransitionTime: - description: lastTransitionTime is the last time the condition transitioned from one status to another. - This should be when the underlying condition changed. If that is not known, then using the time when - the API field changed is acceptable. + description: |- + lastTransitionTime is the last time the condition transitioned from one status to another. + This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. format: date-time type: string message: - description: message is a human readable message indicating details about the transition. This may be - an empty string. + description: |- + message is a human readable message indicating details about the transition. + This may be an empty string. maxLength: 32768 type: string observedGeneration: - description: observedGeneration represents the .metadata.generation that the condition was set based - upon. For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration - is 9, the condition is out of date with respect to the current state of the instance. + description: |- + observedGeneration represents the .metadata.generation that the condition was set based upon. + For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date + with respect to the current state of the instance. format: int64 minimum: 0 type: integer reason: - description: reason contains a programmatic identifier indicating the reason for the condition's last - transition. Producers of specific condition types may define expected values and meanings for this - field, and whether the values are considered a guaranteed API. The value should be a CamelCase string. + description: |- + reason contains a programmatic identifier indicating the reason for the condition's last transition. + Producers of specific condition types may define expected values and meanings for this field, + and whether the values are considered a guaranteed API. + The value should be a CamelCase string. This field may not be empty. maxLength: 1024 minLength: 1 @@ -1369,9 +1584,12 @@ spec: - Unknown type: string type: - description: type of condition in CamelCase or in foo.example.com/CamelCase. --- Many .condition.type - values are consistent across resources like Available, but because arbitrary conditions can be useful - (see .node.status.conditions), the ability to deconflict is important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + description: |- + type of condition in CamelCase or in foo.example.com/CamelCase. + --- + Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be + useful (see .node.status.conditions), the ability to deconflict is important. + The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) maxLength: 316 pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ type: string @@ -1384,7 +1602,8 @@ spec: type: object type: array includedArtifacts: - description: IncludedArtifacts represents the included artifacts from the last successful repository sync. + description: IncludedArtifacts represents the included artifacts from + the last successful repository sync. items: description: Artifact represents the output of a source synchronisation. properties: @@ -1392,15 +1611,19 @@ spec: description: Checksum is the SHA256 checksum of the artifact. type: string lastUpdateTime: - description: LastUpdateTime is the timestamp corresponding to the last update of this artifact. + description: |- + LastUpdateTime is the timestamp corresponding to the last update of this + artifact. format: date-time type: string path: description: Path is the relative file path of this artifact. type: string revision: - description: Revision is a human readable identifier traceable in the origin source system. It can be - a Git commit SHA, Git tag, a Helm index timestamp, a Helm chart version, etc. + description: |- + Revision is a human readable identifier traceable in the origin source + system. It can be a Git commit SHA, Git tag, a Helm index timestamp, a Helm + chart version, etc. type: string url: description: URL is the HTTP address of this artifact. @@ -1411,15 +1634,19 @@ spec: type: object type: array lastHandledReconcileAt: - description: LastHandledReconcileAt holds the value of the most recent reconcile request value, so a change - of the annotation value can be detected. + description: |- + LastHandledReconcileAt holds the value of the most recent + reconcile request value, so a change of the annotation value + can be detected. type: string observedGeneration: description: ObservedGeneration is the last observed generation. format: int64 type: integer url: - description: URL is the download link for the artifact output of the last repository sync. + description: |- + URL is the download link for the artifact output of the last repository + sync. type: string type: object type: object @@ -1448,35 +1675,49 @@ spec: description: GitRepository is the Schema for the gitrepositories API. properties: apiVersion: - description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert - recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string kind: - description: 'Kind is a string value representing the REST resource this object represents. Servers may infer - this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string metadata: type: object spec: - description: GitRepositorySpec specifies the required configuration to produce an Artifact for a Git repository. + description: |- + GitRepositorySpec specifies the required configuration to produce an + Artifact for a Git repository. properties: accessFrom: - description: 'AccessFrom specifies an Access Control List for allowing cross-namespace references to this - object. NOTE: Not implemented, provisional as of https://github.com/fluxcd/flux2/pull/2092' + description: |- + AccessFrom specifies an Access Control List for allowing cross-namespace + references to this object. + NOTE: Not implemented, provisional as of https://github.com/fluxcd/flux2/pull/2092 properties: namespaceSelectors: - description: NamespaceSelectors is the list of namespace selectors to which this ACL applies. Items in - this list are evaluated using a logical OR operation. + description: |- + NamespaceSelectors is the list of namespace selectors to which this ACL applies. + Items in this list are evaluated using a logical OR operation. items: - description: NamespaceSelector selects the namespaces to which this ACL applies. An empty map of MatchLabels - matches all namespaces in a cluster. + description: |- + NamespaceSelector selects the namespaces to which this ACL applies. + An empty map of MatchLabels matches all namespaces in a cluster. properties: matchLabels: additionalProperties: type: string - description: MatchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels - map is equivalent to an element of matchExpressions, whose key field is "key", the operator is - "In", and the values array contains only "value". The requirements are ANDed. + description: |- + MatchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, whose key field is "key", the + operator is "In", and the values array contains only "value". The requirements are ANDed. type: object type: object type: array @@ -1485,30 +1726,39 @@ spec: type: object gitImplementation: default: go-git - description: 'GitImplementation specifies which Git client library implementation to use. Defaults to ''go-git'', - valid values are (''go-git'', ''libgit2''). Deprecated: gitImplementation is deprecated now that ''go-git'' - is the only supported implementation.' + description: |- + GitImplementation specifies which Git client library implementation to + use. Defaults to 'go-git', valid values are ('go-git', 'libgit2'). + Deprecated: gitImplementation is deprecated now that 'go-git' is the + only supported implementation. enum: - go-git - libgit2 type: string ignore: - description: Ignore overrides the set of excluded patterns in the .sourceignore format (which is the same - as .gitignore). If not provided, a default will be used, consult the documentation for your version to find - out what those are. + description: |- + Ignore overrides the set of excluded patterns in the .sourceignore format + (which is the same as .gitignore). If not provided, a default will be used, + consult the documentation for your version to find out what those are. type: string include: - description: Include specifies a list of GitRepository resources which Artifacts should be included in the - Artifact produced for this GitRepository. + description: |- + Include specifies a list of GitRepository resources which Artifacts + should be included in the Artifact produced for this GitRepository. items: - description: GitRepositoryInclude specifies a local reference to a GitRepository which Artifact (sub-)contents - must be included, and where they should be placed. + description: |- + GitRepositoryInclude specifies a local reference to a GitRepository which + Artifact (sub-)contents must be included, and where they should be placed. properties: fromPath: - description: FromPath specifies the path to copy contents from, defaults to the root of the Artifact. + description: |- + FromPath specifies the path to copy contents from, defaults to the root + of the Artifact. type: string repository: - description: GitRepositoryRef specifies the GitRepository which Artifact contents must be included. + description: |- + GitRepositoryRef specifies the GitRepository which Artifact contents + must be included. properties: name: description: Name of the referent. @@ -1517,7 +1767,9 @@ spec: - name type: object toPath: - description: ToPath specifies the path to copy contents to, defaults to the name of the GitRepositoryRef. + description: |- + ToPath specifies the path to copy contents to, defaults to the name of + the GitRepositoryRef. type: string required: - repository @@ -1528,36 +1780,51 @@ spec: pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$ type: string recurseSubmodules: - description: RecurseSubmodules enables the initialization of all submodules within the GitRepository as cloned - from the URL, using their default settings. + description: |- + RecurseSubmodules enables the initialization of all submodules within + the GitRepository as cloned from the URL, using their default settings. type: boolean ref: - description: Reference specifies the Git reference to resolve and monitor for changes, defaults to the 'master' - branch. + description: |- + Reference specifies the Git reference to resolve and monitor for + changes, defaults to the 'master' branch. properties: branch: - description: Branch to check out, defaults to 'master' if no other field is defined. + description: Branch to check out, defaults to 'master' if no other + field is defined. type: string commit: - description: "Commit SHA to check out, takes precedence over all reference fields. \n This can be combined - with Branch to shallow clone the branch, in which the commit is expected to exist." + description: |- + Commit SHA to check out, takes precedence over all reference fields. + + + This can be combined with Branch to shallow clone the branch, in which + the commit is expected to exist. type: string name: - description: "Name of the reference to check out; takes precedence over Branch, Tag and SemVer. \n It - must be a valid Git reference: https://git-scm.com/docs/git-check-ref-format#_description Examples: - \"refs/heads/main\", \"refs/tags/v0.1.0\", \"refs/pull/420/head\", \"refs/merge-requests/1/head\"" + description: |- + Name of the reference to check out; takes precedence over Branch, Tag and SemVer. + + + It must be a valid Git reference: https://git-scm.com/docs/git-check-ref-format#_description + Examples: "refs/heads/main", "refs/tags/v0.1.0", "refs/pull/420/head", "refs/merge-requests/1/head" type: string semver: - description: SemVer tag expression to check out, takes precedence over Tag. + description: SemVer tag expression to check out, takes precedence + over Tag. type: string tag: description: Tag to check out, takes precedence over Branch. type: string type: object secretRef: - description: SecretRef specifies the Secret containing authentication credentials for the GitRepository. For - HTTPS repositories the Secret must contain 'username' and 'password' fields for basic auth or 'bearerToken' - field for token auth. For SSH repositories the Secret must contain 'identity' and 'known_hosts' fields. + description: |- + SecretRef specifies the Secret containing authentication credentials for + the GitRepository. + For HTTPS repositories the Secret must contain 'username' and 'password' + fields for basic auth or 'bearerToken' field for token auth. + For SSH repositories the Secret must contain 'identity' + and 'known_hosts' fields. properties: name: description: Name of the referent. @@ -1566,27 +1833,36 @@ spec: - name type: object suspend: - description: Suspend tells the controller to suspend the reconciliation of this GitRepository. + description: |- + Suspend tells the controller to suspend the reconciliation of this + GitRepository. type: boolean timeout: default: 60s - description: Timeout for Git operations like cloning, defaults to 60s. + description: Timeout for Git operations like cloning, defaults to + 60s. pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m))+$ type: string url: - description: URL specifies the Git repository URL, it can be an HTTP/S or SSH address. + description: URL specifies the Git repository URL, it can be an HTTP/S + or SSH address. pattern: ^(http|https|ssh)://.*$ type: string verify: - description: Verification specifies the configuration to verify the Git commit signature(s). + description: |- + Verification specifies the configuration to verify the Git commit + signature(s). properties: mode: - description: Mode specifies what Git object should be verified, currently ('head'). + description: Mode specifies what Git object should be verified, + currently ('head'). enum: - head type: string secretRef: - description: SecretRef specifies the Secret containing the public keys of trusted Git authors. + description: |- + SecretRef specifies the Secret containing the public keys of trusted Git + authors. properties: name: description: Name of the referent. @@ -1608,14 +1884,17 @@ spec: description: GitRepositoryStatus records the observed state of a Git repository. properties: artifact: - description: Artifact represents the last successful GitRepository reconciliation. + description: Artifact represents the last successful GitRepository + reconciliation. properties: digest: description: Digest is the digest of the file in the form of ':'. pattern: ^[a-z0-9]+(?:[.+_-][a-z0-9]+)*:[a-zA-Z0-9=_-]+$ type: string lastUpdateTime: - description: LastUpdateTime is the timestamp corresponding to the last update of the Artifact. + description: |- + LastUpdateTime is the timestamp corresponding to the last update of the + Artifact. format: date-time type: string metadata: @@ -1624,21 +1903,25 @@ spec: description: Metadata holds upstream information such as OCI annotations. type: object path: - description: Path is the relative file path of the Artifact. It can be used to locate the file in the - root of the Artifact storage on the local file system of the controller managing the Source. + description: |- + Path is the relative file path of the Artifact. It can be used to locate + the file in the root of the Artifact storage on the local file system of + the controller managing the Source. type: string revision: - description: Revision is a human-readable identifier traceable in the origin source system. It can be - a Git commit SHA, Git tag, a Helm chart version, etc. + description: |- + Revision is a human-readable identifier traceable in the origin source + system. It can be a Git commit SHA, Git tag, a Helm chart version, etc. type: string size: description: Size is the number of bytes in the file. format: int64 type: integer url: - description: URL is the HTTP address of the Artifact as exposed by the controller managing the Source. - It can be used to retrieve the Artifact for consumption, e.g. by another controller applying the Artifact - contents. + description: |- + URL is the HTTP address of the Artifact as exposed by the controller + managing the Source. It can be used to retrieve the Artifact for + consumption, e.g. by another controller applying the Artifact contents. type: string required: - lastUpdateTime @@ -1649,35 +1932,43 @@ spec: conditions: description: Conditions holds the conditions for the GitRepository. items: - description: "Condition contains details for one aspect of the current state of this API Resource. --- This - struct is intended for direct use as an array at the field path .status.conditions. For example, \n type - FooStatus struct{ // Represents the observations of a foo's current state. // Known .status.conditions.type - are: \"Available\", \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge // - +listType=map // +listMapKey=type Conditions []metav1.Condition `json:\"conditions,omitempty\" patchStrategy:\"merge\" - patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" + description: "Condition contains details for one aspect of the current + state of this API Resource.\n---\nThis struct is intended for + direct use as an array at the field path .status.conditions. For + example,\n\n\n\ttype FooStatus struct{\n\t // Represents the + observations of a foo's current state.\n\t // Known .status.conditions.type + are: \"Available\", \"Progressing\", and \"Degraded\"\n\t // + +patchMergeKey=type\n\t // +patchStrategy=merge\n\t // +listType=map\n\t + \ // +listMapKey=type\n\t Conditions []metav1.Condition `json:\"conditions,omitempty\" + patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"`\n\n\n\t + \ // other fields\n\t}" properties: lastTransitionTime: - description: lastTransitionTime is the last time the condition transitioned from one status to another. - This should be when the underlying condition changed. If that is not known, then using the time when - the API field changed is acceptable. + description: |- + lastTransitionTime is the last time the condition transitioned from one status to another. + This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. format: date-time type: string message: - description: message is a human readable message indicating details about the transition. This may be - an empty string. + description: |- + message is a human readable message indicating details about the transition. + This may be an empty string. maxLength: 32768 type: string observedGeneration: - description: observedGeneration represents the .metadata.generation that the condition was set based - upon. For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration - is 9, the condition is out of date with respect to the current state of the instance. + description: |- + observedGeneration represents the .metadata.generation that the condition was set based upon. + For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date + with respect to the current state of the instance. format: int64 minimum: 0 type: integer reason: - description: reason contains a programmatic identifier indicating the reason for the condition's last - transition. Producers of specific condition types may define expected values and meanings for this - field, and whether the values are considered a guaranteed API. The value should be a CamelCase string. + description: |- + reason contains a programmatic identifier indicating the reason for the condition's last transition. + Producers of specific condition types may define expected values and meanings for this field, + and whether the values are considered a guaranteed API. + The value should be a CamelCase string. This field may not be empty. maxLength: 1024 minLength: 1 @@ -1691,9 +1982,12 @@ spec: - Unknown type: string type: - description: type of condition in CamelCase or in foo.example.com/CamelCase. --- Many .condition.type - values are consistent across resources like Available, but because arbitrary conditions can be useful - (see .node.status.conditions), the ability to deconflict is important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + description: |- + type of condition in CamelCase or in foo.example.com/CamelCase. + --- + Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be + useful (see .node.status.conditions), the ability to deconflict is important. + The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) maxLength: 316 pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ type: string @@ -1706,48 +2000,65 @@ spec: type: object type: array contentConfigChecksum: - description: "ContentConfigChecksum is a checksum of all the configurations related to the content of the - source artifact: - .spec.ignore - .spec.recurseSubmodules - .spec.included and the checksum of the included - artifacts observed in .status.observedGeneration version of the object. This can be used to determine if - the content of the included repository has changed. It has the format of `:`, for example: - `sha256:`. \n Deprecated: Replaced with explicit fields for observed artifact content config in - the status." + description: |- + ContentConfigChecksum is a checksum of all the configurations related to + the content of the source artifact: + - .spec.ignore + - .spec.recurseSubmodules + - .spec.included and the checksum of the included artifacts + observed in .status.observedGeneration version of the object. This can + be used to determine if the content of the included repository has + changed. + It has the format of `:`, for example: `sha256:`. + + + Deprecated: Replaced with explicit fields for observed artifact content + config in the status. type: string includedArtifacts: - description: IncludedArtifacts contains a list of the last successfully included Artifacts as instructed by - GitRepositorySpec.Include. + description: |- + IncludedArtifacts contains a list of the last successfully included + Artifacts as instructed by GitRepositorySpec.Include. items: description: Artifact represents the output of a Source reconciliation. properties: digest: - description: Digest is the digest of the file in the form of ':'. + description: Digest is the digest of the file in the form of + ':'. pattern: ^[a-z0-9]+(?:[.+_-][a-z0-9]+)*:[a-zA-Z0-9=_-]+$ type: string lastUpdateTime: - description: LastUpdateTime is the timestamp corresponding to the last update of the Artifact. + description: |- + LastUpdateTime is the timestamp corresponding to the last update of the + Artifact. format: date-time type: string metadata: additionalProperties: type: string - description: Metadata holds upstream information such as OCI annotations. + description: Metadata holds upstream information such as OCI + annotations. type: object path: - description: Path is the relative file path of the Artifact. It can be used to locate the file in the - root of the Artifact storage on the local file system of the controller managing the Source. + description: |- + Path is the relative file path of the Artifact. It can be used to locate + the file in the root of the Artifact storage on the local file system of + the controller managing the Source. type: string revision: - description: Revision is a human-readable identifier traceable in the origin source system. It can be - a Git commit SHA, Git tag, a Helm chart version, etc. + description: |- + Revision is a human-readable identifier traceable in the origin source + system. It can be a Git commit SHA, Git tag, a Helm chart version, etc. type: string size: description: Size is the number of bytes in the file. format: int64 type: integer url: - description: URL is the HTTP address of the Artifact as exposed by the controller managing the Source. - It can be used to retrieve the Artifact for consumption, e.g. by another controller applying the Artifact - contents. + description: |- + URL is the HTTP address of the Artifact as exposed by the controller + managing the Source. It can be used to retrieve the Artifact for + consumption, e.g. by another controller applying the Artifact contents. type: string required: - lastUpdateTime @@ -1757,28 +2068,40 @@ spec: type: object type: array lastHandledReconcileAt: - description: LastHandledReconcileAt holds the value of the most recent reconcile request value, so a change - of the annotation value can be detected. + description: |- + LastHandledReconcileAt holds the value of the most recent + reconcile request value, so a change of the annotation value + can be detected. type: string observedGeneration: - description: ObservedGeneration is the last observed generation of the GitRepository object. + description: |- + ObservedGeneration is the last observed generation of the GitRepository + object. format: int64 type: integer observedIgnore: - description: ObservedIgnore is the observed exclusion patterns used for constructing the source artifact. + description: |- + ObservedIgnore is the observed exclusion patterns used for constructing + the source artifact. type: string observedInclude: - description: ObservedInclude is the observed list of GitRepository resources used to to produce the current - Artifact. + description: |- + ObservedInclude is the observed list of GitRepository resources used to + to produce the current Artifact. items: - description: GitRepositoryInclude specifies a local reference to a GitRepository which Artifact (sub-)contents - must be included, and where they should be placed. + description: |- + GitRepositoryInclude specifies a local reference to a GitRepository which + Artifact (sub-)contents must be included, and where they should be placed. properties: fromPath: - description: FromPath specifies the path to copy contents from, defaults to the root of the Artifact. + description: |- + FromPath specifies the path to copy contents from, defaults to the root + of the Artifact. type: string repository: - description: GitRepositoryRef specifies the GitRepository which Artifact contents must be included. + description: |- + GitRepositoryRef specifies the GitRepository which Artifact contents + must be included. properties: name: description: Name of the referent. @@ -1787,19 +2110,24 @@ spec: - name type: object toPath: - description: ToPath specifies the path to copy contents to, defaults to the name of the GitRepositoryRef. + description: |- + ToPath specifies the path to copy contents to, defaults to the name of + the GitRepositoryRef. type: string required: - repository type: object type: array observedRecurseSubmodules: - description: ObservedRecurseSubmodules is the observed resource submodules configuration used to produce the - current Artifact. + description: |- + ObservedRecurseSubmodules is the observed resource submodules + configuration used to produce the current Artifact. type: boolean url: - description: URL is the dynamic fetch link for the latest Artifact. It is provided on a "best effort" basis, - and using the precise GitRepositoryStatus.Artifact data is recommended. + description: |- + URL is the dynamic fetch link for the latest Artifact. + It is provided on a "best effort" basis, and using the precise + GitRepositoryStatus.Artifact data is recommended. type: string type: object type: object @@ -1812,12 +2140,12 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.12.0 + controller-gen.kubebuilder.io/version: v0.15.0 labels: app.kubernetes.io/component: source-controller app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v2.1.1 + app.kubernetes.io/version: v2.3.0 name: helmcharts.source.toolkit.fluxcd.io spec: group: source.toolkit.fluxcd.io @@ -1830,6 +2158,351 @@ spec: singular: helmchart scope: Namespaced versions: + - additionalPrinterColumns: + - jsonPath: .spec.chart + name: Chart + type: string + - jsonPath: .spec.version + name: Version + type: string + - jsonPath: .spec.sourceRef.kind + name: Source Kind + type: string + - jsonPath: .spec.sourceRef.name + name: Source Name + type: string + - jsonPath: .metadata.creationTimestamp + name: Age + type: date + - jsonPath: .status.conditions[?(@.type=="Ready")].status + name: Ready + type: string + - jsonPath: .status.conditions[?(@.type=="Ready")].message + name: Status + type: string + name: v1 + schema: + openAPIV3Schema: + description: HelmChart is the Schema for the helmcharts API. + properties: + apiVersion: + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources + type: string + kind: + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds + type: string + metadata: + type: object + spec: + description: HelmChartSpec specifies the desired state of a Helm chart. + properties: + chart: + description: |- + Chart is the name or path the Helm chart is available at in the + SourceRef. + type: string + ignoreMissingValuesFiles: + description: |- + IgnoreMissingValuesFiles controls whether to silently ignore missing values + files rather than failing. + type: boolean + interval: + description: |- + Interval at which the HelmChart SourceRef is checked for updates. + This interval is approximate and may be subject to jitter to ensure + efficient use of resources. + pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$ + type: string + reconcileStrategy: + default: ChartVersion + description: |- + ReconcileStrategy determines what enables the creation of a new artifact. + Valid values are ('ChartVersion', 'Revision'). + See the documentation of the values for an explanation on their behavior. + Defaults to ChartVersion when omitted. + enum: + - ChartVersion + - Revision + type: string + sourceRef: + description: SourceRef is the reference to the Source the chart is + available at. + properties: + apiVersion: + description: APIVersion of the referent. + type: string + kind: + description: |- + Kind of the referent, valid values are ('HelmRepository', 'GitRepository', + 'Bucket'). + enum: + - HelmRepository + - GitRepository + - Bucket + type: string + name: + description: Name of the referent. + type: string + required: + - kind + - name + type: object + suspend: + description: |- + Suspend tells the controller to suspend the reconciliation of this + source. + type: boolean + valuesFiles: + description: |- + ValuesFiles is an alternative list of values files to use as the chart + values (values.yaml is not included by default), expected to be a + relative path in the SourceRef. + Values files are merged in the order of this list with the last file + overriding the first. Ignored when omitted. + items: + type: string + type: array + verify: + description: |- + Verify contains the secret name containing the trusted public keys + used to verify the signature and specifies which provider to use to check + whether OCI image is authentic. + This field is only supported when using HelmRepository source with spec.type 'oci'. + Chart dependencies, which are not bundled in the umbrella chart artifact, are not verified. + properties: + matchOIDCIdentity: + description: |- + MatchOIDCIdentity specifies the identity matching criteria to use + while verifying an OCI artifact which was signed using Cosign keyless + signing. The artifact's identity is deemed to be verified if any of the + specified matchers match against the identity. + items: + description: |- + OIDCIdentityMatch specifies options for verifying the certificate identity, + i.e. the issuer and the subject of the certificate. + properties: + issuer: + description: |- + Issuer specifies the regex pattern to match against to verify + the OIDC issuer in the Fulcio certificate. The pattern must be a + valid Go regular expression. + type: string + subject: + description: |- + Subject specifies the regex pattern to match against to verify + the identity subject in the Fulcio certificate. The pattern must + be a valid Go regular expression. + type: string + required: + - issuer + - subject + type: object + type: array + provider: + default: cosign + description: Provider specifies the technology used to sign the + OCI Artifact. + enum: + - cosign + - notation + type: string + secretRef: + description: |- + SecretRef specifies the Kubernetes Secret containing the + trusted public keys. + properties: + name: + description: Name of the referent. + type: string + required: + - name + type: object + required: + - provider + type: object + version: + default: '*' + description: |- + Version is the chart version semver expression, ignored for charts from + GitRepository and Bucket sources. Defaults to latest when omitted. + type: string + required: + - chart + - interval + - sourceRef + type: object + status: + default: + observedGeneration: -1 + description: HelmChartStatus records the observed state of the HelmChart. + properties: + artifact: + description: Artifact represents the output of the last successful + reconciliation. + properties: + digest: + description: Digest is the digest of the file in the form of ':'. + pattern: ^[a-z0-9]+(?:[.+_-][a-z0-9]+)*:[a-zA-Z0-9=_-]+$ + type: string + lastUpdateTime: + description: |- + LastUpdateTime is the timestamp corresponding to the last update of the + Artifact. + format: date-time + type: string + metadata: + additionalProperties: + type: string + description: Metadata holds upstream information such as OCI annotations. + type: object + path: + description: |- + Path is the relative file path of the Artifact. It can be used to locate + the file in the root of the Artifact storage on the local file system of + the controller managing the Source. + type: string + revision: + description: |- + Revision is a human-readable identifier traceable in the origin source + system. It can be a Git commit SHA, Git tag, a Helm chart version, etc. + type: string + size: + description: Size is the number of bytes in the file. + format: int64 + type: integer + url: + description: |- + URL is the HTTP address of the Artifact as exposed by the controller + managing the Source. It can be used to retrieve the Artifact for + consumption, e.g. by another controller applying the Artifact contents. + type: string + required: + - lastUpdateTime + - path + - revision + - url + type: object + conditions: + description: Conditions holds the conditions for the HelmChart. + items: + description: "Condition contains details for one aspect of the current + state of this API Resource.\n---\nThis struct is intended for + direct use as an array at the field path .status.conditions. For + example,\n\n\n\ttype FooStatus struct{\n\t // Represents the + observations of a foo's current state.\n\t // Known .status.conditions.type + are: \"Available\", \"Progressing\", and \"Degraded\"\n\t // + +patchMergeKey=type\n\t // +patchStrategy=merge\n\t // +listType=map\n\t + \ // +listMapKey=type\n\t Conditions []metav1.Condition `json:\"conditions,omitempty\" + patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"`\n\n\n\t + \ // other fields\n\t}" + properties: + lastTransitionTime: + description: |- + lastTransitionTime is the last time the condition transitioned from one status to another. + This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. + format: date-time + type: string + message: + description: |- + message is a human readable message indicating details about the transition. + This may be an empty string. + maxLength: 32768 + type: string + observedGeneration: + description: |- + observedGeneration represents the .metadata.generation that the condition was set based upon. + For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date + with respect to the current state of the instance. + format: int64 + minimum: 0 + type: integer + reason: + description: |- + reason contains a programmatic identifier indicating the reason for the condition's last transition. + Producers of specific condition types may define expected values and meanings for this field, + and whether the values are considered a guaranteed API. + The value should be a CamelCase string. + This field may not be empty. + maxLength: 1024 + minLength: 1 + pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ + type: string + status: + description: status of the condition, one of True, False, Unknown. + enum: + - "True" + - "False" + - Unknown + type: string + type: + description: |- + type of condition in CamelCase or in foo.example.com/CamelCase. + --- + Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be + useful (see .node.status.conditions), the ability to deconflict is important. + The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + maxLength: 316 + pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ + type: string + required: + - lastTransitionTime + - message + - reason + - status + - type + type: object + type: array + lastHandledReconcileAt: + description: |- + LastHandledReconcileAt holds the value of the most recent + reconcile request value, so a change of the annotation value + can be detected. + type: string + observedChartName: + description: |- + ObservedChartName is the last observed chart name as specified by the + resolved chart reference. + type: string + observedGeneration: + description: |- + ObservedGeneration is the last observed generation of the HelmChart + object. + format: int64 + type: integer + observedSourceArtifactRevision: + description: |- + ObservedSourceArtifactRevision is the last observed Artifact.Revision + of the HelmChartSpec.SourceRef. + type: string + observedValuesFiles: + description: |- + ObservedValuesFiles are the observed value files of the last successful + reconciliation. + It matches the chart in the last successfully reconciled artifact. + items: + type: string + type: array + url: + description: |- + URL is the dynamic fetch link for the latest Artifact. + It is provided on a "best effort" basis, and using the precise + BucketStatus.Artifact data is recommended. + type: string + type: object + type: object + served: true + storage: true + subresources: + status: {} - additionalPrinterColumns: - jsonPath: .spec.chart name: Chart @@ -1852,18 +2525,27 @@ spec: - jsonPath: .metadata.creationTimestamp name: Age type: date + deprecated: true + deprecationWarning: v1beta1 HelmChart is deprecated, upgrade to v1 name: v1beta1 schema: openAPIV3Schema: description: HelmChart is the Schema for the helmcharts API properties: apiVersion: - description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert - recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string kind: - description: 'Kind is a string value representing the REST resource this object represents. Servers may infer - this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string metadata: type: object @@ -1871,21 +2553,25 @@ spec: description: HelmChartSpec defines the desired state of a Helm chart. properties: accessFrom: - description: AccessFrom defines an Access Control List for allowing cross-namespace references to this object. + description: AccessFrom defines an Access Control List for allowing + cross-namespace references to this object. properties: namespaceSelectors: - description: NamespaceSelectors is the list of namespace selectors to which this ACL applies. Items in - this list are evaluated using a logical OR operation. + description: |- + NamespaceSelectors is the list of namespace selectors to which this ACL applies. + Items in this list are evaluated using a logical OR operation. items: - description: NamespaceSelector selects the namespaces to which this ACL applies. An empty map of MatchLabels - matches all namespaces in a cluster. + description: |- + NamespaceSelector selects the namespaces to which this ACL applies. + An empty map of MatchLabels matches all namespaces in a cluster. properties: matchLabels: additionalProperties: type: string - description: MatchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels - map is equivalent to an element of matchExpressions, whose key field is "key", the operator is - "In", and the values array contains only "value". The requirements are ANDed. + description: |- + MatchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, whose key field is "key", the + operator is "In", and the values array contains only "value". The requirements are ANDed. type: object type: object type: array @@ -1893,16 +2579,19 @@ spec: - namespaceSelectors type: object chart: - description: The name or path the Helm chart is available at in the SourceRef. + description: The name or path the Helm chart is available at in the + SourceRef. type: string interval: description: The interval at which to check the Source for updates. type: string reconcileStrategy: default: ChartVersion - description: Determines what enables the creation of a new artifact. Valid values are ('ChartVersion', 'Revision'). - See the documentation of the values for an explanation on their behavior. Defaults to ChartVersion when - omitted. + description: |- + Determines what enables the creation of a new artifact. Valid values are + ('ChartVersion', 'Revision'). + See the documentation of the values for an explanation on their behavior. + Defaults to ChartVersion when omitted. enum: - ChartVersion - Revision @@ -1914,7 +2603,9 @@ spec: description: APIVersion of the referent. type: string kind: - description: Kind of the referent, valid values are ('HelmRepository', 'GitRepository', 'Bucket'). + description: |- + Kind of the referent, valid values are ('HelmRepository', 'GitRepository', + 'Bucket'). enum: - HelmRepository - GitRepository @@ -1928,24 +2619,30 @@ spec: - name type: object suspend: - description: This flag tells the controller to suspend the reconciliation of this source. + description: This flag tells the controller to suspend the reconciliation + of this source. type: boolean valuesFile: - description: Alternative values file to use as the default chart values, expected to be a relative path in - the SourceRef. Deprecated in favor of ValuesFiles, for backwards compatibility the file defined here is - merged before the ValuesFiles items. Ignored when omitted. + description: |- + Alternative values file to use as the default chart values, expected to + be a relative path in the SourceRef. Deprecated in favor of ValuesFiles, + for backwards compatibility the file defined here is merged before the + ValuesFiles items. Ignored when omitted. type: string valuesFiles: - description: Alternative list of values files to use as the chart values (values.yaml is not included by default), - expected to be a relative path in the SourceRef. Values files are merged in the order of this list with - the last file overriding the first. Ignored when omitted. + description: |- + Alternative list of values files to use as the chart values (values.yaml + is not included by default), expected to be a relative path in the SourceRef. + Values files are merged in the order of this list with the last file overriding + the first. Ignored when omitted. items: type: string type: array version: default: '*' - description: The chart version semver expression, ignored for charts from GitRepository and Bucket sources. - Defaults to latest when omitted. + description: |- + The chart version semver expression, ignored for charts from GitRepository + and Bucket sources. Defaults to latest when omitted. type: string required: - chart @@ -1958,21 +2655,26 @@ spec: description: HelmChartStatus defines the observed state of the HelmChart. properties: artifact: - description: Artifact represents the output of the last successful chart sync. + description: Artifact represents the output of the last successful + chart sync. properties: checksum: description: Checksum is the SHA256 checksum of the artifact. type: string lastUpdateTime: - description: LastUpdateTime is the timestamp corresponding to the last update of this artifact. + description: |- + LastUpdateTime is the timestamp corresponding to the last update of this + artifact. format: date-time type: string path: description: Path is the relative file path of this artifact. type: string revision: - description: Revision is a human readable identifier traceable in the origin source system. It can be - a Git commit SHA, Git tag, a Helm index timestamp, a Helm chart version, etc. + description: |- + Revision is a human readable identifier traceable in the origin source + system. It can be a Git commit SHA, Git tag, a Helm index timestamp, a Helm + chart version, etc. type: string url: description: URL is the HTTP address of this artifact. @@ -1984,35 +2686,43 @@ spec: conditions: description: Conditions holds the conditions for the HelmChart. items: - description: "Condition contains details for one aspect of the current state of this API Resource. --- This - struct is intended for direct use as an array at the field path .status.conditions. For example, \n type - FooStatus struct{ // Represents the observations of a foo's current state. // Known .status.conditions.type - are: \"Available\", \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge // - +listType=map // +listMapKey=type Conditions []metav1.Condition `json:\"conditions,omitempty\" patchStrategy:\"merge\" - patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" + description: "Condition contains details for one aspect of the current + state of this API Resource.\n---\nThis struct is intended for + direct use as an array at the field path .status.conditions. For + example,\n\n\n\ttype FooStatus struct{\n\t // Represents the + observations of a foo's current state.\n\t // Known .status.conditions.type + are: \"Available\", \"Progressing\", and \"Degraded\"\n\t // + +patchMergeKey=type\n\t // +patchStrategy=merge\n\t // +listType=map\n\t + \ // +listMapKey=type\n\t Conditions []metav1.Condition `json:\"conditions,omitempty\" + patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"`\n\n\n\t + \ // other fields\n\t}" properties: lastTransitionTime: - description: lastTransitionTime is the last time the condition transitioned from one status to another. - This should be when the underlying condition changed. If that is not known, then using the time when - the API field changed is acceptable. + description: |- + lastTransitionTime is the last time the condition transitioned from one status to another. + This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. format: date-time type: string message: - description: message is a human readable message indicating details about the transition. This may be - an empty string. + description: |- + message is a human readable message indicating details about the transition. + This may be an empty string. maxLength: 32768 type: string observedGeneration: - description: observedGeneration represents the .metadata.generation that the condition was set based - upon. For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration - is 9, the condition is out of date with respect to the current state of the instance. + description: |- + observedGeneration represents the .metadata.generation that the condition was set based upon. + For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date + with respect to the current state of the instance. format: int64 minimum: 0 type: integer reason: - description: reason contains a programmatic identifier indicating the reason for the condition's last - transition. Producers of specific condition types may define expected values and meanings for this - field, and whether the values are considered a guaranteed API. The value should be a CamelCase string. + description: |- + reason contains a programmatic identifier indicating the reason for the condition's last transition. + Producers of specific condition types may define expected values and meanings for this field, + and whether the values are considered a guaranteed API. + The value should be a CamelCase string. This field may not be empty. maxLength: 1024 minLength: 1 @@ -2026,9 +2736,12 @@ spec: - Unknown type: string type: - description: type of condition in CamelCase or in foo.example.com/CamelCase. --- Many .condition.type - values are consistent across resources like Available, but because arbitrary conditions can be useful - (see .node.status.conditions), the ability to deconflict is important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + description: |- + type of condition in CamelCase or in foo.example.com/CamelCase. + --- + Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be + useful (see .node.status.conditions), the ability to deconflict is important. + The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) maxLength: 316 pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ type: string @@ -2041,8 +2754,10 @@ spec: type: object type: array lastHandledReconcileAt: - description: LastHandledReconcileAt holds the value of the most recent reconcile request value, so a change - of the annotation value can be detected. + description: |- + LastHandledReconcileAt holds the value of the most recent + reconcile request value, so a change of the annotation value + can be detected. type: string observedGeneration: description: ObservedGeneration is the last observed generation. @@ -2079,18 +2794,27 @@ spec: - jsonPath: .status.conditions[?(@.type=="Ready")].message name: Status type: string + deprecated: true + deprecationWarning: v1beta2 HelmChart is deprecated, upgrade to v1 name: v1beta2 schema: openAPIV3Schema: description: HelmChart is the Schema for the helmcharts API. properties: apiVersion: - description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert - recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string kind: - description: 'Kind is a string value representing the REST resource this object represents. Servers may infer - this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string metadata: type: object @@ -2098,22 +2822,27 @@ spec: description: HelmChartSpec specifies the desired state of a Helm chart. properties: accessFrom: - description: 'AccessFrom specifies an Access Control List for allowing cross-namespace references to this - object. NOTE: Not implemented, provisional as of https://github.com/fluxcd/flux2/pull/2092' + description: |- + AccessFrom specifies an Access Control List for allowing cross-namespace + references to this object. + NOTE: Not implemented, provisional as of https://github.com/fluxcd/flux2/pull/2092 properties: namespaceSelectors: - description: NamespaceSelectors is the list of namespace selectors to which this ACL applies. Items in - this list are evaluated using a logical OR operation. + description: |- + NamespaceSelectors is the list of namespace selectors to which this ACL applies. + Items in this list are evaluated using a logical OR operation. items: - description: NamespaceSelector selects the namespaces to which this ACL applies. An empty map of MatchLabels - matches all namespaces in a cluster. + description: |- + NamespaceSelector selects the namespaces to which this ACL applies. + An empty map of MatchLabels matches all namespaces in a cluster. properties: matchLabels: additionalProperties: type: string - description: MatchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels - map is equivalent to an element of matchExpressions, whose key field is "key", the operator is - "In", and the values array contains only "value". The requirements are ANDed. + description: |- + MatchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, whose key field is "key", the + operator is "In", and the values array contains only "value". The requirements are ANDed. type: object type: object type: array @@ -2121,30 +2850,44 @@ spec: - namespaceSelectors type: object chart: - description: Chart is the name or path the Helm chart is available at in the SourceRef. - type: string + description: |- + Chart is the name or path the Helm chart is available at in the + SourceRef. + type: string + ignoreMissingValuesFiles: + description: |- + IgnoreMissingValuesFiles controls whether to silently ignore missing values + files rather than failing. + type: boolean interval: - description: Interval at which the HelmChart SourceRef is checked for updates. This interval is approximate - and may be subject to jitter to ensure efficient use of resources. + description: |- + Interval at which the HelmChart SourceRef is checked for updates. + This interval is approximate and may be subject to jitter to ensure + efficient use of resources. pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$ type: string reconcileStrategy: default: ChartVersion - description: ReconcileStrategy determines what enables the creation of a new artifact. Valid values are ('ChartVersion', - 'Revision'). See the documentation of the values for an explanation on their behavior. Defaults to ChartVersion - when omitted. + description: |- + ReconcileStrategy determines what enables the creation of a new artifact. + Valid values are ('ChartVersion', 'Revision'). + See the documentation of the values for an explanation on their behavior. + Defaults to ChartVersion when omitted. enum: - ChartVersion - Revision type: string sourceRef: - description: SourceRef is the reference to the Source the chart is available at. + description: SourceRef is the reference to the Source the chart is + available at. properties: apiVersion: description: APIVersion of the referent. type: string kind: - description: Kind of the referent, valid values are ('HelmRepository', 'GitRepository', 'Bucket'). + description: |- + Kind of the referent, valid values are ('HelmRepository', 'GitRepository', + 'Bucket'). enum: - HelmRepository - GitRepository @@ -2158,34 +2901,75 @@ spec: - name type: object suspend: - description: Suspend tells the controller to suspend the reconciliation of this source. + description: |- + Suspend tells the controller to suspend the reconciliation of this + source. type: boolean valuesFile: - description: ValuesFile is an alternative values file to use as the default chart values, expected to be a - relative path in the SourceRef. Deprecated in favor of ValuesFiles, for backwards compatibility the file - specified here is merged before the ValuesFiles items. Ignored when omitted. + description: |- + ValuesFile is an alternative values file to use as the default chart + values, expected to be a relative path in the SourceRef. Deprecated in + favor of ValuesFiles, for backwards compatibility the file specified here + is merged before the ValuesFiles items. Ignored when omitted. type: string valuesFiles: - description: ValuesFiles is an alternative list of values files to use as the chart values (values.yaml is - not included by default), expected to be a relative path in the SourceRef. Values files are merged in the - order of this list with the last file overriding the first. Ignored when omitted. + description: |- + ValuesFiles is an alternative list of values files to use as the chart + values (values.yaml is not included by default), expected to be a + relative path in the SourceRef. + Values files are merged in the order of this list with the last file + overriding the first. Ignored when omitted. items: type: string type: array verify: - description: Verify contains the secret name containing the trusted public keys used to verify the signature - and specifies which provider to use to check whether OCI image is authentic. This field is only supported - when using HelmRepository source with spec.type 'oci'. Chart dependencies, which are not bundled in the - umbrella chart artifact, are not verified. + description: |- + Verify contains the secret name containing the trusted public keys + used to verify the signature and specifies which provider to use to check + whether OCI image is authentic. + This field is only supported when using HelmRepository source with spec.type 'oci'. + Chart dependencies, which are not bundled in the umbrella chart artifact, are not verified. properties: + matchOIDCIdentity: + description: |- + MatchOIDCIdentity specifies the identity matching criteria to use + while verifying an OCI artifact which was signed using Cosign keyless + signing. The artifact's identity is deemed to be verified if any of the + specified matchers match against the identity. + items: + description: |- + OIDCIdentityMatch specifies options for verifying the certificate identity, + i.e. the issuer and the subject of the certificate. + properties: + issuer: + description: |- + Issuer specifies the regex pattern to match against to verify + the OIDC issuer in the Fulcio certificate. The pattern must be a + valid Go regular expression. + type: string + subject: + description: |- + Subject specifies the regex pattern to match against to verify + the identity subject in the Fulcio certificate. The pattern must + be a valid Go regular expression. + type: string + required: + - issuer + - subject + type: object + type: array provider: default: cosign - description: Provider specifies the technology used to sign the OCI Artifact. + description: Provider specifies the technology used to sign the + OCI Artifact. enum: - cosign + - notation type: string secretRef: - description: SecretRef specifies the Kubernetes Secret containing the trusted public keys. + description: |- + SecretRef specifies the Kubernetes Secret containing the + trusted public keys. properties: name: description: Name of the referent. @@ -2198,8 +2982,9 @@ spec: type: object version: default: '*' - description: Version is the chart version semver expression, ignored for charts from GitRepository and Bucket - sources. Defaults to latest when omitted. + description: |- + Version is the chart version semver expression, ignored for charts from + GitRepository and Bucket sources. Defaults to latest when omitted. type: string required: - chart @@ -2212,14 +2997,17 @@ spec: description: HelmChartStatus records the observed state of the HelmChart. properties: artifact: - description: Artifact represents the output of the last successful reconciliation. + description: Artifact represents the output of the last successful + reconciliation. properties: digest: description: Digest is the digest of the file in the form of ':'. pattern: ^[a-z0-9]+(?:[.+_-][a-z0-9]+)*:[a-zA-Z0-9=_-]+$ type: string lastUpdateTime: - description: LastUpdateTime is the timestamp corresponding to the last update of the Artifact. + description: |- + LastUpdateTime is the timestamp corresponding to the last update of the + Artifact. format: date-time type: string metadata: @@ -2228,21 +3016,25 @@ spec: description: Metadata holds upstream information such as OCI annotations. type: object path: - description: Path is the relative file path of the Artifact. It can be used to locate the file in the - root of the Artifact storage on the local file system of the controller managing the Source. + description: |- + Path is the relative file path of the Artifact. It can be used to locate + the file in the root of the Artifact storage on the local file system of + the controller managing the Source. type: string revision: - description: Revision is a human-readable identifier traceable in the origin source system. It can be - a Git commit SHA, Git tag, a Helm chart version, etc. + description: |- + Revision is a human-readable identifier traceable in the origin source + system. It can be a Git commit SHA, Git tag, a Helm chart version, etc. type: string size: description: Size is the number of bytes in the file. format: int64 type: integer url: - description: URL is the HTTP address of the Artifact as exposed by the controller managing the Source. - It can be used to retrieve the Artifact for consumption, e.g. by another controller applying the Artifact - contents. + description: |- + URL is the HTTP address of the Artifact as exposed by the controller + managing the Source. It can be used to retrieve the Artifact for + consumption, e.g. by another controller applying the Artifact contents. type: string required: - lastUpdateTime @@ -2253,35 +3045,43 @@ spec: conditions: description: Conditions holds the conditions for the HelmChart. items: - description: "Condition contains details for one aspect of the current state of this API Resource. --- This - struct is intended for direct use as an array at the field path .status.conditions. For example, \n type - FooStatus struct{ // Represents the observations of a foo's current state. // Known .status.conditions.type - are: \"Available\", \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge // - +listType=map // +listMapKey=type Conditions []metav1.Condition `json:\"conditions,omitempty\" patchStrategy:\"merge\" - patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" + description: "Condition contains details for one aspect of the current + state of this API Resource.\n---\nThis struct is intended for + direct use as an array at the field path .status.conditions. For + example,\n\n\n\ttype FooStatus struct{\n\t // Represents the + observations of a foo's current state.\n\t // Known .status.conditions.type + are: \"Available\", \"Progressing\", and \"Degraded\"\n\t // + +patchMergeKey=type\n\t // +patchStrategy=merge\n\t // +listType=map\n\t + \ // +listMapKey=type\n\t Conditions []metav1.Condition `json:\"conditions,omitempty\" + patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"`\n\n\n\t + \ // other fields\n\t}" properties: lastTransitionTime: - description: lastTransitionTime is the last time the condition transitioned from one status to another. - This should be when the underlying condition changed. If that is not known, then using the time when - the API field changed is acceptable. + description: |- + lastTransitionTime is the last time the condition transitioned from one status to another. + This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. format: date-time type: string message: - description: message is a human readable message indicating details about the transition. This may be - an empty string. + description: |- + message is a human readable message indicating details about the transition. + This may be an empty string. maxLength: 32768 type: string observedGeneration: - description: observedGeneration represents the .metadata.generation that the condition was set based - upon. For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration - is 9, the condition is out of date with respect to the current state of the instance. + description: |- + observedGeneration represents the .metadata.generation that the condition was set based upon. + For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date + with respect to the current state of the instance. format: int64 minimum: 0 type: integer reason: - description: reason contains a programmatic identifier indicating the reason for the condition's last - transition. Producers of specific condition types may define expected values and meanings for this - field, and whether the values are considered a guaranteed API. The value should be a CamelCase string. + description: |- + reason contains a programmatic identifier indicating the reason for the condition's last transition. + Producers of specific condition types may define expected values and meanings for this field, + and whether the values are considered a guaranteed API. + The value should be a CamelCase string. This field may not be empty. maxLength: 1024 minLength: 1 @@ -2295,9 +3095,12 @@ spec: - Unknown type: string type: - description: type of condition in CamelCase or in foo.example.com/CamelCase. --- Many .condition.type - values are consistent across resources like Available, but because arbitrary conditions can be useful - (see .node.status.conditions), the ability to deconflict is important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + description: |- + type of condition in CamelCase or in foo.example.com/CamelCase. + --- + Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be + useful (see .node.status.conditions), the ability to deconflict is important. + The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) maxLength: 316 pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ type: string @@ -2310,27 +3113,45 @@ spec: type: object type: array lastHandledReconcileAt: - description: LastHandledReconcileAt holds the value of the most recent reconcile request value, so a change - of the annotation value can be detected. + description: |- + LastHandledReconcileAt holds the value of the most recent + reconcile request value, so a change of the annotation value + can be detected. type: string observedChartName: - description: ObservedChartName is the last observed chart name as specified by the resolved chart reference. + description: |- + ObservedChartName is the last observed chart name as specified by the + resolved chart reference. type: string observedGeneration: - description: ObservedGeneration is the last observed generation of the HelmChart object. + description: |- + ObservedGeneration is the last observed generation of the HelmChart + object. format: int64 type: integer observedSourceArtifactRevision: - description: ObservedSourceArtifactRevision is the last observed Artifact.Revision of the HelmChartSpec.SourceRef. - type: string + description: |- + ObservedSourceArtifactRevision is the last observed Artifact.Revision + of the HelmChartSpec.SourceRef. + type: string + observedValuesFiles: + description: |- + ObservedValuesFiles are the observed value files of the last successful + reconciliation. + It matches the chart in the last successfully reconciled artifact. + items: + type: string + type: array url: - description: URL is the dynamic fetch link for the latest Artifact. It is provided on a "best effort" basis, - and using the precise BucketStatus.Artifact data is recommended. + description: |- + URL is the dynamic fetch link for the latest Artifact. + It is provided on a "best effort" basis, and using the precise + BucketStatus.Artifact data is recommended. type: string type: object type: object served: true - storage: true + storage: false subresources: status: {} --- @@ -2338,12 +3159,12 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.12.0 + controller-gen.kubebuilder.io/version: v0.15.0 labels: app.kubernetes.io/component: source-controller app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v2.1.1 + app.kubernetes.io/version: v2.3.0 name: helmrepositories.source.toolkit.fluxcd.io spec: group: source.toolkit.fluxcd.io @@ -2360,84 +3181,424 @@ spec: - jsonPath: .spec.url name: URL type: string + - jsonPath: .metadata.creationTimestamp + name: Age + type: date - jsonPath: .status.conditions[?(@.type=="Ready")].status name: Ready type: string - jsonPath: .status.conditions[?(@.type=="Ready")].message name: Status type: string - - jsonPath: .metadata.creationTimestamp - name: Age - type: date - name: v1beta1 + name: v1 schema: openAPIV3Schema: - description: HelmRepository is the Schema for the helmrepositories API + description: HelmRepository is the Schema for the helmrepositories API. properties: apiVersion: - description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert - recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string kind: - description: 'Kind is a string value representing the REST resource this object represents. Servers may infer - this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string metadata: type: object spec: - description: HelmRepositorySpec defines the reference to a Helm repository. + description: |- + HelmRepositorySpec specifies the required configuration to produce an + Artifact for a Helm repository index YAML. properties: accessFrom: - description: AccessFrom defines an Access Control List for allowing cross-namespace references to this object. + description: |- + AccessFrom specifies an Access Control List for allowing cross-namespace + references to this object. + NOTE: Not implemented, provisional as of https://github.com/fluxcd/flux2/pull/2092 properties: namespaceSelectors: - description: NamespaceSelectors is the list of namespace selectors to which this ACL applies. Items in - this list are evaluated using a logical OR operation. + description: |- + NamespaceSelectors is the list of namespace selectors to which this ACL applies. + Items in this list are evaluated using a logical OR operation. items: - description: NamespaceSelector selects the namespaces to which this ACL applies. An empty map of MatchLabels - matches all namespaces in a cluster. + description: |- + NamespaceSelector selects the namespaces to which this ACL applies. + An empty map of MatchLabels matches all namespaces in a cluster. properties: matchLabels: additionalProperties: type: string - description: MatchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels - map is equivalent to an element of matchExpressions, whose key field is "key", the operator is - "In", and the values array contains only "value". The requirements are ANDed. + description: |- + MatchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, whose key field is "key", the + operator is "In", and the values array contains only "value". The requirements are ANDed. type: object type: object type: array required: - namespaceSelectors type: object - interval: - description: The interval at which to check the upstream for updates. - type: string - passCredentials: - description: PassCredentials allows the credentials from the SecretRef to be passed on to a host that does - not match the host as defined in URL. This may be required if the host of the advertised chart URLs in the - index differ from the defined URL. Enabling this should be done with caution, as it can potentially result - in credentials getting stolen in a MITM-attack. - type: boolean - secretRef: - description: The name of the secret containing authentication credentials for the Helm repository. For HTTP/S - basic auth the secret must contain username and password fields. For TLS the secret must contain a certFile - and keyFile, and/or caFile fields. - properties: - name: - description: Name of the referent. - type: string - required: - - name + certSecretRef: + description: |- + CertSecretRef can be given the name of a Secret containing + either or both of + + + - a PEM-encoded client certificate (`tls.crt`) and private + key (`tls.key`); + - a PEM-encoded CA certificate (`ca.crt`) + + + and whichever are supplied, will be used for connecting to the + registry. The client cert and key are useful if you are + authenticating with a certificate; the CA cert is useful if + you are using a self-signed server certificate. The Secret must + be of type `Opaque` or `kubernetes.io/tls`. + + + It takes precedence over the values specified in the Secret referred + to by `.spec.secretRef`. + properties: + name: + description: Name of the referent. + type: string + required: + - name + type: object + insecure: + description: |- + Insecure allows connecting to a non-TLS HTTP container registry. + This field is only taken into account if the .spec.type field is set to 'oci'. + type: boolean + interval: + description: |- + Interval at which the HelmRepository URL is checked for updates. + This interval is approximate and may be subject to jitter to ensure + efficient use of resources. + pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$ + type: string + passCredentials: + description: |- + PassCredentials allows the credentials from the SecretRef to be passed + on to a host that does not match the host as defined in URL. + This may be required if the host of the advertised chart URLs in the + index differ from the defined URL. + Enabling this should be done with caution, as it can potentially result + in credentials getting stolen in a MITM-attack. + type: boolean + provider: + default: generic + description: |- + Provider used for authentication, can be 'aws', 'azure', 'gcp' or 'generic'. + This field is optional, and only taken into account if the .spec.type field is set to 'oci'. + When not specified, defaults to 'generic'. + enum: + - generic + - aws + - azure + - gcp + type: string + secretRef: + description: |- + SecretRef specifies the Secret containing authentication credentials + for the HelmRepository. + For HTTP/S basic auth the secret must contain 'username' and 'password' + fields. + Support for TLS auth using the 'certFile' and 'keyFile', and/or 'caFile' + keys is deprecated. Please use `.spec.certSecretRef` instead. + properties: + name: + description: Name of the referent. + type: string + required: + - name + type: object + suspend: + description: |- + Suspend tells the controller to suspend the reconciliation of this + HelmRepository. + type: boolean + timeout: + description: |- + Timeout is used for the index fetch operation for an HTTPS helm repository, + and for remote OCI Repository operations like pulling for an OCI helm + chart by the associated HelmChart. + Its default value is 60s. + pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m))+$ + type: string + type: + description: |- + Type of the HelmRepository. + When this field is set to "oci", the URL field value must be prefixed with "oci://". + enum: + - default + - oci + type: string + url: + description: |- + URL of the Helm repository, a valid URL contains at least a protocol and + host. + pattern: ^(http|https|oci)://.*$ + type: string + required: + - url + type: object + status: + default: + observedGeneration: -1 + description: HelmRepositoryStatus records the observed state of the HelmRepository. + properties: + artifact: + description: Artifact represents the last successful HelmRepository + reconciliation. + properties: + digest: + description: Digest is the digest of the file in the form of ':'. + pattern: ^[a-z0-9]+(?:[.+_-][a-z0-9]+)*:[a-zA-Z0-9=_-]+$ + type: string + lastUpdateTime: + description: |- + LastUpdateTime is the timestamp corresponding to the last update of the + Artifact. + format: date-time + type: string + metadata: + additionalProperties: + type: string + description: Metadata holds upstream information such as OCI annotations. + type: object + path: + description: |- + Path is the relative file path of the Artifact. It can be used to locate + the file in the root of the Artifact storage on the local file system of + the controller managing the Source. + type: string + revision: + description: |- + Revision is a human-readable identifier traceable in the origin source + system. It can be a Git commit SHA, Git tag, a Helm chart version, etc. + type: string + size: + description: Size is the number of bytes in the file. + format: int64 + type: integer + url: + description: |- + URL is the HTTP address of the Artifact as exposed by the controller + managing the Source. It can be used to retrieve the Artifact for + consumption, e.g. by another controller applying the Artifact contents. + type: string + required: + - lastUpdateTime + - path + - revision + - url + type: object + conditions: + description: Conditions holds the conditions for the HelmRepository. + items: + description: "Condition contains details for one aspect of the current + state of this API Resource.\n---\nThis struct is intended for + direct use as an array at the field path .status.conditions. For + example,\n\n\n\ttype FooStatus struct{\n\t // Represents the + observations of a foo's current state.\n\t // Known .status.conditions.type + are: \"Available\", \"Progressing\", and \"Degraded\"\n\t // + +patchMergeKey=type\n\t // +patchStrategy=merge\n\t // +listType=map\n\t + \ // +listMapKey=type\n\t Conditions []metav1.Condition `json:\"conditions,omitempty\" + patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"`\n\n\n\t + \ // other fields\n\t}" + properties: + lastTransitionTime: + description: |- + lastTransitionTime is the last time the condition transitioned from one status to another. + This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. + format: date-time + type: string + message: + description: |- + message is a human readable message indicating details about the transition. + This may be an empty string. + maxLength: 32768 + type: string + observedGeneration: + description: |- + observedGeneration represents the .metadata.generation that the condition was set based upon. + For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date + with respect to the current state of the instance. + format: int64 + minimum: 0 + type: integer + reason: + description: |- + reason contains a programmatic identifier indicating the reason for the condition's last transition. + Producers of specific condition types may define expected values and meanings for this field, + and whether the values are considered a guaranteed API. + The value should be a CamelCase string. + This field may not be empty. + maxLength: 1024 + minLength: 1 + pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ + type: string + status: + description: status of the condition, one of True, False, Unknown. + enum: + - "True" + - "False" + - Unknown + type: string + type: + description: |- + type of condition in CamelCase or in foo.example.com/CamelCase. + --- + Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be + useful (see .node.status.conditions), the ability to deconflict is important. + The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + maxLength: 316 + pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ + type: string + required: + - lastTransitionTime + - message + - reason + - status + - type + type: object + type: array + lastHandledReconcileAt: + description: |- + LastHandledReconcileAt holds the value of the most recent + reconcile request value, so a change of the annotation value + can be detected. + type: string + observedGeneration: + description: |- + ObservedGeneration is the last observed generation of the HelmRepository + object. + format: int64 + type: integer + url: + description: |- + URL is the dynamic fetch link for the latest Artifact. + It is provided on a "best effort" basis, and using the precise + HelmRepositoryStatus.Artifact data is recommended. + type: string + type: object + type: object + served: true + storage: true + subresources: + status: {} + - additionalPrinterColumns: + - jsonPath: .spec.url + name: URL + type: string + - jsonPath: .status.conditions[?(@.type=="Ready")].status + name: Ready + type: string + - jsonPath: .status.conditions[?(@.type=="Ready")].message + name: Status + type: string + - jsonPath: .metadata.creationTimestamp + name: Age + type: date + deprecated: true + deprecationWarning: v1beta1 HelmRepository is deprecated, upgrade to v1 + name: v1beta1 + schema: + openAPIV3Schema: + description: HelmRepository is the Schema for the helmrepositories API + properties: + apiVersion: + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources + type: string + kind: + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds + type: string + metadata: + type: object + spec: + description: HelmRepositorySpec defines the reference to a Helm repository. + properties: + accessFrom: + description: AccessFrom defines an Access Control List for allowing + cross-namespace references to this object. + properties: + namespaceSelectors: + description: |- + NamespaceSelectors is the list of namespace selectors to which this ACL applies. + Items in this list are evaluated using a logical OR operation. + items: + description: |- + NamespaceSelector selects the namespaces to which this ACL applies. + An empty map of MatchLabels matches all namespaces in a cluster. + properties: + matchLabels: + additionalProperties: + type: string + description: |- + MatchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, whose key field is "key", the + operator is "In", and the values array contains only "value". The requirements are ANDed. + type: object + type: object + type: array + required: + - namespaceSelectors + type: object + interval: + description: The interval at which to check the upstream for updates. + type: string + passCredentials: + description: |- + PassCredentials allows the credentials from the SecretRef to be passed on to + a host that does not match the host as defined in URL. + This may be required if the host of the advertised chart URLs in the index + differ from the defined URL. + Enabling this should be done with caution, as it can potentially result in + credentials getting stolen in a MITM-attack. + type: boolean + secretRef: + description: |- + The name of the secret containing authentication credentials for the Helm + repository. + For HTTP/S basic auth the secret must contain username and + password fields. + For TLS the secret must contain a certFile and keyFile, and/or + caFile fields. + properties: + name: + description: Name of the referent. + type: string + required: + - name type: object suspend: - description: This flag tells the controller to suspend the reconciliation of this source. + description: This flag tells the controller to suspend the reconciliation + of this source. type: boolean timeout: default: 60s description: The timeout of index downloading, defaults to 60s. type: string url: - description: The Helm repository URL, a valid URL contains at least a protocol and host. + description: The Helm repository URL, a valid URL contains at least + a protocol and host. type: string required: - interval @@ -2449,21 +3610,26 @@ spec: description: HelmRepositoryStatus defines the observed state of the HelmRepository. properties: artifact: - description: Artifact represents the output of the last successful repository sync. + description: Artifact represents the output of the last successful + repository sync. properties: checksum: description: Checksum is the SHA256 checksum of the artifact. type: string lastUpdateTime: - description: LastUpdateTime is the timestamp corresponding to the last update of this artifact. + description: |- + LastUpdateTime is the timestamp corresponding to the last update of this + artifact. format: date-time type: string path: description: Path is the relative file path of this artifact. type: string revision: - description: Revision is a human readable identifier traceable in the origin source system. It can be - a Git commit SHA, Git tag, a Helm index timestamp, a Helm chart version, etc. + description: |- + Revision is a human readable identifier traceable in the origin source + system. It can be a Git commit SHA, Git tag, a Helm index timestamp, a Helm + chart version, etc. type: string url: description: URL is the HTTP address of this artifact. @@ -2475,35 +3641,43 @@ spec: conditions: description: Conditions holds the conditions for the HelmRepository. items: - description: "Condition contains details for one aspect of the current state of this API Resource. --- This - struct is intended for direct use as an array at the field path .status.conditions. For example, \n type - FooStatus struct{ // Represents the observations of a foo's current state. // Known .status.conditions.type - are: \"Available\", \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge // - +listType=map // +listMapKey=type Conditions []metav1.Condition `json:\"conditions,omitempty\" patchStrategy:\"merge\" - patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" + description: "Condition contains details for one aspect of the current + state of this API Resource.\n---\nThis struct is intended for + direct use as an array at the field path .status.conditions. For + example,\n\n\n\ttype FooStatus struct{\n\t // Represents the + observations of a foo's current state.\n\t // Known .status.conditions.type + are: \"Available\", \"Progressing\", and \"Degraded\"\n\t // + +patchMergeKey=type\n\t // +patchStrategy=merge\n\t // +listType=map\n\t + \ // +listMapKey=type\n\t Conditions []metav1.Condition `json:\"conditions,omitempty\" + patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"`\n\n\n\t + \ // other fields\n\t}" properties: lastTransitionTime: - description: lastTransitionTime is the last time the condition transitioned from one status to another. - This should be when the underlying condition changed. If that is not known, then using the time when - the API field changed is acceptable. + description: |- + lastTransitionTime is the last time the condition transitioned from one status to another. + This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. format: date-time type: string message: - description: message is a human readable message indicating details about the transition. This may be - an empty string. + description: |- + message is a human readable message indicating details about the transition. + This may be an empty string. maxLength: 32768 type: string observedGeneration: - description: observedGeneration represents the .metadata.generation that the condition was set based - upon. For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration - is 9, the condition is out of date with respect to the current state of the instance. + description: |- + observedGeneration represents the .metadata.generation that the condition was set based upon. + For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date + with respect to the current state of the instance. format: int64 minimum: 0 type: integer reason: - description: reason contains a programmatic identifier indicating the reason for the condition's last - transition. Producers of specific condition types may define expected values and meanings for this - field, and whether the values are considered a guaranteed API. The value should be a CamelCase string. + description: |- + reason contains a programmatic identifier indicating the reason for the condition's last transition. + Producers of specific condition types may define expected values and meanings for this field, + and whether the values are considered a guaranteed API. + The value should be a CamelCase string. This field may not be empty. maxLength: 1024 minLength: 1 @@ -2517,9 +3691,12 @@ spec: - Unknown type: string type: - description: type of condition in CamelCase or in foo.example.com/CamelCase. --- Many .condition.type - values are consistent across resources like Available, but because arbitrary conditions can be useful - (see .node.status.conditions), the ability to deconflict is important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + description: |- + type of condition in CamelCase or in foo.example.com/CamelCase. + --- + Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be + useful (see .node.status.conditions), the ability to deconflict is important. + The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) maxLength: 316 pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ type: string @@ -2532,8 +3709,10 @@ spec: type: object type: array lastHandledReconcileAt: - description: LastHandledReconcileAt holds the value of the most recent reconcile request value, so a change - of the annotation value can be detected. + description: |- + LastHandledReconcileAt holds the value of the most recent + reconcile request value, so a change of the annotation value + can be detected. type: string observedGeneration: description: ObservedGeneration is the last observed generation. @@ -2561,42 +3740,57 @@ spec: - jsonPath: .status.conditions[?(@.type=="Ready")].message name: Status type: string + deprecated: true + deprecationWarning: v1beta2 HelmRepository is deprecated, upgrade to v1 name: v1beta2 schema: openAPIV3Schema: description: HelmRepository is the Schema for the helmrepositories API. properties: apiVersion: - description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert - recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string kind: - description: 'Kind is a string value representing the REST resource this object represents. Servers may infer - this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string metadata: type: object spec: - description: HelmRepositorySpec specifies the required configuration to produce an Artifact for a Helm repository - index YAML. + description: |- + HelmRepositorySpec specifies the required configuration to produce an + Artifact for a Helm repository index YAML. properties: accessFrom: - description: 'AccessFrom specifies an Access Control List for allowing cross-namespace references to this - object. NOTE: Not implemented, provisional as of https://github.com/fluxcd/flux2/pull/2092' + description: |- + AccessFrom specifies an Access Control List for allowing cross-namespace + references to this object. + NOTE: Not implemented, provisional as of https://github.com/fluxcd/flux2/pull/2092 properties: namespaceSelectors: - description: NamespaceSelectors is the list of namespace selectors to which this ACL applies. Items in - this list are evaluated using a logical OR operation. + description: |- + NamespaceSelectors is the list of namespace selectors to which this ACL applies. + Items in this list are evaluated using a logical OR operation. items: - description: NamespaceSelector selects the namespaces to which this ACL applies. An empty map of MatchLabels - matches all namespaces in a cluster. + description: |- + NamespaceSelector selects the namespaces to which this ACL applies. + An empty map of MatchLabels matches all namespaces in a cluster. properties: matchLabels: additionalProperties: type: string - description: MatchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels - map is equivalent to an element of matchExpressions, whose key field is "key", the operator is - "In", and the values array contains only "value". The requirements are ANDed. + description: |- + MatchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, whose key field is "key", the + operator is "In", and the values array contains only "value". The requirements are ANDed. type: object type: object type: array @@ -2604,12 +3798,25 @@ spec: - namespaceSelectors type: object certSecretRef: - description: "CertSecretRef can be given the name of a Secret containing either or both of \n - a PEM-encoded - client certificate (`tls.crt`) and private key (`tls.key`); - a PEM-encoded CA certificate (`ca.crt`) \n - and whichever are supplied, will be used for connecting to the registry. The client cert and key are useful - if you are authenticating with a certificate; the CA cert is useful if you are using a self-signed server - certificate. The Secret must be of type `Opaque` or `kubernetes.io/tls`. \n It takes precedence over the - values specified in the Secret referred to by `.spec.secretRef`." + description: |- + CertSecretRef can be given the name of a Secret containing + either or both of + + + - a PEM-encoded client certificate (`tls.crt`) and private + key (`tls.key`); + - a PEM-encoded CA certificate (`ca.crt`) + + + and whichever are supplied, will be used for connecting to the + registry. The client cert and key are useful if you are + authenticating with a certificate; the CA cert is useful if + you are using a self-signed server certificate. The Secret must + be of type `Opaque` or `kubernetes.io/tls`. + + + It takes precedence over the values specified in the Secret referred + to by `.spec.secretRef`. properties: name: description: Name of the referent. @@ -2617,21 +3824,33 @@ spec: required: - name type: object + insecure: + description: |- + Insecure allows connecting to a non-TLS HTTP container registry. + This field is only taken into account if the .spec.type field is set to 'oci'. + type: boolean interval: - description: Interval at which the HelmRepository URL is checked for updates. This interval is approximate - and may be subject to jitter to ensure efficient use of resources. + description: |- + Interval at which the HelmRepository URL is checked for updates. + This interval is approximate and may be subject to jitter to ensure + efficient use of resources. pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$ type: string passCredentials: - description: PassCredentials allows the credentials from the SecretRef to be passed on to a host that does - not match the host as defined in URL. This may be required if the host of the advertised chart URLs in the - index differ from the defined URL. Enabling this should be done with caution, as it can potentially result + description: |- + PassCredentials allows the credentials from the SecretRef to be passed + on to a host that does not match the host as defined in URL. + This may be required if the host of the advertised chart URLs in the + index differ from the defined URL. + Enabling this should be done with caution, as it can potentially result in credentials getting stolen in a MITM-attack. type: boolean provider: default: generic - description: Provider used for authentication, can be 'aws', 'azure', 'gcp' or 'generic'. This field is optional, - and only taken into account if the .spec.type field is set to 'oci'. When not specified, defaults to 'generic'. + description: |- + Provider used for authentication, can be 'aws', 'azure', 'gcp' or 'generic'. + This field is optional, and only taken into account if the .spec.type field is set to 'oci'. + When not specified, defaults to 'generic'. enum: - generic - aws @@ -2639,9 +3858,13 @@ spec: - gcp type: string secretRef: - description: SecretRef specifies the Secret containing authentication credentials for the HelmRepository. - For HTTP/S basic auth the secret must contain 'username' and 'password' fields. Support for TLS auth using - the 'certFile' and 'keyFile', and/or 'caFile' keys is deprecated. Please use `.spec.certSecretRef` instead. + description: |- + SecretRef specifies the Secret containing authentication credentials + for the HelmRepository. + For HTTP/S basic auth the secret must contain 'username' and 'password' + fields. + Support for TLS auth using the 'certFile' and 'keyFile', and/or 'caFile' + keys is deprecated. Please use `.spec.certSecretRef` instead. properties: name: description: Name of the referent. @@ -2650,26 +3873,33 @@ spec: - name type: object suspend: - description: Suspend tells the controller to suspend the reconciliation of this HelmRepository. + description: |- + Suspend tells the controller to suspend the reconciliation of this + HelmRepository. type: boolean timeout: - default: 60s - description: Timeout is used for the index fetch operation for an HTTPS helm repository, and for remote OCI - Repository operations like pulling for an OCI helm repository. Its default value is 60s. + description: |- + Timeout is used for the index fetch operation for an HTTPS helm repository, + and for remote OCI Repository operations like pulling for an OCI helm + chart by the associated HelmChart. + Its default value is 60s. pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m))+$ type: string type: - description: Type of the HelmRepository. When this field is set to "oci", the URL field value must be prefixed - with "oci://". + description: |- + Type of the HelmRepository. + When this field is set to "oci", the URL field value must be prefixed with "oci://". enum: - default - oci type: string url: - description: URL of the Helm repository, a valid URL contains at least a protocol and host. + description: |- + URL of the Helm repository, a valid URL contains at least a protocol and + host. + pattern: ^(http|https|oci)://.*$ type: string required: - - interval - url type: object status: @@ -2678,14 +3908,17 @@ spec: description: HelmRepositoryStatus records the observed state of the HelmRepository. properties: artifact: - description: Artifact represents the last successful HelmRepository reconciliation. + description: Artifact represents the last successful HelmRepository + reconciliation. properties: digest: description: Digest is the digest of the file in the form of ':'. pattern: ^[a-z0-9]+(?:[.+_-][a-z0-9]+)*:[a-zA-Z0-9=_-]+$ type: string lastUpdateTime: - description: LastUpdateTime is the timestamp corresponding to the last update of the Artifact. + description: |- + LastUpdateTime is the timestamp corresponding to the last update of the + Artifact. format: date-time type: string metadata: @@ -2694,21 +3927,25 @@ spec: description: Metadata holds upstream information such as OCI annotations. type: object path: - description: Path is the relative file path of the Artifact. It can be used to locate the file in the - root of the Artifact storage on the local file system of the controller managing the Source. + description: |- + Path is the relative file path of the Artifact. It can be used to locate + the file in the root of the Artifact storage on the local file system of + the controller managing the Source. type: string revision: - description: Revision is a human-readable identifier traceable in the origin source system. It can be - a Git commit SHA, Git tag, a Helm chart version, etc. + description: |- + Revision is a human-readable identifier traceable in the origin source + system. It can be a Git commit SHA, Git tag, a Helm chart version, etc. type: string size: description: Size is the number of bytes in the file. format: int64 type: integer url: - description: URL is the HTTP address of the Artifact as exposed by the controller managing the Source. - It can be used to retrieve the Artifact for consumption, e.g. by another controller applying the Artifact - contents. + description: |- + URL is the HTTP address of the Artifact as exposed by the controller + managing the Source. It can be used to retrieve the Artifact for + consumption, e.g. by another controller applying the Artifact contents. type: string required: - lastUpdateTime @@ -2719,35 +3956,43 @@ spec: conditions: description: Conditions holds the conditions for the HelmRepository. items: - description: "Condition contains details for one aspect of the current state of this API Resource. --- This - struct is intended for direct use as an array at the field path .status.conditions. For example, \n type - FooStatus struct{ // Represents the observations of a foo's current state. // Known .status.conditions.type - are: \"Available\", \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge // - +listType=map // +listMapKey=type Conditions []metav1.Condition `json:\"conditions,omitempty\" patchStrategy:\"merge\" - patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" + description: "Condition contains details for one aspect of the current + state of this API Resource.\n---\nThis struct is intended for + direct use as an array at the field path .status.conditions. For + example,\n\n\n\ttype FooStatus struct{\n\t // Represents the + observations of a foo's current state.\n\t // Known .status.conditions.type + are: \"Available\", \"Progressing\", and \"Degraded\"\n\t // + +patchMergeKey=type\n\t // +patchStrategy=merge\n\t // +listType=map\n\t + \ // +listMapKey=type\n\t Conditions []metav1.Condition `json:\"conditions,omitempty\" + patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"`\n\n\n\t + \ // other fields\n\t}" properties: lastTransitionTime: - description: lastTransitionTime is the last time the condition transitioned from one status to another. - This should be when the underlying condition changed. If that is not known, then using the time when - the API field changed is acceptable. + description: |- + lastTransitionTime is the last time the condition transitioned from one status to another. + This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. format: date-time type: string message: - description: message is a human readable message indicating details about the transition. This may be - an empty string. + description: |- + message is a human readable message indicating details about the transition. + This may be an empty string. maxLength: 32768 type: string observedGeneration: - description: observedGeneration represents the .metadata.generation that the condition was set based - upon. For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration - is 9, the condition is out of date with respect to the current state of the instance. + description: |- + observedGeneration represents the .metadata.generation that the condition was set based upon. + For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date + with respect to the current state of the instance. format: int64 minimum: 0 type: integer reason: - description: reason contains a programmatic identifier indicating the reason for the condition's last - transition. Producers of specific condition types may define expected values and meanings for this - field, and whether the values are considered a guaranteed API. The value should be a CamelCase string. + description: |- + reason contains a programmatic identifier indicating the reason for the condition's last transition. + Producers of specific condition types may define expected values and meanings for this field, + and whether the values are considered a guaranteed API. + The value should be a CamelCase string. This field may not be empty. maxLength: 1024 minLength: 1 @@ -2761,9 +4006,12 @@ spec: - Unknown type: string type: - description: type of condition in CamelCase or in foo.example.com/CamelCase. --- Many .condition.type - values are consistent across resources like Available, but because arbitrary conditions can be useful - (see .node.status.conditions), the ability to deconflict is important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + description: |- + type of condition in CamelCase or in foo.example.com/CamelCase. + --- + Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be + useful (see .node.status.conditions), the ability to deconflict is important. + The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) maxLength: 316 pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ type: string @@ -2776,21 +4024,27 @@ spec: type: object type: array lastHandledReconcileAt: - description: LastHandledReconcileAt holds the value of the most recent reconcile request value, so a change - of the annotation value can be detected. + description: |- + LastHandledReconcileAt holds the value of the most recent + reconcile request value, so a change of the annotation value + can be detected. type: string observedGeneration: - description: ObservedGeneration is the last observed generation of the HelmRepository object. + description: |- + ObservedGeneration is the last observed generation of the HelmRepository + object. format: int64 type: integer url: - description: URL is the dynamic fetch link for the latest Artifact. It is provided on a "best effort" basis, - and using the precise HelmRepositoryStatus.Artifact data is recommended. + description: |- + URL is the dynamic fetch link for the latest Artifact. + It is provided on a "best effort" basis, and using the precise + HelmRepositoryStatus.Artifact data is recommended. type: string type: object type: object served: true - storage: true + storage: false subresources: status: {} --- @@ -2798,12 +4052,12 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.12.0 + controller-gen.kubebuilder.io/version: v0.15.0 labels: app.kubernetes.io/component: source-controller app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v2.1.1 + app.kubernetes.io/version: v2.3.0 name: ocirepositories.source.toolkit.fluxcd.io spec: group: source.toolkit.fluxcd.io @@ -2835,12 +4089,19 @@ spec: description: OCIRepository is the Schema for the ocirepositories API properties: apiVersion: - description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert - recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string kind: - description: 'Kind is a string value representing the REST resource this object represents. Servers may infer - this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string metadata: type: object @@ -2848,12 +4109,25 @@ spec: description: OCIRepositorySpec defines the desired state of OCIRepository properties: certSecretRef: - description: "CertSecretRef can be given the name of a Secret containing either or both of \n - a PEM-encoded - client certificate (`tls.crt`) and private key (`tls.key`); - a PEM-encoded CA certificate (`ca.crt`) \n - and whichever are supplied, will be used for connecting to the registry. The client cert and key are useful - if you are authenticating with a certificate; the CA cert is useful if you are using a self-signed server - certificate. The Secret must be of type `Opaque` or `kubernetes.io/tls`. \n Note: Support for the `caFile`, - `certFile` and `keyFile` keys have been deprecated." + description: |- + CertSecretRef can be given the name of a Secret containing + either or both of + + + - a PEM-encoded client certificate (`tls.crt`) and private + key (`tls.key`); + - a PEM-encoded CA certificate (`ca.crt`) + + + and whichever are supplied, will be used for connecting to the + registry. The client cert and key are useful if you are + authenticating with a certificate; the CA cert is useful if + you are using a self-signed server certificate. The Secret must + be of type `Opaque` or `kubernetes.io/tls`. + + + Note: Support for the `caFile`, `certFile` and `keyFile` keys have + been deprecated. properties: name: description: Name of the referent. @@ -2862,30 +4136,39 @@ spec: - name type: object ignore: - description: Ignore overrides the set of excluded patterns in the .sourceignore format (which is the same - as .gitignore). If not provided, a default will be used, consult the documentation for your version to find - out what those are. + description: |- + Ignore overrides the set of excluded patterns in the .sourceignore format + (which is the same as .gitignore). If not provided, a default will be used, + consult the documentation for your version to find out what those are. type: string insecure: - description: Insecure allows connecting to a non-TLS HTTP container registry. + description: Insecure allows connecting to a non-TLS HTTP container + registry. type: boolean interval: - description: Interval at which the OCIRepository URL is checked for updates. This interval is approximate - and may be subject to jitter to ensure efficient use of resources. + description: |- + Interval at which the OCIRepository URL is checked for updates. + This interval is approximate and may be subject to jitter to ensure + efficient use of resources. pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$ type: string layerSelector: - description: LayerSelector specifies which layer should be extracted from the OCI artifact. When not specified, - the first layer found in the artifact is selected. + description: |- + LayerSelector specifies which layer should be extracted from the OCI artifact. + When not specified, the first layer found in the artifact is selected. properties: mediaType: - description: MediaType specifies the OCI media type of the layer which should be extracted from the OCI - Artifact. The first layer matching this type is selected. + description: |- + MediaType specifies the OCI media type of the layer + which should be extracted from the OCI Artifact. The + first layer matching this type is selected. type: string operation: - description: Operation specifies how the selected layer should be processed. By default, the layer compressed - content is extracted to storage. When the operation is set to 'copy', the layer compressed content is - persisted to storage as it is. + description: |- + Operation specifies how the selected layer should be processed. + By default, the layer compressed content is extracted to storage. + When the operation is set to 'copy', the layer compressed content + is persisted to storage as it is. enum: - extract - copy @@ -2893,8 +4176,9 @@ spec: type: object provider: default: generic - description: The provider used for authentication, can be 'aws', 'azure', 'gcp' or 'generic'. When not specified, - defaults to 'generic'. + description: |- + The provider used for authentication, can be 'aws', 'azure', 'gcp' or 'generic'. + When not specified, defaults to 'generic'. enum: - generic - aws @@ -2902,23 +4186,33 @@ spec: - gcp type: string ref: - description: The OCI reference to pull and monitor for changes, defaults to the latest tag. + description: |- + The OCI reference to pull and monitor for changes, + defaults to the latest tag. properties: digest: - description: Digest is the image digest to pull, takes precedence over SemVer. The value should be in - the format 'sha256:'. + description: |- + Digest is the image digest to pull, takes precedence over SemVer. + The value should be in the format 'sha256:'. type: string semver: - description: SemVer is the range of tags to pull selecting the latest within the range, takes precedence - over Tag. + description: |- + SemVer is the range of tags to pull selecting the latest within + the range, takes precedence over Tag. + type: string + semverFilter: + description: SemverFilter is a regex pattern to filter the tags + within the SemVer range. type: string tag: description: Tag is the image tag to pull, defaults to latest. type: string type: object secretRef: - description: SecretRef contains the secret name containing the registry login credentials to resolve image - metadata. The secret must be of type kubernetes.io/dockerconfigjson. + description: |- + SecretRef contains the secret name containing the registry login + credentials to resolve image metadata. + The secret must be of type kubernetes.io/dockerconfigjson. properties: name: description: Name of the referent. @@ -2927,33 +4221,73 @@ spec: - name type: object serviceAccountName: - description: 'ServiceAccountName is the name of the Kubernetes ServiceAccount used to authenticate the image - pull if the service account has attached pull secrets. For more information: https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/#add-imagepullsecrets-to-a-service-account' + description: |- + ServiceAccountName is the name of the Kubernetes ServiceAccount used to authenticate + the image pull if the service account has attached pull secrets. For more information: + https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/#add-imagepullsecrets-to-a-service-account type: string suspend: - description: This flag tells the controller to suspend the reconciliation of this source. + description: This flag tells the controller to suspend the reconciliation + of this source. type: boolean timeout: default: 60s - description: The timeout for remote OCI Repository operations like pulling, defaults to 60s. + description: The timeout for remote OCI Repository operations like + pulling, defaults to 60s. pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m))+$ type: string url: - description: URL is a reference to an OCI artifact repository hosted on a remote container registry. + description: |- + URL is a reference to an OCI artifact repository hosted + on a remote container registry. pattern: ^oci://.*$ type: string verify: - description: Verify contains the secret name containing the trusted public keys used to verify the signature - and specifies which provider to use to check whether OCI image is authentic. + description: |- + Verify contains the secret name containing the trusted public keys + used to verify the signature and specifies which provider to use to check + whether OCI image is authentic. properties: + matchOIDCIdentity: + description: |- + MatchOIDCIdentity specifies the identity matching criteria to use + while verifying an OCI artifact which was signed using Cosign keyless + signing. The artifact's identity is deemed to be verified if any of the + specified matchers match against the identity. + items: + description: |- + OIDCIdentityMatch specifies options for verifying the certificate identity, + i.e. the issuer and the subject of the certificate. + properties: + issuer: + description: |- + Issuer specifies the regex pattern to match against to verify + the OIDC issuer in the Fulcio certificate. The pattern must be a + valid Go regular expression. + type: string + subject: + description: |- + Subject specifies the regex pattern to match against to verify + the identity subject in the Fulcio certificate. The pattern must + be a valid Go regular expression. + type: string + required: + - issuer + - subject + type: object + type: array provider: default: cosign - description: Provider specifies the technology used to sign the OCI Artifact. + description: Provider specifies the technology used to sign the + OCI Artifact. enum: - cosign + - notation type: string secretRef: - description: SecretRef specifies the Kubernetes Secret containing the trusted public keys. + description: |- + SecretRef specifies the Kubernetes Secret containing the + trusted public keys. properties: name: description: Name of the referent. @@ -2974,14 +4308,17 @@ spec: description: OCIRepositoryStatus defines the observed state of OCIRepository properties: artifact: - description: Artifact represents the output of the last successful OCI Repository sync. + description: Artifact represents the output of the last successful + OCI Repository sync. properties: digest: description: Digest is the digest of the file in the form of ':'. pattern: ^[a-z0-9]+(?:[.+_-][a-z0-9]+)*:[a-zA-Z0-9=_-]+$ type: string lastUpdateTime: - description: LastUpdateTime is the timestamp corresponding to the last update of the Artifact. + description: |- + LastUpdateTime is the timestamp corresponding to the last update of the + Artifact. format: date-time type: string metadata: @@ -2990,21 +4327,25 @@ spec: description: Metadata holds upstream information such as OCI annotations. type: object path: - description: Path is the relative file path of the Artifact. It can be used to locate the file in the - root of the Artifact storage on the local file system of the controller managing the Source. + description: |- + Path is the relative file path of the Artifact. It can be used to locate + the file in the root of the Artifact storage on the local file system of + the controller managing the Source. type: string revision: - description: Revision is a human-readable identifier traceable in the origin source system. It can be - a Git commit SHA, Git tag, a Helm chart version, etc. + description: |- + Revision is a human-readable identifier traceable in the origin source + system. It can be a Git commit SHA, Git tag, a Helm chart version, etc. type: string size: description: Size is the number of bytes in the file. format: int64 type: integer url: - description: URL is the HTTP address of the Artifact as exposed by the controller managing the Source. - It can be used to retrieve the Artifact for consumption, e.g. by another controller applying the Artifact - contents. + description: |- + URL is the HTTP address of the Artifact as exposed by the controller + managing the Source. It can be used to retrieve the Artifact for + consumption, e.g. by another controller applying the Artifact contents. type: string required: - lastUpdateTime @@ -3015,35 +4356,43 @@ spec: conditions: description: Conditions holds the conditions for the OCIRepository. items: - description: "Condition contains details for one aspect of the current state of this API Resource. --- This - struct is intended for direct use as an array at the field path .status.conditions. For example, \n type - FooStatus struct{ // Represents the observations of a foo's current state. // Known .status.conditions.type - are: \"Available\", \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge // - +listType=map // +listMapKey=type Conditions []metav1.Condition `json:\"conditions,omitempty\" patchStrategy:\"merge\" - patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" + description: "Condition contains details for one aspect of the current + state of this API Resource.\n---\nThis struct is intended for + direct use as an array at the field path .status.conditions. For + example,\n\n\n\ttype FooStatus struct{\n\t // Represents the + observations of a foo's current state.\n\t // Known .status.conditions.type + are: \"Available\", \"Progressing\", and \"Degraded\"\n\t // + +patchMergeKey=type\n\t // +patchStrategy=merge\n\t // +listType=map\n\t + \ // +listMapKey=type\n\t Conditions []metav1.Condition `json:\"conditions,omitempty\" + patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"`\n\n\n\t + \ // other fields\n\t}" properties: lastTransitionTime: - description: lastTransitionTime is the last time the condition transitioned from one status to another. - This should be when the underlying condition changed. If that is not known, then using the time when - the API field changed is acceptable. + description: |- + lastTransitionTime is the last time the condition transitioned from one status to another. + This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. format: date-time type: string message: - description: message is a human readable message indicating details about the transition. This may be - an empty string. + description: |- + message is a human readable message indicating details about the transition. + This may be an empty string. maxLength: 32768 type: string observedGeneration: - description: observedGeneration represents the .metadata.generation that the condition was set based - upon. For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration - is 9, the condition is out of date with respect to the current state of the instance. + description: |- + observedGeneration represents the .metadata.generation that the condition was set based upon. + For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date + with respect to the current state of the instance. format: int64 minimum: 0 type: integer reason: - description: reason contains a programmatic identifier indicating the reason for the condition's last - transition. Producers of specific condition types may define expected values and meanings for this - field, and whether the values are considered a guaranteed API. The value should be a CamelCase string. + description: |- + reason contains a programmatic identifier indicating the reason for the condition's last transition. + Producers of specific condition types may define expected values and meanings for this field, + and whether the values are considered a guaranteed API. + The value should be a CamelCase string. This field may not be empty. maxLength: 1024 minLength: 1 @@ -3057,9 +4406,12 @@ spec: - Unknown type: string type: - description: type of condition in CamelCase or in foo.example.com/CamelCase. --- Many .condition.type - values are consistent across resources like Available, but because arbitrary conditions can be useful - (see .node.status.conditions), the ability to deconflict is important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + description: |- + type of condition in CamelCase or in foo.example.com/CamelCase. + --- + Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be + useful (see .node.status.conditions), the ability to deconflict is important. + The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) maxLength: 316 pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ type: string @@ -3072,41 +4424,60 @@ spec: type: object type: array contentConfigChecksum: - description: "ContentConfigChecksum is a checksum of all the configurations related to the content of the - source artifact: - .spec.ignore - .spec.layerSelector observed in .status.observedGeneration version of - the object. This can be used to determine if the content configuration has changed and the artifact needs - to be rebuilt. It has the format of `:`, for example: `sha256:`. \n Deprecated: - Replaced with explicit fields for observed artifact content config in the status." + description: |- + ContentConfigChecksum is a checksum of all the configurations related to + the content of the source artifact: + - .spec.ignore + - .spec.layerSelector + observed in .status.observedGeneration version of the object. This can + be used to determine if the content configuration has changed and the + artifact needs to be rebuilt. + It has the format of `:`, for example: `sha256:`. + + + Deprecated: Replaced with explicit fields for observed artifact content + config in the status. type: string lastHandledReconcileAt: - description: LastHandledReconcileAt holds the value of the most recent reconcile request value, so a change - of the annotation value can be detected. + description: |- + LastHandledReconcileAt holds the value of the most recent + reconcile request value, so a change of the annotation value + can be detected. type: string observedGeneration: description: ObservedGeneration is the last observed generation. format: int64 type: integer observedIgnore: - description: ObservedIgnore is the observed exclusion patterns used for constructing the source artifact. + description: |- + ObservedIgnore is the observed exclusion patterns used for constructing + the source artifact. type: string observedLayerSelector: - description: ObservedLayerSelector is the observed layer selector used for constructing the source artifact. + description: |- + ObservedLayerSelector is the observed layer selector used for constructing + the source artifact. properties: mediaType: - description: MediaType specifies the OCI media type of the layer which should be extracted from the OCI - Artifact. The first layer matching this type is selected. + description: |- + MediaType specifies the OCI media type of the layer + which should be extracted from the OCI Artifact. The + first layer matching this type is selected. type: string operation: - description: Operation specifies how the selected layer should be processed. By default, the layer compressed - content is extracted to storage. When the operation is set to 'copy', the layer compressed content is - persisted to storage as it is. + description: |- + Operation specifies how the selected layer should be processed. + By default, the layer compressed content is extracted to storage. + When the operation is set to 'copy', the layer compressed content + is persisted to storage as it is. enum: - extract - copy type: string type: object url: - description: URL is the download link for the artifact output of the last OCI Repository sync. + description: URL is the download link for the artifact output of the + last OCI Repository sync. type: string type: object type: object @@ -3122,7 +4493,7 @@ metadata: app.kubernetes.io/component: source-controller app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v2.1.1 + app.kubernetes.io/version: v2.3.0 name: source-controller namespace: flux-system --- @@ -3133,7 +4504,7 @@ metadata: app.kubernetes.io/component: source-controller app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v2.1.1 + app.kubernetes.io/version: v2.3.0 control-plane: controller name: source-controller namespace: flux-system @@ -3154,7 +4525,7 @@ metadata: app.kubernetes.io/component: source-controller app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v2.1.1 + app.kubernetes.io/version: v2.3.0 control-plane: controller name: source-controller namespace: flux-system @@ -3189,7 +4560,17 @@ spec: fieldPath: metadata.namespace - name: TUF_ROOT value: /tmp/.sigstore - image: ghcr.io/fluxcd/source-controller:v1.1.1 + - name: GOMAXPROCS + valueFrom: + resourceFieldRef: + containerName: manager + resource: limits.cpu + - name: GOMEMLIMIT + valueFrom: + resourceFieldRef: + containerName: manager + resource: limits.memory + image: ghcr.io/fluxcd/source-controller:v1.3.0 imagePullPolicy: IfNotPresent livenessProbe: httpGet: @@ -3248,12 +4629,12 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.12.0 + controller-gen.kubebuilder.io/version: v0.15.0 labels: app.kubernetes.io/component: kustomize-controller app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v2.1.1 + app.kubernetes.io/version: v2.3.0 name: kustomizations.kustomize.toolkit.fluxcd.io spec: group: kustomize.toolkit.fluxcd.io @@ -3282,21 +4663,32 @@ spec: description: Kustomization is the Schema for the kustomizations API. properties: apiVersion: - description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert - recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string kind: - description: 'Kind is a string value representing the REST resource this object represents. Servers may infer - this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string metadata: type: object spec: - description: KustomizationSpec defines the configuration to calculate the desired state from a Source using Kustomize. + description: |- + KustomizationSpec defines the configuration to calculate the desired state + from a Source using Kustomize. properties: commonMetadata: - description: CommonMetadata specifies the common labels and annotations that are applied to all resources. - Any existing label or annotation will be overridden if its key matches a common one. + description: |- + CommonMetadata specifies the common labels and annotations that are + applied to all resources. Any existing label or annotation will be + overridden if its key matches a common one. properties: annotations: additionalProperties: @@ -3310,12 +4702,14 @@ spec: type: object type: object components: - description: Components specifies relative paths to specifications of other Components. + description: Components specifies relative paths to specifications + of other Components. items: type: string type: array decryption: - description: Decrypt Kubernetes secrets before applying them on the cluster. + description: Decrypt Kubernetes secrets before applying them on the + cluster. properties: provider: description: Provider is the name of the decryption engine. @@ -3323,7 +4717,8 @@ spec: - sops type: string secretRef: - description: The secret name containing the private OpenPGP keys used for decryption. + description: The secret name containing the private OpenPGP keys + used for decryption. properties: name: description: Name of the referent. @@ -3335,17 +4730,21 @@ spec: - provider type: object dependsOn: - description: DependsOn may contain a meta.NamespacedObjectReference slice with references to Kustomization - resources that must be ready before this Kustomization can be reconciled. + description: |- + DependsOn may contain a meta.NamespacedObjectReference slice + with references to Kustomization resources that must be ready before this + Kustomization can be reconciled. items: - description: NamespacedObjectReference contains enough information to locate the referenced Kubernetes resource - object in any namespace. + description: |- + NamespacedObjectReference contains enough information to locate the referenced Kubernetes resource object in any + namespace. properties: name: description: Name of the referent. type: string namespace: - description: Namespace of the referent, when not specified it acts as LocalObjectReference. + description: Namespace of the referent, when not specified it + acts as LocalObjectReference. type: string required: - name @@ -3353,18 +4752,20 @@ spec: type: array force: default: false - description: Force instructs the controller to recreate resources when patching fails due to an immutable - field change. + description: |- + Force instructs the controller to recreate resources + when patching fails due to an immutable field change. type: boolean healthChecks: description: A list of resources to be included in the health assessment. items: - description: NamespacedObjectKindReference contains enough information to locate the typed referenced Kubernetes - resource object in any namespace. + description: |- + NamespacedObjectKindReference contains enough information to locate the typed referenced Kubernetes resource object + in any namespace. properties: apiVersion: - description: API version of the referent, if not specified the Kubernetes preferred version will be - used. + description: API version of the referent, if not specified the + Kubernetes preferred version will be used. type: string kind: description: Kind of the referent. @@ -3373,7 +4774,8 @@ spec: description: Name of the referent. type: string namespace: - description: Namespace of the referent, when not specified it acts as LocalObjectReference. + description: Namespace of the referent, when not specified it + acts as LocalObjectReference. type: string required: - kind @@ -3381,49 +4783,65 @@ spec: type: object type: array images: - description: Images is a list of (image name, new name, new tag or digest) for changing image names, tags - or digests. This can also be achieved with a patch, but this operator is simpler to specify. + description: |- + Images is a list of (image name, new name, new tag or digest) + for changing image names, tags or digests. This can also be achieved with a + patch, but this operator is simpler to specify. items: - description: Image contains an image name, a new name, a new tag or digest, which will replace the original - name and tag. + description: Image contains an image name, a new name, a new tag + or digest, which will replace the original name and tag. properties: digest: - description: Digest is the value used to replace the original image tag. If digest is present NewTag - value is ignored. + description: |- + Digest is the value used to replace the original image tag. + If digest is present NewTag value is ignored. type: string name: description: Name is a tag-less image name. type: string newName: - description: NewName is the value used to replace the original name. + description: NewName is the value used to replace the original + name. type: string newTag: - description: NewTag is the value used to replace the original tag. + description: NewTag is the value used to replace the original + tag. type: string required: - name type: object type: array interval: - description: The interval at which to reconcile the Kustomization. This interval is approximate and may be - subject to jitter to ensure efficient use of resources. + description: |- + The interval at which to reconcile the Kustomization. + This interval is approximate and may be subject to jitter to ensure + efficient use of resources. pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$ type: string kubeConfig: - description: The KubeConfig for reconciling the Kustomization on a remote cluster. When used in combination - with KustomizationSpec.ServiceAccountName, forces the controller to act on behalf of that Service Account - at the target cluster. If the --default-service-account flag is set, its value will be used as a controller - level fallback for when KustomizationSpec.ServiceAccountName is empty. + description: |- + The KubeConfig for reconciling the Kustomization on a remote cluster. + When used in combination with KustomizationSpec.ServiceAccountName, + forces the controller to act on behalf of that Service Account at the + target cluster. + If the --default-service-account flag is set, its value will be used as + a controller level fallback for when KustomizationSpec.ServiceAccountName + is empty. properties: secretRef: - description: SecretRef holds the name of a secret that contains a key with the kubeconfig file as the - value. If no key is set, the key will default to 'value'. It is recommended that the kubeconfig is self-contained, - and the secret is regularly updated if credentials such as a cloud-access-token expire. Cloud specific - `cmd-path` auth helpers will not function without adding binaries and credentials to the Pod that is - responsible for reconciling Kubernetes resources. + description: |- + SecretRef holds the name of a secret that contains a key with + the kubeconfig file as the value. If no key is set, the key will default + to 'value'. + It is recommended that the kubeconfig is self-contained, and the secret + is regularly updated if credentials such as a cloud-access-token expire. + Cloud specific `cmd-path` auth helpers will not function without adding + binaries and credentials to the Pod that is responsible for reconciling + Kubernetes resources. properties: key: - description: Key in the Secret, when not specified an implementation-specific default key is used. + description: Key in the Secret, when not specified an implementation-specific + default key is used. type: string name: description: Name of the Secret. @@ -3434,34 +4852,57 @@ spec: required: - secretRef type: object + namePrefix: + description: NamePrefix will prefix the names of all managed resources. + maxLength: 200 + minLength: 1 + type: string + nameSuffix: + description: NameSuffix will suffix the names of all managed resources. + maxLength: 200 + minLength: 1 + type: string patches: - description: Strategic merge and JSON patches, defined as inline YAML objects, capable of targeting objects - based on kind, label and annotation selectors. + description: |- + Strategic merge and JSON patches, defined as inline YAML objects, + capable of targeting objects based on kind, label and annotation selectors. items: - description: Patch contains an inline StrategicMerge or JSON6902 patch, and the target the patch should + description: |- + Patch contains an inline StrategicMerge or JSON6902 patch, and the target the patch should be applied to. properties: patch: - description: Patch contains an inline StrategicMerge patch or an inline JSON6902 patch with an array - of operation objects. + description: |- + Patch contains an inline StrategicMerge patch or an inline JSON6902 patch with + an array of operation objects. type: string target: - description: Target points to the resources that the patch document should be applied to. + description: Target points to the resources that the patch document + should be applied to. properties: annotationSelector: - description: AnnotationSelector is a string that follows the label selection expression https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#api + description: |- + AnnotationSelector is a string that follows the label selection expression + https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#api It matches with the resource annotations. type: string group: - description: Group is the API group to select resources from. Together with Version and Kind it - is capable of unambiguously identifying and/or selecting resources. https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md + description: |- + Group is the API group to select resources from. + Together with Version and Kind it is capable of unambiguously identifying and/or selecting resources. + https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md type: string kind: - description: Kind of the API Group to select resources from. Together with Group and Version it - is capable of unambiguously identifying and/or selecting resources. https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md + description: |- + Kind of the API Group to select resources from. + Together with Group and Version it is capable of unambiguously + identifying and/or selecting resources. + https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md type: string labelSelector: - description: LabelSelector is a string that follows the label selection expression https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#api + description: |- + LabelSelector is a string that follows the label selection expression + https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#api It matches with the resource labels. type: string name: @@ -3471,8 +4912,10 @@ spec: description: Namespace to select resources from. type: string version: - description: Version of the API Group to select resources from. Together with Group and Kind it - is capable of unambiguously identifying and/or selecting resources. https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md + description: |- + Version of the API Group to select resources from. + Together with Group and Kind it is capable of unambiguously identifying and/or selecting resources. + https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md type: string type: object required: @@ -3480,44 +4923,58 @@ spec: type: object type: array path: - description: Path to the directory containing the kustomization.yaml file, or the set of plain YAMLs a kustomization.yaml - should be generated for. Defaults to 'None', which translates to the root path of the SourceRef. + description: |- + Path to the directory containing the kustomization.yaml file, or the + set of plain YAMLs a kustomization.yaml should be generated for. + Defaults to 'None', which translates to the root path of the SourceRef. type: string postBuild: - description: PostBuild describes which actions to perform on the YAML manifest generated by building the kustomize - overlay. + description: |- + PostBuild describes which actions to perform on the YAML manifest + generated by building the kustomize overlay. properties: substitute: additionalProperties: type: string - description: Substitute holds a map of key/value pairs. The variables defined in your YAML manifests that - match any of the keys defined in the map will be substituted with the set value. Includes support for - bash string replacement functions e.g. ${var:=default}, ${var:position} and ${var/substring/replacement}. + description: |- + Substitute holds a map of key/value pairs. + The variables defined in your YAML manifests that match any of the keys + defined in the map will be substituted with the set value. + Includes support for bash string replacement functions + e.g. ${var:=default}, ${var:position} and ${var/substring/replacement}. type: object substituteFrom: - description: SubstituteFrom holds references to ConfigMaps and Secrets containing the variables and their - values to be substituted in the YAML manifests. The ConfigMap and the Secret data keys represent the - var names, and they must match the vars declared in the manifests for the substitution to happen. + description: |- + SubstituteFrom holds references to ConfigMaps and Secrets containing + the variables and their values to be substituted in the YAML manifests. + The ConfigMap and the Secret data keys represent the var names, and they + must match the vars declared in the manifests for the substitution to + happen. items: - description: SubstituteReference contains a reference to a resource containing the variables name and - value. + description: |- + SubstituteReference contains a reference to a resource containing + the variables name and value. properties: kind: - description: Kind of the values referent, valid values are ('Secret', 'ConfigMap'). + description: Kind of the values referent, valid values are + ('Secret', 'ConfigMap'). enum: - Secret - ConfigMap type: string name: - description: Name of the values referent. Should reside in the same namespace as the referring resource. + description: |- + Name of the values referent. Should reside in the same namespace as the + referring resource. maxLength: 253 minLength: 1 type: string optional: default: false - description: Optional indicates whether the referenced resource must exist, or whether to tolerate - its absence. If true and the referenced resource is absent, proceed as if the resource was present - but empty, without any variables defined. + description: |- + Optional indicates whether the referenced resource must exist, or whether to + tolerate its absence. If true and the referenced resource is absent, proceed + as if the resource was present but empty, without any variables defined. type: boolean required: - kind @@ -3529,15 +4986,20 @@ spec: description: Prune enables garbage collection. type: boolean retryInterval: - description: The interval at which to retry a previously failed reconciliation. When not specified, the controller - uses the KustomizationSpec.Interval value to retry failures. + description: |- + The interval at which to retry a previously failed reconciliation. + When not specified, the controller uses the KustomizationSpec.Interval + value to retry failures. pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$ type: string serviceAccountName: - description: The name of the Kubernetes service account to impersonate when reconciling this Kustomization. + description: |- + The name of the Kubernetes service account to impersonate + when reconciling this Kustomization. type: string sourceRef: - description: Reference of the source where the kustomization file is. + description: Reference of the source where the kustomization file + is. properties: apiVersion: description: API version of the referent. @@ -3553,29 +5015,36 @@ spec: description: Name of the referent. type: string namespace: - description: Namespace of the referent, defaults to the namespace of the Kubernetes resource object that - contains the reference. + description: |- + Namespace of the referent, defaults to the namespace of the Kubernetes + resource object that contains the reference. type: string required: - kind - name type: object suspend: - description: This flag tells the controller to suspend subsequent kustomize executions, it does not apply - to already started executions. Defaults to false. + description: |- + This flag tells the controller to suspend subsequent kustomize executions, + it does not apply to already started executions. Defaults to false. type: boolean targetNamespace: - description: TargetNamespace sets or overrides the namespace in the kustomization.yaml file. + description: |- + TargetNamespace sets or overrides the namespace in the + kustomization.yaml file. maxLength: 63 minLength: 1 type: string timeout: - description: Timeout for validation, apply and health checking operations. Defaults to 'Interval' duration. + description: |- + Timeout for validation, apply and health checking operations. + Defaults to 'Interval' duration. pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$ type: string wait: - description: Wait instructs the controller to check the health of all the reconciled resources. When enabled, - the HealthChecks are ignored. Defaults to false. + description: |- + Wait instructs the controller to check the health of all the reconciled + resources. When enabled, the HealthChecks are ignored. Defaults to false. type: boolean required: - interval @@ -3589,35 +5058,43 @@ spec: properties: conditions: items: - description: "Condition contains details for one aspect of the current state of this API Resource. --- This - struct is intended for direct use as an array at the field path .status.conditions. For example, \n type - FooStatus struct{ // Represents the observations of a foo's current state. // Known .status.conditions.type - are: \"Available\", \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge // - +listType=map // +listMapKey=type Conditions []metav1.Condition `json:\"conditions,omitempty\" patchStrategy:\"merge\" - patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" + description: "Condition contains details for one aspect of the current + state of this API Resource.\n---\nThis struct is intended for + direct use as an array at the field path .status.conditions. For + example,\n\n\n\ttype FooStatus struct{\n\t // Represents the + observations of a foo's current state.\n\t // Known .status.conditions.type + are: \"Available\", \"Progressing\", and \"Degraded\"\n\t // + +patchMergeKey=type\n\t // +patchStrategy=merge\n\t // +listType=map\n\t + \ // +listMapKey=type\n\t Conditions []metav1.Condition `json:\"conditions,omitempty\" + patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"`\n\n\n\t + \ // other fields\n\t}" properties: lastTransitionTime: - description: lastTransitionTime is the last time the condition transitioned from one status to another. - This should be when the underlying condition changed. If that is not known, then using the time when - the API field changed is acceptable. + description: |- + lastTransitionTime is the last time the condition transitioned from one status to another. + This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. format: date-time type: string message: - description: message is a human readable message indicating details about the transition. This may be - an empty string. + description: |- + message is a human readable message indicating details about the transition. + This may be an empty string. maxLength: 32768 type: string observedGeneration: - description: observedGeneration represents the .metadata.generation that the condition was set based - upon. For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration - is 9, the condition is out of date with respect to the current state of the instance. + description: |- + observedGeneration represents the .metadata.generation that the condition was set based upon. + For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date + with respect to the current state of the instance. format: int64 minimum: 0 type: integer reason: - description: reason contains a programmatic identifier indicating the reason for the condition's last - transition. Producers of specific condition types may define expected values and meanings for this - field, and whether the values are considered a guaranteed API. The value should be a CamelCase string. + description: |- + reason contains a programmatic identifier indicating the reason for the condition's last transition. + Producers of specific condition types may define expected values and meanings for this field, + and whether the values are considered a guaranteed API. + The value should be a CamelCase string. This field may not be empty. maxLength: 1024 minLength: 1 @@ -3631,9 +5108,12 @@ spec: - Unknown type: string type: - description: type of condition in CamelCase or in foo.example.com/CamelCase. --- Many .condition.type - values are consistent across resources like Available, but because arbitrary conditions can be useful - (see .node.status.conditions), the ability to deconflict is important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + description: |- + type of condition in CamelCase or in foo.example.com/CamelCase. + --- + Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be + useful (see .node.status.conditions), the ability to deconflict is important. + The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) maxLength: 316 pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ type: string @@ -3646,20 +5126,24 @@ spec: type: object type: array inventory: - description: Inventory contains the list of Kubernetes resource object references that have been successfully - applied. + description: |- + Inventory contains the list of Kubernetes resource object references that + have been successfully applied. properties: entries: description: Entries of Kubernetes resource object references. items: - description: ResourceRef contains the information necessary to locate a resource within a cluster. + description: ResourceRef contains the information necessary + to locate a resource within a cluster. properties: id: - description: ID is the string representation of the Kubernetes resource object's metadata, in the - format '___'. + description: |- + ID is the string representation of the Kubernetes resource object's metadata, + in the format '___'. type: string v: - description: Version is the API version of the Kubernetes resource object's kind. + description: Version is the API version of the Kubernetes + resource object's kind. type: string required: - id @@ -3670,15 +5154,19 @@ spec: - entries type: object lastAppliedRevision: - description: The last successfully applied revision. Equals the Revision of the applied Artifact from the - referenced Source. + description: |- + The last successfully applied revision. + Equals the Revision of the applied Artifact from the referenced Source. type: string lastAttemptedRevision: - description: LastAttemptedRevision is the revision of the last reconciliation attempt. + description: LastAttemptedRevision is the revision of the last reconciliation + attempt. type: string lastHandledReconcileAt: - description: LastHandledReconcileAt holds the value of the most recent reconcile request value, so a change - of the annotation value can be detected. + description: |- + LastHandledReconcileAt holds the value of the most recent + reconcile request value, so a change of the annotation value + can be detected. type: string observedGeneration: description: ObservedGeneration is the last reconciled generation. @@ -3708,12 +5196,19 @@ spec: description: Kustomization is the Schema for the kustomizations API. properties: apiVersion: - description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert - recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string kind: - description: 'Kind is a string value representing the REST resource this object represents. Servers may infer - this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string metadata: type: object @@ -3721,7 +5216,8 @@ spec: description: KustomizationSpec defines the desired state of a kustomization. properties: decryption: - description: Decrypt Kubernetes secrets before applying them on the cluster. + description: Decrypt Kubernetes secrets before applying them on the + cluster. properties: provider: description: Provider is the name of the decryption engine. @@ -3729,7 +5225,8 @@ spec: - sops type: string secretRef: - description: The secret name containing the private OpenPGP keys used for decryption. + description: The secret name containing the private OpenPGP keys + used for decryption. properties: name: description: Name of the referent. @@ -3741,17 +5238,21 @@ spec: - provider type: object dependsOn: - description: DependsOn may contain a meta.NamespacedObjectReference slice with references to Kustomization - resources that must be ready before this Kustomization can be reconciled. + description: |- + DependsOn may contain a meta.NamespacedObjectReference slice + with references to Kustomization resources that must be ready before this + Kustomization can be reconciled. items: - description: NamespacedObjectReference contains enough information to locate the referenced Kubernetes resource - object in any namespace. + description: |- + NamespacedObjectReference contains enough information to locate the referenced Kubernetes resource object in any + namespace. properties: name: description: Name of the referent. type: string namespace: - description: Namespace of the referent, when not specified it acts as LocalObjectReference. + description: Namespace of the referent, when not specified it + acts as LocalObjectReference. type: string required: - name @@ -3759,18 +5260,20 @@ spec: type: array force: default: false - description: Force instructs the controller to recreate resources when patching fails due to an immutable - field change. + description: |- + Force instructs the controller to recreate resources + when patching fails due to an immutable field change. type: boolean healthChecks: description: A list of resources to be included in the health assessment. items: - description: NamespacedObjectKindReference contains enough information to locate the typed referenced Kubernetes - resource object in any namespace. + description: |- + NamespacedObjectKindReference contains enough information to locate the typed referenced Kubernetes resource object + in any namespace. properties: apiVersion: - description: API version of the referent, if not specified the Kubernetes preferred version will be - used. + description: API version of the referent, if not specified the + Kubernetes preferred version will be used. type: string kind: description: Kind of the referent. @@ -3779,7 +5282,8 @@ spec: description: Name of the referent. type: string namespace: - description: Namespace of the referent, when not specified it acts as LocalObjectReference. + description: Namespace of the referent, when not specified it + acts as LocalObjectReference. type: string required: - kind @@ -3787,24 +5291,29 @@ spec: type: object type: array images: - description: Images is a list of (image name, new name, new tag or digest) for changing image names, tags - or digests. This can also be achieved with a patch, but this operator is simpler to specify. + description: |- + Images is a list of (image name, new name, new tag or digest) + for changing image names, tags or digests. This can also be achieved with a + patch, but this operator is simpler to specify. items: - description: Image contains an image name, a new name, a new tag or digest, which will replace the original - name and tag. + description: Image contains an image name, a new name, a new tag + or digest, which will replace the original name and tag. properties: digest: - description: Digest is the value used to replace the original image tag. If digest is present NewTag - value is ignored. + description: |- + Digest is the value used to replace the original image tag. + If digest is present NewTag value is ignored. type: string name: description: Name is a tag-less image name. type: string newName: - description: NewName is the value used to replace the original name. + description: NewName is the value used to replace the original + name. type: string newTag: - description: NewTag is the value used to replace the original tag. + description: NewTag is the value used to replace the original + tag. type: string required: - name @@ -3814,15 +5323,20 @@ spec: description: The interval at which to reconcile the Kustomization. type: string kubeConfig: - description: The KubeConfig for reconciling the Kustomization on a remote cluster. When specified, KubeConfig - takes precedence over ServiceAccountName. + description: |- + The KubeConfig for reconciling the Kustomization on a remote cluster. + When specified, KubeConfig takes precedence over ServiceAccountName. properties: secretRef: - description: SecretRef holds the name to a secret that contains a 'value' key with the kubeconfig file - as the value. It must be in the same namespace as the Kustomization. It is recommended that the kubeconfig - is self-contained, and the secret is regularly updated if credentials such as a cloud-access-token expire. - Cloud specific `cmd-path` auth helpers will not function without adding binaries and credentials to - the Pod that is responsible for reconciling the Kustomization. + description: |- + SecretRef holds the name to a secret that contains a 'value' key with + the kubeconfig file as the value. It must be in the same namespace as + the Kustomization. + It is recommended that the kubeconfig is self-contained, and the secret + is regularly updated if credentials such as a cloud-access-token expire. + Cloud specific `cmd-path` auth helpers will not function without adding + binaries and credentials to the Pod that is responsible for reconciling + the Kustomization. properties: name: description: Name of the referent. @@ -3832,33 +5346,46 @@ spec: type: object type: object patches: - description: Strategic merge and JSON patches, defined as inline YAML objects, capable of targeting objects - based on kind, label and annotation selectors. + description: |- + Strategic merge and JSON patches, defined as inline YAML objects, + capable of targeting objects based on kind, label and annotation selectors. items: - description: Patch contains an inline StrategicMerge or JSON6902 patch, and the target the patch should + description: |- + Patch contains an inline StrategicMerge or JSON6902 patch, and the target the patch should be applied to. properties: patch: - description: Patch contains an inline StrategicMerge patch or an inline JSON6902 patch with an array - of operation objects. + description: |- + Patch contains an inline StrategicMerge patch or an inline JSON6902 patch with + an array of operation objects. type: string target: - description: Target points to the resources that the patch document should be applied to. + description: Target points to the resources that the patch document + should be applied to. properties: annotationSelector: - description: AnnotationSelector is a string that follows the label selection expression https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#api + description: |- + AnnotationSelector is a string that follows the label selection expression + https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#api It matches with the resource annotations. type: string group: - description: Group is the API group to select resources from. Together with Version and Kind it - is capable of unambiguously identifying and/or selecting resources. https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md + description: |- + Group is the API group to select resources from. + Together with Version and Kind it is capable of unambiguously identifying and/or selecting resources. + https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md type: string kind: - description: Kind of the API Group to select resources from. Together with Group and Version it - is capable of unambiguously identifying and/or selecting resources. https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md + description: |- + Kind of the API Group to select resources from. + Together with Group and Version it is capable of unambiguously + identifying and/or selecting resources. + https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md type: string labelSelector: - description: LabelSelector is a string that follows the label selection expression https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#api + description: |- + LabelSelector is a string that follows the label selection expression + https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#api It matches with the resource labels. type: string name: @@ -3868,8 +5395,10 @@ spec: description: Namespace to select resources from. type: string version: - description: Version of the API Group to select resources from. Together with Group and Kind it - is capable of unambiguously identifying and/or selecting resources. https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md + description: |- + Version of the API Group to select resources from. + Together with Group and Kind it is capable of unambiguously identifying and/or selecting resources. + https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md type: string type: object required: @@ -3879,21 +5408,27 @@ spec: patchesJson6902: description: JSON 6902 patches, defined as inline YAML objects. items: - description: JSON6902Patch contains a JSON6902 patch and the target the patch should be applied to. + description: JSON6902Patch contains a JSON6902 patch and the target + the patch should be applied to. properties: patch: - description: Patch contains the JSON6902 patch document with an array of operation objects. + description: Patch contains the JSON6902 patch document with + an array of operation objects. items: - description: JSON6902 is a JSON6902 operation object. https://datatracker.ietf.org/doc/html/rfc6902#section-4 + description: |- + JSON6902 is a JSON6902 operation object. + https://datatracker.ietf.org/doc/html/rfc6902#section-4 properties: from: - description: From contains a JSON-pointer value that references a location within the target document - where the operation is performed. The meaning of the value depends on the value of Op, and is - NOT taken into account by all operations. + description: |- + From contains a JSON-pointer value that references a location within the target document where the operation is + performed. The meaning of the value depends on the value of Op, and is NOT taken into account by all operations. type: string op: - description: Op indicates the operation to perform. Its value MUST be one of "add", "remove", - "replace", "move", "copy", or "test". https://datatracker.ietf.org/doc/html/rfc6902#section-4 + description: |- + Op indicates the operation to perform. Its value MUST be one of "add", "remove", "replace", "move", "copy", or + "test". + https://datatracker.ietf.org/doc/html/rfc6902#section-4 enum: - test - remove @@ -3903,13 +5438,14 @@ spec: - copy type: string path: - description: Path contains the JSON-pointer value that references a location within the target - document where the operation is performed. The meaning of the value depends on the value of - Op. + description: |- + Path contains the JSON-pointer value that references a location within the target document where the operation + is performed. The meaning of the value depends on the value of Op. type: string value: - description: Value contains a valid JSON structure. The meaning of the value depends on the value - of Op, and is NOT taken into account by all operations. + description: |- + Value contains a valid JSON structure. The meaning of the value depends on the value of Op, and is NOT taken into + account by all operations. x-kubernetes-preserve-unknown-fields: true required: - op @@ -3917,22 +5453,32 @@ spec: type: object type: array target: - description: Target points to the resources that the patch document should be applied to. + description: Target points to the resources that the patch document + should be applied to. properties: annotationSelector: - description: AnnotationSelector is a string that follows the label selection expression https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#api + description: |- + AnnotationSelector is a string that follows the label selection expression + https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#api It matches with the resource annotations. type: string group: - description: Group is the API group to select resources from. Together with Version and Kind it - is capable of unambiguously identifying and/or selecting resources. https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md + description: |- + Group is the API group to select resources from. + Together with Version and Kind it is capable of unambiguously identifying and/or selecting resources. + https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md type: string kind: - description: Kind of the API Group to select resources from. Together with Group and Version it - is capable of unambiguously identifying and/or selecting resources. https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md + description: |- + Kind of the API Group to select resources from. + Together with Group and Version it is capable of unambiguously + identifying and/or selecting resources. + https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md type: string labelSelector: - description: LabelSelector is a string that follows the label selection expression https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#api + description: |- + LabelSelector is a string that follows the label selection expression + https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#api It matches with the resource labels. type: string name: @@ -3942,8 +5488,10 @@ spec: description: Namespace to select resources from. type: string version: - description: Version of the API Group to select resources from. Together with Group and Kind it - is capable of unambiguously identifying and/or selecting resources. https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md + description: |- + Version of the API Group to select resources from. + Together with Group and Kind it is capable of unambiguously identifying and/or selecting resources. + https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md type: string type: object required: @@ -3957,36 +5505,49 @@ spec: x-kubernetes-preserve-unknown-fields: true type: array path: - description: Path to the directory containing the kustomization.yaml file, or the set of plain YAMLs a kustomization.yaml - should be generated for. Defaults to 'None', which translates to the root path of the SourceRef. + description: |- + Path to the directory containing the kustomization.yaml file, or the + set of plain YAMLs a kustomization.yaml should be generated for. + Defaults to 'None', which translates to the root path of the SourceRef. type: string postBuild: - description: PostBuild describes which actions to perform on the YAML manifest generated by building the kustomize - overlay. + description: |- + PostBuild describes which actions to perform on the YAML manifest + generated by building the kustomize overlay. properties: substitute: additionalProperties: type: string - description: Substitute holds a map of key/value pairs. The variables defined in your YAML manifests that - match any of the keys defined in the map will be substituted with the set value. Includes support for - bash string replacement functions e.g. ${var:=default}, ${var:position} and ${var/substring/replacement}. + description: |- + Substitute holds a map of key/value pairs. + The variables defined in your YAML manifests + that match any of the keys defined in the map + will be substituted with the set value. + Includes support for bash string replacement functions + e.g. ${var:=default}, ${var:position} and ${var/substring/replacement}. type: object substituteFrom: - description: SubstituteFrom holds references to ConfigMaps and Secrets containing the variables and their - values to be substituted in the YAML manifests. The ConfigMap and the Secret data keys represent the - var names and they must match the vars declared in the manifests for the substitution to happen. + description: |- + SubstituteFrom holds references to ConfigMaps and Secrets containing + the variables and their values to be substituted in the YAML manifests. + The ConfigMap and the Secret data keys represent the var names and they + must match the vars declared in the manifests for the substitution to happen. items: - description: SubstituteReference contains a reference to a resource containing the variables name and - value. + description: |- + SubstituteReference contains a reference to a resource containing + the variables name and value. properties: kind: - description: Kind of the values referent, valid values are ('Secret', 'ConfigMap'). + description: Kind of the values referent, valid values are + ('Secret', 'ConfigMap'). enum: - Secret - ConfigMap type: string name: - description: Name of the values referent. Should reside in the same namespace as the referring resource. + description: |- + Name of the values referent. Should reside in the same namespace as the + referring resource. maxLength: 253 minLength: 1 type: string @@ -4000,14 +5561,19 @@ spec: description: Prune enables garbage collection. type: boolean retryInterval: - description: The interval at which to retry a previously failed reconciliation. When not specified, the controller - uses the KustomizationSpec.Interval value to retry failures. + description: |- + The interval at which to retry a previously failed reconciliation. + When not specified, the controller uses the KustomizationSpec.Interval + value to retry failures. type: string serviceAccountName: - description: The name of the Kubernetes service account to impersonate when reconciling this Kustomization. + description: |- + The name of the Kubernetes service account to impersonate + when reconciling this Kustomization. type: string sourceRef: - description: Reference of the source where the kustomization file is. + description: Reference of the source where the kustomization file + is. properties: apiVersion: description: API version of the referent @@ -4022,28 +5588,37 @@ spec: description: Name of the referent type: string namespace: - description: Namespace of the referent, defaults to the Kustomization namespace + description: Namespace of the referent, defaults to the Kustomization + namespace type: string required: - kind - name type: object suspend: - description: This flag tells the controller to suspend subsequent kustomize executions, it does not apply - to already started executions. Defaults to false. + description: |- + This flag tells the controller to suspend subsequent kustomize executions, + it does not apply to already started executions. Defaults to false. type: boolean targetNamespace: - description: TargetNamespace sets or overrides the namespace in the kustomization.yaml file. + description: |- + TargetNamespace sets or overrides the namespace in the + kustomization.yaml file. maxLength: 63 minLength: 1 type: string timeout: - description: Timeout for validation, apply and health checking operations. Defaults to 'Interval' duration. + description: |- + Timeout for validation, apply and health checking operations. + Defaults to 'Interval' duration. type: string validation: - description: Validate the Kubernetes objects before applying them on the cluster. The validation strategy - can be 'client' (local dry-run), 'server' (APIServer dry-run) or 'none'. When 'Force' is 'true', validation - will fallback to 'client' if set to 'server' because server-side validation is not supported in this scenario. + description: |- + Validate the Kubernetes objects before applying them on the cluster. + The validation strategy can be 'client' (local dry-run), 'server' + (APIServer dry-run) or 'none'. + When 'Force' is 'true', validation will fallback to 'client' if set to + 'server' because server-side validation is not supported in this scenario. enum: - none - client @@ -4061,35 +5636,43 @@ spec: properties: conditions: items: - description: "Condition contains details for one aspect of the current state of this API Resource. --- This - struct is intended for direct use as an array at the field path .status.conditions. For example, \n type - FooStatus struct{ // Represents the observations of a foo's current state. // Known .status.conditions.type - are: \"Available\", \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge // - +listType=map // +listMapKey=type Conditions []metav1.Condition `json:\"conditions,omitempty\" patchStrategy:\"merge\" - patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" + description: "Condition contains details for one aspect of the current + state of this API Resource.\n---\nThis struct is intended for + direct use as an array at the field path .status.conditions. For + example,\n\n\n\ttype FooStatus struct{\n\t // Represents the + observations of a foo's current state.\n\t // Known .status.conditions.type + are: \"Available\", \"Progressing\", and \"Degraded\"\n\t // + +patchMergeKey=type\n\t // +patchStrategy=merge\n\t // +listType=map\n\t + \ // +listMapKey=type\n\t Conditions []metav1.Condition `json:\"conditions,omitempty\" + patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"`\n\n\n\t + \ // other fields\n\t}" properties: lastTransitionTime: - description: lastTransitionTime is the last time the condition transitioned from one status to another. - This should be when the underlying condition changed. If that is not known, then using the time when - the API field changed is acceptable. + description: |- + lastTransitionTime is the last time the condition transitioned from one status to another. + This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. format: date-time type: string message: - description: message is a human readable message indicating details about the transition. This may be - an empty string. + description: |- + message is a human readable message indicating details about the transition. + This may be an empty string. maxLength: 32768 type: string observedGeneration: - description: observedGeneration represents the .metadata.generation that the condition was set based - upon. For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration - is 9, the condition is out of date with respect to the current state of the instance. + description: |- + observedGeneration represents the .metadata.generation that the condition was set based upon. + For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date + with respect to the current state of the instance. format: int64 minimum: 0 type: integer reason: - description: reason contains a programmatic identifier indicating the reason for the condition's last - transition. Producers of specific condition types may define expected values and meanings for this - field, and whether the values are considered a guaranteed API. The value should be a CamelCase string. + description: |- + reason contains a programmatic identifier indicating the reason for the condition's last transition. + Producers of specific condition types may define expected values and meanings for this field, + and whether the values are considered a guaranteed API. + The value should be a CamelCase string. This field may not be empty. maxLength: 1024 minLength: 1 @@ -4103,9 +5686,12 @@ spec: - Unknown type: string type: - description: type of condition in CamelCase or in foo.example.com/CamelCase. --- Many .condition.type - values are consistent across resources like Available, but because arbitrary conditions can be useful - (see .node.status.conditions), the ability to deconflict is important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + description: |- + type of condition in CamelCase or in foo.example.com/CamelCase. + --- + Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be + useful (see .node.status.conditions), the ability to deconflict is important. + The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) maxLength: 316 pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ type: string @@ -4118,14 +5704,19 @@ spec: type: object type: array lastAppliedRevision: - description: The last successfully applied revision. The revision format for Git sources is /. + description: |- + The last successfully applied revision. + The revision format for Git sources is /. type: string lastAttemptedRevision: - description: LastAttemptedRevision is the revision of the last reconciliation attempt. + description: LastAttemptedRevision is the revision of the last reconciliation + attempt. type: string lastHandledReconcileAt: - description: LastHandledReconcileAt holds the value of the most recent reconcile request value, so a change - of the annotation value can be detected. + description: |- + LastHandledReconcileAt holds the value of the most recent + reconcile request value, so a change of the annotation value + can be detected. type: string observedGeneration: description: ObservedGeneration is the last reconciled generation. @@ -4140,7 +5731,9 @@ spec: entries: description: A list of Kubernetes kinds grouped by namespace. items: - description: Snapshot holds the metadata of namespaced Kubernetes objects + description: |- + Snapshot holds the metadata of namespaced + Kubernetes objects properties: kinds: additionalProperties: @@ -4182,20 +5775,29 @@ spec: description: Kustomization is the Schema for the kustomizations API. properties: apiVersion: - description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert - recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string kind: - description: 'Kind is a string value representing the REST resource this object represents. Servers may infer - this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string metadata: type: object spec: - description: KustomizationSpec defines the configuration to calculate the desired state from a Source using Kustomize. + description: KustomizationSpec defines the configuration to calculate + the desired state from a Source using Kustomize. properties: commonMetadata: - description: CommonMetadata specifies the common labels and annotations that are applied to all resources. + description: |- + CommonMetadata specifies the common labels and annotations that are applied to all resources. Any existing label or annotation will be overridden if its key matches a common one. properties: annotations: @@ -4210,12 +5812,14 @@ spec: type: object type: object components: - description: Components specifies relative paths to specifications of other Components. + description: Components specifies relative paths to specifications + of other Components. items: type: string type: array decryption: - description: Decrypt Kubernetes secrets before applying them on the cluster. + description: Decrypt Kubernetes secrets before applying them on the + cluster. properties: provider: description: Provider is the name of the decryption engine. @@ -4223,7 +5827,8 @@ spec: - sops type: string secretRef: - description: The secret name containing the private OpenPGP keys used for decryption. + description: The secret name containing the private OpenPGP keys + used for decryption. properties: name: description: Name of the referent. @@ -4235,17 +5840,21 @@ spec: - provider type: object dependsOn: - description: DependsOn may contain a meta.NamespacedObjectReference slice with references to Kustomization - resources that must be ready before this Kustomization can be reconciled. + description: |- + DependsOn may contain a meta.NamespacedObjectReference slice + with references to Kustomization resources that must be ready before this + Kustomization can be reconciled. items: - description: NamespacedObjectReference contains enough information to locate the referenced Kubernetes resource - object in any namespace. + description: |- + NamespacedObjectReference contains enough information to locate the referenced Kubernetes resource object in any + namespace. properties: name: description: Name of the referent. type: string namespace: - description: Namespace of the referent, when not specified it acts as LocalObjectReference. + description: Namespace of the referent, when not specified it + acts as LocalObjectReference. type: string required: - name @@ -4253,18 +5862,20 @@ spec: type: array force: default: false - description: Force instructs the controller to recreate resources when patching fails due to an immutable - field change. + description: |- + Force instructs the controller to recreate resources + when patching fails due to an immutable field change. type: boolean healthChecks: description: A list of resources to be included in the health assessment. items: - description: NamespacedObjectKindReference contains enough information to locate the typed referenced Kubernetes - resource object in any namespace. + description: |- + NamespacedObjectKindReference contains enough information to locate the typed referenced Kubernetes resource object + in any namespace. properties: apiVersion: - description: API version of the referent, if not specified the Kubernetes preferred version will be - used. + description: API version of the referent, if not specified the + Kubernetes preferred version will be used. type: string kind: description: Kind of the referent. @@ -4273,7 +5884,8 @@ spec: description: Name of the referent. type: string namespace: - description: Namespace of the referent, when not specified it acts as LocalObjectReference. + description: Namespace of the referent, when not specified it + acts as LocalObjectReference. type: string required: - kind @@ -4281,24 +5893,29 @@ spec: type: object type: array images: - description: Images is a list of (image name, new name, new tag or digest) for changing image names, tags - or digests. This can also be achieved with a patch, but this operator is simpler to specify. + description: |- + Images is a list of (image name, new name, new tag or digest) + for changing image names, tags or digests. This can also be achieved with a + patch, but this operator is simpler to specify. items: - description: Image contains an image name, a new name, a new tag or digest, which will replace the original - name and tag. + description: Image contains an image name, a new name, a new tag + or digest, which will replace the original name and tag. properties: digest: - description: Digest is the value used to replace the original image tag. If digest is present NewTag - value is ignored. + description: |- + Digest is the value used to replace the original image tag. + If digest is present NewTag value is ignored. type: string name: description: Name is a tag-less image name. type: string newName: - description: NewName is the value used to replace the original name. + description: NewName is the value used to replace the original + name. type: string newTag: - description: NewTag is the value used to replace the original tag. + description: NewTag is the value used to replace the original + tag. type: string required: - name @@ -4309,20 +5926,29 @@ spec: pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$ type: string kubeConfig: - description: The KubeConfig for reconciling the Kustomization on a remote cluster. When used in combination - with KustomizationSpec.ServiceAccountName, forces the controller to act on behalf of that Service Account - at the target cluster. If the --default-service-account flag is set, its value will be used as a controller - level fallback for when KustomizationSpec.ServiceAccountName is empty. + description: |- + The KubeConfig for reconciling the Kustomization on a remote cluster. + When used in combination with KustomizationSpec.ServiceAccountName, + forces the controller to act on behalf of that Service Account at the + target cluster. + If the --default-service-account flag is set, its value will be used as + a controller level fallback for when KustomizationSpec.ServiceAccountName + is empty. properties: secretRef: - description: SecretRef holds the name of a secret that contains a key with the kubeconfig file as the - value. If no key is set, the key will default to 'value'. It is recommended that the kubeconfig is self-contained, - and the secret is regularly updated if credentials such as a cloud-access-token expire. Cloud specific - `cmd-path` auth helpers will not function without adding binaries and credentials to the Pod that is - responsible for reconciling Kubernetes resources. + description: |- + SecretRef holds the name of a secret that contains a key with + the kubeconfig file as the value. If no key is set, the key will default + to 'value'. + It is recommended that the kubeconfig is self-contained, and the secret + is regularly updated if credentials such as a cloud-access-token expire. + Cloud specific `cmd-path` auth helpers will not function without adding + binaries and credentials to the Pod that is responsible for reconciling + Kubernetes resources. properties: key: - description: Key in the Secret, when not specified an implementation-specific default key is used. + description: Key in the Secret, when not specified an implementation-specific + default key is used. type: string name: description: Name of the Secret. @@ -4334,33 +5960,46 @@ spec: - secretRef type: object patches: - description: Strategic merge and JSON patches, defined as inline YAML objects, capable of targeting objects - based on kind, label and annotation selectors. + description: |- + Strategic merge and JSON patches, defined as inline YAML objects, + capable of targeting objects based on kind, label and annotation selectors. items: - description: Patch contains an inline StrategicMerge or JSON6902 patch, and the target the patch should + description: |- + Patch contains an inline StrategicMerge or JSON6902 patch, and the target the patch should be applied to. properties: patch: - description: Patch contains an inline StrategicMerge patch or an inline JSON6902 patch with an array - of operation objects. + description: |- + Patch contains an inline StrategicMerge patch or an inline JSON6902 patch with + an array of operation objects. type: string target: - description: Target points to the resources that the patch document should be applied to. + description: Target points to the resources that the patch document + should be applied to. properties: annotationSelector: - description: AnnotationSelector is a string that follows the label selection expression https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#api + description: |- + AnnotationSelector is a string that follows the label selection expression + https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#api It matches with the resource annotations. type: string group: - description: Group is the API group to select resources from. Together with Version and Kind it - is capable of unambiguously identifying and/or selecting resources. https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md + description: |- + Group is the API group to select resources from. + Together with Version and Kind it is capable of unambiguously identifying and/or selecting resources. + https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md type: string kind: - description: Kind of the API Group to select resources from. Together with Group and Version it - is capable of unambiguously identifying and/or selecting resources. https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md + description: |- + Kind of the API Group to select resources from. + Together with Group and Version it is capable of unambiguously + identifying and/or selecting resources. + https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md type: string labelSelector: - description: LabelSelector is a string that follows the label selection expression https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#api + description: |- + LabelSelector is a string that follows the label selection expression + https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#api It matches with the resource labels. type: string name: @@ -4370,8 +6009,10 @@ spec: description: Namespace to select resources from. type: string version: - description: Version of the API Group to select resources from. Together with Group and Kind it - is capable of unambiguously identifying and/or selecting resources. https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md + description: |- + Version of the API Group to select resources from. + Together with Group and Kind it is capable of unambiguously identifying and/or selecting resources. + https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md type: string type: object required: @@ -4379,23 +6020,31 @@ spec: type: object type: array patchesJson6902: - description: 'JSON 6902 patches, defined as inline YAML objects. Deprecated: Use Patches instead.' + description: |- + JSON 6902 patches, defined as inline YAML objects. + Deprecated: Use Patches instead. items: - description: JSON6902Patch contains a JSON6902 patch and the target the patch should be applied to. + description: JSON6902Patch contains a JSON6902 patch and the target + the patch should be applied to. properties: patch: - description: Patch contains the JSON6902 patch document with an array of operation objects. + description: Patch contains the JSON6902 patch document with + an array of operation objects. items: - description: JSON6902 is a JSON6902 operation object. https://datatracker.ietf.org/doc/html/rfc6902#section-4 + description: |- + JSON6902 is a JSON6902 operation object. + https://datatracker.ietf.org/doc/html/rfc6902#section-4 properties: from: - description: From contains a JSON-pointer value that references a location within the target document - where the operation is performed. The meaning of the value depends on the value of Op, and is - NOT taken into account by all operations. + description: |- + From contains a JSON-pointer value that references a location within the target document where the operation is + performed. The meaning of the value depends on the value of Op, and is NOT taken into account by all operations. type: string op: - description: Op indicates the operation to perform. Its value MUST be one of "add", "remove", - "replace", "move", "copy", or "test". https://datatracker.ietf.org/doc/html/rfc6902#section-4 + description: |- + Op indicates the operation to perform. Its value MUST be one of "add", "remove", "replace", "move", "copy", or + "test". + https://datatracker.ietf.org/doc/html/rfc6902#section-4 enum: - test - remove @@ -4405,13 +6054,14 @@ spec: - copy type: string path: - description: Path contains the JSON-pointer value that references a location within the target - document where the operation is performed. The meaning of the value depends on the value of - Op. + description: |- + Path contains the JSON-pointer value that references a location within the target document where the operation + is performed. The meaning of the value depends on the value of Op. type: string value: - description: Value contains a valid JSON structure. The meaning of the value depends on the value - of Op, and is NOT taken into account by all operations. + description: |- + Value contains a valid JSON structure. The meaning of the value depends on the value of Op, and is NOT taken into + account by all operations. x-kubernetes-preserve-unknown-fields: true required: - op @@ -4419,22 +6069,32 @@ spec: type: object type: array target: - description: Target points to the resources that the patch document should be applied to. + description: Target points to the resources that the patch document + should be applied to. properties: annotationSelector: - description: AnnotationSelector is a string that follows the label selection expression https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#api + description: |- + AnnotationSelector is a string that follows the label selection expression + https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#api It matches with the resource annotations. type: string group: - description: Group is the API group to select resources from. Together with Version and Kind it - is capable of unambiguously identifying and/or selecting resources. https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md + description: |- + Group is the API group to select resources from. + Together with Version and Kind it is capable of unambiguously identifying and/or selecting resources. + https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md type: string kind: - description: Kind of the API Group to select resources from. Together with Group and Version it - is capable of unambiguously identifying and/or selecting resources. https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md + description: |- + Kind of the API Group to select resources from. + Together with Group and Version it is capable of unambiguously + identifying and/or selecting resources. + https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md type: string labelSelector: - description: LabelSelector is a string that follows the label selection expression https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#api + description: |- + LabelSelector is a string that follows the label selection expression + https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#api It matches with the resource labels. type: string name: @@ -4444,8 +6104,10 @@ spec: description: Namespace to select resources from. type: string version: - description: Version of the API Group to select resources from. Together with Group and Kind it - is capable of unambiguously identifying and/or selecting resources. https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md + description: |- + Version of the API Group to select resources from. + Together with Group and Kind it is capable of unambiguously identifying and/or selecting resources. + https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md type: string type: object required: @@ -4454,49 +6116,65 @@ spec: type: object type: array patchesStrategicMerge: - description: 'Strategic merge patches, defined as inline YAML objects. Deprecated: Use Patches instead.' + description: |- + Strategic merge patches, defined as inline YAML objects. + Deprecated: Use Patches instead. items: x-kubernetes-preserve-unknown-fields: true type: array path: - description: Path to the directory containing the kustomization.yaml file, or the set of plain YAMLs a kustomization.yaml - should be generated for. Defaults to 'None', which translates to the root path of the SourceRef. + description: |- + Path to the directory containing the kustomization.yaml file, or the + set of plain YAMLs a kustomization.yaml should be generated for. + Defaults to 'None', which translates to the root path of the SourceRef. type: string postBuild: - description: PostBuild describes which actions to perform on the YAML manifest generated by building the kustomize - overlay. + description: |- + PostBuild describes which actions to perform on the YAML manifest + generated by building the kustomize overlay. properties: substitute: additionalProperties: type: string - description: Substitute holds a map of key/value pairs. The variables defined in your YAML manifests that - match any of the keys defined in the map will be substituted with the set value. Includes support for - bash string replacement functions e.g. ${var:=default}, ${var:position} and ${var/substring/replacement}. + description: |- + Substitute holds a map of key/value pairs. + The variables defined in your YAML manifests + that match any of the keys defined in the map + will be substituted with the set value. + Includes support for bash string replacement functions + e.g. ${var:=default}, ${var:position} and ${var/substring/replacement}. type: object substituteFrom: - description: SubstituteFrom holds references to ConfigMaps and Secrets containing the variables and their - values to be substituted in the YAML manifests. The ConfigMap and the Secret data keys represent the - var names and they must match the vars declared in the manifests for the substitution to happen. + description: |- + SubstituteFrom holds references to ConfigMaps and Secrets containing + the variables and their values to be substituted in the YAML manifests. + The ConfigMap and the Secret data keys represent the var names and they + must match the vars declared in the manifests for the substitution to happen. items: - description: SubstituteReference contains a reference to a resource containing the variables name and - value. + description: |- + SubstituteReference contains a reference to a resource containing + the variables name and value. properties: kind: - description: Kind of the values referent, valid values are ('Secret', 'ConfigMap'). + description: Kind of the values referent, valid values are + ('Secret', 'ConfigMap'). enum: - Secret - ConfigMap type: string name: - description: Name of the values referent. Should reside in the same namespace as the referring resource. + description: |- + Name of the values referent. Should reside in the same namespace as the + referring resource. maxLength: 253 minLength: 1 type: string optional: default: false - description: Optional indicates whether the referenced resource must exist, or whether to tolerate - its absence. If true and the referenced resource is absent, proceed as if the resource was present - but empty, without any variables defined. + description: |- + Optional indicates whether the referenced resource must exist, or whether to + tolerate its absence. If true and the referenced resource is absent, proceed + as if the resource was present but empty, without any variables defined. type: boolean required: - kind @@ -4508,15 +6186,20 @@ spec: description: Prune enables garbage collection. type: boolean retryInterval: - description: The interval at which to retry a previously failed reconciliation. When not specified, the controller - uses the KustomizationSpec.Interval value to retry failures. + description: |- + The interval at which to retry a previously failed reconciliation. + When not specified, the controller uses the KustomizationSpec.Interval + value to retry failures. pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$ type: string serviceAccountName: - description: The name of the Kubernetes service account to impersonate when reconciling this Kustomization. + description: |- + The name of the Kubernetes service account to impersonate + when reconciling this Kustomization. type: string sourceRef: - description: Reference of the source where the kustomization file is. + description: Reference of the source where the kustomization file + is. properties: apiVersion: description: API version of the referent. @@ -4532,24 +6215,29 @@ spec: description: Name of the referent. type: string namespace: - description: Namespace of the referent, defaults to the namespace of the Kubernetes resource object that - contains the reference. + description: Namespace of the referent, defaults to the namespace + of the Kubernetes resource object that contains the reference. type: string required: - kind - name type: object suspend: - description: This flag tells the controller to suspend subsequent kustomize executions, it does not apply - to already started executions. Defaults to false. + description: |- + This flag tells the controller to suspend subsequent kustomize executions, + it does not apply to already started executions. Defaults to false. type: boolean targetNamespace: - description: TargetNamespace sets or overrides the namespace in the kustomization.yaml file. + description: |- + TargetNamespace sets or overrides the namespace in the + kustomization.yaml file. maxLength: 63 minLength: 1 type: string timeout: - description: Timeout for validation, apply and health checking operations. Defaults to 'Interval' duration. + description: |- + Timeout for validation, apply and health checking operations. + Defaults to 'Interval' duration. pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$ type: string validation: @@ -4560,8 +6248,9 @@ spec: - server type: string wait: - description: Wait instructs the controller to check the health of all the reconciled resources. When enabled, - the HealthChecks are ignored. Defaults to false. + description: |- + Wait instructs the controller to check the health of all the reconciled resources. + When enabled, the HealthChecks are ignored. Defaults to false. type: boolean required: - interval @@ -4575,35 +6264,43 @@ spec: properties: conditions: items: - description: "Condition contains details for one aspect of the current state of this API Resource. --- This - struct is intended for direct use as an array at the field path .status.conditions. For example, \n type - FooStatus struct{ // Represents the observations of a foo's current state. // Known .status.conditions.type - are: \"Available\", \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge // - +listType=map // +listMapKey=type Conditions []metav1.Condition `json:\"conditions,omitempty\" patchStrategy:\"merge\" - patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" + description: "Condition contains details for one aspect of the current + state of this API Resource.\n---\nThis struct is intended for + direct use as an array at the field path .status.conditions. For + example,\n\n\n\ttype FooStatus struct{\n\t // Represents the + observations of a foo's current state.\n\t // Known .status.conditions.type + are: \"Available\", \"Progressing\", and \"Degraded\"\n\t // + +patchMergeKey=type\n\t // +patchStrategy=merge\n\t // +listType=map\n\t + \ // +listMapKey=type\n\t Conditions []metav1.Condition `json:\"conditions,omitempty\" + patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"`\n\n\n\t + \ // other fields\n\t}" properties: lastTransitionTime: - description: lastTransitionTime is the last time the condition transitioned from one status to another. - This should be when the underlying condition changed. If that is not known, then using the time when - the API field changed is acceptable. + description: |- + lastTransitionTime is the last time the condition transitioned from one status to another. + This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. format: date-time type: string message: - description: message is a human readable message indicating details about the transition. This may be - an empty string. + description: |- + message is a human readable message indicating details about the transition. + This may be an empty string. maxLength: 32768 type: string observedGeneration: - description: observedGeneration represents the .metadata.generation that the condition was set based - upon. For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration - is 9, the condition is out of date with respect to the current state of the instance. + description: |- + observedGeneration represents the .metadata.generation that the condition was set based upon. + For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date + with respect to the current state of the instance. format: int64 minimum: 0 type: integer reason: - description: reason contains a programmatic identifier indicating the reason for the condition's last - transition. Producers of specific condition types may define expected values and meanings for this - field, and whether the values are considered a guaranteed API. The value should be a CamelCase string. + description: |- + reason contains a programmatic identifier indicating the reason for the condition's last transition. + Producers of specific condition types may define expected values and meanings for this field, + and whether the values are considered a guaranteed API. + The value should be a CamelCase string. This field may not be empty. maxLength: 1024 minLength: 1 @@ -4617,9 +6314,12 @@ spec: - Unknown type: string type: - description: type of condition in CamelCase or in foo.example.com/CamelCase. --- Many .condition.type - values are consistent across resources like Available, but because arbitrary conditions can be useful - (see .node.status.conditions), the ability to deconflict is important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + description: |- + type of condition in CamelCase or in foo.example.com/CamelCase. + --- + Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be + useful (see .node.status.conditions), the ability to deconflict is important. + The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) maxLength: 316 pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ type: string @@ -4632,20 +6332,23 @@ spec: type: object type: array inventory: - description: Inventory contains the list of Kubernetes resource object references that have been successfully - applied. + description: Inventory contains the list of Kubernetes resource object + references that have been successfully applied. properties: entries: description: Entries of Kubernetes resource object references. items: - description: ResourceRef contains the information necessary to locate a resource within a cluster. + description: ResourceRef contains the information necessary + to locate a resource within a cluster. properties: id: - description: ID is the string representation of the Kubernetes resource object's metadata, in the - format '___'. + description: |- + ID is the string representation of the Kubernetes resource object's metadata, + in the format '___'. type: string v: - description: Version is the API version of the Kubernetes resource object's kind. + description: Version is the API version of the Kubernetes + resource object's kind. type: string required: - id @@ -4656,15 +6359,19 @@ spec: - entries type: object lastAppliedRevision: - description: The last successfully applied revision. Equals the Revision of the applied Artifact from the - referenced Source. + description: |- + The last successfully applied revision. + Equals the Revision of the applied Artifact from the referenced Source. type: string lastAttemptedRevision: - description: LastAttemptedRevision is the revision of the last reconciliation attempt. + description: LastAttemptedRevision is the revision of the last reconciliation + attempt. type: string lastHandledReconcileAt: - description: LastHandledReconcileAt holds the value of the most recent reconcile request value, so a change - of the annotation value can be detected. + description: |- + LastHandledReconcileAt holds the value of the most recent + reconcile request value, so a change of the annotation value + can be detected. type: string observedGeneration: description: ObservedGeneration is the last reconciled generation. @@ -4684,7 +6391,7 @@ metadata: app.kubernetes.io/component: kustomize-controller app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v2.1.1 + app.kubernetes.io/version: v2.3.0 name: kustomize-controller namespace: flux-system --- @@ -4695,7 +6402,7 @@ metadata: app.kubernetes.io/component: kustomize-controller app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v2.1.1 + app.kubernetes.io/version: v2.3.0 control-plane: controller name: kustomize-controller namespace: flux-system @@ -4724,7 +6431,17 @@ spec: valueFrom: fieldRef: fieldPath: metadata.namespace - image: ghcr.io/fluxcd/kustomize-controller:v1.1.0 + - name: GOMAXPROCS + valueFrom: + resourceFieldRef: + containerName: manager + resource: limits.cpu + - name: GOMEMLIMIT + valueFrom: + resourceFieldRef: + containerName: manager + resource: limits.memory + image: ghcr.io/fluxcd/kustomize-controller:v1.3.0 imagePullPolicy: IfNotPresent livenessProbe: httpGet: @@ -4776,12 +6493,12 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.12.0 + controller-gen.kubebuilder.io/version: v0.15.0 labels: app.kubernetes.io/component: helm-controller app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v2.1.1 + app.kubernetes.io/version: v2.3.0 name: helmreleases.helm.toolkit.fluxcd.io spec: group: helm.toolkit.fluxcd.io @@ -4804,18 +6521,25 @@ spec: - jsonPath: .status.conditions[?(@.type=="Ready")].message name: Status type: string - name: v2beta1 + name: v2 schema: openAPIV3Schema: description: HelmRelease is the Schema for the helmreleases API properties: apiVersion: - description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert - recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string kind: - description: 'Kind is a string value representing the REST resource this object represents. Servers may infer - this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string metadata: type: object @@ -4823,46 +6547,66 @@ spec: description: HelmReleaseSpec defines the desired state of a Helm release. properties: chart: - description: Chart defines the template of the v1beta2.HelmChart that should be created for this HelmRelease. + description: |- + Chart defines the template of the v1.HelmChart that should be created + for this HelmRelease. properties: metadata: - description: ObjectMeta holds the template for metadata like labels and annotations. + description: ObjectMeta holds the template for metadata like labels + and annotations. properties: annotations: additionalProperties: type: string - description: 'Annotations is an unstructured key value map stored with a resource that may be set - by external tools to store and retrieve arbitrary metadata. They are not queryable and should be - preserved when modifying objects. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations/' + description: |- + Annotations is an unstructured key value map stored with a resource that may be + set by external tools to store and retrieve arbitrary metadata. They are not + queryable and should be preserved when modifying objects. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations/ type: object labels: additionalProperties: type: string - description: 'Map of string keys and values that can be used to organize and categorize (scope and - select) objects. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/' + description: |- + Map of string keys and values that can be used to organize and categorize + (scope and select) objects. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/ type: object type: object spec: - description: Spec holds the template for the v1beta2.HelmChartSpec for this HelmRelease. + description: Spec holds the template for the v1.HelmChartSpec + for this HelmRelease. properties: chart: - description: The name or path the Helm chart is available at in the SourceRef. + description: The name or path the Helm chart is available + at in the SourceRef. + maxLength: 2048 + minLength: 1 type: string + ignoreMissingValuesFiles: + description: IgnoreMissingValuesFiles controls whether to + silently ignore missing values files rather than failing. + type: boolean interval: - description: Interval at which to check the v1beta2.Source for updates. Defaults to 'HelmReleaseSpec.Interval'. + description: |- + Interval at which to check the v1.Source for updates. Defaults to + 'HelmReleaseSpec.Interval'. pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$ type: string reconcileStrategy: default: ChartVersion - description: Determines what enables the creation of a new artifact. Valid values are ('ChartVersion', - 'Revision'). See the documentation of the values for an explanation on their behavior. Defaults - to ChartVersion when omitted. + description: |- + Determines what enables the creation of a new artifact. Valid values are + ('ChartVersion', 'Revision'). + See the documentation of the values for an explanation on their behavior. + Defaults to ChartVersion when omitted. enum: - ChartVersion - Revision type: string sourceRef: - description: The name and namespace of the v1beta2.Source the chart is available at. + description: The name and namespace of the v1.Source the chart + is available at. properties: apiVersion: description: APIVersion of the referent. @@ -4887,32 +6631,36 @@ spec: required: - name type: object - valuesFile: - description: Alternative values file to use as the default chart values, expected to be a relative - path in the SourceRef. Deprecated in favor of ValuesFiles, for backwards compatibility the file - defined here is merged before the ValuesFiles items. Ignored when omitted. - type: string valuesFiles: - description: Alternative list of values files to use as the chart values (values.yaml is not included - by default), expected to be a relative path in the SourceRef. Values files are merged in the order - of this list with the last file overriding the first. Ignored when omitted. + description: |- + Alternative list of values files to use as the chart values (values.yaml + is not included by default), expected to be a relative path in the SourceRef. + Values files are merged in the order of this list with the last file overriding + the first. Ignored when omitted. items: type: string type: array verify: - description: Verify contains the secret name containing the trusted public keys used to verify the - signature and specifies which provider to use to check whether OCI image is authentic. This field - is only supported for OCI sources. Chart dependencies, which are not bundled in the umbrella chart - artifact, are not verified. + description: |- + Verify contains the secret name containing the trusted public keys + used to verify the signature and specifies which provider to use to check + whether OCI image is authentic. + This field is only supported for OCI sources. + Chart dependencies, which are not bundled in the umbrella chart artifact, + are not verified. properties: provider: default: cosign - description: Provider specifies the technology used to sign the OCI Helm chart. + description: Provider specifies the technology used to + sign the OCI Helm chart. enum: - cosign + - notation type: string secretRef: - description: SecretRef specifies the Kubernetes Secret containing the trusted public keys. + description: |- + SecretRef specifies the Kubernetes Secret containing the + trusted public keys. properties: name: description: Name of the referent. @@ -4925,8 +6673,9 @@ spec: type: object version: default: '*' - description: Version semver expression, ignored for charts from v1beta2.GitRepository and v1beta2.Bucket - sources. Defaults to latest when omitted. + description: |- + Version semver expression, ignored for charts from v1.GitRepository and + v1beta2.Bucket sources. Defaults to latest when omitted. type: string required: - chart @@ -4935,109 +6684,2722 @@ spec: required: - spec type: object + chartRef: + description: |- + ChartRef holds a reference to a source controller resource containing the + Helm chart artifact. + properties: + apiVersion: + description: APIVersion of the referent. + type: string + kind: + description: Kind of the referent. + enum: + - OCIRepository + - HelmChart + type: string + name: + description: Name of the referent. + maxLength: 253 + minLength: 1 + type: string + namespace: + description: |- + Namespace of the referent, defaults to the namespace of the Kubernetes + resource object that contains the reference. + maxLength: 63 + minLength: 1 + type: string + required: + - kind + - name + type: object dependsOn: - description: DependsOn may contain a meta.NamespacedObjectReference slice with references to HelmRelease resources - that must be ready before this HelmRelease can be reconciled. + description: |- + DependsOn may contain a meta.NamespacedObjectReference slice with + references to HelmRelease resources that must be ready before this HelmRelease + can be reconciled. items: - description: NamespacedObjectReference contains enough information to locate the referenced Kubernetes resource - object in any namespace. + description: |- + NamespacedObjectReference contains enough information to locate the referenced Kubernetes resource object in any + namespace. properties: name: description: Name of the referent. type: string namespace: - description: Namespace of the referent, when not specified it acts as LocalObjectReference. + description: Namespace of the referent, when not specified it + acts as LocalObjectReference. type: string required: - name type: object type: array - install: - description: Install holds the configuration for Helm install actions for this HelmRelease. + driftDetection: + description: |- + DriftDetection holds the configuration for detecting and handling + differences between the manifest in the Helm storage and the resources + currently existing in the cluster. + properties: + ignore: + description: |- + Ignore contains a list of rules for specifying which changes to ignore + during diffing. + items: + description: |- + IgnoreRule defines a rule to selectively disregard specific changes during + the drift detection process. + properties: + paths: + description: |- + Paths is a list of JSON Pointer (RFC 6901) paths to be excluded from + consideration in a Kubernetes object. + items: + type: string + type: array + target: + description: |- + Target is a selector for specifying Kubernetes objects to which this + rule applies. + If Target is not set, the Paths will be ignored for all Kubernetes + objects within the manifest of the Helm release. + properties: + annotationSelector: + description: |- + AnnotationSelector is a string that follows the label selection expression + https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#api + It matches with the resource annotations. + type: string + group: + description: |- + Group is the API group to select resources from. + Together with Version and Kind it is capable of unambiguously identifying and/or selecting resources. + https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md + type: string + kind: + description: |- + Kind of the API Group to select resources from. + Together with Group and Version it is capable of unambiguously + identifying and/or selecting resources. + https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md + type: string + labelSelector: + description: |- + LabelSelector is a string that follows the label selection expression + https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#api + It matches with the resource labels. + type: string + name: + description: Name to match resources with. + type: string + namespace: + description: Namespace to select resources from. + type: string + version: + description: |- + Version of the API Group to select resources from. + Together with Group and Kind it is capable of unambiguously identifying and/or selecting resources. + https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md + type: string + type: object + required: + - paths + type: object + type: array + mode: + description: |- + Mode defines how differences should be handled between the Helm manifest + and the manifest currently applied to the cluster. + If not explicitly set, it defaults to DiffModeDisabled. + enum: + - enabled + - warn + - disabled + type: string + type: object + install: + description: Install holds the configuration for Helm install actions + for this HelmRelease. + properties: + crds: + description: |- + CRDs upgrade CRDs from the Helm Chart's crds directory according + to the CRD upgrade policy provided here. Valid values are `Skip`, + `Create` or `CreateReplace`. Default is `Create` and if omitted + CRDs are installed but not updated. + + + Skip: do neither install nor replace (update) any CRDs. + + + Create: new CRDs are created, existing CRDs are neither updated nor deleted. + + + CreateReplace: new CRDs are created, existing CRDs are updated (replaced) + but not deleted. + + + By default, CRDs are applied (installed) during Helm install action. + With this option users can opt in to CRD replace existing CRDs on Helm + install actions, which is not (yet) natively supported by Helm. + https://helm.sh/docs/chart_best_practices/custom_resource_definitions. + enum: + - Skip + - Create + - CreateReplace + type: string + createNamespace: + description: |- + CreateNamespace tells the Helm install action to create the + HelmReleaseSpec.TargetNamespace if it does not exist yet. + On uninstall, the namespace will not be garbage collected. + type: boolean + disableHooks: + description: DisableHooks prevents hooks from running during the + Helm install action. + type: boolean + disableOpenAPIValidation: + description: |- + DisableOpenAPIValidation prevents the Helm install action from validating + rendered templates against the Kubernetes OpenAPI Schema. + type: boolean + disableWait: + description: |- + DisableWait disables the waiting for resources to be ready after a Helm + install has been performed. + type: boolean + disableWaitForJobs: + description: |- + DisableWaitForJobs disables waiting for jobs to complete after a Helm + install has been performed. + type: boolean + remediation: + description: |- + Remediation holds the remediation configuration for when the Helm install + action for the HelmRelease fails. The default is to not perform any action. + properties: + ignoreTestFailures: + description: |- + IgnoreTestFailures tells the controller to skip remediation when the Helm + tests are run after an install action but fail. Defaults to + 'Test.IgnoreFailures'. + type: boolean + remediateLastFailure: + description: |- + RemediateLastFailure tells the controller to remediate the last failure, when + no retries remain. Defaults to 'false'. + type: boolean + retries: + description: |- + Retries is the number of retries that should be attempted on failures before + bailing. Remediation, using an uninstall, is performed between each attempt. + Defaults to '0', a negative integer equals to unlimited retries. + type: integer + type: object + replace: + description: |- + Replace tells the Helm install action to re-use the 'ReleaseName', but only + if that name is a deleted release which remains in the history. + type: boolean + skipCRDs: + description: |- + SkipCRDs tells the Helm install action to not install any CRDs. By default, + CRDs are installed if not already present. + + + Deprecated use CRD policy (`crds`) attribute with value `Skip` instead. + type: boolean + timeout: + description: |- + Timeout is the time to wait for any individual Kubernetes operation (like + Jobs for hooks) during the performance of a Helm install action. Defaults to + 'HelmReleaseSpec.Timeout'. + pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$ + type: string + type: object + interval: + description: Interval at which to reconcile the Helm release. + pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$ + type: string + kubeConfig: + description: |- + KubeConfig for reconciling the HelmRelease on a remote cluster. + When used in combination with HelmReleaseSpec.ServiceAccountName, + forces the controller to act on behalf of that Service Account at the + target cluster. + If the --default-service-account flag is set, its value will be used as + a controller level fallback for when HelmReleaseSpec.ServiceAccountName + is empty. + properties: + secretRef: + description: |- + SecretRef holds the name of a secret that contains a key with + the kubeconfig file as the value. If no key is set, the key will default + to 'value'. + It is recommended that the kubeconfig is self-contained, and the secret + is regularly updated if credentials such as a cloud-access-token expire. + Cloud specific `cmd-path` auth helpers will not function without adding + binaries and credentials to the Pod that is responsible for reconciling + Kubernetes resources. + properties: + key: + description: Key in the Secret, when not specified an implementation-specific + default key is used. + type: string + name: + description: Name of the Secret. + type: string + required: + - name + type: object + required: + - secretRef + type: object + maxHistory: + description: |- + MaxHistory is the number of revisions saved by Helm for this HelmRelease. + Use '0' for an unlimited number of revisions; defaults to '5'. + type: integer + persistentClient: + description: |- + PersistentClient tells the controller to use a persistent Kubernetes + client for this release. When enabled, the client will be reused for the + duration of the reconciliation, instead of being created and destroyed + for each (step of a) Helm action. + + + This can improve performance, but may cause issues with some Helm charts + that for example do create Custom Resource Definitions during installation + outside Helm's CRD lifecycle hooks, which are then not observed to be + available by e.g. post-install hooks. + + + If not set, it defaults to true. + type: boolean + postRenderers: + description: |- + PostRenderers holds an array of Helm PostRenderers, which will be applied in order + of their definition. + items: + description: PostRenderer contains a Helm PostRenderer specification. + properties: + kustomize: + description: Kustomization to apply as PostRenderer. + properties: + images: + description: |- + Images is a list of (image name, new name, new tag or digest) + for changing image names, tags or digests. This can also be achieved with a + patch, but this operator is simpler to specify. + items: + description: Image contains an image name, a new name, + a new tag or digest, which will replace the original + name and tag. + properties: + digest: + description: |- + Digest is the value used to replace the original image tag. + If digest is present NewTag value is ignored. + type: string + name: + description: Name is a tag-less image name. + type: string + newName: + description: NewName is the value used to replace + the original name. + type: string + newTag: + description: NewTag is the value used to replace the + original tag. + type: string + required: + - name + type: object + type: array + patches: + description: |- + Strategic merge and JSON patches, defined as inline YAML objects, + capable of targeting objects based on kind, label and annotation selectors. + items: + description: |- + Patch contains an inline StrategicMerge or JSON6902 patch, and the target the patch should + be applied to. + properties: + patch: + description: |- + Patch contains an inline StrategicMerge patch or an inline JSON6902 patch with + an array of operation objects. + type: string + target: + description: Target points to the resources that the + patch document should be applied to. + properties: + annotationSelector: + description: |- + AnnotationSelector is a string that follows the label selection expression + https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#api + It matches with the resource annotations. + type: string + group: + description: |- + Group is the API group to select resources from. + Together with Version and Kind it is capable of unambiguously identifying and/or selecting resources. + https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md + type: string + kind: + description: |- + Kind of the API Group to select resources from. + Together with Group and Version it is capable of unambiguously + identifying and/or selecting resources. + https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md + type: string + labelSelector: + description: |- + LabelSelector is a string that follows the label selection expression + https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#api + It matches with the resource labels. + type: string + name: + description: Name to match resources with. + type: string + namespace: + description: Namespace to select resources from. + type: string + version: + description: |- + Version of the API Group to select resources from. + Together with Group and Kind it is capable of unambiguously identifying and/or selecting resources. + https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md + type: string + type: object + required: + - patch + type: object + type: array + type: object + type: object + type: array + releaseName: + description: |- + ReleaseName used for the Helm release. Defaults to a composition of + '[TargetNamespace-]Name'. + maxLength: 53 + minLength: 1 + type: string + rollback: + description: Rollback holds the configuration for Helm rollback actions + for this HelmRelease. + properties: + cleanupOnFail: + description: |- + CleanupOnFail allows deletion of new resources created during the Helm + rollback action when it fails. + type: boolean + disableHooks: + description: DisableHooks prevents hooks from running during the + Helm rollback action. + type: boolean + disableWait: + description: |- + DisableWait disables the waiting for resources to be ready after a Helm + rollback has been performed. + type: boolean + disableWaitForJobs: + description: |- + DisableWaitForJobs disables waiting for jobs to complete after a Helm + rollback has been performed. + type: boolean + force: + description: Force forces resource updates through a replacement + strategy. + type: boolean + recreate: + description: Recreate performs pod restarts for the resource if + applicable. + type: boolean + timeout: + description: |- + Timeout is the time to wait for any individual Kubernetes operation (like + Jobs for hooks) during the performance of a Helm rollback action. Defaults to + 'HelmReleaseSpec.Timeout'. + pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$ + type: string + type: object + serviceAccountName: + description: |- + The name of the Kubernetes service account to impersonate + when reconciling this HelmRelease. + maxLength: 253 + minLength: 1 + type: string + storageNamespace: + description: |- + StorageNamespace used for the Helm storage. + Defaults to the namespace of the HelmRelease. + maxLength: 63 + minLength: 1 + type: string + suspend: + description: |- + Suspend tells the controller to suspend reconciliation for this HelmRelease, + it does not apply to already started reconciliations. Defaults to false. + type: boolean + targetNamespace: + description: |- + TargetNamespace to target when performing operations for the HelmRelease. + Defaults to the namespace of the HelmRelease. + maxLength: 63 + minLength: 1 + type: string + test: + description: Test holds the configuration for Helm test actions for + this HelmRelease. + properties: + enable: + description: |- + Enable enables Helm test actions for this HelmRelease after an Helm install + or upgrade action has been performed. + type: boolean + filters: + description: Filters is a list of tests to run or exclude from + running. + items: + description: Filter holds the configuration for individual Helm + test filters. + properties: + exclude: + description: Exclude specifies whether the named test should + be excluded. + type: boolean + name: + description: Name is the name of the test. + maxLength: 253 + minLength: 1 + type: string + required: + - name + type: object + type: array + ignoreFailures: + description: |- + IgnoreFailures tells the controller to skip remediation when the Helm tests + are run but fail. Can be overwritten for tests run after install or upgrade + actions in 'Install.IgnoreTestFailures' and 'Upgrade.IgnoreTestFailures'. + type: boolean + timeout: + description: |- + Timeout is the time to wait for any individual Kubernetes operation during + the performance of a Helm test action. Defaults to 'HelmReleaseSpec.Timeout'. + pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$ + type: string + type: object + timeout: + description: |- + Timeout is the time to wait for any individual Kubernetes operation (like Jobs + for hooks) during the performance of a Helm action. Defaults to '5m0s'. + pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$ + type: string + uninstall: + description: Uninstall holds the configuration for Helm uninstall + actions for this HelmRelease. + properties: + deletionPropagation: + default: background + description: |- + DeletionPropagation specifies the deletion propagation policy when + a Helm uninstall is performed. + enum: + - background + - foreground + - orphan + type: string + disableHooks: + description: DisableHooks prevents hooks from running during the + Helm rollback action. + type: boolean + disableWait: + description: |- + DisableWait disables waiting for all the resources to be deleted after + a Helm uninstall is performed. + type: boolean + keepHistory: + description: |- + KeepHistory tells Helm to remove all associated resources and mark the + release as deleted, but retain the release history. + type: boolean + timeout: + description: |- + Timeout is the time to wait for any individual Kubernetes operation (like + Jobs for hooks) during the performance of a Helm uninstall action. Defaults + to 'HelmReleaseSpec.Timeout'. + pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$ + type: string + type: object + upgrade: + description: Upgrade holds the configuration for Helm upgrade actions + for this HelmRelease. + properties: + cleanupOnFail: + description: |- + CleanupOnFail allows deletion of new resources created during the Helm + upgrade action when it fails. + type: boolean + crds: + description: |- + CRDs upgrade CRDs from the Helm Chart's crds directory according + to the CRD upgrade policy provided here. Valid values are `Skip`, + `Create` or `CreateReplace`. Default is `Skip` and if omitted + CRDs are neither installed nor upgraded. + + + Skip: do neither install nor replace (update) any CRDs. + + + Create: new CRDs are created, existing CRDs are neither updated nor deleted. + + + CreateReplace: new CRDs are created, existing CRDs are updated (replaced) + but not deleted. + + + By default, CRDs are not applied during Helm upgrade action. With this + option users can opt-in to CRD upgrade, which is not (yet) natively supported by Helm. + https://helm.sh/docs/chart_best_practices/custom_resource_definitions. + enum: + - Skip + - Create + - CreateReplace + type: string + disableHooks: + description: DisableHooks prevents hooks from running during the + Helm upgrade action. + type: boolean + disableOpenAPIValidation: + description: |- + DisableOpenAPIValidation prevents the Helm upgrade action from validating + rendered templates against the Kubernetes OpenAPI Schema. + type: boolean + disableWait: + description: |- + DisableWait disables the waiting for resources to be ready after a Helm + upgrade has been performed. + type: boolean + disableWaitForJobs: + description: |- + DisableWaitForJobs disables waiting for jobs to complete after a Helm + upgrade has been performed. + type: boolean + force: + description: Force forces resource updates through a replacement + strategy. + type: boolean + preserveValues: + description: |- + PreserveValues will make Helm reuse the last release's values and merge in + overrides from 'Values'. Setting this flag makes the HelmRelease + non-declarative. + type: boolean + remediation: + description: |- + Remediation holds the remediation configuration for when the Helm upgrade + action for the HelmRelease fails. The default is to not perform any action. + properties: + ignoreTestFailures: + description: |- + IgnoreTestFailures tells the controller to skip remediation when the Helm + tests are run after an upgrade action but fail. + Defaults to 'Test.IgnoreFailures'. + type: boolean + remediateLastFailure: + description: |- + RemediateLastFailure tells the controller to remediate the last failure, when + no retries remain. Defaults to 'false' unless 'Retries' is greater than 0. + type: boolean + retries: + description: |- + Retries is the number of retries that should be attempted on failures before + bailing. Remediation, using 'Strategy', is performed between each attempt. + Defaults to '0', a negative integer equals to unlimited retries. + type: integer + strategy: + description: Strategy to use for failure remediation. Defaults + to 'rollback'. + enum: + - rollback + - uninstall + type: string + type: object + timeout: + description: |- + Timeout is the time to wait for any individual Kubernetes operation (like + Jobs for hooks) during the performance of a Helm upgrade action. Defaults to + 'HelmReleaseSpec.Timeout'. + pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$ + type: string + type: object + values: + description: Values holds the values for this Helm release. + x-kubernetes-preserve-unknown-fields: true + valuesFrom: + description: |- + ValuesFrom holds references to resources containing Helm values for this HelmRelease, + and information about how they should be merged. + items: + description: |- + ValuesReference contains a reference to a resource containing Helm values, + and optionally the key they can be found at. + properties: + kind: + description: Kind of the values referent, valid values are ('Secret', + 'ConfigMap'). + enum: + - Secret + - ConfigMap + type: string + name: + description: |- + Name of the values referent. Should reside in the same namespace as the + referring resource. + maxLength: 253 + minLength: 1 + type: string + optional: + description: |- + Optional marks this ValuesReference as optional. When set, a not found error + for the values reference is ignored, but any ValuesKey, TargetPath or + transient error will still result in a reconciliation failure. + type: boolean + targetPath: + description: |- + TargetPath is the YAML dot notation path the value should be merged at. When + set, the ValuesKey is expected to be a single flat value. Defaults to 'None', + which results in the values getting merged at the root. + maxLength: 250 + pattern: ^([a-zA-Z0-9_\-.\\\/]|\[[0-9]{1,5}\])+$ + type: string + valuesKey: + description: |- + ValuesKey is the data key where the values.yaml or a specific value can be + found at. Defaults to 'values.yaml'. + maxLength: 253 + pattern: ^[\-._a-zA-Z0-9]+$ + type: string + required: + - kind + - name + type: object + type: array + required: + - interval + type: object + x-kubernetes-validations: + - message: either chart or chartRef must be set + rule: (has(self.chart) && !has(self.chartRef)) || (!has(self.chart) + && has(self.chartRef)) + status: + default: + observedGeneration: -1 + description: HelmReleaseStatus defines the observed state of a HelmRelease. + properties: + conditions: + description: Conditions holds the conditions for the HelmRelease. + items: + description: "Condition contains details for one aspect of the current + state of this API Resource.\n---\nThis struct is intended for + direct use as an array at the field path .status.conditions. For + example,\n\n\n\ttype FooStatus struct{\n\t // Represents the + observations of a foo's current state.\n\t // Known .status.conditions.type + are: \"Available\", \"Progressing\", and \"Degraded\"\n\t // + +patchMergeKey=type\n\t // +patchStrategy=merge\n\t // +listType=map\n\t + \ // +listMapKey=type\n\t Conditions []metav1.Condition `json:\"conditions,omitempty\" + patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"`\n\n\n\t + \ // other fields\n\t}" + properties: + lastTransitionTime: + description: |- + lastTransitionTime is the last time the condition transitioned from one status to another. + This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. + format: date-time + type: string + message: + description: |- + message is a human readable message indicating details about the transition. + This may be an empty string. + maxLength: 32768 + type: string + observedGeneration: + description: |- + observedGeneration represents the .metadata.generation that the condition was set based upon. + For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date + with respect to the current state of the instance. + format: int64 + minimum: 0 + type: integer + reason: + description: |- + reason contains a programmatic identifier indicating the reason for the condition's last transition. + Producers of specific condition types may define expected values and meanings for this field, + and whether the values are considered a guaranteed API. + The value should be a CamelCase string. + This field may not be empty. + maxLength: 1024 + minLength: 1 + pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ + type: string + status: + description: status of the condition, one of True, False, Unknown. + enum: + - "True" + - "False" + - Unknown + type: string + type: + description: |- + type of condition in CamelCase or in foo.example.com/CamelCase. + --- + Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be + useful (see .node.status.conditions), the ability to deconflict is important. + The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + maxLength: 316 + pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ + type: string + required: + - lastTransitionTime + - message + - reason + - status + - type + type: object + type: array + failures: + description: |- + Failures is the reconciliation failure count against the latest desired + state. It is reset after a successful reconciliation. + format: int64 + type: integer + helmChart: + description: |- + HelmChart is the namespaced name of the HelmChart resource created by + the controller for the HelmRelease. + type: string + history: + description: |- + History holds the history of Helm releases performed for this HelmRelease + up to the last successfully completed release. + items: + description: |- + Snapshot captures a point-in-time copy of the status information for a Helm release, + as managed by the controller. + properties: + apiVersion: + description: |- + APIVersion is the API version of the Snapshot. + Provisional: when the calculation method of the Digest field is changed, + this field will be used to distinguish between the old and new methods. + type: string + appVersion: + description: AppVersion is the chart app version of the release + object in storage. + type: string + chartName: + description: ChartName is the chart name of the release object + in storage. + type: string + chartVersion: + description: |- + ChartVersion is the chart version of the release object in + storage. + type: string + configDigest: + description: |- + ConfigDigest is the checksum of the config (better known as + "values") of the release object in storage. + It has the format of `:`. + type: string + deleted: + description: Deleted is when the release was deleted. + format: date-time + type: string + digest: + description: |- + Digest is the checksum of the release object in storage. + It has the format of `:`. + type: string + firstDeployed: + description: FirstDeployed is when the release was first deployed. + format: date-time + type: string + lastDeployed: + description: LastDeployed is when the release was last deployed. + format: date-time + type: string + name: + description: Name is the name of the release. + type: string + namespace: + description: Namespace is the namespace the release is deployed + to. + type: string + ociDigest: + description: OCIDigest is the digest of the OCI artifact associated + with the release. + type: string + status: + description: Status is the current state of the release. + type: string + testHooks: + additionalProperties: + description: |- + TestHookStatus holds the status information for a test hook as observed + to be run by the controller. + properties: + lastCompleted: + description: LastCompleted is the time the test hook last + completed. + format: date-time + type: string + lastStarted: + description: LastStarted is the time the test hook was + last started. + format: date-time + type: string + phase: + description: Phase the test hook was observed to be in. + type: string + type: object + description: |- + TestHooks is the list of test hooks for the release as observed to be + run by the controller. + type: object + version: + description: Version is the version of the release object in + storage. + type: integer + required: + - chartName + - chartVersion + - configDigest + - digest + - firstDeployed + - lastDeployed + - name + - namespace + - status + - version + type: object + type: array + installFailures: + description: |- + InstallFailures is the install failure count against the latest desired + state. It is reset after a successful reconciliation. + format: int64 + type: integer + lastAttemptedConfigDigest: + description: |- + LastAttemptedConfigDigest is the digest for the config (better known as + "values") of the last reconciliation attempt. + type: string + lastAttemptedGeneration: + description: |- + LastAttemptedGeneration is the last generation the controller attempted + to reconcile. + format: int64 + type: integer + lastAttemptedReleaseAction: + description: |- + LastAttemptedReleaseAction is the last release action performed for this + HelmRelease. It is used to determine the active remediation strategy. + enum: + - install + - upgrade + type: string + lastAttemptedRevision: + description: |- + LastAttemptedRevision is the Source revision of the last reconciliation + attempt. For OCIRepository sources, the 12 first characters of the digest are + appended to the chart version e.g. "1.2.3+1234567890ab". + type: string + lastAttemptedRevisionDigest: + description: |- + LastAttemptedRevisionDigest is the digest of the last reconciliation attempt. + This is only set for OCIRepository sources. + type: string + lastAttemptedValuesChecksum: + description: |- + LastAttemptedValuesChecksum is the SHA1 checksum for the values of the last + reconciliation attempt. + Deprecated: Use LastAttemptedConfigDigest instead. + type: string + lastHandledForceAt: + description: |- + LastHandledForceAt holds the value of the most recent force request + value, so a change of the annotation value can be detected. + type: string + lastHandledReconcileAt: + description: |- + LastHandledReconcileAt holds the value of the most recent + reconcile request value, so a change of the annotation value + can be detected. + type: string + lastHandledResetAt: + description: |- + LastHandledResetAt holds the value of the most recent reset request + value, so a change of the annotation value can be detected. + type: string + lastReleaseRevision: + description: |- + LastReleaseRevision is the revision of the last successful Helm release. + Deprecated: Use History instead. + type: integer + observedGeneration: + description: ObservedGeneration is the last observed generation. + format: int64 + type: integer + observedPostRenderersDigest: + description: |- + ObservedPostRenderersDigest is the digest for the post-renderers of + the last successful reconciliation attempt. + type: string + storageNamespace: + description: |- + StorageNamespace is the namespace of the Helm release storage for the + current release. + maxLength: 63 + minLength: 1 + type: string + upgradeFailures: + description: |- + UpgradeFailures is the upgrade failure count against the latest desired + state. It is reset after a successful reconciliation. + format: int64 + type: integer + type: object + type: object + served: true + storage: true + subresources: + status: {} + - additionalPrinterColumns: + - jsonPath: .metadata.creationTimestamp + name: Age + type: date + - jsonPath: .status.conditions[?(@.type=="Ready")].status + name: Ready + type: string + - jsonPath: .status.conditions[?(@.type=="Ready")].message + name: Status + type: string + deprecated: true + deprecationWarning: v2beta1 HelmRelease is deprecated, upgrade to v2 + name: v2beta1 + schema: + openAPIV3Schema: + description: HelmRelease is the Schema for the helmreleases API + properties: + apiVersion: + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources + type: string + kind: + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds + type: string + metadata: + type: object + spec: + description: HelmReleaseSpec defines the desired state of a Helm release. + properties: + chart: + description: |- + Chart defines the template of the v1beta2.HelmChart that should be created + for this HelmRelease. + properties: + metadata: + description: ObjectMeta holds the template for metadata like labels + and annotations. + properties: + annotations: + additionalProperties: + type: string + description: |- + Annotations is an unstructured key value map stored with a resource that may be + set by external tools to store and retrieve arbitrary metadata. They are not + queryable and should be preserved when modifying objects. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations/ + type: object + labels: + additionalProperties: + type: string + description: |- + Map of string keys and values that can be used to organize and categorize + (scope and select) objects. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/ + type: object + type: object + spec: + description: Spec holds the template for the v1beta2.HelmChartSpec + for this HelmRelease. + properties: + chart: + description: The name or path the Helm chart is available + at in the SourceRef. + type: string + interval: + description: |- + Interval at which to check the v1beta2.Source for updates. Defaults to + 'HelmReleaseSpec.Interval'. + pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$ + type: string + reconcileStrategy: + default: ChartVersion + description: |- + Determines what enables the creation of a new artifact. Valid values are + ('ChartVersion', 'Revision'). + See the documentation of the values for an explanation on their behavior. + Defaults to ChartVersion when omitted. + enum: + - ChartVersion + - Revision + type: string + sourceRef: + description: The name and namespace of the v1beta2.Source + the chart is available at. + properties: + apiVersion: + description: APIVersion of the referent. + type: string + kind: + description: Kind of the referent. + enum: + - HelmRepository + - GitRepository + - Bucket + type: string + name: + description: Name of the referent. + maxLength: 253 + minLength: 1 + type: string + namespace: + description: Namespace of the referent. + maxLength: 63 + minLength: 1 + type: string + required: + - name + type: object + valuesFile: + description: |- + Alternative values file to use as the default chart values, expected to + be a relative path in the SourceRef. Deprecated in favor of ValuesFiles, + for backwards compatibility the file defined here is merged before the + ValuesFiles items. Ignored when omitted. + type: string + valuesFiles: + description: |- + Alternative list of values files to use as the chart values (values.yaml + is not included by default), expected to be a relative path in the SourceRef. + Values files are merged in the order of this list with the last file overriding + the first. Ignored when omitted. + items: + type: string + type: array + verify: + description: |- + Verify contains the secret name containing the trusted public keys + used to verify the signature and specifies which provider to use to check + whether OCI image is authentic. + This field is only supported for OCI sources. + Chart dependencies, which are not bundled in the umbrella chart artifact, are not verified. + properties: + provider: + default: cosign + description: Provider specifies the technology used to + sign the OCI Helm chart. + enum: + - cosign + type: string + secretRef: + description: |- + SecretRef specifies the Kubernetes Secret containing the + trusted public keys. + properties: + name: + description: Name of the referent. + type: string + required: + - name + type: object + required: + - provider + type: object + version: + default: '*' + description: |- + Version semver expression, ignored for charts from v1beta2.GitRepository and + v1beta2.Bucket sources. Defaults to latest when omitted. + type: string + required: + - chart + - sourceRef + type: object + required: + - spec + type: object + chartRef: + description: |- + ChartRef holds a reference to a source controller resource containing the + Helm chart artifact. + + + Note: this field is provisional to the v2 API, and not actively used + by v2beta1 HelmReleases. + properties: + apiVersion: + description: APIVersion of the referent. + type: string + kind: + description: Kind of the referent. + enum: + - OCIRepository + - HelmChart + type: string + name: + description: Name of the referent. + maxLength: 253 + minLength: 1 + type: string + namespace: + description: |- + Namespace of the referent, defaults to the namespace of the Kubernetes + resource object that contains the reference. + maxLength: 63 + minLength: 1 + type: string + required: + - kind + - name + type: object + dependsOn: + description: |- + DependsOn may contain a meta.NamespacedObjectReference slice with + references to HelmRelease resources that must be ready before this HelmRelease + can be reconciled. + items: + description: |- + NamespacedObjectReference contains enough information to locate the referenced Kubernetes resource object in any + namespace. + properties: + name: + description: Name of the referent. + type: string + namespace: + description: Namespace of the referent, when not specified it + acts as LocalObjectReference. + type: string + required: + - name + type: object + type: array + driftDetection: + description: |- + DriftDetection holds the configuration for detecting and handling + differences between the manifest in the Helm storage and the resources + currently existing in the cluster. + + + Note: this field is provisional to the v2beta2 API, and not actively used + by v2beta1 HelmReleases. + properties: + ignore: + description: |- + Ignore contains a list of rules for specifying which changes to ignore + during diffing. + items: + description: |- + IgnoreRule defines a rule to selectively disregard specific changes during + the drift detection process. + properties: + paths: + description: |- + Paths is a list of JSON Pointer (RFC 6901) paths to be excluded from + consideration in a Kubernetes object. + items: + type: string + type: array + target: + description: |- + Target is a selector for specifying Kubernetes objects to which this + rule applies. + If Target is not set, the Paths will be ignored for all Kubernetes + objects within the manifest of the Helm release. + properties: + annotationSelector: + description: |- + AnnotationSelector is a string that follows the label selection expression + https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#api + It matches with the resource annotations. + type: string + group: + description: |- + Group is the API group to select resources from. + Together with Version and Kind it is capable of unambiguously identifying and/or selecting resources. + https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md + type: string + kind: + description: |- + Kind of the API Group to select resources from. + Together with Group and Version it is capable of unambiguously + identifying and/or selecting resources. + https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md + type: string + labelSelector: + description: |- + LabelSelector is a string that follows the label selection expression + https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#api + It matches with the resource labels. + type: string + name: + description: Name to match resources with. + type: string + namespace: + description: Namespace to select resources from. + type: string + version: + description: |- + Version of the API Group to select resources from. + Together with Group and Kind it is capable of unambiguously identifying and/or selecting resources. + https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md + type: string + type: object + required: + - paths + type: object + type: array + mode: + description: |- + Mode defines how differences should be handled between the Helm manifest + and the manifest currently applied to the cluster. + If not explicitly set, it defaults to DiffModeDisabled. + enum: + - enabled + - warn + - disabled + type: string + type: object + install: + description: Install holds the configuration for Helm install actions + for this HelmRelease. + properties: + crds: + description: |- + CRDs upgrade CRDs from the Helm Chart's crds directory according + to the CRD upgrade policy provided here. Valid values are `Skip`, + `Create` or `CreateReplace`. Default is `Create` and if omitted + CRDs are installed but not updated. + + + Skip: do neither install nor replace (update) any CRDs. + + + Create: new CRDs are created, existing CRDs are neither updated nor deleted. + + + CreateReplace: new CRDs are created, existing CRDs are updated (replaced) + but not deleted. + + + By default, CRDs are applied (installed) during Helm install action. + With this option users can opt-in to CRD replace existing CRDs on Helm + install actions, which is not (yet) natively supported by Helm. + https://helm.sh/docs/chart_best_practices/custom_resource_definitions. + enum: + - Skip + - Create + - CreateReplace + type: string + createNamespace: + description: |- + CreateNamespace tells the Helm install action to create the + HelmReleaseSpec.TargetNamespace if it does not exist yet. + On uninstall, the namespace will not be garbage collected. + type: boolean + disableHooks: + description: DisableHooks prevents hooks from running during the + Helm install action. + type: boolean + disableOpenAPIValidation: + description: |- + DisableOpenAPIValidation prevents the Helm install action from validating + rendered templates against the Kubernetes OpenAPI Schema. + type: boolean + disableWait: + description: |- + DisableWait disables the waiting for resources to be ready after a Helm + install has been performed. + type: boolean + disableWaitForJobs: + description: |- + DisableWaitForJobs disables waiting for jobs to complete after a Helm + install has been performed. + type: boolean + remediation: + description: |- + Remediation holds the remediation configuration for when the Helm install + action for the HelmRelease fails. The default is to not perform any action. + properties: + ignoreTestFailures: + description: |- + IgnoreTestFailures tells the controller to skip remediation when the Helm + tests are run after an install action but fail. Defaults to + 'Test.IgnoreFailures'. + type: boolean + remediateLastFailure: + description: |- + RemediateLastFailure tells the controller to remediate the last failure, when + no retries remain. Defaults to 'false'. + type: boolean + retries: + description: |- + Retries is the number of retries that should be attempted on failures before + bailing. Remediation, using an uninstall, is performed between each attempt. + Defaults to '0', a negative integer equals to unlimited retries. + type: integer + type: object + replace: + description: |- + Replace tells the Helm install action to re-use the 'ReleaseName', but only + if that name is a deleted release which remains in the history. + type: boolean + skipCRDs: + description: |- + SkipCRDs tells the Helm install action to not install any CRDs. By default, + CRDs are installed if not already present. + + + Deprecated use CRD policy (`crds`) attribute with value `Skip` instead. + type: boolean + timeout: + description: |- + Timeout is the time to wait for any individual Kubernetes operation (like + Jobs for hooks) during the performance of a Helm install action. Defaults to + 'HelmReleaseSpec.Timeout'. + pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$ + type: string + type: object + interval: + description: |- + Interval at which to reconcile the Helm release. + This interval is approximate and may be subject to jitter to ensure + efficient use of resources. + pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$ + type: string + kubeConfig: + description: |- + KubeConfig for reconciling the HelmRelease on a remote cluster. + When used in combination with HelmReleaseSpec.ServiceAccountName, + forces the controller to act on behalf of that Service Account at the + target cluster. + If the --default-service-account flag is set, its value will be used as + a controller level fallback for when HelmReleaseSpec.ServiceAccountName + is empty. + properties: + secretRef: + description: |- + SecretRef holds the name of a secret that contains a key with + the kubeconfig file as the value. If no key is set, the key will default + to 'value'. + It is recommended that the kubeconfig is self-contained, and the secret + is regularly updated if credentials such as a cloud-access-token expire. + Cloud specific `cmd-path` auth helpers will not function without adding + binaries and credentials to the Pod that is responsible for reconciling + Kubernetes resources. + properties: + key: + description: Key in the Secret, when not specified an implementation-specific + default key is used. + type: string + name: + description: Name of the Secret. + type: string + required: + - name + type: object + required: + - secretRef + type: object + maxHistory: + description: |- + MaxHistory is the number of revisions saved by Helm for this HelmRelease. + Use '0' for an unlimited number of revisions; defaults to '10'. + type: integer + persistentClient: + description: |- + PersistentClient tells the controller to use a persistent Kubernetes + client for this release. When enabled, the client will be reused for the + duration of the reconciliation, instead of being created and destroyed + for each (step of a) Helm action. + + + This can improve performance, but may cause issues with some Helm charts + that for example do create Custom Resource Definitions during installation + outside Helm's CRD lifecycle hooks, which are then not observed to be + available by e.g. post-install hooks. + + + If not set, it defaults to true. + type: boolean + postRenderers: + description: |- + PostRenderers holds an array of Helm PostRenderers, which will be applied in order + of their definition. + items: + description: PostRenderer contains a Helm PostRenderer specification. + properties: + kustomize: + description: Kustomization to apply as PostRenderer. + properties: + images: + description: |- + Images is a list of (image name, new name, new tag or digest) + for changing image names, tags or digests. This can also be achieved with a + patch, but this operator is simpler to specify. + items: + description: Image contains an image name, a new name, + a new tag or digest, which will replace the original + name and tag. + properties: + digest: + description: |- + Digest is the value used to replace the original image tag. + If digest is present NewTag value is ignored. + type: string + name: + description: Name is a tag-less image name. + type: string + newName: + description: NewName is the value used to replace + the original name. + type: string + newTag: + description: NewTag is the value used to replace the + original tag. + type: string + required: + - name + type: object + type: array + patches: + description: |- + Strategic merge and JSON patches, defined as inline YAML objects, + capable of targeting objects based on kind, label and annotation selectors. + items: + description: |- + Patch contains an inline StrategicMerge or JSON6902 patch, and the target the patch should + be applied to. + properties: + patch: + description: |- + Patch contains an inline StrategicMerge patch or an inline JSON6902 patch with + an array of operation objects. + type: string + target: + description: Target points to the resources that the + patch document should be applied to. + properties: + annotationSelector: + description: |- + AnnotationSelector is a string that follows the label selection expression + https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#api + It matches with the resource annotations. + type: string + group: + description: |- + Group is the API group to select resources from. + Together with Version and Kind it is capable of unambiguously identifying and/or selecting resources. + https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md + type: string + kind: + description: |- + Kind of the API Group to select resources from. + Together with Group and Version it is capable of unambiguously + identifying and/or selecting resources. + https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md + type: string + labelSelector: + description: |- + LabelSelector is a string that follows the label selection expression + https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#api + It matches with the resource labels. + type: string + name: + description: Name to match resources with. + type: string + namespace: + description: Namespace to select resources from. + type: string + version: + description: |- + Version of the API Group to select resources from. + Together with Group and Kind it is capable of unambiguously identifying and/or selecting resources. + https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md + type: string + type: object + required: + - patch + type: object + type: array + patchesJson6902: + description: JSON 6902 patches, defined as inline YAML objects. + items: + description: JSON6902Patch contains a JSON6902 patch and + the target the patch should be applied to. + properties: + patch: + description: Patch contains the JSON6902 patch document + with an array of operation objects. + items: + description: |- + JSON6902 is a JSON6902 operation object. + https://datatracker.ietf.org/doc/html/rfc6902#section-4 + properties: + from: + description: |- + From contains a JSON-pointer value that references a location within the target document where the operation is + performed. The meaning of the value depends on the value of Op, and is NOT taken into account by all operations. + type: string + op: + description: |- + Op indicates the operation to perform. Its value MUST be one of "add", "remove", "replace", "move", "copy", or + "test". + https://datatracker.ietf.org/doc/html/rfc6902#section-4 + enum: + - test + - remove + - add + - replace + - move + - copy + type: string + path: + description: |- + Path contains the JSON-pointer value that references a location within the target document where the operation + is performed. The meaning of the value depends on the value of Op. + type: string + value: + description: |- + Value contains a valid JSON structure. The meaning of the value depends on the value of Op, and is NOT taken into + account by all operations. + x-kubernetes-preserve-unknown-fields: true + required: + - op + - path + type: object + type: array + target: + description: Target points to the resources that the + patch document should be applied to. + properties: + annotationSelector: + description: |- + AnnotationSelector is a string that follows the label selection expression + https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#api + It matches with the resource annotations. + type: string + group: + description: |- + Group is the API group to select resources from. + Together with Version and Kind it is capable of unambiguously identifying and/or selecting resources. + https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md + type: string + kind: + description: |- + Kind of the API Group to select resources from. + Together with Group and Version it is capable of unambiguously + identifying and/or selecting resources. + https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md + type: string + labelSelector: + description: |- + LabelSelector is a string that follows the label selection expression + https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#api + It matches with the resource labels. + type: string + name: + description: Name to match resources with. + type: string + namespace: + description: Namespace to select resources from. + type: string + version: + description: |- + Version of the API Group to select resources from. + Together with Group and Kind it is capable of unambiguously identifying and/or selecting resources. + https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md + type: string + type: object + required: + - patch + - target + type: object + type: array + patchesStrategicMerge: + description: Strategic merge patches, defined as inline + YAML objects. + items: + x-kubernetes-preserve-unknown-fields: true + type: array + type: object + type: object + type: array + releaseName: + description: |- + ReleaseName used for the Helm release. Defaults to a composition of + '[TargetNamespace-]Name'. + maxLength: 53 + minLength: 1 + type: string + rollback: + description: Rollback holds the configuration for Helm rollback actions + for this HelmRelease. + properties: + cleanupOnFail: + description: |- + CleanupOnFail allows deletion of new resources created during the Helm + rollback action when it fails. + type: boolean + disableHooks: + description: DisableHooks prevents hooks from running during the + Helm rollback action. + type: boolean + disableWait: + description: |- + DisableWait disables the waiting for resources to be ready after a Helm + rollback has been performed. + type: boolean + disableWaitForJobs: + description: |- + DisableWaitForJobs disables waiting for jobs to complete after a Helm + rollback has been performed. + type: boolean + force: + description: Force forces resource updates through a replacement + strategy. + type: boolean + recreate: + description: Recreate performs pod restarts for the resource if + applicable. + type: boolean + timeout: + description: |- + Timeout is the time to wait for any individual Kubernetes operation (like + Jobs for hooks) during the performance of a Helm rollback action. Defaults to + 'HelmReleaseSpec.Timeout'. + pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$ + type: string + type: object + serviceAccountName: + description: |- + The name of the Kubernetes service account to impersonate + when reconciling this HelmRelease. + type: string + storageNamespace: + description: |- + StorageNamespace used for the Helm storage. + Defaults to the namespace of the HelmRelease. + maxLength: 63 + minLength: 1 + type: string + suspend: + description: |- + Suspend tells the controller to suspend reconciliation for this HelmRelease, + it does not apply to already started reconciliations. Defaults to false. + type: boolean + targetNamespace: + description: |- + TargetNamespace to target when performing operations for the HelmRelease. + Defaults to the namespace of the HelmRelease. + maxLength: 63 + minLength: 1 + type: string + test: + description: Test holds the configuration for Helm test actions for + this HelmRelease. + properties: + enable: + description: |- + Enable enables Helm test actions for this HelmRelease after an Helm install + or upgrade action has been performed. + type: boolean + ignoreFailures: + description: |- + IgnoreFailures tells the controller to skip remediation when the Helm tests + are run but fail. Can be overwritten for tests run after install or upgrade + actions in 'Install.IgnoreTestFailures' and 'Upgrade.IgnoreTestFailures'. + type: boolean + timeout: + description: |- + Timeout is the time to wait for any individual Kubernetes operation during + the performance of a Helm test action. Defaults to 'HelmReleaseSpec.Timeout'. + pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$ + type: string + type: object + timeout: + description: |- + Timeout is the time to wait for any individual Kubernetes operation (like Jobs + for hooks) during the performance of a Helm action. Defaults to '5m0s'. + pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$ + type: string + uninstall: + description: Uninstall holds the configuration for Helm uninstall + actions for this HelmRelease. + properties: + deletionPropagation: + default: background + description: |- + DeletionPropagation specifies the deletion propagation policy when + a Helm uninstall is performed. + enum: + - background + - foreground + - orphan + type: string + disableHooks: + description: DisableHooks prevents hooks from running during the + Helm rollback action. + type: boolean + disableWait: + description: |- + DisableWait disables waiting for all the resources to be deleted after + a Helm uninstall is performed. + type: boolean + keepHistory: + description: |- + KeepHistory tells Helm to remove all associated resources and mark the + release as deleted, but retain the release history. + type: boolean + timeout: + description: |- + Timeout is the time to wait for any individual Kubernetes operation (like + Jobs for hooks) during the performance of a Helm uninstall action. Defaults + to 'HelmReleaseSpec.Timeout'. + pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$ + type: string + type: object + upgrade: + description: Upgrade holds the configuration for Helm upgrade actions + for this HelmRelease. + properties: + cleanupOnFail: + description: |- + CleanupOnFail allows deletion of new resources created during the Helm + upgrade action when it fails. + type: boolean + crds: + description: |- + CRDs upgrade CRDs from the Helm Chart's crds directory according + to the CRD upgrade policy provided here. Valid values are `Skip`, + `Create` or `CreateReplace`. Default is `Skip` and if omitted + CRDs are neither installed nor upgraded. + + + Skip: do neither install nor replace (update) any CRDs. + + + Create: new CRDs are created, existing CRDs are neither updated nor deleted. + + + CreateReplace: new CRDs are created, existing CRDs are updated (replaced) + but not deleted. + + + By default, CRDs are not applied during Helm upgrade action. With this + option users can opt-in to CRD upgrade, which is not (yet) natively supported by Helm. + https://helm.sh/docs/chart_best_practices/custom_resource_definitions. + enum: + - Skip + - Create + - CreateReplace + type: string + disableHooks: + description: DisableHooks prevents hooks from running during the + Helm upgrade action. + type: boolean + disableOpenAPIValidation: + description: |- + DisableOpenAPIValidation prevents the Helm upgrade action from validating + rendered templates against the Kubernetes OpenAPI Schema. + type: boolean + disableWait: + description: |- + DisableWait disables the waiting for resources to be ready after a Helm + upgrade has been performed. + type: boolean + disableWaitForJobs: + description: |- + DisableWaitForJobs disables waiting for jobs to complete after a Helm + upgrade has been performed. + type: boolean + force: + description: Force forces resource updates through a replacement + strategy. + type: boolean + preserveValues: + description: |- + PreserveValues will make Helm reuse the last release's values and merge in + overrides from 'Values'. Setting this flag makes the HelmRelease + non-declarative. + type: boolean + remediation: + description: |- + Remediation holds the remediation configuration for when the Helm upgrade + action for the HelmRelease fails. The default is to not perform any action. + properties: + ignoreTestFailures: + description: |- + IgnoreTestFailures tells the controller to skip remediation when the Helm + tests are run after an upgrade action but fail. + Defaults to 'Test.IgnoreFailures'. + type: boolean + remediateLastFailure: + description: |- + RemediateLastFailure tells the controller to remediate the last failure, when + no retries remain. Defaults to 'false' unless 'Retries' is greater than 0. + type: boolean + retries: + description: |- + Retries is the number of retries that should be attempted on failures before + bailing. Remediation, using 'Strategy', is performed between each attempt. + Defaults to '0', a negative integer equals to unlimited retries. + type: integer + strategy: + description: Strategy to use for failure remediation. Defaults + to 'rollback'. + enum: + - rollback + - uninstall + type: string + type: object + timeout: + description: |- + Timeout is the time to wait for any individual Kubernetes operation (like + Jobs for hooks) during the performance of a Helm upgrade action. Defaults to + 'HelmReleaseSpec.Timeout'. + pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$ + type: string + type: object + values: + description: Values holds the values for this Helm release. + x-kubernetes-preserve-unknown-fields: true + valuesFrom: + description: |- + ValuesFrom holds references to resources containing Helm values for this HelmRelease, + and information about how they should be merged. + items: + description: |- + ValuesReference contains a reference to a resource containing Helm values, + and optionally the key they can be found at. + properties: + kind: + description: Kind of the values referent, valid values are ('Secret', + 'ConfigMap'). + enum: + - Secret + - ConfigMap + type: string + name: + description: |- + Name of the values referent. Should reside in the same namespace as the + referring resource. + maxLength: 253 + minLength: 1 + type: string + optional: + description: |- + Optional marks this ValuesReference as optional. When set, a not found error + for the values reference is ignored, but any ValuesKey, TargetPath or + transient error will still result in a reconciliation failure. + type: boolean + targetPath: + description: |- + TargetPath is the YAML dot notation path the value should be merged at. When + set, the ValuesKey is expected to be a single flat value. Defaults to 'None', + which results in the values getting merged at the root. + maxLength: 250 + pattern: ^([a-zA-Z0-9_\-.\\\/]|\[[0-9]{1,5}\])+$ + type: string + valuesKey: + description: |- + ValuesKey is the data key where the values.yaml or a specific value can be + found at. Defaults to 'values.yaml'. + When set, must be a valid Data Key, consisting of alphanumeric characters, + '-', '_' or '.'. + maxLength: 253 + pattern: ^[\-._a-zA-Z0-9]+$ + type: string + required: + - kind + - name + type: object + type: array + required: + - interval + type: object + status: + default: + observedGeneration: -1 + description: HelmReleaseStatus defines the observed state of a HelmRelease. + properties: + conditions: + description: Conditions holds the conditions for the HelmRelease. + items: + description: "Condition contains details for one aspect of the current + state of this API Resource.\n---\nThis struct is intended for + direct use as an array at the field path .status.conditions. For + example,\n\n\n\ttype FooStatus struct{\n\t // Represents the + observations of a foo's current state.\n\t // Known .status.conditions.type + are: \"Available\", \"Progressing\", and \"Degraded\"\n\t // + +patchMergeKey=type\n\t // +patchStrategy=merge\n\t // +listType=map\n\t + \ // +listMapKey=type\n\t Conditions []metav1.Condition `json:\"conditions,omitempty\" + patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"`\n\n\n\t + \ // other fields\n\t}" + properties: + lastTransitionTime: + description: |- + lastTransitionTime is the last time the condition transitioned from one status to another. + This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. + format: date-time + type: string + message: + description: |- + message is a human readable message indicating details about the transition. + This may be an empty string. + maxLength: 32768 + type: string + observedGeneration: + description: |- + observedGeneration represents the .metadata.generation that the condition was set based upon. + For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date + with respect to the current state of the instance. + format: int64 + minimum: 0 + type: integer + reason: + description: |- + reason contains a programmatic identifier indicating the reason for the condition's last transition. + Producers of specific condition types may define expected values and meanings for this field, + and whether the values are considered a guaranteed API. + The value should be a CamelCase string. + This field may not be empty. + maxLength: 1024 + minLength: 1 + pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ + type: string + status: + description: status of the condition, one of True, False, Unknown. + enum: + - "True" + - "False" + - Unknown + type: string + type: + description: |- + type of condition in CamelCase or in foo.example.com/CamelCase. + --- + Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be + useful (see .node.status.conditions), the ability to deconflict is important. + The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + maxLength: 316 + pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ + type: string + required: + - lastTransitionTime + - message + - reason + - status + - type + type: object + type: array + failures: + description: |- + Failures is the reconciliation failure count against the latest desired + state. It is reset after a successful reconciliation. + format: int64 + type: integer + helmChart: + description: |- + HelmChart is the namespaced name of the HelmChart resource created by + the controller for the HelmRelease. + type: string + history: + description: |- + History holds the history of Helm releases performed for this HelmRelease + up to the last successfully completed release. + + + Note: this field is provisional to the v2beta2 API, and not actively used + by v2beta1 HelmReleases. + items: + description: |- + Snapshot captures a point-in-time copy of the status information for a Helm release, + as managed by the controller. + properties: + apiVersion: + description: |- + APIVersion is the API version of the Snapshot. + Provisional: when the calculation method of the Digest field is changed, + this field will be used to distinguish between the old and new methods. + type: string + appVersion: + description: AppVersion is the chart app version of the release + object in storage. + type: string + chartName: + description: ChartName is the chart name of the release object + in storage. + type: string + chartVersion: + description: |- + ChartVersion is the chart version of the release object in + storage. + type: string + configDigest: + description: |- + ConfigDigest is the checksum of the config (better known as + "values") of the release object in storage. + It has the format of `:`. + type: string + deleted: + description: Deleted is when the release was deleted. + format: date-time + type: string + digest: + description: |- + Digest is the checksum of the release object in storage. + It has the format of `:`. + type: string + firstDeployed: + description: FirstDeployed is when the release was first deployed. + format: date-time + type: string + lastDeployed: + description: LastDeployed is when the release was last deployed. + format: date-time + type: string + name: + description: Name is the name of the release. + type: string + namespace: + description: Namespace is the namespace the release is deployed + to. + type: string + ociDigest: + description: OCIDigest is the digest of the OCI artifact associated + with the release. + type: string + status: + description: Status is the current state of the release. + type: string + testHooks: + additionalProperties: + description: |- + TestHookStatus holds the status information for a test hook as observed + to be run by the controller. + properties: + lastCompleted: + description: LastCompleted is the time the test hook last + completed. + format: date-time + type: string + lastStarted: + description: LastStarted is the time the test hook was + last started. + format: date-time + type: string + phase: + description: Phase the test hook was observed to be in. + type: string + type: object + description: |- + TestHooks is the list of test hooks for the release as observed to be + run by the controller. + type: object + version: + description: Version is the version of the release object in + storage. + type: integer + required: + - chartName + - chartVersion + - configDigest + - digest + - firstDeployed + - lastDeployed + - name + - namespace + - status + - version + type: object + type: array + installFailures: + description: |- + InstallFailures is the install failure count against the latest desired + state. It is reset after a successful reconciliation. + format: int64 + type: integer + lastAppliedRevision: + description: LastAppliedRevision is the revision of the last successfully + applied source. + type: string + lastAttemptedConfigDigest: + description: |- + LastAttemptedConfigDigest is the digest for the config (better known as + "values") of the last reconciliation attempt. + + + Note: this field is provisional to the v2beta2 API, and not actively used + by v2beta1 HelmReleases. + type: string + lastAttemptedGeneration: + description: |- + LastAttemptedGeneration is the last generation the controller attempted + to reconcile. + + + Note: this field is provisional to the v2beta2 API, and not actively used + by v2beta1 HelmReleases. + format: int64 + type: integer + lastAttemptedReleaseAction: + description: |- + LastAttemptedReleaseAction is the last release action performed for this + HelmRelease. It is used to determine the active remediation strategy. + + + Note: this field is provisional to the v2beta2 API, and not actively used + by v2beta1 HelmReleases. + type: string + lastAttemptedRevision: + description: LastAttemptedRevision is the revision of the last reconciliation + attempt. + type: string + lastAttemptedValuesChecksum: + description: |- + LastAttemptedValuesChecksum is the SHA1 checksum of the values of the last + reconciliation attempt. + type: string + lastHandledForceAt: + description: |- + LastHandledForceAt holds the value of the most recent force request + value, so a change of the annotation value can be detected. + + + Note: this field is provisional to the v2beta2 API, and not actively used + by v2beta1 HelmReleases. + type: string + lastHandledReconcileAt: + description: |- + LastHandledReconcileAt holds the value of the most recent + reconcile request value, so a change of the annotation value + can be detected. + type: string + lastHandledResetAt: + description: |- + LastHandledResetAt holds the value of the most recent reset request + value, so a change of the annotation value can be detected. + + + Note: this field is provisional to the v2beta2 API, and not actively used + by v2beta1 HelmReleases. + type: string + lastReleaseRevision: + description: LastReleaseRevision is the revision of the last successful + Helm release. + type: integer + observedGeneration: + description: ObservedGeneration is the last observed generation. + format: int64 + type: integer + observedPostRenderersDigest: + description: |- + ObservedPostRenderersDigest is the digest for the post-renderers of + the last successful reconciliation attempt. + type: string + storageNamespace: + description: |- + StorageNamespace is the namespace of the Helm release storage for the + current release. + + + Note: this field is provisional to the v2beta2 API, and not actively used + by v2beta1 HelmReleases. + type: string + upgradeFailures: + description: |- + UpgradeFailures is the upgrade failure count against the latest desired + state. It is reset after a successful reconciliation. + format: int64 + type: integer + type: object + type: object + served: true + storage: false + subresources: + status: {} + - additionalPrinterColumns: + - jsonPath: .metadata.creationTimestamp + name: Age + type: date + - jsonPath: .status.conditions[?(@.type=="Ready")].status + name: Ready + type: string + - jsonPath: .status.conditions[?(@.type=="Ready")].message + name: Status + type: string + deprecated: true + deprecationWarning: v2beta2 HelmRelease is deprecated, upgrade to v2 + name: v2beta2 + schema: + openAPIV3Schema: + description: HelmRelease is the Schema for the helmreleases API + properties: + apiVersion: + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources + type: string + kind: + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds + type: string + metadata: + type: object + spec: + description: HelmReleaseSpec defines the desired state of a Helm release. + properties: + chart: + description: |- + Chart defines the template of the v1beta2.HelmChart that should be created + for this HelmRelease. + properties: + metadata: + description: ObjectMeta holds the template for metadata like labels + and annotations. + properties: + annotations: + additionalProperties: + type: string + description: |- + Annotations is an unstructured key value map stored with a resource that may be + set by external tools to store and retrieve arbitrary metadata. They are not + queryable and should be preserved when modifying objects. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations/ + type: object + labels: + additionalProperties: + type: string + description: |- + Map of string keys and values that can be used to organize and categorize + (scope and select) objects. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/ + type: object + type: object + spec: + description: Spec holds the template for the v1beta2.HelmChartSpec + for this HelmRelease. + properties: + chart: + description: The name or path the Helm chart is available + at in the SourceRef. + maxLength: 2048 + minLength: 1 + type: string + ignoreMissingValuesFiles: + description: IgnoreMissingValuesFiles controls whether to + silently ignore missing values files rather than failing. + type: boolean + interval: + description: |- + Interval at which to check the v1.Source for updates. Defaults to + 'HelmReleaseSpec.Interval'. + pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$ + type: string + reconcileStrategy: + default: ChartVersion + description: |- + Determines what enables the creation of a new artifact. Valid values are + ('ChartVersion', 'Revision'). + See the documentation of the values for an explanation on their behavior. + Defaults to ChartVersion when omitted. + enum: + - ChartVersion + - Revision + type: string + sourceRef: + description: The name and namespace of the v1.Source the chart + is available at. + properties: + apiVersion: + description: APIVersion of the referent. + type: string + kind: + description: Kind of the referent. + enum: + - HelmRepository + - GitRepository + - Bucket + type: string + name: + description: Name of the referent. + maxLength: 253 + minLength: 1 + type: string + namespace: + description: Namespace of the referent. + maxLength: 63 + minLength: 1 + type: string + required: + - name + type: object + valuesFile: + description: |- + Alternative values file to use as the default chart values, expected to + be a relative path in the SourceRef. Deprecated in favor of ValuesFiles, + for backwards compatibility the file defined here is merged before the + ValuesFiles items. Ignored when omitted. + type: string + valuesFiles: + description: |- + Alternative list of values files to use as the chart values (values.yaml + is not included by default), expected to be a relative path in the SourceRef. + Values files are merged in the order of this list with the last file overriding + the first. Ignored when omitted. + items: + type: string + type: array + verify: + description: |- + Verify contains the secret name containing the trusted public keys + used to verify the signature and specifies which provider to use to check + whether OCI image is authentic. + This field is only supported for OCI sources. + Chart dependencies, which are not bundled in the umbrella chart artifact, + are not verified. + properties: + provider: + default: cosign + description: Provider specifies the technology used to + sign the OCI Helm chart. + enum: + - cosign + - notation + type: string + secretRef: + description: |- + SecretRef specifies the Kubernetes Secret containing the + trusted public keys. + properties: + name: + description: Name of the referent. + type: string + required: + - name + type: object + required: + - provider + type: object + version: + default: '*' + description: |- + Version semver expression, ignored for charts from v1beta2.GitRepository and + v1beta2.Bucket sources. Defaults to latest when omitted. + type: string + required: + - chart + - sourceRef + type: object + required: + - spec + type: object + chartRef: + description: |- + ChartRef holds a reference to a source controller resource containing the + Helm chart artifact. + + + Note: this field is provisional to the v2 API, and not actively used + by v2beta2 HelmReleases. + properties: + apiVersion: + description: APIVersion of the referent. + type: string + kind: + description: Kind of the referent. + enum: + - OCIRepository + - HelmChart + type: string + name: + description: Name of the referent. + maxLength: 253 + minLength: 1 + type: string + namespace: + description: |- + Namespace of the referent, defaults to the namespace of the Kubernetes + resource object that contains the reference. + maxLength: 63 + minLength: 1 + type: string + required: + - kind + - name + type: object + dependsOn: + description: |- + DependsOn may contain a meta.NamespacedObjectReference slice with + references to HelmRelease resources that must be ready before this HelmRelease + can be reconciled. + items: + description: |- + NamespacedObjectReference contains enough information to locate the referenced Kubernetes resource object in any + namespace. + properties: + name: + description: Name of the referent. + type: string + namespace: + description: Namespace of the referent, when not specified it + acts as LocalObjectReference. + type: string + required: + - name + type: object + type: array + driftDetection: + description: |- + DriftDetection holds the configuration for detecting and handling + differences between the manifest in the Helm storage and the resources + currently existing in the cluster. + properties: + ignore: + description: |- + Ignore contains a list of rules for specifying which changes to ignore + during diffing. + items: + description: |- + IgnoreRule defines a rule to selectively disregard specific changes during + the drift detection process. + properties: + paths: + description: |- + Paths is a list of JSON Pointer (RFC 6901) paths to be excluded from + consideration in a Kubernetes object. + items: + type: string + type: array + target: + description: |- + Target is a selector for specifying Kubernetes objects to which this + rule applies. + If Target is not set, the Paths will be ignored for all Kubernetes + objects within the manifest of the Helm release. + properties: + annotationSelector: + description: |- + AnnotationSelector is a string that follows the label selection expression + https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#api + It matches with the resource annotations. + type: string + group: + description: |- + Group is the API group to select resources from. + Together with Version and Kind it is capable of unambiguously identifying and/or selecting resources. + https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md + type: string + kind: + description: |- + Kind of the API Group to select resources from. + Together with Group and Version it is capable of unambiguously + identifying and/or selecting resources. + https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md + type: string + labelSelector: + description: |- + LabelSelector is a string that follows the label selection expression + https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#api + It matches with the resource labels. + type: string + name: + description: Name to match resources with. + type: string + namespace: + description: Namespace to select resources from. + type: string + version: + description: |- + Version of the API Group to select resources from. + Together with Group and Kind it is capable of unambiguously identifying and/or selecting resources. + https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md + type: string + type: object + required: + - paths + type: object + type: array + mode: + description: |- + Mode defines how differences should be handled between the Helm manifest + and the manifest currently applied to the cluster. + If not explicitly set, it defaults to DiffModeDisabled. + enum: + - enabled + - warn + - disabled + type: string + type: object + install: + description: Install holds the configuration for Helm install actions + for this HelmRelease. properties: crds: - description: "CRDs upgrade CRDs from the Helm Chart's crds directory according to the CRD upgrade policy - provided here. Valid values are `Skip`, `Create` or `CreateReplace`. Default is `Create` and if omitted - CRDs are installed but not updated. \n Skip: do neither install nor replace (update) any CRDs. \n Create: - new CRDs are created, existing CRDs are neither updated nor deleted. \n CreateReplace: new CRDs are - created, existing CRDs are updated (replaced) but not deleted. \n By default, CRDs are applied (installed) - during Helm install action. With this option users can opt-in to CRD replace existing CRDs on Helm install - actions, which is not (yet) natively supported by Helm. https://helm.sh/docs/chart_best_practices/custom_resource_definitions." + description: |- + CRDs upgrade CRDs from the Helm Chart's crds directory according + to the CRD upgrade policy provided here. Valid values are `Skip`, + `Create` or `CreateReplace`. Default is `Create` and if omitted + CRDs are installed but not updated. + + + Skip: do neither install nor replace (update) any CRDs. + + + Create: new CRDs are created, existing CRDs are neither updated nor deleted. + + + CreateReplace: new CRDs are created, existing CRDs are updated (replaced) + but not deleted. + + + By default, CRDs are applied (installed) during Helm install action. + With this option users can opt in to CRD replace existing CRDs on Helm + install actions, which is not (yet) natively supported by Helm. + https://helm.sh/docs/chart_best_practices/custom_resource_definitions. enum: - Skip - Create - CreateReplace type: string createNamespace: - description: CreateNamespace tells the Helm install action to create the HelmReleaseSpec.TargetNamespace - if it does not exist yet. On uninstall, the namespace will not be garbage collected. + description: |- + CreateNamespace tells the Helm install action to create the + HelmReleaseSpec.TargetNamespace if it does not exist yet. + On uninstall, the namespace will not be garbage collected. type: boolean disableHooks: - description: DisableHooks prevents hooks from running during the Helm install action. + description: DisableHooks prevents hooks from running during the + Helm install action. type: boolean disableOpenAPIValidation: - description: DisableOpenAPIValidation prevents the Helm install action from validating rendered templates - against the Kubernetes OpenAPI Schema. + description: |- + DisableOpenAPIValidation prevents the Helm install action from validating + rendered templates against the Kubernetes OpenAPI Schema. type: boolean disableWait: - description: DisableWait disables the waiting for resources to be ready after a Helm install has been - performed. + description: |- + DisableWait disables the waiting for resources to be ready after a Helm + install has been performed. type: boolean disableWaitForJobs: - description: DisableWaitForJobs disables waiting for jobs to complete after a Helm install has been performed. + description: |- + DisableWaitForJobs disables waiting for jobs to complete after a Helm + install has been performed. type: boolean remediation: - description: Remediation holds the remediation configuration for when the Helm install action for the - HelmRelease fails. The default is to not perform any action. + description: |- + Remediation holds the remediation configuration for when the Helm install + action for the HelmRelease fails. The default is to not perform any action. properties: ignoreTestFailures: - description: IgnoreTestFailures tells the controller to skip remediation when the Helm tests are run - after an install action but fail. Defaults to 'Test.IgnoreFailures'. + description: |- + IgnoreTestFailures tells the controller to skip remediation when the Helm + tests are run after an install action but fail. Defaults to + 'Test.IgnoreFailures'. type: boolean remediateLastFailure: - description: RemediateLastFailure tells the controller to remediate the last failure, when no retries - remain. Defaults to 'false'. + description: |- + RemediateLastFailure tells the controller to remediate the last failure, when + no retries remain. Defaults to 'false'. type: boolean retries: - description: Retries is the number of retries that should be attempted on failures before bailing. - Remediation, using an uninstall, is performed between each attempt. Defaults to '0', a negative - integer equals to unlimited retries. + description: |- + Retries is the number of retries that should be attempted on failures before + bailing. Remediation, using an uninstall, is performed between each attempt. + Defaults to '0', a negative integer equals to unlimited retries. type: integer type: object replace: - description: Replace tells the Helm install action to re-use the 'ReleaseName', but only if that name - is a deleted release which remains in the history. + description: |- + Replace tells the Helm install action to re-use the 'ReleaseName', but only + if that name is a deleted release which remains in the history. type: boolean skipCRDs: - description: "SkipCRDs tells the Helm install action to not install any CRDs. By default, CRDs are installed - if not already present. \n Deprecated use CRD policy (`crds`) attribute with value `Skip` instead." + description: |- + SkipCRDs tells the Helm install action to not install any CRDs. By default, + CRDs are installed if not already present. + + + Deprecated use CRD policy (`crds`) attribute with value `Skip` instead. type: boolean timeout: - description: Timeout is the time to wait for any individual Kubernetes operation (like Jobs for hooks) - during the performance of a Helm install action. Defaults to 'HelmReleaseSpec.Timeout'. + description: |- + Timeout is the time to wait for any individual Kubernetes operation (like + Jobs for hooks) during the performance of a Helm install action. Defaults to + 'HelmReleaseSpec.Timeout'. pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$ type: string type: object interval: - description: Interval at which to reconcile the Helm release. This interval is approximate and may be subject - to jitter to ensure efficient use of resources. + description: Interval at which to reconcile the Helm release. pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$ type: string kubeConfig: - description: KubeConfig for reconciling the HelmRelease on a remote cluster. When used in combination with - HelmReleaseSpec.ServiceAccountName, forces the controller to act on behalf of that Service Account at the - target cluster. If the --default-service-account flag is set, its value will be used as a controller level - fallback for when HelmReleaseSpec.ServiceAccountName is empty. + description: |- + KubeConfig for reconciling the HelmRelease on a remote cluster. + When used in combination with HelmReleaseSpec.ServiceAccountName, + forces the controller to act on behalf of that Service Account at the + target cluster. + If the --default-service-account flag is set, its value will be used as + a controller level fallback for when HelmReleaseSpec.ServiceAccountName + is empty. properties: secretRef: - description: SecretRef holds the name of a secret that contains a key with the kubeconfig file as the - value. If no key is set, the key will default to 'value'. It is recommended that the kubeconfig is self-contained, - and the secret is regularly updated if credentials such as a cloud-access-token expire. Cloud specific - `cmd-path` auth helpers will not function without adding binaries and credentials to the Pod that is - responsible for reconciling Kubernetes resources. + description: |- + SecretRef holds the name of a secret that contains a key with + the kubeconfig file as the value. If no key is set, the key will default + to 'value'. + It is recommended that the kubeconfig is self-contained, and the secret + is regularly updated if credentials such as a cloud-access-token expire. + Cloud specific `cmd-path` auth helpers will not function without adding + binaries and credentials to the Pod that is responsible for reconciling + Kubernetes resources. properties: key: - description: Key in the Secret, when not specified an implementation-specific default key is used. + description: Key in the Secret, when not specified an implementation-specific + default key is used. type: string name: description: Name of the Secret. @@ -5049,19 +9411,30 @@ spec: - secretRef type: object maxHistory: - description: MaxHistory is the number of revisions saved by Helm for this HelmRelease. Use '0' for an unlimited - number of revisions; defaults to '10'. + description: |- + MaxHistory is the number of revisions saved by Helm for this HelmRelease. + Use '0' for an unlimited number of revisions; defaults to '5'. type: integer persistentClient: - description: "PersistentClient tells the controller to use a persistent Kubernetes client for this release. - When enabled, the client will be reused for the duration of the reconciliation, instead of being created - and destroyed for each (step of a) Helm action. \n This can improve performance, but may cause issues with - some Helm charts that for example do create Custom Resource Definitions during installation outside Helm's - CRD lifecycle hooks, which are then not observed to be available by e.g. post-install hooks. \n If not set, - it defaults to true." + description: |- + PersistentClient tells the controller to use a persistent Kubernetes + client for this release. When enabled, the client will be reused for the + duration of the reconciliation, instead of being created and destroyed + for each (step of a) Helm action. + + + This can improve performance, but may cause issues with some Helm charts + that for example do create Custom Resource Definitions during installation + outside Helm's CRD lifecycle hooks, which are then not observed to be + available by e.g. post-install hooks. + + + If not set, it defaults to true. type: boolean postRenderers: - description: PostRenderers holds an array of Helm PostRenderers, which will be applied in order of their definition. + description: |- + PostRenderers holds an array of Helm PostRenderers, which will be applied in order + of their definition. items: description: PostRenderer contains a Helm PostRenderer specification. properties: @@ -5069,58 +9442,76 @@ spec: description: Kustomization to apply as PostRenderer. properties: images: - description: Images is a list of (image name, new name, new tag or digest) for changing image names, - tags or digests. This can also be achieved with a patch, but this operator is simpler to specify. + description: |- + Images is a list of (image name, new name, new tag or digest) + for changing image names, tags or digests. This can also be achieved with a + patch, but this operator is simpler to specify. items: - description: Image contains an image name, a new name, a new tag or digest, which will replace - the original name and tag. + description: Image contains an image name, a new name, + a new tag or digest, which will replace the original + name and tag. properties: digest: - description: Digest is the value used to replace the original image tag. If digest is present - NewTag value is ignored. + description: |- + Digest is the value used to replace the original image tag. + If digest is present NewTag value is ignored. type: string name: description: Name is a tag-less image name. type: string newName: - description: NewName is the value used to replace the original name. + description: NewName is the value used to replace + the original name. type: string newTag: - description: NewTag is the value used to replace the original tag. + description: NewTag is the value used to replace the + original tag. type: string required: - name type: object type: array patches: - description: Strategic merge and JSON patches, defined as inline YAML objects, capable of targeting - objects based on kind, label and annotation selectors. + description: |- + Strategic merge and JSON patches, defined as inline YAML objects, + capable of targeting objects based on kind, label and annotation selectors. items: - description: Patch contains an inline StrategicMerge or JSON6902 patch, and the target the patch - should be applied to. + description: |- + Patch contains an inline StrategicMerge or JSON6902 patch, and the target the patch should + be applied to. properties: patch: - description: Patch contains an inline StrategicMerge patch or an inline JSON6902 patch with + description: |- + Patch contains an inline StrategicMerge patch or an inline JSON6902 patch with an array of operation objects. type: string target: - description: Target points to the resources that the patch document should be applied to. + description: Target points to the resources that the + patch document should be applied to. properties: annotationSelector: - description: AnnotationSelector is a string that follows the label selection expression - https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#api It matches - with the resource annotations. + description: |- + AnnotationSelector is a string that follows the label selection expression + https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#api + It matches with the resource annotations. type: string group: - description: Group is the API group to select resources from. Together with Version and - Kind it is capable of unambiguously identifying and/or selecting resources. https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md + description: |- + Group is the API group to select resources from. + Together with Version and Kind it is capable of unambiguously identifying and/or selecting resources. + https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md type: string kind: - description: Kind of the API Group to select resources from. Together with Group and Version - it is capable of unambiguously identifying and/or selecting resources. https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md + description: |- + Kind of the API Group to select resources from. + Together with Group and Version it is capable of unambiguously + identifying and/or selecting resources. + https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md type: string labelSelector: - description: LabelSelector is a string that follows the label selection expression https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#api + description: |- + LabelSelector is a string that follows the label selection expression + https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#api It matches with the resource labels. type: string name: @@ -5130,8 +9521,10 @@ spec: description: Namespace to select resources from. type: string version: - description: Version of the API Group to select resources from. Together with Group and - Kind it is capable of unambiguously identifying and/or selecting resources. https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md + description: |- + Version of the API Group to select resources from. + Together with Group and Kind it is capable of unambiguously identifying and/or selecting resources. + https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md type: string type: object required: @@ -5139,24 +9532,31 @@ spec: type: object type: array patchesJson6902: - description: JSON 6902 patches, defined as inline YAML objects. + description: |- + JSON 6902 patches, defined as inline YAML objects. + Deprecated: use Patches instead. items: - description: JSON6902Patch contains a JSON6902 patch and the target the patch should be applied - to. + description: JSON6902Patch contains a JSON6902 patch and + the target the patch should be applied to. properties: patch: - description: Patch contains the JSON6902 patch document with an array of operation objects. + description: Patch contains the JSON6902 patch document + with an array of operation objects. items: - description: JSON6902 is a JSON6902 operation object. https://datatracker.ietf.org/doc/html/rfc6902#section-4 + description: |- + JSON6902 is a JSON6902 operation object. + https://datatracker.ietf.org/doc/html/rfc6902#section-4 properties: from: - description: From contains a JSON-pointer value that references a location within the - target document where the operation is performed. The meaning of the value depends - on the value of Op, and is NOT taken into account by all operations. + description: |- + From contains a JSON-pointer value that references a location within the target document where the operation is + performed. The meaning of the value depends on the value of Op, and is NOT taken into account by all operations. type: string op: - description: Op indicates the operation to perform. Its value MUST be one of "add", - "remove", "replace", "move", "copy", or "test". https://datatracker.ietf.org/doc/html/rfc6902#section-4 + description: |- + Op indicates the operation to perform. Its value MUST be one of "add", "remove", "replace", "move", "copy", or + "test". + https://datatracker.ietf.org/doc/html/rfc6902#section-4 enum: - test - remove @@ -5166,13 +9566,14 @@ spec: - copy type: string path: - description: Path contains the JSON-pointer value that references a location within - the target document where the operation is performed. The meaning of the value depends - on the value of Op. + description: |- + Path contains the JSON-pointer value that references a location within the target document where the operation + is performed. The meaning of the value depends on the value of Op. type: string value: - description: Value contains a valid JSON structure. The meaning of the value depends - on the value of Op, and is NOT taken into account by all operations. + description: |- + Value contains a valid JSON structure. The meaning of the value depends on the value of Op, and is NOT taken into + account by all operations. x-kubernetes-preserve-unknown-fields: true required: - op @@ -5180,23 +9581,32 @@ spec: type: object type: array target: - description: Target points to the resources that the patch document should be applied to. + description: Target points to the resources that the + patch document should be applied to. properties: annotationSelector: - description: AnnotationSelector is a string that follows the label selection expression - https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#api It matches - with the resource annotations. + description: |- + AnnotationSelector is a string that follows the label selection expression + https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#api + It matches with the resource annotations. type: string group: - description: Group is the API group to select resources from. Together with Version and - Kind it is capable of unambiguously identifying and/or selecting resources. https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md + description: |- + Group is the API group to select resources from. + Together with Version and Kind it is capable of unambiguously identifying and/or selecting resources. + https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md type: string kind: - description: Kind of the API Group to select resources from. Together with Group and Version - it is capable of unambiguously identifying and/or selecting resources. https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md + description: |- + Kind of the API Group to select resources from. + Together with Group and Version it is capable of unambiguously + identifying and/or selecting resources. + https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md type: string labelSelector: - description: LabelSelector is a string that follows the label selection expression https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#api + description: |- + LabelSelector is a string that follows the label selection expression + https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#api It matches with the resource labels. type: string name: @@ -5206,8 +9616,10 @@ spec: description: Namespace to select resources from. type: string version: - description: Version of the API Group to select resources from. Together with Group and - Kind it is capable of unambiguously identifying and/or selecting resources. https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md + description: |- + Version of the API Group to select resources from. + Together with Group and Kind it is capable of unambiguously identifying and/or selecting resources. + https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md type: string type: object required: @@ -5216,7 +9628,9 @@ spec: type: object type: array patchesStrategicMerge: - description: Strategic merge patches, defined as inline YAML objects. + description: |- + Strategic merge patches, defined as inline YAML objects. + Deprecated: use Patches instead. items: x-kubernetes-preserve-unknown-fields: true type: array @@ -5224,176 +9638,260 @@ spec: type: object type: array releaseName: - description: ReleaseName used for the Helm release. Defaults to a composition of '[TargetNamespace-]Name'. + description: |- + ReleaseName used for the Helm release. Defaults to a composition of + '[TargetNamespace-]Name'. maxLength: 53 minLength: 1 type: string rollback: - description: Rollback holds the configuration for Helm rollback actions for this HelmRelease. + description: Rollback holds the configuration for Helm rollback actions + for this HelmRelease. properties: cleanupOnFail: - description: CleanupOnFail allows deletion of new resources created during the Helm rollback action when - it fails. + description: |- + CleanupOnFail allows deletion of new resources created during the Helm + rollback action when it fails. type: boolean disableHooks: - description: DisableHooks prevents hooks from running during the Helm rollback action. + description: DisableHooks prevents hooks from running during the + Helm rollback action. type: boolean disableWait: - description: DisableWait disables the waiting for resources to be ready after a Helm rollback has been - performed. + description: |- + DisableWait disables the waiting for resources to be ready after a Helm + rollback has been performed. type: boolean disableWaitForJobs: - description: DisableWaitForJobs disables waiting for jobs to complete after a Helm rollback has been performed. + description: |- + DisableWaitForJobs disables waiting for jobs to complete after a Helm + rollback has been performed. type: boolean force: - description: Force forces resource updates through a replacement strategy. + description: Force forces resource updates through a replacement + strategy. type: boolean recreate: - description: Recreate performs pod restarts for the resource if applicable. + description: Recreate performs pod restarts for the resource if + applicable. type: boolean timeout: - description: Timeout is the time to wait for any individual Kubernetes operation (like Jobs for hooks) - during the performance of a Helm rollback action. Defaults to 'HelmReleaseSpec.Timeout'. + description: |- + Timeout is the time to wait for any individual Kubernetes operation (like + Jobs for hooks) during the performance of a Helm rollback action. Defaults to + 'HelmReleaseSpec.Timeout'. pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$ type: string type: object serviceAccountName: - description: The name of the Kubernetes service account to impersonate when reconciling this HelmRelease. + description: |- + The name of the Kubernetes service account to impersonate + when reconciling this HelmRelease. + maxLength: 253 + minLength: 1 type: string storageNamespace: - description: StorageNamespace used for the Helm storage. Defaults to the namespace of the HelmRelease. + description: |- + StorageNamespace used for the Helm storage. + Defaults to the namespace of the HelmRelease. maxLength: 63 minLength: 1 type: string suspend: - description: Suspend tells the controller to suspend reconciliation for this HelmRelease, it does not apply - to already started reconciliations. Defaults to false. + description: |- + Suspend tells the controller to suspend reconciliation for this HelmRelease, + it does not apply to already started reconciliations. Defaults to false. type: boolean targetNamespace: - description: TargetNamespace to target when performing operations for the HelmRelease. Defaults to the namespace - of the HelmRelease. + description: |- + TargetNamespace to target when performing operations for the HelmRelease. + Defaults to the namespace of the HelmRelease. maxLength: 63 minLength: 1 type: string test: - description: Test holds the configuration for Helm test actions for this HelmRelease. + description: Test holds the configuration for Helm test actions for + this HelmRelease. properties: enable: - description: Enable enables Helm test actions for this HelmRelease after an Helm install or upgrade action - has been performed. + description: |- + Enable enables Helm test actions for this HelmRelease after an Helm install + or upgrade action has been performed. type: boolean + filters: + description: Filters is a list of tests to run or exclude from + running. + items: + description: Filter holds the configuration for individual Helm + test filters. + properties: + exclude: + description: Exclude specifies whether the named test should + be excluded. + type: boolean + name: + description: Name is the name of the test. + maxLength: 253 + minLength: 1 + type: string + required: + - name + type: object + type: array ignoreFailures: - description: IgnoreFailures tells the controller to skip remediation when the Helm tests are run but fail. - Can be overwritten for tests run after install or upgrade actions in 'Install.IgnoreTestFailures' and - 'Upgrade.IgnoreTestFailures'. + description: |- + IgnoreFailures tells the controller to skip remediation when the Helm tests + are run but fail. Can be overwritten for tests run after install or upgrade + actions in 'Install.IgnoreTestFailures' and 'Upgrade.IgnoreTestFailures'. type: boolean timeout: - description: Timeout is the time to wait for any individual Kubernetes operation during the performance - of a Helm test action. Defaults to 'HelmReleaseSpec.Timeout'. + description: |- + Timeout is the time to wait for any individual Kubernetes operation during + the performance of a Helm test action. Defaults to 'HelmReleaseSpec.Timeout'. pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$ type: string type: object timeout: - description: Timeout is the time to wait for any individual Kubernetes operation (like Jobs for hooks) during - the performance of a Helm action. Defaults to '5m0s'. + description: |- + Timeout is the time to wait for any individual Kubernetes operation (like Jobs + for hooks) during the performance of a Helm action. Defaults to '5m0s'. pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$ type: string uninstall: - description: Uninstall holds the configuration for Helm uninstall actions for this HelmRelease. + description: Uninstall holds the configuration for Helm uninstall + actions for this HelmRelease. properties: deletionPropagation: default: background - description: DeletionPropagation specifies the deletion propagation policy when a Helm uninstall is performed. + description: |- + DeletionPropagation specifies the deletion propagation policy when + a Helm uninstall is performed. enum: - background - foreground - orphan type: string disableHooks: - description: DisableHooks prevents hooks from running during the Helm rollback action. + description: DisableHooks prevents hooks from running during the + Helm rollback action. type: boolean disableWait: - description: DisableWait disables waiting for all the resources to be deleted after a Helm uninstall is - performed. + description: |- + DisableWait disables waiting for all the resources to be deleted after + a Helm uninstall is performed. type: boolean keepHistory: - description: KeepHistory tells Helm to remove all associated resources and mark the release as deleted, - but retain the release history. + description: |- + KeepHistory tells Helm to remove all associated resources and mark the + release as deleted, but retain the release history. type: boolean timeout: - description: Timeout is the time to wait for any individual Kubernetes operation (like Jobs for hooks) - during the performance of a Helm uninstall action. Defaults to 'HelmReleaseSpec.Timeout'. + description: |- + Timeout is the time to wait for any individual Kubernetes operation (like + Jobs for hooks) during the performance of a Helm uninstall action. Defaults + to 'HelmReleaseSpec.Timeout'. pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$ type: string type: object upgrade: - description: Upgrade holds the configuration for Helm upgrade actions for this HelmRelease. + description: Upgrade holds the configuration for Helm upgrade actions + for this HelmRelease. properties: cleanupOnFail: - description: CleanupOnFail allows deletion of new resources created during the Helm upgrade action when - it fails. + description: |- + CleanupOnFail allows deletion of new resources created during the Helm + upgrade action when it fails. type: boolean crds: - description: "CRDs upgrade CRDs from the Helm Chart's crds directory according to the CRD upgrade policy - provided here. Valid values are `Skip`, `Create` or `CreateReplace`. Default is `Skip` and if omitted - CRDs are neither installed nor upgraded. \n Skip: do neither install nor replace (update) any CRDs. - \n Create: new CRDs are created, existing CRDs are neither updated nor deleted. \n CreateReplace: new - CRDs are created, existing CRDs are updated (replaced) but not deleted. \n By default, CRDs are not - applied during Helm upgrade action. With this option users can opt-in to CRD upgrade, which is not (yet) - natively supported by Helm. https://helm.sh/docs/chart_best_practices/custom_resource_definitions." + description: |- + CRDs upgrade CRDs from the Helm Chart's crds directory according + to the CRD upgrade policy provided here. Valid values are `Skip`, + `Create` or `CreateReplace`. Default is `Skip` and if omitted + CRDs are neither installed nor upgraded. + + + Skip: do neither install nor replace (update) any CRDs. + + + Create: new CRDs are created, existing CRDs are neither updated nor deleted. + + + CreateReplace: new CRDs are created, existing CRDs are updated (replaced) + but not deleted. + + + By default, CRDs are not applied during Helm upgrade action. With this + option users can opt-in to CRD upgrade, which is not (yet) natively supported by Helm. + https://helm.sh/docs/chart_best_practices/custom_resource_definitions. enum: - Skip - Create - CreateReplace type: string disableHooks: - description: DisableHooks prevents hooks from running during the Helm upgrade action. + description: DisableHooks prevents hooks from running during the + Helm upgrade action. type: boolean disableOpenAPIValidation: - description: DisableOpenAPIValidation prevents the Helm upgrade action from validating rendered templates - against the Kubernetes OpenAPI Schema. + description: |- + DisableOpenAPIValidation prevents the Helm upgrade action from validating + rendered templates against the Kubernetes OpenAPI Schema. type: boolean disableWait: - description: DisableWait disables the waiting for resources to be ready after a Helm upgrade has been - performed. + description: |- + DisableWait disables the waiting for resources to be ready after a Helm + upgrade has been performed. type: boolean disableWaitForJobs: - description: DisableWaitForJobs disables waiting for jobs to complete after a Helm upgrade has been performed. + description: |- + DisableWaitForJobs disables waiting for jobs to complete after a Helm + upgrade has been performed. type: boolean force: - description: Force forces resource updates through a replacement strategy. + description: Force forces resource updates through a replacement + strategy. type: boolean preserveValues: - description: PreserveValues will make Helm reuse the last release's values and merge in overrides from - 'Values'. Setting this flag makes the HelmRelease non-declarative. + description: |- + PreserveValues will make Helm reuse the last release's values and merge in + overrides from 'Values'. Setting this flag makes the HelmRelease + non-declarative. type: boolean remediation: - description: Remediation holds the remediation configuration for when the Helm upgrade action for the - HelmRelease fails. The default is to not perform any action. + description: |- + Remediation holds the remediation configuration for when the Helm upgrade + action for the HelmRelease fails. The default is to not perform any action. properties: ignoreTestFailures: - description: IgnoreTestFailures tells the controller to skip remediation when the Helm tests are run - after an upgrade action but fail. Defaults to 'Test.IgnoreFailures'. + description: |- + IgnoreTestFailures tells the controller to skip remediation when the Helm + tests are run after an upgrade action but fail. + Defaults to 'Test.IgnoreFailures'. type: boolean remediateLastFailure: - description: RemediateLastFailure tells the controller to remediate the last failure, when no retries - remain. Defaults to 'false' unless 'Retries' is greater than 0. + description: |- + RemediateLastFailure tells the controller to remediate the last failure, when + no retries remain. Defaults to 'false' unless 'Retries' is greater than 0. type: boolean retries: - description: Retries is the number of retries that should be attempted on failures before bailing. - Remediation, using 'Strategy', is performed between each attempt. Defaults to '0', a negative integer - equals to unlimited retries. + description: |- + Retries is the number of retries that should be attempted on failures before + bailing. Remediation, using 'Strategy', is performed between each attempt. + Defaults to '0', a negative integer equals to unlimited retries. type: integer strategy: - description: Strategy to use for failure remediation. Defaults to 'rollback'. + description: Strategy to use for failure remediation. Defaults + to 'rollback'. enum: - rollback - uninstall type: string type: object timeout: - description: Timeout is the time to wait for any individual Kubernetes operation (like Jobs for hooks) - during the performance of a Helm upgrade action. Defaults to 'HelmReleaseSpec.Timeout'. + description: |- + Timeout is the time to wait for any individual Kubernetes operation (like + Jobs for hooks) during the performance of a Helm upgrade action. Defaults to + 'HelmReleaseSpec.Timeout'. pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$ type: string type: object @@ -5401,39 +9899,46 @@ spec: description: Values holds the values for this Helm release. x-kubernetes-preserve-unknown-fields: true valuesFrom: - description: ValuesFrom holds references to resources containing Helm values for this HelmRelease, and information - about how they should be merged. + description: |- + ValuesFrom holds references to resources containing Helm values for this HelmRelease, + and information about how they should be merged. items: - description: ValuesReference contains a reference to a resource containing Helm values, and optionally the - key they can be found at. + description: |- + ValuesReference contains a reference to a resource containing Helm values, + and optionally the key they can be found at. properties: kind: - description: Kind of the values referent, valid values are ('Secret', 'ConfigMap'). + description: Kind of the values referent, valid values are ('Secret', + 'ConfigMap'). enum: - Secret - ConfigMap type: string name: - description: Name of the values referent. Should reside in the same namespace as the referring resource. + description: |- + Name of the values referent. Should reside in the same namespace as the + referring resource. maxLength: 253 minLength: 1 type: string optional: - description: Optional marks this ValuesReference as optional. When set, a not found error for the values - reference is ignored, but any ValuesKey, TargetPath or transient error will still result in a reconciliation - failure. + description: |- + Optional marks this ValuesReference as optional. When set, a not found error + for the values reference is ignored, but any ValuesKey, TargetPath or + transient error will still result in a reconciliation failure. type: boolean targetPath: - description: TargetPath is the YAML dot notation path the value should be merged at. When set, the ValuesKey - is expected to be a single flat value. Defaults to 'None', which results in the values getting merged - at the root. + description: |- + TargetPath is the YAML dot notation path the value should be merged at. When + set, the ValuesKey is expected to be a single flat value. Defaults to 'None', + which results in the values getting merged at the root. maxLength: 250 pattern: ^([a-zA-Z0-9_\-.\\\/]|\[[0-9]{1,5}\])+$ type: string valuesKey: - description: ValuesKey is the data key where the values.yaml or a specific value can be found at. Defaults - to 'values.yaml'. When set, must be a valid Data Key, consisting of alphanumeric characters, '-', - '_' or '.'. + description: |- + ValuesKey is the data key where the values.yaml or a specific value can be + found at. Defaults to 'values.yaml'. maxLength: 253 pattern: ^[\-._a-zA-Z0-9]+$ type: string @@ -5443,9 +9948,12 @@ spec: type: object type: array required: - - chart - interval type: object + x-kubernetes-validations: + - message: either chart or chartRef must be set + rule: (has(self.chart) && !has(self.chartRef)) || (!has(self.chart) + && has(self.chartRef)) status: default: observedGeneration: -1 @@ -5454,35 +9962,43 @@ spec: conditions: description: Conditions holds the conditions for the HelmRelease. items: - description: "Condition contains details for one aspect of the current state of this API Resource. --- This - struct is intended for direct use as an array at the field path .status.conditions. For example, \n type - FooStatus struct{ // Represents the observations of a foo's current state. // Known .status.conditions.type - are: \"Available\", \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge // - +listType=map // +listMapKey=type Conditions []metav1.Condition `json:\"conditions,omitempty\" patchStrategy:\"merge\" - patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" + description: "Condition contains details for one aspect of the current + state of this API Resource.\n---\nThis struct is intended for + direct use as an array at the field path .status.conditions. For + example,\n\n\n\ttype FooStatus struct{\n\t // Represents the + observations of a foo's current state.\n\t // Known .status.conditions.type + are: \"Available\", \"Progressing\", and \"Degraded\"\n\t // + +patchMergeKey=type\n\t // +patchStrategy=merge\n\t // +listType=map\n\t + \ // +listMapKey=type\n\t Conditions []metav1.Condition `json:\"conditions,omitempty\" + patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"`\n\n\n\t + \ // other fields\n\t}" properties: lastTransitionTime: - description: lastTransitionTime is the last time the condition transitioned from one status to another. - This should be when the underlying condition changed. If that is not known, then using the time when - the API field changed is acceptable. + description: |- + lastTransitionTime is the last time the condition transitioned from one status to another. + This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. format: date-time type: string message: - description: message is a human readable message indicating details about the transition. This may be - an empty string. + description: |- + message is a human readable message indicating details about the transition. + This may be an empty string. maxLength: 32768 type: string observedGeneration: - description: observedGeneration represents the .metadata.generation that the condition was set based - upon. For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration - is 9, the condition is out of date with respect to the current state of the instance. + description: |- + observedGeneration represents the .metadata.generation that the condition was set based upon. + For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date + with respect to the current state of the instance. format: int64 minimum: 0 type: integer reason: - description: reason contains a programmatic identifier indicating the reason for the condition's last - transition. Producers of specific condition types may define expected values and meanings for this - field, and whether the values are considered a guaranteed API. The value should be a CamelCase string. + description: |- + reason contains a programmatic identifier indicating the reason for the condition's last transition. + Producers of specific condition types may define expected values and meanings for this field, + and whether the values are considered a guaranteed API. + The value should be a CamelCase string. This field may not be empty. maxLength: 1024 minLength: 1 @@ -5496,9 +10012,12 @@ spec: - Unknown type: string type: - description: type of condition in CamelCase or in foo.example.com/CamelCase. --- Many .condition.type - values are consistent across resources like Available, but because arbitrary conditions can be useful - (see .node.status.conditions), the ability to deconflict is important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + description: |- + type of condition in CamelCase or in foo.example.com/CamelCase. + --- + Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be + useful (see .node.status.conditions), the ability to deconflict is important. + The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) maxLength: 316 pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ type: string @@ -5511,48 +10030,217 @@ spec: type: object type: array failures: - description: Failures is the reconciliation failure count against the latest desired state. It is reset after - a successful reconciliation. + description: |- + Failures is the reconciliation failure count against the latest desired + state. It is reset after a successful reconciliation. format: int64 type: integer helmChart: - description: HelmChart is the namespaced name of the HelmChart resource created by the controller for the - HelmRelease. - type: string + description: |- + HelmChart is the namespaced name of the HelmChart resource created by + the controller for the HelmRelease. + type: string + history: + description: |- + History holds the history of Helm releases performed for this HelmRelease + up to the last successfully completed release. + items: + description: |- + Snapshot captures a point-in-time copy of the status information for a Helm release, + as managed by the controller. + properties: + apiVersion: + description: |- + APIVersion is the API version of the Snapshot. + Provisional: when the calculation method of the Digest field is changed, + this field will be used to distinguish between the old and new methods. + type: string + appVersion: + description: AppVersion is the chart app version of the release + object in storage. + type: string + chartName: + description: ChartName is the chart name of the release object + in storage. + type: string + chartVersion: + description: |- + ChartVersion is the chart version of the release object in + storage. + type: string + configDigest: + description: |- + ConfigDigest is the checksum of the config (better known as + "values") of the release object in storage. + It has the format of `:`. + type: string + deleted: + description: Deleted is when the release was deleted. + format: date-time + type: string + digest: + description: |- + Digest is the checksum of the release object in storage. + It has the format of `:`. + type: string + firstDeployed: + description: FirstDeployed is when the release was first deployed. + format: date-time + type: string + lastDeployed: + description: LastDeployed is when the release was last deployed. + format: date-time + type: string + name: + description: Name is the name of the release. + type: string + namespace: + description: Namespace is the namespace the release is deployed + to. + type: string + ociDigest: + description: OCIDigest is the digest of the OCI artifact associated + with the release. + type: string + status: + description: Status is the current state of the release. + type: string + testHooks: + additionalProperties: + description: |- + TestHookStatus holds the status information for a test hook as observed + to be run by the controller. + properties: + lastCompleted: + description: LastCompleted is the time the test hook last + completed. + format: date-time + type: string + lastStarted: + description: LastStarted is the time the test hook was + last started. + format: date-time + type: string + phase: + description: Phase the test hook was observed to be in. + type: string + type: object + description: |- + TestHooks is the list of test hooks for the release as observed to be + run by the controller. + type: object + version: + description: Version is the version of the release object in + storage. + type: integer + required: + - chartName + - chartVersion + - configDigest + - digest + - firstDeployed + - lastDeployed + - name + - namespace + - status + - version + type: object + type: array installFailures: - description: InstallFailures is the install failure count against the latest desired state. It is reset after - a successful reconciliation. + description: |- + InstallFailures is the install failure count against the latest desired + state. It is reset after a successful reconciliation. format: int64 type: integer lastAppliedRevision: - description: LastAppliedRevision is the revision of the last successfully applied source. + description: |- + LastAppliedRevision is the revision of the last successfully applied + source. + Deprecated: the revision can now be found in the History. + type: string + lastAttemptedConfigDigest: + description: |- + LastAttemptedConfigDigest is the digest for the config (better known as + "values") of the last reconciliation attempt. + type: string + lastAttemptedGeneration: + description: |- + LastAttemptedGeneration is the last generation the controller attempted + to reconcile. + format: int64 + type: integer + lastAttemptedReleaseAction: + description: |- + LastAttemptedReleaseAction is the last release action performed for this + HelmRelease. It is used to determine the active remediation strategy. + enum: + - install + - upgrade type: string lastAttemptedRevision: - description: LastAttemptedRevision is the revision of the last reconciliation attempt. + description: |- + LastAttemptedRevision is the Source revision of the last reconciliation + attempt. For OCIRepository sources, the 12 first characters of the digest are + appended to the chart version e.g. "1.2.3+1234567890ab". + type: string + lastAttemptedRevisionDigest: + description: |- + LastAttemptedRevisionDigest is the digest of the last reconciliation attempt. + This is only set for OCIRepository sources. type: string lastAttemptedValuesChecksum: - description: LastAttemptedValuesChecksum is the SHA1 checksum of the values of the last reconciliation attempt. + description: |- + LastAttemptedValuesChecksum is the SHA1 checksum for the values of the last + reconciliation attempt. + Deprecated: Use LastAttemptedConfigDigest instead. + type: string + lastHandledForceAt: + description: |- + LastHandledForceAt holds the value of the most recent force request + value, so a change of the annotation value can be detected. type: string lastHandledReconcileAt: - description: LastHandledReconcileAt holds the value of the most recent reconcile request value, so a change - of the annotation value can be detected. + description: |- + LastHandledReconcileAt holds the value of the most recent + reconcile request value, so a change of the annotation value + can be detected. + type: string + lastHandledResetAt: + description: |- + LastHandledResetAt holds the value of the most recent reset request + value, so a change of the annotation value can be detected. type: string lastReleaseRevision: - description: LastReleaseRevision is the revision of the last successful Helm release. + description: |- + LastReleaseRevision is the revision of the last successful Helm release. + Deprecated: Use History instead. type: integer observedGeneration: description: ObservedGeneration is the last observed generation. format: int64 type: integer + observedPostRenderersDigest: + description: |- + ObservedPostRenderersDigest is the digest for the post-renderers of + the last successful reconciliation attempt. + type: string + storageNamespace: + description: |- + StorageNamespace is the namespace of the Helm release storage for the + current release. + maxLength: 63 + minLength: 1 + type: string upgradeFailures: - description: UpgradeFailures is the upgrade failure count against the latest desired state. It is reset after - a successful reconciliation. + description: |- + UpgradeFailures is the upgrade failure count against the latest desired + state. It is reset after a successful reconciliation. format: int64 type: integer type: object type: object served: true - storage: true + storage: false subresources: status: {} --- @@ -5563,7 +10251,7 @@ metadata: app.kubernetes.io/component: helm-controller app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v2.1.1 + app.kubernetes.io/version: v2.3.0 name: helm-controller namespace: flux-system --- @@ -5574,7 +10262,7 @@ metadata: app.kubernetes.io/component: helm-controller app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v2.1.1 + app.kubernetes.io/version: v2.3.0 control-plane: controller name: helm-controller namespace: flux-system @@ -5603,7 +10291,17 @@ spec: valueFrom: fieldRef: fieldPath: metadata.namespace - image: ghcr.io/fluxcd/helm-controller:v0.36.1 + - name: GOMAXPROCS + valueFrom: + resourceFieldRef: + containerName: manager + resource: limits.cpu + - name: GOMEMLIMIT + valueFrom: + resourceFieldRef: + containerName: manager + resource: limits.memory + image: ghcr.io/fluxcd/helm-controller:v1.0.1 imagePullPolicy: IfNotPresent livenessProbe: httpGet: @@ -5655,12 +10353,12 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.12.0 + controller-gen.kubebuilder.io/version: v0.15.0 labels: app.kubernetes.io/component: notification-controller app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v2.1.1 + app.kubernetes.io/version: v2.3.0 name: alerts.notification.toolkit.fluxcd.io spec: group: notification.toolkit.fluxcd.io @@ -5681,27 +10379,39 @@ spec: - jsonPath: .status.conditions[?(@.type=="Ready")].message name: Status type: string + deprecated: true + deprecationWarning: v1beta1 Alert is deprecated, upgrade to v1beta3 name: v1beta1 schema: openAPIV3Schema: description: Alert is the Schema for the alerts API properties: apiVersion: - description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert - recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string kind: - description: 'Kind is a string value representing the REST resource this object represents. Servers may infer - this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string metadata: type: object spec: - description: AlertSpec defines an alerting rule for events involving a list of objects + description: AlertSpec defines an alerting rule for events involving a + list of objects properties: eventSeverity: default: info - description: Filter events based on severity, defaults to ('info'). If set to 'info' no events will be filtered. + description: |- + Filter events based on severity, defaults to ('info'). + If set to 'info' no events will be filtered. enum: - info - error @@ -5709,8 +10419,9 @@ spec: eventSources: description: Filter events based on the involved objects. items: - description: CrossNamespaceObjectReference contains enough information to let you locate the typed referenced - object at cluster level + description: |- + CrossNamespaceObjectReference contains enough information to let you locate the + typed referenced object at cluster level properties: apiVersion: description: API version of the referent @@ -5732,9 +10443,10 @@ spec: matchLabels: additionalProperties: type: string - description: MatchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map - is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and - the values array contains only "value". The requirements are ANDed. + description: |- + MatchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, whose key field is "key", the + operator is "In", and the values array contains only "value". The requirements are ANDed. type: object name: description: Name of the referent @@ -5751,7 +10463,8 @@ spec: type: object type: array exclusionList: - description: A list of Golang regular expressions to be used for excluding messages. + description: A list of Golang regular expressions to be used for excluding + messages. items: type: string type: array @@ -5768,7 +10481,9 @@ spec: description: Short description of the impact and affected cluster. type: string suspend: - description: This flag tells the controller to suspend subsequent events dispatching. Defaults to false. + description: |- + This flag tells the controller to suspend subsequent events dispatching. + Defaults to false. type: boolean required: - eventSources @@ -5781,35 +10496,43 @@ spec: properties: conditions: items: - description: "Condition contains details for one aspect of the current state of this API Resource. --- This - struct is intended for direct use as an array at the field path .status.conditions. For example, \n type - FooStatus struct{ // Represents the observations of a foo's current state. // Known .status.conditions.type - are: \"Available\", \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge // - +listType=map // +listMapKey=type Conditions []metav1.Condition `json:\"conditions,omitempty\" patchStrategy:\"merge\" - patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" + description: "Condition contains details for one aspect of the current + state of this API Resource.\n---\nThis struct is intended for + direct use as an array at the field path .status.conditions. For + example,\n\n\n\ttype FooStatus struct{\n\t // Represents the + observations of a foo's current state.\n\t // Known .status.conditions.type + are: \"Available\", \"Progressing\", and \"Degraded\"\n\t // + +patchMergeKey=type\n\t // +patchStrategy=merge\n\t // +listType=map\n\t + \ // +listMapKey=type\n\t Conditions []metav1.Condition `json:\"conditions,omitempty\" + patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"`\n\n\n\t + \ // other fields\n\t}" properties: lastTransitionTime: - description: lastTransitionTime is the last time the condition transitioned from one status to another. - This should be when the underlying condition changed. If that is not known, then using the time when - the API field changed is acceptable. + description: |- + lastTransitionTime is the last time the condition transitioned from one status to another. + This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. format: date-time type: string message: - description: message is a human readable message indicating details about the transition. This may be - an empty string. + description: |- + message is a human readable message indicating details about the transition. + This may be an empty string. maxLength: 32768 type: string observedGeneration: - description: observedGeneration represents the .metadata.generation that the condition was set based - upon. For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration - is 9, the condition is out of date with respect to the current state of the instance. + description: |- + observedGeneration represents the .metadata.generation that the condition was set based upon. + For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date + with respect to the current state of the instance. format: int64 minimum: 0 type: integer reason: - description: reason contains a programmatic identifier indicating the reason for the condition's last - transition. Producers of specific condition types may define expected values and meanings for this - field, and whether the values are considered a guaranteed API. The value should be a CamelCase string. + description: |- + reason contains a programmatic identifier indicating the reason for the condition's last transition. + Producers of specific condition types may define expected values and meanings for this field, + and whether the values are considered a guaranteed API. + The value should be a CamelCase string. This field may not be empty. maxLength: 1024 minLength: 1 @@ -5823,9 +10546,12 @@ spec: - Unknown type: string type: - description: type of condition in CamelCase or in foo.example.com/CamelCase. --- Many .condition.type - values are consistent across resources like Available, but because arbitrary conditions can be useful - (see .node.status.conditions), the ability to deconflict is important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + description: |- + type of condition in CamelCase or in foo.example.com/CamelCase. + --- + Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be + useful (see .node.status.conditions), the ability to deconflict is important. + The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) maxLength: 316 pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ type: string @@ -5857,45 +10583,61 @@ spec: - jsonPath: .status.conditions[?(@.type=="Ready")].message name: Status type: string + deprecated: true + deprecationWarning: v1beta2 Alert is deprecated, upgrade to v1beta3 name: v1beta2 schema: openAPIV3Schema: description: Alert is the Schema for the alerts API properties: apiVersion: - description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert - recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string kind: - description: 'Kind is a string value representing the REST resource this object represents. Servers may infer - this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string metadata: type: object spec: - description: AlertSpec defines an alerting rule for events involving a list of objects. + description: AlertSpec defines an alerting rule for events involving a + list of objects. properties: eventMetadata: additionalProperties: type: string - description: EventMetadata is an optional field for adding metadata to events dispatched by the controller. - This can be used for enhancing the context of the event. If a field would override one already present on - the original event as generated by the emitter, then the override doesn't happen, i.e. the original value - is preserved, and an info log is printed. + description: |- + EventMetadata is an optional field for adding metadata to events dispatched by the + controller. This can be used for enhancing the context of the event. If a field + would override one already present on the original event as generated by the emitter, + then the override doesn't happen, i.e. the original value is preserved, and an info + log is printed. type: object eventSeverity: default: info - description: EventSeverity specifies how to filter events based on severity. If set to 'info' no events will - be filtered. + description: |- + EventSeverity specifies how to filter events based on severity. + If set to 'info' no events will be filtered. enum: - info - error type: string eventSources: - description: EventSources specifies how to filter events based on the involved object kind, name and namespace. + description: |- + EventSources specifies how to filter events based + on the involved object kind, name and namespace. items: - description: CrossNamespaceObjectReference contains enough information to let you locate the typed referenced - object at cluster level + description: |- + CrossNamespaceObjectReference contains enough information to let you locate the + typed referenced object at cluster level properties: apiVersion: description: API version of the referent @@ -5917,13 +10659,16 @@ spec: matchLabels: additionalProperties: type: string - description: MatchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map - is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and - the values array contains only "value". The requirements are ANDed. MatchLabels requires the name - to be set to `*`. + description: |- + MatchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, whose key field is "key", the + operator is "In", and the values array contains only "value". The requirements are ANDed. + MatchLabels requires the name to be set to `*`. type: object name: - description: Name of the referent If multiple resources are targeted `*` may be set. + description: |- + Name of the referent + If multiple resources are targeted `*` may be set. maxLength: 53 minLength: 1 type: string @@ -5938,17 +10683,22 @@ spec: type: object type: array exclusionList: - description: ExclusionList specifies a list of Golang regular expressions to be used for excluding messages. + description: |- + ExclusionList specifies a list of Golang regular expressions + to be used for excluding messages. items: type: string type: array inclusionList: - description: InclusionList specifies a list of Golang regular expressions to be used for including messages. + description: |- + InclusionList specifies a list of Golang regular expressions + to be used for including messages. items: type: string type: array providerRef: - description: ProviderRef specifies which Provider this Alert should use. + description: ProviderRef specifies which Provider this Alert should + use. properties: name: description: Name of the referent. @@ -5957,11 +10707,14 @@ spec: - name type: object summary: - description: Summary holds a short description of the impact and affected cluster. + description: Summary holds a short description of the impact and affected + cluster. maxLength: 255 type: string suspend: - description: Suspend tells the controller to suspend subsequent events handling for this Alert. + description: |- + Suspend tells the controller to suspend subsequent + events handling for this Alert. type: boolean required: - eventSources @@ -5975,35 +10728,43 @@ spec: conditions: description: Conditions holds the conditions for the Alert. items: - description: "Condition contains details for one aspect of the current state of this API Resource. --- This - struct is intended for direct use as an array at the field path .status.conditions. For example, \n type - FooStatus struct{ // Represents the observations of a foo's current state. // Known .status.conditions.type - are: \"Available\", \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge // - +listType=map // +listMapKey=type Conditions []metav1.Condition `json:\"conditions,omitempty\" patchStrategy:\"merge\" - patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" + description: "Condition contains details for one aspect of the current + state of this API Resource.\n---\nThis struct is intended for + direct use as an array at the field path .status.conditions. For + example,\n\n\n\ttype FooStatus struct{\n\t // Represents the + observations of a foo's current state.\n\t // Known .status.conditions.type + are: \"Available\", \"Progressing\", and \"Degraded\"\n\t // + +patchMergeKey=type\n\t // +patchStrategy=merge\n\t // +listType=map\n\t + \ // +listMapKey=type\n\t Conditions []metav1.Condition `json:\"conditions,omitempty\" + patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"`\n\n\n\t + \ // other fields\n\t}" properties: lastTransitionTime: - description: lastTransitionTime is the last time the condition transitioned from one status to another. - This should be when the underlying condition changed. If that is not known, then using the time when - the API field changed is acceptable. + description: |- + lastTransitionTime is the last time the condition transitioned from one status to another. + This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. format: date-time type: string message: - description: message is a human readable message indicating details about the transition. This may be - an empty string. + description: |- + message is a human readable message indicating details about the transition. + This may be an empty string. maxLength: 32768 type: string observedGeneration: - description: observedGeneration represents the .metadata.generation that the condition was set based - upon. For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration - is 9, the condition is out of date with respect to the current state of the instance. + description: |- + observedGeneration represents the .metadata.generation that the condition was set based upon. + For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date + with respect to the current state of the instance. format: int64 minimum: 0 type: integer reason: - description: reason contains a programmatic identifier indicating the reason for the condition's last - transition. Producers of specific condition types may define expected values and meanings for this - field, and whether the values are considered a guaranteed API. The value should be a CamelCase string. + description: |- + reason contains a programmatic identifier indicating the reason for the condition's last transition. + Producers of specific condition types may define expected values and meanings for this field, + and whether the values are considered a guaranteed API. + The value should be a CamelCase string. This field may not be empty. maxLength: 1024 minLength: 1 @@ -6017,9 +10778,12 @@ spec: - Unknown type: string type: - description: type of condition in CamelCase or in foo.example.com/CamelCase. --- Many .condition.type - values are consistent across resources like Available, but because arbitrary conditions can be useful - (see .node.status.conditions), the ability to deconflict is important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + description: |- + type of condition in CamelCase or in foo.example.com/CamelCase. + --- + Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be + useful (see .node.status.conditions), the ability to deconflict is important. + The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) maxLength: 316 pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ type: string @@ -6032,8 +10796,10 @@ spec: type: object type: array lastHandledReconcileAt: - description: LastHandledReconcileAt holds the value of the most recent reconcile request value, so a change - of the annotation value can be detected. + description: |- + LastHandledReconcileAt holds the value of the most recent + reconcile request value, so a change of the annotation value + can be detected. type: string observedGeneration: description: ObservedGeneration is the last observed generation. @@ -6042,20 +10808,163 @@ spec: type: object type: object served: true - storage: true + storage: false subresources: status: {} + - additionalPrinterColumns: + - jsonPath: .metadata.creationTimestamp + name: Age + type: date + name: v1beta3 + schema: + openAPIV3Schema: + description: Alert is the Schema for the alerts API + properties: + apiVersion: + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources + type: string + kind: + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds + type: string + metadata: + type: object + spec: + description: AlertSpec defines an alerting rule for events involving a + list of objects. + properties: + eventMetadata: + additionalProperties: + type: string + description: |- + EventMetadata is an optional field for adding metadata to events dispatched by the + controller. This can be used for enhancing the context of the event. If a field + would override one already present on the original event as generated by the emitter, + then the override doesn't happen, i.e. the original value is preserved, and an info + log is printed. + type: object + eventSeverity: + default: info + description: |- + EventSeverity specifies how to filter events based on severity. + If set to 'info' no events will be filtered. + enum: + - info + - error + type: string + eventSources: + description: |- + EventSources specifies how to filter events based + on the involved object kind, name and namespace. + items: + description: |- + CrossNamespaceObjectReference contains enough information to let you locate the + typed referenced object at cluster level + properties: + apiVersion: + description: API version of the referent + type: string + kind: + description: Kind of the referent + enum: + - Bucket + - GitRepository + - Kustomization + - HelmRelease + - HelmChart + - HelmRepository + - ImageRepository + - ImagePolicy + - ImageUpdateAutomation + - OCIRepository + type: string + matchLabels: + additionalProperties: + type: string + description: |- + MatchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, whose key field is "key", the + operator is "In", and the values array contains only "value". The requirements are ANDed. + MatchLabels requires the name to be set to `*`. + type: object + name: + description: |- + Name of the referent + If multiple resources are targeted `*` may be set. + maxLength: 53 + minLength: 1 + type: string + namespace: + description: Namespace of the referent + maxLength: 53 + minLength: 1 + type: string + required: + - kind + - name + type: object + type: array + exclusionList: + description: |- + ExclusionList specifies a list of Golang regular expressions + to be used for excluding messages. + items: + type: string + type: array + inclusionList: + description: |- + InclusionList specifies a list of Golang regular expressions + to be used for including messages. + items: + type: string + type: array + providerRef: + description: ProviderRef specifies which Provider this Alert should + use. + properties: + name: + description: Name of the referent. + type: string + required: + - name + type: object + summary: + description: Summary holds a short description of the impact and affected + cluster. + maxLength: 255 + type: string + suspend: + description: |- + Suspend tells the controller to suspend subsequent + events handling for this Alert. + type: boolean + required: + - eventSources + - providerRef + type: object + type: object + served: true + storage: true + subresources: {} --- apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.12.0 + controller-gen.kubebuilder.io/version: v0.15.0 labels: app.kubernetes.io/component: notification-controller app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v2.1.1 + app.kubernetes.io/version: v2.3.0 name: providers.notification.toolkit.fluxcd.io spec: group: notification.toolkit.fluxcd.io @@ -6076,18 +10985,27 @@ spec: - jsonPath: .status.conditions[?(@.type=="Ready")].message name: Status type: string + deprecated: true + deprecationWarning: v1beta1 Provider is deprecated, upgrade to v1beta3 name: v1beta1 schema: openAPIV3Schema: description: Provider is the Schema for the providers API properties: apiVersion: - description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert - recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string kind: - description: 'Kind is a string value representing the REST resource this object represents. Servers may infer - this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string metadata: type: object @@ -6099,7 +11017,9 @@ spec: pattern: ^(http|https):// type: string certSecretRef: - description: CertSecretRef can be given the name of a secret containing a PEM-encoded CA certificate (`caFile`) + description: |- + CertSecretRef can be given the name of a secret containing + a PEM-encoded CA certificate (`caFile`) properties: name: description: Name of the referent. @@ -6115,7 +11035,9 @@ spec: pattern: ^(http|https):// type: string secretRef: - description: Secret reference containing the provider webhook URL using "address" as data key + description: |- + Secret reference containing the provider webhook URL + using "address" as data key properties: name: description: Name of the referent. @@ -6124,7 +11046,9 @@ spec: - name type: object suspend: - description: This flag tells the controller to suspend subsequent events handling. Defaults to false. + description: |- + This flag tells the controller to suspend subsequent events handling. + Defaults to false. type: boolean timeout: description: Timeout for sending alerts to the provider. @@ -6168,35 +11092,43 @@ spec: properties: conditions: items: - description: "Condition contains details for one aspect of the current state of this API Resource. --- This - struct is intended for direct use as an array at the field path .status.conditions. For example, \n type - FooStatus struct{ // Represents the observations of a foo's current state. // Known .status.conditions.type - are: \"Available\", \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge // - +listType=map // +listMapKey=type Conditions []metav1.Condition `json:\"conditions,omitempty\" patchStrategy:\"merge\" - patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" + description: "Condition contains details for one aspect of the current + state of this API Resource.\n---\nThis struct is intended for + direct use as an array at the field path .status.conditions. For + example,\n\n\n\ttype FooStatus struct{\n\t // Represents the + observations of a foo's current state.\n\t // Known .status.conditions.type + are: \"Available\", \"Progressing\", and \"Degraded\"\n\t // + +patchMergeKey=type\n\t // +patchStrategy=merge\n\t // +listType=map\n\t + \ // +listMapKey=type\n\t Conditions []metav1.Condition `json:\"conditions,omitempty\" + patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"`\n\n\n\t + \ // other fields\n\t}" properties: lastTransitionTime: - description: lastTransitionTime is the last time the condition transitioned from one status to another. - This should be when the underlying condition changed. If that is not known, then using the time when - the API field changed is acceptable. + description: |- + lastTransitionTime is the last time the condition transitioned from one status to another. + This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. format: date-time type: string message: - description: message is a human readable message indicating details about the transition. This may be - an empty string. + description: |- + message is a human readable message indicating details about the transition. + This may be an empty string. maxLength: 32768 type: string observedGeneration: - description: observedGeneration represents the .metadata.generation that the condition was set based - upon. For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration - is 9, the condition is out of date with respect to the current state of the instance. + description: |- + observedGeneration represents the .metadata.generation that the condition was set based upon. + For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date + with respect to the current state of the instance. format: int64 minimum: 0 type: integer reason: - description: reason contains a programmatic identifier indicating the reason for the condition's last - transition. Producers of specific condition types may define expected values and meanings for this - field, and whether the values are considered a guaranteed API. The value should be a CamelCase string. + description: |- + reason contains a programmatic identifier indicating the reason for the condition's last transition. + Producers of specific condition types may define expected values and meanings for this field, + and whether the values are considered a guaranteed API. + The value should be a CamelCase string. This field may not be empty. maxLength: 1024 minLength: 1 @@ -6210,9 +11142,12 @@ spec: - Unknown type: string type: - description: type of condition in CamelCase or in foo.example.com/CamelCase. --- Many .condition.type - values are consistent across resources like Available, but because arbitrary conditions can be useful - (see .node.status.conditions), the ability to deconflict is important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + description: |- + type of condition in CamelCase or in foo.example.com/CamelCase. + --- + Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be + useful (see .node.status.conditions), the ability to deconflict is important. + The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) maxLength: 316 pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ type: string @@ -6244,18 +11179,27 @@ spec: - jsonPath: .status.conditions[?(@.type=="Ready")].message name: Status type: string + deprecated: true + deprecationWarning: v1beta2 Provider is deprecated, upgrade to v1beta3 name: v1beta2 schema: openAPIV3Schema: description: Provider is the Schema for the providers API. properties: apiVersion: - description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert - recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string kind: - description: 'Kind is a string value representing the REST resource this object represents. Servers may infer - this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string metadata: type: object @@ -6263,14 +11207,21 @@ spec: description: ProviderSpec defines the desired state of the Provider. properties: address: - description: Address specifies the endpoint, in a generic sense, to where alerts are sent. What kind of endpoint - depends on the specific Provider type being used. For the generic Provider, for example, this is an HTTP/S - address. For other Provider types this could be a project ID or a namespace. + description: |- + Address specifies the endpoint, in a generic sense, to where alerts are sent. + What kind of endpoint depends on the specific Provider type being used. + For the generic Provider, for example, this is an HTTP/S address. + For other Provider types this could be a project ID or a namespace. maxLength: 2048 type: string certSecretRef: - description: "CertSecretRef specifies the Secret containing a PEM-encoded CA certificate (in the `ca.crt` - key). \n Note: Support for the `caFile` key has been deprecated." + description: |- + CertSecretRef specifies the Secret containing + a PEM-encoded CA certificate (in the `ca.crt` key). + + + Note: Support for the `caFile` key has + been deprecated. properties: name: description: Name of the referent. @@ -6279,11 +11230,13 @@ spec: - name type: object channel: - description: Channel specifies the destination channel where events should be posted. + description: Channel specifies the destination channel where events + should be posted. maxLength: 2048 type: string interval: - description: Interval at which to reconcile the Provider with its Secret references. + description: Interval at which to reconcile the Provider with its + Secret references. pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$ type: string proxy: @@ -6292,7 +11245,9 @@ spec: pattern: ^(http|https)://.*$ type: string secretRef: - description: SecretRef specifies the Secret containing the authentication credentials for this Provider. + description: |- + SecretRef specifies the Secret containing the authentication + credentials for this Provider. properties: name: description: Name of the referent. @@ -6301,7 +11256,9 @@ spec: - name type: object suspend: - description: Suspend tells the controller to suspend subsequent events handling for this Provider. + description: |- + Suspend tells the controller to suspend subsequent + events handling for this Provider. type: boolean timeout: description: Timeout for sending alerts to the Provider. @@ -6319,6 +11276,7 @@ spec: - github - gitlab - gitea + - bitbucketserver - bitbucket - azuredevops - googlechat @@ -6351,35 +11309,43 @@ spec: conditions: description: Conditions holds the conditions for the Provider. items: - description: "Condition contains details for one aspect of the current state of this API Resource. --- This - struct is intended for direct use as an array at the field path .status.conditions. For example, \n type - FooStatus struct{ // Represents the observations of a foo's current state. // Known .status.conditions.type - are: \"Available\", \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge // - +listType=map // +listMapKey=type Conditions []metav1.Condition `json:\"conditions,omitempty\" patchStrategy:\"merge\" - patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" + description: "Condition contains details for one aspect of the current + state of this API Resource.\n---\nThis struct is intended for + direct use as an array at the field path .status.conditions. For + example,\n\n\n\ttype FooStatus struct{\n\t // Represents the + observations of a foo's current state.\n\t // Known .status.conditions.type + are: \"Available\", \"Progressing\", and \"Degraded\"\n\t // + +patchMergeKey=type\n\t // +patchStrategy=merge\n\t // +listType=map\n\t + \ // +listMapKey=type\n\t Conditions []metav1.Condition `json:\"conditions,omitempty\" + patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"`\n\n\n\t + \ // other fields\n\t}" properties: lastTransitionTime: - description: lastTransitionTime is the last time the condition transitioned from one status to another. - This should be when the underlying condition changed. If that is not known, then using the time when - the API field changed is acceptable. + description: |- + lastTransitionTime is the last time the condition transitioned from one status to another. + This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. format: date-time type: string message: - description: message is a human readable message indicating details about the transition. This may be - an empty string. + description: |- + message is a human readable message indicating details about the transition. + This may be an empty string. maxLength: 32768 type: string observedGeneration: - description: observedGeneration represents the .metadata.generation that the condition was set based - upon. For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration - is 9, the condition is out of date with respect to the current state of the instance. + description: |- + observedGeneration represents the .metadata.generation that the condition was set based upon. + For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date + with respect to the current state of the instance. format: int64 minimum: 0 type: integer reason: - description: reason contains a programmatic identifier indicating the reason for the condition's last - transition. Producers of specific condition types may define expected values and meanings for this - field, and whether the values are considered a guaranteed API. The value should be a CamelCase string. + description: |- + reason contains a programmatic identifier indicating the reason for the condition's last transition. + Producers of specific condition types may define expected values and meanings for this field, + and whether the values are considered a guaranteed API. + The value should be a CamelCase string. This field may not be empty. maxLength: 1024 minLength: 1 @@ -6393,9 +11359,12 @@ spec: - Unknown type: string type: - description: type of condition in CamelCase or in foo.example.com/CamelCase. --- Many .condition.type - values are consistent across resources like Available, but because arbitrary conditions can be useful - (see .node.status.conditions), the ability to deconflict is important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + description: |- + type of condition in CamelCase or in foo.example.com/CamelCase. + --- + Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be + useful (see .node.status.conditions), the ability to deconflict is important. + The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) maxLength: 316 pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ type: string @@ -6408,8 +11377,10 @@ spec: type: object type: array lastHandledReconcileAt: - description: LastHandledReconcileAt holds the value of the most recent reconcile request value, so a change - of the annotation value can be detected. + description: |- + LastHandledReconcileAt holds the value of the most recent + reconcile request value, so a change of the annotation value + can be detected. type: string observedGeneration: description: ObservedGeneration is the last reconciled generation. @@ -6418,20 +11389,150 @@ spec: type: object type: object served: true - storage: true + storage: false subresources: status: {} + - additionalPrinterColumns: + - jsonPath: .metadata.creationTimestamp + name: Age + type: date + name: v1beta3 + schema: + openAPIV3Schema: + description: Provider is the Schema for the providers API + properties: + apiVersion: + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources + type: string + kind: + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds + type: string + metadata: + type: object + spec: + description: ProviderSpec defines the desired state of the Provider. + properties: + address: + description: |- + Address specifies the endpoint, in a generic sense, to where alerts are sent. + What kind of endpoint depends on the specific Provider type being used. + For the generic Provider, for example, this is an HTTP/S address. + For other Provider types this could be a project ID or a namespace. + maxLength: 2048 + type: string + certSecretRef: + description: |- + CertSecretRef specifies the Secret containing + a PEM-encoded CA certificate (in the `ca.crt` key). + + + Note: Support for the `caFile` key has + been deprecated. + properties: + name: + description: Name of the referent. + type: string + required: + - name + type: object + channel: + description: Channel specifies the destination channel where events + should be posted. + maxLength: 2048 + type: string + interval: + description: |- + Interval at which to reconcile the Provider with its Secret references. + Deprecated and not used in v1beta3. + pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$ + type: string + proxy: + description: Proxy the HTTP/S address of the proxy server. + maxLength: 2048 + pattern: ^(http|https)://.*$ + type: string + secretRef: + description: |- + SecretRef specifies the Secret containing the authentication + credentials for this Provider. + properties: + name: + description: Name of the referent. + type: string + required: + - name + type: object + suspend: + description: |- + Suspend tells the controller to suspend subsequent + events handling for this Provider. + type: boolean + timeout: + description: Timeout for sending alerts to the Provider. + pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m))+$ + type: string + type: + description: Type specifies which Provider implementation to use. + enum: + - slack + - discord + - msteams + - rocket + - generic + - generic-hmac + - github + - gitlab + - gitea + - bitbucketserver + - bitbucket + - azuredevops + - googlechat + - googlepubsub + - webex + - sentry + - azureeventhub + - telegram + - lark + - matrix + - opsgenie + - alertmanager + - grafana + - githubdispatch + - pagerduty + - datadog + - nats + type: string + username: + description: Username specifies the name under which events are posted. + maxLength: 2048 + type: string + required: + - type + type: object + type: object + served: true + storage: true + subresources: {} --- apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.12.0 + controller-gen.kubebuilder.io/version: v0.15.0 labels: app.kubernetes.io/component: notification-controller app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v2.1.1 + app.kubernetes.io/version: v2.3.0 name: receivers.notification.toolkit.fluxcd.io spec: group: notification.toolkit.fluxcd.io @@ -6458,12 +11559,19 @@ spec: description: Receiver is the Schema for the receivers API. properties: apiVersion: - description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert - recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string kind: - description: 'Kind is a string value representing the REST resource this object represents. Servers may infer - this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string metadata: type: object @@ -6471,21 +11579,24 @@ spec: description: ReceiverSpec defines the desired state of the Receiver. properties: events: - description: Events specifies the list of event types to handle, e.g. 'push' for GitHub or 'Push Hook' for - GitLab. + description: |- + Events specifies the list of event types to handle, + e.g. 'push' for GitHub or 'Push Hook' for GitLab. items: type: string type: array interval: default: 10m - description: Interval at which to reconcile the Receiver with its Secret references. + description: Interval at which to reconcile the Receiver with its + Secret references. pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$ type: string resources: description: A list of resources to be notified about changes. items: - description: CrossNamespaceObjectReference contains enough information to let you locate the typed referenced - object at cluster level + description: |- + CrossNamespaceObjectReference contains enough information to let you locate the + typed referenced object at cluster level properties: apiVersion: description: API version of the referent @@ -6507,13 +11618,16 @@ spec: matchLabels: additionalProperties: type: string - description: MatchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map - is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and - the values array contains only "value". The requirements are ANDed. MatchLabels requires the name - to be set to `*`. + description: |- + MatchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, whose key field is "key", the + operator is "In", and the values array contains only "value". The requirements are ANDed. + MatchLabels requires the name to be set to `*`. type: object name: - description: Name of the referent If multiple resources are targeted `*` may be set. + description: |- + Name of the referent + If multiple resources are targeted `*` may be set. maxLength: 53 minLength: 1 type: string @@ -6528,7 +11642,9 @@ spec: type: object type: array secretRef: - description: SecretRef specifies the Secret containing the token used to validate the payload authenticity. + description: |- + SecretRef specifies the Secret containing the token used + to validate the payload authenticity. properties: name: description: Name of the referent. @@ -6537,10 +11653,14 @@ spec: - name type: object suspend: - description: Suspend tells the controller to suspend subsequent events handling for this receiver. + description: |- + Suspend tells the controller to suspend subsequent + events handling for this receiver. type: boolean type: - description: Type of webhook sender, used to determine the validation procedure and payload deserialization. + description: |- + Type of webhook sender, used to determine + the validation procedure and payload deserialization. enum: - generic - generic-hmac @@ -6553,6 +11673,7 @@ spec: - gcr - nexus - acr + - cdevents type: string required: - resources @@ -6567,35 +11688,43 @@ spec: conditions: description: Conditions holds the conditions for the Receiver. items: - description: "Condition contains details for one aspect of the current state of this API Resource. --- This - struct is intended for direct use as an array at the field path .status.conditions. For example, \n type - FooStatus struct{ // Represents the observations of a foo's current state. // Known .status.conditions.type - are: \"Available\", \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge // - +listType=map // +listMapKey=type Conditions []metav1.Condition `json:\"conditions,omitempty\" patchStrategy:\"merge\" - patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" + description: "Condition contains details for one aspect of the current + state of this API Resource.\n---\nThis struct is intended for + direct use as an array at the field path .status.conditions. For + example,\n\n\n\ttype FooStatus struct{\n\t // Represents the + observations of a foo's current state.\n\t // Known .status.conditions.type + are: \"Available\", \"Progressing\", and \"Degraded\"\n\t // + +patchMergeKey=type\n\t // +patchStrategy=merge\n\t // +listType=map\n\t + \ // +listMapKey=type\n\t Conditions []metav1.Condition `json:\"conditions,omitempty\" + patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"`\n\n\n\t + \ // other fields\n\t}" properties: lastTransitionTime: - description: lastTransitionTime is the last time the condition transitioned from one status to another. - This should be when the underlying condition changed. If that is not known, then using the time when - the API field changed is acceptable. + description: |- + lastTransitionTime is the last time the condition transitioned from one status to another. + This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. format: date-time type: string message: - description: message is a human readable message indicating details about the transition. This may be - an empty string. + description: |- + message is a human readable message indicating details about the transition. + This may be an empty string. maxLength: 32768 type: string observedGeneration: - description: observedGeneration represents the .metadata.generation that the condition was set based - upon. For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration - is 9, the condition is out of date with respect to the current state of the instance. + description: |- + observedGeneration represents the .metadata.generation that the condition was set based upon. + For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date + with respect to the current state of the instance. format: int64 minimum: 0 type: integer reason: - description: reason contains a programmatic identifier indicating the reason for the condition's last - transition. Producers of specific condition types may define expected values and meanings for this - field, and whether the values are considered a guaranteed API. The value should be a CamelCase string. + description: |- + reason contains a programmatic identifier indicating the reason for the condition's last transition. + Producers of specific condition types may define expected values and meanings for this field, + and whether the values are considered a guaranteed API. + The value should be a CamelCase string. This field may not be empty. maxLength: 1024 minLength: 1 @@ -6609,9 +11738,12 @@ spec: - Unknown type: string type: - description: type of condition in CamelCase or in foo.example.com/CamelCase. --- Many .condition.type - values are consistent across resources like Available, but because arbitrary conditions can be useful - (see .node.status.conditions), the ability to deconflict is important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + description: |- + type of condition in CamelCase or in foo.example.com/CamelCase. + --- + Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be + useful (see .node.status.conditions), the ability to deconflict is important. + The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) maxLength: 316 pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ type: string @@ -6624,15 +11756,20 @@ spec: type: object type: array lastHandledReconcileAt: - description: LastHandledReconcileAt holds the value of the most recent reconcile request value, so a change - of the annotation value can be detected. + description: |- + LastHandledReconcileAt holds the value of the most recent + reconcile request value, so a change of the annotation value + can be detected. type: string observedGeneration: - description: ObservedGeneration is the last observed generation of the Receiver object. + description: ObservedGeneration is the last observed generation of + the Receiver object. format: int64 type: integer webhookPath: - description: WebhookPath is the generated incoming webhook address in the format of '/hook/sha256sum(token+name+namespace)'. + description: |- + WebhookPath is the generated incoming webhook address in the format + of '/hook/sha256sum(token+name+namespace)'. type: string type: object type: object @@ -6658,12 +11795,19 @@ spec: description: Receiver is the Schema for the receivers API properties: apiVersion: - description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert - recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string kind: - description: 'Kind is a string value representing the REST resource this object represents. Servers may infer - this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string metadata: type: object @@ -6671,15 +11815,18 @@ spec: description: ReceiverSpec defines the desired state of Receiver properties: events: - description: A list of events to handle, e.g. 'push' for GitHub or 'Push Hook' for GitLab. + description: |- + A list of events to handle, + e.g. 'push' for GitHub or 'Push Hook' for GitLab. items: type: string type: array resources: description: A list of resources to be notified about changes. items: - description: CrossNamespaceObjectReference contains enough information to let you locate the typed referenced - object at cluster level + description: |- + CrossNamespaceObjectReference contains enough information to let you locate the + typed referenced object at cluster level properties: apiVersion: description: API version of the referent @@ -6701,9 +11848,10 @@ spec: matchLabels: additionalProperties: type: string - description: MatchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map - is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and - the values array contains only "value". The requirements are ANDed. + description: |- + MatchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, whose key field is "key", the + operator is "In", and the values array contains only "value". The requirements are ANDed. type: object name: description: Name of the referent @@ -6720,7 +11868,9 @@ spec: type: object type: array secretRef: - description: Secret reference containing the token used to validate the payload authenticity + description: |- + Secret reference containing the token used + to validate the payload authenticity properties: name: description: Name of the referent. @@ -6729,10 +11879,14 @@ spec: - name type: object suspend: - description: This flag tells the controller to suspend subsequent events handling. Defaults to false. + description: |- + This flag tells the controller to suspend subsequent events handling. + Defaults to false. type: boolean type: - description: Type of webhook sender, used to determine the validation procedure and payload deserialization. + description: |- + Type of webhook sender, used to determine + the validation procedure and payload deserialization. enum: - generic - generic-hmac @@ -6757,35 +11911,43 @@ spec: properties: conditions: items: - description: "Condition contains details for one aspect of the current state of this API Resource. --- This - struct is intended for direct use as an array at the field path .status.conditions. For example, \n type - FooStatus struct{ // Represents the observations of a foo's current state. // Known .status.conditions.type - are: \"Available\", \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge // - +listType=map // +listMapKey=type Conditions []metav1.Condition `json:\"conditions,omitempty\" patchStrategy:\"merge\" - patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" + description: "Condition contains details for one aspect of the current + state of this API Resource.\n---\nThis struct is intended for + direct use as an array at the field path .status.conditions. For + example,\n\n\n\ttype FooStatus struct{\n\t // Represents the + observations of a foo's current state.\n\t // Known .status.conditions.type + are: \"Available\", \"Progressing\", and \"Degraded\"\n\t // + +patchMergeKey=type\n\t // +patchStrategy=merge\n\t // +listType=map\n\t + \ // +listMapKey=type\n\t Conditions []metav1.Condition `json:\"conditions,omitempty\" + patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"`\n\n\n\t + \ // other fields\n\t}" properties: lastTransitionTime: - description: lastTransitionTime is the last time the condition transitioned from one status to another. - This should be when the underlying condition changed. If that is not known, then using the time when - the API field changed is acceptable. + description: |- + lastTransitionTime is the last time the condition transitioned from one status to another. + This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. format: date-time type: string message: - description: message is a human readable message indicating details about the transition. This may be - an empty string. + description: |- + message is a human readable message indicating details about the transition. + This may be an empty string. maxLength: 32768 type: string observedGeneration: - description: observedGeneration represents the .metadata.generation that the condition was set based - upon. For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration - is 9, the condition is out of date with respect to the current state of the instance. + description: |- + observedGeneration represents the .metadata.generation that the condition was set based upon. + For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date + with respect to the current state of the instance. format: int64 minimum: 0 type: integer reason: - description: reason contains a programmatic identifier indicating the reason for the condition's last - transition. Producers of specific condition types may define expected values and meanings for this - field, and whether the values are considered a guaranteed API. The value should be a CamelCase string. + description: |- + reason contains a programmatic identifier indicating the reason for the condition's last transition. + Producers of specific condition types may define expected values and meanings for this field, + and whether the values are considered a guaranteed API. + The value should be a CamelCase string. This field may not be empty. maxLength: 1024 minLength: 1 @@ -6799,9 +11961,12 @@ spec: - Unknown type: string type: - description: type of condition in CamelCase or in foo.example.com/CamelCase. --- Many .condition.type - values are consistent across resources like Available, but because arbitrary conditions can be useful - (see .node.status.conditions), the ability to deconflict is important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + description: |- + type of condition in CamelCase or in foo.example.com/CamelCase. + --- + Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be + useful (see .node.status.conditions), the ability to deconflict is important. + The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) maxLength: 316 pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ type: string @@ -6818,7 +11983,9 @@ spec: format: int64 type: integer url: - description: Generated webhook URL in the format of '/hook/sha256sum(token+name+namespace)'. + description: |- + Generated webhook URL in the format + of '/hook/sha256sum(token+name+namespace)'. type: string type: object type: object @@ -6844,12 +12011,19 @@ spec: description: Receiver is the Schema for the receivers API. properties: apiVersion: - description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert - recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string kind: - description: 'Kind is a string value representing the REST resource this object represents. Servers may infer - this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string metadata: type: object @@ -6857,20 +12031,23 @@ spec: description: ReceiverSpec defines the desired state of the Receiver. properties: events: - description: Events specifies the list of event types to handle, e.g. 'push' for GitHub or 'Push Hook' for - GitLab. + description: |- + Events specifies the list of event types to handle, + e.g. 'push' for GitHub or 'Push Hook' for GitLab. items: type: string type: array interval: - description: Interval at which to reconcile the Receiver with its Secret references. + description: Interval at which to reconcile the Receiver with its + Secret references. pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$ type: string resources: description: A list of resources to be notified about changes. items: - description: CrossNamespaceObjectReference contains enough information to let you locate the typed referenced - object at cluster level + description: |- + CrossNamespaceObjectReference contains enough information to let you locate the + typed referenced object at cluster level properties: apiVersion: description: API version of the referent @@ -6892,13 +12069,16 @@ spec: matchLabels: additionalProperties: type: string - description: MatchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map - is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and - the values array contains only "value". The requirements are ANDed. MatchLabels requires the name - to be set to `*`. + description: |- + MatchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, whose key field is "key", the + operator is "In", and the values array contains only "value". The requirements are ANDed. + MatchLabels requires the name to be set to `*`. type: object name: - description: Name of the referent If multiple resources are targeted `*` may be set. + description: |- + Name of the referent + If multiple resources are targeted `*` may be set. maxLength: 53 minLength: 1 type: string @@ -6913,7 +12093,9 @@ spec: type: object type: array secretRef: - description: SecretRef specifies the Secret containing the token used to validate the payload authenticity. + description: |- + SecretRef specifies the Secret containing the token used + to validate the payload authenticity. properties: name: description: Name of the referent. @@ -6922,10 +12104,14 @@ spec: - name type: object suspend: - description: Suspend tells the controller to suspend subsequent events handling for this receiver. + description: |- + Suspend tells the controller to suspend subsequent + events handling for this receiver. type: boolean type: - description: Type of webhook sender, used to determine the validation procedure and payload deserialization. + description: |- + Type of webhook sender, used to determine + the validation procedure and payload deserialization. enum: - generic - generic-hmac @@ -6951,35 +12137,43 @@ spec: conditions: description: Conditions holds the conditions for the Receiver. items: - description: "Condition contains details for one aspect of the current state of this API Resource. --- This - struct is intended for direct use as an array at the field path .status.conditions. For example, \n type - FooStatus struct{ // Represents the observations of a foo's current state. // Known .status.conditions.type - are: \"Available\", \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge // - +listType=map // +listMapKey=type Conditions []metav1.Condition `json:\"conditions,omitempty\" patchStrategy:\"merge\" - patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" + description: "Condition contains details for one aspect of the current + state of this API Resource.\n---\nThis struct is intended for + direct use as an array at the field path .status.conditions. For + example,\n\n\n\ttype FooStatus struct{\n\t // Represents the + observations of a foo's current state.\n\t // Known .status.conditions.type + are: \"Available\", \"Progressing\", and \"Degraded\"\n\t // + +patchMergeKey=type\n\t // +patchStrategy=merge\n\t // +listType=map\n\t + \ // +listMapKey=type\n\t Conditions []metav1.Condition `json:\"conditions,omitempty\" + patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"`\n\n\n\t + \ // other fields\n\t}" properties: lastTransitionTime: - description: lastTransitionTime is the last time the condition transitioned from one status to another. - This should be when the underlying condition changed. If that is not known, then using the time when - the API field changed is acceptable. + description: |- + lastTransitionTime is the last time the condition transitioned from one status to another. + This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. format: date-time type: string message: - description: message is a human readable message indicating details about the transition. This may be - an empty string. + description: |- + message is a human readable message indicating details about the transition. + This may be an empty string. maxLength: 32768 type: string observedGeneration: - description: observedGeneration represents the .metadata.generation that the condition was set based - upon. For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration - is 9, the condition is out of date with respect to the current state of the instance. + description: |- + observedGeneration represents the .metadata.generation that the condition was set based upon. + For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date + with respect to the current state of the instance. format: int64 minimum: 0 type: integer reason: - description: reason contains a programmatic identifier indicating the reason for the condition's last - transition. Producers of specific condition types may define expected values and meanings for this - field, and whether the values are considered a guaranteed API. The value should be a CamelCase string. + description: |- + reason contains a programmatic identifier indicating the reason for the condition's last transition. + Producers of specific condition types may define expected values and meanings for this field, + and whether the values are considered a guaranteed API. + The value should be a CamelCase string. This field may not be empty. maxLength: 1024 minLength: 1 @@ -6993,9 +12187,12 @@ spec: - Unknown type: string type: - description: type of condition in CamelCase or in foo.example.com/CamelCase. --- Many .condition.type - values are consistent across resources like Available, but because arbitrary conditions can be useful - (see .node.status.conditions), the ability to deconflict is important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + description: |- + type of condition in CamelCase or in foo.example.com/CamelCase. + --- + Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be + useful (see .node.status.conditions), the ability to deconflict is important. + The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) maxLength: 316 pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ type: string @@ -7008,19 +12205,26 @@ spec: type: object type: array lastHandledReconcileAt: - description: LastHandledReconcileAt holds the value of the most recent reconcile request value, so a change - of the annotation value can be detected. + description: |- + LastHandledReconcileAt holds the value of the most recent + reconcile request value, so a change of the annotation value + can be detected. type: string observedGeneration: - description: ObservedGeneration is the last observed generation of the Receiver object. + description: ObservedGeneration is the last observed generation of + the Receiver object. format: int64 type: integer url: - description: 'URL is the generated incoming webhook address in the format of ''/hook/sha256sum(token+name+namespace)''. - Deprecated: Replaced by WebhookPath.' + description: |- + URL is the generated incoming webhook address in the format + of '/hook/sha256sum(token+name+namespace)'. + Deprecated: Replaced by WebhookPath. type: string webhookPath: - description: WebhookPath is the generated incoming webhook address in the format of '/hook/sha256sum(token+name+namespace)'. + description: |- + WebhookPath is the generated incoming webhook address in the format + of '/hook/sha256sum(token+name+namespace)'. type: string type: object type: object @@ -7036,7 +12240,7 @@ metadata: app.kubernetes.io/component: notification-controller app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v2.1.1 + app.kubernetes.io/version: v2.3.0 name: notification-controller namespace: flux-system --- @@ -7047,7 +12251,7 @@ metadata: app.kubernetes.io/component: notification-controller app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v2.1.1 + app.kubernetes.io/version: v2.3.0 control-plane: controller name: notification-controller namespace: flux-system @@ -7068,7 +12272,7 @@ metadata: app.kubernetes.io/component: notification-controller app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v2.1.1 + app.kubernetes.io/version: v2.3.0 control-plane: controller name: webhook-receiver namespace: flux-system @@ -7089,7 +12293,7 @@ metadata: app.kubernetes.io/component: notification-controller app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v2.1.1 + app.kubernetes.io/version: v2.3.0 control-plane: controller name: notification-controller namespace: flux-system @@ -7117,7 +12321,17 @@ spec: valueFrom: fieldRef: fieldPath: metadata.namespace - image: ghcr.io/fluxcd/notification-controller:v1.1.0 + - name: GOMAXPROCS + valueFrom: + resourceFieldRef: + containerName: manager + resource: limits.cpu + - name: GOMEMLIMIT + valueFrom: + resourceFieldRef: + containerName: manager + resource: limits.memory + image: ghcr.io/fluxcd/notification-controller:v1.3.0 imagePullPolicy: IfNotPresent livenessProbe: httpGet: diff --git a/gitops/fluxcd/clusters/gcp/dev/flux-system/gotk-components.yaml b/gitops/fluxcd/clusters/gcp/dev/flux-system/gotk-components.yaml index 0c12f6afe8..8fd99ab9db 100644 --- a/gitops/fluxcd/clusters/gcp/dev/flux-system/gotk-components.yaml +++ b/gitops/fluxcd/clusters/gcp/dev/flux-system/gotk-components.yaml @@ -1,22 +1,6 @@ --- -# Copyright (C) Nicolas Lamirault -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -# SPDX-License-Identifier: Apache-2.0 - # This manifest was generated by flux. DO NOT EDIT. -# Flux Version: v2.1.1 +# Flux Version: v2.3.0 # Components: source-controller,kustomize-controller,helm-controller,notification-controller apiVersion: v1 kind: Namespace @@ -24,7 +8,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v2.1.1 + app.kubernetes.io/version: v2.3.0 pod-security.kubernetes.io/warn: restricted pod-security.kubernetes.io/warn-version: latest name: flux-system @@ -35,7 +19,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v2.1.1 + app.kubernetes.io/version: v2.3.0 name: allow-egress namespace: flux-system spec: @@ -55,7 +39,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v2.1.1 + app.kubernetes.io/version: v2.3.0 name: allow-scraping namespace: flux-system spec: @@ -75,7 +59,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v2.1.1 + app.kubernetes.io/version: v2.3.0 name: allow-webhooks namespace: flux-system spec: @@ -94,7 +78,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v2.1.1 + app.kubernetes.io/version: v2.3.0 name: critical-pods-flux-system namespace: flux-system spec: @@ -114,7 +98,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v2.1.1 + app.kubernetes.io/version: v2.3.0 name: crd-controller-flux-system rules: - apiGroups: @@ -197,6 +181,10 @@ rules: - update - patch - delete +- nonResourceURLs: + - /livez/ping + verbs: + - head --- apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRole @@ -204,7 +192,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v2.1.1 + app.kubernetes.io/version: v2.3.0 rbac.authorization.k8s.io/aggregate-to-admin: "true" rbac.authorization.k8s.io/aggregate-to-edit: "true" name: flux-edit-flux-system @@ -230,7 +218,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v2.1.1 + app.kubernetes.io/version: v2.3.0 rbac.authorization.k8s.io/aggregate-to-admin: "true" rbac.authorization.k8s.io/aggregate-to-edit: "true" rbac.authorization.k8s.io/aggregate-to-view: "true" @@ -255,7 +243,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v2.1.1 + app.kubernetes.io/version: v2.3.0 name: cluster-reconciler-flux-system roleRef: apiGroup: rbac.authorization.k8s.io @@ -275,7 +263,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v2.1.1 + app.kubernetes.io/version: v2.3.0 name: crd-controller-flux-system roleRef: apiGroup: rbac.authorization.k8s.io @@ -305,12 +293,12 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.12.0 + controller-gen.kubebuilder.io/version: v0.15.0 labels: app.kubernetes.io/component: source-controller app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v2.1.1 + app.kubernetes.io/version: v2.3.0 name: buckets.source.toolkit.fluxcd.io spec: group: source.toolkit.fluxcd.io @@ -334,40 +322,54 @@ spec: - jsonPath: .metadata.creationTimestamp name: Age type: date + deprecated: true + deprecationWarning: v1beta1 Bucket is deprecated, upgrade to v1beta2 name: v1beta1 schema: openAPIV3Schema: description: Bucket is the Schema for the buckets API properties: apiVersion: - description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert - recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string kind: - description: 'Kind is a string value representing the REST resource this object represents. Servers may infer - this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string metadata: type: object spec: - description: BucketSpec defines the desired state of an S3 compatible bucket + description: BucketSpec defines the desired state of an S3 compatible + bucket properties: accessFrom: - description: AccessFrom defines an Access Control List for allowing cross-namespace references to this object. + description: AccessFrom defines an Access Control List for allowing + cross-namespace references to this object. properties: namespaceSelectors: - description: NamespaceSelectors is the list of namespace selectors to which this ACL applies. Items in - this list are evaluated using a logical OR operation. + description: |- + NamespaceSelectors is the list of namespace selectors to which this ACL applies. + Items in this list are evaluated using a logical OR operation. items: - description: NamespaceSelector selects the namespaces to which this ACL applies. An empty map of MatchLabels - matches all namespaces in a cluster. + description: |- + NamespaceSelector selects the namespaces to which this ACL applies. + An empty map of MatchLabels matches all namespaces in a cluster. properties: matchLabels: additionalProperties: type: string - description: MatchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels - map is equivalent to an element of matchExpressions, whose key field is "key", the operator is - "In", and the values array contains only "value". The requirements are ANDed. + description: |- + MatchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, whose key field is "key", the + operator is "In", and the values array contains only "value". The requirements are ANDed. type: object type: object type: array @@ -381,9 +383,10 @@ spec: description: The bucket endpoint address. type: string ignore: - description: Ignore overrides the set of excluded patterns in the .sourceignore format (which is the same - as .gitignore). If not provided, a default will be used, consult the documentation for your version to find - out what those are. + description: |- + Ignore overrides the set of excluded patterns in the .sourceignore format + (which is the same as .gitignore). If not provided, a default will be used, + consult the documentation for your version to find out what those are. type: string insecure: description: Insecure allows connecting to a non-TLS S3 HTTP endpoint. @@ -403,7 +406,9 @@ spec: description: The bucket region. type: string secretRef: - description: The name of the secret containing authentication credentials for the Bucket. + description: |- + The name of the secret containing authentication credentials + for the Bucket. properties: name: description: Name of the referent. @@ -412,7 +417,8 @@ spec: - name type: object suspend: - description: This flag tells the controller to suspend the reconciliation of this source. + description: This flag tells the controller to suspend the reconciliation + of this source. type: boolean timeout: default: 60s @@ -429,21 +435,26 @@ spec: description: BucketStatus defines the observed state of a bucket properties: artifact: - description: Artifact represents the output of the last successful Bucket sync. + description: Artifact represents the output of the last successful + Bucket sync. properties: checksum: description: Checksum is the SHA256 checksum of the artifact. type: string lastUpdateTime: - description: LastUpdateTime is the timestamp corresponding to the last update of this artifact. + description: |- + LastUpdateTime is the timestamp corresponding to the last update of this + artifact. format: date-time type: string path: description: Path is the relative file path of this artifact. type: string revision: - description: Revision is a human readable identifier traceable in the origin source system. It can be - a Git commit SHA, Git tag, a Helm index timestamp, a Helm chart version, etc. + description: |- + Revision is a human readable identifier traceable in the origin source + system. It can be a Git commit SHA, Git tag, a Helm index timestamp, a Helm + chart version, etc. type: string url: description: URL is the HTTP address of this artifact. @@ -455,35 +466,43 @@ spec: conditions: description: Conditions holds the conditions for the Bucket. items: - description: "Condition contains details for one aspect of the current state of this API Resource. --- This - struct is intended for direct use as an array at the field path .status.conditions. For example, \n type - FooStatus struct{ // Represents the observations of a foo's current state. // Known .status.conditions.type - are: \"Available\", \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge // - +listType=map // +listMapKey=type Conditions []metav1.Condition `json:\"conditions,omitempty\" patchStrategy:\"merge\" - patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" + description: "Condition contains details for one aspect of the current + state of this API Resource.\n---\nThis struct is intended for + direct use as an array at the field path .status.conditions. For + example,\n\n\n\ttype FooStatus struct{\n\t // Represents the + observations of a foo's current state.\n\t // Known .status.conditions.type + are: \"Available\", \"Progressing\", and \"Degraded\"\n\t // + +patchMergeKey=type\n\t // +patchStrategy=merge\n\t // +listType=map\n\t + \ // +listMapKey=type\n\t Conditions []metav1.Condition `json:\"conditions,omitempty\" + patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"`\n\n\n\t + \ // other fields\n\t}" properties: lastTransitionTime: - description: lastTransitionTime is the last time the condition transitioned from one status to another. - This should be when the underlying condition changed. If that is not known, then using the time when - the API field changed is acceptable. + description: |- + lastTransitionTime is the last time the condition transitioned from one status to another. + This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. format: date-time type: string message: - description: message is a human readable message indicating details about the transition. This may be - an empty string. + description: |- + message is a human readable message indicating details about the transition. + This may be an empty string. maxLength: 32768 type: string observedGeneration: - description: observedGeneration represents the .metadata.generation that the condition was set based - upon. For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration - is 9, the condition is out of date with respect to the current state of the instance. + description: |- + observedGeneration represents the .metadata.generation that the condition was set based upon. + For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date + with respect to the current state of the instance. format: int64 minimum: 0 type: integer reason: - description: reason contains a programmatic identifier indicating the reason for the condition's last - transition. Producers of specific condition types may define expected values and meanings for this - field, and whether the values are considered a guaranteed API. The value should be a CamelCase string. + description: |- + reason contains a programmatic identifier indicating the reason for the condition's last transition. + Producers of specific condition types may define expected values and meanings for this field, + and whether the values are considered a guaranteed API. + The value should be a CamelCase string. This field may not be empty. maxLength: 1024 minLength: 1 @@ -497,9 +516,12 @@ spec: - Unknown type: string type: - description: type of condition in CamelCase or in foo.example.com/CamelCase. --- Many .condition.type - values are consistent across resources like Available, but because arbitrary conditions can be useful - (see .node.status.conditions), the ability to deconflict is important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + description: |- + type of condition in CamelCase or in foo.example.com/CamelCase. + --- + Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be + useful (see .node.status.conditions), the ability to deconflict is important. + The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) maxLength: 316 pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ type: string @@ -512,15 +534,18 @@ spec: type: object type: array lastHandledReconcileAt: - description: LastHandledReconcileAt holds the value of the most recent reconcile request value, so a change - of the annotation value can be detected. + description: |- + LastHandledReconcileAt holds the value of the most recent + reconcile request value, so a change of the annotation value + can be detected. type: string observedGeneration: description: ObservedGeneration is the last observed generation. format: int64 type: integer url: - description: URL is the download link for the artifact output of the last Bucket sync. + description: URL is the download link for the artifact output of the + last Bucket sync. type: string type: object type: object @@ -547,35 +572,49 @@ spec: description: Bucket is the Schema for the buckets API. properties: apiVersion: - description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert - recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string kind: - description: 'Kind is a string value representing the REST resource this object represents. Servers may infer - this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string metadata: type: object spec: - description: BucketSpec specifies the required configuration to produce an Artifact for an object storage bucket. + description: |- + BucketSpec specifies the required configuration to produce an Artifact for + an object storage bucket. properties: accessFrom: - description: 'AccessFrom specifies an Access Control List for allowing cross-namespace references to this - object. NOTE: Not implemented, provisional as of https://github.com/fluxcd/flux2/pull/2092' + description: |- + AccessFrom specifies an Access Control List for allowing cross-namespace + references to this object. + NOTE: Not implemented, provisional as of https://github.com/fluxcd/flux2/pull/2092 properties: namespaceSelectors: - description: NamespaceSelectors is the list of namespace selectors to which this ACL applies. Items in - this list are evaluated using a logical OR operation. + description: |- + NamespaceSelectors is the list of namespace selectors to which this ACL applies. + Items in this list are evaluated using a logical OR operation. items: - description: NamespaceSelector selects the namespaces to which this ACL applies. An empty map of MatchLabels - matches all namespaces in a cluster. + description: |- + NamespaceSelector selects the namespaces to which this ACL applies. + An empty map of MatchLabels matches all namespaces in a cluster. properties: matchLabels: additionalProperties: type: string - description: MatchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels - map is equivalent to an element of matchExpressions, whose key field is "key", the operator is - "In", and the values array contains only "value". The requirements are ANDed. + description: |- + MatchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, whose key field is "key", the + operator is "In", and the values array contains only "value". The requirements are ANDed. type: object type: object type: array @@ -586,25 +625,35 @@ spec: description: BucketName is the name of the object storage bucket. type: string endpoint: - description: Endpoint is the object storage address the BucketName is located at. + description: Endpoint is the object storage address the BucketName + is located at. type: string ignore: - description: Ignore overrides the set of excluded patterns in the .sourceignore format (which is the same - as .gitignore). If not provided, a default will be used, consult the documentation for your version to find - out what those are. + description: |- + Ignore overrides the set of excluded patterns in the .sourceignore format + (which is the same as .gitignore). If not provided, a default will be used, + consult the documentation for your version to find out what those are. type: string insecure: description: Insecure allows connecting to a non-TLS HTTP Endpoint. type: boolean interval: - description: Interval at which the Bucket Endpoint is checked for updates. This interval is approximate and - may be subject to jitter to ensure efficient use of resources. + description: |- + Interval at which the Bucket Endpoint is checked for updates. + This interval is approximate and may be subject to jitter to ensure + efficient use of resources. pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$ type: string + prefix: + description: Prefix to use for server-side filtering of files in the + Bucket. + type: string provider: default: generic - description: Provider of the object storage bucket. Defaults to 'generic', which expects an S3 (API) compatible - object storage. + description: |- + Provider of the object storage bucket. + Defaults to 'generic', which expects an S3 (API) compatible object + storage. enum: - generic - aws @@ -612,10 +661,13 @@ spec: - azure type: string region: - description: Region of the Endpoint where the BucketName is located in. + description: Region of the Endpoint where the BucketName is located + in. type: string secretRef: - description: SecretRef specifies the Secret containing authentication credentials for the Bucket. + description: |- + SecretRef specifies the Secret containing authentication credentials + for the Bucket. properties: name: description: Name of the referent. @@ -624,7 +676,9 @@ spec: - name type: object suspend: - description: Suspend tells the controller to suspend the reconciliation of this Bucket. + description: |- + Suspend tells the controller to suspend the reconciliation of this + Bucket. type: boolean timeout: default: 60s @@ -649,7 +703,9 @@ spec: pattern: ^[a-z0-9]+(?:[.+_-][a-z0-9]+)*:[a-zA-Z0-9=_-]+$ type: string lastUpdateTime: - description: LastUpdateTime is the timestamp corresponding to the last update of the Artifact. + description: |- + LastUpdateTime is the timestamp corresponding to the last update of the + Artifact. format: date-time type: string metadata: @@ -658,21 +714,25 @@ spec: description: Metadata holds upstream information such as OCI annotations. type: object path: - description: Path is the relative file path of the Artifact. It can be used to locate the file in the - root of the Artifact storage on the local file system of the controller managing the Source. + description: |- + Path is the relative file path of the Artifact. It can be used to locate + the file in the root of the Artifact storage on the local file system of + the controller managing the Source. type: string revision: - description: Revision is a human-readable identifier traceable in the origin source system. It can be - a Git commit SHA, Git tag, a Helm chart version, etc. + description: |- + Revision is a human-readable identifier traceable in the origin source + system. It can be a Git commit SHA, Git tag, a Helm chart version, etc. type: string size: description: Size is the number of bytes in the file. format: int64 type: integer url: - description: URL is the HTTP address of the Artifact as exposed by the controller managing the Source. - It can be used to retrieve the Artifact for consumption, e.g. by another controller applying the Artifact - contents. + description: |- + URL is the HTTP address of the Artifact as exposed by the controller + managing the Source. It can be used to retrieve the Artifact for + consumption, e.g. by another controller applying the Artifact contents. type: string required: - lastUpdateTime @@ -683,35 +743,43 @@ spec: conditions: description: Conditions holds the conditions for the Bucket. items: - description: "Condition contains details for one aspect of the current state of this API Resource. --- This - struct is intended for direct use as an array at the field path .status.conditions. For example, \n type - FooStatus struct{ // Represents the observations of a foo's current state. // Known .status.conditions.type - are: \"Available\", \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge // - +listType=map // +listMapKey=type Conditions []metav1.Condition `json:\"conditions,omitempty\" patchStrategy:\"merge\" - patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" + description: "Condition contains details for one aspect of the current + state of this API Resource.\n---\nThis struct is intended for + direct use as an array at the field path .status.conditions. For + example,\n\n\n\ttype FooStatus struct{\n\t // Represents the + observations of a foo's current state.\n\t // Known .status.conditions.type + are: \"Available\", \"Progressing\", and \"Degraded\"\n\t // + +patchMergeKey=type\n\t // +patchStrategy=merge\n\t // +listType=map\n\t + \ // +listMapKey=type\n\t Conditions []metav1.Condition `json:\"conditions,omitempty\" + patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"`\n\n\n\t + \ // other fields\n\t}" properties: lastTransitionTime: - description: lastTransitionTime is the last time the condition transitioned from one status to another. - This should be when the underlying condition changed. If that is not known, then using the time when - the API field changed is acceptable. + description: |- + lastTransitionTime is the last time the condition transitioned from one status to another. + This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. format: date-time type: string message: - description: message is a human readable message indicating details about the transition. This may be - an empty string. + description: |- + message is a human readable message indicating details about the transition. + This may be an empty string. maxLength: 32768 type: string observedGeneration: - description: observedGeneration represents the .metadata.generation that the condition was set based - upon. For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration - is 9, the condition is out of date with respect to the current state of the instance. + description: |- + observedGeneration represents the .metadata.generation that the condition was set based upon. + For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date + with respect to the current state of the instance. format: int64 minimum: 0 type: integer reason: - description: reason contains a programmatic identifier indicating the reason for the condition's last - transition. Producers of specific condition types may define expected values and meanings for this - field, and whether the values are considered a guaranteed API. The value should be a CamelCase string. + description: |- + reason contains a programmatic identifier indicating the reason for the condition's last transition. + Producers of specific condition types may define expected values and meanings for this field, + and whether the values are considered a guaranteed API. + The value should be a CamelCase string. This field may not be empty. maxLength: 1024 minLength: 1 @@ -725,9 +793,12 @@ spec: - Unknown type: string type: - description: type of condition in CamelCase or in foo.example.com/CamelCase. --- Many .condition.type - values are consistent across resources like Available, but because arbitrary conditions can be useful - (see .node.status.conditions), the ability to deconflict is important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + description: |- + type of condition in CamelCase or in foo.example.com/CamelCase. + --- + Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be + useful (see .node.status.conditions), the ability to deconflict is important. + The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) maxLength: 316 pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ type: string @@ -740,19 +811,26 @@ spec: type: object type: array lastHandledReconcileAt: - description: LastHandledReconcileAt holds the value of the most recent reconcile request value, so a change - of the annotation value can be detected. + description: |- + LastHandledReconcileAt holds the value of the most recent + reconcile request value, so a change of the annotation value + can be detected. type: string observedGeneration: - description: ObservedGeneration is the last observed generation of the Bucket object. + description: ObservedGeneration is the last observed generation of + the Bucket object. format: int64 type: integer observedIgnore: - description: ObservedIgnore is the observed exclusion patterns used for constructing the source artifact. + description: |- + ObservedIgnore is the observed exclusion patterns used for constructing + the source artifact. type: string url: - description: URL is the dynamic fetch link for the latest Artifact. It is provided on a "best effort" basis, - and using the precise BucketStatus.Artifact data is recommended. + description: |- + URL is the dynamic fetch link for the latest Artifact. + It is provided on a "best effort" basis, and using the precise + BucketStatus.Artifact data is recommended. type: string type: object type: object @@ -765,12 +843,12 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.12.0 + controller-gen.kubebuilder.io/version: v0.15.0 labels: app.kubernetes.io/component: source-controller app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v2.1.1 + app.kubernetes.io/version: v2.3.0 name: gitrepositories.source.toolkit.fluxcd.io spec: group: source.toolkit.fluxcd.io @@ -802,35 +880,51 @@ spec: description: GitRepository is the Schema for the gitrepositories API. properties: apiVersion: - description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert - recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string kind: - description: 'Kind is a string value representing the REST resource this object represents. Servers may infer - this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string metadata: type: object spec: - description: GitRepositorySpec specifies the required configuration to produce an Artifact for a Git repository. + description: |- + GitRepositorySpec specifies the required configuration to produce an + Artifact for a Git repository. properties: ignore: - description: Ignore overrides the set of excluded patterns in the .sourceignore format (which is the same - as .gitignore). If not provided, a default will be used, consult the documentation for your version to find - out what those are. + description: |- + Ignore overrides the set of excluded patterns in the .sourceignore format + (which is the same as .gitignore). If not provided, a default will be used, + consult the documentation for your version to find out what those are. type: string include: - description: Include specifies a list of GitRepository resources which Artifacts should be included in the - Artifact produced for this GitRepository. + description: |- + Include specifies a list of GitRepository resources which Artifacts + should be included in the Artifact produced for this GitRepository. items: - description: GitRepositoryInclude specifies a local reference to a GitRepository which Artifact (sub-)contents - must be included, and where they should be placed. + description: |- + GitRepositoryInclude specifies a local reference to a GitRepository which + Artifact (sub-)contents must be included, and where they should be placed. properties: fromPath: - description: FromPath specifies the path to copy contents from, defaults to the root of the Artifact. + description: |- + FromPath specifies the path to copy contents from, defaults to the root + of the Artifact. type: string repository: - description: GitRepositoryRef specifies the GitRepository which Artifact contents must be included. + description: |- + GitRepositoryRef specifies the GitRepository which Artifact contents + must be included. properties: name: description: Name of the referent. @@ -839,20 +933,25 @@ spec: - name type: object toPath: - description: ToPath specifies the path to copy contents to, defaults to the name of the GitRepositoryRef. + description: |- + ToPath specifies the path to copy contents to, defaults to the name of + the GitRepositoryRef. type: string required: - repository type: object type: array interval: - description: Interval at which the GitRepository URL is checked for updates. This interval is approximate - and may be subject to jitter to ensure efficient use of resources. + description: |- + Interval at which the GitRepository URL is checked for updates. + This interval is approximate and may be subject to jitter to ensure + efficient use of resources. pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$ type: string proxySecretRef: - description: ProxySecretRef specifies the Secret containing the proxy configuration to use while communicating - with the Git server. + description: |- + ProxySecretRef specifies the Secret containing the proxy configuration + to use while communicating with the Git server. properties: name: description: Name of the referent. @@ -861,36 +960,51 @@ spec: - name type: object recurseSubmodules: - description: RecurseSubmodules enables the initialization of all submodules within the GitRepository as cloned - from the URL, using their default settings. + description: |- + RecurseSubmodules enables the initialization of all submodules within + the GitRepository as cloned from the URL, using their default settings. type: boolean ref: - description: Reference specifies the Git reference to resolve and monitor for changes, defaults to the 'master' - branch. + description: |- + Reference specifies the Git reference to resolve and monitor for + changes, defaults to the 'master' branch. properties: branch: - description: Branch to check out, defaults to 'master' if no other field is defined. + description: Branch to check out, defaults to 'master' if no other + field is defined. type: string commit: - description: "Commit SHA to check out, takes precedence over all reference fields. \n This can be combined - with Branch to shallow clone the branch, in which the commit is expected to exist." + description: |- + Commit SHA to check out, takes precedence over all reference fields. + + + This can be combined with Branch to shallow clone the branch, in which + the commit is expected to exist. type: string name: - description: "Name of the reference to check out; takes precedence over Branch, Tag and SemVer. \n It - must be a valid Git reference: https://git-scm.com/docs/git-check-ref-format#_description Examples: - \"refs/heads/main\", \"refs/tags/v0.1.0\", \"refs/pull/420/head\", \"refs/merge-requests/1/head\"" + description: |- + Name of the reference to check out; takes precedence over Branch, Tag and SemVer. + + + It must be a valid Git reference: https://git-scm.com/docs/git-check-ref-format#_description + Examples: "refs/heads/main", "refs/tags/v0.1.0", "refs/pull/420/head", "refs/merge-requests/1/head" type: string semver: - description: SemVer tag expression to check out, takes precedence over Tag. + description: SemVer tag expression to check out, takes precedence + over Tag. type: string tag: description: Tag to check out, takes precedence over Branch. type: string type: object secretRef: - description: SecretRef specifies the Secret containing authentication credentials for the GitRepository. For - HTTPS repositories the Secret must contain 'username' and 'password' fields for basic auth or 'bearerToken' - field for token auth. For SSH repositories the Secret must contain 'identity' and 'known_hosts' fields. + description: |- + SecretRef specifies the Secret containing authentication credentials for + the GitRepository. + For HTTPS repositories the Secret must contain 'username' and 'password' + fields for basic auth or 'bearerToken' field for token auth. + For SSH repositories the Secret must contain 'identity' + and 'known_hosts' fields. properties: name: description: Name of the referent. @@ -899,25 +1013,35 @@ spec: - name type: object suspend: - description: Suspend tells the controller to suspend the reconciliation of this GitRepository. + description: |- + Suspend tells the controller to suspend the reconciliation of this + GitRepository. type: boolean timeout: default: 60s - description: Timeout for Git operations like cloning, defaults to 60s. + description: Timeout for Git operations like cloning, defaults to + 60s. pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m))+$ type: string url: - description: URL specifies the Git repository URL, it can be an HTTP/S or SSH address. + description: URL specifies the Git repository URL, it can be an HTTP/S + or SSH address. pattern: ^(http|https|ssh)://.*$ type: string verify: - description: Verification specifies the configuration to verify the Git commit signature(s). + description: |- + Verification specifies the configuration to verify the Git commit + signature(s). properties: mode: default: HEAD - description: "Mode specifies which Git object(s) should be verified. \n The variants \"head\" and \"HEAD\" - both imply the same thing, i.e. verify the commit that the HEAD of the Git repository points to. The - variant \"head\" solely exists to ensure backwards compatibility." + description: |- + Mode specifies which Git object(s) should be verified. + + + The variants "head" and "HEAD" both imply the same thing, i.e. verify + the commit that the HEAD of the Git repository points to. The variant + "head" solely exists to ensure backwards compatibility. enum: - head - HEAD @@ -925,7 +1049,9 @@ spec: - TagAndHEAD type: string secretRef: - description: SecretRef specifies the Secret containing the public keys of trusted Git authors. + description: |- + SecretRef specifies the Secret containing the public keys of trusted Git + authors. properties: name: description: Name of the referent. @@ -946,14 +1072,17 @@ spec: description: GitRepositoryStatus records the observed state of a Git repository. properties: artifact: - description: Artifact represents the last successful GitRepository reconciliation. + description: Artifact represents the last successful GitRepository + reconciliation. properties: digest: description: Digest is the digest of the file in the form of ':'. pattern: ^[a-z0-9]+(?:[.+_-][a-z0-9]+)*:[a-zA-Z0-9=_-]+$ type: string lastUpdateTime: - description: LastUpdateTime is the timestamp corresponding to the last update of the Artifact. + description: |- + LastUpdateTime is the timestamp corresponding to the last update of the + Artifact. format: date-time type: string metadata: @@ -962,21 +1091,25 @@ spec: description: Metadata holds upstream information such as OCI annotations. type: object path: - description: Path is the relative file path of the Artifact. It can be used to locate the file in the - root of the Artifact storage on the local file system of the controller managing the Source. + description: |- + Path is the relative file path of the Artifact. It can be used to locate + the file in the root of the Artifact storage on the local file system of + the controller managing the Source. type: string revision: - description: Revision is a human-readable identifier traceable in the origin source system. It can be - a Git commit SHA, Git tag, a Helm chart version, etc. + description: |- + Revision is a human-readable identifier traceable in the origin source + system. It can be a Git commit SHA, Git tag, a Helm chart version, etc. type: string size: description: Size is the number of bytes in the file. format: int64 type: integer url: - description: URL is the HTTP address of the Artifact as exposed by the controller managing the Source. - It can be used to retrieve the Artifact for consumption, e.g. by another controller applying the Artifact - contents. + description: |- + URL is the HTTP address of the Artifact as exposed by the controller + managing the Source. It can be used to retrieve the Artifact for + consumption, e.g. by another controller applying the Artifact contents. type: string required: - lastUpdateTime @@ -987,35 +1120,43 @@ spec: conditions: description: Conditions holds the conditions for the GitRepository. items: - description: "Condition contains details for one aspect of the current state of this API Resource. --- This - struct is intended for direct use as an array at the field path .status.conditions. For example, \n type - FooStatus struct{ // Represents the observations of a foo's current state. // Known .status.conditions.type - are: \"Available\", \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge // - +listType=map // +listMapKey=type Conditions []metav1.Condition `json:\"conditions,omitempty\" patchStrategy:\"merge\" - patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" + description: "Condition contains details for one aspect of the current + state of this API Resource.\n---\nThis struct is intended for + direct use as an array at the field path .status.conditions. For + example,\n\n\n\ttype FooStatus struct{\n\t // Represents the + observations of a foo's current state.\n\t // Known .status.conditions.type + are: \"Available\", \"Progressing\", and \"Degraded\"\n\t // + +patchMergeKey=type\n\t // +patchStrategy=merge\n\t // +listType=map\n\t + \ // +listMapKey=type\n\t Conditions []metav1.Condition `json:\"conditions,omitempty\" + patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"`\n\n\n\t + \ // other fields\n\t}" properties: lastTransitionTime: - description: lastTransitionTime is the last time the condition transitioned from one status to another. - This should be when the underlying condition changed. If that is not known, then using the time when - the API field changed is acceptable. + description: |- + lastTransitionTime is the last time the condition transitioned from one status to another. + This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. format: date-time type: string message: - description: message is a human readable message indicating details about the transition. This may be - an empty string. + description: |- + message is a human readable message indicating details about the transition. + This may be an empty string. maxLength: 32768 type: string observedGeneration: - description: observedGeneration represents the .metadata.generation that the condition was set based - upon. For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration - is 9, the condition is out of date with respect to the current state of the instance. + description: |- + observedGeneration represents the .metadata.generation that the condition was set based upon. + For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date + with respect to the current state of the instance. format: int64 minimum: 0 type: integer reason: - description: reason contains a programmatic identifier indicating the reason for the condition's last - transition. Producers of specific condition types may define expected values and meanings for this - field, and whether the values are considered a guaranteed API. The value should be a CamelCase string. + description: |- + reason contains a programmatic identifier indicating the reason for the condition's last transition. + Producers of specific condition types may define expected values and meanings for this field, + and whether the values are considered a guaranteed API. + The value should be a CamelCase string. This field may not be empty. maxLength: 1024 minLength: 1 @@ -1029,9 +1170,12 @@ spec: - Unknown type: string type: - description: type of condition in CamelCase or in foo.example.com/CamelCase. --- Many .condition.type - values are consistent across resources like Available, but because arbitrary conditions can be useful - (see .node.status.conditions), the ability to deconflict is important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + description: |- + type of condition in CamelCase or in foo.example.com/CamelCase. + --- + Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be + useful (see .node.status.conditions), the ability to deconflict is important. + The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) maxLength: 316 pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ type: string @@ -1044,40 +1188,49 @@ spec: type: object type: array includedArtifacts: - description: IncludedArtifacts contains a list of the last successfully included Artifacts as instructed by - GitRepositorySpec.Include. + description: |- + IncludedArtifacts contains a list of the last successfully included + Artifacts as instructed by GitRepositorySpec.Include. items: description: Artifact represents the output of a Source reconciliation. properties: digest: - description: Digest is the digest of the file in the form of ':'. + description: Digest is the digest of the file in the form of + ':'. pattern: ^[a-z0-9]+(?:[.+_-][a-z0-9]+)*:[a-zA-Z0-9=_-]+$ type: string lastUpdateTime: - description: LastUpdateTime is the timestamp corresponding to the last update of the Artifact. + description: |- + LastUpdateTime is the timestamp corresponding to the last update of the + Artifact. format: date-time type: string metadata: additionalProperties: type: string - description: Metadata holds upstream information such as OCI annotations. + description: Metadata holds upstream information such as OCI + annotations. type: object path: - description: Path is the relative file path of the Artifact. It can be used to locate the file in the - root of the Artifact storage on the local file system of the controller managing the Source. + description: |- + Path is the relative file path of the Artifact. It can be used to locate + the file in the root of the Artifact storage on the local file system of + the controller managing the Source. type: string revision: - description: Revision is a human-readable identifier traceable in the origin source system. It can be - a Git commit SHA, Git tag, a Helm chart version, etc. + description: |- + Revision is a human-readable identifier traceable in the origin source + system. It can be a Git commit SHA, Git tag, a Helm chart version, etc. type: string size: description: Size is the number of bytes in the file. format: int64 type: integer url: - description: URL is the HTTP address of the Artifact as exposed by the controller managing the Source. - It can be used to retrieve the Artifact for consumption, e.g. by another controller applying the Artifact - contents. + description: |- + URL is the HTTP address of the Artifact as exposed by the controller + managing the Source. It can be used to retrieve the Artifact for + consumption, e.g. by another controller applying the Artifact contents. type: string required: - lastUpdateTime @@ -1087,27 +1240,40 @@ spec: type: object type: array lastHandledReconcileAt: - description: LastHandledReconcileAt holds the value of the most recent reconcile request value, so a change - of the annotation value can be detected. + description: |- + LastHandledReconcileAt holds the value of the most recent + reconcile request value, so a change of the annotation value + can be detected. type: string observedGeneration: - description: ObservedGeneration is the last observed generation of the GitRepository object. + description: |- + ObservedGeneration is the last observed generation of the GitRepository + object. format: int64 type: integer observedIgnore: - description: ObservedIgnore is the observed exclusion patterns used for constructing the source artifact. + description: |- + ObservedIgnore is the observed exclusion patterns used for constructing + the source artifact. type: string observedInclude: - description: ObservedInclude is the observed list of GitRepository resources used to produce the current Artifact. + description: |- + ObservedInclude is the observed list of GitRepository resources used to + produce the current Artifact. items: - description: GitRepositoryInclude specifies a local reference to a GitRepository which Artifact (sub-)contents - must be included, and where they should be placed. + description: |- + GitRepositoryInclude specifies a local reference to a GitRepository which + Artifact (sub-)contents must be included, and where they should be placed. properties: fromPath: - description: FromPath specifies the path to copy contents from, defaults to the root of the Artifact. + description: |- + FromPath specifies the path to copy contents from, defaults to the root + of the Artifact. type: string repository: - description: GitRepositoryRef specifies the GitRepository which Artifact contents must be included. + description: |- + GitRepositoryRef specifies the GitRepository which Artifact contents + must be included. properties: name: description: Name of the referent. @@ -1116,19 +1282,23 @@ spec: - name type: object toPath: - description: ToPath specifies the path to copy contents to, defaults to the name of the GitRepositoryRef. + description: |- + ToPath specifies the path to copy contents to, defaults to the name of + the GitRepositoryRef. type: string required: - repository type: object type: array observedRecurseSubmodules: - description: ObservedRecurseSubmodules is the observed resource submodules configuration used to produce the - current Artifact. + description: |- + ObservedRecurseSubmodules is the observed resource submodules + configuration used to produce the current Artifact. type: boolean sourceVerificationMode: - description: SourceVerificationMode is the last used verification mode indicating which Git object(s) have - been verified. + description: |- + SourceVerificationMode is the last used verification mode indicating + which Git object(s) have been verified. type: string type: object type: object @@ -1157,12 +1327,19 @@ spec: description: GitRepository is the Schema for the gitrepositories API properties: apiVersion: - description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert - recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string kind: - description: 'Kind is a string value representing the REST resource this object represents. Servers may infer - this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string metadata: type: object @@ -1170,21 +1347,25 @@ spec: description: GitRepositorySpec defines the desired state of a Git repository. properties: accessFrom: - description: AccessFrom defines an Access Control List for allowing cross-namespace references to this object. + description: AccessFrom defines an Access Control List for allowing + cross-namespace references to this object. properties: namespaceSelectors: - description: NamespaceSelectors is the list of namespace selectors to which this ACL applies. Items in - this list are evaluated using a logical OR operation. + description: |- + NamespaceSelectors is the list of namespace selectors to which this ACL applies. + Items in this list are evaluated using a logical OR operation. items: - description: NamespaceSelector selects the namespaces to which this ACL applies. An empty map of MatchLabels - matches all namespaces in a cluster. + description: |- + NamespaceSelector selects the namespaces to which this ACL applies. + An empty map of MatchLabels matches all namespaces in a cluster. properties: matchLabels: additionalProperties: type: string - description: MatchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels - map is equivalent to an element of matchExpressions, whose key field is "key", the operator is - "In", and the values array contains only "value". The requirements are ANDed. + description: |- + MatchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, whose key field is "key", the + operator is "In", and the values array contains only "value". The requirements are ANDed. type: object type: object type: array @@ -1193,23 +1374,28 @@ spec: type: object gitImplementation: default: go-git - description: Determines which git client library to use. Defaults to go-git, valid values are ('go-git', 'libgit2'). + description: |- + Determines which git client library to use. + Defaults to go-git, valid values are ('go-git', 'libgit2'). enum: - go-git - libgit2 type: string ignore: - description: Ignore overrides the set of excluded patterns in the .sourceignore format (which is the same - as .gitignore). If not provided, a default will be used, consult the documentation for your version to find - out what those are. + description: |- + Ignore overrides the set of excluded patterns in the .sourceignore format + (which is the same as .gitignore). If not provided, a default will be used, + consult the documentation for your version to find out what those are. type: string include: description: Extra git repositories to map into the repository items: - description: GitRepositoryInclude defines a source with a from and to path. + description: GitRepositoryInclude defines a source with a from and + to path. properties: fromPath: - description: The path to copy contents from, defaults to the root directory. + description: The path to copy contents from, defaults to the + root directory. type: string repository: description: Reference to a GitRepository to include. @@ -1221,7 +1407,8 @@ spec: - name type: object toPath: - description: The path to copy contents to, defaults to the name of the source ref. + description: The path to copy contents to, defaults to the name + of the source ref. type: string required: - repository @@ -1231,28 +1418,38 @@ spec: description: The interval at which to check for repository updates. type: string recurseSubmodules: - description: When enabled, after the clone is created, initializes all submodules within, using their default - settings. This option is available only when using the 'go-git' GitImplementation. + description: |- + When enabled, after the clone is created, initializes all submodules within, + using their default settings. + This option is available only when using the 'go-git' GitImplementation. type: boolean ref: - description: The Git reference to checkout and monitor for changes, defaults to master branch. + description: |- + The Git reference to checkout and monitor for changes, defaults to + master branch. properties: branch: description: The Git branch to checkout, defaults to master. type: string commit: - description: The Git commit SHA to checkout, if specified Tag filters will be ignored. + description: The Git commit SHA to checkout, if specified Tag + filters will be ignored. type: string semver: - description: The Git tag semver expression, takes precedence over Tag. + description: The Git tag semver expression, takes precedence over + Tag. type: string tag: description: The Git tag to checkout, takes precedence over Branch. type: string type: object secretRef: - description: The secret name containing the Git credentials. For HTTPS repositories the secret must contain - username and password fields. For SSH repositories the secret must contain identity and known_hosts fields. + description: |- + The secret name containing the Git credentials. + For HTTPS repositories the secret must contain username and password + fields. + For SSH repositories the secret must contain identity and known_hosts + fields. properties: name: description: Name of the referent. @@ -1261,26 +1458,31 @@ spec: - name type: object suspend: - description: This flag tells the controller to suspend the reconciliation of this source. + description: This flag tells the controller to suspend the reconciliation + of this source. type: boolean timeout: default: 60s - description: The timeout for remote Git operations like cloning, defaults to 60s. + description: The timeout for remote Git operations like cloning, defaults + to 60s. type: string url: description: The repository URL, can be a HTTP/S or SSH address. pattern: ^(http|https|ssh)://.*$ type: string verify: - description: Verify OpenPGP signature for the Git commit HEAD points to. + description: Verify OpenPGP signature for the Git commit HEAD points + to. properties: mode: - description: Mode describes what git object should be verified, currently ('head'). + description: Mode describes what git object should be verified, + currently ('head'). enum: - head type: string secretRef: - description: The secret name containing the public keys of all trusted Git authors. + description: The secret name containing the public keys of all + trusted Git authors. properties: name: description: Name of the referent. @@ -1301,21 +1503,26 @@ spec: description: GitRepositoryStatus defines the observed state of a Git repository. properties: artifact: - description: Artifact represents the output of the last successful repository sync. + description: Artifact represents the output of the last successful + repository sync. properties: checksum: description: Checksum is the SHA256 checksum of the artifact. type: string lastUpdateTime: - description: LastUpdateTime is the timestamp corresponding to the last update of this artifact. + description: |- + LastUpdateTime is the timestamp corresponding to the last update of this + artifact. format: date-time type: string path: description: Path is the relative file path of this artifact. type: string revision: - description: Revision is a human readable identifier traceable in the origin source system. It can be - a Git commit SHA, Git tag, a Helm index timestamp, a Helm chart version, etc. + description: |- + Revision is a human readable identifier traceable in the origin source + system. It can be a Git commit SHA, Git tag, a Helm index timestamp, a Helm + chart version, etc. type: string url: description: URL is the HTTP address of this artifact. @@ -1327,35 +1534,43 @@ spec: conditions: description: Conditions holds the conditions for the GitRepository. items: - description: "Condition contains details for one aspect of the current state of this API Resource. --- This - struct is intended for direct use as an array at the field path .status.conditions. For example, \n type - FooStatus struct{ // Represents the observations of a foo's current state. // Known .status.conditions.type - are: \"Available\", \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge // - +listType=map // +listMapKey=type Conditions []metav1.Condition `json:\"conditions,omitempty\" patchStrategy:\"merge\" - patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" + description: "Condition contains details for one aspect of the current + state of this API Resource.\n---\nThis struct is intended for + direct use as an array at the field path .status.conditions. For + example,\n\n\n\ttype FooStatus struct{\n\t // Represents the + observations of a foo's current state.\n\t // Known .status.conditions.type + are: \"Available\", \"Progressing\", and \"Degraded\"\n\t // + +patchMergeKey=type\n\t // +patchStrategy=merge\n\t // +listType=map\n\t + \ // +listMapKey=type\n\t Conditions []metav1.Condition `json:\"conditions,omitempty\" + patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"`\n\n\n\t + \ // other fields\n\t}" properties: lastTransitionTime: - description: lastTransitionTime is the last time the condition transitioned from one status to another. - This should be when the underlying condition changed. If that is not known, then using the time when - the API field changed is acceptable. + description: |- + lastTransitionTime is the last time the condition transitioned from one status to another. + This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. format: date-time type: string message: - description: message is a human readable message indicating details about the transition. This may be - an empty string. + description: |- + message is a human readable message indicating details about the transition. + This may be an empty string. maxLength: 32768 type: string observedGeneration: - description: observedGeneration represents the .metadata.generation that the condition was set based - upon. For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration - is 9, the condition is out of date with respect to the current state of the instance. + description: |- + observedGeneration represents the .metadata.generation that the condition was set based upon. + For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date + with respect to the current state of the instance. format: int64 minimum: 0 type: integer reason: - description: reason contains a programmatic identifier indicating the reason for the condition's last - transition. Producers of specific condition types may define expected values and meanings for this - field, and whether the values are considered a guaranteed API. The value should be a CamelCase string. + description: |- + reason contains a programmatic identifier indicating the reason for the condition's last transition. + Producers of specific condition types may define expected values and meanings for this field, + and whether the values are considered a guaranteed API. + The value should be a CamelCase string. This field may not be empty. maxLength: 1024 minLength: 1 @@ -1369,9 +1584,12 @@ spec: - Unknown type: string type: - description: type of condition in CamelCase or in foo.example.com/CamelCase. --- Many .condition.type - values are consistent across resources like Available, but because arbitrary conditions can be useful - (see .node.status.conditions), the ability to deconflict is important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + description: |- + type of condition in CamelCase or in foo.example.com/CamelCase. + --- + Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be + useful (see .node.status.conditions), the ability to deconflict is important. + The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) maxLength: 316 pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ type: string @@ -1384,7 +1602,8 @@ spec: type: object type: array includedArtifacts: - description: IncludedArtifacts represents the included artifacts from the last successful repository sync. + description: IncludedArtifacts represents the included artifacts from + the last successful repository sync. items: description: Artifact represents the output of a source synchronisation. properties: @@ -1392,15 +1611,19 @@ spec: description: Checksum is the SHA256 checksum of the artifact. type: string lastUpdateTime: - description: LastUpdateTime is the timestamp corresponding to the last update of this artifact. + description: |- + LastUpdateTime is the timestamp corresponding to the last update of this + artifact. format: date-time type: string path: description: Path is the relative file path of this artifact. type: string revision: - description: Revision is a human readable identifier traceable in the origin source system. It can be - a Git commit SHA, Git tag, a Helm index timestamp, a Helm chart version, etc. + description: |- + Revision is a human readable identifier traceable in the origin source + system. It can be a Git commit SHA, Git tag, a Helm index timestamp, a Helm + chart version, etc. type: string url: description: URL is the HTTP address of this artifact. @@ -1411,15 +1634,19 @@ spec: type: object type: array lastHandledReconcileAt: - description: LastHandledReconcileAt holds the value of the most recent reconcile request value, so a change - of the annotation value can be detected. + description: |- + LastHandledReconcileAt holds the value of the most recent + reconcile request value, so a change of the annotation value + can be detected. type: string observedGeneration: description: ObservedGeneration is the last observed generation. format: int64 type: integer url: - description: URL is the download link for the artifact output of the last repository sync. + description: |- + URL is the download link for the artifact output of the last repository + sync. type: string type: object type: object @@ -1448,35 +1675,49 @@ spec: description: GitRepository is the Schema for the gitrepositories API. properties: apiVersion: - description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert - recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string kind: - description: 'Kind is a string value representing the REST resource this object represents. Servers may infer - this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string metadata: type: object spec: - description: GitRepositorySpec specifies the required configuration to produce an Artifact for a Git repository. + description: |- + GitRepositorySpec specifies the required configuration to produce an + Artifact for a Git repository. properties: accessFrom: - description: 'AccessFrom specifies an Access Control List for allowing cross-namespace references to this - object. NOTE: Not implemented, provisional as of https://github.com/fluxcd/flux2/pull/2092' + description: |- + AccessFrom specifies an Access Control List for allowing cross-namespace + references to this object. + NOTE: Not implemented, provisional as of https://github.com/fluxcd/flux2/pull/2092 properties: namespaceSelectors: - description: NamespaceSelectors is the list of namespace selectors to which this ACL applies. Items in - this list are evaluated using a logical OR operation. + description: |- + NamespaceSelectors is the list of namespace selectors to which this ACL applies. + Items in this list are evaluated using a logical OR operation. items: - description: NamespaceSelector selects the namespaces to which this ACL applies. An empty map of MatchLabels - matches all namespaces in a cluster. + description: |- + NamespaceSelector selects the namespaces to which this ACL applies. + An empty map of MatchLabels matches all namespaces in a cluster. properties: matchLabels: additionalProperties: type: string - description: MatchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels - map is equivalent to an element of matchExpressions, whose key field is "key", the operator is - "In", and the values array contains only "value". The requirements are ANDed. + description: |- + MatchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, whose key field is "key", the + operator is "In", and the values array contains only "value". The requirements are ANDed. type: object type: object type: array @@ -1485,30 +1726,39 @@ spec: type: object gitImplementation: default: go-git - description: 'GitImplementation specifies which Git client library implementation to use. Defaults to ''go-git'', - valid values are (''go-git'', ''libgit2''). Deprecated: gitImplementation is deprecated now that ''go-git'' - is the only supported implementation.' + description: |- + GitImplementation specifies which Git client library implementation to + use. Defaults to 'go-git', valid values are ('go-git', 'libgit2'). + Deprecated: gitImplementation is deprecated now that 'go-git' is the + only supported implementation. enum: - go-git - libgit2 type: string ignore: - description: Ignore overrides the set of excluded patterns in the .sourceignore format (which is the same - as .gitignore). If not provided, a default will be used, consult the documentation for your version to find - out what those are. + description: |- + Ignore overrides the set of excluded patterns in the .sourceignore format + (which is the same as .gitignore). If not provided, a default will be used, + consult the documentation for your version to find out what those are. type: string include: - description: Include specifies a list of GitRepository resources which Artifacts should be included in the - Artifact produced for this GitRepository. + description: |- + Include specifies a list of GitRepository resources which Artifacts + should be included in the Artifact produced for this GitRepository. items: - description: GitRepositoryInclude specifies a local reference to a GitRepository which Artifact (sub-)contents - must be included, and where they should be placed. + description: |- + GitRepositoryInclude specifies a local reference to a GitRepository which + Artifact (sub-)contents must be included, and where they should be placed. properties: fromPath: - description: FromPath specifies the path to copy contents from, defaults to the root of the Artifact. + description: |- + FromPath specifies the path to copy contents from, defaults to the root + of the Artifact. type: string repository: - description: GitRepositoryRef specifies the GitRepository which Artifact contents must be included. + description: |- + GitRepositoryRef specifies the GitRepository which Artifact contents + must be included. properties: name: description: Name of the referent. @@ -1517,7 +1767,9 @@ spec: - name type: object toPath: - description: ToPath specifies the path to copy contents to, defaults to the name of the GitRepositoryRef. + description: |- + ToPath specifies the path to copy contents to, defaults to the name of + the GitRepositoryRef. type: string required: - repository @@ -1528,36 +1780,51 @@ spec: pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$ type: string recurseSubmodules: - description: RecurseSubmodules enables the initialization of all submodules within the GitRepository as cloned - from the URL, using their default settings. + description: |- + RecurseSubmodules enables the initialization of all submodules within + the GitRepository as cloned from the URL, using their default settings. type: boolean ref: - description: Reference specifies the Git reference to resolve and monitor for changes, defaults to the 'master' - branch. + description: |- + Reference specifies the Git reference to resolve and monitor for + changes, defaults to the 'master' branch. properties: branch: - description: Branch to check out, defaults to 'master' if no other field is defined. + description: Branch to check out, defaults to 'master' if no other + field is defined. type: string commit: - description: "Commit SHA to check out, takes precedence over all reference fields. \n This can be combined - with Branch to shallow clone the branch, in which the commit is expected to exist." + description: |- + Commit SHA to check out, takes precedence over all reference fields. + + + This can be combined with Branch to shallow clone the branch, in which + the commit is expected to exist. type: string name: - description: "Name of the reference to check out; takes precedence over Branch, Tag and SemVer. \n It - must be a valid Git reference: https://git-scm.com/docs/git-check-ref-format#_description Examples: - \"refs/heads/main\", \"refs/tags/v0.1.0\", \"refs/pull/420/head\", \"refs/merge-requests/1/head\"" + description: |- + Name of the reference to check out; takes precedence over Branch, Tag and SemVer. + + + It must be a valid Git reference: https://git-scm.com/docs/git-check-ref-format#_description + Examples: "refs/heads/main", "refs/tags/v0.1.0", "refs/pull/420/head", "refs/merge-requests/1/head" type: string semver: - description: SemVer tag expression to check out, takes precedence over Tag. + description: SemVer tag expression to check out, takes precedence + over Tag. type: string tag: description: Tag to check out, takes precedence over Branch. type: string type: object secretRef: - description: SecretRef specifies the Secret containing authentication credentials for the GitRepository. For - HTTPS repositories the Secret must contain 'username' and 'password' fields for basic auth or 'bearerToken' - field for token auth. For SSH repositories the Secret must contain 'identity' and 'known_hosts' fields. + description: |- + SecretRef specifies the Secret containing authentication credentials for + the GitRepository. + For HTTPS repositories the Secret must contain 'username' and 'password' + fields for basic auth or 'bearerToken' field for token auth. + For SSH repositories the Secret must contain 'identity' + and 'known_hosts' fields. properties: name: description: Name of the referent. @@ -1566,27 +1833,36 @@ spec: - name type: object suspend: - description: Suspend tells the controller to suspend the reconciliation of this GitRepository. + description: |- + Suspend tells the controller to suspend the reconciliation of this + GitRepository. type: boolean timeout: default: 60s - description: Timeout for Git operations like cloning, defaults to 60s. + description: Timeout for Git operations like cloning, defaults to + 60s. pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m))+$ type: string url: - description: URL specifies the Git repository URL, it can be an HTTP/S or SSH address. + description: URL specifies the Git repository URL, it can be an HTTP/S + or SSH address. pattern: ^(http|https|ssh)://.*$ type: string verify: - description: Verification specifies the configuration to verify the Git commit signature(s). + description: |- + Verification specifies the configuration to verify the Git commit + signature(s). properties: mode: - description: Mode specifies what Git object should be verified, currently ('head'). + description: Mode specifies what Git object should be verified, + currently ('head'). enum: - head type: string secretRef: - description: SecretRef specifies the Secret containing the public keys of trusted Git authors. + description: |- + SecretRef specifies the Secret containing the public keys of trusted Git + authors. properties: name: description: Name of the referent. @@ -1608,14 +1884,17 @@ spec: description: GitRepositoryStatus records the observed state of a Git repository. properties: artifact: - description: Artifact represents the last successful GitRepository reconciliation. + description: Artifact represents the last successful GitRepository + reconciliation. properties: digest: description: Digest is the digest of the file in the form of ':'. pattern: ^[a-z0-9]+(?:[.+_-][a-z0-9]+)*:[a-zA-Z0-9=_-]+$ type: string lastUpdateTime: - description: LastUpdateTime is the timestamp corresponding to the last update of the Artifact. + description: |- + LastUpdateTime is the timestamp corresponding to the last update of the + Artifact. format: date-time type: string metadata: @@ -1624,21 +1903,25 @@ spec: description: Metadata holds upstream information such as OCI annotations. type: object path: - description: Path is the relative file path of the Artifact. It can be used to locate the file in the - root of the Artifact storage on the local file system of the controller managing the Source. + description: |- + Path is the relative file path of the Artifact. It can be used to locate + the file in the root of the Artifact storage on the local file system of + the controller managing the Source. type: string revision: - description: Revision is a human-readable identifier traceable in the origin source system. It can be - a Git commit SHA, Git tag, a Helm chart version, etc. + description: |- + Revision is a human-readable identifier traceable in the origin source + system. It can be a Git commit SHA, Git tag, a Helm chart version, etc. type: string size: description: Size is the number of bytes in the file. format: int64 type: integer url: - description: URL is the HTTP address of the Artifact as exposed by the controller managing the Source. - It can be used to retrieve the Artifact for consumption, e.g. by another controller applying the Artifact - contents. + description: |- + URL is the HTTP address of the Artifact as exposed by the controller + managing the Source. It can be used to retrieve the Artifact for + consumption, e.g. by another controller applying the Artifact contents. type: string required: - lastUpdateTime @@ -1649,35 +1932,43 @@ spec: conditions: description: Conditions holds the conditions for the GitRepository. items: - description: "Condition contains details for one aspect of the current state of this API Resource. --- This - struct is intended for direct use as an array at the field path .status.conditions. For example, \n type - FooStatus struct{ // Represents the observations of a foo's current state. // Known .status.conditions.type - are: \"Available\", \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge // - +listType=map // +listMapKey=type Conditions []metav1.Condition `json:\"conditions,omitempty\" patchStrategy:\"merge\" - patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" + description: "Condition contains details for one aspect of the current + state of this API Resource.\n---\nThis struct is intended for + direct use as an array at the field path .status.conditions. For + example,\n\n\n\ttype FooStatus struct{\n\t // Represents the + observations of a foo's current state.\n\t // Known .status.conditions.type + are: \"Available\", \"Progressing\", and \"Degraded\"\n\t // + +patchMergeKey=type\n\t // +patchStrategy=merge\n\t // +listType=map\n\t + \ // +listMapKey=type\n\t Conditions []metav1.Condition `json:\"conditions,omitempty\" + patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"`\n\n\n\t + \ // other fields\n\t}" properties: lastTransitionTime: - description: lastTransitionTime is the last time the condition transitioned from one status to another. - This should be when the underlying condition changed. If that is not known, then using the time when - the API field changed is acceptable. + description: |- + lastTransitionTime is the last time the condition transitioned from one status to another. + This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. format: date-time type: string message: - description: message is a human readable message indicating details about the transition. This may be - an empty string. + description: |- + message is a human readable message indicating details about the transition. + This may be an empty string. maxLength: 32768 type: string observedGeneration: - description: observedGeneration represents the .metadata.generation that the condition was set based - upon. For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration - is 9, the condition is out of date with respect to the current state of the instance. + description: |- + observedGeneration represents the .metadata.generation that the condition was set based upon. + For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date + with respect to the current state of the instance. format: int64 minimum: 0 type: integer reason: - description: reason contains a programmatic identifier indicating the reason for the condition's last - transition. Producers of specific condition types may define expected values and meanings for this - field, and whether the values are considered a guaranteed API. The value should be a CamelCase string. + description: |- + reason contains a programmatic identifier indicating the reason for the condition's last transition. + Producers of specific condition types may define expected values and meanings for this field, + and whether the values are considered a guaranteed API. + The value should be a CamelCase string. This field may not be empty. maxLength: 1024 minLength: 1 @@ -1691,9 +1982,12 @@ spec: - Unknown type: string type: - description: type of condition in CamelCase or in foo.example.com/CamelCase. --- Many .condition.type - values are consistent across resources like Available, but because arbitrary conditions can be useful - (see .node.status.conditions), the ability to deconflict is important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + description: |- + type of condition in CamelCase or in foo.example.com/CamelCase. + --- + Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be + useful (see .node.status.conditions), the ability to deconflict is important. + The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) maxLength: 316 pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ type: string @@ -1706,48 +2000,65 @@ spec: type: object type: array contentConfigChecksum: - description: "ContentConfigChecksum is a checksum of all the configurations related to the content of the - source artifact: - .spec.ignore - .spec.recurseSubmodules - .spec.included and the checksum of the included - artifacts observed in .status.observedGeneration version of the object. This can be used to determine if - the content of the included repository has changed. It has the format of `:`, for example: - `sha256:`. \n Deprecated: Replaced with explicit fields for observed artifact content config in - the status." + description: |- + ContentConfigChecksum is a checksum of all the configurations related to + the content of the source artifact: + - .spec.ignore + - .spec.recurseSubmodules + - .spec.included and the checksum of the included artifacts + observed in .status.observedGeneration version of the object. This can + be used to determine if the content of the included repository has + changed. + It has the format of `:`, for example: `sha256:`. + + + Deprecated: Replaced with explicit fields for observed artifact content + config in the status. type: string includedArtifacts: - description: IncludedArtifacts contains a list of the last successfully included Artifacts as instructed by - GitRepositorySpec.Include. + description: |- + IncludedArtifacts contains a list of the last successfully included + Artifacts as instructed by GitRepositorySpec.Include. items: description: Artifact represents the output of a Source reconciliation. properties: digest: - description: Digest is the digest of the file in the form of ':'. + description: Digest is the digest of the file in the form of + ':'. pattern: ^[a-z0-9]+(?:[.+_-][a-z0-9]+)*:[a-zA-Z0-9=_-]+$ type: string lastUpdateTime: - description: LastUpdateTime is the timestamp corresponding to the last update of the Artifact. + description: |- + LastUpdateTime is the timestamp corresponding to the last update of the + Artifact. format: date-time type: string metadata: additionalProperties: type: string - description: Metadata holds upstream information such as OCI annotations. + description: Metadata holds upstream information such as OCI + annotations. type: object path: - description: Path is the relative file path of the Artifact. It can be used to locate the file in the - root of the Artifact storage on the local file system of the controller managing the Source. + description: |- + Path is the relative file path of the Artifact. It can be used to locate + the file in the root of the Artifact storage on the local file system of + the controller managing the Source. type: string revision: - description: Revision is a human-readable identifier traceable in the origin source system. It can be - a Git commit SHA, Git tag, a Helm chart version, etc. + description: |- + Revision is a human-readable identifier traceable in the origin source + system. It can be a Git commit SHA, Git tag, a Helm chart version, etc. type: string size: description: Size is the number of bytes in the file. format: int64 type: integer url: - description: URL is the HTTP address of the Artifact as exposed by the controller managing the Source. - It can be used to retrieve the Artifact for consumption, e.g. by another controller applying the Artifact - contents. + description: |- + URL is the HTTP address of the Artifact as exposed by the controller + managing the Source. It can be used to retrieve the Artifact for + consumption, e.g. by another controller applying the Artifact contents. type: string required: - lastUpdateTime @@ -1757,28 +2068,40 @@ spec: type: object type: array lastHandledReconcileAt: - description: LastHandledReconcileAt holds the value of the most recent reconcile request value, so a change - of the annotation value can be detected. + description: |- + LastHandledReconcileAt holds the value of the most recent + reconcile request value, so a change of the annotation value + can be detected. type: string observedGeneration: - description: ObservedGeneration is the last observed generation of the GitRepository object. + description: |- + ObservedGeneration is the last observed generation of the GitRepository + object. format: int64 type: integer observedIgnore: - description: ObservedIgnore is the observed exclusion patterns used for constructing the source artifact. + description: |- + ObservedIgnore is the observed exclusion patterns used for constructing + the source artifact. type: string observedInclude: - description: ObservedInclude is the observed list of GitRepository resources used to to produce the current - Artifact. + description: |- + ObservedInclude is the observed list of GitRepository resources used to + to produce the current Artifact. items: - description: GitRepositoryInclude specifies a local reference to a GitRepository which Artifact (sub-)contents - must be included, and where they should be placed. + description: |- + GitRepositoryInclude specifies a local reference to a GitRepository which + Artifact (sub-)contents must be included, and where they should be placed. properties: fromPath: - description: FromPath specifies the path to copy contents from, defaults to the root of the Artifact. + description: |- + FromPath specifies the path to copy contents from, defaults to the root + of the Artifact. type: string repository: - description: GitRepositoryRef specifies the GitRepository which Artifact contents must be included. + description: |- + GitRepositoryRef specifies the GitRepository which Artifact contents + must be included. properties: name: description: Name of the referent. @@ -1787,19 +2110,24 @@ spec: - name type: object toPath: - description: ToPath specifies the path to copy contents to, defaults to the name of the GitRepositoryRef. + description: |- + ToPath specifies the path to copy contents to, defaults to the name of + the GitRepositoryRef. type: string required: - repository type: object type: array observedRecurseSubmodules: - description: ObservedRecurseSubmodules is the observed resource submodules configuration used to produce the - current Artifact. + description: |- + ObservedRecurseSubmodules is the observed resource submodules + configuration used to produce the current Artifact. type: boolean url: - description: URL is the dynamic fetch link for the latest Artifact. It is provided on a "best effort" basis, - and using the precise GitRepositoryStatus.Artifact data is recommended. + description: |- + URL is the dynamic fetch link for the latest Artifact. + It is provided on a "best effort" basis, and using the precise + GitRepositoryStatus.Artifact data is recommended. type: string type: object type: object @@ -1812,12 +2140,12 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.12.0 + controller-gen.kubebuilder.io/version: v0.15.0 labels: app.kubernetes.io/component: source-controller app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v2.1.1 + app.kubernetes.io/version: v2.3.0 name: helmcharts.source.toolkit.fluxcd.io spec: group: source.toolkit.fluxcd.io @@ -1830,6 +2158,351 @@ spec: singular: helmchart scope: Namespaced versions: + - additionalPrinterColumns: + - jsonPath: .spec.chart + name: Chart + type: string + - jsonPath: .spec.version + name: Version + type: string + - jsonPath: .spec.sourceRef.kind + name: Source Kind + type: string + - jsonPath: .spec.sourceRef.name + name: Source Name + type: string + - jsonPath: .metadata.creationTimestamp + name: Age + type: date + - jsonPath: .status.conditions[?(@.type=="Ready")].status + name: Ready + type: string + - jsonPath: .status.conditions[?(@.type=="Ready")].message + name: Status + type: string + name: v1 + schema: + openAPIV3Schema: + description: HelmChart is the Schema for the helmcharts API. + properties: + apiVersion: + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources + type: string + kind: + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds + type: string + metadata: + type: object + spec: + description: HelmChartSpec specifies the desired state of a Helm chart. + properties: + chart: + description: |- + Chart is the name or path the Helm chart is available at in the + SourceRef. + type: string + ignoreMissingValuesFiles: + description: |- + IgnoreMissingValuesFiles controls whether to silently ignore missing values + files rather than failing. + type: boolean + interval: + description: |- + Interval at which the HelmChart SourceRef is checked for updates. + This interval is approximate and may be subject to jitter to ensure + efficient use of resources. + pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$ + type: string + reconcileStrategy: + default: ChartVersion + description: |- + ReconcileStrategy determines what enables the creation of a new artifact. + Valid values are ('ChartVersion', 'Revision'). + See the documentation of the values for an explanation on their behavior. + Defaults to ChartVersion when omitted. + enum: + - ChartVersion + - Revision + type: string + sourceRef: + description: SourceRef is the reference to the Source the chart is + available at. + properties: + apiVersion: + description: APIVersion of the referent. + type: string + kind: + description: |- + Kind of the referent, valid values are ('HelmRepository', 'GitRepository', + 'Bucket'). + enum: + - HelmRepository + - GitRepository + - Bucket + type: string + name: + description: Name of the referent. + type: string + required: + - kind + - name + type: object + suspend: + description: |- + Suspend tells the controller to suspend the reconciliation of this + source. + type: boolean + valuesFiles: + description: |- + ValuesFiles is an alternative list of values files to use as the chart + values (values.yaml is not included by default), expected to be a + relative path in the SourceRef. + Values files are merged in the order of this list with the last file + overriding the first. Ignored when omitted. + items: + type: string + type: array + verify: + description: |- + Verify contains the secret name containing the trusted public keys + used to verify the signature and specifies which provider to use to check + whether OCI image is authentic. + This field is only supported when using HelmRepository source with spec.type 'oci'. + Chart dependencies, which are not bundled in the umbrella chart artifact, are not verified. + properties: + matchOIDCIdentity: + description: |- + MatchOIDCIdentity specifies the identity matching criteria to use + while verifying an OCI artifact which was signed using Cosign keyless + signing. The artifact's identity is deemed to be verified if any of the + specified matchers match against the identity. + items: + description: |- + OIDCIdentityMatch specifies options for verifying the certificate identity, + i.e. the issuer and the subject of the certificate. + properties: + issuer: + description: |- + Issuer specifies the regex pattern to match against to verify + the OIDC issuer in the Fulcio certificate. The pattern must be a + valid Go regular expression. + type: string + subject: + description: |- + Subject specifies the regex pattern to match against to verify + the identity subject in the Fulcio certificate. The pattern must + be a valid Go regular expression. + type: string + required: + - issuer + - subject + type: object + type: array + provider: + default: cosign + description: Provider specifies the technology used to sign the + OCI Artifact. + enum: + - cosign + - notation + type: string + secretRef: + description: |- + SecretRef specifies the Kubernetes Secret containing the + trusted public keys. + properties: + name: + description: Name of the referent. + type: string + required: + - name + type: object + required: + - provider + type: object + version: + default: '*' + description: |- + Version is the chart version semver expression, ignored for charts from + GitRepository and Bucket sources. Defaults to latest when omitted. + type: string + required: + - chart + - interval + - sourceRef + type: object + status: + default: + observedGeneration: -1 + description: HelmChartStatus records the observed state of the HelmChart. + properties: + artifact: + description: Artifact represents the output of the last successful + reconciliation. + properties: + digest: + description: Digest is the digest of the file in the form of ':'. + pattern: ^[a-z0-9]+(?:[.+_-][a-z0-9]+)*:[a-zA-Z0-9=_-]+$ + type: string + lastUpdateTime: + description: |- + LastUpdateTime is the timestamp corresponding to the last update of the + Artifact. + format: date-time + type: string + metadata: + additionalProperties: + type: string + description: Metadata holds upstream information such as OCI annotations. + type: object + path: + description: |- + Path is the relative file path of the Artifact. It can be used to locate + the file in the root of the Artifact storage on the local file system of + the controller managing the Source. + type: string + revision: + description: |- + Revision is a human-readable identifier traceable in the origin source + system. It can be a Git commit SHA, Git tag, a Helm chart version, etc. + type: string + size: + description: Size is the number of bytes in the file. + format: int64 + type: integer + url: + description: |- + URL is the HTTP address of the Artifact as exposed by the controller + managing the Source. It can be used to retrieve the Artifact for + consumption, e.g. by another controller applying the Artifact contents. + type: string + required: + - lastUpdateTime + - path + - revision + - url + type: object + conditions: + description: Conditions holds the conditions for the HelmChart. + items: + description: "Condition contains details for one aspect of the current + state of this API Resource.\n---\nThis struct is intended for + direct use as an array at the field path .status.conditions. For + example,\n\n\n\ttype FooStatus struct{\n\t // Represents the + observations of a foo's current state.\n\t // Known .status.conditions.type + are: \"Available\", \"Progressing\", and \"Degraded\"\n\t // + +patchMergeKey=type\n\t // +patchStrategy=merge\n\t // +listType=map\n\t + \ // +listMapKey=type\n\t Conditions []metav1.Condition `json:\"conditions,omitempty\" + patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"`\n\n\n\t + \ // other fields\n\t}" + properties: + lastTransitionTime: + description: |- + lastTransitionTime is the last time the condition transitioned from one status to another. + This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. + format: date-time + type: string + message: + description: |- + message is a human readable message indicating details about the transition. + This may be an empty string. + maxLength: 32768 + type: string + observedGeneration: + description: |- + observedGeneration represents the .metadata.generation that the condition was set based upon. + For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date + with respect to the current state of the instance. + format: int64 + minimum: 0 + type: integer + reason: + description: |- + reason contains a programmatic identifier indicating the reason for the condition's last transition. + Producers of specific condition types may define expected values and meanings for this field, + and whether the values are considered a guaranteed API. + The value should be a CamelCase string. + This field may not be empty. + maxLength: 1024 + minLength: 1 + pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ + type: string + status: + description: status of the condition, one of True, False, Unknown. + enum: + - "True" + - "False" + - Unknown + type: string + type: + description: |- + type of condition in CamelCase or in foo.example.com/CamelCase. + --- + Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be + useful (see .node.status.conditions), the ability to deconflict is important. + The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + maxLength: 316 + pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ + type: string + required: + - lastTransitionTime + - message + - reason + - status + - type + type: object + type: array + lastHandledReconcileAt: + description: |- + LastHandledReconcileAt holds the value of the most recent + reconcile request value, so a change of the annotation value + can be detected. + type: string + observedChartName: + description: |- + ObservedChartName is the last observed chart name as specified by the + resolved chart reference. + type: string + observedGeneration: + description: |- + ObservedGeneration is the last observed generation of the HelmChart + object. + format: int64 + type: integer + observedSourceArtifactRevision: + description: |- + ObservedSourceArtifactRevision is the last observed Artifact.Revision + of the HelmChartSpec.SourceRef. + type: string + observedValuesFiles: + description: |- + ObservedValuesFiles are the observed value files of the last successful + reconciliation. + It matches the chart in the last successfully reconciled artifact. + items: + type: string + type: array + url: + description: |- + URL is the dynamic fetch link for the latest Artifact. + It is provided on a "best effort" basis, and using the precise + BucketStatus.Artifact data is recommended. + type: string + type: object + type: object + served: true + storage: true + subresources: + status: {} - additionalPrinterColumns: - jsonPath: .spec.chart name: Chart @@ -1852,18 +2525,27 @@ spec: - jsonPath: .metadata.creationTimestamp name: Age type: date + deprecated: true + deprecationWarning: v1beta1 HelmChart is deprecated, upgrade to v1 name: v1beta1 schema: openAPIV3Schema: description: HelmChart is the Schema for the helmcharts API properties: apiVersion: - description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert - recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string kind: - description: 'Kind is a string value representing the REST resource this object represents. Servers may infer - this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string metadata: type: object @@ -1871,21 +2553,25 @@ spec: description: HelmChartSpec defines the desired state of a Helm chart. properties: accessFrom: - description: AccessFrom defines an Access Control List for allowing cross-namespace references to this object. + description: AccessFrom defines an Access Control List for allowing + cross-namespace references to this object. properties: namespaceSelectors: - description: NamespaceSelectors is the list of namespace selectors to which this ACL applies. Items in - this list are evaluated using a logical OR operation. + description: |- + NamespaceSelectors is the list of namespace selectors to which this ACL applies. + Items in this list are evaluated using a logical OR operation. items: - description: NamespaceSelector selects the namespaces to which this ACL applies. An empty map of MatchLabels - matches all namespaces in a cluster. + description: |- + NamespaceSelector selects the namespaces to which this ACL applies. + An empty map of MatchLabels matches all namespaces in a cluster. properties: matchLabels: additionalProperties: type: string - description: MatchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels - map is equivalent to an element of matchExpressions, whose key field is "key", the operator is - "In", and the values array contains only "value". The requirements are ANDed. + description: |- + MatchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, whose key field is "key", the + operator is "In", and the values array contains only "value". The requirements are ANDed. type: object type: object type: array @@ -1893,16 +2579,19 @@ spec: - namespaceSelectors type: object chart: - description: The name or path the Helm chart is available at in the SourceRef. + description: The name or path the Helm chart is available at in the + SourceRef. type: string interval: description: The interval at which to check the Source for updates. type: string reconcileStrategy: default: ChartVersion - description: Determines what enables the creation of a new artifact. Valid values are ('ChartVersion', 'Revision'). - See the documentation of the values for an explanation on their behavior. Defaults to ChartVersion when - omitted. + description: |- + Determines what enables the creation of a new artifact. Valid values are + ('ChartVersion', 'Revision'). + See the documentation of the values for an explanation on their behavior. + Defaults to ChartVersion when omitted. enum: - ChartVersion - Revision @@ -1914,7 +2603,9 @@ spec: description: APIVersion of the referent. type: string kind: - description: Kind of the referent, valid values are ('HelmRepository', 'GitRepository', 'Bucket'). + description: |- + Kind of the referent, valid values are ('HelmRepository', 'GitRepository', + 'Bucket'). enum: - HelmRepository - GitRepository @@ -1928,24 +2619,30 @@ spec: - name type: object suspend: - description: This flag tells the controller to suspend the reconciliation of this source. + description: This flag tells the controller to suspend the reconciliation + of this source. type: boolean valuesFile: - description: Alternative values file to use as the default chart values, expected to be a relative path in - the SourceRef. Deprecated in favor of ValuesFiles, for backwards compatibility the file defined here is - merged before the ValuesFiles items. Ignored when omitted. + description: |- + Alternative values file to use as the default chart values, expected to + be a relative path in the SourceRef. Deprecated in favor of ValuesFiles, + for backwards compatibility the file defined here is merged before the + ValuesFiles items. Ignored when omitted. type: string valuesFiles: - description: Alternative list of values files to use as the chart values (values.yaml is not included by default), - expected to be a relative path in the SourceRef. Values files are merged in the order of this list with - the last file overriding the first. Ignored when omitted. + description: |- + Alternative list of values files to use as the chart values (values.yaml + is not included by default), expected to be a relative path in the SourceRef. + Values files are merged in the order of this list with the last file overriding + the first. Ignored when omitted. items: type: string type: array version: default: '*' - description: The chart version semver expression, ignored for charts from GitRepository and Bucket sources. - Defaults to latest when omitted. + description: |- + The chart version semver expression, ignored for charts from GitRepository + and Bucket sources. Defaults to latest when omitted. type: string required: - chart @@ -1958,21 +2655,26 @@ spec: description: HelmChartStatus defines the observed state of the HelmChart. properties: artifact: - description: Artifact represents the output of the last successful chart sync. + description: Artifact represents the output of the last successful + chart sync. properties: checksum: description: Checksum is the SHA256 checksum of the artifact. type: string lastUpdateTime: - description: LastUpdateTime is the timestamp corresponding to the last update of this artifact. + description: |- + LastUpdateTime is the timestamp corresponding to the last update of this + artifact. format: date-time type: string path: description: Path is the relative file path of this artifact. type: string revision: - description: Revision is a human readable identifier traceable in the origin source system. It can be - a Git commit SHA, Git tag, a Helm index timestamp, a Helm chart version, etc. + description: |- + Revision is a human readable identifier traceable in the origin source + system. It can be a Git commit SHA, Git tag, a Helm index timestamp, a Helm + chart version, etc. type: string url: description: URL is the HTTP address of this artifact. @@ -1984,35 +2686,43 @@ spec: conditions: description: Conditions holds the conditions for the HelmChart. items: - description: "Condition contains details for one aspect of the current state of this API Resource. --- This - struct is intended for direct use as an array at the field path .status.conditions. For example, \n type - FooStatus struct{ // Represents the observations of a foo's current state. // Known .status.conditions.type - are: \"Available\", \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge // - +listType=map // +listMapKey=type Conditions []metav1.Condition `json:\"conditions,omitempty\" patchStrategy:\"merge\" - patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" + description: "Condition contains details for one aspect of the current + state of this API Resource.\n---\nThis struct is intended for + direct use as an array at the field path .status.conditions. For + example,\n\n\n\ttype FooStatus struct{\n\t // Represents the + observations of a foo's current state.\n\t // Known .status.conditions.type + are: \"Available\", \"Progressing\", and \"Degraded\"\n\t // + +patchMergeKey=type\n\t // +patchStrategy=merge\n\t // +listType=map\n\t + \ // +listMapKey=type\n\t Conditions []metav1.Condition `json:\"conditions,omitempty\" + patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"`\n\n\n\t + \ // other fields\n\t}" properties: lastTransitionTime: - description: lastTransitionTime is the last time the condition transitioned from one status to another. - This should be when the underlying condition changed. If that is not known, then using the time when - the API field changed is acceptable. + description: |- + lastTransitionTime is the last time the condition transitioned from one status to another. + This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. format: date-time type: string message: - description: message is a human readable message indicating details about the transition. This may be - an empty string. + description: |- + message is a human readable message indicating details about the transition. + This may be an empty string. maxLength: 32768 type: string observedGeneration: - description: observedGeneration represents the .metadata.generation that the condition was set based - upon. For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration - is 9, the condition is out of date with respect to the current state of the instance. + description: |- + observedGeneration represents the .metadata.generation that the condition was set based upon. + For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date + with respect to the current state of the instance. format: int64 minimum: 0 type: integer reason: - description: reason contains a programmatic identifier indicating the reason for the condition's last - transition. Producers of specific condition types may define expected values and meanings for this - field, and whether the values are considered a guaranteed API. The value should be a CamelCase string. + description: |- + reason contains a programmatic identifier indicating the reason for the condition's last transition. + Producers of specific condition types may define expected values and meanings for this field, + and whether the values are considered a guaranteed API. + The value should be a CamelCase string. This field may not be empty. maxLength: 1024 minLength: 1 @@ -2026,9 +2736,12 @@ spec: - Unknown type: string type: - description: type of condition in CamelCase or in foo.example.com/CamelCase. --- Many .condition.type - values are consistent across resources like Available, but because arbitrary conditions can be useful - (see .node.status.conditions), the ability to deconflict is important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + description: |- + type of condition in CamelCase or in foo.example.com/CamelCase. + --- + Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be + useful (see .node.status.conditions), the ability to deconflict is important. + The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) maxLength: 316 pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ type: string @@ -2041,8 +2754,10 @@ spec: type: object type: array lastHandledReconcileAt: - description: LastHandledReconcileAt holds the value of the most recent reconcile request value, so a change - of the annotation value can be detected. + description: |- + LastHandledReconcileAt holds the value of the most recent + reconcile request value, so a change of the annotation value + can be detected. type: string observedGeneration: description: ObservedGeneration is the last observed generation. @@ -2079,18 +2794,27 @@ spec: - jsonPath: .status.conditions[?(@.type=="Ready")].message name: Status type: string + deprecated: true + deprecationWarning: v1beta2 HelmChart is deprecated, upgrade to v1 name: v1beta2 schema: openAPIV3Schema: description: HelmChart is the Schema for the helmcharts API. properties: apiVersion: - description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert - recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string kind: - description: 'Kind is a string value representing the REST resource this object represents. Servers may infer - this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string metadata: type: object @@ -2098,22 +2822,27 @@ spec: description: HelmChartSpec specifies the desired state of a Helm chart. properties: accessFrom: - description: 'AccessFrom specifies an Access Control List for allowing cross-namespace references to this - object. NOTE: Not implemented, provisional as of https://github.com/fluxcd/flux2/pull/2092' + description: |- + AccessFrom specifies an Access Control List for allowing cross-namespace + references to this object. + NOTE: Not implemented, provisional as of https://github.com/fluxcd/flux2/pull/2092 properties: namespaceSelectors: - description: NamespaceSelectors is the list of namespace selectors to which this ACL applies. Items in - this list are evaluated using a logical OR operation. + description: |- + NamespaceSelectors is the list of namespace selectors to which this ACL applies. + Items in this list are evaluated using a logical OR operation. items: - description: NamespaceSelector selects the namespaces to which this ACL applies. An empty map of MatchLabels - matches all namespaces in a cluster. + description: |- + NamespaceSelector selects the namespaces to which this ACL applies. + An empty map of MatchLabels matches all namespaces in a cluster. properties: matchLabels: additionalProperties: type: string - description: MatchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels - map is equivalent to an element of matchExpressions, whose key field is "key", the operator is - "In", and the values array contains only "value". The requirements are ANDed. + description: |- + MatchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, whose key field is "key", the + operator is "In", and the values array contains only "value". The requirements are ANDed. type: object type: object type: array @@ -2121,30 +2850,44 @@ spec: - namespaceSelectors type: object chart: - description: Chart is the name or path the Helm chart is available at in the SourceRef. - type: string + description: |- + Chart is the name or path the Helm chart is available at in the + SourceRef. + type: string + ignoreMissingValuesFiles: + description: |- + IgnoreMissingValuesFiles controls whether to silently ignore missing values + files rather than failing. + type: boolean interval: - description: Interval at which the HelmChart SourceRef is checked for updates. This interval is approximate - and may be subject to jitter to ensure efficient use of resources. + description: |- + Interval at which the HelmChart SourceRef is checked for updates. + This interval is approximate and may be subject to jitter to ensure + efficient use of resources. pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$ type: string reconcileStrategy: default: ChartVersion - description: ReconcileStrategy determines what enables the creation of a new artifact. Valid values are ('ChartVersion', - 'Revision'). See the documentation of the values for an explanation on their behavior. Defaults to ChartVersion - when omitted. + description: |- + ReconcileStrategy determines what enables the creation of a new artifact. + Valid values are ('ChartVersion', 'Revision'). + See the documentation of the values for an explanation on their behavior. + Defaults to ChartVersion when omitted. enum: - ChartVersion - Revision type: string sourceRef: - description: SourceRef is the reference to the Source the chart is available at. + description: SourceRef is the reference to the Source the chart is + available at. properties: apiVersion: description: APIVersion of the referent. type: string kind: - description: Kind of the referent, valid values are ('HelmRepository', 'GitRepository', 'Bucket'). + description: |- + Kind of the referent, valid values are ('HelmRepository', 'GitRepository', + 'Bucket'). enum: - HelmRepository - GitRepository @@ -2158,34 +2901,75 @@ spec: - name type: object suspend: - description: Suspend tells the controller to suspend the reconciliation of this source. + description: |- + Suspend tells the controller to suspend the reconciliation of this + source. type: boolean valuesFile: - description: ValuesFile is an alternative values file to use as the default chart values, expected to be a - relative path in the SourceRef. Deprecated in favor of ValuesFiles, for backwards compatibility the file - specified here is merged before the ValuesFiles items. Ignored when omitted. + description: |- + ValuesFile is an alternative values file to use as the default chart + values, expected to be a relative path in the SourceRef. Deprecated in + favor of ValuesFiles, for backwards compatibility the file specified here + is merged before the ValuesFiles items. Ignored when omitted. type: string valuesFiles: - description: ValuesFiles is an alternative list of values files to use as the chart values (values.yaml is - not included by default), expected to be a relative path in the SourceRef. Values files are merged in the - order of this list with the last file overriding the first. Ignored when omitted. + description: |- + ValuesFiles is an alternative list of values files to use as the chart + values (values.yaml is not included by default), expected to be a + relative path in the SourceRef. + Values files are merged in the order of this list with the last file + overriding the first. Ignored when omitted. items: type: string type: array verify: - description: Verify contains the secret name containing the trusted public keys used to verify the signature - and specifies which provider to use to check whether OCI image is authentic. This field is only supported - when using HelmRepository source with spec.type 'oci'. Chart dependencies, which are not bundled in the - umbrella chart artifact, are not verified. + description: |- + Verify contains the secret name containing the trusted public keys + used to verify the signature and specifies which provider to use to check + whether OCI image is authentic. + This field is only supported when using HelmRepository source with spec.type 'oci'. + Chart dependencies, which are not bundled in the umbrella chart artifact, are not verified. properties: + matchOIDCIdentity: + description: |- + MatchOIDCIdentity specifies the identity matching criteria to use + while verifying an OCI artifact which was signed using Cosign keyless + signing. The artifact's identity is deemed to be verified if any of the + specified matchers match against the identity. + items: + description: |- + OIDCIdentityMatch specifies options for verifying the certificate identity, + i.e. the issuer and the subject of the certificate. + properties: + issuer: + description: |- + Issuer specifies the regex pattern to match against to verify + the OIDC issuer in the Fulcio certificate. The pattern must be a + valid Go regular expression. + type: string + subject: + description: |- + Subject specifies the regex pattern to match against to verify + the identity subject in the Fulcio certificate. The pattern must + be a valid Go regular expression. + type: string + required: + - issuer + - subject + type: object + type: array provider: default: cosign - description: Provider specifies the technology used to sign the OCI Artifact. + description: Provider specifies the technology used to sign the + OCI Artifact. enum: - cosign + - notation type: string secretRef: - description: SecretRef specifies the Kubernetes Secret containing the trusted public keys. + description: |- + SecretRef specifies the Kubernetes Secret containing the + trusted public keys. properties: name: description: Name of the referent. @@ -2198,8 +2982,9 @@ spec: type: object version: default: '*' - description: Version is the chart version semver expression, ignored for charts from GitRepository and Bucket - sources. Defaults to latest when omitted. + description: |- + Version is the chart version semver expression, ignored for charts from + GitRepository and Bucket sources. Defaults to latest when omitted. type: string required: - chart @@ -2212,14 +2997,17 @@ spec: description: HelmChartStatus records the observed state of the HelmChart. properties: artifact: - description: Artifact represents the output of the last successful reconciliation. + description: Artifact represents the output of the last successful + reconciliation. properties: digest: description: Digest is the digest of the file in the form of ':'. pattern: ^[a-z0-9]+(?:[.+_-][a-z0-9]+)*:[a-zA-Z0-9=_-]+$ type: string lastUpdateTime: - description: LastUpdateTime is the timestamp corresponding to the last update of the Artifact. + description: |- + LastUpdateTime is the timestamp corresponding to the last update of the + Artifact. format: date-time type: string metadata: @@ -2228,21 +3016,25 @@ spec: description: Metadata holds upstream information such as OCI annotations. type: object path: - description: Path is the relative file path of the Artifact. It can be used to locate the file in the - root of the Artifact storage on the local file system of the controller managing the Source. + description: |- + Path is the relative file path of the Artifact. It can be used to locate + the file in the root of the Artifact storage on the local file system of + the controller managing the Source. type: string revision: - description: Revision is a human-readable identifier traceable in the origin source system. It can be - a Git commit SHA, Git tag, a Helm chart version, etc. + description: |- + Revision is a human-readable identifier traceable in the origin source + system. It can be a Git commit SHA, Git tag, a Helm chart version, etc. type: string size: description: Size is the number of bytes in the file. format: int64 type: integer url: - description: URL is the HTTP address of the Artifact as exposed by the controller managing the Source. - It can be used to retrieve the Artifact for consumption, e.g. by another controller applying the Artifact - contents. + description: |- + URL is the HTTP address of the Artifact as exposed by the controller + managing the Source. It can be used to retrieve the Artifact for + consumption, e.g. by another controller applying the Artifact contents. type: string required: - lastUpdateTime @@ -2253,35 +3045,43 @@ spec: conditions: description: Conditions holds the conditions for the HelmChart. items: - description: "Condition contains details for one aspect of the current state of this API Resource. --- This - struct is intended for direct use as an array at the field path .status.conditions. For example, \n type - FooStatus struct{ // Represents the observations of a foo's current state. // Known .status.conditions.type - are: \"Available\", \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge // - +listType=map // +listMapKey=type Conditions []metav1.Condition `json:\"conditions,omitempty\" patchStrategy:\"merge\" - patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" + description: "Condition contains details for one aspect of the current + state of this API Resource.\n---\nThis struct is intended for + direct use as an array at the field path .status.conditions. For + example,\n\n\n\ttype FooStatus struct{\n\t // Represents the + observations of a foo's current state.\n\t // Known .status.conditions.type + are: \"Available\", \"Progressing\", and \"Degraded\"\n\t // + +patchMergeKey=type\n\t // +patchStrategy=merge\n\t // +listType=map\n\t + \ // +listMapKey=type\n\t Conditions []metav1.Condition `json:\"conditions,omitempty\" + patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"`\n\n\n\t + \ // other fields\n\t}" properties: lastTransitionTime: - description: lastTransitionTime is the last time the condition transitioned from one status to another. - This should be when the underlying condition changed. If that is not known, then using the time when - the API field changed is acceptable. + description: |- + lastTransitionTime is the last time the condition transitioned from one status to another. + This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. format: date-time type: string message: - description: message is a human readable message indicating details about the transition. This may be - an empty string. + description: |- + message is a human readable message indicating details about the transition. + This may be an empty string. maxLength: 32768 type: string observedGeneration: - description: observedGeneration represents the .metadata.generation that the condition was set based - upon. For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration - is 9, the condition is out of date with respect to the current state of the instance. + description: |- + observedGeneration represents the .metadata.generation that the condition was set based upon. + For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date + with respect to the current state of the instance. format: int64 minimum: 0 type: integer reason: - description: reason contains a programmatic identifier indicating the reason for the condition's last - transition. Producers of specific condition types may define expected values and meanings for this - field, and whether the values are considered a guaranteed API. The value should be a CamelCase string. + description: |- + reason contains a programmatic identifier indicating the reason for the condition's last transition. + Producers of specific condition types may define expected values and meanings for this field, + and whether the values are considered a guaranteed API. + The value should be a CamelCase string. This field may not be empty. maxLength: 1024 minLength: 1 @@ -2295,9 +3095,12 @@ spec: - Unknown type: string type: - description: type of condition in CamelCase or in foo.example.com/CamelCase. --- Many .condition.type - values are consistent across resources like Available, but because arbitrary conditions can be useful - (see .node.status.conditions), the ability to deconflict is important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + description: |- + type of condition in CamelCase or in foo.example.com/CamelCase. + --- + Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be + useful (see .node.status.conditions), the ability to deconflict is important. + The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) maxLength: 316 pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ type: string @@ -2310,27 +3113,45 @@ spec: type: object type: array lastHandledReconcileAt: - description: LastHandledReconcileAt holds the value of the most recent reconcile request value, so a change - of the annotation value can be detected. + description: |- + LastHandledReconcileAt holds the value of the most recent + reconcile request value, so a change of the annotation value + can be detected. type: string observedChartName: - description: ObservedChartName is the last observed chart name as specified by the resolved chart reference. + description: |- + ObservedChartName is the last observed chart name as specified by the + resolved chart reference. type: string observedGeneration: - description: ObservedGeneration is the last observed generation of the HelmChart object. + description: |- + ObservedGeneration is the last observed generation of the HelmChart + object. format: int64 type: integer observedSourceArtifactRevision: - description: ObservedSourceArtifactRevision is the last observed Artifact.Revision of the HelmChartSpec.SourceRef. - type: string + description: |- + ObservedSourceArtifactRevision is the last observed Artifact.Revision + of the HelmChartSpec.SourceRef. + type: string + observedValuesFiles: + description: |- + ObservedValuesFiles are the observed value files of the last successful + reconciliation. + It matches the chart in the last successfully reconciled artifact. + items: + type: string + type: array url: - description: URL is the dynamic fetch link for the latest Artifact. It is provided on a "best effort" basis, - and using the precise BucketStatus.Artifact data is recommended. + description: |- + URL is the dynamic fetch link for the latest Artifact. + It is provided on a "best effort" basis, and using the precise + BucketStatus.Artifact data is recommended. type: string type: object type: object served: true - storage: true + storage: false subresources: status: {} --- @@ -2338,12 +3159,12 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.12.0 + controller-gen.kubebuilder.io/version: v0.15.0 labels: app.kubernetes.io/component: source-controller app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v2.1.1 + app.kubernetes.io/version: v2.3.0 name: helmrepositories.source.toolkit.fluxcd.io spec: group: source.toolkit.fluxcd.io @@ -2360,84 +3181,424 @@ spec: - jsonPath: .spec.url name: URL type: string + - jsonPath: .metadata.creationTimestamp + name: Age + type: date - jsonPath: .status.conditions[?(@.type=="Ready")].status name: Ready type: string - jsonPath: .status.conditions[?(@.type=="Ready")].message name: Status type: string - - jsonPath: .metadata.creationTimestamp - name: Age - type: date - name: v1beta1 + name: v1 schema: openAPIV3Schema: - description: HelmRepository is the Schema for the helmrepositories API + description: HelmRepository is the Schema for the helmrepositories API. properties: apiVersion: - description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert - recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string kind: - description: 'Kind is a string value representing the REST resource this object represents. Servers may infer - this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string metadata: type: object spec: - description: HelmRepositorySpec defines the reference to a Helm repository. + description: |- + HelmRepositorySpec specifies the required configuration to produce an + Artifact for a Helm repository index YAML. properties: accessFrom: - description: AccessFrom defines an Access Control List for allowing cross-namespace references to this object. + description: |- + AccessFrom specifies an Access Control List for allowing cross-namespace + references to this object. + NOTE: Not implemented, provisional as of https://github.com/fluxcd/flux2/pull/2092 properties: namespaceSelectors: - description: NamespaceSelectors is the list of namespace selectors to which this ACL applies. Items in - this list are evaluated using a logical OR operation. + description: |- + NamespaceSelectors is the list of namespace selectors to which this ACL applies. + Items in this list are evaluated using a logical OR operation. items: - description: NamespaceSelector selects the namespaces to which this ACL applies. An empty map of MatchLabels - matches all namespaces in a cluster. + description: |- + NamespaceSelector selects the namespaces to which this ACL applies. + An empty map of MatchLabels matches all namespaces in a cluster. properties: matchLabels: additionalProperties: type: string - description: MatchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels - map is equivalent to an element of matchExpressions, whose key field is "key", the operator is - "In", and the values array contains only "value". The requirements are ANDed. + description: |- + MatchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, whose key field is "key", the + operator is "In", and the values array contains only "value". The requirements are ANDed. type: object type: object type: array required: - namespaceSelectors type: object - interval: - description: The interval at which to check the upstream for updates. - type: string - passCredentials: - description: PassCredentials allows the credentials from the SecretRef to be passed on to a host that does - not match the host as defined in URL. This may be required if the host of the advertised chart URLs in the - index differ from the defined URL. Enabling this should be done with caution, as it can potentially result - in credentials getting stolen in a MITM-attack. - type: boolean - secretRef: - description: The name of the secret containing authentication credentials for the Helm repository. For HTTP/S - basic auth the secret must contain username and password fields. For TLS the secret must contain a certFile - and keyFile, and/or caFile fields. - properties: - name: - description: Name of the referent. - type: string - required: - - name + certSecretRef: + description: |- + CertSecretRef can be given the name of a Secret containing + either or both of + + + - a PEM-encoded client certificate (`tls.crt`) and private + key (`tls.key`); + - a PEM-encoded CA certificate (`ca.crt`) + + + and whichever are supplied, will be used for connecting to the + registry. The client cert and key are useful if you are + authenticating with a certificate; the CA cert is useful if + you are using a self-signed server certificate. The Secret must + be of type `Opaque` or `kubernetes.io/tls`. + + + It takes precedence over the values specified in the Secret referred + to by `.spec.secretRef`. + properties: + name: + description: Name of the referent. + type: string + required: + - name + type: object + insecure: + description: |- + Insecure allows connecting to a non-TLS HTTP container registry. + This field is only taken into account if the .spec.type field is set to 'oci'. + type: boolean + interval: + description: |- + Interval at which the HelmRepository URL is checked for updates. + This interval is approximate and may be subject to jitter to ensure + efficient use of resources. + pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$ + type: string + passCredentials: + description: |- + PassCredentials allows the credentials from the SecretRef to be passed + on to a host that does not match the host as defined in URL. + This may be required if the host of the advertised chart URLs in the + index differ from the defined URL. + Enabling this should be done with caution, as it can potentially result + in credentials getting stolen in a MITM-attack. + type: boolean + provider: + default: generic + description: |- + Provider used for authentication, can be 'aws', 'azure', 'gcp' or 'generic'. + This field is optional, and only taken into account if the .spec.type field is set to 'oci'. + When not specified, defaults to 'generic'. + enum: + - generic + - aws + - azure + - gcp + type: string + secretRef: + description: |- + SecretRef specifies the Secret containing authentication credentials + for the HelmRepository. + For HTTP/S basic auth the secret must contain 'username' and 'password' + fields. + Support for TLS auth using the 'certFile' and 'keyFile', and/or 'caFile' + keys is deprecated. Please use `.spec.certSecretRef` instead. + properties: + name: + description: Name of the referent. + type: string + required: + - name + type: object + suspend: + description: |- + Suspend tells the controller to suspend the reconciliation of this + HelmRepository. + type: boolean + timeout: + description: |- + Timeout is used for the index fetch operation for an HTTPS helm repository, + and for remote OCI Repository operations like pulling for an OCI helm + chart by the associated HelmChart. + Its default value is 60s. + pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m))+$ + type: string + type: + description: |- + Type of the HelmRepository. + When this field is set to "oci", the URL field value must be prefixed with "oci://". + enum: + - default + - oci + type: string + url: + description: |- + URL of the Helm repository, a valid URL contains at least a protocol and + host. + pattern: ^(http|https|oci)://.*$ + type: string + required: + - url + type: object + status: + default: + observedGeneration: -1 + description: HelmRepositoryStatus records the observed state of the HelmRepository. + properties: + artifact: + description: Artifact represents the last successful HelmRepository + reconciliation. + properties: + digest: + description: Digest is the digest of the file in the form of ':'. + pattern: ^[a-z0-9]+(?:[.+_-][a-z0-9]+)*:[a-zA-Z0-9=_-]+$ + type: string + lastUpdateTime: + description: |- + LastUpdateTime is the timestamp corresponding to the last update of the + Artifact. + format: date-time + type: string + metadata: + additionalProperties: + type: string + description: Metadata holds upstream information such as OCI annotations. + type: object + path: + description: |- + Path is the relative file path of the Artifact. It can be used to locate + the file in the root of the Artifact storage on the local file system of + the controller managing the Source. + type: string + revision: + description: |- + Revision is a human-readable identifier traceable in the origin source + system. It can be a Git commit SHA, Git tag, a Helm chart version, etc. + type: string + size: + description: Size is the number of bytes in the file. + format: int64 + type: integer + url: + description: |- + URL is the HTTP address of the Artifact as exposed by the controller + managing the Source. It can be used to retrieve the Artifact for + consumption, e.g. by another controller applying the Artifact contents. + type: string + required: + - lastUpdateTime + - path + - revision + - url + type: object + conditions: + description: Conditions holds the conditions for the HelmRepository. + items: + description: "Condition contains details for one aspect of the current + state of this API Resource.\n---\nThis struct is intended for + direct use as an array at the field path .status.conditions. For + example,\n\n\n\ttype FooStatus struct{\n\t // Represents the + observations of a foo's current state.\n\t // Known .status.conditions.type + are: \"Available\", \"Progressing\", and \"Degraded\"\n\t // + +patchMergeKey=type\n\t // +patchStrategy=merge\n\t // +listType=map\n\t + \ // +listMapKey=type\n\t Conditions []metav1.Condition `json:\"conditions,omitempty\" + patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"`\n\n\n\t + \ // other fields\n\t}" + properties: + lastTransitionTime: + description: |- + lastTransitionTime is the last time the condition transitioned from one status to another. + This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. + format: date-time + type: string + message: + description: |- + message is a human readable message indicating details about the transition. + This may be an empty string. + maxLength: 32768 + type: string + observedGeneration: + description: |- + observedGeneration represents the .metadata.generation that the condition was set based upon. + For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date + with respect to the current state of the instance. + format: int64 + minimum: 0 + type: integer + reason: + description: |- + reason contains a programmatic identifier indicating the reason for the condition's last transition. + Producers of specific condition types may define expected values and meanings for this field, + and whether the values are considered a guaranteed API. + The value should be a CamelCase string. + This field may not be empty. + maxLength: 1024 + minLength: 1 + pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ + type: string + status: + description: status of the condition, one of True, False, Unknown. + enum: + - "True" + - "False" + - Unknown + type: string + type: + description: |- + type of condition in CamelCase or in foo.example.com/CamelCase. + --- + Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be + useful (see .node.status.conditions), the ability to deconflict is important. + The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + maxLength: 316 + pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ + type: string + required: + - lastTransitionTime + - message + - reason + - status + - type + type: object + type: array + lastHandledReconcileAt: + description: |- + LastHandledReconcileAt holds the value of the most recent + reconcile request value, so a change of the annotation value + can be detected. + type: string + observedGeneration: + description: |- + ObservedGeneration is the last observed generation of the HelmRepository + object. + format: int64 + type: integer + url: + description: |- + URL is the dynamic fetch link for the latest Artifact. + It is provided on a "best effort" basis, and using the precise + HelmRepositoryStatus.Artifact data is recommended. + type: string + type: object + type: object + served: true + storage: true + subresources: + status: {} + - additionalPrinterColumns: + - jsonPath: .spec.url + name: URL + type: string + - jsonPath: .status.conditions[?(@.type=="Ready")].status + name: Ready + type: string + - jsonPath: .status.conditions[?(@.type=="Ready")].message + name: Status + type: string + - jsonPath: .metadata.creationTimestamp + name: Age + type: date + deprecated: true + deprecationWarning: v1beta1 HelmRepository is deprecated, upgrade to v1 + name: v1beta1 + schema: + openAPIV3Schema: + description: HelmRepository is the Schema for the helmrepositories API + properties: + apiVersion: + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources + type: string + kind: + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds + type: string + metadata: + type: object + spec: + description: HelmRepositorySpec defines the reference to a Helm repository. + properties: + accessFrom: + description: AccessFrom defines an Access Control List for allowing + cross-namespace references to this object. + properties: + namespaceSelectors: + description: |- + NamespaceSelectors is the list of namespace selectors to which this ACL applies. + Items in this list are evaluated using a logical OR operation. + items: + description: |- + NamespaceSelector selects the namespaces to which this ACL applies. + An empty map of MatchLabels matches all namespaces in a cluster. + properties: + matchLabels: + additionalProperties: + type: string + description: |- + MatchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, whose key field is "key", the + operator is "In", and the values array contains only "value". The requirements are ANDed. + type: object + type: object + type: array + required: + - namespaceSelectors + type: object + interval: + description: The interval at which to check the upstream for updates. + type: string + passCredentials: + description: |- + PassCredentials allows the credentials from the SecretRef to be passed on to + a host that does not match the host as defined in URL. + This may be required if the host of the advertised chart URLs in the index + differ from the defined URL. + Enabling this should be done with caution, as it can potentially result in + credentials getting stolen in a MITM-attack. + type: boolean + secretRef: + description: |- + The name of the secret containing authentication credentials for the Helm + repository. + For HTTP/S basic auth the secret must contain username and + password fields. + For TLS the secret must contain a certFile and keyFile, and/or + caFile fields. + properties: + name: + description: Name of the referent. + type: string + required: + - name type: object suspend: - description: This flag tells the controller to suspend the reconciliation of this source. + description: This flag tells the controller to suspend the reconciliation + of this source. type: boolean timeout: default: 60s description: The timeout of index downloading, defaults to 60s. type: string url: - description: The Helm repository URL, a valid URL contains at least a protocol and host. + description: The Helm repository URL, a valid URL contains at least + a protocol and host. type: string required: - interval @@ -2449,21 +3610,26 @@ spec: description: HelmRepositoryStatus defines the observed state of the HelmRepository. properties: artifact: - description: Artifact represents the output of the last successful repository sync. + description: Artifact represents the output of the last successful + repository sync. properties: checksum: description: Checksum is the SHA256 checksum of the artifact. type: string lastUpdateTime: - description: LastUpdateTime is the timestamp corresponding to the last update of this artifact. + description: |- + LastUpdateTime is the timestamp corresponding to the last update of this + artifact. format: date-time type: string path: description: Path is the relative file path of this artifact. type: string revision: - description: Revision is a human readable identifier traceable in the origin source system. It can be - a Git commit SHA, Git tag, a Helm index timestamp, a Helm chart version, etc. + description: |- + Revision is a human readable identifier traceable in the origin source + system. It can be a Git commit SHA, Git tag, a Helm index timestamp, a Helm + chart version, etc. type: string url: description: URL is the HTTP address of this artifact. @@ -2475,35 +3641,43 @@ spec: conditions: description: Conditions holds the conditions for the HelmRepository. items: - description: "Condition contains details for one aspect of the current state of this API Resource. --- This - struct is intended for direct use as an array at the field path .status.conditions. For example, \n type - FooStatus struct{ // Represents the observations of a foo's current state. // Known .status.conditions.type - are: \"Available\", \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge // - +listType=map // +listMapKey=type Conditions []metav1.Condition `json:\"conditions,omitempty\" patchStrategy:\"merge\" - patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" + description: "Condition contains details for one aspect of the current + state of this API Resource.\n---\nThis struct is intended for + direct use as an array at the field path .status.conditions. For + example,\n\n\n\ttype FooStatus struct{\n\t // Represents the + observations of a foo's current state.\n\t // Known .status.conditions.type + are: \"Available\", \"Progressing\", and \"Degraded\"\n\t // + +patchMergeKey=type\n\t // +patchStrategy=merge\n\t // +listType=map\n\t + \ // +listMapKey=type\n\t Conditions []metav1.Condition `json:\"conditions,omitempty\" + patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"`\n\n\n\t + \ // other fields\n\t}" properties: lastTransitionTime: - description: lastTransitionTime is the last time the condition transitioned from one status to another. - This should be when the underlying condition changed. If that is not known, then using the time when - the API field changed is acceptable. + description: |- + lastTransitionTime is the last time the condition transitioned from one status to another. + This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. format: date-time type: string message: - description: message is a human readable message indicating details about the transition. This may be - an empty string. + description: |- + message is a human readable message indicating details about the transition. + This may be an empty string. maxLength: 32768 type: string observedGeneration: - description: observedGeneration represents the .metadata.generation that the condition was set based - upon. For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration - is 9, the condition is out of date with respect to the current state of the instance. + description: |- + observedGeneration represents the .metadata.generation that the condition was set based upon. + For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date + with respect to the current state of the instance. format: int64 minimum: 0 type: integer reason: - description: reason contains a programmatic identifier indicating the reason for the condition's last - transition. Producers of specific condition types may define expected values and meanings for this - field, and whether the values are considered a guaranteed API. The value should be a CamelCase string. + description: |- + reason contains a programmatic identifier indicating the reason for the condition's last transition. + Producers of specific condition types may define expected values and meanings for this field, + and whether the values are considered a guaranteed API. + The value should be a CamelCase string. This field may not be empty. maxLength: 1024 minLength: 1 @@ -2517,9 +3691,12 @@ spec: - Unknown type: string type: - description: type of condition in CamelCase or in foo.example.com/CamelCase. --- Many .condition.type - values are consistent across resources like Available, but because arbitrary conditions can be useful - (see .node.status.conditions), the ability to deconflict is important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + description: |- + type of condition in CamelCase or in foo.example.com/CamelCase. + --- + Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be + useful (see .node.status.conditions), the ability to deconflict is important. + The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) maxLength: 316 pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ type: string @@ -2532,8 +3709,10 @@ spec: type: object type: array lastHandledReconcileAt: - description: LastHandledReconcileAt holds the value of the most recent reconcile request value, so a change - of the annotation value can be detected. + description: |- + LastHandledReconcileAt holds the value of the most recent + reconcile request value, so a change of the annotation value + can be detected. type: string observedGeneration: description: ObservedGeneration is the last observed generation. @@ -2561,42 +3740,57 @@ spec: - jsonPath: .status.conditions[?(@.type=="Ready")].message name: Status type: string + deprecated: true + deprecationWarning: v1beta2 HelmRepository is deprecated, upgrade to v1 name: v1beta2 schema: openAPIV3Schema: description: HelmRepository is the Schema for the helmrepositories API. properties: apiVersion: - description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert - recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string kind: - description: 'Kind is a string value representing the REST resource this object represents. Servers may infer - this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string metadata: type: object spec: - description: HelmRepositorySpec specifies the required configuration to produce an Artifact for a Helm repository - index YAML. + description: |- + HelmRepositorySpec specifies the required configuration to produce an + Artifact for a Helm repository index YAML. properties: accessFrom: - description: 'AccessFrom specifies an Access Control List for allowing cross-namespace references to this - object. NOTE: Not implemented, provisional as of https://github.com/fluxcd/flux2/pull/2092' + description: |- + AccessFrom specifies an Access Control List for allowing cross-namespace + references to this object. + NOTE: Not implemented, provisional as of https://github.com/fluxcd/flux2/pull/2092 properties: namespaceSelectors: - description: NamespaceSelectors is the list of namespace selectors to which this ACL applies. Items in - this list are evaluated using a logical OR operation. + description: |- + NamespaceSelectors is the list of namespace selectors to which this ACL applies. + Items in this list are evaluated using a logical OR operation. items: - description: NamespaceSelector selects the namespaces to which this ACL applies. An empty map of MatchLabels - matches all namespaces in a cluster. + description: |- + NamespaceSelector selects the namespaces to which this ACL applies. + An empty map of MatchLabels matches all namespaces in a cluster. properties: matchLabels: additionalProperties: type: string - description: MatchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels - map is equivalent to an element of matchExpressions, whose key field is "key", the operator is - "In", and the values array contains only "value". The requirements are ANDed. + description: |- + MatchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, whose key field is "key", the + operator is "In", and the values array contains only "value". The requirements are ANDed. type: object type: object type: array @@ -2604,12 +3798,25 @@ spec: - namespaceSelectors type: object certSecretRef: - description: "CertSecretRef can be given the name of a Secret containing either or both of \n - a PEM-encoded - client certificate (`tls.crt`) and private key (`tls.key`); - a PEM-encoded CA certificate (`ca.crt`) \n - and whichever are supplied, will be used for connecting to the registry. The client cert and key are useful - if you are authenticating with a certificate; the CA cert is useful if you are using a self-signed server - certificate. The Secret must be of type `Opaque` or `kubernetes.io/tls`. \n It takes precedence over the - values specified in the Secret referred to by `.spec.secretRef`." + description: |- + CertSecretRef can be given the name of a Secret containing + either or both of + + + - a PEM-encoded client certificate (`tls.crt`) and private + key (`tls.key`); + - a PEM-encoded CA certificate (`ca.crt`) + + + and whichever are supplied, will be used for connecting to the + registry. The client cert and key are useful if you are + authenticating with a certificate; the CA cert is useful if + you are using a self-signed server certificate. The Secret must + be of type `Opaque` or `kubernetes.io/tls`. + + + It takes precedence over the values specified in the Secret referred + to by `.spec.secretRef`. properties: name: description: Name of the referent. @@ -2617,21 +3824,33 @@ spec: required: - name type: object + insecure: + description: |- + Insecure allows connecting to a non-TLS HTTP container registry. + This field is only taken into account if the .spec.type field is set to 'oci'. + type: boolean interval: - description: Interval at which the HelmRepository URL is checked for updates. This interval is approximate - and may be subject to jitter to ensure efficient use of resources. + description: |- + Interval at which the HelmRepository URL is checked for updates. + This interval is approximate and may be subject to jitter to ensure + efficient use of resources. pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$ type: string passCredentials: - description: PassCredentials allows the credentials from the SecretRef to be passed on to a host that does - not match the host as defined in URL. This may be required if the host of the advertised chart URLs in the - index differ from the defined URL. Enabling this should be done with caution, as it can potentially result + description: |- + PassCredentials allows the credentials from the SecretRef to be passed + on to a host that does not match the host as defined in URL. + This may be required if the host of the advertised chart URLs in the + index differ from the defined URL. + Enabling this should be done with caution, as it can potentially result in credentials getting stolen in a MITM-attack. type: boolean provider: default: generic - description: Provider used for authentication, can be 'aws', 'azure', 'gcp' or 'generic'. This field is optional, - and only taken into account if the .spec.type field is set to 'oci'. When not specified, defaults to 'generic'. + description: |- + Provider used for authentication, can be 'aws', 'azure', 'gcp' or 'generic'. + This field is optional, and only taken into account if the .spec.type field is set to 'oci'. + When not specified, defaults to 'generic'. enum: - generic - aws @@ -2639,9 +3858,13 @@ spec: - gcp type: string secretRef: - description: SecretRef specifies the Secret containing authentication credentials for the HelmRepository. - For HTTP/S basic auth the secret must contain 'username' and 'password' fields. Support for TLS auth using - the 'certFile' and 'keyFile', and/or 'caFile' keys is deprecated. Please use `.spec.certSecretRef` instead. + description: |- + SecretRef specifies the Secret containing authentication credentials + for the HelmRepository. + For HTTP/S basic auth the secret must contain 'username' and 'password' + fields. + Support for TLS auth using the 'certFile' and 'keyFile', and/or 'caFile' + keys is deprecated. Please use `.spec.certSecretRef` instead. properties: name: description: Name of the referent. @@ -2650,26 +3873,33 @@ spec: - name type: object suspend: - description: Suspend tells the controller to suspend the reconciliation of this HelmRepository. + description: |- + Suspend tells the controller to suspend the reconciliation of this + HelmRepository. type: boolean timeout: - default: 60s - description: Timeout is used for the index fetch operation for an HTTPS helm repository, and for remote OCI - Repository operations like pulling for an OCI helm repository. Its default value is 60s. + description: |- + Timeout is used for the index fetch operation for an HTTPS helm repository, + and for remote OCI Repository operations like pulling for an OCI helm + chart by the associated HelmChart. + Its default value is 60s. pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m))+$ type: string type: - description: Type of the HelmRepository. When this field is set to "oci", the URL field value must be prefixed - with "oci://". + description: |- + Type of the HelmRepository. + When this field is set to "oci", the URL field value must be prefixed with "oci://". enum: - default - oci type: string url: - description: URL of the Helm repository, a valid URL contains at least a protocol and host. + description: |- + URL of the Helm repository, a valid URL contains at least a protocol and + host. + pattern: ^(http|https|oci)://.*$ type: string required: - - interval - url type: object status: @@ -2678,14 +3908,17 @@ spec: description: HelmRepositoryStatus records the observed state of the HelmRepository. properties: artifact: - description: Artifact represents the last successful HelmRepository reconciliation. + description: Artifact represents the last successful HelmRepository + reconciliation. properties: digest: description: Digest is the digest of the file in the form of ':'. pattern: ^[a-z0-9]+(?:[.+_-][a-z0-9]+)*:[a-zA-Z0-9=_-]+$ type: string lastUpdateTime: - description: LastUpdateTime is the timestamp corresponding to the last update of the Artifact. + description: |- + LastUpdateTime is the timestamp corresponding to the last update of the + Artifact. format: date-time type: string metadata: @@ -2694,21 +3927,25 @@ spec: description: Metadata holds upstream information such as OCI annotations. type: object path: - description: Path is the relative file path of the Artifact. It can be used to locate the file in the - root of the Artifact storage on the local file system of the controller managing the Source. + description: |- + Path is the relative file path of the Artifact. It can be used to locate + the file in the root of the Artifact storage on the local file system of + the controller managing the Source. type: string revision: - description: Revision is a human-readable identifier traceable in the origin source system. It can be - a Git commit SHA, Git tag, a Helm chart version, etc. + description: |- + Revision is a human-readable identifier traceable in the origin source + system. It can be a Git commit SHA, Git tag, a Helm chart version, etc. type: string size: description: Size is the number of bytes in the file. format: int64 type: integer url: - description: URL is the HTTP address of the Artifact as exposed by the controller managing the Source. - It can be used to retrieve the Artifact for consumption, e.g. by another controller applying the Artifact - contents. + description: |- + URL is the HTTP address of the Artifact as exposed by the controller + managing the Source. It can be used to retrieve the Artifact for + consumption, e.g. by another controller applying the Artifact contents. type: string required: - lastUpdateTime @@ -2719,35 +3956,43 @@ spec: conditions: description: Conditions holds the conditions for the HelmRepository. items: - description: "Condition contains details for one aspect of the current state of this API Resource. --- This - struct is intended for direct use as an array at the field path .status.conditions. For example, \n type - FooStatus struct{ // Represents the observations of a foo's current state. // Known .status.conditions.type - are: \"Available\", \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge // - +listType=map // +listMapKey=type Conditions []metav1.Condition `json:\"conditions,omitempty\" patchStrategy:\"merge\" - patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" + description: "Condition contains details for one aspect of the current + state of this API Resource.\n---\nThis struct is intended for + direct use as an array at the field path .status.conditions. For + example,\n\n\n\ttype FooStatus struct{\n\t // Represents the + observations of a foo's current state.\n\t // Known .status.conditions.type + are: \"Available\", \"Progressing\", and \"Degraded\"\n\t // + +patchMergeKey=type\n\t // +patchStrategy=merge\n\t // +listType=map\n\t + \ // +listMapKey=type\n\t Conditions []metav1.Condition `json:\"conditions,omitempty\" + patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"`\n\n\n\t + \ // other fields\n\t}" properties: lastTransitionTime: - description: lastTransitionTime is the last time the condition transitioned from one status to another. - This should be when the underlying condition changed. If that is not known, then using the time when - the API field changed is acceptable. + description: |- + lastTransitionTime is the last time the condition transitioned from one status to another. + This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. format: date-time type: string message: - description: message is a human readable message indicating details about the transition. This may be - an empty string. + description: |- + message is a human readable message indicating details about the transition. + This may be an empty string. maxLength: 32768 type: string observedGeneration: - description: observedGeneration represents the .metadata.generation that the condition was set based - upon. For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration - is 9, the condition is out of date with respect to the current state of the instance. + description: |- + observedGeneration represents the .metadata.generation that the condition was set based upon. + For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date + with respect to the current state of the instance. format: int64 minimum: 0 type: integer reason: - description: reason contains a programmatic identifier indicating the reason for the condition's last - transition. Producers of specific condition types may define expected values and meanings for this - field, and whether the values are considered a guaranteed API. The value should be a CamelCase string. + description: |- + reason contains a programmatic identifier indicating the reason for the condition's last transition. + Producers of specific condition types may define expected values and meanings for this field, + and whether the values are considered a guaranteed API. + The value should be a CamelCase string. This field may not be empty. maxLength: 1024 minLength: 1 @@ -2761,9 +4006,12 @@ spec: - Unknown type: string type: - description: type of condition in CamelCase or in foo.example.com/CamelCase. --- Many .condition.type - values are consistent across resources like Available, but because arbitrary conditions can be useful - (see .node.status.conditions), the ability to deconflict is important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + description: |- + type of condition in CamelCase or in foo.example.com/CamelCase. + --- + Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be + useful (see .node.status.conditions), the ability to deconflict is important. + The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) maxLength: 316 pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ type: string @@ -2776,21 +4024,27 @@ spec: type: object type: array lastHandledReconcileAt: - description: LastHandledReconcileAt holds the value of the most recent reconcile request value, so a change - of the annotation value can be detected. + description: |- + LastHandledReconcileAt holds the value of the most recent + reconcile request value, so a change of the annotation value + can be detected. type: string observedGeneration: - description: ObservedGeneration is the last observed generation of the HelmRepository object. + description: |- + ObservedGeneration is the last observed generation of the HelmRepository + object. format: int64 type: integer url: - description: URL is the dynamic fetch link for the latest Artifact. It is provided on a "best effort" basis, - and using the precise HelmRepositoryStatus.Artifact data is recommended. + description: |- + URL is the dynamic fetch link for the latest Artifact. + It is provided on a "best effort" basis, and using the precise + HelmRepositoryStatus.Artifact data is recommended. type: string type: object type: object served: true - storage: true + storage: false subresources: status: {} --- @@ -2798,12 +4052,12 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.12.0 + controller-gen.kubebuilder.io/version: v0.15.0 labels: app.kubernetes.io/component: source-controller app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v2.1.1 + app.kubernetes.io/version: v2.3.0 name: ocirepositories.source.toolkit.fluxcd.io spec: group: source.toolkit.fluxcd.io @@ -2835,12 +4089,19 @@ spec: description: OCIRepository is the Schema for the ocirepositories API properties: apiVersion: - description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert - recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string kind: - description: 'Kind is a string value representing the REST resource this object represents. Servers may infer - this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string metadata: type: object @@ -2848,12 +4109,25 @@ spec: description: OCIRepositorySpec defines the desired state of OCIRepository properties: certSecretRef: - description: "CertSecretRef can be given the name of a Secret containing either or both of \n - a PEM-encoded - client certificate (`tls.crt`) and private key (`tls.key`); - a PEM-encoded CA certificate (`ca.crt`) \n - and whichever are supplied, will be used for connecting to the registry. The client cert and key are useful - if you are authenticating with a certificate; the CA cert is useful if you are using a self-signed server - certificate. The Secret must be of type `Opaque` or `kubernetes.io/tls`. \n Note: Support for the `caFile`, - `certFile` and `keyFile` keys have been deprecated." + description: |- + CertSecretRef can be given the name of a Secret containing + either or both of + + + - a PEM-encoded client certificate (`tls.crt`) and private + key (`tls.key`); + - a PEM-encoded CA certificate (`ca.crt`) + + + and whichever are supplied, will be used for connecting to the + registry. The client cert and key are useful if you are + authenticating with a certificate; the CA cert is useful if + you are using a self-signed server certificate. The Secret must + be of type `Opaque` or `kubernetes.io/tls`. + + + Note: Support for the `caFile`, `certFile` and `keyFile` keys have + been deprecated. properties: name: description: Name of the referent. @@ -2862,30 +4136,39 @@ spec: - name type: object ignore: - description: Ignore overrides the set of excluded patterns in the .sourceignore format (which is the same - as .gitignore). If not provided, a default will be used, consult the documentation for your version to find - out what those are. + description: |- + Ignore overrides the set of excluded patterns in the .sourceignore format + (which is the same as .gitignore). If not provided, a default will be used, + consult the documentation for your version to find out what those are. type: string insecure: - description: Insecure allows connecting to a non-TLS HTTP container registry. + description: Insecure allows connecting to a non-TLS HTTP container + registry. type: boolean interval: - description: Interval at which the OCIRepository URL is checked for updates. This interval is approximate - and may be subject to jitter to ensure efficient use of resources. + description: |- + Interval at which the OCIRepository URL is checked for updates. + This interval is approximate and may be subject to jitter to ensure + efficient use of resources. pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$ type: string layerSelector: - description: LayerSelector specifies which layer should be extracted from the OCI artifact. When not specified, - the first layer found in the artifact is selected. + description: |- + LayerSelector specifies which layer should be extracted from the OCI artifact. + When not specified, the first layer found in the artifact is selected. properties: mediaType: - description: MediaType specifies the OCI media type of the layer which should be extracted from the OCI - Artifact. The first layer matching this type is selected. + description: |- + MediaType specifies the OCI media type of the layer + which should be extracted from the OCI Artifact. The + first layer matching this type is selected. type: string operation: - description: Operation specifies how the selected layer should be processed. By default, the layer compressed - content is extracted to storage. When the operation is set to 'copy', the layer compressed content is - persisted to storage as it is. + description: |- + Operation specifies how the selected layer should be processed. + By default, the layer compressed content is extracted to storage. + When the operation is set to 'copy', the layer compressed content + is persisted to storage as it is. enum: - extract - copy @@ -2893,8 +4176,9 @@ spec: type: object provider: default: generic - description: The provider used for authentication, can be 'aws', 'azure', 'gcp' or 'generic'. When not specified, - defaults to 'generic'. + description: |- + The provider used for authentication, can be 'aws', 'azure', 'gcp' or 'generic'. + When not specified, defaults to 'generic'. enum: - generic - aws @@ -2902,23 +4186,33 @@ spec: - gcp type: string ref: - description: The OCI reference to pull and monitor for changes, defaults to the latest tag. + description: |- + The OCI reference to pull and monitor for changes, + defaults to the latest tag. properties: digest: - description: Digest is the image digest to pull, takes precedence over SemVer. The value should be in - the format 'sha256:'. + description: |- + Digest is the image digest to pull, takes precedence over SemVer. + The value should be in the format 'sha256:'. type: string semver: - description: SemVer is the range of tags to pull selecting the latest within the range, takes precedence - over Tag. + description: |- + SemVer is the range of tags to pull selecting the latest within + the range, takes precedence over Tag. + type: string + semverFilter: + description: SemverFilter is a regex pattern to filter the tags + within the SemVer range. type: string tag: description: Tag is the image tag to pull, defaults to latest. type: string type: object secretRef: - description: SecretRef contains the secret name containing the registry login credentials to resolve image - metadata. The secret must be of type kubernetes.io/dockerconfigjson. + description: |- + SecretRef contains the secret name containing the registry login + credentials to resolve image metadata. + The secret must be of type kubernetes.io/dockerconfigjson. properties: name: description: Name of the referent. @@ -2927,33 +4221,73 @@ spec: - name type: object serviceAccountName: - description: 'ServiceAccountName is the name of the Kubernetes ServiceAccount used to authenticate the image - pull if the service account has attached pull secrets. For more information: https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/#add-imagepullsecrets-to-a-service-account' + description: |- + ServiceAccountName is the name of the Kubernetes ServiceAccount used to authenticate + the image pull if the service account has attached pull secrets. For more information: + https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/#add-imagepullsecrets-to-a-service-account type: string suspend: - description: This flag tells the controller to suspend the reconciliation of this source. + description: This flag tells the controller to suspend the reconciliation + of this source. type: boolean timeout: default: 60s - description: The timeout for remote OCI Repository operations like pulling, defaults to 60s. + description: The timeout for remote OCI Repository operations like + pulling, defaults to 60s. pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m))+$ type: string url: - description: URL is a reference to an OCI artifact repository hosted on a remote container registry. + description: |- + URL is a reference to an OCI artifact repository hosted + on a remote container registry. pattern: ^oci://.*$ type: string verify: - description: Verify contains the secret name containing the trusted public keys used to verify the signature - and specifies which provider to use to check whether OCI image is authentic. + description: |- + Verify contains the secret name containing the trusted public keys + used to verify the signature and specifies which provider to use to check + whether OCI image is authentic. properties: + matchOIDCIdentity: + description: |- + MatchOIDCIdentity specifies the identity matching criteria to use + while verifying an OCI artifact which was signed using Cosign keyless + signing. The artifact's identity is deemed to be verified if any of the + specified matchers match against the identity. + items: + description: |- + OIDCIdentityMatch specifies options for verifying the certificate identity, + i.e. the issuer and the subject of the certificate. + properties: + issuer: + description: |- + Issuer specifies the regex pattern to match against to verify + the OIDC issuer in the Fulcio certificate. The pattern must be a + valid Go regular expression. + type: string + subject: + description: |- + Subject specifies the regex pattern to match against to verify + the identity subject in the Fulcio certificate. The pattern must + be a valid Go regular expression. + type: string + required: + - issuer + - subject + type: object + type: array provider: default: cosign - description: Provider specifies the technology used to sign the OCI Artifact. + description: Provider specifies the technology used to sign the + OCI Artifact. enum: - cosign + - notation type: string secretRef: - description: SecretRef specifies the Kubernetes Secret containing the trusted public keys. + description: |- + SecretRef specifies the Kubernetes Secret containing the + trusted public keys. properties: name: description: Name of the referent. @@ -2974,14 +4308,17 @@ spec: description: OCIRepositoryStatus defines the observed state of OCIRepository properties: artifact: - description: Artifact represents the output of the last successful OCI Repository sync. + description: Artifact represents the output of the last successful + OCI Repository sync. properties: digest: description: Digest is the digest of the file in the form of ':'. pattern: ^[a-z0-9]+(?:[.+_-][a-z0-9]+)*:[a-zA-Z0-9=_-]+$ type: string lastUpdateTime: - description: LastUpdateTime is the timestamp corresponding to the last update of the Artifact. + description: |- + LastUpdateTime is the timestamp corresponding to the last update of the + Artifact. format: date-time type: string metadata: @@ -2990,21 +4327,25 @@ spec: description: Metadata holds upstream information such as OCI annotations. type: object path: - description: Path is the relative file path of the Artifact. It can be used to locate the file in the - root of the Artifact storage on the local file system of the controller managing the Source. + description: |- + Path is the relative file path of the Artifact. It can be used to locate + the file in the root of the Artifact storage on the local file system of + the controller managing the Source. type: string revision: - description: Revision is a human-readable identifier traceable in the origin source system. It can be - a Git commit SHA, Git tag, a Helm chart version, etc. + description: |- + Revision is a human-readable identifier traceable in the origin source + system. It can be a Git commit SHA, Git tag, a Helm chart version, etc. type: string size: description: Size is the number of bytes in the file. format: int64 type: integer url: - description: URL is the HTTP address of the Artifact as exposed by the controller managing the Source. - It can be used to retrieve the Artifact for consumption, e.g. by another controller applying the Artifact - contents. + description: |- + URL is the HTTP address of the Artifact as exposed by the controller + managing the Source. It can be used to retrieve the Artifact for + consumption, e.g. by another controller applying the Artifact contents. type: string required: - lastUpdateTime @@ -3015,35 +4356,43 @@ spec: conditions: description: Conditions holds the conditions for the OCIRepository. items: - description: "Condition contains details for one aspect of the current state of this API Resource. --- This - struct is intended for direct use as an array at the field path .status.conditions. For example, \n type - FooStatus struct{ // Represents the observations of a foo's current state. // Known .status.conditions.type - are: \"Available\", \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge // - +listType=map // +listMapKey=type Conditions []metav1.Condition `json:\"conditions,omitempty\" patchStrategy:\"merge\" - patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" + description: "Condition contains details for one aspect of the current + state of this API Resource.\n---\nThis struct is intended for + direct use as an array at the field path .status.conditions. For + example,\n\n\n\ttype FooStatus struct{\n\t // Represents the + observations of a foo's current state.\n\t // Known .status.conditions.type + are: \"Available\", \"Progressing\", and \"Degraded\"\n\t // + +patchMergeKey=type\n\t // +patchStrategy=merge\n\t // +listType=map\n\t + \ // +listMapKey=type\n\t Conditions []metav1.Condition `json:\"conditions,omitempty\" + patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"`\n\n\n\t + \ // other fields\n\t}" properties: lastTransitionTime: - description: lastTransitionTime is the last time the condition transitioned from one status to another. - This should be when the underlying condition changed. If that is not known, then using the time when - the API field changed is acceptable. + description: |- + lastTransitionTime is the last time the condition transitioned from one status to another. + This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. format: date-time type: string message: - description: message is a human readable message indicating details about the transition. This may be - an empty string. + description: |- + message is a human readable message indicating details about the transition. + This may be an empty string. maxLength: 32768 type: string observedGeneration: - description: observedGeneration represents the .metadata.generation that the condition was set based - upon. For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration - is 9, the condition is out of date with respect to the current state of the instance. + description: |- + observedGeneration represents the .metadata.generation that the condition was set based upon. + For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date + with respect to the current state of the instance. format: int64 minimum: 0 type: integer reason: - description: reason contains a programmatic identifier indicating the reason for the condition's last - transition. Producers of specific condition types may define expected values and meanings for this - field, and whether the values are considered a guaranteed API. The value should be a CamelCase string. + description: |- + reason contains a programmatic identifier indicating the reason for the condition's last transition. + Producers of specific condition types may define expected values and meanings for this field, + and whether the values are considered a guaranteed API. + The value should be a CamelCase string. This field may not be empty. maxLength: 1024 minLength: 1 @@ -3057,9 +4406,12 @@ spec: - Unknown type: string type: - description: type of condition in CamelCase or in foo.example.com/CamelCase. --- Many .condition.type - values are consistent across resources like Available, but because arbitrary conditions can be useful - (see .node.status.conditions), the ability to deconflict is important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + description: |- + type of condition in CamelCase or in foo.example.com/CamelCase. + --- + Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be + useful (see .node.status.conditions), the ability to deconflict is important. + The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) maxLength: 316 pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ type: string @@ -3072,41 +4424,60 @@ spec: type: object type: array contentConfigChecksum: - description: "ContentConfigChecksum is a checksum of all the configurations related to the content of the - source artifact: - .spec.ignore - .spec.layerSelector observed in .status.observedGeneration version of - the object. This can be used to determine if the content configuration has changed and the artifact needs - to be rebuilt. It has the format of `:`, for example: `sha256:`. \n Deprecated: - Replaced with explicit fields for observed artifact content config in the status." + description: |- + ContentConfigChecksum is a checksum of all the configurations related to + the content of the source artifact: + - .spec.ignore + - .spec.layerSelector + observed in .status.observedGeneration version of the object. This can + be used to determine if the content configuration has changed and the + artifact needs to be rebuilt. + It has the format of `:`, for example: `sha256:`. + + + Deprecated: Replaced with explicit fields for observed artifact content + config in the status. type: string lastHandledReconcileAt: - description: LastHandledReconcileAt holds the value of the most recent reconcile request value, so a change - of the annotation value can be detected. + description: |- + LastHandledReconcileAt holds the value of the most recent + reconcile request value, so a change of the annotation value + can be detected. type: string observedGeneration: description: ObservedGeneration is the last observed generation. format: int64 type: integer observedIgnore: - description: ObservedIgnore is the observed exclusion patterns used for constructing the source artifact. + description: |- + ObservedIgnore is the observed exclusion patterns used for constructing + the source artifact. type: string observedLayerSelector: - description: ObservedLayerSelector is the observed layer selector used for constructing the source artifact. + description: |- + ObservedLayerSelector is the observed layer selector used for constructing + the source artifact. properties: mediaType: - description: MediaType specifies the OCI media type of the layer which should be extracted from the OCI - Artifact. The first layer matching this type is selected. + description: |- + MediaType specifies the OCI media type of the layer + which should be extracted from the OCI Artifact. The + first layer matching this type is selected. type: string operation: - description: Operation specifies how the selected layer should be processed. By default, the layer compressed - content is extracted to storage. When the operation is set to 'copy', the layer compressed content is - persisted to storage as it is. + description: |- + Operation specifies how the selected layer should be processed. + By default, the layer compressed content is extracted to storage. + When the operation is set to 'copy', the layer compressed content + is persisted to storage as it is. enum: - extract - copy type: string type: object url: - description: URL is the download link for the artifact output of the last OCI Repository sync. + description: URL is the download link for the artifact output of the + last OCI Repository sync. type: string type: object type: object @@ -3122,7 +4493,7 @@ metadata: app.kubernetes.io/component: source-controller app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v2.1.1 + app.kubernetes.io/version: v2.3.0 name: source-controller namespace: flux-system --- @@ -3133,7 +4504,7 @@ metadata: app.kubernetes.io/component: source-controller app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v2.1.1 + app.kubernetes.io/version: v2.3.0 control-plane: controller name: source-controller namespace: flux-system @@ -3154,7 +4525,7 @@ metadata: app.kubernetes.io/component: source-controller app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v2.1.1 + app.kubernetes.io/version: v2.3.0 control-plane: controller name: source-controller namespace: flux-system @@ -3189,7 +4560,17 @@ spec: fieldPath: metadata.namespace - name: TUF_ROOT value: /tmp/.sigstore - image: ghcr.io/fluxcd/source-controller:v1.1.1 + - name: GOMAXPROCS + valueFrom: + resourceFieldRef: + containerName: manager + resource: limits.cpu + - name: GOMEMLIMIT + valueFrom: + resourceFieldRef: + containerName: manager + resource: limits.memory + image: ghcr.io/fluxcd/source-controller:v1.3.0 imagePullPolicy: IfNotPresent livenessProbe: httpGet: @@ -3248,12 +4629,12 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.12.0 + controller-gen.kubebuilder.io/version: v0.15.0 labels: app.kubernetes.io/component: kustomize-controller app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v2.1.1 + app.kubernetes.io/version: v2.3.0 name: kustomizations.kustomize.toolkit.fluxcd.io spec: group: kustomize.toolkit.fluxcd.io @@ -3282,21 +4663,32 @@ spec: description: Kustomization is the Schema for the kustomizations API. properties: apiVersion: - description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert - recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string kind: - description: 'Kind is a string value representing the REST resource this object represents. Servers may infer - this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string metadata: type: object spec: - description: KustomizationSpec defines the configuration to calculate the desired state from a Source using Kustomize. + description: |- + KustomizationSpec defines the configuration to calculate the desired state + from a Source using Kustomize. properties: commonMetadata: - description: CommonMetadata specifies the common labels and annotations that are applied to all resources. - Any existing label or annotation will be overridden if its key matches a common one. + description: |- + CommonMetadata specifies the common labels and annotations that are + applied to all resources. Any existing label or annotation will be + overridden if its key matches a common one. properties: annotations: additionalProperties: @@ -3310,12 +4702,14 @@ spec: type: object type: object components: - description: Components specifies relative paths to specifications of other Components. + description: Components specifies relative paths to specifications + of other Components. items: type: string type: array decryption: - description: Decrypt Kubernetes secrets before applying them on the cluster. + description: Decrypt Kubernetes secrets before applying them on the + cluster. properties: provider: description: Provider is the name of the decryption engine. @@ -3323,7 +4717,8 @@ spec: - sops type: string secretRef: - description: The secret name containing the private OpenPGP keys used for decryption. + description: The secret name containing the private OpenPGP keys + used for decryption. properties: name: description: Name of the referent. @@ -3335,17 +4730,21 @@ spec: - provider type: object dependsOn: - description: DependsOn may contain a meta.NamespacedObjectReference slice with references to Kustomization - resources that must be ready before this Kustomization can be reconciled. + description: |- + DependsOn may contain a meta.NamespacedObjectReference slice + with references to Kustomization resources that must be ready before this + Kustomization can be reconciled. items: - description: NamespacedObjectReference contains enough information to locate the referenced Kubernetes resource - object in any namespace. + description: |- + NamespacedObjectReference contains enough information to locate the referenced Kubernetes resource object in any + namespace. properties: name: description: Name of the referent. type: string namespace: - description: Namespace of the referent, when not specified it acts as LocalObjectReference. + description: Namespace of the referent, when not specified it + acts as LocalObjectReference. type: string required: - name @@ -3353,18 +4752,20 @@ spec: type: array force: default: false - description: Force instructs the controller to recreate resources when patching fails due to an immutable - field change. + description: |- + Force instructs the controller to recreate resources + when patching fails due to an immutable field change. type: boolean healthChecks: description: A list of resources to be included in the health assessment. items: - description: NamespacedObjectKindReference contains enough information to locate the typed referenced Kubernetes - resource object in any namespace. + description: |- + NamespacedObjectKindReference contains enough information to locate the typed referenced Kubernetes resource object + in any namespace. properties: apiVersion: - description: API version of the referent, if not specified the Kubernetes preferred version will be - used. + description: API version of the referent, if not specified the + Kubernetes preferred version will be used. type: string kind: description: Kind of the referent. @@ -3373,7 +4774,8 @@ spec: description: Name of the referent. type: string namespace: - description: Namespace of the referent, when not specified it acts as LocalObjectReference. + description: Namespace of the referent, when not specified it + acts as LocalObjectReference. type: string required: - kind @@ -3381,49 +4783,65 @@ spec: type: object type: array images: - description: Images is a list of (image name, new name, new tag or digest) for changing image names, tags - or digests. This can also be achieved with a patch, but this operator is simpler to specify. + description: |- + Images is a list of (image name, new name, new tag or digest) + for changing image names, tags or digests. This can also be achieved with a + patch, but this operator is simpler to specify. items: - description: Image contains an image name, a new name, a new tag or digest, which will replace the original - name and tag. + description: Image contains an image name, a new name, a new tag + or digest, which will replace the original name and tag. properties: digest: - description: Digest is the value used to replace the original image tag. If digest is present NewTag - value is ignored. + description: |- + Digest is the value used to replace the original image tag. + If digest is present NewTag value is ignored. type: string name: description: Name is a tag-less image name. type: string newName: - description: NewName is the value used to replace the original name. + description: NewName is the value used to replace the original + name. type: string newTag: - description: NewTag is the value used to replace the original tag. + description: NewTag is the value used to replace the original + tag. type: string required: - name type: object type: array interval: - description: The interval at which to reconcile the Kustomization. This interval is approximate and may be - subject to jitter to ensure efficient use of resources. + description: |- + The interval at which to reconcile the Kustomization. + This interval is approximate and may be subject to jitter to ensure + efficient use of resources. pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$ type: string kubeConfig: - description: The KubeConfig for reconciling the Kustomization on a remote cluster. When used in combination - with KustomizationSpec.ServiceAccountName, forces the controller to act on behalf of that Service Account - at the target cluster. If the --default-service-account flag is set, its value will be used as a controller - level fallback for when KustomizationSpec.ServiceAccountName is empty. + description: |- + The KubeConfig for reconciling the Kustomization on a remote cluster. + When used in combination with KustomizationSpec.ServiceAccountName, + forces the controller to act on behalf of that Service Account at the + target cluster. + If the --default-service-account flag is set, its value will be used as + a controller level fallback for when KustomizationSpec.ServiceAccountName + is empty. properties: secretRef: - description: SecretRef holds the name of a secret that contains a key with the kubeconfig file as the - value. If no key is set, the key will default to 'value'. It is recommended that the kubeconfig is self-contained, - and the secret is regularly updated if credentials such as a cloud-access-token expire. Cloud specific - `cmd-path` auth helpers will not function without adding binaries and credentials to the Pod that is - responsible for reconciling Kubernetes resources. + description: |- + SecretRef holds the name of a secret that contains a key with + the kubeconfig file as the value. If no key is set, the key will default + to 'value'. + It is recommended that the kubeconfig is self-contained, and the secret + is regularly updated if credentials such as a cloud-access-token expire. + Cloud specific `cmd-path` auth helpers will not function without adding + binaries and credentials to the Pod that is responsible for reconciling + Kubernetes resources. properties: key: - description: Key in the Secret, when not specified an implementation-specific default key is used. + description: Key in the Secret, when not specified an implementation-specific + default key is used. type: string name: description: Name of the Secret. @@ -3434,34 +4852,57 @@ spec: required: - secretRef type: object + namePrefix: + description: NamePrefix will prefix the names of all managed resources. + maxLength: 200 + minLength: 1 + type: string + nameSuffix: + description: NameSuffix will suffix the names of all managed resources. + maxLength: 200 + minLength: 1 + type: string patches: - description: Strategic merge and JSON patches, defined as inline YAML objects, capable of targeting objects - based on kind, label and annotation selectors. + description: |- + Strategic merge and JSON patches, defined as inline YAML objects, + capable of targeting objects based on kind, label and annotation selectors. items: - description: Patch contains an inline StrategicMerge or JSON6902 patch, and the target the patch should + description: |- + Patch contains an inline StrategicMerge or JSON6902 patch, and the target the patch should be applied to. properties: patch: - description: Patch contains an inline StrategicMerge patch or an inline JSON6902 patch with an array - of operation objects. + description: |- + Patch contains an inline StrategicMerge patch or an inline JSON6902 patch with + an array of operation objects. type: string target: - description: Target points to the resources that the patch document should be applied to. + description: Target points to the resources that the patch document + should be applied to. properties: annotationSelector: - description: AnnotationSelector is a string that follows the label selection expression https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#api + description: |- + AnnotationSelector is a string that follows the label selection expression + https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#api It matches with the resource annotations. type: string group: - description: Group is the API group to select resources from. Together with Version and Kind it - is capable of unambiguously identifying and/or selecting resources. https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md + description: |- + Group is the API group to select resources from. + Together with Version and Kind it is capable of unambiguously identifying and/or selecting resources. + https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md type: string kind: - description: Kind of the API Group to select resources from. Together with Group and Version it - is capable of unambiguously identifying and/or selecting resources. https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md + description: |- + Kind of the API Group to select resources from. + Together with Group and Version it is capable of unambiguously + identifying and/or selecting resources. + https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md type: string labelSelector: - description: LabelSelector is a string that follows the label selection expression https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#api + description: |- + LabelSelector is a string that follows the label selection expression + https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#api It matches with the resource labels. type: string name: @@ -3471,8 +4912,10 @@ spec: description: Namespace to select resources from. type: string version: - description: Version of the API Group to select resources from. Together with Group and Kind it - is capable of unambiguously identifying and/or selecting resources. https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md + description: |- + Version of the API Group to select resources from. + Together with Group and Kind it is capable of unambiguously identifying and/or selecting resources. + https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md type: string type: object required: @@ -3480,44 +4923,58 @@ spec: type: object type: array path: - description: Path to the directory containing the kustomization.yaml file, or the set of plain YAMLs a kustomization.yaml - should be generated for. Defaults to 'None', which translates to the root path of the SourceRef. + description: |- + Path to the directory containing the kustomization.yaml file, or the + set of plain YAMLs a kustomization.yaml should be generated for. + Defaults to 'None', which translates to the root path of the SourceRef. type: string postBuild: - description: PostBuild describes which actions to perform on the YAML manifest generated by building the kustomize - overlay. + description: |- + PostBuild describes which actions to perform on the YAML manifest + generated by building the kustomize overlay. properties: substitute: additionalProperties: type: string - description: Substitute holds a map of key/value pairs. The variables defined in your YAML manifests that - match any of the keys defined in the map will be substituted with the set value. Includes support for - bash string replacement functions e.g. ${var:=default}, ${var:position} and ${var/substring/replacement}. + description: |- + Substitute holds a map of key/value pairs. + The variables defined in your YAML manifests that match any of the keys + defined in the map will be substituted with the set value. + Includes support for bash string replacement functions + e.g. ${var:=default}, ${var:position} and ${var/substring/replacement}. type: object substituteFrom: - description: SubstituteFrom holds references to ConfigMaps and Secrets containing the variables and their - values to be substituted in the YAML manifests. The ConfigMap and the Secret data keys represent the - var names, and they must match the vars declared in the manifests for the substitution to happen. + description: |- + SubstituteFrom holds references to ConfigMaps and Secrets containing + the variables and their values to be substituted in the YAML manifests. + The ConfigMap and the Secret data keys represent the var names, and they + must match the vars declared in the manifests for the substitution to + happen. items: - description: SubstituteReference contains a reference to a resource containing the variables name and - value. + description: |- + SubstituteReference contains a reference to a resource containing + the variables name and value. properties: kind: - description: Kind of the values referent, valid values are ('Secret', 'ConfigMap'). + description: Kind of the values referent, valid values are + ('Secret', 'ConfigMap'). enum: - Secret - ConfigMap type: string name: - description: Name of the values referent. Should reside in the same namespace as the referring resource. + description: |- + Name of the values referent. Should reside in the same namespace as the + referring resource. maxLength: 253 minLength: 1 type: string optional: default: false - description: Optional indicates whether the referenced resource must exist, or whether to tolerate - its absence. If true and the referenced resource is absent, proceed as if the resource was present - but empty, without any variables defined. + description: |- + Optional indicates whether the referenced resource must exist, or whether to + tolerate its absence. If true and the referenced resource is absent, proceed + as if the resource was present but empty, without any variables defined. type: boolean required: - kind @@ -3529,15 +4986,20 @@ spec: description: Prune enables garbage collection. type: boolean retryInterval: - description: The interval at which to retry a previously failed reconciliation. When not specified, the controller - uses the KustomizationSpec.Interval value to retry failures. + description: |- + The interval at which to retry a previously failed reconciliation. + When not specified, the controller uses the KustomizationSpec.Interval + value to retry failures. pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$ type: string serviceAccountName: - description: The name of the Kubernetes service account to impersonate when reconciling this Kustomization. + description: |- + The name of the Kubernetes service account to impersonate + when reconciling this Kustomization. type: string sourceRef: - description: Reference of the source where the kustomization file is. + description: Reference of the source where the kustomization file + is. properties: apiVersion: description: API version of the referent. @@ -3553,29 +5015,36 @@ spec: description: Name of the referent. type: string namespace: - description: Namespace of the referent, defaults to the namespace of the Kubernetes resource object that - contains the reference. + description: |- + Namespace of the referent, defaults to the namespace of the Kubernetes + resource object that contains the reference. type: string required: - kind - name type: object suspend: - description: This flag tells the controller to suspend subsequent kustomize executions, it does not apply - to already started executions. Defaults to false. + description: |- + This flag tells the controller to suspend subsequent kustomize executions, + it does not apply to already started executions. Defaults to false. type: boolean targetNamespace: - description: TargetNamespace sets or overrides the namespace in the kustomization.yaml file. + description: |- + TargetNamespace sets or overrides the namespace in the + kustomization.yaml file. maxLength: 63 minLength: 1 type: string timeout: - description: Timeout for validation, apply and health checking operations. Defaults to 'Interval' duration. + description: |- + Timeout for validation, apply and health checking operations. + Defaults to 'Interval' duration. pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$ type: string wait: - description: Wait instructs the controller to check the health of all the reconciled resources. When enabled, - the HealthChecks are ignored. Defaults to false. + description: |- + Wait instructs the controller to check the health of all the reconciled + resources. When enabled, the HealthChecks are ignored. Defaults to false. type: boolean required: - interval @@ -3589,35 +5058,43 @@ spec: properties: conditions: items: - description: "Condition contains details for one aspect of the current state of this API Resource. --- This - struct is intended for direct use as an array at the field path .status.conditions. For example, \n type - FooStatus struct{ // Represents the observations of a foo's current state. // Known .status.conditions.type - are: \"Available\", \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge // - +listType=map // +listMapKey=type Conditions []metav1.Condition `json:\"conditions,omitempty\" patchStrategy:\"merge\" - patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" + description: "Condition contains details for one aspect of the current + state of this API Resource.\n---\nThis struct is intended for + direct use as an array at the field path .status.conditions. For + example,\n\n\n\ttype FooStatus struct{\n\t // Represents the + observations of a foo's current state.\n\t // Known .status.conditions.type + are: \"Available\", \"Progressing\", and \"Degraded\"\n\t // + +patchMergeKey=type\n\t // +patchStrategy=merge\n\t // +listType=map\n\t + \ // +listMapKey=type\n\t Conditions []metav1.Condition `json:\"conditions,omitempty\" + patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"`\n\n\n\t + \ // other fields\n\t}" properties: lastTransitionTime: - description: lastTransitionTime is the last time the condition transitioned from one status to another. - This should be when the underlying condition changed. If that is not known, then using the time when - the API field changed is acceptable. + description: |- + lastTransitionTime is the last time the condition transitioned from one status to another. + This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. format: date-time type: string message: - description: message is a human readable message indicating details about the transition. This may be - an empty string. + description: |- + message is a human readable message indicating details about the transition. + This may be an empty string. maxLength: 32768 type: string observedGeneration: - description: observedGeneration represents the .metadata.generation that the condition was set based - upon. For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration - is 9, the condition is out of date with respect to the current state of the instance. + description: |- + observedGeneration represents the .metadata.generation that the condition was set based upon. + For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date + with respect to the current state of the instance. format: int64 minimum: 0 type: integer reason: - description: reason contains a programmatic identifier indicating the reason for the condition's last - transition. Producers of specific condition types may define expected values and meanings for this - field, and whether the values are considered a guaranteed API. The value should be a CamelCase string. + description: |- + reason contains a programmatic identifier indicating the reason for the condition's last transition. + Producers of specific condition types may define expected values and meanings for this field, + and whether the values are considered a guaranteed API. + The value should be a CamelCase string. This field may not be empty. maxLength: 1024 minLength: 1 @@ -3631,9 +5108,12 @@ spec: - Unknown type: string type: - description: type of condition in CamelCase or in foo.example.com/CamelCase. --- Many .condition.type - values are consistent across resources like Available, but because arbitrary conditions can be useful - (see .node.status.conditions), the ability to deconflict is important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + description: |- + type of condition in CamelCase or in foo.example.com/CamelCase. + --- + Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be + useful (see .node.status.conditions), the ability to deconflict is important. + The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) maxLength: 316 pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ type: string @@ -3646,20 +5126,24 @@ spec: type: object type: array inventory: - description: Inventory contains the list of Kubernetes resource object references that have been successfully - applied. + description: |- + Inventory contains the list of Kubernetes resource object references that + have been successfully applied. properties: entries: description: Entries of Kubernetes resource object references. items: - description: ResourceRef contains the information necessary to locate a resource within a cluster. + description: ResourceRef contains the information necessary + to locate a resource within a cluster. properties: id: - description: ID is the string representation of the Kubernetes resource object's metadata, in the - format '___'. + description: |- + ID is the string representation of the Kubernetes resource object's metadata, + in the format '___'. type: string v: - description: Version is the API version of the Kubernetes resource object's kind. + description: Version is the API version of the Kubernetes + resource object's kind. type: string required: - id @@ -3670,15 +5154,19 @@ spec: - entries type: object lastAppliedRevision: - description: The last successfully applied revision. Equals the Revision of the applied Artifact from the - referenced Source. + description: |- + The last successfully applied revision. + Equals the Revision of the applied Artifact from the referenced Source. type: string lastAttemptedRevision: - description: LastAttemptedRevision is the revision of the last reconciliation attempt. + description: LastAttemptedRevision is the revision of the last reconciliation + attempt. type: string lastHandledReconcileAt: - description: LastHandledReconcileAt holds the value of the most recent reconcile request value, so a change - of the annotation value can be detected. + description: |- + LastHandledReconcileAt holds the value of the most recent + reconcile request value, so a change of the annotation value + can be detected. type: string observedGeneration: description: ObservedGeneration is the last reconciled generation. @@ -3708,12 +5196,19 @@ spec: description: Kustomization is the Schema for the kustomizations API. properties: apiVersion: - description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert - recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string kind: - description: 'Kind is a string value representing the REST resource this object represents. Servers may infer - this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string metadata: type: object @@ -3721,7 +5216,8 @@ spec: description: KustomizationSpec defines the desired state of a kustomization. properties: decryption: - description: Decrypt Kubernetes secrets before applying them on the cluster. + description: Decrypt Kubernetes secrets before applying them on the + cluster. properties: provider: description: Provider is the name of the decryption engine. @@ -3729,7 +5225,8 @@ spec: - sops type: string secretRef: - description: The secret name containing the private OpenPGP keys used for decryption. + description: The secret name containing the private OpenPGP keys + used for decryption. properties: name: description: Name of the referent. @@ -3741,17 +5238,21 @@ spec: - provider type: object dependsOn: - description: DependsOn may contain a meta.NamespacedObjectReference slice with references to Kustomization - resources that must be ready before this Kustomization can be reconciled. + description: |- + DependsOn may contain a meta.NamespacedObjectReference slice + with references to Kustomization resources that must be ready before this + Kustomization can be reconciled. items: - description: NamespacedObjectReference contains enough information to locate the referenced Kubernetes resource - object in any namespace. + description: |- + NamespacedObjectReference contains enough information to locate the referenced Kubernetes resource object in any + namespace. properties: name: description: Name of the referent. type: string namespace: - description: Namespace of the referent, when not specified it acts as LocalObjectReference. + description: Namespace of the referent, when not specified it + acts as LocalObjectReference. type: string required: - name @@ -3759,18 +5260,20 @@ spec: type: array force: default: false - description: Force instructs the controller to recreate resources when patching fails due to an immutable - field change. + description: |- + Force instructs the controller to recreate resources + when patching fails due to an immutable field change. type: boolean healthChecks: description: A list of resources to be included in the health assessment. items: - description: NamespacedObjectKindReference contains enough information to locate the typed referenced Kubernetes - resource object in any namespace. + description: |- + NamespacedObjectKindReference contains enough information to locate the typed referenced Kubernetes resource object + in any namespace. properties: apiVersion: - description: API version of the referent, if not specified the Kubernetes preferred version will be - used. + description: API version of the referent, if not specified the + Kubernetes preferred version will be used. type: string kind: description: Kind of the referent. @@ -3779,7 +5282,8 @@ spec: description: Name of the referent. type: string namespace: - description: Namespace of the referent, when not specified it acts as LocalObjectReference. + description: Namespace of the referent, when not specified it + acts as LocalObjectReference. type: string required: - kind @@ -3787,24 +5291,29 @@ spec: type: object type: array images: - description: Images is a list of (image name, new name, new tag or digest) for changing image names, tags - or digests. This can also be achieved with a patch, but this operator is simpler to specify. + description: |- + Images is a list of (image name, new name, new tag or digest) + for changing image names, tags or digests. This can also be achieved with a + patch, but this operator is simpler to specify. items: - description: Image contains an image name, a new name, a new tag or digest, which will replace the original - name and tag. + description: Image contains an image name, a new name, a new tag + or digest, which will replace the original name and tag. properties: digest: - description: Digest is the value used to replace the original image tag. If digest is present NewTag - value is ignored. + description: |- + Digest is the value used to replace the original image tag. + If digest is present NewTag value is ignored. type: string name: description: Name is a tag-less image name. type: string newName: - description: NewName is the value used to replace the original name. + description: NewName is the value used to replace the original + name. type: string newTag: - description: NewTag is the value used to replace the original tag. + description: NewTag is the value used to replace the original + tag. type: string required: - name @@ -3814,15 +5323,20 @@ spec: description: The interval at which to reconcile the Kustomization. type: string kubeConfig: - description: The KubeConfig for reconciling the Kustomization on a remote cluster. When specified, KubeConfig - takes precedence over ServiceAccountName. + description: |- + The KubeConfig for reconciling the Kustomization on a remote cluster. + When specified, KubeConfig takes precedence over ServiceAccountName. properties: secretRef: - description: SecretRef holds the name to a secret that contains a 'value' key with the kubeconfig file - as the value. It must be in the same namespace as the Kustomization. It is recommended that the kubeconfig - is self-contained, and the secret is regularly updated if credentials such as a cloud-access-token expire. - Cloud specific `cmd-path` auth helpers will not function without adding binaries and credentials to - the Pod that is responsible for reconciling the Kustomization. + description: |- + SecretRef holds the name to a secret that contains a 'value' key with + the kubeconfig file as the value. It must be in the same namespace as + the Kustomization. + It is recommended that the kubeconfig is self-contained, and the secret + is regularly updated if credentials such as a cloud-access-token expire. + Cloud specific `cmd-path` auth helpers will not function without adding + binaries and credentials to the Pod that is responsible for reconciling + the Kustomization. properties: name: description: Name of the referent. @@ -3832,33 +5346,46 @@ spec: type: object type: object patches: - description: Strategic merge and JSON patches, defined as inline YAML objects, capable of targeting objects - based on kind, label and annotation selectors. + description: |- + Strategic merge and JSON patches, defined as inline YAML objects, + capable of targeting objects based on kind, label and annotation selectors. items: - description: Patch contains an inline StrategicMerge or JSON6902 patch, and the target the patch should + description: |- + Patch contains an inline StrategicMerge or JSON6902 patch, and the target the patch should be applied to. properties: patch: - description: Patch contains an inline StrategicMerge patch or an inline JSON6902 patch with an array - of operation objects. + description: |- + Patch contains an inline StrategicMerge patch or an inline JSON6902 patch with + an array of operation objects. type: string target: - description: Target points to the resources that the patch document should be applied to. + description: Target points to the resources that the patch document + should be applied to. properties: annotationSelector: - description: AnnotationSelector is a string that follows the label selection expression https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#api + description: |- + AnnotationSelector is a string that follows the label selection expression + https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#api It matches with the resource annotations. type: string group: - description: Group is the API group to select resources from. Together with Version and Kind it - is capable of unambiguously identifying and/or selecting resources. https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md + description: |- + Group is the API group to select resources from. + Together with Version and Kind it is capable of unambiguously identifying and/or selecting resources. + https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md type: string kind: - description: Kind of the API Group to select resources from. Together with Group and Version it - is capable of unambiguously identifying and/or selecting resources. https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md + description: |- + Kind of the API Group to select resources from. + Together with Group and Version it is capable of unambiguously + identifying and/or selecting resources. + https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md type: string labelSelector: - description: LabelSelector is a string that follows the label selection expression https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#api + description: |- + LabelSelector is a string that follows the label selection expression + https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#api It matches with the resource labels. type: string name: @@ -3868,8 +5395,10 @@ spec: description: Namespace to select resources from. type: string version: - description: Version of the API Group to select resources from. Together with Group and Kind it - is capable of unambiguously identifying and/or selecting resources. https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md + description: |- + Version of the API Group to select resources from. + Together with Group and Kind it is capable of unambiguously identifying and/or selecting resources. + https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md type: string type: object required: @@ -3879,21 +5408,27 @@ spec: patchesJson6902: description: JSON 6902 patches, defined as inline YAML objects. items: - description: JSON6902Patch contains a JSON6902 patch and the target the patch should be applied to. + description: JSON6902Patch contains a JSON6902 patch and the target + the patch should be applied to. properties: patch: - description: Patch contains the JSON6902 patch document with an array of operation objects. + description: Patch contains the JSON6902 patch document with + an array of operation objects. items: - description: JSON6902 is a JSON6902 operation object. https://datatracker.ietf.org/doc/html/rfc6902#section-4 + description: |- + JSON6902 is a JSON6902 operation object. + https://datatracker.ietf.org/doc/html/rfc6902#section-4 properties: from: - description: From contains a JSON-pointer value that references a location within the target document - where the operation is performed. The meaning of the value depends on the value of Op, and is - NOT taken into account by all operations. + description: |- + From contains a JSON-pointer value that references a location within the target document where the operation is + performed. The meaning of the value depends on the value of Op, and is NOT taken into account by all operations. type: string op: - description: Op indicates the operation to perform. Its value MUST be one of "add", "remove", - "replace", "move", "copy", or "test". https://datatracker.ietf.org/doc/html/rfc6902#section-4 + description: |- + Op indicates the operation to perform. Its value MUST be one of "add", "remove", "replace", "move", "copy", or + "test". + https://datatracker.ietf.org/doc/html/rfc6902#section-4 enum: - test - remove @@ -3903,13 +5438,14 @@ spec: - copy type: string path: - description: Path contains the JSON-pointer value that references a location within the target - document where the operation is performed. The meaning of the value depends on the value of - Op. + description: |- + Path contains the JSON-pointer value that references a location within the target document where the operation + is performed. The meaning of the value depends on the value of Op. type: string value: - description: Value contains a valid JSON structure. The meaning of the value depends on the value - of Op, and is NOT taken into account by all operations. + description: |- + Value contains a valid JSON structure. The meaning of the value depends on the value of Op, and is NOT taken into + account by all operations. x-kubernetes-preserve-unknown-fields: true required: - op @@ -3917,22 +5453,32 @@ spec: type: object type: array target: - description: Target points to the resources that the patch document should be applied to. + description: Target points to the resources that the patch document + should be applied to. properties: annotationSelector: - description: AnnotationSelector is a string that follows the label selection expression https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#api + description: |- + AnnotationSelector is a string that follows the label selection expression + https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#api It matches with the resource annotations. type: string group: - description: Group is the API group to select resources from. Together with Version and Kind it - is capable of unambiguously identifying and/or selecting resources. https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md + description: |- + Group is the API group to select resources from. + Together with Version and Kind it is capable of unambiguously identifying and/or selecting resources. + https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md type: string kind: - description: Kind of the API Group to select resources from. Together with Group and Version it - is capable of unambiguously identifying and/or selecting resources. https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md + description: |- + Kind of the API Group to select resources from. + Together with Group and Version it is capable of unambiguously + identifying and/or selecting resources. + https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md type: string labelSelector: - description: LabelSelector is a string that follows the label selection expression https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#api + description: |- + LabelSelector is a string that follows the label selection expression + https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#api It matches with the resource labels. type: string name: @@ -3942,8 +5488,10 @@ spec: description: Namespace to select resources from. type: string version: - description: Version of the API Group to select resources from. Together with Group and Kind it - is capable of unambiguously identifying and/or selecting resources. https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md + description: |- + Version of the API Group to select resources from. + Together with Group and Kind it is capable of unambiguously identifying and/or selecting resources. + https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md type: string type: object required: @@ -3957,36 +5505,49 @@ spec: x-kubernetes-preserve-unknown-fields: true type: array path: - description: Path to the directory containing the kustomization.yaml file, or the set of plain YAMLs a kustomization.yaml - should be generated for. Defaults to 'None', which translates to the root path of the SourceRef. + description: |- + Path to the directory containing the kustomization.yaml file, or the + set of plain YAMLs a kustomization.yaml should be generated for. + Defaults to 'None', which translates to the root path of the SourceRef. type: string postBuild: - description: PostBuild describes which actions to perform on the YAML manifest generated by building the kustomize - overlay. + description: |- + PostBuild describes which actions to perform on the YAML manifest + generated by building the kustomize overlay. properties: substitute: additionalProperties: type: string - description: Substitute holds a map of key/value pairs. The variables defined in your YAML manifests that - match any of the keys defined in the map will be substituted with the set value. Includes support for - bash string replacement functions e.g. ${var:=default}, ${var:position} and ${var/substring/replacement}. + description: |- + Substitute holds a map of key/value pairs. + The variables defined in your YAML manifests + that match any of the keys defined in the map + will be substituted with the set value. + Includes support for bash string replacement functions + e.g. ${var:=default}, ${var:position} and ${var/substring/replacement}. type: object substituteFrom: - description: SubstituteFrom holds references to ConfigMaps and Secrets containing the variables and their - values to be substituted in the YAML manifests. The ConfigMap and the Secret data keys represent the - var names and they must match the vars declared in the manifests for the substitution to happen. + description: |- + SubstituteFrom holds references to ConfigMaps and Secrets containing + the variables and their values to be substituted in the YAML manifests. + The ConfigMap and the Secret data keys represent the var names and they + must match the vars declared in the manifests for the substitution to happen. items: - description: SubstituteReference contains a reference to a resource containing the variables name and - value. + description: |- + SubstituteReference contains a reference to a resource containing + the variables name and value. properties: kind: - description: Kind of the values referent, valid values are ('Secret', 'ConfigMap'). + description: Kind of the values referent, valid values are + ('Secret', 'ConfigMap'). enum: - Secret - ConfigMap type: string name: - description: Name of the values referent. Should reside in the same namespace as the referring resource. + description: |- + Name of the values referent. Should reside in the same namespace as the + referring resource. maxLength: 253 minLength: 1 type: string @@ -4000,14 +5561,19 @@ spec: description: Prune enables garbage collection. type: boolean retryInterval: - description: The interval at which to retry a previously failed reconciliation. When not specified, the controller - uses the KustomizationSpec.Interval value to retry failures. + description: |- + The interval at which to retry a previously failed reconciliation. + When not specified, the controller uses the KustomizationSpec.Interval + value to retry failures. type: string serviceAccountName: - description: The name of the Kubernetes service account to impersonate when reconciling this Kustomization. + description: |- + The name of the Kubernetes service account to impersonate + when reconciling this Kustomization. type: string sourceRef: - description: Reference of the source where the kustomization file is. + description: Reference of the source where the kustomization file + is. properties: apiVersion: description: API version of the referent @@ -4022,28 +5588,37 @@ spec: description: Name of the referent type: string namespace: - description: Namespace of the referent, defaults to the Kustomization namespace + description: Namespace of the referent, defaults to the Kustomization + namespace type: string required: - kind - name type: object suspend: - description: This flag tells the controller to suspend subsequent kustomize executions, it does not apply - to already started executions. Defaults to false. + description: |- + This flag tells the controller to suspend subsequent kustomize executions, + it does not apply to already started executions. Defaults to false. type: boolean targetNamespace: - description: TargetNamespace sets or overrides the namespace in the kustomization.yaml file. + description: |- + TargetNamespace sets or overrides the namespace in the + kustomization.yaml file. maxLength: 63 minLength: 1 type: string timeout: - description: Timeout for validation, apply and health checking operations. Defaults to 'Interval' duration. + description: |- + Timeout for validation, apply and health checking operations. + Defaults to 'Interval' duration. type: string validation: - description: Validate the Kubernetes objects before applying them on the cluster. The validation strategy - can be 'client' (local dry-run), 'server' (APIServer dry-run) or 'none'. When 'Force' is 'true', validation - will fallback to 'client' if set to 'server' because server-side validation is not supported in this scenario. + description: |- + Validate the Kubernetes objects before applying them on the cluster. + The validation strategy can be 'client' (local dry-run), 'server' + (APIServer dry-run) or 'none'. + When 'Force' is 'true', validation will fallback to 'client' if set to + 'server' because server-side validation is not supported in this scenario. enum: - none - client @@ -4061,35 +5636,43 @@ spec: properties: conditions: items: - description: "Condition contains details for one aspect of the current state of this API Resource. --- This - struct is intended for direct use as an array at the field path .status.conditions. For example, \n type - FooStatus struct{ // Represents the observations of a foo's current state. // Known .status.conditions.type - are: \"Available\", \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge // - +listType=map // +listMapKey=type Conditions []metav1.Condition `json:\"conditions,omitempty\" patchStrategy:\"merge\" - patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" + description: "Condition contains details for one aspect of the current + state of this API Resource.\n---\nThis struct is intended for + direct use as an array at the field path .status.conditions. For + example,\n\n\n\ttype FooStatus struct{\n\t // Represents the + observations of a foo's current state.\n\t // Known .status.conditions.type + are: \"Available\", \"Progressing\", and \"Degraded\"\n\t // + +patchMergeKey=type\n\t // +patchStrategy=merge\n\t // +listType=map\n\t + \ // +listMapKey=type\n\t Conditions []metav1.Condition `json:\"conditions,omitempty\" + patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"`\n\n\n\t + \ // other fields\n\t}" properties: lastTransitionTime: - description: lastTransitionTime is the last time the condition transitioned from one status to another. - This should be when the underlying condition changed. If that is not known, then using the time when - the API field changed is acceptable. + description: |- + lastTransitionTime is the last time the condition transitioned from one status to another. + This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. format: date-time type: string message: - description: message is a human readable message indicating details about the transition. This may be - an empty string. + description: |- + message is a human readable message indicating details about the transition. + This may be an empty string. maxLength: 32768 type: string observedGeneration: - description: observedGeneration represents the .metadata.generation that the condition was set based - upon. For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration - is 9, the condition is out of date with respect to the current state of the instance. + description: |- + observedGeneration represents the .metadata.generation that the condition was set based upon. + For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date + with respect to the current state of the instance. format: int64 minimum: 0 type: integer reason: - description: reason contains a programmatic identifier indicating the reason for the condition's last - transition. Producers of specific condition types may define expected values and meanings for this - field, and whether the values are considered a guaranteed API. The value should be a CamelCase string. + description: |- + reason contains a programmatic identifier indicating the reason for the condition's last transition. + Producers of specific condition types may define expected values and meanings for this field, + and whether the values are considered a guaranteed API. + The value should be a CamelCase string. This field may not be empty. maxLength: 1024 minLength: 1 @@ -4103,9 +5686,12 @@ spec: - Unknown type: string type: - description: type of condition in CamelCase or in foo.example.com/CamelCase. --- Many .condition.type - values are consistent across resources like Available, but because arbitrary conditions can be useful - (see .node.status.conditions), the ability to deconflict is important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + description: |- + type of condition in CamelCase or in foo.example.com/CamelCase. + --- + Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be + useful (see .node.status.conditions), the ability to deconflict is important. + The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) maxLength: 316 pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ type: string @@ -4118,14 +5704,19 @@ spec: type: object type: array lastAppliedRevision: - description: The last successfully applied revision. The revision format for Git sources is /. + description: |- + The last successfully applied revision. + The revision format for Git sources is /. type: string lastAttemptedRevision: - description: LastAttemptedRevision is the revision of the last reconciliation attempt. + description: LastAttemptedRevision is the revision of the last reconciliation + attempt. type: string lastHandledReconcileAt: - description: LastHandledReconcileAt holds the value of the most recent reconcile request value, so a change - of the annotation value can be detected. + description: |- + LastHandledReconcileAt holds the value of the most recent + reconcile request value, so a change of the annotation value + can be detected. type: string observedGeneration: description: ObservedGeneration is the last reconciled generation. @@ -4140,7 +5731,9 @@ spec: entries: description: A list of Kubernetes kinds grouped by namespace. items: - description: Snapshot holds the metadata of namespaced Kubernetes objects + description: |- + Snapshot holds the metadata of namespaced + Kubernetes objects properties: kinds: additionalProperties: @@ -4182,20 +5775,29 @@ spec: description: Kustomization is the Schema for the kustomizations API. properties: apiVersion: - description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert - recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string kind: - description: 'Kind is a string value representing the REST resource this object represents. Servers may infer - this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string metadata: type: object spec: - description: KustomizationSpec defines the configuration to calculate the desired state from a Source using Kustomize. + description: KustomizationSpec defines the configuration to calculate + the desired state from a Source using Kustomize. properties: commonMetadata: - description: CommonMetadata specifies the common labels and annotations that are applied to all resources. + description: |- + CommonMetadata specifies the common labels and annotations that are applied to all resources. Any existing label or annotation will be overridden if its key matches a common one. properties: annotations: @@ -4210,12 +5812,14 @@ spec: type: object type: object components: - description: Components specifies relative paths to specifications of other Components. + description: Components specifies relative paths to specifications + of other Components. items: type: string type: array decryption: - description: Decrypt Kubernetes secrets before applying them on the cluster. + description: Decrypt Kubernetes secrets before applying them on the + cluster. properties: provider: description: Provider is the name of the decryption engine. @@ -4223,7 +5827,8 @@ spec: - sops type: string secretRef: - description: The secret name containing the private OpenPGP keys used for decryption. + description: The secret name containing the private OpenPGP keys + used for decryption. properties: name: description: Name of the referent. @@ -4235,17 +5840,21 @@ spec: - provider type: object dependsOn: - description: DependsOn may contain a meta.NamespacedObjectReference slice with references to Kustomization - resources that must be ready before this Kustomization can be reconciled. + description: |- + DependsOn may contain a meta.NamespacedObjectReference slice + with references to Kustomization resources that must be ready before this + Kustomization can be reconciled. items: - description: NamespacedObjectReference contains enough information to locate the referenced Kubernetes resource - object in any namespace. + description: |- + NamespacedObjectReference contains enough information to locate the referenced Kubernetes resource object in any + namespace. properties: name: description: Name of the referent. type: string namespace: - description: Namespace of the referent, when not specified it acts as LocalObjectReference. + description: Namespace of the referent, when not specified it + acts as LocalObjectReference. type: string required: - name @@ -4253,18 +5862,20 @@ spec: type: array force: default: false - description: Force instructs the controller to recreate resources when patching fails due to an immutable - field change. + description: |- + Force instructs the controller to recreate resources + when patching fails due to an immutable field change. type: boolean healthChecks: description: A list of resources to be included in the health assessment. items: - description: NamespacedObjectKindReference contains enough information to locate the typed referenced Kubernetes - resource object in any namespace. + description: |- + NamespacedObjectKindReference contains enough information to locate the typed referenced Kubernetes resource object + in any namespace. properties: apiVersion: - description: API version of the referent, if not specified the Kubernetes preferred version will be - used. + description: API version of the referent, if not specified the + Kubernetes preferred version will be used. type: string kind: description: Kind of the referent. @@ -4273,7 +5884,8 @@ spec: description: Name of the referent. type: string namespace: - description: Namespace of the referent, when not specified it acts as LocalObjectReference. + description: Namespace of the referent, when not specified it + acts as LocalObjectReference. type: string required: - kind @@ -4281,24 +5893,29 @@ spec: type: object type: array images: - description: Images is a list of (image name, new name, new tag or digest) for changing image names, tags - or digests. This can also be achieved with a patch, but this operator is simpler to specify. + description: |- + Images is a list of (image name, new name, new tag or digest) + for changing image names, tags or digests. This can also be achieved with a + patch, but this operator is simpler to specify. items: - description: Image contains an image name, a new name, a new tag or digest, which will replace the original - name and tag. + description: Image contains an image name, a new name, a new tag + or digest, which will replace the original name and tag. properties: digest: - description: Digest is the value used to replace the original image tag. If digest is present NewTag - value is ignored. + description: |- + Digest is the value used to replace the original image tag. + If digest is present NewTag value is ignored. type: string name: description: Name is a tag-less image name. type: string newName: - description: NewName is the value used to replace the original name. + description: NewName is the value used to replace the original + name. type: string newTag: - description: NewTag is the value used to replace the original tag. + description: NewTag is the value used to replace the original + tag. type: string required: - name @@ -4309,20 +5926,29 @@ spec: pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$ type: string kubeConfig: - description: The KubeConfig for reconciling the Kustomization on a remote cluster. When used in combination - with KustomizationSpec.ServiceAccountName, forces the controller to act on behalf of that Service Account - at the target cluster. If the --default-service-account flag is set, its value will be used as a controller - level fallback for when KustomizationSpec.ServiceAccountName is empty. + description: |- + The KubeConfig for reconciling the Kustomization on a remote cluster. + When used in combination with KustomizationSpec.ServiceAccountName, + forces the controller to act on behalf of that Service Account at the + target cluster. + If the --default-service-account flag is set, its value will be used as + a controller level fallback for when KustomizationSpec.ServiceAccountName + is empty. properties: secretRef: - description: SecretRef holds the name of a secret that contains a key with the kubeconfig file as the - value. If no key is set, the key will default to 'value'. It is recommended that the kubeconfig is self-contained, - and the secret is regularly updated if credentials such as a cloud-access-token expire. Cloud specific - `cmd-path` auth helpers will not function without adding binaries and credentials to the Pod that is - responsible for reconciling Kubernetes resources. + description: |- + SecretRef holds the name of a secret that contains a key with + the kubeconfig file as the value. If no key is set, the key will default + to 'value'. + It is recommended that the kubeconfig is self-contained, and the secret + is regularly updated if credentials such as a cloud-access-token expire. + Cloud specific `cmd-path` auth helpers will not function without adding + binaries and credentials to the Pod that is responsible for reconciling + Kubernetes resources. properties: key: - description: Key in the Secret, when not specified an implementation-specific default key is used. + description: Key in the Secret, when not specified an implementation-specific + default key is used. type: string name: description: Name of the Secret. @@ -4334,33 +5960,46 @@ spec: - secretRef type: object patches: - description: Strategic merge and JSON patches, defined as inline YAML objects, capable of targeting objects - based on kind, label and annotation selectors. + description: |- + Strategic merge and JSON patches, defined as inline YAML objects, + capable of targeting objects based on kind, label and annotation selectors. items: - description: Patch contains an inline StrategicMerge or JSON6902 patch, and the target the patch should + description: |- + Patch contains an inline StrategicMerge or JSON6902 patch, and the target the patch should be applied to. properties: patch: - description: Patch contains an inline StrategicMerge patch or an inline JSON6902 patch with an array - of operation objects. + description: |- + Patch contains an inline StrategicMerge patch or an inline JSON6902 patch with + an array of operation objects. type: string target: - description: Target points to the resources that the patch document should be applied to. + description: Target points to the resources that the patch document + should be applied to. properties: annotationSelector: - description: AnnotationSelector is a string that follows the label selection expression https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#api + description: |- + AnnotationSelector is a string that follows the label selection expression + https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#api It matches with the resource annotations. type: string group: - description: Group is the API group to select resources from. Together with Version and Kind it - is capable of unambiguously identifying and/or selecting resources. https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md + description: |- + Group is the API group to select resources from. + Together with Version and Kind it is capable of unambiguously identifying and/or selecting resources. + https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md type: string kind: - description: Kind of the API Group to select resources from. Together with Group and Version it - is capable of unambiguously identifying and/or selecting resources. https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md + description: |- + Kind of the API Group to select resources from. + Together with Group and Version it is capable of unambiguously + identifying and/or selecting resources. + https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md type: string labelSelector: - description: LabelSelector is a string that follows the label selection expression https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#api + description: |- + LabelSelector is a string that follows the label selection expression + https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#api It matches with the resource labels. type: string name: @@ -4370,8 +6009,10 @@ spec: description: Namespace to select resources from. type: string version: - description: Version of the API Group to select resources from. Together with Group and Kind it - is capable of unambiguously identifying and/or selecting resources. https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md + description: |- + Version of the API Group to select resources from. + Together with Group and Kind it is capable of unambiguously identifying and/or selecting resources. + https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md type: string type: object required: @@ -4379,23 +6020,31 @@ spec: type: object type: array patchesJson6902: - description: 'JSON 6902 patches, defined as inline YAML objects. Deprecated: Use Patches instead.' + description: |- + JSON 6902 patches, defined as inline YAML objects. + Deprecated: Use Patches instead. items: - description: JSON6902Patch contains a JSON6902 patch and the target the patch should be applied to. + description: JSON6902Patch contains a JSON6902 patch and the target + the patch should be applied to. properties: patch: - description: Patch contains the JSON6902 patch document with an array of operation objects. + description: Patch contains the JSON6902 patch document with + an array of operation objects. items: - description: JSON6902 is a JSON6902 operation object. https://datatracker.ietf.org/doc/html/rfc6902#section-4 + description: |- + JSON6902 is a JSON6902 operation object. + https://datatracker.ietf.org/doc/html/rfc6902#section-4 properties: from: - description: From contains a JSON-pointer value that references a location within the target document - where the operation is performed. The meaning of the value depends on the value of Op, and is - NOT taken into account by all operations. + description: |- + From contains a JSON-pointer value that references a location within the target document where the operation is + performed. The meaning of the value depends on the value of Op, and is NOT taken into account by all operations. type: string op: - description: Op indicates the operation to perform. Its value MUST be one of "add", "remove", - "replace", "move", "copy", or "test". https://datatracker.ietf.org/doc/html/rfc6902#section-4 + description: |- + Op indicates the operation to perform. Its value MUST be one of "add", "remove", "replace", "move", "copy", or + "test". + https://datatracker.ietf.org/doc/html/rfc6902#section-4 enum: - test - remove @@ -4405,13 +6054,14 @@ spec: - copy type: string path: - description: Path contains the JSON-pointer value that references a location within the target - document where the operation is performed. The meaning of the value depends on the value of - Op. + description: |- + Path contains the JSON-pointer value that references a location within the target document where the operation + is performed. The meaning of the value depends on the value of Op. type: string value: - description: Value contains a valid JSON structure. The meaning of the value depends on the value - of Op, and is NOT taken into account by all operations. + description: |- + Value contains a valid JSON structure. The meaning of the value depends on the value of Op, and is NOT taken into + account by all operations. x-kubernetes-preserve-unknown-fields: true required: - op @@ -4419,22 +6069,32 @@ spec: type: object type: array target: - description: Target points to the resources that the patch document should be applied to. + description: Target points to the resources that the patch document + should be applied to. properties: annotationSelector: - description: AnnotationSelector is a string that follows the label selection expression https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#api + description: |- + AnnotationSelector is a string that follows the label selection expression + https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#api It matches with the resource annotations. type: string group: - description: Group is the API group to select resources from. Together with Version and Kind it - is capable of unambiguously identifying and/or selecting resources. https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md + description: |- + Group is the API group to select resources from. + Together with Version and Kind it is capable of unambiguously identifying and/or selecting resources. + https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md type: string kind: - description: Kind of the API Group to select resources from. Together with Group and Version it - is capable of unambiguously identifying and/or selecting resources. https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md + description: |- + Kind of the API Group to select resources from. + Together with Group and Version it is capable of unambiguously + identifying and/or selecting resources. + https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md type: string labelSelector: - description: LabelSelector is a string that follows the label selection expression https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#api + description: |- + LabelSelector is a string that follows the label selection expression + https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#api It matches with the resource labels. type: string name: @@ -4444,8 +6104,10 @@ spec: description: Namespace to select resources from. type: string version: - description: Version of the API Group to select resources from. Together with Group and Kind it - is capable of unambiguously identifying and/or selecting resources. https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md + description: |- + Version of the API Group to select resources from. + Together with Group and Kind it is capable of unambiguously identifying and/or selecting resources. + https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md type: string type: object required: @@ -4454,49 +6116,65 @@ spec: type: object type: array patchesStrategicMerge: - description: 'Strategic merge patches, defined as inline YAML objects. Deprecated: Use Patches instead.' + description: |- + Strategic merge patches, defined as inline YAML objects. + Deprecated: Use Patches instead. items: x-kubernetes-preserve-unknown-fields: true type: array path: - description: Path to the directory containing the kustomization.yaml file, or the set of plain YAMLs a kustomization.yaml - should be generated for. Defaults to 'None', which translates to the root path of the SourceRef. + description: |- + Path to the directory containing the kustomization.yaml file, or the + set of plain YAMLs a kustomization.yaml should be generated for. + Defaults to 'None', which translates to the root path of the SourceRef. type: string postBuild: - description: PostBuild describes which actions to perform on the YAML manifest generated by building the kustomize - overlay. + description: |- + PostBuild describes which actions to perform on the YAML manifest + generated by building the kustomize overlay. properties: substitute: additionalProperties: type: string - description: Substitute holds a map of key/value pairs. The variables defined in your YAML manifests that - match any of the keys defined in the map will be substituted with the set value. Includes support for - bash string replacement functions e.g. ${var:=default}, ${var:position} and ${var/substring/replacement}. + description: |- + Substitute holds a map of key/value pairs. + The variables defined in your YAML manifests + that match any of the keys defined in the map + will be substituted with the set value. + Includes support for bash string replacement functions + e.g. ${var:=default}, ${var:position} and ${var/substring/replacement}. type: object substituteFrom: - description: SubstituteFrom holds references to ConfigMaps and Secrets containing the variables and their - values to be substituted in the YAML manifests. The ConfigMap and the Secret data keys represent the - var names and they must match the vars declared in the manifests for the substitution to happen. + description: |- + SubstituteFrom holds references to ConfigMaps and Secrets containing + the variables and their values to be substituted in the YAML manifests. + The ConfigMap and the Secret data keys represent the var names and they + must match the vars declared in the manifests for the substitution to happen. items: - description: SubstituteReference contains a reference to a resource containing the variables name and - value. + description: |- + SubstituteReference contains a reference to a resource containing + the variables name and value. properties: kind: - description: Kind of the values referent, valid values are ('Secret', 'ConfigMap'). + description: Kind of the values referent, valid values are + ('Secret', 'ConfigMap'). enum: - Secret - ConfigMap type: string name: - description: Name of the values referent. Should reside in the same namespace as the referring resource. + description: |- + Name of the values referent. Should reside in the same namespace as the + referring resource. maxLength: 253 minLength: 1 type: string optional: default: false - description: Optional indicates whether the referenced resource must exist, or whether to tolerate - its absence. If true and the referenced resource is absent, proceed as if the resource was present - but empty, without any variables defined. + description: |- + Optional indicates whether the referenced resource must exist, or whether to + tolerate its absence. If true and the referenced resource is absent, proceed + as if the resource was present but empty, without any variables defined. type: boolean required: - kind @@ -4508,15 +6186,20 @@ spec: description: Prune enables garbage collection. type: boolean retryInterval: - description: The interval at which to retry a previously failed reconciliation. When not specified, the controller - uses the KustomizationSpec.Interval value to retry failures. + description: |- + The interval at which to retry a previously failed reconciliation. + When not specified, the controller uses the KustomizationSpec.Interval + value to retry failures. pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$ type: string serviceAccountName: - description: The name of the Kubernetes service account to impersonate when reconciling this Kustomization. + description: |- + The name of the Kubernetes service account to impersonate + when reconciling this Kustomization. type: string sourceRef: - description: Reference of the source where the kustomization file is. + description: Reference of the source where the kustomization file + is. properties: apiVersion: description: API version of the referent. @@ -4532,24 +6215,29 @@ spec: description: Name of the referent. type: string namespace: - description: Namespace of the referent, defaults to the namespace of the Kubernetes resource object that - contains the reference. + description: Namespace of the referent, defaults to the namespace + of the Kubernetes resource object that contains the reference. type: string required: - kind - name type: object suspend: - description: This flag tells the controller to suspend subsequent kustomize executions, it does not apply - to already started executions. Defaults to false. + description: |- + This flag tells the controller to suspend subsequent kustomize executions, + it does not apply to already started executions. Defaults to false. type: boolean targetNamespace: - description: TargetNamespace sets or overrides the namespace in the kustomization.yaml file. + description: |- + TargetNamespace sets or overrides the namespace in the + kustomization.yaml file. maxLength: 63 minLength: 1 type: string timeout: - description: Timeout for validation, apply and health checking operations. Defaults to 'Interval' duration. + description: |- + Timeout for validation, apply and health checking operations. + Defaults to 'Interval' duration. pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$ type: string validation: @@ -4560,8 +6248,9 @@ spec: - server type: string wait: - description: Wait instructs the controller to check the health of all the reconciled resources. When enabled, - the HealthChecks are ignored. Defaults to false. + description: |- + Wait instructs the controller to check the health of all the reconciled resources. + When enabled, the HealthChecks are ignored. Defaults to false. type: boolean required: - interval @@ -4575,35 +6264,43 @@ spec: properties: conditions: items: - description: "Condition contains details for one aspect of the current state of this API Resource. --- This - struct is intended for direct use as an array at the field path .status.conditions. For example, \n type - FooStatus struct{ // Represents the observations of a foo's current state. // Known .status.conditions.type - are: \"Available\", \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge // - +listType=map // +listMapKey=type Conditions []metav1.Condition `json:\"conditions,omitempty\" patchStrategy:\"merge\" - patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" + description: "Condition contains details for one aspect of the current + state of this API Resource.\n---\nThis struct is intended for + direct use as an array at the field path .status.conditions. For + example,\n\n\n\ttype FooStatus struct{\n\t // Represents the + observations of a foo's current state.\n\t // Known .status.conditions.type + are: \"Available\", \"Progressing\", and \"Degraded\"\n\t // + +patchMergeKey=type\n\t // +patchStrategy=merge\n\t // +listType=map\n\t + \ // +listMapKey=type\n\t Conditions []metav1.Condition `json:\"conditions,omitempty\" + patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"`\n\n\n\t + \ // other fields\n\t}" properties: lastTransitionTime: - description: lastTransitionTime is the last time the condition transitioned from one status to another. - This should be when the underlying condition changed. If that is not known, then using the time when - the API field changed is acceptable. + description: |- + lastTransitionTime is the last time the condition transitioned from one status to another. + This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. format: date-time type: string message: - description: message is a human readable message indicating details about the transition. This may be - an empty string. + description: |- + message is a human readable message indicating details about the transition. + This may be an empty string. maxLength: 32768 type: string observedGeneration: - description: observedGeneration represents the .metadata.generation that the condition was set based - upon. For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration - is 9, the condition is out of date with respect to the current state of the instance. + description: |- + observedGeneration represents the .metadata.generation that the condition was set based upon. + For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date + with respect to the current state of the instance. format: int64 minimum: 0 type: integer reason: - description: reason contains a programmatic identifier indicating the reason for the condition's last - transition. Producers of specific condition types may define expected values and meanings for this - field, and whether the values are considered a guaranteed API. The value should be a CamelCase string. + description: |- + reason contains a programmatic identifier indicating the reason for the condition's last transition. + Producers of specific condition types may define expected values and meanings for this field, + and whether the values are considered a guaranteed API. + The value should be a CamelCase string. This field may not be empty. maxLength: 1024 minLength: 1 @@ -4617,9 +6314,12 @@ spec: - Unknown type: string type: - description: type of condition in CamelCase or in foo.example.com/CamelCase. --- Many .condition.type - values are consistent across resources like Available, but because arbitrary conditions can be useful - (see .node.status.conditions), the ability to deconflict is important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + description: |- + type of condition in CamelCase or in foo.example.com/CamelCase. + --- + Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be + useful (see .node.status.conditions), the ability to deconflict is important. + The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) maxLength: 316 pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ type: string @@ -4632,20 +6332,23 @@ spec: type: object type: array inventory: - description: Inventory contains the list of Kubernetes resource object references that have been successfully - applied. + description: Inventory contains the list of Kubernetes resource object + references that have been successfully applied. properties: entries: description: Entries of Kubernetes resource object references. items: - description: ResourceRef contains the information necessary to locate a resource within a cluster. + description: ResourceRef contains the information necessary + to locate a resource within a cluster. properties: id: - description: ID is the string representation of the Kubernetes resource object's metadata, in the - format '___'. + description: |- + ID is the string representation of the Kubernetes resource object's metadata, + in the format '___'. type: string v: - description: Version is the API version of the Kubernetes resource object's kind. + description: Version is the API version of the Kubernetes + resource object's kind. type: string required: - id @@ -4656,15 +6359,19 @@ spec: - entries type: object lastAppliedRevision: - description: The last successfully applied revision. Equals the Revision of the applied Artifact from the - referenced Source. + description: |- + The last successfully applied revision. + Equals the Revision of the applied Artifact from the referenced Source. type: string lastAttemptedRevision: - description: LastAttemptedRevision is the revision of the last reconciliation attempt. + description: LastAttemptedRevision is the revision of the last reconciliation + attempt. type: string lastHandledReconcileAt: - description: LastHandledReconcileAt holds the value of the most recent reconcile request value, so a change - of the annotation value can be detected. + description: |- + LastHandledReconcileAt holds the value of the most recent + reconcile request value, so a change of the annotation value + can be detected. type: string observedGeneration: description: ObservedGeneration is the last reconciled generation. @@ -4684,7 +6391,7 @@ metadata: app.kubernetes.io/component: kustomize-controller app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v2.1.1 + app.kubernetes.io/version: v2.3.0 name: kustomize-controller namespace: flux-system --- @@ -4695,7 +6402,7 @@ metadata: app.kubernetes.io/component: kustomize-controller app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v2.1.1 + app.kubernetes.io/version: v2.3.0 control-plane: controller name: kustomize-controller namespace: flux-system @@ -4724,7 +6431,17 @@ spec: valueFrom: fieldRef: fieldPath: metadata.namespace - image: ghcr.io/fluxcd/kustomize-controller:v1.1.0 + - name: GOMAXPROCS + valueFrom: + resourceFieldRef: + containerName: manager + resource: limits.cpu + - name: GOMEMLIMIT + valueFrom: + resourceFieldRef: + containerName: manager + resource: limits.memory + image: ghcr.io/fluxcd/kustomize-controller:v1.3.0 imagePullPolicy: IfNotPresent livenessProbe: httpGet: @@ -4776,12 +6493,12 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.12.0 + controller-gen.kubebuilder.io/version: v0.15.0 labels: app.kubernetes.io/component: helm-controller app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v2.1.1 + app.kubernetes.io/version: v2.3.0 name: helmreleases.helm.toolkit.fluxcd.io spec: group: helm.toolkit.fluxcd.io @@ -4804,18 +6521,25 @@ spec: - jsonPath: .status.conditions[?(@.type=="Ready")].message name: Status type: string - name: v2beta1 + name: v2 schema: openAPIV3Schema: description: HelmRelease is the Schema for the helmreleases API properties: apiVersion: - description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert - recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string kind: - description: 'Kind is a string value representing the REST resource this object represents. Servers may infer - this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string metadata: type: object @@ -4823,46 +6547,66 @@ spec: description: HelmReleaseSpec defines the desired state of a Helm release. properties: chart: - description: Chart defines the template of the v1beta2.HelmChart that should be created for this HelmRelease. + description: |- + Chart defines the template of the v1.HelmChart that should be created + for this HelmRelease. properties: metadata: - description: ObjectMeta holds the template for metadata like labels and annotations. + description: ObjectMeta holds the template for metadata like labels + and annotations. properties: annotations: additionalProperties: type: string - description: 'Annotations is an unstructured key value map stored with a resource that may be set - by external tools to store and retrieve arbitrary metadata. They are not queryable and should be - preserved when modifying objects. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations/' + description: |- + Annotations is an unstructured key value map stored with a resource that may be + set by external tools to store and retrieve arbitrary metadata. They are not + queryable and should be preserved when modifying objects. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations/ type: object labels: additionalProperties: type: string - description: 'Map of string keys and values that can be used to organize and categorize (scope and - select) objects. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/' + description: |- + Map of string keys and values that can be used to organize and categorize + (scope and select) objects. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/ type: object type: object spec: - description: Spec holds the template for the v1beta2.HelmChartSpec for this HelmRelease. + description: Spec holds the template for the v1.HelmChartSpec + for this HelmRelease. properties: chart: - description: The name or path the Helm chart is available at in the SourceRef. + description: The name or path the Helm chart is available + at in the SourceRef. + maxLength: 2048 + minLength: 1 type: string + ignoreMissingValuesFiles: + description: IgnoreMissingValuesFiles controls whether to + silently ignore missing values files rather than failing. + type: boolean interval: - description: Interval at which to check the v1beta2.Source for updates. Defaults to 'HelmReleaseSpec.Interval'. + description: |- + Interval at which to check the v1.Source for updates. Defaults to + 'HelmReleaseSpec.Interval'. pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$ type: string reconcileStrategy: default: ChartVersion - description: Determines what enables the creation of a new artifact. Valid values are ('ChartVersion', - 'Revision'). See the documentation of the values for an explanation on their behavior. Defaults - to ChartVersion when omitted. + description: |- + Determines what enables the creation of a new artifact. Valid values are + ('ChartVersion', 'Revision'). + See the documentation of the values for an explanation on their behavior. + Defaults to ChartVersion when omitted. enum: - ChartVersion - Revision type: string sourceRef: - description: The name and namespace of the v1beta2.Source the chart is available at. + description: The name and namespace of the v1.Source the chart + is available at. properties: apiVersion: description: APIVersion of the referent. @@ -4887,32 +6631,36 @@ spec: required: - name type: object - valuesFile: - description: Alternative values file to use as the default chart values, expected to be a relative - path in the SourceRef. Deprecated in favor of ValuesFiles, for backwards compatibility the file - defined here is merged before the ValuesFiles items. Ignored when omitted. - type: string valuesFiles: - description: Alternative list of values files to use as the chart values (values.yaml is not included - by default), expected to be a relative path in the SourceRef. Values files are merged in the order - of this list with the last file overriding the first. Ignored when omitted. + description: |- + Alternative list of values files to use as the chart values (values.yaml + is not included by default), expected to be a relative path in the SourceRef. + Values files are merged in the order of this list with the last file overriding + the first. Ignored when omitted. items: type: string type: array verify: - description: Verify contains the secret name containing the trusted public keys used to verify the - signature and specifies which provider to use to check whether OCI image is authentic. This field - is only supported for OCI sources. Chart dependencies, which are not bundled in the umbrella chart - artifact, are not verified. + description: |- + Verify contains the secret name containing the trusted public keys + used to verify the signature and specifies which provider to use to check + whether OCI image is authentic. + This field is only supported for OCI sources. + Chart dependencies, which are not bundled in the umbrella chart artifact, + are not verified. properties: provider: default: cosign - description: Provider specifies the technology used to sign the OCI Helm chart. + description: Provider specifies the technology used to + sign the OCI Helm chart. enum: - cosign + - notation type: string secretRef: - description: SecretRef specifies the Kubernetes Secret containing the trusted public keys. + description: |- + SecretRef specifies the Kubernetes Secret containing the + trusted public keys. properties: name: description: Name of the referent. @@ -4925,8 +6673,9 @@ spec: type: object version: default: '*' - description: Version semver expression, ignored for charts from v1beta2.GitRepository and v1beta2.Bucket - sources. Defaults to latest when omitted. + description: |- + Version semver expression, ignored for charts from v1.GitRepository and + v1beta2.Bucket sources. Defaults to latest when omitted. type: string required: - chart @@ -4935,109 +6684,2722 @@ spec: required: - spec type: object + chartRef: + description: |- + ChartRef holds a reference to a source controller resource containing the + Helm chart artifact. + properties: + apiVersion: + description: APIVersion of the referent. + type: string + kind: + description: Kind of the referent. + enum: + - OCIRepository + - HelmChart + type: string + name: + description: Name of the referent. + maxLength: 253 + minLength: 1 + type: string + namespace: + description: |- + Namespace of the referent, defaults to the namespace of the Kubernetes + resource object that contains the reference. + maxLength: 63 + minLength: 1 + type: string + required: + - kind + - name + type: object dependsOn: - description: DependsOn may contain a meta.NamespacedObjectReference slice with references to HelmRelease resources - that must be ready before this HelmRelease can be reconciled. + description: |- + DependsOn may contain a meta.NamespacedObjectReference slice with + references to HelmRelease resources that must be ready before this HelmRelease + can be reconciled. items: - description: NamespacedObjectReference contains enough information to locate the referenced Kubernetes resource - object in any namespace. + description: |- + NamespacedObjectReference contains enough information to locate the referenced Kubernetes resource object in any + namespace. properties: name: description: Name of the referent. type: string namespace: - description: Namespace of the referent, when not specified it acts as LocalObjectReference. + description: Namespace of the referent, when not specified it + acts as LocalObjectReference. type: string required: - name type: object type: array - install: - description: Install holds the configuration for Helm install actions for this HelmRelease. + driftDetection: + description: |- + DriftDetection holds the configuration for detecting and handling + differences between the manifest in the Helm storage and the resources + currently existing in the cluster. + properties: + ignore: + description: |- + Ignore contains a list of rules for specifying which changes to ignore + during diffing. + items: + description: |- + IgnoreRule defines a rule to selectively disregard specific changes during + the drift detection process. + properties: + paths: + description: |- + Paths is a list of JSON Pointer (RFC 6901) paths to be excluded from + consideration in a Kubernetes object. + items: + type: string + type: array + target: + description: |- + Target is a selector for specifying Kubernetes objects to which this + rule applies. + If Target is not set, the Paths will be ignored for all Kubernetes + objects within the manifest of the Helm release. + properties: + annotationSelector: + description: |- + AnnotationSelector is a string that follows the label selection expression + https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#api + It matches with the resource annotations. + type: string + group: + description: |- + Group is the API group to select resources from. + Together with Version and Kind it is capable of unambiguously identifying and/or selecting resources. + https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md + type: string + kind: + description: |- + Kind of the API Group to select resources from. + Together with Group and Version it is capable of unambiguously + identifying and/or selecting resources. + https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md + type: string + labelSelector: + description: |- + LabelSelector is a string that follows the label selection expression + https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#api + It matches with the resource labels. + type: string + name: + description: Name to match resources with. + type: string + namespace: + description: Namespace to select resources from. + type: string + version: + description: |- + Version of the API Group to select resources from. + Together with Group and Kind it is capable of unambiguously identifying and/or selecting resources. + https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md + type: string + type: object + required: + - paths + type: object + type: array + mode: + description: |- + Mode defines how differences should be handled between the Helm manifest + and the manifest currently applied to the cluster. + If not explicitly set, it defaults to DiffModeDisabled. + enum: + - enabled + - warn + - disabled + type: string + type: object + install: + description: Install holds the configuration for Helm install actions + for this HelmRelease. + properties: + crds: + description: |- + CRDs upgrade CRDs from the Helm Chart's crds directory according + to the CRD upgrade policy provided here. Valid values are `Skip`, + `Create` or `CreateReplace`. Default is `Create` and if omitted + CRDs are installed but not updated. + + + Skip: do neither install nor replace (update) any CRDs. + + + Create: new CRDs are created, existing CRDs are neither updated nor deleted. + + + CreateReplace: new CRDs are created, existing CRDs are updated (replaced) + but not deleted. + + + By default, CRDs are applied (installed) during Helm install action. + With this option users can opt in to CRD replace existing CRDs on Helm + install actions, which is not (yet) natively supported by Helm. + https://helm.sh/docs/chart_best_practices/custom_resource_definitions. + enum: + - Skip + - Create + - CreateReplace + type: string + createNamespace: + description: |- + CreateNamespace tells the Helm install action to create the + HelmReleaseSpec.TargetNamespace if it does not exist yet. + On uninstall, the namespace will not be garbage collected. + type: boolean + disableHooks: + description: DisableHooks prevents hooks from running during the + Helm install action. + type: boolean + disableOpenAPIValidation: + description: |- + DisableOpenAPIValidation prevents the Helm install action from validating + rendered templates against the Kubernetes OpenAPI Schema. + type: boolean + disableWait: + description: |- + DisableWait disables the waiting for resources to be ready after a Helm + install has been performed. + type: boolean + disableWaitForJobs: + description: |- + DisableWaitForJobs disables waiting for jobs to complete after a Helm + install has been performed. + type: boolean + remediation: + description: |- + Remediation holds the remediation configuration for when the Helm install + action for the HelmRelease fails. The default is to not perform any action. + properties: + ignoreTestFailures: + description: |- + IgnoreTestFailures tells the controller to skip remediation when the Helm + tests are run after an install action but fail. Defaults to + 'Test.IgnoreFailures'. + type: boolean + remediateLastFailure: + description: |- + RemediateLastFailure tells the controller to remediate the last failure, when + no retries remain. Defaults to 'false'. + type: boolean + retries: + description: |- + Retries is the number of retries that should be attempted on failures before + bailing. Remediation, using an uninstall, is performed between each attempt. + Defaults to '0', a negative integer equals to unlimited retries. + type: integer + type: object + replace: + description: |- + Replace tells the Helm install action to re-use the 'ReleaseName', but only + if that name is a deleted release which remains in the history. + type: boolean + skipCRDs: + description: |- + SkipCRDs tells the Helm install action to not install any CRDs. By default, + CRDs are installed if not already present. + + + Deprecated use CRD policy (`crds`) attribute with value `Skip` instead. + type: boolean + timeout: + description: |- + Timeout is the time to wait for any individual Kubernetes operation (like + Jobs for hooks) during the performance of a Helm install action. Defaults to + 'HelmReleaseSpec.Timeout'. + pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$ + type: string + type: object + interval: + description: Interval at which to reconcile the Helm release. + pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$ + type: string + kubeConfig: + description: |- + KubeConfig for reconciling the HelmRelease on a remote cluster. + When used in combination with HelmReleaseSpec.ServiceAccountName, + forces the controller to act on behalf of that Service Account at the + target cluster. + If the --default-service-account flag is set, its value will be used as + a controller level fallback for when HelmReleaseSpec.ServiceAccountName + is empty. + properties: + secretRef: + description: |- + SecretRef holds the name of a secret that contains a key with + the kubeconfig file as the value. If no key is set, the key will default + to 'value'. + It is recommended that the kubeconfig is self-contained, and the secret + is regularly updated if credentials such as a cloud-access-token expire. + Cloud specific `cmd-path` auth helpers will not function without adding + binaries and credentials to the Pod that is responsible for reconciling + Kubernetes resources. + properties: + key: + description: Key in the Secret, when not specified an implementation-specific + default key is used. + type: string + name: + description: Name of the Secret. + type: string + required: + - name + type: object + required: + - secretRef + type: object + maxHistory: + description: |- + MaxHistory is the number of revisions saved by Helm for this HelmRelease. + Use '0' for an unlimited number of revisions; defaults to '5'. + type: integer + persistentClient: + description: |- + PersistentClient tells the controller to use a persistent Kubernetes + client for this release. When enabled, the client will be reused for the + duration of the reconciliation, instead of being created and destroyed + for each (step of a) Helm action. + + + This can improve performance, but may cause issues with some Helm charts + that for example do create Custom Resource Definitions during installation + outside Helm's CRD lifecycle hooks, which are then not observed to be + available by e.g. post-install hooks. + + + If not set, it defaults to true. + type: boolean + postRenderers: + description: |- + PostRenderers holds an array of Helm PostRenderers, which will be applied in order + of their definition. + items: + description: PostRenderer contains a Helm PostRenderer specification. + properties: + kustomize: + description: Kustomization to apply as PostRenderer. + properties: + images: + description: |- + Images is a list of (image name, new name, new tag or digest) + for changing image names, tags or digests. This can also be achieved with a + patch, but this operator is simpler to specify. + items: + description: Image contains an image name, a new name, + a new tag or digest, which will replace the original + name and tag. + properties: + digest: + description: |- + Digest is the value used to replace the original image tag. + If digest is present NewTag value is ignored. + type: string + name: + description: Name is a tag-less image name. + type: string + newName: + description: NewName is the value used to replace + the original name. + type: string + newTag: + description: NewTag is the value used to replace the + original tag. + type: string + required: + - name + type: object + type: array + patches: + description: |- + Strategic merge and JSON patches, defined as inline YAML objects, + capable of targeting objects based on kind, label and annotation selectors. + items: + description: |- + Patch contains an inline StrategicMerge or JSON6902 patch, and the target the patch should + be applied to. + properties: + patch: + description: |- + Patch contains an inline StrategicMerge patch or an inline JSON6902 patch with + an array of operation objects. + type: string + target: + description: Target points to the resources that the + patch document should be applied to. + properties: + annotationSelector: + description: |- + AnnotationSelector is a string that follows the label selection expression + https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#api + It matches with the resource annotations. + type: string + group: + description: |- + Group is the API group to select resources from. + Together with Version and Kind it is capable of unambiguously identifying and/or selecting resources. + https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md + type: string + kind: + description: |- + Kind of the API Group to select resources from. + Together with Group and Version it is capable of unambiguously + identifying and/or selecting resources. + https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md + type: string + labelSelector: + description: |- + LabelSelector is a string that follows the label selection expression + https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#api + It matches with the resource labels. + type: string + name: + description: Name to match resources with. + type: string + namespace: + description: Namespace to select resources from. + type: string + version: + description: |- + Version of the API Group to select resources from. + Together with Group and Kind it is capable of unambiguously identifying and/or selecting resources. + https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md + type: string + type: object + required: + - patch + type: object + type: array + type: object + type: object + type: array + releaseName: + description: |- + ReleaseName used for the Helm release. Defaults to a composition of + '[TargetNamespace-]Name'. + maxLength: 53 + minLength: 1 + type: string + rollback: + description: Rollback holds the configuration for Helm rollback actions + for this HelmRelease. + properties: + cleanupOnFail: + description: |- + CleanupOnFail allows deletion of new resources created during the Helm + rollback action when it fails. + type: boolean + disableHooks: + description: DisableHooks prevents hooks from running during the + Helm rollback action. + type: boolean + disableWait: + description: |- + DisableWait disables the waiting for resources to be ready after a Helm + rollback has been performed. + type: boolean + disableWaitForJobs: + description: |- + DisableWaitForJobs disables waiting for jobs to complete after a Helm + rollback has been performed. + type: boolean + force: + description: Force forces resource updates through a replacement + strategy. + type: boolean + recreate: + description: Recreate performs pod restarts for the resource if + applicable. + type: boolean + timeout: + description: |- + Timeout is the time to wait for any individual Kubernetes operation (like + Jobs for hooks) during the performance of a Helm rollback action. Defaults to + 'HelmReleaseSpec.Timeout'. + pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$ + type: string + type: object + serviceAccountName: + description: |- + The name of the Kubernetes service account to impersonate + when reconciling this HelmRelease. + maxLength: 253 + minLength: 1 + type: string + storageNamespace: + description: |- + StorageNamespace used for the Helm storage. + Defaults to the namespace of the HelmRelease. + maxLength: 63 + minLength: 1 + type: string + suspend: + description: |- + Suspend tells the controller to suspend reconciliation for this HelmRelease, + it does not apply to already started reconciliations. Defaults to false. + type: boolean + targetNamespace: + description: |- + TargetNamespace to target when performing operations for the HelmRelease. + Defaults to the namespace of the HelmRelease. + maxLength: 63 + minLength: 1 + type: string + test: + description: Test holds the configuration for Helm test actions for + this HelmRelease. + properties: + enable: + description: |- + Enable enables Helm test actions for this HelmRelease after an Helm install + or upgrade action has been performed. + type: boolean + filters: + description: Filters is a list of tests to run or exclude from + running. + items: + description: Filter holds the configuration for individual Helm + test filters. + properties: + exclude: + description: Exclude specifies whether the named test should + be excluded. + type: boolean + name: + description: Name is the name of the test. + maxLength: 253 + minLength: 1 + type: string + required: + - name + type: object + type: array + ignoreFailures: + description: |- + IgnoreFailures tells the controller to skip remediation when the Helm tests + are run but fail. Can be overwritten for tests run after install or upgrade + actions in 'Install.IgnoreTestFailures' and 'Upgrade.IgnoreTestFailures'. + type: boolean + timeout: + description: |- + Timeout is the time to wait for any individual Kubernetes operation during + the performance of a Helm test action. Defaults to 'HelmReleaseSpec.Timeout'. + pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$ + type: string + type: object + timeout: + description: |- + Timeout is the time to wait for any individual Kubernetes operation (like Jobs + for hooks) during the performance of a Helm action. Defaults to '5m0s'. + pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$ + type: string + uninstall: + description: Uninstall holds the configuration for Helm uninstall + actions for this HelmRelease. + properties: + deletionPropagation: + default: background + description: |- + DeletionPropagation specifies the deletion propagation policy when + a Helm uninstall is performed. + enum: + - background + - foreground + - orphan + type: string + disableHooks: + description: DisableHooks prevents hooks from running during the + Helm rollback action. + type: boolean + disableWait: + description: |- + DisableWait disables waiting for all the resources to be deleted after + a Helm uninstall is performed. + type: boolean + keepHistory: + description: |- + KeepHistory tells Helm to remove all associated resources and mark the + release as deleted, but retain the release history. + type: boolean + timeout: + description: |- + Timeout is the time to wait for any individual Kubernetes operation (like + Jobs for hooks) during the performance of a Helm uninstall action. Defaults + to 'HelmReleaseSpec.Timeout'. + pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$ + type: string + type: object + upgrade: + description: Upgrade holds the configuration for Helm upgrade actions + for this HelmRelease. + properties: + cleanupOnFail: + description: |- + CleanupOnFail allows deletion of new resources created during the Helm + upgrade action when it fails. + type: boolean + crds: + description: |- + CRDs upgrade CRDs from the Helm Chart's crds directory according + to the CRD upgrade policy provided here. Valid values are `Skip`, + `Create` or `CreateReplace`. Default is `Skip` and if omitted + CRDs are neither installed nor upgraded. + + + Skip: do neither install nor replace (update) any CRDs. + + + Create: new CRDs are created, existing CRDs are neither updated nor deleted. + + + CreateReplace: new CRDs are created, existing CRDs are updated (replaced) + but not deleted. + + + By default, CRDs are not applied during Helm upgrade action. With this + option users can opt-in to CRD upgrade, which is not (yet) natively supported by Helm. + https://helm.sh/docs/chart_best_practices/custom_resource_definitions. + enum: + - Skip + - Create + - CreateReplace + type: string + disableHooks: + description: DisableHooks prevents hooks from running during the + Helm upgrade action. + type: boolean + disableOpenAPIValidation: + description: |- + DisableOpenAPIValidation prevents the Helm upgrade action from validating + rendered templates against the Kubernetes OpenAPI Schema. + type: boolean + disableWait: + description: |- + DisableWait disables the waiting for resources to be ready after a Helm + upgrade has been performed. + type: boolean + disableWaitForJobs: + description: |- + DisableWaitForJobs disables waiting for jobs to complete after a Helm + upgrade has been performed. + type: boolean + force: + description: Force forces resource updates through a replacement + strategy. + type: boolean + preserveValues: + description: |- + PreserveValues will make Helm reuse the last release's values and merge in + overrides from 'Values'. Setting this flag makes the HelmRelease + non-declarative. + type: boolean + remediation: + description: |- + Remediation holds the remediation configuration for when the Helm upgrade + action for the HelmRelease fails. The default is to not perform any action. + properties: + ignoreTestFailures: + description: |- + IgnoreTestFailures tells the controller to skip remediation when the Helm + tests are run after an upgrade action but fail. + Defaults to 'Test.IgnoreFailures'. + type: boolean + remediateLastFailure: + description: |- + RemediateLastFailure tells the controller to remediate the last failure, when + no retries remain. Defaults to 'false' unless 'Retries' is greater than 0. + type: boolean + retries: + description: |- + Retries is the number of retries that should be attempted on failures before + bailing. Remediation, using 'Strategy', is performed between each attempt. + Defaults to '0', a negative integer equals to unlimited retries. + type: integer + strategy: + description: Strategy to use for failure remediation. Defaults + to 'rollback'. + enum: + - rollback + - uninstall + type: string + type: object + timeout: + description: |- + Timeout is the time to wait for any individual Kubernetes operation (like + Jobs for hooks) during the performance of a Helm upgrade action. Defaults to + 'HelmReleaseSpec.Timeout'. + pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$ + type: string + type: object + values: + description: Values holds the values for this Helm release. + x-kubernetes-preserve-unknown-fields: true + valuesFrom: + description: |- + ValuesFrom holds references to resources containing Helm values for this HelmRelease, + and information about how they should be merged. + items: + description: |- + ValuesReference contains a reference to a resource containing Helm values, + and optionally the key they can be found at. + properties: + kind: + description: Kind of the values referent, valid values are ('Secret', + 'ConfigMap'). + enum: + - Secret + - ConfigMap + type: string + name: + description: |- + Name of the values referent. Should reside in the same namespace as the + referring resource. + maxLength: 253 + minLength: 1 + type: string + optional: + description: |- + Optional marks this ValuesReference as optional. When set, a not found error + for the values reference is ignored, but any ValuesKey, TargetPath or + transient error will still result in a reconciliation failure. + type: boolean + targetPath: + description: |- + TargetPath is the YAML dot notation path the value should be merged at. When + set, the ValuesKey is expected to be a single flat value. Defaults to 'None', + which results in the values getting merged at the root. + maxLength: 250 + pattern: ^([a-zA-Z0-9_\-.\\\/]|\[[0-9]{1,5}\])+$ + type: string + valuesKey: + description: |- + ValuesKey is the data key where the values.yaml or a specific value can be + found at. Defaults to 'values.yaml'. + maxLength: 253 + pattern: ^[\-._a-zA-Z0-9]+$ + type: string + required: + - kind + - name + type: object + type: array + required: + - interval + type: object + x-kubernetes-validations: + - message: either chart or chartRef must be set + rule: (has(self.chart) && !has(self.chartRef)) || (!has(self.chart) + && has(self.chartRef)) + status: + default: + observedGeneration: -1 + description: HelmReleaseStatus defines the observed state of a HelmRelease. + properties: + conditions: + description: Conditions holds the conditions for the HelmRelease. + items: + description: "Condition contains details for one aspect of the current + state of this API Resource.\n---\nThis struct is intended for + direct use as an array at the field path .status.conditions. For + example,\n\n\n\ttype FooStatus struct{\n\t // Represents the + observations of a foo's current state.\n\t // Known .status.conditions.type + are: \"Available\", \"Progressing\", and \"Degraded\"\n\t // + +patchMergeKey=type\n\t // +patchStrategy=merge\n\t // +listType=map\n\t + \ // +listMapKey=type\n\t Conditions []metav1.Condition `json:\"conditions,omitempty\" + patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"`\n\n\n\t + \ // other fields\n\t}" + properties: + lastTransitionTime: + description: |- + lastTransitionTime is the last time the condition transitioned from one status to another. + This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. + format: date-time + type: string + message: + description: |- + message is a human readable message indicating details about the transition. + This may be an empty string. + maxLength: 32768 + type: string + observedGeneration: + description: |- + observedGeneration represents the .metadata.generation that the condition was set based upon. + For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date + with respect to the current state of the instance. + format: int64 + minimum: 0 + type: integer + reason: + description: |- + reason contains a programmatic identifier indicating the reason for the condition's last transition. + Producers of specific condition types may define expected values and meanings for this field, + and whether the values are considered a guaranteed API. + The value should be a CamelCase string. + This field may not be empty. + maxLength: 1024 + minLength: 1 + pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ + type: string + status: + description: status of the condition, one of True, False, Unknown. + enum: + - "True" + - "False" + - Unknown + type: string + type: + description: |- + type of condition in CamelCase or in foo.example.com/CamelCase. + --- + Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be + useful (see .node.status.conditions), the ability to deconflict is important. + The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + maxLength: 316 + pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ + type: string + required: + - lastTransitionTime + - message + - reason + - status + - type + type: object + type: array + failures: + description: |- + Failures is the reconciliation failure count against the latest desired + state. It is reset after a successful reconciliation. + format: int64 + type: integer + helmChart: + description: |- + HelmChart is the namespaced name of the HelmChart resource created by + the controller for the HelmRelease. + type: string + history: + description: |- + History holds the history of Helm releases performed for this HelmRelease + up to the last successfully completed release. + items: + description: |- + Snapshot captures a point-in-time copy of the status information for a Helm release, + as managed by the controller. + properties: + apiVersion: + description: |- + APIVersion is the API version of the Snapshot. + Provisional: when the calculation method of the Digest field is changed, + this field will be used to distinguish between the old and new methods. + type: string + appVersion: + description: AppVersion is the chart app version of the release + object in storage. + type: string + chartName: + description: ChartName is the chart name of the release object + in storage. + type: string + chartVersion: + description: |- + ChartVersion is the chart version of the release object in + storage. + type: string + configDigest: + description: |- + ConfigDigest is the checksum of the config (better known as + "values") of the release object in storage. + It has the format of `:`. + type: string + deleted: + description: Deleted is when the release was deleted. + format: date-time + type: string + digest: + description: |- + Digest is the checksum of the release object in storage. + It has the format of `:`. + type: string + firstDeployed: + description: FirstDeployed is when the release was first deployed. + format: date-time + type: string + lastDeployed: + description: LastDeployed is when the release was last deployed. + format: date-time + type: string + name: + description: Name is the name of the release. + type: string + namespace: + description: Namespace is the namespace the release is deployed + to. + type: string + ociDigest: + description: OCIDigest is the digest of the OCI artifact associated + with the release. + type: string + status: + description: Status is the current state of the release. + type: string + testHooks: + additionalProperties: + description: |- + TestHookStatus holds the status information for a test hook as observed + to be run by the controller. + properties: + lastCompleted: + description: LastCompleted is the time the test hook last + completed. + format: date-time + type: string + lastStarted: + description: LastStarted is the time the test hook was + last started. + format: date-time + type: string + phase: + description: Phase the test hook was observed to be in. + type: string + type: object + description: |- + TestHooks is the list of test hooks for the release as observed to be + run by the controller. + type: object + version: + description: Version is the version of the release object in + storage. + type: integer + required: + - chartName + - chartVersion + - configDigest + - digest + - firstDeployed + - lastDeployed + - name + - namespace + - status + - version + type: object + type: array + installFailures: + description: |- + InstallFailures is the install failure count against the latest desired + state. It is reset after a successful reconciliation. + format: int64 + type: integer + lastAttemptedConfigDigest: + description: |- + LastAttemptedConfigDigest is the digest for the config (better known as + "values") of the last reconciliation attempt. + type: string + lastAttemptedGeneration: + description: |- + LastAttemptedGeneration is the last generation the controller attempted + to reconcile. + format: int64 + type: integer + lastAttemptedReleaseAction: + description: |- + LastAttemptedReleaseAction is the last release action performed for this + HelmRelease. It is used to determine the active remediation strategy. + enum: + - install + - upgrade + type: string + lastAttemptedRevision: + description: |- + LastAttemptedRevision is the Source revision of the last reconciliation + attempt. For OCIRepository sources, the 12 first characters of the digest are + appended to the chart version e.g. "1.2.3+1234567890ab". + type: string + lastAttemptedRevisionDigest: + description: |- + LastAttemptedRevisionDigest is the digest of the last reconciliation attempt. + This is only set for OCIRepository sources. + type: string + lastAttemptedValuesChecksum: + description: |- + LastAttemptedValuesChecksum is the SHA1 checksum for the values of the last + reconciliation attempt. + Deprecated: Use LastAttemptedConfigDigest instead. + type: string + lastHandledForceAt: + description: |- + LastHandledForceAt holds the value of the most recent force request + value, so a change of the annotation value can be detected. + type: string + lastHandledReconcileAt: + description: |- + LastHandledReconcileAt holds the value of the most recent + reconcile request value, so a change of the annotation value + can be detected. + type: string + lastHandledResetAt: + description: |- + LastHandledResetAt holds the value of the most recent reset request + value, so a change of the annotation value can be detected. + type: string + lastReleaseRevision: + description: |- + LastReleaseRevision is the revision of the last successful Helm release. + Deprecated: Use History instead. + type: integer + observedGeneration: + description: ObservedGeneration is the last observed generation. + format: int64 + type: integer + observedPostRenderersDigest: + description: |- + ObservedPostRenderersDigest is the digest for the post-renderers of + the last successful reconciliation attempt. + type: string + storageNamespace: + description: |- + StorageNamespace is the namespace of the Helm release storage for the + current release. + maxLength: 63 + minLength: 1 + type: string + upgradeFailures: + description: |- + UpgradeFailures is the upgrade failure count against the latest desired + state. It is reset after a successful reconciliation. + format: int64 + type: integer + type: object + type: object + served: true + storage: true + subresources: + status: {} + - additionalPrinterColumns: + - jsonPath: .metadata.creationTimestamp + name: Age + type: date + - jsonPath: .status.conditions[?(@.type=="Ready")].status + name: Ready + type: string + - jsonPath: .status.conditions[?(@.type=="Ready")].message + name: Status + type: string + deprecated: true + deprecationWarning: v2beta1 HelmRelease is deprecated, upgrade to v2 + name: v2beta1 + schema: + openAPIV3Schema: + description: HelmRelease is the Schema for the helmreleases API + properties: + apiVersion: + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources + type: string + kind: + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds + type: string + metadata: + type: object + spec: + description: HelmReleaseSpec defines the desired state of a Helm release. + properties: + chart: + description: |- + Chart defines the template of the v1beta2.HelmChart that should be created + for this HelmRelease. + properties: + metadata: + description: ObjectMeta holds the template for metadata like labels + and annotations. + properties: + annotations: + additionalProperties: + type: string + description: |- + Annotations is an unstructured key value map stored with a resource that may be + set by external tools to store and retrieve arbitrary metadata. They are not + queryable and should be preserved when modifying objects. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations/ + type: object + labels: + additionalProperties: + type: string + description: |- + Map of string keys and values that can be used to organize and categorize + (scope and select) objects. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/ + type: object + type: object + spec: + description: Spec holds the template for the v1beta2.HelmChartSpec + for this HelmRelease. + properties: + chart: + description: The name or path the Helm chart is available + at in the SourceRef. + type: string + interval: + description: |- + Interval at which to check the v1beta2.Source for updates. Defaults to + 'HelmReleaseSpec.Interval'. + pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$ + type: string + reconcileStrategy: + default: ChartVersion + description: |- + Determines what enables the creation of a new artifact. Valid values are + ('ChartVersion', 'Revision'). + See the documentation of the values for an explanation on their behavior. + Defaults to ChartVersion when omitted. + enum: + - ChartVersion + - Revision + type: string + sourceRef: + description: The name and namespace of the v1beta2.Source + the chart is available at. + properties: + apiVersion: + description: APIVersion of the referent. + type: string + kind: + description: Kind of the referent. + enum: + - HelmRepository + - GitRepository + - Bucket + type: string + name: + description: Name of the referent. + maxLength: 253 + minLength: 1 + type: string + namespace: + description: Namespace of the referent. + maxLength: 63 + minLength: 1 + type: string + required: + - name + type: object + valuesFile: + description: |- + Alternative values file to use as the default chart values, expected to + be a relative path in the SourceRef. Deprecated in favor of ValuesFiles, + for backwards compatibility the file defined here is merged before the + ValuesFiles items. Ignored when omitted. + type: string + valuesFiles: + description: |- + Alternative list of values files to use as the chart values (values.yaml + is not included by default), expected to be a relative path in the SourceRef. + Values files are merged in the order of this list with the last file overriding + the first. Ignored when omitted. + items: + type: string + type: array + verify: + description: |- + Verify contains the secret name containing the trusted public keys + used to verify the signature and specifies which provider to use to check + whether OCI image is authentic. + This field is only supported for OCI sources. + Chart dependencies, which are not bundled in the umbrella chart artifact, are not verified. + properties: + provider: + default: cosign + description: Provider specifies the technology used to + sign the OCI Helm chart. + enum: + - cosign + type: string + secretRef: + description: |- + SecretRef specifies the Kubernetes Secret containing the + trusted public keys. + properties: + name: + description: Name of the referent. + type: string + required: + - name + type: object + required: + - provider + type: object + version: + default: '*' + description: |- + Version semver expression, ignored for charts from v1beta2.GitRepository and + v1beta2.Bucket sources. Defaults to latest when omitted. + type: string + required: + - chart + - sourceRef + type: object + required: + - spec + type: object + chartRef: + description: |- + ChartRef holds a reference to a source controller resource containing the + Helm chart artifact. + + + Note: this field is provisional to the v2 API, and not actively used + by v2beta1 HelmReleases. + properties: + apiVersion: + description: APIVersion of the referent. + type: string + kind: + description: Kind of the referent. + enum: + - OCIRepository + - HelmChart + type: string + name: + description: Name of the referent. + maxLength: 253 + minLength: 1 + type: string + namespace: + description: |- + Namespace of the referent, defaults to the namespace of the Kubernetes + resource object that contains the reference. + maxLength: 63 + minLength: 1 + type: string + required: + - kind + - name + type: object + dependsOn: + description: |- + DependsOn may contain a meta.NamespacedObjectReference slice with + references to HelmRelease resources that must be ready before this HelmRelease + can be reconciled. + items: + description: |- + NamespacedObjectReference contains enough information to locate the referenced Kubernetes resource object in any + namespace. + properties: + name: + description: Name of the referent. + type: string + namespace: + description: Namespace of the referent, when not specified it + acts as LocalObjectReference. + type: string + required: + - name + type: object + type: array + driftDetection: + description: |- + DriftDetection holds the configuration for detecting and handling + differences between the manifest in the Helm storage and the resources + currently existing in the cluster. + + + Note: this field is provisional to the v2beta2 API, and not actively used + by v2beta1 HelmReleases. + properties: + ignore: + description: |- + Ignore contains a list of rules for specifying which changes to ignore + during diffing. + items: + description: |- + IgnoreRule defines a rule to selectively disregard specific changes during + the drift detection process. + properties: + paths: + description: |- + Paths is a list of JSON Pointer (RFC 6901) paths to be excluded from + consideration in a Kubernetes object. + items: + type: string + type: array + target: + description: |- + Target is a selector for specifying Kubernetes objects to which this + rule applies. + If Target is not set, the Paths will be ignored for all Kubernetes + objects within the manifest of the Helm release. + properties: + annotationSelector: + description: |- + AnnotationSelector is a string that follows the label selection expression + https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#api + It matches with the resource annotations. + type: string + group: + description: |- + Group is the API group to select resources from. + Together with Version and Kind it is capable of unambiguously identifying and/or selecting resources. + https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md + type: string + kind: + description: |- + Kind of the API Group to select resources from. + Together with Group and Version it is capable of unambiguously + identifying and/or selecting resources. + https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md + type: string + labelSelector: + description: |- + LabelSelector is a string that follows the label selection expression + https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#api + It matches with the resource labels. + type: string + name: + description: Name to match resources with. + type: string + namespace: + description: Namespace to select resources from. + type: string + version: + description: |- + Version of the API Group to select resources from. + Together with Group and Kind it is capable of unambiguously identifying and/or selecting resources. + https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md + type: string + type: object + required: + - paths + type: object + type: array + mode: + description: |- + Mode defines how differences should be handled between the Helm manifest + and the manifest currently applied to the cluster. + If not explicitly set, it defaults to DiffModeDisabled. + enum: + - enabled + - warn + - disabled + type: string + type: object + install: + description: Install holds the configuration for Helm install actions + for this HelmRelease. + properties: + crds: + description: |- + CRDs upgrade CRDs from the Helm Chart's crds directory according + to the CRD upgrade policy provided here. Valid values are `Skip`, + `Create` or `CreateReplace`. Default is `Create` and if omitted + CRDs are installed but not updated. + + + Skip: do neither install nor replace (update) any CRDs. + + + Create: new CRDs are created, existing CRDs are neither updated nor deleted. + + + CreateReplace: new CRDs are created, existing CRDs are updated (replaced) + but not deleted. + + + By default, CRDs are applied (installed) during Helm install action. + With this option users can opt-in to CRD replace existing CRDs on Helm + install actions, which is not (yet) natively supported by Helm. + https://helm.sh/docs/chart_best_practices/custom_resource_definitions. + enum: + - Skip + - Create + - CreateReplace + type: string + createNamespace: + description: |- + CreateNamespace tells the Helm install action to create the + HelmReleaseSpec.TargetNamespace if it does not exist yet. + On uninstall, the namespace will not be garbage collected. + type: boolean + disableHooks: + description: DisableHooks prevents hooks from running during the + Helm install action. + type: boolean + disableOpenAPIValidation: + description: |- + DisableOpenAPIValidation prevents the Helm install action from validating + rendered templates against the Kubernetes OpenAPI Schema. + type: boolean + disableWait: + description: |- + DisableWait disables the waiting for resources to be ready after a Helm + install has been performed. + type: boolean + disableWaitForJobs: + description: |- + DisableWaitForJobs disables waiting for jobs to complete after a Helm + install has been performed. + type: boolean + remediation: + description: |- + Remediation holds the remediation configuration for when the Helm install + action for the HelmRelease fails. The default is to not perform any action. + properties: + ignoreTestFailures: + description: |- + IgnoreTestFailures tells the controller to skip remediation when the Helm + tests are run after an install action but fail. Defaults to + 'Test.IgnoreFailures'. + type: boolean + remediateLastFailure: + description: |- + RemediateLastFailure tells the controller to remediate the last failure, when + no retries remain. Defaults to 'false'. + type: boolean + retries: + description: |- + Retries is the number of retries that should be attempted on failures before + bailing. Remediation, using an uninstall, is performed between each attempt. + Defaults to '0', a negative integer equals to unlimited retries. + type: integer + type: object + replace: + description: |- + Replace tells the Helm install action to re-use the 'ReleaseName', but only + if that name is a deleted release which remains in the history. + type: boolean + skipCRDs: + description: |- + SkipCRDs tells the Helm install action to not install any CRDs. By default, + CRDs are installed if not already present. + + + Deprecated use CRD policy (`crds`) attribute with value `Skip` instead. + type: boolean + timeout: + description: |- + Timeout is the time to wait for any individual Kubernetes operation (like + Jobs for hooks) during the performance of a Helm install action. Defaults to + 'HelmReleaseSpec.Timeout'. + pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$ + type: string + type: object + interval: + description: |- + Interval at which to reconcile the Helm release. + This interval is approximate and may be subject to jitter to ensure + efficient use of resources. + pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$ + type: string + kubeConfig: + description: |- + KubeConfig for reconciling the HelmRelease on a remote cluster. + When used in combination with HelmReleaseSpec.ServiceAccountName, + forces the controller to act on behalf of that Service Account at the + target cluster. + If the --default-service-account flag is set, its value will be used as + a controller level fallback for when HelmReleaseSpec.ServiceAccountName + is empty. + properties: + secretRef: + description: |- + SecretRef holds the name of a secret that contains a key with + the kubeconfig file as the value. If no key is set, the key will default + to 'value'. + It is recommended that the kubeconfig is self-contained, and the secret + is regularly updated if credentials such as a cloud-access-token expire. + Cloud specific `cmd-path` auth helpers will not function without adding + binaries and credentials to the Pod that is responsible for reconciling + Kubernetes resources. + properties: + key: + description: Key in the Secret, when not specified an implementation-specific + default key is used. + type: string + name: + description: Name of the Secret. + type: string + required: + - name + type: object + required: + - secretRef + type: object + maxHistory: + description: |- + MaxHistory is the number of revisions saved by Helm for this HelmRelease. + Use '0' for an unlimited number of revisions; defaults to '10'. + type: integer + persistentClient: + description: |- + PersistentClient tells the controller to use a persistent Kubernetes + client for this release. When enabled, the client will be reused for the + duration of the reconciliation, instead of being created and destroyed + for each (step of a) Helm action. + + + This can improve performance, but may cause issues with some Helm charts + that for example do create Custom Resource Definitions during installation + outside Helm's CRD lifecycle hooks, which are then not observed to be + available by e.g. post-install hooks. + + + If not set, it defaults to true. + type: boolean + postRenderers: + description: |- + PostRenderers holds an array of Helm PostRenderers, which will be applied in order + of their definition. + items: + description: PostRenderer contains a Helm PostRenderer specification. + properties: + kustomize: + description: Kustomization to apply as PostRenderer. + properties: + images: + description: |- + Images is a list of (image name, new name, new tag or digest) + for changing image names, tags or digests. This can also be achieved with a + patch, but this operator is simpler to specify. + items: + description: Image contains an image name, a new name, + a new tag or digest, which will replace the original + name and tag. + properties: + digest: + description: |- + Digest is the value used to replace the original image tag. + If digest is present NewTag value is ignored. + type: string + name: + description: Name is a tag-less image name. + type: string + newName: + description: NewName is the value used to replace + the original name. + type: string + newTag: + description: NewTag is the value used to replace the + original tag. + type: string + required: + - name + type: object + type: array + patches: + description: |- + Strategic merge and JSON patches, defined as inline YAML objects, + capable of targeting objects based on kind, label and annotation selectors. + items: + description: |- + Patch contains an inline StrategicMerge or JSON6902 patch, and the target the patch should + be applied to. + properties: + patch: + description: |- + Patch contains an inline StrategicMerge patch or an inline JSON6902 patch with + an array of operation objects. + type: string + target: + description: Target points to the resources that the + patch document should be applied to. + properties: + annotationSelector: + description: |- + AnnotationSelector is a string that follows the label selection expression + https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#api + It matches with the resource annotations. + type: string + group: + description: |- + Group is the API group to select resources from. + Together with Version and Kind it is capable of unambiguously identifying and/or selecting resources. + https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md + type: string + kind: + description: |- + Kind of the API Group to select resources from. + Together with Group and Version it is capable of unambiguously + identifying and/or selecting resources. + https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md + type: string + labelSelector: + description: |- + LabelSelector is a string that follows the label selection expression + https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#api + It matches with the resource labels. + type: string + name: + description: Name to match resources with. + type: string + namespace: + description: Namespace to select resources from. + type: string + version: + description: |- + Version of the API Group to select resources from. + Together with Group and Kind it is capable of unambiguously identifying and/or selecting resources. + https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md + type: string + type: object + required: + - patch + type: object + type: array + patchesJson6902: + description: JSON 6902 patches, defined as inline YAML objects. + items: + description: JSON6902Patch contains a JSON6902 patch and + the target the patch should be applied to. + properties: + patch: + description: Patch contains the JSON6902 patch document + with an array of operation objects. + items: + description: |- + JSON6902 is a JSON6902 operation object. + https://datatracker.ietf.org/doc/html/rfc6902#section-4 + properties: + from: + description: |- + From contains a JSON-pointer value that references a location within the target document where the operation is + performed. The meaning of the value depends on the value of Op, and is NOT taken into account by all operations. + type: string + op: + description: |- + Op indicates the operation to perform. Its value MUST be one of "add", "remove", "replace", "move", "copy", or + "test". + https://datatracker.ietf.org/doc/html/rfc6902#section-4 + enum: + - test + - remove + - add + - replace + - move + - copy + type: string + path: + description: |- + Path contains the JSON-pointer value that references a location within the target document where the operation + is performed. The meaning of the value depends on the value of Op. + type: string + value: + description: |- + Value contains a valid JSON structure. The meaning of the value depends on the value of Op, and is NOT taken into + account by all operations. + x-kubernetes-preserve-unknown-fields: true + required: + - op + - path + type: object + type: array + target: + description: Target points to the resources that the + patch document should be applied to. + properties: + annotationSelector: + description: |- + AnnotationSelector is a string that follows the label selection expression + https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#api + It matches with the resource annotations. + type: string + group: + description: |- + Group is the API group to select resources from. + Together with Version and Kind it is capable of unambiguously identifying and/or selecting resources. + https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md + type: string + kind: + description: |- + Kind of the API Group to select resources from. + Together with Group and Version it is capable of unambiguously + identifying and/or selecting resources. + https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md + type: string + labelSelector: + description: |- + LabelSelector is a string that follows the label selection expression + https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#api + It matches with the resource labels. + type: string + name: + description: Name to match resources with. + type: string + namespace: + description: Namespace to select resources from. + type: string + version: + description: |- + Version of the API Group to select resources from. + Together with Group and Kind it is capable of unambiguously identifying and/or selecting resources. + https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md + type: string + type: object + required: + - patch + - target + type: object + type: array + patchesStrategicMerge: + description: Strategic merge patches, defined as inline + YAML objects. + items: + x-kubernetes-preserve-unknown-fields: true + type: array + type: object + type: object + type: array + releaseName: + description: |- + ReleaseName used for the Helm release. Defaults to a composition of + '[TargetNamespace-]Name'. + maxLength: 53 + minLength: 1 + type: string + rollback: + description: Rollback holds the configuration for Helm rollback actions + for this HelmRelease. + properties: + cleanupOnFail: + description: |- + CleanupOnFail allows deletion of new resources created during the Helm + rollback action when it fails. + type: boolean + disableHooks: + description: DisableHooks prevents hooks from running during the + Helm rollback action. + type: boolean + disableWait: + description: |- + DisableWait disables the waiting for resources to be ready after a Helm + rollback has been performed. + type: boolean + disableWaitForJobs: + description: |- + DisableWaitForJobs disables waiting for jobs to complete after a Helm + rollback has been performed. + type: boolean + force: + description: Force forces resource updates through a replacement + strategy. + type: boolean + recreate: + description: Recreate performs pod restarts for the resource if + applicable. + type: boolean + timeout: + description: |- + Timeout is the time to wait for any individual Kubernetes operation (like + Jobs for hooks) during the performance of a Helm rollback action. Defaults to + 'HelmReleaseSpec.Timeout'. + pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$ + type: string + type: object + serviceAccountName: + description: |- + The name of the Kubernetes service account to impersonate + when reconciling this HelmRelease. + type: string + storageNamespace: + description: |- + StorageNamespace used for the Helm storage. + Defaults to the namespace of the HelmRelease. + maxLength: 63 + minLength: 1 + type: string + suspend: + description: |- + Suspend tells the controller to suspend reconciliation for this HelmRelease, + it does not apply to already started reconciliations. Defaults to false. + type: boolean + targetNamespace: + description: |- + TargetNamespace to target when performing operations for the HelmRelease. + Defaults to the namespace of the HelmRelease. + maxLength: 63 + minLength: 1 + type: string + test: + description: Test holds the configuration for Helm test actions for + this HelmRelease. + properties: + enable: + description: |- + Enable enables Helm test actions for this HelmRelease after an Helm install + or upgrade action has been performed. + type: boolean + ignoreFailures: + description: |- + IgnoreFailures tells the controller to skip remediation when the Helm tests + are run but fail. Can be overwritten for tests run after install or upgrade + actions in 'Install.IgnoreTestFailures' and 'Upgrade.IgnoreTestFailures'. + type: boolean + timeout: + description: |- + Timeout is the time to wait for any individual Kubernetes operation during + the performance of a Helm test action. Defaults to 'HelmReleaseSpec.Timeout'. + pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$ + type: string + type: object + timeout: + description: |- + Timeout is the time to wait for any individual Kubernetes operation (like Jobs + for hooks) during the performance of a Helm action. Defaults to '5m0s'. + pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$ + type: string + uninstall: + description: Uninstall holds the configuration for Helm uninstall + actions for this HelmRelease. + properties: + deletionPropagation: + default: background + description: |- + DeletionPropagation specifies the deletion propagation policy when + a Helm uninstall is performed. + enum: + - background + - foreground + - orphan + type: string + disableHooks: + description: DisableHooks prevents hooks from running during the + Helm rollback action. + type: boolean + disableWait: + description: |- + DisableWait disables waiting for all the resources to be deleted after + a Helm uninstall is performed. + type: boolean + keepHistory: + description: |- + KeepHistory tells Helm to remove all associated resources and mark the + release as deleted, but retain the release history. + type: boolean + timeout: + description: |- + Timeout is the time to wait for any individual Kubernetes operation (like + Jobs for hooks) during the performance of a Helm uninstall action. Defaults + to 'HelmReleaseSpec.Timeout'. + pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$ + type: string + type: object + upgrade: + description: Upgrade holds the configuration for Helm upgrade actions + for this HelmRelease. + properties: + cleanupOnFail: + description: |- + CleanupOnFail allows deletion of new resources created during the Helm + upgrade action when it fails. + type: boolean + crds: + description: |- + CRDs upgrade CRDs from the Helm Chart's crds directory according + to the CRD upgrade policy provided here. Valid values are `Skip`, + `Create` or `CreateReplace`. Default is `Skip` and if omitted + CRDs are neither installed nor upgraded. + + + Skip: do neither install nor replace (update) any CRDs. + + + Create: new CRDs are created, existing CRDs are neither updated nor deleted. + + + CreateReplace: new CRDs are created, existing CRDs are updated (replaced) + but not deleted. + + + By default, CRDs are not applied during Helm upgrade action. With this + option users can opt-in to CRD upgrade, which is not (yet) natively supported by Helm. + https://helm.sh/docs/chart_best_practices/custom_resource_definitions. + enum: + - Skip + - Create + - CreateReplace + type: string + disableHooks: + description: DisableHooks prevents hooks from running during the + Helm upgrade action. + type: boolean + disableOpenAPIValidation: + description: |- + DisableOpenAPIValidation prevents the Helm upgrade action from validating + rendered templates against the Kubernetes OpenAPI Schema. + type: boolean + disableWait: + description: |- + DisableWait disables the waiting for resources to be ready after a Helm + upgrade has been performed. + type: boolean + disableWaitForJobs: + description: |- + DisableWaitForJobs disables waiting for jobs to complete after a Helm + upgrade has been performed. + type: boolean + force: + description: Force forces resource updates through a replacement + strategy. + type: boolean + preserveValues: + description: |- + PreserveValues will make Helm reuse the last release's values and merge in + overrides from 'Values'. Setting this flag makes the HelmRelease + non-declarative. + type: boolean + remediation: + description: |- + Remediation holds the remediation configuration for when the Helm upgrade + action for the HelmRelease fails. The default is to not perform any action. + properties: + ignoreTestFailures: + description: |- + IgnoreTestFailures tells the controller to skip remediation when the Helm + tests are run after an upgrade action but fail. + Defaults to 'Test.IgnoreFailures'. + type: boolean + remediateLastFailure: + description: |- + RemediateLastFailure tells the controller to remediate the last failure, when + no retries remain. Defaults to 'false' unless 'Retries' is greater than 0. + type: boolean + retries: + description: |- + Retries is the number of retries that should be attempted on failures before + bailing. Remediation, using 'Strategy', is performed between each attempt. + Defaults to '0', a negative integer equals to unlimited retries. + type: integer + strategy: + description: Strategy to use for failure remediation. Defaults + to 'rollback'. + enum: + - rollback + - uninstall + type: string + type: object + timeout: + description: |- + Timeout is the time to wait for any individual Kubernetes operation (like + Jobs for hooks) during the performance of a Helm upgrade action. Defaults to + 'HelmReleaseSpec.Timeout'. + pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$ + type: string + type: object + values: + description: Values holds the values for this Helm release. + x-kubernetes-preserve-unknown-fields: true + valuesFrom: + description: |- + ValuesFrom holds references to resources containing Helm values for this HelmRelease, + and information about how they should be merged. + items: + description: |- + ValuesReference contains a reference to a resource containing Helm values, + and optionally the key they can be found at. + properties: + kind: + description: Kind of the values referent, valid values are ('Secret', + 'ConfigMap'). + enum: + - Secret + - ConfigMap + type: string + name: + description: |- + Name of the values referent. Should reside in the same namespace as the + referring resource. + maxLength: 253 + minLength: 1 + type: string + optional: + description: |- + Optional marks this ValuesReference as optional. When set, a not found error + for the values reference is ignored, but any ValuesKey, TargetPath or + transient error will still result in a reconciliation failure. + type: boolean + targetPath: + description: |- + TargetPath is the YAML dot notation path the value should be merged at. When + set, the ValuesKey is expected to be a single flat value. Defaults to 'None', + which results in the values getting merged at the root. + maxLength: 250 + pattern: ^([a-zA-Z0-9_\-.\\\/]|\[[0-9]{1,5}\])+$ + type: string + valuesKey: + description: |- + ValuesKey is the data key where the values.yaml or a specific value can be + found at. Defaults to 'values.yaml'. + When set, must be a valid Data Key, consisting of alphanumeric characters, + '-', '_' or '.'. + maxLength: 253 + pattern: ^[\-._a-zA-Z0-9]+$ + type: string + required: + - kind + - name + type: object + type: array + required: + - interval + type: object + status: + default: + observedGeneration: -1 + description: HelmReleaseStatus defines the observed state of a HelmRelease. + properties: + conditions: + description: Conditions holds the conditions for the HelmRelease. + items: + description: "Condition contains details for one aspect of the current + state of this API Resource.\n---\nThis struct is intended for + direct use as an array at the field path .status.conditions. For + example,\n\n\n\ttype FooStatus struct{\n\t // Represents the + observations of a foo's current state.\n\t // Known .status.conditions.type + are: \"Available\", \"Progressing\", and \"Degraded\"\n\t // + +patchMergeKey=type\n\t // +patchStrategy=merge\n\t // +listType=map\n\t + \ // +listMapKey=type\n\t Conditions []metav1.Condition `json:\"conditions,omitempty\" + patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"`\n\n\n\t + \ // other fields\n\t}" + properties: + lastTransitionTime: + description: |- + lastTransitionTime is the last time the condition transitioned from one status to another. + This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. + format: date-time + type: string + message: + description: |- + message is a human readable message indicating details about the transition. + This may be an empty string. + maxLength: 32768 + type: string + observedGeneration: + description: |- + observedGeneration represents the .metadata.generation that the condition was set based upon. + For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date + with respect to the current state of the instance. + format: int64 + minimum: 0 + type: integer + reason: + description: |- + reason contains a programmatic identifier indicating the reason for the condition's last transition. + Producers of specific condition types may define expected values and meanings for this field, + and whether the values are considered a guaranteed API. + The value should be a CamelCase string. + This field may not be empty. + maxLength: 1024 + minLength: 1 + pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ + type: string + status: + description: status of the condition, one of True, False, Unknown. + enum: + - "True" + - "False" + - Unknown + type: string + type: + description: |- + type of condition in CamelCase or in foo.example.com/CamelCase. + --- + Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be + useful (see .node.status.conditions), the ability to deconflict is important. + The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + maxLength: 316 + pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ + type: string + required: + - lastTransitionTime + - message + - reason + - status + - type + type: object + type: array + failures: + description: |- + Failures is the reconciliation failure count against the latest desired + state. It is reset after a successful reconciliation. + format: int64 + type: integer + helmChart: + description: |- + HelmChart is the namespaced name of the HelmChart resource created by + the controller for the HelmRelease. + type: string + history: + description: |- + History holds the history of Helm releases performed for this HelmRelease + up to the last successfully completed release. + + + Note: this field is provisional to the v2beta2 API, and not actively used + by v2beta1 HelmReleases. + items: + description: |- + Snapshot captures a point-in-time copy of the status information for a Helm release, + as managed by the controller. + properties: + apiVersion: + description: |- + APIVersion is the API version of the Snapshot. + Provisional: when the calculation method of the Digest field is changed, + this field will be used to distinguish between the old and new methods. + type: string + appVersion: + description: AppVersion is the chart app version of the release + object in storage. + type: string + chartName: + description: ChartName is the chart name of the release object + in storage. + type: string + chartVersion: + description: |- + ChartVersion is the chart version of the release object in + storage. + type: string + configDigest: + description: |- + ConfigDigest is the checksum of the config (better known as + "values") of the release object in storage. + It has the format of `:`. + type: string + deleted: + description: Deleted is when the release was deleted. + format: date-time + type: string + digest: + description: |- + Digest is the checksum of the release object in storage. + It has the format of `:`. + type: string + firstDeployed: + description: FirstDeployed is when the release was first deployed. + format: date-time + type: string + lastDeployed: + description: LastDeployed is when the release was last deployed. + format: date-time + type: string + name: + description: Name is the name of the release. + type: string + namespace: + description: Namespace is the namespace the release is deployed + to. + type: string + ociDigest: + description: OCIDigest is the digest of the OCI artifact associated + with the release. + type: string + status: + description: Status is the current state of the release. + type: string + testHooks: + additionalProperties: + description: |- + TestHookStatus holds the status information for a test hook as observed + to be run by the controller. + properties: + lastCompleted: + description: LastCompleted is the time the test hook last + completed. + format: date-time + type: string + lastStarted: + description: LastStarted is the time the test hook was + last started. + format: date-time + type: string + phase: + description: Phase the test hook was observed to be in. + type: string + type: object + description: |- + TestHooks is the list of test hooks for the release as observed to be + run by the controller. + type: object + version: + description: Version is the version of the release object in + storage. + type: integer + required: + - chartName + - chartVersion + - configDigest + - digest + - firstDeployed + - lastDeployed + - name + - namespace + - status + - version + type: object + type: array + installFailures: + description: |- + InstallFailures is the install failure count against the latest desired + state. It is reset after a successful reconciliation. + format: int64 + type: integer + lastAppliedRevision: + description: LastAppliedRevision is the revision of the last successfully + applied source. + type: string + lastAttemptedConfigDigest: + description: |- + LastAttemptedConfigDigest is the digest for the config (better known as + "values") of the last reconciliation attempt. + + + Note: this field is provisional to the v2beta2 API, and not actively used + by v2beta1 HelmReleases. + type: string + lastAttemptedGeneration: + description: |- + LastAttemptedGeneration is the last generation the controller attempted + to reconcile. + + + Note: this field is provisional to the v2beta2 API, and not actively used + by v2beta1 HelmReleases. + format: int64 + type: integer + lastAttemptedReleaseAction: + description: |- + LastAttemptedReleaseAction is the last release action performed for this + HelmRelease. It is used to determine the active remediation strategy. + + + Note: this field is provisional to the v2beta2 API, and not actively used + by v2beta1 HelmReleases. + type: string + lastAttemptedRevision: + description: LastAttemptedRevision is the revision of the last reconciliation + attempt. + type: string + lastAttemptedValuesChecksum: + description: |- + LastAttemptedValuesChecksum is the SHA1 checksum of the values of the last + reconciliation attempt. + type: string + lastHandledForceAt: + description: |- + LastHandledForceAt holds the value of the most recent force request + value, so a change of the annotation value can be detected. + + + Note: this field is provisional to the v2beta2 API, and not actively used + by v2beta1 HelmReleases. + type: string + lastHandledReconcileAt: + description: |- + LastHandledReconcileAt holds the value of the most recent + reconcile request value, so a change of the annotation value + can be detected. + type: string + lastHandledResetAt: + description: |- + LastHandledResetAt holds the value of the most recent reset request + value, so a change of the annotation value can be detected. + + + Note: this field is provisional to the v2beta2 API, and not actively used + by v2beta1 HelmReleases. + type: string + lastReleaseRevision: + description: LastReleaseRevision is the revision of the last successful + Helm release. + type: integer + observedGeneration: + description: ObservedGeneration is the last observed generation. + format: int64 + type: integer + observedPostRenderersDigest: + description: |- + ObservedPostRenderersDigest is the digest for the post-renderers of + the last successful reconciliation attempt. + type: string + storageNamespace: + description: |- + StorageNamespace is the namespace of the Helm release storage for the + current release. + + + Note: this field is provisional to the v2beta2 API, and not actively used + by v2beta1 HelmReleases. + type: string + upgradeFailures: + description: |- + UpgradeFailures is the upgrade failure count against the latest desired + state. It is reset after a successful reconciliation. + format: int64 + type: integer + type: object + type: object + served: true + storage: false + subresources: + status: {} + - additionalPrinterColumns: + - jsonPath: .metadata.creationTimestamp + name: Age + type: date + - jsonPath: .status.conditions[?(@.type=="Ready")].status + name: Ready + type: string + - jsonPath: .status.conditions[?(@.type=="Ready")].message + name: Status + type: string + deprecated: true + deprecationWarning: v2beta2 HelmRelease is deprecated, upgrade to v2 + name: v2beta2 + schema: + openAPIV3Schema: + description: HelmRelease is the Schema for the helmreleases API + properties: + apiVersion: + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources + type: string + kind: + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds + type: string + metadata: + type: object + spec: + description: HelmReleaseSpec defines the desired state of a Helm release. + properties: + chart: + description: |- + Chart defines the template of the v1beta2.HelmChart that should be created + for this HelmRelease. + properties: + metadata: + description: ObjectMeta holds the template for metadata like labels + and annotations. + properties: + annotations: + additionalProperties: + type: string + description: |- + Annotations is an unstructured key value map stored with a resource that may be + set by external tools to store and retrieve arbitrary metadata. They are not + queryable and should be preserved when modifying objects. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations/ + type: object + labels: + additionalProperties: + type: string + description: |- + Map of string keys and values that can be used to organize and categorize + (scope and select) objects. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/ + type: object + type: object + spec: + description: Spec holds the template for the v1beta2.HelmChartSpec + for this HelmRelease. + properties: + chart: + description: The name or path the Helm chart is available + at in the SourceRef. + maxLength: 2048 + minLength: 1 + type: string + ignoreMissingValuesFiles: + description: IgnoreMissingValuesFiles controls whether to + silently ignore missing values files rather than failing. + type: boolean + interval: + description: |- + Interval at which to check the v1.Source for updates. Defaults to + 'HelmReleaseSpec.Interval'. + pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$ + type: string + reconcileStrategy: + default: ChartVersion + description: |- + Determines what enables the creation of a new artifact. Valid values are + ('ChartVersion', 'Revision'). + See the documentation of the values for an explanation on their behavior. + Defaults to ChartVersion when omitted. + enum: + - ChartVersion + - Revision + type: string + sourceRef: + description: The name and namespace of the v1.Source the chart + is available at. + properties: + apiVersion: + description: APIVersion of the referent. + type: string + kind: + description: Kind of the referent. + enum: + - HelmRepository + - GitRepository + - Bucket + type: string + name: + description: Name of the referent. + maxLength: 253 + minLength: 1 + type: string + namespace: + description: Namespace of the referent. + maxLength: 63 + minLength: 1 + type: string + required: + - name + type: object + valuesFile: + description: |- + Alternative values file to use as the default chart values, expected to + be a relative path in the SourceRef. Deprecated in favor of ValuesFiles, + for backwards compatibility the file defined here is merged before the + ValuesFiles items. Ignored when omitted. + type: string + valuesFiles: + description: |- + Alternative list of values files to use as the chart values (values.yaml + is not included by default), expected to be a relative path in the SourceRef. + Values files are merged in the order of this list with the last file overriding + the first. Ignored when omitted. + items: + type: string + type: array + verify: + description: |- + Verify contains the secret name containing the trusted public keys + used to verify the signature and specifies which provider to use to check + whether OCI image is authentic. + This field is only supported for OCI sources. + Chart dependencies, which are not bundled in the umbrella chart artifact, + are not verified. + properties: + provider: + default: cosign + description: Provider specifies the technology used to + sign the OCI Helm chart. + enum: + - cosign + - notation + type: string + secretRef: + description: |- + SecretRef specifies the Kubernetes Secret containing the + trusted public keys. + properties: + name: + description: Name of the referent. + type: string + required: + - name + type: object + required: + - provider + type: object + version: + default: '*' + description: |- + Version semver expression, ignored for charts from v1beta2.GitRepository and + v1beta2.Bucket sources. Defaults to latest when omitted. + type: string + required: + - chart + - sourceRef + type: object + required: + - spec + type: object + chartRef: + description: |- + ChartRef holds a reference to a source controller resource containing the + Helm chart artifact. + + + Note: this field is provisional to the v2 API, and not actively used + by v2beta2 HelmReleases. + properties: + apiVersion: + description: APIVersion of the referent. + type: string + kind: + description: Kind of the referent. + enum: + - OCIRepository + - HelmChart + type: string + name: + description: Name of the referent. + maxLength: 253 + minLength: 1 + type: string + namespace: + description: |- + Namespace of the referent, defaults to the namespace of the Kubernetes + resource object that contains the reference. + maxLength: 63 + minLength: 1 + type: string + required: + - kind + - name + type: object + dependsOn: + description: |- + DependsOn may contain a meta.NamespacedObjectReference slice with + references to HelmRelease resources that must be ready before this HelmRelease + can be reconciled. + items: + description: |- + NamespacedObjectReference contains enough information to locate the referenced Kubernetes resource object in any + namespace. + properties: + name: + description: Name of the referent. + type: string + namespace: + description: Namespace of the referent, when not specified it + acts as LocalObjectReference. + type: string + required: + - name + type: object + type: array + driftDetection: + description: |- + DriftDetection holds the configuration for detecting and handling + differences between the manifest in the Helm storage and the resources + currently existing in the cluster. + properties: + ignore: + description: |- + Ignore contains a list of rules for specifying which changes to ignore + during diffing. + items: + description: |- + IgnoreRule defines a rule to selectively disregard specific changes during + the drift detection process. + properties: + paths: + description: |- + Paths is a list of JSON Pointer (RFC 6901) paths to be excluded from + consideration in a Kubernetes object. + items: + type: string + type: array + target: + description: |- + Target is a selector for specifying Kubernetes objects to which this + rule applies. + If Target is not set, the Paths will be ignored for all Kubernetes + objects within the manifest of the Helm release. + properties: + annotationSelector: + description: |- + AnnotationSelector is a string that follows the label selection expression + https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#api + It matches with the resource annotations. + type: string + group: + description: |- + Group is the API group to select resources from. + Together with Version and Kind it is capable of unambiguously identifying and/or selecting resources. + https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md + type: string + kind: + description: |- + Kind of the API Group to select resources from. + Together with Group and Version it is capable of unambiguously + identifying and/or selecting resources. + https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md + type: string + labelSelector: + description: |- + LabelSelector is a string that follows the label selection expression + https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#api + It matches with the resource labels. + type: string + name: + description: Name to match resources with. + type: string + namespace: + description: Namespace to select resources from. + type: string + version: + description: |- + Version of the API Group to select resources from. + Together with Group and Kind it is capable of unambiguously identifying and/or selecting resources. + https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md + type: string + type: object + required: + - paths + type: object + type: array + mode: + description: |- + Mode defines how differences should be handled between the Helm manifest + and the manifest currently applied to the cluster. + If not explicitly set, it defaults to DiffModeDisabled. + enum: + - enabled + - warn + - disabled + type: string + type: object + install: + description: Install holds the configuration for Helm install actions + for this HelmRelease. properties: crds: - description: "CRDs upgrade CRDs from the Helm Chart's crds directory according to the CRD upgrade policy - provided here. Valid values are `Skip`, `Create` or `CreateReplace`. Default is `Create` and if omitted - CRDs are installed but not updated. \n Skip: do neither install nor replace (update) any CRDs. \n Create: - new CRDs are created, existing CRDs are neither updated nor deleted. \n CreateReplace: new CRDs are - created, existing CRDs are updated (replaced) but not deleted. \n By default, CRDs are applied (installed) - during Helm install action. With this option users can opt-in to CRD replace existing CRDs on Helm install - actions, which is not (yet) natively supported by Helm. https://helm.sh/docs/chart_best_practices/custom_resource_definitions." + description: |- + CRDs upgrade CRDs from the Helm Chart's crds directory according + to the CRD upgrade policy provided here. Valid values are `Skip`, + `Create` or `CreateReplace`. Default is `Create` and if omitted + CRDs are installed but not updated. + + + Skip: do neither install nor replace (update) any CRDs. + + + Create: new CRDs are created, existing CRDs are neither updated nor deleted. + + + CreateReplace: new CRDs are created, existing CRDs are updated (replaced) + but not deleted. + + + By default, CRDs are applied (installed) during Helm install action. + With this option users can opt in to CRD replace existing CRDs on Helm + install actions, which is not (yet) natively supported by Helm. + https://helm.sh/docs/chart_best_practices/custom_resource_definitions. enum: - Skip - Create - CreateReplace type: string createNamespace: - description: CreateNamespace tells the Helm install action to create the HelmReleaseSpec.TargetNamespace - if it does not exist yet. On uninstall, the namespace will not be garbage collected. + description: |- + CreateNamespace tells the Helm install action to create the + HelmReleaseSpec.TargetNamespace if it does not exist yet. + On uninstall, the namespace will not be garbage collected. type: boolean disableHooks: - description: DisableHooks prevents hooks from running during the Helm install action. + description: DisableHooks prevents hooks from running during the + Helm install action. type: boolean disableOpenAPIValidation: - description: DisableOpenAPIValidation prevents the Helm install action from validating rendered templates - against the Kubernetes OpenAPI Schema. + description: |- + DisableOpenAPIValidation prevents the Helm install action from validating + rendered templates against the Kubernetes OpenAPI Schema. type: boolean disableWait: - description: DisableWait disables the waiting for resources to be ready after a Helm install has been - performed. + description: |- + DisableWait disables the waiting for resources to be ready after a Helm + install has been performed. type: boolean disableWaitForJobs: - description: DisableWaitForJobs disables waiting for jobs to complete after a Helm install has been performed. + description: |- + DisableWaitForJobs disables waiting for jobs to complete after a Helm + install has been performed. type: boolean remediation: - description: Remediation holds the remediation configuration for when the Helm install action for the - HelmRelease fails. The default is to not perform any action. + description: |- + Remediation holds the remediation configuration for when the Helm install + action for the HelmRelease fails. The default is to not perform any action. properties: ignoreTestFailures: - description: IgnoreTestFailures tells the controller to skip remediation when the Helm tests are run - after an install action but fail. Defaults to 'Test.IgnoreFailures'. + description: |- + IgnoreTestFailures tells the controller to skip remediation when the Helm + tests are run after an install action but fail. Defaults to + 'Test.IgnoreFailures'. type: boolean remediateLastFailure: - description: RemediateLastFailure tells the controller to remediate the last failure, when no retries - remain. Defaults to 'false'. + description: |- + RemediateLastFailure tells the controller to remediate the last failure, when + no retries remain. Defaults to 'false'. type: boolean retries: - description: Retries is the number of retries that should be attempted on failures before bailing. - Remediation, using an uninstall, is performed between each attempt. Defaults to '0', a negative - integer equals to unlimited retries. + description: |- + Retries is the number of retries that should be attempted on failures before + bailing. Remediation, using an uninstall, is performed between each attempt. + Defaults to '0', a negative integer equals to unlimited retries. type: integer type: object replace: - description: Replace tells the Helm install action to re-use the 'ReleaseName', but only if that name - is a deleted release which remains in the history. + description: |- + Replace tells the Helm install action to re-use the 'ReleaseName', but only + if that name is a deleted release which remains in the history. type: boolean skipCRDs: - description: "SkipCRDs tells the Helm install action to not install any CRDs. By default, CRDs are installed - if not already present. \n Deprecated use CRD policy (`crds`) attribute with value `Skip` instead." + description: |- + SkipCRDs tells the Helm install action to not install any CRDs. By default, + CRDs are installed if not already present. + + + Deprecated use CRD policy (`crds`) attribute with value `Skip` instead. type: boolean timeout: - description: Timeout is the time to wait for any individual Kubernetes operation (like Jobs for hooks) - during the performance of a Helm install action. Defaults to 'HelmReleaseSpec.Timeout'. + description: |- + Timeout is the time to wait for any individual Kubernetes operation (like + Jobs for hooks) during the performance of a Helm install action. Defaults to + 'HelmReleaseSpec.Timeout'. pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$ type: string type: object interval: - description: Interval at which to reconcile the Helm release. This interval is approximate and may be subject - to jitter to ensure efficient use of resources. + description: Interval at which to reconcile the Helm release. pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$ type: string kubeConfig: - description: KubeConfig for reconciling the HelmRelease on a remote cluster. When used in combination with - HelmReleaseSpec.ServiceAccountName, forces the controller to act on behalf of that Service Account at the - target cluster. If the --default-service-account flag is set, its value will be used as a controller level - fallback for when HelmReleaseSpec.ServiceAccountName is empty. + description: |- + KubeConfig for reconciling the HelmRelease on a remote cluster. + When used in combination with HelmReleaseSpec.ServiceAccountName, + forces the controller to act on behalf of that Service Account at the + target cluster. + If the --default-service-account flag is set, its value will be used as + a controller level fallback for when HelmReleaseSpec.ServiceAccountName + is empty. properties: secretRef: - description: SecretRef holds the name of a secret that contains a key with the kubeconfig file as the - value. If no key is set, the key will default to 'value'. It is recommended that the kubeconfig is self-contained, - and the secret is regularly updated if credentials such as a cloud-access-token expire. Cloud specific - `cmd-path` auth helpers will not function without adding binaries and credentials to the Pod that is - responsible for reconciling Kubernetes resources. + description: |- + SecretRef holds the name of a secret that contains a key with + the kubeconfig file as the value. If no key is set, the key will default + to 'value'. + It is recommended that the kubeconfig is self-contained, and the secret + is regularly updated if credentials such as a cloud-access-token expire. + Cloud specific `cmd-path` auth helpers will not function without adding + binaries and credentials to the Pod that is responsible for reconciling + Kubernetes resources. properties: key: - description: Key in the Secret, when not specified an implementation-specific default key is used. + description: Key in the Secret, when not specified an implementation-specific + default key is used. type: string name: description: Name of the Secret. @@ -5049,19 +9411,30 @@ spec: - secretRef type: object maxHistory: - description: MaxHistory is the number of revisions saved by Helm for this HelmRelease. Use '0' for an unlimited - number of revisions; defaults to '10'. + description: |- + MaxHistory is the number of revisions saved by Helm for this HelmRelease. + Use '0' for an unlimited number of revisions; defaults to '5'. type: integer persistentClient: - description: "PersistentClient tells the controller to use a persistent Kubernetes client for this release. - When enabled, the client will be reused for the duration of the reconciliation, instead of being created - and destroyed for each (step of a) Helm action. \n This can improve performance, but may cause issues with - some Helm charts that for example do create Custom Resource Definitions during installation outside Helm's - CRD lifecycle hooks, which are then not observed to be available by e.g. post-install hooks. \n If not set, - it defaults to true." + description: |- + PersistentClient tells the controller to use a persistent Kubernetes + client for this release. When enabled, the client will be reused for the + duration of the reconciliation, instead of being created and destroyed + for each (step of a) Helm action. + + + This can improve performance, but may cause issues with some Helm charts + that for example do create Custom Resource Definitions during installation + outside Helm's CRD lifecycle hooks, which are then not observed to be + available by e.g. post-install hooks. + + + If not set, it defaults to true. type: boolean postRenderers: - description: PostRenderers holds an array of Helm PostRenderers, which will be applied in order of their definition. + description: |- + PostRenderers holds an array of Helm PostRenderers, which will be applied in order + of their definition. items: description: PostRenderer contains a Helm PostRenderer specification. properties: @@ -5069,58 +9442,76 @@ spec: description: Kustomization to apply as PostRenderer. properties: images: - description: Images is a list of (image name, new name, new tag or digest) for changing image names, - tags or digests. This can also be achieved with a patch, but this operator is simpler to specify. + description: |- + Images is a list of (image name, new name, new tag or digest) + for changing image names, tags or digests. This can also be achieved with a + patch, but this operator is simpler to specify. items: - description: Image contains an image name, a new name, a new tag or digest, which will replace - the original name and tag. + description: Image contains an image name, a new name, + a new tag or digest, which will replace the original + name and tag. properties: digest: - description: Digest is the value used to replace the original image tag. If digest is present - NewTag value is ignored. + description: |- + Digest is the value used to replace the original image tag. + If digest is present NewTag value is ignored. type: string name: description: Name is a tag-less image name. type: string newName: - description: NewName is the value used to replace the original name. + description: NewName is the value used to replace + the original name. type: string newTag: - description: NewTag is the value used to replace the original tag. + description: NewTag is the value used to replace the + original tag. type: string required: - name type: object type: array patches: - description: Strategic merge and JSON patches, defined as inline YAML objects, capable of targeting - objects based on kind, label and annotation selectors. + description: |- + Strategic merge and JSON patches, defined as inline YAML objects, + capable of targeting objects based on kind, label and annotation selectors. items: - description: Patch contains an inline StrategicMerge or JSON6902 patch, and the target the patch - should be applied to. + description: |- + Patch contains an inline StrategicMerge or JSON6902 patch, and the target the patch should + be applied to. properties: patch: - description: Patch contains an inline StrategicMerge patch or an inline JSON6902 patch with + description: |- + Patch contains an inline StrategicMerge patch or an inline JSON6902 patch with an array of operation objects. type: string target: - description: Target points to the resources that the patch document should be applied to. + description: Target points to the resources that the + patch document should be applied to. properties: annotationSelector: - description: AnnotationSelector is a string that follows the label selection expression - https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#api It matches - with the resource annotations. + description: |- + AnnotationSelector is a string that follows the label selection expression + https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#api + It matches with the resource annotations. type: string group: - description: Group is the API group to select resources from. Together with Version and - Kind it is capable of unambiguously identifying and/or selecting resources. https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md + description: |- + Group is the API group to select resources from. + Together with Version and Kind it is capable of unambiguously identifying and/or selecting resources. + https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md type: string kind: - description: Kind of the API Group to select resources from. Together with Group and Version - it is capable of unambiguously identifying and/or selecting resources. https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md + description: |- + Kind of the API Group to select resources from. + Together with Group and Version it is capable of unambiguously + identifying and/or selecting resources. + https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md type: string labelSelector: - description: LabelSelector is a string that follows the label selection expression https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#api + description: |- + LabelSelector is a string that follows the label selection expression + https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#api It matches with the resource labels. type: string name: @@ -5130,8 +9521,10 @@ spec: description: Namespace to select resources from. type: string version: - description: Version of the API Group to select resources from. Together with Group and - Kind it is capable of unambiguously identifying and/or selecting resources. https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md + description: |- + Version of the API Group to select resources from. + Together with Group and Kind it is capable of unambiguously identifying and/or selecting resources. + https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md type: string type: object required: @@ -5139,24 +9532,31 @@ spec: type: object type: array patchesJson6902: - description: JSON 6902 patches, defined as inline YAML objects. + description: |- + JSON 6902 patches, defined as inline YAML objects. + Deprecated: use Patches instead. items: - description: JSON6902Patch contains a JSON6902 patch and the target the patch should be applied - to. + description: JSON6902Patch contains a JSON6902 patch and + the target the patch should be applied to. properties: patch: - description: Patch contains the JSON6902 patch document with an array of operation objects. + description: Patch contains the JSON6902 patch document + with an array of operation objects. items: - description: JSON6902 is a JSON6902 operation object. https://datatracker.ietf.org/doc/html/rfc6902#section-4 + description: |- + JSON6902 is a JSON6902 operation object. + https://datatracker.ietf.org/doc/html/rfc6902#section-4 properties: from: - description: From contains a JSON-pointer value that references a location within the - target document where the operation is performed. The meaning of the value depends - on the value of Op, and is NOT taken into account by all operations. + description: |- + From contains a JSON-pointer value that references a location within the target document where the operation is + performed. The meaning of the value depends on the value of Op, and is NOT taken into account by all operations. type: string op: - description: Op indicates the operation to perform. Its value MUST be one of "add", - "remove", "replace", "move", "copy", or "test". https://datatracker.ietf.org/doc/html/rfc6902#section-4 + description: |- + Op indicates the operation to perform. Its value MUST be one of "add", "remove", "replace", "move", "copy", or + "test". + https://datatracker.ietf.org/doc/html/rfc6902#section-4 enum: - test - remove @@ -5166,13 +9566,14 @@ spec: - copy type: string path: - description: Path contains the JSON-pointer value that references a location within - the target document where the operation is performed. The meaning of the value depends - on the value of Op. + description: |- + Path contains the JSON-pointer value that references a location within the target document where the operation + is performed. The meaning of the value depends on the value of Op. type: string value: - description: Value contains a valid JSON structure. The meaning of the value depends - on the value of Op, and is NOT taken into account by all operations. + description: |- + Value contains a valid JSON structure. The meaning of the value depends on the value of Op, and is NOT taken into + account by all operations. x-kubernetes-preserve-unknown-fields: true required: - op @@ -5180,23 +9581,32 @@ spec: type: object type: array target: - description: Target points to the resources that the patch document should be applied to. + description: Target points to the resources that the + patch document should be applied to. properties: annotationSelector: - description: AnnotationSelector is a string that follows the label selection expression - https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#api It matches - with the resource annotations. + description: |- + AnnotationSelector is a string that follows the label selection expression + https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#api + It matches with the resource annotations. type: string group: - description: Group is the API group to select resources from. Together with Version and - Kind it is capable of unambiguously identifying and/or selecting resources. https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md + description: |- + Group is the API group to select resources from. + Together with Version and Kind it is capable of unambiguously identifying and/or selecting resources. + https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md type: string kind: - description: Kind of the API Group to select resources from. Together with Group and Version - it is capable of unambiguously identifying and/or selecting resources. https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md + description: |- + Kind of the API Group to select resources from. + Together with Group and Version it is capable of unambiguously + identifying and/or selecting resources. + https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md type: string labelSelector: - description: LabelSelector is a string that follows the label selection expression https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#api + description: |- + LabelSelector is a string that follows the label selection expression + https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#api It matches with the resource labels. type: string name: @@ -5206,8 +9616,10 @@ spec: description: Namespace to select resources from. type: string version: - description: Version of the API Group to select resources from. Together with Group and - Kind it is capable of unambiguously identifying and/or selecting resources. https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md + description: |- + Version of the API Group to select resources from. + Together with Group and Kind it is capable of unambiguously identifying and/or selecting resources. + https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md type: string type: object required: @@ -5216,7 +9628,9 @@ spec: type: object type: array patchesStrategicMerge: - description: Strategic merge patches, defined as inline YAML objects. + description: |- + Strategic merge patches, defined as inline YAML objects. + Deprecated: use Patches instead. items: x-kubernetes-preserve-unknown-fields: true type: array @@ -5224,176 +9638,260 @@ spec: type: object type: array releaseName: - description: ReleaseName used for the Helm release. Defaults to a composition of '[TargetNamespace-]Name'. + description: |- + ReleaseName used for the Helm release. Defaults to a composition of + '[TargetNamespace-]Name'. maxLength: 53 minLength: 1 type: string rollback: - description: Rollback holds the configuration for Helm rollback actions for this HelmRelease. + description: Rollback holds the configuration for Helm rollback actions + for this HelmRelease. properties: cleanupOnFail: - description: CleanupOnFail allows deletion of new resources created during the Helm rollback action when - it fails. + description: |- + CleanupOnFail allows deletion of new resources created during the Helm + rollback action when it fails. type: boolean disableHooks: - description: DisableHooks prevents hooks from running during the Helm rollback action. + description: DisableHooks prevents hooks from running during the + Helm rollback action. type: boolean disableWait: - description: DisableWait disables the waiting for resources to be ready after a Helm rollback has been - performed. + description: |- + DisableWait disables the waiting for resources to be ready after a Helm + rollback has been performed. type: boolean disableWaitForJobs: - description: DisableWaitForJobs disables waiting for jobs to complete after a Helm rollback has been performed. + description: |- + DisableWaitForJobs disables waiting for jobs to complete after a Helm + rollback has been performed. type: boolean force: - description: Force forces resource updates through a replacement strategy. + description: Force forces resource updates through a replacement + strategy. type: boolean recreate: - description: Recreate performs pod restarts for the resource if applicable. + description: Recreate performs pod restarts for the resource if + applicable. type: boolean timeout: - description: Timeout is the time to wait for any individual Kubernetes operation (like Jobs for hooks) - during the performance of a Helm rollback action. Defaults to 'HelmReleaseSpec.Timeout'. + description: |- + Timeout is the time to wait for any individual Kubernetes operation (like + Jobs for hooks) during the performance of a Helm rollback action. Defaults to + 'HelmReleaseSpec.Timeout'. pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$ type: string type: object serviceAccountName: - description: The name of the Kubernetes service account to impersonate when reconciling this HelmRelease. + description: |- + The name of the Kubernetes service account to impersonate + when reconciling this HelmRelease. + maxLength: 253 + minLength: 1 type: string storageNamespace: - description: StorageNamespace used for the Helm storage. Defaults to the namespace of the HelmRelease. + description: |- + StorageNamespace used for the Helm storage. + Defaults to the namespace of the HelmRelease. maxLength: 63 minLength: 1 type: string suspend: - description: Suspend tells the controller to suspend reconciliation for this HelmRelease, it does not apply - to already started reconciliations. Defaults to false. + description: |- + Suspend tells the controller to suspend reconciliation for this HelmRelease, + it does not apply to already started reconciliations. Defaults to false. type: boolean targetNamespace: - description: TargetNamespace to target when performing operations for the HelmRelease. Defaults to the namespace - of the HelmRelease. + description: |- + TargetNamespace to target when performing operations for the HelmRelease. + Defaults to the namespace of the HelmRelease. maxLength: 63 minLength: 1 type: string test: - description: Test holds the configuration for Helm test actions for this HelmRelease. + description: Test holds the configuration for Helm test actions for + this HelmRelease. properties: enable: - description: Enable enables Helm test actions for this HelmRelease after an Helm install or upgrade action - has been performed. + description: |- + Enable enables Helm test actions for this HelmRelease after an Helm install + or upgrade action has been performed. type: boolean + filters: + description: Filters is a list of tests to run or exclude from + running. + items: + description: Filter holds the configuration for individual Helm + test filters. + properties: + exclude: + description: Exclude specifies whether the named test should + be excluded. + type: boolean + name: + description: Name is the name of the test. + maxLength: 253 + minLength: 1 + type: string + required: + - name + type: object + type: array ignoreFailures: - description: IgnoreFailures tells the controller to skip remediation when the Helm tests are run but fail. - Can be overwritten for tests run after install or upgrade actions in 'Install.IgnoreTestFailures' and - 'Upgrade.IgnoreTestFailures'. + description: |- + IgnoreFailures tells the controller to skip remediation when the Helm tests + are run but fail. Can be overwritten for tests run after install or upgrade + actions in 'Install.IgnoreTestFailures' and 'Upgrade.IgnoreTestFailures'. type: boolean timeout: - description: Timeout is the time to wait for any individual Kubernetes operation during the performance - of a Helm test action. Defaults to 'HelmReleaseSpec.Timeout'. + description: |- + Timeout is the time to wait for any individual Kubernetes operation during + the performance of a Helm test action. Defaults to 'HelmReleaseSpec.Timeout'. pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$ type: string type: object timeout: - description: Timeout is the time to wait for any individual Kubernetes operation (like Jobs for hooks) during - the performance of a Helm action. Defaults to '5m0s'. + description: |- + Timeout is the time to wait for any individual Kubernetes operation (like Jobs + for hooks) during the performance of a Helm action. Defaults to '5m0s'. pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$ type: string uninstall: - description: Uninstall holds the configuration for Helm uninstall actions for this HelmRelease. + description: Uninstall holds the configuration for Helm uninstall + actions for this HelmRelease. properties: deletionPropagation: default: background - description: DeletionPropagation specifies the deletion propagation policy when a Helm uninstall is performed. + description: |- + DeletionPropagation specifies the deletion propagation policy when + a Helm uninstall is performed. enum: - background - foreground - orphan type: string disableHooks: - description: DisableHooks prevents hooks from running during the Helm rollback action. + description: DisableHooks prevents hooks from running during the + Helm rollback action. type: boolean disableWait: - description: DisableWait disables waiting for all the resources to be deleted after a Helm uninstall is - performed. + description: |- + DisableWait disables waiting for all the resources to be deleted after + a Helm uninstall is performed. type: boolean keepHistory: - description: KeepHistory tells Helm to remove all associated resources and mark the release as deleted, - but retain the release history. + description: |- + KeepHistory tells Helm to remove all associated resources and mark the + release as deleted, but retain the release history. type: boolean timeout: - description: Timeout is the time to wait for any individual Kubernetes operation (like Jobs for hooks) - during the performance of a Helm uninstall action. Defaults to 'HelmReleaseSpec.Timeout'. + description: |- + Timeout is the time to wait for any individual Kubernetes operation (like + Jobs for hooks) during the performance of a Helm uninstall action. Defaults + to 'HelmReleaseSpec.Timeout'. pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$ type: string type: object upgrade: - description: Upgrade holds the configuration for Helm upgrade actions for this HelmRelease. + description: Upgrade holds the configuration for Helm upgrade actions + for this HelmRelease. properties: cleanupOnFail: - description: CleanupOnFail allows deletion of new resources created during the Helm upgrade action when - it fails. + description: |- + CleanupOnFail allows deletion of new resources created during the Helm + upgrade action when it fails. type: boolean crds: - description: "CRDs upgrade CRDs from the Helm Chart's crds directory according to the CRD upgrade policy - provided here. Valid values are `Skip`, `Create` or `CreateReplace`. Default is `Skip` and if omitted - CRDs are neither installed nor upgraded. \n Skip: do neither install nor replace (update) any CRDs. - \n Create: new CRDs are created, existing CRDs are neither updated nor deleted. \n CreateReplace: new - CRDs are created, existing CRDs are updated (replaced) but not deleted. \n By default, CRDs are not - applied during Helm upgrade action. With this option users can opt-in to CRD upgrade, which is not (yet) - natively supported by Helm. https://helm.sh/docs/chart_best_practices/custom_resource_definitions." + description: |- + CRDs upgrade CRDs from the Helm Chart's crds directory according + to the CRD upgrade policy provided here. Valid values are `Skip`, + `Create` or `CreateReplace`. Default is `Skip` and if omitted + CRDs are neither installed nor upgraded. + + + Skip: do neither install nor replace (update) any CRDs. + + + Create: new CRDs are created, existing CRDs are neither updated nor deleted. + + + CreateReplace: new CRDs are created, existing CRDs are updated (replaced) + but not deleted. + + + By default, CRDs are not applied during Helm upgrade action. With this + option users can opt-in to CRD upgrade, which is not (yet) natively supported by Helm. + https://helm.sh/docs/chart_best_practices/custom_resource_definitions. enum: - Skip - Create - CreateReplace type: string disableHooks: - description: DisableHooks prevents hooks from running during the Helm upgrade action. + description: DisableHooks prevents hooks from running during the + Helm upgrade action. type: boolean disableOpenAPIValidation: - description: DisableOpenAPIValidation prevents the Helm upgrade action from validating rendered templates - against the Kubernetes OpenAPI Schema. + description: |- + DisableOpenAPIValidation prevents the Helm upgrade action from validating + rendered templates against the Kubernetes OpenAPI Schema. type: boolean disableWait: - description: DisableWait disables the waiting for resources to be ready after a Helm upgrade has been - performed. + description: |- + DisableWait disables the waiting for resources to be ready after a Helm + upgrade has been performed. type: boolean disableWaitForJobs: - description: DisableWaitForJobs disables waiting for jobs to complete after a Helm upgrade has been performed. + description: |- + DisableWaitForJobs disables waiting for jobs to complete after a Helm + upgrade has been performed. type: boolean force: - description: Force forces resource updates through a replacement strategy. + description: Force forces resource updates through a replacement + strategy. type: boolean preserveValues: - description: PreserveValues will make Helm reuse the last release's values and merge in overrides from - 'Values'. Setting this flag makes the HelmRelease non-declarative. + description: |- + PreserveValues will make Helm reuse the last release's values and merge in + overrides from 'Values'. Setting this flag makes the HelmRelease + non-declarative. type: boolean remediation: - description: Remediation holds the remediation configuration for when the Helm upgrade action for the - HelmRelease fails. The default is to not perform any action. + description: |- + Remediation holds the remediation configuration for when the Helm upgrade + action for the HelmRelease fails. The default is to not perform any action. properties: ignoreTestFailures: - description: IgnoreTestFailures tells the controller to skip remediation when the Helm tests are run - after an upgrade action but fail. Defaults to 'Test.IgnoreFailures'. + description: |- + IgnoreTestFailures tells the controller to skip remediation when the Helm + tests are run after an upgrade action but fail. + Defaults to 'Test.IgnoreFailures'. type: boolean remediateLastFailure: - description: RemediateLastFailure tells the controller to remediate the last failure, when no retries - remain. Defaults to 'false' unless 'Retries' is greater than 0. + description: |- + RemediateLastFailure tells the controller to remediate the last failure, when + no retries remain. Defaults to 'false' unless 'Retries' is greater than 0. type: boolean retries: - description: Retries is the number of retries that should be attempted on failures before bailing. - Remediation, using 'Strategy', is performed between each attempt. Defaults to '0', a negative integer - equals to unlimited retries. + description: |- + Retries is the number of retries that should be attempted on failures before + bailing. Remediation, using 'Strategy', is performed between each attempt. + Defaults to '0', a negative integer equals to unlimited retries. type: integer strategy: - description: Strategy to use for failure remediation. Defaults to 'rollback'. + description: Strategy to use for failure remediation. Defaults + to 'rollback'. enum: - rollback - uninstall type: string type: object timeout: - description: Timeout is the time to wait for any individual Kubernetes operation (like Jobs for hooks) - during the performance of a Helm upgrade action. Defaults to 'HelmReleaseSpec.Timeout'. + description: |- + Timeout is the time to wait for any individual Kubernetes operation (like + Jobs for hooks) during the performance of a Helm upgrade action. Defaults to + 'HelmReleaseSpec.Timeout'. pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$ type: string type: object @@ -5401,39 +9899,46 @@ spec: description: Values holds the values for this Helm release. x-kubernetes-preserve-unknown-fields: true valuesFrom: - description: ValuesFrom holds references to resources containing Helm values for this HelmRelease, and information - about how they should be merged. + description: |- + ValuesFrom holds references to resources containing Helm values for this HelmRelease, + and information about how they should be merged. items: - description: ValuesReference contains a reference to a resource containing Helm values, and optionally the - key they can be found at. + description: |- + ValuesReference contains a reference to a resource containing Helm values, + and optionally the key they can be found at. properties: kind: - description: Kind of the values referent, valid values are ('Secret', 'ConfigMap'). + description: Kind of the values referent, valid values are ('Secret', + 'ConfigMap'). enum: - Secret - ConfigMap type: string name: - description: Name of the values referent. Should reside in the same namespace as the referring resource. + description: |- + Name of the values referent. Should reside in the same namespace as the + referring resource. maxLength: 253 minLength: 1 type: string optional: - description: Optional marks this ValuesReference as optional. When set, a not found error for the values - reference is ignored, but any ValuesKey, TargetPath or transient error will still result in a reconciliation - failure. + description: |- + Optional marks this ValuesReference as optional. When set, a not found error + for the values reference is ignored, but any ValuesKey, TargetPath or + transient error will still result in a reconciliation failure. type: boolean targetPath: - description: TargetPath is the YAML dot notation path the value should be merged at. When set, the ValuesKey - is expected to be a single flat value. Defaults to 'None', which results in the values getting merged - at the root. + description: |- + TargetPath is the YAML dot notation path the value should be merged at. When + set, the ValuesKey is expected to be a single flat value. Defaults to 'None', + which results in the values getting merged at the root. maxLength: 250 pattern: ^([a-zA-Z0-9_\-.\\\/]|\[[0-9]{1,5}\])+$ type: string valuesKey: - description: ValuesKey is the data key where the values.yaml or a specific value can be found at. Defaults - to 'values.yaml'. When set, must be a valid Data Key, consisting of alphanumeric characters, '-', - '_' or '.'. + description: |- + ValuesKey is the data key where the values.yaml or a specific value can be + found at. Defaults to 'values.yaml'. maxLength: 253 pattern: ^[\-._a-zA-Z0-9]+$ type: string @@ -5443,9 +9948,12 @@ spec: type: object type: array required: - - chart - interval type: object + x-kubernetes-validations: + - message: either chart or chartRef must be set + rule: (has(self.chart) && !has(self.chartRef)) || (!has(self.chart) + && has(self.chartRef)) status: default: observedGeneration: -1 @@ -5454,35 +9962,43 @@ spec: conditions: description: Conditions holds the conditions for the HelmRelease. items: - description: "Condition contains details for one aspect of the current state of this API Resource. --- This - struct is intended for direct use as an array at the field path .status.conditions. For example, \n type - FooStatus struct{ // Represents the observations of a foo's current state. // Known .status.conditions.type - are: \"Available\", \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge // - +listType=map // +listMapKey=type Conditions []metav1.Condition `json:\"conditions,omitempty\" patchStrategy:\"merge\" - patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" + description: "Condition contains details for one aspect of the current + state of this API Resource.\n---\nThis struct is intended for + direct use as an array at the field path .status.conditions. For + example,\n\n\n\ttype FooStatus struct{\n\t // Represents the + observations of a foo's current state.\n\t // Known .status.conditions.type + are: \"Available\", \"Progressing\", and \"Degraded\"\n\t // + +patchMergeKey=type\n\t // +patchStrategy=merge\n\t // +listType=map\n\t + \ // +listMapKey=type\n\t Conditions []metav1.Condition `json:\"conditions,omitempty\" + patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"`\n\n\n\t + \ // other fields\n\t}" properties: lastTransitionTime: - description: lastTransitionTime is the last time the condition transitioned from one status to another. - This should be when the underlying condition changed. If that is not known, then using the time when - the API field changed is acceptable. + description: |- + lastTransitionTime is the last time the condition transitioned from one status to another. + This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. format: date-time type: string message: - description: message is a human readable message indicating details about the transition. This may be - an empty string. + description: |- + message is a human readable message indicating details about the transition. + This may be an empty string. maxLength: 32768 type: string observedGeneration: - description: observedGeneration represents the .metadata.generation that the condition was set based - upon. For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration - is 9, the condition is out of date with respect to the current state of the instance. + description: |- + observedGeneration represents the .metadata.generation that the condition was set based upon. + For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date + with respect to the current state of the instance. format: int64 minimum: 0 type: integer reason: - description: reason contains a programmatic identifier indicating the reason for the condition's last - transition. Producers of specific condition types may define expected values and meanings for this - field, and whether the values are considered a guaranteed API. The value should be a CamelCase string. + description: |- + reason contains a programmatic identifier indicating the reason for the condition's last transition. + Producers of specific condition types may define expected values and meanings for this field, + and whether the values are considered a guaranteed API. + The value should be a CamelCase string. This field may not be empty. maxLength: 1024 minLength: 1 @@ -5496,9 +10012,12 @@ spec: - Unknown type: string type: - description: type of condition in CamelCase or in foo.example.com/CamelCase. --- Many .condition.type - values are consistent across resources like Available, but because arbitrary conditions can be useful - (see .node.status.conditions), the ability to deconflict is important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + description: |- + type of condition in CamelCase or in foo.example.com/CamelCase. + --- + Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be + useful (see .node.status.conditions), the ability to deconflict is important. + The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) maxLength: 316 pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ type: string @@ -5511,48 +10030,217 @@ spec: type: object type: array failures: - description: Failures is the reconciliation failure count against the latest desired state. It is reset after - a successful reconciliation. + description: |- + Failures is the reconciliation failure count against the latest desired + state. It is reset after a successful reconciliation. format: int64 type: integer helmChart: - description: HelmChart is the namespaced name of the HelmChart resource created by the controller for the - HelmRelease. - type: string + description: |- + HelmChart is the namespaced name of the HelmChart resource created by + the controller for the HelmRelease. + type: string + history: + description: |- + History holds the history of Helm releases performed for this HelmRelease + up to the last successfully completed release. + items: + description: |- + Snapshot captures a point-in-time copy of the status information for a Helm release, + as managed by the controller. + properties: + apiVersion: + description: |- + APIVersion is the API version of the Snapshot. + Provisional: when the calculation method of the Digest field is changed, + this field will be used to distinguish between the old and new methods. + type: string + appVersion: + description: AppVersion is the chart app version of the release + object in storage. + type: string + chartName: + description: ChartName is the chart name of the release object + in storage. + type: string + chartVersion: + description: |- + ChartVersion is the chart version of the release object in + storage. + type: string + configDigest: + description: |- + ConfigDigest is the checksum of the config (better known as + "values") of the release object in storage. + It has the format of `:`. + type: string + deleted: + description: Deleted is when the release was deleted. + format: date-time + type: string + digest: + description: |- + Digest is the checksum of the release object in storage. + It has the format of `:`. + type: string + firstDeployed: + description: FirstDeployed is when the release was first deployed. + format: date-time + type: string + lastDeployed: + description: LastDeployed is when the release was last deployed. + format: date-time + type: string + name: + description: Name is the name of the release. + type: string + namespace: + description: Namespace is the namespace the release is deployed + to. + type: string + ociDigest: + description: OCIDigest is the digest of the OCI artifact associated + with the release. + type: string + status: + description: Status is the current state of the release. + type: string + testHooks: + additionalProperties: + description: |- + TestHookStatus holds the status information for a test hook as observed + to be run by the controller. + properties: + lastCompleted: + description: LastCompleted is the time the test hook last + completed. + format: date-time + type: string + lastStarted: + description: LastStarted is the time the test hook was + last started. + format: date-time + type: string + phase: + description: Phase the test hook was observed to be in. + type: string + type: object + description: |- + TestHooks is the list of test hooks for the release as observed to be + run by the controller. + type: object + version: + description: Version is the version of the release object in + storage. + type: integer + required: + - chartName + - chartVersion + - configDigest + - digest + - firstDeployed + - lastDeployed + - name + - namespace + - status + - version + type: object + type: array installFailures: - description: InstallFailures is the install failure count against the latest desired state. It is reset after - a successful reconciliation. + description: |- + InstallFailures is the install failure count against the latest desired + state. It is reset after a successful reconciliation. format: int64 type: integer lastAppliedRevision: - description: LastAppliedRevision is the revision of the last successfully applied source. + description: |- + LastAppliedRevision is the revision of the last successfully applied + source. + Deprecated: the revision can now be found in the History. + type: string + lastAttemptedConfigDigest: + description: |- + LastAttemptedConfigDigest is the digest for the config (better known as + "values") of the last reconciliation attempt. + type: string + lastAttemptedGeneration: + description: |- + LastAttemptedGeneration is the last generation the controller attempted + to reconcile. + format: int64 + type: integer + lastAttemptedReleaseAction: + description: |- + LastAttemptedReleaseAction is the last release action performed for this + HelmRelease. It is used to determine the active remediation strategy. + enum: + - install + - upgrade type: string lastAttemptedRevision: - description: LastAttemptedRevision is the revision of the last reconciliation attempt. + description: |- + LastAttemptedRevision is the Source revision of the last reconciliation + attempt. For OCIRepository sources, the 12 first characters of the digest are + appended to the chart version e.g. "1.2.3+1234567890ab". + type: string + lastAttemptedRevisionDigest: + description: |- + LastAttemptedRevisionDigest is the digest of the last reconciliation attempt. + This is only set for OCIRepository sources. type: string lastAttemptedValuesChecksum: - description: LastAttemptedValuesChecksum is the SHA1 checksum of the values of the last reconciliation attempt. + description: |- + LastAttemptedValuesChecksum is the SHA1 checksum for the values of the last + reconciliation attempt. + Deprecated: Use LastAttemptedConfigDigest instead. + type: string + lastHandledForceAt: + description: |- + LastHandledForceAt holds the value of the most recent force request + value, so a change of the annotation value can be detected. type: string lastHandledReconcileAt: - description: LastHandledReconcileAt holds the value of the most recent reconcile request value, so a change - of the annotation value can be detected. + description: |- + LastHandledReconcileAt holds the value of the most recent + reconcile request value, so a change of the annotation value + can be detected. + type: string + lastHandledResetAt: + description: |- + LastHandledResetAt holds the value of the most recent reset request + value, so a change of the annotation value can be detected. type: string lastReleaseRevision: - description: LastReleaseRevision is the revision of the last successful Helm release. + description: |- + LastReleaseRevision is the revision of the last successful Helm release. + Deprecated: Use History instead. type: integer observedGeneration: description: ObservedGeneration is the last observed generation. format: int64 type: integer + observedPostRenderersDigest: + description: |- + ObservedPostRenderersDigest is the digest for the post-renderers of + the last successful reconciliation attempt. + type: string + storageNamespace: + description: |- + StorageNamespace is the namespace of the Helm release storage for the + current release. + maxLength: 63 + minLength: 1 + type: string upgradeFailures: - description: UpgradeFailures is the upgrade failure count against the latest desired state. It is reset after - a successful reconciliation. + description: |- + UpgradeFailures is the upgrade failure count against the latest desired + state. It is reset after a successful reconciliation. format: int64 type: integer type: object type: object served: true - storage: true + storage: false subresources: status: {} --- @@ -5563,7 +10251,7 @@ metadata: app.kubernetes.io/component: helm-controller app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v2.1.1 + app.kubernetes.io/version: v2.3.0 name: helm-controller namespace: flux-system --- @@ -5574,7 +10262,7 @@ metadata: app.kubernetes.io/component: helm-controller app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v2.1.1 + app.kubernetes.io/version: v2.3.0 control-plane: controller name: helm-controller namespace: flux-system @@ -5603,7 +10291,17 @@ spec: valueFrom: fieldRef: fieldPath: metadata.namespace - image: ghcr.io/fluxcd/helm-controller:v0.36.1 + - name: GOMAXPROCS + valueFrom: + resourceFieldRef: + containerName: manager + resource: limits.cpu + - name: GOMEMLIMIT + valueFrom: + resourceFieldRef: + containerName: manager + resource: limits.memory + image: ghcr.io/fluxcd/helm-controller:v1.0.1 imagePullPolicy: IfNotPresent livenessProbe: httpGet: @@ -5655,12 +10353,12 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.12.0 + controller-gen.kubebuilder.io/version: v0.15.0 labels: app.kubernetes.io/component: notification-controller app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v2.1.1 + app.kubernetes.io/version: v2.3.0 name: alerts.notification.toolkit.fluxcd.io spec: group: notification.toolkit.fluxcd.io @@ -5681,27 +10379,39 @@ spec: - jsonPath: .status.conditions[?(@.type=="Ready")].message name: Status type: string + deprecated: true + deprecationWarning: v1beta1 Alert is deprecated, upgrade to v1beta3 name: v1beta1 schema: openAPIV3Schema: description: Alert is the Schema for the alerts API properties: apiVersion: - description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert - recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string kind: - description: 'Kind is a string value representing the REST resource this object represents. Servers may infer - this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string metadata: type: object spec: - description: AlertSpec defines an alerting rule for events involving a list of objects + description: AlertSpec defines an alerting rule for events involving a + list of objects properties: eventSeverity: default: info - description: Filter events based on severity, defaults to ('info'). If set to 'info' no events will be filtered. + description: |- + Filter events based on severity, defaults to ('info'). + If set to 'info' no events will be filtered. enum: - info - error @@ -5709,8 +10419,9 @@ spec: eventSources: description: Filter events based on the involved objects. items: - description: CrossNamespaceObjectReference contains enough information to let you locate the typed referenced - object at cluster level + description: |- + CrossNamespaceObjectReference contains enough information to let you locate the + typed referenced object at cluster level properties: apiVersion: description: API version of the referent @@ -5732,9 +10443,10 @@ spec: matchLabels: additionalProperties: type: string - description: MatchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map - is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and - the values array contains only "value". The requirements are ANDed. + description: |- + MatchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, whose key field is "key", the + operator is "In", and the values array contains only "value". The requirements are ANDed. type: object name: description: Name of the referent @@ -5751,7 +10463,8 @@ spec: type: object type: array exclusionList: - description: A list of Golang regular expressions to be used for excluding messages. + description: A list of Golang regular expressions to be used for excluding + messages. items: type: string type: array @@ -5768,7 +10481,9 @@ spec: description: Short description of the impact and affected cluster. type: string suspend: - description: This flag tells the controller to suspend subsequent events dispatching. Defaults to false. + description: |- + This flag tells the controller to suspend subsequent events dispatching. + Defaults to false. type: boolean required: - eventSources @@ -5781,35 +10496,43 @@ spec: properties: conditions: items: - description: "Condition contains details for one aspect of the current state of this API Resource. --- This - struct is intended for direct use as an array at the field path .status.conditions. For example, \n type - FooStatus struct{ // Represents the observations of a foo's current state. // Known .status.conditions.type - are: \"Available\", \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge // - +listType=map // +listMapKey=type Conditions []metav1.Condition `json:\"conditions,omitempty\" patchStrategy:\"merge\" - patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" + description: "Condition contains details for one aspect of the current + state of this API Resource.\n---\nThis struct is intended for + direct use as an array at the field path .status.conditions. For + example,\n\n\n\ttype FooStatus struct{\n\t // Represents the + observations of a foo's current state.\n\t // Known .status.conditions.type + are: \"Available\", \"Progressing\", and \"Degraded\"\n\t // + +patchMergeKey=type\n\t // +patchStrategy=merge\n\t // +listType=map\n\t + \ // +listMapKey=type\n\t Conditions []metav1.Condition `json:\"conditions,omitempty\" + patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"`\n\n\n\t + \ // other fields\n\t}" properties: lastTransitionTime: - description: lastTransitionTime is the last time the condition transitioned from one status to another. - This should be when the underlying condition changed. If that is not known, then using the time when - the API field changed is acceptable. + description: |- + lastTransitionTime is the last time the condition transitioned from one status to another. + This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. format: date-time type: string message: - description: message is a human readable message indicating details about the transition. This may be - an empty string. + description: |- + message is a human readable message indicating details about the transition. + This may be an empty string. maxLength: 32768 type: string observedGeneration: - description: observedGeneration represents the .metadata.generation that the condition was set based - upon. For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration - is 9, the condition is out of date with respect to the current state of the instance. + description: |- + observedGeneration represents the .metadata.generation that the condition was set based upon. + For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date + with respect to the current state of the instance. format: int64 minimum: 0 type: integer reason: - description: reason contains a programmatic identifier indicating the reason for the condition's last - transition. Producers of specific condition types may define expected values and meanings for this - field, and whether the values are considered a guaranteed API. The value should be a CamelCase string. + description: |- + reason contains a programmatic identifier indicating the reason for the condition's last transition. + Producers of specific condition types may define expected values and meanings for this field, + and whether the values are considered a guaranteed API. + The value should be a CamelCase string. This field may not be empty. maxLength: 1024 minLength: 1 @@ -5823,9 +10546,12 @@ spec: - Unknown type: string type: - description: type of condition in CamelCase or in foo.example.com/CamelCase. --- Many .condition.type - values are consistent across resources like Available, but because arbitrary conditions can be useful - (see .node.status.conditions), the ability to deconflict is important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + description: |- + type of condition in CamelCase or in foo.example.com/CamelCase. + --- + Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be + useful (see .node.status.conditions), the ability to deconflict is important. + The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) maxLength: 316 pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ type: string @@ -5857,45 +10583,61 @@ spec: - jsonPath: .status.conditions[?(@.type=="Ready")].message name: Status type: string + deprecated: true + deprecationWarning: v1beta2 Alert is deprecated, upgrade to v1beta3 name: v1beta2 schema: openAPIV3Schema: description: Alert is the Schema for the alerts API properties: apiVersion: - description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert - recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string kind: - description: 'Kind is a string value representing the REST resource this object represents. Servers may infer - this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string metadata: type: object spec: - description: AlertSpec defines an alerting rule for events involving a list of objects. + description: AlertSpec defines an alerting rule for events involving a + list of objects. properties: eventMetadata: additionalProperties: type: string - description: EventMetadata is an optional field for adding metadata to events dispatched by the controller. - This can be used for enhancing the context of the event. If a field would override one already present on - the original event as generated by the emitter, then the override doesn't happen, i.e. the original value - is preserved, and an info log is printed. + description: |- + EventMetadata is an optional field for adding metadata to events dispatched by the + controller. This can be used for enhancing the context of the event. If a field + would override one already present on the original event as generated by the emitter, + then the override doesn't happen, i.e. the original value is preserved, and an info + log is printed. type: object eventSeverity: default: info - description: EventSeverity specifies how to filter events based on severity. If set to 'info' no events will - be filtered. + description: |- + EventSeverity specifies how to filter events based on severity. + If set to 'info' no events will be filtered. enum: - info - error type: string eventSources: - description: EventSources specifies how to filter events based on the involved object kind, name and namespace. + description: |- + EventSources specifies how to filter events based + on the involved object kind, name and namespace. items: - description: CrossNamespaceObjectReference contains enough information to let you locate the typed referenced - object at cluster level + description: |- + CrossNamespaceObjectReference contains enough information to let you locate the + typed referenced object at cluster level properties: apiVersion: description: API version of the referent @@ -5917,13 +10659,16 @@ spec: matchLabels: additionalProperties: type: string - description: MatchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map - is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and - the values array contains only "value". The requirements are ANDed. MatchLabels requires the name - to be set to `*`. + description: |- + MatchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, whose key field is "key", the + operator is "In", and the values array contains only "value". The requirements are ANDed. + MatchLabels requires the name to be set to `*`. type: object name: - description: Name of the referent If multiple resources are targeted `*` may be set. + description: |- + Name of the referent + If multiple resources are targeted `*` may be set. maxLength: 53 minLength: 1 type: string @@ -5938,17 +10683,22 @@ spec: type: object type: array exclusionList: - description: ExclusionList specifies a list of Golang regular expressions to be used for excluding messages. + description: |- + ExclusionList specifies a list of Golang regular expressions + to be used for excluding messages. items: type: string type: array inclusionList: - description: InclusionList specifies a list of Golang regular expressions to be used for including messages. + description: |- + InclusionList specifies a list of Golang regular expressions + to be used for including messages. items: type: string type: array providerRef: - description: ProviderRef specifies which Provider this Alert should use. + description: ProviderRef specifies which Provider this Alert should + use. properties: name: description: Name of the referent. @@ -5957,11 +10707,14 @@ spec: - name type: object summary: - description: Summary holds a short description of the impact and affected cluster. + description: Summary holds a short description of the impact and affected + cluster. maxLength: 255 type: string suspend: - description: Suspend tells the controller to suspend subsequent events handling for this Alert. + description: |- + Suspend tells the controller to suspend subsequent + events handling for this Alert. type: boolean required: - eventSources @@ -5975,35 +10728,43 @@ spec: conditions: description: Conditions holds the conditions for the Alert. items: - description: "Condition contains details for one aspect of the current state of this API Resource. --- This - struct is intended for direct use as an array at the field path .status.conditions. For example, \n type - FooStatus struct{ // Represents the observations of a foo's current state. // Known .status.conditions.type - are: \"Available\", \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge // - +listType=map // +listMapKey=type Conditions []metav1.Condition `json:\"conditions,omitempty\" patchStrategy:\"merge\" - patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" + description: "Condition contains details for one aspect of the current + state of this API Resource.\n---\nThis struct is intended for + direct use as an array at the field path .status.conditions. For + example,\n\n\n\ttype FooStatus struct{\n\t // Represents the + observations of a foo's current state.\n\t // Known .status.conditions.type + are: \"Available\", \"Progressing\", and \"Degraded\"\n\t // + +patchMergeKey=type\n\t // +patchStrategy=merge\n\t // +listType=map\n\t + \ // +listMapKey=type\n\t Conditions []metav1.Condition `json:\"conditions,omitempty\" + patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"`\n\n\n\t + \ // other fields\n\t}" properties: lastTransitionTime: - description: lastTransitionTime is the last time the condition transitioned from one status to another. - This should be when the underlying condition changed. If that is not known, then using the time when - the API field changed is acceptable. + description: |- + lastTransitionTime is the last time the condition transitioned from one status to another. + This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. format: date-time type: string message: - description: message is a human readable message indicating details about the transition. This may be - an empty string. + description: |- + message is a human readable message indicating details about the transition. + This may be an empty string. maxLength: 32768 type: string observedGeneration: - description: observedGeneration represents the .metadata.generation that the condition was set based - upon. For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration - is 9, the condition is out of date with respect to the current state of the instance. + description: |- + observedGeneration represents the .metadata.generation that the condition was set based upon. + For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date + with respect to the current state of the instance. format: int64 minimum: 0 type: integer reason: - description: reason contains a programmatic identifier indicating the reason for the condition's last - transition. Producers of specific condition types may define expected values and meanings for this - field, and whether the values are considered a guaranteed API. The value should be a CamelCase string. + description: |- + reason contains a programmatic identifier indicating the reason for the condition's last transition. + Producers of specific condition types may define expected values and meanings for this field, + and whether the values are considered a guaranteed API. + The value should be a CamelCase string. This field may not be empty. maxLength: 1024 minLength: 1 @@ -6017,9 +10778,12 @@ spec: - Unknown type: string type: - description: type of condition in CamelCase or in foo.example.com/CamelCase. --- Many .condition.type - values are consistent across resources like Available, but because arbitrary conditions can be useful - (see .node.status.conditions), the ability to deconflict is important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + description: |- + type of condition in CamelCase or in foo.example.com/CamelCase. + --- + Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be + useful (see .node.status.conditions), the ability to deconflict is important. + The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) maxLength: 316 pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ type: string @@ -6032,8 +10796,10 @@ spec: type: object type: array lastHandledReconcileAt: - description: LastHandledReconcileAt holds the value of the most recent reconcile request value, so a change - of the annotation value can be detected. + description: |- + LastHandledReconcileAt holds the value of the most recent + reconcile request value, so a change of the annotation value + can be detected. type: string observedGeneration: description: ObservedGeneration is the last observed generation. @@ -6042,20 +10808,163 @@ spec: type: object type: object served: true - storage: true + storage: false subresources: status: {} + - additionalPrinterColumns: + - jsonPath: .metadata.creationTimestamp + name: Age + type: date + name: v1beta3 + schema: + openAPIV3Schema: + description: Alert is the Schema for the alerts API + properties: + apiVersion: + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources + type: string + kind: + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds + type: string + metadata: + type: object + spec: + description: AlertSpec defines an alerting rule for events involving a + list of objects. + properties: + eventMetadata: + additionalProperties: + type: string + description: |- + EventMetadata is an optional field for adding metadata to events dispatched by the + controller. This can be used for enhancing the context of the event. If a field + would override one already present on the original event as generated by the emitter, + then the override doesn't happen, i.e. the original value is preserved, and an info + log is printed. + type: object + eventSeverity: + default: info + description: |- + EventSeverity specifies how to filter events based on severity. + If set to 'info' no events will be filtered. + enum: + - info + - error + type: string + eventSources: + description: |- + EventSources specifies how to filter events based + on the involved object kind, name and namespace. + items: + description: |- + CrossNamespaceObjectReference contains enough information to let you locate the + typed referenced object at cluster level + properties: + apiVersion: + description: API version of the referent + type: string + kind: + description: Kind of the referent + enum: + - Bucket + - GitRepository + - Kustomization + - HelmRelease + - HelmChart + - HelmRepository + - ImageRepository + - ImagePolicy + - ImageUpdateAutomation + - OCIRepository + type: string + matchLabels: + additionalProperties: + type: string + description: |- + MatchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, whose key field is "key", the + operator is "In", and the values array contains only "value". The requirements are ANDed. + MatchLabels requires the name to be set to `*`. + type: object + name: + description: |- + Name of the referent + If multiple resources are targeted `*` may be set. + maxLength: 53 + minLength: 1 + type: string + namespace: + description: Namespace of the referent + maxLength: 53 + minLength: 1 + type: string + required: + - kind + - name + type: object + type: array + exclusionList: + description: |- + ExclusionList specifies a list of Golang regular expressions + to be used for excluding messages. + items: + type: string + type: array + inclusionList: + description: |- + InclusionList specifies a list of Golang regular expressions + to be used for including messages. + items: + type: string + type: array + providerRef: + description: ProviderRef specifies which Provider this Alert should + use. + properties: + name: + description: Name of the referent. + type: string + required: + - name + type: object + summary: + description: Summary holds a short description of the impact and affected + cluster. + maxLength: 255 + type: string + suspend: + description: |- + Suspend tells the controller to suspend subsequent + events handling for this Alert. + type: boolean + required: + - eventSources + - providerRef + type: object + type: object + served: true + storage: true + subresources: {} --- apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.12.0 + controller-gen.kubebuilder.io/version: v0.15.0 labels: app.kubernetes.io/component: notification-controller app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v2.1.1 + app.kubernetes.io/version: v2.3.0 name: providers.notification.toolkit.fluxcd.io spec: group: notification.toolkit.fluxcd.io @@ -6076,18 +10985,27 @@ spec: - jsonPath: .status.conditions[?(@.type=="Ready")].message name: Status type: string + deprecated: true + deprecationWarning: v1beta1 Provider is deprecated, upgrade to v1beta3 name: v1beta1 schema: openAPIV3Schema: description: Provider is the Schema for the providers API properties: apiVersion: - description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert - recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string kind: - description: 'Kind is a string value representing the REST resource this object represents. Servers may infer - this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string metadata: type: object @@ -6099,7 +11017,9 @@ spec: pattern: ^(http|https):// type: string certSecretRef: - description: CertSecretRef can be given the name of a secret containing a PEM-encoded CA certificate (`caFile`) + description: |- + CertSecretRef can be given the name of a secret containing + a PEM-encoded CA certificate (`caFile`) properties: name: description: Name of the referent. @@ -6115,7 +11035,9 @@ spec: pattern: ^(http|https):// type: string secretRef: - description: Secret reference containing the provider webhook URL using "address" as data key + description: |- + Secret reference containing the provider webhook URL + using "address" as data key properties: name: description: Name of the referent. @@ -6124,7 +11046,9 @@ spec: - name type: object suspend: - description: This flag tells the controller to suspend subsequent events handling. Defaults to false. + description: |- + This flag tells the controller to suspend subsequent events handling. + Defaults to false. type: boolean timeout: description: Timeout for sending alerts to the provider. @@ -6168,35 +11092,43 @@ spec: properties: conditions: items: - description: "Condition contains details for one aspect of the current state of this API Resource. --- This - struct is intended for direct use as an array at the field path .status.conditions. For example, \n type - FooStatus struct{ // Represents the observations of a foo's current state. // Known .status.conditions.type - are: \"Available\", \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge // - +listType=map // +listMapKey=type Conditions []metav1.Condition `json:\"conditions,omitempty\" patchStrategy:\"merge\" - patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" + description: "Condition contains details for one aspect of the current + state of this API Resource.\n---\nThis struct is intended for + direct use as an array at the field path .status.conditions. For + example,\n\n\n\ttype FooStatus struct{\n\t // Represents the + observations of a foo's current state.\n\t // Known .status.conditions.type + are: \"Available\", \"Progressing\", and \"Degraded\"\n\t // + +patchMergeKey=type\n\t // +patchStrategy=merge\n\t // +listType=map\n\t + \ // +listMapKey=type\n\t Conditions []metav1.Condition `json:\"conditions,omitempty\" + patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"`\n\n\n\t + \ // other fields\n\t}" properties: lastTransitionTime: - description: lastTransitionTime is the last time the condition transitioned from one status to another. - This should be when the underlying condition changed. If that is not known, then using the time when - the API field changed is acceptable. + description: |- + lastTransitionTime is the last time the condition transitioned from one status to another. + This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. format: date-time type: string message: - description: message is a human readable message indicating details about the transition. This may be - an empty string. + description: |- + message is a human readable message indicating details about the transition. + This may be an empty string. maxLength: 32768 type: string observedGeneration: - description: observedGeneration represents the .metadata.generation that the condition was set based - upon. For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration - is 9, the condition is out of date with respect to the current state of the instance. + description: |- + observedGeneration represents the .metadata.generation that the condition was set based upon. + For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date + with respect to the current state of the instance. format: int64 minimum: 0 type: integer reason: - description: reason contains a programmatic identifier indicating the reason for the condition's last - transition. Producers of specific condition types may define expected values and meanings for this - field, and whether the values are considered a guaranteed API. The value should be a CamelCase string. + description: |- + reason contains a programmatic identifier indicating the reason for the condition's last transition. + Producers of specific condition types may define expected values and meanings for this field, + and whether the values are considered a guaranteed API. + The value should be a CamelCase string. This field may not be empty. maxLength: 1024 minLength: 1 @@ -6210,9 +11142,12 @@ spec: - Unknown type: string type: - description: type of condition in CamelCase or in foo.example.com/CamelCase. --- Many .condition.type - values are consistent across resources like Available, but because arbitrary conditions can be useful - (see .node.status.conditions), the ability to deconflict is important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + description: |- + type of condition in CamelCase or in foo.example.com/CamelCase. + --- + Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be + useful (see .node.status.conditions), the ability to deconflict is important. + The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) maxLength: 316 pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ type: string @@ -6244,18 +11179,27 @@ spec: - jsonPath: .status.conditions[?(@.type=="Ready")].message name: Status type: string + deprecated: true + deprecationWarning: v1beta2 Provider is deprecated, upgrade to v1beta3 name: v1beta2 schema: openAPIV3Schema: description: Provider is the Schema for the providers API. properties: apiVersion: - description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert - recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string kind: - description: 'Kind is a string value representing the REST resource this object represents. Servers may infer - this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string metadata: type: object @@ -6263,14 +11207,21 @@ spec: description: ProviderSpec defines the desired state of the Provider. properties: address: - description: Address specifies the endpoint, in a generic sense, to where alerts are sent. What kind of endpoint - depends on the specific Provider type being used. For the generic Provider, for example, this is an HTTP/S - address. For other Provider types this could be a project ID or a namespace. + description: |- + Address specifies the endpoint, in a generic sense, to where alerts are sent. + What kind of endpoint depends on the specific Provider type being used. + For the generic Provider, for example, this is an HTTP/S address. + For other Provider types this could be a project ID or a namespace. maxLength: 2048 type: string certSecretRef: - description: "CertSecretRef specifies the Secret containing a PEM-encoded CA certificate (in the `ca.crt` - key). \n Note: Support for the `caFile` key has been deprecated." + description: |- + CertSecretRef specifies the Secret containing + a PEM-encoded CA certificate (in the `ca.crt` key). + + + Note: Support for the `caFile` key has + been deprecated. properties: name: description: Name of the referent. @@ -6279,11 +11230,13 @@ spec: - name type: object channel: - description: Channel specifies the destination channel where events should be posted. + description: Channel specifies the destination channel where events + should be posted. maxLength: 2048 type: string interval: - description: Interval at which to reconcile the Provider with its Secret references. + description: Interval at which to reconcile the Provider with its + Secret references. pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$ type: string proxy: @@ -6292,7 +11245,9 @@ spec: pattern: ^(http|https)://.*$ type: string secretRef: - description: SecretRef specifies the Secret containing the authentication credentials for this Provider. + description: |- + SecretRef specifies the Secret containing the authentication + credentials for this Provider. properties: name: description: Name of the referent. @@ -6301,7 +11256,9 @@ spec: - name type: object suspend: - description: Suspend tells the controller to suspend subsequent events handling for this Provider. + description: |- + Suspend tells the controller to suspend subsequent + events handling for this Provider. type: boolean timeout: description: Timeout for sending alerts to the Provider. @@ -6319,6 +11276,7 @@ spec: - github - gitlab - gitea + - bitbucketserver - bitbucket - azuredevops - googlechat @@ -6351,35 +11309,43 @@ spec: conditions: description: Conditions holds the conditions for the Provider. items: - description: "Condition contains details for one aspect of the current state of this API Resource. --- This - struct is intended for direct use as an array at the field path .status.conditions. For example, \n type - FooStatus struct{ // Represents the observations of a foo's current state. // Known .status.conditions.type - are: \"Available\", \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge // - +listType=map // +listMapKey=type Conditions []metav1.Condition `json:\"conditions,omitempty\" patchStrategy:\"merge\" - patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" + description: "Condition contains details for one aspect of the current + state of this API Resource.\n---\nThis struct is intended for + direct use as an array at the field path .status.conditions. For + example,\n\n\n\ttype FooStatus struct{\n\t // Represents the + observations of a foo's current state.\n\t // Known .status.conditions.type + are: \"Available\", \"Progressing\", and \"Degraded\"\n\t // + +patchMergeKey=type\n\t // +patchStrategy=merge\n\t // +listType=map\n\t + \ // +listMapKey=type\n\t Conditions []metav1.Condition `json:\"conditions,omitempty\" + patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"`\n\n\n\t + \ // other fields\n\t}" properties: lastTransitionTime: - description: lastTransitionTime is the last time the condition transitioned from one status to another. - This should be when the underlying condition changed. If that is not known, then using the time when - the API field changed is acceptable. + description: |- + lastTransitionTime is the last time the condition transitioned from one status to another. + This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. format: date-time type: string message: - description: message is a human readable message indicating details about the transition. This may be - an empty string. + description: |- + message is a human readable message indicating details about the transition. + This may be an empty string. maxLength: 32768 type: string observedGeneration: - description: observedGeneration represents the .metadata.generation that the condition was set based - upon. For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration - is 9, the condition is out of date with respect to the current state of the instance. + description: |- + observedGeneration represents the .metadata.generation that the condition was set based upon. + For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date + with respect to the current state of the instance. format: int64 minimum: 0 type: integer reason: - description: reason contains a programmatic identifier indicating the reason for the condition's last - transition. Producers of specific condition types may define expected values and meanings for this - field, and whether the values are considered a guaranteed API. The value should be a CamelCase string. + description: |- + reason contains a programmatic identifier indicating the reason for the condition's last transition. + Producers of specific condition types may define expected values and meanings for this field, + and whether the values are considered a guaranteed API. + The value should be a CamelCase string. This field may not be empty. maxLength: 1024 minLength: 1 @@ -6393,9 +11359,12 @@ spec: - Unknown type: string type: - description: type of condition in CamelCase or in foo.example.com/CamelCase. --- Many .condition.type - values are consistent across resources like Available, but because arbitrary conditions can be useful - (see .node.status.conditions), the ability to deconflict is important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + description: |- + type of condition in CamelCase or in foo.example.com/CamelCase. + --- + Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be + useful (see .node.status.conditions), the ability to deconflict is important. + The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) maxLength: 316 pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ type: string @@ -6408,8 +11377,10 @@ spec: type: object type: array lastHandledReconcileAt: - description: LastHandledReconcileAt holds the value of the most recent reconcile request value, so a change - of the annotation value can be detected. + description: |- + LastHandledReconcileAt holds the value of the most recent + reconcile request value, so a change of the annotation value + can be detected. type: string observedGeneration: description: ObservedGeneration is the last reconciled generation. @@ -6418,20 +11389,150 @@ spec: type: object type: object served: true - storage: true + storage: false subresources: status: {} + - additionalPrinterColumns: + - jsonPath: .metadata.creationTimestamp + name: Age + type: date + name: v1beta3 + schema: + openAPIV3Schema: + description: Provider is the Schema for the providers API + properties: + apiVersion: + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources + type: string + kind: + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds + type: string + metadata: + type: object + spec: + description: ProviderSpec defines the desired state of the Provider. + properties: + address: + description: |- + Address specifies the endpoint, in a generic sense, to where alerts are sent. + What kind of endpoint depends on the specific Provider type being used. + For the generic Provider, for example, this is an HTTP/S address. + For other Provider types this could be a project ID or a namespace. + maxLength: 2048 + type: string + certSecretRef: + description: |- + CertSecretRef specifies the Secret containing + a PEM-encoded CA certificate (in the `ca.crt` key). + + + Note: Support for the `caFile` key has + been deprecated. + properties: + name: + description: Name of the referent. + type: string + required: + - name + type: object + channel: + description: Channel specifies the destination channel where events + should be posted. + maxLength: 2048 + type: string + interval: + description: |- + Interval at which to reconcile the Provider with its Secret references. + Deprecated and not used in v1beta3. + pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$ + type: string + proxy: + description: Proxy the HTTP/S address of the proxy server. + maxLength: 2048 + pattern: ^(http|https)://.*$ + type: string + secretRef: + description: |- + SecretRef specifies the Secret containing the authentication + credentials for this Provider. + properties: + name: + description: Name of the referent. + type: string + required: + - name + type: object + suspend: + description: |- + Suspend tells the controller to suspend subsequent + events handling for this Provider. + type: boolean + timeout: + description: Timeout for sending alerts to the Provider. + pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m))+$ + type: string + type: + description: Type specifies which Provider implementation to use. + enum: + - slack + - discord + - msteams + - rocket + - generic + - generic-hmac + - github + - gitlab + - gitea + - bitbucketserver + - bitbucket + - azuredevops + - googlechat + - googlepubsub + - webex + - sentry + - azureeventhub + - telegram + - lark + - matrix + - opsgenie + - alertmanager + - grafana + - githubdispatch + - pagerduty + - datadog + - nats + type: string + username: + description: Username specifies the name under which events are posted. + maxLength: 2048 + type: string + required: + - type + type: object + type: object + served: true + storage: true + subresources: {} --- apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.12.0 + controller-gen.kubebuilder.io/version: v0.15.0 labels: app.kubernetes.io/component: notification-controller app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v2.1.1 + app.kubernetes.io/version: v2.3.0 name: receivers.notification.toolkit.fluxcd.io spec: group: notification.toolkit.fluxcd.io @@ -6458,12 +11559,19 @@ spec: description: Receiver is the Schema for the receivers API. properties: apiVersion: - description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert - recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string kind: - description: 'Kind is a string value representing the REST resource this object represents. Servers may infer - this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string metadata: type: object @@ -6471,21 +11579,24 @@ spec: description: ReceiverSpec defines the desired state of the Receiver. properties: events: - description: Events specifies the list of event types to handle, e.g. 'push' for GitHub or 'Push Hook' for - GitLab. + description: |- + Events specifies the list of event types to handle, + e.g. 'push' for GitHub or 'Push Hook' for GitLab. items: type: string type: array interval: default: 10m - description: Interval at which to reconcile the Receiver with its Secret references. + description: Interval at which to reconcile the Receiver with its + Secret references. pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$ type: string resources: description: A list of resources to be notified about changes. items: - description: CrossNamespaceObjectReference contains enough information to let you locate the typed referenced - object at cluster level + description: |- + CrossNamespaceObjectReference contains enough information to let you locate the + typed referenced object at cluster level properties: apiVersion: description: API version of the referent @@ -6507,13 +11618,16 @@ spec: matchLabels: additionalProperties: type: string - description: MatchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map - is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and - the values array contains only "value". The requirements are ANDed. MatchLabels requires the name - to be set to `*`. + description: |- + MatchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, whose key field is "key", the + operator is "In", and the values array contains only "value". The requirements are ANDed. + MatchLabels requires the name to be set to `*`. type: object name: - description: Name of the referent If multiple resources are targeted `*` may be set. + description: |- + Name of the referent + If multiple resources are targeted `*` may be set. maxLength: 53 minLength: 1 type: string @@ -6528,7 +11642,9 @@ spec: type: object type: array secretRef: - description: SecretRef specifies the Secret containing the token used to validate the payload authenticity. + description: |- + SecretRef specifies the Secret containing the token used + to validate the payload authenticity. properties: name: description: Name of the referent. @@ -6537,10 +11653,14 @@ spec: - name type: object suspend: - description: Suspend tells the controller to suspend subsequent events handling for this receiver. + description: |- + Suspend tells the controller to suspend subsequent + events handling for this receiver. type: boolean type: - description: Type of webhook sender, used to determine the validation procedure and payload deserialization. + description: |- + Type of webhook sender, used to determine + the validation procedure and payload deserialization. enum: - generic - generic-hmac @@ -6553,6 +11673,7 @@ spec: - gcr - nexus - acr + - cdevents type: string required: - resources @@ -6567,35 +11688,43 @@ spec: conditions: description: Conditions holds the conditions for the Receiver. items: - description: "Condition contains details for one aspect of the current state of this API Resource. --- This - struct is intended for direct use as an array at the field path .status.conditions. For example, \n type - FooStatus struct{ // Represents the observations of a foo's current state. // Known .status.conditions.type - are: \"Available\", \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge // - +listType=map // +listMapKey=type Conditions []metav1.Condition `json:\"conditions,omitempty\" patchStrategy:\"merge\" - patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" + description: "Condition contains details for one aspect of the current + state of this API Resource.\n---\nThis struct is intended for + direct use as an array at the field path .status.conditions. For + example,\n\n\n\ttype FooStatus struct{\n\t // Represents the + observations of a foo's current state.\n\t // Known .status.conditions.type + are: \"Available\", \"Progressing\", and \"Degraded\"\n\t // + +patchMergeKey=type\n\t // +patchStrategy=merge\n\t // +listType=map\n\t + \ // +listMapKey=type\n\t Conditions []metav1.Condition `json:\"conditions,omitempty\" + patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"`\n\n\n\t + \ // other fields\n\t}" properties: lastTransitionTime: - description: lastTransitionTime is the last time the condition transitioned from one status to another. - This should be when the underlying condition changed. If that is not known, then using the time when - the API field changed is acceptable. + description: |- + lastTransitionTime is the last time the condition transitioned from one status to another. + This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. format: date-time type: string message: - description: message is a human readable message indicating details about the transition. This may be - an empty string. + description: |- + message is a human readable message indicating details about the transition. + This may be an empty string. maxLength: 32768 type: string observedGeneration: - description: observedGeneration represents the .metadata.generation that the condition was set based - upon. For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration - is 9, the condition is out of date with respect to the current state of the instance. + description: |- + observedGeneration represents the .metadata.generation that the condition was set based upon. + For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date + with respect to the current state of the instance. format: int64 minimum: 0 type: integer reason: - description: reason contains a programmatic identifier indicating the reason for the condition's last - transition. Producers of specific condition types may define expected values and meanings for this - field, and whether the values are considered a guaranteed API. The value should be a CamelCase string. + description: |- + reason contains a programmatic identifier indicating the reason for the condition's last transition. + Producers of specific condition types may define expected values and meanings for this field, + and whether the values are considered a guaranteed API. + The value should be a CamelCase string. This field may not be empty. maxLength: 1024 minLength: 1 @@ -6609,9 +11738,12 @@ spec: - Unknown type: string type: - description: type of condition in CamelCase or in foo.example.com/CamelCase. --- Many .condition.type - values are consistent across resources like Available, but because arbitrary conditions can be useful - (see .node.status.conditions), the ability to deconflict is important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + description: |- + type of condition in CamelCase or in foo.example.com/CamelCase. + --- + Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be + useful (see .node.status.conditions), the ability to deconflict is important. + The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) maxLength: 316 pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ type: string @@ -6624,15 +11756,20 @@ spec: type: object type: array lastHandledReconcileAt: - description: LastHandledReconcileAt holds the value of the most recent reconcile request value, so a change - of the annotation value can be detected. + description: |- + LastHandledReconcileAt holds the value of the most recent + reconcile request value, so a change of the annotation value + can be detected. type: string observedGeneration: - description: ObservedGeneration is the last observed generation of the Receiver object. + description: ObservedGeneration is the last observed generation of + the Receiver object. format: int64 type: integer webhookPath: - description: WebhookPath is the generated incoming webhook address in the format of '/hook/sha256sum(token+name+namespace)'. + description: |- + WebhookPath is the generated incoming webhook address in the format + of '/hook/sha256sum(token+name+namespace)'. type: string type: object type: object @@ -6658,12 +11795,19 @@ spec: description: Receiver is the Schema for the receivers API properties: apiVersion: - description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert - recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string kind: - description: 'Kind is a string value representing the REST resource this object represents. Servers may infer - this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string metadata: type: object @@ -6671,15 +11815,18 @@ spec: description: ReceiverSpec defines the desired state of Receiver properties: events: - description: A list of events to handle, e.g. 'push' for GitHub or 'Push Hook' for GitLab. + description: |- + A list of events to handle, + e.g. 'push' for GitHub or 'Push Hook' for GitLab. items: type: string type: array resources: description: A list of resources to be notified about changes. items: - description: CrossNamespaceObjectReference contains enough information to let you locate the typed referenced - object at cluster level + description: |- + CrossNamespaceObjectReference contains enough information to let you locate the + typed referenced object at cluster level properties: apiVersion: description: API version of the referent @@ -6701,9 +11848,10 @@ spec: matchLabels: additionalProperties: type: string - description: MatchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map - is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and - the values array contains only "value". The requirements are ANDed. + description: |- + MatchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, whose key field is "key", the + operator is "In", and the values array contains only "value". The requirements are ANDed. type: object name: description: Name of the referent @@ -6720,7 +11868,9 @@ spec: type: object type: array secretRef: - description: Secret reference containing the token used to validate the payload authenticity + description: |- + Secret reference containing the token used + to validate the payload authenticity properties: name: description: Name of the referent. @@ -6729,10 +11879,14 @@ spec: - name type: object suspend: - description: This flag tells the controller to suspend subsequent events handling. Defaults to false. + description: |- + This flag tells the controller to suspend subsequent events handling. + Defaults to false. type: boolean type: - description: Type of webhook sender, used to determine the validation procedure and payload deserialization. + description: |- + Type of webhook sender, used to determine + the validation procedure and payload deserialization. enum: - generic - generic-hmac @@ -6757,35 +11911,43 @@ spec: properties: conditions: items: - description: "Condition contains details for one aspect of the current state of this API Resource. --- This - struct is intended for direct use as an array at the field path .status.conditions. For example, \n type - FooStatus struct{ // Represents the observations of a foo's current state. // Known .status.conditions.type - are: \"Available\", \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge // - +listType=map // +listMapKey=type Conditions []metav1.Condition `json:\"conditions,omitempty\" patchStrategy:\"merge\" - patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" + description: "Condition contains details for one aspect of the current + state of this API Resource.\n---\nThis struct is intended for + direct use as an array at the field path .status.conditions. For + example,\n\n\n\ttype FooStatus struct{\n\t // Represents the + observations of a foo's current state.\n\t // Known .status.conditions.type + are: \"Available\", \"Progressing\", and \"Degraded\"\n\t // + +patchMergeKey=type\n\t // +patchStrategy=merge\n\t // +listType=map\n\t + \ // +listMapKey=type\n\t Conditions []metav1.Condition `json:\"conditions,omitempty\" + patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"`\n\n\n\t + \ // other fields\n\t}" properties: lastTransitionTime: - description: lastTransitionTime is the last time the condition transitioned from one status to another. - This should be when the underlying condition changed. If that is not known, then using the time when - the API field changed is acceptable. + description: |- + lastTransitionTime is the last time the condition transitioned from one status to another. + This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. format: date-time type: string message: - description: message is a human readable message indicating details about the transition. This may be - an empty string. + description: |- + message is a human readable message indicating details about the transition. + This may be an empty string. maxLength: 32768 type: string observedGeneration: - description: observedGeneration represents the .metadata.generation that the condition was set based - upon. For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration - is 9, the condition is out of date with respect to the current state of the instance. + description: |- + observedGeneration represents the .metadata.generation that the condition was set based upon. + For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date + with respect to the current state of the instance. format: int64 minimum: 0 type: integer reason: - description: reason contains a programmatic identifier indicating the reason for the condition's last - transition. Producers of specific condition types may define expected values and meanings for this - field, and whether the values are considered a guaranteed API. The value should be a CamelCase string. + description: |- + reason contains a programmatic identifier indicating the reason for the condition's last transition. + Producers of specific condition types may define expected values and meanings for this field, + and whether the values are considered a guaranteed API. + The value should be a CamelCase string. This field may not be empty. maxLength: 1024 minLength: 1 @@ -6799,9 +11961,12 @@ spec: - Unknown type: string type: - description: type of condition in CamelCase or in foo.example.com/CamelCase. --- Many .condition.type - values are consistent across resources like Available, but because arbitrary conditions can be useful - (see .node.status.conditions), the ability to deconflict is important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + description: |- + type of condition in CamelCase or in foo.example.com/CamelCase. + --- + Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be + useful (see .node.status.conditions), the ability to deconflict is important. + The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) maxLength: 316 pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ type: string @@ -6818,7 +11983,9 @@ spec: format: int64 type: integer url: - description: Generated webhook URL in the format of '/hook/sha256sum(token+name+namespace)'. + description: |- + Generated webhook URL in the format + of '/hook/sha256sum(token+name+namespace)'. type: string type: object type: object @@ -6844,12 +12011,19 @@ spec: description: Receiver is the Schema for the receivers API. properties: apiVersion: - description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert - recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string kind: - description: 'Kind is a string value representing the REST resource this object represents. Servers may infer - this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string metadata: type: object @@ -6857,20 +12031,23 @@ spec: description: ReceiverSpec defines the desired state of the Receiver. properties: events: - description: Events specifies the list of event types to handle, e.g. 'push' for GitHub or 'Push Hook' for - GitLab. + description: |- + Events specifies the list of event types to handle, + e.g. 'push' for GitHub or 'Push Hook' for GitLab. items: type: string type: array interval: - description: Interval at which to reconcile the Receiver with its Secret references. + description: Interval at which to reconcile the Receiver with its + Secret references. pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$ type: string resources: description: A list of resources to be notified about changes. items: - description: CrossNamespaceObjectReference contains enough information to let you locate the typed referenced - object at cluster level + description: |- + CrossNamespaceObjectReference contains enough information to let you locate the + typed referenced object at cluster level properties: apiVersion: description: API version of the referent @@ -6892,13 +12069,16 @@ spec: matchLabels: additionalProperties: type: string - description: MatchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map - is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and - the values array contains only "value". The requirements are ANDed. MatchLabels requires the name - to be set to `*`. + description: |- + MatchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, whose key field is "key", the + operator is "In", and the values array contains only "value". The requirements are ANDed. + MatchLabels requires the name to be set to `*`. type: object name: - description: Name of the referent If multiple resources are targeted `*` may be set. + description: |- + Name of the referent + If multiple resources are targeted `*` may be set. maxLength: 53 minLength: 1 type: string @@ -6913,7 +12093,9 @@ spec: type: object type: array secretRef: - description: SecretRef specifies the Secret containing the token used to validate the payload authenticity. + description: |- + SecretRef specifies the Secret containing the token used + to validate the payload authenticity. properties: name: description: Name of the referent. @@ -6922,10 +12104,14 @@ spec: - name type: object suspend: - description: Suspend tells the controller to suspend subsequent events handling for this receiver. + description: |- + Suspend tells the controller to suspend subsequent + events handling for this receiver. type: boolean type: - description: Type of webhook sender, used to determine the validation procedure and payload deserialization. + description: |- + Type of webhook sender, used to determine + the validation procedure and payload deserialization. enum: - generic - generic-hmac @@ -6951,35 +12137,43 @@ spec: conditions: description: Conditions holds the conditions for the Receiver. items: - description: "Condition contains details for one aspect of the current state of this API Resource. --- This - struct is intended for direct use as an array at the field path .status.conditions. For example, \n type - FooStatus struct{ // Represents the observations of a foo's current state. // Known .status.conditions.type - are: \"Available\", \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge // - +listType=map // +listMapKey=type Conditions []metav1.Condition `json:\"conditions,omitempty\" patchStrategy:\"merge\" - patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" + description: "Condition contains details for one aspect of the current + state of this API Resource.\n---\nThis struct is intended for + direct use as an array at the field path .status.conditions. For + example,\n\n\n\ttype FooStatus struct{\n\t // Represents the + observations of a foo's current state.\n\t // Known .status.conditions.type + are: \"Available\", \"Progressing\", and \"Degraded\"\n\t // + +patchMergeKey=type\n\t // +patchStrategy=merge\n\t // +listType=map\n\t + \ // +listMapKey=type\n\t Conditions []metav1.Condition `json:\"conditions,omitempty\" + patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"`\n\n\n\t + \ // other fields\n\t}" properties: lastTransitionTime: - description: lastTransitionTime is the last time the condition transitioned from one status to another. - This should be when the underlying condition changed. If that is not known, then using the time when - the API field changed is acceptable. + description: |- + lastTransitionTime is the last time the condition transitioned from one status to another. + This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. format: date-time type: string message: - description: message is a human readable message indicating details about the transition. This may be - an empty string. + description: |- + message is a human readable message indicating details about the transition. + This may be an empty string. maxLength: 32768 type: string observedGeneration: - description: observedGeneration represents the .metadata.generation that the condition was set based - upon. For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration - is 9, the condition is out of date with respect to the current state of the instance. + description: |- + observedGeneration represents the .metadata.generation that the condition was set based upon. + For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date + with respect to the current state of the instance. format: int64 minimum: 0 type: integer reason: - description: reason contains a programmatic identifier indicating the reason for the condition's last - transition. Producers of specific condition types may define expected values and meanings for this - field, and whether the values are considered a guaranteed API. The value should be a CamelCase string. + description: |- + reason contains a programmatic identifier indicating the reason for the condition's last transition. + Producers of specific condition types may define expected values and meanings for this field, + and whether the values are considered a guaranteed API. + The value should be a CamelCase string. This field may not be empty. maxLength: 1024 minLength: 1 @@ -6993,9 +12187,12 @@ spec: - Unknown type: string type: - description: type of condition in CamelCase or in foo.example.com/CamelCase. --- Many .condition.type - values are consistent across resources like Available, but because arbitrary conditions can be useful - (see .node.status.conditions), the ability to deconflict is important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + description: |- + type of condition in CamelCase or in foo.example.com/CamelCase. + --- + Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be + useful (see .node.status.conditions), the ability to deconflict is important. + The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) maxLength: 316 pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ type: string @@ -7008,19 +12205,26 @@ spec: type: object type: array lastHandledReconcileAt: - description: LastHandledReconcileAt holds the value of the most recent reconcile request value, so a change - of the annotation value can be detected. + description: |- + LastHandledReconcileAt holds the value of the most recent + reconcile request value, so a change of the annotation value + can be detected. type: string observedGeneration: - description: ObservedGeneration is the last observed generation of the Receiver object. + description: ObservedGeneration is the last observed generation of + the Receiver object. format: int64 type: integer url: - description: 'URL is the generated incoming webhook address in the format of ''/hook/sha256sum(token+name+namespace)''. - Deprecated: Replaced by WebhookPath.' + description: |- + URL is the generated incoming webhook address in the format + of '/hook/sha256sum(token+name+namespace)'. + Deprecated: Replaced by WebhookPath. type: string webhookPath: - description: WebhookPath is the generated incoming webhook address in the format of '/hook/sha256sum(token+name+namespace)'. + description: |- + WebhookPath is the generated incoming webhook address in the format + of '/hook/sha256sum(token+name+namespace)'. type: string type: object type: object @@ -7036,7 +12240,7 @@ metadata: app.kubernetes.io/component: notification-controller app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v2.1.1 + app.kubernetes.io/version: v2.3.0 name: notification-controller namespace: flux-system --- @@ -7047,7 +12251,7 @@ metadata: app.kubernetes.io/component: notification-controller app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v2.1.1 + app.kubernetes.io/version: v2.3.0 control-plane: controller name: notification-controller namespace: flux-system @@ -7068,7 +12272,7 @@ metadata: app.kubernetes.io/component: notification-controller app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v2.1.1 + app.kubernetes.io/version: v2.3.0 control-plane: controller name: webhook-receiver namespace: flux-system @@ -7089,7 +12293,7 @@ metadata: app.kubernetes.io/component: notification-controller app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v2.1.1 + app.kubernetes.io/version: v2.3.0 control-plane: controller name: notification-controller namespace: flux-system @@ -7117,7 +12321,17 @@ spec: valueFrom: fieldRef: fieldPath: metadata.namespace - image: ghcr.io/fluxcd/notification-controller:v1.1.0 + - name: GOMAXPROCS + valueFrom: + resourceFieldRef: + containerName: manager + resource: limits.cpu + - name: GOMEMLIMIT + valueFrom: + resourceFieldRef: + containerName: manager + resource: limits.memory + image: ghcr.io/fluxcd/notification-controller:v1.3.0 imagePullPolicy: IfNotPresent livenessProbe: httpGet: diff --git a/gitops/fluxcd/clusters/k3s/cicd/flux/flux-system/gotk-components.yaml b/gitops/fluxcd/clusters/k3s/cicd/flux/flux-system/gotk-components.yaml index 0c12f6afe8..8fd99ab9db 100644 --- a/gitops/fluxcd/clusters/k3s/cicd/flux/flux-system/gotk-components.yaml +++ b/gitops/fluxcd/clusters/k3s/cicd/flux/flux-system/gotk-components.yaml @@ -1,22 +1,6 @@ --- -# Copyright (C) Nicolas Lamirault -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -# SPDX-License-Identifier: Apache-2.0 - # This manifest was generated by flux. DO NOT EDIT. -# Flux Version: v2.1.1 +# Flux Version: v2.3.0 # Components: source-controller,kustomize-controller,helm-controller,notification-controller apiVersion: v1 kind: Namespace @@ -24,7 +8,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v2.1.1 + app.kubernetes.io/version: v2.3.0 pod-security.kubernetes.io/warn: restricted pod-security.kubernetes.io/warn-version: latest name: flux-system @@ -35,7 +19,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v2.1.1 + app.kubernetes.io/version: v2.3.0 name: allow-egress namespace: flux-system spec: @@ -55,7 +39,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v2.1.1 + app.kubernetes.io/version: v2.3.0 name: allow-scraping namespace: flux-system spec: @@ -75,7 +59,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v2.1.1 + app.kubernetes.io/version: v2.3.0 name: allow-webhooks namespace: flux-system spec: @@ -94,7 +78,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v2.1.1 + app.kubernetes.io/version: v2.3.0 name: critical-pods-flux-system namespace: flux-system spec: @@ -114,7 +98,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v2.1.1 + app.kubernetes.io/version: v2.3.0 name: crd-controller-flux-system rules: - apiGroups: @@ -197,6 +181,10 @@ rules: - update - patch - delete +- nonResourceURLs: + - /livez/ping + verbs: + - head --- apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRole @@ -204,7 +192,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v2.1.1 + app.kubernetes.io/version: v2.3.0 rbac.authorization.k8s.io/aggregate-to-admin: "true" rbac.authorization.k8s.io/aggregate-to-edit: "true" name: flux-edit-flux-system @@ -230,7 +218,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v2.1.1 + app.kubernetes.io/version: v2.3.0 rbac.authorization.k8s.io/aggregate-to-admin: "true" rbac.authorization.k8s.io/aggregate-to-edit: "true" rbac.authorization.k8s.io/aggregate-to-view: "true" @@ -255,7 +243,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v2.1.1 + app.kubernetes.io/version: v2.3.0 name: cluster-reconciler-flux-system roleRef: apiGroup: rbac.authorization.k8s.io @@ -275,7 +263,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v2.1.1 + app.kubernetes.io/version: v2.3.0 name: crd-controller-flux-system roleRef: apiGroup: rbac.authorization.k8s.io @@ -305,12 +293,12 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.12.0 + controller-gen.kubebuilder.io/version: v0.15.0 labels: app.kubernetes.io/component: source-controller app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v2.1.1 + app.kubernetes.io/version: v2.3.0 name: buckets.source.toolkit.fluxcd.io spec: group: source.toolkit.fluxcd.io @@ -334,40 +322,54 @@ spec: - jsonPath: .metadata.creationTimestamp name: Age type: date + deprecated: true + deprecationWarning: v1beta1 Bucket is deprecated, upgrade to v1beta2 name: v1beta1 schema: openAPIV3Schema: description: Bucket is the Schema for the buckets API properties: apiVersion: - description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert - recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string kind: - description: 'Kind is a string value representing the REST resource this object represents. Servers may infer - this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string metadata: type: object spec: - description: BucketSpec defines the desired state of an S3 compatible bucket + description: BucketSpec defines the desired state of an S3 compatible + bucket properties: accessFrom: - description: AccessFrom defines an Access Control List for allowing cross-namespace references to this object. + description: AccessFrom defines an Access Control List for allowing + cross-namespace references to this object. properties: namespaceSelectors: - description: NamespaceSelectors is the list of namespace selectors to which this ACL applies. Items in - this list are evaluated using a logical OR operation. + description: |- + NamespaceSelectors is the list of namespace selectors to which this ACL applies. + Items in this list are evaluated using a logical OR operation. items: - description: NamespaceSelector selects the namespaces to which this ACL applies. An empty map of MatchLabels - matches all namespaces in a cluster. + description: |- + NamespaceSelector selects the namespaces to which this ACL applies. + An empty map of MatchLabels matches all namespaces in a cluster. properties: matchLabels: additionalProperties: type: string - description: MatchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels - map is equivalent to an element of matchExpressions, whose key field is "key", the operator is - "In", and the values array contains only "value". The requirements are ANDed. + description: |- + MatchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, whose key field is "key", the + operator is "In", and the values array contains only "value". The requirements are ANDed. type: object type: object type: array @@ -381,9 +383,10 @@ spec: description: The bucket endpoint address. type: string ignore: - description: Ignore overrides the set of excluded patterns in the .sourceignore format (which is the same - as .gitignore). If not provided, a default will be used, consult the documentation for your version to find - out what those are. + description: |- + Ignore overrides the set of excluded patterns in the .sourceignore format + (which is the same as .gitignore). If not provided, a default will be used, + consult the documentation for your version to find out what those are. type: string insecure: description: Insecure allows connecting to a non-TLS S3 HTTP endpoint. @@ -403,7 +406,9 @@ spec: description: The bucket region. type: string secretRef: - description: The name of the secret containing authentication credentials for the Bucket. + description: |- + The name of the secret containing authentication credentials + for the Bucket. properties: name: description: Name of the referent. @@ -412,7 +417,8 @@ spec: - name type: object suspend: - description: This flag tells the controller to suspend the reconciliation of this source. + description: This flag tells the controller to suspend the reconciliation + of this source. type: boolean timeout: default: 60s @@ -429,21 +435,26 @@ spec: description: BucketStatus defines the observed state of a bucket properties: artifact: - description: Artifact represents the output of the last successful Bucket sync. + description: Artifact represents the output of the last successful + Bucket sync. properties: checksum: description: Checksum is the SHA256 checksum of the artifact. type: string lastUpdateTime: - description: LastUpdateTime is the timestamp corresponding to the last update of this artifact. + description: |- + LastUpdateTime is the timestamp corresponding to the last update of this + artifact. format: date-time type: string path: description: Path is the relative file path of this artifact. type: string revision: - description: Revision is a human readable identifier traceable in the origin source system. It can be - a Git commit SHA, Git tag, a Helm index timestamp, a Helm chart version, etc. + description: |- + Revision is a human readable identifier traceable in the origin source + system. It can be a Git commit SHA, Git tag, a Helm index timestamp, a Helm + chart version, etc. type: string url: description: URL is the HTTP address of this artifact. @@ -455,35 +466,43 @@ spec: conditions: description: Conditions holds the conditions for the Bucket. items: - description: "Condition contains details for one aspect of the current state of this API Resource. --- This - struct is intended for direct use as an array at the field path .status.conditions. For example, \n type - FooStatus struct{ // Represents the observations of a foo's current state. // Known .status.conditions.type - are: \"Available\", \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge // - +listType=map // +listMapKey=type Conditions []metav1.Condition `json:\"conditions,omitempty\" patchStrategy:\"merge\" - patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" + description: "Condition contains details for one aspect of the current + state of this API Resource.\n---\nThis struct is intended for + direct use as an array at the field path .status.conditions. For + example,\n\n\n\ttype FooStatus struct{\n\t // Represents the + observations of a foo's current state.\n\t // Known .status.conditions.type + are: \"Available\", \"Progressing\", and \"Degraded\"\n\t // + +patchMergeKey=type\n\t // +patchStrategy=merge\n\t // +listType=map\n\t + \ // +listMapKey=type\n\t Conditions []metav1.Condition `json:\"conditions,omitempty\" + patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"`\n\n\n\t + \ // other fields\n\t}" properties: lastTransitionTime: - description: lastTransitionTime is the last time the condition transitioned from one status to another. - This should be when the underlying condition changed. If that is not known, then using the time when - the API field changed is acceptable. + description: |- + lastTransitionTime is the last time the condition transitioned from one status to another. + This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. format: date-time type: string message: - description: message is a human readable message indicating details about the transition. This may be - an empty string. + description: |- + message is a human readable message indicating details about the transition. + This may be an empty string. maxLength: 32768 type: string observedGeneration: - description: observedGeneration represents the .metadata.generation that the condition was set based - upon. For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration - is 9, the condition is out of date with respect to the current state of the instance. + description: |- + observedGeneration represents the .metadata.generation that the condition was set based upon. + For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date + with respect to the current state of the instance. format: int64 minimum: 0 type: integer reason: - description: reason contains a programmatic identifier indicating the reason for the condition's last - transition. Producers of specific condition types may define expected values and meanings for this - field, and whether the values are considered a guaranteed API. The value should be a CamelCase string. + description: |- + reason contains a programmatic identifier indicating the reason for the condition's last transition. + Producers of specific condition types may define expected values and meanings for this field, + and whether the values are considered a guaranteed API. + The value should be a CamelCase string. This field may not be empty. maxLength: 1024 minLength: 1 @@ -497,9 +516,12 @@ spec: - Unknown type: string type: - description: type of condition in CamelCase or in foo.example.com/CamelCase. --- Many .condition.type - values are consistent across resources like Available, but because arbitrary conditions can be useful - (see .node.status.conditions), the ability to deconflict is important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + description: |- + type of condition in CamelCase or in foo.example.com/CamelCase. + --- + Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be + useful (see .node.status.conditions), the ability to deconflict is important. + The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) maxLength: 316 pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ type: string @@ -512,15 +534,18 @@ spec: type: object type: array lastHandledReconcileAt: - description: LastHandledReconcileAt holds the value of the most recent reconcile request value, so a change - of the annotation value can be detected. + description: |- + LastHandledReconcileAt holds the value of the most recent + reconcile request value, so a change of the annotation value + can be detected. type: string observedGeneration: description: ObservedGeneration is the last observed generation. format: int64 type: integer url: - description: URL is the download link for the artifact output of the last Bucket sync. + description: URL is the download link for the artifact output of the + last Bucket sync. type: string type: object type: object @@ -547,35 +572,49 @@ spec: description: Bucket is the Schema for the buckets API. properties: apiVersion: - description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert - recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string kind: - description: 'Kind is a string value representing the REST resource this object represents. Servers may infer - this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string metadata: type: object spec: - description: BucketSpec specifies the required configuration to produce an Artifact for an object storage bucket. + description: |- + BucketSpec specifies the required configuration to produce an Artifact for + an object storage bucket. properties: accessFrom: - description: 'AccessFrom specifies an Access Control List for allowing cross-namespace references to this - object. NOTE: Not implemented, provisional as of https://github.com/fluxcd/flux2/pull/2092' + description: |- + AccessFrom specifies an Access Control List for allowing cross-namespace + references to this object. + NOTE: Not implemented, provisional as of https://github.com/fluxcd/flux2/pull/2092 properties: namespaceSelectors: - description: NamespaceSelectors is the list of namespace selectors to which this ACL applies. Items in - this list are evaluated using a logical OR operation. + description: |- + NamespaceSelectors is the list of namespace selectors to which this ACL applies. + Items in this list are evaluated using a logical OR operation. items: - description: NamespaceSelector selects the namespaces to which this ACL applies. An empty map of MatchLabels - matches all namespaces in a cluster. + description: |- + NamespaceSelector selects the namespaces to which this ACL applies. + An empty map of MatchLabels matches all namespaces in a cluster. properties: matchLabels: additionalProperties: type: string - description: MatchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels - map is equivalent to an element of matchExpressions, whose key field is "key", the operator is - "In", and the values array contains only "value". The requirements are ANDed. + description: |- + MatchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, whose key field is "key", the + operator is "In", and the values array contains only "value". The requirements are ANDed. type: object type: object type: array @@ -586,25 +625,35 @@ spec: description: BucketName is the name of the object storage bucket. type: string endpoint: - description: Endpoint is the object storage address the BucketName is located at. + description: Endpoint is the object storage address the BucketName + is located at. type: string ignore: - description: Ignore overrides the set of excluded patterns in the .sourceignore format (which is the same - as .gitignore). If not provided, a default will be used, consult the documentation for your version to find - out what those are. + description: |- + Ignore overrides the set of excluded patterns in the .sourceignore format + (which is the same as .gitignore). If not provided, a default will be used, + consult the documentation for your version to find out what those are. type: string insecure: description: Insecure allows connecting to a non-TLS HTTP Endpoint. type: boolean interval: - description: Interval at which the Bucket Endpoint is checked for updates. This interval is approximate and - may be subject to jitter to ensure efficient use of resources. + description: |- + Interval at which the Bucket Endpoint is checked for updates. + This interval is approximate and may be subject to jitter to ensure + efficient use of resources. pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$ type: string + prefix: + description: Prefix to use for server-side filtering of files in the + Bucket. + type: string provider: default: generic - description: Provider of the object storage bucket. Defaults to 'generic', which expects an S3 (API) compatible - object storage. + description: |- + Provider of the object storage bucket. + Defaults to 'generic', which expects an S3 (API) compatible object + storage. enum: - generic - aws @@ -612,10 +661,13 @@ spec: - azure type: string region: - description: Region of the Endpoint where the BucketName is located in. + description: Region of the Endpoint where the BucketName is located + in. type: string secretRef: - description: SecretRef specifies the Secret containing authentication credentials for the Bucket. + description: |- + SecretRef specifies the Secret containing authentication credentials + for the Bucket. properties: name: description: Name of the referent. @@ -624,7 +676,9 @@ spec: - name type: object suspend: - description: Suspend tells the controller to suspend the reconciliation of this Bucket. + description: |- + Suspend tells the controller to suspend the reconciliation of this + Bucket. type: boolean timeout: default: 60s @@ -649,7 +703,9 @@ spec: pattern: ^[a-z0-9]+(?:[.+_-][a-z0-9]+)*:[a-zA-Z0-9=_-]+$ type: string lastUpdateTime: - description: LastUpdateTime is the timestamp corresponding to the last update of the Artifact. + description: |- + LastUpdateTime is the timestamp corresponding to the last update of the + Artifact. format: date-time type: string metadata: @@ -658,21 +714,25 @@ spec: description: Metadata holds upstream information such as OCI annotations. type: object path: - description: Path is the relative file path of the Artifact. It can be used to locate the file in the - root of the Artifact storage on the local file system of the controller managing the Source. + description: |- + Path is the relative file path of the Artifact. It can be used to locate + the file in the root of the Artifact storage on the local file system of + the controller managing the Source. type: string revision: - description: Revision is a human-readable identifier traceable in the origin source system. It can be - a Git commit SHA, Git tag, a Helm chart version, etc. + description: |- + Revision is a human-readable identifier traceable in the origin source + system. It can be a Git commit SHA, Git tag, a Helm chart version, etc. type: string size: description: Size is the number of bytes in the file. format: int64 type: integer url: - description: URL is the HTTP address of the Artifact as exposed by the controller managing the Source. - It can be used to retrieve the Artifact for consumption, e.g. by another controller applying the Artifact - contents. + description: |- + URL is the HTTP address of the Artifact as exposed by the controller + managing the Source. It can be used to retrieve the Artifact for + consumption, e.g. by another controller applying the Artifact contents. type: string required: - lastUpdateTime @@ -683,35 +743,43 @@ spec: conditions: description: Conditions holds the conditions for the Bucket. items: - description: "Condition contains details for one aspect of the current state of this API Resource. --- This - struct is intended for direct use as an array at the field path .status.conditions. For example, \n type - FooStatus struct{ // Represents the observations of a foo's current state. // Known .status.conditions.type - are: \"Available\", \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge // - +listType=map // +listMapKey=type Conditions []metav1.Condition `json:\"conditions,omitempty\" patchStrategy:\"merge\" - patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" + description: "Condition contains details for one aspect of the current + state of this API Resource.\n---\nThis struct is intended for + direct use as an array at the field path .status.conditions. For + example,\n\n\n\ttype FooStatus struct{\n\t // Represents the + observations of a foo's current state.\n\t // Known .status.conditions.type + are: \"Available\", \"Progressing\", and \"Degraded\"\n\t // + +patchMergeKey=type\n\t // +patchStrategy=merge\n\t // +listType=map\n\t + \ // +listMapKey=type\n\t Conditions []metav1.Condition `json:\"conditions,omitempty\" + patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"`\n\n\n\t + \ // other fields\n\t}" properties: lastTransitionTime: - description: lastTransitionTime is the last time the condition transitioned from one status to another. - This should be when the underlying condition changed. If that is not known, then using the time when - the API field changed is acceptable. + description: |- + lastTransitionTime is the last time the condition transitioned from one status to another. + This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. format: date-time type: string message: - description: message is a human readable message indicating details about the transition. This may be - an empty string. + description: |- + message is a human readable message indicating details about the transition. + This may be an empty string. maxLength: 32768 type: string observedGeneration: - description: observedGeneration represents the .metadata.generation that the condition was set based - upon. For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration - is 9, the condition is out of date with respect to the current state of the instance. + description: |- + observedGeneration represents the .metadata.generation that the condition was set based upon. + For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date + with respect to the current state of the instance. format: int64 minimum: 0 type: integer reason: - description: reason contains a programmatic identifier indicating the reason for the condition's last - transition. Producers of specific condition types may define expected values and meanings for this - field, and whether the values are considered a guaranteed API. The value should be a CamelCase string. + description: |- + reason contains a programmatic identifier indicating the reason for the condition's last transition. + Producers of specific condition types may define expected values and meanings for this field, + and whether the values are considered a guaranteed API. + The value should be a CamelCase string. This field may not be empty. maxLength: 1024 minLength: 1 @@ -725,9 +793,12 @@ spec: - Unknown type: string type: - description: type of condition in CamelCase or in foo.example.com/CamelCase. --- Many .condition.type - values are consistent across resources like Available, but because arbitrary conditions can be useful - (see .node.status.conditions), the ability to deconflict is important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + description: |- + type of condition in CamelCase or in foo.example.com/CamelCase. + --- + Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be + useful (see .node.status.conditions), the ability to deconflict is important. + The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) maxLength: 316 pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ type: string @@ -740,19 +811,26 @@ spec: type: object type: array lastHandledReconcileAt: - description: LastHandledReconcileAt holds the value of the most recent reconcile request value, so a change - of the annotation value can be detected. + description: |- + LastHandledReconcileAt holds the value of the most recent + reconcile request value, so a change of the annotation value + can be detected. type: string observedGeneration: - description: ObservedGeneration is the last observed generation of the Bucket object. + description: ObservedGeneration is the last observed generation of + the Bucket object. format: int64 type: integer observedIgnore: - description: ObservedIgnore is the observed exclusion patterns used for constructing the source artifact. + description: |- + ObservedIgnore is the observed exclusion patterns used for constructing + the source artifact. type: string url: - description: URL is the dynamic fetch link for the latest Artifact. It is provided on a "best effort" basis, - and using the precise BucketStatus.Artifact data is recommended. + description: |- + URL is the dynamic fetch link for the latest Artifact. + It is provided on a "best effort" basis, and using the precise + BucketStatus.Artifact data is recommended. type: string type: object type: object @@ -765,12 +843,12 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.12.0 + controller-gen.kubebuilder.io/version: v0.15.0 labels: app.kubernetes.io/component: source-controller app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v2.1.1 + app.kubernetes.io/version: v2.3.0 name: gitrepositories.source.toolkit.fluxcd.io spec: group: source.toolkit.fluxcd.io @@ -802,35 +880,51 @@ spec: description: GitRepository is the Schema for the gitrepositories API. properties: apiVersion: - description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert - recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string kind: - description: 'Kind is a string value representing the REST resource this object represents. Servers may infer - this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string metadata: type: object spec: - description: GitRepositorySpec specifies the required configuration to produce an Artifact for a Git repository. + description: |- + GitRepositorySpec specifies the required configuration to produce an + Artifact for a Git repository. properties: ignore: - description: Ignore overrides the set of excluded patterns in the .sourceignore format (which is the same - as .gitignore). If not provided, a default will be used, consult the documentation for your version to find - out what those are. + description: |- + Ignore overrides the set of excluded patterns in the .sourceignore format + (which is the same as .gitignore). If not provided, a default will be used, + consult the documentation for your version to find out what those are. type: string include: - description: Include specifies a list of GitRepository resources which Artifacts should be included in the - Artifact produced for this GitRepository. + description: |- + Include specifies a list of GitRepository resources which Artifacts + should be included in the Artifact produced for this GitRepository. items: - description: GitRepositoryInclude specifies a local reference to a GitRepository which Artifact (sub-)contents - must be included, and where they should be placed. + description: |- + GitRepositoryInclude specifies a local reference to a GitRepository which + Artifact (sub-)contents must be included, and where they should be placed. properties: fromPath: - description: FromPath specifies the path to copy contents from, defaults to the root of the Artifact. + description: |- + FromPath specifies the path to copy contents from, defaults to the root + of the Artifact. type: string repository: - description: GitRepositoryRef specifies the GitRepository which Artifact contents must be included. + description: |- + GitRepositoryRef specifies the GitRepository which Artifact contents + must be included. properties: name: description: Name of the referent. @@ -839,20 +933,25 @@ spec: - name type: object toPath: - description: ToPath specifies the path to copy contents to, defaults to the name of the GitRepositoryRef. + description: |- + ToPath specifies the path to copy contents to, defaults to the name of + the GitRepositoryRef. type: string required: - repository type: object type: array interval: - description: Interval at which the GitRepository URL is checked for updates. This interval is approximate - and may be subject to jitter to ensure efficient use of resources. + description: |- + Interval at which the GitRepository URL is checked for updates. + This interval is approximate and may be subject to jitter to ensure + efficient use of resources. pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$ type: string proxySecretRef: - description: ProxySecretRef specifies the Secret containing the proxy configuration to use while communicating - with the Git server. + description: |- + ProxySecretRef specifies the Secret containing the proxy configuration + to use while communicating with the Git server. properties: name: description: Name of the referent. @@ -861,36 +960,51 @@ spec: - name type: object recurseSubmodules: - description: RecurseSubmodules enables the initialization of all submodules within the GitRepository as cloned - from the URL, using their default settings. + description: |- + RecurseSubmodules enables the initialization of all submodules within + the GitRepository as cloned from the URL, using their default settings. type: boolean ref: - description: Reference specifies the Git reference to resolve and monitor for changes, defaults to the 'master' - branch. + description: |- + Reference specifies the Git reference to resolve and monitor for + changes, defaults to the 'master' branch. properties: branch: - description: Branch to check out, defaults to 'master' if no other field is defined. + description: Branch to check out, defaults to 'master' if no other + field is defined. type: string commit: - description: "Commit SHA to check out, takes precedence over all reference fields. \n This can be combined - with Branch to shallow clone the branch, in which the commit is expected to exist." + description: |- + Commit SHA to check out, takes precedence over all reference fields. + + + This can be combined with Branch to shallow clone the branch, in which + the commit is expected to exist. type: string name: - description: "Name of the reference to check out; takes precedence over Branch, Tag and SemVer. \n It - must be a valid Git reference: https://git-scm.com/docs/git-check-ref-format#_description Examples: - \"refs/heads/main\", \"refs/tags/v0.1.0\", \"refs/pull/420/head\", \"refs/merge-requests/1/head\"" + description: |- + Name of the reference to check out; takes precedence over Branch, Tag and SemVer. + + + It must be a valid Git reference: https://git-scm.com/docs/git-check-ref-format#_description + Examples: "refs/heads/main", "refs/tags/v0.1.0", "refs/pull/420/head", "refs/merge-requests/1/head" type: string semver: - description: SemVer tag expression to check out, takes precedence over Tag. + description: SemVer tag expression to check out, takes precedence + over Tag. type: string tag: description: Tag to check out, takes precedence over Branch. type: string type: object secretRef: - description: SecretRef specifies the Secret containing authentication credentials for the GitRepository. For - HTTPS repositories the Secret must contain 'username' and 'password' fields for basic auth or 'bearerToken' - field for token auth. For SSH repositories the Secret must contain 'identity' and 'known_hosts' fields. + description: |- + SecretRef specifies the Secret containing authentication credentials for + the GitRepository. + For HTTPS repositories the Secret must contain 'username' and 'password' + fields for basic auth or 'bearerToken' field for token auth. + For SSH repositories the Secret must contain 'identity' + and 'known_hosts' fields. properties: name: description: Name of the referent. @@ -899,25 +1013,35 @@ spec: - name type: object suspend: - description: Suspend tells the controller to suspend the reconciliation of this GitRepository. + description: |- + Suspend tells the controller to suspend the reconciliation of this + GitRepository. type: boolean timeout: default: 60s - description: Timeout for Git operations like cloning, defaults to 60s. + description: Timeout for Git operations like cloning, defaults to + 60s. pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m))+$ type: string url: - description: URL specifies the Git repository URL, it can be an HTTP/S or SSH address. + description: URL specifies the Git repository URL, it can be an HTTP/S + or SSH address. pattern: ^(http|https|ssh)://.*$ type: string verify: - description: Verification specifies the configuration to verify the Git commit signature(s). + description: |- + Verification specifies the configuration to verify the Git commit + signature(s). properties: mode: default: HEAD - description: "Mode specifies which Git object(s) should be verified. \n The variants \"head\" and \"HEAD\" - both imply the same thing, i.e. verify the commit that the HEAD of the Git repository points to. The - variant \"head\" solely exists to ensure backwards compatibility." + description: |- + Mode specifies which Git object(s) should be verified. + + + The variants "head" and "HEAD" both imply the same thing, i.e. verify + the commit that the HEAD of the Git repository points to. The variant + "head" solely exists to ensure backwards compatibility. enum: - head - HEAD @@ -925,7 +1049,9 @@ spec: - TagAndHEAD type: string secretRef: - description: SecretRef specifies the Secret containing the public keys of trusted Git authors. + description: |- + SecretRef specifies the Secret containing the public keys of trusted Git + authors. properties: name: description: Name of the referent. @@ -946,14 +1072,17 @@ spec: description: GitRepositoryStatus records the observed state of a Git repository. properties: artifact: - description: Artifact represents the last successful GitRepository reconciliation. + description: Artifact represents the last successful GitRepository + reconciliation. properties: digest: description: Digest is the digest of the file in the form of ':'. pattern: ^[a-z0-9]+(?:[.+_-][a-z0-9]+)*:[a-zA-Z0-9=_-]+$ type: string lastUpdateTime: - description: LastUpdateTime is the timestamp corresponding to the last update of the Artifact. + description: |- + LastUpdateTime is the timestamp corresponding to the last update of the + Artifact. format: date-time type: string metadata: @@ -962,21 +1091,25 @@ spec: description: Metadata holds upstream information such as OCI annotations. type: object path: - description: Path is the relative file path of the Artifact. It can be used to locate the file in the - root of the Artifact storage on the local file system of the controller managing the Source. + description: |- + Path is the relative file path of the Artifact. It can be used to locate + the file in the root of the Artifact storage on the local file system of + the controller managing the Source. type: string revision: - description: Revision is a human-readable identifier traceable in the origin source system. It can be - a Git commit SHA, Git tag, a Helm chart version, etc. + description: |- + Revision is a human-readable identifier traceable in the origin source + system. It can be a Git commit SHA, Git tag, a Helm chart version, etc. type: string size: description: Size is the number of bytes in the file. format: int64 type: integer url: - description: URL is the HTTP address of the Artifact as exposed by the controller managing the Source. - It can be used to retrieve the Artifact for consumption, e.g. by another controller applying the Artifact - contents. + description: |- + URL is the HTTP address of the Artifact as exposed by the controller + managing the Source. It can be used to retrieve the Artifact for + consumption, e.g. by another controller applying the Artifact contents. type: string required: - lastUpdateTime @@ -987,35 +1120,43 @@ spec: conditions: description: Conditions holds the conditions for the GitRepository. items: - description: "Condition contains details for one aspect of the current state of this API Resource. --- This - struct is intended for direct use as an array at the field path .status.conditions. For example, \n type - FooStatus struct{ // Represents the observations of a foo's current state. // Known .status.conditions.type - are: \"Available\", \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge // - +listType=map // +listMapKey=type Conditions []metav1.Condition `json:\"conditions,omitempty\" patchStrategy:\"merge\" - patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" + description: "Condition contains details for one aspect of the current + state of this API Resource.\n---\nThis struct is intended for + direct use as an array at the field path .status.conditions. For + example,\n\n\n\ttype FooStatus struct{\n\t // Represents the + observations of a foo's current state.\n\t // Known .status.conditions.type + are: \"Available\", \"Progressing\", and \"Degraded\"\n\t // + +patchMergeKey=type\n\t // +patchStrategy=merge\n\t // +listType=map\n\t + \ // +listMapKey=type\n\t Conditions []metav1.Condition `json:\"conditions,omitempty\" + patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"`\n\n\n\t + \ // other fields\n\t}" properties: lastTransitionTime: - description: lastTransitionTime is the last time the condition transitioned from one status to another. - This should be when the underlying condition changed. If that is not known, then using the time when - the API field changed is acceptable. + description: |- + lastTransitionTime is the last time the condition transitioned from one status to another. + This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. format: date-time type: string message: - description: message is a human readable message indicating details about the transition. This may be - an empty string. + description: |- + message is a human readable message indicating details about the transition. + This may be an empty string. maxLength: 32768 type: string observedGeneration: - description: observedGeneration represents the .metadata.generation that the condition was set based - upon. For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration - is 9, the condition is out of date with respect to the current state of the instance. + description: |- + observedGeneration represents the .metadata.generation that the condition was set based upon. + For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date + with respect to the current state of the instance. format: int64 minimum: 0 type: integer reason: - description: reason contains a programmatic identifier indicating the reason for the condition's last - transition. Producers of specific condition types may define expected values and meanings for this - field, and whether the values are considered a guaranteed API. The value should be a CamelCase string. + description: |- + reason contains a programmatic identifier indicating the reason for the condition's last transition. + Producers of specific condition types may define expected values and meanings for this field, + and whether the values are considered a guaranteed API. + The value should be a CamelCase string. This field may not be empty. maxLength: 1024 minLength: 1 @@ -1029,9 +1170,12 @@ spec: - Unknown type: string type: - description: type of condition in CamelCase or in foo.example.com/CamelCase. --- Many .condition.type - values are consistent across resources like Available, but because arbitrary conditions can be useful - (see .node.status.conditions), the ability to deconflict is important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + description: |- + type of condition in CamelCase or in foo.example.com/CamelCase. + --- + Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be + useful (see .node.status.conditions), the ability to deconflict is important. + The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) maxLength: 316 pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ type: string @@ -1044,40 +1188,49 @@ spec: type: object type: array includedArtifacts: - description: IncludedArtifacts contains a list of the last successfully included Artifacts as instructed by - GitRepositorySpec.Include. + description: |- + IncludedArtifacts contains a list of the last successfully included + Artifacts as instructed by GitRepositorySpec.Include. items: description: Artifact represents the output of a Source reconciliation. properties: digest: - description: Digest is the digest of the file in the form of ':'. + description: Digest is the digest of the file in the form of + ':'. pattern: ^[a-z0-9]+(?:[.+_-][a-z0-9]+)*:[a-zA-Z0-9=_-]+$ type: string lastUpdateTime: - description: LastUpdateTime is the timestamp corresponding to the last update of the Artifact. + description: |- + LastUpdateTime is the timestamp corresponding to the last update of the + Artifact. format: date-time type: string metadata: additionalProperties: type: string - description: Metadata holds upstream information such as OCI annotations. + description: Metadata holds upstream information such as OCI + annotations. type: object path: - description: Path is the relative file path of the Artifact. It can be used to locate the file in the - root of the Artifact storage on the local file system of the controller managing the Source. + description: |- + Path is the relative file path of the Artifact. It can be used to locate + the file in the root of the Artifact storage on the local file system of + the controller managing the Source. type: string revision: - description: Revision is a human-readable identifier traceable in the origin source system. It can be - a Git commit SHA, Git tag, a Helm chart version, etc. + description: |- + Revision is a human-readable identifier traceable in the origin source + system. It can be a Git commit SHA, Git tag, a Helm chart version, etc. type: string size: description: Size is the number of bytes in the file. format: int64 type: integer url: - description: URL is the HTTP address of the Artifact as exposed by the controller managing the Source. - It can be used to retrieve the Artifact for consumption, e.g. by another controller applying the Artifact - contents. + description: |- + URL is the HTTP address of the Artifact as exposed by the controller + managing the Source. It can be used to retrieve the Artifact for + consumption, e.g. by another controller applying the Artifact contents. type: string required: - lastUpdateTime @@ -1087,27 +1240,40 @@ spec: type: object type: array lastHandledReconcileAt: - description: LastHandledReconcileAt holds the value of the most recent reconcile request value, so a change - of the annotation value can be detected. + description: |- + LastHandledReconcileAt holds the value of the most recent + reconcile request value, so a change of the annotation value + can be detected. type: string observedGeneration: - description: ObservedGeneration is the last observed generation of the GitRepository object. + description: |- + ObservedGeneration is the last observed generation of the GitRepository + object. format: int64 type: integer observedIgnore: - description: ObservedIgnore is the observed exclusion patterns used for constructing the source artifact. + description: |- + ObservedIgnore is the observed exclusion patterns used for constructing + the source artifact. type: string observedInclude: - description: ObservedInclude is the observed list of GitRepository resources used to produce the current Artifact. + description: |- + ObservedInclude is the observed list of GitRepository resources used to + produce the current Artifact. items: - description: GitRepositoryInclude specifies a local reference to a GitRepository which Artifact (sub-)contents - must be included, and where they should be placed. + description: |- + GitRepositoryInclude specifies a local reference to a GitRepository which + Artifact (sub-)contents must be included, and where they should be placed. properties: fromPath: - description: FromPath specifies the path to copy contents from, defaults to the root of the Artifact. + description: |- + FromPath specifies the path to copy contents from, defaults to the root + of the Artifact. type: string repository: - description: GitRepositoryRef specifies the GitRepository which Artifact contents must be included. + description: |- + GitRepositoryRef specifies the GitRepository which Artifact contents + must be included. properties: name: description: Name of the referent. @@ -1116,19 +1282,23 @@ spec: - name type: object toPath: - description: ToPath specifies the path to copy contents to, defaults to the name of the GitRepositoryRef. + description: |- + ToPath specifies the path to copy contents to, defaults to the name of + the GitRepositoryRef. type: string required: - repository type: object type: array observedRecurseSubmodules: - description: ObservedRecurseSubmodules is the observed resource submodules configuration used to produce the - current Artifact. + description: |- + ObservedRecurseSubmodules is the observed resource submodules + configuration used to produce the current Artifact. type: boolean sourceVerificationMode: - description: SourceVerificationMode is the last used verification mode indicating which Git object(s) have - been verified. + description: |- + SourceVerificationMode is the last used verification mode indicating + which Git object(s) have been verified. type: string type: object type: object @@ -1157,12 +1327,19 @@ spec: description: GitRepository is the Schema for the gitrepositories API properties: apiVersion: - description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert - recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string kind: - description: 'Kind is a string value representing the REST resource this object represents. Servers may infer - this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string metadata: type: object @@ -1170,21 +1347,25 @@ spec: description: GitRepositorySpec defines the desired state of a Git repository. properties: accessFrom: - description: AccessFrom defines an Access Control List for allowing cross-namespace references to this object. + description: AccessFrom defines an Access Control List for allowing + cross-namespace references to this object. properties: namespaceSelectors: - description: NamespaceSelectors is the list of namespace selectors to which this ACL applies. Items in - this list are evaluated using a logical OR operation. + description: |- + NamespaceSelectors is the list of namespace selectors to which this ACL applies. + Items in this list are evaluated using a logical OR operation. items: - description: NamespaceSelector selects the namespaces to which this ACL applies. An empty map of MatchLabels - matches all namespaces in a cluster. + description: |- + NamespaceSelector selects the namespaces to which this ACL applies. + An empty map of MatchLabels matches all namespaces in a cluster. properties: matchLabels: additionalProperties: type: string - description: MatchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels - map is equivalent to an element of matchExpressions, whose key field is "key", the operator is - "In", and the values array contains only "value". The requirements are ANDed. + description: |- + MatchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, whose key field is "key", the + operator is "In", and the values array contains only "value". The requirements are ANDed. type: object type: object type: array @@ -1193,23 +1374,28 @@ spec: type: object gitImplementation: default: go-git - description: Determines which git client library to use. Defaults to go-git, valid values are ('go-git', 'libgit2'). + description: |- + Determines which git client library to use. + Defaults to go-git, valid values are ('go-git', 'libgit2'). enum: - go-git - libgit2 type: string ignore: - description: Ignore overrides the set of excluded patterns in the .sourceignore format (which is the same - as .gitignore). If not provided, a default will be used, consult the documentation for your version to find - out what those are. + description: |- + Ignore overrides the set of excluded patterns in the .sourceignore format + (which is the same as .gitignore). If not provided, a default will be used, + consult the documentation for your version to find out what those are. type: string include: description: Extra git repositories to map into the repository items: - description: GitRepositoryInclude defines a source with a from and to path. + description: GitRepositoryInclude defines a source with a from and + to path. properties: fromPath: - description: The path to copy contents from, defaults to the root directory. + description: The path to copy contents from, defaults to the + root directory. type: string repository: description: Reference to a GitRepository to include. @@ -1221,7 +1407,8 @@ spec: - name type: object toPath: - description: The path to copy contents to, defaults to the name of the source ref. + description: The path to copy contents to, defaults to the name + of the source ref. type: string required: - repository @@ -1231,28 +1418,38 @@ spec: description: The interval at which to check for repository updates. type: string recurseSubmodules: - description: When enabled, after the clone is created, initializes all submodules within, using their default - settings. This option is available only when using the 'go-git' GitImplementation. + description: |- + When enabled, after the clone is created, initializes all submodules within, + using their default settings. + This option is available only when using the 'go-git' GitImplementation. type: boolean ref: - description: The Git reference to checkout and monitor for changes, defaults to master branch. + description: |- + The Git reference to checkout and monitor for changes, defaults to + master branch. properties: branch: description: The Git branch to checkout, defaults to master. type: string commit: - description: The Git commit SHA to checkout, if specified Tag filters will be ignored. + description: The Git commit SHA to checkout, if specified Tag + filters will be ignored. type: string semver: - description: The Git tag semver expression, takes precedence over Tag. + description: The Git tag semver expression, takes precedence over + Tag. type: string tag: description: The Git tag to checkout, takes precedence over Branch. type: string type: object secretRef: - description: The secret name containing the Git credentials. For HTTPS repositories the secret must contain - username and password fields. For SSH repositories the secret must contain identity and known_hosts fields. + description: |- + The secret name containing the Git credentials. + For HTTPS repositories the secret must contain username and password + fields. + For SSH repositories the secret must contain identity and known_hosts + fields. properties: name: description: Name of the referent. @@ -1261,26 +1458,31 @@ spec: - name type: object suspend: - description: This flag tells the controller to suspend the reconciliation of this source. + description: This flag tells the controller to suspend the reconciliation + of this source. type: boolean timeout: default: 60s - description: The timeout for remote Git operations like cloning, defaults to 60s. + description: The timeout for remote Git operations like cloning, defaults + to 60s. type: string url: description: The repository URL, can be a HTTP/S or SSH address. pattern: ^(http|https|ssh)://.*$ type: string verify: - description: Verify OpenPGP signature for the Git commit HEAD points to. + description: Verify OpenPGP signature for the Git commit HEAD points + to. properties: mode: - description: Mode describes what git object should be verified, currently ('head'). + description: Mode describes what git object should be verified, + currently ('head'). enum: - head type: string secretRef: - description: The secret name containing the public keys of all trusted Git authors. + description: The secret name containing the public keys of all + trusted Git authors. properties: name: description: Name of the referent. @@ -1301,21 +1503,26 @@ spec: description: GitRepositoryStatus defines the observed state of a Git repository. properties: artifact: - description: Artifact represents the output of the last successful repository sync. + description: Artifact represents the output of the last successful + repository sync. properties: checksum: description: Checksum is the SHA256 checksum of the artifact. type: string lastUpdateTime: - description: LastUpdateTime is the timestamp corresponding to the last update of this artifact. + description: |- + LastUpdateTime is the timestamp corresponding to the last update of this + artifact. format: date-time type: string path: description: Path is the relative file path of this artifact. type: string revision: - description: Revision is a human readable identifier traceable in the origin source system. It can be - a Git commit SHA, Git tag, a Helm index timestamp, a Helm chart version, etc. + description: |- + Revision is a human readable identifier traceable in the origin source + system. It can be a Git commit SHA, Git tag, a Helm index timestamp, a Helm + chart version, etc. type: string url: description: URL is the HTTP address of this artifact. @@ -1327,35 +1534,43 @@ spec: conditions: description: Conditions holds the conditions for the GitRepository. items: - description: "Condition contains details for one aspect of the current state of this API Resource. --- This - struct is intended for direct use as an array at the field path .status.conditions. For example, \n type - FooStatus struct{ // Represents the observations of a foo's current state. // Known .status.conditions.type - are: \"Available\", \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge // - +listType=map // +listMapKey=type Conditions []metav1.Condition `json:\"conditions,omitempty\" patchStrategy:\"merge\" - patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" + description: "Condition contains details for one aspect of the current + state of this API Resource.\n---\nThis struct is intended for + direct use as an array at the field path .status.conditions. For + example,\n\n\n\ttype FooStatus struct{\n\t // Represents the + observations of a foo's current state.\n\t // Known .status.conditions.type + are: \"Available\", \"Progressing\", and \"Degraded\"\n\t // + +patchMergeKey=type\n\t // +patchStrategy=merge\n\t // +listType=map\n\t + \ // +listMapKey=type\n\t Conditions []metav1.Condition `json:\"conditions,omitempty\" + patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"`\n\n\n\t + \ // other fields\n\t}" properties: lastTransitionTime: - description: lastTransitionTime is the last time the condition transitioned from one status to another. - This should be when the underlying condition changed. If that is not known, then using the time when - the API field changed is acceptable. + description: |- + lastTransitionTime is the last time the condition transitioned from one status to another. + This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. format: date-time type: string message: - description: message is a human readable message indicating details about the transition. This may be - an empty string. + description: |- + message is a human readable message indicating details about the transition. + This may be an empty string. maxLength: 32768 type: string observedGeneration: - description: observedGeneration represents the .metadata.generation that the condition was set based - upon. For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration - is 9, the condition is out of date with respect to the current state of the instance. + description: |- + observedGeneration represents the .metadata.generation that the condition was set based upon. + For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date + with respect to the current state of the instance. format: int64 minimum: 0 type: integer reason: - description: reason contains a programmatic identifier indicating the reason for the condition's last - transition. Producers of specific condition types may define expected values and meanings for this - field, and whether the values are considered a guaranteed API. The value should be a CamelCase string. + description: |- + reason contains a programmatic identifier indicating the reason for the condition's last transition. + Producers of specific condition types may define expected values and meanings for this field, + and whether the values are considered a guaranteed API. + The value should be a CamelCase string. This field may not be empty. maxLength: 1024 minLength: 1 @@ -1369,9 +1584,12 @@ spec: - Unknown type: string type: - description: type of condition in CamelCase or in foo.example.com/CamelCase. --- Many .condition.type - values are consistent across resources like Available, but because arbitrary conditions can be useful - (see .node.status.conditions), the ability to deconflict is important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + description: |- + type of condition in CamelCase or in foo.example.com/CamelCase. + --- + Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be + useful (see .node.status.conditions), the ability to deconflict is important. + The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) maxLength: 316 pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ type: string @@ -1384,7 +1602,8 @@ spec: type: object type: array includedArtifacts: - description: IncludedArtifacts represents the included artifacts from the last successful repository sync. + description: IncludedArtifacts represents the included artifacts from + the last successful repository sync. items: description: Artifact represents the output of a source synchronisation. properties: @@ -1392,15 +1611,19 @@ spec: description: Checksum is the SHA256 checksum of the artifact. type: string lastUpdateTime: - description: LastUpdateTime is the timestamp corresponding to the last update of this artifact. + description: |- + LastUpdateTime is the timestamp corresponding to the last update of this + artifact. format: date-time type: string path: description: Path is the relative file path of this artifact. type: string revision: - description: Revision is a human readable identifier traceable in the origin source system. It can be - a Git commit SHA, Git tag, a Helm index timestamp, a Helm chart version, etc. + description: |- + Revision is a human readable identifier traceable in the origin source + system. It can be a Git commit SHA, Git tag, a Helm index timestamp, a Helm + chart version, etc. type: string url: description: URL is the HTTP address of this artifact. @@ -1411,15 +1634,19 @@ spec: type: object type: array lastHandledReconcileAt: - description: LastHandledReconcileAt holds the value of the most recent reconcile request value, so a change - of the annotation value can be detected. + description: |- + LastHandledReconcileAt holds the value of the most recent + reconcile request value, so a change of the annotation value + can be detected. type: string observedGeneration: description: ObservedGeneration is the last observed generation. format: int64 type: integer url: - description: URL is the download link for the artifact output of the last repository sync. + description: |- + URL is the download link for the artifact output of the last repository + sync. type: string type: object type: object @@ -1448,35 +1675,49 @@ spec: description: GitRepository is the Schema for the gitrepositories API. properties: apiVersion: - description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert - recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string kind: - description: 'Kind is a string value representing the REST resource this object represents. Servers may infer - this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string metadata: type: object spec: - description: GitRepositorySpec specifies the required configuration to produce an Artifact for a Git repository. + description: |- + GitRepositorySpec specifies the required configuration to produce an + Artifact for a Git repository. properties: accessFrom: - description: 'AccessFrom specifies an Access Control List for allowing cross-namespace references to this - object. NOTE: Not implemented, provisional as of https://github.com/fluxcd/flux2/pull/2092' + description: |- + AccessFrom specifies an Access Control List for allowing cross-namespace + references to this object. + NOTE: Not implemented, provisional as of https://github.com/fluxcd/flux2/pull/2092 properties: namespaceSelectors: - description: NamespaceSelectors is the list of namespace selectors to which this ACL applies. Items in - this list are evaluated using a logical OR operation. + description: |- + NamespaceSelectors is the list of namespace selectors to which this ACL applies. + Items in this list are evaluated using a logical OR operation. items: - description: NamespaceSelector selects the namespaces to which this ACL applies. An empty map of MatchLabels - matches all namespaces in a cluster. + description: |- + NamespaceSelector selects the namespaces to which this ACL applies. + An empty map of MatchLabels matches all namespaces in a cluster. properties: matchLabels: additionalProperties: type: string - description: MatchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels - map is equivalent to an element of matchExpressions, whose key field is "key", the operator is - "In", and the values array contains only "value". The requirements are ANDed. + description: |- + MatchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, whose key field is "key", the + operator is "In", and the values array contains only "value". The requirements are ANDed. type: object type: object type: array @@ -1485,30 +1726,39 @@ spec: type: object gitImplementation: default: go-git - description: 'GitImplementation specifies which Git client library implementation to use. Defaults to ''go-git'', - valid values are (''go-git'', ''libgit2''). Deprecated: gitImplementation is deprecated now that ''go-git'' - is the only supported implementation.' + description: |- + GitImplementation specifies which Git client library implementation to + use. Defaults to 'go-git', valid values are ('go-git', 'libgit2'). + Deprecated: gitImplementation is deprecated now that 'go-git' is the + only supported implementation. enum: - go-git - libgit2 type: string ignore: - description: Ignore overrides the set of excluded patterns in the .sourceignore format (which is the same - as .gitignore). If not provided, a default will be used, consult the documentation for your version to find - out what those are. + description: |- + Ignore overrides the set of excluded patterns in the .sourceignore format + (which is the same as .gitignore). If not provided, a default will be used, + consult the documentation for your version to find out what those are. type: string include: - description: Include specifies a list of GitRepository resources which Artifacts should be included in the - Artifact produced for this GitRepository. + description: |- + Include specifies a list of GitRepository resources which Artifacts + should be included in the Artifact produced for this GitRepository. items: - description: GitRepositoryInclude specifies a local reference to a GitRepository which Artifact (sub-)contents - must be included, and where they should be placed. + description: |- + GitRepositoryInclude specifies a local reference to a GitRepository which + Artifact (sub-)contents must be included, and where they should be placed. properties: fromPath: - description: FromPath specifies the path to copy contents from, defaults to the root of the Artifact. + description: |- + FromPath specifies the path to copy contents from, defaults to the root + of the Artifact. type: string repository: - description: GitRepositoryRef specifies the GitRepository which Artifact contents must be included. + description: |- + GitRepositoryRef specifies the GitRepository which Artifact contents + must be included. properties: name: description: Name of the referent. @@ -1517,7 +1767,9 @@ spec: - name type: object toPath: - description: ToPath specifies the path to copy contents to, defaults to the name of the GitRepositoryRef. + description: |- + ToPath specifies the path to copy contents to, defaults to the name of + the GitRepositoryRef. type: string required: - repository @@ -1528,36 +1780,51 @@ spec: pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$ type: string recurseSubmodules: - description: RecurseSubmodules enables the initialization of all submodules within the GitRepository as cloned - from the URL, using their default settings. + description: |- + RecurseSubmodules enables the initialization of all submodules within + the GitRepository as cloned from the URL, using their default settings. type: boolean ref: - description: Reference specifies the Git reference to resolve and monitor for changes, defaults to the 'master' - branch. + description: |- + Reference specifies the Git reference to resolve and monitor for + changes, defaults to the 'master' branch. properties: branch: - description: Branch to check out, defaults to 'master' if no other field is defined. + description: Branch to check out, defaults to 'master' if no other + field is defined. type: string commit: - description: "Commit SHA to check out, takes precedence over all reference fields. \n This can be combined - with Branch to shallow clone the branch, in which the commit is expected to exist." + description: |- + Commit SHA to check out, takes precedence over all reference fields. + + + This can be combined with Branch to shallow clone the branch, in which + the commit is expected to exist. type: string name: - description: "Name of the reference to check out; takes precedence over Branch, Tag and SemVer. \n It - must be a valid Git reference: https://git-scm.com/docs/git-check-ref-format#_description Examples: - \"refs/heads/main\", \"refs/tags/v0.1.0\", \"refs/pull/420/head\", \"refs/merge-requests/1/head\"" + description: |- + Name of the reference to check out; takes precedence over Branch, Tag and SemVer. + + + It must be a valid Git reference: https://git-scm.com/docs/git-check-ref-format#_description + Examples: "refs/heads/main", "refs/tags/v0.1.0", "refs/pull/420/head", "refs/merge-requests/1/head" type: string semver: - description: SemVer tag expression to check out, takes precedence over Tag. + description: SemVer tag expression to check out, takes precedence + over Tag. type: string tag: description: Tag to check out, takes precedence over Branch. type: string type: object secretRef: - description: SecretRef specifies the Secret containing authentication credentials for the GitRepository. For - HTTPS repositories the Secret must contain 'username' and 'password' fields for basic auth or 'bearerToken' - field for token auth. For SSH repositories the Secret must contain 'identity' and 'known_hosts' fields. + description: |- + SecretRef specifies the Secret containing authentication credentials for + the GitRepository. + For HTTPS repositories the Secret must contain 'username' and 'password' + fields for basic auth or 'bearerToken' field for token auth. + For SSH repositories the Secret must contain 'identity' + and 'known_hosts' fields. properties: name: description: Name of the referent. @@ -1566,27 +1833,36 @@ spec: - name type: object suspend: - description: Suspend tells the controller to suspend the reconciliation of this GitRepository. + description: |- + Suspend tells the controller to suspend the reconciliation of this + GitRepository. type: boolean timeout: default: 60s - description: Timeout for Git operations like cloning, defaults to 60s. + description: Timeout for Git operations like cloning, defaults to + 60s. pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m))+$ type: string url: - description: URL specifies the Git repository URL, it can be an HTTP/S or SSH address. + description: URL specifies the Git repository URL, it can be an HTTP/S + or SSH address. pattern: ^(http|https|ssh)://.*$ type: string verify: - description: Verification specifies the configuration to verify the Git commit signature(s). + description: |- + Verification specifies the configuration to verify the Git commit + signature(s). properties: mode: - description: Mode specifies what Git object should be verified, currently ('head'). + description: Mode specifies what Git object should be verified, + currently ('head'). enum: - head type: string secretRef: - description: SecretRef specifies the Secret containing the public keys of trusted Git authors. + description: |- + SecretRef specifies the Secret containing the public keys of trusted Git + authors. properties: name: description: Name of the referent. @@ -1608,14 +1884,17 @@ spec: description: GitRepositoryStatus records the observed state of a Git repository. properties: artifact: - description: Artifact represents the last successful GitRepository reconciliation. + description: Artifact represents the last successful GitRepository + reconciliation. properties: digest: description: Digest is the digest of the file in the form of ':'. pattern: ^[a-z0-9]+(?:[.+_-][a-z0-9]+)*:[a-zA-Z0-9=_-]+$ type: string lastUpdateTime: - description: LastUpdateTime is the timestamp corresponding to the last update of the Artifact. + description: |- + LastUpdateTime is the timestamp corresponding to the last update of the + Artifact. format: date-time type: string metadata: @@ -1624,21 +1903,25 @@ spec: description: Metadata holds upstream information such as OCI annotations. type: object path: - description: Path is the relative file path of the Artifact. It can be used to locate the file in the - root of the Artifact storage on the local file system of the controller managing the Source. + description: |- + Path is the relative file path of the Artifact. It can be used to locate + the file in the root of the Artifact storage on the local file system of + the controller managing the Source. type: string revision: - description: Revision is a human-readable identifier traceable in the origin source system. It can be - a Git commit SHA, Git tag, a Helm chart version, etc. + description: |- + Revision is a human-readable identifier traceable in the origin source + system. It can be a Git commit SHA, Git tag, a Helm chart version, etc. type: string size: description: Size is the number of bytes in the file. format: int64 type: integer url: - description: URL is the HTTP address of the Artifact as exposed by the controller managing the Source. - It can be used to retrieve the Artifact for consumption, e.g. by another controller applying the Artifact - contents. + description: |- + URL is the HTTP address of the Artifact as exposed by the controller + managing the Source. It can be used to retrieve the Artifact for + consumption, e.g. by another controller applying the Artifact contents. type: string required: - lastUpdateTime @@ -1649,35 +1932,43 @@ spec: conditions: description: Conditions holds the conditions for the GitRepository. items: - description: "Condition contains details for one aspect of the current state of this API Resource. --- This - struct is intended for direct use as an array at the field path .status.conditions. For example, \n type - FooStatus struct{ // Represents the observations of a foo's current state. // Known .status.conditions.type - are: \"Available\", \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge // - +listType=map // +listMapKey=type Conditions []metav1.Condition `json:\"conditions,omitempty\" patchStrategy:\"merge\" - patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" + description: "Condition contains details for one aspect of the current + state of this API Resource.\n---\nThis struct is intended for + direct use as an array at the field path .status.conditions. For + example,\n\n\n\ttype FooStatus struct{\n\t // Represents the + observations of a foo's current state.\n\t // Known .status.conditions.type + are: \"Available\", \"Progressing\", and \"Degraded\"\n\t // + +patchMergeKey=type\n\t // +patchStrategy=merge\n\t // +listType=map\n\t + \ // +listMapKey=type\n\t Conditions []metav1.Condition `json:\"conditions,omitempty\" + patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"`\n\n\n\t + \ // other fields\n\t}" properties: lastTransitionTime: - description: lastTransitionTime is the last time the condition transitioned from one status to another. - This should be when the underlying condition changed. If that is not known, then using the time when - the API field changed is acceptable. + description: |- + lastTransitionTime is the last time the condition transitioned from one status to another. + This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. format: date-time type: string message: - description: message is a human readable message indicating details about the transition. This may be - an empty string. + description: |- + message is a human readable message indicating details about the transition. + This may be an empty string. maxLength: 32768 type: string observedGeneration: - description: observedGeneration represents the .metadata.generation that the condition was set based - upon. For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration - is 9, the condition is out of date with respect to the current state of the instance. + description: |- + observedGeneration represents the .metadata.generation that the condition was set based upon. + For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date + with respect to the current state of the instance. format: int64 minimum: 0 type: integer reason: - description: reason contains a programmatic identifier indicating the reason for the condition's last - transition. Producers of specific condition types may define expected values and meanings for this - field, and whether the values are considered a guaranteed API. The value should be a CamelCase string. + description: |- + reason contains a programmatic identifier indicating the reason for the condition's last transition. + Producers of specific condition types may define expected values and meanings for this field, + and whether the values are considered a guaranteed API. + The value should be a CamelCase string. This field may not be empty. maxLength: 1024 minLength: 1 @@ -1691,9 +1982,12 @@ spec: - Unknown type: string type: - description: type of condition in CamelCase or in foo.example.com/CamelCase. --- Many .condition.type - values are consistent across resources like Available, but because arbitrary conditions can be useful - (see .node.status.conditions), the ability to deconflict is important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + description: |- + type of condition in CamelCase or in foo.example.com/CamelCase. + --- + Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be + useful (see .node.status.conditions), the ability to deconflict is important. + The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) maxLength: 316 pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ type: string @@ -1706,48 +2000,65 @@ spec: type: object type: array contentConfigChecksum: - description: "ContentConfigChecksum is a checksum of all the configurations related to the content of the - source artifact: - .spec.ignore - .spec.recurseSubmodules - .spec.included and the checksum of the included - artifacts observed in .status.observedGeneration version of the object. This can be used to determine if - the content of the included repository has changed. It has the format of `:`, for example: - `sha256:`. \n Deprecated: Replaced with explicit fields for observed artifact content config in - the status." + description: |- + ContentConfigChecksum is a checksum of all the configurations related to + the content of the source artifact: + - .spec.ignore + - .spec.recurseSubmodules + - .spec.included and the checksum of the included artifacts + observed in .status.observedGeneration version of the object. This can + be used to determine if the content of the included repository has + changed. + It has the format of `:`, for example: `sha256:`. + + + Deprecated: Replaced with explicit fields for observed artifact content + config in the status. type: string includedArtifacts: - description: IncludedArtifacts contains a list of the last successfully included Artifacts as instructed by - GitRepositorySpec.Include. + description: |- + IncludedArtifacts contains a list of the last successfully included + Artifacts as instructed by GitRepositorySpec.Include. items: description: Artifact represents the output of a Source reconciliation. properties: digest: - description: Digest is the digest of the file in the form of ':'. + description: Digest is the digest of the file in the form of + ':'. pattern: ^[a-z0-9]+(?:[.+_-][a-z0-9]+)*:[a-zA-Z0-9=_-]+$ type: string lastUpdateTime: - description: LastUpdateTime is the timestamp corresponding to the last update of the Artifact. + description: |- + LastUpdateTime is the timestamp corresponding to the last update of the + Artifact. format: date-time type: string metadata: additionalProperties: type: string - description: Metadata holds upstream information such as OCI annotations. + description: Metadata holds upstream information such as OCI + annotations. type: object path: - description: Path is the relative file path of the Artifact. It can be used to locate the file in the - root of the Artifact storage on the local file system of the controller managing the Source. + description: |- + Path is the relative file path of the Artifact. It can be used to locate + the file in the root of the Artifact storage on the local file system of + the controller managing the Source. type: string revision: - description: Revision is a human-readable identifier traceable in the origin source system. It can be - a Git commit SHA, Git tag, a Helm chart version, etc. + description: |- + Revision is a human-readable identifier traceable in the origin source + system. It can be a Git commit SHA, Git tag, a Helm chart version, etc. type: string size: description: Size is the number of bytes in the file. format: int64 type: integer url: - description: URL is the HTTP address of the Artifact as exposed by the controller managing the Source. - It can be used to retrieve the Artifact for consumption, e.g. by another controller applying the Artifact - contents. + description: |- + URL is the HTTP address of the Artifact as exposed by the controller + managing the Source. It can be used to retrieve the Artifact for + consumption, e.g. by another controller applying the Artifact contents. type: string required: - lastUpdateTime @@ -1757,28 +2068,40 @@ spec: type: object type: array lastHandledReconcileAt: - description: LastHandledReconcileAt holds the value of the most recent reconcile request value, so a change - of the annotation value can be detected. + description: |- + LastHandledReconcileAt holds the value of the most recent + reconcile request value, so a change of the annotation value + can be detected. type: string observedGeneration: - description: ObservedGeneration is the last observed generation of the GitRepository object. + description: |- + ObservedGeneration is the last observed generation of the GitRepository + object. format: int64 type: integer observedIgnore: - description: ObservedIgnore is the observed exclusion patterns used for constructing the source artifact. + description: |- + ObservedIgnore is the observed exclusion patterns used for constructing + the source artifact. type: string observedInclude: - description: ObservedInclude is the observed list of GitRepository resources used to to produce the current - Artifact. + description: |- + ObservedInclude is the observed list of GitRepository resources used to + to produce the current Artifact. items: - description: GitRepositoryInclude specifies a local reference to a GitRepository which Artifact (sub-)contents - must be included, and where they should be placed. + description: |- + GitRepositoryInclude specifies a local reference to a GitRepository which + Artifact (sub-)contents must be included, and where they should be placed. properties: fromPath: - description: FromPath specifies the path to copy contents from, defaults to the root of the Artifact. + description: |- + FromPath specifies the path to copy contents from, defaults to the root + of the Artifact. type: string repository: - description: GitRepositoryRef specifies the GitRepository which Artifact contents must be included. + description: |- + GitRepositoryRef specifies the GitRepository which Artifact contents + must be included. properties: name: description: Name of the referent. @@ -1787,19 +2110,24 @@ spec: - name type: object toPath: - description: ToPath specifies the path to copy contents to, defaults to the name of the GitRepositoryRef. + description: |- + ToPath specifies the path to copy contents to, defaults to the name of + the GitRepositoryRef. type: string required: - repository type: object type: array observedRecurseSubmodules: - description: ObservedRecurseSubmodules is the observed resource submodules configuration used to produce the - current Artifact. + description: |- + ObservedRecurseSubmodules is the observed resource submodules + configuration used to produce the current Artifact. type: boolean url: - description: URL is the dynamic fetch link for the latest Artifact. It is provided on a "best effort" basis, - and using the precise GitRepositoryStatus.Artifact data is recommended. + description: |- + URL is the dynamic fetch link for the latest Artifact. + It is provided on a "best effort" basis, and using the precise + GitRepositoryStatus.Artifact data is recommended. type: string type: object type: object @@ -1812,12 +2140,12 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.12.0 + controller-gen.kubebuilder.io/version: v0.15.0 labels: app.kubernetes.io/component: source-controller app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v2.1.1 + app.kubernetes.io/version: v2.3.0 name: helmcharts.source.toolkit.fluxcd.io spec: group: source.toolkit.fluxcd.io @@ -1830,6 +2158,351 @@ spec: singular: helmchart scope: Namespaced versions: + - additionalPrinterColumns: + - jsonPath: .spec.chart + name: Chart + type: string + - jsonPath: .spec.version + name: Version + type: string + - jsonPath: .spec.sourceRef.kind + name: Source Kind + type: string + - jsonPath: .spec.sourceRef.name + name: Source Name + type: string + - jsonPath: .metadata.creationTimestamp + name: Age + type: date + - jsonPath: .status.conditions[?(@.type=="Ready")].status + name: Ready + type: string + - jsonPath: .status.conditions[?(@.type=="Ready")].message + name: Status + type: string + name: v1 + schema: + openAPIV3Schema: + description: HelmChart is the Schema for the helmcharts API. + properties: + apiVersion: + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources + type: string + kind: + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds + type: string + metadata: + type: object + spec: + description: HelmChartSpec specifies the desired state of a Helm chart. + properties: + chart: + description: |- + Chart is the name or path the Helm chart is available at in the + SourceRef. + type: string + ignoreMissingValuesFiles: + description: |- + IgnoreMissingValuesFiles controls whether to silently ignore missing values + files rather than failing. + type: boolean + interval: + description: |- + Interval at which the HelmChart SourceRef is checked for updates. + This interval is approximate and may be subject to jitter to ensure + efficient use of resources. + pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$ + type: string + reconcileStrategy: + default: ChartVersion + description: |- + ReconcileStrategy determines what enables the creation of a new artifact. + Valid values are ('ChartVersion', 'Revision'). + See the documentation of the values for an explanation on their behavior. + Defaults to ChartVersion when omitted. + enum: + - ChartVersion + - Revision + type: string + sourceRef: + description: SourceRef is the reference to the Source the chart is + available at. + properties: + apiVersion: + description: APIVersion of the referent. + type: string + kind: + description: |- + Kind of the referent, valid values are ('HelmRepository', 'GitRepository', + 'Bucket'). + enum: + - HelmRepository + - GitRepository + - Bucket + type: string + name: + description: Name of the referent. + type: string + required: + - kind + - name + type: object + suspend: + description: |- + Suspend tells the controller to suspend the reconciliation of this + source. + type: boolean + valuesFiles: + description: |- + ValuesFiles is an alternative list of values files to use as the chart + values (values.yaml is not included by default), expected to be a + relative path in the SourceRef. + Values files are merged in the order of this list with the last file + overriding the first. Ignored when omitted. + items: + type: string + type: array + verify: + description: |- + Verify contains the secret name containing the trusted public keys + used to verify the signature and specifies which provider to use to check + whether OCI image is authentic. + This field is only supported when using HelmRepository source with spec.type 'oci'. + Chart dependencies, which are not bundled in the umbrella chart artifact, are not verified. + properties: + matchOIDCIdentity: + description: |- + MatchOIDCIdentity specifies the identity matching criteria to use + while verifying an OCI artifact which was signed using Cosign keyless + signing. The artifact's identity is deemed to be verified if any of the + specified matchers match against the identity. + items: + description: |- + OIDCIdentityMatch specifies options for verifying the certificate identity, + i.e. the issuer and the subject of the certificate. + properties: + issuer: + description: |- + Issuer specifies the regex pattern to match against to verify + the OIDC issuer in the Fulcio certificate. The pattern must be a + valid Go regular expression. + type: string + subject: + description: |- + Subject specifies the regex pattern to match against to verify + the identity subject in the Fulcio certificate. The pattern must + be a valid Go regular expression. + type: string + required: + - issuer + - subject + type: object + type: array + provider: + default: cosign + description: Provider specifies the technology used to sign the + OCI Artifact. + enum: + - cosign + - notation + type: string + secretRef: + description: |- + SecretRef specifies the Kubernetes Secret containing the + trusted public keys. + properties: + name: + description: Name of the referent. + type: string + required: + - name + type: object + required: + - provider + type: object + version: + default: '*' + description: |- + Version is the chart version semver expression, ignored for charts from + GitRepository and Bucket sources. Defaults to latest when omitted. + type: string + required: + - chart + - interval + - sourceRef + type: object + status: + default: + observedGeneration: -1 + description: HelmChartStatus records the observed state of the HelmChart. + properties: + artifact: + description: Artifact represents the output of the last successful + reconciliation. + properties: + digest: + description: Digest is the digest of the file in the form of ':'. + pattern: ^[a-z0-9]+(?:[.+_-][a-z0-9]+)*:[a-zA-Z0-9=_-]+$ + type: string + lastUpdateTime: + description: |- + LastUpdateTime is the timestamp corresponding to the last update of the + Artifact. + format: date-time + type: string + metadata: + additionalProperties: + type: string + description: Metadata holds upstream information such as OCI annotations. + type: object + path: + description: |- + Path is the relative file path of the Artifact. It can be used to locate + the file in the root of the Artifact storage on the local file system of + the controller managing the Source. + type: string + revision: + description: |- + Revision is a human-readable identifier traceable in the origin source + system. It can be a Git commit SHA, Git tag, a Helm chart version, etc. + type: string + size: + description: Size is the number of bytes in the file. + format: int64 + type: integer + url: + description: |- + URL is the HTTP address of the Artifact as exposed by the controller + managing the Source. It can be used to retrieve the Artifact for + consumption, e.g. by another controller applying the Artifact contents. + type: string + required: + - lastUpdateTime + - path + - revision + - url + type: object + conditions: + description: Conditions holds the conditions for the HelmChart. + items: + description: "Condition contains details for one aspect of the current + state of this API Resource.\n---\nThis struct is intended for + direct use as an array at the field path .status.conditions. For + example,\n\n\n\ttype FooStatus struct{\n\t // Represents the + observations of a foo's current state.\n\t // Known .status.conditions.type + are: \"Available\", \"Progressing\", and \"Degraded\"\n\t // + +patchMergeKey=type\n\t // +patchStrategy=merge\n\t // +listType=map\n\t + \ // +listMapKey=type\n\t Conditions []metav1.Condition `json:\"conditions,omitempty\" + patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"`\n\n\n\t + \ // other fields\n\t}" + properties: + lastTransitionTime: + description: |- + lastTransitionTime is the last time the condition transitioned from one status to another. + This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. + format: date-time + type: string + message: + description: |- + message is a human readable message indicating details about the transition. + This may be an empty string. + maxLength: 32768 + type: string + observedGeneration: + description: |- + observedGeneration represents the .metadata.generation that the condition was set based upon. + For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date + with respect to the current state of the instance. + format: int64 + minimum: 0 + type: integer + reason: + description: |- + reason contains a programmatic identifier indicating the reason for the condition's last transition. + Producers of specific condition types may define expected values and meanings for this field, + and whether the values are considered a guaranteed API. + The value should be a CamelCase string. + This field may not be empty. + maxLength: 1024 + minLength: 1 + pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ + type: string + status: + description: status of the condition, one of True, False, Unknown. + enum: + - "True" + - "False" + - Unknown + type: string + type: + description: |- + type of condition in CamelCase or in foo.example.com/CamelCase. + --- + Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be + useful (see .node.status.conditions), the ability to deconflict is important. + The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + maxLength: 316 + pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ + type: string + required: + - lastTransitionTime + - message + - reason + - status + - type + type: object + type: array + lastHandledReconcileAt: + description: |- + LastHandledReconcileAt holds the value of the most recent + reconcile request value, so a change of the annotation value + can be detected. + type: string + observedChartName: + description: |- + ObservedChartName is the last observed chart name as specified by the + resolved chart reference. + type: string + observedGeneration: + description: |- + ObservedGeneration is the last observed generation of the HelmChart + object. + format: int64 + type: integer + observedSourceArtifactRevision: + description: |- + ObservedSourceArtifactRevision is the last observed Artifact.Revision + of the HelmChartSpec.SourceRef. + type: string + observedValuesFiles: + description: |- + ObservedValuesFiles are the observed value files of the last successful + reconciliation. + It matches the chart in the last successfully reconciled artifact. + items: + type: string + type: array + url: + description: |- + URL is the dynamic fetch link for the latest Artifact. + It is provided on a "best effort" basis, and using the precise + BucketStatus.Artifact data is recommended. + type: string + type: object + type: object + served: true + storage: true + subresources: + status: {} - additionalPrinterColumns: - jsonPath: .spec.chart name: Chart @@ -1852,18 +2525,27 @@ spec: - jsonPath: .metadata.creationTimestamp name: Age type: date + deprecated: true + deprecationWarning: v1beta1 HelmChart is deprecated, upgrade to v1 name: v1beta1 schema: openAPIV3Schema: description: HelmChart is the Schema for the helmcharts API properties: apiVersion: - description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert - recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string kind: - description: 'Kind is a string value representing the REST resource this object represents. Servers may infer - this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string metadata: type: object @@ -1871,21 +2553,25 @@ spec: description: HelmChartSpec defines the desired state of a Helm chart. properties: accessFrom: - description: AccessFrom defines an Access Control List for allowing cross-namespace references to this object. + description: AccessFrom defines an Access Control List for allowing + cross-namespace references to this object. properties: namespaceSelectors: - description: NamespaceSelectors is the list of namespace selectors to which this ACL applies. Items in - this list are evaluated using a logical OR operation. + description: |- + NamespaceSelectors is the list of namespace selectors to which this ACL applies. + Items in this list are evaluated using a logical OR operation. items: - description: NamespaceSelector selects the namespaces to which this ACL applies. An empty map of MatchLabels - matches all namespaces in a cluster. + description: |- + NamespaceSelector selects the namespaces to which this ACL applies. + An empty map of MatchLabels matches all namespaces in a cluster. properties: matchLabels: additionalProperties: type: string - description: MatchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels - map is equivalent to an element of matchExpressions, whose key field is "key", the operator is - "In", and the values array contains only "value". The requirements are ANDed. + description: |- + MatchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, whose key field is "key", the + operator is "In", and the values array contains only "value". The requirements are ANDed. type: object type: object type: array @@ -1893,16 +2579,19 @@ spec: - namespaceSelectors type: object chart: - description: The name or path the Helm chart is available at in the SourceRef. + description: The name or path the Helm chart is available at in the + SourceRef. type: string interval: description: The interval at which to check the Source for updates. type: string reconcileStrategy: default: ChartVersion - description: Determines what enables the creation of a new artifact. Valid values are ('ChartVersion', 'Revision'). - See the documentation of the values for an explanation on their behavior. Defaults to ChartVersion when - omitted. + description: |- + Determines what enables the creation of a new artifact. Valid values are + ('ChartVersion', 'Revision'). + See the documentation of the values for an explanation on their behavior. + Defaults to ChartVersion when omitted. enum: - ChartVersion - Revision @@ -1914,7 +2603,9 @@ spec: description: APIVersion of the referent. type: string kind: - description: Kind of the referent, valid values are ('HelmRepository', 'GitRepository', 'Bucket'). + description: |- + Kind of the referent, valid values are ('HelmRepository', 'GitRepository', + 'Bucket'). enum: - HelmRepository - GitRepository @@ -1928,24 +2619,30 @@ spec: - name type: object suspend: - description: This flag tells the controller to suspend the reconciliation of this source. + description: This flag tells the controller to suspend the reconciliation + of this source. type: boolean valuesFile: - description: Alternative values file to use as the default chart values, expected to be a relative path in - the SourceRef. Deprecated in favor of ValuesFiles, for backwards compatibility the file defined here is - merged before the ValuesFiles items. Ignored when omitted. + description: |- + Alternative values file to use as the default chart values, expected to + be a relative path in the SourceRef. Deprecated in favor of ValuesFiles, + for backwards compatibility the file defined here is merged before the + ValuesFiles items. Ignored when omitted. type: string valuesFiles: - description: Alternative list of values files to use as the chart values (values.yaml is not included by default), - expected to be a relative path in the SourceRef. Values files are merged in the order of this list with - the last file overriding the first. Ignored when omitted. + description: |- + Alternative list of values files to use as the chart values (values.yaml + is not included by default), expected to be a relative path in the SourceRef. + Values files are merged in the order of this list with the last file overriding + the first. Ignored when omitted. items: type: string type: array version: default: '*' - description: The chart version semver expression, ignored for charts from GitRepository and Bucket sources. - Defaults to latest when omitted. + description: |- + The chart version semver expression, ignored for charts from GitRepository + and Bucket sources. Defaults to latest when omitted. type: string required: - chart @@ -1958,21 +2655,26 @@ spec: description: HelmChartStatus defines the observed state of the HelmChart. properties: artifact: - description: Artifact represents the output of the last successful chart sync. + description: Artifact represents the output of the last successful + chart sync. properties: checksum: description: Checksum is the SHA256 checksum of the artifact. type: string lastUpdateTime: - description: LastUpdateTime is the timestamp corresponding to the last update of this artifact. + description: |- + LastUpdateTime is the timestamp corresponding to the last update of this + artifact. format: date-time type: string path: description: Path is the relative file path of this artifact. type: string revision: - description: Revision is a human readable identifier traceable in the origin source system. It can be - a Git commit SHA, Git tag, a Helm index timestamp, a Helm chart version, etc. + description: |- + Revision is a human readable identifier traceable in the origin source + system. It can be a Git commit SHA, Git tag, a Helm index timestamp, a Helm + chart version, etc. type: string url: description: URL is the HTTP address of this artifact. @@ -1984,35 +2686,43 @@ spec: conditions: description: Conditions holds the conditions for the HelmChart. items: - description: "Condition contains details for one aspect of the current state of this API Resource. --- This - struct is intended for direct use as an array at the field path .status.conditions. For example, \n type - FooStatus struct{ // Represents the observations of a foo's current state. // Known .status.conditions.type - are: \"Available\", \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge // - +listType=map // +listMapKey=type Conditions []metav1.Condition `json:\"conditions,omitempty\" patchStrategy:\"merge\" - patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" + description: "Condition contains details for one aspect of the current + state of this API Resource.\n---\nThis struct is intended for + direct use as an array at the field path .status.conditions. For + example,\n\n\n\ttype FooStatus struct{\n\t // Represents the + observations of a foo's current state.\n\t // Known .status.conditions.type + are: \"Available\", \"Progressing\", and \"Degraded\"\n\t // + +patchMergeKey=type\n\t // +patchStrategy=merge\n\t // +listType=map\n\t + \ // +listMapKey=type\n\t Conditions []metav1.Condition `json:\"conditions,omitempty\" + patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"`\n\n\n\t + \ // other fields\n\t}" properties: lastTransitionTime: - description: lastTransitionTime is the last time the condition transitioned from one status to another. - This should be when the underlying condition changed. If that is not known, then using the time when - the API field changed is acceptable. + description: |- + lastTransitionTime is the last time the condition transitioned from one status to another. + This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. format: date-time type: string message: - description: message is a human readable message indicating details about the transition. This may be - an empty string. + description: |- + message is a human readable message indicating details about the transition. + This may be an empty string. maxLength: 32768 type: string observedGeneration: - description: observedGeneration represents the .metadata.generation that the condition was set based - upon. For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration - is 9, the condition is out of date with respect to the current state of the instance. + description: |- + observedGeneration represents the .metadata.generation that the condition was set based upon. + For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date + with respect to the current state of the instance. format: int64 minimum: 0 type: integer reason: - description: reason contains a programmatic identifier indicating the reason for the condition's last - transition. Producers of specific condition types may define expected values and meanings for this - field, and whether the values are considered a guaranteed API. The value should be a CamelCase string. + description: |- + reason contains a programmatic identifier indicating the reason for the condition's last transition. + Producers of specific condition types may define expected values and meanings for this field, + and whether the values are considered a guaranteed API. + The value should be a CamelCase string. This field may not be empty. maxLength: 1024 minLength: 1 @@ -2026,9 +2736,12 @@ spec: - Unknown type: string type: - description: type of condition in CamelCase or in foo.example.com/CamelCase. --- Many .condition.type - values are consistent across resources like Available, but because arbitrary conditions can be useful - (see .node.status.conditions), the ability to deconflict is important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + description: |- + type of condition in CamelCase or in foo.example.com/CamelCase. + --- + Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be + useful (see .node.status.conditions), the ability to deconflict is important. + The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) maxLength: 316 pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ type: string @@ -2041,8 +2754,10 @@ spec: type: object type: array lastHandledReconcileAt: - description: LastHandledReconcileAt holds the value of the most recent reconcile request value, so a change - of the annotation value can be detected. + description: |- + LastHandledReconcileAt holds the value of the most recent + reconcile request value, so a change of the annotation value + can be detected. type: string observedGeneration: description: ObservedGeneration is the last observed generation. @@ -2079,18 +2794,27 @@ spec: - jsonPath: .status.conditions[?(@.type=="Ready")].message name: Status type: string + deprecated: true + deprecationWarning: v1beta2 HelmChart is deprecated, upgrade to v1 name: v1beta2 schema: openAPIV3Schema: description: HelmChart is the Schema for the helmcharts API. properties: apiVersion: - description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert - recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string kind: - description: 'Kind is a string value representing the REST resource this object represents. Servers may infer - this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string metadata: type: object @@ -2098,22 +2822,27 @@ spec: description: HelmChartSpec specifies the desired state of a Helm chart. properties: accessFrom: - description: 'AccessFrom specifies an Access Control List for allowing cross-namespace references to this - object. NOTE: Not implemented, provisional as of https://github.com/fluxcd/flux2/pull/2092' + description: |- + AccessFrom specifies an Access Control List for allowing cross-namespace + references to this object. + NOTE: Not implemented, provisional as of https://github.com/fluxcd/flux2/pull/2092 properties: namespaceSelectors: - description: NamespaceSelectors is the list of namespace selectors to which this ACL applies. Items in - this list are evaluated using a logical OR operation. + description: |- + NamespaceSelectors is the list of namespace selectors to which this ACL applies. + Items in this list are evaluated using a logical OR operation. items: - description: NamespaceSelector selects the namespaces to which this ACL applies. An empty map of MatchLabels - matches all namespaces in a cluster. + description: |- + NamespaceSelector selects the namespaces to which this ACL applies. + An empty map of MatchLabels matches all namespaces in a cluster. properties: matchLabels: additionalProperties: type: string - description: MatchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels - map is equivalent to an element of matchExpressions, whose key field is "key", the operator is - "In", and the values array contains only "value". The requirements are ANDed. + description: |- + MatchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, whose key field is "key", the + operator is "In", and the values array contains only "value". The requirements are ANDed. type: object type: object type: array @@ -2121,30 +2850,44 @@ spec: - namespaceSelectors type: object chart: - description: Chart is the name or path the Helm chart is available at in the SourceRef. - type: string + description: |- + Chart is the name or path the Helm chart is available at in the + SourceRef. + type: string + ignoreMissingValuesFiles: + description: |- + IgnoreMissingValuesFiles controls whether to silently ignore missing values + files rather than failing. + type: boolean interval: - description: Interval at which the HelmChart SourceRef is checked for updates. This interval is approximate - and may be subject to jitter to ensure efficient use of resources. + description: |- + Interval at which the HelmChart SourceRef is checked for updates. + This interval is approximate and may be subject to jitter to ensure + efficient use of resources. pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$ type: string reconcileStrategy: default: ChartVersion - description: ReconcileStrategy determines what enables the creation of a new artifact. Valid values are ('ChartVersion', - 'Revision'). See the documentation of the values for an explanation on their behavior. Defaults to ChartVersion - when omitted. + description: |- + ReconcileStrategy determines what enables the creation of a new artifact. + Valid values are ('ChartVersion', 'Revision'). + See the documentation of the values for an explanation on their behavior. + Defaults to ChartVersion when omitted. enum: - ChartVersion - Revision type: string sourceRef: - description: SourceRef is the reference to the Source the chart is available at. + description: SourceRef is the reference to the Source the chart is + available at. properties: apiVersion: description: APIVersion of the referent. type: string kind: - description: Kind of the referent, valid values are ('HelmRepository', 'GitRepository', 'Bucket'). + description: |- + Kind of the referent, valid values are ('HelmRepository', 'GitRepository', + 'Bucket'). enum: - HelmRepository - GitRepository @@ -2158,34 +2901,75 @@ spec: - name type: object suspend: - description: Suspend tells the controller to suspend the reconciliation of this source. + description: |- + Suspend tells the controller to suspend the reconciliation of this + source. type: boolean valuesFile: - description: ValuesFile is an alternative values file to use as the default chart values, expected to be a - relative path in the SourceRef. Deprecated in favor of ValuesFiles, for backwards compatibility the file - specified here is merged before the ValuesFiles items. Ignored when omitted. + description: |- + ValuesFile is an alternative values file to use as the default chart + values, expected to be a relative path in the SourceRef. Deprecated in + favor of ValuesFiles, for backwards compatibility the file specified here + is merged before the ValuesFiles items. Ignored when omitted. type: string valuesFiles: - description: ValuesFiles is an alternative list of values files to use as the chart values (values.yaml is - not included by default), expected to be a relative path in the SourceRef. Values files are merged in the - order of this list with the last file overriding the first. Ignored when omitted. + description: |- + ValuesFiles is an alternative list of values files to use as the chart + values (values.yaml is not included by default), expected to be a + relative path in the SourceRef. + Values files are merged in the order of this list with the last file + overriding the first. Ignored when omitted. items: type: string type: array verify: - description: Verify contains the secret name containing the trusted public keys used to verify the signature - and specifies which provider to use to check whether OCI image is authentic. This field is only supported - when using HelmRepository source with spec.type 'oci'. Chart dependencies, which are not bundled in the - umbrella chart artifact, are not verified. + description: |- + Verify contains the secret name containing the trusted public keys + used to verify the signature and specifies which provider to use to check + whether OCI image is authentic. + This field is only supported when using HelmRepository source with spec.type 'oci'. + Chart dependencies, which are not bundled in the umbrella chart artifact, are not verified. properties: + matchOIDCIdentity: + description: |- + MatchOIDCIdentity specifies the identity matching criteria to use + while verifying an OCI artifact which was signed using Cosign keyless + signing. The artifact's identity is deemed to be verified if any of the + specified matchers match against the identity. + items: + description: |- + OIDCIdentityMatch specifies options for verifying the certificate identity, + i.e. the issuer and the subject of the certificate. + properties: + issuer: + description: |- + Issuer specifies the regex pattern to match against to verify + the OIDC issuer in the Fulcio certificate. The pattern must be a + valid Go regular expression. + type: string + subject: + description: |- + Subject specifies the regex pattern to match against to verify + the identity subject in the Fulcio certificate. The pattern must + be a valid Go regular expression. + type: string + required: + - issuer + - subject + type: object + type: array provider: default: cosign - description: Provider specifies the technology used to sign the OCI Artifact. + description: Provider specifies the technology used to sign the + OCI Artifact. enum: - cosign + - notation type: string secretRef: - description: SecretRef specifies the Kubernetes Secret containing the trusted public keys. + description: |- + SecretRef specifies the Kubernetes Secret containing the + trusted public keys. properties: name: description: Name of the referent. @@ -2198,8 +2982,9 @@ spec: type: object version: default: '*' - description: Version is the chart version semver expression, ignored for charts from GitRepository and Bucket - sources. Defaults to latest when omitted. + description: |- + Version is the chart version semver expression, ignored for charts from + GitRepository and Bucket sources. Defaults to latest when omitted. type: string required: - chart @@ -2212,14 +2997,17 @@ spec: description: HelmChartStatus records the observed state of the HelmChart. properties: artifact: - description: Artifact represents the output of the last successful reconciliation. + description: Artifact represents the output of the last successful + reconciliation. properties: digest: description: Digest is the digest of the file in the form of ':'. pattern: ^[a-z0-9]+(?:[.+_-][a-z0-9]+)*:[a-zA-Z0-9=_-]+$ type: string lastUpdateTime: - description: LastUpdateTime is the timestamp corresponding to the last update of the Artifact. + description: |- + LastUpdateTime is the timestamp corresponding to the last update of the + Artifact. format: date-time type: string metadata: @@ -2228,21 +3016,25 @@ spec: description: Metadata holds upstream information such as OCI annotations. type: object path: - description: Path is the relative file path of the Artifact. It can be used to locate the file in the - root of the Artifact storage on the local file system of the controller managing the Source. + description: |- + Path is the relative file path of the Artifact. It can be used to locate + the file in the root of the Artifact storage on the local file system of + the controller managing the Source. type: string revision: - description: Revision is a human-readable identifier traceable in the origin source system. It can be - a Git commit SHA, Git tag, a Helm chart version, etc. + description: |- + Revision is a human-readable identifier traceable in the origin source + system. It can be a Git commit SHA, Git tag, a Helm chart version, etc. type: string size: description: Size is the number of bytes in the file. format: int64 type: integer url: - description: URL is the HTTP address of the Artifact as exposed by the controller managing the Source. - It can be used to retrieve the Artifact for consumption, e.g. by another controller applying the Artifact - contents. + description: |- + URL is the HTTP address of the Artifact as exposed by the controller + managing the Source. It can be used to retrieve the Artifact for + consumption, e.g. by another controller applying the Artifact contents. type: string required: - lastUpdateTime @@ -2253,35 +3045,43 @@ spec: conditions: description: Conditions holds the conditions for the HelmChart. items: - description: "Condition contains details for one aspect of the current state of this API Resource. --- This - struct is intended for direct use as an array at the field path .status.conditions. For example, \n type - FooStatus struct{ // Represents the observations of a foo's current state. // Known .status.conditions.type - are: \"Available\", \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge // - +listType=map // +listMapKey=type Conditions []metav1.Condition `json:\"conditions,omitempty\" patchStrategy:\"merge\" - patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" + description: "Condition contains details for one aspect of the current + state of this API Resource.\n---\nThis struct is intended for + direct use as an array at the field path .status.conditions. For + example,\n\n\n\ttype FooStatus struct{\n\t // Represents the + observations of a foo's current state.\n\t // Known .status.conditions.type + are: \"Available\", \"Progressing\", and \"Degraded\"\n\t // + +patchMergeKey=type\n\t // +patchStrategy=merge\n\t // +listType=map\n\t + \ // +listMapKey=type\n\t Conditions []metav1.Condition `json:\"conditions,omitempty\" + patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"`\n\n\n\t + \ // other fields\n\t}" properties: lastTransitionTime: - description: lastTransitionTime is the last time the condition transitioned from one status to another. - This should be when the underlying condition changed. If that is not known, then using the time when - the API field changed is acceptable. + description: |- + lastTransitionTime is the last time the condition transitioned from one status to another. + This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. format: date-time type: string message: - description: message is a human readable message indicating details about the transition. This may be - an empty string. + description: |- + message is a human readable message indicating details about the transition. + This may be an empty string. maxLength: 32768 type: string observedGeneration: - description: observedGeneration represents the .metadata.generation that the condition was set based - upon. For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration - is 9, the condition is out of date with respect to the current state of the instance. + description: |- + observedGeneration represents the .metadata.generation that the condition was set based upon. + For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date + with respect to the current state of the instance. format: int64 minimum: 0 type: integer reason: - description: reason contains a programmatic identifier indicating the reason for the condition's last - transition. Producers of specific condition types may define expected values and meanings for this - field, and whether the values are considered a guaranteed API. The value should be a CamelCase string. + description: |- + reason contains a programmatic identifier indicating the reason for the condition's last transition. + Producers of specific condition types may define expected values and meanings for this field, + and whether the values are considered a guaranteed API. + The value should be a CamelCase string. This field may not be empty. maxLength: 1024 minLength: 1 @@ -2295,9 +3095,12 @@ spec: - Unknown type: string type: - description: type of condition in CamelCase or in foo.example.com/CamelCase. --- Many .condition.type - values are consistent across resources like Available, but because arbitrary conditions can be useful - (see .node.status.conditions), the ability to deconflict is important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + description: |- + type of condition in CamelCase or in foo.example.com/CamelCase. + --- + Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be + useful (see .node.status.conditions), the ability to deconflict is important. + The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) maxLength: 316 pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ type: string @@ -2310,27 +3113,45 @@ spec: type: object type: array lastHandledReconcileAt: - description: LastHandledReconcileAt holds the value of the most recent reconcile request value, so a change - of the annotation value can be detected. + description: |- + LastHandledReconcileAt holds the value of the most recent + reconcile request value, so a change of the annotation value + can be detected. type: string observedChartName: - description: ObservedChartName is the last observed chart name as specified by the resolved chart reference. + description: |- + ObservedChartName is the last observed chart name as specified by the + resolved chart reference. type: string observedGeneration: - description: ObservedGeneration is the last observed generation of the HelmChart object. + description: |- + ObservedGeneration is the last observed generation of the HelmChart + object. format: int64 type: integer observedSourceArtifactRevision: - description: ObservedSourceArtifactRevision is the last observed Artifact.Revision of the HelmChartSpec.SourceRef. - type: string + description: |- + ObservedSourceArtifactRevision is the last observed Artifact.Revision + of the HelmChartSpec.SourceRef. + type: string + observedValuesFiles: + description: |- + ObservedValuesFiles are the observed value files of the last successful + reconciliation. + It matches the chart in the last successfully reconciled artifact. + items: + type: string + type: array url: - description: URL is the dynamic fetch link for the latest Artifact. It is provided on a "best effort" basis, - and using the precise BucketStatus.Artifact data is recommended. + description: |- + URL is the dynamic fetch link for the latest Artifact. + It is provided on a "best effort" basis, and using the precise + BucketStatus.Artifact data is recommended. type: string type: object type: object served: true - storage: true + storage: false subresources: status: {} --- @@ -2338,12 +3159,12 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.12.0 + controller-gen.kubebuilder.io/version: v0.15.0 labels: app.kubernetes.io/component: source-controller app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v2.1.1 + app.kubernetes.io/version: v2.3.0 name: helmrepositories.source.toolkit.fluxcd.io spec: group: source.toolkit.fluxcd.io @@ -2360,84 +3181,424 @@ spec: - jsonPath: .spec.url name: URL type: string + - jsonPath: .metadata.creationTimestamp + name: Age + type: date - jsonPath: .status.conditions[?(@.type=="Ready")].status name: Ready type: string - jsonPath: .status.conditions[?(@.type=="Ready")].message name: Status type: string - - jsonPath: .metadata.creationTimestamp - name: Age - type: date - name: v1beta1 + name: v1 schema: openAPIV3Schema: - description: HelmRepository is the Schema for the helmrepositories API + description: HelmRepository is the Schema for the helmrepositories API. properties: apiVersion: - description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert - recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string kind: - description: 'Kind is a string value representing the REST resource this object represents. Servers may infer - this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string metadata: type: object spec: - description: HelmRepositorySpec defines the reference to a Helm repository. + description: |- + HelmRepositorySpec specifies the required configuration to produce an + Artifact for a Helm repository index YAML. properties: accessFrom: - description: AccessFrom defines an Access Control List for allowing cross-namespace references to this object. + description: |- + AccessFrom specifies an Access Control List for allowing cross-namespace + references to this object. + NOTE: Not implemented, provisional as of https://github.com/fluxcd/flux2/pull/2092 properties: namespaceSelectors: - description: NamespaceSelectors is the list of namespace selectors to which this ACL applies. Items in - this list are evaluated using a logical OR operation. + description: |- + NamespaceSelectors is the list of namespace selectors to which this ACL applies. + Items in this list are evaluated using a logical OR operation. items: - description: NamespaceSelector selects the namespaces to which this ACL applies. An empty map of MatchLabels - matches all namespaces in a cluster. + description: |- + NamespaceSelector selects the namespaces to which this ACL applies. + An empty map of MatchLabels matches all namespaces in a cluster. properties: matchLabels: additionalProperties: type: string - description: MatchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels - map is equivalent to an element of matchExpressions, whose key field is "key", the operator is - "In", and the values array contains only "value". The requirements are ANDed. + description: |- + MatchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, whose key field is "key", the + operator is "In", and the values array contains only "value". The requirements are ANDed. type: object type: object type: array required: - namespaceSelectors type: object - interval: - description: The interval at which to check the upstream for updates. - type: string - passCredentials: - description: PassCredentials allows the credentials from the SecretRef to be passed on to a host that does - not match the host as defined in URL. This may be required if the host of the advertised chart URLs in the - index differ from the defined URL. Enabling this should be done with caution, as it can potentially result - in credentials getting stolen in a MITM-attack. - type: boolean - secretRef: - description: The name of the secret containing authentication credentials for the Helm repository. For HTTP/S - basic auth the secret must contain username and password fields. For TLS the secret must contain a certFile - and keyFile, and/or caFile fields. - properties: - name: - description: Name of the referent. - type: string - required: - - name + certSecretRef: + description: |- + CertSecretRef can be given the name of a Secret containing + either or both of + + + - a PEM-encoded client certificate (`tls.crt`) and private + key (`tls.key`); + - a PEM-encoded CA certificate (`ca.crt`) + + + and whichever are supplied, will be used for connecting to the + registry. The client cert and key are useful if you are + authenticating with a certificate; the CA cert is useful if + you are using a self-signed server certificate. The Secret must + be of type `Opaque` or `kubernetes.io/tls`. + + + It takes precedence over the values specified in the Secret referred + to by `.spec.secretRef`. + properties: + name: + description: Name of the referent. + type: string + required: + - name + type: object + insecure: + description: |- + Insecure allows connecting to a non-TLS HTTP container registry. + This field is only taken into account if the .spec.type field is set to 'oci'. + type: boolean + interval: + description: |- + Interval at which the HelmRepository URL is checked for updates. + This interval is approximate and may be subject to jitter to ensure + efficient use of resources. + pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$ + type: string + passCredentials: + description: |- + PassCredentials allows the credentials from the SecretRef to be passed + on to a host that does not match the host as defined in URL. + This may be required if the host of the advertised chart URLs in the + index differ from the defined URL. + Enabling this should be done with caution, as it can potentially result + in credentials getting stolen in a MITM-attack. + type: boolean + provider: + default: generic + description: |- + Provider used for authentication, can be 'aws', 'azure', 'gcp' or 'generic'. + This field is optional, and only taken into account if the .spec.type field is set to 'oci'. + When not specified, defaults to 'generic'. + enum: + - generic + - aws + - azure + - gcp + type: string + secretRef: + description: |- + SecretRef specifies the Secret containing authentication credentials + for the HelmRepository. + For HTTP/S basic auth the secret must contain 'username' and 'password' + fields. + Support for TLS auth using the 'certFile' and 'keyFile', and/or 'caFile' + keys is deprecated. Please use `.spec.certSecretRef` instead. + properties: + name: + description: Name of the referent. + type: string + required: + - name + type: object + suspend: + description: |- + Suspend tells the controller to suspend the reconciliation of this + HelmRepository. + type: boolean + timeout: + description: |- + Timeout is used for the index fetch operation for an HTTPS helm repository, + and for remote OCI Repository operations like pulling for an OCI helm + chart by the associated HelmChart. + Its default value is 60s. + pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m))+$ + type: string + type: + description: |- + Type of the HelmRepository. + When this field is set to "oci", the URL field value must be prefixed with "oci://". + enum: + - default + - oci + type: string + url: + description: |- + URL of the Helm repository, a valid URL contains at least a protocol and + host. + pattern: ^(http|https|oci)://.*$ + type: string + required: + - url + type: object + status: + default: + observedGeneration: -1 + description: HelmRepositoryStatus records the observed state of the HelmRepository. + properties: + artifact: + description: Artifact represents the last successful HelmRepository + reconciliation. + properties: + digest: + description: Digest is the digest of the file in the form of ':'. + pattern: ^[a-z0-9]+(?:[.+_-][a-z0-9]+)*:[a-zA-Z0-9=_-]+$ + type: string + lastUpdateTime: + description: |- + LastUpdateTime is the timestamp corresponding to the last update of the + Artifact. + format: date-time + type: string + metadata: + additionalProperties: + type: string + description: Metadata holds upstream information such as OCI annotations. + type: object + path: + description: |- + Path is the relative file path of the Artifact. It can be used to locate + the file in the root of the Artifact storage on the local file system of + the controller managing the Source. + type: string + revision: + description: |- + Revision is a human-readable identifier traceable in the origin source + system. It can be a Git commit SHA, Git tag, a Helm chart version, etc. + type: string + size: + description: Size is the number of bytes in the file. + format: int64 + type: integer + url: + description: |- + URL is the HTTP address of the Artifact as exposed by the controller + managing the Source. It can be used to retrieve the Artifact for + consumption, e.g. by another controller applying the Artifact contents. + type: string + required: + - lastUpdateTime + - path + - revision + - url + type: object + conditions: + description: Conditions holds the conditions for the HelmRepository. + items: + description: "Condition contains details for one aspect of the current + state of this API Resource.\n---\nThis struct is intended for + direct use as an array at the field path .status.conditions. For + example,\n\n\n\ttype FooStatus struct{\n\t // Represents the + observations of a foo's current state.\n\t // Known .status.conditions.type + are: \"Available\", \"Progressing\", and \"Degraded\"\n\t // + +patchMergeKey=type\n\t // +patchStrategy=merge\n\t // +listType=map\n\t + \ // +listMapKey=type\n\t Conditions []metav1.Condition `json:\"conditions,omitempty\" + patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"`\n\n\n\t + \ // other fields\n\t}" + properties: + lastTransitionTime: + description: |- + lastTransitionTime is the last time the condition transitioned from one status to another. + This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. + format: date-time + type: string + message: + description: |- + message is a human readable message indicating details about the transition. + This may be an empty string. + maxLength: 32768 + type: string + observedGeneration: + description: |- + observedGeneration represents the .metadata.generation that the condition was set based upon. + For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date + with respect to the current state of the instance. + format: int64 + minimum: 0 + type: integer + reason: + description: |- + reason contains a programmatic identifier indicating the reason for the condition's last transition. + Producers of specific condition types may define expected values and meanings for this field, + and whether the values are considered a guaranteed API. + The value should be a CamelCase string. + This field may not be empty. + maxLength: 1024 + minLength: 1 + pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ + type: string + status: + description: status of the condition, one of True, False, Unknown. + enum: + - "True" + - "False" + - Unknown + type: string + type: + description: |- + type of condition in CamelCase or in foo.example.com/CamelCase. + --- + Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be + useful (see .node.status.conditions), the ability to deconflict is important. + The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + maxLength: 316 + pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ + type: string + required: + - lastTransitionTime + - message + - reason + - status + - type + type: object + type: array + lastHandledReconcileAt: + description: |- + LastHandledReconcileAt holds the value of the most recent + reconcile request value, so a change of the annotation value + can be detected. + type: string + observedGeneration: + description: |- + ObservedGeneration is the last observed generation of the HelmRepository + object. + format: int64 + type: integer + url: + description: |- + URL is the dynamic fetch link for the latest Artifact. + It is provided on a "best effort" basis, and using the precise + HelmRepositoryStatus.Artifact data is recommended. + type: string + type: object + type: object + served: true + storage: true + subresources: + status: {} + - additionalPrinterColumns: + - jsonPath: .spec.url + name: URL + type: string + - jsonPath: .status.conditions[?(@.type=="Ready")].status + name: Ready + type: string + - jsonPath: .status.conditions[?(@.type=="Ready")].message + name: Status + type: string + - jsonPath: .metadata.creationTimestamp + name: Age + type: date + deprecated: true + deprecationWarning: v1beta1 HelmRepository is deprecated, upgrade to v1 + name: v1beta1 + schema: + openAPIV3Schema: + description: HelmRepository is the Schema for the helmrepositories API + properties: + apiVersion: + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources + type: string + kind: + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds + type: string + metadata: + type: object + spec: + description: HelmRepositorySpec defines the reference to a Helm repository. + properties: + accessFrom: + description: AccessFrom defines an Access Control List for allowing + cross-namespace references to this object. + properties: + namespaceSelectors: + description: |- + NamespaceSelectors is the list of namespace selectors to which this ACL applies. + Items in this list are evaluated using a logical OR operation. + items: + description: |- + NamespaceSelector selects the namespaces to which this ACL applies. + An empty map of MatchLabels matches all namespaces in a cluster. + properties: + matchLabels: + additionalProperties: + type: string + description: |- + MatchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, whose key field is "key", the + operator is "In", and the values array contains only "value". The requirements are ANDed. + type: object + type: object + type: array + required: + - namespaceSelectors + type: object + interval: + description: The interval at which to check the upstream for updates. + type: string + passCredentials: + description: |- + PassCredentials allows the credentials from the SecretRef to be passed on to + a host that does not match the host as defined in URL. + This may be required if the host of the advertised chart URLs in the index + differ from the defined URL. + Enabling this should be done with caution, as it can potentially result in + credentials getting stolen in a MITM-attack. + type: boolean + secretRef: + description: |- + The name of the secret containing authentication credentials for the Helm + repository. + For HTTP/S basic auth the secret must contain username and + password fields. + For TLS the secret must contain a certFile and keyFile, and/or + caFile fields. + properties: + name: + description: Name of the referent. + type: string + required: + - name type: object suspend: - description: This flag tells the controller to suspend the reconciliation of this source. + description: This flag tells the controller to suspend the reconciliation + of this source. type: boolean timeout: default: 60s description: The timeout of index downloading, defaults to 60s. type: string url: - description: The Helm repository URL, a valid URL contains at least a protocol and host. + description: The Helm repository URL, a valid URL contains at least + a protocol and host. type: string required: - interval @@ -2449,21 +3610,26 @@ spec: description: HelmRepositoryStatus defines the observed state of the HelmRepository. properties: artifact: - description: Artifact represents the output of the last successful repository sync. + description: Artifact represents the output of the last successful + repository sync. properties: checksum: description: Checksum is the SHA256 checksum of the artifact. type: string lastUpdateTime: - description: LastUpdateTime is the timestamp corresponding to the last update of this artifact. + description: |- + LastUpdateTime is the timestamp corresponding to the last update of this + artifact. format: date-time type: string path: description: Path is the relative file path of this artifact. type: string revision: - description: Revision is a human readable identifier traceable in the origin source system. It can be - a Git commit SHA, Git tag, a Helm index timestamp, a Helm chart version, etc. + description: |- + Revision is a human readable identifier traceable in the origin source + system. It can be a Git commit SHA, Git tag, a Helm index timestamp, a Helm + chart version, etc. type: string url: description: URL is the HTTP address of this artifact. @@ -2475,35 +3641,43 @@ spec: conditions: description: Conditions holds the conditions for the HelmRepository. items: - description: "Condition contains details for one aspect of the current state of this API Resource. --- This - struct is intended for direct use as an array at the field path .status.conditions. For example, \n type - FooStatus struct{ // Represents the observations of a foo's current state. // Known .status.conditions.type - are: \"Available\", \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge // - +listType=map // +listMapKey=type Conditions []metav1.Condition `json:\"conditions,omitempty\" patchStrategy:\"merge\" - patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" + description: "Condition contains details for one aspect of the current + state of this API Resource.\n---\nThis struct is intended for + direct use as an array at the field path .status.conditions. For + example,\n\n\n\ttype FooStatus struct{\n\t // Represents the + observations of a foo's current state.\n\t // Known .status.conditions.type + are: \"Available\", \"Progressing\", and \"Degraded\"\n\t // + +patchMergeKey=type\n\t // +patchStrategy=merge\n\t // +listType=map\n\t + \ // +listMapKey=type\n\t Conditions []metav1.Condition `json:\"conditions,omitempty\" + patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"`\n\n\n\t + \ // other fields\n\t}" properties: lastTransitionTime: - description: lastTransitionTime is the last time the condition transitioned from one status to another. - This should be when the underlying condition changed. If that is not known, then using the time when - the API field changed is acceptable. + description: |- + lastTransitionTime is the last time the condition transitioned from one status to another. + This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. format: date-time type: string message: - description: message is a human readable message indicating details about the transition. This may be - an empty string. + description: |- + message is a human readable message indicating details about the transition. + This may be an empty string. maxLength: 32768 type: string observedGeneration: - description: observedGeneration represents the .metadata.generation that the condition was set based - upon. For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration - is 9, the condition is out of date with respect to the current state of the instance. + description: |- + observedGeneration represents the .metadata.generation that the condition was set based upon. + For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date + with respect to the current state of the instance. format: int64 minimum: 0 type: integer reason: - description: reason contains a programmatic identifier indicating the reason for the condition's last - transition. Producers of specific condition types may define expected values and meanings for this - field, and whether the values are considered a guaranteed API. The value should be a CamelCase string. + description: |- + reason contains a programmatic identifier indicating the reason for the condition's last transition. + Producers of specific condition types may define expected values and meanings for this field, + and whether the values are considered a guaranteed API. + The value should be a CamelCase string. This field may not be empty. maxLength: 1024 minLength: 1 @@ -2517,9 +3691,12 @@ spec: - Unknown type: string type: - description: type of condition in CamelCase or in foo.example.com/CamelCase. --- Many .condition.type - values are consistent across resources like Available, but because arbitrary conditions can be useful - (see .node.status.conditions), the ability to deconflict is important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + description: |- + type of condition in CamelCase or in foo.example.com/CamelCase. + --- + Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be + useful (see .node.status.conditions), the ability to deconflict is important. + The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) maxLength: 316 pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ type: string @@ -2532,8 +3709,10 @@ spec: type: object type: array lastHandledReconcileAt: - description: LastHandledReconcileAt holds the value of the most recent reconcile request value, so a change - of the annotation value can be detected. + description: |- + LastHandledReconcileAt holds the value of the most recent + reconcile request value, so a change of the annotation value + can be detected. type: string observedGeneration: description: ObservedGeneration is the last observed generation. @@ -2561,42 +3740,57 @@ spec: - jsonPath: .status.conditions[?(@.type=="Ready")].message name: Status type: string + deprecated: true + deprecationWarning: v1beta2 HelmRepository is deprecated, upgrade to v1 name: v1beta2 schema: openAPIV3Schema: description: HelmRepository is the Schema for the helmrepositories API. properties: apiVersion: - description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert - recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string kind: - description: 'Kind is a string value representing the REST resource this object represents. Servers may infer - this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string metadata: type: object spec: - description: HelmRepositorySpec specifies the required configuration to produce an Artifact for a Helm repository - index YAML. + description: |- + HelmRepositorySpec specifies the required configuration to produce an + Artifact for a Helm repository index YAML. properties: accessFrom: - description: 'AccessFrom specifies an Access Control List for allowing cross-namespace references to this - object. NOTE: Not implemented, provisional as of https://github.com/fluxcd/flux2/pull/2092' + description: |- + AccessFrom specifies an Access Control List for allowing cross-namespace + references to this object. + NOTE: Not implemented, provisional as of https://github.com/fluxcd/flux2/pull/2092 properties: namespaceSelectors: - description: NamespaceSelectors is the list of namespace selectors to which this ACL applies. Items in - this list are evaluated using a logical OR operation. + description: |- + NamespaceSelectors is the list of namespace selectors to which this ACL applies. + Items in this list are evaluated using a logical OR operation. items: - description: NamespaceSelector selects the namespaces to which this ACL applies. An empty map of MatchLabels - matches all namespaces in a cluster. + description: |- + NamespaceSelector selects the namespaces to which this ACL applies. + An empty map of MatchLabels matches all namespaces in a cluster. properties: matchLabels: additionalProperties: type: string - description: MatchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels - map is equivalent to an element of matchExpressions, whose key field is "key", the operator is - "In", and the values array contains only "value". The requirements are ANDed. + description: |- + MatchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, whose key field is "key", the + operator is "In", and the values array contains only "value". The requirements are ANDed. type: object type: object type: array @@ -2604,12 +3798,25 @@ spec: - namespaceSelectors type: object certSecretRef: - description: "CertSecretRef can be given the name of a Secret containing either or both of \n - a PEM-encoded - client certificate (`tls.crt`) and private key (`tls.key`); - a PEM-encoded CA certificate (`ca.crt`) \n - and whichever are supplied, will be used for connecting to the registry. The client cert and key are useful - if you are authenticating with a certificate; the CA cert is useful if you are using a self-signed server - certificate. The Secret must be of type `Opaque` or `kubernetes.io/tls`. \n It takes precedence over the - values specified in the Secret referred to by `.spec.secretRef`." + description: |- + CertSecretRef can be given the name of a Secret containing + either or both of + + + - a PEM-encoded client certificate (`tls.crt`) and private + key (`tls.key`); + - a PEM-encoded CA certificate (`ca.crt`) + + + and whichever are supplied, will be used for connecting to the + registry. The client cert and key are useful if you are + authenticating with a certificate; the CA cert is useful if + you are using a self-signed server certificate. The Secret must + be of type `Opaque` or `kubernetes.io/tls`. + + + It takes precedence over the values specified in the Secret referred + to by `.spec.secretRef`. properties: name: description: Name of the referent. @@ -2617,21 +3824,33 @@ spec: required: - name type: object + insecure: + description: |- + Insecure allows connecting to a non-TLS HTTP container registry. + This field is only taken into account if the .spec.type field is set to 'oci'. + type: boolean interval: - description: Interval at which the HelmRepository URL is checked for updates. This interval is approximate - and may be subject to jitter to ensure efficient use of resources. + description: |- + Interval at which the HelmRepository URL is checked for updates. + This interval is approximate and may be subject to jitter to ensure + efficient use of resources. pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$ type: string passCredentials: - description: PassCredentials allows the credentials from the SecretRef to be passed on to a host that does - not match the host as defined in URL. This may be required if the host of the advertised chart URLs in the - index differ from the defined URL. Enabling this should be done with caution, as it can potentially result + description: |- + PassCredentials allows the credentials from the SecretRef to be passed + on to a host that does not match the host as defined in URL. + This may be required if the host of the advertised chart URLs in the + index differ from the defined URL. + Enabling this should be done with caution, as it can potentially result in credentials getting stolen in a MITM-attack. type: boolean provider: default: generic - description: Provider used for authentication, can be 'aws', 'azure', 'gcp' or 'generic'. This field is optional, - and only taken into account if the .spec.type field is set to 'oci'. When not specified, defaults to 'generic'. + description: |- + Provider used for authentication, can be 'aws', 'azure', 'gcp' or 'generic'. + This field is optional, and only taken into account if the .spec.type field is set to 'oci'. + When not specified, defaults to 'generic'. enum: - generic - aws @@ -2639,9 +3858,13 @@ spec: - gcp type: string secretRef: - description: SecretRef specifies the Secret containing authentication credentials for the HelmRepository. - For HTTP/S basic auth the secret must contain 'username' and 'password' fields. Support for TLS auth using - the 'certFile' and 'keyFile', and/or 'caFile' keys is deprecated. Please use `.spec.certSecretRef` instead. + description: |- + SecretRef specifies the Secret containing authentication credentials + for the HelmRepository. + For HTTP/S basic auth the secret must contain 'username' and 'password' + fields. + Support for TLS auth using the 'certFile' and 'keyFile', and/or 'caFile' + keys is deprecated. Please use `.spec.certSecretRef` instead. properties: name: description: Name of the referent. @@ -2650,26 +3873,33 @@ spec: - name type: object suspend: - description: Suspend tells the controller to suspend the reconciliation of this HelmRepository. + description: |- + Suspend tells the controller to suspend the reconciliation of this + HelmRepository. type: boolean timeout: - default: 60s - description: Timeout is used for the index fetch operation for an HTTPS helm repository, and for remote OCI - Repository operations like pulling for an OCI helm repository. Its default value is 60s. + description: |- + Timeout is used for the index fetch operation for an HTTPS helm repository, + and for remote OCI Repository operations like pulling for an OCI helm + chart by the associated HelmChart. + Its default value is 60s. pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m))+$ type: string type: - description: Type of the HelmRepository. When this field is set to "oci", the URL field value must be prefixed - with "oci://". + description: |- + Type of the HelmRepository. + When this field is set to "oci", the URL field value must be prefixed with "oci://". enum: - default - oci type: string url: - description: URL of the Helm repository, a valid URL contains at least a protocol and host. + description: |- + URL of the Helm repository, a valid URL contains at least a protocol and + host. + pattern: ^(http|https|oci)://.*$ type: string required: - - interval - url type: object status: @@ -2678,14 +3908,17 @@ spec: description: HelmRepositoryStatus records the observed state of the HelmRepository. properties: artifact: - description: Artifact represents the last successful HelmRepository reconciliation. + description: Artifact represents the last successful HelmRepository + reconciliation. properties: digest: description: Digest is the digest of the file in the form of ':'. pattern: ^[a-z0-9]+(?:[.+_-][a-z0-9]+)*:[a-zA-Z0-9=_-]+$ type: string lastUpdateTime: - description: LastUpdateTime is the timestamp corresponding to the last update of the Artifact. + description: |- + LastUpdateTime is the timestamp corresponding to the last update of the + Artifact. format: date-time type: string metadata: @@ -2694,21 +3927,25 @@ spec: description: Metadata holds upstream information such as OCI annotations. type: object path: - description: Path is the relative file path of the Artifact. It can be used to locate the file in the - root of the Artifact storage on the local file system of the controller managing the Source. + description: |- + Path is the relative file path of the Artifact. It can be used to locate + the file in the root of the Artifact storage on the local file system of + the controller managing the Source. type: string revision: - description: Revision is a human-readable identifier traceable in the origin source system. It can be - a Git commit SHA, Git tag, a Helm chart version, etc. + description: |- + Revision is a human-readable identifier traceable in the origin source + system. It can be a Git commit SHA, Git tag, a Helm chart version, etc. type: string size: description: Size is the number of bytes in the file. format: int64 type: integer url: - description: URL is the HTTP address of the Artifact as exposed by the controller managing the Source. - It can be used to retrieve the Artifact for consumption, e.g. by another controller applying the Artifact - contents. + description: |- + URL is the HTTP address of the Artifact as exposed by the controller + managing the Source. It can be used to retrieve the Artifact for + consumption, e.g. by another controller applying the Artifact contents. type: string required: - lastUpdateTime @@ -2719,35 +3956,43 @@ spec: conditions: description: Conditions holds the conditions for the HelmRepository. items: - description: "Condition contains details for one aspect of the current state of this API Resource. --- This - struct is intended for direct use as an array at the field path .status.conditions. For example, \n type - FooStatus struct{ // Represents the observations of a foo's current state. // Known .status.conditions.type - are: \"Available\", \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge // - +listType=map // +listMapKey=type Conditions []metav1.Condition `json:\"conditions,omitempty\" patchStrategy:\"merge\" - patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" + description: "Condition contains details for one aspect of the current + state of this API Resource.\n---\nThis struct is intended for + direct use as an array at the field path .status.conditions. For + example,\n\n\n\ttype FooStatus struct{\n\t // Represents the + observations of a foo's current state.\n\t // Known .status.conditions.type + are: \"Available\", \"Progressing\", and \"Degraded\"\n\t // + +patchMergeKey=type\n\t // +patchStrategy=merge\n\t // +listType=map\n\t + \ // +listMapKey=type\n\t Conditions []metav1.Condition `json:\"conditions,omitempty\" + patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"`\n\n\n\t + \ // other fields\n\t}" properties: lastTransitionTime: - description: lastTransitionTime is the last time the condition transitioned from one status to another. - This should be when the underlying condition changed. If that is not known, then using the time when - the API field changed is acceptable. + description: |- + lastTransitionTime is the last time the condition transitioned from one status to another. + This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. format: date-time type: string message: - description: message is a human readable message indicating details about the transition. This may be - an empty string. + description: |- + message is a human readable message indicating details about the transition. + This may be an empty string. maxLength: 32768 type: string observedGeneration: - description: observedGeneration represents the .metadata.generation that the condition was set based - upon. For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration - is 9, the condition is out of date with respect to the current state of the instance. + description: |- + observedGeneration represents the .metadata.generation that the condition was set based upon. + For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date + with respect to the current state of the instance. format: int64 minimum: 0 type: integer reason: - description: reason contains a programmatic identifier indicating the reason for the condition's last - transition. Producers of specific condition types may define expected values and meanings for this - field, and whether the values are considered a guaranteed API. The value should be a CamelCase string. + description: |- + reason contains a programmatic identifier indicating the reason for the condition's last transition. + Producers of specific condition types may define expected values and meanings for this field, + and whether the values are considered a guaranteed API. + The value should be a CamelCase string. This field may not be empty. maxLength: 1024 minLength: 1 @@ -2761,9 +4006,12 @@ spec: - Unknown type: string type: - description: type of condition in CamelCase or in foo.example.com/CamelCase. --- Many .condition.type - values are consistent across resources like Available, but because arbitrary conditions can be useful - (see .node.status.conditions), the ability to deconflict is important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + description: |- + type of condition in CamelCase or in foo.example.com/CamelCase. + --- + Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be + useful (see .node.status.conditions), the ability to deconflict is important. + The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) maxLength: 316 pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ type: string @@ -2776,21 +4024,27 @@ spec: type: object type: array lastHandledReconcileAt: - description: LastHandledReconcileAt holds the value of the most recent reconcile request value, so a change - of the annotation value can be detected. + description: |- + LastHandledReconcileAt holds the value of the most recent + reconcile request value, so a change of the annotation value + can be detected. type: string observedGeneration: - description: ObservedGeneration is the last observed generation of the HelmRepository object. + description: |- + ObservedGeneration is the last observed generation of the HelmRepository + object. format: int64 type: integer url: - description: URL is the dynamic fetch link for the latest Artifact. It is provided on a "best effort" basis, - and using the precise HelmRepositoryStatus.Artifact data is recommended. + description: |- + URL is the dynamic fetch link for the latest Artifact. + It is provided on a "best effort" basis, and using the precise + HelmRepositoryStatus.Artifact data is recommended. type: string type: object type: object served: true - storage: true + storage: false subresources: status: {} --- @@ -2798,12 +4052,12 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.12.0 + controller-gen.kubebuilder.io/version: v0.15.0 labels: app.kubernetes.io/component: source-controller app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v2.1.1 + app.kubernetes.io/version: v2.3.0 name: ocirepositories.source.toolkit.fluxcd.io spec: group: source.toolkit.fluxcd.io @@ -2835,12 +4089,19 @@ spec: description: OCIRepository is the Schema for the ocirepositories API properties: apiVersion: - description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert - recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string kind: - description: 'Kind is a string value representing the REST resource this object represents. Servers may infer - this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string metadata: type: object @@ -2848,12 +4109,25 @@ spec: description: OCIRepositorySpec defines the desired state of OCIRepository properties: certSecretRef: - description: "CertSecretRef can be given the name of a Secret containing either or both of \n - a PEM-encoded - client certificate (`tls.crt`) and private key (`tls.key`); - a PEM-encoded CA certificate (`ca.crt`) \n - and whichever are supplied, will be used for connecting to the registry. The client cert and key are useful - if you are authenticating with a certificate; the CA cert is useful if you are using a self-signed server - certificate. The Secret must be of type `Opaque` or `kubernetes.io/tls`. \n Note: Support for the `caFile`, - `certFile` and `keyFile` keys have been deprecated." + description: |- + CertSecretRef can be given the name of a Secret containing + either or both of + + + - a PEM-encoded client certificate (`tls.crt`) and private + key (`tls.key`); + - a PEM-encoded CA certificate (`ca.crt`) + + + and whichever are supplied, will be used for connecting to the + registry. The client cert and key are useful if you are + authenticating with a certificate; the CA cert is useful if + you are using a self-signed server certificate. The Secret must + be of type `Opaque` or `kubernetes.io/tls`. + + + Note: Support for the `caFile`, `certFile` and `keyFile` keys have + been deprecated. properties: name: description: Name of the referent. @@ -2862,30 +4136,39 @@ spec: - name type: object ignore: - description: Ignore overrides the set of excluded patterns in the .sourceignore format (which is the same - as .gitignore). If not provided, a default will be used, consult the documentation for your version to find - out what those are. + description: |- + Ignore overrides the set of excluded patterns in the .sourceignore format + (which is the same as .gitignore). If not provided, a default will be used, + consult the documentation for your version to find out what those are. type: string insecure: - description: Insecure allows connecting to a non-TLS HTTP container registry. + description: Insecure allows connecting to a non-TLS HTTP container + registry. type: boolean interval: - description: Interval at which the OCIRepository URL is checked for updates. This interval is approximate - and may be subject to jitter to ensure efficient use of resources. + description: |- + Interval at which the OCIRepository URL is checked for updates. + This interval is approximate and may be subject to jitter to ensure + efficient use of resources. pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$ type: string layerSelector: - description: LayerSelector specifies which layer should be extracted from the OCI artifact. When not specified, - the first layer found in the artifact is selected. + description: |- + LayerSelector specifies which layer should be extracted from the OCI artifact. + When not specified, the first layer found in the artifact is selected. properties: mediaType: - description: MediaType specifies the OCI media type of the layer which should be extracted from the OCI - Artifact. The first layer matching this type is selected. + description: |- + MediaType specifies the OCI media type of the layer + which should be extracted from the OCI Artifact. The + first layer matching this type is selected. type: string operation: - description: Operation specifies how the selected layer should be processed. By default, the layer compressed - content is extracted to storage. When the operation is set to 'copy', the layer compressed content is - persisted to storage as it is. + description: |- + Operation specifies how the selected layer should be processed. + By default, the layer compressed content is extracted to storage. + When the operation is set to 'copy', the layer compressed content + is persisted to storage as it is. enum: - extract - copy @@ -2893,8 +4176,9 @@ spec: type: object provider: default: generic - description: The provider used for authentication, can be 'aws', 'azure', 'gcp' or 'generic'. When not specified, - defaults to 'generic'. + description: |- + The provider used for authentication, can be 'aws', 'azure', 'gcp' or 'generic'. + When not specified, defaults to 'generic'. enum: - generic - aws @@ -2902,23 +4186,33 @@ spec: - gcp type: string ref: - description: The OCI reference to pull and monitor for changes, defaults to the latest tag. + description: |- + The OCI reference to pull and monitor for changes, + defaults to the latest tag. properties: digest: - description: Digest is the image digest to pull, takes precedence over SemVer. The value should be in - the format 'sha256:'. + description: |- + Digest is the image digest to pull, takes precedence over SemVer. + The value should be in the format 'sha256:'. type: string semver: - description: SemVer is the range of tags to pull selecting the latest within the range, takes precedence - over Tag. + description: |- + SemVer is the range of tags to pull selecting the latest within + the range, takes precedence over Tag. + type: string + semverFilter: + description: SemverFilter is a regex pattern to filter the tags + within the SemVer range. type: string tag: description: Tag is the image tag to pull, defaults to latest. type: string type: object secretRef: - description: SecretRef contains the secret name containing the registry login credentials to resolve image - metadata. The secret must be of type kubernetes.io/dockerconfigjson. + description: |- + SecretRef contains the secret name containing the registry login + credentials to resolve image metadata. + The secret must be of type kubernetes.io/dockerconfigjson. properties: name: description: Name of the referent. @@ -2927,33 +4221,73 @@ spec: - name type: object serviceAccountName: - description: 'ServiceAccountName is the name of the Kubernetes ServiceAccount used to authenticate the image - pull if the service account has attached pull secrets. For more information: https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/#add-imagepullsecrets-to-a-service-account' + description: |- + ServiceAccountName is the name of the Kubernetes ServiceAccount used to authenticate + the image pull if the service account has attached pull secrets. For more information: + https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/#add-imagepullsecrets-to-a-service-account type: string suspend: - description: This flag tells the controller to suspend the reconciliation of this source. + description: This flag tells the controller to suspend the reconciliation + of this source. type: boolean timeout: default: 60s - description: The timeout for remote OCI Repository operations like pulling, defaults to 60s. + description: The timeout for remote OCI Repository operations like + pulling, defaults to 60s. pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m))+$ type: string url: - description: URL is a reference to an OCI artifact repository hosted on a remote container registry. + description: |- + URL is a reference to an OCI artifact repository hosted + on a remote container registry. pattern: ^oci://.*$ type: string verify: - description: Verify contains the secret name containing the trusted public keys used to verify the signature - and specifies which provider to use to check whether OCI image is authentic. + description: |- + Verify contains the secret name containing the trusted public keys + used to verify the signature and specifies which provider to use to check + whether OCI image is authentic. properties: + matchOIDCIdentity: + description: |- + MatchOIDCIdentity specifies the identity matching criteria to use + while verifying an OCI artifact which was signed using Cosign keyless + signing. The artifact's identity is deemed to be verified if any of the + specified matchers match against the identity. + items: + description: |- + OIDCIdentityMatch specifies options for verifying the certificate identity, + i.e. the issuer and the subject of the certificate. + properties: + issuer: + description: |- + Issuer specifies the regex pattern to match against to verify + the OIDC issuer in the Fulcio certificate. The pattern must be a + valid Go regular expression. + type: string + subject: + description: |- + Subject specifies the regex pattern to match against to verify + the identity subject in the Fulcio certificate. The pattern must + be a valid Go regular expression. + type: string + required: + - issuer + - subject + type: object + type: array provider: default: cosign - description: Provider specifies the technology used to sign the OCI Artifact. + description: Provider specifies the technology used to sign the + OCI Artifact. enum: - cosign + - notation type: string secretRef: - description: SecretRef specifies the Kubernetes Secret containing the trusted public keys. + description: |- + SecretRef specifies the Kubernetes Secret containing the + trusted public keys. properties: name: description: Name of the referent. @@ -2974,14 +4308,17 @@ spec: description: OCIRepositoryStatus defines the observed state of OCIRepository properties: artifact: - description: Artifact represents the output of the last successful OCI Repository sync. + description: Artifact represents the output of the last successful + OCI Repository sync. properties: digest: description: Digest is the digest of the file in the form of ':'. pattern: ^[a-z0-9]+(?:[.+_-][a-z0-9]+)*:[a-zA-Z0-9=_-]+$ type: string lastUpdateTime: - description: LastUpdateTime is the timestamp corresponding to the last update of the Artifact. + description: |- + LastUpdateTime is the timestamp corresponding to the last update of the + Artifact. format: date-time type: string metadata: @@ -2990,21 +4327,25 @@ spec: description: Metadata holds upstream information such as OCI annotations. type: object path: - description: Path is the relative file path of the Artifact. It can be used to locate the file in the - root of the Artifact storage on the local file system of the controller managing the Source. + description: |- + Path is the relative file path of the Artifact. It can be used to locate + the file in the root of the Artifact storage on the local file system of + the controller managing the Source. type: string revision: - description: Revision is a human-readable identifier traceable in the origin source system. It can be - a Git commit SHA, Git tag, a Helm chart version, etc. + description: |- + Revision is a human-readable identifier traceable in the origin source + system. It can be a Git commit SHA, Git tag, a Helm chart version, etc. type: string size: description: Size is the number of bytes in the file. format: int64 type: integer url: - description: URL is the HTTP address of the Artifact as exposed by the controller managing the Source. - It can be used to retrieve the Artifact for consumption, e.g. by another controller applying the Artifact - contents. + description: |- + URL is the HTTP address of the Artifact as exposed by the controller + managing the Source. It can be used to retrieve the Artifact for + consumption, e.g. by another controller applying the Artifact contents. type: string required: - lastUpdateTime @@ -3015,35 +4356,43 @@ spec: conditions: description: Conditions holds the conditions for the OCIRepository. items: - description: "Condition contains details for one aspect of the current state of this API Resource. --- This - struct is intended for direct use as an array at the field path .status.conditions. For example, \n type - FooStatus struct{ // Represents the observations of a foo's current state. // Known .status.conditions.type - are: \"Available\", \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge // - +listType=map // +listMapKey=type Conditions []metav1.Condition `json:\"conditions,omitempty\" patchStrategy:\"merge\" - patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" + description: "Condition contains details for one aspect of the current + state of this API Resource.\n---\nThis struct is intended for + direct use as an array at the field path .status.conditions. For + example,\n\n\n\ttype FooStatus struct{\n\t // Represents the + observations of a foo's current state.\n\t // Known .status.conditions.type + are: \"Available\", \"Progressing\", and \"Degraded\"\n\t // + +patchMergeKey=type\n\t // +patchStrategy=merge\n\t // +listType=map\n\t + \ // +listMapKey=type\n\t Conditions []metav1.Condition `json:\"conditions,omitempty\" + patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"`\n\n\n\t + \ // other fields\n\t}" properties: lastTransitionTime: - description: lastTransitionTime is the last time the condition transitioned from one status to another. - This should be when the underlying condition changed. If that is not known, then using the time when - the API field changed is acceptable. + description: |- + lastTransitionTime is the last time the condition transitioned from one status to another. + This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. format: date-time type: string message: - description: message is a human readable message indicating details about the transition. This may be - an empty string. + description: |- + message is a human readable message indicating details about the transition. + This may be an empty string. maxLength: 32768 type: string observedGeneration: - description: observedGeneration represents the .metadata.generation that the condition was set based - upon. For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration - is 9, the condition is out of date with respect to the current state of the instance. + description: |- + observedGeneration represents the .metadata.generation that the condition was set based upon. + For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date + with respect to the current state of the instance. format: int64 minimum: 0 type: integer reason: - description: reason contains a programmatic identifier indicating the reason for the condition's last - transition. Producers of specific condition types may define expected values and meanings for this - field, and whether the values are considered a guaranteed API. The value should be a CamelCase string. + description: |- + reason contains a programmatic identifier indicating the reason for the condition's last transition. + Producers of specific condition types may define expected values and meanings for this field, + and whether the values are considered a guaranteed API. + The value should be a CamelCase string. This field may not be empty. maxLength: 1024 minLength: 1 @@ -3057,9 +4406,12 @@ spec: - Unknown type: string type: - description: type of condition in CamelCase or in foo.example.com/CamelCase. --- Many .condition.type - values are consistent across resources like Available, but because arbitrary conditions can be useful - (see .node.status.conditions), the ability to deconflict is important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + description: |- + type of condition in CamelCase or in foo.example.com/CamelCase. + --- + Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be + useful (see .node.status.conditions), the ability to deconflict is important. + The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) maxLength: 316 pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ type: string @@ -3072,41 +4424,60 @@ spec: type: object type: array contentConfigChecksum: - description: "ContentConfigChecksum is a checksum of all the configurations related to the content of the - source artifact: - .spec.ignore - .spec.layerSelector observed in .status.observedGeneration version of - the object. This can be used to determine if the content configuration has changed and the artifact needs - to be rebuilt. It has the format of `:`, for example: `sha256:`. \n Deprecated: - Replaced with explicit fields for observed artifact content config in the status." + description: |- + ContentConfigChecksum is a checksum of all the configurations related to + the content of the source artifact: + - .spec.ignore + - .spec.layerSelector + observed in .status.observedGeneration version of the object. This can + be used to determine if the content configuration has changed and the + artifact needs to be rebuilt. + It has the format of `:`, for example: `sha256:`. + + + Deprecated: Replaced with explicit fields for observed artifact content + config in the status. type: string lastHandledReconcileAt: - description: LastHandledReconcileAt holds the value of the most recent reconcile request value, so a change - of the annotation value can be detected. + description: |- + LastHandledReconcileAt holds the value of the most recent + reconcile request value, so a change of the annotation value + can be detected. type: string observedGeneration: description: ObservedGeneration is the last observed generation. format: int64 type: integer observedIgnore: - description: ObservedIgnore is the observed exclusion patterns used for constructing the source artifact. + description: |- + ObservedIgnore is the observed exclusion patterns used for constructing + the source artifact. type: string observedLayerSelector: - description: ObservedLayerSelector is the observed layer selector used for constructing the source artifact. + description: |- + ObservedLayerSelector is the observed layer selector used for constructing + the source artifact. properties: mediaType: - description: MediaType specifies the OCI media type of the layer which should be extracted from the OCI - Artifact. The first layer matching this type is selected. + description: |- + MediaType specifies the OCI media type of the layer + which should be extracted from the OCI Artifact. The + first layer matching this type is selected. type: string operation: - description: Operation specifies how the selected layer should be processed. By default, the layer compressed - content is extracted to storage. When the operation is set to 'copy', the layer compressed content is - persisted to storage as it is. + description: |- + Operation specifies how the selected layer should be processed. + By default, the layer compressed content is extracted to storage. + When the operation is set to 'copy', the layer compressed content + is persisted to storage as it is. enum: - extract - copy type: string type: object url: - description: URL is the download link for the artifact output of the last OCI Repository sync. + description: URL is the download link for the artifact output of the + last OCI Repository sync. type: string type: object type: object @@ -3122,7 +4493,7 @@ metadata: app.kubernetes.io/component: source-controller app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v2.1.1 + app.kubernetes.io/version: v2.3.0 name: source-controller namespace: flux-system --- @@ -3133,7 +4504,7 @@ metadata: app.kubernetes.io/component: source-controller app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v2.1.1 + app.kubernetes.io/version: v2.3.0 control-plane: controller name: source-controller namespace: flux-system @@ -3154,7 +4525,7 @@ metadata: app.kubernetes.io/component: source-controller app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v2.1.1 + app.kubernetes.io/version: v2.3.0 control-plane: controller name: source-controller namespace: flux-system @@ -3189,7 +4560,17 @@ spec: fieldPath: metadata.namespace - name: TUF_ROOT value: /tmp/.sigstore - image: ghcr.io/fluxcd/source-controller:v1.1.1 + - name: GOMAXPROCS + valueFrom: + resourceFieldRef: + containerName: manager + resource: limits.cpu + - name: GOMEMLIMIT + valueFrom: + resourceFieldRef: + containerName: manager + resource: limits.memory + image: ghcr.io/fluxcd/source-controller:v1.3.0 imagePullPolicy: IfNotPresent livenessProbe: httpGet: @@ -3248,12 +4629,12 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.12.0 + controller-gen.kubebuilder.io/version: v0.15.0 labels: app.kubernetes.io/component: kustomize-controller app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v2.1.1 + app.kubernetes.io/version: v2.3.0 name: kustomizations.kustomize.toolkit.fluxcd.io spec: group: kustomize.toolkit.fluxcd.io @@ -3282,21 +4663,32 @@ spec: description: Kustomization is the Schema for the kustomizations API. properties: apiVersion: - description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert - recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string kind: - description: 'Kind is a string value representing the REST resource this object represents. Servers may infer - this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string metadata: type: object spec: - description: KustomizationSpec defines the configuration to calculate the desired state from a Source using Kustomize. + description: |- + KustomizationSpec defines the configuration to calculate the desired state + from a Source using Kustomize. properties: commonMetadata: - description: CommonMetadata specifies the common labels and annotations that are applied to all resources. - Any existing label or annotation will be overridden if its key matches a common one. + description: |- + CommonMetadata specifies the common labels and annotations that are + applied to all resources. Any existing label or annotation will be + overridden if its key matches a common one. properties: annotations: additionalProperties: @@ -3310,12 +4702,14 @@ spec: type: object type: object components: - description: Components specifies relative paths to specifications of other Components. + description: Components specifies relative paths to specifications + of other Components. items: type: string type: array decryption: - description: Decrypt Kubernetes secrets before applying them on the cluster. + description: Decrypt Kubernetes secrets before applying them on the + cluster. properties: provider: description: Provider is the name of the decryption engine. @@ -3323,7 +4717,8 @@ spec: - sops type: string secretRef: - description: The secret name containing the private OpenPGP keys used for decryption. + description: The secret name containing the private OpenPGP keys + used for decryption. properties: name: description: Name of the referent. @@ -3335,17 +4730,21 @@ spec: - provider type: object dependsOn: - description: DependsOn may contain a meta.NamespacedObjectReference slice with references to Kustomization - resources that must be ready before this Kustomization can be reconciled. + description: |- + DependsOn may contain a meta.NamespacedObjectReference slice + with references to Kustomization resources that must be ready before this + Kustomization can be reconciled. items: - description: NamespacedObjectReference contains enough information to locate the referenced Kubernetes resource - object in any namespace. + description: |- + NamespacedObjectReference contains enough information to locate the referenced Kubernetes resource object in any + namespace. properties: name: description: Name of the referent. type: string namespace: - description: Namespace of the referent, when not specified it acts as LocalObjectReference. + description: Namespace of the referent, when not specified it + acts as LocalObjectReference. type: string required: - name @@ -3353,18 +4752,20 @@ spec: type: array force: default: false - description: Force instructs the controller to recreate resources when patching fails due to an immutable - field change. + description: |- + Force instructs the controller to recreate resources + when patching fails due to an immutable field change. type: boolean healthChecks: description: A list of resources to be included in the health assessment. items: - description: NamespacedObjectKindReference contains enough information to locate the typed referenced Kubernetes - resource object in any namespace. + description: |- + NamespacedObjectKindReference contains enough information to locate the typed referenced Kubernetes resource object + in any namespace. properties: apiVersion: - description: API version of the referent, if not specified the Kubernetes preferred version will be - used. + description: API version of the referent, if not specified the + Kubernetes preferred version will be used. type: string kind: description: Kind of the referent. @@ -3373,7 +4774,8 @@ spec: description: Name of the referent. type: string namespace: - description: Namespace of the referent, when not specified it acts as LocalObjectReference. + description: Namespace of the referent, when not specified it + acts as LocalObjectReference. type: string required: - kind @@ -3381,49 +4783,65 @@ spec: type: object type: array images: - description: Images is a list of (image name, new name, new tag or digest) for changing image names, tags - or digests. This can also be achieved with a patch, but this operator is simpler to specify. + description: |- + Images is a list of (image name, new name, new tag or digest) + for changing image names, tags or digests. This can also be achieved with a + patch, but this operator is simpler to specify. items: - description: Image contains an image name, a new name, a new tag or digest, which will replace the original - name and tag. + description: Image contains an image name, a new name, a new tag + or digest, which will replace the original name and tag. properties: digest: - description: Digest is the value used to replace the original image tag. If digest is present NewTag - value is ignored. + description: |- + Digest is the value used to replace the original image tag. + If digest is present NewTag value is ignored. type: string name: description: Name is a tag-less image name. type: string newName: - description: NewName is the value used to replace the original name. + description: NewName is the value used to replace the original + name. type: string newTag: - description: NewTag is the value used to replace the original tag. + description: NewTag is the value used to replace the original + tag. type: string required: - name type: object type: array interval: - description: The interval at which to reconcile the Kustomization. This interval is approximate and may be - subject to jitter to ensure efficient use of resources. + description: |- + The interval at which to reconcile the Kustomization. + This interval is approximate and may be subject to jitter to ensure + efficient use of resources. pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$ type: string kubeConfig: - description: The KubeConfig for reconciling the Kustomization on a remote cluster. When used in combination - with KustomizationSpec.ServiceAccountName, forces the controller to act on behalf of that Service Account - at the target cluster. If the --default-service-account flag is set, its value will be used as a controller - level fallback for when KustomizationSpec.ServiceAccountName is empty. + description: |- + The KubeConfig for reconciling the Kustomization on a remote cluster. + When used in combination with KustomizationSpec.ServiceAccountName, + forces the controller to act on behalf of that Service Account at the + target cluster. + If the --default-service-account flag is set, its value will be used as + a controller level fallback for when KustomizationSpec.ServiceAccountName + is empty. properties: secretRef: - description: SecretRef holds the name of a secret that contains a key with the kubeconfig file as the - value. If no key is set, the key will default to 'value'. It is recommended that the kubeconfig is self-contained, - and the secret is regularly updated if credentials such as a cloud-access-token expire. Cloud specific - `cmd-path` auth helpers will not function without adding binaries and credentials to the Pod that is - responsible for reconciling Kubernetes resources. + description: |- + SecretRef holds the name of a secret that contains a key with + the kubeconfig file as the value. If no key is set, the key will default + to 'value'. + It is recommended that the kubeconfig is self-contained, and the secret + is regularly updated if credentials such as a cloud-access-token expire. + Cloud specific `cmd-path` auth helpers will not function without adding + binaries and credentials to the Pod that is responsible for reconciling + Kubernetes resources. properties: key: - description: Key in the Secret, when not specified an implementation-specific default key is used. + description: Key in the Secret, when not specified an implementation-specific + default key is used. type: string name: description: Name of the Secret. @@ -3434,34 +4852,57 @@ spec: required: - secretRef type: object + namePrefix: + description: NamePrefix will prefix the names of all managed resources. + maxLength: 200 + minLength: 1 + type: string + nameSuffix: + description: NameSuffix will suffix the names of all managed resources. + maxLength: 200 + minLength: 1 + type: string patches: - description: Strategic merge and JSON patches, defined as inline YAML objects, capable of targeting objects - based on kind, label and annotation selectors. + description: |- + Strategic merge and JSON patches, defined as inline YAML objects, + capable of targeting objects based on kind, label and annotation selectors. items: - description: Patch contains an inline StrategicMerge or JSON6902 patch, and the target the patch should + description: |- + Patch contains an inline StrategicMerge or JSON6902 patch, and the target the patch should be applied to. properties: patch: - description: Patch contains an inline StrategicMerge patch or an inline JSON6902 patch with an array - of operation objects. + description: |- + Patch contains an inline StrategicMerge patch or an inline JSON6902 patch with + an array of operation objects. type: string target: - description: Target points to the resources that the patch document should be applied to. + description: Target points to the resources that the patch document + should be applied to. properties: annotationSelector: - description: AnnotationSelector is a string that follows the label selection expression https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#api + description: |- + AnnotationSelector is a string that follows the label selection expression + https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#api It matches with the resource annotations. type: string group: - description: Group is the API group to select resources from. Together with Version and Kind it - is capable of unambiguously identifying and/or selecting resources. https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md + description: |- + Group is the API group to select resources from. + Together with Version and Kind it is capable of unambiguously identifying and/or selecting resources. + https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md type: string kind: - description: Kind of the API Group to select resources from. Together with Group and Version it - is capable of unambiguously identifying and/or selecting resources. https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md + description: |- + Kind of the API Group to select resources from. + Together with Group and Version it is capable of unambiguously + identifying and/or selecting resources. + https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md type: string labelSelector: - description: LabelSelector is a string that follows the label selection expression https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#api + description: |- + LabelSelector is a string that follows the label selection expression + https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#api It matches with the resource labels. type: string name: @@ -3471,8 +4912,10 @@ spec: description: Namespace to select resources from. type: string version: - description: Version of the API Group to select resources from. Together with Group and Kind it - is capable of unambiguously identifying and/or selecting resources. https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md + description: |- + Version of the API Group to select resources from. + Together with Group and Kind it is capable of unambiguously identifying and/or selecting resources. + https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md type: string type: object required: @@ -3480,44 +4923,58 @@ spec: type: object type: array path: - description: Path to the directory containing the kustomization.yaml file, or the set of plain YAMLs a kustomization.yaml - should be generated for. Defaults to 'None', which translates to the root path of the SourceRef. + description: |- + Path to the directory containing the kustomization.yaml file, or the + set of plain YAMLs a kustomization.yaml should be generated for. + Defaults to 'None', which translates to the root path of the SourceRef. type: string postBuild: - description: PostBuild describes which actions to perform on the YAML manifest generated by building the kustomize - overlay. + description: |- + PostBuild describes which actions to perform on the YAML manifest + generated by building the kustomize overlay. properties: substitute: additionalProperties: type: string - description: Substitute holds a map of key/value pairs. The variables defined in your YAML manifests that - match any of the keys defined in the map will be substituted with the set value. Includes support for - bash string replacement functions e.g. ${var:=default}, ${var:position} and ${var/substring/replacement}. + description: |- + Substitute holds a map of key/value pairs. + The variables defined in your YAML manifests that match any of the keys + defined in the map will be substituted with the set value. + Includes support for bash string replacement functions + e.g. ${var:=default}, ${var:position} and ${var/substring/replacement}. type: object substituteFrom: - description: SubstituteFrom holds references to ConfigMaps and Secrets containing the variables and their - values to be substituted in the YAML manifests. The ConfigMap and the Secret data keys represent the - var names, and they must match the vars declared in the manifests for the substitution to happen. + description: |- + SubstituteFrom holds references to ConfigMaps and Secrets containing + the variables and their values to be substituted in the YAML manifests. + The ConfigMap and the Secret data keys represent the var names, and they + must match the vars declared in the manifests for the substitution to + happen. items: - description: SubstituteReference contains a reference to a resource containing the variables name and - value. + description: |- + SubstituteReference contains a reference to a resource containing + the variables name and value. properties: kind: - description: Kind of the values referent, valid values are ('Secret', 'ConfigMap'). + description: Kind of the values referent, valid values are + ('Secret', 'ConfigMap'). enum: - Secret - ConfigMap type: string name: - description: Name of the values referent. Should reside in the same namespace as the referring resource. + description: |- + Name of the values referent. Should reside in the same namespace as the + referring resource. maxLength: 253 minLength: 1 type: string optional: default: false - description: Optional indicates whether the referenced resource must exist, or whether to tolerate - its absence. If true and the referenced resource is absent, proceed as if the resource was present - but empty, without any variables defined. + description: |- + Optional indicates whether the referenced resource must exist, or whether to + tolerate its absence. If true and the referenced resource is absent, proceed + as if the resource was present but empty, without any variables defined. type: boolean required: - kind @@ -3529,15 +4986,20 @@ spec: description: Prune enables garbage collection. type: boolean retryInterval: - description: The interval at which to retry a previously failed reconciliation. When not specified, the controller - uses the KustomizationSpec.Interval value to retry failures. + description: |- + The interval at which to retry a previously failed reconciliation. + When not specified, the controller uses the KustomizationSpec.Interval + value to retry failures. pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$ type: string serviceAccountName: - description: The name of the Kubernetes service account to impersonate when reconciling this Kustomization. + description: |- + The name of the Kubernetes service account to impersonate + when reconciling this Kustomization. type: string sourceRef: - description: Reference of the source where the kustomization file is. + description: Reference of the source where the kustomization file + is. properties: apiVersion: description: API version of the referent. @@ -3553,29 +5015,36 @@ spec: description: Name of the referent. type: string namespace: - description: Namespace of the referent, defaults to the namespace of the Kubernetes resource object that - contains the reference. + description: |- + Namespace of the referent, defaults to the namespace of the Kubernetes + resource object that contains the reference. type: string required: - kind - name type: object suspend: - description: This flag tells the controller to suspend subsequent kustomize executions, it does not apply - to already started executions. Defaults to false. + description: |- + This flag tells the controller to suspend subsequent kustomize executions, + it does not apply to already started executions. Defaults to false. type: boolean targetNamespace: - description: TargetNamespace sets or overrides the namespace in the kustomization.yaml file. + description: |- + TargetNamespace sets or overrides the namespace in the + kustomization.yaml file. maxLength: 63 minLength: 1 type: string timeout: - description: Timeout for validation, apply and health checking operations. Defaults to 'Interval' duration. + description: |- + Timeout for validation, apply and health checking operations. + Defaults to 'Interval' duration. pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$ type: string wait: - description: Wait instructs the controller to check the health of all the reconciled resources. When enabled, - the HealthChecks are ignored. Defaults to false. + description: |- + Wait instructs the controller to check the health of all the reconciled + resources. When enabled, the HealthChecks are ignored. Defaults to false. type: boolean required: - interval @@ -3589,35 +5058,43 @@ spec: properties: conditions: items: - description: "Condition contains details for one aspect of the current state of this API Resource. --- This - struct is intended for direct use as an array at the field path .status.conditions. For example, \n type - FooStatus struct{ // Represents the observations of a foo's current state. // Known .status.conditions.type - are: \"Available\", \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge // - +listType=map // +listMapKey=type Conditions []metav1.Condition `json:\"conditions,omitempty\" patchStrategy:\"merge\" - patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" + description: "Condition contains details for one aspect of the current + state of this API Resource.\n---\nThis struct is intended for + direct use as an array at the field path .status.conditions. For + example,\n\n\n\ttype FooStatus struct{\n\t // Represents the + observations of a foo's current state.\n\t // Known .status.conditions.type + are: \"Available\", \"Progressing\", and \"Degraded\"\n\t // + +patchMergeKey=type\n\t // +patchStrategy=merge\n\t // +listType=map\n\t + \ // +listMapKey=type\n\t Conditions []metav1.Condition `json:\"conditions,omitempty\" + patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"`\n\n\n\t + \ // other fields\n\t}" properties: lastTransitionTime: - description: lastTransitionTime is the last time the condition transitioned from one status to another. - This should be when the underlying condition changed. If that is not known, then using the time when - the API field changed is acceptable. + description: |- + lastTransitionTime is the last time the condition transitioned from one status to another. + This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. format: date-time type: string message: - description: message is a human readable message indicating details about the transition. This may be - an empty string. + description: |- + message is a human readable message indicating details about the transition. + This may be an empty string. maxLength: 32768 type: string observedGeneration: - description: observedGeneration represents the .metadata.generation that the condition was set based - upon. For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration - is 9, the condition is out of date with respect to the current state of the instance. + description: |- + observedGeneration represents the .metadata.generation that the condition was set based upon. + For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date + with respect to the current state of the instance. format: int64 minimum: 0 type: integer reason: - description: reason contains a programmatic identifier indicating the reason for the condition's last - transition. Producers of specific condition types may define expected values and meanings for this - field, and whether the values are considered a guaranteed API. The value should be a CamelCase string. + description: |- + reason contains a programmatic identifier indicating the reason for the condition's last transition. + Producers of specific condition types may define expected values and meanings for this field, + and whether the values are considered a guaranteed API. + The value should be a CamelCase string. This field may not be empty. maxLength: 1024 minLength: 1 @@ -3631,9 +5108,12 @@ spec: - Unknown type: string type: - description: type of condition in CamelCase or in foo.example.com/CamelCase. --- Many .condition.type - values are consistent across resources like Available, but because arbitrary conditions can be useful - (see .node.status.conditions), the ability to deconflict is important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + description: |- + type of condition in CamelCase or in foo.example.com/CamelCase. + --- + Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be + useful (see .node.status.conditions), the ability to deconflict is important. + The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) maxLength: 316 pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ type: string @@ -3646,20 +5126,24 @@ spec: type: object type: array inventory: - description: Inventory contains the list of Kubernetes resource object references that have been successfully - applied. + description: |- + Inventory contains the list of Kubernetes resource object references that + have been successfully applied. properties: entries: description: Entries of Kubernetes resource object references. items: - description: ResourceRef contains the information necessary to locate a resource within a cluster. + description: ResourceRef contains the information necessary + to locate a resource within a cluster. properties: id: - description: ID is the string representation of the Kubernetes resource object's metadata, in the - format '___'. + description: |- + ID is the string representation of the Kubernetes resource object's metadata, + in the format '___'. type: string v: - description: Version is the API version of the Kubernetes resource object's kind. + description: Version is the API version of the Kubernetes + resource object's kind. type: string required: - id @@ -3670,15 +5154,19 @@ spec: - entries type: object lastAppliedRevision: - description: The last successfully applied revision. Equals the Revision of the applied Artifact from the - referenced Source. + description: |- + The last successfully applied revision. + Equals the Revision of the applied Artifact from the referenced Source. type: string lastAttemptedRevision: - description: LastAttemptedRevision is the revision of the last reconciliation attempt. + description: LastAttemptedRevision is the revision of the last reconciliation + attempt. type: string lastHandledReconcileAt: - description: LastHandledReconcileAt holds the value of the most recent reconcile request value, so a change - of the annotation value can be detected. + description: |- + LastHandledReconcileAt holds the value of the most recent + reconcile request value, so a change of the annotation value + can be detected. type: string observedGeneration: description: ObservedGeneration is the last reconciled generation. @@ -3708,12 +5196,19 @@ spec: description: Kustomization is the Schema for the kustomizations API. properties: apiVersion: - description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert - recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string kind: - description: 'Kind is a string value representing the REST resource this object represents. Servers may infer - this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string metadata: type: object @@ -3721,7 +5216,8 @@ spec: description: KustomizationSpec defines the desired state of a kustomization. properties: decryption: - description: Decrypt Kubernetes secrets before applying them on the cluster. + description: Decrypt Kubernetes secrets before applying them on the + cluster. properties: provider: description: Provider is the name of the decryption engine. @@ -3729,7 +5225,8 @@ spec: - sops type: string secretRef: - description: The secret name containing the private OpenPGP keys used for decryption. + description: The secret name containing the private OpenPGP keys + used for decryption. properties: name: description: Name of the referent. @@ -3741,17 +5238,21 @@ spec: - provider type: object dependsOn: - description: DependsOn may contain a meta.NamespacedObjectReference slice with references to Kustomization - resources that must be ready before this Kustomization can be reconciled. + description: |- + DependsOn may contain a meta.NamespacedObjectReference slice + with references to Kustomization resources that must be ready before this + Kustomization can be reconciled. items: - description: NamespacedObjectReference contains enough information to locate the referenced Kubernetes resource - object in any namespace. + description: |- + NamespacedObjectReference contains enough information to locate the referenced Kubernetes resource object in any + namespace. properties: name: description: Name of the referent. type: string namespace: - description: Namespace of the referent, when not specified it acts as LocalObjectReference. + description: Namespace of the referent, when not specified it + acts as LocalObjectReference. type: string required: - name @@ -3759,18 +5260,20 @@ spec: type: array force: default: false - description: Force instructs the controller to recreate resources when patching fails due to an immutable - field change. + description: |- + Force instructs the controller to recreate resources + when patching fails due to an immutable field change. type: boolean healthChecks: description: A list of resources to be included in the health assessment. items: - description: NamespacedObjectKindReference contains enough information to locate the typed referenced Kubernetes - resource object in any namespace. + description: |- + NamespacedObjectKindReference contains enough information to locate the typed referenced Kubernetes resource object + in any namespace. properties: apiVersion: - description: API version of the referent, if not specified the Kubernetes preferred version will be - used. + description: API version of the referent, if not specified the + Kubernetes preferred version will be used. type: string kind: description: Kind of the referent. @@ -3779,7 +5282,8 @@ spec: description: Name of the referent. type: string namespace: - description: Namespace of the referent, when not specified it acts as LocalObjectReference. + description: Namespace of the referent, when not specified it + acts as LocalObjectReference. type: string required: - kind @@ -3787,24 +5291,29 @@ spec: type: object type: array images: - description: Images is a list of (image name, new name, new tag or digest) for changing image names, tags - or digests. This can also be achieved with a patch, but this operator is simpler to specify. + description: |- + Images is a list of (image name, new name, new tag or digest) + for changing image names, tags or digests. This can also be achieved with a + patch, but this operator is simpler to specify. items: - description: Image contains an image name, a new name, a new tag or digest, which will replace the original - name and tag. + description: Image contains an image name, a new name, a new tag + or digest, which will replace the original name and tag. properties: digest: - description: Digest is the value used to replace the original image tag. If digest is present NewTag - value is ignored. + description: |- + Digest is the value used to replace the original image tag. + If digest is present NewTag value is ignored. type: string name: description: Name is a tag-less image name. type: string newName: - description: NewName is the value used to replace the original name. + description: NewName is the value used to replace the original + name. type: string newTag: - description: NewTag is the value used to replace the original tag. + description: NewTag is the value used to replace the original + tag. type: string required: - name @@ -3814,15 +5323,20 @@ spec: description: The interval at which to reconcile the Kustomization. type: string kubeConfig: - description: The KubeConfig for reconciling the Kustomization on a remote cluster. When specified, KubeConfig - takes precedence over ServiceAccountName. + description: |- + The KubeConfig for reconciling the Kustomization on a remote cluster. + When specified, KubeConfig takes precedence over ServiceAccountName. properties: secretRef: - description: SecretRef holds the name to a secret that contains a 'value' key with the kubeconfig file - as the value. It must be in the same namespace as the Kustomization. It is recommended that the kubeconfig - is self-contained, and the secret is regularly updated if credentials such as a cloud-access-token expire. - Cloud specific `cmd-path` auth helpers will not function without adding binaries and credentials to - the Pod that is responsible for reconciling the Kustomization. + description: |- + SecretRef holds the name to a secret that contains a 'value' key with + the kubeconfig file as the value. It must be in the same namespace as + the Kustomization. + It is recommended that the kubeconfig is self-contained, and the secret + is regularly updated if credentials such as a cloud-access-token expire. + Cloud specific `cmd-path` auth helpers will not function without adding + binaries and credentials to the Pod that is responsible for reconciling + the Kustomization. properties: name: description: Name of the referent. @@ -3832,33 +5346,46 @@ spec: type: object type: object patches: - description: Strategic merge and JSON patches, defined as inline YAML objects, capable of targeting objects - based on kind, label and annotation selectors. + description: |- + Strategic merge and JSON patches, defined as inline YAML objects, + capable of targeting objects based on kind, label and annotation selectors. items: - description: Patch contains an inline StrategicMerge or JSON6902 patch, and the target the patch should + description: |- + Patch contains an inline StrategicMerge or JSON6902 patch, and the target the patch should be applied to. properties: patch: - description: Patch contains an inline StrategicMerge patch or an inline JSON6902 patch with an array - of operation objects. + description: |- + Patch contains an inline StrategicMerge patch or an inline JSON6902 patch with + an array of operation objects. type: string target: - description: Target points to the resources that the patch document should be applied to. + description: Target points to the resources that the patch document + should be applied to. properties: annotationSelector: - description: AnnotationSelector is a string that follows the label selection expression https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#api + description: |- + AnnotationSelector is a string that follows the label selection expression + https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#api It matches with the resource annotations. type: string group: - description: Group is the API group to select resources from. Together with Version and Kind it - is capable of unambiguously identifying and/or selecting resources. https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md + description: |- + Group is the API group to select resources from. + Together with Version and Kind it is capable of unambiguously identifying and/or selecting resources. + https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md type: string kind: - description: Kind of the API Group to select resources from. Together with Group and Version it - is capable of unambiguously identifying and/or selecting resources. https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md + description: |- + Kind of the API Group to select resources from. + Together with Group and Version it is capable of unambiguously + identifying and/or selecting resources. + https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md type: string labelSelector: - description: LabelSelector is a string that follows the label selection expression https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#api + description: |- + LabelSelector is a string that follows the label selection expression + https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#api It matches with the resource labels. type: string name: @@ -3868,8 +5395,10 @@ spec: description: Namespace to select resources from. type: string version: - description: Version of the API Group to select resources from. Together with Group and Kind it - is capable of unambiguously identifying and/or selecting resources. https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md + description: |- + Version of the API Group to select resources from. + Together with Group and Kind it is capable of unambiguously identifying and/or selecting resources. + https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md type: string type: object required: @@ -3879,21 +5408,27 @@ spec: patchesJson6902: description: JSON 6902 patches, defined as inline YAML objects. items: - description: JSON6902Patch contains a JSON6902 patch and the target the patch should be applied to. + description: JSON6902Patch contains a JSON6902 patch and the target + the patch should be applied to. properties: patch: - description: Patch contains the JSON6902 patch document with an array of operation objects. + description: Patch contains the JSON6902 patch document with + an array of operation objects. items: - description: JSON6902 is a JSON6902 operation object. https://datatracker.ietf.org/doc/html/rfc6902#section-4 + description: |- + JSON6902 is a JSON6902 operation object. + https://datatracker.ietf.org/doc/html/rfc6902#section-4 properties: from: - description: From contains a JSON-pointer value that references a location within the target document - where the operation is performed. The meaning of the value depends on the value of Op, and is - NOT taken into account by all operations. + description: |- + From contains a JSON-pointer value that references a location within the target document where the operation is + performed. The meaning of the value depends on the value of Op, and is NOT taken into account by all operations. type: string op: - description: Op indicates the operation to perform. Its value MUST be one of "add", "remove", - "replace", "move", "copy", or "test". https://datatracker.ietf.org/doc/html/rfc6902#section-4 + description: |- + Op indicates the operation to perform. Its value MUST be one of "add", "remove", "replace", "move", "copy", or + "test". + https://datatracker.ietf.org/doc/html/rfc6902#section-4 enum: - test - remove @@ -3903,13 +5438,14 @@ spec: - copy type: string path: - description: Path contains the JSON-pointer value that references a location within the target - document where the operation is performed. The meaning of the value depends on the value of - Op. + description: |- + Path contains the JSON-pointer value that references a location within the target document where the operation + is performed. The meaning of the value depends on the value of Op. type: string value: - description: Value contains a valid JSON structure. The meaning of the value depends on the value - of Op, and is NOT taken into account by all operations. + description: |- + Value contains a valid JSON structure. The meaning of the value depends on the value of Op, and is NOT taken into + account by all operations. x-kubernetes-preserve-unknown-fields: true required: - op @@ -3917,22 +5453,32 @@ spec: type: object type: array target: - description: Target points to the resources that the patch document should be applied to. + description: Target points to the resources that the patch document + should be applied to. properties: annotationSelector: - description: AnnotationSelector is a string that follows the label selection expression https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#api + description: |- + AnnotationSelector is a string that follows the label selection expression + https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#api It matches with the resource annotations. type: string group: - description: Group is the API group to select resources from. Together with Version and Kind it - is capable of unambiguously identifying and/or selecting resources. https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md + description: |- + Group is the API group to select resources from. + Together with Version and Kind it is capable of unambiguously identifying and/or selecting resources. + https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md type: string kind: - description: Kind of the API Group to select resources from. Together with Group and Version it - is capable of unambiguously identifying and/or selecting resources. https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md + description: |- + Kind of the API Group to select resources from. + Together with Group and Version it is capable of unambiguously + identifying and/or selecting resources. + https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md type: string labelSelector: - description: LabelSelector is a string that follows the label selection expression https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#api + description: |- + LabelSelector is a string that follows the label selection expression + https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#api It matches with the resource labels. type: string name: @@ -3942,8 +5488,10 @@ spec: description: Namespace to select resources from. type: string version: - description: Version of the API Group to select resources from. Together with Group and Kind it - is capable of unambiguously identifying and/or selecting resources. https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md + description: |- + Version of the API Group to select resources from. + Together with Group and Kind it is capable of unambiguously identifying and/or selecting resources. + https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md type: string type: object required: @@ -3957,36 +5505,49 @@ spec: x-kubernetes-preserve-unknown-fields: true type: array path: - description: Path to the directory containing the kustomization.yaml file, or the set of plain YAMLs a kustomization.yaml - should be generated for. Defaults to 'None', which translates to the root path of the SourceRef. + description: |- + Path to the directory containing the kustomization.yaml file, or the + set of plain YAMLs a kustomization.yaml should be generated for. + Defaults to 'None', which translates to the root path of the SourceRef. type: string postBuild: - description: PostBuild describes which actions to perform on the YAML manifest generated by building the kustomize - overlay. + description: |- + PostBuild describes which actions to perform on the YAML manifest + generated by building the kustomize overlay. properties: substitute: additionalProperties: type: string - description: Substitute holds a map of key/value pairs. The variables defined in your YAML manifests that - match any of the keys defined in the map will be substituted with the set value. Includes support for - bash string replacement functions e.g. ${var:=default}, ${var:position} and ${var/substring/replacement}. + description: |- + Substitute holds a map of key/value pairs. + The variables defined in your YAML manifests + that match any of the keys defined in the map + will be substituted with the set value. + Includes support for bash string replacement functions + e.g. ${var:=default}, ${var:position} and ${var/substring/replacement}. type: object substituteFrom: - description: SubstituteFrom holds references to ConfigMaps and Secrets containing the variables and their - values to be substituted in the YAML manifests. The ConfigMap and the Secret data keys represent the - var names and they must match the vars declared in the manifests for the substitution to happen. + description: |- + SubstituteFrom holds references to ConfigMaps and Secrets containing + the variables and their values to be substituted in the YAML manifests. + The ConfigMap and the Secret data keys represent the var names and they + must match the vars declared in the manifests for the substitution to happen. items: - description: SubstituteReference contains a reference to a resource containing the variables name and - value. + description: |- + SubstituteReference contains a reference to a resource containing + the variables name and value. properties: kind: - description: Kind of the values referent, valid values are ('Secret', 'ConfigMap'). + description: Kind of the values referent, valid values are + ('Secret', 'ConfigMap'). enum: - Secret - ConfigMap type: string name: - description: Name of the values referent. Should reside in the same namespace as the referring resource. + description: |- + Name of the values referent. Should reside in the same namespace as the + referring resource. maxLength: 253 minLength: 1 type: string @@ -4000,14 +5561,19 @@ spec: description: Prune enables garbage collection. type: boolean retryInterval: - description: The interval at which to retry a previously failed reconciliation. When not specified, the controller - uses the KustomizationSpec.Interval value to retry failures. + description: |- + The interval at which to retry a previously failed reconciliation. + When not specified, the controller uses the KustomizationSpec.Interval + value to retry failures. type: string serviceAccountName: - description: The name of the Kubernetes service account to impersonate when reconciling this Kustomization. + description: |- + The name of the Kubernetes service account to impersonate + when reconciling this Kustomization. type: string sourceRef: - description: Reference of the source where the kustomization file is. + description: Reference of the source where the kustomization file + is. properties: apiVersion: description: API version of the referent @@ -4022,28 +5588,37 @@ spec: description: Name of the referent type: string namespace: - description: Namespace of the referent, defaults to the Kustomization namespace + description: Namespace of the referent, defaults to the Kustomization + namespace type: string required: - kind - name type: object suspend: - description: This flag tells the controller to suspend subsequent kustomize executions, it does not apply - to already started executions. Defaults to false. + description: |- + This flag tells the controller to suspend subsequent kustomize executions, + it does not apply to already started executions. Defaults to false. type: boolean targetNamespace: - description: TargetNamespace sets or overrides the namespace in the kustomization.yaml file. + description: |- + TargetNamespace sets or overrides the namespace in the + kustomization.yaml file. maxLength: 63 minLength: 1 type: string timeout: - description: Timeout for validation, apply and health checking operations. Defaults to 'Interval' duration. + description: |- + Timeout for validation, apply and health checking operations. + Defaults to 'Interval' duration. type: string validation: - description: Validate the Kubernetes objects before applying them on the cluster. The validation strategy - can be 'client' (local dry-run), 'server' (APIServer dry-run) or 'none'. When 'Force' is 'true', validation - will fallback to 'client' if set to 'server' because server-side validation is not supported in this scenario. + description: |- + Validate the Kubernetes objects before applying them on the cluster. + The validation strategy can be 'client' (local dry-run), 'server' + (APIServer dry-run) or 'none'. + When 'Force' is 'true', validation will fallback to 'client' if set to + 'server' because server-side validation is not supported in this scenario. enum: - none - client @@ -4061,35 +5636,43 @@ spec: properties: conditions: items: - description: "Condition contains details for one aspect of the current state of this API Resource. --- This - struct is intended for direct use as an array at the field path .status.conditions. For example, \n type - FooStatus struct{ // Represents the observations of a foo's current state. // Known .status.conditions.type - are: \"Available\", \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge // - +listType=map // +listMapKey=type Conditions []metav1.Condition `json:\"conditions,omitempty\" patchStrategy:\"merge\" - patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" + description: "Condition contains details for one aspect of the current + state of this API Resource.\n---\nThis struct is intended for + direct use as an array at the field path .status.conditions. For + example,\n\n\n\ttype FooStatus struct{\n\t // Represents the + observations of a foo's current state.\n\t // Known .status.conditions.type + are: \"Available\", \"Progressing\", and \"Degraded\"\n\t // + +patchMergeKey=type\n\t // +patchStrategy=merge\n\t // +listType=map\n\t + \ // +listMapKey=type\n\t Conditions []metav1.Condition `json:\"conditions,omitempty\" + patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"`\n\n\n\t + \ // other fields\n\t}" properties: lastTransitionTime: - description: lastTransitionTime is the last time the condition transitioned from one status to another. - This should be when the underlying condition changed. If that is not known, then using the time when - the API field changed is acceptable. + description: |- + lastTransitionTime is the last time the condition transitioned from one status to another. + This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. format: date-time type: string message: - description: message is a human readable message indicating details about the transition. This may be - an empty string. + description: |- + message is a human readable message indicating details about the transition. + This may be an empty string. maxLength: 32768 type: string observedGeneration: - description: observedGeneration represents the .metadata.generation that the condition was set based - upon. For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration - is 9, the condition is out of date with respect to the current state of the instance. + description: |- + observedGeneration represents the .metadata.generation that the condition was set based upon. + For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date + with respect to the current state of the instance. format: int64 minimum: 0 type: integer reason: - description: reason contains a programmatic identifier indicating the reason for the condition's last - transition. Producers of specific condition types may define expected values and meanings for this - field, and whether the values are considered a guaranteed API. The value should be a CamelCase string. + description: |- + reason contains a programmatic identifier indicating the reason for the condition's last transition. + Producers of specific condition types may define expected values and meanings for this field, + and whether the values are considered a guaranteed API. + The value should be a CamelCase string. This field may not be empty. maxLength: 1024 minLength: 1 @@ -4103,9 +5686,12 @@ spec: - Unknown type: string type: - description: type of condition in CamelCase or in foo.example.com/CamelCase. --- Many .condition.type - values are consistent across resources like Available, but because arbitrary conditions can be useful - (see .node.status.conditions), the ability to deconflict is important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + description: |- + type of condition in CamelCase or in foo.example.com/CamelCase. + --- + Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be + useful (see .node.status.conditions), the ability to deconflict is important. + The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) maxLength: 316 pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ type: string @@ -4118,14 +5704,19 @@ spec: type: object type: array lastAppliedRevision: - description: The last successfully applied revision. The revision format for Git sources is /. + description: |- + The last successfully applied revision. + The revision format for Git sources is /. type: string lastAttemptedRevision: - description: LastAttemptedRevision is the revision of the last reconciliation attempt. + description: LastAttemptedRevision is the revision of the last reconciliation + attempt. type: string lastHandledReconcileAt: - description: LastHandledReconcileAt holds the value of the most recent reconcile request value, so a change - of the annotation value can be detected. + description: |- + LastHandledReconcileAt holds the value of the most recent + reconcile request value, so a change of the annotation value + can be detected. type: string observedGeneration: description: ObservedGeneration is the last reconciled generation. @@ -4140,7 +5731,9 @@ spec: entries: description: A list of Kubernetes kinds grouped by namespace. items: - description: Snapshot holds the metadata of namespaced Kubernetes objects + description: |- + Snapshot holds the metadata of namespaced + Kubernetes objects properties: kinds: additionalProperties: @@ -4182,20 +5775,29 @@ spec: description: Kustomization is the Schema for the kustomizations API. properties: apiVersion: - description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert - recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string kind: - description: 'Kind is a string value representing the REST resource this object represents. Servers may infer - this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string metadata: type: object spec: - description: KustomizationSpec defines the configuration to calculate the desired state from a Source using Kustomize. + description: KustomizationSpec defines the configuration to calculate + the desired state from a Source using Kustomize. properties: commonMetadata: - description: CommonMetadata specifies the common labels and annotations that are applied to all resources. + description: |- + CommonMetadata specifies the common labels and annotations that are applied to all resources. Any existing label or annotation will be overridden if its key matches a common one. properties: annotations: @@ -4210,12 +5812,14 @@ spec: type: object type: object components: - description: Components specifies relative paths to specifications of other Components. + description: Components specifies relative paths to specifications + of other Components. items: type: string type: array decryption: - description: Decrypt Kubernetes secrets before applying them on the cluster. + description: Decrypt Kubernetes secrets before applying them on the + cluster. properties: provider: description: Provider is the name of the decryption engine. @@ -4223,7 +5827,8 @@ spec: - sops type: string secretRef: - description: The secret name containing the private OpenPGP keys used for decryption. + description: The secret name containing the private OpenPGP keys + used for decryption. properties: name: description: Name of the referent. @@ -4235,17 +5840,21 @@ spec: - provider type: object dependsOn: - description: DependsOn may contain a meta.NamespacedObjectReference slice with references to Kustomization - resources that must be ready before this Kustomization can be reconciled. + description: |- + DependsOn may contain a meta.NamespacedObjectReference slice + with references to Kustomization resources that must be ready before this + Kustomization can be reconciled. items: - description: NamespacedObjectReference contains enough information to locate the referenced Kubernetes resource - object in any namespace. + description: |- + NamespacedObjectReference contains enough information to locate the referenced Kubernetes resource object in any + namespace. properties: name: description: Name of the referent. type: string namespace: - description: Namespace of the referent, when not specified it acts as LocalObjectReference. + description: Namespace of the referent, when not specified it + acts as LocalObjectReference. type: string required: - name @@ -4253,18 +5862,20 @@ spec: type: array force: default: false - description: Force instructs the controller to recreate resources when patching fails due to an immutable - field change. + description: |- + Force instructs the controller to recreate resources + when patching fails due to an immutable field change. type: boolean healthChecks: description: A list of resources to be included in the health assessment. items: - description: NamespacedObjectKindReference contains enough information to locate the typed referenced Kubernetes - resource object in any namespace. + description: |- + NamespacedObjectKindReference contains enough information to locate the typed referenced Kubernetes resource object + in any namespace. properties: apiVersion: - description: API version of the referent, if not specified the Kubernetes preferred version will be - used. + description: API version of the referent, if not specified the + Kubernetes preferred version will be used. type: string kind: description: Kind of the referent. @@ -4273,7 +5884,8 @@ spec: description: Name of the referent. type: string namespace: - description: Namespace of the referent, when not specified it acts as LocalObjectReference. + description: Namespace of the referent, when not specified it + acts as LocalObjectReference. type: string required: - kind @@ -4281,24 +5893,29 @@ spec: type: object type: array images: - description: Images is a list of (image name, new name, new tag or digest) for changing image names, tags - or digests. This can also be achieved with a patch, but this operator is simpler to specify. + description: |- + Images is a list of (image name, new name, new tag or digest) + for changing image names, tags or digests. This can also be achieved with a + patch, but this operator is simpler to specify. items: - description: Image contains an image name, a new name, a new tag or digest, which will replace the original - name and tag. + description: Image contains an image name, a new name, a new tag + or digest, which will replace the original name and tag. properties: digest: - description: Digest is the value used to replace the original image tag. If digest is present NewTag - value is ignored. + description: |- + Digest is the value used to replace the original image tag. + If digest is present NewTag value is ignored. type: string name: description: Name is a tag-less image name. type: string newName: - description: NewName is the value used to replace the original name. + description: NewName is the value used to replace the original + name. type: string newTag: - description: NewTag is the value used to replace the original tag. + description: NewTag is the value used to replace the original + tag. type: string required: - name @@ -4309,20 +5926,29 @@ spec: pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$ type: string kubeConfig: - description: The KubeConfig for reconciling the Kustomization on a remote cluster. When used in combination - with KustomizationSpec.ServiceAccountName, forces the controller to act on behalf of that Service Account - at the target cluster. If the --default-service-account flag is set, its value will be used as a controller - level fallback for when KustomizationSpec.ServiceAccountName is empty. + description: |- + The KubeConfig for reconciling the Kustomization on a remote cluster. + When used in combination with KustomizationSpec.ServiceAccountName, + forces the controller to act on behalf of that Service Account at the + target cluster. + If the --default-service-account flag is set, its value will be used as + a controller level fallback for when KustomizationSpec.ServiceAccountName + is empty. properties: secretRef: - description: SecretRef holds the name of a secret that contains a key with the kubeconfig file as the - value. If no key is set, the key will default to 'value'. It is recommended that the kubeconfig is self-contained, - and the secret is regularly updated if credentials such as a cloud-access-token expire. Cloud specific - `cmd-path` auth helpers will not function without adding binaries and credentials to the Pod that is - responsible for reconciling Kubernetes resources. + description: |- + SecretRef holds the name of a secret that contains a key with + the kubeconfig file as the value. If no key is set, the key will default + to 'value'. + It is recommended that the kubeconfig is self-contained, and the secret + is regularly updated if credentials such as a cloud-access-token expire. + Cloud specific `cmd-path` auth helpers will not function without adding + binaries and credentials to the Pod that is responsible for reconciling + Kubernetes resources. properties: key: - description: Key in the Secret, when not specified an implementation-specific default key is used. + description: Key in the Secret, when not specified an implementation-specific + default key is used. type: string name: description: Name of the Secret. @@ -4334,33 +5960,46 @@ spec: - secretRef type: object patches: - description: Strategic merge and JSON patches, defined as inline YAML objects, capable of targeting objects - based on kind, label and annotation selectors. + description: |- + Strategic merge and JSON patches, defined as inline YAML objects, + capable of targeting objects based on kind, label and annotation selectors. items: - description: Patch contains an inline StrategicMerge or JSON6902 patch, and the target the patch should + description: |- + Patch contains an inline StrategicMerge or JSON6902 patch, and the target the patch should be applied to. properties: patch: - description: Patch contains an inline StrategicMerge patch or an inline JSON6902 patch with an array - of operation objects. + description: |- + Patch contains an inline StrategicMerge patch or an inline JSON6902 patch with + an array of operation objects. type: string target: - description: Target points to the resources that the patch document should be applied to. + description: Target points to the resources that the patch document + should be applied to. properties: annotationSelector: - description: AnnotationSelector is a string that follows the label selection expression https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#api + description: |- + AnnotationSelector is a string that follows the label selection expression + https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#api It matches with the resource annotations. type: string group: - description: Group is the API group to select resources from. Together with Version and Kind it - is capable of unambiguously identifying and/or selecting resources. https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md + description: |- + Group is the API group to select resources from. + Together with Version and Kind it is capable of unambiguously identifying and/or selecting resources. + https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md type: string kind: - description: Kind of the API Group to select resources from. Together with Group and Version it - is capable of unambiguously identifying and/or selecting resources. https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md + description: |- + Kind of the API Group to select resources from. + Together with Group and Version it is capable of unambiguously + identifying and/or selecting resources. + https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md type: string labelSelector: - description: LabelSelector is a string that follows the label selection expression https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#api + description: |- + LabelSelector is a string that follows the label selection expression + https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#api It matches with the resource labels. type: string name: @@ -4370,8 +6009,10 @@ spec: description: Namespace to select resources from. type: string version: - description: Version of the API Group to select resources from. Together with Group and Kind it - is capable of unambiguously identifying and/or selecting resources. https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md + description: |- + Version of the API Group to select resources from. + Together with Group and Kind it is capable of unambiguously identifying and/or selecting resources. + https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md type: string type: object required: @@ -4379,23 +6020,31 @@ spec: type: object type: array patchesJson6902: - description: 'JSON 6902 patches, defined as inline YAML objects. Deprecated: Use Patches instead.' + description: |- + JSON 6902 patches, defined as inline YAML objects. + Deprecated: Use Patches instead. items: - description: JSON6902Patch contains a JSON6902 patch and the target the patch should be applied to. + description: JSON6902Patch contains a JSON6902 patch and the target + the patch should be applied to. properties: patch: - description: Patch contains the JSON6902 patch document with an array of operation objects. + description: Patch contains the JSON6902 patch document with + an array of operation objects. items: - description: JSON6902 is a JSON6902 operation object. https://datatracker.ietf.org/doc/html/rfc6902#section-4 + description: |- + JSON6902 is a JSON6902 operation object. + https://datatracker.ietf.org/doc/html/rfc6902#section-4 properties: from: - description: From contains a JSON-pointer value that references a location within the target document - where the operation is performed. The meaning of the value depends on the value of Op, and is - NOT taken into account by all operations. + description: |- + From contains a JSON-pointer value that references a location within the target document where the operation is + performed. The meaning of the value depends on the value of Op, and is NOT taken into account by all operations. type: string op: - description: Op indicates the operation to perform. Its value MUST be one of "add", "remove", - "replace", "move", "copy", or "test". https://datatracker.ietf.org/doc/html/rfc6902#section-4 + description: |- + Op indicates the operation to perform. Its value MUST be one of "add", "remove", "replace", "move", "copy", or + "test". + https://datatracker.ietf.org/doc/html/rfc6902#section-4 enum: - test - remove @@ -4405,13 +6054,14 @@ spec: - copy type: string path: - description: Path contains the JSON-pointer value that references a location within the target - document where the operation is performed. The meaning of the value depends on the value of - Op. + description: |- + Path contains the JSON-pointer value that references a location within the target document where the operation + is performed. The meaning of the value depends on the value of Op. type: string value: - description: Value contains a valid JSON structure. The meaning of the value depends on the value - of Op, and is NOT taken into account by all operations. + description: |- + Value contains a valid JSON structure. The meaning of the value depends on the value of Op, and is NOT taken into + account by all operations. x-kubernetes-preserve-unknown-fields: true required: - op @@ -4419,22 +6069,32 @@ spec: type: object type: array target: - description: Target points to the resources that the patch document should be applied to. + description: Target points to the resources that the patch document + should be applied to. properties: annotationSelector: - description: AnnotationSelector is a string that follows the label selection expression https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#api + description: |- + AnnotationSelector is a string that follows the label selection expression + https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#api It matches with the resource annotations. type: string group: - description: Group is the API group to select resources from. Together with Version and Kind it - is capable of unambiguously identifying and/or selecting resources. https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md + description: |- + Group is the API group to select resources from. + Together with Version and Kind it is capable of unambiguously identifying and/or selecting resources. + https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md type: string kind: - description: Kind of the API Group to select resources from. Together with Group and Version it - is capable of unambiguously identifying and/or selecting resources. https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md + description: |- + Kind of the API Group to select resources from. + Together with Group and Version it is capable of unambiguously + identifying and/or selecting resources. + https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md type: string labelSelector: - description: LabelSelector is a string that follows the label selection expression https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#api + description: |- + LabelSelector is a string that follows the label selection expression + https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#api It matches with the resource labels. type: string name: @@ -4444,8 +6104,10 @@ spec: description: Namespace to select resources from. type: string version: - description: Version of the API Group to select resources from. Together with Group and Kind it - is capable of unambiguously identifying and/or selecting resources. https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md + description: |- + Version of the API Group to select resources from. + Together with Group and Kind it is capable of unambiguously identifying and/or selecting resources. + https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md type: string type: object required: @@ -4454,49 +6116,65 @@ spec: type: object type: array patchesStrategicMerge: - description: 'Strategic merge patches, defined as inline YAML objects. Deprecated: Use Patches instead.' + description: |- + Strategic merge patches, defined as inline YAML objects. + Deprecated: Use Patches instead. items: x-kubernetes-preserve-unknown-fields: true type: array path: - description: Path to the directory containing the kustomization.yaml file, or the set of plain YAMLs a kustomization.yaml - should be generated for. Defaults to 'None', which translates to the root path of the SourceRef. + description: |- + Path to the directory containing the kustomization.yaml file, or the + set of plain YAMLs a kustomization.yaml should be generated for. + Defaults to 'None', which translates to the root path of the SourceRef. type: string postBuild: - description: PostBuild describes which actions to perform on the YAML manifest generated by building the kustomize - overlay. + description: |- + PostBuild describes which actions to perform on the YAML manifest + generated by building the kustomize overlay. properties: substitute: additionalProperties: type: string - description: Substitute holds a map of key/value pairs. The variables defined in your YAML manifests that - match any of the keys defined in the map will be substituted with the set value. Includes support for - bash string replacement functions e.g. ${var:=default}, ${var:position} and ${var/substring/replacement}. + description: |- + Substitute holds a map of key/value pairs. + The variables defined in your YAML manifests + that match any of the keys defined in the map + will be substituted with the set value. + Includes support for bash string replacement functions + e.g. ${var:=default}, ${var:position} and ${var/substring/replacement}. type: object substituteFrom: - description: SubstituteFrom holds references to ConfigMaps and Secrets containing the variables and their - values to be substituted in the YAML manifests. The ConfigMap and the Secret data keys represent the - var names and they must match the vars declared in the manifests for the substitution to happen. + description: |- + SubstituteFrom holds references to ConfigMaps and Secrets containing + the variables and their values to be substituted in the YAML manifests. + The ConfigMap and the Secret data keys represent the var names and they + must match the vars declared in the manifests for the substitution to happen. items: - description: SubstituteReference contains a reference to a resource containing the variables name and - value. + description: |- + SubstituteReference contains a reference to a resource containing + the variables name and value. properties: kind: - description: Kind of the values referent, valid values are ('Secret', 'ConfigMap'). + description: Kind of the values referent, valid values are + ('Secret', 'ConfigMap'). enum: - Secret - ConfigMap type: string name: - description: Name of the values referent. Should reside in the same namespace as the referring resource. + description: |- + Name of the values referent. Should reside in the same namespace as the + referring resource. maxLength: 253 minLength: 1 type: string optional: default: false - description: Optional indicates whether the referenced resource must exist, or whether to tolerate - its absence. If true and the referenced resource is absent, proceed as if the resource was present - but empty, without any variables defined. + description: |- + Optional indicates whether the referenced resource must exist, or whether to + tolerate its absence. If true and the referenced resource is absent, proceed + as if the resource was present but empty, without any variables defined. type: boolean required: - kind @@ -4508,15 +6186,20 @@ spec: description: Prune enables garbage collection. type: boolean retryInterval: - description: The interval at which to retry a previously failed reconciliation. When not specified, the controller - uses the KustomizationSpec.Interval value to retry failures. + description: |- + The interval at which to retry a previously failed reconciliation. + When not specified, the controller uses the KustomizationSpec.Interval + value to retry failures. pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$ type: string serviceAccountName: - description: The name of the Kubernetes service account to impersonate when reconciling this Kustomization. + description: |- + The name of the Kubernetes service account to impersonate + when reconciling this Kustomization. type: string sourceRef: - description: Reference of the source where the kustomization file is. + description: Reference of the source where the kustomization file + is. properties: apiVersion: description: API version of the referent. @@ -4532,24 +6215,29 @@ spec: description: Name of the referent. type: string namespace: - description: Namespace of the referent, defaults to the namespace of the Kubernetes resource object that - contains the reference. + description: Namespace of the referent, defaults to the namespace + of the Kubernetes resource object that contains the reference. type: string required: - kind - name type: object suspend: - description: This flag tells the controller to suspend subsequent kustomize executions, it does not apply - to already started executions. Defaults to false. + description: |- + This flag tells the controller to suspend subsequent kustomize executions, + it does not apply to already started executions. Defaults to false. type: boolean targetNamespace: - description: TargetNamespace sets or overrides the namespace in the kustomization.yaml file. + description: |- + TargetNamespace sets or overrides the namespace in the + kustomization.yaml file. maxLength: 63 minLength: 1 type: string timeout: - description: Timeout for validation, apply and health checking operations. Defaults to 'Interval' duration. + description: |- + Timeout for validation, apply and health checking operations. + Defaults to 'Interval' duration. pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$ type: string validation: @@ -4560,8 +6248,9 @@ spec: - server type: string wait: - description: Wait instructs the controller to check the health of all the reconciled resources. When enabled, - the HealthChecks are ignored. Defaults to false. + description: |- + Wait instructs the controller to check the health of all the reconciled resources. + When enabled, the HealthChecks are ignored. Defaults to false. type: boolean required: - interval @@ -4575,35 +6264,43 @@ spec: properties: conditions: items: - description: "Condition contains details for one aspect of the current state of this API Resource. --- This - struct is intended for direct use as an array at the field path .status.conditions. For example, \n type - FooStatus struct{ // Represents the observations of a foo's current state. // Known .status.conditions.type - are: \"Available\", \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge // - +listType=map // +listMapKey=type Conditions []metav1.Condition `json:\"conditions,omitempty\" patchStrategy:\"merge\" - patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" + description: "Condition contains details for one aspect of the current + state of this API Resource.\n---\nThis struct is intended for + direct use as an array at the field path .status.conditions. For + example,\n\n\n\ttype FooStatus struct{\n\t // Represents the + observations of a foo's current state.\n\t // Known .status.conditions.type + are: \"Available\", \"Progressing\", and \"Degraded\"\n\t // + +patchMergeKey=type\n\t // +patchStrategy=merge\n\t // +listType=map\n\t + \ // +listMapKey=type\n\t Conditions []metav1.Condition `json:\"conditions,omitempty\" + patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"`\n\n\n\t + \ // other fields\n\t}" properties: lastTransitionTime: - description: lastTransitionTime is the last time the condition transitioned from one status to another. - This should be when the underlying condition changed. If that is not known, then using the time when - the API field changed is acceptable. + description: |- + lastTransitionTime is the last time the condition transitioned from one status to another. + This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. format: date-time type: string message: - description: message is a human readable message indicating details about the transition. This may be - an empty string. + description: |- + message is a human readable message indicating details about the transition. + This may be an empty string. maxLength: 32768 type: string observedGeneration: - description: observedGeneration represents the .metadata.generation that the condition was set based - upon. For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration - is 9, the condition is out of date with respect to the current state of the instance. + description: |- + observedGeneration represents the .metadata.generation that the condition was set based upon. + For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date + with respect to the current state of the instance. format: int64 minimum: 0 type: integer reason: - description: reason contains a programmatic identifier indicating the reason for the condition's last - transition. Producers of specific condition types may define expected values and meanings for this - field, and whether the values are considered a guaranteed API. The value should be a CamelCase string. + description: |- + reason contains a programmatic identifier indicating the reason for the condition's last transition. + Producers of specific condition types may define expected values and meanings for this field, + and whether the values are considered a guaranteed API. + The value should be a CamelCase string. This field may not be empty. maxLength: 1024 minLength: 1 @@ -4617,9 +6314,12 @@ spec: - Unknown type: string type: - description: type of condition in CamelCase or in foo.example.com/CamelCase. --- Many .condition.type - values are consistent across resources like Available, but because arbitrary conditions can be useful - (see .node.status.conditions), the ability to deconflict is important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + description: |- + type of condition in CamelCase or in foo.example.com/CamelCase. + --- + Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be + useful (see .node.status.conditions), the ability to deconflict is important. + The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) maxLength: 316 pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ type: string @@ -4632,20 +6332,23 @@ spec: type: object type: array inventory: - description: Inventory contains the list of Kubernetes resource object references that have been successfully - applied. + description: Inventory contains the list of Kubernetes resource object + references that have been successfully applied. properties: entries: description: Entries of Kubernetes resource object references. items: - description: ResourceRef contains the information necessary to locate a resource within a cluster. + description: ResourceRef contains the information necessary + to locate a resource within a cluster. properties: id: - description: ID is the string representation of the Kubernetes resource object's metadata, in the - format '___'. + description: |- + ID is the string representation of the Kubernetes resource object's metadata, + in the format '___'. type: string v: - description: Version is the API version of the Kubernetes resource object's kind. + description: Version is the API version of the Kubernetes + resource object's kind. type: string required: - id @@ -4656,15 +6359,19 @@ spec: - entries type: object lastAppliedRevision: - description: The last successfully applied revision. Equals the Revision of the applied Artifact from the - referenced Source. + description: |- + The last successfully applied revision. + Equals the Revision of the applied Artifact from the referenced Source. type: string lastAttemptedRevision: - description: LastAttemptedRevision is the revision of the last reconciliation attempt. + description: LastAttemptedRevision is the revision of the last reconciliation + attempt. type: string lastHandledReconcileAt: - description: LastHandledReconcileAt holds the value of the most recent reconcile request value, so a change - of the annotation value can be detected. + description: |- + LastHandledReconcileAt holds the value of the most recent + reconcile request value, so a change of the annotation value + can be detected. type: string observedGeneration: description: ObservedGeneration is the last reconciled generation. @@ -4684,7 +6391,7 @@ metadata: app.kubernetes.io/component: kustomize-controller app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v2.1.1 + app.kubernetes.io/version: v2.3.0 name: kustomize-controller namespace: flux-system --- @@ -4695,7 +6402,7 @@ metadata: app.kubernetes.io/component: kustomize-controller app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v2.1.1 + app.kubernetes.io/version: v2.3.0 control-plane: controller name: kustomize-controller namespace: flux-system @@ -4724,7 +6431,17 @@ spec: valueFrom: fieldRef: fieldPath: metadata.namespace - image: ghcr.io/fluxcd/kustomize-controller:v1.1.0 + - name: GOMAXPROCS + valueFrom: + resourceFieldRef: + containerName: manager + resource: limits.cpu + - name: GOMEMLIMIT + valueFrom: + resourceFieldRef: + containerName: manager + resource: limits.memory + image: ghcr.io/fluxcd/kustomize-controller:v1.3.0 imagePullPolicy: IfNotPresent livenessProbe: httpGet: @@ -4776,12 +6493,12 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.12.0 + controller-gen.kubebuilder.io/version: v0.15.0 labels: app.kubernetes.io/component: helm-controller app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v2.1.1 + app.kubernetes.io/version: v2.3.0 name: helmreleases.helm.toolkit.fluxcd.io spec: group: helm.toolkit.fluxcd.io @@ -4804,18 +6521,25 @@ spec: - jsonPath: .status.conditions[?(@.type=="Ready")].message name: Status type: string - name: v2beta1 + name: v2 schema: openAPIV3Schema: description: HelmRelease is the Schema for the helmreleases API properties: apiVersion: - description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert - recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string kind: - description: 'Kind is a string value representing the REST resource this object represents. Servers may infer - this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string metadata: type: object @@ -4823,46 +6547,66 @@ spec: description: HelmReleaseSpec defines the desired state of a Helm release. properties: chart: - description: Chart defines the template of the v1beta2.HelmChart that should be created for this HelmRelease. + description: |- + Chart defines the template of the v1.HelmChart that should be created + for this HelmRelease. properties: metadata: - description: ObjectMeta holds the template for metadata like labels and annotations. + description: ObjectMeta holds the template for metadata like labels + and annotations. properties: annotations: additionalProperties: type: string - description: 'Annotations is an unstructured key value map stored with a resource that may be set - by external tools to store and retrieve arbitrary metadata. They are not queryable and should be - preserved when modifying objects. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations/' + description: |- + Annotations is an unstructured key value map stored with a resource that may be + set by external tools to store and retrieve arbitrary metadata. They are not + queryable and should be preserved when modifying objects. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations/ type: object labels: additionalProperties: type: string - description: 'Map of string keys and values that can be used to organize and categorize (scope and - select) objects. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/' + description: |- + Map of string keys and values that can be used to organize and categorize + (scope and select) objects. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/ type: object type: object spec: - description: Spec holds the template for the v1beta2.HelmChartSpec for this HelmRelease. + description: Spec holds the template for the v1.HelmChartSpec + for this HelmRelease. properties: chart: - description: The name or path the Helm chart is available at in the SourceRef. + description: The name or path the Helm chart is available + at in the SourceRef. + maxLength: 2048 + minLength: 1 type: string + ignoreMissingValuesFiles: + description: IgnoreMissingValuesFiles controls whether to + silently ignore missing values files rather than failing. + type: boolean interval: - description: Interval at which to check the v1beta2.Source for updates. Defaults to 'HelmReleaseSpec.Interval'. + description: |- + Interval at which to check the v1.Source for updates. Defaults to + 'HelmReleaseSpec.Interval'. pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$ type: string reconcileStrategy: default: ChartVersion - description: Determines what enables the creation of a new artifact. Valid values are ('ChartVersion', - 'Revision'). See the documentation of the values for an explanation on their behavior. Defaults - to ChartVersion when omitted. + description: |- + Determines what enables the creation of a new artifact. Valid values are + ('ChartVersion', 'Revision'). + See the documentation of the values for an explanation on their behavior. + Defaults to ChartVersion when omitted. enum: - ChartVersion - Revision type: string sourceRef: - description: The name and namespace of the v1beta2.Source the chart is available at. + description: The name and namespace of the v1.Source the chart + is available at. properties: apiVersion: description: APIVersion of the referent. @@ -4887,32 +6631,36 @@ spec: required: - name type: object - valuesFile: - description: Alternative values file to use as the default chart values, expected to be a relative - path in the SourceRef. Deprecated in favor of ValuesFiles, for backwards compatibility the file - defined here is merged before the ValuesFiles items. Ignored when omitted. - type: string valuesFiles: - description: Alternative list of values files to use as the chart values (values.yaml is not included - by default), expected to be a relative path in the SourceRef. Values files are merged in the order - of this list with the last file overriding the first. Ignored when omitted. + description: |- + Alternative list of values files to use as the chart values (values.yaml + is not included by default), expected to be a relative path in the SourceRef. + Values files are merged in the order of this list with the last file overriding + the first. Ignored when omitted. items: type: string type: array verify: - description: Verify contains the secret name containing the trusted public keys used to verify the - signature and specifies which provider to use to check whether OCI image is authentic. This field - is only supported for OCI sources. Chart dependencies, which are not bundled in the umbrella chart - artifact, are not verified. + description: |- + Verify contains the secret name containing the trusted public keys + used to verify the signature and specifies which provider to use to check + whether OCI image is authentic. + This field is only supported for OCI sources. + Chart dependencies, which are not bundled in the umbrella chart artifact, + are not verified. properties: provider: default: cosign - description: Provider specifies the technology used to sign the OCI Helm chart. + description: Provider specifies the technology used to + sign the OCI Helm chart. enum: - cosign + - notation type: string secretRef: - description: SecretRef specifies the Kubernetes Secret containing the trusted public keys. + description: |- + SecretRef specifies the Kubernetes Secret containing the + trusted public keys. properties: name: description: Name of the referent. @@ -4925,8 +6673,9 @@ spec: type: object version: default: '*' - description: Version semver expression, ignored for charts from v1beta2.GitRepository and v1beta2.Bucket - sources. Defaults to latest when omitted. + description: |- + Version semver expression, ignored for charts from v1.GitRepository and + v1beta2.Bucket sources. Defaults to latest when omitted. type: string required: - chart @@ -4935,109 +6684,2722 @@ spec: required: - spec type: object + chartRef: + description: |- + ChartRef holds a reference to a source controller resource containing the + Helm chart artifact. + properties: + apiVersion: + description: APIVersion of the referent. + type: string + kind: + description: Kind of the referent. + enum: + - OCIRepository + - HelmChart + type: string + name: + description: Name of the referent. + maxLength: 253 + minLength: 1 + type: string + namespace: + description: |- + Namespace of the referent, defaults to the namespace of the Kubernetes + resource object that contains the reference. + maxLength: 63 + minLength: 1 + type: string + required: + - kind + - name + type: object dependsOn: - description: DependsOn may contain a meta.NamespacedObjectReference slice with references to HelmRelease resources - that must be ready before this HelmRelease can be reconciled. + description: |- + DependsOn may contain a meta.NamespacedObjectReference slice with + references to HelmRelease resources that must be ready before this HelmRelease + can be reconciled. items: - description: NamespacedObjectReference contains enough information to locate the referenced Kubernetes resource - object in any namespace. + description: |- + NamespacedObjectReference contains enough information to locate the referenced Kubernetes resource object in any + namespace. properties: name: description: Name of the referent. type: string namespace: - description: Namespace of the referent, when not specified it acts as LocalObjectReference. + description: Namespace of the referent, when not specified it + acts as LocalObjectReference. type: string required: - name type: object type: array - install: - description: Install holds the configuration for Helm install actions for this HelmRelease. + driftDetection: + description: |- + DriftDetection holds the configuration for detecting and handling + differences between the manifest in the Helm storage and the resources + currently existing in the cluster. + properties: + ignore: + description: |- + Ignore contains a list of rules for specifying which changes to ignore + during diffing. + items: + description: |- + IgnoreRule defines a rule to selectively disregard specific changes during + the drift detection process. + properties: + paths: + description: |- + Paths is a list of JSON Pointer (RFC 6901) paths to be excluded from + consideration in a Kubernetes object. + items: + type: string + type: array + target: + description: |- + Target is a selector for specifying Kubernetes objects to which this + rule applies. + If Target is not set, the Paths will be ignored for all Kubernetes + objects within the manifest of the Helm release. + properties: + annotationSelector: + description: |- + AnnotationSelector is a string that follows the label selection expression + https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#api + It matches with the resource annotations. + type: string + group: + description: |- + Group is the API group to select resources from. + Together with Version and Kind it is capable of unambiguously identifying and/or selecting resources. + https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md + type: string + kind: + description: |- + Kind of the API Group to select resources from. + Together with Group and Version it is capable of unambiguously + identifying and/or selecting resources. + https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md + type: string + labelSelector: + description: |- + LabelSelector is a string that follows the label selection expression + https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#api + It matches with the resource labels. + type: string + name: + description: Name to match resources with. + type: string + namespace: + description: Namespace to select resources from. + type: string + version: + description: |- + Version of the API Group to select resources from. + Together with Group and Kind it is capable of unambiguously identifying and/or selecting resources. + https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md + type: string + type: object + required: + - paths + type: object + type: array + mode: + description: |- + Mode defines how differences should be handled between the Helm manifest + and the manifest currently applied to the cluster. + If not explicitly set, it defaults to DiffModeDisabled. + enum: + - enabled + - warn + - disabled + type: string + type: object + install: + description: Install holds the configuration for Helm install actions + for this HelmRelease. + properties: + crds: + description: |- + CRDs upgrade CRDs from the Helm Chart's crds directory according + to the CRD upgrade policy provided here. Valid values are `Skip`, + `Create` or `CreateReplace`. Default is `Create` and if omitted + CRDs are installed but not updated. + + + Skip: do neither install nor replace (update) any CRDs. + + + Create: new CRDs are created, existing CRDs are neither updated nor deleted. + + + CreateReplace: new CRDs are created, existing CRDs are updated (replaced) + but not deleted. + + + By default, CRDs are applied (installed) during Helm install action. + With this option users can opt in to CRD replace existing CRDs on Helm + install actions, which is not (yet) natively supported by Helm. + https://helm.sh/docs/chart_best_practices/custom_resource_definitions. + enum: + - Skip + - Create + - CreateReplace + type: string + createNamespace: + description: |- + CreateNamespace tells the Helm install action to create the + HelmReleaseSpec.TargetNamespace if it does not exist yet. + On uninstall, the namespace will not be garbage collected. + type: boolean + disableHooks: + description: DisableHooks prevents hooks from running during the + Helm install action. + type: boolean + disableOpenAPIValidation: + description: |- + DisableOpenAPIValidation prevents the Helm install action from validating + rendered templates against the Kubernetes OpenAPI Schema. + type: boolean + disableWait: + description: |- + DisableWait disables the waiting for resources to be ready after a Helm + install has been performed. + type: boolean + disableWaitForJobs: + description: |- + DisableWaitForJobs disables waiting for jobs to complete after a Helm + install has been performed. + type: boolean + remediation: + description: |- + Remediation holds the remediation configuration for when the Helm install + action for the HelmRelease fails. The default is to not perform any action. + properties: + ignoreTestFailures: + description: |- + IgnoreTestFailures tells the controller to skip remediation when the Helm + tests are run after an install action but fail. Defaults to + 'Test.IgnoreFailures'. + type: boolean + remediateLastFailure: + description: |- + RemediateLastFailure tells the controller to remediate the last failure, when + no retries remain. Defaults to 'false'. + type: boolean + retries: + description: |- + Retries is the number of retries that should be attempted on failures before + bailing. Remediation, using an uninstall, is performed between each attempt. + Defaults to '0', a negative integer equals to unlimited retries. + type: integer + type: object + replace: + description: |- + Replace tells the Helm install action to re-use the 'ReleaseName', but only + if that name is a deleted release which remains in the history. + type: boolean + skipCRDs: + description: |- + SkipCRDs tells the Helm install action to not install any CRDs. By default, + CRDs are installed if not already present. + + + Deprecated use CRD policy (`crds`) attribute with value `Skip` instead. + type: boolean + timeout: + description: |- + Timeout is the time to wait for any individual Kubernetes operation (like + Jobs for hooks) during the performance of a Helm install action. Defaults to + 'HelmReleaseSpec.Timeout'. + pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$ + type: string + type: object + interval: + description: Interval at which to reconcile the Helm release. + pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$ + type: string + kubeConfig: + description: |- + KubeConfig for reconciling the HelmRelease on a remote cluster. + When used in combination with HelmReleaseSpec.ServiceAccountName, + forces the controller to act on behalf of that Service Account at the + target cluster. + If the --default-service-account flag is set, its value will be used as + a controller level fallback for when HelmReleaseSpec.ServiceAccountName + is empty. + properties: + secretRef: + description: |- + SecretRef holds the name of a secret that contains a key with + the kubeconfig file as the value. If no key is set, the key will default + to 'value'. + It is recommended that the kubeconfig is self-contained, and the secret + is regularly updated if credentials such as a cloud-access-token expire. + Cloud specific `cmd-path` auth helpers will not function without adding + binaries and credentials to the Pod that is responsible for reconciling + Kubernetes resources. + properties: + key: + description: Key in the Secret, when not specified an implementation-specific + default key is used. + type: string + name: + description: Name of the Secret. + type: string + required: + - name + type: object + required: + - secretRef + type: object + maxHistory: + description: |- + MaxHistory is the number of revisions saved by Helm for this HelmRelease. + Use '0' for an unlimited number of revisions; defaults to '5'. + type: integer + persistentClient: + description: |- + PersistentClient tells the controller to use a persistent Kubernetes + client for this release. When enabled, the client will be reused for the + duration of the reconciliation, instead of being created and destroyed + for each (step of a) Helm action. + + + This can improve performance, but may cause issues with some Helm charts + that for example do create Custom Resource Definitions during installation + outside Helm's CRD lifecycle hooks, which are then not observed to be + available by e.g. post-install hooks. + + + If not set, it defaults to true. + type: boolean + postRenderers: + description: |- + PostRenderers holds an array of Helm PostRenderers, which will be applied in order + of their definition. + items: + description: PostRenderer contains a Helm PostRenderer specification. + properties: + kustomize: + description: Kustomization to apply as PostRenderer. + properties: + images: + description: |- + Images is a list of (image name, new name, new tag or digest) + for changing image names, tags or digests. This can also be achieved with a + patch, but this operator is simpler to specify. + items: + description: Image contains an image name, a new name, + a new tag or digest, which will replace the original + name and tag. + properties: + digest: + description: |- + Digest is the value used to replace the original image tag. + If digest is present NewTag value is ignored. + type: string + name: + description: Name is a tag-less image name. + type: string + newName: + description: NewName is the value used to replace + the original name. + type: string + newTag: + description: NewTag is the value used to replace the + original tag. + type: string + required: + - name + type: object + type: array + patches: + description: |- + Strategic merge and JSON patches, defined as inline YAML objects, + capable of targeting objects based on kind, label and annotation selectors. + items: + description: |- + Patch contains an inline StrategicMerge or JSON6902 patch, and the target the patch should + be applied to. + properties: + patch: + description: |- + Patch contains an inline StrategicMerge patch or an inline JSON6902 patch with + an array of operation objects. + type: string + target: + description: Target points to the resources that the + patch document should be applied to. + properties: + annotationSelector: + description: |- + AnnotationSelector is a string that follows the label selection expression + https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#api + It matches with the resource annotations. + type: string + group: + description: |- + Group is the API group to select resources from. + Together with Version and Kind it is capable of unambiguously identifying and/or selecting resources. + https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md + type: string + kind: + description: |- + Kind of the API Group to select resources from. + Together with Group and Version it is capable of unambiguously + identifying and/or selecting resources. + https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md + type: string + labelSelector: + description: |- + LabelSelector is a string that follows the label selection expression + https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#api + It matches with the resource labels. + type: string + name: + description: Name to match resources with. + type: string + namespace: + description: Namespace to select resources from. + type: string + version: + description: |- + Version of the API Group to select resources from. + Together with Group and Kind it is capable of unambiguously identifying and/or selecting resources. + https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md + type: string + type: object + required: + - patch + type: object + type: array + type: object + type: object + type: array + releaseName: + description: |- + ReleaseName used for the Helm release. Defaults to a composition of + '[TargetNamespace-]Name'. + maxLength: 53 + minLength: 1 + type: string + rollback: + description: Rollback holds the configuration for Helm rollback actions + for this HelmRelease. + properties: + cleanupOnFail: + description: |- + CleanupOnFail allows deletion of new resources created during the Helm + rollback action when it fails. + type: boolean + disableHooks: + description: DisableHooks prevents hooks from running during the + Helm rollback action. + type: boolean + disableWait: + description: |- + DisableWait disables the waiting for resources to be ready after a Helm + rollback has been performed. + type: boolean + disableWaitForJobs: + description: |- + DisableWaitForJobs disables waiting for jobs to complete after a Helm + rollback has been performed. + type: boolean + force: + description: Force forces resource updates through a replacement + strategy. + type: boolean + recreate: + description: Recreate performs pod restarts for the resource if + applicable. + type: boolean + timeout: + description: |- + Timeout is the time to wait for any individual Kubernetes operation (like + Jobs for hooks) during the performance of a Helm rollback action. Defaults to + 'HelmReleaseSpec.Timeout'. + pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$ + type: string + type: object + serviceAccountName: + description: |- + The name of the Kubernetes service account to impersonate + when reconciling this HelmRelease. + maxLength: 253 + minLength: 1 + type: string + storageNamespace: + description: |- + StorageNamespace used for the Helm storage. + Defaults to the namespace of the HelmRelease. + maxLength: 63 + minLength: 1 + type: string + suspend: + description: |- + Suspend tells the controller to suspend reconciliation for this HelmRelease, + it does not apply to already started reconciliations. Defaults to false. + type: boolean + targetNamespace: + description: |- + TargetNamespace to target when performing operations for the HelmRelease. + Defaults to the namespace of the HelmRelease. + maxLength: 63 + minLength: 1 + type: string + test: + description: Test holds the configuration for Helm test actions for + this HelmRelease. + properties: + enable: + description: |- + Enable enables Helm test actions for this HelmRelease after an Helm install + or upgrade action has been performed. + type: boolean + filters: + description: Filters is a list of tests to run or exclude from + running. + items: + description: Filter holds the configuration for individual Helm + test filters. + properties: + exclude: + description: Exclude specifies whether the named test should + be excluded. + type: boolean + name: + description: Name is the name of the test. + maxLength: 253 + minLength: 1 + type: string + required: + - name + type: object + type: array + ignoreFailures: + description: |- + IgnoreFailures tells the controller to skip remediation when the Helm tests + are run but fail. Can be overwritten for tests run after install or upgrade + actions in 'Install.IgnoreTestFailures' and 'Upgrade.IgnoreTestFailures'. + type: boolean + timeout: + description: |- + Timeout is the time to wait for any individual Kubernetes operation during + the performance of a Helm test action. Defaults to 'HelmReleaseSpec.Timeout'. + pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$ + type: string + type: object + timeout: + description: |- + Timeout is the time to wait for any individual Kubernetes operation (like Jobs + for hooks) during the performance of a Helm action. Defaults to '5m0s'. + pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$ + type: string + uninstall: + description: Uninstall holds the configuration for Helm uninstall + actions for this HelmRelease. + properties: + deletionPropagation: + default: background + description: |- + DeletionPropagation specifies the deletion propagation policy when + a Helm uninstall is performed. + enum: + - background + - foreground + - orphan + type: string + disableHooks: + description: DisableHooks prevents hooks from running during the + Helm rollback action. + type: boolean + disableWait: + description: |- + DisableWait disables waiting for all the resources to be deleted after + a Helm uninstall is performed. + type: boolean + keepHistory: + description: |- + KeepHistory tells Helm to remove all associated resources and mark the + release as deleted, but retain the release history. + type: boolean + timeout: + description: |- + Timeout is the time to wait for any individual Kubernetes operation (like + Jobs for hooks) during the performance of a Helm uninstall action. Defaults + to 'HelmReleaseSpec.Timeout'. + pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$ + type: string + type: object + upgrade: + description: Upgrade holds the configuration for Helm upgrade actions + for this HelmRelease. + properties: + cleanupOnFail: + description: |- + CleanupOnFail allows deletion of new resources created during the Helm + upgrade action when it fails. + type: boolean + crds: + description: |- + CRDs upgrade CRDs from the Helm Chart's crds directory according + to the CRD upgrade policy provided here. Valid values are `Skip`, + `Create` or `CreateReplace`. Default is `Skip` and if omitted + CRDs are neither installed nor upgraded. + + + Skip: do neither install nor replace (update) any CRDs. + + + Create: new CRDs are created, existing CRDs are neither updated nor deleted. + + + CreateReplace: new CRDs are created, existing CRDs are updated (replaced) + but not deleted. + + + By default, CRDs are not applied during Helm upgrade action. With this + option users can opt-in to CRD upgrade, which is not (yet) natively supported by Helm. + https://helm.sh/docs/chart_best_practices/custom_resource_definitions. + enum: + - Skip + - Create + - CreateReplace + type: string + disableHooks: + description: DisableHooks prevents hooks from running during the + Helm upgrade action. + type: boolean + disableOpenAPIValidation: + description: |- + DisableOpenAPIValidation prevents the Helm upgrade action from validating + rendered templates against the Kubernetes OpenAPI Schema. + type: boolean + disableWait: + description: |- + DisableWait disables the waiting for resources to be ready after a Helm + upgrade has been performed. + type: boolean + disableWaitForJobs: + description: |- + DisableWaitForJobs disables waiting for jobs to complete after a Helm + upgrade has been performed. + type: boolean + force: + description: Force forces resource updates through a replacement + strategy. + type: boolean + preserveValues: + description: |- + PreserveValues will make Helm reuse the last release's values and merge in + overrides from 'Values'. Setting this flag makes the HelmRelease + non-declarative. + type: boolean + remediation: + description: |- + Remediation holds the remediation configuration for when the Helm upgrade + action for the HelmRelease fails. The default is to not perform any action. + properties: + ignoreTestFailures: + description: |- + IgnoreTestFailures tells the controller to skip remediation when the Helm + tests are run after an upgrade action but fail. + Defaults to 'Test.IgnoreFailures'. + type: boolean + remediateLastFailure: + description: |- + RemediateLastFailure tells the controller to remediate the last failure, when + no retries remain. Defaults to 'false' unless 'Retries' is greater than 0. + type: boolean + retries: + description: |- + Retries is the number of retries that should be attempted on failures before + bailing. Remediation, using 'Strategy', is performed between each attempt. + Defaults to '0', a negative integer equals to unlimited retries. + type: integer + strategy: + description: Strategy to use for failure remediation. Defaults + to 'rollback'. + enum: + - rollback + - uninstall + type: string + type: object + timeout: + description: |- + Timeout is the time to wait for any individual Kubernetes operation (like + Jobs for hooks) during the performance of a Helm upgrade action. Defaults to + 'HelmReleaseSpec.Timeout'. + pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$ + type: string + type: object + values: + description: Values holds the values for this Helm release. + x-kubernetes-preserve-unknown-fields: true + valuesFrom: + description: |- + ValuesFrom holds references to resources containing Helm values for this HelmRelease, + and information about how they should be merged. + items: + description: |- + ValuesReference contains a reference to a resource containing Helm values, + and optionally the key they can be found at. + properties: + kind: + description: Kind of the values referent, valid values are ('Secret', + 'ConfigMap'). + enum: + - Secret + - ConfigMap + type: string + name: + description: |- + Name of the values referent. Should reside in the same namespace as the + referring resource. + maxLength: 253 + minLength: 1 + type: string + optional: + description: |- + Optional marks this ValuesReference as optional. When set, a not found error + for the values reference is ignored, but any ValuesKey, TargetPath or + transient error will still result in a reconciliation failure. + type: boolean + targetPath: + description: |- + TargetPath is the YAML dot notation path the value should be merged at. When + set, the ValuesKey is expected to be a single flat value. Defaults to 'None', + which results in the values getting merged at the root. + maxLength: 250 + pattern: ^([a-zA-Z0-9_\-.\\\/]|\[[0-9]{1,5}\])+$ + type: string + valuesKey: + description: |- + ValuesKey is the data key where the values.yaml or a specific value can be + found at. Defaults to 'values.yaml'. + maxLength: 253 + pattern: ^[\-._a-zA-Z0-9]+$ + type: string + required: + - kind + - name + type: object + type: array + required: + - interval + type: object + x-kubernetes-validations: + - message: either chart or chartRef must be set + rule: (has(self.chart) && !has(self.chartRef)) || (!has(self.chart) + && has(self.chartRef)) + status: + default: + observedGeneration: -1 + description: HelmReleaseStatus defines the observed state of a HelmRelease. + properties: + conditions: + description: Conditions holds the conditions for the HelmRelease. + items: + description: "Condition contains details for one aspect of the current + state of this API Resource.\n---\nThis struct is intended for + direct use as an array at the field path .status.conditions. For + example,\n\n\n\ttype FooStatus struct{\n\t // Represents the + observations of a foo's current state.\n\t // Known .status.conditions.type + are: \"Available\", \"Progressing\", and \"Degraded\"\n\t // + +patchMergeKey=type\n\t // +patchStrategy=merge\n\t // +listType=map\n\t + \ // +listMapKey=type\n\t Conditions []metav1.Condition `json:\"conditions,omitempty\" + patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"`\n\n\n\t + \ // other fields\n\t}" + properties: + lastTransitionTime: + description: |- + lastTransitionTime is the last time the condition transitioned from one status to another. + This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. + format: date-time + type: string + message: + description: |- + message is a human readable message indicating details about the transition. + This may be an empty string. + maxLength: 32768 + type: string + observedGeneration: + description: |- + observedGeneration represents the .metadata.generation that the condition was set based upon. + For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date + with respect to the current state of the instance. + format: int64 + minimum: 0 + type: integer + reason: + description: |- + reason contains a programmatic identifier indicating the reason for the condition's last transition. + Producers of specific condition types may define expected values and meanings for this field, + and whether the values are considered a guaranteed API. + The value should be a CamelCase string. + This field may not be empty. + maxLength: 1024 + minLength: 1 + pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ + type: string + status: + description: status of the condition, one of True, False, Unknown. + enum: + - "True" + - "False" + - Unknown + type: string + type: + description: |- + type of condition in CamelCase or in foo.example.com/CamelCase. + --- + Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be + useful (see .node.status.conditions), the ability to deconflict is important. + The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + maxLength: 316 + pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ + type: string + required: + - lastTransitionTime + - message + - reason + - status + - type + type: object + type: array + failures: + description: |- + Failures is the reconciliation failure count against the latest desired + state. It is reset after a successful reconciliation. + format: int64 + type: integer + helmChart: + description: |- + HelmChart is the namespaced name of the HelmChart resource created by + the controller for the HelmRelease. + type: string + history: + description: |- + History holds the history of Helm releases performed for this HelmRelease + up to the last successfully completed release. + items: + description: |- + Snapshot captures a point-in-time copy of the status information for a Helm release, + as managed by the controller. + properties: + apiVersion: + description: |- + APIVersion is the API version of the Snapshot. + Provisional: when the calculation method of the Digest field is changed, + this field will be used to distinguish between the old and new methods. + type: string + appVersion: + description: AppVersion is the chart app version of the release + object in storage. + type: string + chartName: + description: ChartName is the chart name of the release object + in storage. + type: string + chartVersion: + description: |- + ChartVersion is the chart version of the release object in + storage. + type: string + configDigest: + description: |- + ConfigDigest is the checksum of the config (better known as + "values") of the release object in storage. + It has the format of `:`. + type: string + deleted: + description: Deleted is when the release was deleted. + format: date-time + type: string + digest: + description: |- + Digest is the checksum of the release object in storage. + It has the format of `:`. + type: string + firstDeployed: + description: FirstDeployed is when the release was first deployed. + format: date-time + type: string + lastDeployed: + description: LastDeployed is when the release was last deployed. + format: date-time + type: string + name: + description: Name is the name of the release. + type: string + namespace: + description: Namespace is the namespace the release is deployed + to. + type: string + ociDigest: + description: OCIDigest is the digest of the OCI artifact associated + with the release. + type: string + status: + description: Status is the current state of the release. + type: string + testHooks: + additionalProperties: + description: |- + TestHookStatus holds the status information for a test hook as observed + to be run by the controller. + properties: + lastCompleted: + description: LastCompleted is the time the test hook last + completed. + format: date-time + type: string + lastStarted: + description: LastStarted is the time the test hook was + last started. + format: date-time + type: string + phase: + description: Phase the test hook was observed to be in. + type: string + type: object + description: |- + TestHooks is the list of test hooks for the release as observed to be + run by the controller. + type: object + version: + description: Version is the version of the release object in + storage. + type: integer + required: + - chartName + - chartVersion + - configDigest + - digest + - firstDeployed + - lastDeployed + - name + - namespace + - status + - version + type: object + type: array + installFailures: + description: |- + InstallFailures is the install failure count against the latest desired + state. It is reset after a successful reconciliation. + format: int64 + type: integer + lastAttemptedConfigDigest: + description: |- + LastAttemptedConfigDigest is the digest for the config (better known as + "values") of the last reconciliation attempt. + type: string + lastAttemptedGeneration: + description: |- + LastAttemptedGeneration is the last generation the controller attempted + to reconcile. + format: int64 + type: integer + lastAttemptedReleaseAction: + description: |- + LastAttemptedReleaseAction is the last release action performed for this + HelmRelease. It is used to determine the active remediation strategy. + enum: + - install + - upgrade + type: string + lastAttemptedRevision: + description: |- + LastAttemptedRevision is the Source revision of the last reconciliation + attempt. For OCIRepository sources, the 12 first characters of the digest are + appended to the chart version e.g. "1.2.3+1234567890ab". + type: string + lastAttemptedRevisionDigest: + description: |- + LastAttemptedRevisionDigest is the digest of the last reconciliation attempt. + This is only set for OCIRepository sources. + type: string + lastAttemptedValuesChecksum: + description: |- + LastAttemptedValuesChecksum is the SHA1 checksum for the values of the last + reconciliation attempt. + Deprecated: Use LastAttemptedConfigDigest instead. + type: string + lastHandledForceAt: + description: |- + LastHandledForceAt holds the value of the most recent force request + value, so a change of the annotation value can be detected. + type: string + lastHandledReconcileAt: + description: |- + LastHandledReconcileAt holds the value of the most recent + reconcile request value, so a change of the annotation value + can be detected. + type: string + lastHandledResetAt: + description: |- + LastHandledResetAt holds the value of the most recent reset request + value, so a change of the annotation value can be detected. + type: string + lastReleaseRevision: + description: |- + LastReleaseRevision is the revision of the last successful Helm release. + Deprecated: Use History instead. + type: integer + observedGeneration: + description: ObservedGeneration is the last observed generation. + format: int64 + type: integer + observedPostRenderersDigest: + description: |- + ObservedPostRenderersDigest is the digest for the post-renderers of + the last successful reconciliation attempt. + type: string + storageNamespace: + description: |- + StorageNamespace is the namespace of the Helm release storage for the + current release. + maxLength: 63 + minLength: 1 + type: string + upgradeFailures: + description: |- + UpgradeFailures is the upgrade failure count against the latest desired + state. It is reset after a successful reconciliation. + format: int64 + type: integer + type: object + type: object + served: true + storage: true + subresources: + status: {} + - additionalPrinterColumns: + - jsonPath: .metadata.creationTimestamp + name: Age + type: date + - jsonPath: .status.conditions[?(@.type=="Ready")].status + name: Ready + type: string + - jsonPath: .status.conditions[?(@.type=="Ready")].message + name: Status + type: string + deprecated: true + deprecationWarning: v2beta1 HelmRelease is deprecated, upgrade to v2 + name: v2beta1 + schema: + openAPIV3Schema: + description: HelmRelease is the Schema for the helmreleases API + properties: + apiVersion: + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources + type: string + kind: + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds + type: string + metadata: + type: object + spec: + description: HelmReleaseSpec defines the desired state of a Helm release. + properties: + chart: + description: |- + Chart defines the template of the v1beta2.HelmChart that should be created + for this HelmRelease. + properties: + metadata: + description: ObjectMeta holds the template for metadata like labels + and annotations. + properties: + annotations: + additionalProperties: + type: string + description: |- + Annotations is an unstructured key value map stored with a resource that may be + set by external tools to store and retrieve arbitrary metadata. They are not + queryable and should be preserved when modifying objects. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations/ + type: object + labels: + additionalProperties: + type: string + description: |- + Map of string keys and values that can be used to organize and categorize + (scope and select) objects. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/ + type: object + type: object + spec: + description: Spec holds the template for the v1beta2.HelmChartSpec + for this HelmRelease. + properties: + chart: + description: The name or path the Helm chart is available + at in the SourceRef. + type: string + interval: + description: |- + Interval at which to check the v1beta2.Source for updates. Defaults to + 'HelmReleaseSpec.Interval'. + pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$ + type: string + reconcileStrategy: + default: ChartVersion + description: |- + Determines what enables the creation of a new artifact. Valid values are + ('ChartVersion', 'Revision'). + See the documentation of the values for an explanation on their behavior. + Defaults to ChartVersion when omitted. + enum: + - ChartVersion + - Revision + type: string + sourceRef: + description: The name and namespace of the v1beta2.Source + the chart is available at. + properties: + apiVersion: + description: APIVersion of the referent. + type: string + kind: + description: Kind of the referent. + enum: + - HelmRepository + - GitRepository + - Bucket + type: string + name: + description: Name of the referent. + maxLength: 253 + minLength: 1 + type: string + namespace: + description: Namespace of the referent. + maxLength: 63 + minLength: 1 + type: string + required: + - name + type: object + valuesFile: + description: |- + Alternative values file to use as the default chart values, expected to + be a relative path in the SourceRef. Deprecated in favor of ValuesFiles, + for backwards compatibility the file defined here is merged before the + ValuesFiles items. Ignored when omitted. + type: string + valuesFiles: + description: |- + Alternative list of values files to use as the chart values (values.yaml + is not included by default), expected to be a relative path in the SourceRef. + Values files are merged in the order of this list with the last file overriding + the first. Ignored when omitted. + items: + type: string + type: array + verify: + description: |- + Verify contains the secret name containing the trusted public keys + used to verify the signature and specifies which provider to use to check + whether OCI image is authentic. + This field is only supported for OCI sources. + Chart dependencies, which are not bundled in the umbrella chart artifact, are not verified. + properties: + provider: + default: cosign + description: Provider specifies the technology used to + sign the OCI Helm chart. + enum: + - cosign + type: string + secretRef: + description: |- + SecretRef specifies the Kubernetes Secret containing the + trusted public keys. + properties: + name: + description: Name of the referent. + type: string + required: + - name + type: object + required: + - provider + type: object + version: + default: '*' + description: |- + Version semver expression, ignored for charts from v1beta2.GitRepository and + v1beta2.Bucket sources. Defaults to latest when omitted. + type: string + required: + - chart + - sourceRef + type: object + required: + - spec + type: object + chartRef: + description: |- + ChartRef holds a reference to a source controller resource containing the + Helm chart artifact. + + + Note: this field is provisional to the v2 API, and not actively used + by v2beta1 HelmReleases. + properties: + apiVersion: + description: APIVersion of the referent. + type: string + kind: + description: Kind of the referent. + enum: + - OCIRepository + - HelmChart + type: string + name: + description: Name of the referent. + maxLength: 253 + minLength: 1 + type: string + namespace: + description: |- + Namespace of the referent, defaults to the namespace of the Kubernetes + resource object that contains the reference. + maxLength: 63 + minLength: 1 + type: string + required: + - kind + - name + type: object + dependsOn: + description: |- + DependsOn may contain a meta.NamespacedObjectReference slice with + references to HelmRelease resources that must be ready before this HelmRelease + can be reconciled. + items: + description: |- + NamespacedObjectReference contains enough information to locate the referenced Kubernetes resource object in any + namespace. + properties: + name: + description: Name of the referent. + type: string + namespace: + description: Namespace of the referent, when not specified it + acts as LocalObjectReference. + type: string + required: + - name + type: object + type: array + driftDetection: + description: |- + DriftDetection holds the configuration for detecting and handling + differences between the manifest in the Helm storage and the resources + currently existing in the cluster. + + + Note: this field is provisional to the v2beta2 API, and not actively used + by v2beta1 HelmReleases. + properties: + ignore: + description: |- + Ignore contains a list of rules for specifying which changes to ignore + during diffing. + items: + description: |- + IgnoreRule defines a rule to selectively disregard specific changes during + the drift detection process. + properties: + paths: + description: |- + Paths is a list of JSON Pointer (RFC 6901) paths to be excluded from + consideration in a Kubernetes object. + items: + type: string + type: array + target: + description: |- + Target is a selector for specifying Kubernetes objects to which this + rule applies. + If Target is not set, the Paths will be ignored for all Kubernetes + objects within the manifest of the Helm release. + properties: + annotationSelector: + description: |- + AnnotationSelector is a string that follows the label selection expression + https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#api + It matches with the resource annotations. + type: string + group: + description: |- + Group is the API group to select resources from. + Together with Version and Kind it is capable of unambiguously identifying and/or selecting resources. + https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md + type: string + kind: + description: |- + Kind of the API Group to select resources from. + Together with Group and Version it is capable of unambiguously + identifying and/or selecting resources. + https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md + type: string + labelSelector: + description: |- + LabelSelector is a string that follows the label selection expression + https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#api + It matches with the resource labels. + type: string + name: + description: Name to match resources with. + type: string + namespace: + description: Namespace to select resources from. + type: string + version: + description: |- + Version of the API Group to select resources from. + Together with Group and Kind it is capable of unambiguously identifying and/or selecting resources. + https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md + type: string + type: object + required: + - paths + type: object + type: array + mode: + description: |- + Mode defines how differences should be handled between the Helm manifest + and the manifest currently applied to the cluster. + If not explicitly set, it defaults to DiffModeDisabled. + enum: + - enabled + - warn + - disabled + type: string + type: object + install: + description: Install holds the configuration for Helm install actions + for this HelmRelease. + properties: + crds: + description: |- + CRDs upgrade CRDs from the Helm Chart's crds directory according + to the CRD upgrade policy provided here. Valid values are `Skip`, + `Create` or `CreateReplace`. Default is `Create` and if omitted + CRDs are installed but not updated. + + + Skip: do neither install nor replace (update) any CRDs. + + + Create: new CRDs are created, existing CRDs are neither updated nor deleted. + + + CreateReplace: new CRDs are created, existing CRDs are updated (replaced) + but not deleted. + + + By default, CRDs are applied (installed) during Helm install action. + With this option users can opt-in to CRD replace existing CRDs on Helm + install actions, which is not (yet) natively supported by Helm. + https://helm.sh/docs/chart_best_practices/custom_resource_definitions. + enum: + - Skip + - Create + - CreateReplace + type: string + createNamespace: + description: |- + CreateNamespace tells the Helm install action to create the + HelmReleaseSpec.TargetNamespace if it does not exist yet. + On uninstall, the namespace will not be garbage collected. + type: boolean + disableHooks: + description: DisableHooks prevents hooks from running during the + Helm install action. + type: boolean + disableOpenAPIValidation: + description: |- + DisableOpenAPIValidation prevents the Helm install action from validating + rendered templates against the Kubernetes OpenAPI Schema. + type: boolean + disableWait: + description: |- + DisableWait disables the waiting for resources to be ready after a Helm + install has been performed. + type: boolean + disableWaitForJobs: + description: |- + DisableWaitForJobs disables waiting for jobs to complete after a Helm + install has been performed. + type: boolean + remediation: + description: |- + Remediation holds the remediation configuration for when the Helm install + action for the HelmRelease fails. The default is to not perform any action. + properties: + ignoreTestFailures: + description: |- + IgnoreTestFailures tells the controller to skip remediation when the Helm + tests are run after an install action but fail. Defaults to + 'Test.IgnoreFailures'. + type: boolean + remediateLastFailure: + description: |- + RemediateLastFailure tells the controller to remediate the last failure, when + no retries remain. Defaults to 'false'. + type: boolean + retries: + description: |- + Retries is the number of retries that should be attempted on failures before + bailing. Remediation, using an uninstall, is performed between each attempt. + Defaults to '0', a negative integer equals to unlimited retries. + type: integer + type: object + replace: + description: |- + Replace tells the Helm install action to re-use the 'ReleaseName', but only + if that name is a deleted release which remains in the history. + type: boolean + skipCRDs: + description: |- + SkipCRDs tells the Helm install action to not install any CRDs. By default, + CRDs are installed if not already present. + + + Deprecated use CRD policy (`crds`) attribute with value `Skip` instead. + type: boolean + timeout: + description: |- + Timeout is the time to wait for any individual Kubernetes operation (like + Jobs for hooks) during the performance of a Helm install action. Defaults to + 'HelmReleaseSpec.Timeout'. + pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$ + type: string + type: object + interval: + description: |- + Interval at which to reconcile the Helm release. + This interval is approximate and may be subject to jitter to ensure + efficient use of resources. + pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$ + type: string + kubeConfig: + description: |- + KubeConfig for reconciling the HelmRelease on a remote cluster. + When used in combination with HelmReleaseSpec.ServiceAccountName, + forces the controller to act on behalf of that Service Account at the + target cluster. + If the --default-service-account flag is set, its value will be used as + a controller level fallback for when HelmReleaseSpec.ServiceAccountName + is empty. + properties: + secretRef: + description: |- + SecretRef holds the name of a secret that contains a key with + the kubeconfig file as the value. If no key is set, the key will default + to 'value'. + It is recommended that the kubeconfig is self-contained, and the secret + is regularly updated if credentials such as a cloud-access-token expire. + Cloud specific `cmd-path` auth helpers will not function without adding + binaries and credentials to the Pod that is responsible for reconciling + Kubernetes resources. + properties: + key: + description: Key in the Secret, when not specified an implementation-specific + default key is used. + type: string + name: + description: Name of the Secret. + type: string + required: + - name + type: object + required: + - secretRef + type: object + maxHistory: + description: |- + MaxHistory is the number of revisions saved by Helm for this HelmRelease. + Use '0' for an unlimited number of revisions; defaults to '10'. + type: integer + persistentClient: + description: |- + PersistentClient tells the controller to use a persistent Kubernetes + client for this release. When enabled, the client will be reused for the + duration of the reconciliation, instead of being created and destroyed + for each (step of a) Helm action. + + + This can improve performance, but may cause issues with some Helm charts + that for example do create Custom Resource Definitions during installation + outside Helm's CRD lifecycle hooks, which are then not observed to be + available by e.g. post-install hooks. + + + If not set, it defaults to true. + type: boolean + postRenderers: + description: |- + PostRenderers holds an array of Helm PostRenderers, which will be applied in order + of their definition. + items: + description: PostRenderer contains a Helm PostRenderer specification. + properties: + kustomize: + description: Kustomization to apply as PostRenderer. + properties: + images: + description: |- + Images is a list of (image name, new name, new tag or digest) + for changing image names, tags or digests. This can also be achieved with a + patch, but this operator is simpler to specify. + items: + description: Image contains an image name, a new name, + a new tag or digest, which will replace the original + name and tag. + properties: + digest: + description: |- + Digest is the value used to replace the original image tag. + If digest is present NewTag value is ignored. + type: string + name: + description: Name is a tag-less image name. + type: string + newName: + description: NewName is the value used to replace + the original name. + type: string + newTag: + description: NewTag is the value used to replace the + original tag. + type: string + required: + - name + type: object + type: array + patches: + description: |- + Strategic merge and JSON patches, defined as inline YAML objects, + capable of targeting objects based on kind, label and annotation selectors. + items: + description: |- + Patch contains an inline StrategicMerge or JSON6902 patch, and the target the patch should + be applied to. + properties: + patch: + description: |- + Patch contains an inline StrategicMerge patch or an inline JSON6902 patch with + an array of operation objects. + type: string + target: + description: Target points to the resources that the + patch document should be applied to. + properties: + annotationSelector: + description: |- + AnnotationSelector is a string that follows the label selection expression + https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#api + It matches with the resource annotations. + type: string + group: + description: |- + Group is the API group to select resources from. + Together with Version and Kind it is capable of unambiguously identifying and/or selecting resources. + https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md + type: string + kind: + description: |- + Kind of the API Group to select resources from. + Together with Group and Version it is capable of unambiguously + identifying and/or selecting resources. + https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md + type: string + labelSelector: + description: |- + LabelSelector is a string that follows the label selection expression + https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#api + It matches with the resource labels. + type: string + name: + description: Name to match resources with. + type: string + namespace: + description: Namespace to select resources from. + type: string + version: + description: |- + Version of the API Group to select resources from. + Together with Group and Kind it is capable of unambiguously identifying and/or selecting resources. + https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md + type: string + type: object + required: + - patch + type: object + type: array + patchesJson6902: + description: JSON 6902 patches, defined as inline YAML objects. + items: + description: JSON6902Patch contains a JSON6902 patch and + the target the patch should be applied to. + properties: + patch: + description: Patch contains the JSON6902 patch document + with an array of operation objects. + items: + description: |- + JSON6902 is a JSON6902 operation object. + https://datatracker.ietf.org/doc/html/rfc6902#section-4 + properties: + from: + description: |- + From contains a JSON-pointer value that references a location within the target document where the operation is + performed. The meaning of the value depends on the value of Op, and is NOT taken into account by all operations. + type: string + op: + description: |- + Op indicates the operation to perform. Its value MUST be one of "add", "remove", "replace", "move", "copy", or + "test". + https://datatracker.ietf.org/doc/html/rfc6902#section-4 + enum: + - test + - remove + - add + - replace + - move + - copy + type: string + path: + description: |- + Path contains the JSON-pointer value that references a location within the target document where the operation + is performed. The meaning of the value depends on the value of Op. + type: string + value: + description: |- + Value contains a valid JSON structure. The meaning of the value depends on the value of Op, and is NOT taken into + account by all operations. + x-kubernetes-preserve-unknown-fields: true + required: + - op + - path + type: object + type: array + target: + description: Target points to the resources that the + patch document should be applied to. + properties: + annotationSelector: + description: |- + AnnotationSelector is a string that follows the label selection expression + https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#api + It matches with the resource annotations. + type: string + group: + description: |- + Group is the API group to select resources from. + Together with Version and Kind it is capable of unambiguously identifying and/or selecting resources. + https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md + type: string + kind: + description: |- + Kind of the API Group to select resources from. + Together with Group and Version it is capable of unambiguously + identifying and/or selecting resources. + https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md + type: string + labelSelector: + description: |- + LabelSelector is a string that follows the label selection expression + https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#api + It matches with the resource labels. + type: string + name: + description: Name to match resources with. + type: string + namespace: + description: Namespace to select resources from. + type: string + version: + description: |- + Version of the API Group to select resources from. + Together with Group and Kind it is capable of unambiguously identifying and/or selecting resources. + https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md + type: string + type: object + required: + - patch + - target + type: object + type: array + patchesStrategicMerge: + description: Strategic merge patches, defined as inline + YAML objects. + items: + x-kubernetes-preserve-unknown-fields: true + type: array + type: object + type: object + type: array + releaseName: + description: |- + ReleaseName used for the Helm release. Defaults to a composition of + '[TargetNamespace-]Name'. + maxLength: 53 + minLength: 1 + type: string + rollback: + description: Rollback holds the configuration for Helm rollback actions + for this HelmRelease. + properties: + cleanupOnFail: + description: |- + CleanupOnFail allows deletion of new resources created during the Helm + rollback action when it fails. + type: boolean + disableHooks: + description: DisableHooks prevents hooks from running during the + Helm rollback action. + type: boolean + disableWait: + description: |- + DisableWait disables the waiting for resources to be ready after a Helm + rollback has been performed. + type: boolean + disableWaitForJobs: + description: |- + DisableWaitForJobs disables waiting for jobs to complete after a Helm + rollback has been performed. + type: boolean + force: + description: Force forces resource updates through a replacement + strategy. + type: boolean + recreate: + description: Recreate performs pod restarts for the resource if + applicable. + type: boolean + timeout: + description: |- + Timeout is the time to wait for any individual Kubernetes operation (like + Jobs for hooks) during the performance of a Helm rollback action. Defaults to + 'HelmReleaseSpec.Timeout'. + pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$ + type: string + type: object + serviceAccountName: + description: |- + The name of the Kubernetes service account to impersonate + when reconciling this HelmRelease. + type: string + storageNamespace: + description: |- + StorageNamespace used for the Helm storage. + Defaults to the namespace of the HelmRelease. + maxLength: 63 + minLength: 1 + type: string + suspend: + description: |- + Suspend tells the controller to suspend reconciliation for this HelmRelease, + it does not apply to already started reconciliations. Defaults to false. + type: boolean + targetNamespace: + description: |- + TargetNamespace to target when performing operations for the HelmRelease. + Defaults to the namespace of the HelmRelease. + maxLength: 63 + minLength: 1 + type: string + test: + description: Test holds the configuration for Helm test actions for + this HelmRelease. + properties: + enable: + description: |- + Enable enables Helm test actions for this HelmRelease after an Helm install + or upgrade action has been performed. + type: boolean + ignoreFailures: + description: |- + IgnoreFailures tells the controller to skip remediation when the Helm tests + are run but fail. Can be overwritten for tests run after install or upgrade + actions in 'Install.IgnoreTestFailures' and 'Upgrade.IgnoreTestFailures'. + type: boolean + timeout: + description: |- + Timeout is the time to wait for any individual Kubernetes operation during + the performance of a Helm test action. Defaults to 'HelmReleaseSpec.Timeout'. + pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$ + type: string + type: object + timeout: + description: |- + Timeout is the time to wait for any individual Kubernetes operation (like Jobs + for hooks) during the performance of a Helm action. Defaults to '5m0s'. + pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$ + type: string + uninstall: + description: Uninstall holds the configuration for Helm uninstall + actions for this HelmRelease. + properties: + deletionPropagation: + default: background + description: |- + DeletionPropagation specifies the deletion propagation policy when + a Helm uninstall is performed. + enum: + - background + - foreground + - orphan + type: string + disableHooks: + description: DisableHooks prevents hooks from running during the + Helm rollback action. + type: boolean + disableWait: + description: |- + DisableWait disables waiting for all the resources to be deleted after + a Helm uninstall is performed. + type: boolean + keepHistory: + description: |- + KeepHistory tells Helm to remove all associated resources and mark the + release as deleted, but retain the release history. + type: boolean + timeout: + description: |- + Timeout is the time to wait for any individual Kubernetes operation (like + Jobs for hooks) during the performance of a Helm uninstall action. Defaults + to 'HelmReleaseSpec.Timeout'. + pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$ + type: string + type: object + upgrade: + description: Upgrade holds the configuration for Helm upgrade actions + for this HelmRelease. + properties: + cleanupOnFail: + description: |- + CleanupOnFail allows deletion of new resources created during the Helm + upgrade action when it fails. + type: boolean + crds: + description: |- + CRDs upgrade CRDs from the Helm Chart's crds directory according + to the CRD upgrade policy provided here. Valid values are `Skip`, + `Create` or `CreateReplace`. Default is `Skip` and if omitted + CRDs are neither installed nor upgraded. + + + Skip: do neither install nor replace (update) any CRDs. + + + Create: new CRDs are created, existing CRDs are neither updated nor deleted. + + + CreateReplace: new CRDs are created, existing CRDs are updated (replaced) + but not deleted. + + + By default, CRDs are not applied during Helm upgrade action. With this + option users can opt-in to CRD upgrade, which is not (yet) natively supported by Helm. + https://helm.sh/docs/chart_best_practices/custom_resource_definitions. + enum: + - Skip + - Create + - CreateReplace + type: string + disableHooks: + description: DisableHooks prevents hooks from running during the + Helm upgrade action. + type: boolean + disableOpenAPIValidation: + description: |- + DisableOpenAPIValidation prevents the Helm upgrade action from validating + rendered templates against the Kubernetes OpenAPI Schema. + type: boolean + disableWait: + description: |- + DisableWait disables the waiting for resources to be ready after a Helm + upgrade has been performed. + type: boolean + disableWaitForJobs: + description: |- + DisableWaitForJobs disables waiting for jobs to complete after a Helm + upgrade has been performed. + type: boolean + force: + description: Force forces resource updates through a replacement + strategy. + type: boolean + preserveValues: + description: |- + PreserveValues will make Helm reuse the last release's values and merge in + overrides from 'Values'. Setting this flag makes the HelmRelease + non-declarative. + type: boolean + remediation: + description: |- + Remediation holds the remediation configuration for when the Helm upgrade + action for the HelmRelease fails. The default is to not perform any action. + properties: + ignoreTestFailures: + description: |- + IgnoreTestFailures tells the controller to skip remediation when the Helm + tests are run after an upgrade action but fail. + Defaults to 'Test.IgnoreFailures'. + type: boolean + remediateLastFailure: + description: |- + RemediateLastFailure tells the controller to remediate the last failure, when + no retries remain. Defaults to 'false' unless 'Retries' is greater than 0. + type: boolean + retries: + description: |- + Retries is the number of retries that should be attempted on failures before + bailing. Remediation, using 'Strategy', is performed between each attempt. + Defaults to '0', a negative integer equals to unlimited retries. + type: integer + strategy: + description: Strategy to use for failure remediation. Defaults + to 'rollback'. + enum: + - rollback + - uninstall + type: string + type: object + timeout: + description: |- + Timeout is the time to wait for any individual Kubernetes operation (like + Jobs for hooks) during the performance of a Helm upgrade action. Defaults to + 'HelmReleaseSpec.Timeout'. + pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$ + type: string + type: object + values: + description: Values holds the values for this Helm release. + x-kubernetes-preserve-unknown-fields: true + valuesFrom: + description: |- + ValuesFrom holds references to resources containing Helm values for this HelmRelease, + and information about how they should be merged. + items: + description: |- + ValuesReference contains a reference to a resource containing Helm values, + and optionally the key they can be found at. + properties: + kind: + description: Kind of the values referent, valid values are ('Secret', + 'ConfigMap'). + enum: + - Secret + - ConfigMap + type: string + name: + description: |- + Name of the values referent. Should reside in the same namespace as the + referring resource. + maxLength: 253 + minLength: 1 + type: string + optional: + description: |- + Optional marks this ValuesReference as optional. When set, a not found error + for the values reference is ignored, but any ValuesKey, TargetPath or + transient error will still result in a reconciliation failure. + type: boolean + targetPath: + description: |- + TargetPath is the YAML dot notation path the value should be merged at. When + set, the ValuesKey is expected to be a single flat value. Defaults to 'None', + which results in the values getting merged at the root. + maxLength: 250 + pattern: ^([a-zA-Z0-9_\-.\\\/]|\[[0-9]{1,5}\])+$ + type: string + valuesKey: + description: |- + ValuesKey is the data key where the values.yaml or a specific value can be + found at. Defaults to 'values.yaml'. + When set, must be a valid Data Key, consisting of alphanumeric characters, + '-', '_' or '.'. + maxLength: 253 + pattern: ^[\-._a-zA-Z0-9]+$ + type: string + required: + - kind + - name + type: object + type: array + required: + - interval + type: object + status: + default: + observedGeneration: -1 + description: HelmReleaseStatus defines the observed state of a HelmRelease. + properties: + conditions: + description: Conditions holds the conditions for the HelmRelease. + items: + description: "Condition contains details for one aspect of the current + state of this API Resource.\n---\nThis struct is intended for + direct use as an array at the field path .status.conditions. For + example,\n\n\n\ttype FooStatus struct{\n\t // Represents the + observations of a foo's current state.\n\t // Known .status.conditions.type + are: \"Available\", \"Progressing\", and \"Degraded\"\n\t // + +patchMergeKey=type\n\t // +patchStrategy=merge\n\t // +listType=map\n\t + \ // +listMapKey=type\n\t Conditions []metav1.Condition `json:\"conditions,omitempty\" + patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"`\n\n\n\t + \ // other fields\n\t}" + properties: + lastTransitionTime: + description: |- + lastTransitionTime is the last time the condition transitioned from one status to another. + This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. + format: date-time + type: string + message: + description: |- + message is a human readable message indicating details about the transition. + This may be an empty string. + maxLength: 32768 + type: string + observedGeneration: + description: |- + observedGeneration represents the .metadata.generation that the condition was set based upon. + For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date + with respect to the current state of the instance. + format: int64 + minimum: 0 + type: integer + reason: + description: |- + reason contains a programmatic identifier indicating the reason for the condition's last transition. + Producers of specific condition types may define expected values and meanings for this field, + and whether the values are considered a guaranteed API. + The value should be a CamelCase string. + This field may not be empty. + maxLength: 1024 + minLength: 1 + pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ + type: string + status: + description: status of the condition, one of True, False, Unknown. + enum: + - "True" + - "False" + - Unknown + type: string + type: + description: |- + type of condition in CamelCase or in foo.example.com/CamelCase. + --- + Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be + useful (see .node.status.conditions), the ability to deconflict is important. + The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + maxLength: 316 + pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ + type: string + required: + - lastTransitionTime + - message + - reason + - status + - type + type: object + type: array + failures: + description: |- + Failures is the reconciliation failure count against the latest desired + state. It is reset after a successful reconciliation. + format: int64 + type: integer + helmChart: + description: |- + HelmChart is the namespaced name of the HelmChart resource created by + the controller for the HelmRelease. + type: string + history: + description: |- + History holds the history of Helm releases performed for this HelmRelease + up to the last successfully completed release. + + + Note: this field is provisional to the v2beta2 API, and not actively used + by v2beta1 HelmReleases. + items: + description: |- + Snapshot captures a point-in-time copy of the status information for a Helm release, + as managed by the controller. + properties: + apiVersion: + description: |- + APIVersion is the API version of the Snapshot. + Provisional: when the calculation method of the Digest field is changed, + this field will be used to distinguish between the old and new methods. + type: string + appVersion: + description: AppVersion is the chart app version of the release + object in storage. + type: string + chartName: + description: ChartName is the chart name of the release object + in storage. + type: string + chartVersion: + description: |- + ChartVersion is the chart version of the release object in + storage. + type: string + configDigest: + description: |- + ConfigDigest is the checksum of the config (better known as + "values") of the release object in storage. + It has the format of `:`. + type: string + deleted: + description: Deleted is when the release was deleted. + format: date-time + type: string + digest: + description: |- + Digest is the checksum of the release object in storage. + It has the format of `:`. + type: string + firstDeployed: + description: FirstDeployed is when the release was first deployed. + format: date-time + type: string + lastDeployed: + description: LastDeployed is when the release was last deployed. + format: date-time + type: string + name: + description: Name is the name of the release. + type: string + namespace: + description: Namespace is the namespace the release is deployed + to. + type: string + ociDigest: + description: OCIDigest is the digest of the OCI artifact associated + with the release. + type: string + status: + description: Status is the current state of the release. + type: string + testHooks: + additionalProperties: + description: |- + TestHookStatus holds the status information for a test hook as observed + to be run by the controller. + properties: + lastCompleted: + description: LastCompleted is the time the test hook last + completed. + format: date-time + type: string + lastStarted: + description: LastStarted is the time the test hook was + last started. + format: date-time + type: string + phase: + description: Phase the test hook was observed to be in. + type: string + type: object + description: |- + TestHooks is the list of test hooks for the release as observed to be + run by the controller. + type: object + version: + description: Version is the version of the release object in + storage. + type: integer + required: + - chartName + - chartVersion + - configDigest + - digest + - firstDeployed + - lastDeployed + - name + - namespace + - status + - version + type: object + type: array + installFailures: + description: |- + InstallFailures is the install failure count against the latest desired + state. It is reset after a successful reconciliation. + format: int64 + type: integer + lastAppliedRevision: + description: LastAppliedRevision is the revision of the last successfully + applied source. + type: string + lastAttemptedConfigDigest: + description: |- + LastAttemptedConfigDigest is the digest for the config (better known as + "values") of the last reconciliation attempt. + + + Note: this field is provisional to the v2beta2 API, and not actively used + by v2beta1 HelmReleases. + type: string + lastAttemptedGeneration: + description: |- + LastAttemptedGeneration is the last generation the controller attempted + to reconcile. + + + Note: this field is provisional to the v2beta2 API, and not actively used + by v2beta1 HelmReleases. + format: int64 + type: integer + lastAttemptedReleaseAction: + description: |- + LastAttemptedReleaseAction is the last release action performed for this + HelmRelease. It is used to determine the active remediation strategy. + + + Note: this field is provisional to the v2beta2 API, and not actively used + by v2beta1 HelmReleases. + type: string + lastAttemptedRevision: + description: LastAttemptedRevision is the revision of the last reconciliation + attempt. + type: string + lastAttemptedValuesChecksum: + description: |- + LastAttemptedValuesChecksum is the SHA1 checksum of the values of the last + reconciliation attempt. + type: string + lastHandledForceAt: + description: |- + LastHandledForceAt holds the value of the most recent force request + value, so a change of the annotation value can be detected. + + + Note: this field is provisional to the v2beta2 API, and not actively used + by v2beta1 HelmReleases. + type: string + lastHandledReconcileAt: + description: |- + LastHandledReconcileAt holds the value of the most recent + reconcile request value, so a change of the annotation value + can be detected. + type: string + lastHandledResetAt: + description: |- + LastHandledResetAt holds the value of the most recent reset request + value, so a change of the annotation value can be detected. + + + Note: this field is provisional to the v2beta2 API, and not actively used + by v2beta1 HelmReleases. + type: string + lastReleaseRevision: + description: LastReleaseRevision is the revision of the last successful + Helm release. + type: integer + observedGeneration: + description: ObservedGeneration is the last observed generation. + format: int64 + type: integer + observedPostRenderersDigest: + description: |- + ObservedPostRenderersDigest is the digest for the post-renderers of + the last successful reconciliation attempt. + type: string + storageNamespace: + description: |- + StorageNamespace is the namespace of the Helm release storage for the + current release. + + + Note: this field is provisional to the v2beta2 API, and not actively used + by v2beta1 HelmReleases. + type: string + upgradeFailures: + description: |- + UpgradeFailures is the upgrade failure count against the latest desired + state. It is reset after a successful reconciliation. + format: int64 + type: integer + type: object + type: object + served: true + storage: false + subresources: + status: {} + - additionalPrinterColumns: + - jsonPath: .metadata.creationTimestamp + name: Age + type: date + - jsonPath: .status.conditions[?(@.type=="Ready")].status + name: Ready + type: string + - jsonPath: .status.conditions[?(@.type=="Ready")].message + name: Status + type: string + deprecated: true + deprecationWarning: v2beta2 HelmRelease is deprecated, upgrade to v2 + name: v2beta2 + schema: + openAPIV3Schema: + description: HelmRelease is the Schema for the helmreleases API + properties: + apiVersion: + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources + type: string + kind: + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds + type: string + metadata: + type: object + spec: + description: HelmReleaseSpec defines the desired state of a Helm release. + properties: + chart: + description: |- + Chart defines the template of the v1beta2.HelmChart that should be created + for this HelmRelease. + properties: + metadata: + description: ObjectMeta holds the template for metadata like labels + and annotations. + properties: + annotations: + additionalProperties: + type: string + description: |- + Annotations is an unstructured key value map stored with a resource that may be + set by external tools to store and retrieve arbitrary metadata. They are not + queryable and should be preserved when modifying objects. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations/ + type: object + labels: + additionalProperties: + type: string + description: |- + Map of string keys and values that can be used to organize and categorize + (scope and select) objects. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/ + type: object + type: object + spec: + description: Spec holds the template for the v1beta2.HelmChartSpec + for this HelmRelease. + properties: + chart: + description: The name or path the Helm chart is available + at in the SourceRef. + maxLength: 2048 + minLength: 1 + type: string + ignoreMissingValuesFiles: + description: IgnoreMissingValuesFiles controls whether to + silently ignore missing values files rather than failing. + type: boolean + interval: + description: |- + Interval at which to check the v1.Source for updates. Defaults to + 'HelmReleaseSpec.Interval'. + pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$ + type: string + reconcileStrategy: + default: ChartVersion + description: |- + Determines what enables the creation of a new artifact. Valid values are + ('ChartVersion', 'Revision'). + See the documentation of the values for an explanation on their behavior. + Defaults to ChartVersion when omitted. + enum: + - ChartVersion + - Revision + type: string + sourceRef: + description: The name and namespace of the v1.Source the chart + is available at. + properties: + apiVersion: + description: APIVersion of the referent. + type: string + kind: + description: Kind of the referent. + enum: + - HelmRepository + - GitRepository + - Bucket + type: string + name: + description: Name of the referent. + maxLength: 253 + minLength: 1 + type: string + namespace: + description: Namespace of the referent. + maxLength: 63 + minLength: 1 + type: string + required: + - name + type: object + valuesFile: + description: |- + Alternative values file to use as the default chart values, expected to + be a relative path in the SourceRef. Deprecated in favor of ValuesFiles, + for backwards compatibility the file defined here is merged before the + ValuesFiles items. Ignored when omitted. + type: string + valuesFiles: + description: |- + Alternative list of values files to use as the chart values (values.yaml + is not included by default), expected to be a relative path in the SourceRef. + Values files are merged in the order of this list with the last file overriding + the first. Ignored when omitted. + items: + type: string + type: array + verify: + description: |- + Verify contains the secret name containing the trusted public keys + used to verify the signature and specifies which provider to use to check + whether OCI image is authentic. + This field is only supported for OCI sources. + Chart dependencies, which are not bundled in the umbrella chart artifact, + are not verified. + properties: + provider: + default: cosign + description: Provider specifies the technology used to + sign the OCI Helm chart. + enum: + - cosign + - notation + type: string + secretRef: + description: |- + SecretRef specifies the Kubernetes Secret containing the + trusted public keys. + properties: + name: + description: Name of the referent. + type: string + required: + - name + type: object + required: + - provider + type: object + version: + default: '*' + description: |- + Version semver expression, ignored for charts from v1beta2.GitRepository and + v1beta2.Bucket sources. Defaults to latest when omitted. + type: string + required: + - chart + - sourceRef + type: object + required: + - spec + type: object + chartRef: + description: |- + ChartRef holds a reference to a source controller resource containing the + Helm chart artifact. + + + Note: this field is provisional to the v2 API, and not actively used + by v2beta2 HelmReleases. + properties: + apiVersion: + description: APIVersion of the referent. + type: string + kind: + description: Kind of the referent. + enum: + - OCIRepository + - HelmChart + type: string + name: + description: Name of the referent. + maxLength: 253 + minLength: 1 + type: string + namespace: + description: |- + Namespace of the referent, defaults to the namespace of the Kubernetes + resource object that contains the reference. + maxLength: 63 + minLength: 1 + type: string + required: + - kind + - name + type: object + dependsOn: + description: |- + DependsOn may contain a meta.NamespacedObjectReference slice with + references to HelmRelease resources that must be ready before this HelmRelease + can be reconciled. + items: + description: |- + NamespacedObjectReference contains enough information to locate the referenced Kubernetes resource object in any + namespace. + properties: + name: + description: Name of the referent. + type: string + namespace: + description: Namespace of the referent, when not specified it + acts as LocalObjectReference. + type: string + required: + - name + type: object + type: array + driftDetection: + description: |- + DriftDetection holds the configuration for detecting and handling + differences between the manifest in the Helm storage and the resources + currently existing in the cluster. + properties: + ignore: + description: |- + Ignore contains a list of rules for specifying which changes to ignore + during diffing. + items: + description: |- + IgnoreRule defines a rule to selectively disregard specific changes during + the drift detection process. + properties: + paths: + description: |- + Paths is a list of JSON Pointer (RFC 6901) paths to be excluded from + consideration in a Kubernetes object. + items: + type: string + type: array + target: + description: |- + Target is a selector for specifying Kubernetes objects to which this + rule applies. + If Target is not set, the Paths will be ignored for all Kubernetes + objects within the manifest of the Helm release. + properties: + annotationSelector: + description: |- + AnnotationSelector is a string that follows the label selection expression + https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#api + It matches with the resource annotations. + type: string + group: + description: |- + Group is the API group to select resources from. + Together with Version and Kind it is capable of unambiguously identifying and/or selecting resources. + https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md + type: string + kind: + description: |- + Kind of the API Group to select resources from. + Together with Group and Version it is capable of unambiguously + identifying and/or selecting resources. + https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md + type: string + labelSelector: + description: |- + LabelSelector is a string that follows the label selection expression + https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#api + It matches with the resource labels. + type: string + name: + description: Name to match resources with. + type: string + namespace: + description: Namespace to select resources from. + type: string + version: + description: |- + Version of the API Group to select resources from. + Together with Group and Kind it is capable of unambiguously identifying and/or selecting resources. + https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md + type: string + type: object + required: + - paths + type: object + type: array + mode: + description: |- + Mode defines how differences should be handled between the Helm manifest + and the manifest currently applied to the cluster. + If not explicitly set, it defaults to DiffModeDisabled. + enum: + - enabled + - warn + - disabled + type: string + type: object + install: + description: Install holds the configuration for Helm install actions + for this HelmRelease. properties: crds: - description: "CRDs upgrade CRDs from the Helm Chart's crds directory according to the CRD upgrade policy - provided here. Valid values are `Skip`, `Create` or `CreateReplace`. Default is `Create` and if omitted - CRDs are installed but not updated. \n Skip: do neither install nor replace (update) any CRDs. \n Create: - new CRDs are created, existing CRDs are neither updated nor deleted. \n CreateReplace: new CRDs are - created, existing CRDs are updated (replaced) but not deleted. \n By default, CRDs are applied (installed) - during Helm install action. With this option users can opt-in to CRD replace existing CRDs on Helm install - actions, which is not (yet) natively supported by Helm. https://helm.sh/docs/chart_best_practices/custom_resource_definitions." + description: |- + CRDs upgrade CRDs from the Helm Chart's crds directory according + to the CRD upgrade policy provided here. Valid values are `Skip`, + `Create` or `CreateReplace`. Default is `Create` and if omitted + CRDs are installed but not updated. + + + Skip: do neither install nor replace (update) any CRDs. + + + Create: new CRDs are created, existing CRDs are neither updated nor deleted. + + + CreateReplace: new CRDs are created, existing CRDs are updated (replaced) + but not deleted. + + + By default, CRDs are applied (installed) during Helm install action. + With this option users can opt in to CRD replace existing CRDs on Helm + install actions, which is not (yet) natively supported by Helm. + https://helm.sh/docs/chart_best_practices/custom_resource_definitions. enum: - Skip - Create - CreateReplace type: string createNamespace: - description: CreateNamespace tells the Helm install action to create the HelmReleaseSpec.TargetNamespace - if it does not exist yet. On uninstall, the namespace will not be garbage collected. + description: |- + CreateNamespace tells the Helm install action to create the + HelmReleaseSpec.TargetNamespace if it does not exist yet. + On uninstall, the namespace will not be garbage collected. type: boolean disableHooks: - description: DisableHooks prevents hooks from running during the Helm install action. + description: DisableHooks prevents hooks from running during the + Helm install action. type: boolean disableOpenAPIValidation: - description: DisableOpenAPIValidation prevents the Helm install action from validating rendered templates - against the Kubernetes OpenAPI Schema. + description: |- + DisableOpenAPIValidation prevents the Helm install action from validating + rendered templates against the Kubernetes OpenAPI Schema. type: boolean disableWait: - description: DisableWait disables the waiting for resources to be ready after a Helm install has been - performed. + description: |- + DisableWait disables the waiting for resources to be ready after a Helm + install has been performed. type: boolean disableWaitForJobs: - description: DisableWaitForJobs disables waiting for jobs to complete after a Helm install has been performed. + description: |- + DisableWaitForJobs disables waiting for jobs to complete after a Helm + install has been performed. type: boolean remediation: - description: Remediation holds the remediation configuration for when the Helm install action for the - HelmRelease fails. The default is to not perform any action. + description: |- + Remediation holds the remediation configuration for when the Helm install + action for the HelmRelease fails. The default is to not perform any action. properties: ignoreTestFailures: - description: IgnoreTestFailures tells the controller to skip remediation when the Helm tests are run - after an install action but fail. Defaults to 'Test.IgnoreFailures'. + description: |- + IgnoreTestFailures tells the controller to skip remediation when the Helm + tests are run after an install action but fail. Defaults to + 'Test.IgnoreFailures'. type: boolean remediateLastFailure: - description: RemediateLastFailure tells the controller to remediate the last failure, when no retries - remain. Defaults to 'false'. + description: |- + RemediateLastFailure tells the controller to remediate the last failure, when + no retries remain. Defaults to 'false'. type: boolean retries: - description: Retries is the number of retries that should be attempted on failures before bailing. - Remediation, using an uninstall, is performed between each attempt. Defaults to '0', a negative - integer equals to unlimited retries. + description: |- + Retries is the number of retries that should be attempted on failures before + bailing. Remediation, using an uninstall, is performed between each attempt. + Defaults to '0', a negative integer equals to unlimited retries. type: integer type: object replace: - description: Replace tells the Helm install action to re-use the 'ReleaseName', but only if that name - is a deleted release which remains in the history. + description: |- + Replace tells the Helm install action to re-use the 'ReleaseName', but only + if that name is a deleted release which remains in the history. type: boolean skipCRDs: - description: "SkipCRDs tells the Helm install action to not install any CRDs. By default, CRDs are installed - if not already present. \n Deprecated use CRD policy (`crds`) attribute with value `Skip` instead." + description: |- + SkipCRDs tells the Helm install action to not install any CRDs. By default, + CRDs are installed if not already present. + + + Deprecated use CRD policy (`crds`) attribute with value `Skip` instead. type: boolean timeout: - description: Timeout is the time to wait for any individual Kubernetes operation (like Jobs for hooks) - during the performance of a Helm install action. Defaults to 'HelmReleaseSpec.Timeout'. + description: |- + Timeout is the time to wait for any individual Kubernetes operation (like + Jobs for hooks) during the performance of a Helm install action. Defaults to + 'HelmReleaseSpec.Timeout'. pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$ type: string type: object interval: - description: Interval at which to reconcile the Helm release. This interval is approximate and may be subject - to jitter to ensure efficient use of resources. + description: Interval at which to reconcile the Helm release. pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$ type: string kubeConfig: - description: KubeConfig for reconciling the HelmRelease on a remote cluster. When used in combination with - HelmReleaseSpec.ServiceAccountName, forces the controller to act on behalf of that Service Account at the - target cluster. If the --default-service-account flag is set, its value will be used as a controller level - fallback for when HelmReleaseSpec.ServiceAccountName is empty. + description: |- + KubeConfig for reconciling the HelmRelease on a remote cluster. + When used in combination with HelmReleaseSpec.ServiceAccountName, + forces the controller to act on behalf of that Service Account at the + target cluster. + If the --default-service-account flag is set, its value will be used as + a controller level fallback for when HelmReleaseSpec.ServiceAccountName + is empty. properties: secretRef: - description: SecretRef holds the name of a secret that contains a key with the kubeconfig file as the - value. If no key is set, the key will default to 'value'. It is recommended that the kubeconfig is self-contained, - and the secret is regularly updated if credentials such as a cloud-access-token expire. Cloud specific - `cmd-path` auth helpers will not function without adding binaries and credentials to the Pod that is - responsible for reconciling Kubernetes resources. + description: |- + SecretRef holds the name of a secret that contains a key with + the kubeconfig file as the value. If no key is set, the key will default + to 'value'. + It is recommended that the kubeconfig is self-contained, and the secret + is regularly updated if credentials such as a cloud-access-token expire. + Cloud specific `cmd-path` auth helpers will not function without adding + binaries and credentials to the Pod that is responsible for reconciling + Kubernetes resources. properties: key: - description: Key in the Secret, when not specified an implementation-specific default key is used. + description: Key in the Secret, when not specified an implementation-specific + default key is used. type: string name: description: Name of the Secret. @@ -5049,19 +9411,30 @@ spec: - secretRef type: object maxHistory: - description: MaxHistory is the number of revisions saved by Helm for this HelmRelease. Use '0' for an unlimited - number of revisions; defaults to '10'. + description: |- + MaxHistory is the number of revisions saved by Helm for this HelmRelease. + Use '0' for an unlimited number of revisions; defaults to '5'. type: integer persistentClient: - description: "PersistentClient tells the controller to use a persistent Kubernetes client for this release. - When enabled, the client will be reused for the duration of the reconciliation, instead of being created - and destroyed for each (step of a) Helm action. \n This can improve performance, but may cause issues with - some Helm charts that for example do create Custom Resource Definitions during installation outside Helm's - CRD lifecycle hooks, which are then not observed to be available by e.g. post-install hooks. \n If not set, - it defaults to true." + description: |- + PersistentClient tells the controller to use a persistent Kubernetes + client for this release. When enabled, the client will be reused for the + duration of the reconciliation, instead of being created and destroyed + for each (step of a) Helm action. + + + This can improve performance, but may cause issues with some Helm charts + that for example do create Custom Resource Definitions during installation + outside Helm's CRD lifecycle hooks, which are then not observed to be + available by e.g. post-install hooks. + + + If not set, it defaults to true. type: boolean postRenderers: - description: PostRenderers holds an array of Helm PostRenderers, which will be applied in order of their definition. + description: |- + PostRenderers holds an array of Helm PostRenderers, which will be applied in order + of their definition. items: description: PostRenderer contains a Helm PostRenderer specification. properties: @@ -5069,58 +9442,76 @@ spec: description: Kustomization to apply as PostRenderer. properties: images: - description: Images is a list of (image name, new name, new tag or digest) for changing image names, - tags or digests. This can also be achieved with a patch, but this operator is simpler to specify. + description: |- + Images is a list of (image name, new name, new tag or digest) + for changing image names, tags or digests. This can also be achieved with a + patch, but this operator is simpler to specify. items: - description: Image contains an image name, a new name, a new tag or digest, which will replace - the original name and tag. + description: Image contains an image name, a new name, + a new tag or digest, which will replace the original + name and tag. properties: digest: - description: Digest is the value used to replace the original image tag. If digest is present - NewTag value is ignored. + description: |- + Digest is the value used to replace the original image tag. + If digest is present NewTag value is ignored. type: string name: description: Name is a tag-less image name. type: string newName: - description: NewName is the value used to replace the original name. + description: NewName is the value used to replace + the original name. type: string newTag: - description: NewTag is the value used to replace the original tag. + description: NewTag is the value used to replace the + original tag. type: string required: - name type: object type: array patches: - description: Strategic merge and JSON patches, defined as inline YAML objects, capable of targeting - objects based on kind, label and annotation selectors. + description: |- + Strategic merge and JSON patches, defined as inline YAML objects, + capable of targeting objects based on kind, label and annotation selectors. items: - description: Patch contains an inline StrategicMerge or JSON6902 patch, and the target the patch - should be applied to. + description: |- + Patch contains an inline StrategicMerge or JSON6902 patch, and the target the patch should + be applied to. properties: patch: - description: Patch contains an inline StrategicMerge patch or an inline JSON6902 patch with + description: |- + Patch contains an inline StrategicMerge patch or an inline JSON6902 patch with an array of operation objects. type: string target: - description: Target points to the resources that the patch document should be applied to. + description: Target points to the resources that the + patch document should be applied to. properties: annotationSelector: - description: AnnotationSelector is a string that follows the label selection expression - https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#api It matches - with the resource annotations. + description: |- + AnnotationSelector is a string that follows the label selection expression + https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#api + It matches with the resource annotations. type: string group: - description: Group is the API group to select resources from. Together with Version and - Kind it is capable of unambiguously identifying and/or selecting resources. https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md + description: |- + Group is the API group to select resources from. + Together with Version and Kind it is capable of unambiguously identifying and/or selecting resources. + https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md type: string kind: - description: Kind of the API Group to select resources from. Together with Group and Version - it is capable of unambiguously identifying and/or selecting resources. https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md + description: |- + Kind of the API Group to select resources from. + Together with Group and Version it is capable of unambiguously + identifying and/or selecting resources. + https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md type: string labelSelector: - description: LabelSelector is a string that follows the label selection expression https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#api + description: |- + LabelSelector is a string that follows the label selection expression + https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#api It matches with the resource labels. type: string name: @@ -5130,8 +9521,10 @@ spec: description: Namespace to select resources from. type: string version: - description: Version of the API Group to select resources from. Together with Group and - Kind it is capable of unambiguously identifying and/or selecting resources. https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md + description: |- + Version of the API Group to select resources from. + Together with Group and Kind it is capable of unambiguously identifying and/or selecting resources. + https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md type: string type: object required: @@ -5139,24 +9532,31 @@ spec: type: object type: array patchesJson6902: - description: JSON 6902 patches, defined as inline YAML objects. + description: |- + JSON 6902 patches, defined as inline YAML objects. + Deprecated: use Patches instead. items: - description: JSON6902Patch contains a JSON6902 patch and the target the patch should be applied - to. + description: JSON6902Patch contains a JSON6902 patch and + the target the patch should be applied to. properties: patch: - description: Patch contains the JSON6902 patch document with an array of operation objects. + description: Patch contains the JSON6902 patch document + with an array of operation objects. items: - description: JSON6902 is a JSON6902 operation object. https://datatracker.ietf.org/doc/html/rfc6902#section-4 + description: |- + JSON6902 is a JSON6902 operation object. + https://datatracker.ietf.org/doc/html/rfc6902#section-4 properties: from: - description: From contains a JSON-pointer value that references a location within the - target document where the operation is performed. The meaning of the value depends - on the value of Op, and is NOT taken into account by all operations. + description: |- + From contains a JSON-pointer value that references a location within the target document where the operation is + performed. The meaning of the value depends on the value of Op, and is NOT taken into account by all operations. type: string op: - description: Op indicates the operation to perform. Its value MUST be one of "add", - "remove", "replace", "move", "copy", or "test". https://datatracker.ietf.org/doc/html/rfc6902#section-4 + description: |- + Op indicates the operation to perform. Its value MUST be one of "add", "remove", "replace", "move", "copy", or + "test". + https://datatracker.ietf.org/doc/html/rfc6902#section-4 enum: - test - remove @@ -5166,13 +9566,14 @@ spec: - copy type: string path: - description: Path contains the JSON-pointer value that references a location within - the target document where the operation is performed. The meaning of the value depends - on the value of Op. + description: |- + Path contains the JSON-pointer value that references a location within the target document where the operation + is performed. The meaning of the value depends on the value of Op. type: string value: - description: Value contains a valid JSON structure. The meaning of the value depends - on the value of Op, and is NOT taken into account by all operations. + description: |- + Value contains a valid JSON structure. The meaning of the value depends on the value of Op, and is NOT taken into + account by all operations. x-kubernetes-preserve-unknown-fields: true required: - op @@ -5180,23 +9581,32 @@ spec: type: object type: array target: - description: Target points to the resources that the patch document should be applied to. + description: Target points to the resources that the + patch document should be applied to. properties: annotationSelector: - description: AnnotationSelector is a string that follows the label selection expression - https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#api It matches - with the resource annotations. + description: |- + AnnotationSelector is a string that follows the label selection expression + https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#api + It matches with the resource annotations. type: string group: - description: Group is the API group to select resources from. Together with Version and - Kind it is capable of unambiguously identifying and/or selecting resources. https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md + description: |- + Group is the API group to select resources from. + Together with Version and Kind it is capable of unambiguously identifying and/or selecting resources. + https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md type: string kind: - description: Kind of the API Group to select resources from. Together with Group and Version - it is capable of unambiguously identifying and/or selecting resources. https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md + description: |- + Kind of the API Group to select resources from. + Together with Group and Version it is capable of unambiguously + identifying and/or selecting resources. + https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md type: string labelSelector: - description: LabelSelector is a string that follows the label selection expression https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#api + description: |- + LabelSelector is a string that follows the label selection expression + https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#api It matches with the resource labels. type: string name: @@ -5206,8 +9616,10 @@ spec: description: Namespace to select resources from. type: string version: - description: Version of the API Group to select resources from. Together with Group and - Kind it is capable of unambiguously identifying and/or selecting resources. https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md + description: |- + Version of the API Group to select resources from. + Together with Group and Kind it is capable of unambiguously identifying and/or selecting resources. + https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md type: string type: object required: @@ -5216,7 +9628,9 @@ spec: type: object type: array patchesStrategicMerge: - description: Strategic merge patches, defined as inline YAML objects. + description: |- + Strategic merge patches, defined as inline YAML objects. + Deprecated: use Patches instead. items: x-kubernetes-preserve-unknown-fields: true type: array @@ -5224,176 +9638,260 @@ spec: type: object type: array releaseName: - description: ReleaseName used for the Helm release. Defaults to a composition of '[TargetNamespace-]Name'. + description: |- + ReleaseName used for the Helm release. Defaults to a composition of + '[TargetNamespace-]Name'. maxLength: 53 minLength: 1 type: string rollback: - description: Rollback holds the configuration for Helm rollback actions for this HelmRelease. + description: Rollback holds the configuration for Helm rollback actions + for this HelmRelease. properties: cleanupOnFail: - description: CleanupOnFail allows deletion of new resources created during the Helm rollback action when - it fails. + description: |- + CleanupOnFail allows deletion of new resources created during the Helm + rollback action when it fails. type: boolean disableHooks: - description: DisableHooks prevents hooks from running during the Helm rollback action. + description: DisableHooks prevents hooks from running during the + Helm rollback action. type: boolean disableWait: - description: DisableWait disables the waiting for resources to be ready after a Helm rollback has been - performed. + description: |- + DisableWait disables the waiting for resources to be ready after a Helm + rollback has been performed. type: boolean disableWaitForJobs: - description: DisableWaitForJobs disables waiting for jobs to complete after a Helm rollback has been performed. + description: |- + DisableWaitForJobs disables waiting for jobs to complete after a Helm + rollback has been performed. type: boolean force: - description: Force forces resource updates through a replacement strategy. + description: Force forces resource updates through a replacement + strategy. type: boolean recreate: - description: Recreate performs pod restarts for the resource if applicable. + description: Recreate performs pod restarts for the resource if + applicable. type: boolean timeout: - description: Timeout is the time to wait for any individual Kubernetes operation (like Jobs for hooks) - during the performance of a Helm rollback action. Defaults to 'HelmReleaseSpec.Timeout'. + description: |- + Timeout is the time to wait for any individual Kubernetes operation (like + Jobs for hooks) during the performance of a Helm rollback action. Defaults to + 'HelmReleaseSpec.Timeout'. pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$ type: string type: object serviceAccountName: - description: The name of the Kubernetes service account to impersonate when reconciling this HelmRelease. + description: |- + The name of the Kubernetes service account to impersonate + when reconciling this HelmRelease. + maxLength: 253 + minLength: 1 type: string storageNamespace: - description: StorageNamespace used for the Helm storage. Defaults to the namespace of the HelmRelease. + description: |- + StorageNamespace used for the Helm storage. + Defaults to the namespace of the HelmRelease. maxLength: 63 minLength: 1 type: string suspend: - description: Suspend tells the controller to suspend reconciliation for this HelmRelease, it does not apply - to already started reconciliations. Defaults to false. + description: |- + Suspend tells the controller to suspend reconciliation for this HelmRelease, + it does not apply to already started reconciliations. Defaults to false. type: boolean targetNamespace: - description: TargetNamespace to target when performing operations for the HelmRelease. Defaults to the namespace - of the HelmRelease. + description: |- + TargetNamespace to target when performing operations for the HelmRelease. + Defaults to the namespace of the HelmRelease. maxLength: 63 minLength: 1 type: string test: - description: Test holds the configuration for Helm test actions for this HelmRelease. + description: Test holds the configuration for Helm test actions for + this HelmRelease. properties: enable: - description: Enable enables Helm test actions for this HelmRelease after an Helm install or upgrade action - has been performed. + description: |- + Enable enables Helm test actions for this HelmRelease after an Helm install + or upgrade action has been performed. type: boolean + filters: + description: Filters is a list of tests to run or exclude from + running. + items: + description: Filter holds the configuration for individual Helm + test filters. + properties: + exclude: + description: Exclude specifies whether the named test should + be excluded. + type: boolean + name: + description: Name is the name of the test. + maxLength: 253 + minLength: 1 + type: string + required: + - name + type: object + type: array ignoreFailures: - description: IgnoreFailures tells the controller to skip remediation when the Helm tests are run but fail. - Can be overwritten for tests run after install or upgrade actions in 'Install.IgnoreTestFailures' and - 'Upgrade.IgnoreTestFailures'. + description: |- + IgnoreFailures tells the controller to skip remediation when the Helm tests + are run but fail. Can be overwritten for tests run after install or upgrade + actions in 'Install.IgnoreTestFailures' and 'Upgrade.IgnoreTestFailures'. type: boolean timeout: - description: Timeout is the time to wait for any individual Kubernetes operation during the performance - of a Helm test action. Defaults to 'HelmReleaseSpec.Timeout'. + description: |- + Timeout is the time to wait for any individual Kubernetes operation during + the performance of a Helm test action. Defaults to 'HelmReleaseSpec.Timeout'. pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$ type: string type: object timeout: - description: Timeout is the time to wait for any individual Kubernetes operation (like Jobs for hooks) during - the performance of a Helm action. Defaults to '5m0s'. + description: |- + Timeout is the time to wait for any individual Kubernetes operation (like Jobs + for hooks) during the performance of a Helm action. Defaults to '5m0s'. pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$ type: string uninstall: - description: Uninstall holds the configuration for Helm uninstall actions for this HelmRelease. + description: Uninstall holds the configuration for Helm uninstall + actions for this HelmRelease. properties: deletionPropagation: default: background - description: DeletionPropagation specifies the deletion propagation policy when a Helm uninstall is performed. + description: |- + DeletionPropagation specifies the deletion propagation policy when + a Helm uninstall is performed. enum: - background - foreground - orphan type: string disableHooks: - description: DisableHooks prevents hooks from running during the Helm rollback action. + description: DisableHooks prevents hooks from running during the + Helm rollback action. type: boolean disableWait: - description: DisableWait disables waiting for all the resources to be deleted after a Helm uninstall is - performed. + description: |- + DisableWait disables waiting for all the resources to be deleted after + a Helm uninstall is performed. type: boolean keepHistory: - description: KeepHistory tells Helm to remove all associated resources and mark the release as deleted, - but retain the release history. + description: |- + KeepHistory tells Helm to remove all associated resources and mark the + release as deleted, but retain the release history. type: boolean timeout: - description: Timeout is the time to wait for any individual Kubernetes operation (like Jobs for hooks) - during the performance of a Helm uninstall action. Defaults to 'HelmReleaseSpec.Timeout'. + description: |- + Timeout is the time to wait for any individual Kubernetes operation (like + Jobs for hooks) during the performance of a Helm uninstall action. Defaults + to 'HelmReleaseSpec.Timeout'. pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$ type: string type: object upgrade: - description: Upgrade holds the configuration for Helm upgrade actions for this HelmRelease. + description: Upgrade holds the configuration for Helm upgrade actions + for this HelmRelease. properties: cleanupOnFail: - description: CleanupOnFail allows deletion of new resources created during the Helm upgrade action when - it fails. + description: |- + CleanupOnFail allows deletion of new resources created during the Helm + upgrade action when it fails. type: boolean crds: - description: "CRDs upgrade CRDs from the Helm Chart's crds directory according to the CRD upgrade policy - provided here. Valid values are `Skip`, `Create` or `CreateReplace`. Default is `Skip` and if omitted - CRDs are neither installed nor upgraded. \n Skip: do neither install nor replace (update) any CRDs. - \n Create: new CRDs are created, existing CRDs are neither updated nor deleted. \n CreateReplace: new - CRDs are created, existing CRDs are updated (replaced) but not deleted. \n By default, CRDs are not - applied during Helm upgrade action. With this option users can opt-in to CRD upgrade, which is not (yet) - natively supported by Helm. https://helm.sh/docs/chart_best_practices/custom_resource_definitions." + description: |- + CRDs upgrade CRDs from the Helm Chart's crds directory according + to the CRD upgrade policy provided here. Valid values are `Skip`, + `Create` or `CreateReplace`. Default is `Skip` and if omitted + CRDs are neither installed nor upgraded. + + + Skip: do neither install nor replace (update) any CRDs. + + + Create: new CRDs are created, existing CRDs are neither updated nor deleted. + + + CreateReplace: new CRDs are created, existing CRDs are updated (replaced) + but not deleted. + + + By default, CRDs are not applied during Helm upgrade action. With this + option users can opt-in to CRD upgrade, which is not (yet) natively supported by Helm. + https://helm.sh/docs/chart_best_practices/custom_resource_definitions. enum: - Skip - Create - CreateReplace type: string disableHooks: - description: DisableHooks prevents hooks from running during the Helm upgrade action. + description: DisableHooks prevents hooks from running during the + Helm upgrade action. type: boolean disableOpenAPIValidation: - description: DisableOpenAPIValidation prevents the Helm upgrade action from validating rendered templates - against the Kubernetes OpenAPI Schema. + description: |- + DisableOpenAPIValidation prevents the Helm upgrade action from validating + rendered templates against the Kubernetes OpenAPI Schema. type: boolean disableWait: - description: DisableWait disables the waiting for resources to be ready after a Helm upgrade has been - performed. + description: |- + DisableWait disables the waiting for resources to be ready after a Helm + upgrade has been performed. type: boolean disableWaitForJobs: - description: DisableWaitForJobs disables waiting for jobs to complete after a Helm upgrade has been performed. + description: |- + DisableWaitForJobs disables waiting for jobs to complete after a Helm + upgrade has been performed. type: boolean force: - description: Force forces resource updates through a replacement strategy. + description: Force forces resource updates through a replacement + strategy. type: boolean preserveValues: - description: PreserveValues will make Helm reuse the last release's values and merge in overrides from - 'Values'. Setting this flag makes the HelmRelease non-declarative. + description: |- + PreserveValues will make Helm reuse the last release's values and merge in + overrides from 'Values'. Setting this flag makes the HelmRelease + non-declarative. type: boolean remediation: - description: Remediation holds the remediation configuration for when the Helm upgrade action for the - HelmRelease fails. The default is to not perform any action. + description: |- + Remediation holds the remediation configuration for when the Helm upgrade + action for the HelmRelease fails. The default is to not perform any action. properties: ignoreTestFailures: - description: IgnoreTestFailures tells the controller to skip remediation when the Helm tests are run - after an upgrade action but fail. Defaults to 'Test.IgnoreFailures'. + description: |- + IgnoreTestFailures tells the controller to skip remediation when the Helm + tests are run after an upgrade action but fail. + Defaults to 'Test.IgnoreFailures'. type: boolean remediateLastFailure: - description: RemediateLastFailure tells the controller to remediate the last failure, when no retries - remain. Defaults to 'false' unless 'Retries' is greater than 0. + description: |- + RemediateLastFailure tells the controller to remediate the last failure, when + no retries remain. Defaults to 'false' unless 'Retries' is greater than 0. type: boolean retries: - description: Retries is the number of retries that should be attempted on failures before bailing. - Remediation, using 'Strategy', is performed between each attempt. Defaults to '0', a negative integer - equals to unlimited retries. + description: |- + Retries is the number of retries that should be attempted on failures before + bailing. Remediation, using 'Strategy', is performed between each attempt. + Defaults to '0', a negative integer equals to unlimited retries. type: integer strategy: - description: Strategy to use for failure remediation. Defaults to 'rollback'. + description: Strategy to use for failure remediation. Defaults + to 'rollback'. enum: - rollback - uninstall type: string type: object timeout: - description: Timeout is the time to wait for any individual Kubernetes operation (like Jobs for hooks) - during the performance of a Helm upgrade action. Defaults to 'HelmReleaseSpec.Timeout'. + description: |- + Timeout is the time to wait for any individual Kubernetes operation (like + Jobs for hooks) during the performance of a Helm upgrade action. Defaults to + 'HelmReleaseSpec.Timeout'. pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$ type: string type: object @@ -5401,39 +9899,46 @@ spec: description: Values holds the values for this Helm release. x-kubernetes-preserve-unknown-fields: true valuesFrom: - description: ValuesFrom holds references to resources containing Helm values for this HelmRelease, and information - about how they should be merged. + description: |- + ValuesFrom holds references to resources containing Helm values for this HelmRelease, + and information about how they should be merged. items: - description: ValuesReference contains a reference to a resource containing Helm values, and optionally the - key they can be found at. + description: |- + ValuesReference contains a reference to a resource containing Helm values, + and optionally the key they can be found at. properties: kind: - description: Kind of the values referent, valid values are ('Secret', 'ConfigMap'). + description: Kind of the values referent, valid values are ('Secret', + 'ConfigMap'). enum: - Secret - ConfigMap type: string name: - description: Name of the values referent. Should reside in the same namespace as the referring resource. + description: |- + Name of the values referent. Should reside in the same namespace as the + referring resource. maxLength: 253 minLength: 1 type: string optional: - description: Optional marks this ValuesReference as optional. When set, a not found error for the values - reference is ignored, but any ValuesKey, TargetPath or transient error will still result in a reconciliation - failure. + description: |- + Optional marks this ValuesReference as optional. When set, a not found error + for the values reference is ignored, but any ValuesKey, TargetPath or + transient error will still result in a reconciliation failure. type: boolean targetPath: - description: TargetPath is the YAML dot notation path the value should be merged at. When set, the ValuesKey - is expected to be a single flat value. Defaults to 'None', which results in the values getting merged - at the root. + description: |- + TargetPath is the YAML dot notation path the value should be merged at. When + set, the ValuesKey is expected to be a single flat value. Defaults to 'None', + which results in the values getting merged at the root. maxLength: 250 pattern: ^([a-zA-Z0-9_\-.\\\/]|\[[0-9]{1,5}\])+$ type: string valuesKey: - description: ValuesKey is the data key where the values.yaml or a specific value can be found at. Defaults - to 'values.yaml'. When set, must be a valid Data Key, consisting of alphanumeric characters, '-', - '_' or '.'. + description: |- + ValuesKey is the data key where the values.yaml or a specific value can be + found at. Defaults to 'values.yaml'. maxLength: 253 pattern: ^[\-._a-zA-Z0-9]+$ type: string @@ -5443,9 +9948,12 @@ spec: type: object type: array required: - - chart - interval type: object + x-kubernetes-validations: + - message: either chart or chartRef must be set + rule: (has(self.chart) && !has(self.chartRef)) || (!has(self.chart) + && has(self.chartRef)) status: default: observedGeneration: -1 @@ -5454,35 +9962,43 @@ spec: conditions: description: Conditions holds the conditions for the HelmRelease. items: - description: "Condition contains details for one aspect of the current state of this API Resource. --- This - struct is intended for direct use as an array at the field path .status.conditions. For example, \n type - FooStatus struct{ // Represents the observations of a foo's current state. // Known .status.conditions.type - are: \"Available\", \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge // - +listType=map // +listMapKey=type Conditions []metav1.Condition `json:\"conditions,omitempty\" patchStrategy:\"merge\" - patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" + description: "Condition contains details for one aspect of the current + state of this API Resource.\n---\nThis struct is intended for + direct use as an array at the field path .status.conditions. For + example,\n\n\n\ttype FooStatus struct{\n\t // Represents the + observations of a foo's current state.\n\t // Known .status.conditions.type + are: \"Available\", \"Progressing\", and \"Degraded\"\n\t // + +patchMergeKey=type\n\t // +patchStrategy=merge\n\t // +listType=map\n\t + \ // +listMapKey=type\n\t Conditions []metav1.Condition `json:\"conditions,omitempty\" + patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"`\n\n\n\t + \ // other fields\n\t}" properties: lastTransitionTime: - description: lastTransitionTime is the last time the condition transitioned from one status to another. - This should be when the underlying condition changed. If that is not known, then using the time when - the API field changed is acceptable. + description: |- + lastTransitionTime is the last time the condition transitioned from one status to another. + This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. format: date-time type: string message: - description: message is a human readable message indicating details about the transition. This may be - an empty string. + description: |- + message is a human readable message indicating details about the transition. + This may be an empty string. maxLength: 32768 type: string observedGeneration: - description: observedGeneration represents the .metadata.generation that the condition was set based - upon. For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration - is 9, the condition is out of date with respect to the current state of the instance. + description: |- + observedGeneration represents the .metadata.generation that the condition was set based upon. + For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date + with respect to the current state of the instance. format: int64 minimum: 0 type: integer reason: - description: reason contains a programmatic identifier indicating the reason for the condition's last - transition. Producers of specific condition types may define expected values and meanings for this - field, and whether the values are considered a guaranteed API. The value should be a CamelCase string. + description: |- + reason contains a programmatic identifier indicating the reason for the condition's last transition. + Producers of specific condition types may define expected values and meanings for this field, + and whether the values are considered a guaranteed API. + The value should be a CamelCase string. This field may not be empty. maxLength: 1024 minLength: 1 @@ -5496,9 +10012,12 @@ spec: - Unknown type: string type: - description: type of condition in CamelCase or in foo.example.com/CamelCase. --- Many .condition.type - values are consistent across resources like Available, but because arbitrary conditions can be useful - (see .node.status.conditions), the ability to deconflict is important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + description: |- + type of condition in CamelCase or in foo.example.com/CamelCase. + --- + Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be + useful (see .node.status.conditions), the ability to deconflict is important. + The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) maxLength: 316 pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ type: string @@ -5511,48 +10030,217 @@ spec: type: object type: array failures: - description: Failures is the reconciliation failure count against the latest desired state. It is reset after - a successful reconciliation. + description: |- + Failures is the reconciliation failure count against the latest desired + state. It is reset after a successful reconciliation. format: int64 type: integer helmChart: - description: HelmChart is the namespaced name of the HelmChart resource created by the controller for the - HelmRelease. - type: string + description: |- + HelmChart is the namespaced name of the HelmChart resource created by + the controller for the HelmRelease. + type: string + history: + description: |- + History holds the history of Helm releases performed for this HelmRelease + up to the last successfully completed release. + items: + description: |- + Snapshot captures a point-in-time copy of the status information for a Helm release, + as managed by the controller. + properties: + apiVersion: + description: |- + APIVersion is the API version of the Snapshot. + Provisional: when the calculation method of the Digest field is changed, + this field will be used to distinguish between the old and new methods. + type: string + appVersion: + description: AppVersion is the chart app version of the release + object in storage. + type: string + chartName: + description: ChartName is the chart name of the release object + in storage. + type: string + chartVersion: + description: |- + ChartVersion is the chart version of the release object in + storage. + type: string + configDigest: + description: |- + ConfigDigest is the checksum of the config (better known as + "values") of the release object in storage. + It has the format of `:`. + type: string + deleted: + description: Deleted is when the release was deleted. + format: date-time + type: string + digest: + description: |- + Digest is the checksum of the release object in storage. + It has the format of `:`. + type: string + firstDeployed: + description: FirstDeployed is when the release was first deployed. + format: date-time + type: string + lastDeployed: + description: LastDeployed is when the release was last deployed. + format: date-time + type: string + name: + description: Name is the name of the release. + type: string + namespace: + description: Namespace is the namespace the release is deployed + to. + type: string + ociDigest: + description: OCIDigest is the digest of the OCI artifact associated + with the release. + type: string + status: + description: Status is the current state of the release. + type: string + testHooks: + additionalProperties: + description: |- + TestHookStatus holds the status information for a test hook as observed + to be run by the controller. + properties: + lastCompleted: + description: LastCompleted is the time the test hook last + completed. + format: date-time + type: string + lastStarted: + description: LastStarted is the time the test hook was + last started. + format: date-time + type: string + phase: + description: Phase the test hook was observed to be in. + type: string + type: object + description: |- + TestHooks is the list of test hooks for the release as observed to be + run by the controller. + type: object + version: + description: Version is the version of the release object in + storage. + type: integer + required: + - chartName + - chartVersion + - configDigest + - digest + - firstDeployed + - lastDeployed + - name + - namespace + - status + - version + type: object + type: array installFailures: - description: InstallFailures is the install failure count against the latest desired state. It is reset after - a successful reconciliation. + description: |- + InstallFailures is the install failure count against the latest desired + state. It is reset after a successful reconciliation. format: int64 type: integer lastAppliedRevision: - description: LastAppliedRevision is the revision of the last successfully applied source. + description: |- + LastAppliedRevision is the revision of the last successfully applied + source. + Deprecated: the revision can now be found in the History. + type: string + lastAttemptedConfigDigest: + description: |- + LastAttemptedConfigDigest is the digest for the config (better known as + "values") of the last reconciliation attempt. + type: string + lastAttemptedGeneration: + description: |- + LastAttemptedGeneration is the last generation the controller attempted + to reconcile. + format: int64 + type: integer + lastAttemptedReleaseAction: + description: |- + LastAttemptedReleaseAction is the last release action performed for this + HelmRelease. It is used to determine the active remediation strategy. + enum: + - install + - upgrade type: string lastAttemptedRevision: - description: LastAttemptedRevision is the revision of the last reconciliation attempt. + description: |- + LastAttemptedRevision is the Source revision of the last reconciliation + attempt. For OCIRepository sources, the 12 first characters of the digest are + appended to the chart version e.g. "1.2.3+1234567890ab". + type: string + lastAttemptedRevisionDigest: + description: |- + LastAttemptedRevisionDigest is the digest of the last reconciliation attempt. + This is only set for OCIRepository sources. type: string lastAttemptedValuesChecksum: - description: LastAttemptedValuesChecksum is the SHA1 checksum of the values of the last reconciliation attempt. + description: |- + LastAttemptedValuesChecksum is the SHA1 checksum for the values of the last + reconciliation attempt. + Deprecated: Use LastAttemptedConfigDigest instead. + type: string + lastHandledForceAt: + description: |- + LastHandledForceAt holds the value of the most recent force request + value, so a change of the annotation value can be detected. type: string lastHandledReconcileAt: - description: LastHandledReconcileAt holds the value of the most recent reconcile request value, so a change - of the annotation value can be detected. + description: |- + LastHandledReconcileAt holds the value of the most recent + reconcile request value, so a change of the annotation value + can be detected. + type: string + lastHandledResetAt: + description: |- + LastHandledResetAt holds the value of the most recent reset request + value, so a change of the annotation value can be detected. type: string lastReleaseRevision: - description: LastReleaseRevision is the revision of the last successful Helm release. + description: |- + LastReleaseRevision is the revision of the last successful Helm release. + Deprecated: Use History instead. type: integer observedGeneration: description: ObservedGeneration is the last observed generation. format: int64 type: integer + observedPostRenderersDigest: + description: |- + ObservedPostRenderersDigest is the digest for the post-renderers of + the last successful reconciliation attempt. + type: string + storageNamespace: + description: |- + StorageNamespace is the namespace of the Helm release storage for the + current release. + maxLength: 63 + minLength: 1 + type: string upgradeFailures: - description: UpgradeFailures is the upgrade failure count against the latest desired state. It is reset after - a successful reconciliation. + description: |- + UpgradeFailures is the upgrade failure count against the latest desired + state. It is reset after a successful reconciliation. format: int64 type: integer type: object type: object served: true - storage: true + storage: false subresources: status: {} --- @@ -5563,7 +10251,7 @@ metadata: app.kubernetes.io/component: helm-controller app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v2.1.1 + app.kubernetes.io/version: v2.3.0 name: helm-controller namespace: flux-system --- @@ -5574,7 +10262,7 @@ metadata: app.kubernetes.io/component: helm-controller app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v2.1.1 + app.kubernetes.io/version: v2.3.0 control-plane: controller name: helm-controller namespace: flux-system @@ -5603,7 +10291,17 @@ spec: valueFrom: fieldRef: fieldPath: metadata.namespace - image: ghcr.io/fluxcd/helm-controller:v0.36.1 + - name: GOMAXPROCS + valueFrom: + resourceFieldRef: + containerName: manager + resource: limits.cpu + - name: GOMEMLIMIT + valueFrom: + resourceFieldRef: + containerName: manager + resource: limits.memory + image: ghcr.io/fluxcd/helm-controller:v1.0.1 imagePullPolicy: IfNotPresent livenessProbe: httpGet: @@ -5655,12 +10353,12 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.12.0 + controller-gen.kubebuilder.io/version: v0.15.0 labels: app.kubernetes.io/component: notification-controller app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v2.1.1 + app.kubernetes.io/version: v2.3.0 name: alerts.notification.toolkit.fluxcd.io spec: group: notification.toolkit.fluxcd.io @@ -5681,27 +10379,39 @@ spec: - jsonPath: .status.conditions[?(@.type=="Ready")].message name: Status type: string + deprecated: true + deprecationWarning: v1beta1 Alert is deprecated, upgrade to v1beta3 name: v1beta1 schema: openAPIV3Schema: description: Alert is the Schema for the alerts API properties: apiVersion: - description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert - recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string kind: - description: 'Kind is a string value representing the REST resource this object represents. Servers may infer - this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string metadata: type: object spec: - description: AlertSpec defines an alerting rule for events involving a list of objects + description: AlertSpec defines an alerting rule for events involving a + list of objects properties: eventSeverity: default: info - description: Filter events based on severity, defaults to ('info'). If set to 'info' no events will be filtered. + description: |- + Filter events based on severity, defaults to ('info'). + If set to 'info' no events will be filtered. enum: - info - error @@ -5709,8 +10419,9 @@ spec: eventSources: description: Filter events based on the involved objects. items: - description: CrossNamespaceObjectReference contains enough information to let you locate the typed referenced - object at cluster level + description: |- + CrossNamespaceObjectReference contains enough information to let you locate the + typed referenced object at cluster level properties: apiVersion: description: API version of the referent @@ -5732,9 +10443,10 @@ spec: matchLabels: additionalProperties: type: string - description: MatchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map - is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and - the values array contains only "value". The requirements are ANDed. + description: |- + MatchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, whose key field is "key", the + operator is "In", and the values array contains only "value". The requirements are ANDed. type: object name: description: Name of the referent @@ -5751,7 +10463,8 @@ spec: type: object type: array exclusionList: - description: A list of Golang regular expressions to be used for excluding messages. + description: A list of Golang regular expressions to be used for excluding + messages. items: type: string type: array @@ -5768,7 +10481,9 @@ spec: description: Short description of the impact and affected cluster. type: string suspend: - description: This flag tells the controller to suspend subsequent events dispatching. Defaults to false. + description: |- + This flag tells the controller to suspend subsequent events dispatching. + Defaults to false. type: boolean required: - eventSources @@ -5781,35 +10496,43 @@ spec: properties: conditions: items: - description: "Condition contains details for one aspect of the current state of this API Resource. --- This - struct is intended for direct use as an array at the field path .status.conditions. For example, \n type - FooStatus struct{ // Represents the observations of a foo's current state. // Known .status.conditions.type - are: \"Available\", \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge // - +listType=map // +listMapKey=type Conditions []metav1.Condition `json:\"conditions,omitempty\" patchStrategy:\"merge\" - patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" + description: "Condition contains details for one aspect of the current + state of this API Resource.\n---\nThis struct is intended for + direct use as an array at the field path .status.conditions. For + example,\n\n\n\ttype FooStatus struct{\n\t // Represents the + observations of a foo's current state.\n\t // Known .status.conditions.type + are: \"Available\", \"Progressing\", and \"Degraded\"\n\t // + +patchMergeKey=type\n\t // +patchStrategy=merge\n\t // +listType=map\n\t + \ // +listMapKey=type\n\t Conditions []metav1.Condition `json:\"conditions,omitempty\" + patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"`\n\n\n\t + \ // other fields\n\t}" properties: lastTransitionTime: - description: lastTransitionTime is the last time the condition transitioned from one status to another. - This should be when the underlying condition changed. If that is not known, then using the time when - the API field changed is acceptable. + description: |- + lastTransitionTime is the last time the condition transitioned from one status to another. + This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. format: date-time type: string message: - description: message is a human readable message indicating details about the transition. This may be - an empty string. + description: |- + message is a human readable message indicating details about the transition. + This may be an empty string. maxLength: 32768 type: string observedGeneration: - description: observedGeneration represents the .metadata.generation that the condition was set based - upon. For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration - is 9, the condition is out of date with respect to the current state of the instance. + description: |- + observedGeneration represents the .metadata.generation that the condition was set based upon. + For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date + with respect to the current state of the instance. format: int64 minimum: 0 type: integer reason: - description: reason contains a programmatic identifier indicating the reason for the condition's last - transition. Producers of specific condition types may define expected values and meanings for this - field, and whether the values are considered a guaranteed API. The value should be a CamelCase string. + description: |- + reason contains a programmatic identifier indicating the reason for the condition's last transition. + Producers of specific condition types may define expected values and meanings for this field, + and whether the values are considered a guaranteed API. + The value should be a CamelCase string. This field may not be empty. maxLength: 1024 minLength: 1 @@ -5823,9 +10546,12 @@ spec: - Unknown type: string type: - description: type of condition in CamelCase or in foo.example.com/CamelCase. --- Many .condition.type - values are consistent across resources like Available, but because arbitrary conditions can be useful - (see .node.status.conditions), the ability to deconflict is important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + description: |- + type of condition in CamelCase or in foo.example.com/CamelCase. + --- + Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be + useful (see .node.status.conditions), the ability to deconflict is important. + The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) maxLength: 316 pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ type: string @@ -5857,45 +10583,61 @@ spec: - jsonPath: .status.conditions[?(@.type=="Ready")].message name: Status type: string + deprecated: true + deprecationWarning: v1beta2 Alert is deprecated, upgrade to v1beta3 name: v1beta2 schema: openAPIV3Schema: description: Alert is the Schema for the alerts API properties: apiVersion: - description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert - recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string kind: - description: 'Kind is a string value representing the REST resource this object represents. Servers may infer - this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string metadata: type: object spec: - description: AlertSpec defines an alerting rule for events involving a list of objects. + description: AlertSpec defines an alerting rule for events involving a + list of objects. properties: eventMetadata: additionalProperties: type: string - description: EventMetadata is an optional field for adding metadata to events dispatched by the controller. - This can be used for enhancing the context of the event. If a field would override one already present on - the original event as generated by the emitter, then the override doesn't happen, i.e. the original value - is preserved, and an info log is printed. + description: |- + EventMetadata is an optional field for adding metadata to events dispatched by the + controller. This can be used for enhancing the context of the event. If a field + would override one already present on the original event as generated by the emitter, + then the override doesn't happen, i.e. the original value is preserved, and an info + log is printed. type: object eventSeverity: default: info - description: EventSeverity specifies how to filter events based on severity. If set to 'info' no events will - be filtered. + description: |- + EventSeverity specifies how to filter events based on severity. + If set to 'info' no events will be filtered. enum: - info - error type: string eventSources: - description: EventSources specifies how to filter events based on the involved object kind, name and namespace. + description: |- + EventSources specifies how to filter events based + on the involved object kind, name and namespace. items: - description: CrossNamespaceObjectReference contains enough information to let you locate the typed referenced - object at cluster level + description: |- + CrossNamespaceObjectReference contains enough information to let you locate the + typed referenced object at cluster level properties: apiVersion: description: API version of the referent @@ -5917,13 +10659,16 @@ spec: matchLabels: additionalProperties: type: string - description: MatchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map - is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and - the values array contains only "value". The requirements are ANDed. MatchLabels requires the name - to be set to `*`. + description: |- + MatchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, whose key field is "key", the + operator is "In", and the values array contains only "value". The requirements are ANDed. + MatchLabels requires the name to be set to `*`. type: object name: - description: Name of the referent If multiple resources are targeted `*` may be set. + description: |- + Name of the referent + If multiple resources are targeted `*` may be set. maxLength: 53 minLength: 1 type: string @@ -5938,17 +10683,22 @@ spec: type: object type: array exclusionList: - description: ExclusionList specifies a list of Golang regular expressions to be used for excluding messages. + description: |- + ExclusionList specifies a list of Golang regular expressions + to be used for excluding messages. items: type: string type: array inclusionList: - description: InclusionList specifies a list of Golang regular expressions to be used for including messages. + description: |- + InclusionList specifies a list of Golang regular expressions + to be used for including messages. items: type: string type: array providerRef: - description: ProviderRef specifies which Provider this Alert should use. + description: ProviderRef specifies which Provider this Alert should + use. properties: name: description: Name of the referent. @@ -5957,11 +10707,14 @@ spec: - name type: object summary: - description: Summary holds a short description of the impact and affected cluster. + description: Summary holds a short description of the impact and affected + cluster. maxLength: 255 type: string suspend: - description: Suspend tells the controller to suspend subsequent events handling for this Alert. + description: |- + Suspend tells the controller to suspend subsequent + events handling for this Alert. type: boolean required: - eventSources @@ -5975,35 +10728,43 @@ spec: conditions: description: Conditions holds the conditions for the Alert. items: - description: "Condition contains details for one aspect of the current state of this API Resource. --- This - struct is intended for direct use as an array at the field path .status.conditions. For example, \n type - FooStatus struct{ // Represents the observations of a foo's current state. // Known .status.conditions.type - are: \"Available\", \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge // - +listType=map // +listMapKey=type Conditions []metav1.Condition `json:\"conditions,omitempty\" patchStrategy:\"merge\" - patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" + description: "Condition contains details for one aspect of the current + state of this API Resource.\n---\nThis struct is intended for + direct use as an array at the field path .status.conditions. For + example,\n\n\n\ttype FooStatus struct{\n\t // Represents the + observations of a foo's current state.\n\t // Known .status.conditions.type + are: \"Available\", \"Progressing\", and \"Degraded\"\n\t // + +patchMergeKey=type\n\t // +patchStrategy=merge\n\t // +listType=map\n\t + \ // +listMapKey=type\n\t Conditions []metav1.Condition `json:\"conditions,omitempty\" + patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"`\n\n\n\t + \ // other fields\n\t}" properties: lastTransitionTime: - description: lastTransitionTime is the last time the condition transitioned from one status to another. - This should be when the underlying condition changed. If that is not known, then using the time when - the API field changed is acceptable. + description: |- + lastTransitionTime is the last time the condition transitioned from one status to another. + This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. format: date-time type: string message: - description: message is a human readable message indicating details about the transition. This may be - an empty string. + description: |- + message is a human readable message indicating details about the transition. + This may be an empty string. maxLength: 32768 type: string observedGeneration: - description: observedGeneration represents the .metadata.generation that the condition was set based - upon. For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration - is 9, the condition is out of date with respect to the current state of the instance. + description: |- + observedGeneration represents the .metadata.generation that the condition was set based upon. + For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date + with respect to the current state of the instance. format: int64 minimum: 0 type: integer reason: - description: reason contains a programmatic identifier indicating the reason for the condition's last - transition. Producers of specific condition types may define expected values and meanings for this - field, and whether the values are considered a guaranteed API. The value should be a CamelCase string. + description: |- + reason contains a programmatic identifier indicating the reason for the condition's last transition. + Producers of specific condition types may define expected values and meanings for this field, + and whether the values are considered a guaranteed API. + The value should be a CamelCase string. This field may not be empty. maxLength: 1024 minLength: 1 @@ -6017,9 +10778,12 @@ spec: - Unknown type: string type: - description: type of condition in CamelCase or in foo.example.com/CamelCase. --- Many .condition.type - values are consistent across resources like Available, but because arbitrary conditions can be useful - (see .node.status.conditions), the ability to deconflict is important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + description: |- + type of condition in CamelCase or in foo.example.com/CamelCase. + --- + Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be + useful (see .node.status.conditions), the ability to deconflict is important. + The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) maxLength: 316 pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ type: string @@ -6032,8 +10796,10 @@ spec: type: object type: array lastHandledReconcileAt: - description: LastHandledReconcileAt holds the value of the most recent reconcile request value, so a change - of the annotation value can be detected. + description: |- + LastHandledReconcileAt holds the value of the most recent + reconcile request value, so a change of the annotation value + can be detected. type: string observedGeneration: description: ObservedGeneration is the last observed generation. @@ -6042,20 +10808,163 @@ spec: type: object type: object served: true - storage: true + storage: false subresources: status: {} + - additionalPrinterColumns: + - jsonPath: .metadata.creationTimestamp + name: Age + type: date + name: v1beta3 + schema: + openAPIV3Schema: + description: Alert is the Schema for the alerts API + properties: + apiVersion: + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources + type: string + kind: + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds + type: string + metadata: + type: object + spec: + description: AlertSpec defines an alerting rule for events involving a + list of objects. + properties: + eventMetadata: + additionalProperties: + type: string + description: |- + EventMetadata is an optional field for adding metadata to events dispatched by the + controller. This can be used for enhancing the context of the event. If a field + would override one already present on the original event as generated by the emitter, + then the override doesn't happen, i.e. the original value is preserved, and an info + log is printed. + type: object + eventSeverity: + default: info + description: |- + EventSeverity specifies how to filter events based on severity. + If set to 'info' no events will be filtered. + enum: + - info + - error + type: string + eventSources: + description: |- + EventSources specifies how to filter events based + on the involved object kind, name and namespace. + items: + description: |- + CrossNamespaceObjectReference contains enough information to let you locate the + typed referenced object at cluster level + properties: + apiVersion: + description: API version of the referent + type: string + kind: + description: Kind of the referent + enum: + - Bucket + - GitRepository + - Kustomization + - HelmRelease + - HelmChart + - HelmRepository + - ImageRepository + - ImagePolicy + - ImageUpdateAutomation + - OCIRepository + type: string + matchLabels: + additionalProperties: + type: string + description: |- + MatchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, whose key field is "key", the + operator is "In", and the values array contains only "value". The requirements are ANDed. + MatchLabels requires the name to be set to `*`. + type: object + name: + description: |- + Name of the referent + If multiple resources are targeted `*` may be set. + maxLength: 53 + minLength: 1 + type: string + namespace: + description: Namespace of the referent + maxLength: 53 + minLength: 1 + type: string + required: + - kind + - name + type: object + type: array + exclusionList: + description: |- + ExclusionList specifies a list of Golang regular expressions + to be used for excluding messages. + items: + type: string + type: array + inclusionList: + description: |- + InclusionList specifies a list of Golang regular expressions + to be used for including messages. + items: + type: string + type: array + providerRef: + description: ProviderRef specifies which Provider this Alert should + use. + properties: + name: + description: Name of the referent. + type: string + required: + - name + type: object + summary: + description: Summary holds a short description of the impact and affected + cluster. + maxLength: 255 + type: string + suspend: + description: |- + Suspend tells the controller to suspend subsequent + events handling for this Alert. + type: boolean + required: + - eventSources + - providerRef + type: object + type: object + served: true + storage: true + subresources: {} --- apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.12.0 + controller-gen.kubebuilder.io/version: v0.15.0 labels: app.kubernetes.io/component: notification-controller app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v2.1.1 + app.kubernetes.io/version: v2.3.0 name: providers.notification.toolkit.fluxcd.io spec: group: notification.toolkit.fluxcd.io @@ -6076,18 +10985,27 @@ spec: - jsonPath: .status.conditions[?(@.type=="Ready")].message name: Status type: string + deprecated: true + deprecationWarning: v1beta1 Provider is deprecated, upgrade to v1beta3 name: v1beta1 schema: openAPIV3Schema: description: Provider is the Schema for the providers API properties: apiVersion: - description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert - recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string kind: - description: 'Kind is a string value representing the REST resource this object represents. Servers may infer - this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string metadata: type: object @@ -6099,7 +11017,9 @@ spec: pattern: ^(http|https):// type: string certSecretRef: - description: CertSecretRef can be given the name of a secret containing a PEM-encoded CA certificate (`caFile`) + description: |- + CertSecretRef can be given the name of a secret containing + a PEM-encoded CA certificate (`caFile`) properties: name: description: Name of the referent. @@ -6115,7 +11035,9 @@ spec: pattern: ^(http|https):// type: string secretRef: - description: Secret reference containing the provider webhook URL using "address" as data key + description: |- + Secret reference containing the provider webhook URL + using "address" as data key properties: name: description: Name of the referent. @@ -6124,7 +11046,9 @@ spec: - name type: object suspend: - description: This flag tells the controller to suspend subsequent events handling. Defaults to false. + description: |- + This flag tells the controller to suspend subsequent events handling. + Defaults to false. type: boolean timeout: description: Timeout for sending alerts to the provider. @@ -6168,35 +11092,43 @@ spec: properties: conditions: items: - description: "Condition contains details for one aspect of the current state of this API Resource. --- This - struct is intended for direct use as an array at the field path .status.conditions. For example, \n type - FooStatus struct{ // Represents the observations of a foo's current state. // Known .status.conditions.type - are: \"Available\", \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge // - +listType=map // +listMapKey=type Conditions []metav1.Condition `json:\"conditions,omitempty\" patchStrategy:\"merge\" - patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" + description: "Condition contains details for one aspect of the current + state of this API Resource.\n---\nThis struct is intended for + direct use as an array at the field path .status.conditions. For + example,\n\n\n\ttype FooStatus struct{\n\t // Represents the + observations of a foo's current state.\n\t // Known .status.conditions.type + are: \"Available\", \"Progressing\", and \"Degraded\"\n\t // + +patchMergeKey=type\n\t // +patchStrategy=merge\n\t // +listType=map\n\t + \ // +listMapKey=type\n\t Conditions []metav1.Condition `json:\"conditions,omitempty\" + patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"`\n\n\n\t + \ // other fields\n\t}" properties: lastTransitionTime: - description: lastTransitionTime is the last time the condition transitioned from one status to another. - This should be when the underlying condition changed. If that is not known, then using the time when - the API field changed is acceptable. + description: |- + lastTransitionTime is the last time the condition transitioned from one status to another. + This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. format: date-time type: string message: - description: message is a human readable message indicating details about the transition. This may be - an empty string. + description: |- + message is a human readable message indicating details about the transition. + This may be an empty string. maxLength: 32768 type: string observedGeneration: - description: observedGeneration represents the .metadata.generation that the condition was set based - upon. For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration - is 9, the condition is out of date with respect to the current state of the instance. + description: |- + observedGeneration represents the .metadata.generation that the condition was set based upon. + For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date + with respect to the current state of the instance. format: int64 minimum: 0 type: integer reason: - description: reason contains a programmatic identifier indicating the reason for the condition's last - transition. Producers of specific condition types may define expected values and meanings for this - field, and whether the values are considered a guaranteed API. The value should be a CamelCase string. + description: |- + reason contains a programmatic identifier indicating the reason for the condition's last transition. + Producers of specific condition types may define expected values and meanings for this field, + and whether the values are considered a guaranteed API. + The value should be a CamelCase string. This field may not be empty. maxLength: 1024 minLength: 1 @@ -6210,9 +11142,12 @@ spec: - Unknown type: string type: - description: type of condition in CamelCase or in foo.example.com/CamelCase. --- Many .condition.type - values are consistent across resources like Available, but because arbitrary conditions can be useful - (see .node.status.conditions), the ability to deconflict is important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + description: |- + type of condition in CamelCase or in foo.example.com/CamelCase. + --- + Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be + useful (see .node.status.conditions), the ability to deconflict is important. + The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) maxLength: 316 pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ type: string @@ -6244,18 +11179,27 @@ spec: - jsonPath: .status.conditions[?(@.type=="Ready")].message name: Status type: string + deprecated: true + deprecationWarning: v1beta2 Provider is deprecated, upgrade to v1beta3 name: v1beta2 schema: openAPIV3Schema: description: Provider is the Schema for the providers API. properties: apiVersion: - description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert - recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string kind: - description: 'Kind is a string value representing the REST resource this object represents. Servers may infer - this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string metadata: type: object @@ -6263,14 +11207,21 @@ spec: description: ProviderSpec defines the desired state of the Provider. properties: address: - description: Address specifies the endpoint, in a generic sense, to where alerts are sent. What kind of endpoint - depends on the specific Provider type being used. For the generic Provider, for example, this is an HTTP/S - address. For other Provider types this could be a project ID or a namespace. + description: |- + Address specifies the endpoint, in a generic sense, to where alerts are sent. + What kind of endpoint depends on the specific Provider type being used. + For the generic Provider, for example, this is an HTTP/S address. + For other Provider types this could be a project ID or a namespace. maxLength: 2048 type: string certSecretRef: - description: "CertSecretRef specifies the Secret containing a PEM-encoded CA certificate (in the `ca.crt` - key). \n Note: Support for the `caFile` key has been deprecated." + description: |- + CertSecretRef specifies the Secret containing + a PEM-encoded CA certificate (in the `ca.crt` key). + + + Note: Support for the `caFile` key has + been deprecated. properties: name: description: Name of the referent. @@ -6279,11 +11230,13 @@ spec: - name type: object channel: - description: Channel specifies the destination channel where events should be posted. + description: Channel specifies the destination channel where events + should be posted. maxLength: 2048 type: string interval: - description: Interval at which to reconcile the Provider with its Secret references. + description: Interval at which to reconcile the Provider with its + Secret references. pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$ type: string proxy: @@ -6292,7 +11245,9 @@ spec: pattern: ^(http|https)://.*$ type: string secretRef: - description: SecretRef specifies the Secret containing the authentication credentials for this Provider. + description: |- + SecretRef specifies the Secret containing the authentication + credentials for this Provider. properties: name: description: Name of the referent. @@ -6301,7 +11256,9 @@ spec: - name type: object suspend: - description: Suspend tells the controller to suspend subsequent events handling for this Provider. + description: |- + Suspend tells the controller to suspend subsequent + events handling for this Provider. type: boolean timeout: description: Timeout for sending alerts to the Provider. @@ -6319,6 +11276,7 @@ spec: - github - gitlab - gitea + - bitbucketserver - bitbucket - azuredevops - googlechat @@ -6351,35 +11309,43 @@ spec: conditions: description: Conditions holds the conditions for the Provider. items: - description: "Condition contains details for one aspect of the current state of this API Resource. --- This - struct is intended for direct use as an array at the field path .status.conditions. For example, \n type - FooStatus struct{ // Represents the observations of a foo's current state. // Known .status.conditions.type - are: \"Available\", \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge // - +listType=map // +listMapKey=type Conditions []metav1.Condition `json:\"conditions,omitempty\" patchStrategy:\"merge\" - patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" + description: "Condition contains details for one aspect of the current + state of this API Resource.\n---\nThis struct is intended for + direct use as an array at the field path .status.conditions. For + example,\n\n\n\ttype FooStatus struct{\n\t // Represents the + observations of a foo's current state.\n\t // Known .status.conditions.type + are: \"Available\", \"Progressing\", and \"Degraded\"\n\t // + +patchMergeKey=type\n\t // +patchStrategy=merge\n\t // +listType=map\n\t + \ // +listMapKey=type\n\t Conditions []metav1.Condition `json:\"conditions,omitempty\" + patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"`\n\n\n\t + \ // other fields\n\t}" properties: lastTransitionTime: - description: lastTransitionTime is the last time the condition transitioned from one status to another. - This should be when the underlying condition changed. If that is not known, then using the time when - the API field changed is acceptable. + description: |- + lastTransitionTime is the last time the condition transitioned from one status to another. + This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. format: date-time type: string message: - description: message is a human readable message indicating details about the transition. This may be - an empty string. + description: |- + message is a human readable message indicating details about the transition. + This may be an empty string. maxLength: 32768 type: string observedGeneration: - description: observedGeneration represents the .metadata.generation that the condition was set based - upon. For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration - is 9, the condition is out of date with respect to the current state of the instance. + description: |- + observedGeneration represents the .metadata.generation that the condition was set based upon. + For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date + with respect to the current state of the instance. format: int64 minimum: 0 type: integer reason: - description: reason contains a programmatic identifier indicating the reason for the condition's last - transition. Producers of specific condition types may define expected values and meanings for this - field, and whether the values are considered a guaranteed API. The value should be a CamelCase string. + description: |- + reason contains a programmatic identifier indicating the reason for the condition's last transition. + Producers of specific condition types may define expected values and meanings for this field, + and whether the values are considered a guaranteed API. + The value should be a CamelCase string. This field may not be empty. maxLength: 1024 minLength: 1 @@ -6393,9 +11359,12 @@ spec: - Unknown type: string type: - description: type of condition in CamelCase or in foo.example.com/CamelCase. --- Many .condition.type - values are consistent across resources like Available, but because arbitrary conditions can be useful - (see .node.status.conditions), the ability to deconflict is important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + description: |- + type of condition in CamelCase or in foo.example.com/CamelCase. + --- + Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be + useful (see .node.status.conditions), the ability to deconflict is important. + The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) maxLength: 316 pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ type: string @@ -6408,8 +11377,10 @@ spec: type: object type: array lastHandledReconcileAt: - description: LastHandledReconcileAt holds the value of the most recent reconcile request value, so a change - of the annotation value can be detected. + description: |- + LastHandledReconcileAt holds the value of the most recent + reconcile request value, so a change of the annotation value + can be detected. type: string observedGeneration: description: ObservedGeneration is the last reconciled generation. @@ -6418,20 +11389,150 @@ spec: type: object type: object served: true - storage: true + storage: false subresources: status: {} + - additionalPrinterColumns: + - jsonPath: .metadata.creationTimestamp + name: Age + type: date + name: v1beta3 + schema: + openAPIV3Schema: + description: Provider is the Schema for the providers API + properties: + apiVersion: + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources + type: string + kind: + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds + type: string + metadata: + type: object + spec: + description: ProviderSpec defines the desired state of the Provider. + properties: + address: + description: |- + Address specifies the endpoint, in a generic sense, to where alerts are sent. + What kind of endpoint depends on the specific Provider type being used. + For the generic Provider, for example, this is an HTTP/S address. + For other Provider types this could be a project ID or a namespace. + maxLength: 2048 + type: string + certSecretRef: + description: |- + CertSecretRef specifies the Secret containing + a PEM-encoded CA certificate (in the `ca.crt` key). + + + Note: Support for the `caFile` key has + been deprecated. + properties: + name: + description: Name of the referent. + type: string + required: + - name + type: object + channel: + description: Channel specifies the destination channel where events + should be posted. + maxLength: 2048 + type: string + interval: + description: |- + Interval at which to reconcile the Provider with its Secret references. + Deprecated and not used in v1beta3. + pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$ + type: string + proxy: + description: Proxy the HTTP/S address of the proxy server. + maxLength: 2048 + pattern: ^(http|https)://.*$ + type: string + secretRef: + description: |- + SecretRef specifies the Secret containing the authentication + credentials for this Provider. + properties: + name: + description: Name of the referent. + type: string + required: + - name + type: object + suspend: + description: |- + Suspend tells the controller to suspend subsequent + events handling for this Provider. + type: boolean + timeout: + description: Timeout for sending alerts to the Provider. + pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m))+$ + type: string + type: + description: Type specifies which Provider implementation to use. + enum: + - slack + - discord + - msteams + - rocket + - generic + - generic-hmac + - github + - gitlab + - gitea + - bitbucketserver + - bitbucket + - azuredevops + - googlechat + - googlepubsub + - webex + - sentry + - azureeventhub + - telegram + - lark + - matrix + - opsgenie + - alertmanager + - grafana + - githubdispatch + - pagerduty + - datadog + - nats + type: string + username: + description: Username specifies the name under which events are posted. + maxLength: 2048 + type: string + required: + - type + type: object + type: object + served: true + storage: true + subresources: {} --- apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.12.0 + controller-gen.kubebuilder.io/version: v0.15.0 labels: app.kubernetes.io/component: notification-controller app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v2.1.1 + app.kubernetes.io/version: v2.3.0 name: receivers.notification.toolkit.fluxcd.io spec: group: notification.toolkit.fluxcd.io @@ -6458,12 +11559,19 @@ spec: description: Receiver is the Schema for the receivers API. properties: apiVersion: - description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert - recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string kind: - description: 'Kind is a string value representing the REST resource this object represents. Servers may infer - this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string metadata: type: object @@ -6471,21 +11579,24 @@ spec: description: ReceiverSpec defines the desired state of the Receiver. properties: events: - description: Events specifies the list of event types to handle, e.g. 'push' for GitHub or 'Push Hook' for - GitLab. + description: |- + Events specifies the list of event types to handle, + e.g. 'push' for GitHub or 'Push Hook' for GitLab. items: type: string type: array interval: default: 10m - description: Interval at which to reconcile the Receiver with its Secret references. + description: Interval at which to reconcile the Receiver with its + Secret references. pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$ type: string resources: description: A list of resources to be notified about changes. items: - description: CrossNamespaceObjectReference contains enough information to let you locate the typed referenced - object at cluster level + description: |- + CrossNamespaceObjectReference contains enough information to let you locate the + typed referenced object at cluster level properties: apiVersion: description: API version of the referent @@ -6507,13 +11618,16 @@ spec: matchLabels: additionalProperties: type: string - description: MatchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map - is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and - the values array contains only "value". The requirements are ANDed. MatchLabels requires the name - to be set to `*`. + description: |- + MatchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, whose key field is "key", the + operator is "In", and the values array contains only "value". The requirements are ANDed. + MatchLabels requires the name to be set to `*`. type: object name: - description: Name of the referent If multiple resources are targeted `*` may be set. + description: |- + Name of the referent + If multiple resources are targeted `*` may be set. maxLength: 53 minLength: 1 type: string @@ -6528,7 +11642,9 @@ spec: type: object type: array secretRef: - description: SecretRef specifies the Secret containing the token used to validate the payload authenticity. + description: |- + SecretRef specifies the Secret containing the token used + to validate the payload authenticity. properties: name: description: Name of the referent. @@ -6537,10 +11653,14 @@ spec: - name type: object suspend: - description: Suspend tells the controller to suspend subsequent events handling for this receiver. + description: |- + Suspend tells the controller to suspend subsequent + events handling for this receiver. type: boolean type: - description: Type of webhook sender, used to determine the validation procedure and payload deserialization. + description: |- + Type of webhook sender, used to determine + the validation procedure and payload deserialization. enum: - generic - generic-hmac @@ -6553,6 +11673,7 @@ spec: - gcr - nexus - acr + - cdevents type: string required: - resources @@ -6567,35 +11688,43 @@ spec: conditions: description: Conditions holds the conditions for the Receiver. items: - description: "Condition contains details for one aspect of the current state of this API Resource. --- This - struct is intended for direct use as an array at the field path .status.conditions. For example, \n type - FooStatus struct{ // Represents the observations of a foo's current state. // Known .status.conditions.type - are: \"Available\", \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge // - +listType=map // +listMapKey=type Conditions []metav1.Condition `json:\"conditions,omitempty\" patchStrategy:\"merge\" - patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" + description: "Condition contains details for one aspect of the current + state of this API Resource.\n---\nThis struct is intended for + direct use as an array at the field path .status.conditions. For + example,\n\n\n\ttype FooStatus struct{\n\t // Represents the + observations of a foo's current state.\n\t // Known .status.conditions.type + are: \"Available\", \"Progressing\", and \"Degraded\"\n\t // + +patchMergeKey=type\n\t // +patchStrategy=merge\n\t // +listType=map\n\t + \ // +listMapKey=type\n\t Conditions []metav1.Condition `json:\"conditions,omitempty\" + patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"`\n\n\n\t + \ // other fields\n\t}" properties: lastTransitionTime: - description: lastTransitionTime is the last time the condition transitioned from one status to another. - This should be when the underlying condition changed. If that is not known, then using the time when - the API field changed is acceptable. + description: |- + lastTransitionTime is the last time the condition transitioned from one status to another. + This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. format: date-time type: string message: - description: message is a human readable message indicating details about the transition. This may be - an empty string. + description: |- + message is a human readable message indicating details about the transition. + This may be an empty string. maxLength: 32768 type: string observedGeneration: - description: observedGeneration represents the .metadata.generation that the condition was set based - upon. For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration - is 9, the condition is out of date with respect to the current state of the instance. + description: |- + observedGeneration represents the .metadata.generation that the condition was set based upon. + For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date + with respect to the current state of the instance. format: int64 minimum: 0 type: integer reason: - description: reason contains a programmatic identifier indicating the reason for the condition's last - transition. Producers of specific condition types may define expected values and meanings for this - field, and whether the values are considered a guaranteed API. The value should be a CamelCase string. + description: |- + reason contains a programmatic identifier indicating the reason for the condition's last transition. + Producers of specific condition types may define expected values and meanings for this field, + and whether the values are considered a guaranteed API. + The value should be a CamelCase string. This field may not be empty. maxLength: 1024 minLength: 1 @@ -6609,9 +11738,12 @@ spec: - Unknown type: string type: - description: type of condition in CamelCase or in foo.example.com/CamelCase. --- Many .condition.type - values are consistent across resources like Available, but because arbitrary conditions can be useful - (see .node.status.conditions), the ability to deconflict is important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + description: |- + type of condition in CamelCase or in foo.example.com/CamelCase. + --- + Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be + useful (see .node.status.conditions), the ability to deconflict is important. + The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) maxLength: 316 pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ type: string @@ -6624,15 +11756,20 @@ spec: type: object type: array lastHandledReconcileAt: - description: LastHandledReconcileAt holds the value of the most recent reconcile request value, so a change - of the annotation value can be detected. + description: |- + LastHandledReconcileAt holds the value of the most recent + reconcile request value, so a change of the annotation value + can be detected. type: string observedGeneration: - description: ObservedGeneration is the last observed generation of the Receiver object. + description: ObservedGeneration is the last observed generation of + the Receiver object. format: int64 type: integer webhookPath: - description: WebhookPath is the generated incoming webhook address in the format of '/hook/sha256sum(token+name+namespace)'. + description: |- + WebhookPath is the generated incoming webhook address in the format + of '/hook/sha256sum(token+name+namespace)'. type: string type: object type: object @@ -6658,12 +11795,19 @@ spec: description: Receiver is the Schema for the receivers API properties: apiVersion: - description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert - recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string kind: - description: 'Kind is a string value representing the REST resource this object represents. Servers may infer - this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string metadata: type: object @@ -6671,15 +11815,18 @@ spec: description: ReceiverSpec defines the desired state of Receiver properties: events: - description: A list of events to handle, e.g. 'push' for GitHub or 'Push Hook' for GitLab. + description: |- + A list of events to handle, + e.g. 'push' for GitHub or 'Push Hook' for GitLab. items: type: string type: array resources: description: A list of resources to be notified about changes. items: - description: CrossNamespaceObjectReference contains enough information to let you locate the typed referenced - object at cluster level + description: |- + CrossNamespaceObjectReference contains enough information to let you locate the + typed referenced object at cluster level properties: apiVersion: description: API version of the referent @@ -6701,9 +11848,10 @@ spec: matchLabels: additionalProperties: type: string - description: MatchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map - is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and - the values array contains only "value". The requirements are ANDed. + description: |- + MatchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, whose key field is "key", the + operator is "In", and the values array contains only "value". The requirements are ANDed. type: object name: description: Name of the referent @@ -6720,7 +11868,9 @@ spec: type: object type: array secretRef: - description: Secret reference containing the token used to validate the payload authenticity + description: |- + Secret reference containing the token used + to validate the payload authenticity properties: name: description: Name of the referent. @@ -6729,10 +11879,14 @@ spec: - name type: object suspend: - description: This flag tells the controller to suspend subsequent events handling. Defaults to false. + description: |- + This flag tells the controller to suspend subsequent events handling. + Defaults to false. type: boolean type: - description: Type of webhook sender, used to determine the validation procedure and payload deserialization. + description: |- + Type of webhook sender, used to determine + the validation procedure and payload deserialization. enum: - generic - generic-hmac @@ -6757,35 +11911,43 @@ spec: properties: conditions: items: - description: "Condition contains details for one aspect of the current state of this API Resource. --- This - struct is intended for direct use as an array at the field path .status.conditions. For example, \n type - FooStatus struct{ // Represents the observations of a foo's current state. // Known .status.conditions.type - are: \"Available\", \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge // - +listType=map // +listMapKey=type Conditions []metav1.Condition `json:\"conditions,omitempty\" patchStrategy:\"merge\" - patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" + description: "Condition contains details for one aspect of the current + state of this API Resource.\n---\nThis struct is intended for + direct use as an array at the field path .status.conditions. For + example,\n\n\n\ttype FooStatus struct{\n\t // Represents the + observations of a foo's current state.\n\t // Known .status.conditions.type + are: \"Available\", \"Progressing\", and \"Degraded\"\n\t // + +patchMergeKey=type\n\t // +patchStrategy=merge\n\t // +listType=map\n\t + \ // +listMapKey=type\n\t Conditions []metav1.Condition `json:\"conditions,omitempty\" + patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"`\n\n\n\t + \ // other fields\n\t}" properties: lastTransitionTime: - description: lastTransitionTime is the last time the condition transitioned from one status to another. - This should be when the underlying condition changed. If that is not known, then using the time when - the API field changed is acceptable. + description: |- + lastTransitionTime is the last time the condition transitioned from one status to another. + This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. format: date-time type: string message: - description: message is a human readable message indicating details about the transition. This may be - an empty string. + description: |- + message is a human readable message indicating details about the transition. + This may be an empty string. maxLength: 32768 type: string observedGeneration: - description: observedGeneration represents the .metadata.generation that the condition was set based - upon. For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration - is 9, the condition is out of date with respect to the current state of the instance. + description: |- + observedGeneration represents the .metadata.generation that the condition was set based upon. + For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date + with respect to the current state of the instance. format: int64 minimum: 0 type: integer reason: - description: reason contains a programmatic identifier indicating the reason for the condition's last - transition. Producers of specific condition types may define expected values and meanings for this - field, and whether the values are considered a guaranteed API. The value should be a CamelCase string. + description: |- + reason contains a programmatic identifier indicating the reason for the condition's last transition. + Producers of specific condition types may define expected values and meanings for this field, + and whether the values are considered a guaranteed API. + The value should be a CamelCase string. This field may not be empty. maxLength: 1024 minLength: 1 @@ -6799,9 +11961,12 @@ spec: - Unknown type: string type: - description: type of condition in CamelCase or in foo.example.com/CamelCase. --- Many .condition.type - values are consistent across resources like Available, but because arbitrary conditions can be useful - (see .node.status.conditions), the ability to deconflict is important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + description: |- + type of condition in CamelCase or in foo.example.com/CamelCase. + --- + Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be + useful (see .node.status.conditions), the ability to deconflict is important. + The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) maxLength: 316 pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ type: string @@ -6818,7 +11983,9 @@ spec: format: int64 type: integer url: - description: Generated webhook URL in the format of '/hook/sha256sum(token+name+namespace)'. + description: |- + Generated webhook URL in the format + of '/hook/sha256sum(token+name+namespace)'. type: string type: object type: object @@ -6844,12 +12011,19 @@ spec: description: Receiver is the Schema for the receivers API. properties: apiVersion: - description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert - recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string kind: - description: 'Kind is a string value representing the REST resource this object represents. Servers may infer - this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string metadata: type: object @@ -6857,20 +12031,23 @@ spec: description: ReceiverSpec defines the desired state of the Receiver. properties: events: - description: Events specifies the list of event types to handle, e.g. 'push' for GitHub or 'Push Hook' for - GitLab. + description: |- + Events specifies the list of event types to handle, + e.g. 'push' for GitHub or 'Push Hook' for GitLab. items: type: string type: array interval: - description: Interval at which to reconcile the Receiver with its Secret references. + description: Interval at which to reconcile the Receiver with its + Secret references. pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$ type: string resources: description: A list of resources to be notified about changes. items: - description: CrossNamespaceObjectReference contains enough information to let you locate the typed referenced - object at cluster level + description: |- + CrossNamespaceObjectReference contains enough information to let you locate the + typed referenced object at cluster level properties: apiVersion: description: API version of the referent @@ -6892,13 +12069,16 @@ spec: matchLabels: additionalProperties: type: string - description: MatchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map - is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and - the values array contains only "value". The requirements are ANDed. MatchLabels requires the name - to be set to `*`. + description: |- + MatchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, whose key field is "key", the + operator is "In", and the values array contains only "value". The requirements are ANDed. + MatchLabels requires the name to be set to `*`. type: object name: - description: Name of the referent If multiple resources are targeted `*` may be set. + description: |- + Name of the referent + If multiple resources are targeted `*` may be set. maxLength: 53 minLength: 1 type: string @@ -6913,7 +12093,9 @@ spec: type: object type: array secretRef: - description: SecretRef specifies the Secret containing the token used to validate the payload authenticity. + description: |- + SecretRef specifies the Secret containing the token used + to validate the payload authenticity. properties: name: description: Name of the referent. @@ -6922,10 +12104,14 @@ spec: - name type: object suspend: - description: Suspend tells the controller to suspend subsequent events handling for this receiver. + description: |- + Suspend tells the controller to suspend subsequent + events handling for this receiver. type: boolean type: - description: Type of webhook sender, used to determine the validation procedure and payload deserialization. + description: |- + Type of webhook sender, used to determine + the validation procedure and payload deserialization. enum: - generic - generic-hmac @@ -6951,35 +12137,43 @@ spec: conditions: description: Conditions holds the conditions for the Receiver. items: - description: "Condition contains details for one aspect of the current state of this API Resource. --- This - struct is intended for direct use as an array at the field path .status.conditions. For example, \n type - FooStatus struct{ // Represents the observations of a foo's current state. // Known .status.conditions.type - are: \"Available\", \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge // - +listType=map // +listMapKey=type Conditions []metav1.Condition `json:\"conditions,omitempty\" patchStrategy:\"merge\" - patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" + description: "Condition contains details for one aspect of the current + state of this API Resource.\n---\nThis struct is intended for + direct use as an array at the field path .status.conditions. For + example,\n\n\n\ttype FooStatus struct{\n\t // Represents the + observations of a foo's current state.\n\t // Known .status.conditions.type + are: \"Available\", \"Progressing\", and \"Degraded\"\n\t // + +patchMergeKey=type\n\t // +patchStrategy=merge\n\t // +listType=map\n\t + \ // +listMapKey=type\n\t Conditions []metav1.Condition `json:\"conditions,omitempty\" + patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"`\n\n\n\t + \ // other fields\n\t}" properties: lastTransitionTime: - description: lastTransitionTime is the last time the condition transitioned from one status to another. - This should be when the underlying condition changed. If that is not known, then using the time when - the API field changed is acceptable. + description: |- + lastTransitionTime is the last time the condition transitioned from one status to another. + This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. format: date-time type: string message: - description: message is a human readable message indicating details about the transition. This may be - an empty string. + description: |- + message is a human readable message indicating details about the transition. + This may be an empty string. maxLength: 32768 type: string observedGeneration: - description: observedGeneration represents the .metadata.generation that the condition was set based - upon. For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration - is 9, the condition is out of date with respect to the current state of the instance. + description: |- + observedGeneration represents the .metadata.generation that the condition was set based upon. + For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date + with respect to the current state of the instance. format: int64 minimum: 0 type: integer reason: - description: reason contains a programmatic identifier indicating the reason for the condition's last - transition. Producers of specific condition types may define expected values and meanings for this - field, and whether the values are considered a guaranteed API. The value should be a CamelCase string. + description: |- + reason contains a programmatic identifier indicating the reason for the condition's last transition. + Producers of specific condition types may define expected values and meanings for this field, + and whether the values are considered a guaranteed API. + The value should be a CamelCase string. This field may not be empty. maxLength: 1024 minLength: 1 @@ -6993,9 +12187,12 @@ spec: - Unknown type: string type: - description: type of condition in CamelCase or in foo.example.com/CamelCase. --- Many .condition.type - values are consistent across resources like Available, but because arbitrary conditions can be useful - (see .node.status.conditions), the ability to deconflict is important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + description: |- + type of condition in CamelCase or in foo.example.com/CamelCase. + --- + Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be + useful (see .node.status.conditions), the ability to deconflict is important. + The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) maxLength: 316 pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ type: string @@ -7008,19 +12205,26 @@ spec: type: object type: array lastHandledReconcileAt: - description: LastHandledReconcileAt holds the value of the most recent reconcile request value, so a change - of the annotation value can be detected. + description: |- + LastHandledReconcileAt holds the value of the most recent + reconcile request value, so a change of the annotation value + can be detected. type: string observedGeneration: - description: ObservedGeneration is the last observed generation of the Receiver object. + description: ObservedGeneration is the last observed generation of + the Receiver object. format: int64 type: integer url: - description: 'URL is the generated incoming webhook address in the format of ''/hook/sha256sum(token+name+namespace)''. - Deprecated: Replaced by WebhookPath.' + description: |- + URL is the generated incoming webhook address in the format + of '/hook/sha256sum(token+name+namespace)'. + Deprecated: Replaced by WebhookPath. type: string webhookPath: - description: WebhookPath is the generated incoming webhook address in the format of '/hook/sha256sum(token+name+namespace)'. + description: |- + WebhookPath is the generated incoming webhook address in the format + of '/hook/sha256sum(token+name+namespace)'. type: string type: object type: object @@ -7036,7 +12240,7 @@ metadata: app.kubernetes.io/component: notification-controller app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v2.1.1 + app.kubernetes.io/version: v2.3.0 name: notification-controller namespace: flux-system --- @@ -7047,7 +12251,7 @@ metadata: app.kubernetes.io/component: notification-controller app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v2.1.1 + app.kubernetes.io/version: v2.3.0 control-plane: controller name: notification-controller namespace: flux-system @@ -7068,7 +12272,7 @@ metadata: app.kubernetes.io/component: notification-controller app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v2.1.1 + app.kubernetes.io/version: v2.3.0 control-plane: controller name: webhook-receiver namespace: flux-system @@ -7089,7 +12293,7 @@ metadata: app.kubernetes.io/component: notification-controller app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v2.1.1 + app.kubernetes.io/version: v2.3.0 control-plane: controller name: notification-controller namespace: flux-system @@ -7117,7 +12321,17 @@ spec: valueFrom: fieldRef: fieldPath: metadata.namespace - image: ghcr.io/fluxcd/notification-controller:v1.1.0 + - name: GOMAXPROCS + valueFrom: + resourceFieldRef: + containerName: manager + resource: limits.cpu + - name: GOMEMLIMIT + valueFrom: + resourceFieldRef: + containerName: manager + resource: limits.memory + image: ghcr.io/fluxcd/notification-controller:v1.3.0 imagePullPolicy: IfNotPresent livenessProbe: httpGet: diff --git a/gitops/fluxcd/clusters/k3s/homelab/flux-system/gotk-components.yaml b/gitops/fluxcd/clusters/k3s/homelab/flux-system/gotk-components.yaml index 0c12f6afe8..8fd99ab9db 100644 --- a/gitops/fluxcd/clusters/k3s/homelab/flux-system/gotk-components.yaml +++ b/gitops/fluxcd/clusters/k3s/homelab/flux-system/gotk-components.yaml @@ -1,22 +1,6 @@ --- -# Copyright (C) Nicolas Lamirault -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -# SPDX-License-Identifier: Apache-2.0 - # This manifest was generated by flux. DO NOT EDIT. -# Flux Version: v2.1.1 +# Flux Version: v2.3.0 # Components: source-controller,kustomize-controller,helm-controller,notification-controller apiVersion: v1 kind: Namespace @@ -24,7 +8,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v2.1.1 + app.kubernetes.io/version: v2.3.0 pod-security.kubernetes.io/warn: restricted pod-security.kubernetes.io/warn-version: latest name: flux-system @@ -35,7 +19,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v2.1.1 + app.kubernetes.io/version: v2.3.0 name: allow-egress namespace: flux-system spec: @@ -55,7 +39,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v2.1.1 + app.kubernetes.io/version: v2.3.0 name: allow-scraping namespace: flux-system spec: @@ -75,7 +59,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v2.1.1 + app.kubernetes.io/version: v2.3.0 name: allow-webhooks namespace: flux-system spec: @@ -94,7 +78,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v2.1.1 + app.kubernetes.io/version: v2.3.0 name: critical-pods-flux-system namespace: flux-system spec: @@ -114,7 +98,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v2.1.1 + app.kubernetes.io/version: v2.3.0 name: crd-controller-flux-system rules: - apiGroups: @@ -197,6 +181,10 @@ rules: - update - patch - delete +- nonResourceURLs: + - /livez/ping + verbs: + - head --- apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRole @@ -204,7 +192,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v2.1.1 + app.kubernetes.io/version: v2.3.0 rbac.authorization.k8s.io/aggregate-to-admin: "true" rbac.authorization.k8s.io/aggregate-to-edit: "true" name: flux-edit-flux-system @@ -230,7 +218,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v2.1.1 + app.kubernetes.io/version: v2.3.0 rbac.authorization.k8s.io/aggregate-to-admin: "true" rbac.authorization.k8s.io/aggregate-to-edit: "true" rbac.authorization.k8s.io/aggregate-to-view: "true" @@ -255,7 +243,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v2.1.1 + app.kubernetes.io/version: v2.3.0 name: cluster-reconciler-flux-system roleRef: apiGroup: rbac.authorization.k8s.io @@ -275,7 +263,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v2.1.1 + app.kubernetes.io/version: v2.3.0 name: crd-controller-flux-system roleRef: apiGroup: rbac.authorization.k8s.io @@ -305,12 +293,12 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.12.0 + controller-gen.kubebuilder.io/version: v0.15.0 labels: app.kubernetes.io/component: source-controller app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v2.1.1 + app.kubernetes.io/version: v2.3.0 name: buckets.source.toolkit.fluxcd.io spec: group: source.toolkit.fluxcd.io @@ -334,40 +322,54 @@ spec: - jsonPath: .metadata.creationTimestamp name: Age type: date + deprecated: true + deprecationWarning: v1beta1 Bucket is deprecated, upgrade to v1beta2 name: v1beta1 schema: openAPIV3Schema: description: Bucket is the Schema for the buckets API properties: apiVersion: - description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert - recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string kind: - description: 'Kind is a string value representing the REST resource this object represents. Servers may infer - this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string metadata: type: object spec: - description: BucketSpec defines the desired state of an S3 compatible bucket + description: BucketSpec defines the desired state of an S3 compatible + bucket properties: accessFrom: - description: AccessFrom defines an Access Control List for allowing cross-namespace references to this object. + description: AccessFrom defines an Access Control List for allowing + cross-namespace references to this object. properties: namespaceSelectors: - description: NamespaceSelectors is the list of namespace selectors to which this ACL applies. Items in - this list are evaluated using a logical OR operation. + description: |- + NamespaceSelectors is the list of namespace selectors to which this ACL applies. + Items in this list are evaluated using a logical OR operation. items: - description: NamespaceSelector selects the namespaces to which this ACL applies. An empty map of MatchLabels - matches all namespaces in a cluster. + description: |- + NamespaceSelector selects the namespaces to which this ACL applies. + An empty map of MatchLabels matches all namespaces in a cluster. properties: matchLabels: additionalProperties: type: string - description: MatchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels - map is equivalent to an element of matchExpressions, whose key field is "key", the operator is - "In", and the values array contains only "value". The requirements are ANDed. + description: |- + MatchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, whose key field is "key", the + operator is "In", and the values array contains only "value". The requirements are ANDed. type: object type: object type: array @@ -381,9 +383,10 @@ spec: description: The bucket endpoint address. type: string ignore: - description: Ignore overrides the set of excluded patterns in the .sourceignore format (which is the same - as .gitignore). If not provided, a default will be used, consult the documentation for your version to find - out what those are. + description: |- + Ignore overrides the set of excluded patterns in the .sourceignore format + (which is the same as .gitignore). If not provided, a default will be used, + consult the documentation for your version to find out what those are. type: string insecure: description: Insecure allows connecting to a non-TLS S3 HTTP endpoint. @@ -403,7 +406,9 @@ spec: description: The bucket region. type: string secretRef: - description: The name of the secret containing authentication credentials for the Bucket. + description: |- + The name of the secret containing authentication credentials + for the Bucket. properties: name: description: Name of the referent. @@ -412,7 +417,8 @@ spec: - name type: object suspend: - description: This flag tells the controller to suspend the reconciliation of this source. + description: This flag tells the controller to suspend the reconciliation + of this source. type: boolean timeout: default: 60s @@ -429,21 +435,26 @@ spec: description: BucketStatus defines the observed state of a bucket properties: artifact: - description: Artifact represents the output of the last successful Bucket sync. + description: Artifact represents the output of the last successful + Bucket sync. properties: checksum: description: Checksum is the SHA256 checksum of the artifact. type: string lastUpdateTime: - description: LastUpdateTime is the timestamp corresponding to the last update of this artifact. + description: |- + LastUpdateTime is the timestamp corresponding to the last update of this + artifact. format: date-time type: string path: description: Path is the relative file path of this artifact. type: string revision: - description: Revision is a human readable identifier traceable in the origin source system. It can be - a Git commit SHA, Git tag, a Helm index timestamp, a Helm chart version, etc. + description: |- + Revision is a human readable identifier traceable in the origin source + system. It can be a Git commit SHA, Git tag, a Helm index timestamp, a Helm + chart version, etc. type: string url: description: URL is the HTTP address of this artifact. @@ -455,35 +466,43 @@ spec: conditions: description: Conditions holds the conditions for the Bucket. items: - description: "Condition contains details for one aspect of the current state of this API Resource. --- This - struct is intended for direct use as an array at the field path .status.conditions. For example, \n type - FooStatus struct{ // Represents the observations of a foo's current state. // Known .status.conditions.type - are: \"Available\", \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge // - +listType=map // +listMapKey=type Conditions []metav1.Condition `json:\"conditions,omitempty\" patchStrategy:\"merge\" - patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" + description: "Condition contains details for one aspect of the current + state of this API Resource.\n---\nThis struct is intended for + direct use as an array at the field path .status.conditions. For + example,\n\n\n\ttype FooStatus struct{\n\t // Represents the + observations of a foo's current state.\n\t // Known .status.conditions.type + are: \"Available\", \"Progressing\", and \"Degraded\"\n\t // + +patchMergeKey=type\n\t // +patchStrategy=merge\n\t // +listType=map\n\t + \ // +listMapKey=type\n\t Conditions []metav1.Condition `json:\"conditions,omitempty\" + patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"`\n\n\n\t + \ // other fields\n\t}" properties: lastTransitionTime: - description: lastTransitionTime is the last time the condition transitioned from one status to another. - This should be when the underlying condition changed. If that is not known, then using the time when - the API field changed is acceptable. + description: |- + lastTransitionTime is the last time the condition transitioned from one status to another. + This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. format: date-time type: string message: - description: message is a human readable message indicating details about the transition. This may be - an empty string. + description: |- + message is a human readable message indicating details about the transition. + This may be an empty string. maxLength: 32768 type: string observedGeneration: - description: observedGeneration represents the .metadata.generation that the condition was set based - upon. For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration - is 9, the condition is out of date with respect to the current state of the instance. + description: |- + observedGeneration represents the .metadata.generation that the condition was set based upon. + For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date + with respect to the current state of the instance. format: int64 minimum: 0 type: integer reason: - description: reason contains a programmatic identifier indicating the reason for the condition's last - transition. Producers of specific condition types may define expected values and meanings for this - field, and whether the values are considered a guaranteed API. The value should be a CamelCase string. + description: |- + reason contains a programmatic identifier indicating the reason for the condition's last transition. + Producers of specific condition types may define expected values and meanings for this field, + and whether the values are considered a guaranteed API. + The value should be a CamelCase string. This field may not be empty. maxLength: 1024 minLength: 1 @@ -497,9 +516,12 @@ spec: - Unknown type: string type: - description: type of condition in CamelCase or in foo.example.com/CamelCase. --- Many .condition.type - values are consistent across resources like Available, but because arbitrary conditions can be useful - (see .node.status.conditions), the ability to deconflict is important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + description: |- + type of condition in CamelCase or in foo.example.com/CamelCase. + --- + Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be + useful (see .node.status.conditions), the ability to deconflict is important. + The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) maxLength: 316 pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ type: string @@ -512,15 +534,18 @@ spec: type: object type: array lastHandledReconcileAt: - description: LastHandledReconcileAt holds the value of the most recent reconcile request value, so a change - of the annotation value can be detected. + description: |- + LastHandledReconcileAt holds the value of the most recent + reconcile request value, so a change of the annotation value + can be detected. type: string observedGeneration: description: ObservedGeneration is the last observed generation. format: int64 type: integer url: - description: URL is the download link for the artifact output of the last Bucket sync. + description: URL is the download link for the artifact output of the + last Bucket sync. type: string type: object type: object @@ -547,35 +572,49 @@ spec: description: Bucket is the Schema for the buckets API. properties: apiVersion: - description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert - recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string kind: - description: 'Kind is a string value representing the REST resource this object represents. Servers may infer - this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string metadata: type: object spec: - description: BucketSpec specifies the required configuration to produce an Artifact for an object storage bucket. + description: |- + BucketSpec specifies the required configuration to produce an Artifact for + an object storage bucket. properties: accessFrom: - description: 'AccessFrom specifies an Access Control List for allowing cross-namespace references to this - object. NOTE: Not implemented, provisional as of https://github.com/fluxcd/flux2/pull/2092' + description: |- + AccessFrom specifies an Access Control List for allowing cross-namespace + references to this object. + NOTE: Not implemented, provisional as of https://github.com/fluxcd/flux2/pull/2092 properties: namespaceSelectors: - description: NamespaceSelectors is the list of namespace selectors to which this ACL applies. Items in - this list are evaluated using a logical OR operation. + description: |- + NamespaceSelectors is the list of namespace selectors to which this ACL applies. + Items in this list are evaluated using a logical OR operation. items: - description: NamespaceSelector selects the namespaces to which this ACL applies. An empty map of MatchLabels - matches all namespaces in a cluster. + description: |- + NamespaceSelector selects the namespaces to which this ACL applies. + An empty map of MatchLabels matches all namespaces in a cluster. properties: matchLabels: additionalProperties: type: string - description: MatchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels - map is equivalent to an element of matchExpressions, whose key field is "key", the operator is - "In", and the values array contains only "value". The requirements are ANDed. + description: |- + MatchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, whose key field is "key", the + operator is "In", and the values array contains only "value". The requirements are ANDed. type: object type: object type: array @@ -586,25 +625,35 @@ spec: description: BucketName is the name of the object storage bucket. type: string endpoint: - description: Endpoint is the object storage address the BucketName is located at. + description: Endpoint is the object storage address the BucketName + is located at. type: string ignore: - description: Ignore overrides the set of excluded patterns in the .sourceignore format (which is the same - as .gitignore). If not provided, a default will be used, consult the documentation for your version to find - out what those are. + description: |- + Ignore overrides the set of excluded patterns in the .sourceignore format + (which is the same as .gitignore). If not provided, a default will be used, + consult the documentation for your version to find out what those are. type: string insecure: description: Insecure allows connecting to a non-TLS HTTP Endpoint. type: boolean interval: - description: Interval at which the Bucket Endpoint is checked for updates. This interval is approximate and - may be subject to jitter to ensure efficient use of resources. + description: |- + Interval at which the Bucket Endpoint is checked for updates. + This interval is approximate and may be subject to jitter to ensure + efficient use of resources. pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$ type: string + prefix: + description: Prefix to use for server-side filtering of files in the + Bucket. + type: string provider: default: generic - description: Provider of the object storage bucket. Defaults to 'generic', which expects an S3 (API) compatible - object storage. + description: |- + Provider of the object storage bucket. + Defaults to 'generic', which expects an S3 (API) compatible object + storage. enum: - generic - aws @@ -612,10 +661,13 @@ spec: - azure type: string region: - description: Region of the Endpoint where the BucketName is located in. + description: Region of the Endpoint where the BucketName is located + in. type: string secretRef: - description: SecretRef specifies the Secret containing authentication credentials for the Bucket. + description: |- + SecretRef specifies the Secret containing authentication credentials + for the Bucket. properties: name: description: Name of the referent. @@ -624,7 +676,9 @@ spec: - name type: object suspend: - description: Suspend tells the controller to suspend the reconciliation of this Bucket. + description: |- + Suspend tells the controller to suspend the reconciliation of this + Bucket. type: boolean timeout: default: 60s @@ -649,7 +703,9 @@ spec: pattern: ^[a-z0-9]+(?:[.+_-][a-z0-9]+)*:[a-zA-Z0-9=_-]+$ type: string lastUpdateTime: - description: LastUpdateTime is the timestamp corresponding to the last update of the Artifact. + description: |- + LastUpdateTime is the timestamp corresponding to the last update of the + Artifact. format: date-time type: string metadata: @@ -658,21 +714,25 @@ spec: description: Metadata holds upstream information such as OCI annotations. type: object path: - description: Path is the relative file path of the Artifact. It can be used to locate the file in the - root of the Artifact storage on the local file system of the controller managing the Source. + description: |- + Path is the relative file path of the Artifact. It can be used to locate + the file in the root of the Artifact storage on the local file system of + the controller managing the Source. type: string revision: - description: Revision is a human-readable identifier traceable in the origin source system. It can be - a Git commit SHA, Git tag, a Helm chart version, etc. + description: |- + Revision is a human-readable identifier traceable in the origin source + system. It can be a Git commit SHA, Git tag, a Helm chart version, etc. type: string size: description: Size is the number of bytes in the file. format: int64 type: integer url: - description: URL is the HTTP address of the Artifact as exposed by the controller managing the Source. - It can be used to retrieve the Artifact for consumption, e.g. by another controller applying the Artifact - contents. + description: |- + URL is the HTTP address of the Artifact as exposed by the controller + managing the Source. It can be used to retrieve the Artifact for + consumption, e.g. by another controller applying the Artifact contents. type: string required: - lastUpdateTime @@ -683,35 +743,43 @@ spec: conditions: description: Conditions holds the conditions for the Bucket. items: - description: "Condition contains details for one aspect of the current state of this API Resource. --- This - struct is intended for direct use as an array at the field path .status.conditions. For example, \n type - FooStatus struct{ // Represents the observations of a foo's current state. // Known .status.conditions.type - are: \"Available\", \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge // - +listType=map // +listMapKey=type Conditions []metav1.Condition `json:\"conditions,omitempty\" patchStrategy:\"merge\" - patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" + description: "Condition contains details for one aspect of the current + state of this API Resource.\n---\nThis struct is intended for + direct use as an array at the field path .status.conditions. For + example,\n\n\n\ttype FooStatus struct{\n\t // Represents the + observations of a foo's current state.\n\t // Known .status.conditions.type + are: \"Available\", \"Progressing\", and \"Degraded\"\n\t // + +patchMergeKey=type\n\t // +patchStrategy=merge\n\t // +listType=map\n\t + \ // +listMapKey=type\n\t Conditions []metav1.Condition `json:\"conditions,omitempty\" + patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"`\n\n\n\t + \ // other fields\n\t}" properties: lastTransitionTime: - description: lastTransitionTime is the last time the condition transitioned from one status to another. - This should be when the underlying condition changed. If that is not known, then using the time when - the API field changed is acceptable. + description: |- + lastTransitionTime is the last time the condition transitioned from one status to another. + This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. format: date-time type: string message: - description: message is a human readable message indicating details about the transition. This may be - an empty string. + description: |- + message is a human readable message indicating details about the transition. + This may be an empty string. maxLength: 32768 type: string observedGeneration: - description: observedGeneration represents the .metadata.generation that the condition was set based - upon. For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration - is 9, the condition is out of date with respect to the current state of the instance. + description: |- + observedGeneration represents the .metadata.generation that the condition was set based upon. + For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date + with respect to the current state of the instance. format: int64 minimum: 0 type: integer reason: - description: reason contains a programmatic identifier indicating the reason for the condition's last - transition. Producers of specific condition types may define expected values and meanings for this - field, and whether the values are considered a guaranteed API. The value should be a CamelCase string. + description: |- + reason contains a programmatic identifier indicating the reason for the condition's last transition. + Producers of specific condition types may define expected values and meanings for this field, + and whether the values are considered a guaranteed API. + The value should be a CamelCase string. This field may not be empty. maxLength: 1024 minLength: 1 @@ -725,9 +793,12 @@ spec: - Unknown type: string type: - description: type of condition in CamelCase or in foo.example.com/CamelCase. --- Many .condition.type - values are consistent across resources like Available, but because arbitrary conditions can be useful - (see .node.status.conditions), the ability to deconflict is important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + description: |- + type of condition in CamelCase or in foo.example.com/CamelCase. + --- + Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be + useful (see .node.status.conditions), the ability to deconflict is important. + The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) maxLength: 316 pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ type: string @@ -740,19 +811,26 @@ spec: type: object type: array lastHandledReconcileAt: - description: LastHandledReconcileAt holds the value of the most recent reconcile request value, so a change - of the annotation value can be detected. + description: |- + LastHandledReconcileAt holds the value of the most recent + reconcile request value, so a change of the annotation value + can be detected. type: string observedGeneration: - description: ObservedGeneration is the last observed generation of the Bucket object. + description: ObservedGeneration is the last observed generation of + the Bucket object. format: int64 type: integer observedIgnore: - description: ObservedIgnore is the observed exclusion patterns used for constructing the source artifact. + description: |- + ObservedIgnore is the observed exclusion patterns used for constructing + the source artifact. type: string url: - description: URL is the dynamic fetch link for the latest Artifact. It is provided on a "best effort" basis, - and using the precise BucketStatus.Artifact data is recommended. + description: |- + URL is the dynamic fetch link for the latest Artifact. + It is provided on a "best effort" basis, and using the precise + BucketStatus.Artifact data is recommended. type: string type: object type: object @@ -765,12 +843,12 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.12.0 + controller-gen.kubebuilder.io/version: v0.15.0 labels: app.kubernetes.io/component: source-controller app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v2.1.1 + app.kubernetes.io/version: v2.3.0 name: gitrepositories.source.toolkit.fluxcd.io spec: group: source.toolkit.fluxcd.io @@ -802,35 +880,51 @@ spec: description: GitRepository is the Schema for the gitrepositories API. properties: apiVersion: - description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert - recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string kind: - description: 'Kind is a string value representing the REST resource this object represents. Servers may infer - this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string metadata: type: object spec: - description: GitRepositorySpec specifies the required configuration to produce an Artifact for a Git repository. + description: |- + GitRepositorySpec specifies the required configuration to produce an + Artifact for a Git repository. properties: ignore: - description: Ignore overrides the set of excluded patterns in the .sourceignore format (which is the same - as .gitignore). If not provided, a default will be used, consult the documentation for your version to find - out what those are. + description: |- + Ignore overrides the set of excluded patterns in the .sourceignore format + (which is the same as .gitignore). If not provided, a default will be used, + consult the documentation for your version to find out what those are. type: string include: - description: Include specifies a list of GitRepository resources which Artifacts should be included in the - Artifact produced for this GitRepository. + description: |- + Include specifies a list of GitRepository resources which Artifacts + should be included in the Artifact produced for this GitRepository. items: - description: GitRepositoryInclude specifies a local reference to a GitRepository which Artifact (sub-)contents - must be included, and where they should be placed. + description: |- + GitRepositoryInclude specifies a local reference to a GitRepository which + Artifact (sub-)contents must be included, and where they should be placed. properties: fromPath: - description: FromPath specifies the path to copy contents from, defaults to the root of the Artifact. + description: |- + FromPath specifies the path to copy contents from, defaults to the root + of the Artifact. type: string repository: - description: GitRepositoryRef specifies the GitRepository which Artifact contents must be included. + description: |- + GitRepositoryRef specifies the GitRepository which Artifact contents + must be included. properties: name: description: Name of the referent. @@ -839,20 +933,25 @@ spec: - name type: object toPath: - description: ToPath specifies the path to copy contents to, defaults to the name of the GitRepositoryRef. + description: |- + ToPath specifies the path to copy contents to, defaults to the name of + the GitRepositoryRef. type: string required: - repository type: object type: array interval: - description: Interval at which the GitRepository URL is checked for updates. This interval is approximate - and may be subject to jitter to ensure efficient use of resources. + description: |- + Interval at which the GitRepository URL is checked for updates. + This interval is approximate and may be subject to jitter to ensure + efficient use of resources. pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$ type: string proxySecretRef: - description: ProxySecretRef specifies the Secret containing the proxy configuration to use while communicating - with the Git server. + description: |- + ProxySecretRef specifies the Secret containing the proxy configuration + to use while communicating with the Git server. properties: name: description: Name of the referent. @@ -861,36 +960,51 @@ spec: - name type: object recurseSubmodules: - description: RecurseSubmodules enables the initialization of all submodules within the GitRepository as cloned - from the URL, using their default settings. + description: |- + RecurseSubmodules enables the initialization of all submodules within + the GitRepository as cloned from the URL, using their default settings. type: boolean ref: - description: Reference specifies the Git reference to resolve and monitor for changes, defaults to the 'master' - branch. + description: |- + Reference specifies the Git reference to resolve and monitor for + changes, defaults to the 'master' branch. properties: branch: - description: Branch to check out, defaults to 'master' if no other field is defined. + description: Branch to check out, defaults to 'master' if no other + field is defined. type: string commit: - description: "Commit SHA to check out, takes precedence over all reference fields. \n This can be combined - with Branch to shallow clone the branch, in which the commit is expected to exist." + description: |- + Commit SHA to check out, takes precedence over all reference fields. + + + This can be combined with Branch to shallow clone the branch, in which + the commit is expected to exist. type: string name: - description: "Name of the reference to check out; takes precedence over Branch, Tag and SemVer. \n It - must be a valid Git reference: https://git-scm.com/docs/git-check-ref-format#_description Examples: - \"refs/heads/main\", \"refs/tags/v0.1.0\", \"refs/pull/420/head\", \"refs/merge-requests/1/head\"" + description: |- + Name of the reference to check out; takes precedence over Branch, Tag and SemVer. + + + It must be a valid Git reference: https://git-scm.com/docs/git-check-ref-format#_description + Examples: "refs/heads/main", "refs/tags/v0.1.0", "refs/pull/420/head", "refs/merge-requests/1/head" type: string semver: - description: SemVer tag expression to check out, takes precedence over Tag. + description: SemVer tag expression to check out, takes precedence + over Tag. type: string tag: description: Tag to check out, takes precedence over Branch. type: string type: object secretRef: - description: SecretRef specifies the Secret containing authentication credentials for the GitRepository. For - HTTPS repositories the Secret must contain 'username' and 'password' fields for basic auth or 'bearerToken' - field for token auth. For SSH repositories the Secret must contain 'identity' and 'known_hosts' fields. + description: |- + SecretRef specifies the Secret containing authentication credentials for + the GitRepository. + For HTTPS repositories the Secret must contain 'username' and 'password' + fields for basic auth or 'bearerToken' field for token auth. + For SSH repositories the Secret must contain 'identity' + and 'known_hosts' fields. properties: name: description: Name of the referent. @@ -899,25 +1013,35 @@ spec: - name type: object suspend: - description: Suspend tells the controller to suspend the reconciliation of this GitRepository. + description: |- + Suspend tells the controller to suspend the reconciliation of this + GitRepository. type: boolean timeout: default: 60s - description: Timeout for Git operations like cloning, defaults to 60s. + description: Timeout for Git operations like cloning, defaults to + 60s. pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m))+$ type: string url: - description: URL specifies the Git repository URL, it can be an HTTP/S or SSH address. + description: URL specifies the Git repository URL, it can be an HTTP/S + or SSH address. pattern: ^(http|https|ssh)://.*$ type: string verify: - description: Verification specifies the configuration to verify the Git commit signature(s). + description: |- + Verification specifies the configuration to verify the Git commit + signature(s). properties: mode: default: HEAD - description: "Mode specifies which Git object(s) should be verified. \n The variants \"head\" and \"HEAD\" - both imply the same thing, i.e. verify the commit that the HEAD of the Git repository points to. The - variant \"head\" solely exists to ensure backwards compatibility." + description: |- + Mode specifies which Git object(s) should be verified. + + + The variants "head" and "HEAD" both imply the same thing, i.e. verify + the commit that the HEAD of the Git repository points to. The variant + "head" solely exists to ensure backwards compatibility. enum: - head - HEAD @@ -925,7 +1049,9 @@ spec: - TagAndHEAD type: string secretRef: - description: SecretRef specifies the Secret containing the public keys of trusted Git authors. + description: |- + SecretRef specifies the Secret containing the public keys of trusted Git + authors. properties: name: description: Name of the referent. @@ -946,14 +1072,17 @@ spec: description: GitRepositoryStatus records the observed state of a Git repository. properties: artifact: - description: Artifact represents the last successful GitRepository reconciliation. + description: Artifact represents the last successful GitRepository + reconciliation. properties: digest: description: Digest is the digest of the file in the form of ':'. pattern: ^[a-z0-9]+(?:[.+_-][a-z0-9]+)*:[a-zA-Z0-9=_-]+$ type: string lastUpdateTime: - description: LastUpdateTime is the timestamp corresponding to the last update of the Artifact. + description: |- + LastUpdateTime is the timestamp corresponding to the last update of the + Artifact. format: date-time type: string metadata: @@ -962,21 +1091,25 @@ spec: description: Metadata holds upstream information such as OCI annotations. type: object path: - description: Path is the relative file path of the Artifact. It can be used to locate the file in the - root of the Artifact storage on the local file system of the controller managing the Source. + description: |- + Path is the relative file path of the Artifact. It can be used to locate + the file in the root of the Artifact storage on the local file system of + the controller managing the Source. type: string revision: - description: Revision is a human-readable identifier traceable in the origin source system. It can be - a Git commit SHA, Git tag, a Helm chart version, etc. + description: |- + Revision is a human-readable identifier traceable in the origin source + system. It can be a Git commit SHA, Git tag, a Helm chart version, etc. type: string size: description: Size is the number of bytes in the file. format: int64 type: integer url: - description: URL is the HTTP address of the Artifact as exposed by the controller managing the Source. - It can be used to retrieve the Artifact for consumption, e.g. by another controller applying the Artifact - contents. + description: |- + URL is the HTTP address of the Artifact as exposed by the controller + managing the Source. It can be used to retrieve the Artifact for + consumption, e.g. by another controller applying the Artifact contents. type: string required: - lastUpdateTime @@ -987,35 +1120,43 @@ spec: conditions: description: Conditions holds the conditions for the GitRepository. items: - description: "Condition contains details for one aspect of the current state of this API Resource. --- This - struct is intended for direct use as an array at the field path .status.conditions. For example, \n type - FooStatus struct{ // Represents the observations of a foo's current state. // Known .status.conditions.type - are: \"Available\", \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge // - +listType=map // +listMapKey=type Conditions []metav1.Condition `json:\"conditions,omitempty\" patchStrategy:\"merge\" - patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" + description: "Condition contains details for one aspect of the current + state of this API Resource.\n---\nThis struct is intended for + direct use as an array at the field path .status.conditions. For + example,\n\n\n\ttype FooStatus struct{\n\t // Represents the + observations of a foo's current state.\n\t // Known .status.conditions.type + are: \"Available\", \"Progressing\", and \"Degraded\"\n\t // + +patchMergeKey=type\n\t // +patchStrategy=merge\n\t // +listType=map\n\t + \ // +listMapKey=type\n\t Conditions []metav1.Condition `json:\"conditions,omitempty\" + patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"`\n\n\n\t + \ // other fields\n\t}" properties: lastTransitionTime: - description: lastTransitionTime is the last time the condition transitioned from one status to another. - This should be when the underlying condition changed. If that is not known, then using the time when - the API field changed is acceptable. + description: |- + lastTransitionTime is the last time the condition transitioned from one status to another. + This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. format: date-time type: string message: - description: message is a human readable message indicating details about the transition. This may be - an empty string. + description: |- + message is a human readable message indicating details about the transition. + This may be an empty string. maxLength: 32768 type: string observedGeneration: - description: observedGeneration represents the .metadata.generation that the condition was set based - upon. For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration - is 9, the condition is out of date with respect to the current state of the instance. + description: |- + observedGeneration represents the .metadata.generation that the condition was set based upon. + For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date + with respect to the current state of the instance. format: int64 minimum: 0 type: integer reason: - description: reason contains a programmatic identifier indicating the reason for the condition's last - transition. Producers of specific condition types may define expected values and meanings for this - field, and whether the values are considered a guaranteed API. The value should be a CamelCase string. + description: |- + reason contains a programmatic identifier indicating the reason for the condition's last transition. + Producers of specific condition types may define expected values and meanings for this field, + and whether the values are considered a guaranteed API. + The value should be a CamelCase string. This field may not be empty. maxLength: 1024 minLength: 1 @@ -1029,9 +1170,12 @@ spec: - Unknown type: string type: - description: type of condition in CamelCase or in foo.example.com/CamelCase. --- Many .condition.type - values are consistent across resources like Available, but because arbitrary conditions can be useful - (see .node.status.conditions), the ability to deconflict is important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + description: |- + type of condition in CamelCase or in foo.example.com/CamelCase. + --- + Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be + useful (see .node.status.conditions), the ability to deconflict is important. + The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) maxLength: 316 pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ type: string @@ -1044,40 +1188,49 @@ spec: type: object type: array includedArtifacts: - description: IncludedArtifacts contains a list of the last successfully included Artifacts as instructed by - GitRepositorySpec.Include. + description: |- + IncludedArtifacts contains a list of the last successfully included + Artifacts as instructed by GitRepositorySpec.Include. items: description: Artifact represents the output of a Source reconciliation. properties: digest: - description: Digest is the digest of the file in the form of ':'. + description: Digest is the digest of the file in the form of + ':'. pattern: ^[a-z0-9]+(?:[.+_-][a-z0-9]+)*:[a-zA-Z0-9=_-]+$ type: string lastUpdateTime: - description: LastUpdateTime is the timestamp corresponding to the last update of the Artifact. + description: |- + LastUpdateTime is the timestamp corresponding to the last update of the + Artifact. format: date-time type: string metadata: additionalProperties: type: string - description: Metadata holds upstream information such as OCI annotations. + description: Metadata holds upstream information such as OCI + annotations. type: object path: - description: Path is the relative file path of the Artifact. It can be used to locate the file in the - root of the Artifact storage on the local file system of the controller managing the Source. + description: |- + Path is the relative file path of the Artifact. It can be used to locate + the file in the root of the Artifact storage on the local file system of + the controller managing the Source. type: string revision: - description: Revision is a human-readable identifier traceable in the origin source system. It can be - a Git commit SHA, Git tag, a Helm chart version, etc. + description: |- + Revision is a human-readable identifier traceable in the origin source + system. It can be a Git commit SHA, Git tag, a Helm chart version, etc. type: string size: description: Size is the number of bytes in the file. format: int64 type: integer url: - description: URL is the HTTP address of the Artifact as exposed by the controller managing the Source. - It can be used to retrieve the Artifact for consumption, e.g. by another controller applying the Artifact - contents. + description: |- + URL is the HTTP address of the Artifact as exposed by the controller + managing the Source. It can be used to retrieve the Artifact for + consumption, e.g. by another controller applying the Artifact contents. type: string required: - lastUpdateTime @@ -1087,27 +1240,40 @@ spec: type: object type: array lastHandledReconcileAt: - description: LastHandledReconcileAt holds the value of the most recent reconcile request value, so a change - of the annotation value can be detected. + description: |- + LastHandledReconcileAt holds the value of the most recent + reconcile request value, so a change of the annotation value + can be detected. type: string observedGeneration: - description: ObservedGeneration is the last observed generation of the GitRepository object. + description: |- + ObservedGeneration is the last observed generation of the GitRepository + object. format: int64 type: integer observedIgnore: - description: ObservedIgnore is the observed exclusion patterns used for constructing the source artifact. + description: |- + ObservedIgnore is the observed exclusion patterns used for constructing + the source artifact. type: string observedInclude: - description: ObservedInclude is the observed list of GitRepository resources used to produce the current Artifact. + description: |- + ObservedInclude is the observed list of GitRepository resources used to + produce the current Artifact. items: - description: GitRepositoryInclude specifies a local reference to a GitRepository which Artifact (sub-)contents - must be included, and where they should be placed. + description: |- + GitRepositoryInclude specifies a local reference to a GitRepository which + Artifact (sub-)contents must be included, and where they should be placed. properties: fromPath: - description: FromPath specifies the path to copy contents from, defaults to the root of the Artifact. + description: |- + FromPath specifies the path to copy contents from, defaults to the root + of the Artifact. type: string repository: - description: GitRepositoryRef specifies the GitRepository which Artifact contents must be included. + description: |- + GitRepositoryRef specifies the GitRepository which Artifact contents + must be included. properties: name: description: Name of the referent. @@ -1116,19 +1282,23 @@ spec: - name type: object toPath: - description: ToPath specifies the path to copy contents to, defaults to the name of the GitRepositoryRef. + description: |- + ToPath specifies the path to copy contents to, defaults to the name of + the GitRepositoryRef. type: string required: - repository type: object type: array observedRecurseSubmodules: - description: ObservedRecurseSubmodules is the observed resource submodules configuration used to produce the - current Artifact. + description: |- + ObservedRecurseSubmodules is the observed resource submodules + configuration used to produce the current Artifact. type: boolean sourceVerificationMode: - description: SourceVerificationMode is the last used verification mode indicating which Git object(s) have - been verified. + description: |- + SourceVerificationMode is the last used verification mode indicating + which Git object(s) have been verified. type: string type: object type: object @@ -1157,12 +1327,19 @@ spec: description: GitRepository is the Schema for the gitrepositories API properties: apiVersion: - description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert - recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string kind: - description: 'Kind is a string value representing the REST resource this object represents. Servers may infer - this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string metadata: type: object @@ -1170,21 +1347,25 @@ spec: description: GitRepositorySpec defines the desired state of a Git repository. properties: accessFrom: - description: AccessFrom defines an Access Control List for allowing cross-namespace references to this object. + description: AccessFrom defines an Access Control List for allowing + cross-namespace references to this object. properties: namespaceSelectors: - description: NamespaceSelectors is the list of namespace selectors to which this ACL applies. Items in - this list are evaluated using a logical OR operation. + description: |- + NamespaceSelectors is the list of namespace selectors to which this ACL applies. + Items in this list are evaluated using a logical OR operation. items: - description: NamespaceSelector selects the namespaces to which this ACL applies. An empty map of MatchLabels - matches all namespaces in a cluster. + description: |- + NamespaceSelector selects the namespaces to which this ACL applies. + An empty map of MatchLabels matches all namespaces in a cluster. properties: matchLabels: additionalProperties: type: string - description: MatchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels - map is equivalent to an element of matchExpressions, whose key field is "key", the operator is - "In", and the values array contains only "value". The requirements are ANDed. + description: |- + MatchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, whose key field is "key", the + operator is "In", and the values array contains only "value". The requirements are ANDed. type: object type: object type: array @@ -1193,23 +1374,28 @@ spec: type: object gitImplementation: default: go-git - description: Determines which git client library to use. Defaults to go-git, valid values are ('go-git', 'libgit2'). + description: |- + Determines which git client library to use. + Defaults to go-git, valid values are ('go-git', 'libgit2'). enum: - go-git - libgit2 type: string ignore: - description: Ignore overrides the set of excluded patterns in the .sourceignore format (which is the same - as .gitignore). If not provided, a default will be used, consult the documentation for your version to find - out what those are. + description: |- + Ignore overrides the set of excluded patterns in the .sourceignore format + (which is the same as .gitignore). If not provided, a default will be used, + consult the documentation for your version to find out what those are. type: string include: description: Extra git repositories to map into the repository items: - description: GitRepositoryInclude defines a source with a from and to path. + description: GitRepositoryInclude defines a source with a from and + to path. properties: fromPath: - description: The path to copy contents from, defaults to the root directory. + description: The path to copy contents from, defaults to the + root directory. type: string repository: description: Reference to a GitRepository to include. @@ -1221,7 +1407,8 @@ spec: - name type: object toPath: - description: The path to copy contents to, defaults to the name of the source ref. + description: The path to copy contents to, defaults to the name + of the source ref. type: string required: - repository @@ -1231,28 +1418,38 @@ spec: description: The interval at which to check for repository updates. type: string recurseSubmodules: - description: When enabled, after the clone is created, initializes all submodules within, using their default - settings. This option is available only when using the 'go-git' GitImplementation. + description: |- + When enabled, after the clone is created, initializes all submodules within, + using their default settings. + This option is available only when using the 'go-git' GitImplementation. type: boolean ref: - description: The Git reference to checkout and monitor for changes, defaults to master branch. + description: |- + The Git reference to checkout and monitor for changes, defaults to + master branch. properties: branch: description: The Git branch to checkout, defaults to master. type: string commit: - description: The Git commit SHA to checkout, if specified Tag filters will be ignored. + description: The Git commit SHA to checkout, if specified Tag + filters will be ignored. type: string semver: - description: The Git tag semver expression, takes precedence over Tag. + description: The Git tag semver expression, takes precedence over + Tag. type: string tag: description: The Git tag to checkout, takes precedence over Branch. type: string type: object secretRef: - description: The secret name containing the Git credentials. For HTTPS repositories the secret must contain - username and password fields. For SSH repositories the secret must contain identity and known_hosts fields. + description: |- + The secret name containing the Git credentials. + For HTTPS repositories the secret must contain username and password + fields. + For SSH repositories the secret must contain identity and known_hosts + fields. properties: name: description: Name of the referent. @@ -1261,26 +1458,31 @@ spec: - name type: object suspend: - description: This flag tells the controller to suspend the reconciliation of this source. + description: This flag tells the controller to suspend the reconciliation + of this source. type: boolean timeout: default: 60s - description: The timeout for remote Git operations like cloning, defaults to 60s. + description: The timeout for remote Git operations like cloning, defaults + to 60s. type: string url: description: The repository URL, can be a HTTP/S or SSH address. pattern: ^(http|https|ssh)://.*$ type: string verify: - description: Verify OpenPGP signature for the Git commit HEAD points to. + description: Verify OpenPGP signature for the Git commit HEAD points + to. properties: mode: - description: Mode describes what git object should be verified, currently ('head'). + description: Mode describes what git object should be verified, + currently ('head'). enum: - head type: string secretRef: - description: The secret name containing the public keys of all trusted Git authors. + description: The secret name containing the public keys of all + trusted Git authors. properties: name: description: Name of the referent. @@ -1301,21 +1503,26 @@ spec: description: GitRepositoryStatus defines the observed state of a Git repository. properties: artifact: - description: Artifact represents the output of the last successful repository sync. + description: Artifact represents the output of the last successful + repository sync. properties: checksum: description: Checksum is the SHA256 checksum of the artifact. type: string lastUpdateTime: - description: LastUpdateTime is the timestamp corresponding to the last update of this artifact. + description: |- + LastUpdateTime is the timestamp corresponding to the last update of this + artifact. format: date-time type: string path: description: Path is the relative file path of this artifact. type: string revision: - description: Revision is a human readable identifier traceable in the origin source system. It can be - a Git commit SHA, Git tag, a Helm index timestamp, a Helm chart version, etc. + description: |- + Revision is a human readable identifier traceable in the origin source + system. It can be a Git commit SHA, Git tag, a Helm index timestamp, a Helm + chart version, etc. type: string url: description: URL is the HTTP address of this artifact. @@ -1327,35 +1534,43 @@ spec: conditions: description: Conditions holds the conditions for the GitRepository. items: - description: "Condition contains details for one aspect of the current state of this API Resource. --- This - struct is intended for direct use as an array at the field path .status.conditions. For example, \n type - FooStatus struct{ // Represents the observations of a foo's current state. // Known .status.conditions.type - are: \"Available\", \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge // - +listType=map // +listMapKey=type Conditions []metav1.Condition `json:\"conditions,omitempty\" patchStrategy:\"merge\" - patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" + description: "Condition contains details for one aspect of the current + state of this API Resource.\n---\nThis struct is intended for + direct use as an array at the field path .status.conditions. For + example,\n\n\n\ttype FooStatus struct{\n\t // Represents the + observations of a foo's current state.\n\t // Known .status.conditions.type + are: \"Available\", \"Progressing\", and \"Degraded\"\n\t // + +patchMergeKey=type\n\t // +patchStrategy=merge\n\t // +listType=map\n\t + \ // +listMapKey=type\n\t Conditions []metav1.Condition `json:\"conditions,omitempty\" + patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"`\n\n\n\t + \ // other fields\n\t}" properties: lastTransitionTime: - description: lastTransitionTime is the last time the condition transitioned from one status to another. - This should be when the underlying condition changed. If that is not known, then using the time when - the API field changed is acceptable. + description: |- + lastTransitionTime is the last time the condition transitioned from one status to another. + This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. format: date-time type: string message: - description: message is a human readable message indicating details about the transition. This may be - an empty string. + description: |- + message is a human readable message indicating details about the transition. + This may be an empty string. maxLength: 32768 type: string observedGeneration: - description: observedGeneration represents the .metadata.generation that the condition was set based - upon. For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration - is 9, the condition is out of date with respect to the current state of the instance. + description: |- + observedGeneration represents the .metadata.generation that the condition was set based upon. + For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date + with respect to the current state of the instance. format: int64 minimum: 0 type: integer reason: - description: reason contains a programmatic identifier indicating the reason for the condition's last - transition. Producers of specific condition types may define expected values and meanings for this - field, and whether the values are considered a guaranteed API. The value should be a CamelCase string. + description: |- + reason contains a programmatic identifier indicating the reason for the condition's last transition. + Producers of specific condition types may define expected values and meanings for this field, + and whether the values are considered a guaranteed API. + The value should be a CamelCase string. This field may not be empty. maxLength: 1024 minLength: 1 @@ -1369,9 +1584,12 @@ spec: - Unknown type: string type: - description: type of condition in CamelCase or in foo.example.com/CamelCase. --- Many .condition.type - values are consistent across resources like Available, but because arbitrary conditions can be useful - (see .node.status.conditions), the ability to deconflict is important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + description: |- + type of condition in CamelCase or in foo.example.com/CamelCase. + --- + Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be + useful (see .node.status.conditions), the ability to deconflict is important. + The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) maxLength: 316 pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ type: string @@ -1384,7 +1602,8 @@ spec: type: object type: array includedArtifacts: - description: IncludedArtifacts represents the included artifacts from the last successful repository sync. + description: IncludedArtifacts represents the included artifacts from + the last successful repository sync. items: description: Artifact represents the output of a source synchronisation. properties: @@ -1392,15 +1611,19 @@ spec: description: Checksum is the SHA256 checksum of the artifact. type: string lastUpdateTime: - description: LastUpdateTime is the timestamp corresponding to the last update of this artifact. + description: |- + LastUpdateTime is the timestamp corresponding to the last update of this + artifact. format: date-time type: string path: description: Path is the relative file path of this artifact. type: string revision: - description: Revision is a human readable identifier traceable in the origin source system. It can be - a Git commit SHA, Git tag, a Helm index timestamp, a Helm chart version, etc. + description: |- + Revision is a human readable identifier traceable in the origin source + system. It can be a Git commit SHA, Git tag, a Helm index timestamp, a Helm + chart version, etc. type: string url: description: URL is the HTTP address of this artifact. @@ -1411,15 +1634,19 @@ spec: type: object type: array lastHandledReconcileAt: - description: LastHandledReconcileAt holds the value of the most recent reconcile request value, so a change - of the annotation value can be detected. + description: |- + LastHandledReconcileAt holds the value of the most recent + reconcile request value, so a change of the annotation value + can be detected. type: string observedGeneration: description: ObservedGeneration is the last observed generation. format: int64 type: integer url: - description: URL is the download link for the artifact output of the last repository sync. + description: |- + URL is the download link for the artifact output of the last repository + sync. type: string type: object type: object @@ -1448,35 +1675,49 @@ spec: description: GitRepository is the Schema for the gitrepositories API. properties: apiVersion: - description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert - recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string kind: - description: 'Kind is a string value representing the REST resource this object represents. Servers may infer - this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string metadata: type: object spec: - description: GitRepositorySpec specifies the required configuration to produce an Artifact for a Git repository. + description: |- + GitRepositorySpec specifies the required configuration to produce an + Artifact for a Git repository. properties: accessFrom: - description: 'AccessFrom specifies an Access Control List for allowing cross-namespace references to this - object. NOTE: Not implemented, provisional as of https://github.com/fluxcd/flux2/pull/2092' + description: |- + AccessFrom specifies an Access Control List for allowing cross-namespace + references to this object. + NOTE: Not implemented, provisional as of https://github.com/fluxcd/flux2/pull/2092 properties: namespaceSelectors: - description: NamespaceSelectors is the list of namespace selectors to which this ACL applies. Items in - this list are evaluated using a logical OR operation. + description: |- + NamespaceSelectors is the list of namespace selectors to which this ACL applies. + Items in this list are evaluated using a logical OR operation. items: - description: NamespaceSelector selects the namespaces to which this ACL applies. An empty map of MatchLabels - matches all namespaces in a cluster. + description: |- + NamespaceSelector selects the namespaces to which this ACL applies. + An empty map of MatchLabels matches all namespaces in a cluster. properties: matchLabels: additionalProperties: type: string - description: MatchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels - map is equivalent to an element of matchExpressions, whose key field is "key", the operator is - "In", and the values array contains only "value". The requirements are ANDed. + description: |- + MatchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, whose key field is "key", the + operator is "In", and the values array contains only "value". The requirements are ANDed. type: object type: object type: array @@ -1485,30 +1726,39 @@ spec: type: object gitImplementation: default: go-git - description: 'GitImplementation specifies which Git client library implementation to use. Defaults to ''go-git'', - valid values are (''go-git'', ''libgit2''). Deprecated: gitImplementation is deprecated now that ''go-git'' - is the only supported implementation.' + description: |- + GitImplementation specifies which Git client library implementation to + use. Defaults to 'go-git', valid values are ('go-git', 'libgit2'). + Deprecated: gitImplementation is deprecated now that 'go-git' is the + only supported implementation. enum: - go-git - libgit2 type: string ignore: - description: Ignore overrides the set of excluded patterns in the .sourceignore format (which is the same - as .gitignore). If not provided, a default will be used, consult the documentation for your version to find - out what those are. + description: |- + Ignore overrides the set of excluded patterns in the .sourceignore format + (which is the same as .gitignore). If not provided, a default will be used, + consult the documentation for your version to find out what those are. type: string include: - description: Include specifies a list of GitRepository resources which Artifacts should be included in the - Artifact produced for this GitRepository. + description: |- + Include specifies a list of GitRepository resources which Artifacts + should be included in the Artifact produced for this GitRepository. items: - description: GitRepositoryInclude specifies a local reference to a GitRepository which Artifact (sub-)contents - must be included, and where they should be placed. + description: |- + GitRepositoryInclude specifies a local reference to a GitRepository which + Artifact (sub-)contents must be included, and where they should be placed. properties: fromPath: - description: FromPath specifies the path to copy contents from, defaults to the root of the Artifact. + description: |- + FromPath specifies the path to copy contents from, defaults to the root + of the Artifact. type: string repository: - description: GitRepositoryRef specifies the GitRepository which Artifact contents must be included. + description: |- + GitRepositoryRef specifies the GitRepository which Artifact contents + must be included. properties: name: description: Name of the referent. @@ -1517,7 +1767,9 @@ spec: - name type: object toPath: - description: ToPath specifies the path to copy contents to, defaults to the name of the GitRepositoryRef. + description: |- + ToPath specifies the path to copy contents to, defaults to the name of + the GitRepositoryRef. type: string required: - repository @@ -1528,36 +1780,51 @@ spec: pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$ type: string recurseSubmodules: - description: RecurseSubmodules enables the initialization of all submodules within the GitRepository as cloned - from the URL, using their default settings. + description: |- + RecurseSubmodules enables the initialization of all submodules within + the GitRepository as cloned from the URL, using their default settings. type: boolean ref: - description: Reference specifies the Git reference to resolve and monitor for changes, defaults to the 'master' - branch. + description: |- + Reference specifies the Git reference to resolve and monitor for + changes, defaults to the 'master' branch. properties: branch: - description: Branch to check out, defaults to 'master' if no other field is defined. + description: Branch to check out, defaults to 'master' if no other + field is defined. type: string commit: - description: "Commit SHA to check out, takes precedence over all reference fields. \n This can be combined - with Branch to shallow clone the branch, in which the commit is expected to exist." + description: |- + Commit SHA to check out, takes precedence over all reference fields. + + + This can be combined with Branch to shallow clone the branch, in which + the commit is expected to exist. type: string name: - description: "Name of the reference to check out; takes precedence over Branch, Tag and SemVer. \n It - must be a valid Git reference: https://git-scm.com/docs/git-check-ref-format#_description Examples: - \"refs/heads/main\", \"refs/tags/v0.1.0\", \"refs/pull/420/head\", \"refs/merge-requests/1/head\"" + description: |- + Name of the reference to check out; takes precedence over Branch, Tag and SemVer. + + + It must be a valid Git reference: https://git-scm.com/docs/git-check-ref-format#_description + Examples: "refs/heads/main", "refs/tags/v0.1.0", "refs/pull/420/head", "refs/merge-requests/1/head" type: string semver: - description: SemVer tag expression to check out, takes precedence over Tag. + description: SemVer tag expression to check out, takes precedence + over Tag. type: string tag: description: Tag to check out, takes precedence over Branch. type: string type: object secretRef: - description: SecretRef specifies the Secret containing authentication credentials for the GitRepository. For - HTTPS repositories the Secret must contain 'username' and 'password' fields for basic auth or 'bearerToken' - field for token auth. For SSH repositories the Secret must contain 'identity' and 'known_hosts' fields. + description: |- + SecretRef specifies the Secret containing authentication credentials for + the GitRepository. + For HTTPS repositories the Secret must contain 'username' and 'password' + fields for basic auth or 'bearerToken' field for token auth. + For SSH repositories the Secret must contain 'identity' + and 'known_hosts' fields. properties: name: description: Name of the referent. @@ -1566,27 +1833,36 @@ spec: - name type: object suspend: - description: Suspend tells the controller to suspend the reconciliation of this GitRepository. + description: |- + Suspend tells the controller to suspend the reconciliation of this + GitRepository. type: boolean timeout: default: 60s - description: Timeout for Git operations like cloning, defaults to 60s. + description: Timeout for Git operations like cloning, defaults to + 60s. pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m))+$ type: string url: - description: URL specifies the Git repository URL, it can be an HTTP/S or SSH address. + description: URL specifies the Git repository URL, it can be an HTTP/S + or SSH address. pattern: ^(http|https|ssh)://.*$ type: string verify: - description: Verification specifies the configuration to verify the Git commit signature(s). + description: |- + Verification specifies the configuration to verify the Git commit + signature(s). properties: mode: - description: Mode specifies what Git object should be verified, currently ('head'). + description: Mode specifies what Git object should be verified, + currently ('head'). enum: - head type: string secretRef: - description: SecretRef specifies the Secret containing the public keys of trusted Git authors. + description: |- + SecretRef specifies the Secret containing the public keys of trusted Git + authors. properties: name: description: Name of the referent. @@ -1608,14 +1884,17 @@ spec: description: GitRepositoryStatus records the observed state of a Git repository. properties: artifact: - description: Artifact represents the last successful GitRepository reconciliation. + description: Artifact represents the last successful GitRepository + reconciliation. properties: digest: description: Digest is the digest of the file in the form of ':'. pattern: ^[a-z0-9]+(?:[.+_-][a-z0-9]+)*:[a-zA-Z0-9=_-]+$ type: string lastUpdateTime: - description: LastUpdateTime is the timestamp corresponding to the last update of the Artifact. + description: |- + LastUpdateTime is the timestamp corresponding to the last update of the + Artifact. format: date-time type: string metadata: @@ -1624,21 +1903,25 @@ spec: description: Metadata holds upstream information such as OCI annotations. type: object path: - description: Path is the relative file path of the Artifact. It can be used to locate the file in the - root of the Artifact storage on the local file system of the controller managing the Source. + description: |- + Path is the relative file path of the Artifact. It can be used to locate + the file in the root of the Artifact storage on the local file system of + the controller managing the Source. type: string revision: - description: Revision is a human-readable identifier traceable in the origin source system. It can be - a Git commit SHA, Git tag, a Helm chart version, etc. + description: |- + Revision is a human-readable identifier traceable in the origin source + system. It can be a Git commit SHA, Git tag, a Helm chart version, etc. type: string size: description: Size is the number of bytes in the file. format: int64 type: integer url: - description: URL is the HTTP address of the Artifact as exposed by the controller managing the Source. - It can be used to retrieve the Artifact for consumption, e.g. by another controller applying the Artifact - contents. + description: |- + URL is the HTTP address of the Artifact as exposed by the controller + managing the Source. It can be used to retrieve the Artifact for + consumption, e.g. by another controller applying the Artifact contents. type: string required: - lastUpdateTime @@ -1649,35 +1932,43 @@ spec: conditions: description: Conditions holds the conditions for the GitRepository. items: - description: "Condition contains details for one aspect of the current state of this API Resource. --- This - struct is intended for direct use as an array at the field path .status.conditions. For example, \n type - FooStatus struct{ // Represents the observations of a foo's current state. // Known .status.conditions.type - are: \"Available\", \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge // - +listType=map // +listMapKey=type Conditions []metav1.Condition `json:\"conditions,omitempty\" patchStrategy:\"merge\" - patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" + description: "Condition contains details for one aspect of the current + state of this API Resource.\n---\nThis struct is intended for + direct use as an array at the field path .status.conditions. For + example,\n\n\n\ttype FooStatus struct{\n\t // Represents the + observations of a foo's current state.\n\t // Known .status.conditions.type + are: \"Available\", \"Progressing\", and \"Degraded\"\n\t // + +patchMergeKey=type\n\t // +patchStrategy=merge\n\t // +listType=map\n\t + \ // +listMapKey=type\n\t Conditions []metav1.Condition `json:\"conditions,omitempty\" + patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"`\n\n\n\t + \ // other fields\n\t}" properties: lastTransitionTime: - description: lastTransitionTime is the last time the condition transitioned from one status to another. - This should be when the underlying condition changed. If that is not known, then using the time when - the API field changed is acceptable. + description: |- + lastTransitionTime is the last time the condition transitioned from one status to another. + This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. format: date-time type: string message: - description: message is a human readable message indicating details about the transition. This may be - an empty string. + description: |- + message is a human readable message indicating details about the transition. + This may be an empty string. maxLength: 32768 type: string observedGeneration: - description: observedGeneration represents the .metadata.generation that the condition was set based - upon. For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration - is 9, the condition is out of date with respect to the current state of the instance. + description: |- + observedGeneration represents the .metadata.generation that the condition was set based upon. + For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date + with respect to the current state of the instance. format: int64 minimum: 0 type: integer reason: - description: reason contains a programmatic identifier indicating the reason for the condition's last - transition. Producers of specific condition types may define expected values and meanings for this - field, and whether the values are considered a guaranteed API. The value should be a CamelCase string. + description: |- + reason contains a programmatic identifier indicating the reason for the condition's last transition. + Producers of specific condition types may define expected values and meanings for this field, + and whether the values are considered a guaranteed API. + The value should be a CamelCase string. This field may not be empty. maxLength: 1024 minLength: 1 @@ -1691,9 +1982,12 @@ spec: - Unknown type: string type: - description: type of condition in CamelCase or in foo.example.com/CamelCase. --- Many .condition.type - values are consistent across resources like Available, but because arbitrary conditions can be useful - (see .node.status.conditions), the ability to deconflict is important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + description: |- + type of condition in CamelCase or in foo.example.com/CamelCase. + --- + Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be + useful (see .node.status.conditions), the ability to deconflict is important. + The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) maxLength: 316 pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ type: string @@ -1706,48 +2000,65 @@ spec: type: object type: array contentConfigChecksum: - description: "ContentConfigChecksum is a checksum of all the configurations related to the content of the - source artifact: - .spec.ignore - .spec.recurseSubmodules - .spec.included and the checksum of the included - artifacts observed in .status.observedGeneration version of the object. This can be used to determine if - the content of the included repository has changed. It has the format of `:`, for example: - `sha256:`. \n Deprecated: Replaced with explicit fields for observed artifact content config in - the status." + description: |- + ContentConfigChecksum is a checksum of all the configurations related to + the content of the source artifact: + - .spec.ignore + - .spec.recurseSubmodules + - .spec.included and the checksum of the included artifacts + observed in .status.observedGeneration version of the object. This can + be used to determine if the content of the included repository has + changed. + It has the format of `:`, for example: `sha256:`. + + + Deprecated: Replaced with explicit fields for observed artifact content + config in the status. type: string includedArtifacts: - description: IncludedArtifacts contains a list of the last successfully included Artifacts as instructed by - GitRepositorySpec.Include. + description: |- + IncludedArtifacts contains a list of the last successfully included + Artifacts as instructed by GitRepositorySpec.Include. items: description: Artifact represents the output of a Source reconciliation. properties: digest: - description: Digest is the digest of the file in the form of ':'. + description: Digest is the digest of the file in the form of + ':'. pattern: ^[a-z0-9]+(?:[.+_-][a-z0-9]+)*:[a-zA-Z0-9=_-]+$ type: string lastUpdateTime: - description: LastUpdateTime is the timestamp corresponding to the last update of the Artifact. + description: |- + LastUpdateTime is the timestamp corresponding to the last update of the + Artifact. format: date-time type: string metadata: additionalProperties: type: string - description: Metadata holds upstream information such as OCI annotations. + description: Metadata holds upstream information such as OCI + annotations. type: object path: - description: Path is the relative file path of the Artifact. It can be used to locate the file in the - root of the Artifact storage on the local file system of the controller managing the Source. + description: |- + Path is the relative file path of the Artifact. It can be used to locate + the file in the root of the Artifact storage on the local file system of + the controller managing the Source. type: string revision: - description: Revision is a human-readable identifier traceable in the origin source system. It can be - a Git commit SHA, Git tag, a Helm chart version, etc. + description: |- + Revision is a human-readable identifier traceable in the origin source + system. It can be a Git commit SHA, Git tag, a Helm chart version, etc. type: string size: description: Size is the number of bytes in the file. format: int64 type: integer url: - description: URL is the HTTP address of the Artifact as exposed by the controller managing the Source. - It can be used to retrieve the Artifact for consumption, e.g. by another controller applying the Artifact - contents. + description: |- + URL is the HTTP address of the Artifact as exposed by the controller + managing the Source. It can be used to retrieve the Artifact for + consumption, e.g. by another controller applying the Artifact contents. type: string required: - lastUpdateTime @@ -1757,28 +2068,40 @@ spec: type: object type: array lastHandledReconcileAt: - description: LastHandledReconcileAt holds the value of the most recent reconcile request value, so a change - of the annotation value can be detected. + description: |- + LastHandledReconcileAt holds the value of the most recent + reconcile request value, so a change of the annotation value + can be detected. type: string observedGeneration: - description: ObservedGeneration is the last observed generation of the GitRepository object. + description: |- + ObservedGeneration is the last observed generation of the GitRepository + object. format: int64 type: integer observedIgnore: - description: ObservedIgnore is the observed exclusion patterns used for constructing the source artifact. + description: |- + ObservedIgnore is the observed exclusion patterns used for constructing + the source artifact. type: string observedInclude: - description: ObservedInclude is the observed list of GitRepository resources used to to produce the current - Artifact. + description: |- + ObservedInclude is the observed list of GitRepository resources used to + to produce the current Artifact. items: - description: GitRepositoryInclude specifies a local reference to a GitRepository which Artifact (sub-)contents - must be included, and where they should be placed. + description: |- + GitRepositoryInclude specifies a local reference to a GitRepository which + Artifact (sub-)contents must be included, and where they should be placed. properties: fromPath: - description: FromPath specifies the path to copy contents from, defaults to the root of the Artifact. + description: |- + FromPath specifies the path to copy contents from, defaults to the root + of the Artifact. type: string repository: - description: GitRepositoryRef specifies the GitRepository which Artifact contents must be included. + description: |- + GitRepositoryRef specifies the GitRepository which Artifact contents + must be included. properties: name: description: Name of the referent. @@ -1787,19 +2110,24 @@ spec: - name type: object toPath: - description: ToPath specifies the path to copy contents to, defaults to the name of the GitRepositoryRef. + description: |- + ToPath specifies the path to copy contents to, defaults to the name of + the GitRepositoryRef. type: string required: - repository type: object type: array observedRecurseSubmodules: - description: ObservedRecurseSubmodules is the observed resource submodules configuration used to produce the - current Artifact. + description: |- + ObservedRecurseSubmodules is the observed resource submodules + configuration used to produce the current Artifact. type: boolean url: - description: URL is the dynamic fetch link for the latest Artifact. It is provided on a "best effort" basis, - and using the precise GitRepositoryStatus.Artifact data is recommended. + description: |- + URL is the dynamic fetch link for the latest Artifact. + It is provided on a "best effort" basis, and using the precise + GitRepositoryStatus.Artifact data is recommended. type: string type: object type: object @@ -1812,12 +2140,12 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.12.0 + controller-gen.kubebuilder.io/version: v0.15.0 labels: app.kubernetes.io/component: source-controller app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v2.1.1 + app.kubernetes.io/version: v2.3.0 name: helmcharts.source.toolkit.fluxcd.io spec: group: source.toolkit.fluxcd.io @@ -1830,6 +2158,351 @@ spec: singular: helmchart scope: Namespaced versions: + - additionalPrinterColumns: + - jsonPath: .spec.chart + name: Chart + type: string + - jsonPath: .spec.version + name: Version + type: string + - jsonPath: .spec.sourceRef.kind + name: Source Kind + type: string + - jsonPath: .spec.sourceRef.name + name: Source Name + type: string + - jsonPath: .metadata.creationTimestamp + name: Age + type: date + - jsonPath: .status.conditions[?(@.type=="Ready")].status + name: Ready + type: string + - jsonPath: .status.conditions[?(@.type=="Ready")].message + name: Status + type: string + name: v1 + schema: + openAPIV3Schema: + description: HelmChart is the Schema for the helmcharts API. + properties: + apiVersion: + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources + type: string + kind: + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds + type: string + metadata: + type: object + spec: + description: HelmChartSpec specifies the desired state of a Helm chart. + properties: + chart: + description: |- + Chart is the name or path the Helm chart is available at in the + SourceRef. + type: string + ignoreMissingValuesFiles: + description: |- + IgnoreMissingValuesFiles controls whether to silently ignore missing values + files rather than failing. + type: boolean + interval: + description: |- + Interval at which the HelmChart SourceRef is checked for updates. + This interval is approximate and may be subject to jitter to ensure + efficient use of resources. + pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$ + type: string + reconcileStrategy: + default: ChartVersion + description: |- + ReconcileStrategy determines what enables the creation of a new artifact. + Valid values are ('ChartVersion', 'Revision'). + See the documentation of the values for an explanation on their behavior. + Defaults to ChartVersion when omitted. + enum: + - ChartVersion + - Revision + type: string + sourceRef: + description: SourceRef is the reference to the Source the chart is + available at. + properties: + apiVersion: + description: APIVersion of the referent. + type: string + kind: + description: |- + Kind of the referent, valid values are ('HelmRepository', 'GitRepository', + 'Bucket'). + enum: + - HelmRepository + - GitRepository + - Bucket + type: string + name: + description: Name of the referent. + type: string + required: + - kind + - name + type: object + suspend: + description: |- + Suspend tells the controller to suspend the reconciliation of this + source. + type: boolean + valuesFiles: + description: |- + ValuesFiles is an alternative list of values files to use as the chart + values (values.yaml is not included by default), expected to be a + relative path in the SourceRef. + Values files are merged in the order of this list with the last file + overriding the first. Ignored when omitted. + items: + type: string + type: array + verify: + description: |- + Verify contains the secret name containing the trusted public keys + used to verify the signature and specifies which provider to use to check + whether OCI image is authentic. + This field is only supported when using HelmRepository source with spec.type 'oci'. + Chart dependencies, which are not bundled in the umbrella chart artifact, are not verified. + properties: + matchOIDCIdentity: + description: |- + MatchOIDCIdentity specifies the identity matching criteria to use + while verifying an OCI artifact which was signed using Cosign keyless + signing. The artifact's identity is deemed to be verified if any of the + specified matchers match against the identity. + items: + description: |- + OIDCIdentityMatch specifies options for verifying the certificate identity, + i.e. the issuer and the subject of the certificate. + properties: + issuer: + description: |- + Issuer specifies the regex pattern to match against to verify + the OIDC issuer in the Fulcio certificate. The pattern must be a + valid Go regular expression. + type: string + subject: + description: |- + Subject specifies the regex pattern to match against to verify + the identity subject in the Fulcio certificate. The pattern must + be a valid Go regular expression. + type: string + required: + - issuer + - subject + type: object + type: array + provider: + default: cosign + description: Provider specifies the technology used to sign the + OCI Artifact. + enum: + - cosign + - notation + type: string + secretRef: + description: |- + SecretRef specifies the Kubernetes Secret containing the + trusted public keys. + properties: + name: + description: Name of the referent. + type: string + required: + - name + type: object + required: + - provider + type: object + version: + default: '*' + description: |- + Version is the chart version semver expression, ignored for charts from + GitRepository and Bucket sources. Defaults to latest when omitted. + type: string + required: + - chart + - interval + - sourceRef + type: object + status: + default: + observedGeneration: -1 + description: HelmChartStatus records the observed state of the HelmChart. + properties: + artifact: + description: Artifact represents the output of the last successful + reconciliation. + properties: + digest: + description: Digest is the digest of the file in the form of ':'. + pattern: ^[a-z0-9]+(?:[.+_-][a-z0-9]+)*:[a-zA-Z0-9=_-]+$ + type: string + lastUpdateTime: + description: |- + LastUpdateTime is the timestamp corresponding to the last update of the + Artifact. + format: date-time + type: string + metadata: + additionalProperties: + type: string + description: Metadata holds upstream information such as OCI annotations. + type: object + path: + description: |- + Path is the relative file path of the Artifact. It can be used to locate + the file in the root of the Artifact storage on the local file system of + the controller managing the Source. + type: string + revision: + description: |- + Revision is a human-readable identifier traceable in the origin source + system. It can be a Git commit SHA, Git tag, a Helm chart version, etc. + type: string + size: + description: Size is the number of bytes in the file. + format: int64 + type: integer + url: + description: |- + URL is the HTTP address of the Artifact as exposed by the controller + managing the Source. It can be used to retrieve the Artifact for + consumption, e.g. by another controller applying the Artifact contents. + type: string + required: + - lastUpdateTime + - path + - revision + - url + type: object + conditions: + description: Conditions holds the conditions for the HelmChart. + items: + description: "Condition contains details for one aspect of the current + state of this API Resource.\n---\nThis struct is intended for + direct use as an array at the field path .status.conditions. For + example,\n\n\n\ttype FooStatus struct{\n\t // Represents the + observations of a foo's current state.\n\t // Known .status.conditions.type + are: \"Available\", \"Progressing\", and \"Degraded\"\n\t // + +patchMergeKey=type\n\t // +patchStrategy=merge\n\t // +listType=map\n\t + \ // +listMapKey=type\n\t Conditions []metav1.Condition `json:\"conditions,omitempty\" + patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"`\n\n\n\t + \ // other fields\n\t}" + properties: + lastTransitionTime: + description: |- + lastTransitionTime is the last time the condition transitioned from one status to another. + This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. + format: date-time + type: string + message: + description: |- + message is a human readable message indicating details about the transition. + This may be an empty string. + maxLength: 32768 + type: string + observedGeneration: + description: |- + observedGeneration represents the .metadata.generation that the condition was set based upon. + For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date + with respect to the current state of the instance. + format: int64 + minimum: 0 + type: integer + reason: + description: |- + reason contains a programmatic identifier indicating the reason for the condition's last transition. + Producers of specific condition types may define expected values and meanings for this field, + and whether the values are considered a guaranteed API. + The value should be a CamelCase string. + This field may not be empty. + maxLength: 1024 + minLength: 1 + pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ + type: string + status: + description: status of the condition, one of True, False, Unknown. + enum: + - "True" + - "False" + - Unknown + type: string + type: + description: |- + type of condition in CamelCase or in foo.example.com/CamelCase. + --- + Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be + useful (see .node.status.conditions), the ability to deconflict is important. + The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + maxLength: 316 + pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ + type: string + required: + - lastTransitionTime + - message + - reason + - status + - type + type: object + type: array + lastHandledReconcileAt: + description: |- + LastHandledReconcileAt holds the value of the most recent + reconcile request value, so a change of the annotation value + can be detected. + type: string + observedChartName: + description: |- + ObservedChartName is the last observed chart name as specified by the + resolved chart reference. + type: string + observedGeneration: + description: |- + ObservedGeneration is the last observed generation of the HelmChart + object. + format: int64 + type: integer + observedSourceArtifactRevision: + description: |- + ObservedSourceArtifactRevision is the last observed Artifact.Revision + of the HelmChartSpec.SourceRef. + type: string + observedValuesFiles: + description: |- + ObservedValuesFiles are the observed value files of the last successful + reconciliation. + It matches the chart in the last successfully reconciled artifact. + items: + type: string + type: array + url: + description: |- + URL is the dynamic fetch link for the latest Artifact. + It is provided on a "best effort" basis, and using the precise + BucketStatus.Artifact data is recommended. + type: string + type: object + type: object + served: true + storage: true + subresources: + status: {} - additionalPrinterColumns: - jsonPath: .spec.chart name: Chart @@ -1852,18 +2525,27 @@ spec: - jsonPath: .metadata.creationTimestamp name: Age type: date + deprecated: true + deprecationWarning: v1beta1 HelmChart is deprecated, upgrade to v1 name: v1beta1 schema: openAPIV3Schema: description: HelmChart is the Schema for the helmcharts API properties: apiVersion: - description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert - recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string kind: - description: 'Kind is a string value representing the REST resource this object represents. Servers may infer - this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string metadata: type: object @@ -1871,21 +2553,25 @@ spec: description: HelmChartSpec defines the desired state of a Helm chart. properties: accessFrom: - description: AccessFrom defines an Access Control List for allowing cross-namespace references to this object. + description: AccessFrom defines an Access Control List for allowing + cross-namespace references to this object. properties: namespaceSelectors: - description: NamespaceSelectors is the list of namespace selectors to which this ACL applies. Items in - this list are evaluated using a logical OR operation. + description: |- + NamespaceSelectors is the list of namespace selectors to which this ACL applies. + Items in this list are evaluated using a logical OR operation. items: - description: NamespaceSelector selects the namespaces to which this ACL applies. An empty map of MatchLabels - matches all namespaces in a cluster. + description: |- + NamespaceSelector selects the namespaces to which this ACL applies. + An empty map of MatchLabels matches all namespaces in a cluster. properties: matchLabels: additionalProperties: type: string - description: MatchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels - map is equivalent to an element of matchExpressions, whose key field is "key", the operator is - "In", and the values array contains only "value". The requirements are ANDed. + description: |- + MatchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, whose key field is "key", the + operator is "In", and the values array contains only "value". The requirements are ANDed. type: object type: object type: array @@ -1893,16 +2579,19 @@ spec: - namespaceSelectors type: object chart: - description: The name or path the Helm chart is available at in the SourceRef. + description: The name or path the Helm chart is available at in the + SourceRef. type: string interval: description: The interval at which to check the Source for updates. type: string reconcileStrategy: default: ChartVersion - description: Determines what enables the creation of a new artifact. Valid values are ('ChartVersion', 'Revision'). - See the documentation of the values for an explanation on their behavior. Defaults to ChartVersion when - omitted. + description: |- + Determines what enables the creation of a new artifact. Valid values are + ('ChartVersion', 'Revision'). + See the documentation of the values for an explanation on their behavior. + Defaults to ChartVersion when omitted. enum: - ChartVersion - Revision @@ -1914,7 +2603,9 @@ spec: description: APIVersion of the referent. type: string kind: - description: Kind of the referent, valid values are ('HelmRepository', 'GitRepository', 'Bucket'). + description: |- + Kind of the referent, valid values are ('HelmRepository', 'GitRepository', + 'Bucket'). enum: - HelmRepository - GitRepository @@ -1928,24 +2619,30 @@ spec: - name type: object suspend: - description: This flag tells the controller to suspend the reconciliation of this source. + description: This flag tells the controller to suspend the reconciliation + of this source. type: boolean valuesFile: - description: Alternative values file to use as the default chart values, expected to be a relative path in - the SourceRef. Deprecated in favor of ValuesFiles, for backwards compatibility the file defined here is - merged before the ValuesFiles items. Ignored when omitted. + description: |- + Alternative values file to use as the default chart values, expected to + be a relative path in the SourceRef. Deprecated in favor of ValuesFiles, + for backwards compatibility the file defined here is merged before the + ValuesFiles items. Ignored when omitted. type: string valuesFiles: - description: Alternative list of values files to use as the chart values (values.yaml is not included by default), - expected to be a relative path in the SourceRef. Values files are merged in the order of this list with - the last file overriding the first. Ignored when omitted. + description: |- + Alternative list of values files to use as the chart values (values.yaml + is not included by default), expected to be a relative path in the SourceRef. + Values files are merged in the order of this list with the last file overriding + the first. Ignored when omitted. items: type: string type: array version: default: '*' - description: The chart version semver expression, ignored for charts from GitRepository and Bucket sources. - Defaults to latest when omitted. + description: |- + The chart version semver expression, ignored for charts from GitRepository + and Bucket sources. Defaults to latest when omitted. type: string required: - chart @@ -1958,21 +2655,26 @@ spec: description: HelmChartStatus defines the observed state of the HelmChart. properties: artifact: - description: Artifact represents the output of the last successful chart sync. + description: Artifact represents the output of the last successful + chart sync. properties: checksum: description: Checksum is the SHA256 checksum of the artifact. type: string lastUpdateTime: - description: LastUpdateTime is the timestamp corresponding to the last update of this artifact. + description: |- + LastUpdateTime is the timestamp corresponding to the last update of this + artifact. format: date-time type: string path: description: Path is the relative file path of this artifact. type: string revision: - description: Revision is a human readable identifier traceable in the origin source system. It can be - a Git commit SHA, Git tag, a Helm index timestamp, a Helm chart version, etc. + description: |- + Revision is a human readable identifier traceable in the origin source + system. It can be a Git commit SHA, Git tag, a Helm index timestamp, a Helm + chart version, etc. type: string url: description: URL is the HTTP address of this artifact. @@ -1984,35 +2686,43 @@ spec: conditions: description: Conditions holds the conditions for the HelmChart. items: - description: "Condition contains details for one aspect of the current state of this API Resource. --- This - struct is intended for direct use as an array at the field path .status.conditions. For example, \n type - FooStatus struct{ // Represents the observations of a foo's current state. // Known .status.conditions.type - are: \"Available\", \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge // - +listType=map // +listMapKey=type Conditions []metav1.Condition `json:\"conditions,omitempty\" patchStrategy:\"merge\" - patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" + description: "Condition contains details for one aspect of the current + state of this API Resource.\n---\nThis struct is intended for + direct use as an array at the field path .status.conditions. For + example,\n\n\n\ttype FooStatus struct{\n\t // Represents the + observations of a foo's current state.\n\t // Known .status.conditions.type + are: \"Available\", \"Progressing\", and \"Degraded\"\n\t // + +patchMergeKey=type\n\t // +patchStrategy=merge\n\t // +listType=map\n\t + \ // +listMapKey=type\n\t Conditions []metav1.Condition `json:\"conditions,omitempty\" + patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"`\n\n\n\t + \ // other fields\n\t}" properties: lastTransitionTime: - description: lastTransitionTime is the last time the condition transitioned from one status to another. - This should be when the underlying condition changed. If that is not known, then using the time when - the API field changed is acceptable. + description: |- + lastTransitionTime is the last time the condition transitioned from one status to another. + This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. format: date-time type: string message: - description: message is a human readable message indicating details about the transition. This may be - an empty string. + description: |- + message is a human readable message indicating details about the transition. + This may be an empty string. maxLength: 32768 type: string observedGeneration: - description: observedGeneration represents the .metadata.generation that the condition was set based - upon. For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration - is 9, the condition is out of date with respect to the current state of the instance. + description: |- + observedGeneration represents the .metadata.generation that the condition was set based upon. + For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date + with respect to the current state of the instance. format: int64 minimum: 0 type: integer reason: - description: reason contains a programmatic identifier indicating the reason for the condition's last - transition. Producers of specific condition types may define expected values and meanings for this - field, and whether the values are considered a guaranteed API. The value should be a CamelCase string. + description: |- + reason contains a programmatic identifier indicating the reason for the condition's last transition. + Producers of specific condition types may define expected values and meanings for this field, + and whether the values are considered a guaranteed API. + The value should be a CamelCase string. This field may not be empty. maxLength: 1024 minLength: 1 @@ -2026,9 +2736,12 @@ spec: - Unknown type: string type: - description: type of condition in CamelCase or in foo.example.com/CamelCase. --- Many .condition.type - values are consistent across resources like Available, but because arbitrary conditions can be useful - (see .node.status.conditions), the ability to deconflict is important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + description: |- + type of condition in CamelCase or in foo.example.com/CamelCase. + --- + Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be + useful (see .node.status.conditions), the ability to deconflict is important. + The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) maxLength: 316 pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ type: string @@ -2041,8 +2754,10 @@ spec: type: object type: array lastHandledReconcileAt: - description: LastHandledReconcileAt holds the value of the most recent reconcile request value, so a change - of the annotation value can be detected. + description: |- + LastHandledReconcileAt holds the value of the most recent + reconcile request value, so a change of the annotation value + can be detected. type: string observedGeneration: description: ObservedGeneration is the last observed generation. @@ -2079,18 +2794,27 @@ spec: - jsonPath: .status.conditions[?(@.type=="Ready")].message name: Status type: string + deprecated: true + deprecationWarning: v1beta2 HelmChart is deprecated, upgrade to v1 name: v1beta2 schema: openAPIV3Schema: description: HelmChart is the Schema for the helmcharts API. properties: apiVersion: - description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert - recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string kind: - description: 'Kind is a string value representing the REST resource this object represents. Servers may infer - this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string metadata: type: object @@ -2098,22 +2822,27 @@ spec: description: HelmChartSpec specifies the desired state of a Helm chart. properties: accessFrom: - description: 'AccessFrom specifies an Access Control List for allowing cross-namespace references to this - object. NOTE: Not implemented, provisional as of https://github.com/fluxcd/flux2/pull/2092' + description: |- + AccessFrom specifies an Access Control List for allowing cross-namespace + references to this object. + NOTE: Not implemented, provisional as of https://github.com/fluxcd/flux2/pull/2092 properties: namespaceSelectors: - description: NamespaceSelectors is the list of namespace selectors to which this ACL applies. Items in - this list are evaluated using a logical OR operation. + description: |- + NamespaceSelectors is the list of namespace selectors to which this ACL applies. + Items in this list are evaluated using a logical OR operation. items: - description: NamespaceSelector selects the namespaces to which this ACL applies. An empty map of MatchLabels - matches all namespaces in a cluster. + description: |- + NamespaceSelector selects the namespaces to which this ACL applies. + An empty map of MatchLabels matches all namespaces in a cluster. properties: matchLabels: additionalProperties: type: string - description: MatchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels - map is equivalent to an element of matchExpressions, whose key field is "key", the operator is - "In", and the values array contains only "value". The requirements are ANDed. + description: |- + MatchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, whose key field is "key", the + operator is "In", and the values array contains only "value". The requirements are ANDed. type: object type: object type: array @@ -2121,30 +2850,44 @@ spec: - namespaceSelectors type: object chart: - description: Chart is the name or path the Helm chart is available at in the SourceRef. - type: string + description: |- + Chart is the name or path the Helm chart is available at in the + SourceRef. + type: string + ignoreMissingValuesFiles: + description: |- + IgnoreMissingValuesFiles controls whether to silently ignore missing values + files rather than failing. + type: boolean interval: - description: Interval at which the HelmChart SourceRef is checked for updates. This interval is approximate - and may be subject to jitter to ensure efficient use of resources. + description: |- + Interval at which the HelmChart SourceRef is checked for updates. + This interval is approximate and may be subject to jitter to ensure + efficient use of resources. pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$ type: string reconcileStrategy: default: ChartVersion - description: ReconcileStrategy determines what enables the creation of a new artifact. Valid values are ('ChartVersion', - 'Revision'). See the documentation of the values for an explanation on their behavior. Defaults to ChartVersion - when omitted. + description: |- + ReconcileStrategy determines what enables the creation of a new artifact. + Valid values are ('ChartVersion', 'Revision'). + See the documentation of the values for an explanation on their behavior. + Defaults to ChartVersion when omitted. enum: - ChartVersion - Revision type: string sourceRef: - description: SourceRef is the reference to the Source the chart is available at. + description: SourceRef is the reference to the Source the chart is + available at. properties: apiVersion: description: APIVersion of the referent. type: string kind: - description: Kind of the referent, valid values are ('HelmRepository', 'GitRepository', 'Bucket'). + description: |- + Kind of the referent, valid values are ('HelmRepository', 'GitRepository', + 'Bucket'). enum: - HelmRepository - GitRepository @@ -2158,34 +2901,75 @@ spec: - name type: object suspend: - description: Suspend tells the controller to suspend the reconciliation of this source. + description: |- + Suspend tells the controller to suspend the reconciliation of this + source. type: boolean valuesFile: - description: ValuesFile is an alternative values file to use as the default chart values, expected to be a - relative path in the SourceRef. Deprecated in favor of ValuesFiles, for backwards compatibility the file - specified here is merged before the ValuesFiles items. Ignored when omitted. + description: |- + ValuesFile is an alternative values file to use as the default chart + values, expected to be a relative path in the SourceRef. Deprecated in + favor of ValuesFiles, for backwards compatibility the file specified here + is merged before the ValuesFiles items. Ignored when omitted. type: string valuesFiles: - description: ValuesFiles is an alternative list of values files to use as the chart values (values.yaml is - not included by default), expected to be a relative path in the SourceRef. Values files are merged in the - order of this list with the last file overriding the first. Ignored when omitted. + description: |- + ValuesFiles is an alternative list of values files to use as the chart + values (values.yaml is not included by default), expected to be a + relative path in the SourceRef. + Values files are merged in the order of this list with the last file + overriding the first. Ignored when omitted. items: type: string type: array verify: - description: Verify contains the secret name containing the trusted public keys used to verify the signature - and specifies which provider to use to check whether OCI image is authentic. This field is only supported - when using HelmRepository source with spec.type 'oci'. Chart dependencies, which are not bundled in the - umbrella chart artifact, are not verified. + description: |- + Verify contains the secret name containing the trusted public keys + used to verify the signature and specifies which provider to use to check + whether OCI image is authentic. + This field is only supported when using HelmRepository source with spec.type 'oci'. + Chart dependencies, which are not bundled in the umbrella chart artifact, are not verified. properties: + matchOIDCIdentity: + description: |- + MatchOIDCIdentity specifies the identity matching criteria to use + while verifying an OCI artifact which was signed using Cosign keyless + signing. The artifact's identity is deemed to be verified if any of the + specified matchers match against the identity. + items: + description: |- + OIDCIdentityMatch specifies options for verifying the certificate identity, + i.e. the issuer and the subject of the certificate. + properties: + issuer: + description: |- + Issuer specifies the regex pattern to match against to verify + the OIDC issuer in the Fulcio certificate. The pattern must be a + valid Go regular expression. + type: string + subject: + description: |- + Subject specifies the regex pattern to match against to verify + the identity subject in the Fulcio certificate. The pattern must + be a valid Go regular expression. + type: string + required: + - issuer + - subject + type: object + type: array provider: default: cosign - description: Provider specifies the technology used to sign the OCI Artifact. + description: Provider specifies the technology used to sign the + OCI Artifact. enum: - cosign + - notation type: string secretRef: - description: SecretRef specifies the Kubernetes Secret containing the trusted public keys. + description: |- + SecretRef specifies the Kubernetes Secret containing the + trusted public keys. properties: name: description: Name of the referent. @@ -2198,8 +2982,9 @@ spec: type: object version: default: '*' - description: Version is the chart version semver expression, ignored for charts from GitRepository and Bucket - sources. Defaults to latest when omitted. + description: |- + Version is the chart version semver expression, ignored for charts from + GitRepository and Bucket sources. Defaults to latest when omitted. type: string required: - chart @@ -2212,14 +2997,17 @@ spec: description: HelmChartStatus records the observed state of the HelmChart. properties: artifact: - description: Artifact represents the output of the last successful reconciliation. + description: Artifact represents the output of the last successful + reconciliation. properties: digest: description: Digest is the digest of the file in the form of ':'. pattern: ^[a-z0-9]+(?:[.+_-][a-z0-9]+)*:[a-zA-Z0-9=_-]+$ type: string lastUpdateTime: - description: LastUpdateTime is the timestamp corresponding to the last update of the Artifact. + description: |- + LastUpdateTime is the timestamp corresponding to the last update of the + Artifact. format: date-time type: string metadata: @@ -2228,21 +3016,25 @@ spec: description: Metadata holds upstream information such as OCI annotations. type: object path: - description: Path is the relative file path of the Artifact. It can be used to locate the file in the - root of the Artifact storage on the local file system of the controller managing the Source. + description: |- + Path is the relative file path of the Artifact. It can be used to locate + the file in the root of the Artifact storage on the local file system of + the controller managing the Source. type: string revision: - description: Revision is a human-readable identifier traceable in the origin source system. It can be - a Git commit SHA, Git tag, a Helm chart version, etc. + description: |- + Revision is a human-readable identifier traceable in the origin source + system. It can be a Git commit SHA, Git tag, a Helm chart version, etc. type: string size: description: Size is the number of bytes in the file. format: int64 type: integer url: - description: URL is the HTTP address of the Artifact as exposed by the controller managing the Source. - It can be used to retrieve the Artifact for consumption, e.g. by another controller applying the Artifact - contents. + description: |- + URL is the HTTP address of the Artifact as exposed by the controller + managing the Source. It can be used to retrieve the Artifact for + consumption, e.g. by another controller applying the Artifact contents. type: string required: - lastUpdateTime @@ -2253,35 +3045,43 @@ spec: conditions: description: Conditions holds the conditions for the HelmChart. items: - description: "Condition contains details for one aspect of the current state of this API Resource. --- This - struct is intended for direct use as an array at the field path .status.conditions. For example, \n type - FooStatus struct{ // Represents the observations of a foo's current state. // Known .status.conditions.type - are: \"Available\", \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge // - +listType=map // +listMapKey=type Conditions []metav1.Condition `json:\"conditions,omitempty\" patchStrategy:\"merge\" - patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" + description: "Condition contains details for one aspect of the current + state of this API Resource.\n---\nThis struct is intended for + direct use as an array at the field path .status.conditions. For + example,\n\n\n\ttype FooStatus struct{\n\t // Represents the + observations of a foo's current state.\n\t // Known .status.conditions.type + are: \"Available\", \"Progressing\", and \"Degraded\"\n\t // + +patchMergeKey=type\n\t // +patchStrategy=merge\n\t // +listType=map\n\t + \ // +listMapKey=type\n\t Conditions []metav1.Condition `json:\"conditions,omitempty\" + patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"`\n\n\n\t + \ // other fields\n\t}" properties: lastTransitionTime: - description: lastTransitionTime is the last time the condition transitioned from one status to another. - This should be when the underlying condition changed. If that is not known, then using the time when - the API field changed is acceptable. + description: |- + lastTransitionTime is the last time the condition transitioned from one status to another. + This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. format: date-time type: string message: - description: message is a human readable message indicating details about the transition. This may be - an empty string. + description: |- + message is a human readable message indicating details about the transition. + This may be an empty string. maxLength: 32768 type: string observedGeneration: - description: observedGeneration represents the .metadata.generation that the condition was set based - upon. For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration - is 9, the condition is out of date with respect to the current state of the instance. + description: |- + observedGeneration represents the .metadata.generation that the condition was set based upon. + For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date + with respect to the current state of the instance. format: int64 minimum: 0 type: integer reason: - description: reason contains a programmatic identifier indicating the reason for the condition's last - transition. Producers of specific condition types may define expected values and meanings for this - field, and whether the values are considered a guaranteed API. The value should be a CamelCase string. + description: |- + reason contains a programmatic identifier indicating the reason for the condition's last transition. + Producers of specific condition types may define expected values and meanings for this field, + and whether the values are considered a guaranteed API. + The value should be a CamelCase string. This field may not be empty. maxLength: 1024 minLength: 1 @@ -2295,9 +3095,12 @@ spec: - Unknown type: string type: - description: type of condition in CamelCase or in foo.example.com/CamelCase. --- Many .condition.type - values are consistent across resources like Available, but because arbitrary conditions can be useful - (see .node.status.conditions), the ability to deconflict is important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + description: |- + type of condition in CamelCase or in foo.example.com/CamelCase. + --- + Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be + useful (see .node.status.conditions), the ability to deconflict is important. + The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) maxLength: 316 pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ type: string @@ -2310,27 +3113,45 @@ spec: type: object type: array lastHandledReconcileAt: - description: LastHandledReconcileAt holds the value of the most recent reconcile request value, so a change - of the annotation value can be detected. + description: |- + LastHandledReconcileAt holds the value of the most recent + reconcile request value, so a change of the annotation value + can be detected. type: string observedChartName: - description: ObservedChartName is the last observed chart name as specified by the resolved chart reference. + description: |- + ObservedChartName is the last observed chart name as specified by the + resolved chart reference. type: string observedGeneration: - description: ObservedGeneration is the last observed generation of the HelmChart object. + description: |- + ObservedGeneration is the last observed generation of the HelmChart + object. format: int64 type: integer observedSourceArtifactRevision: - description: ObservedSourceArtifactRevision is the last observed Artifact.Revision of the HelmChartSpec.SourceRef. - type: string + description: |- + ObservedSourceArtifactRevision is the last observed Artifact.Revision + of the HelmChartSpec.SourceRef. + type: string + observedValuesFiles: + description: |- + ObservedValuesFiles are the observed value files of the last successful + reconciliation. + It matches the chart in the last successfully reconciled artifact. + items: + type: string + type: array url: - description: URL is the dynamic fetch link for the latest Artifact. It is provided on a "best effort" basis, - and using the precise BucketStatus.Artifact data is recommended. + description: |- + URL is the dynamic fetch link for the latest Artifact. + It is provided on a "best effort" basis, and using the precise + BucketStatus.Artifact data is recommended. type: string type: object type: object served: true - storage: true + storage: false subresources: status: {} --- @@ -2338,12 +3159,12 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.12.0 + controller-gen.kubebuilder.io/version: v0.15.0 labels: app.kubernetes.io/component: source-controller app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v2.1.1 + app.kubernetes.io/version: v2.3.0 name: helmrepositories.source.toolkit.fluxcd.io spec: group: source.toolkit.fluxcd.io @@ -2360,84 +3181,424 @@ spec: - jsonPath: .spec.url name: URL type: string + - jsonPath: .metadata.creationTimestamp + name: Age + type: date - jsonPath: .status.conditions[?(@.type=="Ready")].status name: Ready type: string - jsonPath: .status.conditions[?(@.type=="Ready")].message name: Status type: string - - jsonPath: .metadata.creationTimestamp - name: Age - type: date - name: v1beta1 + name: v1 schema: openAPIV3Schema: - description: HelmRepository is the Schema for the helmrepositories API + description: HelmRepository is the Schema for the helmrepositories API. properties: apiVersion: - description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert - recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string kind: - description: 'Kind is a string value representing the REST resource this object represents. Servers may infer - this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string metadata: type: object spec: - description: HelmRepositorySpec defines the reference to a Helm repository. + description: |- + HelmRepositorySpec specifies the required configuration to produce an + Artifact for a Helm repository index YAML. properties: accessFrom: - description: AccessFrom defines an Access Control List for allowing cross-namespace references to this object. + description: |- + AccessFrom specifies an Access Control List for allowing cross-namespace + references to this object. + NOTE: Not implemented, provisional as of https://github.com/fluxcd/flux2/pull/2092 properties: namespaceSelectors: - description: NamespaceSelectors is the list of namespace selectors to which this ACL applies. Items in - this list are evaluated using a logical OR operation. + description: |- + NamespaceSelectors is the list of namespace selectors to which this ACL applies. + Items in this list are evaluated using a logical OR operation. items: - description: NamespaceSelector selects the namespaces to which this ACL applies. An empty map of MatchLabels - matches all namespaces in a cluster. + description: |- + NamespaceSelector selects the namespaces to which this ACL applies. + An empty map of MatchLabels matches all namespaces in a cluster. properties: matchLabels: additionalProperties: type: string - description: MatchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels - map is equivalent to an element of matchExpressions, whose key field is "key", the operator is - "In", and the values array contains only "value". The requirements are ANDed. + description: |- + MatchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, whose key field is "key", the + operator is "In", and the values array contains only "value". The requirements are ANDed. type: object type: object type: array required: - namespaceSelectors type: object - interval: - description: The interval at which to check the upstream for updates. - type: string - passCredentials: - description: PassCredentials allows the credentials from the SecretRef to be passed on to a host that does - not match the host as defined in URL. This may be required if the host of the advertised chart URLs in the - index differ from the defined URL. Enabling this should be done with caution, as it can potentially result - in credentials getting stolen in a MITM-attack. - type: boolean - secretRef: - description: The name of the secret containing authentication credentials for the Helm repository. For HTTP/S - basic auth the secret must contain username and password fields. For TLS the secret must contain a certFile - and keyFile, and/or caFile fields. - properties: - name: - description: Name of the referent. - type: string - required: - - name + certSecretRef: + description: |- + CertSecretRef can be given the name of a Secret containing + either or both of + + + - a PEM-encoded client certificate (`tls.crt`) and private + key (`tls.key`); + - a PEM-encoded CA certificate (`ca.crt`) + + + and whichever are supplied, will be used for connecting to the + registry. The client cert and key are useful if you are + authenticating with a certificate; the CA cert is useful if + you are using a self-signed server certificate. The Secret must + be of type `Opaque` or `kubernetes.io/tls`. + + + It takes precedence over the values specified in the Secret referred + to by `.spec.secretRef`. + properties: + name: + description: Name of the referent. + type: string + required: + - name + type: object + insecure: + description: |- + Insecure allows connecting to a non-TLS HTTP container registry. + This field is only taken into account if the .spec.type field is set to 'oci'. + type: boolean + interval: + description: |- + Interval at which the HelmRepository URL is checked for updates. + This interval is approximate and may be subject to jitter to ensure + efficient use of resources. + pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$ + type: string + passCredentials: + description: |- + PassCredentials allows the credentials from the SecretRef to be passed + on to a host that does not match the host as defined in URL. + This may be required if the host of the advertised chart URLs in the + index differ from the defined URL. + Enabling this should be done with caution, as it can potentially result + in credentials getting stolen in a MITM-attack. + type: boolean + provider: + default: generic + description: |- + Provider used for authentication, can be 'aws', 'azure', 'gcp' or 'generic'. + This field is optional, and only taken into account if the .spec.type field is set to 'oci'. + When not specified, defaults to 'generic'. + enum: + - generic + - aws + - azure + - gcp + type: string + secretRef: + description: |- + SecretRef specifies the Secret containing authentication credentials + for the HelmRepository. + For HTTP/S basic auth the secret must contain 'username' and 'password' + fields. + Support for TLS auth using the 'certFile' and 'keyFile', and/or 'caFile' + keys is deprecated. Please use `.spec.certSecretRef` instead. + properties: + name: + description: Name of the referent. + type: string + required: + - name + type: object + suspend: + description: |- + Suspend tells the controller to suspend the reconciliation of this + HelmRepository. + type: boolean + timeout: + description: |- + Timeout is used for the index fetch operation for an HTTPS helm repository, + and for remote OCI Repository operations like pulling for an OCI helm + chart by the associated HelmChart. + Its default value is 60s. + pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m))+$ + type: string + type: + description: |- + Type of the HelmRepository. + When this field is set to "oci", the URL field value must be prefixed with "oci://". + enum: + - default + - oci + type: string + url: + description: |- + URL of the Helm repository, a valid URL contains at least a protocol and + host. + pattern: ^(http|https|oci)://.*$ + type: string + required: + - url + type: object + status: + default: + observedGeneration: -1 + description: HelmRepositoryStatus records the observed state of the HelmRepository. + properties: + artifact: + description: Artifact represents the last successful HelmRepository + reconciliation. + properties: + digest: + description: Digest is the digest of the file in the form of ':'. + pattern: ^[a-z0-9]+(?:[.+_-][a-z0-9]+)*:[a-zA-Z0-9=_-]+$ + type: string + lastUpdateTime: + description: |- + LastUpdateTime is the timestamp corresponding to the last update of the + Artifact. + format: date-time + type: string + metadata: + additionalProperties: + type: string + description: Metadata holds upstream information such as OCI annotations. + type: object + path: + description: |- + Path is the relative file path of the Artifact. It can be used to locate + the file in the root of the Artifact storage on the local file system of + the controller managing the Source. + type: string + revision: + description: |- + Revision is a human-readable identifier traceable in the origin source + system. It can be a Git commit SHA, Git tag, a Helm chart version, etc. + type: string + size: + description: Size is the number of bytes in the file. + format: int64 + type: integer + url: + description: |- + URL is the HTTP address of the Artifact as exposed by the controller + managing the Source. It can be used to retrieve the Artifact for + consumption, e.g. by another controller applying the Artifact contents. + type: string + required: + - lastUpdateTime + - path + - revision + - url + type: object + conditions: + description: Conditions holds the conditions for the HelmRepository. + items: + description: "Condition contains details for one aspect of the current + state of this API Resource.\n---\nThis struct is intended for + direct use as an array at the field path .status.conditions. For + example,\n\n\n\ttype FooStatus struct{\n\t // Represents the + observations of a foo's current state.\n\t // Known .status.conditions.type + are: \"Available\", \"Progressing\", and \"Degraded\"\n\t // + +patchMergeKey=type\n\t // +patchStrategy=merge\n\t // +listType=map\n\t + \ // +listMapKey=type\n\t Conditions []metav1.Condition `json:\"conditions,omitempty\" + patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"`\n\n\n\t + \ // other fields\n\t}" + properties: + lastTransitionTime: + description: |- + lastTransitionTime is the last time the condition transitioned from one status to another. + This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. + format: date-time + type: string + message: + description: |- + message is a human readable message indicating details about the transition. + This may be an empty string. + maxLength: 32768 + type: string + observedGeneration: + description: |- + observedGeneration represents the .metadata.generation that the condition was set based upon. + For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date + with respect to the current state of the instance. + format: int64 + minimum: 0 + type: integer + reason: + description: |- + reason contains a programmatic identifier indicating the reason for the condition's last transition. + Producers of specific condition types may define expected values and meanings for this field, + and whether the values are considered a guaranteed API. + The value should be a CamelCase string. + This field may not be empty. + maxLength: 1024 + minLength: 1 + pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ + type: string + status: + description: status of the condition, one of True, False, Unknown. + enum: + - "True" + - "False" + - Unknown + type: string + type: + description: |- + type of condition in CamelCase or in foo.example.com/CamelCase. + --- + Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be + useful (see .node.status.conditions), the ability to deconflict is important. + The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + maxLength: 316 + pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ + type: string + required: + - lastTransitionTime + - message + - reason + - status + - type + type: object + type: array + lastHandledReconcileAt: + description: |- + LastHandledReconcileAt holds the value of the most recent + reconcile request value, so a change of the annotation value + can be detected. + type: string + observedGeneration: + description: |- + ObservedGeneration is the last observed generation of the HelmRepository + object. + format: int64 + type: integer + url: + description: |- + URL is the dynamic fetch link for the latest Artifact. + It is provided on a "best effort" basis, and using the precise + HelmRepositoryStatus.Artifact data is recommended. + type: string + type: object + type: object + served: true + storage: true + subresources: + status: {} + - additionalPrinterColumns: + - jsonPath: .spec.url + name: URL + type: string + - jsonPath: .status.conditions[?(@.type=="Ready")].status + name: Ready + type: string + - jsonPath: .status.conditions[?(@.type=="Ready")].message + name: Status + type: string + - jsonPath: .metadata.creationTimestamp + name: Age + type: date + deprecated: true + deprecationWarning: v1beta1 HelmRepository is deprecated, upgrade to v1 + name: v1beta1 + schema: + openAPIV3Schema: + description: HelmRepository is the Schema for the helmrepositories API + properties: + apiVersion: + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources + type: string + kind: + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds + type: string + metadata: + type: object + spec: + description: HelmRepositorySpec defines the reference to a Helm repository. + properties: + accessFrom: + description: AccessFrom defines an Access Control List for allowing + cross-namespace references to this object. + properties: + namespaceSelectors: + description: |- + NamespaceSelectors is the list of namespace selectors to which this ACL applies. + Items in this list are evaluated using a logical OR operation. + items: + description: |- + NamespaceSelector selects the namespaces to which this ACL applies. + An empty map of MatchLabels matches all namespaces in a cluster. + properties: + matchLabels: + additionalProperties: + type: string + description: |- + MatchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, whose key field is "key", the + operator is "In", and the values array contains only "value". The requirements are ANDed. + type: object + type: object + type: array + required: + - namespaceSelectors + type: object + interval: + description: The interval at which to check the upstream for updates. + type: string + passCredentials: + description: |- + PassCredentials allows the credentials from the SecretRef to be passed on to + a host that does not match the host as defined in URL. + This may be required if the host of the advertised chart URLs in the index + differ from the defined URL. + Enabling this should be done with caution, as it can potentially result in + credentials getting stolen in a MITM-attack. + type: boolean + secretRef: + description: |- + The name of the secret containing authentication credentials for the Helm + repository. + For HTTP/S basic auth the secret must contain username and + password fields. + For TLS the secret must contain a certFile and keyFile, and/or + caFile fields. + properties: + name: + description: Name of the referent. + type: string + required: + - name type: object suspend: - description: This flag tells the controller to suspend the reconciliation of this source. + description: This flag tells the controller to suspend the reconciliation + of this source. type: boolean timeout: default: 60s description: The timeout of index downloading, defaults to 60s. type: string url: - description: The Helm repository URL, a valid URL contains at least a protocol and host. + description: The Helm repository URL, a valid URL contains at least + a protocol and host. type: string required: - interval @@ -2449,21 +3610,26 @@ spec: description: HelmRepositoryStatus defines the observed state of the HelmRepository. properties: artifact: - description: Artifact represents the output of the last successful repository sync. + description: Artifact represents the output of the last successful + repository sync. properties: checksum: description: Checksum is the SHA256 checksum of the artifact. type: string lastUpdateTime: - description: LastUpdateTime is the timestamp corresponding to the last update of this artifact. + description: |- + LastUpdateTime is the timestamp corresponding to the last update of this + artifact. format: date-time type: string path: description: Path is the relative file path of this artifact. type: string revision: - description: Revision is a human readable identifier traceable in the origin source system. It can be - a Git commit SHA, Git tag, a Helm index timestamp, a Helm chart version, etc. + description: |- + Revision is a human readable identifier traceable in the origin source + system. It can be a Git commit SHA, Git tag, a Helm index timestamp, a Helm + chart version, etc. type: string url: description: URL is the HTTP address of this artifact. @@ -2475,35 +3641,43 @@ spec: conditions: description: Conditions holds the conditions for the HelmRepository. items: - description: "Condition contains details for one aspect of the current state of this API Resource. --- This - struct is intended for direct use as an array at the field path .status.conditions. For example, \n type - FooStatus struct{ // Represents the observations of a foo's current state. // Known .status.conditions.type - are: \"Available\", \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge // - +listType=map // +listMapKey=type Conditions []metav1.Condition `json:\"conditions,omitempty\" patchStrategy:\"merge\" - patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" + description: "Condition contains details for one aspect of the current + state of this API Resource.\n---\nThis struct is intended for + direct use as an array at the field path .status.conditions. For + example,\n\n\n\ttype FooStatus struct{\n\t // Represents the + observations of a foo's current state.\n\t // Known .status.conditions.type + are: \"Available\", \"Progressing\", and \"Degraded\"\n\t // + +patchMergeKey=type\n\t // +patchStrategy=merge\n\t // +listType=map\n\t + \ // +listMapKey=type\n\t Conditions []metav1.Condition `json:\"conditions,omitempty\" + patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"`\n\n\n\t + \ // other fields\n\t}" properties: lastTransitionTime: - description: lastTransitionTime is the last time the condition transitioned from one status to another. - This should be when the underlying condition changed. If that is not known, then using the time when - the API field changed is acceptable. + description: |- + lastTransitionTime is the last time the condition transitioned from one status to another. + This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. format: date-time type: string message: - description: message is a human readable message indicating details about the transition. This may be - an empty string. + description: |- + message is a human readable message indicating details about the transition. + This may be an empty string. maxLength: 32768 type: string observedGeneration: - description: observedGeneration represents the .metadata.generation that the condition was set based - upon. For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration - is 9, the condition is out of date with respect to the current state of the instance. + description: |- + observedGeneration represents the .metadata.generation that the condition was set based upon. + For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date + with respect to the current state of the instance. format: int64 minimum: 0 type: integer reason: - description: reason contains a programmatic identifier indicating the reason for the condition's last - transition. Producers of specific condition types may define expected values and meanings for this - field, and whether the values are considered a guaranteed API. The value should be a CamelCase string. + description: |- + reason contains a programmatic identifier indicating the reason for the condition's last transition. + Producers of specific condition types may define expected values and meanings for this field, + and whether the values are considered a guaranteed API. + The value should be a CamelCase string. This field may not be empty. maxLength: 1024 minLength: 1 @@ -2517,9 +3691,12 @@ spec: - Unknown type: string type: - description: type of condition in CamelCase or in foo.example.com/CamelCase. --- Many .condition.type - values are consistent across resources like Available, but because arbitrary conditions can be useful - (see .node.status.conditions), the ability to deconflict is important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + description: |- + type of condition in CamelCase or in foo.example.com/CamelCase. + --- + Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be + useful (see .node.status.conditions), the ability to deconflict is important. + The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) maxLength: 316 pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ type: string @@ -2532,8 +3709,10 @@ spec: type: object type: array lastHandledReconcileAt: - description: LastHandledReconcileAt holds the value of the most recent reconcile request value, so a change - of the annotation value can be detected. + description: |- + LastHandledReconcileAt holds the value of the most recent + reconcile request value, so a change of the annotation value + can be detected. type: string observedGeneration: description: ObservedGeneration is the last observed generation. @@ -2561,42 +3740,57 @@ spec: - jsonPath: .status.conditions[?(@.type=="Ready")].message name: Status type: string + deprecated: true + deprecationWarning: v1beta2 HelmRepository is deprecated, upgrade to v1 name: v1beta2 schema: openAPIV3Schema: description: HelmRepository is the Schema for the helmrepositories API. properties: apiVersion: - description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert - recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string kind: - description: 'Kind is a string value representing the REST resource this object represents. Servers may infer - this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string metadata: type: object spec: - description: HelmRepositorySpec specifies the required configuration to produce an Artifact for a Helm repository - index YAML. + description: |- + HelmRepositorySpec specifies the required configuration to produce an + Artifact for a Helm repository index YAML. properties: accessFrom: - description: 'AccessFrom specifies an Access Control List for allowing cross-namespace references to this - object. NOTE: Not implemented, provisional as of https://github.com/fluxcd/flux2/pull/2092' + description: |- + AccessFrom specifies an Access Control List for allowing cross-namespace + references to this object. + NOTE: Not implemented, provisional as of https://github.com/fluxcd/flux2/pull/2092 properties: namespaceSelectors: - description: NamespaceSelectors is the list of namespace selectors to which this ACL applies. Items in - this list are evaluated using a logical OR operation. + description: |- + NamespaceSelectors is the list of namespace selectors to which this ACL applies. + Items in this list are evaluated using a logical OR operation. items: - description: NamespaceSelector selects the namespaces to which this ACL applies. An empty map of MatchLabels - matches all namespaces in a cluster. + description: |- + NamespaceSelector selects the namespaces to which this ACL applies. + An empty map of MatchLabels matches all namespaces in a cluster. properties: matchLabels: additionalProperties: type: string - description: MatchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels - map is equivalent to an element of matchExpressions, whose key field is "key", the operator is - "In", and the values array contains only "value". The requirements are ANDed. + description: |- + MatchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, whose key field is "key", the + operator is "In", and the values array contains only "value". The requirements are ANDed. type: object type: object type: array @@ -2604,12 +3798,25 @@ spec: - namespaceSelectors type: object certSecretRef: - description: "CertSecretRef can be given the name of a Secret containing either or both of \n - a PEM-encoded - client certificate (`tls.crt`) and private key (`tls.key`); - a PEM-encoded CA certificate (`ca.crt`) \n - and whichever are supplied, will be used for connecting to the registry. The client cert and key are useful - if you are authenticating with a certificate; the CA cert is useful if you are using a self-signed server - certificate. The Secret must be of type `Opaque` or `kubernetes.io/tls`. \n It takes precedence over the - values specified in the Secret referred to by `.spec.secretRef`." + description: |- + CertSecretRef can be given the name of a Secret containing + either or both of + + + - a PEM-encoded client certificate (`tls.crt`) and private + key (`tls.key`); + - a PEM-encoded CA certificate (`ca.crt`) + + + and whichever are supplied, will be used for connecting to the + registry. The client cert and key are useful if you are + authenticating with a certificate; the CA cert is useful if + you are using a self-signed server certificate. The Secret must + be of type `Opaque` or `kubernetes.io/tls`. + + + It takes precedence over the values specified in the Secret referred + to by `.spec.secretRef`. properties: name: description: Name of the referent. @@ -2617,21 +3824,33 @@ spec: required: - name type: object + insecure: + description: |- + Insecure allows connecting to a non-TLS HTTP container registry. + This field is only taken into account if the .spec.type field is set to 'oci'. + type: boolean interval: - description: Interval at which the HelmRepository URL is checked for updates. This interval is approximate - and may be subject to jitter to ensure efficient use of resources. + description: |- + Interval at which the HelmRepository URL is checked for updates. + This interval is approximate and may be subject to jitter to ensure + efficient use of resources. pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$ type: string passCredentials: - description: PassCredentials allows the credentials from the SecretRef to be passed on to a host that does - not match the host as defined in URL. This may be required if the host of the advertised chart URLs in the - index differ from the defined URL. Enabling this should be done with caution, as it can potentially result + description: |- + PassCredentials allows the credentials from the SecretRef to be passed + on to a host that does not match the host as defined in URL. + This may be required if the host of the advertised chart URLs in the + index differ from the defined URL. + Enabling this should be done with caution, as it can potentially result in credentials getting stolen in a MITM-attack. type: boolean provider: default: generic - description: Provider used for authentication, can be 'aws', 'azure', 'gcp' or 'generic'. This field is optional, - and only taken into account if the .spec.type field is set to 'oci'. When not specified, defaults to 'generic'. + description: |- + Provider used for authentication, can be 'aws', 'azure', 'gcp' or 'generic'. + This field is optional, and only taken into account if the .spec.type field is set to 'oci'. + When not specified, defaults to 'generic'. enum: - generic - aws @@ -2639,9 +3858,13 @@ spec: - gcp type: string secretRef: - description: SecretRef specifies the Secret containing authentication credentials for the HelmRepository. - For HTTP/S basic auth the secret must contain 'username' and 'password' fields. Support for TLS auth using - the 'certFile' and 'keyFile', and/or 'caFile' keys is deprecated. Please use `.spec.certSecretRef` instead. + description: |- + SecretRef specifies the Secret containing authentication credentials + for the HelmRepository. + For HTTP/S basic auth the secret must contain 'username' and 'password' + fields. + Support for TLS auth using the 'certFile' and 'keyFile', and/or 'caFile' + keys is deprecated. Please use `.spec.certSecretRef` instead. properties: name: description: Name of the referent. @@ -2650,26 +3873,33 @@ spec: - name type: object suspend: - description: Suspend tells the controller to suspend the reconciliation of this HelmRepository. + description: |- + Suspend tells the controller to suspend the reconciliation of this + HelmRepository. type: boolean timeout: - default: 60s - description: Timeout is used for the index fetch operation for an HTTPS helm repository, and for remote OCI - Repository operations like pulling for an OCI helm repository. Its default value is 60s. + description: |- + Timeout is used for the index fetch operation for an HTTPS helm repository, + and for remote OCI Repository operations like pulling for an OCI helm + chart by the associated HelmChart. + Its default value is 60s. pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m))+$ type: string type: - description: Type of the HelmRepository. When this field is set to "oci", the URL field value must be prefixed - with "oci://". + description: |- + Type of the HelmRepository. + When this field is set to "oci", the URL field value must be prefixed with "oci://". enum: - default - oci type: string url: - description: URL of the Helm repository, a valid URL contains at least a protocol and host. + description: |- + URL of the Helm repository, a valid URL contains at least a protocol and + host. + pattern: ^(http|https|oci)://.*$ type: string required: - - interval - url type: object status: @@ -2678,14 +3908,17 @@ spec: description: HelmRepositoryStatus records the observed state of the HelmRepository. properties: artifact: - description: Artifact represents the last successful HelmRepository reconciliation. + description: Artifact represents the last successful HelmRepository + reconciliation. properties: digest: description: Digest is the digest of the file in the form of ':'. pattern: ^[a-z0-9]+(?:[.+_-][a-z0-9]+)*:[a-zA-Z0-9=_-]+$ type: string lastUpdateTime: - description: LastUpdateTime is the timestamp corresponding to the last update of the Artifact. + description: |- + LastUpdateTime is the timestamp corresponding to the last update of the + Artifact. format: date-time type: string metadata: @@ -2694,21 +3927,25 @@ spec: description: Metadata holds upstream information such as OCI annotations. type: object path: - description: Path is the relative file path of the Artifact. It can be used to locate the file in the - root of the Artifact storage on the local file system of the controller managing the Source. + description: |- + Path is the relative file path of the Artifact. It can be used to locate + the file in the root of the Artifact storage on the local file system of + the controller managing the Source. type: string revision: - description: Revision is a human-readable identifier traceable in the origin source system. It can be - a Git commit SHA, Git tag, a Helm chart version, etc. + description: |- + Revision is a human-readable identifier traceable in the origin source + system. It can be a Git commit SHA, Git tag, a Helm chart version, etc. type: string size: description: Size is the number of bytes in the file. format: int64 type: integer url: - description: URL is the HTTP address of the Artifact as exposed by the controller managing the Source. - It can be used to retrieve the Artifact for consumption, e.g. by another controller applying the Artifact - contents. + description: |- + URL is the HTTP address of the Artifact as exposed by the controller + managing the Source. It can be used to retrieve the Artifact for + consumption, e.g. by another controller applying the Artifact contents. type: string required: - lastUpdateTime @@ -2719,35 +3956,43 @@ spec: conditions: description: Conditions holds the conditions for the HelmRepository. items: - description: "Condition contains details for one aspect of the current state of this API Resource. --- This - struct is intended for direct use as an array at the field path .status.conditions. For example, \n type - FooStatus struct{ // Represents the observations of a foo's current state. // Known .status.conditions.type - are: \"Available\", \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge // - +listType=map // +listMapKey=type Conditions []metav1.Condition `json:\"conditions,omitempty\" patchStrategy:\"merge\" - patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" + description: "Condition contains details for one aspect of the current + state of this API Resource.\n---\nThis struct is intended for + direct use as an array at the field path .status.conditions. For + example,\n\n\n\ttype FooStatus struct{\n\t // Represents the + observations of a foo's current state.\n\t // Known .status.conditions.type + are: \"Available\", \"Progressing\", and \"Degraded\"\n\t // + +patchMergeKey=type\n\t // +patchStrategy=merge\n\t // +listType=map\n\t + \ // +listMapKey=type\n\t Conditions []metav1.Condition `json:\"conditions,omitempty\" + patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"`\n\n\n\t + \ // other fields\n\t}" properties: lastTransitionTime: - description: lastTransitionTime is the last time the condition transitioned from one status to another. - This should be when the underlying condition changed. If that is not known, then using the time when - the API field changed is acceptable. + description: |- + lastTransitionTime is the last time the condition transitioned from one status to another. + This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. format: date-time type: string message: - description: message is a human readable message indicating details about the transition. This may be - an empty string. + description: |- + message is a human readable message indicating details about the transition. + This may be an empty string. maxLength: 32768 type: string observedGeneration: - description: observedGeneration represents the .metadata.generation that the condition was set based - upon. For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration - is 9, the condition is out of date with respect to the current state of the instance. + description: |- + observedGeneration represents the .metadata.generation that the condition was set based upon. + For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date + with respect to the current state of the instance. format: int64 minimum: 0 type: integer reason: - description: reason contains a programmatic identifier indicating the reason for the condition's last - transition. Producers of specific condition types may define expected values and meanings for this - field, and whether the values are considered a guaranteed API. The value should be a CamelCase string. + description: |- + reason contains a programmatic identifier indicating the reason for the condition's last transition. + Producers of specific condition types may define expected values and meanings for this field, + and whether the values are considered a guaranteed API. + The value should be a CamelCase string. This field may not be empty. maxLength: 1024 minLength: 1 @@ -2761,9 +4006,12 @@ spec: - Unknown type: string type: - description: type of condition in CamelCase or in foo.example.com/CamelCase. --- Many .condition.type - values are consistent across resources like Available, but because arbitrary conditions can be useful - (see .node.status.conditions), the ability to deconflict is important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + description: |- + type of condition in CamelCase or in foo.example.com/CamelCase. + --- + Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be + useful (see .node.status.conditions), the ability to deconflict is important. + The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) maxLength: 316 pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ type: string @@ -2776,21 +4024,27 @@ spec: type: object type: array lastHandledReconcileAt: - description: LastHandledReconcileAt holds the value of the most recent reconcile request value, so a change - of the annotation value can be detected. + description: |- + LastHandledReconcileAt holds the value of the most recent + reconcile request value, so a change of the annotation value + can be detected. type: string observedGeneration: - description: ObservedGeneration is the last observed generation of the HelmRepository object. + description: |- + ObservedGeneration is the last observed generation of the HelmRepository + object. format: int64 type: integer url: - description: URL is the dynamic fetch link for the latest Artifact. It is provided on a "best effort" basis, - and using the precise HelmRepositoryStatus.Artifact data is recommended. + description: |- + URL is the dynamic fetch link for the latest Artifact. + It is provided on a "best effort" basis, and using the precise + HelmRepositoryStatus.Artifact data is recommended. type: string type: object type: object served: true - storage: true + storage: false subresources: status: {} --- @@ -2798,12 +4052,12 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.12.0 + controller-gen.kubebuilder.io/version: v0.15.0 labels: app.kubernetes.io/component: source-controller app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v2.1.1 + app.kubernetes.io/version: v2.3.0 name: ocirepositories.source.toolkit.fluxcd.io spec: group: source.toolkit.fluxcd.io @@ -2835,12 +4089,19 @@ spec: description: OCIRepository is the Schema for the ocirepositories API properties: apiVersion: - description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert - recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string kind: - description: 'Kind is a string value representing the REST resource this object represents. Servers may infer - this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string metadata: type: object @@ -2848,12 +4109,25 @@ spec: description: OCIRepositorySpec defines the desired state of OCIRepository properties: certSecretRef: - description: "CertSecretRef can be given the name of a Secret containing either or both of \n - a PEM-encoded - client certificate (`tls.crt`) and private key (`tls.key`); - a PEM-encoded CA certificate (`ca.crt`) \n - and whichever are supplied, will be used for connecting to the registry. The client cert and key are useful - if you are authenticating with a certificate; the CA cert is useful if you are using a self-signed server - certificate. The Secret must be of type `Opaque` or `kubernetes.io/tls`. \n Note: Support for the `caFile`, - `certFile` and `keyFile` keys have been deprecated." + description: |- + CertSecretRef can be given the name of a Secret containing + either or both of + + + - a PEM-encoded client certificate (`tls.crt`) and private + key (`tls.key`); + - a PEM-encoded CA certificate (`ca.crt`) + + + and whichever are supplied, will be used for connecting to the + registry. The client cert and key are useful if you are + authenticating with a certificate; the CA cert is useful if + you are using a self-signed server certificate. The Secret must + be of type `Opaque` or `kubernetes.io/tls`. + + + Note: Support for the `caFile`, `certFile` and `keyFile` keys have + been deprecated. properties: name: description: Name of the referent. @@ -2862,30 +4136,39 @@ spec: - name type: object ignore: - description: Ignore overrides the set of excluded patterns in the .sourceignore format (which is the same - as .gitignore). If not provided, a default will be used, consult the documentation for your version to find - out what those are. + description: |- + Ignore overrides the set of excluded patterns in the .sourceignore format + (which is the same as .gitignore). If not provided, a default will be used, + consult the documentation for your version to find out what those are. type: string insecure: - description: Insecure allows connecting to a non-TLS HTTP container registry. + description: Insecure allows connecting to a non-TLS HTTP container + registry. type: boolean interval: - description: Interval at which the OCIRepository URL is checked for updates. This interval is approximate - and may be subject to jitter to ensure efficient use of resources. + description: |- + Interval at which the OCIRepository URL is checked for updates. + This interval is approximate and may be subject to jitter to ensure + efficient use of resources. pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$ type: string layerSelector: - description: LayerSelector specifies which layer should be extracted from the OCI artifact. When not specified, - the first layer found in the artifact is selected. + description: |- + LayerSelector specifies which layer should be extracted from the OCI artifact. + When not specified, the first layer found in the artifact is selected. properties: mediaType: - description: MediaType specifies the OCI media type of the layer which should be extracted from the OCI - Artifact. The first layer matching this type is selected. + description: |- + MediaType specifies the OCI media type of the layer + which should be extracted from the OCI Artifact. The + first layer matching this type is selected. type: string operation: - description: Operation specifies how the selected layer should be processed. By default, the layer compressed - content is extracted to storage. When the operation is set to 'copy', the layer compressed content is - persisted to storage as it is. + description: |- + Operation specifies how the selected layer should be processed. + By default, the layer compressed content is extracted to storage. + When the operation is set to 'copy', the layer compressed content + is persisted to storage as it is. enum: - extract - copy @@ -2893,8 +4176,9 @@ spec: type: object provider: default: generic - description: The provider used for authentication, can be 'aws', 'azure', 'gcp' or 'generic'. When not specified, - defaults to 'generic'. + description: |- + The provider used for authentication, can be 'aws', 'azure', 'gcp' or 'generic'. + When not specified, defaults to 'generic'. enum: - generic - aws @@ -2902,23 +4186,33 @@ spec: - gcp type: string ref: - description: The OCI reference to pull and monitor for changes, defaults to the latest tag. + description: |- + The OCI reference to pull and monitor for changes, + defaults to the latest tag. properties: digest: - description: Digest is the image digest to pull, takes precedence over SemVer. The value should be in - the format 'sha256:'. + description: |- + Digest is the image digest to pull, takes precedence over SemVer. + The value should be in the format 'sha256:'. type: string semver: - description: SemVer is the range of tags to pull selecting the latest within the range, takes precedence - over Tag. + description: |- + SemVer is the range of tags to pull selecting the latest within + the range, takes precedence over Tag. + type: string + semverFilter: + description: SemverFilter is a regex pattern to filter the tags + within the SemVer range. type: string tag: description: Tag is the image tag to pull, defaults to latest. type: string type: object secretRef: - description: SecretRef contains the secret name containing the registry login credentials to resolve image - metadata. The secret must be of type kubernetes.io/dockerconfigjson. + description: |- + SecretRef contains the secret name containing the registry login + credentials to resolve image metadata. + The secret must be of type kubernetes.io/dockerconfigjson. properties: name: description: Name of the referent. @@ -2927,33 +4221,73 @@ spec: - name type: object serviceAccountName: - description: 'ServiceAccountName is the name of the Kubernetes ServiceAccount used to authenticate the image - pull if the service account has attached pull secrets. For more information: https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/#add-imagepullsecrets-to-a-service-account' + description: |- + ServiceAccountName is the name of the Kubernetes ServiceAccount used to authenticate + the image pull if the service account has attached pull secrets. For more information: + https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/#add-imagepullsecrets-to-a-service-account type: string suspend: - description: This flag tells the controller to suspend the reconciliation of this source. + description: This flag tells the controller to suspend the reconciliation + of this source. type: boolean timeout: default: 60s - description: The timeout for remote OCI Repository operations like pulling, defaults to 60s. + description: The timeout for remote OCI Repository operations like + pulling, defaults to 60s. pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m))+$ type: string url: - description: URL is a reference to an OCI artifact repository hosted on a remote container registry. + description: |- + URL is a reference to an OCI artifact repository hosted + on a remote container registry. pattern: ^oci://.*$ type: string verify: - description: Verify contains the secret name containing the trusted public keys used to verify the signature - and specifies which provider to use to check whether OCI image is authentic. + description: |- + Verify contains the secret name containing the trusted public keys + used to verify the signature and specifies which provider to use to check + whether OCI image is authentic. properties: + matchOIDCIdentity: + description: |- + MatchOIDCIdentity specifies the identity matching criteria to use + while verifying an OCI artifact which was signed using Cosign keyless + signing. The artifact's identity is deemed to be verified if any of the + specified matchers match against the identity. + items: + description: |- + OIDCIdentityMatch specifies options for verifying the certificate identity, + i.e. the issuer and the subject of the certificate. + properties: + issuer: + description: |- + Issuer specifies the regex pattern to match against to verify + the OIDC issuer in the Fulcio certificate. The pattern must be a + valid Go regular expression. + type: string + subject: + description: |- + Subject specifies the regex pattern to match against to verify + the identity subject in the Fulcio certificate. The pattern must + be a valid Go regular expression. + type: string + required: + - issuer + - subject + type: object + type: array provider: default: cosign - description: Provider specifies the technology used to sign the OCI Artifact. + description: Provider specifies the technology used to sign the + OCI Artifact. enum: - cosign + - notation type: string secretRef: - description: SecretRef specifies the Kubernetes Secret containing the trusted public keys. + description: |- + SecretRef specifies the Kubernetes Secret containing the + trusted public keys. properties: name: description: Name of the referent. @@ -2974,14 +4308,17 @@ spec: description: OCIRepositoryStatus defines the observed state of OCIRepository properties: artifact: - description: Artifact represents the output of the last successful OCI Repository sync. + description: Artifact represents the output of the last successful + OCI Repository sync. properties: digest: description: Digest is the digest of the file in the form of ':'. pattern: ^[a-z0-9]+(?:[.+_-][a-z0-9]+)*:[a-zA-Z0-9=_-]+$ type: string lastUpdateTime: - description: LastUpdateTime is the timestamp corresponding to the last update of the Artifact. + description: |- + LastUpdateTime is the timestamp corresponding to the last update of the + Artifact. format: date-time type: string metadata: @@ -2990,21 +4327,25 @@ spec: description: Metadata holds upstream information such as OCI annotations. type: object path: - description: Path is the relative file path of the Artifact. It can be used to locate the file in the - root of the Artifact storage on the local file system of the controller managing the Source. + description: |- + Path is the relative file path of the Artifact. It can be used to locate + the file in the root of the Artifact storage on the local file system of + the controller managing the Source. type: string revision: - description: Revision is a human-readable identifier traceable in the origin source system. It can be - a Git commit SHA, Git tag, a Helm chart version, etc. + description: |- + Revision is a human-readable identifier traceable in the origin source + system. It can be a Git commit SHA, Git tag, a Helm chart version, etc. type: string size: description: Size is the number of bytes in the file. format: int64 type: integer url: - description: URL is the HTTP address of the Artifact as exposed by the controller managing the Source. - It can be used to retrieve the Artifact for consumption, e.g. by another controller applying the Artifact - contents. + description: |- + URL is the HTTP address of the Artifact as exposed by the controller + managing the Source. It can be used to retrieve the Artifact for + consumption, e.g. by another controller applying the Artifact contents. type: string required: - lastUpdateTime @@ -3015,35 +4356,43 @@ spec: conditions: description: Conditions holds the conditions for the OCIRepository. items: - description: "Condition contains details for one aspect of the current state of this API Resource. --- This - struct is intended for direct use as an array at the field path .status.conditions. For example, \n type - FooStatus struct{ // Represents the observations of a foo's current state. // Known .status.conditions.type - are: \"Available\", \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge // - +listType=map // +listMapKey=type Conditions []metav1.Condition `json:\"conditions,omitempty\" patchStrategy:\"merge\" - patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" + description: "Condition contains details for one aspect of the current + state of this API Resource.\n---\nThis struct is intended for + direct use as an array at the field path .status.conditions. For + example,\n\n\n\ttype FooStatus struct{\n\t // Represents the + observations of a foo's current state.\n\t // Known .status.conditions.type + are: \"Available\", \"Progressing\", and \"Degraded\"\n\t // + +patchMergeKey=type\n\t // +patchStrategy=merge\n\t // +listType=map\n\t + \ // +listMapKey=type\n\t Conditions []metav1.Condition `json:\"conditions,omitempty\" + patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"`\n\n\n\t + \ // other fields\n\t}" properties: lastTransitionTime: - description: lastTransitionTime is the last time the condition transitioned from one status to another. - This should be when the underlying condition changed. If that is not known, then using the time when - the API field changed is acceptable. + description: |- + lastTransitionTime is the last time the condition transitioned from one status to another. + This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. format: date-time type: string message: - description: message is a human readable message indicating details about the transition. This may be - an empty string. + description: |- + message is a human readable message indicating details about the transition. + This may be an empty string. maxLength: 32768 type: string observedGeneration: - description: observedGeneration represents the .metadata.generation that the condition was set based - upon. For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration - is 9, the condition is out of date with respect to the current state of the instance. + description: |- + observedGeneration represents the .metadata.generation that the condition was set based upon. + For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date + with respect to the current state of the instance. format: int64 minimum: 0 type: integer reason: - description: reason contains a programmatic identifier indicating the reason for the condition's last - transition. Producers of specific condition types may define expected values and meanings for this - field, and whether the values are considered a guaranteed API. The value should be a CamelCase string. + description: |- + reason contains a programmatic identifier indicating the reason for the condition's last transition. + Producers of specific condition types may define expected values and meanings for this field, + and whether the values are considered a guaranteed API. + The value should be a CamelCase string. This field may not be empty. maxLength: 1024 minLength: 1 @@ -3057,9 +4406,12 @@ spec: - Unknown type: string type: - description: type of condition in CamelCase or in foo.example.com/CamelCase. --- Many .condition.type - values are consistent across resources like Available, but because arbitrary conditions can be useful - (see .node.status.conditions), the ability to deconflict is important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + description: |- + type of condition in CamelCase or in foo.example.com/CamelCase. + --- + Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be + useful (see .node.status.conditions), the ability to deconflict is important. + The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) maxLength: 316 pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ type: string @@ -3072,41 +4424,60 @@ spec: type: object type: array contentConfigChecksum: - description: "ContentConfigChecksum is a checksum of all the configurations related to the content of the - source artifact: - .spec.ignore - .spec.layerSelector observed in .status.observedGeneration version of - the object. This can be used to determine if the content configuration has changed and the artifact needs - to be rebuilt. It has the format of `:`, for example: `sha256:`. \n Deprecated: - Replaced with explicit fields for observed artifact content config in the status." + description: |- + ContentConfigChecksum is a checksum of all the configurations related to + the content of the source artifact: + - .spec.ignore + - .spec.layerSelector + observed in .status.observedGeneration version of the object. This can + be used to determine if the content configuration has changed and the + artifact needs to be rebuilt. + It has the format of `:`, for example: `sha256:`. + + + Deprecated: Replaced with explicit fields for observed artifact content + config in the status. type: string lastHandledReconcileAt: - description: LastHandledReconcileAt holds the value of the most recent reconcile request value, so a change - of the annotation value can be detected. + description: |- + LastHandledReconcileAt holds the value of the most recent + reconcile request value, so a change of the annotation value + can be detected. type: string observedGeneration: description: ObservedGeneration is the last observed generation. format: int64 type: integer observedIgnore: - description: ObservedIgnore is the observed exclusion patterns used for constructing the source artifact. + description: |- + ObservedIgnore is the observed exclusion patterns used for constructing + the source artifact. type: string observedLayerSelector: - description: ObservedLayerSelector is the observed layer selector used for constructing the source artifact. + description: |- + ObservedLayerSelector is the observed layer selector used for constructing + the source artifact. properties: mediaType: - description: MediaType specifies the OCI media type of the layer which should be extracted from the OCI - Artifact. The first layer matching this type is selected. + description: |- + MediaType specifies the OCI media type of the layer + which should be extracted from the OCI Artifact. The + first layer matching this type is selected. type: string operation: - description: Operation specifies how the selected layer should be processed. By default, the layer compressed - content is extracted to storage. When the operation is set to 'copy', the layer compressed content is - persisted to storage as it is. + description: |- + Operation specifies how the selected layer should be processed. + By default, the layer compressed content is extracted to storage. + When the operation is set to 'copy', the layer compressed content + is persisted to storage as it is. enum: - extract - copy type: string type: object url: - description: URL is the download link for the artifact output of the last OCI Repository sync. + description: URL is the download link for the artifact output of the + last OCI Repository sync. type: string type: object type: object @@ -3122,7 +4493,7 @@ metadata: app.kubernetes.io/component: source-controller app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v2.1.1 + app.kubernetes.io/version: v2.3.0 name: source-controller namespace: flux-system --- @@ -3133,7 +4504,7 @@ metadata: app.kubernetes.io/component: source-controller app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v2.1.1 + app.kubernetes.io/version: v2.3.0 control-plane: controller name: source-controller namespace: flux-system @@ -3154,7 +4525,7 @@ metadata: app.kubernetes.io/component: source-controller app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v2.1.1 + app.kubernetes.io/version: v2.3.0 control-plane: controller name: source-controller namespace: flux-system @@ -3189,7 +4560,17 @@ spec: fieldPath: metadata.namespace - name: TUF_ROOT value: /tmp/.sigstore - image: ghcr.io/fluxcd/source-controller:v1.1.1 + - name: GOMAXPROCS + valueFrom: + resourceFieldRef: + containerName: manager + resource: limits.cpu + - name: GOMEMLIMIT + valueFrom: + resourceFieldRef: + containerName: manager + resource: limits.memory + image: ghcr.io/fluxcd/source-controller:v1.3.0 imagePullPolicy: IfNotPresent livenessProbe: httpGet: @@ -3248,12 +4629,12 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.12.0 + controller-gen.kubebuilder.io/version: v0.15.0 labels: app.kubernetes.io/component: kustomize-controller app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v2.1.1 + app.kubernetes.io/version: v2.3.0 name: kustomizations.kustomize.toolkit.fluxcd.io spec: group: kustomize.toolkit.fluxcd.io @@ -3282,21 +4663,32 @@ spec: description: Kustomization is the Schema for the kustomizations API. properties: apiVersion: - description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert - recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string kind: - description: 'Kind is a string value representing the REST resource this object represents. Servers may infer - this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string metadata: type: object spec: - description: KustomizationSpec defines the configuration to calculate the desired state from a Source using Kustomize. + description: |- + KustomizationSpec defines the configuration to calculate the desired state + from a Source using Kustomize. properties: commonMetadata: - description: CommonMetadata specifies the common labels and annotations that are applied to all resources. - Any existing label or annotation will be overridden if its key matches a common one. + description: |- + CommonMetadata specifies the common labels and annotations that are + applied to all resources. Any existing label or annotation will be + overridden if its key matches a common one. properties: annotations: additionalProperties: @@ -3310,12 +4702,14 @@ spec: type: object type: object components: - description: Components specifies relative paths to specifications of other Components. + description: Components specifies relative paths to specifications + of other Components. items: type: string type: array decryption: - description: Decrypt Kubernetes secrets before applying them on the cluster. + description: Decrypt Kubernetes secrets before applying them on the + cluster. properties: provider: description: Provider is the name of the decryption engine. @@ -3323,7 +4717,8 @@ spec: - sops type: string secretRef: - description: The secret name containing the private OpenPGP keys used for decryption. + description: The secret name containing the private OpenPGP keys + used for decryption. properties: name: description: Name of the referent. @@ -3335,17 +4730,21 @@ spec: - provider type: object dependsOn: - description: DependsOn may contain a meta.NamespacedObjectReference slice with references to Kustomization - resources that must be ready before this Kustomization can be reconciled. + description: |- + DependsOn may contain a meta.NamespacedObjectReference slice + with references to Kustomization resources that must be ready before this + Kustomization can be reconciled. items: - description: NamespacedObjectReference contains enough information to locate the referenced Kubernetes resource - object in any namespace. + description: |- + NamespacedObjectReference contains enough information to locate the referenced Kubernetes resource object in any + namespace. properties: name: description: Name of the referent. type: string namespace: - description: Namespace of the referent, when not specified it acts as LocalObjectReference. + description: Namespace of the referent, when not specified it + acts as LocalObjectReference. type: string required: - name @@ -3353,18 +4752,20 @@ spec: type: array force: default: false - description: Force instructs the controller to recreate resources when patching fails due to an immutable - field change. + description: |- + Force instructs the controller to recreate resources + when patching fails due to an immutable field change. type: boolean healthChecks: description: A list of resources to be included in the health assessment. items: - description: NamespacedObjectKindReference contains enough information to locate the typed referenced Kubernetes - resource object in any namespace. + description: |- + NamespacedObjectKindReference contains enough information to locate the typed referenced Kubernetes resource object + in any namespace. properties: apiVersion: - description: API version of the referent, if not specified the Kubernetes preferred version will be - used. + description: API version of the referent, if not specified the + Kubernetes preferred version will be used. type: string kind: description: Kind of the referent. @@ -3373,7 +4774,8 @@ spec: description: Name of the referent. type: string namespace: - description: Namespace of the referent, when not specified it acts as LocalObjectReference. + description: Namespace of the referent, when not specified it + acts as LocalObjectReference. type: string required: - kind @@ -3381,49 +4783,65 @@ spec: type: object type: array images: - description: Images is a list of (image name, new name, new tag or digest) for changing image names, tags - or digests. This can also be achieved with a patch, but this operator is simpler to specify. + description: |- + Images is a list of (image name, new name, new tag or digest) + for changing image names, tags or digests. This can also be achieved with a + patch, but this operator is simpler to specify. items: - description: Image contains an image name, a new name, a new tag or digest, which will replace the original - name and tag. + description: Image contains an image name, a new name, a new tag + or digest, which will replace the original name and tag. properties: digest: - description: Digest is the value used to replace the original image tag. If digest is present NewTag - value is ignored. + description: |- + Digest is the value used to replace the original image tag. + If digest is present NewTag value is ignored. type: string name: description: Name is a tag-less image name. type: string newName: - description: NewName is the value used to replace the original name. + description: NewName is the value used to replace the original + name. type: string newTag: - description: NewTag is the value used to replace the original tag. + description: NewTag is the value used to replace the original + tag. type: string required: - name type: object type: array interval: - description: The interval at which to reconcile the Kustomization. This interval is approximate and may be - subject to jitter to ensure efficient use of resources. + description: |- + The interval at which to reconcile the Kustomization. + This interval is approximate and may be subject to jitter to ensure + efficient use of resources. pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$ type: string kubeConfig: - description: The KubeConfig for reconciling the Kustomization on a remote cluster. When used in combination - with KustomizationSpec.ServiceAccountName, forces the controller to act on behalf of that Service Account - at the target cluster. If the --default-service-account flag is set, its value will be used as a controller - level fallback for when KustomizationSpec.ServiceAccountName is empty. + description: |- + The KubeConfig for reconciling the Kustomization on a remote cluster. + When used in combination with KustomizationSpec.ServiceAccountName, + forces the controller to act on behalf of that Service Account at the + target cluster. + If the --default-service-account flag is set, its value will be used as + a controller level fallback for when KustomizationSpec.ServiceAccountName + is empty. properties: secretRef: - description: SecretRef holds the name of a secret that contains a key with the kubeconfig file as the - value. If no key is set, the key will default to 'value'. It is recommended that the kubeconfig is self-contained, - and the secret is regularly updated if credentials such as a cloud-access-token expire. Cloud specific - `cmd-path` auth helpers will not function without adding binaries and credentials to the Pod that is - responsible for reconciling Kubernetes resources. + description: |- + SecretRef holds the name of a secret that contains a key with + the kubeconfig file as the value. If no key is set, the key will default + to 'value'. + It is recommended that the kubeconfig is self-contained, and the secret + is regularly updated if credentials such as a cloud-access-token expire. + Cloud specific `cmd-path` auth helpers will not function without adding + binaries and credentials to the Pod that is responsible for reconciling + Kubernetes resources. properties: key: - description: Key in the Secret, when not specified an implementation-specific default key is used. + description: Key in the Secret, when not specified an implementation-specific + default key is used. type: string name: description: Name of the Secret. @@ -3434,34 +4852,57 @@ spec: required: - secretRef type: object + namePrefix: + description: NamePrefix will prefix the names of all managed resources. + maxLength: 200 + minLength: 1 + type: string + nameSuffix: + description: NameSuffix will suffix the names of all managed resources. + maxLength: 200 + minLength: 1 + type: string patches: - description: Strategic merge and JSON patches, defined as inline YAML objects, capable of targeting objects - based on kind, label and annotation selectors. + description: |- + Strategic merge and JSON patches, defined as inline YAML objects, + capable of targeting objects based on kind, label and annotation selectors. items: - description: Patch contains an inline StrategicMerge or JSON6902 patch, and the target the patch should + description: |- + Patch contains an inline StrategicMerge or JSON6902 patch, and the target the patch should be applied to. properties: patch: - description: Patch contains an inline StrategicMerge patch or an inline JSON6902 patch with an array - of operation objects. + description: |- + Patch contains an inline StrategicMerge patch or an inline JSON6902 patch with + an array of operation objects. type: string target: - description: Target points to the resources that the patch document should be applied to. + description: Target points to the resources that the patch document + should be applied to. properties: annotationSelector: - description: AnnotationSelector is a string that follows the label selection expression https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#api + description: |- + AnnotationSelector is a string that follows the label selection expression + https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#api It matches with the resource annotations. type: string group: - description: Group is the API group to select resources from. Together with Version and Kind it - is capable of unambiguously identifying and/or selecting resources. https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md + description: |- + Group is the API group to select resources from. + Together with Version and Kind it is capable of unambiguously identifying and/or selecting resources. + https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md type: string kind: - description: Kind of the API Group to select resources from. Together with Group and Version it - is capable of unambiguously identifying and/or selecting resources. https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md + description: |- + Kind of the API Group to select resources from. + Together with Group and Version it is capable of unambiguously + identifying and/or selecting resources. + https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md type: string labelSelector: - description: LabelSelector is a string that follows the label selection expression https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#api + description: |- + LabelSelector is a string that follows the label selection expression + https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#api It matches with the resource labels. type: string name: @@ -3471,8 +4912,10 @@ spec: description: Namespace to select resources from. type: string version: - description: Version of the API Group to select resources from. Together with Group and Kind it - is capable of unambiguously identifying and/or selecting resources. https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md + description: |- + Version of the API Group to select resources from. + Together with Group and Kind it is capable of unambiguously identifying and/or selecting resources. + https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md type: string type: object required: @@ -3480,44 +4923,58 @@ spec: type: object type: array path: - description: Path to the directory containing the kustomization.yaml file, or the set of plain YAMLs a kustomization.yaml - should be generated for. Defaults to 'None', which translates to the root path of the SourceRef. + description: |- + Path to the directory containing the kustomization.yaml file, or the + set of plain YAMLs a kustomization.yaml should be generated for. + Defaults to 'None', which translates to the root path of the SourceRef. type: string postBuild: - description: PostBuild describes which actions to perform on the YAML manifest generated by building the kustomize - overlay. + description: |- + PostBuild describes which actions to perform on the YAML manifest + generated by building the kustomize overlay. properties: substitute: additionalProperties: type: string - description: Substitute holds a map of key/value pairs. The variables defined in your YAML manifests that - match any of the keys defined in the map will be substituted with the set value. Includes support for - bash string replacement functions e.g. ${var:=default}, ${var:position} and ${var/substring/replacement}. + description: |- + Substitute holds a map of key/value pairs. + The variables defined in your YAML manifests that match any of the keys + defined in the map will be substituted with the set value. + Includes support for bash string replacement functions + e.g. ${var:=default}, ${var:position} and ${var/substring/replacement}. type: object substituteFrom: - description: SubstituteFrom holds references to ConfigMaps and Secrets containing the variables and their - values to be substituted in the YAML manifests. The ConfigMap and the Secret data keys represent the - var names, and they must match the vars declared in the manifests for the substitution to happen. + description: |- + SubstituteFrom holds references to ConfigMaps and Secrets containing + the variables and their values to be substituted in the YAML manifests. + The ConfigMap and the Secret data keys represent the var names, and they + must match the vars declared in the manifests for the substitution to + happen. items: - description: SubstituteReference contains a reference to a resource containing the variables name and - value. + description: |- + SubstituteReference contains a reference to a resource containing + the variables name and value. properties: kind: - description: Kind of the values referent, valid values are ('Secret', 'ConfigMap'). + description: Kind of the values referent, valid values are + ('Secret', 'ConfigMap'). enum: - Secret - ConfigMap type: string name: - description: Name of the values referent. Should reside in the same namespace as the referring resource. + description: |- + Name of the values referent. Should reside in the same namespace as the + referring resource. maxLength: 253 minLength: 1 type: string optional: default: false - description: Optional indicates whether the referenced resource must exist, or whether to tolerate - its absence. If true and the referenced resource is absent, proceed as if the resource was present - but empty, without any variables defined. + description: |- + Optional indicates whether the referenced resource must exist, or whether to + tolerate its absence. If true and the referenced resource is absent, proceed + as if the resource was present but empty, without any variables defined. type: boolean required: - kind @@ -3529,15 +4986,20 @@ spec: description: Prune enables garbage collection. type: boolean retryInterval: - description: The interval at which to retry a previously failed reconciliation. When not specified, the controller - uses the KustomizationSpec.Interval value to retry failures. + description: |- + The interval at which to retry a previously failed reconciliation. + When not specified, the controller uses the KustomizationSpec.Interval + value to retry failures. pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$ type: string serviceAccountName: - description: The name of the Kubernetes service account to impersonate when reconciling this Kustomization. + description: |- + The name of the Kubernetes service account to impersonate + when reconciling this Kustomization. type: string sourceRef: - description: Reference of the source where the kustomization file is. + description: Reference of the source where the kustomization file + is. properties: apiVersion: description: API version of the referent. @@ -3553,29 +5015,36 @@ spec: description: Name of the referent. type: string namespace: - description: Namespace of the referent, defaults to the namespace of the Kubernetes resource object that - contains the reference. + description: |- + Namespace of the referent, defaults to the namespace of the Kubernetes + resource object that contains the reference. type: string required: - kind - name type: object suspend: - description: This flag tells the controller to suspend subsequent kustomize executions, it does not apply - to already started executions. Defaults to false. + description: |- + This flag tells the controller to suspend subsequent kustomize executions, + it does not apply to already started executions. Defaults to false. type: boolean targetNamespace: - description: TargetNamespace sets or overrides the namespace in the kustomization.yaml file. + description: |- + TargetNamespace sets or overrides the namespace in the + kustomization.yaml file. maxLength: 63 minLength: 1 type: string timeout: - description: Timeout for validation, apply and health checking operations. Defaults to 'Interval' duration. + description: |- + Timeout for validation, apply and health checking operations. + Defaults to 'Interval' duration. pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$ type: string wait: - description: Wait instructs the controller to check the health of all the reconciled resources. When enabled, - the HealthChecks are ignored. Defaults to false. + description: |- + Wait instructs the controller to check the health of all the reconciled + resources. When enabled, the HealthChecks are ignored. Defaults to false. type: boolean required: - interval @@ -3589,35 +5058,43 @@ spec: properties: conditions: items: - description: "Condition contains details for one aspect of the current state of this API Resource. --- This - struct is intended for direct use as an array at the field path .status.conditions. For example, \n type - FooStatus struct{ // Represents the observations of a foo's current state. // Known .status.conditions.type - are: \"Available\", \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge // - +listType=map // +listMapKey=type Conditions []metav1.Condition `json:\"conditions,omitempty\" patchStrategy:\"merge\" - patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" + description: "Condition contains details for one aspect of the current + state of this API Resource.\n---\nThis struct is intended for + direct use as an array at the field path .status.conditions. For + example,\n\n\n\ttype FooStatus struct{\n\t // Represents the + observations of a foo's current state.\n\t // Known .status.conditions.type + are: \"Available\", \"Progressing\", and \"Degraded\"\n\t // + +patchMergeKey=type\n\t // +patchStrategy=merge\n\t // +listType=map\n\t + \ // +listMapKey=type\n\t Conditions []metav1.Condition `json:\"conditions,omitempty\" + patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"`\n\n\n\t + \ // other fields\n\t}" properties: lastTransitionTime: - description: lastTransitionTime is the last time the condition transitioned from one status to another. - This should be when the underlying condition changed. If that is not known, then using the time when - the API field changed is acceptable. + description: |- + lastTransitionTime is the last time the condition transitioned from one status to another. + This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. format: date-time type: string message: - description: message is a human readable message indicating details about the transition. This may be - an empty string. + description: |- + message is a human readable message indicating details about the transition. + This may be an empty string. maxLength: 32768 type: string observedGeneration: - description: observedGeneration represents the .metadata.generation that the condition was set based - upon. For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration - is 9, the condition is out of date with respect to the current state of the instance. + description: |- + observedGeneration represents the .metadata.generation that the condition was set based upon. + For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date + with respect to the current state of the instance. format: int64 minimum: 0 type: integer reason: - description: reason contains a programmatic identifier indicating the reason for the condition's last - transition. Producers of specific condition types may define expected values and meanings for this - field, and whether the values are considered a guaranteed API. The value should be a CamelCase string. + description: |- + reason contains a programmatic identifier indicating the reason for the condition's last transition. + Producers of specific condition types may define expected values and meanings for this field, + and whether the values are considered a guaranteed API. + The value should be a CamelCase string. This field may not be empty. maxLength: 1024 minLength: 1 @@ -3631,9 +5108,12 @@ spec: - Unknown type: string type: - description: type of condition in CamelCase or in foo.example.com/CamelCase. --- Many .condition.type - values are consistent across resources like Available, but because arbitrary conditions can be useful - (see .node.status.conditions), the ability to deconflict is important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + description: |- + type of condition in CamelCase or in foo.example.com/CamelCase. + --- + Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be + useful (see .node.status.conditions), the ability to deconflict is important. + The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) maxLength: 316 pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ type: string @@ -3646,20 +5126,24 @@ spec: type: object type: array inventory: - description: Inventory contains the list of Kubernetes resource object references that have been successfully - applied. + description: |- + Inventory contains the list of Kubernetes resource object references that + have been successfully applied. properties: entries: description: Entries of Kubernetes resource object references. items: - description: ResourceRef contains the information necessary to locate a resource within a cluster. + description: ResourceRef contains the information necessary + to locate a resource within a cluster. properties: id: - description: ID is the string representation of the Kubernetes resource object's metadata, in the - format '___'. + description: |- + ID is the string representation of the Kubernetes resource object's metadata, + in the format '___'. type: string v: - description: Version is the API version of the Kubernetes resource object's kind. + description: Version is the API version of the Kubernetes + resource object's kind. type: string required: - id @@ -3670,15 +5154,19 @@ spec: - entries type: object lastAppliedRevision: - description: The last successfully applied revision. Equals the Revision of the applied Artifact from the - referenced Source. + description: |- + The last successfully applied revision. + Equals the Revision of the applied Artifact from the referenced Source. type: string lastAttemptedRevision: - description: LastAttemptedRevision is the revision of the last reconciliation attempt. + description: LastAttemptedRevision is the revision of the last reconciliation + attempt. type: string lastHandledReconcileAt: - description: LastHandledReconcileAt holds the value of the most recent reconcile request value, so a change - of the annotation value can be detected. + description: |- + LastHandledReconcileAt holds the value of the most recent + reconcile request value, so a change of the annotation value + can be detected. type: string observedGeneration: description: ObservedGeneration is the last reconciled generation. @@ -3708,12 +5196,19 @@ spec: description: Kustomization is the Schema for the kustomizations API. properties: apiVersion: - description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert - recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string kind: - description: 'Kind is a string value representing the REST resource this object represents. Servers may infer - this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string metadata: type: object @@ -3721,7 +5216,8 @@ spec: description: KustomizationSpec defines the desired state of a kustomization. properties: decryption: - description: Decrypt Kubernetes secrets before applying them on the cluster. + description: Decrypt Kubernetes secrets before applying them on the + cluster. properties: provider: description: Provider is the name of the decryption engine. @@ -3729,7 +5225,8 @@ spec: - sops type: string secretRef: - description: The secret name containing the private OpenPGP keys used for decryption. + description: The secret name containing the private OpenPGP keys + used for decryption. properties: name: description: Name of the referent. @@ -3741,17 +5238,21 @@ spec: - provider type: object dependsOn: - description: DependsOn may contain a meta.NamespacedObjectReference slice with references to Kustomization - resources that must be ready before this Kustomization can be reconciled. + description: |- + DependsOn may contain a meta.NamespacedObjectReference slice + with references to Kustomization resources that must be ready before this + Kustomization can be reconciled. items: - description: NamespacedObjectReference contains enough information to locate the referenced Kubernetes resource - object in any namespace. + description: |- + NamespacedObjectReference contains enough information to locate the referenced Kubernetes resource object in any + namespace. properties: name: description: Name of the referent. type: string namespace: - description: Namespace of the referent, when not specified it acts as LocalObjectReference. + description: Namespace of the referent, when not specified it + acts as LocalObjectReference. type: string required: - name @@ -3759,18 +5260,20 @@ spec: type: array force: default: false - description: Force instructs the controller to recreate resources when patching fails due to an immutable - field change. + description: |- + Force instructs the controller to recreate resources + when patching fails due to an immutable field change. type: boolean healthChecks: description: A list of resources to be included in the health assessment. items: - description: NamespacedObjectKindReference contains enough information to locate the typed referenced Kubernetes - resource object in any namespace. + description: |- + NamespacedObjectKindReference contains enough information to locate the typed referenced Kubernetes resource object + in any namespace. properties: apiVersion: - description: API version of the referent, if not specified the Kubernetes preferred version will be - used. + description: API version of the referent, if not specified the + Kubernetes preferred version will be used. type: string kind: description: Kind of the referent. @@ -3779,7 +5282,8 @@ spec: description: Name of the referent. type: string namespace: - description: Namespace of the referent, when not specified it acts as LocalObjectReference. + description: Namespace of the referent, when not specified it + acts as LocalObjectReference. type: string required: - kind @@ -3787,24 +5291,29 @@ spec: type: object type: array images: - description: Images is a list of (image name, new name, new tag or digest) for changing image names, tags - or digests. This can also be achieved with a patch, but this operator is simpler to specify. + description: |- + Images is a list of (image name, new name, new tag or digest) + for changing image names, tags or digests. This can also be achieved with a + patch, but this operator is simpler to specify. items: - description: Image contains an image name, a new name, a new tag or digest, which will replace the original - name and tag. + description: Image contains an image name, a new name, a new tag + or digest, which will replace the original name and tag. properties: digest: - description: Digest is the value used to replace the original image tag. If digest is present NewTag - value is ignored. + description: |- + Digest is the value used to replace the original image tag. + If digest is present NewTag value is ignored. type: string name: description: Name is a tag-less image name. type: string newName: - description: NewName is the value used to replace the original name. + description: NewName is the value used to replace the original + name. type: string newTag: - description: NewTag is the value used to replace the original tag. + description: NewTag is the value used to replace the original + tag. type: string required: - name @@ -3814,15 +5323,20 @@ spec: description: The interval at which to reconcile the Kustomization. type: string kubeConfig: - description: The KubeConfig for reconciling the Kustomization on a remote cluster. When specified, KubeConfig - takes precedence over ServiceAccountName. + description: |- + The KubeConfig for reconciling the Kustomization on a remote cluster. + When specified, KubeConfig takes precedence over ServiceAccountName. properties: secretRef: - description: SecretRef holds the name to a secret that contains a 'value' key with the kubeconfig file - as the value. It must be in the same namespace as the Kustomization. It is recommended that the kubeconfig - is self-contained, and the secret is regularly updated if credentials such as a cloud-access-token expire. - Cloud specific `cmd-path` auth helpers will not function without adding binaries and credentials to - the Pod that is responsible for reconciling the Kustomization. + description: |- + SecretRef holds the name to a secret that contains a 'value' key with + the kubeconfig file as the value. It must be in the same namespace as + the Kustomization. + It is recommended that the kubeconfig is self-contained, and the secret + is regularly updated if credentials such as a cloud-access-token expire. + Cloud specific `cmd-path` auth helpers will not function without adding + binaries and credentials to the Pod that is responsible for reconciling + the Kustomization. properties: name: description: Name of the referent. @@ -3832,33 +5346,46 @@ spec: type: object type: object patches: - description: Strategic merge and JSON patches, defined as inline YAML objects, capable of targeting objects - based on kind, label and annotation selectors. + description: |- + Strategic merge and JSON patches, defined as inline YAML objects, + capable of targeting objects based on kind, label and annotation selectors. items: - description: Patch contains an inline StrategicMerge or JSON6902 patch, and the target the patch should + description: |- + Patch contains an inline StrategicMerge or JSON6902 patch, and the target the patch should be applied to. properties: patch: - description: Patch contains an inline StrategicMerge patch or an inline JSON6902 patch with an array - of operation objects. + description: |- + Patch contains an inline StrategicMerge patch or an inline JSON6902 patch with + an array of operation objects. type: string target: - description: Target points to the resources that the patch document should be applied to. + description: Target points to the resources that the patch document + should be applied to. properties: annotationSelector: - description: AnnotationSelector is a string that follows the label selection expression https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#api + description: |- + AnnotationSelector is a string that follows the label selection expression + https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#api It matches with the resource annotations. type: string group: - description: Group is the API group to select resources from. Together with Version and Kind it - is capable of unambiguously identifying and/or selecting resources. https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md + description: |- + Group is the API group to select resources from. + Together with Version and Kind it is capable of unambiguously identifying and/or selecting resources. + https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md type: string kind: - description: Kind of the API Group to select resources from. Together with Group and Version it - is capable of unambiguously identifying and/or selecting resources. https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md + description: |- + Kind of the API Group to select resources from. + Together with Group and Version it is capable of unambiguously + identifying and/or selecting resources. + https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md type: string labelSelector: - description: LabelSelector is a string that follows the label selection expression https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#api + description: |- + LabelSelector is a string that follows the label selection expression + https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#api It matches with the resource labels. type: string name: @@ -3868,8 +5395,10 @@ spec: description: Namespace to select resources from. type: string version: - description: Version of the API Group to select resources from. Together with Group and Kind it - is capable of unambiguously identifying and/or selecting resources. https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md + description: |- + Version of the API Group to select resources from. + Together with Group and Kind it is capable of unambiguously identifying and/or selecting resources. + https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md type: string type: object required: @@ -3879,21 +5408,27 @@ spec: patchesJson6902: description: JSON 6902 patches, defined as inline YAML objects. items: - description: JSON6902Patch contains a JSON6902 patch and the target the patch should be applied to. + description: JSON6902Patch contains a JSON6902 patch and the target + the patch should be applied to. properties: patch: - description: Patch contains the JSON6902 patch document with an array of operation objects. + description: Patch contains the JSON6902 patch document with + an array of operation objects. items: - description: JSON6902 is a JSON6902 operation object. https://datatracker.ietf.org/doc/html/rfc6902#section-4 + description: |- + JSON6902 is a JSON6902 operation object. + https://datatracker.ietf.org/doc/html/rfc6902#section-4 properties: from: - description: From contains a JSON-pointer value that references a location within the target document - where the operation is performed. The meaning of the value depends on the value of Op, and is - NOT taken into account by all operations. + description: |- + From contains a JSON-pointer value that references a location within the target document where the operation is + performed. The meaning of the value depends on the value of Op, and is NOT taken into account by all operations. type: string op: - description: Op indicates the operation to perform. Its value MUST be one of "add", "remove", - "replace", "move", "copy", or "test". https://datatracker.ietf.org/doc/html/rfc6902#section-4 + description: |- + Op indicates the operation to perform. Its value MUST be one of "add", "remove", "replace", "move", "copy", or + "test". + https://datatracker.ietf.org/doc/html/rfc6902#section-4 enum: - test - remove @@ -3903,13 +5438,14 @@ spec: - copy type: string path: - description: Path contains the JSON-pointer value that references a location within the target - document where the operation is performed. The meaning of the value depends on the value of - Op. + description: |- + Path contains the JSON-pointer value that references a location within the target document where the operation + is performed. The meaning of the value depends on the value of Op. type: string value: - description: Value contains a valid JSON structure. The meaning of the value depends on the value - of Op, and is NOT taken into account by all operations. + description: |- + Value contains a valid JSON structure. The meaning of the value depends on the value of Op, and is NOT taken into + account by all operations. x-kubernetes-preserve-unknown-fields: true required: - op @@ -3917,22 +5453,32 @@ spec: type: object type: array target: - description: Target points to the resources that the patch document should be applied to. + description: Target points to the resources that the patch document + should be applied to. properties: annotationSelector: - description: AnnotationSelector is a string that follows the label selection expression https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#api + description: |- + AnnotationSelector is a string that follows the label selection expression + https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#api It matches with the resource annotations. type: string group: - description: Group is the API group to select resources from. Together with Version and Kind it - is capable of unambiguously identifying and/or selecting resources. https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md + description: |- + Group is the API group to select resources from. + Together with Version and Kind it is capable of unambiguously identifying and/or selecting resources. + https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md type: string kind: - description: Kind of the API Group to select resources from. Together with Group and Version it - is capable of unambiguously identifying and/or selecting resources. https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md + description: |- + Kind of the API Group to select resources from. + Together with Group and Version it is capable of unambiguously + identifying and/or selecting resources. + https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md type: string labelSelector: - description: LabelSelector is a string that follows the label selection expression https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#api + description: |- + LabelSelector is a string that follows the label selection expression + https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#api It matches with the resource labels. type: string name: @@ -3942,8 +5488,10 @@ spec: description: Namespace to select resources from. type: string version: - description: Version of the API Group to select resources from. Together with Group and Kind it - is capable of unambiguously identifying and/or selecting resources. https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md + description: |- + Version of the API Group to select resources from. + Together with Group and Kind it is capable of unambiguously identifying and/or selecting resources. + https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md type: string type: object required: @@ -3957,36 +5505,49 @@ spec: x-kubernetes-preserve-unknown-fields: true type: array path: - description: Path to the directory containing the kustomization.yaml file, or the set of plain YAMLs a kustomization.yaml - should be generated for. Defaults to 'None', which translates to the root path of the SourceRef. + description: |- + Path to the directory containing the kustomization.yaml file, or the + set of plain YAMLs a kustomization.yaml should be generated for. + Defaults to 'None', which translates to the root path of the SourceRef. type: string postBuild: - description: PostBuild describes which actions to perform on the YAML manifest generated by building the kustomize - overlay. + description: |- + PostBuild describes which actions to perform on the YAML manifest + generated by building the kustomize overlay. properties: substitute: additionalProperties: type: string - description: Substitute holds a map of key/value pairs. The variables defined in your YAML manifests that - match any of the keys defined in the map will be substituted with the set value. Includes support for - bash string replacement functions e.g. ${var:=default}, ${var:position} and ${var/substring/replacement}. + description: |- + Substitute holds a map of key/value pairs. + The variables defined in your YAML manifests + that match any of the keys defined in the map + will be substituted with the set value. + Includes support for bash string replacement functions + e.g. ${var:=default}, ${var:position} and ${var/substring/replacement}. type: object substituteFrom: - description: SubstituteFrom holds references to ConfigMaps and Secrets containing the variables and their - values to be substituted in the YAML manifests. The ConfigMap and the Secret data keys represent the - var names and they must match the vars declared in the manifests for the substitution to happen. + description: |- + SubstituteFrom holds references to ConfigMaps and Secrets containing + the variables and their values to be substituted in the YAML manifests. + The ConfigMap and the Secret data keys represent the var names and they + must match the vars declared in the manifests for the substitution to happen. items: - description: SubstituteReference contains a reference to a resource containing the variables name and - value. + description: |- + SubstituteReference contains a reference to a resource containing + the variables name and value. properties: kind: - description: Kind of the values referent, valid values are ('Secret', 'ConfigMap'). + description: Kind of the values referent, valid values are + ('Secret', 'ConfigMap'). enum: - Secret - ConfigMap type: string name: - description: Name of the values referent. Should reside in the same namespace as the referring resource. + description: |- + Name of the values referent. Should reside in the same namespace as the + referring resource. maxLength: 253 minLength: 1 type: string @@ -4000,14 +5561,19 @@ spec: description: Prune enables garbage collection. type: boolean retryInterval: - description: The interval at which to retry a previously failed reconciliation. When not specified, the controller - uses the KustomizationSpec.Interval value to retry failures. + description: |- + The interval at which to retry a previously failed reconciliation. + When not specified, the controller uses the KustomizationSpec.Interval + value to retry failures. type: string serviceAccountName: - description: The name of the Kubernetes service account to impersonate when reconciling this Kustomization. + description: |- + The name of the Kubernetes service account to impersonate + when reconciling this Kustomization. type: string sourceRef: - description: Reference of the source where the kustomization file is. + description: Reference of the source where the kustomization file + is. properties: apiVersion: description: API version of the referent @@ -4022,28 +5588,37 @@ spec: description: Name of the referent type: string namespace: - description: Namespace of the referent, defaults to the Kustomization namespace + description: Namespace of the referent, defaults to the Kustomization + namespace type: string required: - kind - name type: object suspend: - description: This flag tells the controller to suspend subsequent kustomize executions, it does not apply - to already started executions. Defaults to false. + description: |- + This flag tells the controller to suspend subsequent kustomize executions, + it does not apply to already started executions. Defaults to false. type: boolean targetNamespace: - description: TargetNamespace sets or overrides the namespace in the kustomization.yaml file. + description: |- + TargetNamespace sets or overrides the namespace in the + kustomization.yaml file. maxLength: 63 minLength: 1 type: string timeout: - description: Timeout for validation, apply and health checking operations. Defaults to 'Interval' duration. + description: |- + Timeout for validation, apply and health checking operations. + Defaults to 'Interval' duration. type: string validation: - description: Validate the Kubernetes objects before applying them on the cluster. The validation strategy - can be 'client' (local dry-run), 'server' (APIServer dry-run) or 'none'. When 'Force' is 'true', validation - will fallback to 'client' if set to 'server' because server-side validation is not supported in this scenario. + description: |- + Validate the Kubernetes objects before applying them on the cluster. + The validation strategy can be 'client' (local dry-run), 'server' + (APIServer dry-run) or 'none'. + When 'Force' is 'true', validation will fallback to 'client' if set to + 'server' because server-side validation is not supported in this scenario. enum: - none - client @@ -4061,35 +5636,43 @@ spec: properties: conditions: items: - description: "Condition contains details for one aspect of the current state of this API Resource. --- This - struct is intended for direct use as an array at the field path .status.conditions. For example, \n type - FooStatus struct{ // Represents the observations of a foo's current state. // Known .status.conditions.type - are: \"Available\", \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge // - +listType=map // +listMapKey=type Conditions []metav1.Condition `json:\"conditions,omitempty\" patchStrategy:\"merge\" - patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" + description: "Condition contains details for one aspect of the current + state of this API Resource.\n---\nThis struct is intended for + direct use as an array at the field path .status.conditions. For + example,\n\n\n\ttype FooStatus struct{\n\t // Represents the + observations of a foo's current state.\n\t // Known .status.conditions.type + are: \"Available\", \"Progressing\", and \"Degraded\"\n\t // + +patchMergeKey=type\n\t // +patchStrategy=merge\n\t // +listType=map\n\t + \ // +listMapKey=type\n\t Conditions []metav1.Condition `json:\"conditions,omitempty\" + patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"`\n\n\n\t + \ // other fields\n\t}" properties: lastTransitionTime: - description: lastTransitionTime is the last time the condition transitioned from one status to another. - This should be when the underlying condition changed. If that is not known, then using the time when - the API field changed is acceptable. + description: |- + lastTransitionTime is the last time the condition transitioned from one status to another. + This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. format: date-time type: string message: - description: message is a human readable message indicating details about the transition. This may be - an empty string. + description: |- + message is a human readable message indicating details about the transition. + This may be an empty string. maxLength: 32768 type: string observedGeneration: - description: observedGeneration represents the .metadata.generation that the condition was set based - upon. For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration - is 9, the condition is out of date with respect to the current state of the instance. + description: |- + observedGeneration represents the .metadata.generation that the condition was set based upon. + For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date + with respect to the current state of the instance. format: int64 minimum: 0 type: integer reason: - description: reason contains a programmatic identifier indicating the reason for the condition's last - transition. Producers of specific condition types may define expected values and meanings for this - field, and whether the values are considered a guaranteed API. The value should be a CamelCase string. + description: |- + reason contains a programmatic identifier indicating the reason for the condition's last transition. + Producers of specific condition types may define expected values and meanings for this field, + and whether the values are considered a guaranteed API. + The value should be a CamelCase string. This field may not be empty. maxLength: 1024 minLength: 1 @@ -4103,9 +5686,12 @@ spec: - Unknown type: string type: - description: type of condition in CamelCase or in foo.example.com/CamelCase. --- Many .condition.type - values are consistent across resources like Available, but because arbitrary conditions can be useful - (see .node.status.conditions), the ability to deconflict is important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + description: |- + type of condition in CamelCase or in foo.example.com/CamelCase. + --- + Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be + useful (see .node.status.conditions), the ability to deconflict is important. + The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) maxLength: 316 pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ type: string @@ -4118,14 +5704,19 @@ spec: type: object type: array lastAppliedRevision: - description: The last successfully applied revision. The revision format for Git sources is /. + description: |- + The last successfully applied revision. + The revision format for Git sources is /. type: string lastAttemptedRevision: - description: LastAttemptedRevision is the revision of the last reconciliation attempt. + description: LastAttemptedRevision is the revision of the last reconciliation + attempt. type: string lastHandledReconcileAt: - description: LastHandledReconcileAt holds the value of the most recent reconcile request value, so a change - of the annotation value can be detected. + description: |- + LastHandledReconcileAt holds the value of the most recent + reconcile request value, so a change of the annotation value + can be detected. type: string observedGeneration: description: ObservedGeneration is the last reconciled generation. @@ -4140,7 +5731,9 @@ spec: entries: description: A list of Kubernetes kinds grouped by namespace. items: - description: Snapshot holds the metadata of namespaced Kubernetes objects + description: |- + Snapshot holds the metadata of namespaced + Kubernetes objects properties: kinds: additionalProperties: @@ -4182,20 +5775,29 @@ spec: description: Kustomization is the Schema for the kustomizations API. properties: apiVersion: - description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert - recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string kind: - description: 'Kind is a string value representing the REST resource this object represents. Servers may infer - this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string metadata: type: object spec: - description: KustomizationSpec defines the configuration to calculate the desired state from a Source using Kustomize. + description: KustomizationSpec defines the configuration to calculate + the desired state from a Source using Kustomize. properties: commonMetadata: - description: CommonMetadata specifies the common labels and annotations that are applied to all resources. + description: |- + CommonMetadata specifies the common labels and annotations that are applied to all resources. Any existing label or annotation will be overridden if its key matches a common one. properties: annotations: @@ -4210,12 +5812,14 @@ spec: type: object type: object components: - description: Components specifies relative paths to specifications of other Components. + description: Components specifies relative paths to specifications + of other Components. items: type: string type: array decryption: - description: Decrypt Kubernetes secrets before applying them on the cluster. + description: Decrypt Kubernetes secrets before applying them on the + cluster. properties: provider: description: Provider is the name of the decryption engine. @@ -4223,7 +5827,8 @@ spec: - sops type: string secretRef: - description: The secret name containing the private OpenPGP keys used for decryption. + description: The secret name containing the private OpenPGP keys + used for decryption. properties: name: description: Name of the referent. @@ -4235,17 +5840,21 @@ spec: - provider type: object dependsOn: - description: DependsOn may contain a meta.NamespacedObjectReference slice with references to Kustomization - resources that must be ready before this Kustomization can be reconciled. + description: |- + DependsOn may contain a meta.NamespacedObjectReference slice + with references to Kustomization resources that must be ready before this + Kustomization can be reconciled. items: - description: NamespacedObjectReference contains enough information to locate the referenced Kubernetes resource - object in any namespace. + description: |- + NamespacedObjectReference contains enough information to locate the referenced Kubernetes resource object in any + namespace. properties: name: description: Name of the referent. type: string namespace: - description: Namespace of the referent, when not specified it acts as LocalObjectReference. + description: Namespace of the referent, when not specified it + acts as LocalObjectReference. type: string required: - name @@ -4253,18 +5862,20 @@ spec: type: array force: default: false - description: Force instructs the controller to recreate resources when patching fails due to an immutable - field change. + description: |- + Force instructs the controller to recreate resources + when patching fails due to an immutable field change. type: boolean healthChecks: description: A list of resources to be included in the health assessment. items: - description: NamespacedObjectKindReference contains enough information to locate the typed referenced Kubernetes - resource object in any namespace. + description: |- + NamespacedObjectKindReference contains enough information to locate the typed referenced Kubernetes resource object + in any namespace. properties: apiVersion: - description: API version of the referent, if not specified the Kubernetes preferred version will be - used. + description: API version of the referent, if not specified the + Kubernetes preferred version will be used. type: string kind: description: Kind of the referent. @@ -4273,7 +5884,8 @@ spec: description: Name of the referent. type: string namespace: - description: Namespace of the referent, when not specified it acts as LocalObjectReference. + description: Namespace of the referent, when not specified it + acts as LocalObjectReference. type: string required: - kind @@ -4281,24 +5893,29 @@ spec: type: object type: array images: - description: Images is a list of (image name, new name, new tag or digest) for changing image names, tags - or digests. This can also be achieved with a patch, but this operator is simpler to specify. + description: |- + Images is a list of (image name, new name, new tag or digest) + for changing image names, tags or digests. This can also be achieved with a + patch, but this operator is simpler to specify. items: - description: Image contains an image name, a new name, a new tag or digest, which will replace the original - name and tag. + description: Image contains an image name, a new name, a new tag + or digest, which will replace the original name and tag. properties: digest: - description: Digest is the value used to replace the original image tag. If digest is present NewTag - value is ignored. + description: |- + Digest is the value used to replace the original image tag. + If digest is present NewTag value is ignored. type: string name: description: Name is a tag-less image name. type: string newName: - description: NewName is the value used to replace the original name. + description: NewName is the value used to replace the original + name. type: string newTag: - description: NewTag is the value used to replace the original tag. + description: NewTag is the value used to replace the original + tag. type: string required: - name @@ -4309,20 +5926,29 @@ spec: pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$ type: string kubeConfig: - description: The KubeConfig for reconciling the Kustomization on a remote cluster. When used in combination - with KustomizationSpec.ServiceAccountName, forces the controller to act on behalf of that Service Account - at the target cluster. If the --default-service-account flag is set, its value will be used as a controller - level fallback for when KustomizationSpec.ServiceAccountName is empty. + description: |- + The KubeConfig for reconciling the Kustomization on a remote cluster. + When used in combination with KustomizationSpec.ServiceAccountName, + forces the controller to act on behalf of that Service Account at the + target cluster. + If the --default-service-account flag is set, its value will be used as + a controller level fallback for when KustomizationSpec.ServiceAccountName + is empty. properties: secretRef: - description: SecretRef holds the name of a secret that contains a key with the kubeconfig file as the - value. If no key is set, the key will default to 'value'. It is recommended that the kubeconfig is self-contained, - and the secret is regularly updated if credentials such as a cloud-access-token expire. Cloud specific - `cmd-path` auth helpers will not function without adding binaries and credentials to the Pod that is - responsible for reconciling Kubernetes resources. + description: |- + SecretRef holds the name of a secret that contains a key with + the kubeconfig file as the value. If no key is set, the key will default + to 'value'. + It is recommended that the kubeconfig is self-contained, and the secret + is regularly updated if credentials such as a cloud-access-token expire. + Cloud specific `cmd-path` auth helpers will not function without adding + binaries and credentials to the Pod that is responsible for reconciling + Kubernetes resources. properties: key: - description: Key in the Secret, when not specified an implementation-specific default key is used. + description: Key in the Secret, when not specified an implementation-specific + default key is used. type: string name: description: Name of the Secret. @@ -4334,33 +5960,46 @@ spec: - secretRef type: object patches: - description: Strategic merge and JSON patches, defined as inline YAML objects, capable of targeting objects - based on kind, label and annotation selectors. + description: |- + Strategic merge and JSON patches, defined as inline YAML objects, + capable of targeting objects based on kind, label and annotation selectors. items: - description: Patch contains an inline StrategicMerge or JSON6902 patch, and the target the patch should + description: |- + Patch contains an inline StrategicMerge or JSON6902 patch, and the target the patch should be applied to. properties: patch: - description: Patch contains an inline StrategicMerge patch or an inline JSON6902 patch with an array - of operation objects. + description: |- + Patch contains an inline StrategicMerge patch or an inline JSON6902 patch with + an array of operation objects. type: string target: - description: Target points to the resources that the patch document should be applied to. + description: Target points to the resources that the patch document + should be applied to. properties: annotationSelector: - description: AnnotationSelector is a string that follows the label selection expression https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#api + description: |- + AnnotationSelector is a string that follows the label selection expression + https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#api It matches with the resource annotations. type: string group: - description: Group is the API group to select resources from. Together with Version and Kind it - is capable of unambiguously identifying and/or selecting resources. https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md + description: |- + Group is the API group to select resources from. + Together with Version and Kind it is capable of unambiguously identifying and/or selecting resources. + https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md type: string kind: - description: Kind of the API Group to select resources from. Together with Group and Version it - is capable of unambiguously identifying and/or selecting resources. https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md + description: |- + Kind of the API Group to select resources from. + Together with Group and Version it is capable of unambiguously + identifying and/or selecting resources. + https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md type: string labelSelector: - description: LabelSelector is a string that follows the label selection expression https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#api + description: |- + LabelSelector is a string that follows the label selection expression + https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#api It matches with the resource labels. type: string name: @@ -4370,8 +6009,10 @@ spec: description: Namespace to select resources from. type: string version: - description: Version of the API Group to select resources from. Together with Group and Kind it - is capable of unambiguously identifying and/or selecting resources. https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md + description: |- + Version of the API Group to select resources from. + Together with Group and Kind it is capable of unambiguously identifying and/or selecting resources. + https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md type: string type: object required: @@ -4379,23 +6020,31 @@ spec: type: object type: array patchesJson6902: - description: 'JSON 6902 patches, defined as inline YAML objects. Deprecated: Use Patches instead.' + description: |- + JSON 6902 patches, defined as inline YAML objects. + Deprecated: Use Patches instead. items: - description: JSON6902Patch contains a JSON6902 patch and the target the patch should be applied to. + description: JSON6902Patch contains a JSON6902 patch and the target + the patch should be applied to. properties: patch: - description: Patch contains the JSON6902 patch document with an array of operation objects. + description: Patch contains the JSON6902 patch document with + an array of operation objects. items: - description: JSON6902 is a JSON6902 operation object. https://datatracker.ietf.org/doc/html/rfc6902#section-4 + description: |- + JSON6902 is a JSON6902 operation object. + https://datatracker.ietf.org/doc/html/rfc6902#section-4 properties: from: - description: From contains a JSON-pointer value that references a location within the target document - where the operation is performed. The meaning of the value depends on the value of Op, and is - NOT taken into account by all operations. + description: |- + From contains a JSON-pointer value that references a location within the target document where the operation is + performed. The meaning of the value depends on the value of Op, and is NOT taken into account by all operations. type: string op: - description: Op indicates the operation to perform. Its value MUST be one of "add", "remove", - "replace", "move", "copy", or "test". https://datatracker.ietf.org/doc/html/rfc6902#section-4 + description: |- + Op indicates the operation to perform. Its value MUST be one of "add", "remove", "replace", "move", "copy", or + "test". + https://datatracker.ietf.org/doc/html/rfc6902#section-4 enum: - test - remove @@ -4405,13 +6054,14 @@ spec: - copy type: string path: - description: Path contains the JSON-pointer value that references a location within the target - document where the operation is performed. The meaning of the value depends on the value of - Op. + description: |- + Path contains the JSON-pointer value that references a location within the target document where the operation + is performed. The meaning of the value depends on the value of Op. type: string value: - description: Value contains a valid JSON structure. The meaning of the value depends on the value - of Op, and is NOT taken into account by all operations. + description: |- + Value contains a valid JSON structure. The meaning of the value depends on the value of Op, and is NOT taken into + account by all operations. x-kubernetes-preserve-unknown-fields: true required: - op @@ -4419,22 +6069,32 @@ spec: type: object type: array target: - description: Target points to the resources that the patch document should be applied to. + description: Target points to the resources that the patch document + should be applied to. properties: annotationSelector: - description: AnnotationSelector is a string that follows the label selection expression https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#api + description: |- + AnnotationSelector is a string that follows the label selection expression + https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#api It matches with the resource annotations. type: string group: - description: Group is the API group to select resources from. Together with Version and Kind it - is capable of unambiguously identifying and/or selecting resources. https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md + description: |- + Group is the API group to select resources from. + Together with Version and Kind it is capable of unambiguously identifying and/or selecting resources. + https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md type: string kind: - description: Kind of the API Group to select resources from. Together with Group and Version it - is capable of unambiguously identifying and/or selecting resources. https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md + description: |- + Kind of the API Group to select resources from. + Together with Group and Version it is capable of unambiguously + identifying and/or selecting resources. + https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md type: string labelSelector: - description: LabelSelector is a string that follows the label selection expression https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#api + description: |- + LabelSelector is a string that follows the label selection expression + https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#api It matches with the resource labels. type: string name: @@ -4444,8 +6104,10 @@ spec: description: Namespace to select resources from. type: string version: - description: Version of the API Group to select resources from. Together with Group and Kind it - is capable of unambiguously identifying and/or selecting resources. https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md + description: |- + Version of the API Group to select resources from. + Together with Group and Kind it is capable of unambiguously identifying and/or selecting resources. + https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md type: string type: object required: @@ -4454,49 +6116,65 @@ spec: type: object type: array patchesStrategicMerge: - description: 'Strategic merge patches, defined as inline YAML objects. Deprecated: Use Patches instead.' + description: |- + Strategic merge patches, defined as inline YAML objects. + Deprecated: Use Patches instead. items: x-kubernetes-preserve-unknown-fields: true type: array path: - description: Path to the directory containing the kustomization.yaml file, or the set of plain YAMLs a kustomization.yaml - should be generated for. Defaults to 'None', which translates to the root path of the SourceRef. + description: |- + Path to the directory containing the kustomization.yaml file, or the + set of plain YAMLs a kustomization.yaml should be generated for. + Defaults to 'None', which translates to the root path of the SourceRef. type: string postBuild: - description: PostBuild describes which actions to perform on the YAML manifest generated by building the kustomize - overlay. + description: |- + PostBuild describes which actions to perform on the YAML manifest + generated by building the kustomize overlay. properties: substitute: additionalProperties: type: string - description: Substitute holds a map of key/value pairs. The variables defined in your YAML manifests that - match any of the keys defined in the map will be substituted with the set value. Includes support for - bash string replacement functions e.g. ${var:=default}, ${var:position} and ${var/substring/replacement}. + description: |- + Substitute holds a map of key/value pairs. + The variables defined in your YAML manifests + that match any of the keys defined in the map + will be substituted with the set value. + Includes support for bash string replacement functions + e.g. ${var:=default}, ${var:position} and ${var/substring/replacement}. type: object substituteFrom: - description: SubstituteFrom holds references to ConfigMaps and Secrets containing the variables and their - values to be substituted in the YAML manifests. The ConfigMap and the Secret data keys represent the - var names and they must match the vars declared in the manifests for the substitution to happen. + description: |- + SubstituteFrom holds references to ConfigMaps and Secrets containing + the variables and their values to be substituted in the YAML manifests. + The ConfigMap and the Secret data keys represent the var names and they + must match the vars declared in the manifests for the substitution to happen. items: - description: SubstituteReference contains a reference to a resource containing the variables name and - value. + description: |- + SubstituteReference contains a reference to a resource containing + the variables name and value. properties: kind: - description: Kind of the values referent, valid values are ('Secret', 'ConfigMap'). + description: Kind of the values referent, valid values are + ('Secret', 'ConfigMap'). enum: - Secret - ConfigMap type: string name: - description: Name of the values referent. Should reside in the same namespace as the referring resource. + description: |- + Name of the values referent. Should reside in the same namespace as the + referring resource. maxLength: 253 minLength: 1 type: string optional: default: false - description: Optional indicates whether the referenced resource must exist, or whether to tolerate - its absence. If true and the referenced resource is absent, proceed as if the resource was present - but empty, without any variables defined. + description: |- + Optional indicates whether the referenced resource must exist, or whether to + tolerate its absence. If true and the referenced resource is absent, proceed + as if the resource was present but empty, without any variables defined. type: boolean required: - kind @@ -4508,15 +6186,20 @@ spec: description: Prune enables garbage collection. type: boolean retryInterval: - description: The interval at which to retry a previously failed reconciliation. When not specified, the controller - uses the KustomizationSpec.Interval value to retry failures. + description: |- + The interval at which to retry a previously failed reconciliation. + When not specified, the controller uses the KustomizationSpec.Interval + value to retry failures. pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$ type: string serviceAccountName: - description: The name of the Kubernetes service account to impersonate when reconciling this Kustomization. + description: |- + The name of the Kubernetes service account to impersonate + when reconciling this Kustomization. type: string sourceRef: - description: Reference of the source where the kustomization file is. + description: Reference of the source where the kustomization file + is. properties: apiVersion: description: API version of the referent. @@ -4532,24 +6215,29 @@ spec: description: Name of the referent. type: string namespace: - description: Namespace of the referent, defaults to the namespace of the Kubernetes resource object that - contains the reference. + description: Namespace of the referent, defaults to the namespace + of the Kubernetes resource object that contains the reference. type: string required: - kind - name type: object suspend: - description: This flag tells the controller to suspend subsequent kustomize executions, it does not apply - to already started executions. Defaults to false. + description: |- + This flag tells the controller to suspend subsequent kustomize executions, + it does not apply to already started executions. Defaults to false. type: boolean targetNamespace: - description: TargetNamespace sets or overrides the namespace in the kustomization.yaml file. + description: |- + TargetNamespace sets or overrides the namespace in the + kustomization.yaml file. maxLength: 63 minLength: 1 type: string timeout: - description: Timeout for validation, apply and health checking operations. Defaults to 'Interval' duration. + description: |- + Timeout for validation, apply and health checking operations. + Defaults to 'Interval' duration. pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$ type: string validation: @@ -4560,8 +6248,9 @@ spec: - server type: string wait: - description: Wait instructs the controller to check the health of all the reconciled resources. When enabled, - the HealthChecks are ignored. Defaults to false. + description: |- + Wait instructs the controller to check the health of all the reconciled resources. + When enabled, the HealthChecks are ignored. Defaults to false. type: boolean required: - interval @@ -4575,35 +6264,43 @@ spec: properties: conditions: items: - description: "Condition contains details for one aspect of the current state of this API Resource. --- This - struct is intended for direct use as an array at the field path .status.conditions. For example, \n type - FooStatus struct{ // Represents the observations of a foo's current state. // Known .status.conditions.type - are: \"Available\", \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge // - +listType=map // +listMapKey=type Conditions []metav1.Condition `json:\"conditions,omitempty\" patchStrategy:\"merge\" - patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" + description: "Condition contains details for one aspect of the current + state of this API Resource.\n---\nThis struct is intended for + direct use as an array at the field path .status.conditions. For + example,\n\n\n\ttype FooStatus struct{\n\t // Represents the + observations of a foo's current state.\n\t // Known .status.conditions.type + are: \"Available\", \"Progressing\", and \"Degraded\"\n\t // + +patchMergeKey=type\n\t // +patchStrategy=merge\n\t // +listType=map\n\t + \ // +listMapKey=type\n\t Conditions []metav1.Condition `json:\"conditions,omitempty\" + patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"`\n\n\n\t + \ // other fields\n\t}" properties: lastTransitionTime: - description: lastTransitionTime is the last time the condition transitioned from one status to another. - This should be when the underlying condition changed. If that is not known, then using the time when - the API field changed is acceptable. + description: |- + lastTransitionTime is the last time the condition transitioned from one status to another. + This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. format: date-time type: string message: - description: message is a human readable message indicating details about the transition. This may be - an empty string. + description: |- + message is a human readable message indicating details about the transition. + This may be an empty string. maxLength: 32768 type: string observedGeneration: - description: observedGeneration represents the .metadata.generation that the condition was set based - upon. For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration - is 9, the condition is out of date with respect to the current state of the instance. + description: |- + observedGeneration represents the .metadata.generation that the condition was set based upon. + For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date + with respect to the current state of the instance. format: int64 minimum: 0 type: integer reason: - description: reason contains a programmatic identifier indicating the reason for the condition's last - transition. Producers of specific condition types may define expected values and meanings for this - field, and whether the values are considered a guaranteed API. The value should be a CamelCase string. + description: |- + reason contains a programmatic identifier indicating the reason for the condition's last transition. + Producers of specific condition types may define expected values and meanings for this field, + and whether the values are considered a guaranteed API. + The value should be a CamelCase string. This field may not be empty. maxLength: 1024 minLength: 1 @@ -4617,9 +6314,12 @@ spec: - Unknown type: string type: - description: type of condition in CamelCase or in foo.example.com/CamelCase. --- Many .condition.type - values are consistent across resources like Available, but because arbitrary conditions can be useful - (see .node.status.conditions), the ability to deconflict is important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + description: |- + type of condition in CamelCase or in foo.example.com/CamelCase. + --- + Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be + useful (see .node.status.conditions), the ability to deconflict is important. + The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) maxLength: 316 pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ type: string @@ -4632,20 +6332,23 @@ spec: type: object type: array inventory: - description: Inventory contains the list of Kubernetes resource object references that have been successfully - applied. + description: Inventory contains the list of Kubernetes resource object + references that have been successfully applied. properties: entries: description: Entries of Kubernetes resource object references. items: - description: ResourceRef contains the information necessary to locate a resource within a cluster. + description: ResourceRef contains the information necessary + to locate a resource within a cluster. properties: id: - description: ID is the string representation of the Kubernetes resource object's metadata, in the - format '___'. + description: |- + ID is the string representation of the Kubernetes resource object's metadata, + in the format '___'. type: string v: - description: Version is the API version of the Kubernetes resource object's kind. + description: Version is the API version of the Kubernetes + resource object's kind. type: string required: - id @@ -4656,15 +6359,19 @@ spec: - entries type: object lastAppliedRevision: - description: The last successfully applied revision. Equals the Revision of the applied Artifact from the - referenced Source. + description: |- + The last successfully applied revision. + Equals the Revision of the applied Artifact from the referenced Source. type: string lastAttemptedRevision: - description: LastAttemptedRevision is the revision of the last reconciliation attempt. + description: LastAttemptedRevision is the revision of the last reconciliation + attempt. type: string lastHandledReconcileAt: - description: LastHandledReconcileAt holds the value of the most recent reconcile request value, so a change - of the annotation value can be detected. + description: |- + LastHandledReconcileAt holds the value of the most recent + reconcile request value, so a change of the annotation value + can be detected. type: string observedGeneration: description: ObservedGeneration is the last reconciled generation. @@ -4684,7 +6391,7 @@ metadata: app.kubernetes.io/component: kustomize-controller app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v2.1.1 + app.kubernetes.io/version: v2.3.0 name: kustomize-controller namespace: flux-system --- @@ -4695,7 +6402,7 @@ metadata: app.kubernetes.io/component: kustomize-controller app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v2.1.1 + app.kubernetes.io/version: v2.3.0 control-plane: controller name: kustomize-controller namespace: flux-system @@ -4724,7 +6431,17 @@ spec: valueFrom: fieldRef: fieldPath: metadata.namespace - image: ghcr.io/fluxcd/kustomize-controller:v1.1.0 + - name: GOMAXPROCS + valueFrom: + resourceFieldRef: + containerName: manager + resource: limits.cpu + - name: GOMEMLIMIT + valueFrom: + resourceFieldRef: + containerName: manager + resource: limits.memory + image: ghcr.io/fluxcd/kustomize-controller:v1.3.0 imagePullPolicy: IfNotPresent livenessProbe: httpGet: @@ -4776,12 +6493,12 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.12.0 + controller-gen.kubebuilder.io/version: v0.15.0 labels: app.kubernetes.io/component: helm-controller app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v2.1.1 + app.kubernetes.io/version: v2.3.0 name: helmreleases.helm.toolkit.fluxcd.io spec: group: helm.toolkit.fluxcd.io @@ -4804,18 +6521,25 @@ spec: - jsonPath: .status.conditions[?(@.type=="Ready")].message name: Status type: string - name: v2beta1 + name: v2 schema: openAPIV3Schema: description: HelmRelease is the Schema for the helmreleases API properties: apiVersion: - description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert - recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string kind: - description: 'Kind is a string value representing the REST resource this object represents. Servers may infer - this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string metadata: type: object @@ -4823,46 +6547,66 @@ spec: description: HelmReleaseSpec defines the desired state of a Helm release. properties: chart: - description: Chart defines the template of the v1beta2.HelmChart that should be created for this HelmRelease. + description: |- + Chart defines the template of the v1.HelmChart that should be created + for this HelmRelease. properties: metadata: - description: ObjectMeta holds the template for metadata like labels and annotations. + description: ObjectMeta holds the template for metadata like labels + and annotations. properties: annotations: additionalProperties: type: string - description: 'Annotations is an unstructured key value map stored with a resource that may be set - by external tools to store and retrieve arbitrary metadata. They are not queryable and should be - preserved when modifying objects. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations/' + description: |- + Annotations is an unstructured key value map stored with a resource that may be + set by external tools to store and retrieve arbitrary metadata. They are not + queryable and should be preserved when modifying objects. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations/ type: object labels: additionalProperties: type: string - description: 'Map of string keys and values that can be used to organize and categorize (scope and - select) objects. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/' + description: |- + Map of string keys and values that can be used to organize and categorize + (scope and select) objects. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/ type: object type: object spec: - description: Spec holds the template for the v1beta2.HelmChartSpec for this HelmRelease. + description: Spec holds the template for the v1.HelmChartSpec + for this HelmRelease. properties: chart: - description: The name or path the Helm chart is available at in the SourceRef. + description: The name or path the Helm chart is available + at in the SourceRef. + maxLength: 2048 + minLength: 1 type: string + ignoreMissingValuesFiles: + description: IgnoreMissingValuesFiles controls whether to + silently ignore missing values files rather than failing. + type: boolean interval: - description: Interval at which to check the v1beta2.Source for updates. Defaults to 'HelmReleaseSpec.Interval'. + description: |- + Interval at which to check the v1.Source for updates. Defaults to + 'HelmReleaseSpec.Interval'. pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$ type: string reconcileStrategy: default: ChartVersion - description: Determines what enables the creation of a new artifact. Valid values are ('ChartVersion', - 'Revision'). See the documentation of the values for an explanation on their behavior. Defaults - to ChartVersion when omitted. + description: |- + Determines what enables the creation of a new artifact. Valid values are + ('ChartVersion', 'Revision'). + See the documentation of the values for an explanation on their behavior. + Defaults to ChartVersion when omitted. enum: - ChartVersion - Revision type: string sourceRef: - description: The name and namespace of the v1beta2.Source the chart is available at. + description: The name and namespace of the v1.Source the chart + is available at. properties: apiVersion: description: APIVersion of the referent. @@ -4887,32 +6631,36 @@ spec: required: - name type: object - valuesFile: - description: Alternative values file to use as the default chart values, expected to be a relative - path in the SourceRef. Deprecated in favor of ValuesFiles, for backwards compatibility the file - defined here is merged before the ValuesFiles items. Ignored when omitted. - type: string valuesFiles: - description: Alternative list of values files to use as the chart values (values.yaml is not included - by default), expected to be a relative path in the SourceRef. Values files are merged in the order - of this list with the last file overriding the first. Ignored when omitted. + description: |- + Alternative list of values files to use as the chart values (values.yaml + is not included by default), expected to be a relative path in the SourceRef. + Values files are merged in the order of this list with the last file overriding + the first. Ignored when omitted. items: type: string type: array verify: - description: Verify contains the secret name containing the trusted public keys used to verify the - signature and specifies which provider to use to check whether OCI image is authentic. This field - is only supported for OCI sources. Chart dependencies, which are not bundled in the umbrella chart - artifact, are not verified. + description: |- + Verify contains the secret name containing the trusted public keys + used to verify the signature and specifies which provider to use to check + whether OCI image is authentic. + This field is only supported for OCI sources. + Chart dependencies, which are not bundled in the umbrella chart artifact, + are not verified. properties: provider: default: cosign - description: Provider specifies the technology used to sign the OCI Helm chart. + description: Provider specifies the technology used to + sign the OCI Helm chart. enum: - cosign + - notation type: string secretRef: - description: SecretRef specifies the Kubernetes Secret containing the trusted public keys. + description: |- + SecretRef specifies the Kubernetes Secret containing the + trusted public keys. properties: name: description: Name of the referent. @@ -4925,8 +6673,9 @@ spec: type: object version: default: '*' - description: Version semver expression, ignored for charts from v1beta2.GitRepository and v1beta2.Bucket - sources. Defaults to latest when omitted. + description: |- + Version semver expression, ignored for charts from v1.GitRepository and + v1beta2.Bucket sources. Defaults to latest when omitted. type: string required: - chart @@ -4935,109 +6684,2722 @@ spec: required: - spec type: object + chartRef: + description: |- + ChartRef holds a reference to a source controller resource containing the + Helm chart artifact. + properties: + apiVersion: + description: APIVersion of the referent. + type: string + kind: + description: Kind of the referent. + enum: + - OCIRepository + - HelmChart + type: string + name: + description: Name of the referent. + maxLength: 253 + minLength: 1 + type: string + namespace: + description: |- + Namespace of the referent, defaults to the namespace of the Kubernetes + resource object that contains the reference. + maxLength: 63 + minLength: 1 + type: string + required: + - kind + - name + type: object dependsOn: - description: DependsOn may contain a meta.NamespacedObjectReference slice with references to HelmRelease resources - that must be ready before this HelmRelease can be reconciled. + description: |- + DependsOn may contain a meta.NamespacedObjectReference slice with + references to HelmRelease resources that must be ready before this HelmRelease + can be reconciled. items: - description: NamespacedObjectReference contains enough information to locate the referenced Kubernetes resource - object in any namespace. + description: |- + NamespacedObjectReference contains enough information to locate the referenced Kubernetes resource object in any + namespace. properties: name: description: Name of the referent. type: string namespace: - description: Namespace of the referent, when not specified it acts as LocalObjectReference. + description: Namespace of the referent, when not specified it + acts as LocalObjectReference. type: string required: - name type: object type: array - install: - description: Install holds the configuration for Helm install actions for this HelmRelease. + driftDetection: + description: |- + DriftDetection holds the configuration for detecting and handling + differences between the manifest in the Helm storage and the resources + currently existing in the cluster. + properties: + ignore: + description: |- + Ignore contains a list of rules for specifying which changes to ignore + during diffing. + items: + description: |- + IgnoreRule defines a rule to selectively disregard specific changes during + the drift detection process. + properties: + paths: + description: |- + Paths is a list of JSON Pointer (RFC 6901) paths to be excluded from + consideration in a Kubernetes object. + items: + type: string + type: array + target: + description: |- + Target is a selector for specifying Kubernetes objects to which this + rule applies. + If Target is not set, the Paths will be ignored for all Kubernetes + objects within the manifest of the Helm release. + properties: + annotationSelector: + description: |- + AnnotationSelector is a string that follows the label selection expression + https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#api + It matches with the resource annotations. + type: string + group: + description: |- + Group is the API group to select resources from. + Together with Version and Kind it is capable of unambiguously identifying and/or selecting resources. + https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md + type: string + kind: + description: |- + Kind of the API Group to select resources from. + Together with Group and Version it is capable of unambiguously + identifying and/or selecting resources. + https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md + type: string + labelSelector: + description: |- + LabelSelector is a string that follows the label selection expression + https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#api + It matches with the resource labels. + type: string + name: + description: Name to match resources with. + type: string + namespace: + description: Namespace to select resources from. + type: string + version: + description: |- + Version of the API Group to select resources from. + Together with Group and Kind it is capable of unambiguously identifying and/or selecting resources. + https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md + type: string + type: object + required: + - paths + type: object + type: array + mode: + description: |- + Mode defines how differences should be handled between the Helm manifest + and the manifest currently applied to the cluster. + If not explicitly set, it defaults to DiffModeDisabled. + enum: + - enabled + - warn + - disabled + type: string + type: object + install: + description: Install holds the configuration for Helm install actions + for this HelmRelease. + properties: + crds: + description: |- + CRDs upgrade CRDs from the Helm Chart's crds directory according + to the CRD upgrade policy provided here. Valid values are `Skip`, + `Create` or `CreateReplace`. Default is `Create` and if omitted + CRDs are installed but not updated. + + + Skip: do neither install nor replace (update) any CRDs. + + + Create: new CRDs are created, existing CRDs are neither updated nor deleted. + + + CreateReplace: new CRDs are created, existing CRDs are updated (replaced) + but not deleted. + + + By default, CRDs are applied (installed) during Helm install action. + With this option users can opt in to CRD replace existing CRDs on Helm + install actions, which is not (yet) natively supported by Helm. + https://helm.sh/docs/chart_best_practices/custom_resource_definitions. + enum: + - Skip + - Create + - CreateReplace + type: string + createNamespace: + description: |- + CreateNamespace tells the Helm install action to create the + HelmReleaseSpec.TargetNamespace if it does not exist yet. + On uninstall, the namespace will not be garbage collected. + type: boolean + disableHooks: + description: DisableHooks prevents hooks from running during the + Helm install action. + type: boolean + disableOpenAPIValidation: + description: |- + DisableOpenAPIValidation prevents the Helm install action from validating + rendered templates against the Kubernetes OpenAPI Schema. + type: boolean + disableWait: + description: |- + DisableWait disables the waiting for resources to be ready after a Helm + install has been performed. + type: boolean + disableWaitForJobs: + description: |- + DisableWaitForJobs disables waiting for jobs to complete after a Helm + install has been performed. + type: boolean + remediation: + description: |- + Remediation holds the remediation configuration for when the Helm install + action for the HelmRelease fails. The default is to not perform any action. + properties: + ignoreTestFailures: + description: |- + IgnoreTestFailures tells the controller to skip remediation when the Helm + tests are run after an install action but fail. Defaults to + 'Test.IgnoreFailures'. + type: boolean + remediateLastFailure: + description: |- + RemediateLastFailure tells the controller to remediate the last failure, when + no retries remain. Defaults to 'false'. + type: boolean + retries: + description: |- + Retries is the number of retries that should be attempted on failures before + bailing. Remediation, using an uninstall, is performed between each attempt. + Defaults to '0', a negative integer equals to unlimited retries. + type: integer + type: object + replace: + description: |- + Replace tells the Helm install action to re-use the 'ReleaseName', but only + if that name is a deleted release which remains in the history. + type: boolean + skipCRDs: + description: |- + SkipCRDs tells the Helm install action to not install any CRDs. By default, + CRDs are installed if not already present. + + + Deprecated use CRD policy (`crds`) attribute with value `Skip` instead. + type: boolean + timeout: + description: |- + Timeout is the time to wait for any individual Kubernetes operation (like + Jobs for hooks) during the performance of a Helm install action. Defaults to + 'HelmReleaseSpec.Timeout'. + pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$ + type: string + type: object + interval: + description: Interval at which to reconcile the Helm release. + pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$ + type: string + kubeConfig: + description: |- + KubeConfig for reconciling the HelmRelease on a remote cluster. + When used in combination with HelmReleaseSpec.ServiceAccountName, + forces the controller to act on behalf of that Service Account at the + target cluster. + If the --default-service-account flag is set, its value will be used as + a controller level fallback for when HelmReleaseSpec.ServiceAccountName + is empty. + properties: + secretRef: + description: |- + SecretRef holds the name of a secret that contains a key with + the kubeconfig file as the value. If no key is set, the key will default + to 'value'. + It is recommended that the kubeconfig is self-contained, and the secret + is regularly updated if credentials such as a cloud-access-token expire. + Cloud specific `cmd-path` auth helpers will not function without adding + binaries and credentials to the Pod that is responsible for reconciling + Kubernetes resources. + properties: + key: + description: Key in the Secret, when not specified an implementation-specific + default key is used. + type: string + name: + description: Name of the Secret. + type: string + required: + - name + type: object + required: + - secretRef + type: object + maxHistory: + description: |- + MaxHistory is the number of revisions saved by Helm for this HelmRelease. + Use '0' for an unlimited number of revisions; defaults to '5'. + type: integer + persistentClient: + description: |- + PersistentClient tells the controller to use a persistent Kubernetes + client for this release. When enabled, the client will be reused for the + duration of the reconciliation, instead of being created and destroyed + for each (step of a) Helm action. + + + This can improve performance, but may cause issues with some Helm charts + that for example do create Custom Resource Definitions during installation + outside Helm's CRD lifecycle hooks, which are then not observed to be + available by e.g. post-install hooks. + + + If not set, it defaults to true. + type: boolean + postRenderers: + description: |- + PostRenderers holds an array of Helm PostRenderers, which will be applied in order + of their definition. + items: + description: PostRenderer contains a Helm PostRenderer specification. + properties: + kustomize: + description: Kustomization to apply as PostRenderer. + properties: + images: + description: |- + Images is a list of (image name, new name, new tag or digest) + for changing image names, tags or digests. This can also be achieved with a + patch, but this operator is simpler to specify. + items: + description: Image contains an image name, a new name, + a new tag or digest, which will replace the original + name and tag. + properties: + digest: + description: |- + Digest is the value used to replace the original image tag. + If digest is present NewTag value is ignored. + type: string + name: + description: Name is a tag-less image name. + type: string + newName: + description: NewName is the value used to replace + the original name. + type: string + newTag: + description: NewTag is the value used to replace the + original tag. + type: string + required: + - name + type: object + type: array + patches: + description: |- + Strategic merge and JSON patches, defined as inline YAML objects, + capable of targeting objects based on kind, label and annotation selectors. + items: + description: |- + Patch contains an inline StrategicMerge or JSON6902 patch, and the target the patch should + be applied to. + properties: + patch: + description: |- + Patch contains an inline StrategicMerge patch or an inline JSON6902 patch with + an array of operation objects. + type: string + target: + description: Target points to the resources that the + patch document should be applied to. + properties: + annotationSelector: + description: |- + AnnotationSelector is a string that follows the label selection expression + https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#api + It matches with the resource annotations. + type: string + group: + description: |- + Group is the API group to select resources from. + Together with Version and Kind it is capable of unambiguously identifying and/or selecting resources. + https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md + type: string + kind: + description: |- + Kind of the API Group to select resources from. + Together with Group and Version it is capable of unambiguously + identifying and/or selecting resources. + https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md + type: string + labelSelector: + description: |- + LabelSelector is a string that follows the label selection expression + https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#api + It matches with the resource labels. + type: string + name: + description: Name to match resources with. + type: string + namespace: + description: Namespace to select resources from. + type: string + version: + description: |- + Version of the API Group to select resources from. + Together with Group and Kind it is capable of unambiguously identifying and/or selecting resources. + https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md + type: string + type: object + required: + - patch + type: object + type: array + type: object + type: object + type: array + releaseName: + description: |- + ReleaseName used for the Helm release. Defaults to a composition of + '[TargetNamespace-]Name'. + maxLength: 53 + minLength: 1 + type: string + rollback: + description: Rollback holds the configuration for Helm rollback actions + for this HelmRelease. + properties: + cleanupOnFail: + description: |- + CleanupOnFail allows deletion of new resources created during the Helm + rollback action when it fails. + type: boolean + disableHooks: + description: DisableHooks prevents hooks from running during the + Helm rollback action. + type: boolean + disableWait: + description: |- + DisableWait disables the waiting for resources to be ready after a Helm + rollback has been performed. + type: boolean + disableWaitForJobs: + description: |- + DisableWaitForJobs disables waiting for jobs to complete after a Helm + rollback has been performed. + type: boolean + force: + description: Force forces resource updates through a replacement + strategy. + type: boolean + recreate: + description: Recreate performs pod restarts for the resource if + applicable. + type: boolean + timeout: + description: |- + Timeout is the time to wait for any individual Kubernetes operation (like + Jobs for hooks) during the performance of a Helm rollback action. Defaults to + 'HelmReleaseSpec.Timeout'. + pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$ + type: string + type: object + serviceAccountName: + description: |- + The name of the Kubernetes service account to impersonate + when reconciling this HelmRelease. + maxLength: 253 + minLength: 1 + type: string + storageNamespace: + description: |- + StorageNamespace used for the Helm storage. + Defaults to the namespace of the HelmRelease. + maxLength: 63 + minLength: 1 + type: string + suspend: + description: |- + Suspend tells the controller to suspend reconciliation for this HelmRelease, + it does not apply to already started reconciliations. Defaults to false. + type: boolean + targetNamespace: + description: |- + TargetNamespace to target when performing operations for the HelmRelease. + Defaults to the namespace of the HelmRelease. + maxLength: 63 + minLength: 1 + type: string + test: + description: Test holds the configuration for Helm test actions for + this HelmRelease. + properties: + enable: + description: |- + Enable enables Helm test actions for this HelmRelease after an Helm install + or upgrade action has been performed. + type: boolean + filters: + description: Filters is a list of tests to run or exclude from + running. + items: + description: Filter holds the configuration for individual Helm + test filters. + properties: + exclude: + description: Exclude specifies whether the named test should + be excluded. + type: boolean + name: + description: Name is the name of the test. + maxLength: 253 + minLength: 1 + type: string + required: + - name + type: object + type: array + ignoreFailures: + description: |- + IgnoreFailures tells the controller to skip remediation when the Helm tests + are run but fail. Can be overwritten for tests run after install or upgrade + actions in 'Install.IgnoreTestFailures' and 'Upgrade.IgnoreTestFailures'. + type: boolean + timeout: + description: |- + Timeout is the time to wait for any individual Kubernetes operation during + the performance of a Helm test action. Defaults to 'HelmReleaseSpec.Timeout'. + pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$ + type: string + type: object + timeout: + description: |- + Timeout is the time to wait for any individual Kubernetes operation (like Jobs + for hooks) during the performance of a Helm action. Defaults to '5m0s'. + pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$ + type: string + uninstall: + description: Uninstall holds the configuration for Helm uninstall + actions for this HelmRelease. + properties: + deletionPropagation: + default: background + description: |- + DeletionPropagation specifies the deletion propagation policy when + a Helm uninstall is performed. + enum: + - background + - foreground + - orphan + type: string + disableHooks: + description: DisableHooks prevents hooks from running during the + Helm rollback action. + type: boolean + disableWait: + description: |- + DisableWait disables waiting for all the resources to be deleted after + a Helm uninstall is performed. + type: boolean + keepHistory: + description: |- + KeepHistory tells Helm to remove all associated resources and mark the + release as deleted, but retain the release history. + type: boolean + timeout: + description: |- + Timeout is the time to wait for any individual Kubernetes operation (like + Jobs for hooks) during the performance of a Helm uninstall action. Defaults + to 'HelmReleaseSpec.Timeout'. + pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$ + type: string + type: object + upgrade: + description: Upgrade holds the configuration for Helm upgrade actions + for this HelmRelease. + properties: + cleanupOnFail: + description: |- + CleanupOnFail allows deletion of new resources created during the Helm + upgrade action when it fails. + type: boolean + crds: + description: |- + CRDs upgrade CRDs from the Helm Chart's crds directory according + to the CRD upgrade policy provided here. Valid values are `Skip`, + `Create` or `CreateReplace`. Default is `Skip` and if omitted + CRDs are neither installed nor upgraded. + + + Skip: do neither install nor replace (update) any CRDs. + + + Create: new CRDs are created, existing CRDs are neither updated nor deleted. + + + CreateReplace: new CRDs are created, existing CRDs are updated (replaced) + but not deleted. + + + By default, CRDs are not applied during Helm upgrade action. With this + option users can opt-in to CRD upgrade, which is not (yet) natively supported by Helm. + https://helm.sh/docs/chart_best_practices/custom_resource_definitions. + enum: + - Skip + - Create + - CreateReplace + type: string + disableHooks: + description: DisableHooks prevents hooks from running during the + Helm upgrade action. + type: boolean + disableOpenAPIValidation: + description: |- + DisableOpenAPIValidation prevents the Helm upgrade action from validating + rendered templates against the Kubernetes OpenAPI Schema. + type: boolean + disableWait: + description: |- + DisableWait disables the waiting for resources to be ready after a Helm + upgrade has been performed. + type: boolean + disableWaitForJobs: + description: |- + DisableWaitForJobs disables waiting for jobs to complete after a Helm + upgrade has been performed. + type: boolean + force: + description: Force forces resource updates through a replacement + strategy. + type: boolean + preserveValues: + description: |- + PreserveValues will make Helm reuse the last release's values and merge in + overrides from 'Values'. Setting this flag makes the HelmRelease + non-declarative. + type: boolean + remediation: + description: |- + Remediation holds the remediation configuration for when the Helm upgrade + action for the HelmRelease fails. The default is to not perform any action. + properties: + ignoreTestFailures: + description: |- + IgnoreTestFailures tells the controller to skip remediation when the Helm + tests are run after an upgrade action but fail. + Defaults to 'Test.IgnoreFailures'. + type: boolean + remediateLastFailure: + description: |- + RemediateLastFailure tells the controller to remediate the last failure, when + no retries remain. Defaults to 'false' unless 'Retries' is greater than 0. + type: boolean + retries: + description: |- + Retries is the number of retries that should be attempted on failures before + bailing. Remediation, using 'Strategy', is performed between each attempt. + Defaults to '0', a negative integer equals to unlimited retries. + type: integer + strategy: + description: Strategy to use for failure remediation. Defaults + to 'rollback'. + enum: + - rollback + - uninstall + type: string + type: object + timeout: + description: |- + Timeout is the time to wait for any individual Kubernetes operation (like + Jobs for hooks) during the performance of a Helm upgrade action. Defaults to + 'HelmReleaseSpec.Timeout'. + pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$ + type: string + type: object + values: + description: Values holds the values for this Helm release. + x-kubernetes-preserve-unknown-fields: true + valuesFrom: + description: |- + ValuesFrom holds references to resources containing Helm values for this HelmRelease, + and information about how they should be merged. + items: + description: |- + ValuesReference contains a reference to a resource containing Helm values, + and optionally the key they can be found at. + properties: + kind: + description: Kind of the values referent, valid values are ('Secret', + 'ConfigMap'). + enum: + - Secret + - ConfigMap + type: string + name: + description: |- + Name of the values referent. Should reside in the same namespace as the + referring resource. + maxLength: 253 + minLength: 1 + type: string + optional: + description: |- + Optional marks this ValuesReference as optional. When set, a not found error + for the values reference is ignored, but any ValuesKey, TargetPath or + transient error will still result in a reconciliation failure. + type: boolean + targetPath: + description: |- + TargetPath is the YAML dot notation path the value should be merged at. When + set, the ValuesKey is expected to be a single flat value. Defaults to 'None', + which results in the values getting merged at the root. + maxLength: 250 + pattern: ^([a-zA-Z0-9_\-.\\\/]|\[[0-9]{1,5}\])+$ + type: string + valuesKey: + description: |- + ValuesKey is the data key where the values.yaml or a specific value can be + found at. Defaults to 'values.yaml'. + maxLength: 253 + pattern: ^[\-._a-zA-Z0-9]+$ + type: string + required: + - kind + - name + type: object + type: array + required: + - interval + type: object + x-kubernetes-validations: + - message: either chart or chartRef must be set + rule: (has(self.chart) && !has(self.chartRef)) || (!has(self.chart) + && has(self.chartRef)) + status: + default: + observedGeneration: -1 + description: HelmReleaseStatus defines the observed state of a HelmRelease. + properties: + conditions: + description: Conditions holds the conditions for the HelmRelease. + items: + description: "Condition contains details for one aspect of the current + state of this API Resource.\n---\nThis struct is intended for + direct use as an array at the field path .status.conditions. For + example,\n\n\n\ttype FooStatus struct{\n\t // Represents the + observations of a foo's current state.\n\t // Known .status.conditions.type + are: \"Available\", \"Progressing\", and \"Degraded\"\n\t // + +patchMergeKey=type\n\t // +patchStrategy=merge\n\t // +listType=map\n\t + \ // +listMapKey=type\n\t Conditions []metav1.Condition `json:\"conditions,omitempty\" + patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"`\n\n\n\t + \ // other fields\n\t}" + properties: + lastTransitionTime: + description: |- + lastTransitionTime is the last time the condition transitioned from one status to another. + This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. + format: date-time + type: string + message: + description: |- + message is a human readable message indicating details about the transition. + This may be an empty string. + maxLength: 32768 + type: string + observedGeneration: + description: |- + observedGeneration represents the .metadata.generation that the condition was set based upon. + For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date + with respect to the current state of the instance. + format: int64 + minimum: 0 + type: integer + reason: + description: |- + reason contains a programmatic identifier indicating the reason for the condition's last transition. + Producers of specific condition types may define expected values and meanings for this field, + and whether the values are considered a guaranteed API. + The value should be a CamelCase string. + This field may not be empty. + maxLength: 1024 + minLength: 1 + pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ + type: string + status: + description: status of the condition, one of True, False, Unknown. + enum: + - "True" + - "False" + - Unknown + type: string + type: + description: |- + type of condition in CamelCase or in foo.example.com/CamelCase. + --- + Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be + useful (see .node.status.conditions), the ability to deconflict is important. + The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + maxLength: 316 + pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ + type: string + required: + - lastTransitionTime + - message + - reason + - status + - type + type: object + type: array + failures: + description: |- + Failures is the reconciliation failure count against the latest desired + state. It is reset after a successful reconciliation. + format: int64 + type: integer + helmChart: + description: |- + HelmChart is the namespaced name of the HelmChart resource created by + the controller for the HelmRelease. + type: string + history: + description: |- + History holds the history of Helm releases performed for this HelmRelease + up to the last successfully completed release. + items: + description: |- + Snapshot captures a point-in-time copy of the status information for a Helm release, + as managed by the controller. + properties: + apiVersion: + description: |- + APIVersion is the API version of the Snapshot. + Provisional: when the calculation method of the Digest field is changed, + this field will be used to distinguish between the old and new methods. + type: string + appVersion: + description: AppVersion is the chart app version of the release + object in storage. + type: string + chartName: + description: ChartName is the chart name of the release object + in storage. + type: string + chartVersion: + description: |- + ChartVersion is the chart version of the release object in + storage. + type: string + configDigest: + description: |- + ConfigDigest is the checksum of the config (better known as + "values") of the release object in storage. + It has the format of `:`. + type: string + deleted: + description: Deleted is when the release was deleted. + format: date-time + type: string + digest: + description: |- + Digest is the checksum of the release object in storage. + It has the format of `:`. + type: string + firstDeployed: + description: FirstDeployed is when the release was first deployed. + format: date-time + type: string + lastDeployed: + description: LastDeployed is when the release was last deployed. + format: date-time + type: string + name: + description: Name is the name of the release. + type: string + namespace: + description: Namespace is the namespace the release is deployed + to. + type: string + ociDigest: + description: OCIDigest is the digest of the OCI artifact associated + with the release. + type: string + status: + description: Status is the current state of the release. + type: string + testHooks: + additionalProperties: + description: |- + TestHookStatus holds the status information for a test hook as observed + to be run by the controller. + properties: + lastCompleted: + description: LastCompleted is the time the test hook last + completed. + format: date-time + type: string + lastStarted: + description: LastStarted is the time the test hook was + last started. + format: date-time + type: string + phase: + description: Phase the test hook was observed to be in. + type: string + type: object + description: |- + TestHooks is the list of test hooks for the release as observed to be + run by the controller. + type: object + version: + description: Version is the version of the release object in + storage. + type: integer + required: + - chartName + - chartVersion + - configDigest + - digest + - firstDeployed + - lastDeployed + - name + - namespace + - status + - version + type: object + type: array + installFailures: + description: |- + InstallFailures is the install failure count against the latest desired + state. It is reset after a successful reconciliation. + format: int64 + type: integer + lastAttemptedConfigDigest: + description: |- + LastAttemptedConfigDigest is the digest for the config (better known as + "values") of the last reconciliation attempt. + type: string + lastAttemptedGeneration: + description: |- + LastAttemptedGeneration is the last generation the controller attempted + to reconcile. + format: int64 + type: integer + lastAttemptedReleaseAction: + description: |- + LastAttemptedReleaseAction is the last release action performed for this + HelmRelease. It is used to determine the active remediation strategy. + enum: + - install + - upgrade + type: string + lastAttemptedRevision: + description: |- + LastAttemptedRevision is the Source revision of the last reconciliation + attempt. For OCIRepository sources, the 12 first characters of the digest are + appended to the chart version e.g. "1.2.3+1234567890ab". + type: string + lastAttemptedRevisionDigest: + description: |- + LastAttemptedRevisionDigest is the digest of the last reconciliation attempt. + This is only set for OCIRepository sources. + type: string + lastAttemptedValuesChecksum: + description: |- + LastAttemptedValuesChecksum is the SHA1 checksum for the values of the last + reconciliation attempt. + Deprecated: Use LastAttemptedConfigDigest instead. + type: string + lastHandledForceAt: + description: |- + LastHandledForceAt holds the value of the most recent force request + value, so a change of the annotation value can be detected. + type: string + lastHandledReconcileAt: + description: |- + LastHandledReconcileAt holds the value of the most recent + reconcile request value, so a change of the annotation value + can be detected. + type: string + lastHandledResetAt: + description: |- + LastHandledResetAt holds the value of the most recent reset request + value, so a change of the annotation value can be detected. + type: string + lastReleaseRevision: + description: |- + LastReleaseRevision is the revision of the last successful Helm release. + Deprecated: Use History instead. + type: integer + observedGeneration: + description: ObservedGeneration is the last observed generation. + format: int64 + type: integer + observedPostRenderersDigest: + description: |- + ObservedPostRenderersDigest is the digest for the post-renderers of + the last successful reconciliation attempt. + type: string + storageNamespace: + description: |- + StorageNamespace is the namespace of the Helm release storage for the + current release. + maxLength: 63 + minLength: 1 + type: string + upgradeFailures: + description: |- + UpgradeFailures is the upgrade failure count against the latest desired + state. It is reset after a successful reconciliation. + format: int64 + type: integer + type: object + type: object + served: true + storage: true + subresources: + status: {} + - additionalPrinterColumns: + - jsonPath: .metadata.creationTimestamp + name: Age + type: date + - jsonPath: .status.conditions[?(@.type=="Ready")].status + name: Ready + type: string + - jsonPath: .status.conditions[?(@.type=="Ready")].message + name: Status + type: string + deprecated: true + deprecationWarning: v2beta1 HelmRelease is deprecated, upgrade to v2 + name: v2beta1 + schema: + openAPIV3Schema: + description: HelmRelease is the Schema for the helmreleases API + properties: + apiVersion: + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources + type: string + kind: + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds + type: string + metadata: + type: object + spec: + description: HelmReleaseSpec defines the desired state of a Helm release. + properties: + chart: + description: |- + Chart defines the template of the v1beta2.HelmChart that should be created + for this HelmRelease. + properties: + metadata: + description: ObjectMeta holds the template for metadata like labels + and annotations. + properties: + annotations: + additionalProperties: + type: string + description: |- + Annotations is an unstructured key value map stored with a resource that may be + set by external tools to store and retrieve arbitrary metadata. They are not + queryable and should be preserved when modifying objects. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations/ + type: object + labels: + additionalProperties: + type: string + description: |- + Map of string keys and values that can be used to organize and categorize + (scope and select) objects. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/ + type: object + type: object + spec: + description: Spec holds the template for the v1beta2.HelmChartSpec + for this HelmRelease. + properties: + chart: + description: The name or path the Helm chart is available + at in the SourceRef. + type: string + interval: + description: |- + Interval at which to check the v1beta2.Source for updates. Defaults to + 'HelmReleaseSpec.Interval'. + pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$ + type: string + reconcileStrategy: + default: ChartVersion + description: |- + Determines what enables the creation of a new artifact. Valid values are + ('ChartVersion', 'Revision'). + See the documentation of the values for an explanation on their behavior. + Defaults to ChartVersion when omitted. + enum: + - ChartVersion + - Revision + type: string + sourceRef: + description: The name and namespace of the v1beta2.Source + the chart is available at. + properties: + apiVersion: + description: APIVersion of the referent. + type: string + kind: + description: Kind of the referent. + enum: + - HelmRepository + - GitRepository + - Bucket + type: string + name: + description: Name of the referent. + maxLength: 253 + minLength: 1 + type: string + namespace: + description: Namespace of the referent. + maxLength: 63 + minLength: 1 + type: string + required: + - name + type: object + valuesFile: + description: |- + Alternative values file to use as the default chart values, expected to + be a relative path in the SourceRef. Deprecated in favor of ValuesFiles, + for backwards compatibility the file defined here is merged before the + ValuesFiles items. Ignored when omitted. + type: string + valuesFiles: + description: |- + Alternative list of values files to use as the chart values (values.yaml + is not included by default), expected to be a relative path in the SourceRef. + Values files are merged in the order of this list with the last file overriding + the first. Ignored when omitted. + items: + type: string + type: array + verify: + description: |- + Verify contains the secret name containing the trusted public keys + used to verify the signature and specifies which provider to use to check + whether OCI image is authentic. + This field is only supported for OCI sources. + Chart dependencies, which are not bundled in the umbrella chart artifact, are not verified. + properties: + provider: + default: cosign + description: Provider specifies the technology used to + sign the OCI Helm chart. + enum: + - cosign + type: string + secretRef: + description: |- + SecretRef specifies the Kubernetes Secret containing the + trusted public keys. + properties: + name: + description: Name of the referent. + type: string + required: + - name + type: object + required: + - provider + type: object + version: + default: '*' + description: |- + Version semver expression, ignored for charts from v1beta2.GitRepository and + v1beta2.Bucket sources. Defaults to latest when omitted. + type: string + required: + - chart + - sourceRef + type: object + required: + - spec + type: object + chartRef: + description: |- + ChartRef holds a reference to a source controller resource containing the + Helm chart artifact. + + + Note: this field is provisional to the v2 API, and not actively used + by v2beta1 HelmReleases. + properties: + apiVersion: + description: APIVersion of the referent. + type: string + kind: + description: Kind of the referent. + enum: + - OCIRepository + - HelmChart + type: string + name: + description: Name of the referent. + maxLength: 253 + minLength: 1 + type: string + namespace: + description: |- + Namespace of the referent, defaults to the namespace of the Kubernetes + resource object that contains the reference. + maxLength: 63 + minLength: 1 + type: string + required: + - kind + - name + type: object + dependsOn: + description: |- + DependsOn may contain a meta.NamespacedObjectReference slice with + references to HelmRelease resources that must be ready before this HelmRelease + can be reconciled. + items: + description: |- + NamespacedObjectReference contains enough information to locate the referenced Kubernetes resource object in any + namespace. + properties: + name: + description: Name of the referent. + type: string + namespace: + description: Namespace of the referent, when not specified it + acts as LocalObjectReference. + type: string + required: + - name + type: object + type: array + driftDetection: + description: |- + DriftDetection holds the configuration for detecting and handling + differences between the manifest in the Helm storage and the resources + currently existing in the cluster. + + + Note: this field is provisional to the v2beta2 API, and not actively used + by v2beta1 HelmReleases. + properties: + ignore: + description: |- + Ignore contains a list of rules for specifying which changes to ignore + during diffing. + items: + description: |- + IgnoreRule defines a rule to selectively disregard specific changes during + the drift detection process. + properties: + paths: + description: |- + Paths is a list of JSON Pointer (RFC 6901) paths to be excluded from + consideration in a Kubernetes object. + items: + type: string + type: array + target: + description: |- + Target is a selector for specifying Kubernetes objects to which this + rule applies. + If Target is not set, the Paths will be ignored for all Kubernetes + objects within the manifest of the Helm release. + properties: + annotationSelector: + description: |- + AnnotationSelector is a string that follows the label selection expression + https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#api + It matches with the resource annotations. + type: string + group: + description: |- + Group is the API group to select resources from. + Together with Version and Kind it is capable of unambiguously identifying and/or selecting resources. + https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md + type: string + kind: + description: |- + Kind of the API Group to select resources from. + Together with Group and Version it is capable of unambiguously + identifying and/or selecting resources. + https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md + type: string + labelSelector: + description: |- + LabelSelector is a string that follows the label selection expression + https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#api + It matches with the resource labels. + type: string + name: + description: Name to match resources with. + type: string + namespace: + description: Namespace to select resources from. + type: string + version: + description: |- + Version of the API Group to select resources from. + Together with Group and Kind it is capable of unambiguously identifying and/or selecting resources. + https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md + type: string + type: object + required: + - paths + type: object + type: array + mode: + description: |- + Mode defines how differences should be handled between the Helm manifest + and the manifest currently applied to the cluster. + If not explicitly set, it defaults to DiffModeDisabled. + enum: + - enabled + - warn + - disabled + type: string + type: object + install: + description: Install holds the configuration for Helm install actions + for this HelmRelease. + properties: + crds: + description: |- + CRDs upgrade CRDs from the Helm Chart's crds directory according + to the CRD upgrade policy provided here. Valid values are `Skip`, + `Create` or `CreateReplace`. Default is `Create` and if omitted + CRDs are installed but not updated. + + + Skip: do neither install nor replace (update) any CRDs. + + + Create: new CRDs are created, existing CRDs are neither updated nor deleted. + + + CreateReplace: new CRDs are created, existing CRDs are updated (replaced) + but not deleted. + + + By default, CRDs are applied (installed) during Helm install action. + With this option users can opt-in to CRD replace existing CRDs on Helm + install actions, which is not (yet) natively supported by Helm. + https://helm.sh/docs/chart_best_practices/custom_resource_definitions. + enum: + - Skip + - Create + - CreateReplace + type: string + createNamespace: + description: |- + CreateNamespace tells the Helm install action to create the + HelmReleaseSpec.TargetNamespace if it does not exist yet. + On uninstall, the namespace will not be garbage collected. + type: boolean + disableHooks: + description: DisableHooks prevents hooks from running during the + Helm install action. + type: boolean + disableOpenAPIValidation: + description: |- + DisableOpenAPIValidation prevents the Helm install action from validating + rendered templates against the Kubernetes OpenAPI Schema. + type: boolean + disableWait: + description: |- + DisableWait disables the waiting for resources to be ready after a Helm + install has been performed. + type: boolean + disableWaitForJobs: + description: |- + DisableWaitForJobs disables waiting for jobs to complete after a Helm + install has been performed. + type: boolean + remediation: + description: |- + Remediation holds the remediation configuration for when the Helm install + action for the HelmRelease fails. The default is to not perform any action. + properties: + ignoreTestFailures: + description: |- + IgnoreTestFailures tells the controller to skip remediation when the Helm + tests are run after an install action but fail. Defaults to + 'Test.IgnoreFailures'. + type: boolean + remediateLastFailure: + description: |- + RemediateLastFailure tells the controller to remediate the last failure, when + no retries remain. Defaults to 'false'. + type: boolean + retries: + description: |- + Retries is the number of retries that should be attempted on failures before + bailing. Remediation, using an uninstall, is performed between each attempt. + Defaults to '0', a negative integer equals to unlimited retries. + type: integer + type: object + replace: + description: |- + Replace tells the Helm install action to re-use the 'ReleaseName', but only + if that name is a deleted release which remains in the history. + type: boolean + skipCRDs: + description: |- + SkipCRDs tells the Helm install action to not install any CRDs. By default, + CRDs are installed if not already present. + + + Deprecated use CRD policy (`crds`) attribute with value `Skip` instead. + type: boolean + timeout: + description: |- + Timeout is the time to wait for any individual Kubernetes operation (like + Jobs for hooks) during the performance of a Helm install action. Defaults to + 'HelmReleaseSpec.Timeout'. + pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$ + type: string + type: object + interval: + description: |- + Interval at which to reconcile the Helm release. + This interval is approximate and may be subject to jitter to ensure + efficient use of resources. + pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$ + type: string + kubeConfig: + description: |- + KubeConfig for reconciling the HelmRelease on a remote cluster. + When used in combination with HelmReleaseSpec.ServiceAccountName, + forces the controller to act on behalf of that Service Account at the + target cluster. + If the --default-service-account flag is set, its value will be used as + a controller level fallback for when HelmReleaseSpec.ServiceAccountName + is empty. + properties: + secretRef: + description: |- + SecretRef holds the name of a secret that contains a key with + the kubeconfig file as the value. If no key is set, the key will default + to 'value'. + It is recommended that the kubeconfig is self-contained, and the secret + is regularly updated if credentials such as a cloud-access-token expire. + Cloud specific `cmd-path` auth helpers will not function without adding + binaries and credentials to the Pod that is responsible for reconciling + Kubernetes resources. + properties: + key: + description: Key in the Secret, when not specified an implementation-specific + default key is used. + type: string + name: + description: Name of the Secret. + type: string + required: + - name + type: object + required: + - secretRef + type: object + maxHistory: + description: |- + MaxHistory is the number of revisions saved by Helm for this HelmRelease. + Use '0' for an unlimited number of revisions; defaults to '10'. + type: integer + persistentClient: + description: |- + PersistentClient tells the controller to use a persistent Kubernetes + client for this release. When enabled, the client will be reused for the + duration of the reconciliation, instead of being created and destroyed + for each (step of a) Helm action. + + + This can improve performance, but may cause issues with some Helm charts + that for example do create Custom Resource Definitions during installation + outside Helm's CRD lifecycle hooks, which are then not observed to be + available by e.g. post-install hooks. + + + If not set, it defaults to true. + type: boolean + postRenderers: + description: |- + PostRenderers holds an array of Helm PostRenderers, which will be applied in order + of their definition. + items: + description: PostRenderer contains a Helm PostRenderer specification. + properties: + kustomize: + description: Kustomization to apply as PostRenderer. + properties: + images: + description: |- + Images is a list of (image name, new name, new tag or digest) + for changing image names, tags or digests. This can also be achieved with a + patch, but this operator is simpler to specify. + items: + description: Image contains an image name, a new name, + a new tag or digest, which will replace the original + name and tag. + properties: + digest: + description: |- + Digest is the value used to replace the original image tag. + If digest is present NewTag value is ignored. + type: string + name: + description: Name is a tag-less image name. + type: string + newName: + description: NewName is the value used to replace + the original name. + type: string + newTag: + description: NewTag is the value used to replace the + original tag. + type: string + required: + - name + type: object + type: array + patches: + description: |- + Strategic merge and JSON patches, defined as inline YAML objects, + capable of targeting objects based on kind, label and annotation selectors. + items: + description: |- + Patch contains an inline StrategicMerge or JSON6902 patch, and the target the patch should + be applied to. + properties: + patch: + description: |- + Patch contains an inline StrategicMerge patch or an inline JSON6902 patch with + an array of operation objects. + type: string + target: + description: Target points to the resources that the + patch document should be applied to. + properties: + annotationSelector: + description: |- + AnnotationSelector is a string that follows the label selection expression + https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#api + It matches with the resource annotations. + type: string + group: + description: |- + Group is the API group to select resources from. + Together with Version and Kind it is capable of unambiguously identifying and/or selecting resources. + https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md + type: string + kind: + description: |- + Kind of the API Group to select resources from. + Together with Group and Version it is capable of unambiguously + identifying and/or selecting resources. + https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md + type: string + labelSelector: + description: |- + LabelSelector is a string that follows the label selection expression + https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#api + It matches with the resource labels. + type: string + name: + description: Name to match resources with. + type: string + namespace: + description: Namespace to select resources from. + type: string + version: + description: |- + Version of the API Group to select resources from. + Together with Group and Kind it is capable of unambiguously identifying and/or selecting resources. + https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md + type: string + type: object + required: + - patch + type: object + type: array + patchesJson6902: + description: JSON 6902 patches, defined as inline YAML objects. + items: + description: JSON6902Patch contains a JSON6902 patch and + the target the patch should be applied to. + properties: + patch: + description: Patch contains the JSON6902 patch document + with an array of operation objects. + items: + description: |- + JSON6902 is a JSON6902 operation object. + https://datatracker.ietf.org/doc/html/rfc6902#section-4 + properties: + from: + description: |- + From contains a JSON-pointer value that references a location within the target document where the operation is + performed. The meaning of the value depends on the value of Op, and is NOT taken into account by all operations. + type: string + op: + description: |- + Op indicates the operation to perform. Its value MUST be one of "add", "remove", "replace", "move", "copy", or + "test". + https://datatracker.ietf.org/doc/html/rfc6902#section-4 + enum: + - test + - remove + - add + - replace + - move + - copy + type: string + path: + description: |- + Path contains the JSON-pointer value that references a location within the target document where the operation + is performed. The meaning of the value depends on the value of Op. + type: string + value: + description: |- + Value contains a valid JSON structure. The meaning of the value depends on the value of Op, and is NOT taken into + account by all operations. + x-kubernetes-preserve-unknown-fields: true + required: + - op + - path + type: object + type: array + target: + description: Target points to the resources that the + patch document should be applied to. + properties: + annotationSelector: + description: |- + AnnotationSelector is a string that follows the label selection expression + https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#api + It matches with the resource annotations. + type: string + group: + description: |- + Group is the API group to select resources from. + Together with Version and Kind it is capable of unambiguously identifying and/or selecting resources. + https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md + type: string + kind: + description: |- + Kind of the API Group to select resources from. + Together with Group and Version it is capable of unambiguously + identifying and/or selecting resources. + https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md + type: string + labelSelector: + description: |- + LabelSelector is a string that follows the label selection expression + https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#api + It matches with the resource labels. + type: string + name: + description: Name to match resources with. + type: string + namespace: + description: Namespace to select resources from. + type: string + version: + description: |- + Version of the API Group to select resources from. + Together with Group and Kind it is capable of unambiguously identifying and/or selecting resources. + https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md + type: string + type: object + required: + - patch + - target + type: object + type: array + patchesStrategicMerge: + description: Strategic merge patches, defined as inline + YAML objects. + items: + x-kubernetes-preserve-unknown-fields: true + type: array + type: object + type: object + type: array + releaseName: + description: |- + ReleaseName used for the Helm release. Defaults to a composition of + '[TargetNamespace-]Name'. + maxLength: 53 + minLength: 1 + type: string + rollback: + description: Rollback holds the configuration for Helm rollback actions + for this HelmRelease. + properties: + cleanupOnFail: + description: |- + CleanupOnFail allows deletion of new resources created during the Helm + rollback action when it fails. + type: boolean + disableHooks: + description: DisableHooks prevents hooks from running during the + Helm rollback action. + type: boolean + disableWait: + description: |- + DisableWait disables the waiting for resources to be ready after a Helm + rollback has been performed. + type: boolean + disableWaitForJobs: + description: |- + DisableWaitForJobs disables waiting for jobs to complete after a Helm + rollback has been performed. + type: boolean + force: + description: Force forces resource updates through a replacement + strategy. + type: boolean + recreate: + description: Recreate performs pod restarts for the resource if + applicable. + type: boolean + timeout: + description: |- + Timeout is the time to wait for any individual Kubernetes operation (like + Jobs for hooks) during the performance of a Helm rollback action. Defaults to + 'HelmReleaseSpec.Timeout'. + pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$ + type: string + type: object + serviceAccountName: + description: |- + The name of the Kubernetes service account to impersonate + when reconciling this HelmRelease. + type: string + storageNamespace: + description: |- + StorageNamespace used for the Helm storage. + Defaults to the namespace of the HelmRelease. + maxLength: 63 + minLength: 1 + type: string + suspend: + description: |- + Suspend tells the controller to suspend reconciliation for this HelmRelease, + it does not apply to already started reconciliations. Defaults to false. + type: boolean + targetNamespace: + description: |- + TargetNamespace to target when performing operations for the HelmRelease. + Defaults to the namespace of the HelmRelease. + maxLength: 63 + minLength: 1 + type: string + test: + description: Test holds the configuration for Helm test actions for + this HelmRelease. + properties: + enable: + description: |- + Enable enables Helm test actions for this HelmRelease after an Helm install + or upgrade action has been performed. + type: boolean + ignoreFailures: + description: |- + IgnoreFailures tells the controller to skip remediation when the Helm tests + are run but fail. Can be overwritten for tests run after install or upgrade + actions in 'Install.IgnoreTestFailures' and 'Upgrade.IgnoreTestFailures'. + type: boolean + timeout: + description: |- + Timeout is the time to wait for any individual Kubernetes operation during + the performance of a Helm test action. Defaults to 'HelmReleaseSpec.Timeout'. + pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$ + type: string + type: object + timeout: + description: |- + Timeout is the time to wait for any individual Kubernetes operation (like Jobs + for hooks) during the performance of a Helm action. Defaults to '5m0s'. + pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$ + type: string + uninstall: + description: Uninstall holds the configuration for Helm uninstall + actions for this HelmRelease. + properties: + deletionPropagation: + default: background + description: |- + DeletionPropagation specifies the deletion propagation policy when + a Helm uninstall is performed. + enum: + - background + - foreground + - orphan + type: string + disableHooks: + description: DisableHooks prevents hooks from running during the + Helm rollback action. + type: boolean + disableWait: + description: |- + DisableWait disables waiting for all the resources to be deleted after + a Helm uninstall is performed. + type: boolean + keepHistory: + description: |- + KeepHistory tells Helm to remove all associated resources and mark the + release as deleted, but retain the release history. + type: boolean + timeout: + description: |- + Timeout is the time to wait for any individual Kubernetes operation (like + Jobs for hooks) during the performance of a Helm uninstall action. Defaults + to 'HelmReleaseSpec.Timeout'. + pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$ + type: string + type: object + upgrade: + description: Upgrade holds the configuration for Helm upgrade actions + for this HelmRelease. + properties: + cleanupOnFail: + description: |- + CleanupOnFail allows deletion of new resources created during the Helm + upgrade action when it fails. + type: boolean + crds: + description: |- + CRDs upgrade CRDs from the Helm Chart's crds directory according + to the CRD upgrade policy provided here. Valid values are `Skip`, + `Create` or `CreateReplace`. Default is `Skip` and if omitted + CRDs are neither installed nor upgraded. + + + Skip: do neither install nor replace (update) any CRDs. + + + Create: new CRDs are created, existing CRDs are neither updated nor deleted. + + + CreateReplace: new CRDs are created, existing CRDs are updated (replaced) + but not deleted. + + + By default, CRDs are not applied during Helm upgrade action. With this + option users can opt-in to CRD upgrade, which is not (yet) natively supported by Helm. + https://helm.sh/docs/chart_best_practices/custom_resource_definitions. + enum: + - Skip + - Create + - CreateReplace + type: string + disableHooks: + description: DisableHooks prevents hooks from running during the + Helm upgrade action. + type: boolean + disableOpenAPIValidation: + description: |- + DisableOpenAPIValidation prevents the Helm upgrade action from validating + rendered templates against the Kubernetes OpenAPI Schema. + type: boolean + disableWait: + description: |- + DisableWait disables the waiting for resources to be ready after a Helm + upgrade has been performed. + type: boolean + disableWaitForJobs: + description: |- + DisableWaitForJobs disables waiting for jobs to complete after a Helm + upgrade has been performed. + type: boolean + force: + description: Force forces resource updates through a replacement + strategy. + type: boolean + preserveValues: + description: |- + PreserveValues will make Helm reuse the last release's values and merge in + overrides from 'Values'. Setting this flag makes the HelmRelease + non-declarative. + type: boolean + remediation: + description: |- + Remediation holds the remediation configuration for when the Helm upgrade + action for the HelmRelease fails. The default is to not perform any action. + properties: + ignoreTestFailures: + description: |- + IgnoreTestFailures tells the controller to skip remediation when the Helm + tests are run after an upgrade action but fail. + Defaults to 'Test.IgnoreFailures'. + type: boolean + remediateLastFailure: + description: |- + RemediateLastFailure tells the controller to remediate the last failure, when + no retries remain. Defaults to 'false' unless 'Retries' is greater than 0. + type: boolean + retries: + description: |- + Retries is the number of retries that should be attempted on failures before + bailing. Remediation, using 'Strategy', is performed between each attempt. + Defaults to '0', a negative integer equals to unlimited retries. + type: integer + strategy: + description: Strategy to use for failure remediation. Defaults + to 'rollback'. + enum: + - rollback + - uninstall + type: string + type: object + timeout: + description: |- + Timeout is the time to wait for any individual Kubernetes operation (like + Jobs for hooks) during the performance of a Helm upgrade action. Defaults to + 'HelmReleaseSpec.Timeout'. + pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$ + type: string + type: object + values: + description: Values holds the values for this Helm release. + x-kubernetes-preserve-unknown-fields: true + valuesFrom: + description: |- + ValuesFrom holds references to resources containing Helm values for this HelmRelease, + and information about how they should be merged. + items: + description: |- + ValuesReference contains a reference to a resource containing Helm values, + and optionally the key they can be found at. + properties: + kind: + description: Kind of the values referent, valid values are ('Secret', + 'ConfigMap'). + enum: + - Secret + - ConfigMap + type: string + name: + description: |- + Name of the values referent. Should reside in the same namespace as the + referring resource. + maxLength: 253 + minLength: 1 + type: string + optional: + description: |- + Optional marks this ValuesReference as optional. When set, a not found error + for the values reference is ignored, but any ValuesKey, TargetPath or + transient error will still result in a reconciliation failure. + type: boolean + targetPath: + description: |- + TargetPath is the YAML dot notation path the value should be merged at. When + set, the ValuesKey is expected to be a single flat value. Defaults to 'None', + which results in the values getting merged at the root. + maxLength: 250 + pattern: ^([a-zA-Z0-9_\-.\\\/]|\[[0-9]{1,5}\])+$ + type: string + valuesKey: + description: |- + ValuesKey is the data key where the values.yaml or a specific value can be + found at. Defaults to 'values.yaml'. + When set, must be a valid Data Key, consisting of alphanumeric characters, + '-', '_' or '.'. + maxLength: 253 + pattern: ^[\-._a-zA-Z0-9]+$ + type: string + required: + - kind + - name + type: object + type: array + required: + - interval + type: object + status: + default: + observedGeneration: -1 + description: HelmReleaseStatus defines the observed state of a HelmRelease. + properties: + conditions: + description: Conditions holds the conditions for the HelmRelease. + items: + description: "Condition contains details for one aspect of the current + state of this API Resource.\n---\nThis struct is intended for + direct use as an array at the field path .status.conditions. For + example,\n\n\n\ttype FooStatus struct{\n\t // Represents the + observations of a foo's current state.\n\t // Known .status.conditions.type + are: \"Available\", \"Progressing\", and \"Degraded\"\n\t // + +patchMergeKey=type\n\t // +patchStrategy=merge\n\t // +listType=map\n\t + \ // +listMapKey=type\n\t Conditions []metav1.Condition `json:\"conditions,omitempty\" + patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"`\n\n\n\t + \ // other fields\n\t}" + properties: + lastTransitionTime: + description: |- + lastTransitionTime is the last time the condition transitioned from one status to another. + This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. + format: date-time + type: string + message: + description: |- + message is a human readable message indicating details about the transition. + This may be an empty string. + maxLength: 32768 + type: string + observedGeneration: + description: |- + observedGeneration represents the .metadata.generation that the condition was set based upon. + For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date + with respect to the current state of the instance. + format: int64 + minimum: 0 + type: integer + reason: + description: |- + reason contains a programmatic identifier indicating the reason for the condition's last transition. + Producers of specific condition types may define expected values and meanings for this field, + and whether the values are considered a guaranteed API. + The value should be a CamelCase string. + This field may not be empty. + maxLength: 1024 + minLength: 1 + pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ + type: string + status: + description: status of the condition, one of True, False, Unknown. + enum: + - "True" + - "False" + - Unknown + type: string + type: + description: |- + type of condition in CamelCase or in foo.example.com/CamelCase. + --- + Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be + useful (see .node.status.conditions), the ability to deconflict is important. + The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + maxLength: 316 + pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ + type: string + required: + - lastTransitionTime + - message + - reason + - status + - type + type: object + type: array + failures: + description: |- + Failures is the reconciliation failure count against the latest desired + state. It is reset after a successful reconciliation. + format: int64 + type: integer + helmChart: + description: |- + HelmChart is the namespaced name of the HelmChart resource created by + the controller for the HelmRelease. + type: string + history: + description: |- + History holds the history of Helm releases performed for this HelmRelease + up to the last successfully completed release. + + + Note: this field is provisional to the v2beta2 API, and not actively used + by v2beta1 HelmReleases. + items: + description: |- + Snapshot captures a point-in-time copy of the status information for a Helm release, + as managed by the controller. + properties: + apiVersion: + description: |- + APIVersion is the API version of the Snapshot. + Provisional: when the calculation method of the Digest field is changed, + this field will be used to distinguish between the old and new methods. + type: string + appVersion: + description: AppVersion is the chart app version of the release + object in storage. + type: string + chartName: + description: ChartName is the chart name of the release object + in storage. + type: string + chartVersion: + description: |- + ChartVersion is the chart version of the release object in + storage. + type: string + configDigest: + description: |- + ConfigDigest is the checksum of the config (better known as + "values") of the release object in storage. + It has the format of `:`. + type: string + deleted: + description: Deleted is when the release was deleted. + format: date-time + type: string + digest: + description: |- + Digest is the checksum of the release object in storage. + It has the format of `:`. + type: string + firstDeployed: + description: FirstDeployed is when the release was first deployed. + format: date-time + type: string + lastDeployed: + description: LastDeployed is when the release was last deployed. + format: date-time + type: string + name: + description: Name is the name of the release. + type: string + namespace: + description: Namespace is the namespace the release is deployed + to. + type: string + ociDigest: + description: OCIDigest is the digest of the OCI artifact associated + with the release. + type: string + status: + description: Status is the current state of the release. + type: string + testHooks: + additionalProperties: + description: |- + TestHookStatus holds the status information for a test hook as observed + to be run by the controller. + properties: + lastCompleted: + description: LastCompleted is the time the test hook last + completed. + format: date-time + type: string + lastStarted: + description: LastStarted is the time the test hook was + last started. + format: date-time + type: string + phase: + description: Phase the test hook was observed to be in. + type: string + type: object + description: |- + TestHooks is the list of test hooks for the release as observed to be + run by the controller. + type: object + version: + description: Version is the version of the release object in + storage. + type: integer + required: + - chartName + - chartVersion + - configDigest + - digest + - firstDeployed + - lastDeployed + - name + - namespace + - status + - version + type: object + type: array + installFailures: + description: |- + InstallFailures is the install failure count against the latest desired + state. It is reset after a successful reconciliation. + format: int64 + type: integer + lastAppliedRevision: + description: LastAppliedRevision is the revision of the last successfully + applied source. + type: string + lastAttemptedConfigDigest: + description: |- + LastAttemptedConfigDigest is the digest for the config (better known as + "values") of the last reconciliation attempt. + + + Note: this field is provisional to the v2beta2 API, and not actively used + by v2beta1 HelmReleases. + type: string + lastAttemptedGeneration: + description: |- + LastAttemptedGeneration is the last generation the controller attempted + to reconcile. + + + Note: this field is provisional to the v2beta2 API, and not actively used + by v2beta1 HelmReleases. + format: int64 + type: integer + lastAttemptedReleaseAction: + description: |- + LastAttemptedReleaseAction is the last release action performed for this + HelmRelease. It is used to determine the active remediation strategy. + + + Note: this field is provisional to the v2beta2 API, and not actively used + by v2beta1 HelmReleases. + type: string + lastAttemptedRevision: + description: LastAttemptedRevision is the revision of the last reconciliation + attempt. + type: string + lastAttemptedValuesChecksum: + description: |- + LastAttemptedValuesChecksum is the SHA1 checksum of the values of the last + reconciliation attempt. + type: string + lastHandledForceAt: + description: |- + LastHandledForceAt holds the value of the most recent force request + value, so a change of the annotation value can be detected. + + + Note: this field is provisional to the v2beta2 API, and not actively used + by v2beta1 HelmReleases. + type: string + lastHandledReconcileAt: + description: |- + LastHandledReconcileAt holds the value of the most recent + reconcile request value, so a change of the annotation value + can be detected. + type: string + lastHandledResetAt: + description: |- + LastHandledResetAt holds the value of the most recent reset request + value, so a change of the annotation value can be detected. + + + Note: this field is provisional to the v2beta2 API, and not actively used + by v2beta1 HelmReleases. + type: string + lastReleaseRevision: + description: LastReleaseRevision is the revision of the last successful + Helm release. + type: integer + observedGeneration: + description: ObservedGeneration is the last observed generation. + format: int64 + type: integer + observedPostRenderersDigest: + description: |- + ObservedPostRenderersDigest is the digest for the post-renderers of + the last successful reconciliation attempt. + type: string + storageNamespace: + description: |- + StorageNamespace is the namespace of the Helm release storage for the + current release. + + + Note: this field is provisional to the v2beta2 API, and not actively used + by v2beta1 HelmReleases. + type: string + upgradeFailures: + description: |- + UpgradeFailures is the upgrade failure count against the latest desired + state. It is reset after a successful reconciliation. + format: int64 + type: integer + type: object + type: object + served: true + storage: false + subresources: + status: {} + - additionalPrinterColumns: + - jsonPath: .metadata.creationTimestamp + name: Age + type: date + - jsonPath: .status.conditions[?(@.type=="Ready")].status + name: Ready + type: string + - jsonPath: .status.conditions[?(@.type=="Ready")].message + name: Status + type: string + deprecated: true + deprecationWarning: v2beta2 HelmRelease is deprecated, upgrade to v2 + name: v2beta2 + schema: + openAPIV3Schema: + description: HelmRelease is the Schema for the helmreleases API + properties: + apiVersion: + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources + type: string + kind: + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds + type: string + metadata: + type: object + spec: + description: HelmReleaseSpec defines the desired state of a Helm release. + properties: + chart: + description: |- + Chart defines the template of the v1beta2.HelmChart that should be created + for this HelmRelease. + properties: + metadata: + description: ObjectMeta holds the template for metadata like labels + and annotations. + properties: + annotations: + additionalProperties: + type: string + description: |- + Annotations is an unstructured key value map stored with a resource that may be + set by external tools to store and retrieve arbitrary metadata. They are not + queryable and should be preserved when modifying objects. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations/ + type: object + labels: + additionalProperties: + type: string + description: |- + Map of string keys and values that can be used to organize and categorize + (scope and select) objects. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/ + type: object + type: object + spec: + description: Spec holds the template for the v1beta2.HelmChartSpec + for this HelmRelease. + properties: + chart: + description: The name or path the Helm chart is available + at in the SourceRef. + maxLength: 2048 + minLength: 1 + type: string + ignoreMissingValuesFiles: + description: IgnoreMissingValuesFiles controls whether to + silently ignore missing values files rather than failing. + type: boolean + interval: + description: |- + Interval at which to check the v1.Source for updates. Defaults to + 'HelmReleaseSpec.Interval'. + pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$ + type: string + reconcileStrategy: + default: ChartVersion + description: |- + Determines what enables the creation of a new artifact. Valid values are + ('ChartVersion', 'Revision'). + See the documentation of the values for an explanation on their behavior. + Defaults to ChartVersion when omitted. + enum: + - ChartVersion + - Revision + type: string + sourceRef: + description: The name and namespace of the v1.Source the chart + is available at. + properties: + apiVersion: + description: APIVersion of the referent. + type: string + kind: + description: Kind of the referent. + enum: + - HelmRepository + - GitRepository + - Bucket + type: string + name: + description: Name of the referent. + maxLength: 253 + minLength: 1 + type: string + namespace: + description: Namespace of the referent. + maxLength: 63 + minLength: 1 + type: string + required: + - name + type: object + valuesFile: + description: |- + Alternative values file to use as the default chart values, expected to + be a relative path in the SourceRef. Deprecated in favor of ValuesFiles, + for backwards compatibility the file defined here is merged before the + ValuesFiles items. Ignored when omitted. + type: string + valuesFiles: + description: |- + Alternative list of values files to use as the chart values (values.yaml + is not included by default), expected to be a relative path in the SourceRef. + Values files are merged in the order of this list with the last file overriding + the first. Ignored when omitted. + items: + type: string + type: array + verify: + description: |- + Verify contains the secret name containing the trusted public keys + used to verify the signature and specifies which provider to use to check + whether OCI image is authentic. + This field is only supported for OCI sources. + Chart dependencies, which are not bundled in the umbrella chart artifact, + are not verified. + properties: + provider: + default: cosign + description: Provider specifies the technology used to + sign the OCI Helm chart. + enum: + - cosign + - notation + type: string + secretRef: + description: |- + SecretRef specifies the Kubernetes Secret containing the + trusted public keys. + properties: + name: + description: Name of the referent. + type: string + required: + - name + type: object + required: + - provider + type: object + version: + default: '*' + description: |- + Version semver expression, ignored for charts from v1beta2.GitRepository and + v1beta2.Bucket sources. Defaults to latest when omitted. + type: string + required: + - chart + - sourceRef + type: object + required: + - spec + type: object + chartRef: + description: |- + ChartRef holds a reference to a source controller resource containing the + Helm chart artifact. + + + Note: this field is provisional to the v2 API, and not actively used + by v2beta2 HelmReleases. + properties: + apiVersion: + description: APIVersion of the referent. + type: string + kind: + description: Kind of the referent. + enum: + - OCIRepository + - HelmChart + type: string + name: + description: Name of the referent. + maxLength: 253 + minLength: 1 + type: string + namespace: + description: |- + Namespace of the referent, defaults to the namespace of the Kubernetes + resource object that contains the reference. + maxLength: 63 + minLength: 1 + type: string + required: + - kind + - name + type: object + dependsOn: + description: |- + DependsOn may contain a meta.NamespacedObjectReference slice with + references to HelmRelease resources that must be ready before this HelmRelease + can be reconciled. + items: + description: |- + NamespacedObjectReference contains enough information to locate the referenced Kubernetes resource object in any + namespace. + properties: + name: + description: Name of the referent. + type: string + namespace: + description: Namespace of the referent, when not specified it + acts as LocalObjectReference. + type: string + required: + - name + type: object + type: array + driftDetection: + description: |- + DriftDetection holds the configuration for detecting and handling + differences between the manifest in the Helm storage and the resources + currently existing in the cluster. + properties: + ignore: + description: |- + Ignore contains a list of rules for specifying which changes to ignore + during diffing. + items: + description: |- + IgnoreRule defines a rule to selectively disregard specific changes during + the drift detection process. + properties: + paths: + description: |- + Paths is a list of JSON Pointer (RFC 6901) paths to be excluded from + consideration in a Kubernetes object. + items: + type: string + type: array + target: + description: |- + Target is a selector for specifying Kubernetes objects to which this + rule applies. + If Target is not set, the Paths will be ignored for all Kubernetes + objects within the manifest of the Helm release. + properties: + annotationSelector: + description: |- + AnnotationSelector is a string that follows the label selection expression + https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#api + It matches with the resource annotations. + type: string + group: + description: |- + Group is the API group to select resources from. + Together with Version and Kind it is capable of unambiguously identifying and/or selecting resources. + https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md + type: string + kind: + description: |- + Kind of the API Group to select resources from. + Together with Group and Version it is capable of unambiguously + identifying and/or selecting resources. + https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md + type: string + labelSelector: + description: |- + LabelSelector is a string that follows the label selection expression + https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#api + It matches with the resource labels. + type: string + name: + description: Name to match resources with. + type: string + namespace: + description: Namespace to select resources from. + type: string + version: + description: |- + Version of the API Group to select resources from. + Together with Group and Kind it is capable of unambiguously identifying and/or selecting resources. + https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md + type: string + type: object + required: + - paths + type: object + type: array + mode: + description: |- + Mode defines how differences should be handled between the Helm manifest + and the manifest currently applied to the cluster. + If not explicitly set, it defaults to DiffModeDisabled. + enum: + - enabled + - warn + - disabled + type: string + type: object + install: + description: Install holds the configuration for Helm install actions + for this HelmRelease. properties: crds: - description: "CRDs upgrade CRDs from the Helm Chart's crds directory according to the CRD upgrade policy - provided here. Valid values are `Skip`, `Create` or `CreateReplace`. Default is `Create` and if omitted - CRDs are installed but not updated. \n Skip: do neither install nor replace (update) any CRDs. \n Create: - new CRDs are created, existing CRDs are neither updated nor deleted. \n CreateReplace: new CRDs are - created, existing CRDs are updated (replaced) but not deleted. \n By default, CRDs are applied (installed) - during Helm install action. With this option users can opt-in to CRD replace existing CRDs on Helm install - actions, which is not (yet) natively supported by Helm. https://helm.sh/docs/chart_best_practices/custom_resource_definitions." + description: |- + CRDs upgrade CRDs from the Helm Chart's crds directory according + to the CRD upgrade policy provided here. Valid values are `Skip`, + `Create` or `CreateReplace`. Default is `Create` and if omitted + CRDs are installed but not updated. + + + Skip: do neither install nor replace (update) any CRDs. + + + Create: new CRDs are created, existing CRDs are neither updated nor deleted. + + + CreateReplace: new CRDs are created, existing CRDs are updated (replaced) + but not deleted. + + + By default, CRDs are applied (installed) during Helm install action. + With this option users can opt in to CRD replace existing CRDs on Helm + install actions, which is not (yet) natively supported by Helm. + https://helm.sh/docs/chart_best_practices/custom_resource_definitions. enum: - Skip - Create - CreateReplace type: string createNamespace: - description: CreateNamespace tells the Helm install action to create the HelmReleaseSpec.TargetNamespace - if it does not exist yet. On uninstall, the namespace will not be garbage collected. + description: |- + CreateNamespace tells the Helm install action to create the + HelmReleaseSpec.TargetNamespace if it does not exist yet. + On uninstall, the namespace will not be garbage collected. type: boolean disableHooks: - description: DisableHooks prevents hooks from running during the Helm install action. + description: DisableHooks prevents hooks from running during the + Helm install action. type: boolean disableOpenAPIValidation: - description: DisableOpenAPIValidation prevents the Helm install action from validating rendered templates - against the Kubernetes OpenAPI Schema. + description: |- + DisableOpenAPIValidation prevents the Helm install action from validating + rendered templates against the Kubernetes OpenAPI Schema. type: boolean disableWait: - description: DisableWait disables the waiting for resources to be ready after a Helm install has been - performed. + description: |- + DisableWait disables the waiting for resources to be ready after a Helm + install has been performed. type: boolean disableWaitForJobs: - description: DisableWaitForJobs disables waiting for jobs to complete after a Helm install has been performed. + description: |- + DisableWaitForJobs disables waiting for jobs to complete after a Helm + install has been performed. type: boolean remediation: - description: Remediation holds the remediation configuration for when the Helm install action for the - HelmRelease fails. The default is to not perform any action. + description: |- + Remediation holds the remediation configuration for when the Helm install + action for the HelmRelease fails. The default is to not perform any action. properties: ignoreTestFailures: - description: IgnoreTestFailures tells the controller to skip remediation when the Helm tests are run - after an install action but fail. Defaults to 'Test.IgnoreFailures'. + description: |- + IgnoreTestFailures tells the controller to skip remediation when the Helm + tests are run after an install action but fail. Defaults to + 'Test.IgnoreFailures'. type: boolean remediateLastFailure: - description: RemediateLastFailure tells the controller to remediate the last failure, when no retries - remain. Defaults to 'false'. + description: |- + RemediateLastFailure tells the controller to remediate the last failure, when + no retries remain. Defaults to 'false'. type: boolean retries: - description: Retries is the number of retries that should be attempted on failures before bailing. - Remediation, using an uninstall, is performed between each attempt. Defaults to '0', a negative - integer equals to unlimited retries. + description: |- + Retries is the number of retries that should be attempted on failures before + bailing. Remediation, using an uninstall, is performed between each attempt. + Defaults to '0', a negative integer equals to unlimited retries. type: integer type: object replace: - description: Replace tells the Helm install action to re-use the 'ReleaseName', but only if that name - is a deleted release which remains in the history. + description: |- + Replace tells the Helm install action to re-use the 'ReleaseName', but only + if that name is a deleted release which remains in the history. type: boolean skipCRDs: - description: "SkipCRDs tells the Helm install action to not install any CRDs. By default, CRDs are installed - if not already present. \n Deprecated use CRD policy (`crds`) attribute with value `Skip` instead." + description: |- + SkipCRDs tells the Helm install action to not install any CRDs. By default, + CRDs are installed if not already present. + + + Deprecated use CRD policy (`crds`) attribute with value `Skip` instead. type: boolean timeout: - description: Timeout is the time to wait for any individual Kubernetes operation (like Jobs for hooks) - during the performance of a Helm install action. Defaults to 'HelmReleaseSpec.Timeout'. + description: |- + Timeout is the time to wait for any individual Kubernetes operation (like + Jobs for hooks) during the performance of a Helm install action. Defaults to + 'HelmReleaseSpec.Timeout'. pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$ type: string type: object interval: - description: Interval at which to reconcile the Helm release. This interval is approximate and may be subject - to jitter to ensure efficient use of resources. + description: Interval at which to reconcile the Helm release. pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$ type: string kubeConfig: - description: KubeConfig for reconciling the HelmRelease on a remote cluster. When used in combination with - HelmReleaseSpec.ServiceAccountName, forces the controller to act on behalf of that Service Account at the - target cluster. If the --default-service-account flag is set, its value will be used as a controller level - fallback for when HelmReleaseSpec.ServiceAccountName is empty. + description: |- + KubeConfig for reconciling the HelmRelease on a remote cluster. + When used in combination with HelmReleaseSpec.ServiceAccountName, + forces the controller to act on behalf of that Service Account at the + target cluster. + If the --default-service-account flag is set, its value will be used as + a controller level fallback for when HelmReleaseSpec.ServiceAccountName + is empty. properties: secretRef: - description: SecretRef holds the name of a secret that contains a key with the kubeconfig file as the - value. If no key is set, the key will default to 'value'. It is recommended that the kubeconfig is self-contained, - and the secret is regularly updated if credentials such as a cloud-access-token expire. Cloud specific - `cmd-path` auth helpers will not function without adding binaries and credentials to the Pod that is - responsible for reconciling Kubernetes resources. + description: |- + SecretRef holds the name of a secret that contains a key with + the kubeconfig file as the value. If no key is set, the key will default + to 'value'. + It is recommended that the kubeconfig is self-contained, and the secret + is regularly updated if credentials such as a cloud-access-token expire. + Cloud specific `cmd-path` auth helpers will not function without adding + binaries and credentials to the Pod that is responsible for reconciling + Kubernetes resources. properties: key: - description: Key in the Secret, when not specified an implementation-specific default key is used. + description: Key in the Secret, when not specified an implementation-specific + default key is used. type: string name: description: Name of the Secret. @@ -5049,19 +9411,30 @@ spec: - secretRef type: object maxHistory: - description: MaxHistory is the number of revisions saved by Helm for this HelmRelease. Use '0' for an unlimited - number of revisions; defaults to '10'. + description: |- + MaxHistory is the number of revisions saved by Helm for this HelmRelease. + Use '0' for an unlimited number of revisions; defaults to '5'. type: integer persistentClient: - description: "PersistentClient tells the controller to use a persistent Kubernetes client for this release. - When enabled, the client will be reused for the duration of the reconciliation, instead of being created - and destroyed for each (step of a) Helm action. \n This can improve performance, but may cause issues with - some Helm charts that for example do create Custom Resource Definitions during installation outside Helm's - CRD lifecycle hooks, which are then not observed to be available by e.g. post-install hooks. \n If not set, - it defaults to true." + description: |- + PersistentClient tells the controller to use a persistent Kubernetes + client for this release. When enabled, the client will be reused for the + duration of the reconciliation, instead of being created and destroyed + for each (step of a) Helm action. + + + This can improve performance, but may cause issues with some Helm charts + that for example do create Custom Resource Definitions during installation + outside Helm's CRD lifecycle hooks, which are then not observed to be + available by e.g. post-install hooks. + + + If not set, it defaults to true. type: boolean postRenderers: - description: PostRenderers holds an array of Helm PostRenderers, which will be applied in order of their definition. + description: |- + PostRenderers holds an array of Helm PostRenderers, which will be applied in order + of their definition. items: description: PostRenderer contains a Helm PostRenderer specification. properties: @@ -5069,58 +9442,76 @@ spec: description: Kustomization to apply as PostRenderer. properties: images: - description: Images is a list of (image name, new name, new tag or digest) for changing image names, - tags or digests. This can also be achieved with a patch, but this operator is simpler to specify. + description: |- + Images is a list of (image name, new name, new tag or digest) + for changing image names, tags or digests. This can also be achieved with a + patch, but this operator is simpler to specify. items: - description: Image contains an image name, a new name, a new tag or digest, which will replace - the original name and tag. + description: Image contains an image name, a new name, + a new tag or digest, which will replace the original + name and tag. properties: digest: - description: Digest is the value used to replace the original image tag. If digest is present - NewTag value is ignored. + description: |- + Digest is the value used to replace the original image tag. + If digest is present NewTag value is ignored. type: string name: description: Name is a tag-less image name. type: string newName: - description: NewName is the value used to replace the original name. + description: NewName is the value used to replace + the original name. type: string newTag: - description: NewTag is the value used to replace the original tag. + description: NewTag is the value used to replace the + original tag. type: string required: - name type: object type: array patches: - description: Strategic merge and JSON patches, defined as inline YAML objects, capable of targeting - objects based on kind, label and annotation selectors. + description: |- + Strategic merge and JSON patches, defined as inline YAML objects, + capable of targeting objects based on kind, label and annotation selectors. items: - description: Patch contains an inline StrategicMerge or JSON6902 patch, and the target the patch - should be applied to. + description: |- + Patch contains an inline StrategicMerge or JSON6902 patch, and the target the patch should + be applied to. properties: patch: - description: Patch contains an inline StrategicMerge patch or an inline JSON6902 patch with + description: |- + Patch contains an inline StrategicMerge patch or an inline JSON6902 patch with an array of operation objects. type: string target: - description: Target points to the resources that the patch document should be applied to. + description: Target points to the resources that the + patch document should be applied to. properties: annotationSelector: - description: AnnotationSelector is a string that follows the label selection expression - https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#api It matches - with the resource annotations. + description: |- + AnnotationSelector is a string that follows the label selection expression + https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#api + It matches with the resource annotations. type: string group: - description: Group is the API group to select resources from. Together with Version and - Kind it is capable of unambiguously identifying and/or selecting resources. https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md + description: |- + Group is the API group to select resources from. + Together with Version and Kind it is capable of unambiguously identifying and/or selecting resources. + https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md type: string kind: - description: Kind of the API Group to select resources from. Together with Group and Version - it is capable of unambiguously identifying and/or selecting resources. https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md + description: |- + Kind of the API Group to select resources from. + Together with Group and Version it is capable of unambiguously + identifying and/or selecting resources. + https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md type: string labelSelector: - description: LabelSelector is a string that follows the label selection expression https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#api + description: |- + LabelSelector is a string that follows the label selection expression + https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#api It matches with the resource labels. type: string name: @@ -5130,8 +9521,10 @@ spec: description: Namespace to select resources from. type: string version: - description: Version of the API Group to select resources from. Together with Group and - Kind it is capable of unambiguously identifying and/or selecting resources. https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md + description: |- + Version of the API Group to select resources from. + Together with Group and Kind it is capable of unambiguously identifying and/or selecting resources. + https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md type: string type: object required: @@ -5139,24 +9532,31 @@ spec: type: object type: array patchesJson6902: - description: JSON 6902 patches, defined as inline YAML objects. + description: |- + JSON 6902 patches, defined as inline YAML objects. + Deprecated: use Patches instead. items: - description: JSON6902Patch contains a JSON6902 patch and the target the patch should be applied - to. + description: JSON6902Patch contains a JSON6902 patch and + the target the patch should be applied to. properties: patch: - description: Patch contains the JSON6902 patch document with an array of operation objects. + description: Patch contains the JSON6902 patch document + with an array of operation objects. items: - description: JSON6902 is a JSON6902 operation object. https://datatracker.ietf.org/doc/html/rfc6902#section-4 + description: |- + JSON6902 is a JSON6902 operation object. + https://datatracker.ietf.org/doc/html/rfc6902#section-4 properties: from: - description: From contains a JSON-pointer value that references a location within the - target document where the operation is performed. The meaning of the value depends - on the value of Op, and is NOT taken into account by all operations. + description: |- + From contains a JSON-pointer value that references a location within the target document where the operation is + performed. The meaning of the value depends on the value of Op, and is NOT taken into account by all operations. type: string op: - description: Op indicates the operation to perform. Its value MUST be one of "add", - "remove", "replace", "move", "copy", or "test". https://datatracker.ietf.org/doc/html/rfc6902#section-4 + description: |- + Op indicates the operation to perform. Its value MUST be one of "add", "remove", "replace", "move", "copy", or + "test". + https://datatracker.ietf.org/doc/html/rfc6902#section-4 enum: - test - remove @@ -5166,13 +9566,14 @@ spec: - copy type: string path: - description: Path contains the JSON-pointer value that references a location within - the target document where the operation is performed. The meaning of the value depends - on the value of Op. + description: |- + Path contains the JSON-pointer value that references a location within the target document where the operation + is performed. The meaning of the value depends on the value of Op. type: string value: - description: Value contains a valid JSON structure. The meaning of the value depends - on the value of Op, and is NOT taken into account by all operations. + description: |- + Value contains a valid JSON structure. The meaning of the value depends on the value of Op, and is NOT taken into + account by all operations. x-kubernetes-preserve-unknown-fields: true required: - op @@ -5180,23 +9581,32 @@ spec: type: object type: array target: - description: Target points to the resources that the patch document should be applied to. + description: Target points to the resources that the + patch document should be applied to. properties: annotationSelector: - description: AnnotationSelector is a string that follows the label selection expression - https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#api It matches - with the resource annotations. + description: |- + AnnotationSelector is a string that follows the label selection expression + https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#api + It matches with the resource annotations. type: string group: - description: Group is the API group to select resources from. Together with Version and - Kind it is capable of unambiguously identifying and/or selecting resources. https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md + description: |- + Group is the API group to select resources from. + Together with Version and Kind it is capable of unambiguously identifying and/or selecting resources. + https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md type: string kind: - description: Kind of the API Group to select resources from. Together with Group and Version - it is capable of unambiguously identifying and/or selecting resources. https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md + description: |- + Kind of the API Group to select resources from. + Together with Group and Version it is capable of unambiguously + identifying and/or selecting resources. + https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md type: string labelSelector: - description: LabelSelector is a string that follows the label selection expression https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#api + description: |- + LabelSelector is a string that follows the label selection expression + https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#api It matches with the resource labels. type: string name: @@ -5206,8 +9616,10 @@ spec: description: Namespace to select resources from. type: string version: - description: Version of the API Group to select resources from. Together with Group and - Kind it is capable of unambiguously identifying and/or selecting resources. https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md + description: |- + Version of the API Group to select resources from. + Together with Group and Kind it is capable of unambiguously identifying and/or selecting resources. + https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md type: string type: object required: @@ -5216,7 +9628,9 @@ spec: type: object type: array patchesStrategicMerge: - description: Strategic merge patches, defined as inline YAML objects. + description: |- + Strategic merge patches, defined as inline YAML objects. + Deprecated: use Patches instead. items: x-kubernetes-preserve-unknown-fields: true type: array @@ -5224,176 +9638,260 @@ spec: type: object type: array releaseName: - description: ReleaseName used for the Helm release. Defaults to a composition of '[TargetNamespace-]Name'. + description: |- + ReleaseName used for the Helm release. Defaults to a composition of + '[TargetNamespace-]Name'. maxLength: 53 minLength: 1 type: string rollback: - description: Rollback holds the configuration for Helm rollback actions for this HelmRelease. + description: Rollback holds the configuration for Helm rollback actions + for this HelmRelease. properties: cleanupOnFail: - description: CleanupOnFail allows deletion of new resources created during the Helm rollback action when - it fails. + description: |- + CleanupOnFail allows deletion of new resources created during the Helm + rollback action when it fails. type: boolean disableHooks: - description: DisableHooks prevents hooks from running during the Helm rollback action. + description: DisableHooks prevents hooks from running during the + Helm rollback action. type: boolean disableWait: - description: DisableWait disables the waiting for resources to be ready after a Helm rollback has been - performed. + description: |- + DisableWait disables the waiting for resources to be ready after a Helm + rollback has been performed. type: boolean disableWaitForJobs: - description: DisableWaitForJobs disables waiting for jobs to complete after a Helm rollback has been performed. + description: |- + DisableWaitForJobs disables waiting for jobs to complete after a Helm + rollback has been performed. type: boolean force: - description: Force forces resource updates through a replacement strategy. + description: Force forces resource updates through a replacement + strategy. type: boolean recreate: - description: Recreate performs pod restarts for the resource if applicable. + description: Recreate performs pod restarts for the resource if + applicable. type: boolean timeout: - description: Timeout is the time to wait for any individual Kubernetes operation (like Jobs for hooks) - during the performance of a Helm rollback action. Defaults to 'HelmReleaseSpec.Timeout'. + description: |- + Timeout is the time to wait for any individual Kubernetes operation (like + Jobs for hooks) during the performance of a Helm rollback action. Defaults to + 'HelmReleaseSpec.Timeout'. pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$ type: string type: object serviceAccountName: - description: The name of the Kubernetes service account to impersonate when reconciling this HelmRelease. + description: |- + The name of the Kubernetes service account to impersonate + when reconciling this HelmRelease. + maxLength: 253 + minLength: 1 type: string storageNamespace: - description: StorageNamespace used for the Helm storage. Defaults to the namespace of the HelmRelease. + description: |- + StorageNamespace used for the Helm storage. + Defaults to the namespace of the HelmRelease. maxLength: 63 minLength: 1 type: string suspend: - description: Suspend tells the controller to suspend reconciliation for this HelmRelease, it does not apply - to already started reconciliations. Defaults to false. + description: |- + Suspend tells the controller to suspend reconciliation for this HelmRelease, + it does not apply to already started reconciliations. Defaults to false. type: boolean targetNamespace: - description: TargetNamespace to target when performing operations for the HelmRelease. Defaults to the namespace - of the HelmRelease. + description: |- + TargetNamespace to target when performing operations for the HelmRelease. + Defaults to the namespace of the HelmRelease. maxLength: 63 minLength: 1 type: string test: - description: Test holds the configuration for Helm test actions for this HelmRelease. + description: Test holds the configuration for Helm test actions for + this HelmRelease. properties: enable: - description: Enable enables Helm test actions for this HelmRelease after an Helm install or upgrade action - has been performed. + description: |- + Enable enables Helm test actions for this HelmRelease after an Helm install + or upgrade action has been performed. type: boolean + filters: + description: Filters is a list of tests to run or exclude from + running. + items: + description: Filter holds the configuration for individual Helm + test filters. + properties: + exclude: + description: Exclude specifies whether the named test should + be excluded. + type: boolean + name: + description: Name is the name of the test. + maxLength: 253 + minLength: 1 + type: string + required: + - name + type: object + type: array ignoreFailures: - description: IgnoreFailures tells the controller to skip remediation when the Helm tests are run but fail. - Can be overwritten for tests run after install or upgrade actions in 'Install.IgnoreTestFailures' and - 'Upgrade.IgnoreTestFailures'. + description: |- + IgnoreFailures tells the controller to skip remediation when the Helm tests + are run but fail. Can be overwritten for tests run after install or upgrade + actions in 'Install.IgnoreTestFailures' and 'Upgrade.IgnoreTestFailures'. type: boolean timeout: - description: Timeout is the time to wait for any individual Kubernetes operation during the performance - of a Helm test action. Defaults to 'HelmReleaseSpec.Timeout'. + description: |- + Timeout is the time to wait for any individual Kubernetes operation during + the performance of a Helm test action. Defaults to 'HelmReleaseSpec.Timeout'. pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$ type: string type: object timeout: - description: Timeout is the time to wait for any individual Kubernetes operation (like Jobs for hooks) during - the performance of a Helm action. Defaults to '5m0s'. + description: |- + Timeout is the time to wait for any individual Kubernetes operation (like Jobs + for hooks) during the performance of a Helm action. Defaults to '5m0s'. pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$ type: string uninstall: - description: Uninstall holds the configuration for Helm uninstall actions for this HelmRelease. + description: Uninstall holds the configuration for Helm uninstall + actions for this HelmRelease. properties: deletionPropagation: default: background - description: DeletionPropagation specifies the deletion propagation policy when a Helm uninstall is performed. + description: |- + DeletionPropagation specifies the deletion propagation policy when + a Helm uninstall is performed. enum: - background - foreground - orphan type: string disableHooks: - description: DisableHooks prevents hooks from running during the Helm rollback action. + description: DisableHooks prevents hooks from running during the + Helm rollback action. type: boolean disableWait: - description: DisableWait disables waiting for all the resources to be deleted after a Helm uninstall is - performed. + description: |- + DisableWait disables waiting for all the resources to be deleted after + a Helm uninstall is performed. type: boolean keepHistory: - description: KeepHistory tells Helm to remove all associated resources and mark the release as deleted, - but retain the release history. + description: |- + KeepHistory tells Helm to remove all associated resources and mark the + release as deleted, but retain the release history. type: boolean timeout: - description: Timeout is the time to wait for any individual Kubernetes operation (like Jobs for hooks) - during the performance of a Helm uninstall action. Defaults to 'HelmReleaseSpec.Timeout'. + description: |- + Timeout is the time to wait for any individual Kubernetes operation (like + Jobs for hooks) during the performance of a Helm uninstall action. Defaults + to 'HelmReleaseSpec.Timeout'. pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$ type: string type: object upgrade: - description: Upgrade holds the configuration for Helm upgrade actions for this HelmRelease. + description: Upgrade holds the configuration for Helm upgrade actions + for this HelmRelease. properties: cleanupOnFail: - description: CleanupOnFail allows deletion of new resources created during the Helm upgrade action when - it fails. + description: |- + CleanupOnFail allows deletion of new resources created during the Helm + upgrade action when it fails. type: boolean crds: - description: "CRDs upgrade CRDs from the Helm Chart's crds directory according to the CRD upgrade policy - provided here. Valid values are `Skip`, `Create` or `CreateReplace`. Default is `Skip` and if omitted - CRDs are neither installed nor upgraded. \n Skip: do neither install nor replace (update) any CRDs. - \n Create: new CRDs are created, existing CRDs are neither updated nor deleted. \n CreateReplace: new - CRDs are created, existing CRDs are updated (replaced) but not deleted. \n By default, CRDs are not - applied during Helm upgrade action. With this option users can opt-in to CRD upgrade, which is not (yet) - natively supported by Helm. https://helm.sh/docs/chart_best_practices/custom_resource_definitions." + description: |- + CRDs upgrade CRDs from the Helm Chart's crds directory according + to the CRD upgrade policy provided here. Valid values are `Skip`, + `Create` or `CreateReplace`. Default is `Skip` and if omitted + CRDs are neither installed nor upgraded. + + + Skip: do neither install nor replace (update) any CRDs. + + + Create: new CRDs are created, existing CRDs are neither updated nor deleted. + + + CreateReplace: new CRDs are created, existing CRDs are updated (replaced) + but not deleted. + + + By default, CRDs are not applied during Helm upgrade action. With this + option users can opt-in to CRD upgrade, which is not (yet) natively supported by Helm. + https://helm.sh/docs/chart_best_practices/custom_resource_definitions. enum: - Skip - Create - CreateReplace type: string disableHooks: - description: DisableHooks prevents hooks from running during the Helm upgrade action. + description: DisableHooks prevents hooks from running during the + Helm upgrade action. type: boolean disableOpenAPIValidation: - description: DisableOpenAPIValidation prevents the Helm upgrade action from validating rendered templates - against the Kubernetes OpenAPI Schema. + description: |- + DisableOpenAPIValidation prevents the Helm upgrade action from validating + rendered templates against the Kubernetes OpenAPI Schema. type: boolean disableWait: - description: DisableWait disables the waiting for resources to be ready after a Helm upgrade has been - performed. + description: |- + DisableWait disables the waiting for resources to be ready after a Helm + upgrade has been performed. type: boolean disableWaitForJobs: - description: DisableWaitForJobs disables waiting for jobs to complete after a Helm upgrade has been performed. + description: |- + DisableWaitForJobs disables waiting for jobs to complete after a Helm + upgrade has been performed. type: boolean force: - description: Force forces resource updates through a replacement strategy. + description: Force forces resource updates through a replacement + strategy. type: boolean preserveValues: - description: PreserveValues will make Helm reuse the last release's values and merge in overrides from - 'Values'. Setting this flag makes the HelmRelease non-declarative. + description: |- + PreserveValues will make Helm reuse the last release's values and merge in + overrides from 'Values'. Setting this flag makes the HelmRelease + non-declarative. type: boolean remediation: - description: Remediation holds the remediation configuration for when the Helm upgrade action for the - HelmRelease fails. The default is to not perform any action. + description: |- + Remediation holds the remediation configuration for when the Helm upgrade + action for the HelmRelease fails. The default is to not perform any action. properties: ignoreTestFailures: - description: IgnoreTestFailures tells the controller to skip remediation when the Helm tests are run - after an upgrade action but fail. Defaults to 'Test.IgnoreFailures'. + description: |- + IgnoreTestFailures tells the controller to skip remediation when the Helm + tests are run after an upgrade action but fail. + Defaults to 'Test.IgnoreFailures'. type: boolean remediateLastFailure: - description: RemediateLastFailure tells the controller to remediate the last failure, when no retries - remain. Defaults to 'false' unless 'Retries' is greater than 0. + description: |- + RemediateLastFailure tells the controller to remediate the last failure, when + no retries remain. Defaults to 'false' unless 'Retries' is greater than 0. type: boolean retries: - description: Retries is the number of retries that should be attempted on failures before bailing. - Remediation, using 'Strategy', is performed between each attempt. Defaults to '0', a negative integer - equals to unlimited retries. + description: |- + Retries is the number of retries that should be attempted on failures before + bailing. Remediation, using 'Strategy', is performed between each attempt. + Defaults to '0', a negative integer equals to unlimited retries. type: integer strategy: - description: Strategy to use for failure remediation. Defaults to 'rollback'. + description: Strategy to use for failure remediation. Defaults + to 'rollback'. enum: - rollback - uninstall type: string type: object timeout: - description: Timeout is the time to wait for any individual Kubernetes operation (like Jobs for hooks) - during the performance of a Helm upgrade action. Defaults to 'HelmReleaseSpec.Timeout'. + description: |- + Timeout is the time to wait for any individual Kubernetes operation (like + Jobs for hooks) during the performance of a Helm upgrade action. Defaults to + 'HelmReleaseSpec.Timeout'. pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$ type: string type: object @@ -5401,39 +9899,46 @@ spec: description: Values holds the values for this Helm release. x-kubernetes-preserve-unknown-fields: true valuesFrom: - description: ValuesFrom holds references to resources containing Helm values for this HelmRelease, and information - about how they should be merged. + description: |- + ValuesFrom holds references to resources containing Helm values for this HelmRelease, + and information about how they should be merged. items: - description: ValuesReference contains a reference to a resource containing Helm values, and optionally the - key they can be found at. + description: |- + ValuesReference contains a reference to a resource containing Helm values, + and optionally the key they can be found at. properties: kind: - description: Kind of the values referent, valid values are ('Secret', 'ConfigMap'). + description: Kind of the values referent, valid values are ('Secret', + 'ConfigMap'). enum: - Secret - ConfigMap type: string name: - description: Name of the values referent. Should reside in the same namespace as the referring resource. + description: |- + Name of the values referent. Should reside in the same namespace as the + referring resource. maxLength: 253 minLength: 1 type: string optional: - description: Optional marks this ValuesReference as optional. When set, a not found error for the values - reference is ignored, but any ValuesKey, TargetPath or transient error will still result in a reconciliation - failure. + description: |- + Optional marks this ValuesReference as optional. When set, a not found error + for the values reference is ignored, but any ValuesKey, TargetPath or + transient error will still result in a reconciliation failure. type: boolean targetPath: - description: TargetPath is the YAML dot notation path the value should be merged at. When set, the ValuesKey - is expected to be a single flat value. Defaults to 'None', which results in the values getting merged - at the root. + description: |- + TargetPath is the YAML dot notation path the value should be merged at. When + set, the ValuesKey is expected to be a single flat value. Defaults to 'None', + which results in the values getting merged at the root. maxLength: 250 pattern: ^([a-zA-Z0-9_\-.\\\/]|\[[0-9]{1,5}\])+$ type: string valuesKey: - description: ValuesKey is the data key where the values.yaml or a specific value can be found at. Defaults - to 'values.yaml'. When set, must be a valid Data Key, consisting of alphanumeric characters, '-', - '_' or '.'. + description: |- + ValuesKey is the data key where the values.yaml or a specific value can be + found at. Defaults to 'values.yaml'. maxLength: 253 pattern: ^[\-._a-zA-Z0-9]+$ type: string @@ -5443,9 +9948,12 @@ spec: type: object type: array required: - - chart - interval type: object + x-kubernetes-validations: + - message: either chart or chartRef must be set + rule: (has(self.chart) && !has(self.chartRef)) || (!has(self.chart) + && has(self.chartRef)) status: default: observedGeneration: -1 @@ -5454,35 +9962,43 @@ spec: conditions: description: Conditions holds the conditions for the HelmRelease. items: - description: "Condition contains details for one aspect of the current state of this API Resource. --- This - struct is intended for direct use as an array at the field path .status.conditions. For example, \n type - FooStatus struct{ // Represents the observations of a foo's current state. // Known .status.conditions.type - are: \"Available\", \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge // - +listType=map // +listMapKey=type Conditions []metav1.Condition `json:\"conditions,omitempty\" patchStrategy:\"merge\" - patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" + description: "Condition contains details for one aspect of the current + state of this API Resource.\n---\nThis struct is intended for + direct use as an array at the field path .status.conditions. For + example,\n\n\n\ttype FooStatus struct{\n\t // Represents the + observations of a foo's current state.\n\t // Known .status.conditions.type + are: \"Available\", \"Progressing\", and \"Degraded\"\n\t // + +patchMergeKey=type\n\t // +patchStrategy=merge\n\t // +listType=map\n\t + \ // +listMapKey=type\n\t Conditions []metav1.Condition `json:\"conditions,omitempty\" + patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"`\n\n\n\t + \ // other fields\n\t}" properties: lastTransitionTime: - description: lastTransitionTime is the last time the condition transitioned from one status to another. - This should be when the underlying condition changed. If that is not known, then using the time when - the API field changed is acceptable. + description: |- + lastTransitionTime is the last time the condition transitioned from one status to another. + This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. format: date-time type: string message: - description: message is a human readable message indicating details about the transition. This may be - an empty string. + description: |- + message is a human readable message indicating details about the transition. + This may be an empty string. maxLength: 32768 type: string observedGeneration: - description: observedGeneration represents the .metadata.generation that the condition was set based - upon. For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration - is 9, the condition is out of date with respect to the current state of the instance. + description: |- + observedGeneration represents the .metadata.generation that the condition was set based upon. + For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date + with respect to the current state of the instance. format: int64 minimum: 0 type: integer reason: - description: reason contains a programmatic identifier indicating the reason for the condition's last - transition. Producers of specific condition types may define expected values and meanings for this - field, and whether the values are considered a guaranteed API. The value should be a CamelCase string. + description: |- + reason contains a programmatic identifier indicating the reason for the condition's last transition. + Producers of specific condition types may define expected values and meanings for this field, + and whether the values are considered a guaranteed API. + The value should be a CamelCase string. This field may not be empty. maxLength: 1024 minLength: 1 @@ -5496,9 +10012,12 @@ spec: - Unknown type: string type: - description: type of condition in CamelCase or in foo.example.com/CamelCase. --- Many .condition.type - values are consistent across resources like Available, but because arbitrary conditions can be useful - (see .node.status.conditions), the ability to deconflict is important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + description: |- + type of condition in CamelCase or in foo.example.com/CamelCase. + --- + Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be + useful (see .node.status.conditions), the ability to deconflict is important. + The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) maxLength: 316 pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ type: string @@ -5511,48 +10030,217 @@ spec: type: object type: array failures: - description: Failures is the reconciliation failure count against the latest desired state. It is reset after - a successful reconciliation. + description: |- + Failures is the reconciliation failure count against the latest desired + state. It is reset after a successful reconciliation. format: int64 type: integer helmChart: - description: HelmChart is the namespaced name of the HelmChart resource created by the controller for the - HelmRelease. - type: string + description: |- + HelmChart is the namespaced name of the HelmChart resource created by + the controller for the HelmRelease. + type: string + history: + description: |- + History holds the history of Helm releases performed for this HelmRelease + up to the last successfully completed release. + items: + description: |- + Snapshot captures a point-in-time copy of the status information for a Helm release, + as managed by the controller. + properties: + apiVersion: + description: |- + APIVersion is the API version of the Snapshot. + Provisional: when the calculation method of the Digest field is changed, + this field will be used to distinguish between the old and new methods. + type: string + appVersion: + description: AppVersion is the chart app version of the release + object in storage. + type: string + chartName: + description: ChartName is the chart name of the release object + in storage. + type: string + chartVersion: + description: |- + ChartVersion is the chart version of the release object in + storage. + type: string + configDigest: + description: |- + ConfigDigest is the checksum of the config (better known as + "values") of the release object in storage. + It has the format of `:`. + type: string + deleted: + description: Deleted is when the release was deleted. + format: date-time + type: string + digest: + description: |- + Digest is the checksum of the release object in storage. + It has the format of `:`. + type: string + firstDeployed: + description: FirstDeployed is when the release was first deployed. + format: date-time + type: string + lastDeployed: + description: LastDeployed is when the release was last deployed. + format: date-time + type: string + name: + description: Name is the name of the release. + type: string + namespace: + description: Namespace is the namespace the release is deployed + to. + type: string + ociDigest: + description: OCIDigest is the digest of the OCI artifact associated + with the release. + type: string + status: + description: Status is the current state of the release. + type: string + testHooks: + additionalProperties: + description: |- + TestHookStatus holds the status information for a test hook as observed + to be run by the controller. + properties: + lastCompleted: + description: LastCompleted is the time the test hook last + completed. + format: date-time + type: string + lastStarted: + description: LastStarted is the time the test hook was + last started. + format: date-time + type: string + phase: + description: Phase the test hook was observed to be in. + type: string + type: object + description: |- + TestHooks is the list of test hooks for the release as observed to be + run by the controller. + type: object + version: + description: Version is the version of the release object in + storage. + type: integer + required: + - chartName + - chartVersion + - configDigest + - digest + - firstDeployed + - lastDeployed + - name + - namespace + - status + - version + type: object + type: array installFailures: - description: InstallFailures is the install failure count against the latest desired state. It is reset after - a successful reconciliation. + description: |- + InstallFailures is the install failure count against the latest desired + state. It is reset after a successful reconciliation. format: int64 type: integer lastAppliedRevision: - description: LastAppliedRevision is the revision of the last successfully applied source. + description: |- + LastAppliedRevision is the revision of the last successfully applied + source. + Deprecated: the revision can now be found in the History. + type: string + lastAttemptedConfigDigest: + description: |- + LastAttemptedConfigDigest is the digest for the config (better known as + "values") of the last reconciliation attempt. + type: string + lastAttemptedGeneration: + description: |- + LastAttemptedGeneration is the last generation the controller attempted + to reconcile. + format: int64 + type: integer + lastAttemptedReleaseAction: + description: |- + LastAttemptedReleaseAction is the last release action performed for this + HelmRelease. It is used to determine the active remediation strategy. + enum: + - install + - upgrade type: string lastAttemptedRevision: - description: LastAttemptedRevision is the revision of the last reconciliation attempt. + description: |- + LastAttemptedRevision is the Source revision of the last reconciliation + attempt. For OCIRepository sources, the 12 first characters of the digest are + appended to the chart version e.g. "1.2.3+1234567890ab". + type: string + lastAttemptedRevisionDigest: + description: |- + LastAttemptedRevisionDigest is the digest of the last reconciliation attempt. + This is only set for OCIRepository sources. type: string lastAttemptedValuesChecksum: - description: LastAttemptedValuesChecksum is the SHA1 checksum of the values of the last reconciliation attempt. + description: |- + LastAttemptedValuesChecksum is the SHA1 checksum for the values of the last + reconciliation attempt. + Deprecated: Use LastAttemptedConfigDigest instead. + type: string + lastHandledForceAt: + description: |- + LastHandledForceAt holds the value of the most recent force request + value, so a change of the annotation value can be detected. type: string lastHandledReconcileAt: - description: LastHandledReconcileAt holds the value of the most recent reconcile request value, so a change - of the annotation value can be detected. + description: |- + LastHandledReconcileAt holds the value of the most recent + reconcile request value, so a change of the annotation value + can be detected. + type: string + lastHandledResetAt: + description: |- + LastHandledResetAt holds the value of the most recent reset request + value, so a change of the annotation value can be detected. type: string lastReleaseRevision: - description: LastReleaseRevision is the revision of the last successful Helm release. + description: |- + LastReleaseRevision is the revision of the last successful Helm release. + Deprecated: Use History instead. type: integer observedGeneration: description: ObservedGeneration is the last observed generation. format: int64 type: integer + observedPostRenderersDigest: + description: |- + ObservedPostRenderersDigest is the digest for the post-renderers of + the last successful reconciliation attempt. + type: string + storageNamespace: + description: |- + StorageNamespace is the namespace of the Helm release storage for the + current release. + maxLength: 63 + minLength: 1 + type: string upgradeFailures: - description: UpgradeFailures is the upgrade failure count against the latest desired state. It is reset after - a successful reconciliation. + description: |- + UpgradeFailures is the upgrade failure count against the latest desired + state. It is reset after a successful reconciliation. format: int64 type: integer type: object type: object served: true - storage: true + storage: false subresources: status: {} --- @@ -5563,7 +10251,7 @@ metadata: app.kubernetes.io/component: helm-controller app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v2.1.1 + app.kubernetes.io/version: v2.3.0 name: helm-controller namespace: flux-system --- @@ -5574,7 +10262,7 @@ metadata: app.kubernetes.io/component: helm-controller app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v2.1.1 + app.kubernetes.io/version: v2.3.0 control-plane: controller name: helm-controller namespace: flux-system @@ -5603,7 +10291,17 @@ spec: valueFrom: fieldRef: fieldPath: metadata.namespace - image: ghcr.io/fluxcd/helm-controller:v0.36.1 + - name: GOMAXPROCS + valueFrom: + resourceFieldRef: + containerName: manager + resource: limits.cpu + - name: GOMEMLIMIT + valueFrom: + resourceFieldRef: + containerName: manager + resource: limits.memory + image: ghcr.io/fluxcd/helm-controller:v1.0.1 imagePullPolicy: IfNotPresent livenessProbe: httpGet: @@ -5655,12 +10353,12 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.12.0 + controller-gen.kubebuilder.io/version: v0.15.0 labels: app.kubernetes.io/component: notification-controller app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v2.1.1 + app.kubernetes.io/version: v2.3.0 name: alerts.notification.toolkit.fluxcd.io spec: group: notification.toolkit.fluxcd.io @@ -5681,27 +10379,39 @@ spec: - jsonPath: .status.conditions[?(@.type=="Ready")].message name: Status type: string + deprecated: true + deprecationWarning: v1beta1 Alert is deprecated, upgrade to v1beta3 name: v1beta1 schema: openAPIV3Schema: description: Alert is the Schema for the alerts API properties: apiVersion: - description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert - recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string kind: - description: 'Kind is a string value representing the REST resource this object represents. Servers may infer - this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string metadata: type: object spec: - description: AlertSpec defines an alerting rule for events involving a list of objects + description: AlertSpec defines an alerting rule for events involving a + list of objects properties: eventSeverity: default: info - description: Filter events based on severity, defaults to ('info'). If set to 'info' no events will be filtered. + description: |- + Filter events based on severity, defaults to ('info'). + If set to 'info' no events will be filtered. enum: - info - error @@ -5709,8 +10419,9 @@ spec: eventSources: description: Filter events based on the involved objects. items: - description: CrossNamespaceObjectReference contains enough information to let you locate the typed referenced - object at cluster level + description: |- + CrossNamespaceObjectReference contains enough information to let you locate the + typed referenced object at cluster level properties: apiVersion: description: API version of the referent @@ -5732,9 +10443,10 @@ spec: matchLabels: additionalProperties: type: string - description: MatchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map - is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and - the values array contains only "value". The requirements are ANDed. + description: |- + MatchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, whose key field is "key", the + operator is "In", and the values array contains only "value". The requirements are ANDed. type: object name: description: Name of the referent @@ -5751,7 +10463,8 @@ spec: type: object type: array exclusionList: - description: A list of Golang regular expressions to be used for excluding messages. + description: A list of Golang regular expressions to be used for excluding + messages. items: type: string type: array @@ -5768,7 +10481,9 @@ spec: description: Short description of the impact and affected cluster. type: string suspend: - description: This flag tells the controller to suspend subsequent events dispatching. Defaults to false. + description: |- + This flag tells the controller to suspend subsequent events dispatching. + Defaults to false. type: boolean required: - eventSources @@ -5781,35 +10496,43 @@ spec: properties: conditions: items: - description: "Condition contains details for one aspect of the current state of this API Resource. --- This - struct is intended for direct use as an array at the field path .status.conditions. For example, \n type - FooStatus struct{ // Represents the observations of a foo's current state. // Known .status.conditions.type - are: \"Available\", \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge // - +listType=map // +listMapKey=type Conditions []metav1.Condition `json:\"conditions,omitempty\" patchStrategy:\"merge\" - patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" + description: "Condition contains details for one aspect of the current + state of this API Resource.\n---\nThis struct is intended for + direct use as an array at the field path .status.conditions. For + example,\n\n\n\ttype FooStatus struct{\n\t // Represents the + observations of a foo's current state.\n\t // Known .status.conditions.type + are: \"Available\", \"Progressing\", and \"Degraded\"\n\t // + +patchMergeKey=type\n\t // +patchStrategy=merge\n\t // +listType=map\n\t + \ // +listMapKey=type\n\t Conditions []metav1.Condition `json:\"conditions,omitempty\" + patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"`\n\n\n\t + \ // other fields\n\t}" properties: lastTransitionTime: - description: lastTransitionTime is the last time the condition transitioned from one status to another. - This should be when the underlying condition changed. If that is not known, then using the time when - the API field changed is acceptable. + description: |- + lastTransitionTime is the last time the condition transitioned from one status to another. + This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. format: date-time type: string message: - description: message is a human readable message indicating details about the transition. This may be - an empty string. + description: |- + message is a human readable message indicating details about the transition. + This may be an empty string. maxLength: 32768 type: string observedGeneration: - description: observedGeneration represents the .metadata.generation that the condition was set based - upon. For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration - is 9, the condition is out of date with respect to the current state of the instance. + description: |- + observedGeneration represents the .metadata.generation that the condition was set based upon. + For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date + with respect to the current state of the instance. format: int64 minimum: 0 type: integer reason: - description: reason contains a programmatic identifier indicating the reason for the condition's last - transition. Producers of specific condition types may define expected values and meanings for this - field, and whether the values are considered a guaranteed API. The value should be a CamelCase string. + description: |- + reason contains a programmatic identifier indicating the reason for the condition's last transition. + Producers of specific condition types may define expected values and meanings for this field, + and whether the values are considered a guaranteed API. + The value should be a CamelCase string. This field may not be empty. maxLength: 1024 minLength: 1 @@ -5823,9 +10546,12 @@ spec: - Unknown type: string type: - description: type of condition in CamelCase or in foo.example.com/CamelCase. --- Many .condition.type - values are consistent across resources like Available, but because arbitrary conditions can be useful - (see .node.status.conditions), the ability to deconflict is important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + description: |- + type of condition in CamelCase or in foo.example.com/CamelCase. + --- + Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be + useful (see .node.status.conditions), the ability to deconflict is important. + The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) maxLength: 316 pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ type: string @@ -5857,45 +10583,61 @@ spec: - jsonPath: .status.conditions[?(@.type=="Ready")].message name: Status type: string + deprecated: true + deprecationWarning: v1beta2 Alert is deprecated, upgrade to v1beta3 name: v1beta2 schema: openAPIV3Schema: description: Alert is the Schema for the alerts API properties: apiVersion: - description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert - recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string kind: - description: 'Kind is a string value representing the REST resource this object represents. Servers may infer - this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string metadata: type: object spec: - description: AlertSpec defines an alerting rule for events involving a list of objects. + description: AlertSpec defines an alerting rule for events involving a + list of objects. properties: eventMetadata: additionalProperties: type: string - description: EventMetadata is an optional field for adding metadata to events dispatched by the controller. - This can be used for enhancing the context of the event. If a field would override one already present on - the original event as generated by the emitter, then the override doesn't happen, i.e. the original value - is preserved, and an info log is printed. + description: |- + EventMetadata is an optional field for adding metadata to events dispatched by the + controller. This can be used for enhancing the context of the event. If a field + would override one already present on the original event as generated by the emitter, + then the override doesn't happen, i.e. the original value is preserved, and an info + log is printed. type: object eventSeverity: default: info - description: EventSeverity specifies how to filter events based on severity. If set to 'info' no events will - be filtered. + description: |- + EventSeverity specifies how to filter events based on severity. + If set to 'info' no events will be filtered. enum: - info - error type: string eventSources: - description: EventSources specifies how to filter events based on the involved object kind, name and namespace. + description: |- + EventSources specifies how to filter events based + on the involved object kind, name and namespace. items: - description: CrossNamespaceObjectReference contains enough information to let you locate the typed referenced - object at cluster level + description: |- + CrossNamespaceObjectReference contains enough information to let you locate the + typed referenced object at cluster level properties: apiVersion: description: API version of the referent @@ -5917,13 +10659,16 @@ spec: matchLabels: additionalProperties: type: string - description: MatchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map - is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and - the values array contains only "value". The requirements are ANDed. MatchLabels requires the name - to be set to `*`. + description: |- + MatchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, whose key field is "key", the + operator is "In", and the values array contains only "value". The requirements are ANDed. + MatchLabels requires the name to be set to `*`. type: object name: - description: Name of the referent If multiple resources are targeted `*` may be set. + description: |- + Name of the referent + If multiple resources are targeted `*` may be set. maxLength: 53 minLength: 1 type: string @@ -5938,17 +10683,22 @@ spec: type: object type: array exclusionList: - description: ExclusionList specifies a list of Golang regular expressions to be used for excluding messages. + description: |- + ExclusionList specifies a list of Golang regular expressions + to be used for excluding messages. items: type: string type: array inclusionList: - description: InclusionList specifies a list of Golang regular expressions to be used for including messages. + description: |- + InclusionList specifies a list of Golang regular expressions + to be used for including messages. items: type: string type: array providerRef: - description: ProviderRef specifies which Provider this Alert should use. + description: ProviderRef specifies which Provider this Alert should + use. properties: name: description: Name of the referent. @@ -5957,11 +10707,14 @@ spec: - name type: object summary: - description: Summary holds a short description of the impact and affected cluster. + description: Summary holds a short description of the impact and affected + cluster. maxLength: 255 type: string suspend: - description: Suspend tells the controller to suspend subsequent events handling for this Alert. + description: |- + Suspend tells the controller to suspend subsequent + events handling for this Alert. type: boolean required: - eventSources @@ -5975,35 +10728,43 @@ spec: conditions: description: Conditions holds the conditions for the Alert. items: - description: "Condition contains details for one aspect of the current state of this API Resource. --- This - struct is intended for direct use as an array at the field path .status.conditions. For example, \n type - FooStatus struct{ // Represents the observations of a foo's current state. // Known .status.conditions.type - are: \"Available\", \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge // - +listType=map // +listMapKey=type Conditions []metav1.Condition `json:\"conditions,omitempty\" patchStrategy:\"merge\" - patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" + description: "Condition contains details for one aspect of the current + state of this API Resource.\n---\nThis struct is intended for + direct use as an array at the field path .status.conditions. For + example,\n\n\n\ttype FooStatus struct{\n\t // Represents the + observations of a foo's current state.\n\t // Known .status.conditions.type + are: \"Available\", \"Progressing\", and \"Degraded\"\n\t // + +patchMergeKey=type\n\t // +patchStrategy=merge\n\t // +listType=map\n\t + \ // +listMapKey=type\n\t Conditions []metav1.Condition `json:\"conditions,omitempty\" + patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"`\n\n\n\t + \ // other fields\n\t}" properties: lastTransitionTime: - description: lastTransitionTime is the last time the condition transitioned from one status to another. - This should be when the underlying condition changed. If that is not known, then using the time when - the API field changed is acceptable. + description: |- + lastTransitionTime is the last time the condition transitioned from one status to another. + This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. format: date-time type: string message: - description: message is a human readable message indicating details about the transition. This may be - an empty string. + description: |- + message is a human readable message indicating details about the transition. + This may be an empty string. maxLength: 32768 type: string observedGeneration: - description: observedGeneration represents the .metadata.generation that the condition was set based - upon. For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration - is 9, the condition is out of date with respect to the current state of the instance. + description: |- + observedGeneration represents the .metadata.generation that the condition was set based upon. + For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date + with respect to the current state of the instance. format: int64 minimum: 0 type: integer reason: - description: reason contains a programmatic identifier indicating the reason for the condition's last - transition. Producers of specific condition types may define expected values and meanings for this - field, and whether the values are considered a guaranteed API. The value should be a CamelCase string. + description: |- + reason contains a programmatic identifier indicating the reason for the condition's last transition. + Producers of specific condition types may define expected values and meanings for this field, + and whether the values are considered a guaranteed API. + The value should be a CamelCase string. This field may not be empty. maxLength: 1024 minLength: 1 @@ -6017,9 +10778,12 @@ spec: - Unknown type: string type: - description: type of condition in CamelCase or in foo.example.com/CamelCase. --- Many .condition.type - values are consistent across resources like Available, but because arbitrary conditions can be useful - (see .node.status.conditions), the ability to deconflict is important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + description: |- + type of condition in CamelCase or in foo.example.com/CamelCase. + --- + Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be + useful (see .node.status.conditions), the ability to deconflict is important. + The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) maxLength: 316 pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ type: string @@ -6032,8 +10796,10 @@ spec: type: object type: array lastHandledReconcileAt: - description: LastHandledReconcileAt holds the value of the most recent reconcile request value, so a change - of the annotation value can be detected. + description: |- + LastHandledReconcileAt holds the value of the most recent + reconcile request value, so a change of the annotation value + can be detected. type: string observedGeneration: description: ObservedGeneration is the last observed generation. @@ -6042,20 +10808,163 @@ spec: type: object type: object served: true - storage: true + storage: false subresources: status: {} + - additionalPrinterColumns: + - jsonPath: .metadata.creationTimestamp + name: Age + type: date + name: v1beta3 + schema: + openAPIV3Schema: + description: Alert is the Schema for the alerts API + properties: + apiVersion: + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources + type: string + kind: + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds + type: string + metadata: + type: object + spec: + description: AlertSpec defines an alerting rule for events involving a + list of objects. + properties: + eventMetadata: + additionalProperties: + type: string + description: |- + EventMetadata is an optional field for adding metadata to events dispatched by the + controller. This can be used for enhancing the context of the event. If a field + would override one already present on the original event as generated by the emitter, + then the override doesn't happen, i.e. the original value is preserved, and an info + log is printed. + type: object + eventSeverity: + default: info + description: |- + EventSeverity specifies how to filter events based on severity. + If set to 'info' no events will be filtered. + enum: + - info + - error + type: string + eventSources: + description: |- + EventSources specifies how to filter events based + on the involved object kind, name and namespace. + items: + description: |- + CrossNamespaceObjectReference contains enough information to let you locate the + typed referenced object at cluster level + properties: + apiVersion: + description: API version of the referent + type: string + kind: + description: Kind of the referent + enum: + - Bucket + - GitRepository + - Kustomization + - HelmRelease + - HelmChart + - HelmRepository + - ImageRepository + - ImagePolicy + - ImageUpdateAutomation + - OCIRepository + type: string + matchLabels: + additionalProperties: + type: string + description: |- + MatchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, whose key field is "key", the + operator is "In", and the values array contains only "value". The requirements are ANDed. + MatchLabels requires the name to be set to `*`. + type: object + name: + description: |- + Name of the referent + If multiple resources are targeted `*` may be set. + maxLength: 53 + minLength: 1 + type: string + namespace: + description: Namespace of the referent + maxLength: 53 + minLength: 1 + type: string + required: + - kind + - name + type: object + type: array + exclusionList: + description: |- + ExclusionList specifies a list of Golang regular expressions + to be used for excluding messages. + items: + type: string + type: array + inclusionList: + description: |- + InclusionList specifies a list of Golang regular expressions + to be used for including messages. + items: + type: string + type: array + providerRef: + description: ProviderRef specifies which Provider this Alert should + use. + properties: + name: + description: Name of the referent. + type: string + required: + - name + type: object + summary: + description: Summary holds a short description of the impact and affected + cluster. + maxLength: 255 + type: string + suspend: + description: |- + Suspend tells the controller to suspend subsequent + events handling for this Alert. + type: boolean + required: + - eventSources + - providerRef + type: object + type: object + served: true + storage: true + subresources: {} --- apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.12.0 + controller-gen.kubebuilder.io/version: v0.15.0 labels: app.kubernetes.io/component: notification-controller app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v2.1.1 + app.kubernetes.io/version: v2.3.0 name: providers.notification.toolkit.fluxcd.io spec: group: notification.toolkit.fluxcd.io @@ -6076,18 +10985,27 @@ spec: - jsonPath: .status.conditions[?(@.type=="Ready")].message name: Status type: string + deprecated: true + deprecationWarning: v1beta1 Provider is deprecated, upgrade to v1beta3 name: v1beta1 schema: openAPIV3Schema: description: Provider is the Schema for the providers API properties: apiVersion: - description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert - recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string kind: - description: 'Kind is a string value representing the REST resource this object represents. Servers may infer - this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string metadata: type: object @@ -6099,7 +11017,9 @@ spec: pattern: ^(http|https):// type: string certSecretRef: - description: CertSecretRef can be given the name of a secret containing a PEM-encoded CA certificate (`caFile`) + description: |- + CertSecretRef can be given the name of a secret containing + a PEM-encoded CA certificate (`caFile`) properties: name: description: Name of the referent. @@ -6115,7 +11035,9 @@ spec: pattern: ^(http|https):// type: string secretRef: - description: Secret reference containing the provider webhook URL using "address" as data key + description: |- + Secret reference containing the provider webhook URL + using "address" as data key properties: name: description: Name of the referent. @@ -6124,7 +11046,9 @@ spec: - name type: object suspend: - description: This flag tells the controller to suspend subsequent events handling. Defaults to false. + description: |- + This flag tells the controller to suspend subsequent events handling. + Defaults to false. type: boolean timeout: description: Timeout for sending alerts to the provider. @@ -6168,35 +11092,43 @@ spec: properties: conditions: items: - description: "Condition contains details for one aspect of the current state of this API Resource. --- This - struct is intended for direct use as an array at the field path .status.conditions. For example, \n type - FooStatus struct{ // Represents the observations of a foo's current state. // Known .status.conditions.type - are: \"Available\", \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge // - +listType=map // +listMapKey=type Conditions []metav1.Condition `json:\"conditions,omitempty\" patchStrategy:\"merge\" - patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" + description: "Condition contains details for one aspect of the current + state of this API Resource.\n---\nThis struct is intended for + direct use as an array at the field path .status.conditions. For + example,\n\n\n\ttype FooStatus struct{\n\t // Represents the + observations of a foo's current state.\n\t // Known .status.conditions.type + are: \"Available\", \"Progressing\", and \"Degraded\"\n\t // + +patchMergeKey=type\n\t // +patchStrategy=merge\n\t // +listType=map\n\t + \ // +listMapKey=type\n\t Conditions []metav1.Condition `json:\"conditions,omitempty\" + patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"`\n\n\n\t + \ // other fields\n\t}" properties: lastTransitionTime: - description: lastTransitionTime is the last time the condition transitioned from one status to another. - This should be when the underlying condition changed. If that is not known, then using the time when - the API field changed is acceptable. + description: |- + lastTransitionTime is the last time the condition transitioned from one status to another. + This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. format: date-time type: string message: - description: message is a human readable message indicating details about the transition. This may be - an empty string. + description: |- + message is a human readable message indicating details about the transition. + This may be an empty string. maxLength: 32768 type: string observedGeneration: - description: observedGeneration represents the .metadata.generation that the condition was set based - upon. For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration - is 9, the condition is out of date with respect to the current state of the instance. + description: |- + observedGeneration represents the .metadata.generation that the condition was set based upon. + For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date + with respect to the current state of the instance. format: int64 minimum: 0 type: integer reason: - description: reason contains a programmatic identifier indicating the reason for the condition's last - transition. Producers of specific condition types may define expected values and meanings for this - field, and whether the values are considered a guaranteed API. The value should be a CamelCase string. + description: |- + reason contains a programmatic identifier indicating the reason for the condition's last transition. + Producers of specific condition types may define expected values and meanings for this field, + and whether the values are considered a guaranteed API. + The value should be a CamelCase string. This field may not be empty. maxLength: 1024 minLength: 1 @@ -6210,9 +11142,12 @@ spec: - Unknown type: string type: - description: type of condition in CamelCase or in foo.example.com/CamelCase. --- Many .condition.type - values are consistent across resources like Available, but because arbitrary conditions can be useful - (see .node.status.conditions), the ability to deconflict is important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + description: |- + type of condition in CamelCase or in foo.example.com/CamelCase. + --- + Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be + useful (see .node.status.conditions), the ability to deconflict is important. + The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) maxLength: 316 pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ type: string @@ -6244,18 +11179,27 @@ spec: - jsonPath: .status.conditions[?(@.type=="Ready")].message name: Status type: string + deprecated: true + deprecationWarning: v1beta2 Provider is deprecated, upgrade to v1beta3 name: v1beta2 schema: openAPIV3Schema: description: Provider is the Schema for the providers API. properties: apiVersion: - description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert - recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string kind: - description: 'Kind is a string value representing the REST resource this object represents. Servers may infer - this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string metadata: type: object @@ -6263,14 +11207,21 @@ spec: description: ProviderSpec defines the desired state of the Provider. properties: address: - description: Address specifies the endpoint, in a generic sense, to where alerts are sent. What kind of endpoint - depends on the specific Provider type being used. For the generic Provider, for example, this is an HTTP/S - address. For other Provider types this could be a project ID or a namespace. + description: |- + Address specifies the endpoint, in a generic sense, to where alerts are sent. + What kind of endpoint depends on the specific Provider type being used. + For the generic Provider, for example, this is an HTTP/S address. + For other Provider types this could be a project ID or a namespace. maxLength: 2048 type: string certSecretRef: - description: "CertSecretRef specifies the Secret containing a PEM-encoded CA certificate (in the `ca.crt` - key). \n Note: Support for the `caFile` key has been deprecated." + description: |- + CertSecretRef specifies the Secret containing + a PEM-encoded CA certificate (in the `ca.crt` key). + + + Note: Support for the `caFile` key has + been deprecated. properties: name: description: Name of the referent. @@ -6279,11 +11230,13 @@ spec: - name type: object channel: - description: Channel specifies the destination channel where events should be posted. + description: Channel specifies the destination channel where events + should be posted. maxLength: 2048 type: string interval: - description: Interval at which to reconcile the Provider with its Secret references. + description: Interval at which to reconcile the Provider with its + Secret references. pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$ type: string proxy: @@ -6292,7 +11245,9 @@ spec: pattern: ^(http|https)://.*$ type: string secretRef: - description: SecretRef specifies the Secret containing the authentication credentials for this Provider. + description: |- + SecretRef specifies the Secret containing the authentication + credentials for this Provider. properties: name: description: Name of the referent. @@ -6301,7 +11256,9 @@ spec: - name type: object suspend: - description: Suspend tells the controller to suspend subsequent events handling for this Provider. + description: |- + Suspend tells the controller to suspend subsequent + events handling for this Provider. type: boolean timeout: description: Timeout for sending alerts to the Provider. @@ -6319,6 +11276,7 @@ spec: - github - gitlab - gitea + - bitbucketserver - bitbucket - azuredevops - googlechat @@ -6351,35 +11309,43 @@ spec: conditions: description: Conditions holds the conditions for the Provider. items: - description: "Condition contains details for one aspect of the current state of this API Resource. --- This - struct is intended for direct use as an array at the field path .status.conditions. For example, \n type - FooStatus struct{ // Represents the observations of a foo's current state. // Known .status.conditions.type - are: \"Available\", \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge // - +listType=map // +listMapKey=type Conditions []metav1.Condition `json:\"conditions,omitempty\" patchStrategy:\"merge\" - patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" + description: "Condition contains details for one aspect of the current + state of this API Resource.\n---\nThis struct is intended for + direct use as an array at the field path .status.conditions. For + example,\n\n\n\ttype FooStatus struct{\n\t // Represents the + observations of a foo's current state.\n\t // Known .status.conditions.type + are: \"Available\", \"Progressing\", and \"Degraded\"\n\t // + +patchMergeKey=type\n\t // +patchStrategy=merge\n\t // +listType=map\n\t + \ // +listMapKey=type\n\t Conditions []metav1.Condition `json:\"conditions,omitempty\" + patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"`\n\n\n\t + \ // other fields\n\t}" properties: lastTransitionTime: - description: lastTransitionTime is the last time the condition transitioned from one status to another. - This should be when the underlying condition changed. If that is not known, then using the time when - the API field changed is acceptable. + description: |- + lastTransitionTime is the last time the condition transitioned from one status to another. + This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. format: date-time type: string message: - description: message is a human readable message indicating details about the transition. This may be - an empty string. + description: |- + message is a human readable message indicating details about the transition. + This may be an empty string. maxLength: 32768 type: string observedGeneration: - description: observedGeneration represents the .metadata.generation that the condition was set based - upon. For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration - is 9, the condition is out of date with respect to the current state of the instance. + description: |- + observedGeneration represents the .metadata.generation that the condition was set based upon. + For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date + with respect to the current state of the instance. format: int64 minimum: 0 type: integer reason: - description: reason contains a programmatic identifier indicating the reason for the condition's last - transition. Producers of specific condition types may define expected values and meanings for this - field, and whether the values are considered a guaranteed API. The value should be a CamelCase string. + description: |- + reason contains a programmatic identifier indicating the reason for the condition's last transition. + Producers of specific condition types may define expected values and meanings for this field, + and whether the values are considered a guaranteed API. + The value should be a CamelCase string. This field may not be empty. maxLength: 1024 minLength: 1 @@ -6393,9 +11359,12 @@ spec: - Unknown type: string type: - description: type of condition in CamelCase or in foo.example.com/CamelCase. --- Many .condition.type - values are consistent across resources like Available, but because arbitrary conditions can be useful - (see .node.status.conditions), the ability to deconflict is important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + description: |- + type of condition in CamelCase or in foo.example.com/CamelCase. + --- + Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be + useful (see .node.status.conditions), the ability to deconflict is important. + The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) maxLength: 316 pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ type: string @@ -6408,8 +11377,10 @@ spec: type: object type: array lastHandledReconcileAt: - description: LastHandledReconcileAt holds the value of the most recent reconcile request value, so a change - of the annotation value can be detected. + description: |- + LastHandledReconcileAt holds the value of the most recent + reconcile request value, so a change of the annotation value + can be detected. type: string observedGeneration: description: ObservedGeneration is the last reconciled generation. @@ -6418,20 +11389,150 @@ spec: type: object type: object served: true - storage: true + storage: false subresources: status: {} + - additionalPrinterColumns: + - jsonPath: .metadata.creationTimestamp + name: Age + type: date + name: v1beta3 + schema: + openAPIV3Schema: + description: Provider is the Schema for the providers API + properties: + apiVersion: + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources + type: string + kind: + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds + type: string + metadata: + type: object + spec: + description: ProviderSpec defines the desired state of the Provider. + properties: + address: + description: |- + Address specifies the endpoint, in a generic sense, to where alerts are sent. + What kind of endpoint depends on the specific Provider type being used. + For the generic Provider, for example, this is an HTTP/S address. + For other Provider types this could be a project ID or a namespace. + maxLength: 2048 + type: string + certSecretRef: + description: |- + CertSecretRef specifies the Secret containing + a PEM-encoded CA certificate (in the `ca.crt` key). + + + Note: Support for the `caFile` key has + been deprecated. + properties: + name: + description: Name of the referent. + type: string + required: + - name + type: object + channel: + description: Channel specifies the destination channel where events + should be posted. + maxLength: 2048 + type: string + interval: + description: |- + Interval at which to reconcile the Provider with its Secret references. + Deprecated and not used in v1beta3. + pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$ + type: string + proxy: + description: Proxy the HTTP/S address of the proxy server. + maxLength: 2048 + pattern: ^(http|https)://.*$ + type: string + secretRef: + description: |- + SecretRef specifies the Secret containing the authentication + credentials for this Provider. + properties: + name: + description: Name of the referent. + type: string + required: + - name + type: object + suspend: + description: |- + Suspend tells the controller to suspend subsequent + events handling for this Provider. + type: boolean + timeout: + description: Timeout for sending alerts to the Provider. + pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m))+$ + type: string + type: + description: Type specifies which Provider implementation to use. + enum: + - slack + - discord + - msteams + - rocket + - generic + - generic-hmac + - github + - gitlab + - gitea + - bitbucketserver + - bitbucket + - azuredevops + - googlechat + - googlepubsub + - webex + - sentry + - azureeventhub + - telegram + - lark + - matrix + - opsgenie + - alertmanager + - grafana + - githubdispatch + - pagerduty + - datadog + - nats + type: string + username: + description: Username specifies the name under which events are posted. + maxLength: 2048 + type: string + required: + - type + type: object + type: object + served: true + storage: true + subresources: {} --- apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.12.0 + controller-gen.kubebuilder.io/version: v0.15.0 labels: app.kubernetes.io/component: notification-controller app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v2.1.1 + app.kubernetes.io/version: v2.3.0 name: receivers.notification.toolkit.fluxcd.io spec: group: notification.toolkit.fluxcd.io @@ -6458,12 +11559,19 @@ spec: description: Receiver is the Schema for the receivers API. properties: apiVersion: - description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert - recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string kind: - description: 'Kind is a string value representing the REST resource this object represents. Servers may infer - this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string metadata: type: object @@ -6471,21 +11579,24 @@ spec: description: ReceiverSpec defines the desired state of the Receiver. properties: events: - description: Events specifies the list of event types to handle, e.g. 'push' for GitHub or 'Push Hook' for - GitLab. + description: |- + Events specifies the list of event types to handle, + e.g. 'push' for GitHub or 'Push Hook' for GitLab. items: type: string type: array interval: default: 10m - description: Interval at which to reconcile the Receiver with its Secret references. + description: Interval at which to reconcile the Receiver with its + Secret references. pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$ type: string resources: description: A list of resources to be notified about changes. items: - description: CrossNamespaceObjectReference contains enough information to let you locate the typed referenced - object at cluster level + description: |- + CrossNamespaceObjectReference contains enough information to let you locate the + typed referenced object at cluster level properties: apiVersion: description: API version of the referent @@ -6507,13 +11618,16 @@ spec: matchLabels: additionalProperties: type: string - description: MatchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map - is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and - the values array contains only "value". The requirements are ANDed. MatchLabels requires the name - to be set to `*`. + description: |- + MatchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, whose key field is "key", the + operator is "In", and the values array contains only "value". The requirements are ANDed. + MatchLabels requires the name to be set to `*`. type: object name: - description: Name of the referent If multiple resources are targeted `*` may be set. + description: |- + Name of the referent + If multiple resources are targeted `*` may be set. maxLength: 53 minLength: 1 type: string @@ -6528,7 +11642,9 @@ spec: type: object type: array secretRef: - description: SecretRef specifies the Secret containing the token used to validate the payload authenticity. + description: |- + SecretRef specifies the Secret containing the token used + to validate the payload authenticity. properties: name: description: Name of the referent. @@ -6537,10 +11653,14 @@ spec: - name type: object suspend: - description: Suspend tells the controller to suspend subsequent events handling for this receiver. + description: |- + Suspend tells the controller to suspend subsequent + events handling for this receiver. type: boolean type: - description: Type of webhook sender, used to determine the validation procedure and payload deserialization. + description: |- + Type of webhook sender, used to determine + the validation procedure and payload deserialization. enum: - generic - generic-hmac @@ -6553,6 +11673,7 @@ spec: - gcr - nexus - acr + - cdevents type: string required: - resources @@ -6567,35 +11688,43 @@ spec: conditions: description: Conditions holds the conditions for the Receiver. items: - description: "Condition contains details for one aspect of the current state of this API Resource. --- This - struct is intended for direct use as an array at the field path .status.conditions. For example, \n type - FooStatus struct{ // Represents the observations of a foo's current state. // Known .status.conditions.type - are: \"Available\", \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge // - +listType=map // +listMapKey=type Conditions []metav1.Condition `json:\"conditions,omitempty\" patchStrategy:\"merge\" - patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" + description: "Condition contains details for one aspect of the current + state of this API Resource.\n---\nThis struct is intended for + direct use as an array at the field path .status.conditions. For + example,\n\n\n\ttype FooStatus struct{\n\t // Represents the + observations of a foo's current state.\n\t // Known .status.conditions.type + are: \"Available\", \"Progressing\", and \"Degraded\"\n\t // + +patchMergeKey=type\n\t // +patchStrategy=merge\n\t // +listType=map\n\t + \ // +listMapKey=type\n\t Conditions []metav1.Condition `json:\"conditions,omitempty\" + patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"`\n\n\n\t + \ // other fields\n\t}" properties: lastTransitionTime: - description: lastTransitionTime is the last time the condition transitioned from one status to another. - This should be when the underlying condition changed. If that is not known, then using the time when - the API field changed is acceptable. + description: |- + lastTransitionTime is the last time the condition transitioned from one status to another. + This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. format: date-time type: string message: - description: message is a human readable message indicating details about the transition. This may be - an empty string. + description: |- + message is a human readable message indicating details about the transition. + This may be an empty string. maxLength: 32768 type: string observedGeneration: - description: observedGeneration represents the .metadata.generation that the condition was set based - upon. For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration - is 9, the condition is out of date with respect to the current state of the instance. + description: |- + observedGeneration represents the .metadata.generation that the condition was set based upon. + For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date + with respect to the current state of the instance. format: int64 minimum: 0 type: integer reason: - description: reason contains a programmatic identifier indicating the reason for the condition's last - transition. Producers of specific condition types may define expected values and meanings for this - field, and whether the values are considered a guaranteed API. The value should be a CamelCase string. + description: |- + reason contains a programmatic identifier indicating the reason for the condition's last transition. + Producers of specific condition types may define expected values and meanings for this field, + and whether the values are considered a guaranteed API. + The value should be a CamelCase string. This field may not be empty. maxLength: 1024 minLength: 1 @@ -6609,9 +11738,12 @@ spec: - Unknown type: string type: - description: type of condition in CamelCase or in foo.example.com/CamelCase. --- Many .condition.type - values are consistent across resources like Available, but because arbitrary conditions can be useful - (see .node.status.conditions), the ability to deconflict is important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + description: |- + type of condition in CamelCase or in foo.example.com/CamelCase. + --- + Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be + useful (see .node.status.conditions), the ability to deconflict is important. + The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) maxLength: 316 pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ type: string @@ -6624,15 +11756,20 @@ spec: type: object type: array lastHandledReconcileAt: - description: LastHandledReconcileAt holds the value of the most recent reconcile request value, so a change - of the annotation value can be detected. + description: |- + LastHandledReconcileAt holds the value of the most recent + reconcile request value, so a change of the annotation value + can be detected. type: string observedGeneration: - description: ObservedGeneration is the last observed generation of the Receiver object. + description: ObservedGeneration is the last observed generation of + the Receiver object. format: int64 type: integer webhookPath: - description: WebhookPath is the generated incoming webhook address in the format of '/hook/sha256sum(token+name+namespace)'. + description: |- + WebhookPath is the generated incoming webhook address in the format + of '/hook/sha256sum(token+name+namespace)'. type: string type: object type: object @@ -6658,12 +11795,19 @@ spec: description: Receiver is the Schema for the receivers API properties: apiVersion: - description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert - recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string kind: - description: 'Kind is a string value representing the REST resource this object represents. Servers may infer - this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string metadata: type: object @@ -6671,15 +11815,18 @@ spec: description: ReceiverSpec defines the desired state of Receiver properties: events: - description: A list of events to handle, e.g. 'push' for GitHub or 'Push Hook' for GitLab. + description: |- + A list of events to handle, + e.g. 'push' for GitHub or 'Push Hook' for GitLab. items: type: string type: array resources: description: A list of resources to be notified about changes. items: - description: CrossNamespaceObjectReference contains enough information to let you locate the typed referenced - object at cluster level + description: |- + CrossNamespaceObjectReference contains enough information to let you locate the + typed referenced object at cluster level properties: apiVersion: description: API version of the referent @@ -6701,9 +11848,10 @@ spec: matchLabels: additionalProperties: type: string - description: MatchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map - is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and - the values array contains only "value". The requirements are ANDed. + description: |- + MatchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, whose key field is "key", the + operator is "In", and the values array contains only "value". The requirements are ANDed. type: object name: description: Name of the referent @@ -6720,7 +11868,9 @@ spec: type: object type: array secretRef: - description: Secret reference containing the token used to validate the payload authenticity + description: |- + Secret reference containing the token used + to validate the payload authenticity properties: name: description: Name of the referent. @@ -6729,10 +11879,14 @@ spec: - name type: object suspend: - description: This flag tells the controller to suspend subsequent events handling. Defaults to false. + description: |- + This flag tells the controller to suspend subsequent events handling. + Defaults to false. type: boolean type: - description: Type of webhook sender, used to determine the validation procedure and payload deserialization. + description: |- + Type of webhook sender, used to determine + the validation procedure and payload deserialization. enum: - generic - generic-hmac @@ -6757,35 +11911,43 @@ spec: properties: conditions: items: - description: "Condition contains details for one aspect of the current state of this API Resource. --- This - struct is intended for direct use as an array at the field path .status.conditions. For example, \n type - FooStatus struct{ // Represents the observations of a foo's current state. // Known .status.conditions.type - are: \"Available\", \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge // - +listType=map // +listMapKey=type Conditions []metav1.Condition `json:\"conditions,omitempty\" patchStrategy:\"merge\" - patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" + description: "Condition contains details for one aspect of the current + state of this API Resource.\n---\nThis struct is intended for + direct use as an array at the field path .status.conditions. For + example,\n\n\n\ttype FooStatus struct{\n\t // Represents the + observations of a foo's current state.\n\t // Known .status.conditions.type + are: \"Available\", \"Progressing\", and \"Degraded\"\n\t // + +patchMergeKey=type\n\t // +patchStrategy=merge\n\t // +listType=map\n\t + \ // +listMapKey=type\n\t Conditions []metav1.Condition `json:\"conditions,omitempty\" + patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"`\n\n\n\t + \ // other fields\n\t}" properties: lastTransitionTime: - description: lastTransitionTime is the last time the condition transitioned from one status to another. - This should be when the underlying condition changed. If that is not known, then using the time when - the API field changed is acceptable. + description: |- + lastTransitionTime is the last time the condition transitioned from one status to another. + This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. format: date-time type: string message: - description: message is a human readable message indicating details about the transition. This may be - an empty string. + description: |- + message is a human readable message indicating details about the transition. + This may be an empty string. maxLength: 32768 type: string observedGeneration: - description: observedGeneration represents the .metadata.generation that the condition was set based - upon. For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration - is 9, the condition is out of date with respect to the current state of the instance. + description: |- + observedGeneration represents the .metadata.generation that the condition was set based upon. + For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date + with respect to the current state of the instance. format: int64 minimum: 0 type: integer reason: - description: reason contains a programmatic identifier indicating the reason for the condition's last - transition. Producers of specific condition types may define expected values and meanings for this - field, and whether the values are considered a guaranteed API. The value should be a CamelCase string. + description: |- + reason contains a programmatic identifier indicating the reason for the condition's last transition. + Producers of specific condition types may define expected values and meanings for this field, + and whether the values are considered a guaranteed API. + The value should be a CamelCase string. This field may not be empty. maxLength: 1024 minLength: 1 @@ -6799,9 +11961,12 @@ spec: - Unknown type: string type: - description: type of condition in CamelCase or in foo.example.com/CamelCase. --- Many .condition.type - values are consistent across resources like Available, but because arbitrary conditions can be useful - (see .node.status.conditions), the ability to deconflict is important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + description: |- + type of condition in CamelCase or in foo.example.com/CamelCase. + --- + Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be + useful (see .node.status.conditions), the ability to deconflict is important. + The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) maxLength: 316 pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ type: string @@ -6818,7 +11983,9 @@ spec: format: int64 type: integer url: - description: Generated webhook URL in the format of '/hook/sha256sum(token+name+namespace)'. + description: |- + Generated webhook URL in the format + of '/hook/sha256sum(token+name+namespace)'. type: string type: object type: object @@ -6844,12 +12011,19 @@ spec: description: Receiver is the Schema for the receivers API. properties: apiVersion: - description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert - recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string kind: - description: 'Kind is a string value representing the REST resource this object represents. Servers may infer - this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string metadata: type: object @@ -6857,20 +12031,23 @@ spec: description: ReceiverSpec defines the desired state of the Receiver. properties: events: - description: Events specifies the list of event types to handle, e.g. 'push' for GitHub or 'Push Hook' for - GitLab. + description: |- + Events specifies the list of event types to handle, + e.g. 'push' for GitHub or 'Push Hook' for GitLab. items: type: string type: array interval: - description: Interval at which to reconcile the Receiver with its Secret references. + description: Interval at which to reconcile the Receiver with its + Secret references. pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$ type: string resources: description: A list of resources to be notified about changes. items: - description: CrossNamespaceObjectReference contains enough information to let you locate the typed referenced - object at cluster level + description: |- + CrossNamespaceObjectReference contains enough information to let you locate the + typed referenced object at cluster level properties: apiVersion: description: API version of the referent @@ -6892,13 +12069,16 @@ spec: matchLabels: additionalProperties: type: string - description: MatchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map - is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and - the values array contains only "value". The requirements are ANDed. MatchLabels requires the name - to be set to `*`. + description: |- + MatchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, whose key field is "key", the + operator is "In", and the values array contains only "value". The requirements are ANDed. + MatchLabels requires the name to be set to `*`. type: object name: - description: Name of the referent If multiple resources are targeted `*` may be set. + description: |- + Name of the referent + If multiple resources are targeted `*` may be set. maxLength: 53 minLength: 1 type: string @@ -6913,7 +12093,9 @@ spec: type: object type: array secretRef: - description: SecretRef specifies the Secret containing the token used to validate the payload authenticity. + description: |- + SecretRef specifies the Secret containing the token used + to validate the payload authenticity. properties: name: description: Name of the referent. @@ -6922,10 +12104,14 @@ spec: - name type: object suspend: - description: Suspend tells the controller to suspend subsequent events handling for this receiver. + description: |- + Suspend tells the controller to suspend subsequent + events handling for this receiver. type: boolean type: - description: Type of webhook sender, used to determine the validation procedure and payload deserialization. + description: |- + Type of webhook sender, used to determine + the validation procedure and payload deserialization. enum: - generic - generic-hmac @@ -6951,35 +12137,43 @@ spec: conditions: description: Conditions holds the conditions for the Receiver. items: - description: "Condition contains details for one aspect of the current state of this API Resource. --- This - struct is intended for direct use as an array at the field path .status.conditions. For example, \n type - FooStatus struct{ // Represents the observations of a foo's current state. // Known .status.conditions.type - are: \"Available\", \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge // - +listType=map // +listMapKey=type Conditions []metav1.Condition `json:\"conditions,omitempty\" patchStrategy:\"merge\" - patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" + description: "Condition contains details for one aspect of the current + state of this API Resource.\n---\nThis struct is intended for + direct use as an array at the field path .status.conditions. For + example,\n\n\n\ttype FooStatus struct{\n\t // Represents the + observations of a foo's current state.\n\t // Known .status.conditions.type + are: \"Available\", \"Progressing\", and \"Degraded\"\n\t // + +patchMergeKey=type\n\t // +patchStrategy=merge\n\t // +listType=map\n\t + \ // +listMapKey=type\n\t Conditions []metav1.Condition `json:\"conditions,omitempty\" + patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"`\n\n\n\t + \ // other fields\n\t}" properties: lastTransitionTime: - description: lastTransitionTime is the last time the condition transitioned from one status to another. - This should be when the underlying condition changed. If that is not known, then using the time when - the API field changed is acceptable. + description: |- + lastTransitionTime is the last time the condition transitioned from one status to another. + This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. format: date-time type: string message: - description: message is a human readable message indicating details about the transition. This may be - an empty string. + description: |- + message is a human readable message indicating details about the transition. + This may be an empty string. maxLength: 32768 type: string observedGeneration: - description: observedGeneration represents the .metadata.generation that the condition was set based - upon. For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration - is 9, the condition is out of date with respect to the current state of the instance. + description: |- + observedGeneration represents the .metadata.generation that the condition was set based upon. + For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date + with respect to the current state of the instance. format: int64 minimum: 0 type: integer reason: - description: reason contains a programmatic identifier indicating the reason for the condition's last - transition. Producers of specific condition types may define expected values and meanings for this - field, and whether the values are considered a guaranteed API. The value should be a CamelCase string. + description: |- + reason contains a programmatic identifier indicating the reason for the condition's last transition. + Producers of specific condition types may define expected values and meanings for this field, + and whether the values are considered a guaranteed API. + The value should be a CamelCase string. This field may not be empty. maxLength: 1024 minLength: 1 @@ -6993,9 +12187,12 @@ spec: - Unknown type: string type: - description: type of condition in CamelCase or in foo.example.com/CamelCase. --- Many .condition.type - values are consistent across resources like Available, but because arbitrary conditions can be useful - (see .node.status.conditions), the ability to deconflict is important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + description: |- + type of condition in CamelCase or in foo.example.com/CamelCase. + --- + Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be + useful (see .node.status.conditions), the ability to deconflict is important. + The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) maxLength: 316 pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ type: string @@ -7008,19 +12205,26 @@ spec: type: object type: array lastHandledReconcileAt: - description: LastHandledReconcileAt holds the value of the most recent reconcile request value, so a change - of the annotation value can be detected. + description: |- + LastHandledReconcileAt holds the value of the most recent + reconcile request value, so a change of the annotation value + can be detected. type: string observedGeneration: - description: ObservedGeneration is the last observed generation of the Receiver object. + description: ObservedGeneration is the last observed generation of + the Receiver object. format: int64 type: integer url: - description: 'URL is the generated incoming webhook address in the format of ''/hook/sha256sum(token+name+namespace)''. - Deprecated: Replaced by WebhookPath.' + description: |- + URL is the generated incoming webhook address in the format + of '/hook/sha256sum(token+name+namespace)'. + Deprecated: Replaced by WebhookPath. type: string webhookPath: - description: WebhookPath is the generated incoming webhook address in the format of '/hook/sha256sum(token+name+namespace)'. + description: |- + WebhookPath is the generated incoming webhook address in the format + of '/hook/sha256sum(token+name+namespace)'. type: string type: object type: object @@ -7036,7 +12240,7 @@ metadata: app.kubernetes.io/component: notification-controller app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v2.1.1 + app.kubernetes.io/version: v2.3.0 name: notification-controller namespace: flux-system --- @@ -7047,7 +12251,7 @@ metadata: app.kubernetes.io/component: notification-controller app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v2.1.1 + app.kubernetes.io/version: v2.3.0 control-plane: controller name: notification-controller namespace: flux-system @@ -7068,7 +12272,7 @@ metadata: app.kubernetes.io/component: notification-controller app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v2.1.1 + app.kubernetes.io/version: v2.3.0 control-plane: controller name: webhook-receiver namespace: flux-system @@ -7089,7 +12293,7 @@ metadata: app.kubernetes.io/component: notification-controller app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v2.1.1 + app.kubernetes.io/version: v2.3.0 control-plane: controller name: notification-controller namespace: flux-system @@ -7117,7 +12321,17 @@ spec: valueFrom: fieldRef: fieldPath: metadata.namespace - image: ghcr.io/fluxcd/notification-controller:v1.1.0 + - name: GOMAXPROCS + valueFrom: + resourceFieldRef: + containerName: manager + resource: limits.cpu + - name: GOMEMLIMIT + valueFrom: + resourceFieldRef: + containerName: manager + resource: limits.memory + image: ghcr.io/fluxcd/notification-controller:v1.3.0 imagePullPolicy: IfNotPresent livenessProbe: httpGet: diff --git a/gitops/fluxcd/clusters/kind/local/flux-system/gotk-components.yaml b/gitops/fluxcd/clusters/kind/local/flux-system/gotk-components.yaml index 0c12f6afe8..8fd99ab9db 100644 --- a/gitops/fluxcd/clusters/kind/local/flux-system/gotk-components.yaml +++ b/gitops/fluxcd/clusters/kind/local/flux-system/gotk-components.yaml @@ -1,22 +1,6 @@ --- -# Copyright (C) Nicolas Lamirault -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -# SPDX-License-Identifier: Apache-2.0 - # This manifest was generated by flux. DO NOT EDIT. -# Flux Version: v2.1.1 +# Flux Version: v2.3.0 # Components: source-controller,kustomize-controller,helm-controller,notification-controller apiVersion: v1 kind: Namespace @@ -24,7 +8,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v2.1.1 + app.kubernetes.io/version: v2.3.0 pod-security.kubernetes.io/warn: restricted pod-security.kubernetes.io/warn-version: latest name: flux-system @@ -35,7 +19,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v2.1.1 + app.kubernetes.io/version: v2.3.0 name: allow-egress namespace: flux-system spec: @@ -55,7 +39,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v2.1.1 + app.kubernetes.io/version: v2.3.0 name: allow-scraping namespace: flux-system spec: @@ -75,7 +59,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v2.1.1 + app.kubernetes.io/version: v2.3.0 name: allow-webhooks namespace: flux-system spec: @@ -94,7 +78,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v2.1.1 + app.kubernetes.io/version: v2.3.0 name: critical-pods-flux-system namespace: flux-system spec: @@ -114,7 +98,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v2.1.1 + app.kubernetes.io/version: v2.3.0 name: crd-controller-flux-system rules: - apiGroups: @@ -197,6 +181,10 @@ rules: - update - patch - delete +- nonResourceURLs: + - /livez/ping + verbs: + - head --- apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRole @@ -204,7 +192,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v2.1.1 + app.kubernetes.io/version: v2.3.0 rbac.authorization.k8s.io/aggregate-to-admin: "true" rbac.authorization.k8s.io/aggregate-to-edit: "true" name: flux-edit-flux-system @@ -230,7 +218,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v2.1.1 + app.kubernetes.io/version: v2.3.0 rbac.authorization.k8s.io/aggregate-to-admin: "true" rbac.authorization.k8s.io/aggregate-to-edit: "true" rbac.authorization.k8s.io/aggregate-to-view: "true" @@ -255,7 +243,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v2.1.1 + app.kubernetes.io/version: v2.3.0 name: cluster-reconciler-flux-system roleRef: apiGroup: rbac.authorization.k8s.io @@ -275,7 +263,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v2.1.1 + app.kubernetes.io/version: v2.3.0 name: crd-controller-flux-system roleRef: apiGroup: rbac.authorization.k8s.io @@ -305,12 +293,12 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.12.0 + controller-gen.kubebuilder.io/version: v0.15.0 labels: app.kubernetes.io/component: source-controller app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v2.1.1 + app.kubernetes.io/version: v2.3.0 name: buckets.source.toolkit.fluxcd.io spec: group: source.toolkit.fluxcd.io @@ -334,40 +322,54 @@ spec: - jsonPath: .metadata.creationTimestamp name: Age type: date + deprecated: true + deprecationWarning: v1beta1 Bucket is deprecated, upgrade to v1beta2 name: v1beta1 schema: openAPIV3Schema: description: Bucket is the Schema for the buckets API properties: apiVersion: - description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert - recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string kind: - description: 'Kind is a string value representing the REST resource this object represents. Servers may infer - this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string metadata: type: object spec: - description: BucketSpec defines the desired state of an S3 compatible bucket + description: BucketSpec defines the desired state of an S3 compatible + bucket properties: accessFrom: - description: AccessFrom defines an Access Control List for allowing cross-namespace references to this object. + description: AccessFrom defines an Access Control List for allowing + cross-namespace references to this object. properties: namespaceSelectors: - description: NamespaceSelectors is the list of namespace selectors to which this ACL applies. Items in - this list are evaluated using a logical OR operation. + description: |- + NamespaceSelectors is the list of namespace selectors to which this ACL applies. + Items in this list are evaluated using a logical OR operation. items: - description: NamespaceSelector selects the namespaces to which this ACL applies. An empty map of MatchLabels - matches all namespaces in a cluster. + description: |- + NamespaceSelector selects the namespaces to which this ACL applies. + An empty map of MatchLabels matches all namespaces in a cluster. properties: matchLabels: additionalProperties: type: string - description: MatchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels - map is equivalent to an element of matchExpressions, whose key field is "key", the operator is - "In", and the values array contains only "value". The requirements are ANDed. + description: |- + MatchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, whose key field is "key", the + operator is "In", and the values array contains only "value". The requirements are ANDed. type: object type: object type: array @@ -381,9 +383,10 @@ spec: description: The bucket endpoint address. type: string ignore: - description: Ignore overrides the set of excluded patterns in the .sourceignore format (which is the same - as .gitignore). If not provided, a default will be used, consult the documentation for your version to find - out what those are. + description: |- + Ignore overrides the set of excluded patterns in the .sourceignore format + (which is the same as .gitignore). If not provided, a default will be used, + consult the documentation for your version to find out what those are. type: string insecure: description: Insecure allows connecting to a non-TLS S3 HTTP endpoint. @@ -403,7 +406,9 @@ spec: description: The bucket region. type: string secretRef: - description: The name of the secret containing authentication credentials for the Bucket. + description: |- + The name of the secret containing authentication credentials + for the Bucket. properties: name: description: Name of the referent. @@ -412,7 +417,8 @@ spec: - name type: object suspend: - description: This flag tells the controller to suspend the reconciliation of this source. + description: This flag tells the controller to suspend the reconciliation + of this source. type: boolean timeout: default: 60s @@ -429,21 +435,26 @@ spec: description: BucketStatus defines the observed state of a bucket properties: artifact: - description: Artifact represents the output of the last successful Bucket sync. + description: Artifact represents the output of the last successful + Bucket sync. properties: checksum: description: Checksum is the SHA256 checksum of the artifact. type: string lastUpdateTime: - description: LastUpdateTime is the timestamp corresponding to the last update of this artifact. + description: |- + LastUpdateTime is the timestamp corresponding to the last update of this + artifact. format: date-time type: string path: description: Path is the relative file path of this artifact. type: string revision: - description: Revision is a human readable identifier traceable in the origin source system. It can be - a Git commit SHA, Git tag, a Helm index timestamp, a Helm chart version, etc. + description: |- + Revision is a human readable identifier traceable in the origin source + system. It can be a Git commit SHA, Git tag, a Helm index timestamp, a Helm + chart version, etc. type: string url: description: URL is the HTTP address of this artifact. @@ -455,35 +466,43 @@ spec: conditions: description: Conditions holds the conditions for the Bucket. items: - description: "Condition contains details for one aspect of the current state of this API Resource. --- This - struct is intended for direct use as an array at the field path .status.conditions. For example, \n type - FooStatus struct{ // Represents the observations of a foo's current state. // Known .status.conditions.type - are: \"Available\", \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge // - +listType=map // +listMapKey=type Conditions []metav1.Condition `json:\"conditions,omitempty\" patchStrategy:\"merge\" - patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" + description: "Condition contains details for one aspect of the current + state of this API Resource.\n---\nThis struct is intended for + direct use as an array at the field path .status.conditions. For + example,\n\n\n\ttype FooStatus struct{\n\t // Represents the + observations of a foo's current state.\n\t // Known .status.conditions.type + are: \"Available\", \"Progressing\", and \"Degraded\"\n\t // + +patchMergeKey=type\n\t // +patchStrategy=merge\n\t // +listType=map\n\t + \ // +listMapKey=type\n\t Conditions []metav1.Condition `json:\"conditions,omitempty\" + patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"`\n\n\n\t + \ // other fields\n\t}" properties: lastTransitionTime: - description: lastTransitionTime is the last time the condition transitioned from one status to another. - This should be when the underlying condition changed. If that is not known, then using the time when - the API field changed is acceptable. + description: |- + lastTransitionTime is the last time the condition transitioned from one status to another. + This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. format: date-time type: string message: - description: message is a human readable message indicating details about the transition. This may be - an empty string. + description: |- + message is a human readable message indicating details about the transition. + This may be an empty string. maxLength: 32768 type: string observedGeneration: - description: observedGeneration represents the .metadata.generation that the condition was set based - upon. For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration - is 9, the condition is out of date with respect to the current state of the instance. + description: |- + observedGeneration represents the .metadata.generation that the condition was set based upon. + For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date + with respect to the current state of the instance. format: int64 minimum: 0 type: integer reason: - description: reason contains a programmatic identifier indicating the reason for the condition's last - transition. Producers of specific condition types may define expected values and meanings for this - field, and whether the values are considered a guaranteed API. The value should be a CamelCase string. + description: |- + reason contains a programmatic identifier indicating the reason for the condition's last transition. + Producers of specific condition types may define expected values and meanings for this field, + and whether the values are considered a guaranteed API. + The value should be a CamelCase string. This field may not be empty. maxLength: 1024 minLength: 1 @@ -497,9 +516,12 @@ spec: - Unknown type: string type: - description: type of condition in CamelCase or in foo.example.com/CamelCase. --- Many .condition.type - values are consistent across resources like Available, but because arbitrary conditions can be useful - (see .node.status.conditions), the ability to deconflict is important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + description: |- + type of condition in CamelCase or in foo.example.com/CamelCase. + --- + Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be + useful (see .node.status.conditions), the ability to deconflict is important. + The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) maxLength: 316 pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ type: string @@ -512,15 +534,18 @@ spec: type: object type: array lastHandledReconcileAt: - description: LastHandledReconcileAt holds the value of the most recent reconcile request value, so a change - of the annotation value can be detected. + description: |- + LastHandledReconcileAt holds the value of the most recent + reconcile request value, so a change of the annotation value + can be detected. type: string observedGeneration: description: ObservedGeneration is the last observed generation. format: int64 type: integer url: - description: URL is the download link for the artifact output of the last Bucket sync. + description: URL is the download link for the artifact output of the + last Bucket sync. type: string type: object type: object @@ -547,35 +572,49 @@ spec: description: Bucket is the Schema for the buckets API. properties: apiVersion: - description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert - recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string kind: - description: 'Kind is a string value representing the REST resource this object represents. Servers may infer - this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string metadata: type: object spec: - description: BucketSpec specifies the required configuration to produce an Artifact for an object storage bucket. + description: |- + BucketSpec specifies the required configuration to produce an Artifact for + an object storage bucket. properties: accessFrom: - description: 'AccessFrom specifies an Access Control List for allowing cross-namespace references to this - object. NOTE: Not implemented, provisional as of https://github.com/fluxcd/flux2/pull/2092' + description: |- + AccessFrom specifies an Access Control List for allowing cross-namespace + references to this object. + NOTE: Not implemented, provisional as of https://github.com/fluxcd/flux2/pull/2092 properties: namespaceSelectors: - description: NamespaceSelectors is the list of namespace selectors to which this ACL applies. Items in - this list are evaluated using a logical OR operation. + description: |- + NamespaceSelectors is the list of namespace selectors to which this ACL applies. + Items in this list are evaluated using a logical OR operation. items: - description: NamespaceSelector selects the namespaces to which this ACL applies. An empty map of MatchLabels - matches all namespaces in a cluster. + description: |- + NamespaceSelector selects the namespaces to which this ACL applies. + An empty map of MatchLabels matches all namespaces in a cluster. properties: matchLabels: additionalProperties: type: string - description: MatchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels - map is equivalent to an element of matchExpressions, whose key field is "key", the operator is - "In", and the values array contains only "value". The requirements are ANDed. + description: |- + MatchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, whose key field is "key", the + operator is "In", and the values array contains only "value". The requirements are ANDed. type: object type: object type: array @@ -586,25 +625,35 @@ spec: description: BucketName is the name of the object storage bucket. type: string endpoint: - description: Endpoint is the object storage address the BucketName is located at. + description: Endpoint is the object storage address the BucketName + is located at. type: string ignore: - description: Ignore overrides the set of excluded patterns in the .sourceignore format (which is the same - as .gitignore). If not provided, a default will be used, consult the documentation for your version to find - out what those are. + description: |- + Ignore overrides the set of excluded patterns in the .sourceignore format + (which is the same as .gitignore). If not provided, a default will be used, + consult the documentation for your version to find out what those are. type: string insecure: description: Insecure allows connecting to a non-TLS HTTP Endpoint. type: boolean interval: - description: Interval at which the Bucket Endpoint is checked for updates. This interval is approximate and - may be subject to jitter to ensure efficient use of resources. + description: |- + Interval at which the Bucket Endpoint is checked for updates. + This interval is approximate and may be subject to jitter to ensure + efficient use of resources. pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$ type: string + prefix: + description: Prefix to use for server-side filtering of files in the + Bucket. + type: string provider: default: generic - description: Provider of the object storage bucket. Defaults to 'generic', which expects an S3 (API) compatible - object storage. + description: |- + Provider of the object storage bucket. + Defaults to 'generic', which expects an S3 (API) compatible object + storage. enum: - generic - aws @@ -612,10 +661,13 @@ spec: - azure type: string region: - description: Region of the Endpoint where the BucketName is located in. + description: Region of the Endpoint where the BucketName is located + in. type: string secretRef: - description: SecretRef specifies the Secret containing authentication credentials for the Bucket. + description: |- + SecretRef specifies the Secret containing authentication credentials + for the Bucket. properties: name: description: Name of the referent. @@ -624,7 +676,9 @@ spec: - name type: object suspend: - description: Suspend tells the controller to suspend the reconciliation of this Bucket. + description: |- + Suspend tells the controller to suspend the reconciliation of this + Bucket. type: boolean timeout: default: 60s @@ -649,7 +703,9 @@ spec: pattern: ^[a-z0-9]+(?:[.+_-][a-z0-9]+)*:[a-zA-Z0-9=_-]+$ type: string lastUpdateTime: - description: LastUpdateTime is the timestamp corresponding to the last update of the Artifact. + description: |- + LastUpdateTime is the timestamp corresponding to the last update of the + Artifact. format: date-time type: string metadata: @@ -658,21 +714,25 @@ spec: description: Metadata holds upstream information such as OCI annotations. type: object path: - description: Path is the relative file path of the Artifact. It can be used to locate the file in the - root of the Artifact storage on the local file system of the controller managing the Source. + description: |- + Path is the relative file path of the Artifact. It can be used to locate + the file in the root of the Artifact storage on the local file system of + the controller managing the Source. type: string revision: - description: Revision is a human-readable identifier traceable in the origin source system. It can be - a Git commit SHA, Git tag, a Helm chart version, etc. + description: |- + Revision is a human-readable identifier traceable in the origin source + system. It can be a Git commit SHA, Git tag, a Helm chart version, etc. type: string size: description: Size is the number of bytes in the file. format: int64 type: integer url: - description: URL is the HTTP address of the Artifact as exposed by the controller managing the Source. - It can be used to retrieve the Artifact for consumption, e.g. by another controller applying the Artifact - contents. + description: |- + URL is the HTTP address of the Artifact as exposed by the controller + managing the Source. It can be used to retrieve the Artifact for + consumption, e.g. by another controller applying the Artifact contents. type: string required: - lastUpdateTime @@ -683,35 +743,43 @@ spec: conditions: description: Conditions holds the conditions for the Bucket. items: - description: "Condition contains details for one aspect of the current state of this API Resource. --- This - struct is intended for direct use as an array at the field path .status.conditions. For example, \n type - FooStatus struct{ // Represents the observations of a foo's current state. // Known .status.conditions.type - are: \"Available\", \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge // - +listType=map // +listMapKey=type Conditions []metav1.Condition `json:\"conditions,omitempty\" patchStrategy:\"merge\" - patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" + description: "Condition contains details for one aspect of the current + state of this API Resource.\n---\nThis struct is intended for + direct use as an array at the field path .status.conditions. For + example,\n\n\n\ttype FooStatus struct{\n\t // Represents the + observations of a foo's current state.\n\t // Known .status.conditions.type + are: \"Available\", \"Progressing\", and \"Degraded\"\n\t // + +patchMergeKey=type\n\t // +patchStrategy=merge\n\t // +listType=map\n\t + \ // +listMapKey=type\n\t Conditions []metav1.Condition `json:\"conditions,omitempty\" + patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"`\n\n\n\t + \ // other fields\n\t}" properties: lastTransitionTime: - description: lastTransitionTime is the last time the condition transitioned from one status to another. - This should be when the underlying condition changed. If that is not known, then using the time when - the API field changed is acceptable. + description: |- + lastTransitionTime is the last time the condition transitioned from one status to another. + This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. format: date-time type: string message: - description: message is a human readable message indicating details about the transition. This may be - an empty string. + description: |- + message is a human readable message indicating details about the transition. + This may be an empty string. maxLength: 32768 type: string observedGeneration: - description: observedGeneration represents the .metadata.generation that the condition was set based - upon. For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration - is 9, the condition is out of date with respect to the current state of the instance. + description: |- + observedGeneration represents the .metadata.generation that the condition was set based upon. + For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date + with respect to the current state of the instance. format: int64 minimum: 0 type: integer reason: - description: reason contains a programmatic identifier indicating the reason for the condition's last - transition. Producers of specific condition types may define expected values and meanings for this - field, and whether the values are considered a guaranteed API. The value should be a CamelCase string. + description: |- + reason contains a programmatic identifier indicating the reason for the condition's last transition. + Producers of specific condition types may define expected values and meanings for this field, + and whether the values are considered a guaranteed API. + The value should be a CamelCase string. This field may not be empty. maxLength: 1024 minLength: 1 @@ -725,9 +793,12 @@ spec: - Unknown type: string type: - description: type of condition in CamelCase or in foo.example.com/CamelCase. --- Many .condition.type - values are consistent across resources like Available, but because arbitrary conditions can be useful - (see .node.status.conditions), the ability to deconflict is important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + description: |- + type of condition in CamelCase or in foo.example.com/CamelCase. + --- + Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be + useful (see .node.status.conditions), the ability to deconflict is important. + The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) maxLength: 316 pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ type: string @@ -740,19 +811,26 @@ spec: type: object type: array lastHandledReconcileAt: - description: LastHandledReconcileAt holds the value of the most recent reconcile request value, so a change - of the annotation value can be detected. + description: |- + LastHandledReconcileAt holds the value of the most recent + reconcile request value, so a change of the annotation value + can be detected. type: string observedGeneration: - description: ObservedGeneration is the last observed generation of the Bucket object. + description: ObservedGeneration is the last observed generation of + the Bucket object. format: int64 type: integer observedIgnore: - description: ObservedIgnore is the observed exclusion patterns used for constructing the source artifact. + description: |- + ObservedIgnore is the observed exclusion patterns used for constructing + the source artifact. type: string url: - description: URL is the dynamic fetch link for the latest Artifact. It is provided on a "best effort" basis, - and using the precise BucketStatus.Artifact data is recommended. + description: |- + URL is the dynamic fetch link for the latest Artifact. + It is provided on a "best effort" basis, and using the precise + BucketStatus.Artifact data is recommended. type: string type: object type: object @@ -765,12 +843,12 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.12.0 + controller-gen.kubebuilder.io/version: v0.15.0 labels: app.kubernetes.io/component: source-controller app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v2.1.1 + app.kubernetes.io/version: v2.3.0 name: gitrepositories.source.toolkit.fluxcd.io spec: group: source.toolkit.fluxcd.io @@ -802,35 +880,51 @@ spec: description: GitRepository is the Schema for the gitrepositories API. properties: apiVersion: - description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert - recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string kind: - description: 'Kind is a string value representing the REST resource this object represents. Servers may infer - this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string metadata: type: object spec: - description: GitRepositorySpec specifies the required configuration to produce an Artifact for a Git repository. + description: |- + GitRepositorySpec specifies the required configuration to produce an + Artifact for a Git repository. properties: ignore: - description: Ignore overrides the set of excluded patterns in the .sourceignore format (which is the same - as .gitignore). If not provided, a default will be used, consult the documentation for your version to find - out what those are. + description: |- + Ignore overrides the set of excluded patterns in the .sourceignore format + (which is the same as .gitignore). If not provided, a default will be used, + consult the documentation for your version to find out what those are. type: string include: - description: Include specifies a list of GitRepository resources which Artifacts should be included in the - Artifact produced for this GitRepository. + description: |- + Include specifies a list of GitRepository resources which Artifacts + should be included in the Artifact produced for this GitRepository. items: - description: GitRepositoryInclude specifies a local reference to a GitRepository which Artifact (sub-)contents - must be included, and where they should be placed. + description: |- + GitRepositoryInclude specifies a local reference to a GitRepository which + Artifact (sub-)contents must be included, and where they should be placed. properties: fromPath: - description: FromPath specifies the path to copy contents from, defaults to the root of the Artifact. + description: |- + FromPath specifies the path to copy contents from, defaults to the root + of the Artifact. type: string repository: - description: GitRepositoryRef specifies the GitRepository which Artifact contents must be included. + description: |- + GitRepositoryRef specifies the GitRepository which Artifact contents + must be included. properties: name: description: Name of the referent. @@ -839,20 +933,25 @@ spec: - name type: object toPath: - description: ToPath specifies the path to copy contents to, defaults to the name of the GitRepositoryRef. + description: |- + ToPath specifies the path to copy contents to, defaults to the name of + the GitRepositoryRef. type: string required: - repository type: object type: array interval: - description: Interval at which the GitRepository URL is checked for updates. This interval is approximate - and may be subject to jitter to ensure efficient use of resources. + description: |- + Interval at which the GitRepository URL is checked for updates. + This interval is approximate and may be subject to jitter to ensure + efficient use of resources. pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$ type: string proxySecretRef: - description: ProxySecretRef specifies the Secret containing the proxy configuration to use while communicating - with the Git server. + description: |- + ProxySecretRef specifies the Secret containing the proxy configuration + to use while communicating with the Git server. properties: name: description: Name of the referent. @@ -861,36 +960,51 @@ spec: - name type: object recurseSubmodules: - description: RecurseSubmodules enables the initialization of all submodules within the GitRepository as cloned - from the URL, using their default settings. + description: |- + RecurseSubmodules enables the initialization of all submodules within + the GitRepository as cloned from the URL, using their default settings. type: boolean ref: - description: Reference specifies the Git reference to resolve and monitor for changes, defaults to the 'master' - branch. + description: |- + Reference specifies the Git reference to resolve and monitor for + changes, defaults to the 'master' branch. properties: branch: - description: Branch to check out, defaults to 'master' if no other field is defined. + description: Branch to check out, defaults to 'master' if no other + field is defined. type: string commit: - description: "Commit SHA to check out, takes precedence over all reference fields. \n This can be combined - with Branch to shallow clone the branch, in which the commit is expected to exist." + description: |- + Commit SHA to check out, takes precedence over all reference fields. + + + This can be combined with Branch to shallow clone the branch, in which + the commit is expected to exist. type: string name: - description: "Name of the reference to check out; takes precedence over Branch, Tag and SemVer. \n It - must be a valid Git reference: https://git-scm.com/docs/git-check-ref-format#_description Examples: - \"refs/heads/main\", \"refs/tags/v0.1.0\", \"refs/pull/420/head\", \"refs/merge-requests/1/head\"" + description: |- + Name of the reference to check out; takes precedence over Branch, Tag and SemVer. + + + It must be a valid Git reference: https://git-scm.com/docs/git-check-ref-format#_description + Examples: "refs/heads/main", "refs/tags/v0.1.0", "refs/pull/420/head", "refs/merge-requests/1/head" type: string semver: - description: SemVer tag expression to check out, takes precedence over Tag. + description: SemVer tag expression to check out, takes precedence + over Tag. type: string tag: description: Tag to check out, takes precedence over Branch. type: string type: object secretRef: - description: SecretRef specifies the Secret containing authentication credentials for the GitRepository. For - HTTPS repositories the Secret must contain 'username' and 'password' fields for basic auth or 'bearerToken' - field for token auth. For SSH repositories the Secret must contain 'identity' and 'known_hosts' fields. + description: |- + SecretRef specifies the Secret containing authentication credentials for + the GitRepository. + For HTTPS repositories the Secret must contain 'username' and 'password' + fields for basic auth or 'bearerToken' field for token auth. + For SSH repositories the Secret must contain 'identity' + and 'known_hosts' fields. properties: name: description: Name of the referent. @@ -899,25 +1013,35 @@ spec: - name type: object suspend: - description: Suspend tells the controller to suspend the reconciliation of this GitRepository. + description: |- + Suspend tells the controller to suspend the reconciliation of this + GitRepository. type: boolean timeout: default: 60s - description: Timeout for Git operations like cloning, defaults to 60s. + description: Timeout for Git operations like cloning, defaults to + 60s. pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m))+$ type: string url: - description: URL specifies the Git repository URL, it can be an HTTP/S or SSH address. + description: URL specifies the Git repository URL, it can be an HTTP/S + or SSH address. pattern: ^(http|https|ssh)://.*$ type: string verify: - description: Verification specifies the configuration to verify the Git commit signature(s). + description: |- + Verification specifies the configuration to verify the Git commit + signature(s). properties: mode: default: HEAD - description: "Mode specifies which Git object(s) should be verified. \n The variants \"head\" and \"HEAD\" - both imply the same thing, i.e. verify the commit that the HEAD of the Git repository points to. The - variant \"head\" solely exists to ensure backwards compatibility." + description: |- + Mode specifies which Git object(s) should be verified. + + + The variants "head" and "HEAD" both imply the same thing, i.e. verify + the commit that the HEAD of the Git repository points to. The variant + "head" solely exists to ensure backwards compatibility. enum: - head - HEAD @@ -925,7 +1049,9 @@ spec: - TagAndHEAD type: string secretRef: - description: SecretRef specifies the Secret containing the public keys of trusted Git authors. + description: |- + SecretRef specifies the Secret containing the public keys of trusted Git + authors. properties: name: description: Name of the referent. @@ -946,14 +1072,17 @@ spec: description: GitRepositoryStatus records the observed state of a Git repository. properties: artifact: - description: Artifact represents the last successful GitRepository reconciliation. + description: Artifact represents the last successful GitRepository + reconciliation. properties: digest: description: Digest is the digest of the file in the form of ':'. pattern: ^[a-z0-9]+(?:[.+_-][a-z0-9]+)*:[a-zA-Z0-9=_-]+$ type: string lastUpdateTime: - description: LastUpdateTime is the timestamp corresponding to the last update of the Artifact. + description: |- + LastUpdateTime is the timestamp corresponding to the last update of the + Artifact. format: date-time type: string metadata: @@ -962,21 +1091,25 @@ spec: description: Metadata holds upstream information such as OCI annotations. type: object path: - description: Path is the relative file path of the Artifact. It can be used to locate the file in the - root of the Artifact storage on the local file system of the controller managing the Source. + description: |- + Path is the relative file path of the Artifact. It can be used to locate + the file in the root of the Artifact storage on the local file system of + the controller managing the Source. type: string revision: - description: Revision is a human-readable identifier traceable in the origin source system. It can be - a Git commit SHA, Git tag, a Helm chart version, etc. + description: |- + Revision is a human-readable identifier traceable in the origin source + system. It can be a Git commit SHA, Git tag, a Helm chart version, etc. type: string size: description: Size is the number of bytes in the file. format: int64 type: integer url: - description: URL is the HTTP address of the Artifact as exposed by the controller managing the Source. - It can be used to retrieve the Artifact for consumption, e.g. by another controller applying the Artifact - contents. + description: |- + URL is the HTTP address of the Artifact as exposed by the controller + managing the Source. It can be used to retrieve the Artifact for + consumption, e.g. by another controller applying the Artifact contents. type: string required: - lastUpdateTime @@ -987,35 +1120,43 @@ spec: conditions: description: Conditions holds the conditions for the GitRepository. items: - description: "Condition contains details for one aspect of the current state of this API Resource. --- This - struct is intended for direct use as an array at the field path .status.conditions. For example, \n type - FooStatus struct{ // Represents the observations of a foo's current state. // Known .status.conditions.type - are: \"Available\", \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge // - +listType=map // +listMapKey=type Conditions []metav1.Condition `json:\"conditions,omitempty\" patchStrategy:\"merge\" - patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" + description: "Condition contains details for one aspect of the current + state of this API Resource.\n---\nThis struct is intended for + direct use as an array at the field path .status.conditions. For + example,\n\n\n\ttype FooStatus struct{\n\t // Represents the + observations of a foo's current state.\n\t // Known .status.conditions.type + are: \"Available\", \"Progressing\", and \"Degraded\"\n\t // + +patchMergeKey=type\n\t // +patchStrategy=merge\n\t // +listType=map\n\t + \ // +listMapKey=type\n\t Conditions []metav1.Condition `json:\"conditions,omitempty\" + patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"`\n\n\n\t + \ // other fields\n\t}" properties: lastTransitionTime: - description: lastTransitionTime is the last time the condition transitioned from one status to another. - This should be when the underlying condition changed. If that is not known, then using the time when - the API field changed is acceptable. + description: |- + lastTransitionTime is the last time the condition transitioned from one status to another. + This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. format: date-time type: string message: - description: message is a human readable message indicating details about the transition. This may be - an empty string. + description: |- + message is a human readable message indicating details about the transition. + This may be an empty string. maxLength: 32768 type: string observedGeneration: - description: observedGeneration represents the .metadata.generation that the condition was set based - upon. For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration - is 9, the condition is out of date with respect to the current state of the instance. + description: |- + observedGeneration represents the .metadata.generation that the condition was set based upon. + For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date + with respect to the current state of the instance. format: int64 minimum: 0 type: integer reason: - description: reason contains a programmatic identifier indicating the reason for the condition's last - transition. Producers of specific condition types may define expected values and meanings for this - field, and whether the values are considered a guaranteed API. The value should be a CamelCase string. + description: |- + reason contains a programmatic identifier indicating the reason for the condition's last transition. + Producers of specific condition types may define expected values and meanings for this field, + and whether the values are considered a guaranteed API. + The value should be a CamelCase string. This field may not be empty. maxLength: 1024 minLength: 1 @@ -1029,9 +1170,12 @@ spec: - Unknown type: string type: - description: type of condition in CamelCase or in foo.example.com/CamelCase. --- Many .condition.type - values are consistent across resources like Available, but because arbitrary conditions can be useful - (see .node.status.conditions), the ability to deconflict is important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + description: |- + type of condition in CamelCase or in foo.example.com/CamelCase. + --- + Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be + useful (see .node.status.conditions), the ability to deconflict is important. + The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) maxLength: 316 pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ type: string @@ -1044,40 +1188,49 @@ spec: type: object type: array includedArtifacts: - description: IncludedArtifacts contains a list of the last successfully included Artifacts as instructed by - GitRepositorySpec.Include. + description: |- + IncludedArtifacts contains a list of the last successfully included + Artifacts as instructed by GitRepositorySpec.Include. items: description: Artifact represents the output of a Source reconciliation. properties: digest: - description: Digest is the digest of the file in the form of ':'. + description: Digest is the digest of the file in the form of + ':'. pattern: ^[a-z0-9]+(?:[.+_-][a-z0-9]+)*:[a-zA-Z0-9=_-]+$ type: string lastUpdateTime: - description: LastUpdateTime is the timestamp corresponding to the last update of the Artifact. + description: |- + LastUpdateTime is the timestamp corresponding to the last update of the + Artifact. format: date-time type: string metadata: additionalProperties: type: string - description: Metadata holds upstream information such as OCI annotations. + description: Metadata holds upstream information such as OCI + annotations. type: object path: - description: Path is the relative file path of the Artifact. It can be used to locate the file in the - root of the Artifact storage on the local file system of the controller managing the Source. + description: |- + Path is the relative file path of the Artifact. It can be used to locate + the file in the root of the Artifact storage on the local file system of + the controller managing the Source. type: string revision: - description: Revision is a human-readable identifier traceable in the origin source system. It can be - a Git commit SHA, Git tag, a Helm chart version, etc. + description: |- + Revision is a human-readable identifier traceable in the origin source + system. It can be a Git commit SHA, Git tag, a Helm chart version, etc. type: string size: description: Size is the number of bytes in the file. format: int64 type: integer url: - description: URL is the HTTP address of the Artifact as exposed by the controller managing the Source. - It can be used to retrieve the Artifact for consumption, e.g. by another controller applying the Artifact - contents. + description: |- + URL is the HTTP address of the Artifact as exposed by the controller + managing the Source. It can be used to retrieve the Artifact for + consumption, e.g. by another controller applying the Artifact contents. type: string required: - lastUpdateTime @@ -1087,27 +1240,40 @@ spec: type: object type: array lastHandledReconcileAt: - description: LastHandledReconcileAt holds the value of the most recent reconcile request value, so a change - of the annotation value can be detected. + description: |- + LastHandledReconcileAt holds the value of the most recent + reconcile request value, so a change of the annotation value + can be detected. type: string observedGeneration: - description: ObservedGeneration is the last observed generation of the GitRepository object. + description: |- + ObservedGeneration is the last observed generation of the GitRepository + object. format: int64 type: integer observedIgnore: - description: ObservedIgnore is the observed exclusion patterns used for constructing the source artifact. + description: |- + ObservedIgnore is the observed exclusion patterns used for constructing + the source artifact. type: string observedInclude: - description: ObservedInclude is the observed list of GitRepository resources used to produce the current Artifact. + description: |- + ObservedInclude is the observed list of GitRepository resources used to + produce the current Artifact. items: - description: GitRepositoryInclude specifies a local reference to a GitRepository which Artifact (sub-)contents - must be included, and where they should be placed. + description: |- + GitRepositoryInclude specifies a local reference to a GitRepository which + Artifact (sub-)contents must be included, and where they should be placed. properties: fromPath: - description: FromPath specifies the path to copy contents from, defaults to the root of the Artifact. + description: |- + FromPath specifies the path to copy contents from, defaults to the root + of the Artifact. type: string repository: - description: GitRepositoryRef specifies the GitRepository which Artifact contents must be included. + description: |- + GitRepositoryRef specifies the GitRepository which Artifact contents + must be included. properties: name: description: Name of the referent. @@ -1116,19 +1282,23 @@ spec: - name type: object toPath: - description: ToPath specifies the path to copy contents to, defaults to the name of the GitRepositoryRef. + description: |- + ToPath specifies the path to copy contents to, defaults to the name of + the GitRepositoryRef. type: string required: - repository type: object type: array observedRecurseSubmodules: - description: ObservedRecurseSubmodules is the observed resource submodules configuration used to produce the - current Artifact. + description: |- + ObservedRecurseSubmodules is the observed resource submodules + configuration used to produce the current Artifact. type: boolean sourceVerificationMode: - description: SourceVerificationMode is the last used verification mode indicating which Git object(s) have - been verified. + description: |- + SourceVerificationMode is the last used verification mode indicating + which Git object(s) have been verified. type: string type: object type: object @@ -1157,12 +1327,19 @@ spec: description: GitRepository is the Schema for the gitrepositories API properties: apiVersion: - description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert - recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string kind: - description: 'Kind is a string value representing the REST resource this object represents. Servers may infer - this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string metadata: type: object @@ -1170,21 +1347,25 @@ spec: description: GitRepositorySpec defines the desired state of a Git repository. properties: accessFrom: - description: AccessFrom defines an Access Control List for allowing cross-namespace references to this object. + description: AccessFrom defines an Access Control List for allowing + cross-namespace references to this object. properties: namespaceSelectors: - description: NamespaceSelectors is the list of namespace selectors to which this ACL applies. Items in - this list are evaluated using a logical OR operation. + description: |- + NamespaceSelectors is the list of namespace selectors to which this ACL applies. + Items in this list are evaluated using a logical OR operation. items: - description: NamespaceSelector selects the namespaces to which this ACL applies. An empty map of MatchLabels - matches all namespaces in a cluster. + description: |- + NamespaceSelector selects the namespaces to which this ACL applies. + An empty map of MatchLabels matches all namespaces in a cluster. properties: matchLabels: additionalProperties: type: string - description: MatchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels - map is equivalent to an element of matchExpressions, whose key field is "key", the operator is - "In", and the values array contains only "value". The requirements are ANDed. + description: |- + MatchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, whose key field is "key", the + operator is "In", and the values array contains only "value". The requirements are ANDed. type: object type: object type: array @@ -1193,23 +1374,28 @@ spec: type: object gitImplementation: default: go-git - description: Determines which git client library to use. Defaults to go-git, valid values are ('go-git', 'libgit2'). + description: |- + Determines which git client library to use. + Defaults to go-git, valid values are ('go-git', 'libgit2'). enum: - go-git - libgit2 type: string ignore: - description: Ignore overrides the set of excluded patterns in the .sourceignore format (which is the same - as .gitignore). If not provided, a default will be used, consult the documentation for your version to find - out what those are. + description: |- + Ignore overrides the set of excluded patterns in the .sourceignore format + (which is the same as .gitignore). If not provided, a default will be used, + consult the documentation for your version to find out what those are. type: string include: description: Extra git repositories to map into the repository items: - description: GitRepositoryInclude defines a source with a from and to path. + description: GitRepositoryInclude defines a source with a from and + to path. properties: fromPath: - description: The path to copy contents from, defaults to the root directory. + description: The path to copy contents from, defaults to the + root directory. type: string repository: description: Reference to a GitRepository to include. @@ -1221,7 +1407,8 @@ spec: - name type: object toPath: - description: The path to copy contents to, defaults to the name of the source ref. + description: The path to copy contents to, defaults to the name + of the source ref. type: string required: - repository @@ -1231,28 +1418,38 @@ spec: description: The interval at which to check for repository updates. type: string recurseSubmodules: - description: When enabled, after the clone is created, initializes all submodules within, using their default - settings. This option is available only when using the 'go-git' GitImplementation. + description: |- + When enabled, after the clone is created, initializes all submodules within, + using their default settings. + This option is available only when using the 'go-git' GitImplementation. type: boolean ref: - description: The Git reference to checkout and monitor for changes, defaults to master branch. + description: |- + The Git reference to checkout and monitor for changes, defaults to + master branch. properties: branch: description: The Git branch to checkout, defaults to master. type: string commit: - description: The Git commit SHA to checkout, if specified Tag filters will be ignored. + description: The Git commit SHA to checkout, if specified Tag + filters will be ignored. type: string semver: - description: The Git tag semver expression, takes precedence over Tag. + description: The Git tag semver expression, takes precedence over + Tag. type: string tag: description: The Git tag to checkout, takes precedence over Branch. type: string type: object secretRef: - description: The secret name containing the Git credentials. For HTTPS repositories the secret must contain - username and password fields. For SSH repositories the secret must contain identity and known_hosts fields. + description: |- + The secret name containing the Git credentials. + For HTTPS repositories the secret must contain username and password + fields. + For SSH repositories the secret must contain identity and known_hosts + fields. properties: name: description: Name of the referent. @@ -1261,26 +1458,31 @@ spec: - name type: object suspend: - description: This flag tells the controller to suspend the reconciliation of this source. + description: This flag tells the controller to suspend the reconciliation + of this source. type: boolean timeout: default: 60s - description: The timeout for remote Git operations like cloning, defaults to 60s. + description: The timeout for remote Git operations like cloning, defaults + to 60s. type: string url: description: The repository URL, can be a HTTP/S or SSH address. pattern: ^(http|https|ssh)://.*$ type: string verify: - description: Verify OpenPGP signature for the Git commit HEAD points to. + description: Verify OpenPGP signature for the Git commit HEAD points + to. properties: mode: - description: Mode describes what git object should be verified, currently ('head'). + description: Mode describes what git object should be verified, + currently ('head'). enum: - head type: string secretRef: - description: The secret name containing the public keys of all trusted Git authors. + description: The secret name containing the public keys of all + trusted Git authors. properties: name: description: Name of the referent. @@ -1301,21 +1503,26 @@ spec: description: GitRepositoryStatus defines the observed state of a Git repository. properties: artifact: - description: Artifact represents the output of the last successful repository sync. + description: Artifact represents the output of the last successful + repository sync. properties: checksum: description: Checksum is the SHA256 checksum of the artifact. type: string lastUpdateTime: - description: LastUpdateTime is the timestamp corresponding to the last update of this artifact. + description: |- + LastUpdateTime is the timestamp corresponding to the last update of this + artifact. format: date-time type: string path: description: Path is the relative file path of this artifact. type: string revision: - description: Revision is a human readable identifier traceable in the origin source system. It can be - a Git commit SHA, Git tag, a Helm index timestamp, a Helm chart version, etc. + description: |- + Revision is a human readable identifier traceable in the origin source + system. It can be a Git commit SHA, Git tag, a Helm index timestamp, a Helm + chart version, etc. type: string url: description: URL is the HTTP address of this artifact. @@ -1327,35 +1534,43 @@ spec: conditions: description: Conditions holds the conditions for the GitRepository. items: - description: "Condition contains details for one aspect of the current state of this API Resource. --- This - struct is intended for direct use as an array at the field path .status.conditions. For example, \n type - FooStatus struct{ // Represents the observations of a foo's current state. // Known .status.conditions.type - are: \"Available\", \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge // - +listType=map // +listMapKey=type Conditions []metav1.Condition `json:\"conditions,omitempty\" patchStrategy:\"merge\" - patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" + description: "Condition contains details for one aspect of the current + state of this API Resource.\n---\nThis struct is intended for + direct use as an array at the field path .status.conditions. For + example,\n\n\n\ttype FooStatus struct{\n\t // Represents the + observations of a foo's current state.\n\t // Known .status.conditions.type + are: \"Available\", \"Progressing\", and \"Degraded\"\n\t // + +patchMergeKey=type\n\t // +patchStrategy=merge\n\t // +listType=map\n\t + \ // +listMapKey=type\n\t Conditions []metav1.Condition `json:\"conditions,omitempty\" + patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"`\n\n\n\t + \ // other fields\n\t}" properties: lastTransitionTime: - description: lastTransitionTime is the last time the condition transitioned from one status to another. - This should be when the underlying condition changed. If that is not known, then using the time when - the API field changed is acceptable. + description: |- + lastTransitionTime is the last time the condition transitioned from one status to another. + This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. format: date-time type: string message: - description: message is a human readable message indicating details about the transition. This may be - an empty string. + description: |- + message is a human readable message indicating details about the transition. + This may be an empty string. maxLength: 32768 type: string observedGeneration: - description: observedGeneration represents the .metadata.generation that the condition was set based - upon. For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration - is 9, the condition is out of date with respect to the current state of the instance. + description: |- + observedGeneration represents the .metadata.generation that the condition was set based upon. + For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date + with respect to the current state of the instance. format: int64 minimum: 0 type: integer reason: - description: reason contains a programmatic identifier indicating the reason for the condition's last - transition. Producers of specific condition types may define expected values and meanings for this - field, and whether the values are considered a guaranteed API. The value should be a CamelCase string. + description: |- + reason contains a programmatic identifier indicating the reason for the condition's last transition. + Producers of specific condition types may define expected values and meanings for this field, + and whether the values are considered a guaranteed API. + The value should be a CamelCase string. This field may not be empty. maxLength: 1024 minLength: 1 @@ -1369,9 +1584,12 @@ spec: - Unknown type: string type: - description: type of condition in CamelCase or in foo.example.com/CamelCase. --- Many .condition.type - values are consistent across resources like Available, but because arbitrary conditions can be useful - (see .node.status.conditions), the ability to deconflict is important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + description: |- + type of condition in CamelCase or in foo.example.com/CamelCase. + --- + Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be + useful (see .node.status.conditions), the ability to deconflict is important. + The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) maxLength: 316 pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ type: string @@ -1384,7 +1602,8 @@ spec: type: object type: array includedArtifacts: - description: IncludedArtifacts represents the included artifacts from the last successful repository sync. + description: IncludedArtifacts represents the included artifacts from + the last successful repository sync. items: description: Artifact represents the output of a source synchronisation. properties: @@ -1392,15 +1611,19 @@ spec: description: Checksum is the SHA256 checksum of the artifact. type: string lastUpdateTime: - description: LastUpdateTime is the timestamp corresponding to the last update of this artifact. + description: |- + LastUpdateTime is the timestamp corresponding to the last update of this + artifact. format: date-time type: string path: description: Path is the relative file path of this artifact. type: string revision: - description: Revision is a human readable identifier traceable in the origin source system. It can be - a Git commit SHA, Git tag, a Helm index timestamp, a Helm chart version, etc. + description: |- + Revision is a human readable identifier traceable in the origin source + system. It can be a Git commit SHA, Git tag, a Helm index timestamp, a Helm + chart version, etc. type: string url: description: URL is the HTTP address of this artifact. @@ -1411,15 +1634,19 @@ spec: type: object type: array lastHandledReconcileAt: - description: LastHandledReconcileAt holds the value of the most recent reconcile request value, so a change - of the annotation value can be detected. + description: |- + LastHandledReconcileAt holds the value of the most recent + reconcile request value, so a change of the annotation value + can be detected. type: string observedGeneration: description: ObservedGeneration is the last observed generation. format: int64 type: integer url: - description: URL is the download link for the artifact output of the last repository sync. + description: |- + URL is the download link for the artifact output of the last repository + sync. type: string type: object type: object @@ -1448,35 +1675,49 @@ spec: description: GitRepository is the Schema for the gitrepositories API. properties: apiVersion: - description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert - recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string kind: - description: 'Kind is a string value representing the REST resource this object represents. Servers may infer - this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string metadata: type: object spec: - description: GitRepositorySpec specifies the required configuration to produce an Artifact for a Git repository. + description: |- + GitRepositorySpec specifies the required configuration to produce an + Artifact for a Git repository. properties: accessFrom: - description: 'AccessFrom specifies an Access Control List for allowing cross-namespace references to this - object. NOTE: Not implemented, provisional as of https://github.com/fluxcd/flux2/pull/2092' + description: |- + AccessFrom specifies an Access Control List for allowing cross-namespace + references to this object. + NOTE: Not implemented, provisional as of https://github.com/fluxcd/flux2/pull/2092 properties: namespaceSelectors: - description: NamespaceSelectors is the list of namespace selectors to which this ACL applies. Items in - this list are evaluated using a logical OR operation. + description: |- + NamespaceSelectors is the list of namespace selectors to which this ACL applies. + Items in this list are evaluated using a logical OR operation. items: - description: NamespaceSelector selects the namespaces to which this ACL applies. An empty map of MatchLabels - matches all namespaces in a cluster. + description: |- + NamespaceSelector selects the namespaces to which this ACL applies. + An empty map of MatchLabels matches all namespaces in a cluster. properties: matchLabels: additionalProperties: type: string - description: MatchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels - map is equivalent to an element of matchExpressions, whose key field is "key", the operator is - "In", and the values array contains only "value". The requirements are ANDed. + description: |- + MatchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, whose key field is "key", the + operator is "In", and the values array contains only "value". The requirements are ANDed. type: object type: object type: array @@ -1485,30 +1726,39 @@ spec: type: object gitImplementation: default: go-git - description: 'GitImplementation specifies which Git client library implementation to use. Defaults to ''go-git'', - valid values are (''go-git'', ''libgit2''). Deprecated: gitImplementation is deprecated now that ''go-git'' - is the only supported implementation.' + description: |- + GitImplementation specifies which Git client library implementation to + use. Defaults to 'go-git', valid values are ('go-git', 'libgit2'). + Deprecated: gitImplementation is deprecated now that 'go-git' is the + only supported implementation. enum: - go-git - libgit2 type: string ignore: - description: Ignore overrides the set of excluded patterns in the .sourceignore format (which is the same - as .gitignore). If not provided, a default will be used, consult the documentation for your version to find - out what those are. + description: |- + Ignore overrides the set of excluded patterns in the .sourceignore format + (which is the same as .gitignore). If not provided, a default will be used, + consult the documentation for your version to find out what those are. type: string include: - description: Include specifies a list of GitRepository resources which Artifacts should be included in the - Artifact produced for this GitRepository. + description: |- + Include specifies a list of GitRepository resources which Artifacts + should be included in the Artifact produced for this GitRepository. items: - description: GitRepositoryInclude specifies a local reference to a GitRepository which Artifact (sub-)contents - must be included, and where they should be placed. + description: |- + GitRepositoryInclude specifies a local reference to a GitRepository which + Artifact (sub-)contents must be included, and where they should be placed. properties: fromPath: - description: FromPath specifies the path to copy contents from, defaults to the root of the Artifact. + description: |- + FromPath specifies the path to copy contents from, defaults to the root + of the Artifact. type: string repository: - description: GitRepositoryRef specifies the GitRepository which Artifact contents must be included. + description: |- + GitRepositoryRef specifies the GitRepository which Artifact contents + must be included. properties: name: description: Name of the referent. @@ -1517,7 +1767,9 @@ spec: - name type: object toPath: - description: ToPath specifies the path to copy contents to, defaults to the name of the GitRepositoryRef. + description: |- + ToPath specifies the path to copy contents to, defaults to the name of + the GitRepositoryRef. type: string required: - repository @@ -1528,36 +1780,51 @@ spec: pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$ type: string recurseSubmodules: - description: RecurseSubmodules enables the initialization of all submodules within the GitRepository as cloned - from the URL, using their default settings. + description: |- + RecurseSubmodules enables the initialization of all submodules within + the GitRepository as cloned from the URL, using their default settings. type: boolean ref: - description: Reference specifies the Git reference to resolve and monitor for changes, defaults to the 'master' - branch. + description: |- + Reference specifies the Git reference to resolve and monitor for + changes, defaults to the 'master' branch. properties: branch: - description: Branch to check out, defaults to 'master' if no other field is defined. + description: Branch to check out, defaults to 'master' if no other + field is defined. type: string commit: - description: "Commit SHA to check out, takes precedence over all reference fields. \n This can be combined - with Branch to shallow clone the branch, in which the commit is expected to exist." + description: |- + Commit SHA to check out, takes precedence over all reference fields. + + + This can be combined with Branch to shallow clone the branch, in which + the commit is expected to exist. type: string name: - description: "Name of the reference to check out; takes precedence over Branch, Tag and SemVer. \n It - must be a valid Git reference: https://git-scm.com/docs/git-check-ref-format#_description Examples: - \"refs/heads/main\", \"refs/tags/v0.1.0\", \"refs/pull/420/head\", \"refs/merge-requests/1/head\"" + description: |- + Name of the reference to check out; takes precedence over Branch, Tag and SemVer. + + + It must be a valid Git reference: https://git-scm.com/docs/git-check-ref-format#_description + Examples: "refs/heads/main", "refs/tags/v0.1.0", "refs/pull/420/head", "refs/merge-requests/1/head" type: string semver: - description: SemVer tag expression to check out, takes precedence over Tag. + description: SemVer tag expression to check out, takes precedence + over Tag. type: string tag: description: Tag to check out, takes precedence over Branch. type: string type: object secretRef: - description: SecretRef specifies the Secret containing authentication credentials for the GitRepository. For - HTTPS repositories the Secret must contain 'username' and 'password' fields for basic auth or 'bearerToken' - field for token auth. For SSH repositories the Secret must contain 'identity' and 'known_hosts' fields. + description: |- + SecretRef specifies the Secret containing authentication credentials for + the GitRepository. + For HTTPS repositories the Secret must contain 'username' and 'password' + fields for basic auth or 'bearerToken' field for token auth. + For SSH repositories the Secret must contain 'identity' + and 'known_hosts' fields. properties: name: description: Name of the referent. @@ -1566,27 +1833,36 @@ spec: - name type: object suspend: - description: Suspend tells the controller to suspend the reconciliation of this GitRepository. + description: |- + Suspend tells the controller to suspend the reconciliation of this + GitRepository. type: boolean timeout: default: 60s - description: Timeout for Git operations like cloning, defaults to 60s. + description: Timeout for Git operations like cloning, defaults to + 60s. pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m))+$ type: string url: - description: URL specifies the Git repository URL, it can be an HTTP/S or SSH address. + description: URL specifies the Git repository URL, it can be an HTTP/S + or SSH address. pattern: ^(http|https|ssh)://.*$ type: string verify: - description: Verification specifies the configuration to verify the Git commit signature(s). + description: |- + Verification specifies the configuration to verify the Git commit + signature(s). properties: mode: - description: Mode specifies what Git object should be verified, currently ('head'). + description: Mode specifies what Git object should be verified, + currently ('head'). enum: - head type: string secretRef: - description: SecretRef specifies the Secret containing the public keys of trusted Git authors. + description: |- + SecretRef specifies the Secret containing the public keys of trusted Git + authors. properties: name: description: Name of the referent. @@ -1608,14 +1884,17 @@ spec: description: GitRepositoryStatus records the observed state of a Git repository. properties: artifact: - description: Artifact represents the last successful GitRepository reconciliation. + description: Artifact represents the last successful GitRepository + reconciliation. properties: digest: description: Digest is the digest of the file in the form of ':'. pattern: ^[a-z0-9]+(?:[.+_-][a-z0-9]+)*:[a-zA-Z0-9=_-]+$ type: string lastUpdateTime: - description: LastUpdateTime is the timestamp corresponding to the last update of the Artifact. + description: |- + LastUpdateTime is the timestamp corresponding to the last update of the + Artifact. format: date-time type: string metadata: @@ -1624,21 +1903,25 @@ spec: description: Metadata holds upstream information such as OCI annotations. type: object path: - description: Path is the relative file path of the Artifact. It can be used to locate the file in the - root of the Artifact storage on the local file system of the controller managing the Source. + description: |- + Path is the relative file path of the Artifact. It can be used to locate + the file in the root of the Artifact storage on the local file system of + the controller managing the Source. type: string revision: - description: Revision is a human-readable identifier traceable in the origin source system. It can be - a Git commit SHA, Git tag, a Helm chart version, etc. + description: |- + Revision is a human-readable identifier traceable in the origin source + system. It can be a Git commit SHA, Git tag, a Helm chart version, etc. type: string size: description: Size is the number of bytes in the file. format: int64 type: integer url: - description: URL is the HTTP address of the Artifact as exposed by the controller managing the Source. - It can be used to retrieve the Artifact for consumption, e.g. by another controller applying the Artifact - contents. + description: |- + URL is the HTTP address of the Artifact as exposed by the controller + managing the Source. It can be used to retrieve the Artifact for + consumption, e.g. by another controller applying the Artifact contents. type: string required: - lastUpdateTime @@ -1649,35 +1932,43 @@ spec: conditions: description: Conditions holds the conditions for the GitRepository. items: - description: "Condition contains details for one aspect of the current state of this API Resource. --- This - struct is intended for direct use as an array at the field path .status.conditions. For example, \n type - FooStatus struct{ // Represents the observations of a foo's current state. // Known .status.conditions.type - are: \"Available\", \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge // - +listType=map // +listMapKey=type Conditions []metav1.Condition `json:\"conditions,omitempty\" patchStrategy:\"merge\" - patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" + description: "Condition contains details for one aspect of the current + state of this API Resource.\n---\nThis struct is intended for + direct use as an array at the field path .status.conditions. For + example,\n\n\n\ttype FooStatus struct{\n\t // Represents the + observations of a foo's current state.\n\t // Known .status.conditions.type + are: \"Available\", \"Progressing\", and \"Degraded\"\n\t // + +patchMergeKey=type\n\t // +patchStrategy=merge\n\t // +listType=map\n\t + \ // +listMapKey=type\n\t Conditions []metav1.Condition `json:\"conditions,omitempty\" + patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"`\n\n\n\t + \ // other fields\n\t}" properties: lastTransitionTime: - description: lastTransitionTime is the last time the condition transitioned from one status to another. - This should be when the underlying condition changed. If that is not known, then using the time when - the API field changed is acceptable. + description: |- + lastTransitionTime is the last time the condition transitioned from one status to another. + This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. format: date-time type: string message: - description: message is a human readable message indicating details about the transition. This may be - an empty string. + description: |- + message is a human readable message indicating details about the transition. + This may be an empty string. maxLength: 32768 type: string observedGeneration: - description: observedGeneration represents the .metadata.generation that the condition was set based - upon. For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration - is 9, the condition is out of date with respect to the current state of the instance. + description: |- + observedGeneration represents the .metadata.generation that the condition was set based upon. + For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date + with respect to the current state of the instance. format: int64 minimum: 0 type: integer reason: - description: reason contains a programmatic identifier indicating the reason for the condition's last - transition. Producers of specific condition types may define expected values and meanings for this - field, and whether the values are considered a guaranteed API. The value should be a CamelCase string. + description: |- + reason contains a programmatic identifier indicating the reason for the condition's last transition. + Producers of specific condition types may define expected values and meanings for this field, + and whether the values are considered a guaranteed API. + The value should be a CamelCase string. This field may not be empty. maxLength: 1024 minLength: 1 @@ -1691,9 +1982,12 @@ spec: - Unknown type: string type: - description: type of condition in CamelCase or in foo.example.com/CamelCase. --- Many .condition.type - values are consistent across resources like Available, but because arbitrary conditions can be useful - (see .node.status.conditions), the ability to deconflict is important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + description: |- + type of condition in CamelCase or in foo.example.com/CamelCase. + --- + Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be + useful (see .node.status.conditions), the ability to deconflict is important. + The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) maxLength: 316 pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ type: string @@ -1706,48 +2000,65 @@ spec: type: object type: array contentConfigChecksum: - description: "ContentConfigChecksum is a checksum of all the configurations related to the content of the - source artifact: - .spec.ignore - .spec.recurseSubmodules - .spec.included and the checksum of the included - artifacts observed in .status.observedGeneration version of the object. This can be used to determine if - the content of the included repository has changed. It has the format of `:`, for example: - `sha256:`. \n Deprecated: Replaced with explicit fields for observed artifact content config in - the status." + description: |- + ContentConfigChecksum is a checksum of all the configurations related to + the content of the source artifact: + - .spec.ignore + - .spec.recurseSubmodules + - .spec.included and the checksum of the included artifacts + observed in .status.observedGeneration version of the object. This can + be used to determine if the content of the included repository has + changed. + It has the format of `:`, for example: `sha256:`. + + + Deprecated: Replaced with explicit fields for observed artifact content + config in the status. type: string includedArtifacts: - description: IncludedArtifacts contains a list of the last successfully included Artifacts as instructed by - GitRepositorySpec.Include. + description: |- + IncludedArtifacts contains a list of the last successfully included + Artifacts as instructed by GitRepositorySpec.Include. items: description: Artifact represents the output of a Source reconciliation. properties: digest: - description: Digest is the digest of the file in the form of ':'. + description: Digest is the digest of the file in the form of + ':'. pattern: ^[a-z0-9]+(?:[.+_-][a-z0-9]+)*:[a-zA-Z0-9=_-]+$ type: string lastUpdateTime: - description: LastUpdateTime is the timestamp corresponding to the last update of the Artifact. + description: |- + LastUpdateTime is the timestamp corresponding to the last update of the + Artifact. format: date-time type: string metadata: additionalProperties: type: string - description: Metadata holds upstream information such as OCI annotations. + description: Metadata holds upstream information such as OCI + annotations. type: object path: - description: Path is the relative file path of the Artifact. It can be used to locate the file in the - root of the Artifact storage on the local file system of the controller managing the Source. + description: |- + Path is the relative file path of the Artifact. It can be used to locate + the file in the root of the Artifact storage on the local file system of + the controller managing the Source. type: string revision: - description: Revision is a human-readable identifier traceable in the origin source system. It can be - a Git commit SHA, Git tag, a Helm chart version, etc. + description: |- + Revision is a human-readable identifier traceable in the origin source + system. It can be a Git commit SHA, Git tag, a Helm chart version, etc. type: string size: description: Size is the number of bytes in the file. format: int64 type: integer url: - description: URL is the HTTP address of the Artifact as exposed by the controller managing the Source. - It can be used to retrieve the Artifact for consumption, e.g. by another controller applying the Artifact - contents. + description: |- + URL is the HTTP address of the Artifact as exposed by the controller + managing the Source. It can be used to retrieve the Artifact for + consumption, e.g. by another controller applying the Artifact contents. type: string required: - lastUpdateTime @@ -1757,28 +2068,40 @@ spec: type: object type: array lastHandledReconcileAt: - description: LastHandledReconcileAt holds the value of the most recent reconcile request value, so a change - of the annotation value can be detected. + description: |- + LastHandledReconcileAt holds the value of the most recent + reconcile request value, so a change of the annotation value + can be detected. type: string observedGeneration: - description: ObservedGeneration is the last observed generation of the GitRepository object. + description: |- + ObservedGeneration is the last observed generation of the GitRepository + object. format: int64 type: integer observedIgnore: - description: ObservedIgnore is the observed exclusion patterns used for constructing the source artifact. + description: |- + ObservedIgnore is the observed exclusion patterns used for constructing + the source artifact. type: string observedInclude: - description: ObservedInclude is the observed list of GitRepository resources used to to produce the current - Artifact. + description: |- + ObservedInclude is the observed list of GitRepository resources used to + to produce the current Artifact. items: - description: GitRepositoryInclude specifies a local reference to a GitRepository which Artifact (sub-)contents - must be included, and where they should be placed. + description: |- + GitRepositoryInclude specifies a local reference to a GitRepository which + Artifact (sub-)contents must be included, and where they should be placed. properties: fromPath: - description: FromPath specifies the path to copy contents from, defaults to the root of the Artifact. + description: |- + FromPath specifies the path to copy contents from, defaults to the root + of the Artifact. type: string repository: - description: GitRepositoryRef specifies the GitRepository which Artifact contents must be included. + description: |- + GitRepositoryRef specifies the GitRepository which Artifact contents + must be included. properties: name: description: Name of the referent. @@ -1787,19 +2110,24 @@ spec: - name type: object toPath: - description: ToPath specifies the path to copy contents to, defaults to the name of the GitRepositoryRef. + description: |- + ToPath specifies the path to copy contents to, defaults to the name of + the GitRepositoryRef. type: string required: - repository type: object type: array observedRecurseSubmodules: - description: ObservedRecurseSubmodules is the observed resource submodules configuration used to produce the - current Artifact. + description: |- + ObservedRecurseSubmodules is the observed resource submodules + configuration used to produce the current Artifact. type: boolean url: - description: URL is the dynamic fetch link for the latest Artifact. It is provided on a "best effort" basis, - and using the precise GitRepositoryStatus.Artifact data is recommended. + description: |- + URL is the dynamic fetch link for the latest Artifact. + It is provided on a "best effort" basis, and using the precise + GitRepositoryStatus.Artifact data is recommended. type: string type: object type: object @@ -1812,12 +2140,12 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.12.0 + controller-gen.kubebuilder.io/version: v0.15.0 labels: app.kubernetes.io/component: source-controller app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v2.1.1 + app.kubernetes.io/version: v2.3.0 name: helmcharts.source.toolkit.fluxcd.io spec: group: source.toolkit.fluxcd.io @@ -1830,6 +2158,351 @@ spec: singular: helmchart scope: Namespaced versions: + - additionalPrinterColumns: + - jsonPath: .spec.chart + name: Chart + type: string + - jsonPath: .spec.version + name: Version + type: string + - jsonPath: .spec.sourceRef.kind + name: Source Kind + type: string + - jsonPath: .spec.sourceRef.name + name: Source Name + type: string + - jsonPath: .metadata.creationTimestamp + name: Age + type: date + - jsonPath: .status.conditions[?(@.type=="Ready")].status + name: Ready + type: string + - jsonPath: .status.conditions[?(@.type=="Ready")].message + name: Status + type: string + name: v1 + schema: + openAPIV3Schema: + description: HelmChart is the Schema for the helmcharts API. + properties: + apiVersion: + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources + type: string + kind: + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds + type: string + metadata: + type: object + spec: + description: HelmChartSpec specifies the desired state of a Helm chart. + properties: + chart: + description: |- + Chart is the name or path the Helm chart is available at in the + SourceRef. + type: string + ignoreMissingValuesFiles: + description: |- + IgnoreMissingValuesFiles controls whether to silently ignore missing values + files rather than failing. + type: boolean + interval: + description: |- + Interval at which the HelmChart SourceRef is checked for updates. + This interval is approximate and may be subject to jitter to ensure + efficient use of resources. + pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$ + type: string + reconcileStrategy: + default: ChartVersion + description: |- + ReconcileStrategy determines what enables the creation of a new artifact. + Valid values are ('ChartVersion', 'Revision'). + See the documentation of the values for an explanation on their behavior. + Defaults to ChartVersion when omitted. + enum: + - ChartVersion + - Revision + type: string + sourceRef: + description: SourceRef is the reference to the Source the chart is + available at. + properties: + apiVersion: + description: APIVersion of the referent. + type: string + kind: + description: |- + Kind of the referent, valid values are ('HelmRepository', 'GitRepository', + 'Bucket'). + enum: + - HelmRepository + - GitRepository + - Bucket + type: string + name: + description: Name of the referent. + type: string + required: + - kind + - name + type: object + suspend: + description: |- + Suspend tells the controller to suspend the reconciliation of this + source. + type: boolean + valuesFiles: + description: |- + ValuesFiles is an alternative list of values files to use as the chart + values (values.yaml is not included by default), expected to be a + relative path in the SourceRef. + Values files are merged in the order of this list with the last file + overriding the first. Ignored when omitted. + items: + type: string + type: array + verify: + description: |- + Verify contains the secret name containing the trusted public keys + used to verify the signature and specifies which provider to use to check + whether OCI image is authentic. + This field is only supported when using HelmRepository source with spec.type 'oci'. + Chart dependencies, which are not bundled in the umbrella chart artifact, are not verified. + properties: + matchOIDCIdentity: + description: |- + MatchOIDCIdentity specifies the identity matching criteria to use + while verifying an OCI artifact which was signed using Cosign keyless + signing. The artifact's identity is deemed to be verified if any of the + specified matchers match against the identity. + items: + description: |- + OIDCIdentityMatch specifies options for verifying the certificate identity, + i.e. the issuer and the subject of the certificate. + properties: + issuer: + description: |- + Issuer specifies the regex pattern to match against to verify + the OIDC issuer in the Fulcio certificate. The pattern must be a + valid Go regular expression. + type: string + subject: + description: |- + Subject specifies the regex pattern to match against to verify + the identity subject in the Fulcio certificate. The pattern must + be a valid Go regular expression. + type: string + required: + - issuer + - subject + type: object + type: array + provider: + default: cosign + description: Provider specifies the technology used to sign the + OCI Artifact. + enum: + - cosign + - notation + type: string + secretRef: + description: |- + SecretRef specifies the Kubernetes Secret containing the + trusted public keys. + properties: + name: + description: Name of the referent. + type: string + required: + - name + type: object + required: + - provider + type: object + version: + default: '*' + description: |- + Version is the chart version semver expression, ignored for charts from + GitRepository and Bucket sources. Defaults to latest when omitted. + type: string + required: + - chart + - interval + - sourceRef + type: object + status: + default: + observedGeneration: -1 + description: HelmChartStatus records the observed state of the HelmChart. + properties: + artifact: + description: Artifact represents the output of the last successful + reconciliation. + properties: + digest: + description: Digest is the digest of the file in the form of ':'. + pattern: ^[a-z0-9]+(?:[.+_-][a-z0-9]+)*:[a-zA-Z0-9=_-]+$ + type: string + lastUpdateTime: + description: |- + LastUpdateTime is the timestamp corresponding to the last update of the + Artifact. + format: date-time + type: string + metadata: + additionalProperties: + type: string + description: Metadata holds upstream information such as OCI annotations. + type: object + path: + description: |- + Path is the relative file path of the Artifact. It can be used to locate + the file in the root of the Artifact storage on the local file system of + the controller managing the Source. + type: string + revision: + description: |- + Revision is a human-readable identifier traceable in the origin source + system. It can be a Git commit SHA, Git tag, a Helm chart version, etc. + type: string + size: + description: Size is the number of bytes in the file. + format: int64 + type: integer + url: + description: |- + URL is the HTTP address of the Artifact as exposed by the controller + managing the Source. It can be used to retrieve the Artifact for + consumption, e.g. by another controller applying the Artifact contents. + type: string + required: + - lastUpdateTime + - path + - revision + - url + type: object + conditions: + description: Conditions holds the conditions for the HelmChart. + items: + description: "Condition contains details for one aspect of the current + state of this API Resource.\n---\nThis struct is intended for + direct use as an array at the field path .status.conditions. For + example,\n\n\n\ttype FooStatus struct{\n\t // Represents the + observations of a foo's current state.\n\t // Known .status.conditions.type + are: \"Available\", \"Progressing\", and \"Degraded\"\n\t // + +patchMergeKey=type\n\t // +patchStrategy=merge\n\t // +listType=map\n\t + \ // +listMapKey=type\n\t Conditions []metav1.Condition `json:\"conditions,omitempty\" + patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"`\n\n\n\t + \ // other fields\n\t}" + properties: + lastTransitionTime: + description: |- + lastTransitionTime is the last time the condition transitioned from one status to another. + This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. + format: date-time + type: string + message: + description: |- + message is a human readable message indicating details about the transition. + This may be an empty string. + maxLength: 32768 + type: string + observedGeneration: + description: |- + observedGeneration represents the .metadata.generation that the condition was set based upon. + For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date + with respect to the current state of the instance. + format: int64 + minimum: 0 + type: integer + reason: + description: |- + reason contains a programmatic identifier indicating the reason for the condition's last transition. + Producers of specific condition types may define expected values and meanings for this field, + and whether the values are considered a guaranteed API. + The value should be a CamelCase string. + This field may not be empty. + maxLength: 1024 + minLength: 1 + pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ + type: string + status: + description: status of the condition, one of True, False, Unknown. + enum: + - "True" + - "False" + - Unknown + type: string + type: + description: |- + type of condition in CamelCase or in foo.example.com/CamelCase. + --- + Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be + useful (see .node.status.conditions), the ability to deconflict is important. + The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + maxLength: 316 + pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ + type: string + required: + - lastTransitionTime + - message + - reason + - status + - type + type: object + type: array + lastHandledReconcileAt: + description: |- + LastHandledReconcileAt holds the value of the most recent + reconcile request value, so a change of the annotation value + can be detected. + type: string + observedChartName: + description: |- + ObservedChartName is the last observed chart name as specified by the + resolved chart reference. + type: string + observedGeneration: + description: |- + ObservedGeneration is the last observed generation of the HelmChart + object. + format: int64 + type: integer + observedSourceArtifactRevision: + description: |- + ObservedSourceArtifactRevision is the last observed Artifact.Revision + of the HelmChartSpec.SourceRef. + type: string + observedValuesFiles: + description: |- + ObservedValuesFiles are the observed value files of the last successful + reconciliation. + It matches the chart in the last successfully reconciled artifact. + items: + type: string + type: array + url: + description: |- + URL is the dynamic fetch link for the latest Artifact. + It is provided on a "best effort" basis, and using the precise + BucketStatus.Artifact data is recommended. + type: string + type: object + type: object + served: true + storage: true + subresources: + status: {} - additionalPrinterColumns: - jsonPath: .spec.chart name: Chart @@ -1852,18 +2525,27 @@ spec: - jsonPath: .metadata.creationTimestamp name: Age type: date + deprecated: true + deprecationWarning: v1beta1 HelmChart is deprecated, upgrade to v1 name: v1beta1 schema: openAPIV3Schema: description: HelmChart is the Schema for the helmcharts API properties: apiVersion: - description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert - recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string kind: - description: 'Kind is a string value representing the REST resource this object represents. Servers may infer - this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string metadata: type: object @@ -1871,21 +2553,25 @@ spec: description: HelmChartSpec defines the desired state of a Helm chart. properties: accessFrom: - description: AccessFrom defines an Access Control List for allowing cross-namespace references to this object. + description: AccessFrom defines an Access Control List for allowing + cross-namespace references to this object. properties: namespaceSelectors: - description: NamespaceSelectors is the list of namespace selectors to which this ACL applies. Items in - this list are evaluated using a logical OR operation. + description: |- + NamespaceSelectors is the list of namespace selectors to which this ACL applies. + Items in this list are evaluated using a logical OR operation. items: - description: NamespaceSelector selects the namespaces to which this ACL applies. An empty map of MatchLabels - matches all namespaces in a cluster. + description: |- + NamespaceSelector selects the namespaces to which this ACL applies. + An empty map of MatchLabels matches all namespaces in a cluster. properties: matchLabels: additionalProperties: type: string - description: MatchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels - map is equivalent to an element of matchExpressions, whose key field is "key", the operator is - "In", and the values array contains only "value". The requirements are ANDed. + description: |- + MatchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, whose key field is "key", the + operator is "In", and the values array contains only "value". The requirements are ANDed. type: object type: object type: array @@ -1893,16 +2579,19 @@ spec: - namespaceSelectors type: object chart: - description: The name or path the Helm chart is available at in the SourceRef. + description: The name or path the Helm chart is available at in the + SourceRef. type: string interval: description: The interval at which to check the Source for updates. type: string reconcileStrategy: default: ChartVersion - description: Determines what enables the creation of a new artifact. Valid values are ('ChartVersion', 'Revision'). - See the documentation of the values for an explanation on their behavior. Defaults to ChartVersion when - omitted. + description: |- + Determines what enables the creation of a new artifact. Valid values are + ('ChartVersion', 'Revision'). + See the documentation of the values for an explanation on their behavior. + Defaults to ChartVersion when omitted. enum: - ChartVersion - Revision @@ -1914,7 +2603,9 @@ spec: description: APIVersion of the referent. type: string kind: - description: Kind of the referent, valid values are ('HelmRepository', 'GitRepository', 'Bucket'). + description: |- + Kind of the referent, valid values are ('HelmRepository', 'GitRepository', + 'Bucket'). enum: - HelmRepository - GitRepository @@ -1928,24 +2619,30 @@ spec: - name type: object suspend: - description: This flag tells the controller to suspend the reconciliation of this source. + description: This flag tells the controller to suspend the reconciliation + of this source. type: boolean valuesFile: - description: Alternative values file to use as the default chart values, expected to be a relative path in - the SourceRef. Deprecated in favor of ValuesFiles, for backwards compatibility the file defined here is - merged before the ValuesFiles items. Ignored when omitted. + description: |- + Alternative values file to use as the default chart values, expected to + be a relative path in the SourceRef. Deprecated in favor of ValuesFiles, + for backwards compatibility the file defined here is merged before the + ValuesFiles items. Ignored when omitted. type: string valuesFiles: - description: Alternative list of values files to use as the chart values (values.yaml is not included by default), - expected to be a relative path in the SourceRef. Values files are merged in the order of this list with - the last file overriding the first. Ignored when omitted. + description: |- + Alternative list of values files to use as the chart values (values.yaml + is not included by default), expected to be a relative path in the SourceRef. + Values files are merged in the order of this list with the last file overriding + the first. Ignored when omitted. items: type: string type: array version: default: '*' - description: The chart version semver expression, ignored for charts from GitRepository and Bucket sources. - Defaults to latest when omitted. + description: |- + The chart version semver expression, ignored for charts from GitRepository + and Bucket sources. Defaults to latest when omitted. type: string required: - chart @@ -1958,21 +2655,26 @@ spec: description: HelmChartStatus defines the observed state of the HelmChart. properties: artifact: - description: Artifact represents the output of the last successful chart sync. + description: Artifact represents the output of the last successful + chart sync. properties: checksum: description: Checksum is the SHA256 checksum of the artifact. type: string lastUpdateTime: - description: LastUpdateTime is the timestamp corresponding to the last update of this artifact. + description: |- + LastUpdateTime is the timestamp corresponding to the last update of this + artifact. format: date-time type: string path: description: Path is the relative file path of this artifact. type: string revision: - description: Revision is a human readable identifier traceable in the origin source system. It can be - a Git commit SHA, Git tag, a Helm index timestamp, a Helm chart version, etc. + description: |- + Revision is a human readable identifier traceable in the origin source + system. It can be a Git commit SHA, Git tag, a Helm index timestamp, a Helm + chart version, etc. type: string url: description: URL is the HTTP address of this artifact. @@ -1984,35 +2686,43 @@ spec: conditions: description: Conditions holds the conditions for the HelmChart. items: - description: "Condition contains details for one aspect of the current state of this API Resource. --- This - struct is intended for direct use as an array at the field path .status.conditions. For example, \n type - FooStatus struct{ // Represents the observations of a foo's current state. // Known .status.conditions.type - are: \"Available\", \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge // - +listType=map // +listMapKey=type Conditions []metav1.Condition `json:\"conditions,omitempty\" patchStrategy:\"merge\" - patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" + description: "Condition contains details for one aspect of the current + state of this API Resource.\n---\nThis struct is intended for + direct use as an array at the field path .status.conditions. For + example,\n\n\n\ttype FooStatus struct{\n\t // Represents the + observations of a foo's current state.\n\t // Known .status.conditions.type + are: \"Available\", \"Progressing\", and \"Degraded\"\n\t // + +patchMergeKey=type\n\t // +patchStrategy=merge\n\t // +listType=map\n\t + \ // +listMapKey=type\n\t Conditions []metav1.Condition `json:\"conditions,omitempty\" + patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"`\n\n\n\t + \ // other fields\n\t}" properties: lastTransitionTime: - description: lastTransitionTime is the last time the condition transitioned from one status to another. - This should be when the underlying condition changed. If that is not known, then using the time when - the API field changed is acceptable. + description: |- + lastTransitionTime is the last time the condition transitioned from one status to another. + This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. format: date-time type: string message: - description: message is a human readable message indicating details about the transition. This may be - an empty string. + description: |- + message is a human readable message indicating details about the transition. + This may be an empty string. maxLength: 32768 type: string observedGeneration: - description: observedGeneration represents the .metadata.generation that the condition was set based - upon. For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration - is 9, the condition is out of date with respect to the current state of the instance. + description: |- + observedGeneration represents the .metadata.generation that the condition was set based upon. + For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date + with respect to the current state of the instance. format: int64 minimum: 0 type: integer reason: - description: reason contains a programmatic identifier indicating the reason for the condition's last - transition. Producers of specific condition types may define expected values and meanings for this - field, and whether the values are considered a guaranteed API. The value should be a CamelCase string. + description: |- + reason contains a programmatic identifier indicating the reason for the condition's last transition. + Producers of specific condition types may define expected values and meanings for this field, + and whether the values are considered a guaranteed API. + The value should be a CamelCase string. This field may not be empty. maxLength: 1024 minLength: 1 @@ -2026,9 +2736,12 @@ spec: - Unknown type: string type: - description: type of condition in CamelCase or in foo.example.com/CamelCase. --- Many .condition.type - values are consistent across resources like Available, but because arbitrary conditions can be useful - (see .node.status.conditions), the ability to deconflict is important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + description: |- + type of condition in CamelCase or in foo.example.com/CamelCase. + --- + Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be + useful (see .node.status.conditions), the ability to deconflict is important. + The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) maxLength: 316 pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ type: string @@ -2041,8 +2754,10 @@ spec: type: object type: array lastHandledReconcileAt: - description: LastHandledReconcileAt holds the value of the most recent reconcile request value, so a change - of the annotation value can be detected. + description: |- + LastHandledReconcileAt holds the value of the most recent + reconcile request value, so a change of the annotation value + can be detected. type: string observedGeneration: description: ObservedGeneration is the last observed generation. @@ -2079,18 +2794,27 @@ spec: - jsonPath: .status.conditions[?(@.type=="Ready")].message name: Status type: string + deprecated: true + deprecationWarning: v1beta2 HelmChart is deprecated, upgrade to v1 name: v1beta2 schema: openAPIV3Schema: description: HelmChart is the Schema for the helmcharts API. properties: apiVersion: - description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert - recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string kind: - description: 'Kind is a string value representing the REST resource this object represents. Servers may infer - this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string metadata: type: object @@ -2098,22 +2822,27 @@ spec: description: HelmChartSpec specifies the desired state of a Helm chart. properties: accessFrom: - description: 'AccessFrom specifies an Access Control List for allowing cross-namespace references to this - object. NOTE: Not implemented, provisional as of https://github.com/fluxcd/flux2/pull/2092' + description: |- + AccessFrom specifies an Access Control List for allowing cross-namespace + references to this object. + NOTE: Not implemented, provisional as of https://github.com/fluxcd/flux2/pull/2092 properties: namespaceSelectors: - description: NamespaceSelectors is the list of namespace selectors to which this ACL applies. Items in - this list are evaluated using a logical OR operation. + description: |- + NamespaceSelectors is the list of namespace selectors to which this ACL applies. + Items in this list are evaluated using a logical OR operation. items: - description: NamespaceSelector selects the namespaces to which this ACL applies. An empty map of MatchLabels - matches all namespaces in a cluster. + description: |- + NamespaceSelector selects the namespaces to which this ACL applies. + An empty map of MatchLabels matches all namespaces in a cluster. properties: matchLabels: additionalProperties: type: string - description: MatchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels - map is equivalent to an element of matchExpressions, whose key field is "key", the operator is - "In", and the values array contains only "value". The requirements are ANDed. + description: |- + MatchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, whose key field is "key", the + operator is "In", and the values array contains only "value". The requirements are ANDed. type: object type: object type: array @@ -2121,30 +2850,44 @@ spec: - namespaceSelectors type: object chart: - description: Chart is the name or path the Helm chart is available at in the SourceRef. - type: string + description: |- + Chart is the name or path the Helm chart is available at in the + SourceRef. + type: string + ignoreMissingValuesFiles: + description: |- + IgnoreMissingValuesFiles controls whether to silently ignore missing values + files rather than failing. + type: boolean interval: - description: Interval at which the HelmChart SourceRef is checked for updates. This interval is approximate - and may be subject to jitter to ensure efficient use of resources. + description: |- + Interval at which the HelmChart SourceRef is checked for updates. + This interval is approximate and may be subject to jitter to ensure + efficient use of resources. pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$ type: string reconcileStrategy: default: ChartVersion - description: ReconcileStrategy determines what enables the creation of a new artifact. Valid values are ('ChartVersion', - 'Revision'). See the documentation of the values for an explanation on their behavior. Defaults to ChartVersion - when omitted. + description: |- + ReconcileStrategy determines what enables the creation of a new artifact. + Valid values are ('ChartVersion', 'Revision'). + See the documentation of the values for an explanation on their behavior. + Defaults to ChartVersion when omitted. enum: - ChartVersion - Revision type: string sourceRef: - description: SourceRef is the reference to the Source the chart is available at. + description: SourceRef is the reference to the Source the chart is + available at. properties: apiVersion: description: APIVersion of the referent. type: string kind: - description: Kind of the referent, valid values are ('HelmRepository', 'GitRepository', 'Bucket'). + description: |- + Kind of the referent, valid values are ('HelmRepository', 'GitRepository', + 'Bucket'). enum: - HelmRepository - GitRepository @@ -2158,34 +2901,75 @@ spec: - name type: object suspend: - description: Suspend tells the controller to suspend the reconciliation of this source. + description: |- + Suspend tells the controller to suspend the reconciliation of this + source. type: boolean valuesFile: - description: ValuesFile is an alternative values file to use as the default chart values, expected to be a - relative path in the SourceRef. Deprecated in favor of ValuesFiles, for backwards compatibility the file - specified here is merged before the ValuesFiles items. Ignored when omitted. + description: |- + ValuesFile is an alternative values file to use as the default chart + values, expected to be a relative path in the SourceRef. Deprecated in + favor of ValuesFiles, for backwards compatibility the file specified here + is merged before the ValuesFiles items. Ignored when omitted. type: string valuesFiles: - description: ValuesFiles is an alternative list of values files to use as the chart values (values.yaml is - not included by default), expected to be a relative path in the SourceRef. Values files are merged in the - order of this list with the last file overriding the first. Ignored when omitted. + description: |- + ValuesFiles is an alternative list of values files to use as the chart + values (values.yaml is not included by default), expected to be a + relative path in the SourceRef. + Values files are merged in the order of this list with the last file + overriding the first. Ignored when omitted. items: type: string type: array verify: - description: Verify contains the secret name containing the trusted public keys used to verify the signature - and specifies which provider to use to check whether OCI image is authentic. This field is only supported - when using HelmRepository source with spec.type 'oci'. Chart dependencies, which are not bundled in the - umbrella chart artifact, are not verified. + description: |- + Verify contains the secret name containing the trusted public keys + used to verify the signature and specifies which provider to use to check + whether OCI image is authentic. + This field is only supported when using HelmRepository source with spec.type 'oci'. + Chart dependencies, which are not bundled in the umbrella chart artifact, are not verified. properties: + matchOIDCIdentity: + description: |- + MatchOIDCIdentity specifies the identity matching criteria to use + while verifying an OCI artifact which was signed using Cosign keyless + signing. The artifact's identity is deemed to be verified if any of the + specified matchers match against the identity. + items: + description: |- + OIDCIdentityMatch specifies options for verifying the certificate identity, + i.e. the issuer and the subject of the certificate. + properties: + issuer: + description: |- + Issuer specifies the regex pattern to match against to verify + the OIDC issuer in the Fulcio certificate. The pattern must be a + valid Go regular expression. + type: string + subject: + description: |- + Subject specifies the regex pattern to match against to verify + the identity subject in the Fulcio certificate. The pattern must + be a valid Go regular expression. + type: string + required: + - issuer + - subject + type: object + type: array provider: default: cosign - description: Provider specifies the technology used to sign the OCI Artifact. + description: Provider specifies the technology used to sign the + OCI Artifact. enum: - cosign + - notation type: string secretRef: - description: SecretRef specifies the Kubernetes Secret containing the trusted public keys. + description: |- + SecretRef specifies the Kubernetes Secret containing the + trusted public keys. properties: name: description: Name of the referent. @@ -2198,8 +2982,9 @@ spec: type: object version: default: '*' - description: Version is the chart version semver expression, ignored for charts from GitRepository and Bucket - sources. Defaults to latest when omitted. + description: |- + Version is the chart version semver expression, ignored for charts from + GitRepository and Bucket sources. Defaults to latest when omitted. type: string required: - chart @@ -2212,14 +2997,17 @@ spec: description: HelmChartStatus records the observed state of the HelmChart. properties: artifact: - description: Artifact represents the output of the last successful reconciliation. + description: Artifact represents the output of the last successful + reconciliation. properties: digest: description: Digest is the digest of the file in the form of ':'. pattern: ^[a-z0-9]+(?:[.+_-][a-z0-9]+)*:[a-zA-Z0-9=_-]+$ type: string lastUpdateTime: - description: LastUpdateTime is the timestamp corresponding to the last update of the Artifact. + description: |- + LastUpdateTime is the timestamp corresponding to the last update of the + Artifact. format: date-time type: string metadata: @@ -2228,21 +3016,25 @@ spec: description: Metadata holds upstream information such as OCI annotations. type: object path: - description: Path is the relative file path of the Artifact. It can be used to locate the file in the - root of the Artifact storage on the local file system of the controller managing the Source. + description: |- + Path is the relative file path of the Artifact. It can be used to locate + the file in the root of the Artifact storage on the local file system of + the controller managing the Source. type: string revision: - description: Revision is a human-readable identifier traceable in the origin source system. It can be - a Git commit SHA, Git tag, a Helm chart version, etc. + description: |- + Revision is a human-readable identifier traceable in the origin source + system. It can be a Git commit SHA, Git tag, a Helm chart version, etc. type: string size: description: Size is the number of bytes in the file. format: int64 type: integer url: - description: URL is the HTTP address of the Artifact as exposed by the controller managing the Source. - It can be used to retrieve the Artifact for consumption, e.g. by another controller applying the Artifact - contents. + description: |- + URL is the HTTP address of the Artifact as exposed by the controller + managing the Source. It can be used to retrieve the Artifact for + consumption, e.g. by another controller applying the Artifact contents. type: string required: - lastUpdateTime @@ -2253,35 +3045,43 @@ spec: conditions: description: Conditions holds the conditions for the HelmChart. items: - description: "Condition contains details for one aspect of the current state of this API Resource. --- This - struct is intended for direct use as an array at the field path .status.conditions. For example, \n type - FooStatus struct{ // Represents the observations of a foo's current state. // Known .status.conditions.type - are: \"Available\", \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge // - +listType=map // +listMapKey=type Conditions []metav1.Condition `json:\"conditions,omitempty\" patchStrategy:\"merge\" - patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" + description: "Condition contains details for one aspect of the current + state of this API Resource.\n---\nThis struct is intended for + direct use as an array at the field path .status.conditions. For + example,\n\n\n\ttype FooStatus struct{\n\t // Represents the + observations of a foo's current state.\n\t // Known .status.conditions.type + are: \"Available\", \"Progressing\", and \"Degraded\"\n\t // + +patchMergeKey=type\n\t // +patchStrategy=merge\n\t // +listType=map\n\t + \ // +listMapKey=type\n\t Conditions []metav1.Condition `json:\"conditions,omitempty\" + patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"`\n\n\n\t + \ // other fields\n\t}" properties: lastTransitionTime: - description: lastTransitionTime is the last time the condition transitioned from one status to another. - This should be when the underlying condition changed. If that is not known, then using the time when - the API field changed is acceptable. + description: |- + lastTransitionTime is the last time the condition transitioned from one status to another. + This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. format: date-time type: string message: - description: message is a human readable message indicating details about the transition. This may be - an empty string. + description: |- + message is a human readable message indicating details about the transition. + This may be an empty string. maxLength: 32768 type: string observedGeneration: - description: observedGeneration represents the .metadata.generation that the condition was set based - upon. For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration - is 9, the condition is out of date with respect to the current state of the instance. + description: |- + observedGeneration represents the .metadata.generation that the condition was set based upon. + For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date + with respect to the current state of the instance. format: int64 minimum: 0 type: integer reason: - description: reason contains a programmatic identifier indicating the reason for the condition's last - transition. Producers of specific condition types may define expected values and meanings for this - field, and whether the values are considered a guaranteed API. The value should be a CamelCase string. + description: |- + reason contains a programmatic identifier indicating the reason for the condition's last transition. + Producers of specific condition types may define expected values and meanings for this field, + and whether the values are considered a guaranteed API. + The value should be a CamelCase string. This field may not be empty. maxLength: 1024 minLength: 1 @@ -2295,9 +3095,12 @@ spec: - Unknown type: string type: - description: type of condition in CamelCase or in foo.example.com/CamelCase. --- Many .condition.type - values are consistent across resources like Available, but because arbitrary conditions can be useful - (see .node.status.conditions), the ability to deconflict is important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + description: |- + type of condition in CamelCase or in foo.example.com/CamelCase. + --- + Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be + useful (see .node.status.conditions), the ability to deconflict is important. + The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) maxLength: 316 pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ type: string @@ -2310,27 +3113,45 @@ spec: type: object type: array lastHandledReconcileAt: - description: LastHandledReconcileAt holds the value of the most recent reconcile request value, so a change - of the annotation value can be detected. + description: |- + LastHandledReconcileAt holds the value of the most recent + reconcile request value, so a change of the annotation value + can be detected. type: string observedChartName: - description: ObservedChartName is the last observed chart name as specified by the resolved chart reference. + description: |- + ObservedChartName is the last observed chart name as specified by the + resolved chart reference. type: string observedGeneration: - description: ObservedGeneration is the last observed generation of the HelmChart object. + description: |- + ObservedGeneration is the last observed generation of the HelmChart + object. format: int64 type: integer observedSourceArtifactRevision: - description: ObservedSourceArtifactRevision is the last observed Artifact.Revision of the HelmChartSpec.SourceRef. - type: string + description: |- + ObservedSourceArtifactRevision is the last observed Artifact.Revision + of the HelmChartSpec.SourceRef. + type: string + observedValuesFiles: + description: |- + ObservedValuesFiles are the observed value files of the last successful + reconciliation. + It matches the chart in the last successfully reconciled artifact. + items: + type: string + type: array url: - description: URL is the dynamic fetch link for the latest Artifact. It is provided on a "best effort" basis, - and using the precise BucketStatus.Artifact data is recommended. + description: |- + URL is the dynamic fetch link for the latest Artifact. + It is provided on a "best effort" basis, and using the precise + BucketStatus.Artifact data is recommended. type: string type: object type: object served: true - storage: true + storage: false subresources: status: {} --- @@ -2338,12 +3159,12 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.12.0 + controller-gen.kubebuilder.io/version: v0.15.0 labels: app.kubernetes.io/component: source-controller app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v2.1.1 + app.kubernetes.io/version: v2.3.0 name: helmrepositories.source.toolkit.fluxcd.io spec: group: source.toolkit.fluxcd.io @@ -2360,84 +3181,424 @@ spec: - jsonPath: .spec.url name: URL type: string + - jsonPath: .metadata.creationTimestamp + name: Age + type: date - jsonPath: .status.conditions[?(@.type=="Ready")].status name: Ready type: string - jsonPath: .status.conditions[?(@.type=="Ready")].message name: Status type: string - - jsonPath: .metadata.creationTimestamp - name: Age - type: date - name: v1beta1 + name: v1 schema: openAPIV3Schema: - description: HelmRepository is the Schema for the helmrepositories API + description: HelmRepository is the Schema for the helmrepositories API. properties: apiVersion: - description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert - recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string kind: - description: 'Kind is a string value representing the REST resource this object represents. Servers may infer - this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string metadata: type: object spec: - description: HelmRepositorySpec defines the reference to a Helm repository. + description: |- + HelmRepositorySpec specifies the required configuration to produce an + Artifact for a Helm repository index YAML. properties: accessFrom: - description: AccessFrom defines an Access Control List for allowing cross-namespace references to this object. + description: |- + AccessFrom specifies an Access Control List for allowing cross-namespace + references to this object. + NOTE: Not implemented, provisional as of https://github.com/fluxcd/flux2/pull/2092 properties: namespaceSelectors: - description: NamespaceSelectors is the list of namespace selectors to which this ACL applies. Items in - this list are evaluated using a logical OR operation. + description: |- + NamespaceSelectors is the list of namespace selectors to which this ACL applies. + Items in this list are evaluated using a logical OR operation. items: - description: NamespaceSelector selects the namespaces to which this ACL applies. An empty map of MatchLabels - matches all namespaces in a cluster. + description: |- + NamespaceSelector selects the namespaces to which this ACL applies. + An empty map of MatchLabels matches all namespaces in a cluster. properties: matchLabels: additionalProperties: type: string - description: MatchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels - map is equivalent to an element of matchExpressions, whose key field is "key", the operator is - "In", and the values array contains only "value". The requirements are ANDed. + description: |- + MatchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, whose key field is "key", the + operator is "In", and the values array contains only "value". The requirements are ANDed. type: object type: object type: array required: - namespaceSelectors type: object - interval: - description: The interval at which to check the upstream for updates. - type: string - passCredentials: - description: PassCredentials allows the credentials from the SecretRef to be passed on to a host that does - not match the host as defined in URL. This may be required if the host of the advertised chart URLs in the - index differ from the defined URL. Enabling this should be done with caution, as it can potentially result - in credentials getting stolen in a MITM-attack. - type: boolean - secretRef: - description: The name of the secret containing authentication credentials for the Helm repository. For HTTP/S - basic auth the secret must contain username and password fields. For TLS the secret must contain a certFile - and keyFile, and/or caFile fields. - properties: - name: - description: Name of the referent. - type: string - required: - - name + certSecretRef: + description: |- + CertSecretRef can be given the name of a Secret containing + either or both of + + + - a PEM-encoded client certificate (`tls.crt`) and private + key (`tls.key`); + - a PEM-encoded CA certificate (`ca.crt`) + + + and whichever are supplied, will be used for connecting to the + registry. The client cert and key are useful if you are + authenticating with a certificate; the CA cert is useful if + you are using a self-signed server certificate. The Secret must + be of type `Opaque` or `kubernetes.io/tls`. + + + It takes precedence over the values specified in the Secret referred + to by `.spec.secretRef`. + properties: + name: + description: Name of the referent. + type: string + required: + - name + type: object + insecure: + description: |- + Insecure allows connecting to a non-TLS HTTP container registry. + This field is only taken into account if the .spec.type field is set to 'oci'. + type: boolean + interval: + description: |- + Interval at which the HelmRepository URL is checked for updates. + This interval is approximate and may be subject to jitter to ensure + efficient use of resources. + pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$ + type: string + passCredentials: + description: |- + PassCredentials allows the credentials from the SecretRef to be passed + on to a host that does not match the host as defined in URL. + This may be required if the host of the advertised chart URLs in the + index differ from the defined URL. + Enabling this should be done with caution, as it can potentially result + in credentials getting stolen in a MITM-attack. + type: boolean + provider: + default: generic + description: |- + Provider used for authentication, can be 'aws', 'azure', 'gcp' or 'generic'. + This field is optional, and only taken into account if the .spec.type field is set to 'oci'. + When not specified, defaults to 'generic'. + enum: + - generic + - aws + - azure + - gcp + type: string + secretRef: + description: |- + SecretRef specifies the Secret containing authentication credentials + for the HelmRepository. + For HTTP/S basic auth the secret must contain 'username' and 'password' + fields. + Support for TLS auth using the 'certFile' and 'keyFile', and/or 'caFile' + keys is deprecated. Please use `.spec.certSecretRef` instead. + properties: + name: + description: Name of the referent. + type: string + required: + - name + type: object + suspend: + description: |- + Suspend tells the controller to suspend the reconciliation of this + HelmRepository. + type: boolean + timeout: + description: |- + Timeout is used for the index fetch operation for an HTTPS helm repository, + and for remote OCI Repository operations like pulling for an OCI helm + chart by the associated HelmChart. + Its default value is 60s. + pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m))+$ + type: string + type: + description: |- + Type of the HelmRepository. + When this field is set to "oci", the URL field value must be prefixed with "oci://". + enum: + - default + - oci + type: string + url: + description: |- + URL of the Helm repository, a valid URL contains at least a protocol and + host. + pattern: ^(http|https|oci)://.*$ + type: string + required: + - url + type: object + status: + default: + observedGeneration: -1 + description: HelmRepositoryStatus records the observed state of the HelmRepository. + properties: + artifact: + description: Artifact represents the last successful HelmRepository + reconciliation. + properties: + digest: + description: Digest is the digest of the file in the form of ':'. + pattern: ^[a-z0-9]+(?:[.+_-][a-z0-9]+)*:[a-zA-Z0-9=_-]+$ + type: string + lastUpdateTime: + description: |- + LastUpdateTime is the timestamp corresponding to the last update of the + Artifact. + format: date-time + type: string + metadata: + additionalProperties: + type: string + description: Metadata holds upstream information such as OCI annotations. + type: object + path: + description: |- + Path is the relative file path of the Artifact. It can be used to locate + the file in the root of the Artifact storage on the local file system of + the controller managing the Source. + type: string + revision: + description: |- + Revision is a human-readable identifier traceable in the origin source + system. It can be a Git commit SHA, Git tag, a Helm chart version, etc. + type: string + size: + description: Size is the number of bytes in the file. + format: int64 + type: integer + url: + description: |- + URL is the HTTP address of the Artifact as exposed by the controller + managing the Source. It can be used to retrieve the Artifact for + consumption, e.g. by another controller applying the Artifact contents. + type: string + required: + - lastUpdateTime + - path + - revision + - url + type: object + conditions: + description: Conditions holds the conditions for the HelmRepository. + items: + description: "Condition contains details for one aspect of the current + state of this API Resource.\n---\nThis struct is intended for + direct use as an array at the field path .status.conditions. For + example,\n\n\n\ttype FooStatus struct{\n\t // Represents the + observations of a foo's current state.\n\t // Known .status.conditions.type + are: \"Available\", \"Progressing\", and \"Degraded\"\n\t // + +patchMergeKey=type\n\t // +patchStrategy=merge\n\t // +listType=map\n\t + \ // +listMapKey=type\n\t Conditions []metav1.Condition `json:\"conditions,omitempty\" + patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"`\n\n\n\t + \ // other fields\n\t}" + properties: + lastTransitionTime: + description: |- + lastTransitionTime is the last time the condition transitioned from one status to another. + This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. + format: date-time + type: string + message: + description: |- + message is a human readable message indicating details about the transition. + This may be an empty string. + maxLength: 32768 + type: string + observedGeneration: + description: |- + observedGeneration represents the .metadata.generation that the condition was set based upon. + For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date + with respect to the current state of the instance. + format: int64 + minimum: 0 + type: integer + reason: + description: |- + reason contains a programmatic identifier indicating the reason for the condition's last transition. + Producers of specific condition types may define expected values and meanings for this field, + and whether the values are considered a guaranteed API. + The value should be a CamelCase string. + This field may not be empty. + maxLength: 1024 + minLength: 1 + pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ + type: string + status: + description: status of the condition, one of True, False, Unknown. + enum: + - "True" + - "False" + - Unknown + type: string + type: + description: |- + type of condition in CamelCase or in foo.example.com/CamelCase. + --- + Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be + useful (see .node.status.conditions), the ability to deconflict is important. + The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + maxLength: 316 + pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ + type: string + required: + - lastTransitionTime + - message + - reason + - status + - type + type: object + type: array + lastHandledReconcileAt: + description: |- + LastHandledReconcileAt holds the value of the most recent + reconcile request value, so a change of the annotation value + can be detected. + type: string + observedGeneration: + description: |- + ObservedGeneration is the last observed generation of the HelmRepository + object. + format: int64 + type: integer + url: + description: |- + URL is the dynamic fetch link for the latest Artifact. + It is provided on a "best effort" basis, and using the precise + HelmRepositoryStatus.Artifact data is recommended. + type: string + type: object + type: object + served: true + storage: true + subresources: + status: {} + - additionalPrinterColumns: + - jsonPath: .spec.url + name: URL + type: string + - jsonPath: .status.conditions[?(@.type=="Ready")].status + name: Ready + type: string + - jsonPath: .status.conditions[?(@.type=="Ready")].message + name: Status + type: string + - jsonPath: .metadata.creationTimestamp + name: Age + type: date + deprecated: true + deprecationWarning: v1beta1 HelmRepository is deprecated, upgrade to v1 + name: v1beta1 + schema: + openAPIV3Schema: + description: HelmRepository is the Schema for the helmrepositories API + properties: + apiVersion: + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources + type: string + kind: + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds + type: string + metadata: + type: object + spec: + description: HelmRepositorySpec defines the reference to a Helm repository. + properties: + accessFrom: + description: AccessFrom defines an Access Control List for allowing + cross-namespace references to this object. + properties: + namespaceSelectors: + description: |- + NamespaceSelectors is the list of namespace selectors to which this ACL applies. + Items in this list are evaluated using a logical OR operation. + items: + description: |- + NamespaceSelector selects the namespaces to which this ACL applies. + An empty map of MatchLabels matches all namespaces in a cluster. + properties: + matchLabels: + additionalProperties: + type: string + description: |- + MatchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, whose key field is "key", the + operator is "In", and the values array contains only "value". The requirements are ANDed. + type: object + type: object + type: array + required: + - namespaceSelectors + type: object + interval: + description: The interval at which to check the upstream for updates. + type: string + passCredentials: + description: |- + PassCredentials allows the credentials from the SecretRef to be passed on to + a host that does not match the host as defined in URL. + This may be required if the host of the advertised chart URLs in the index + differ from the defined URL. + Enabling this should be done with caution, as it can potentially result in + credentials getting stolen in a MITM-attack. + type: boolean + secretRef: + description: |- + The name of the secret containing authentication credentials for the Helm + repository. + For HTTP/S basic auth the secret must contain username and + password fields. + For TLS the secret must contain a certFile and keyFile, and/or + caFile fields. + properties: + name: + description: Name of the referent. + type: string + required: + - name type: object suspend: - description: This flag tells the controller to suspend the reconciliation of this source. + description: This flag tells the controller to suspend the reconciliation + of this source. type: boolean timeout: default: 60s description: The timeout of index downloading, defaults to 60s. type: string url: - description: The Helm repository URL, a valid URL contains at least a protocol and host. + description: The Helm repository URL, a valid URL contains at least + a protocol and host. type: string required: - interval @@ -2449,21 +3610,26 @@ spec: description: HelmRepositoryStatus defines the observed state of the HelmRepository. properties: artifact: - description: Artifact represents the output of the last successful repository sync. + description: Artifact represents the output of the last successful + repository sync. properties: checksum: description: Checksum is the SHA256 checksum of the artifact. type: string lastUpdateTime: - description: LastUpdateTime is the timestamp corresponding to the last update of this artifact. + description: |- + LastUpdateTime is the timestamp corresponding to the last update of this + artifact. format: date-time type: string path: description: Path is the relative file path of this artifact. type: string revision: - description: Revision is a human readable identifier traceable in the origin source system. It can be - a Git commit SHA, Git tag, a Helm index timestamp, a Helm chart version, etc. + description: |- + Revision is a human readable identifier traceable in the origin source + system. It can be a Git commit SHA, Git tag, a Helm index timestamp, a Helm + chart version, etc. type: string url: description: URL is the HTTP address of this artifact. @@ -2475,35 +3641,43 @@ spec: conditions: description: Conditions holds the conditions for the HelmRepository. items: - description: "Condition contains details for one aspect of the current state of this API Resource. --- This - struct is intended for direct use as an array at the field path .status.conditions. For example, \n type - FooStatus struct{ // Represents the observations of a foo's current state. // Known .status.conditions.type - are: \"Available\", \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge // - +listType=map // +listMapKey=type Conditions []metav1.Condition `json:\"conditions,omitempty\" patchStrategy:\"merge\" - patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" + description: "Condition contains details for one aspect of the current + state of this API Resource.\n---\nThis struct is intended for + direct use as an array at the field path .status.conditions. For + example,\n\n\n\ttype FooStatus struct{\n\t // Represents the + observations of a foo's current state.\n\t // Known .status.conditions.type + are: \"Available\", \"Progressing\", and \"Degraded\"\n\t // + +patchMergeKey=type\n\t // +patchStrategy=merge\n\t // +listType=map\n\t + \ // +listMapKey=type\n\t Conditions []metav1.Condition `json:\"conditions,omitempty\" + patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"`\n\n\n\t + \ // other fields\n\t}" properties: lastTransitionTime: - description: lastTransitionTime is the last time the condition transitioned from one status to another. - This should be when the underlying condition changed. If that is not known, then using the time when - the API field changed is acceptable. + description: |- + lastTransitionTime is the last time the condition transitioned from one status to another. + This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. format: date-time type: string message: - description: message is a human readable message indicating details about the transition. This may be - an empty string. + description: |- + message is a human readable message indicating details about the transition. + This may be an empty string. maxLength: 32768 type: string observedGeneration: - description: observedGeneration represents the .metadata.generation that the condition was set based - upon. For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration - is 9, the condition is out of date with respect to the current state of the instance. + description: |- + observedGeneration represents the .metadata.generation that the condition was set based upon. + For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date + with respect to the current state of the instance. format: int64 minimum: 0 type: integer reason: - description: reason contains a programmatic identifier indicating the reason for the condition's last - transition. Producers of specific condition types may define expected values and meanings for this - field, and whether the values are considered a guaranteed API. The value should be a CamelCase string. + description: |- + reason contains a programmatic identifier indicating the reason for the condition's last transition. + Producers of specific condition types may define expected values and meanings for this field, + and whether the values are considered a guaranteed API. + The value should be a CamelCase string. This field may not be empty. maxLength: 1024 minLength: 1 @@ -2517,9 +3691,12 @@ spec: - Unknown type: string type: - description: type of condition in CamelCase or in foo.example.com/CamelCase. --- Many .condition.type - values are consistent across resources like Available, but because arbitrary conditions can be useful - (see .node.status.conditions), the ability to deconflict is important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + description: |- + type of condition in CamelCase or in foo.example.com/CamelCase. + --- + Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be + useful (see .node.status.conditions), the ability to deconflict is important. + The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) maxLength: 316 pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ type: string @@ -2532,8 +3709,10 @@ spec: type: object type: array lastHandledReconcileAt: - description: LastHandledReconcileAt holds the value of the most recent reconcile request value, so a change - of the annotation value can be detected. + description: |- + LastHandledReconcileAt holds the value of the most recent + reconcile request value, so a change of the annotation value + can be detected. type: string observedGeneration: description: ObservedGeneration is the last observed generation. @@ -2561,42 +3740,57 @@ spec: - jsonPath: .status.conditions[?(@.type=="Ready")].message name: Status type: string + deprecated: true + deprecationWarning: v1beta2 HelmRepository is deprecated, upgrade to v1 name: v1beta2 schema: openAPIV3Schema: description: HelmRepository is the Schema for the helmrepositories API. properties: apiVersion: - description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert - recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string kind: - description: 'Kind is a string value representing the REST resource this object represents. Servers may infer - this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string metadata: type: object spec: - description: HelmRepositorySpec specifies the required configuration to produce an Artifact for a Helm repository - index YAML. + description: |- + HelmRepositorySpec specifies the required configuration to produce an + Artifact for a Helm repository index YAML. properties: accessFrom: - description: 'AccessFrom specifies an Access Control List for allowing cross-namespace references to this - object. NOTE: Not implemented, provisional as of https://github.com/fluxcd/flux2/pull/2092' + description: |- + AccessFrom specifies an Access Control List for allowing cross-namespace + references to this object. + NOTE: Not implemented, provisional as of https://github.com/fluxcd/flux2/pull/2092 properties: namespaceSelectors: - description: NamespaceSelectors is the list of namespace selectors to which this ACL applies. Items in - this list are evaluated using a logical OR operation. + description: |- + NamespaceSelectors is the list of namespace selectors to which this ACL applies. + Items in this list are evaluated using a logical OR operation. items: - description: NamespaceSelector selects the namespaces to which this ACL applies. An empty map of MatchLabels - matches all namespaces in a cluster. + description: |- + NamespaceSelector selects the namespaces to which this ACL applies. + An empty map of MatchLabels matches all namespaces in a cluster. properties: matchLabels: additionalProperties: type: string - description: MatchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels - map is equivalent to an element of matchExpressions, whose key field is "key", the operator is - "In", and the values array contains only "value". The requirements are ANDed. + description: |- + MatchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, whose key field is "key", the + operator is "In", and the values array contains only "value". The requirements are ANDed. type: object type: object type: array @@ -2604,12 +3798,25 @@ spec: - namespaceSelectors type: object certSecretRef: - description: "CertSecretRef can be given the name of a Secret containing either or both of \n - a PEM-encoded - client certificate (`tls.crt`) and private key (`tls.key`); - a PEM-encoded CA certificate (`ca.crt`) \n - and whichever are supplied, will be used for connecting to the registry. The client cert and key are useful - if you are authenticating with a certificate; the CA cert is useful if you are using a self-signed server - certificate. The Secret must be of type `Opaque` or `kubernetes.io/tls`. \n It takes precedence over the - values specified in the Secret referred to by `.spec.secretRef`." + description: |- + CertSecretRef can be given the name of a Secret containing + either or both of + + + - a PEM-encoded client certificate (`tls.crt`) and private + key (`tls.key`); + - a PEM-encoded CA certificate (`ca.crt`) + + + and whichever are supplied, will be used for connecting to the + registry. The client cert and key are useful if you are + authenticating with a certificate; the CA cert is useful if + you are using a self-signed server certificate. The Secret must + be of type `Opaque` or `kubernetes.io/tls`. + + + It takes precedence over the values specified in the Secret referred + to by `.spec.secretRef`. properties: name: description: Name of the referent. @@ -2617,21 +3824,33 @@ spec: required: - name type: object + insecure: + description: |- + Insecure allows connecting to a non-TLS HTTP container registry. + This field is only taken into account if the .spec.type field is set to 'oci'. + type: boolean interval: - description: Interval at which the HelmRepository URL is checked for updates. This interval is approximate - and may be subject to jitter to ensure efficient use of resources. + description: |- + Interval at which the HelmRepository URL is checked for updates. + This interval is approximate and may be subject to jitter to ensure + efficient use of resources. pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$ type: string passCredentials: - description: PassCredentials allows the credentials from the SecretRef to be passed on to a host that does - not match the host as defined in URL. This may be required if the host of the advertised chart URLs in the - index differ from the defined URL. Enabling this should be done with caution, as it can potentially result + description: |- + PassCredentials allows the credentials from the SecretRef to be passed + on to a host that does not match the host as defined in URL. + This may be required if the host of the advertised chart URLs in the + index differ from the defined URL. + Enabling this should be done with caution, as it can potentially result in credentials getting stolen in a MITM-attack. type: boolean provider: default: generic - description: Provider used for authentication, can be 'aws', 'azure', 'gcp' or 'generic'. This field is optional, - and only taken into account if the .spec.type field is set to 'oci'. When not specified, defaults to 'generic'. + description: |- + Provider used for authentication, can be 'aws', 'azure', 'gcp' or 'generic'. + This field is optional, and only taken into account if the .spec.type field is set to 'oci'. + When not specified, defaults to 'generic'. enum: - generic - aws @@ -2639,9 +3858,13 @@ spec: - gcp type: string secretRef: - description: SecretRef specifies the Secret containing authentication credentials for the HelmRepository. - For HTTP/S basic auth the secret must contain 'username' and 'password' fields. Support for TLS auth using - the 'certFile' and 'keyFile', and/or 'caFile' keys is deprecated. Please use `.spec.certSecretRef` instead. + description: |- + SecretRef specifies the Secret containing authentication credentials + for the HelmRepository. + For HTTP/S basic auth the secret must contain 'username' and 'password' + fields. + Support for TLS auth using the 'certFile' and 'keyFile', and/or 'caFile' + keys is deprecated. Please use `.spec.certSecretRef` instead. properties: name: description: Name of the referent. @@ -2650,26 +3873,33 @@ spec: - name type: object suspend: - description: Suspend tells the controller to suspend the reconciliation of this HelmRepository. + description: |- + Suspend tells the controller to suspend the reconciliation of this + HelmRepository. type: boolean timeout: - default: 60s - description: Timeout is used for the index fetch operation for an HTTPS helm repository, and for remote OCI - Repository operations like pulling for an OCI helm repository. Its default value is 60s. + description: |- + Timeout is used for the index fetch operation for an HTTPS helm repository, + and for remote OCI Repository operations like pulling for an OCI helm + chart by the associated HelmChart. + Its default value is 60s. pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m))+$ type: string type: - description: Type of the HelmRepository. When this field is set to "oci", the URL field value must be prefixed - with "oci://". + description: |- + Type of the HelmRepository. + When this field is set to "oci", the URL field value must be prefixed with "oci://". enum: - default - oci type: string url: - description: URL of the Helm repository, a valid URL contains at least a protocol and host. + description: |- + URL of the Helm repository, a valid URL contains at least a protocol and + host. + pattern: ^(http|https|oci)://.*$ type: string required: - - interval - url type: object status: @@ -2678,14 +3908,17 @@ spec: description: HelmRepositoryStatus records the observed state of the HelmRepository. properties: artifact: - description: Artifact represents the last successful HelmRepository reconciliation. + description: Artifact represents the last successful HelmRepository + reconciliation. properties: digest: description: Digest is the digest of the file in the form of ':'. pattern: ^[a-z0-9]+(?:[.+_-][a-z0-9]+)*:[a-zA-Z0-9=_-]+$ type: string lastUpdateTime: - description: LastUpdateTime is the timestamp corresponding to the last update of the Artifact. + description: |- + LastUpdateTime is the timestamp corresponding to the last update of the + Artifact. format: date-time type: string metadata: @@ -2694,21 +3927,25 @@ spec: description: Metadata holds upstream information such as OCI annotations. type: object path: - description: Path is the relative file path of the Artifact. It can be used to locate the file in the - root of the Artifact storage on the local file system of the controller managing the Source. + description: |- + Path is the relative file path of the Artifact. It can be used to locate + the file in the root of the Artifact storage on the local file system of + the controller managing the Source. type: string revision: - description: Revision is a human-readable identifier traceable in the origin source system. It can be - a Git commit SHA, Git tag, a Helm chart version, etc. + description: |- + Revision is a human-readable identifier traceable in the origin source + system. It can be a Git commit SHA, Git tag, a Helm chart version, etc. type: string size: description: Size is the number of bytes in the file. format: int64 type: integer url: - description: URL is the HTTP address of the Artifact as exposed by the controller managing the Source. - It can be used to retrieve the Artifact for consumption, e.g. by another controller applying the Artifact - contents. + description: |- + URL is the HTTP address of the Artifact as exposed by the controller + managing the Source. It can be used to retrieve the Artifact for + consumption, e.g. by another controller applying the Artifact contents. type: string required: - lastUpdateTime @@ -2719,35 +3956,43 @@ spec: conditions: description: Conditions holds the conditions for the HelmRepository. items: - description: "Condition contains details for one aspect of the current state of this API Resource. --- This - struct is intended for direct use as an array at the field path .status.conditions. For example, \n type - FooStatus struct{ // Represents the observations of a foo's current state. // Known .status.conditions.type - are: \"Available\", \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge // - +listType=map // +listMapKey=type Conditions []metav1.Condition `json:\"conditions,omitempty\" patchStrategy:\"merge\" - patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" + description: "Condition contains details for one aspect of the current + state of this API Resource.\n---\nThis struct is intended for + direct use as an array at the field path .status.conditions. For + example,\n\n\n\ttype FooStatus struct{\n\t // Represents the + observations of a foo's current state.\n\t // Known .status.conditions.type + are: \"Available\", \"Progressing\", and \"Degraded\"\n\t // + +patchMergeKey=type\n\t // +patchStrategy=merge\n\t // +listType=map\n\t + \ // +listMapKey=type\n\t Conditions []metav1.Condition `json:\"conditions,omitempty\" + patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"`\n\n\n\t + \ // other fields\n\t}" properties: lastTransitionTime: - description: lastTransitionTime is the last time the condition transitioned from one status to another. - This should be when the underlying condition changed. If that is not known, then using the time when - the API field changed is acceptable. + description: |- + lastTransitionTime is the last time the condition transitioned from one status to another. + This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. format: date-time type: string message: - description: message is a human readable message indicating details about the transition. This may be - an empty string. + description: |- + message is a human readable message indicating details about the transition. + This may be an empty string. maxLength: 32768 type: string observedGeneration: - description: observedGeneration represents the .metadata.generation that the condition was set based - upon. For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration - is 9, the condition is out of date with respect to the current state of the instance. + description: |- + observedGeneration represents the .metadata.generation that the condition was set based upon. + For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date + with respect to the current state of the instance. format: int64 minimum: 0 type: integer reason: - description: reason contains a programmatic identifier indicating the reason for the condition's last - transition. Producers of specific condition types may define expected values and meanings for this - field, and whether the values are considered a guaranteed API. The value should be a CamelCase string. + description: |- + reason contains a programmatic identifier indicating the reason for the condition's last transition. + Producers of specific condition types may define expected values and meanings for this field, + and whether the values are considered a guaranteed API. + The value should be a CamelCase string. This field may not be empty. maxLength: 1024 minLength: 1 @@ -2761,9 +4006,12 @@ spec: - Unknown type: string type: - description: type of condition in CamelCase or in foo.example.com/CamelCase. --- Many .condition.type - values are consistent across resources like Available, but because arbitrary conditions can be useful - (see .node.status.conditions), the ability to deconflict is important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + description: |- + type of condition in CamelCase or in foo.example.com/CamelCase. + --- + Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be + useful (see .node.status.conditions), the ability to deconflict is important. + The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) maxLength: 316 pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ type: string @@ -2776,21 +4024,27 @@ spec: type: object type: array lastHandledReconcileAt: - description: LastHandledReconcileAt holds the value of the most recent reconcile request value, so a change - of the annotation value can be detected. + description: |- + LastHandledReconcileAt holds the value of the most recent + reconcile request value, so a change of the annotation value + can be detected. type: string observedGeneration: - description: ObservedGeneration is the last observed generation of the HelmRepository object. + description: |- + ObservedGeneration is the last observed generation of the HelmRepository + object. format: int64 type: integer url: - description: URL is the dynamic fetch link for the latest Artifact. It is provided on a "best effort" basis, - and using the precise HelmRepositoryStatus.Artifact data is recommended. + description: |- + URL is the dynamic fetch link for the latest Artifact. + It is provided on a "best effort" basis, and using the precise + HelmRepositoryStatus.Artifact data is recommended. type: string type: object type: object served: true - storage: true + storage: false subresources: status: {} --- @@ -2798,12 +4052,12 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.12.0 + controller-gen.kubebuilder.io/version: v0.15.0 labels: app.kubernetes.io/component: source-controller app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v2.1.1 + app.kubernetes.io/version: v2.3.0 name: ocirepositories.source.toolkit.fluxcd.io spec: group: source.toolkit.fluxcd.io @@ -2835,12 +4089,19 @@ spec: description: OCIRepository is the Schema for the ocirepositories API properties: apiVersion: - description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert - recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string kind: - description: 'Kind is a string value representing the REST resource this object represents. Servers may infer - this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string metadata: type: object @@ -2848,12 +4109,25 @@ spec: description: OCIRepositorySpec defines the desired state of OCIRepository properties: certSecretRef: - description: "CertSecretRef can be given the name of a Secret containing either or both of \n - a PEM-encoded - client certificate (`tls.crt`) and private key (`tls.key`); - a PEM-encoded CA certificate (`ca.crt`) \n - and whichever are supplied, will be used for connecting to the registry. The client cert and key are useful - if you are authenticating with a certificate; the CA cert is useful if you are using a self-signed server - certificate. The Secret must be of type `Opaque` or `kubernetes.io/tls`. \n Note: Support for the `caFile`, - `certFile` and `keyFile` keys have been deprecated." + description: |- + CertSecretRef can be given the name of a Secret containing + either or both of + + + - a PEM-encoded client certificate (`tls.crt`) and private + key (`tls.key`); + - a PEM-encoded CA certificate (`ca.crt`) + + + and whichever are supplied, will be used for connecting to the + registry. The client cert and key are useful if you are + authenticating with a certificate; the CA cert is useful if + you are using a self-signed server certificate. The Secret must + be of type `Opaque` or `kubernetes.io/tls`. + + + Note: Support for the `caFile`, `certFile` and `keyFile` keys have + been deprecated. properties: name: description: Name of the referent. @@ -2862,30 +4136,39 @@ spec: - name type: object ignore: - description: Ignore overrides the set of excluded patterns in the .sourceignore format (which is the same - as .gitignore). If not provided, a default will be used, consult the documentation for your version to find - out what those are. + description: |- + Ignore overrides the set of excluded patterns in the .sourceignore format + (which is the same as .gitignore). If not provided, a default will be used, + consult the documentation for your version to find out what those are. type: string insecure: - description: Insecure allows connecting to a non-TLS HTTP container registry. + description: Insecure allows connecting to a non-TLS HTTP container + registry. type: boolean interval: - description: Interval at which the OCIRepository URL is checked for updates. This interval is approximate - and may be subject to jitter to ensure efficient use of resources. + description: |- + Interval at which the OCIRepository URL is checked for updates. + This interval is approximate and may be subject to jitter to ensure + efficient use of resources. pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$ type: string layerSelector: - description: LayerSelector specifies which layer should be extracted from the OCI artifact. When not specified, - the first layer found in the artifact is selected. + description: |- + LayerSelector specifies which layer should be extracted from the OCI artifact. + When not specified, the first layer found in the artifact is selected. properties: mediaType: - description: MediaType specifies the OCI media type of the layer which should be extracted from the OCI - Artifact. The first layer matching this type is selected. + description: |- + MediaType specifies the OCI media type of the layer + which should be extracted from the OCI Artifact. The + first layer matching this type is selected. type: string operation: - description: Operation specifies how the selected layer should be processed. By default, the layer compressed - content is extracted to storage. When the operation is set to 'copy', the layer compressed content is - persisted to storage as it is. + description: |- + Operation specifies how the selected layer should be processed. + By default, the layer compressed content is extracted to storage. + When the operation is set to 'copy', the layer compressed content + is persisted to storage as it is. enum: - extract - copy @@ -2893,8 +4176,9 @@ spec: type: object provider: default: generic - description: The provider used for authentication, can be 'aws', 'azure', 'gcp' or 'generic'. When not specified, - defaults to 'generic'. + description: |- + The provider used for authentication, can be 'aws', 'azure', 'gcp' or 'generic'. + When not specified, defaults to 'generic'. enum: - generic - aws @@ -2902,23 +4186,33 @@ spec: - gcp type: string ref: - description: The OCI reference to pull and monitor for changes, defaults to the latest tag. + description: |- + The OCI reference to pull and monitor for changes, + defaults to the latest tag. properties: digest: - description: Digest is the image digest to pull, takes precedence over SemVer. The value should be in - the format 'sha256:'. + description: |- + Digest is the image digest to pull, takes precedence over SemVer. + The value should be in the format 'sha256:'. type: string semver: - description: SemVer is the range of tags to pull selecting the latest within the range, takes precedence - over Tag. + description: |- + SemVer is the range of tags to pull selecting the latest within + the range, takes precedence over Tag. + type: string + semverFilter: + description: SemverFilter is a regex pattern to filter the tags + within the SemVer range. type: string tag: description: Tag is the image tag to pull, defaults to latest. type: string type: object secretRef: - description: SecretRef contains the secret name containing the registry login credentials to resolve image - metadata. The secret must be of type kubernetes.io/dockerconfigjson. + description: |- + SecretRef contains the secret name containing the registry login + credentials to resolve image metadata. + The secret must be of type kubernetes.io/dockerconfigjson. properties: name: description: Name of the referent. @@ -2927,33 +4221,73 @@ spec: - name type: object serviceAccountName: - description: 'ServiceAccountName is the name of the Kubernetes ServiceAccount used to authenticate the image - pull if the service account has attached pull secrets. For more information: https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/#add-imagepullsecrets-to-a-service-account' + description: |- + ServiceAccountName is the name of the Kubernetes ServiceAccount used to authenticate + the image pull if the service account has attached pull secrets. For more information: + https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/#add-imagepullsecrets-to-a-service-account type: string suspend: - description: This flag tells the controller to suspend the reconciliation of this source. + description: This flag tells the controller to suspend the reconciliation + of this source. type: boolean timeout: default: 60s - description: The timeout for remote OCI Repository operations like pulling, defaults to 60s. + description: The timeout for remote OCI Repository operations like + pulling, defaults to 60s. pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m))+$ type: string url: - description: URL is a reference to an OCI artifact repository hosted on a remote container registry. + description: |- + URL is a reference to an OCI artifact repository hosted + on a remote container registry. pattern: ^oci://.*$ type: string verify: - description: Verify contains the secret name containing the trusted public keys used to verify the signature - and specifies which provider to use to check whether OCI image is authentic. + description: |- + Verify contains the secret name containing the trusted public keys + used to verify the signature and specifies which provider to use to check + whether OCI image is authentic. properties: + matchOIDCIdentity: + description: |- + MatchOIDCIdentity specifies the identity matching criteria to use + while verifying an OCI artifact which was signed using Cosign keyless + signing. The artifact's identity is deemed to be verified if any of the + specified matchers match against the identity. + items: + description: |- + OIDCIdentityMatch specifies options for verifying the certificate identity, + i.e. the issuer and the subject of the certificate. + properties: + issuer: + description: |- + Issuer specifies the regex pattern to match against to verify + the OIDC issuer in the Fulcio certificate. The pattern must be a + valid Go regular expression. + type: string + subject: + description: |- + Subject specifies the regex pattern to match against to verify + the identity subject in the Fulcio certificate. The pattern must + be a valid Go regular expression. + type: string + required: + - issuer + - subject + type: object + type: array provider: default: cosign - description: Provider specifies the technology used to sign the OCI Artifact. + description: Provider specifies the technology used to sign the + OCI Artifact. enum: - cosign + - notation type: string secretRef: - description: SecretRef specifies the Kubernetes Secret containing the trusted public keys. + description: |- + SecretRef specifies the Kubernetes Secret containing the + trusted public keys. properties: name: description: Name of the referent. @@ -2974,14 +4308,17 @@ spec: description: OCIRepositoryStatus defines the observed state of OCIRepository properties: artifact: - description: Artifact represents the output of the last successful OCI Repository sync. + description: Artifact represents the output of the last successful + OCI Repository sync. properties: digest: description: Digest is the digest of the file in the form of ':'. pattern: ^[a-z0-9]+(?:[.+_-][a-z0-9]+)*:[a-zA-Z0-9=_-]+$ type: string lastUpdateTime: - description: LastUpdateTime is the timestamp corresponding to the last update of the Artifact. + description: |- + LastUpdateTime is the timestamp corresponding to the last update of the + Artifact. format: date-time type: string metadata: @@ -2990,21 +4327,25 @@ spec: description: Metadata holds upstream information such as OCI annotations. type: object path: - description: Path is the relative file path of the Artifact. It can be used to locate the file in the - root of the Artifact storage on the local file system of the controller managing the Source. + description: |- + Path is the relative file path of the Artifact. It can be used to locate + the file in the root of the Artifact storage on the local file system of + the controller managing the Source. type: string revision: - description: Revision is a human-readable identifier traceable in the origin source system. It can be - a Git commit SHA, Git tag, a Helm chart version, etc. + description: |- + Revision is a human-readable identifier traceable in the origin source + system. It can be a Git commit SHA, Git tag, a Helm chart version, etc. type: string size: description: Size is the number of bytes in the file. format: int64 type: integer url: - description: URL is the HTTP address of the Artifact as exposed by the controller managing the Source. - It can be used to retrieve the Artifact for consumption, e.g. by another controller applying the Artifact - contents. + description: |- + URL is the HTTP address of the Artifact as exposed by the controller + managing the Source. It can be used to retrieve the Artifact for + consumption, e.g. by another controller applying the Artifact contents. type: string required: - lastUpdateTime @@ -3015,35 +4356,43 @@ spec: conditions: description: Conditions holds the conditions for the OCIRepository. items: - description: "Condition contains details for one aspect of the current state of this API Resource. --- This - struct is intended for direct use as an array at the field path .status.conditions. For example, \n type - FooStatus struct{ // Represents the observations of a foo's current state. // Known .status.conditions.type - are: \"Available\", \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge // - +listType=map // +listMapKey=type Conditions []metav1.Condition `json:\"conditions,omitempty\" patchStrategy:\"merge\" - patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" + description: "Condition contains details for one aspect of the current + state of this API Resource.\n---\nThis struct is intended for + direct use as an array at the field path .status.conditions. For + example,\n\n\n\ttype FooStatus struct{\n\t // Represents the + observations of a foo's current state.\n\t // Known .status.conditions.type + are: \"Available\", \"Progressing\", and \"Degraded\"\n\t // + +patchMergeKey=type\n\t // +patchStrategy=merge\n\t // +listType=map\n\t + \ // +listMapKey=type\n\t Conditions []metav1.Condition `json:\"conditions,omitempty\" + patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"`\n\n\n\t + \ // other fields\n\t}" properties: lastTransitionTime: - description: lastTransitionTime is the last time the condition transitioned from one status to another. - This should be when the underlying condition changed. If that is not known, then using the time when - the API field changed is acceptable. + description: |- + lastTransitionTime is the last time the condition transitioned from one status to another. + This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. format: date-time type: string message: - description: message is a human readable message indicating details about the transition. This may be - an empty string. + description: |- + message is a human readable message indicating details about the transition. + This may be an empty string. maxLength: 32768 type: string observedGeneration: - description: observedGeneration represents the .metadata.generation that the condition was set based - upon. For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration - is 9, the condition is out of date with respect to the current state of the instance. + description: |- + observedGeneration represents the .metadata.generation that the condition was set based upon. + For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date + with respect to the current state of the instance. format: int64 minimum: 0 type: integer reason: - description: reason contains a programmatic identifier indicating the reason for the condition's last - transition. Producers of specific condition types may define expected values and meanings for this - field, and whether the values are considered a guaranteed API. The value should be a CamelCase string. + description: |- + reason contains a programmatic identifier indicating the reason for the condition's last transition. + Producers of specific condition types may define expected values and meanings for this field, + and whether the values are considered a guaranteed API. + The value should be a CamelCase string. This field may not be empty. maxLength: 1024 minLength: 1 @@ -3057,9 +4406,12 @@ spec: - Unknown type: string type: - description: type of condition in CamelCase or in foo.example.com/CamelCase. --- Many .condition.type - values are consistent across resources like Available, but because arbitrary conditions can be useful - (see .node.status.conditions), the ability to deconflict is important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + description: |- + type of condition in CamelCase or in foo.example.com/CamelCase. + --- + Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be + useful (see .node.status.conditions), the ability to deconflict is important. + The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) maxLength: 316 pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ type: string @@ -3072,41 +4424,60 @@ spec: type: object type: array contentConfigChecksum: - description: "ContentConfigChecksum is a checksum of all the configurations related to the content of the - source artifact: - .spec.ignore - .spec.layerSelector observed in .status.observedGeneration version of - the object. This can be used to determine if the content configuration has changed and the artifact needs - to be rebuilt. It has the format of `:`, for example: `sha256:`. \n Deprecated: - Replaced with explicit fields for observed artifact content config in the status." + description: |- + ContentConfigChecksum is a checksum of all the configurations related to + the content of the source artifact: + - .spec.ignore + - .spec.layerSelector + observed in .status.observedGeneration version of the object. This can + be used to determine if the content configuration has changed and the + artifact needs to be rebuilt. + It has the format of `:`, for example: `sha256:`. + + + Deprecated: Replaced with explicit fields for observed artifact content + config in the status. type: string lastHandledReconcileAt: - description: LastHandledReconcileAt holds the value of the most recent reconcile request value, so a change - of the annotation value can be detected. + description: |- + LastHandledReconcileAt holds the value of the most recent + reconcile request value, so a change of the annotation value + can be detected. type: string observedGeneration: description: ObservedGeneration is the last observed generation. format: int64 type: integer observedIgnore: - description: ObservedIgnore is the observed exclusion patterns used for constructing the source artifact. + description: |- + ObservedIgnore is the observed exclusion patterns used for constructing + the source artifact. type: string observedLayerSelector: - description: ObservedLayerSelector is the observed layer selector used for constructing the source artifact. + description: |- + ObservedLayerSelector is the observed layer selector used for constructing + the source artifact. properties: mediaType: - description: MediaType specifies the OCI media type of the layer which should be extracted from the OCI - Artifact. The first layer matching this type is selected. + description: |- + MediaType specifies the OCI media type of the layer + which should be extracted from the OCI Artifact. The + first layer matching this type is selected. type: string operation: - description: Operation specifies how the selected layer should be processed. By default, the layer compressed - content is extracted to storage. When the operation is set to 'copy', the layer compressed content is - persisted to storage as it is. + description: |- + Operation specifies how the selected layer should be processed. + By default, the layer compressed content is extracted to storage. + When the operation is set to 'copy', the layer compressed content + is persisted to storage as it is. enum: - extract - copy type: string type: object url: - description: URL is the download link for the artifact output of the last OCI Repository sync. + description: URL is the download link for the artifact output of the + last OCI Repository sync. type: string type: object type: object @@ -3122,7 +4493,7 @@ metadata: app.kubernetes.io/component: source-controller app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v2.1.1 + app.kubernetes.io/version: v2.3.0 name: source-controller namespace: flux-system --- @@ -3133,7 +4504,7 @@ metadata: app.kubernetes.io/component: source-controller app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v2.1.1 + app.kubernetes.io/version: v2.3.0 control-plane: controller name: source-controller namespace: flux-system @@ -3154,7 +4525,7 @@ metadata: app.kubernetes.io/component: source-controller app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v2.1.1 + app.kubernetes.io/version: v2.3.0 control-plane: controller name: source-controller namespace: flux-system @@ -3189,7 +4560,17 @@ spec: fieldPath: metadata.namespace - name: TUF_ROOT value: /tmp/.sigstore - image: ghcr.io/fluxcd/source-controller:v1.1.1 + - name: GOMAXPROCS + valueFrom: + resourceFieldRef: + containerName: manager + resource: limits.cpu + - name: GOMEMLIMIT + valueFrom: + resourceFieldRef: + containerName: manager + resource: limits.memory + image: ghcr.io/fluxcd/source-controller:v1.3.0 imagePullPolicy: IfNotPresent livenessProbe: httpGet: @@ -3248,12 +4629,12 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.12.0 + controller-gen.kubebuilder.io/version: v0.15.0 labels: app.kubernetes.io/component: kustomize-controller app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v2.1.1 + app.kubernetes.io/version: v2.3.0 name: kustomizations.kustomize.toolkit.fluxcd.io spec: group: kustomize.toolkit.fluxcd.io @@ -3282,21 +4663,32 @@ spec: description: Kustomization is the Schema for the kustomizations API. properties: apiVersion: - description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert - recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string kind: - description: 'Kind is a string value representing the REST resource this object represents. Servers may infer - this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string metadata: type: object spec: - description: KustomizationSpec defines the configuration to calculate the desired state from a Source using Kustomize. + description: |- + KustomizationSpec defines the configuration to calculate the desired state + from a Source using Kustomize. properties: commonMetadata: - description: CommonMetadata specifies the common labels and annotations that are applied to all resources. - Any existing label or annotation will be overridden if its key matches a common one. + description: |- + CommonMetadata specifies the common labels and annotations that are + applied to all resources. Any existing label or annotation will be + overridden if its key matches a common one. properties: annotations: additionalProperties: @@ -3310,12 +4702,14 @@ spec: type: object type: object components: - description: Components specifies relative paths to specifications of other Components. + description: Components specifies relative paths to specifications + of other Components. items: type: string type: array decryption: - description: Decrypt Kubernetes secrets before applying them on the cluster. + description: Decrypt Kubernetes secrets before applying them on the + cluster. properties: provider: description: Provider is the name of the decryption engine. @@ -3323,7 +4717,8 @@ spec: - sops type: string secretRef: - description: The secret name containing the private OpenPGP keys used for decryption. + description: The secret name containing the private OpenPGP keys + used for decryption. properties: name: description: Name of the referent. @@ -3335,17 +4730,21 @@ spec: - provider type: object dependsOn: - description: DependsOn may contain a meta.NamespacedObjectReference slice with references to Kustomization - resources that must be ready before this Kustomization can be reconciled. + description: |- + DependsOn may contain a meta.NamespacedObjectReference slice + with references to Kustomization resources that must be ready before this + Kustomization can be reconciled. items: - description: NamespacedObjectReference contains enough information to locate the referenced Kubernetes resource - object in any namespace. + description: |- + NamespacedObjectReference contains enough information to locate the referenced Kubernetes resource object in any + namespace. properties: name: description: Name of the referent. type: string namespace: - description: Namespace of the referent, when not specified it acts as LocalObjectReference. + description: Namespace of the referent, when not specified it + acts as LocalObjectReference. type: string required: - name @@ -3353,18 +4752,20 @@ spec: type: array force: default: false - description: Force instructs the controller to recreate resources when patching fails due to an immutable - field change. + description: |- + Force instructs the controller to recreate resources + when patching fails due to an immutable field change. type: boolean healthChecks: description: A list of resources to be included in the health assessment. items: - description: NamespacedObjectKindReference contains enough information to locate the typed referenced Kubernetes - resource object in any namespace. + description: |- + NamespacedObjectKindReference contains enough information to locate the typed referenced Kubernetes resource object + in any namespace. properties: apiVersion: - description: API version of the referent, if not specified the Kubernetes preferred version will be - used. + description: API version of the referent, if not specified the + Kubernetes preferred version will be used. type: string kind: description: Kind of the referent. @@ -3373,7 +4774,8 @@ spec: description: Name of the referent. type: string namespace: - description: Namespace of the referent, when not specified it acts as LocalObjectReference. + description: Namespace of the referent, when not specified it + acts as LocalObjectReference. type: string required: - kind @@ -3381,49 +4783,65 @@ spec: type: object type: array images: - description: Images is a list of (image name, new name, new tag or digest) for changing image names, tags - or digests. This can also be achieved with a patch, but this operator is simpler to specify. + description: |- + Images is a list of (image name, new name, new tag or digest) + for changing image names, tags or digests. This can also be achieved with a + patch, but this operator is simpler to specify. items: - description: Image contains an image name, a new name, a new tag or digest, which will replace the original - name and tag. + description: Image contains an image name, a new name, a new tag + or digest, which will replace the original name and tag. properties: digest: - description: Digest is the value used to replace the original image tag. If digest is present NewTag - value is ignored. + description: |- + Digest is the value used to replace the original image tag. + If digest is present NewTag value is ignored. type: string name: description: Name is a tag-less image name. type: string newName: - description: NewName is the value used to replace the original name. + description: NewName is the value used to replace the original + name. type: string newTag: - description: NewTag is the value used to replace the original tag. + description: NewTag is the value used to replace the original + tag. type: string required: - name type: object type: array interval: - description: The interval at which to reconcile the Kustomization. This interval is approximate and may be - subject to jitter to ensure efficient use of resources. + description: |- + The interval at which to reconcile the Kustomization. + This interval is approximate and may be subject to jitter to ensure + efficient use of resources. pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$ type: string kubeConfig: - description: The KubeConfig for reconciling the Kustomization on a remote cluster. When used in combination - with KustomizationSpec.ServiceAccountName, forces the controller to act on behalf of that Service Account - at the target cluster. If the --default-service-account flag is set, its value will be used as a controller - level fallback for when KustomizationSpec.ServiceAccountName is empty. + description: |- + The KubeConfig for reconciling the Kustomization on a remote cluster. + When used in combination with KustomizationSpec.ServiceAccountName, + forces the controller to act on behalf of that Service Account at the + target cluster. + If the --default-service-account flag is set, its value will be used as + a controller level fallback for when KustomizationSpec.ServiceAccountName + is empty. properties: secretRef: - description: SecretRef holds the name of a secret that contains a key with the kubeconfig file as the - value. If no key is set, the key will default to 'value'. It is recommended that the kubeconfig is self-contained, - and the secret is regularly updated if credentials such as a cloud-access-token expire. Cloud specific - `cmd-path` auth helpers will not function without adding binaries and credentials to the Pod that is - responsible for reconciling Kubernetes resources. + description: |- + SecretRef holds the name of a secret that contains a key with + the kubeconfig file as the value. If no key is set, the key will default + to 'value'. + It is recommended that the kubeconfig is self-contained, and the secret + is regularly updated if credentials such as a cloud-access-token expire. + Cloud specific `cmd-path` auth helpers will not function without adding + binaries and credentials to the Pod that is responsible for reconciling + Kubernetes resources. properties: key: - description: Key in the Secret, when not specified an implementation-specific default key is used. + description: Key in the Secret, when not specified an implementation-specific + default key is used. type: string name: description: Name of the Secret. @@ -3434,34 +4852,57 @@ spec: required: - secretRef type: object + namePrefix: + description: NamePrefix will prefix the names of all managed resources. + maxLength: 200 + minLength: 1 + type: string + nameSuffix: + description: NameSuffix will suffix the names of all managed resources. + maxLength: 200 + minLength: 1 + type: string patches: - description: Strategic merge and JSON patches, defined as inline YAML objects, capable of targeting objects - based on kind, label and annotation selectors. + description: |- + Strategic merge and JSON patches, defined as inline YAML objects, + capable of targeting objects based on kind, label and annotation selectors. items: - description: Patch contains an inline StrategicMerge or JSON6902 patch, and the target the patch should + description: |- + Patch contains an inline StrategicMerge or JSON6902 patch, and the target the patch should be applied to. properties: patch: - description: Patch contains an inline StrategicMerge patch or an inline JSON6902 patch with an array - of operation objects. + description: |- + Patch contains an inline StrategicMerge patch or an inline JSON6902 patch with + an array of operation objects. type: string target: - description: Target points to the resources that the patch document should be applied to. + description: Target points to the resources that the patch document + should be applied to. properties: annotationSelector: - description: AnnotationSelector is a string that follows the label selection expression https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#api + description: |- + AnnotationSelector is a string that follows the label selection expression + https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#api It matches with the resource annotations. type: string group: - description: Group is the API group to select resources from. Together with Version and Kind it - is capable of unambiguously identifying and/or selecting resources. https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md + description: |- + Group is the API group to select resources from. + Together with Version and Kind it is capable of unambiguously identifying and/or selecting resources. + https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md type: string kind: - description: Kind of the API Group to select resources from. Together with Group and Version it - is capable of unambiguously identifying and/or selecting resources. https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md + description: |- + Kind of the API Group to select resources from. + Together with Group and Version it is capable of unambiguously + identifying and/or selecting resources. + https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md type: string labelSelector: - description: LabelSelector is a string that follows the label selection expression https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#api + description: |- + LabelSelector is a string that follows the label selection expression + https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#api It matches with the resource labels. type: string name: @@ -3471,8 +4912,10 @@ spec: description: Namespace to select resources from. type: string version: - description: Version of the API Group to select resources from. Together with Group and Kind it - is capable of unambiguously identifying and/or selecting resources. https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md + description: |- + Version of the API Group to select resources from. + Together with Group and Kind it is capable of unambiguously identifying and/or selecting resources. + https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md type: string type: object required: @@ -3480,44 +4923,58 @@ spec: type: object type: array path: - description: Path to the directory containing the kustomization.yaml file, or the set of plain YAMLs a kustomization.yaml - should be generated for. Defaults to 'None', which translates to the root path of the SourceRef. + description: |- + Path to the directory containing the kustomization.yaml file, or the + set of plain YAMLs a kustomization.yaml should be generated for. + Defaults to 'None', which translates to the root path of the SourceRef. type: string postBuild: - description: PostBuild describes which actions to perform on the YAML manifest generated by building the kustomize - overlay. + description: |- + PostBuild describes which actions to perform on the YAML manifest + generated by building the kustomize overlay. properties: substitute: additionalProperties: type: string - description: Substitute holds a map of key/value pairs. The variables defined in your YAML manifests that - match any of the keys defined in the map will be substituted with the set value. Includes support for - bash string replacement functions e.g. ${var:=default}, ${var:position} and ${var/substring/replacement}. + description: |- + Substitute holds a map of key/value pairs. + The variables defined in your YAML manifests that match any of the keys + defined in the map will be substituted with the set value. + Includes support for bash string replacement functions + e.g. ${var:=default}, ${var:position} and ${var/substring/replacement}. type: object substituteFrom: - description: SubstituteFrom holds references to ConfigMaps and Secrets containing the variables and their - values to be substituted in the YAML manifests. The ConfigMap and the Secret data keys represent the - var names, and they must match the vars declared in the manifests for the substitution to happen. + description: |- + SubstituteFrom holds references to ConfigMaps and Secrets containing + the variables and their values to be substituted in the YAML manifests. + The ConfigMap and the Secret data keys represent the var names, and they + must match the vars declared in the manifests for the substitution to + happen. items: - description: SubstituteReference contains a reference to a resource containing the variables name and - value. + description: |- + SubstituteReference contains a reference to a resource containing + the variables name and value. properties: kind: - description: Kind of the values referent, valid values are ('Secret', 'ConfigMap'). + description: Kind of the values referent, valid values are + ('Secret', 'ConfigMap'). enum: - Secret - ConfigMap type: string name: - description: Name of the values referent. Should reside in the same namespace as the referring resource. + description: |- + Name of the values referent. Should reside in the same namespace as the + referring resource. maxLength: 253 minLength: 1 type: string optional: default: false - description: Optional indicates whether the referenced resource must exist, or whether to tolerate - its absence. If true and the referenced resource is absent, proceed as if the resource was present - but empty, without any variables defined. + description: |- + Optional indicates whether the referenced resource must exist, or whether to + tolerate its absence. If true and the referenced resource is absent, proceed + as if the resource was present but empty, without any variables defined. type: boolean required: - kind @@ -3529,15 +4986,20 @@ spec: description: Prune enables garbage collection. type: boolean retryInterval: - description: The interval at which to retry a previously failed reconciliation. When not specified, the controller - uses the KustomizationSpec.Interval value to retry failures. + description: |- + The interval at which to retry a previously failed reconciliation. + When not specified, the controller uses the KustomizationSpec.Interval + value to retry failures. pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$ type: string serviceAccountName: - description: The name of the Kubernetes service account to impersonate when reconciling this Kustomization. + description: |- + The name of the Kubernetes service account to impersonate + when reconciling this Kustomization. type: string sourceRef: - description: Reference of the source where the kustomization file is. + description: Reference of the source where the kustomization file + is. properties: apiVersion: description: API version of the referent. @@ -3553,29 +5015,36 @@ spec: description: Name of the referent. type: string namespace: - description: Namespace of the referent, defaults to the namespace of the Kubernetes resource object that - contains the reference. + description: |- + Namespace of the referent, defaults to the namespace of the Kubernetes + resource object that contains the reference. type: string required: - kind - name type: object suspend: - description: This flag tells the controller to suspend subsequent kustomize executions, it does not apply - to already started executions. Defaults to false. + description: |- + This flag tells the controller to suspend subsequent kustomize executions, + it does not apply to already started executions. Defaults to false. type: boolean targetNamespace: - description: TargetNamespace sets or overrides the namespace in the kustomization.yaml file. + description: |- + TargetNamespace sets or overrides the namespace in the + kustomization.yaml file. maxLength: 63 minLength: 1 type: string timeout: - description: Timeout for validation, apply and health checking operations. Defaults to 'Interval' duration. + description: |- + Timeout for validation, apply and health checking operations. + Defaults to 'Interval' duration. pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$ type: string wait: - description: Wait instructs the controller to check the health of all the reconciled resources. When enabled, - the HealthChecks are ignored. Defaults to false. + description: |- + Wait instructs the controller to check the health of all the reconciled + resources. When enabled, the HealthChecks are ignored. Defaults to false. type: boolean required: - interval @@ -3589,35 +5058,43 @@ spec: properties: conditions: items: - description: "Condition contains details for one aspect of the current state of this API Resource. --- This - struct is intended for direct use as an array at the field path .status.conditions. For example, \n type - FooStatus struct{ // Represents the observations of a foo's current state. // Known .status.conditions.type - are: \"Available\", \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge // - +listType=map // +listMapKey=type Conditions []metav1.Condition `json:\"conditions,omitempty\" patchStrategy:\"merge\" - patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" + description: "Condition contains details for one aspect of the current + state of this API Resource.\n---\nThis struct is intended for + direct use as an array at the field path .status.conditions. For + example,\n\n\n\ttype FooStatus struct{\n\t // Represents the + observations of a foo's current state.\n\t // Known .status.conditions.type + are: \"Available\", \"Progressing\", and \"Degraded\"\n\t // + +patchMergeKey=type\n\t // +patchStrategy=merge\n\t // +listType=map\n\t + \ // +listMapKey=type\n\t Conditions []metav1.Condition `json:\"conditions,omitempty\" + patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"`\n\n\n\t + \ // other fields\n\t}" properties: lastTransitionTime: - description: lastTransitionTime is the last time the condition transitioned from one status to another. - This should be when the underlying condition changed. If that is not known, then using the time when - the API field changed is acceptable. + description: |- + lastTransitionTime is the last time the condition transitioned from one status to another. + This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. format: date-time type: string message: - description: message is a human readable message indicating details about the transition. This may be - an empty string. + description: |- + message is a human readable message indicating details about the transition. + This may be an empty string. maxLength: 32768 type: string observedGeneration: - description: observedGeneration represents the .metadata.generation that the condition was set based - upon. For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration - is 9, the condition is out of date with respect to the current state of the instance. + description: |- + observedGeneration represents the .metadata.generation that the condition was set based upon. + For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date + with respect to the current state of the instance. format: int64 minimum: 0 type: integer reason: - description: reason contains a programmatic identifier indicating the reason for the condition's last - transition. Producers of specific condition types may define expected values and meanings for this - field, and whether the values are considered a guaranteed API. The value should be a CamelCase string. + description: |- + reason contains a programmatic identifier indicating the reason for the condition's last transition. + Producers of specific condition types may define expected values and meanings for this field, + and whether the values are considered a guaranteed API. + The value should be a CamelCase string. This field may not be empty. maxLength: 1024 minLength: 1 @@ -3631,9 +5108,12 @@ spec: - Unknown type: string type: - description: type of condition in CamelCase or in foo.example.com/CamelCase. --- Many .condition.type - values are consistent across resources like Available, but because arbitrary conditions can be useful - (see .node.status.conditions), the ability to deconflict is important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + description: |- + type of condition in CamelCase or in foo.example.com/CamelCase. + --- + Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be + useful (see .node.status.conditions), the ability to deconflict is important. + The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) maxLength: 316 pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ type: string @@ -3646,20 +5126,24 @@ spec: type: object type: array inventory: - description: Inventory contains the list of Kubernetes resource object references that have been successfully - applied. + description: |- + Inventory contains the list of Kubernetes resource object references that + have been successfully applied. properties: entries: description: Entries of Kubernetes resource object references. items: - description: ResourceRef contains the information necessary to locate a resource within a cluster. + description: ResourceRef contains the information necessary + to locate a resource within a cluster. properties: id: - description: ID is the string representation of the Kubernetes resource object's metadata, in the - format '___'. + description: |- + ID is the string representation of the Kubernetes resource object's metadata, + in the format '___'. type: string v: - description: Version is the API version of the Kubernetes resource object's kind. + description: Version is the API version of the Kubernetes + resource object's kind. type: string required: - id @@ -3670,15 +5154,19 @@ spec: - entries type: object lastAppliedRevision: - description: The last successfully applied revision. Equals the Revision of the applied Artifact from the - referenced Source. + description: |- + The last successfully applied revision. + Equals the Revision of the applied Artifact from the referenced Source. type: string lastAttemptedRevision: - description: LastAttemptedRevision is the revision of the last reconciliation attempt. + description: LastAttemptedRevision is the revision of the last reconciliation + attempt. type: string lastHandledReconcileAt: - description: LastHandledReconcileAt holds the value of the most recent reconcile request value, so a change - of the annotation value can be detected. + description: |- + LastHandledReconcileAt holds the value of the most recent + reconcile request value, so a change of the annotation value + can be detected. type: string observedGeneration: description: ObservedGeneration is the last reconciled generation. @@ -3708,12 +5196,19 @@ spec: description: Kustomization is the Schema for the kustomizations API. properties: apiVersion: - description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert - recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string kind: - description: 'Kind is a string value representing the REST resource this object represents. Servers may infer - this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string metadata: type: object @@ -3721,7 +5216,8 @@ spec: description: KustomizationSpec defines the desired state of a kustomization. properties: decryption: - description: Decrypt Kubernetes secrets before applying them on the cluster. + description: Decrypt Kubernetes secrets before applying them on the + cluster. properties: provider: description: Provider is the name of the decryption engine. @@ -3729,7 +5225,8 @@ spec: - sops type: string secretRef: - description: The secret name containing the private OpenPGP keys used for decryption. + description: The secret name containing the private OpenPGP keys + used for decryption. properties: name: description: Name of the referent. @@ -3741,17 +5238,21 @@ spec: - provider type: object dependsOn: - description: DependsOn may contain a meta.NamespacedObjectReference slice with references to Kustomization - resources that must be ready before this Kustomization can be reconciled. + description: |- + DependsOn may contain a meta.NamespacedObjectReference slice + with references to Kustomization resources that must be ready before this + Kustomization can be reconciled. items: - description: NamespacedObjectReference contains enough information to locate the referenced Kubernetes resource - object in any namespace. + description: |- + NamespacedObjectReference contains enough information to locate the referenced Kubernetes resource object in any + namespace. properties: name: description: Name of the referent. type: string namespace: - description: Namespace of the referent, when not specified it acts as LocalObjectReference. + description: Namespace of the referent, when not specified it + acts as LocalObjectReference. type: string required: - name @@ -3759,18 +5260,20 @@ spec: type: array force: default: false - description: Force instructs the controller to recreate resources when patching fails due to an immutable - field change. + description: |- + Force instructs the controller to recreate resources + when patching fails due to an immutable field change. type: boolean healthChecks: description: A list of resources to be included in the health assessment. items: - description: NamespacedObjectKindReference contains enough information to locate the typed referenced Kubernetes - resource object in any namespace. + description: |- + NamespacedObjectKindReference contains enough information to locate the typed referenced Kubernetes resource object + in any namespace. properties: apiVersion: - description: API version of the referent, if not specified the Kubernetes preferred version will be - used. + description: API version of the referent, if not specified the + Kubernetes preferred version will be used. type: string kind: description: Kind of the referent. @@ -3779,7 +5282,8 @@ spec: description: Name of the referent. type: string namespace: - description: Namespace of the referent, when not specified it acts as LocalObjectReference. + description: Namespace of the referent, when not specified it + acts as LocalObjectReference. type: string required: - kind @@ -3787,24 +5291,29 @@ spec: type: object type: array images: - description: Images is a list of (image name, new name, new tag or digest) for changing image names, tags - or digests. This can also be achieved with a patch, but this operator is simpler to specify. + description: |- + Images is a list of (image name, new name, new tag or digest) + for changing image names, tags or digests. This can also be achieved with a + patch, but this operator is simpler to specify. items: - description: Image contains an image name, a new name, a new tag or digest, which will replace the original - name and tag. + description: Image contains an image name, a new name, a new tag + or digest, which will replace the original name and tag. properties: digest: - description: Digest is the value used to replace the original image tag. If digest is present NewTag - value is ignored. + description: |- + Digest is the value used to replace the original image tag. + If digest is present NewTag value is ignored. type: string name: description: Name is a tag-less image name. type: string newName: - description: NewName is the value used to replace the original name. + description: NewName is the value used to replace the original + name. type: string newTag: - description: NewTag is the value used to replace the original tag. + description: NewTag is the value used to replace the original + tag. type: string required: - name @@ -3814,15 +5323,20 @@ spec: description: The interval at which to reconcile the Kustomization. type: string kubeConfig: - description: The KubeConfig for reconciling the Kustomization on a remote cluster. When specified, KubeConfig - takes precedence over ServiceAccountName. + description: |- + The KubeConfig for reconciling the Kustomization on a remote cluster. + When specified, KubeConfig takes precedence over ServiceAccountName. properties: secretRef: - description: SecretRef holds the name to a secret that contains a 'value' key with the kubeconfig file - as the value. It must be in the same namespace as the Kustomization. It is recommended that the kubeconfig - is self-contained, and the secret is regularly updated if credentials such as a cloud-access-token expire. - Cloud specific `cmd-path` auth helpers will not function without adding binaries and credentials to - the Pod that is responsible for reconciling the Kustomization. + description: |- + SecretRef holds the name to a secret that contains a 'value' key with + the kubeconfig file as the value. It must be in the same namespace as + the Kustomization. + It is recommended that the kubeconfig is self-contained, and the secret + is regularly updated if credentials such as a cloud-access-token expire. + Cloud specific `cmd-path` auth helpers will not function without adding + binaries and credentials to the Pod that is responsible for reconciling + the Kustomization. properties: name: description: Name of the referent. @@ -3832,33 +5346,46 @@ spec: type: object type: object patches: - description: Strategic merge and JSON patches, defined as inline YAML objects, capable of targeting objects - based on kind, label and annotation selectors. + description: |- + Strategic merge and JSON patches, defined as inline YAML objects, + capable of targeting objects based on kind, label and annotation selectors. items: - description: Patch contains an inline StrategicMerge or JSON6902 patch, and the target the patch should + description: |- + Patch contains an inline StrategicMerge or JSON6902 patch, and the target the patch should be applied to. properties: patch: - description: Patch contains an inline StrategicMerge patch or an inline JSON6902 patch with an array - of operation objects. + description: |- + Patch contains an inline StrategicMerge patch or an inline JSON6902 patch with + an array of operation objects. type: string target: - description: Target points to the resources that the patch document should be applied to. + description: Target points to the resources that the patch document + should be applied to. properties: annotationSelector: - description: AnnotationSelector is a string that follows the label selection expression https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#api + description: |- + AnnotationSelector is a string that follows the label selection expression + https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#api It matches with the resource annotations. type: string group: - description: Group is the API group to select resources from. Together with Version and Kind it - is capable of unambiguously identifying and/or selecting resources. https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md + description: |- + Group is the API group to select resources from. + Together with Version and Kind it is capable of unambiguously identifying and/or selecting resources. + https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md type: string kind: - description: Kind of the API Group to select resources from. Together with Group and Version it - is capable of unambiguously identifying and/or selecting resources. https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md + description: |- + Kind of the API Group to select resources from. + Together with Group and Version it is capable of unambiguously + identifying and/or selecting resources. + https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md type: string labelSelector: - description: LabelSelector is a string that follows the label selection expression https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#api + description: |- + LabelSelector is a string that follows the label selection expression + https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#api It matches with the resource labels. type: string name: @@ -3868,8 +5395,10 @@ spec: description: Namespace to select resources from. type: string version: - description: Version of the API Group to select resources from. Together with Group and Kind it - is capable of unambiguously identifying and/or selecting resources. https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md + description: |- + Version of the API Group to select resources from. + Together with Group and Kind it is capable of unambiguously identifying and/or selecting resources. + https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md type: string type: object required: @@ -3879,21 +5408,27 @@ spec: patchesJson6902: description: JSON 6902 patches, defined as inline YAML objects. items: - description: JSON6902Patch contains a JSON6902 patch and the target the patch should be applied to. + description: JSON6902Patch contains a JSON6902 patch and the target + the patch should be applied to. properties: patch: - description: Patch contains the JSON6902 patch document with an array of operation objects. + description: Patch contains the JSON6902 patch document with + an array of operation objects. items: - description: JSON6902 is a JSON6902 operation object. https://datatracker.ietf.org/doc/html/rfc6902#section-4 + description: |- + JSON6902 is a JSON6902 operation object. + https://datatracker.ietf.org/doc/html/rfc6902#section-4 properties: from: - description: From contains a JSON-pointer value that references a location within the target document - where the operation is performed. The meaning of the value depends on the value of Op, and is - NOT taken into account by all operations. + description: |- + From contains a JSON-pointer value that references a location within the target document where the operation is + performed. The meaning of the value depends on the value of Op, and is NOT taken into account by all operations. type: string op: - description: Op indicates the operation to perform. Its value MUST be one of "add", "remove", - "replace", "move", "copy", or "test". https://datatracker.ietf.org/doc/html/rfc6902#section-4 + description: |- + Op indicates the operation to perform. Its value MUST be one of "add", "remove", "replace", "move", "copy", or + "test". + https://datatracker.ietf.org/doc/html/rfc6902#section-4 enum: - test - remove @@ -3903,13 +5438,14 @@ spec: - copy type: string path: - description: Path contains the JSON-pointer value that references a location within the target - document where the operation is performed. The meaning of the value depends on the value of - Op. + description: |- + Path contains the JSON-pointer value that references a location within the target document where the operation + is performed. The meaning of the value depends on the value of Op. type: string value: - description: Value contains a valid JSON structure. The meaning of the value depends on the value - of Op, and is NOT taken into account by all operations. + description: |- + Value contains a valid JSON structure. The meaning of the value depends on the value of Op, and is NOT taken into + account by all operations. x-kubernetes-preserve-unknown-fields: true required: - op @@ -3917,22 +5453,32 @@ spec: type: object type: array target: - description: Target points to the resources that the patch document should be applied to. + description: Target points to the resources that the patch document + should be applied to. properties: annotationSelector: - description: AnnotationSelector is a string that follows the label selection expression https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#api + description: |- + AnnotationSelector is a string that follows the label selection expression + https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#api It matches with the resource annotations. type: string group: - description: Group is the API group to select resources from. Together with Version and Kind it - is capable of unambiguously identifying and/or selecting resources. https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md + description: |- + Group is the API group to select resources from. + Together with Version and Kind it is capable of unambiguously identifying and/or selecting resources. + https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md type: string kind: - description: Kind of the API Group to select resources from. Together with Group and Version it - is capable of unambiguously identifying and/or selecting resources. https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md + description: |- + Kind of the API Group to select resources from. + Together with Group and Version it is capable of unambiguously + identifying and/or selecting resources. + https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md type: string labelSelector: - description: LabelSelector is a string that follows the label selection expression https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#api + description: |- + LabelSelector is a string that follows the label selection expression + https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#api It matches with the resource labels. type: string name: @@ -3942,8 +5488,10 @@ spec: description: Namespace to select resources from. type: string version: - description: Version of the API Group to select resources from. Together with Group and Kind it - is capable of unambiguously identifying and/or selecting resources. https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md + description: |- + Version of the API Group to select resources from. + Together with Group and Kind it is capable of unambiguously identifying and/or selecting resources. + https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md type: string type: object required: @@ -3957,36 +5505,49 @@ spec: x-kubernetes-preserve-unknown-fields: true type: array path: - description: Path to the directory containing the kustomization.yaml file, or the set of plain YAMLs a kustomization.yaml - should be generated for. Defaults to 'None', which translates to the root path of the SourceRef. + description: |- + Path to the directory containing the kustomization.yaml file, or the + set of plain YAMLs a kustomization.yaml should be generated for. + Defaults to 'None', which translates to the root path of the SourceRef. type: string postBuild: - description: PostBuild describes which actions to perform on the YAML manifest generated by building the kustomize - overlay. + description: |- + PostBuild describes which actions to perform on the YAML manifest + generated by building the kustomize overlay. properties: substitute: additionalProperties: type: string - description: Substitute holds a map of key/value pairs. The variables defined in your YAML manifests that - match any of the keys defined in the map will be substituted with the set value. Includes support for - bash string replacement functions e.g. ${var:=default}, ${var:position} and ${var/substring/replacement}. + description: |- + Substitute holds a map of key/value pairs. + The variables defined in your YAML manifests + that match any of the keys defined in the map + will be substituted with the set value. + Includes support for bash string replacement functions + e.g. ${var:=default}, ${var:position} and ${var/substring/replacement}. type: object substituteFrom: - description: SubstituteFrom holds references to ConfigMaps and Secrets containing the variables and their - values to be substituted in the YAML manifests. The ConfigMap and the Secret data keys represent the - var names and they must match the vars declared in the manifests for the substitution to happen. + description: |- + SubstituteFrom holds references to ConfigMaps and Secrets containing + the variables and their values to be substituted in the YAML manifests. + The ConfigMap and the Secret data keys represent the var names and they + must match the vars declared in the manifests for the substitution to happen. items: - description: SubstituteReference contains a reference to a resource containing the variables name and - value. + description: |- + SubstituteReference contains a reference to a resource containing + the variables name and value. properties: kind: - description: Kind of the values referent, valid values are ('Secret', 'ConfigMap'). + description: Kind of the values referent, valid values are + ('Secret', 'ConfigMap'). enum: - Secret - ConfigMap type: string name: - description: Name of the values referent. Should reside in the same namespace as the referring resource. + description: |- + Name of the values referent. Should reside in the same namespace as the + referring resource. maxLength: 253 minLength: 1 type: string @@ -4000,14 +5561,19 @@ spec: description: Prune enables garbage collection. type: boolean retryInterval: - description: The interval at which to retry a previously failed reconciliation. When not specified, the controller - uses the KustomizationSpec.Interval value to retry failures. + description: |- + The interval at which to retry a previously failed reconciliation. + When not specified, the controller uses the KustomizationSpec.Interval + value to retry failures. type: string serviceAccountName: - description: The name of the Kubernetes service account to impersonate when reconciling this Kustomization. + description: |- + The name of the Kubernetes service account to impersonate + when reconciling this Kustomization. type: string sourceRef: - description: Reference of the source where the kustomization file is. + description: Reference of the source where the kustomization file + is. properties: apiVersion: description: API version of the referent @@ -4022,28 +5588,37 @@ spec: description: Name of the referent type: string namespace: - description: Namespace of the referent, defaults to the Kustomization namespace + description: Namespace of the referent, defaults to the Kustomization + namespace type: string required: - kind - name type: object suspend: - description: This flag tells the controller to suspend subsequent kustomize executions, it does not apply - to already started executions. Defaults to false. + description: |- + This flag tells the controller to suspend subsequent kustomize executions, + it does not apply to already started executions. Defaults to false. type: boolean targetNamespace: - description: TargetNamespace sets or overrides the namespace in the kustomization.yaml file. + description: |- + TargetNamespace sets or overrides the namespace in the + kustomization.yaml file. maxLength: 63 minLength: 1 type: string timeout: - description: Timeout for validation, apply and health checking operations. Defaults to 'Interval' duration. + description: |- + Timeout for validation, apply and health checking operations. + Defaults to 'Interval' duration. type: string validation: - description: Validate the Kubernetes objects before applying them on the cluster. The validation strategy - can be 'client' (local dry-run), 'server' (APIServer dry-run) or 'none'. When 'Force' is 'true', validation - will fallback to 'client' if set to 'server' because server-side validation is not supported in this scenario. + description: |- + Validate the Kubernetes objects before applying them on the cluster. + The validation strategy can be 'client' (local dry-run), 'server' + (APIServer dry-run) or 'none'. + When 'Force' is 'true', validation will fallback to 'client' if set to + 'server' because server-side validation is not supported in this scenario. enum: - none - client @@ -4061,35 +5636,43 @@ spec: properties: conditions: items: - description: "Condition contains details for one aspect of the current state of this API Resource. --- This - struct is intended for direct use as an array at the field path .status.conditions. For example, \n type - FooStatus struct{ // Represents the observations of a foo's current state. // Known .status.conditions.type - are: \"Available\", \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge // - +listType=map // +listMapKey=type Conditions []metav1.Condition `json:\"conditions,omitempty\" patchStrategy:\"merge\" - patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" + description: "Condition contains details for one aspect of the current + state of this API Resource.\n---\nThis struct is intended for + direct use as an array at the field path .status.conditions. For + example,\n\n\n\ttype FooStatus struct{\n\t // Represents the + observations of a foo's current state.\n\t // Known .status.conditions.type + are: \"Available\", \"Progressing\", and \"Degraded\"\n\t // + +patchMergeKey=type\n\t // +patchStrategy=merge\n\t // +listType=map\n\t + \ // +listMapKey=type\n\t Conditions []metav1.Condition `json:\"conditions,omitempty\" + patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"`\n\n\n\t + \ // other fields\n\t}" properties: lastTransitionTime: - description: lastTransitionTime is the last time the condition transitioned from one status to another. - This should be when the underlying condition changed. If that is not known, then using the time when - the API field changed is acceptable. + description: |- + lastTransitionTime is the last time the condition transitioned from one status to another. + This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. format: date-time type: string message: - description: message is a human readable message indicating details about the transition. This may be - an empty string. + description: |- + message is a human readable message indicating details about the transition. + This may be an empty string. maxLength: 32768 type: string observedGeneration: - description: observedGeneration represents the .metadata.generation that the condition was set based - upon. For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration - is 9, the condition is out of date with respect to the current state of the instance. + description: |- + observedGeneration represents the .metadata.generation that the condition was set based upon. + For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date + with respect to the current state of the instance. format: int64 minimum: 0 type: integer reason: - description: reason contains a programmatic identifier indicating the reason for the condition's last - transition. Producers of specific condition types may define expected values and meanings for this - field, and whether the values are considered a guaranteed API. The value should be a CamelCase string. + description: |- + reason contains a programmatic identifier indicating the reason for the condition's last transition. + Producers of specific condition types may define expected values and meanings for this field, + and whether the values are considered a guaranteed API. + The value should be a CamelCase string. This field may not be empty. maxLength: 1024 minLength: 1 @@ -4103,9 +5686,12 @@ spec: - Unknown type: string type: - description: type of condition in CamelCase or in foo.example.com/CamelCase. --- Many .condition.type - values are consistent across resources like Available, but because arbitrary conditions can be useful - (see .node.status.conditions), the ability to deconflict is important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + description: |- + type of condition in CamelCase or in foo.example.com/CamelCase. + --- + Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be + useful (see .node.status.conditions), the ability to deconflict is important. + The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) maxLength: 316 pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ type: string @@ -4118,14 +5704,19 @@ spec: type: object type: array lastAppliedRevision: - description: The last successfully applied revision. The revision format for Git sources is /. + description: |- + The last successfully applied revision. + The revision format for Git sources is /. type: string lastAttemptedRevision: - description: LastAttemptedRevision is the revision of the last reconciliation attempt. + description: LastAttemptedRevision is the revision of the last reconciliation + attempt. type: string lastHandledReconcileAt: - description: LastHandledReconcileAt holds the value of the most recent reconcile request value, so a change - of the annotation value can be detected. + description: |- + LastHandledReconcileAt holds the value of the most recent + reconcile request value, so a change of the annotation value + can be detected. type: string observedGeneration: description: ObservedGeneration is the last reconciled generation. @@ -4140,7 +5731,9 @@ spec: entries: description: A list of Kubernetes kinds grouped by namespace. items: - description: Snapshot holds the metadata of namespaced Kubernetes objects + description: |- + Snapshot holds the metadata of namespaced + Kubernetes objects properties: kinds: additionalProperties: @@ -4182,20 +5775,29 @@ spec: description: Kustomization is the Schema for the kustomizations API. properties: apiVersion: - description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert - recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string kind: - description: 'Kind is a string value representing the REST resource this object represents. Servers may infer - this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string metadata: type: object spec: - description: KustomizationSpec defines the configuration to calculate the desired state from a Source using Kustomize. + description: KustomizationSpec defines the configuration to calculate + the desired state from a Source using Kustomize. properties: commonMetadata: - description: CommonMetadata specifies the common labels and annotations that are applied to all resources. + description: |- + CommonMetadata specifies the common labels and annotations that are applied to all resources. Any existing label or annotation will be overridden if its key matches a common one. properties: annotations: @@ -4210,12 +5812,14 @@ spec: type: object type: object components: - description: Components specifies relative paths to specifications of other Components. + description: Components specifies relative paths to specifications + of other Components. items: type: string type: array decryption: - description: Decrypt Kubernetes secrets before applying them on the cluster. + description: Decrypt Kubernetes secrets before applying them on the + cluster. properties: provider: description: Provider is the name of the decryption engine. @@ -4223,7 +5827,8 @@ spec: - sops type: string secretRef: - description: The secret name containing the private OpenPGP keys used for decryption. + description: The secret name containing the private OpenPGP keys + used for decryption. properties: name: description: Name of the referent. @@ -4235,17 +5840,21 @@ spec: - provider type: object dependsOn: - description: DependsOn may contain a meta.NamespacedObjectReference slice with references to Kustomization - resources that must be ready before this Kustomization can be reconciled. + description: |- + DependsOn may contain a meta.NamespacedObjectReference slice + with references to Kustomization resources that must be ready before this + Kustomization can be reconciled. items: - description: NamespacedObjectReference contains enough information to locate the referenced Kubernetes resource - object in any namespace. + description: |- + NamespacedObjectReference contains enough information to locate the referenced Kubernetes resource object in any + namespace. properties: name: description: Name of the referent. type: string namespace: - description: Namespace of the referent, when not specified it acts as LocalObjectReference. + description: Namespace of the referent, when not specified it + acts as LocalObjectReference. type: string required: - name @@ -4253,18 +5862,20 @@ spec: type: array force: default: false - description: Force instructs the controller to recreate resources when patching fails due to an immutable - field change. + description: |- + Force instructs the controller to recreate resources + when patching fails due to an immutable field change. type: boolean healthChecks: description: A list of resources to be included in the health assessment. items: - description: NamespacedObjectKindReference contains enough information to locate the typed referenced Kubernetes - resource object in any namespace. + description: |- + NamespacedObjectKindReference contains enough information to locate the typed referenced Kubernetes resource object + in any namespace. properties: apiVersion: - description: API version of the referent, if not specified the Kubernetes preferred version will be - used. + description: API version of the referent, if not specified the + Kubernetes preferred version will be used. type: string kind: description: Kind of the referent. @@ -4273,7 +5884,8 @@ spec: description: Name of the referent. type: string namespace: - description: Namespace of the referent, when not specified it acts as LocalObjectReference. + description: Namespace of the referent, when not specified it + acts as LocalObjectReference. type: string required: - kind @@ -4281,24 +5893,29 @@ spec: type: object type: array images: - description: Images is a list of (image name, new name, new tag or digest) for changing image names, tags - or digests. This can also be achieved with a patch, but this operator is simpler to specify. + description: |- + Images is a list of (image name, new name, new tag or digest) + for changing image names, tags or digests. This can also be achieved with a + patch, but this operator is simpler to specify. items: - description: Image contains an image name, a new name, a new tag or digest, which will replace the original - name and tag. + description: Image contains an image name, a new name, a new tag + or digest, which will replace the original name and tag. properties: digest: - description: Digest is the value used to replace the original image tag. If digest is present NewTag - value is ignored. + description: |- + Digest is the value used to replace the original image tag. + If digest is present NewTag value is ignored. type: string name: description: Name is a tag-less image name. type: string newName: - description: NewName is the value used to replace the original name. + description: NewName is the value used to replace the original + name. type: string newTag: - description: NewTag is the value used to replace the original tag. + description: NewTag is the value used to replace the original + tag. type: string required: - name @@ -4309,20 +5926,29 @@ spec: pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$ type: string kubeConfig: - description: The KubeConfig for reconciling the Kustomization on a remote cluster. When used in combination - with KustomizationSpec.ServiceAccountName, forces the controller to act on behalf of that Service Account - at the target cluster. If the --default-service-account flag is set, its value will be used as a controller - level fallback for when KustomizationSpec.ServiceAccountName is empty. + description: |- + The KubeConfig for reconciling the Kustomization on a remote cluster. + When used in combination with KustomizationSpec.ServiceAccountName, + forces the controller to act on behalf of that Service Account at the + target cluster. + If the --default-service-account flag is set, its value will be used as + a controller level fallback for when KustomizationSpec.ServiceAccountName + is empty. properties: secretRef: - description: SecretRef holds the name of a secret that contains a key with the kubeconfig file as the - value. If no key is set, the key will default to 'value'. It is recommended that the kubeconfig is self-contained, - and the secret is regularly updated if credentials such as a cloud-access-token expire. Cloud specific - `cmd-path` auth helpers will not function without adding binaries and credentials to the Pod that is - responsible for reconciling Kubernetes resources. + description: |- + SecretRef holds the name of a secret that contains a key with + the kubeconfig file as the value. If no key is set, the key will default + to 'value'. + It is recommended that the kubeconfig is self-contained, and the secret + is regularly updated if credentials such as a cloud-access-token expire. + Cloud specific `cmd-path` auth helpers will not function without adding + binaries and credentials to the Pod that is responsible for reconciling + Kubernetes resources. properties: key: - description: Key in the Secret, when not specified an implementation-specific default key is used. + description: Key in the Secret, when not specified an implementation-specific + default key is used. type: string name: description: Name of the Secret. @@ -4334,33 +5960,46 @@ spec: - secretRef type: object patches: - description: Strategic merge and JSON patches, defined as inline YAML objects, capable of targeting objects - based on kind, label and annotation selectors. + description: |- + Strategic merge and JSON patches, defined as inline YAML objects, + capable of targeting objects based on kind, label and annotation selectors. items: - description: Patch contains an inline StrategicMerge or JSON6902 patch, and the target the patch should + description: |- + Patch contains an inline StrategicMerge or JSON6902 patch, and the target the patch should be applied to. properties: patch: - description: Patch contains an inline StrategicMerge patch or an inline JSON6902 patch with an array - of operation objects. + description: |- + Patch contains an inline StrategicMerge patch or an inline JSON6902 patch with + an array of operation objects. type: string target: - description: Target points to the resources that the patch document should be applied to. + description: Target points to the resources that the patch document + should be applied to. properties: annotationSelector: - description: AnnotationSelector is a string that follows the label selection expression https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#api + description: |- + AnnotationSelector is a string that follows the label selection expression + https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#api It matches with the resource annotations. type: string group: - description: Group is the API group to select resources from. Together with Version and Kind it - is capable of unambiguously identifying and/or selecting resources. https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md + description: |- + Group is the API group to select resources from. + Together with Version and Kind it is capable of unambiguously identifying and/or selecting resources. + https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md type: string kind: - description: Kind of the API Group to select resources from. Together with Group and Version it - is capable of unambiguously identifying and/or selecting resources. https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md + description: |- + Kind of the API Group to select resources from. + Together with Group and Version it is capable of unambiguously + identifying and/or selecting resources. + https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md type: string labelSelector: - description: LabelSelector is a string that follows the label selection expression https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#api + description: |- + LabelSelector is a string that follows the label selection expression + https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#api It matches with the resource labels. type: string name: @@ -4370,8 +6009,10 @@ spec: description: Namespace to select resources from. type: string version: - description: Version of the API Group to select resources from. Together with Group and Kind it - is capable of unambiguously identifying and/or selecting resources. https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md + description: |- + Version of the API Group to select resources from. + Together with Group and Kind it is capable of unambiguously identifying and/or selecting resources. + https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md type: string type: object required: @@ -4379,23 +6020,31 @@ spec: type: object type: array patchesJson6902: - description: 'JSON 6902 patches, defined as inline YAML objects. Deprecated: Use Patches instead.' + description: |- + JSON 6902 patches, defined as inline YAML objects. + Deprecated: Use Patches instead. items: - description: JSON6902Patch contains a JSON6902 patch and the target the patch should be applied to. + description: JSON6902Patch contains a JSON6902 patch and the target + the patch should be applied to. properties: patch: - description: Patch contains the JSON6902 patch document with an array of operation objects. + description: Patch contains the JSON6902 patch document with + an array of operation objects. items: - description: JSON6902 is a JSON6902 operation object. https://datatracker.ietf.org/doc/html/rfc6902#section-4 + description: |- + JSON6902 is a JSON6902 operation object. + https://datatracker.ietf.org/doc/html/rfc6902#section-4 properties: from: - description: From contains a JSON-pointer value that references a location within the target document - where the operation is performed. The meaning of the value depends on the value of Op, and is - NOT taken into account by all operations. + description: |- + From contains a JSON-pointer value that references a location within the target document where the operation is + performed. The meaning of the value depends on the value of Op, and is NOT taken into account by all operations. type: string op: - description: Op indicates the operation to perform. Its value MUST be one of "add", "remove", - "replace", "move", "copy", or "test". https://datatracker.ietf.org/doc/html/rfc6902#section-4 + description: |- + Op indicates the operation to perform. Its value MUST be one of "add", "remove", "replace", "move", "copy", or + "test". + https://datatracker.ietf.org/doc/html/rfc6902#section-4 enum: - test - remove @@ -4405,13 +6054,14 @@ spec: - copy type: string path: - description: Path contains the JSON-pointer value that references a location within the target - document where the operation is performed. The meaning of the value depends on the value of - Op. + description: |- + Path contains the JSON-pointer value that references a location within the target document where the operation + is performed. The meaning of the value depends on the value of Op. type: string value: - description: Value contains a valid JSON structure. The meaning of the value depends on the value - of Op, and is NOT taken into account by all operations. + description: |- + Value contains a valid JSON structure. The meaning of the value depends on the value of Op, and is NOT taken into + account by all operations. x-kubernetes-preserve-unknown-fields: true required: - op @@ -4419,22 +6069,32 @@ spec: type: object type: array target: - description: Target points to the resources that the patch document should be applied to. + description: Target points to the resources that the patch document + should be applied to. properties: annotationSelector: - description: AnnotationSelector is a string that follows the label selection expression https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#api + description: |- + AnnotationSelector is a string that follows the label selection expression + https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#api It matches with the resource annotations. type: string group: - description: Group is the API group to select resources from. Together with Version and Kind it - is capable of unambiguously identifying and/or selecting resources. https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md + description: |- + Group is the API group to select resources from. + Together with Version and Kind it is capable of unambiguously identifying and/or selecting resources. + https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md type: string kind: - description: Kind of the API Group to select resources from. Together with Group and Version it - is capable of unambiguously identifying and/or selecting resources. https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md + description: |- + Kind of the API Group to select resources from. + Together with Group and Version it is capable of unambiguously + identifying and/or selecting resources. + https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md type: string labelSelector: - description: LabelSelector is a string that follows the label selection expression https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#api + description: |- + LabelSelector is a string that follows the label selection expression + https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#api It matches with the resource labels. type: string name: @@ -4444,8 +6104,10 @@ spec: description: Namespace to select resources from. type: string version: - description: Version of the API Group to select resources from. Together with Group and Kind it - is capable of unambiguously identifying and/or selecting resources. https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md + description: |- + Version of the API Group to select resources from. + Together with Group and Kind it is capable of unambiguously identifying and/or selecting resources. + https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md type: string type: object required: @@ -4454,49 +6116,65 @@ spec: type: object type: array patchesStrategicMerge: - description: 'Strategic merge patches, defined as inline YAML objects. Deprecated: Use Patches instead.' + description: |- + Strategic merge patches, defined as inline YAML objects. + Deprecated: Use Patches instead. items: x-kubernetes-preserve-unknown-fields: true type: array path: - description: Path to the directory containing the kustomization.yaml file, or the set of plain YAMLs a kustomization.yaml - should be generated for. Defaults to 'None', which translates to the root path of the SourceRef. + description: |- + Path to the directory containing the kustomization.yaml file, or the + set of plain YAMLs a kustomization.yaml should be generated for. + Defaults to 'None', which translates to the root path of the SourceRef. type: string postBuild: - description: PostBuild describes which actions to perform on the YAML manifest generated by building the kustomize - overlay. + description: |- + PostBuild describes which actions to perform on the YAML manifest + generated by building the kustomize overlay. properties: substitute: additionalProperties: type: string - description: Substitute holds a map of key/value pairs. The variables defined in your YAML manifests that - match any of the keys defined in the map will be substituted with the set value. Includes support for - bash string replacement functions e.g. ${var:=default}, ${var:position} and ${var/substring/replacement}. + description: |- + Substitute holds a map of key/value pairs. + The variables defined in your YAML manifests + that match any of the keys defined in the map + will be substituted with the set value. + Includes support for bash string replacement functions + e.g. ${var:=default}, ${var:position} and ${var/substring/replacement}. type: object substituteFrom: - description: SubstituteFrom holds references to ConfigMaps and Secrets containing the variables and their - values to be substituted in the YAML manifests. The ConfigMap and the Secret data keys represent the - var names and they must match the vars declared in the manifests for the substitution to happen. + description: |- + SubstituteFrom holds references to ConfigMaps and Secrets containing + the variables and their values to be substituted in the YAML manifests. + The ConfigMap and the Secret data keys represent the var names and they + must match the vars declared in the manifests for the substitution to happen. items: - description: SubstituteReference contains a reference to a resource containing the variables name and - value. + description: |- + SubstituteReference contains a reference to a resource containing + the variables name and value. properties: kind: - description: Kind of the values referent, valid values are ('Secret', 'ConfigMap'). + description: Kind of the values referent, valid values are + ('Secret', 'ConfigMap'). enum: - Secret - ConfigMap type: string name: - description: Name of the values referent. Should reside in the same namespace as the referring resource. + description: |- + Name of the values referent. Should reside in the same namespace as the + referring resource. maxLength: 253 minLength: 1 type: string optional: default: false - description: Optional indicates whether the referenced resource must exist, or whether to tolerate - its absence. If true and the referenced resource is absent, proceed as if the resource was present - but empty, without any variables defined. + description: |- + Optional indicates whether the referenced resource must exist, or whether to + tolerate its absence. If true and the referenced resource is absent, proceed + as if the resource was present but empty, without any variables defined. type: boolean required: - kind @@ -4508,15 +6186,20 @@ spec: description: Prune enables garbage collection. type: boolean retryInterval: - description: The interval at which to retry a previously failed reconciliation. When not specified, the controller - uses the KustomizationSpec.Interval value to retry failures. + description: |- + The interval at which to retry a previously failed reconciliation. + When not specified, the controller uses the KustomizationSpec.Interval + value to retry failures. pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$ type: string serviceAccountName: - description: The name of the Kubernetes service account to impersonate when reconciling this Kustomization. + description: |- + The name of the Kubernetes service account to impersonate + when reconciling this Kustomization. type: string sourceRef: - description: Reference of the source where the kustomization file is. + description: Reference of the source where the kustomization file + is. properties: apiVersion: description: API version of the referent. @@ -4532,24 +6215,29 @@ spec: description: Name of the referent. type: string namespace: - description: Namespace of the referent, defaults to the namespace of the Kubernetes resource object that - contains the reference. + description: Namespace of the referent, defaults to the namespace + of the Kubernetes resource object that contains the reference. type: string required: - kind - name type: object suspend: - description: This flag tells the controller to suspend subsequent kustomize executions, it does not apply - to already started executions. Defaults to false. + description: |- + This flag tells the controller to suspend subsequent kustomize executions, + it does not apply to already started executions. Defaults to false. type: boolean targetNamespace: - description: TargetNamespace sets or overrides the namespace in the kustomization.yaml file. + description: |- + TargetNamespace sets or overrides the namespace in the + kustomization.yaml file. maxLength: 63 minLength: 1 type: string timeout: - description: Timeout for validation, apply and health checking operations. Defaults to 'Interval' duration. + description: |- + Timeout for validation, apply and health checking operations. + Defaults to 'Interval' duration. pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$ type: string validation: @@ -4560,8 +6248,9 @@ spec: - server type: string wait: - description: Wait instructs the controller to check the health of all the reconciled resources. When enabled, - the HealthChecks are ignored. Defaults to false. + description: |- + Wait instructs the controller to check the health of all the reconciled resources. + When enabled, the HealthChecks are ignored. Defaults to false. type: boolean required: - interval @@ -4575,35 +6264,43 @@ spec: properties: conditions: items: - description: "Condition contains details for one aspect of the current state of this API Resource. --- This - struct is intended for direct use as an array at the field path .status.conditions. For example, \n type - FooStatus struct{ // Represents the observations of a foo's current state. // Known .status.conditions.type - are: \"Available\", \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge // - +listType=map // +listMapKey=type Conditions []metav1.Condition `json:\"conditions,omitempty\" patchStrategy:\"merge\" - patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" + description: "Condition contains details for one aspect of the current + state of this API Resource.\n---\nThis struct is intended for + direct use as an array at the field path .status.conditions. For + example,\n\n\n\ttype FooStatus struct{\n\t // Represents the + observations of a foo's current state.\n\t // Known .status.conditions.type + are: \"Available\", \"Progressing\", and \"Degraded\"\n\t // + +patchMergeKey=type\n\t // +patchStrategy=merge\n\t // +listType=map\n\t + \ // +listMapKey=type\n\t Conditions []metav1.Condition `json:\"conditions,omitempty\" + patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"`\n\n\n\t + \ // other fields\n\t}" properties: lastTransitionTime: - description: lastTransitionTime is the last time the condition transitioned from one status to another. - This should be when the underlying condition changed. If that is not known, then using the time when - the API field changed is acceptable. + description: |- + lastTransitionTime is the last time the condition transitioned from one status to another. + This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. format: date-time type: string message: - description: message is a human readable message indicating details about the transition. This may be - an empty string. + description: |- + message is a human readable message indicating details about the transition. + This may be an empty string. maxLength: 32768 type: string observedGeneration: - description: observedGeneration represents the .metadata.generation that the condition was set based - upon. For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration - is 9, the condition is out of date with respect to the current state of the instance. + description: |- + observedGeneration represents the .metadata.generation that the condition was set based upon. + For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date + with respect to the current state of the instance. format: int64 minimum: 0 type: integer reason: - description: reason contains a programmatic identifier indicating the reason for the condition's last - transition. Producers of specific condition types may define expected values and meanings for this - field, and whether the values are considered a guaranteed API. The value should be a CamelCase string. + description: |- + reason contains a programmatic identifier indicating the reason for the condition's last transition. + Producers of specific condition types may define expected values and meanings for this field, + and whether the values are considered a guaranteed API. + The value should be a CamelCase string. This field may not be empty. maxLength: 1024 minLength: 1 @@ -4617,9 +6314,12 @@ spec: - Unknown type: string type: - description: type of condition in CamelCase or in foo.example.com/CamelCase. --- Many .condition.type - values are consistent across resources like Available, but because arbitrary conditions can be useful - (see .node.status.conditions), the ability to deconflict is important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + description: |- + type of condition in CamelCase or in foo.example.com/CamelCase. + --- + Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be + useful (see .node.status.conditions), the ability to deconflict is important. + The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) maxLength: 316 pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ type: string @@ -4632,20 +6332,23 @@ spec: type: object type: array inventory: - description: Inventory contains the list of Kubernetes resource object references that have been successfully - applied. + description: Inventory contains the list of Kubernetes resource object + references that have been successfully applied. properties: entries: description: Entries of Kubernetes resource object references. items: - description: ResourceRef contains the information necessary to locate a resource within a cluster. + description: ResourceRef contains the information necessary + to locate a resource within a cluster. properties: id: - description: ID is the string representation of the Kubernetes resource object's metadata, in the - format '___'. + description: |- + ID is the string representation of the Kubernetes resource object's metadata, + in the format '___'. type: string v: - description: Version is the API version of the Kubernetes resource object's kind. + description: Version is the API version of the Kubernetes + resource object's kind. type: string required: - id @@ -4656,15 +6359,19 @@ spec: - entries type: object lastAppliedRevision: - description: The last successfully applied revision. Equals the Revision of the applied Artifact from the - referenced Source. + description: |- + The last successfully applied revision. + Equals the Revision of the applied Artifact from the referenced Source. type: string lastAttemptedRevision: - description: LastAttemptedRevision is the revision of the last reconciliation attempt. + description: LastAttemptedRevision is the revision of the last reconciliation + attempt. type: string lastHandledReconcileAt: - description: LastHandledReconcileAt holds the value of the most recent reconcile request value, so a change - of the annotation value can be detected. + description: |- + LastHandledReconcileAt holds the value of the most recent + reconcile request value, so a change of the annotation value + can be detected. type: string observedGeneration: description: ObservedGeneration is the last reconciled generation. @@ -4684,7 +6391,7 @@ metadata: app.kubernetes.io/component: kustomize-controller app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v2.1.1 + app.kubernetes.io/version: v2.3.0 name: kustomize-controller namespace: flux-system --- @@ -4695,7 +6402,7 @@ metadata: app.kubernetes.io/component: kustomize-controller app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v2.1.1 + app.kubernetes.io/version: v2.3.0 control-plane: controller name: kustomize-controller namespace: flux-system @@ -4724,7 +6431,17 @@ spec: valueFrom: fieldRef: fieldPath: metadata.namespace - image: ghcr.io/fluxcd/kustomize-controller:v1.1.0 + - name: GOMAXPROCS + valueFrom: + resourceFieldRef: + containerName: manager + resource: limits.cpu + - name: GOMEMLIMIT + valueFrom: + resourceFieldRef: + containerName: manager + resource: limits.memory + image: ghcr.io/fluxcd/kustomize-controller:v1.3.0 imagePullPolicy: IfNotPresent livenessProbe: httpGet: @@ -4776,12 +6493,12 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.12.0 + controller-gen.kubebuilder.io/version: v0.15.0 labels: app.kubernetes.io/component: helm-controller app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v2.1.1 + app.kubernetes.io/version: v2.3.0 name: helmreleases.helm.toolkit.fluxcd.io spec: group: helm.toolkit.fluxcd.io @@ -4804,18 +6521,25 @@ spec: - jsonPath: .status.conditions[?(@.type=="Ready")].message name: Status type: string - name: v2beta1 + name: v2 schema: openAPIV3Schema: description: HelmRelease is the Schema for the helmreleases API properties: apiVersion: - description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert - recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string kind: - description: 'Kind is a string value representing the REST resource this object represents. Servers may infer - this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string metadata: type: object @@ -4823,46 +6547,66 @@ spec: description: HelmReleaseSpec defines the desired state of a Helm release. properties: chart: - description: Chart defines the template of the v1beta2.HelmChart that should be created for this HelmRelease. + description: |- + Chart defines the template of the v1.HelmChart that should be created + for this HelmRelease. properties: metadata: - description: ObjectMeta holds the template for metadata like labels and annotations. + description: ObjectMeta holds the template for metadata like labels + and annotations. properties: annotations: additionalProperties: type: string - description: 'Annotations is an unstructured key value map stored with a resource that may be set - by external tools to store and retrieve arbitrary metadata. They are not queryable and should be - preserved when modifying objects. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations/' + description: |- + Annotations is an unstructured key value map stored with a resource that may be + set by external tools to store and retrieve arbitrary metadata. They are not + queryable and should be preserved when modifying objects. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations/ type: object labels: additionalProperties: type: string - description: 'Map of string keys and values that can be used to organize and categorize (scope and - select) objects. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/' + description: |- + Map of string keys and values that can be used to organize and categorize + (scope and select) objects. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/ type: object type: object spec: - description: Spec holds the template for the v1beta2.HelmChartSpec for this HelmRelease. + description: Spec holds the template for the v1.HelmChartSpec + for this HelmRelease. properties: chart: - description: The name or path the Helm chart is available at in the SourceRef. + description: The name or path the Helm chart is available + at in the SourceRef. + maxLength: 2048 + minLength: 1 type: string + ignoreMissingValuesFiles: + description: IgnoreMissingValuesFiles controls whether to + silently ignore missing values files rather than failing. + type: boolean interval: - description: Interval at which to check the v1beta2.Source for updates. Defaults to 'HelmReleaseSpec.Interval'. + description: |- + Interval at which to check the v1.Source for updates. Defaults to + 'HelmReleaseSpec.Interval'. pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$ type: string reconcileStrategy: default: ChartVersion - description: Determines what enables the creation of a new artifact. Valid values are ('ChartVersion', - 'Revision'). See the documentation of the values for an explanation on their behavior. Defaults - to ChartVersion when omitted. + description: |- + Determines what enables the creation of a new artifact. Valid values are + ('ChartVersion', 'Revision'). + See the documentation of the values for an explanation on their behavior. + Defaults to ChartVersion when omitted. enum: - ChartVersion - Revision type: string sourceRef: - description: The name and namespace of the v1beta2.Source the chart is available at. + description: The name and namespace of the v1.Source the chart + is available at. properties: apiVersion: description: APIVersion of the referent. @@ -4887,32 +6631,36 @@ spec: required: - name type: object - valuesFile: - description: Alternative values file to use as the default chart values, expected to be a relative - path in the SourceRef. Deprecated in favor of ValuesFiles, for backwards compatibility the file - defined here is merged before the ValuesFiles items. Ignored when omitted. - type: string valuesFiles: - description: Alternative list of values files to use as the chart values (values.yaml is not included - by default), expected to be a relative path in the SourceRef. Values files are merged in the order - of this list with the last file overriding the first. Ignored when omitted. + description: |- + Alternative list of values files to use as the chart values (values.yaml + is not included by default), expected to be a relative path in the SourceRef. + Values files are merged in the order of this list with the last file overriding + the first. Ignored when omitted. items: type: string type: array verify: - description: Verify contains the secret name containing the trusted public keys used to verify the - signature and specifies which provider to use to check whether OCI image is authentic. This field - is only supported for OCI sources. Chart dependencies, which are not bundled in the umbrella chart - artifact, are not verified. + description: |- + Verify contains the secret name containing the trusted public keys + used to verify the signature and specifies which provider to use to check + whether OCI image is authentic. + This field is only supported for OCI sources. + Chart dependencies, which are not bundled in the umbrella chart artifact, + are not verified. properties: provider: default: cosign - description: Provider specifies the technology used to sign the OCI Helm chart. + description: Provider specifies the technology used to + sign the OCI Helm chart. enum: - cosign + - notation type: string secretRef: - description: SecretRef specifies the Kubernetes Secret containing the trusted public keys. + description: |- + SecretRef specifies the Kubernetes Secret containing the + trusted public keys. properties: name: description: Name of the referent. @@ -4925,8 +6673,9 @@ spec: type: object version: default: '*' - description: Version semver expression, ignored for charts from v1beta2.GitRepository and v1beta2.Bucket - sources. Defaults to latest when omitted. + description: |- + Version semver expression, ignored for charts from v1.GitRepository and + v1beta2.Bucket sources. Defaults to latest when omitted. type: string required: - chart @@ -4935,109 +6684,2722 @@ spec: required: - spec type: object + chartRef: + description: |- + ChartRef holds a reference to a source controller resource containing the + Helm chart artifact. + properties: + apiVersion: + description: APIVersion of the referent. + type: string + kind: + description: Kind of the referent. + enum: + - OCIRepository + - HelmChart + type: string + name: + description: Name of the referent. + maxLength: 253 + minLength: 1 + type: string + namespace: + description: |- + Namespace of the referent, defaults to the namespace of the Kubernetes + resource object that contains the reference. + maxLength: 63 + minLength: 1 + type: string + required: + - kind + - name + type: object dependsOn: - description: DependsOn may contain a meta.NamespacedObjectReference slice with references to HelmRelease resources - that must be ready before this HelmRelease can be reconciled. + description: |- + DependsOn may contain a meta.NamespacedObjectReference slice with + references to HelmRelease resources that must be ready before this HelmRelease + can be reconciled. items: - description: NamespacedObjectReference contains enough information to locate the referenced Kubernetes resource - object in any namespace. + description: |- + NamespacedObjectReference contains enough information to locate the referenced Kubernetes resource object in any + namespace. properties: name: description: Name of the referent. type: string namespace: - description: Namespace of the referent, when not specified it acts as LocalObjectReference. + description: Namespace of the referent, when not specified it + acts as LocalObjectReference. type: string required: - name type: object type: array - install: - description: Install holds the configuration for Helm install actions for this HelmRelease. + driftDetection: + description: |- + DriftDetection holds the configuration for detecting and handling + differences between the manifest in the Helm storage and the resources + currently existing in the cluster. + properties: + ignore: + description: |- + Ignore contains a list of rules for specifying which changes to ignore + during diffing. + items: + description: |- + IgnoreRule defines a rule to selectively disregard specific changes during + the drift detection process. + properties: + paths: + description: |- + Paths is a list of JSON Pointer (RFC 6901) paths to be excluded from + consideration in a Kubernetes object. + items: + type: string + type: array + target: + description: |- + Target is a selector for specifying Kubernetes objects to which this + rule applies. + If Target is not set, the Paths will be ignored for all Kubernetes + objects within the manifest of the Helm release. + properties: + annotationSelector: + description: |- + AnnotationSelector is a string that follows the label selection expression + https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#api + It matches with the resource annotations. + type: string + group: + description: |- + Group is the API group to select resources from. + Together with Version and Kind it is capable of unambiguously identifying and/or selecting resources. + https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md + type: string + kind: + description: |- + Kind of the API Group to select resources from. + Together with Group and Version it is capable of unambiguously + identifying and/or selecting resources. + https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md + type: string + labelSelector: + description: |- + LabelSelector is a string that follows the label selection expression + https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#api + It matches with the resource labels. + type: string + name: + description: Name to match resources with. + type: string + namespace: + description: Namespace to select resources from. + type: string + version: + description: |- + Version of the API Group to select resources from. + Together with Group and Kind it is capable of unambiguously identifying and/or selecting resources. + https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md + type: string + type: object + required: + - paths + type: object + type: array + mode: + description: |- + Mode defines how differences should be handled between the Helm manifest + and the manifest currently applied to the cluster. + If not explicitly set, it defaults to DiffModeDisabled. + enum: + - enabled + - warn + - disabled + type: string + type: object + install: + description: Install holds the configuration for Helm install actions + for this HelmRelease. + properties: + crds: + description: |- + CRDs upgrade CRDs from the Helm Chart's crds directory according + to the CRD upgrade policy provided here. Valid values are `Skip`, + `Create` or `CreateReplace`. Default is `Create` and if omitted + CRDs are installed but not updated. + + + Skip: do neither install nor replace (update) any CRDs. + + + Create: new CRDs are created, existing CRDs are neither updated nor deleted. + + + CreateReplace: new CRDs are created, existing CRDs are updated (replaced) + but not deleted. + + + By default, CRDs are applied (installed) during Helm install action. + With this option users can opt in to CRD replace existing CRDs on Helm + install actions, which is not (yet) natively supported by Helm. + https://helm.sh/docs/chart_best_practices/custom_resource_definitions. + enum: + - Skip + - Create + - CreateReplace + type: string + createNamespace: + description: |- + CreateNamespace tells the Helm install action to create the + HelmReleaseSpec.TargetNamespace if it does not exist yet. + On uninstall, the namespace will not be garbage collected. + type: boolean + disableHooks: + description: DisableHooks prevents hooks from running during the + Helm install action. + type: boolean + disableOpenAPIValidation: + description: |- + DisableOpenAPIValidation prevents the Helm install action from validating + rendered templates against the Kubernetes OpenAPI Schema. + type: boolean + disableWait: + description: |- + DisableWait disables the waiting for resources to be ready after a Helm + install has been performed. + type: boolean + disableWaitForJobs: + description: |- + DisableWaitForJobs disables waiting for jobs to complete after a Helm + install has been performed. + type: boolean + remediation: + description: |- + Remediation holds the remediation configuration for when the Helm install + action for the HelmRelease fails. The default is to not perform any action. + properties: + ignoreTestFailures: + description: |- + IgnoreTestFailures tells the controller to skip remediation when the Helm + tests are run after an install action but fail. Defaults to + 'Test.IgnoreFailures'. + type: boolean + remediateLastFailure: + description: |- + RemediateLastFailure tells the controller to remediate the last failure, when + no retries remain. Defaults to 'false'. + type: boolean + retries: + description: |- + Retries is the number of retries that should be attempted on failures before + bailing. Remediation, using an uninstall, is performed between each attempt. + Defaults to '0', a negative integer equals to unlimited retries. + type: integer + type: object + replace: + description: |- + Replace tells the Helm install action to re-use the 'ReleaseName', but only + if that name is a deleted release which remains in the history. + type: boolean + skipCRDs: + description: |- + SkipCRDs tells the Helm install action to not install any CRDs. By default, + CRDs are installed if not already present. + + + Deprecated use CRD policy (`crds`) attribute with value `Skip` instead. + type: boolean + timeout: + description: |- + Timeout is the time to wait for any individual Kubernetes operation (like + Jobs for hooks) during the performance of a Helm install action. Defaults to + 'HelmReleaseSpec.Timeout'. + pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$ + type: string + type: object + interval: + description: Interval at which to reconcile the Helm release. + pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$ + type: string + kubeConfig: + description: |- + KubeConfig for reconciling the HelmRelease on a remote cluster. + When used in combination with HelmReleaseSpec.ServiceAccountName, + forces the controller to act on behalf of that Service Account at the + target cluster. + If the --default-service-account flag is set, its value will be used as + a controller level fallback for when HelmReleaseSpec.ServiceAccountName + is empty. + properties: + secretRef: + description: |- + SecretRef holds the name of a secret that contains a key with + the kubeconfig file as the value. If no key is set, the key will default + to 'value'. + It is recommended that the kubeconfig is self-contained, and the secret + is regularly updated if credentials such as a cloud-access-token expire. + Cloud specific `cmd-path` auth helpers will not function without adding + binaries and credentials to the Pod that is responsible for reconciling + Kubernetes resources. + properties: + key: + description: Key in the Secret, when not specified an implementation-specific + default key is used. + type: string + name: + description: Name of the Secret. + type: string + required: + - name + type: object + required: + - secretRef + type: object + maxHistory: + description: |- + MaxHistory is the number of revisions saved by Helm for this HelmRelease. + Use '0' for an unlimited number of revisions; defaults to '5'. + type: integer + persistentClient: + description: |- + PersistentClient tells the controller to use a persistent Kubernetes + client for this release. When enabled, the client will be reused for the + duration of the reconciliation, instead of being created and destroyed + for each (step of a) Helm action. + + + This can improve performance, but may cause issues with some Helm charts + that for example do create Custom Resource Definitions during installation + outside Helm's CRD lifecycle hooks, which are then not observed to be + available by e.g. post-install hooks. + + + If not set, it defaults to true. + type: boolean + postRenderers: + description: |- + PostRenderers holds an array of Helm PostRenderers, which will be applied in order + of their definition. + items: + description: PostRenderer contains a Helm PostRenderer specification. + properties: + kustomize: + description: Kustomization to apply as PostRenderer. + properties: + images: + description: |- + Images is a list of (image name, new name, new tag or digest) + for changing image names, tags or digests. This can also be achieved with a + patch, but this operator is simpler to specify. + items: + description: Image contains an image name, a new name, + a new tag or digest, which will replace the original + name and tag. + properties: + digest: + description: |- + Digest is the value used to replace the original image tag. + If digest is present NewTag value is ignored. + type: string + name: + description: Name is a tag-less image name. + type: string + newName: + description: NewName is the value used to replace + the original name. + type: string + newTag: + description: NewTag is the value used to replace the + original tag. + type: string + required: + - name + type: object + type: array + patches: + description: |- + Strategic merge and JSON patches, defined as inline YAML objects, + capable of targeting objects based on kind, label and annotation selectors. + items: + description: |- + Patch contains an inline StrategicMerge or JSON6902 patch, and the target the patch should + be applied to. + properties: + patch: + description: |- + Patch contains an inline StrategicMerge patch or an inline JSON6902 patch with + an array of operation objects. + type: string + target: + description: Target points to the resources that the + patch document should be applied to. + properties: + annotationSelector: + description: |- + AnnotationSelector is a string that follows the label selection expression + https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#api + It matches with the resource annotations. + type: string + group: + description: |- + Group is the API group to select resources from. + Together with Version and Kind it is capable of unambiguously identifying and/or selecting resources. + https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md + type: string + kind: + description: |- + Kind of the API Group to select resources from. + Together with Group and Version it is capable of unambiguously + identifying and/or selecting resources. + https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md + type: string + labelSelector: + description: |- + LabelSelector is a string that follows the label selection expression + https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#api + It matches with the resource labels. + type: string + name: + description: Name to match resources with. + type: string + namespace: + description: Namespace to select resources from. + type: string + version: + description: |- + Version of the API Group to select resources from. + Together with Group and Kind it is capable of unambiguously identifying and/or selecting resources. + https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md + type: string + type: object + required: + - patch + type: object + type: array + type: object + type: object + type: array + releaseName: + description: |- + ReleaseName used for the Helm release. Defaults to a composition of + '[TargetNamespace-]Name'. + maxLength: 53 + minLength: 1 + type: string + rollback: + description: Rollback holds the configuration for Helm rollback actions + for this HelmRelease. + properties: + cleanupOnFail: + description: |- + CleanupOnFail allows deletion of new resources created during the Helm + rollback action when it fails. + type: boolean + disableHooks: + description: DisableHooks prevents hooks from running during the + Helm rollback action. + type: boolean + disableWait: + description: |- + DisableWait disables the waiting for resources to be ready after a Helm + rollback has been performed. + type: boolean + disableWaitForJobs: + description: |- + DisableWaitForJobs disables waiting for jobs to complete after a Helm + rollback has been performed. + type: boolean + force: + description: Force forces resource updates through a replacement + strategy. + type: boolean + recreate: + description: Recreate performs pod restarts for the resource if + applicable. + type: boolean + timeout: + description: |- + Timeout is the time to wait for any individual Kubernetes operation (like + Jobs for hooks) during the performance of a Helm rollback action. Defaults to + 'HelmReleaseSpec.Timeout'. + pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$ + type: string + type: object + serviceAccountName: + description: |- + The name of the Kubernetes service account to impersonate + when reconciling this HelmRelease. + maxLength: 253 + minLength: 1 + type: string + storageNamespace: + description: |- + StorageNamespace used for the Helm storage. + Defaults to the namespace of the HelmRelease. + maxLength: 63 + minLength: 1 + type: string + suspend: + description: |- + Suspend tells the controller to suspend reconciliation for this HelmRelease, + it does not apply to already started reconciliations. Defaults to false. + type: boolean + targetNamespace: + description: |- + TargetNamespace to target when performing operations for the HelmRelease. + Defaults to the namespace of the HelmRelease. + maxLength: 63 + minLength: 1 + type: string + test: + description: Test holds the configuration for Helm test actions for + this HelmRelease. + properties: + enable: + description: |- + Enable enables Helm test actions for this HelmRelease after an Helm install + or upgrade action has been performed. + type: boolean + filters: + description: Filters is a list of tests to run or exclude from + running. + items: + description: Filter holds the configuration for individual Helm + test filters. + properties: + exclude: + description: Exclude specifies whether the named test should + be excluded. + type: boolean + name: + description: Name is the name of the test. + maxLength: 253 + minLength: 1 + type: string + required: + - name + type: object + type: array + ignoreFailures: + description: |- + IgnoreFailures tells the controller to skip remediation when the Helm tests + are run but fail. Can be overwritten for tests run after install or upgrade + actions in 'Install.IgnoreTestFailures' and 'Upgrade.IgnoreTestFailures'. + type: boolean + timeout: + description: |- + Timeout is the time to wait for any individual Kubernetes operation during + the performance of a Helm test action. Defaults to 'HelmReleaseSpec.Timeout'. + pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$ + type: string + type: object + timeout: + description: |- + Timeout is the time to wait for any individual Kubernetes operation (like Jobs + for hooks) during the performance of a Helm action. Defaults to '5m0s'. + pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$ + type: string + uninstall: + description: Uninstall holds the configuration for Helm uninstall + actions for this HelmRelease. + properties: + deletionPropagation: + default: background + description: |- + DeletionPropagation specifies the deletion propagation policy when + a Helm uninstall is performed. + enum: + - background + - foreground + - orphan + type: string + disableHooks: + description: DisableHooks prevents hooks from running during the + Helm rollback action. + type: boolean + disableWait: + description: |- + DisableWait disables waiting for all the resources to be deleted after + a Helm uninstall is performed. + type: boolean + keepHistory: + description: |- + KeepHistory tells Helm to remove all associated resources and mark the + release as deleted, but retain the release history. + type: boolean + timeout: + description: |- + Timeout is the time to wait for any individual Kubernetes operation (like + Jobs for hooks) during the performance of a Helm uninstall action. Defaults + to 'HelmReleaseSpec.Timeout'. + pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$ + type: string + type: object + upgrade: + description: Upgrade holds the configuration for Helm upgrade actions + for this HelmRelease. + properties: + cleanupOnFail: + description: |- + CleanupOnFail allows deletion of new resources created during the Helm + upgrade action when it fails. + type: boolean + crds: + description: |- + CRDs upgrade CRDs from the Helm Chart's crds directory according + to the CRD upgrade policy provided here. Valid values are `Skip`, + `Create` or `CreateReplace`. Default is `Skip` and if omitted + CRDs are neither installed nor upgraded. + + + Skip: do neither install nor replace (update) any CRDs. + + + Create: new CRDs are created, existing CRDs are neither updated nor deleted. + + + CreateReplace: new CRDs are created, existing CRDs are updated (replaced) + but not deleted. + + + By default, CRDs are not applied during Helm upgrade action. With this + option users can opt-in to CRD upgrade, which is not (yet) natively supported by Helm. + https://helm.sh/docs/chart_best_practices/custom_resource_definitions. + enum: + - Skip + - Create + - CreateReplace + type: string + disableHooks: + description: DisableHooks prevents hooks from running during the + Helm upgrade action. + type: boolean + disableOpenAPIValidation: + description: |- + DisableOpenAPIValidation prevents the Helm upgrade action from validating + rendered templates against the Kubernetes OpenAPI Schema. + type: boolean + disableWait: + description: |- + DisableWait disables the waiting for resources to be ready after a Helm + upgrade has been performed. + type: boolean + disableWaitForJobs: + description: |- + DisableWaitForJobs disables waiting for jobs to complete after a Helm + upgrade has been performed. + type: boolean + force: + description: Force forces resource updates through a replacement + strategy. + type: boolean + preserveValues: + description: |- + PreserveValues will make Helm reuse the last release's values and merge in + overrides from 'Values'. Setting this flag makes the HelmRelease + non-declarative. + type: boolean + remediation: + description: |- + Remediation holds the remediation configuration for when the Helm upgrade + action for the HelmRelease fails. The default is to not perform any action. + properties: + ignoreTestFailures: + description: |- + IgnoreTestFailures tells the controller to skip remediation when the Helm + tests are run after an upgrade action but fail. + Defaults to 'Test.IgnoreFailures'. + type: boolean + remediateLastFailure: + description: |- + RemediateLastFailure tells the controller to remediate the last failure, when + no retries remain. Defaults to 'false' unless 'Retries' is greater than 0. + type: boolean + retries: + description: |- + Retries is the number of retries that should be attempted on failures before + bailing. Remediation, using 'Strategy', is performed between each attempt. + Defaults to '0', a negative integer equals to unlimited retries. + type: integer + strategy: + description: Strategy to use for failure remediation. Defaults + to 'rollback'. + enum: + - rollback + - uninstall + type: string + type: object + timeout: + description: |- + Timeout is the time to wait for any individual Kubernetes operation (like + Jobs for hooks) during the performance of a Helm upgrade action. Defaults to + 'HelmReleaseSpec.Timeout'. + pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$ + type: string + type: object + values: + description: Values holds the values for this Helm release. + x-kubernetes-preserve-unknown-fields: true + valuesFrom: + description: |- + ValuesFrom holds references to resources containing Helm values for this HelmRelease, + and information about how they should be merged. + items: + description: |- + ValuesReference contains a reference to a resource containing Helm values, + and optionally the key they can be found at. + properties: + kind: + description: Kind of the values referent, valid values are ('Secret', + 'ConfigMap'). + enum: + - Secret + - ConfigMap + type: string + name: + description: |- + Name of the values referent. Should reside in the same namespace as the + referring resource. + maxLength: 253 + minLength: 1 + type: string + optional: + description: |- + Optional marks this ValuesReference as optional. When set, a not found error + for the values reference is ignored, but any ValuesKey, TargetPath or + transient error will still result in a reconciliation failure. + type: boolean + targetPath: + description: |- + TargetPath is the YAML dot notation path the value should be merged at. When + set, the ValuesKey is expected to be a single flat value. Defaults to 'None', + which results in the values getting merged at the root. + maxLength: 250 + pattern: ^([a-zA-Z0-9_\-.\\\/]|\[[0-9]{1,5}\])+$ + type: string + valuesKey: + description: |- + ValuesKey is the data key where the values.yaml or a specific value can be + found at. Defaults to 'values.yaml'. + maxLength: 253 + pattern: ^[\-._a-zA-Z0-9]+$ + type: string + required: + - kind + - name + type: object + type: array + required: + - interval + type: object + x-kubernetes-validations: + - message: either chart or chartRef must be set + rule: (has(self.chart) && !has(self.chartRef)) || (!has(self.chart) + && has(self.chartRef)) + status: + default: + observedGeneration: -1 + description: HelmReleaseStatus defines the observed state of a HelmRelease. + properties: + conditions: + description: Conditions holds the conditions for the HelmRelease. + items: + description: "Condition contains details for one aspect of the current + state of this API Resource.\n---\nThis struct is intended for + direct use as an array at the field path .status.conditions. For + example,\n\n\n\ttype FooStatus struct{\n\t // Represents the + observations of a foo's current state.\n\t // Known .status.conditions.type + are: \"Available\", \"Progressing\", and \"Degraded\"\n\t // + +patchMergeKey=type\n\t // +patchStrategy=merge\n\t // +listType=map\n\t + \ // +listMapKey=type\n\t Conditions []metav1.Condition `json:\"conditions,omitempty\" + patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"`\n\n\n\t + \ // other fields\n\t}" + properties: + lastTransitionTime: + description: |- + lastTransitionTime is the last time the condition transitioned from one status to another. + This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. + format: date-time + type: string + message: + description: |- + message is a human readable message indicating details about the transition. + This may be an empty string. + maxLength: 32768 + type: string + observedGeneration: + description: |- + observedGeneration represents the .metadata.generation that the condition was set based upon. + For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date + with respect to the current state of the instance. + format: int64 + minimum: 0 + type: integer + reason: + description: |- + reason contains a programmatic identifier indicating the reason for the condition's last transition. + Producers of specific condition types may define expected values and meanings for this field, + and whether the values are considered a guaranteed API. + The value should be a CamelCase string. + This field may not be empty. + maxLength: 1024 + minLength: 1 + pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ + type: string + status: + description: status of the condition, one of True, False, Unknown. + enum: + - "True" + - "False" + - Unknown + type: string + type: + description: |- + type of condition in CamelCase or in foo.example.com/CamelCase. + --- + Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be + useful (see .node.status.conditions), the ability to deconflict is important. + The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + maxLength: 316 + pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ + type: string + required: + - lastTransitionTime + - message + - reason + - status + - type + type: object + type: array + failures: + description: |- + Failures is the reconciliation failure count against the latest desired + state. It is reset after a successful reconciliation. + format: int64 + type: integer + helmChart: + description: |- + HelmChart is the namespaced name of the HelmChart resource created by + the controller for the HelmRelease. + type: string + history: + description: |- + History holds the history of Helm releases performed for this HelmRelease + up to the last successfully completed release. + items: + description: |- + Snapshot captures a point-in-time copy of the status information for a Helm release, + as managed by the controller. + properties: + apiVersion: + description: |- + APIVersion is the API version of the Snapshot. + Provisional: when the calculation method of the Digest field is changed, + this field will be used to distinguish between the old and new methods. + type: string + appVersion: + description: AppVersion is the chart app version of the release + object in storage. + type: string + chartName: + description: ChartName is the chart name of the release object + in storage. + type: string + chartVersion: + description: |- + ChartVersion is the chart version of the release object in + storage. + type: string + configDigest: + description: |- + ConfigDigest is the checksum of the config (better known as + "values") of the release object in storage. + It has the format of `:`. + type: string + deleted: + description: Deleted is when the release was deleted. + format: date-time + type: string + digest: + description: |- + Digest is the checksum of the release object in storage. + It has the format of `:`. + type: string + firstDeployed: + description: FirstDeployed is when the release was first deployed. + format: date-time + type: string + lastDeployed: + description: LastDeployed is when the release was last deployed. + format: date-time + type: string + name: + description: Name is the name of the release. + type: string + namespace: + description: Namespace is the namespace the release is deployed + to. + type: string + ociDigest: + description: OCIDigest is the digest of the OCI artifact associated + with the release. + type: string + status: + description: Status is the current state of the release. + type: string + testHooks: + additionalProperties: + description: |- + TestHookStatus holds the status information for a test hook as observed + to be run by the controller. + properties: + lastCompleted: + description: LastCompleted is the time the test hook last + completed. + format: date-time + type: string + lastStarted: + description: LastStarted is the time the test hook was + last started. + format: date-time + type: string + phase: + description: Phase the test hook was observed to be in. + type: string + type: object + description: |- + TestHooks is the list of test hooks for the release as observed to be + run by the controller. + type: object + version: + description: Version is the version of the release object in + storage. + type: integer + required: + - chartName + - chartVersion + - configDigest + - digest + - firstDeployed + - lastDeployed + - name + - namespace + - status + - version + type: object + type: array + installFailures: + description: |- + InstallFailures is the install failure count against the latest desired + state. It is reset after a successful reconciliation. + format: int64 + type: integer + lastAttemptedConfigDigest: + description: |- + LastAttemptedConfigDigest is the digest for the config (better known as + "values") of the last reconciliation attempt. + type: string + lastAttemptedGeneration: + description: |- + LastAttemptedGeneration is the last generation the controller attempted + to reconcile. + format: int64 + type: integer + lastAttemptedReleaseAction: + description: |- + LastAttemptedReleaseAction is the last release action performed for this + HelmRelease. It is used to determine the active remediation strategy. + enum: + - install + - upgrade + type: string + lastAttemptedRevision: + description: |- + LastAttemptedRevision is the Source revision of the last reconciliation + attempt. For OCIRepository sources, the 12 first characters of the digest are + appended to the chart version e.g. "1.2.3+1234567890ab". + type: string + lastAttemptedRevisionDigest: + description: |- + LastAttemptedRevisionDigest is the digest of the last reconciliation attempt. + This is only set for OCIRepository sources. + type: string + lastAttemptedValuesChecksum: + description: |- + LastAttemptedValuesChecksum is the SHA1 checksum for the values of the last + reconciliation attempt. + Deprecated: Use LastAttemptedConfigDigest instead. + type: string + lastHandledForceAt: + description: |- + LastHandledForceAt holds the value of the most recent force request + value, so a change of the annotation value can be detected. + type: string + lastHandledReconcileAt: + description: |- + LastHandledReconcileAt holds the value of the most recent + reconcile request value, so a change of the annotation value + can be detected. + type: string + lastHandledResetAt: + description: |- + LastHandledResetAt holds the value of the most recent reset request + value, so a change of the annotation value can be detected. + type: string + lastReleaseRevision: + description: |- + LastReleaseRevision is the revision of the last successful Helm release. + Deprecated: Use History instead. + type: integer + observedGeneration: + description: ObservedGeneration is the last observed generation. + format: int64 + type: integer + observedPostRenderersDigest: + description: |- + ObservedPostRenderersDigest is the digest for the post-renderers of + the last successful reconciliation attempt. + type: string + storageNamespace: + description: |- + StorageNamespace is the namespace of the Helm release storage for the + current release. + maxLength: 63 + minLength: 1 + type: string + upgradeFailures: + description: |- + UpgradeFailures is the upgrade failure count against the latest desired + state. It is reset after a successful reconciliation. + format: int64 + type: integer + type: object + type: object + served: true + storage: true + subresources: + status: {} + - additionalPrinterColumns: + - jsonPath: .metadata.creationTimestamp + name: Age + type: date + - jsonPath: .status.conditions[?(@.type=="Ready")].status + name: Ready + type: string + - jsonPath: .status.conditions[?(@.type=="Ready")].message + name: Status + type: string + deprecated: true + deprecationWarning: v2beta1 HelmRelease is deprecated, upgrade to v2 + name: v2beta1 + schema: + openAPIV3Schema: + description: HelmRelease is the Schema for the helmreleases API + properties: + apiVersion: + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources + type: string + kind: + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds + type: string + metadata: + type: object + spec: + description: HelmReleaseSpec defines the desired state of a Helm release. + properties: + chart: + description: |- + Chart defines the template of the v1beta2.HelmChart that should be created + for this HelmRelease. + properties: + metadata: + description: ObjectMeta holds the template for metadata like labels + and annotations. + properties: + annotations: + additionalProperties: + type: string + description: |- + Annotations is an unstructured key value map stored with a resource that may be + set by external tools to store and retrieve arbitrary metadata. They are not + queryable and should be preserved when modifying objects. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations/ + type: object + labels: + additionalProperties: + type: string + description: |- + Map of string keys and values that can be used to organize and categorize + (scope and select) objects. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/ + type: object + type: object + spec: + description: Spec holds the template for the v1beta2.HelmChartSpec + for this HelmRelease. + properties: + chart: + description: The name or path the Helm chart is available + at in the SourceRef. + type: string + interval: + description: |- + Interval at which to check the v1beta2.Source for updates. Defaults to + 'HelmReleaseSpec.Interval'. + pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$ + type: string + reconcileStrategy: + default: ChartVersion + description: |- + Determines what enables the creation of a new artifact. Valid values are + ('ChartVersion', 'Revision'). + See the documentation of the values for an explanation on their behavior. + Defaults to ChartVersion when omitted. + enum: + - ChartVersion + - Revision + type: string + sourceRef: + description: The name and namespace of the v1beta2.Source + the chart is available at. + properties: + apiVersion: + description: APIVersion of the referent. + type: string + kind: + description: Kind of the referent. + enum: + - HelmRepository + - GitRepository + - Bucket + type: string + name: + description: Name of the referent. + maxLength: 253 + minLength: 1 + type: string + namespace: + description: Namespace of the referent. + maxLength: 63 + minLength: 1 + type: string + required: + - name + type: object + valuesFile: + description: |- + Alternative values file to use as the default chart values, expected to + be a relative path in the SourceRef. Deprecated in favor of ValuesFiles, + for backwards compatibility the file defined here is merged before the + ValuesFiles items. Ignored when omitted. + type: string + valuesFiles: + description: |- + Alternative list of values files to use as the chart values (values.yaml + is not included by default), expected to be a relative path in the SourceRef. + Values files are merged in the order of this list with the last file overriding + the first. Ignored when omitted. + items: + type: string + type: array + verify: + description: |- + Verify contains the secret name containing the trusted public keys + used to verify the signature and specifies which provider to use to check + whether OCI image is authentic. + This field is only supported for OCI sources. + Chart dependencies, which are not bundled in the umbrella chart artifact, are not verified. + properties: + provider: + default: cosign + description: Provider specifies the technology used to + sign the OCI Helm chart. + enum: + - cosign + type: string + secretRef: + description: |- + SecretRef specifies the Kubernetes Secret containing the + trusted public keys. + properties: + name: + description: Name of the referent. + type: string + required: + - name + type: object + required: + - provider + type: object + version: + default: '*' + description: |- + Version semver expression, ignored for charts from v1beta2.GitRepository and + v1beta2.Bucket sources. Defaults to latest when omitted. + type: string + required: + - chart + - sourceRef + type: object + required: + - spec + type: object + chartRef: + description: |- + ChartRef holds a reference to a source controller resource containing the + Helm chart artifact. + + + Note: this field is provisional to the v2 API, and not actively used + by v2beta1 HelmReleases. + properties: + apiVersion: + description: APIVersion of the referent. + type: string + kind: + description: Kind of the referent. + enum: + - OCIRepository + - HelmChart + type: string + name: + description: Name of the referent. + maxLength: 253 + minLength: 1 + type: string + namespace: + description: |- + Namespace of the referent, defaults to the namespace of the Kubernetes + resource object that contains the reference. + maxLength: 63 + minLength: 1 + type: string + required: + - kind + - name + type: object + dependsOn: + description: |- + DependsOn may contain a meta.NamespacedObjectReference slice with + references to HelmRelease resources that must be ready before this HelmRelease + can be reconciled. + items: + description: |- + NamespacedObjectReference contains enough information to locate the referenced Kubernetes resource object in any + namespace. + properties: + name: + description: Name of the referent. + type: string + namespace: + description: Namespace of the referent, when not specified it + acts as LocalObjectReference. + type: string + required: + - name + type: object + type: array + driftDetection: + description: |- + DriftDetection holds the configuration for detecting and handling + differences between the manifest in the Helm storage and the resources + currently existing in the cluster. + + + Note: this field is provisional to the v2beta2 API, and not actively used + by v2beta1 HelmReleases. + properties: + ignore: + description: |- + Ignore contains a list of rules for specifying which changes to ignore + during diffing. + items: + description: |- + IgnoreRule defines a rule to selectively disregard specific changes during + the drift detection process. + properties: + paths: + description: |- + Paths is a list of JSON Pointer (RFC 6901) paths to be excluded from + consideration in a Kubernetes object. + items: + type: string + type: array + target: + description: |- + Target is a selector for specifying Kubernetes objects to which this + rule applies. + If Target is not set, the Paths will be ignored for all Kubernetes + objects within the manifest of the Helm release. + properties: + annotationSelector: + description: |- + AnnotationSelector is a string that follows the label selection expression + https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#api + It matches with the resource annotations. + type: string + group: + description: |- + Group is the API group to select resources from. + Together with Version and Kind it is capable of unambiguously identifying and/or selecting resources. + https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md + type: string + kind: + description: |- + Kind of the API Group to select resources from. + Together with Group and Version it is capable of unambiguously + identifying and/or selecting resources. + https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md + type: string + labelSelector: + description: |- + LabelSelector is a string that follows the label selection expression + https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#api + It matches with the resource labels. + type: string + name: + description: Name to match resources with. + type: string + namespace: + description: Namespace to select resources from. + type: string + version: + description: |- + Version of the API Group to select resources from. + Together with Group and Kind it is capable of unambiguously identifying and/or selecting resources. + https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md + type: string + type: object + required: + - paths + type: object + type: array + mode: + description: |- + Mode defines how differences should be handled between the Helm manifest + and the manifest currently applied to the cluster. + If not explicitly set, it defaults to DiffModeDisabled. + enum: + - enabled + - warn + - disabled + type: string + type: object + install: + description: Install holds the configuration for Helm install actions + for this HelmRelease. + properties: + crds: + description: |- + CRDs upgrade CRDs from the Helm Chart's crds directory according + to the CRD upgrade policy provided here. Valid values are `Skip`, + `Create` or `CreateReplace`. Default is `Create` and if omitted + CRDs are installed but not updated. + + + Skip: do neither install nor replace (update) any CRDs. + + + Create: new CRDs are created, existing CRDs are neither updated nor deleted. + + + CreateReplace: new CRDs are created, existing CRDs are updated (replaced) + but not deleted. + + + By default, CRDs are applied (installed) during Helm install action. + With this option users can opt-in to CRD replace existing CRDs on Helm + install actions, which is not (yet) natively supported by Helm. + https://helm.sh/docs/chart_best_practices/custom_resource_definitions. + enum: + - Skip + - Create + - CreateReplace + type: string + createNamespace: + description: |- + CreateNamespace tells the Helm install action to create the + HelmReleaseSpec.TargetNamespace if it does not exist yet. + On uninstall, the namespace will not be garbage collected. + type: boolean + disableHooks: + description: DisableHooks prevents hooks from running during the + Helm install action. + type: boolean + disableOpenAPIValidation: + description: |- + DisableOpenAPIValidation prevents the Helm install action from validating + rendered templates against the Kubernetes OpenAPI Schema. + type: boolean + disableWait: + description: |- + DisableWait disables the waiting for resources to be ready after a Helm + install has been performed. + type: boolean + disableWaitForJobs: + description: |- + DisableWaitForJobs disables waiting for jobs to complete after a Helm + install has been performed. + type: boolean + remediation: + description: |- + Remediation holds the remediation configuration for when the Helm install + action for the HelmRelease fails. The default is to not perform any action. + properties: + ignoreTestFailures: + description: |- + IgnoreTestFailures tells the controller to skip remediation when the Helm + tests are run after an install action but fail. Defaults to + 'Test.IgnoreFailures'. + type: boolean + remediateLastFailure: + description: |- + RemediateLastFailure tells the controller to remediate the last failure, when + no retries remain. Defaults to 'false'. + type: boolean + retries: + description: |- + Retries is the number of retries that should be attempted on failures before + bailing. Remediation, using an uninstall, is performed between each attempt. + Defaults to '0', a negative integer equals to unlimited retries. + type: integer + type: object + replace: + description: |- + Replace tells the Helm install action to re-use the 'ReleaseName', but only + if that name is a deleted release which remains in the history. + type: boolean + skipCRDs: + description: |- + SkipCRDs tells the Helm install action to not install any CRDs. By default, + CRDs are installed if not already present. + + + Deprecated use CRD policy (`crds`) attribute with value `Skip` instead. + type: boolean + timeout: + description: |- + Timeout is the time to wait for any individual Kubernetes operation (like + Jobs for hooks) during the performance of a Helm install action. Defaults to + 'HelmReleaseSpec.Timeout'. + pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$ + type: string + type: object + interval: + description: |- + Interval at which to reconcile the Helm release. + This interval is approximate and may be subject to jitter to ensure + efficient use of resources. + pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$ + type: string + kubeConfig: + description: |- + KubeConfig for reconciling the HelmRelease on a remote cluster. + When used in combination with HelmReleaseSpec.ServiceAccountName, + forces the controller to act on behalf of that Service Account at the + target cluster. + If the --default-service-account flag is set, its value will be used as + a controller level fallback for when HelmReleaseSpec.ServiceAccountName + is empty. + properties: + secretRef: + description: |- + SecretRef holds the name of a secret that contains a key with + the kubeconfig file as the value. If no key is set, the key will default + to 'value'. + It is recommended that the kubeconfig is self-contained, and the secret + is regularly updated if credentials such as a cloud-access-token expire. + Cloud specific `cmd-path` auth helpers will not function without adding + binaries and credentials to the Pod that is responsible for reconciling + Kubernetes resources. + properties: + key: + description: Key in the Secret, when not specified an implementation-specific + default key is used. + type: string + name: + description: Name of the Secret. + type: string + required: + - name + type: object + required: + - secretRef + type: object + maxHistory: + description: |- + MaxHistory is the number of revisions saved by Helm for this HelmRelease. + Use '0' for an unlimited number of revisions; defaults to '10'. + type: integer + persistentClient: + description: |- + PersistentClient tells the controller to use a persistent Kubernetes + client for this release. When enabled, the client will be reused for the + duration of the reconciliation, instead of being created and destroyed + for each (step of a) Helm action. + + + This can improve performance, but may cause issues with some Helm charts + that for example do create Custom Resource Definitions during installation + outside Helm's CRD lifecycle hooks, which are then not observed to be + available by e.g. post-install hooks. + + + If not set, it defaults to true. + type: boolean + postRenderers: + description: |- + PostRenderers holds an array of Helm PostRenderers, which will be applied in order + of their definition. + items: + description: PostRenderer contains a Helm PostRenderer specification. + properties: + kustomize: + description: Kustomization to apply as PostRenderer. + properties: + images: + description: |- + Images is a list of (image name, new name, new tag or digest) + for changing image names, tags or digests. This can also be achieved with a + patch, but this operator is simpler to specify. + items: + description: Image contains an image name, a new name, + a new tag or digest, which will replace the original + name and tag. + properties: + digest: + description: |- + Digest is the value used to replace the original image tag. + If digest is present NewTag value is ignored. + type: string + name: + description: Name is a tag-less image name. + type: string + newName: + description: NewName is the value used to replace + the original name. + type: string + newTag: + description: NewTag is the value used to replace the + original tag. + type: string + required: + - name + type: object + type: array + patches: + description: |- + Strategic merge and JSON patches, defined as inline YAML objects, + capable of targeting objects based on kind, label and annotation selectors. + items: + description: |- + Patch contains an inline StrategicMerge or JSON6902 patch, and the target the patch should + be applied to. + properties: + patch: + description: |- + Patch contains an inline StrategicMerge patch or an inline JSON6902 patch with + an array of operation objects. + type: string + target: + description: Target points to the resources that the + patch document should be applied to. + properties: + annotationSelector: + description: |- + AnnotationSelector is a string that follows the label selection expression + https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#api + It matches with the resource annotations. + type: string + group: + description: |- + Group is the API group to select resources from. + Together with Version and Kind it is capable of unambiguously identifying and/or selecting resources. + https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md + type: string + kind: + description: |- + Kind of the API Group to select resources from. + Together with Group and Version it is capable of unambiguously + identifying and/or selecting resources. + https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md + type: string + labelSelector: + description: |- + LabelSelector is a string that follows the label selection expression + https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#api + It matches with the resource labels. + type: string + name: + description: Name to match resources with. + type: string + namespace: + description: Namespace to select resources from. + type: string + version: + description: |- + Version of the API Group to select resources from. + Together with Group and Kind it is capable of unambiguously identifying and/or selecting resources. + https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md + type: string + type: object + required: + - patch + type: object + type: array + patchesJson6902: + description: JSON 6902 patches, defined as inline YAML objects. + items: + description: JSON6902Patch contains a JSON6902 patch and + the target the patch should be applied to. + properties: + patch: + description: Patch contains the JSON6902 patch document + with an array of operation objects. + items: + description: |- + JSON6902 is a JSON6902 operation object. + https://datatracker.ietf.org/doc/html/rfc6902#section-4 + properties: + from: + description: |- + From contains a JSON-pointer value that references a location within the target document where the operation is + performed. The meaning of the value depends on the value of Op, and is NOT taken into account by all operations. + type: string + op: + description: |- + Op indicates the operation to perform. Its value MUST be one of "add", "remove", "replace", "move", "copy", or + "test". + https://datatracker.ietf.org/doc/html/rfc6902#section-4 + enum: + - test + - remove + - add + - replace + - move + - copy + type: string + path: + description: |- + Path contains the JSON-pointer value that references a location within the target document where the operation + is performed. The meaning of the value depends on the value of Op. + type: string + value: + description: |- + Value contains a valid JSON structure. The meaning of the value depends on the value of Op, and is NOT taken into + account by all operations. + x-kubernetes-preserve-unknown-fields: true + required: + - op + - path + type: object + type: array + target: + description: Target points to the resources that the + patch document should be applied to. + properties: + annotationSelector: + description: |- + AnnotationSelector is a string that follows the label selection expression + https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#api + It matches with the resource annotations. + type: string + group: + description: |- + Group is the API group to select resources from. + Together with Version and Kind it is capable of unambiguously identifying and/or selecting resources. + https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md + type: string + kind: + description: |- + Kind of the API Group to select resources from. + Together with Group and Version it is capable of unambiguously + identifying and/or selecting resources. + https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md + type: string + labelSelector: + description: |- + LabelSelector is a string that follows the label selection expression + https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#api + It matches with the resource labels. + type: string + name: + description: Name to match resources with. + type: string + namespace: + description: Namespace to select resources from. + type: string + version: + description: |- + Version of the API Group to select resources from. + Together with Group and Kind it is capable of unambiguously identifying and/or selecting resources. + https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md + type: string + type: object + required: + - patch + - target + type: object + type: array + patchesStrategicMerge: + description: Strategic merge patches, defined as inline + YAML objects. + items: + x-kubernetes-preserve-unknown-fields: true + type: array + type: object + type: object + type: array + releaseName: + description: |- + ReleaseName used for the Helm release. Defaults to a composition of + '[TargetNamespace-]Name'. + maxLength: 53 + minLength: 1 + type: string + rollback: + description: Rollback holds the configuration for Helm rollback actions + for this HelmRelease. + properties: + cleanupOnFail: + description: |- + CleanupOnFail allows deletion of new resources created during the Helm + rollback action when it fails. + type: boolean + disableHooks: + description: DisableHooks prevents hooks from running during the + Helm rollback action. + type: boolean + disableWait: + description: |- + DisableWait disables the waiting for resources to be ready after a Helm + rollback has been performed. + type: boolean + disableWaitForJobs: + description: |- + DisableWaitForJobs disables waiting for jobs to complete after a Helm + rollback has been performed. + type: boolean + force: + description: Force forces resource updates through a replacement + strategy. + type: boolean + recreate: + description: Recreate performs pod restarts for the resource if + applicable. + type: boolean + timeout: + description: |- + Timeout is the time to wait for any individual Kubernetes operation (like + Jobs for hooks) during the performance of a Helm rollback action. Defaults to + 'HelmReleaseSpec.Timeout'. + pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$ + type: string + type: object + serviceAccountName: + description: |- + The name of the Kubernetes service account to impersonate + when reconciling this HelmRelease. + type: string + storageNamespace: + description: |- + StorageNamespace used for the Helm storage. + Defaults to the namespace of the HelmRelease. + maxLength: 63 + minLength: 1 + type: string + suspend: + description: |- + Suspend tells the controller to suspend reconciliation for this HelmRelease, + it does not apply to already started reconciliations. Defaults to false. + type: boolean + targetNamespace: + description: |- + TargetNamespace to target when performing operations for the HelmRelease. + Defaults to the namespace of the HelmRelease. + maxLength: 63 + minLength: 1 + type: string + test: + description: Test holds the configuration for Helm test actions for + this HelmRelease. + properties: + enable: + description: |- + Enable enables Helm test actions for this HelmRelease after an Helm install + or upgrade action has been performed. + type: boolean + ignoreFailures: + description: |- + IgnoreFailures tells the controller to skip remediation when the Helm tests + are run but fail. Can be overwritten for tests run after install or upgrade + actions in 'Install.IgnoreTestFailures' and 'Upgrade.IgnoreTestFailures'. + type: boolean + timeout: + description: |- + Timeout is the time to wait for any individual Kubernetes operation during + the performance of a Helm test action. Defaults to 'HelmReleaseSpec.Timeout'. + pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$ + type: string + type: object + timeout: + description: |- + Timeout is the time to wait for any individual Kubernetes operation (like Jobs + for hooks) during the performance of a Helm action. Defaults to '5m0s'. + pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$ + type: string + uninstall: + description: Uninstall holds the configuration for Helm uninstall + actions for this HelmRelease. + properties: + deletionPropagation: + default: background + description: |- + DeletionPropagation specifies the deletion propagation policy when + a Helm uninstall is performed. + enum: + - background + - foreground + - orphan + type: string + disableHooks: + description: DisableHooks prevents hooks from running during the + Helm rollback action. + type: boolean + disableWait: + description: |- + DisableWait disables waiting for all the resources to be deleted after + a Helm uninstall is performed. + type: boolean + keepHistory: + description: |- + KeepHistory tells Helm to remove all associated resources and mark the + release as deleted, but retain the release history. + type: boolean + timeout: + description: |- + Timeout is the time to wait for any individual Kubernetes operation (like + Jobs for hooks) during the performance of a Helm uninstall action. Defaults + to 'HelmReleaseSpec.Timeout'. + pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$ + type: string + type: object + upgrade: + description: Upgrade holds the configuration for Helm upgrade actions + for this HelmRelease. + properties: + cleanupOnFail: + description: |- + CleanupOnFail allows deletion of new resources created during the Helm + upgrade action when it fails. + type: boolean + crds: + description: |- + CRDs upgrade CRDs from the Helm Chart's crds directory according + to the CRD upgrade policy provided here. Valid values are `Skip`, + `Create` or `CreateReplace`. Default is `Skip` and if omitted + CRDs are neither installed nor upgraded. + + + Skip: do neither install nor replace (update) any CRDs. + + + Create: new CRDs are created, existing CRDs are neither updated nor deleted. + + + CreateReplace: new CRDs are created, existing CRDs are updated (replaced) + but not deleted. + + + By default, CRDs are not applied during Helm upgrade action. With this + option users can opt-in to CRD upgrade, which is not (yet) natively supported by Helm. + https://helm.sh/docs/chart_best_practices/custom_resource_definitions. + enum: + - Skip + - Create + - CreateReplace + type: string + disableHooks: + description: DisableHooks prevents hooks from running during the + Helm upgrade action. + type: boolean + disableOpenAPIValidation: + description: |- + DisableOpenAPIValidation prevents the Helm upgrade action from validating + rendered templates against the Kubernetes OpenAPI Schema. + type: boolean + disableWait: + description: |- + DisableWait disables the waiting for resources to be ready after a Helm + upgrade has been performed. + type: boolean + disableWaitForJobs: + description: |- + DisableWaitForJobs disables waiting for jobs to complete after a Helm + upgrade has been performed. + type: boolean + force: + description: Force forces resource updates through a replacement + strategy. + type: boolean + preserveValues: + description: |- + PreserveValues will make Helm reuse the last release's values and merge in + overrides from 'Values'. Setting this flag makes the HelmRelease + non-declarative. + type: boolean + remediation: + description: |- + Remediation holds the remediation configuration for when the Helm upgrade + action for the HelmRelease fails. The default is to not perform any action. + properties: + ignoreTestFailures: + description: |- + IgnoreTestFailures tells the controller to skip remediation when the Helm + tests are run after an upgrade action but fail. + Defaults to 'Test.IgnoreFailures'. + type: boolean + remediateLastFailure: + description: |- + RemediateLastFailure tells the controller to remediate the last failure, when + no retries remain. Defaults to 'false' unless 'Retries' is greater than 0. + type: boolean + retries: + description: |- + Retries is the number of retries that should be attempted on failures before + bailing. Remediation, using 'Strategy', is performed between each attempt. + Defaults to '0', a negative integer equals to unlimited retries. + type: integer + strategy: + description: Strategy to use for failure remediation. Defaults + to 'rollback'. + enum: + - rollback + - uninstall + type: string + type: object + timeout: + description: |- + Timeout is the time to wait for any individual Kubernetes operation (like + Jobs for hooks) during the performance of a Helm upgrade action. Defaults to + 'HelmReleaseSpec.Timeout'. + pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$ + type: string + type: object + values: + description: Values holds the values for this Helm release. + x-kubernetes-preserve-unknown-fields: true + valuesFrom: + description: |- + ValuesFrom holds references to resources containing Helm values for this HelmRelease, + and information about how they should be merged. + items: + description: |- + ValuesReference contains a reference to a resource containing Helm values, + and optionally the key they can be found at. + properties: + kind: + description: Kind of the values referent, valid values are ('Secret', + 'ConfigMap'). + enum: + - Secret + - ConfigMap + type: string + name: + description: |- + Name of the values referent. Should reside in the same namespace as the + referring resource. + maxLength: 253 + minLength: 1 + type: string + optional: + description: |- + Optional marks this ValuesReference as optional. When set, a not found error + for the values reference is ignored, but any ValuesKey, TargetPath or + transient error will still result in a reconciliation failure. + type: boolean + targetPath: + description: |- + TargetPath is the YAML dot notation path the value should be merged at. When + set, the ValuesKey is expected to be a single flat value. Defaults to 'None', + which results in the values getting merged at the root. + maxLength: 250 + pattern: ^([a-zA-Z0-9_\-.\\\/]|\[[0-9]{1,5}\])+$ + type: string + valuesKey: + description: |- + ValuesKey is the data key where the values.yaml or a specific value can be + found at. Defaults to 'values.yaml'. + When set, must be a valid Data Key, consisting of alphanumeric characters, + '-', '_' or '.'. + maxLength: 253 + pattern: ^[\-._a-zA-Z0-9]+$ + type: string + required: + - kind + - name + type: object + type: array + required: + - interval + type: object + status: + default: + observedGeneration: -1 + description: HelmReleaseStatus defines the observed state of a HelmRelease. + properties: + conditions: + description: Conditions holds the conditions for the HelmRelease. + items: + description: "Condition contains details for one aspect of the current + state of this API Resource.\n---\nThis struct is intended for + direct use as an array at the field path .status.conditions. For + example,\n\n\n\ttype FooStatus struct{\n\t // Represents the + observations of a foo's current state.\n\t // Known .status.conditions.type + are: \"Available\", \"Progressing\", and \"Degraded\"\n\t // + +patchMergeKey=type\n\t // +patchStrategy=merge\n\t // +listType=map\n\t + \ // +listMapKey=type\n\t Conditions []metav1.Condition `json:\"conditions,omitempty\" + patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"`\n\n\n\t + \ // other fields\n\t}" + properties: + lastTransitionTime: + description: |- + lastTransitionTime is the last time the condition transitioned from one status to another. + This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. + format: date-time + type: string + message: + description: |- + message is a human readable message indicating details about the transition. + This may be an empty string. + maxLength: 32768 + type: string + observedGeneration: + description: |- + observedGeneration represents the .metadata.generation that the condition was set based upon. + For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date + with respect to the current state of the instance. + format: int64 + minimum: 0 + type: integer + reason: + description: |- + reason contains a programmatic identifier indicating the reason for the condition's last transition. + Producers of specific condition types may define expected values and meanings for this field, + and whether the values are considered a guaranteed API. + The value should be a CamelCase string. + This field may not be empty. + maxLength: 1024 + minLength: 1 + pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ + type: string + status: + description: status of the condition, one of True, False, Unknown. + enum: + - "True" + - "False" + - Unknown + type: string + type: + description: |- + type of condition in CamelCase or in foo.example.com/CamelCase. + --- + Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be + useful (see .node.status.conditions), the ability to deconflict is important. + The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + maxLength: 316 + pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ + type: string + required: + - lastTransitionTime + - message + - reason + - status + - type + type: object + type: array + failures: + description: |- + Failures is the reconciliation failure count against the latest desired + state. It is reset after a successful reconciliation. + format: int64 + type: integer + helmChart: + description: |- + HelmChart is the namespaced name of the HelmChart resource created by + the controller for the HelmRelease. + type: string + history: + description: |- + History holds the history of Helm releases performed for this HelmRelease + up to the last successfully completed release. + + + Note: this field is provisional to the v2beta2 API, and not actively used + by v2beta1 HelmReleases. + items: + description: |- + Snapshot captures a point-in-time copy of the status information for a Helm release, + as managed by the controller. + properties: + apiVersion: + description: |- + APIVersion is the API version of the Snapshot. + Provisional: when the calculation method of the Digest field is changed, + this field will be used to distinguish between the old and new methods. + type: string + appVersion: + description: AppVersion is the chart app version of the release + object in storage. + type: string + chartName: + description: ChartName is the chart name of the release object + in storage. + type: string + chartVersion: + description: |- + ChartVersion is the chart version of the release object in + storage. + type: string + configDigest: + description: |- + ConfigDigest is the checksum of the config (better known as + "values") of the release object in storage. + It has the format of `:`. + type: string + deleted: + description: Deleted is when the release was deleted. + format: date-time + type: string + digest: + description: |- + Digest is the checksum of the release object in storage. + It has the format of `:`. + type: string + firstDeployed: + description: FirstDeployed is when the release was first deployed. + format: date-time + type: string + lastDeployed: + description: LastDeployed is when the release was last deployed. + format: date-time + type: string + name: + description: Name is the name of the release. + type: string + namespace: + description: Namespace is the namespace the release is deployed + to. + type: string + ociDigest: + description: OCIDigest is the digest of the OCI artifact associated + with the release. + type: string + status: + description: Status is the current state of the release. + type: string + testHooks: + additionalProperties: + description: |- + TestHookStatus holds the status information for a test hook as observed + to be run by the controller. + properties: + lastCompleted: + description: LastCompleted is the time the test hook last + completed. + format: date-time + type: string + lastStarted: + description: LastStarted is the time the test hook was + last started. + format: date-time + type: string + phase: + description: Phase the test hook was observed to be in. + type: string + type: object + description: |- + TestHooks is the list of test hooks for the release as observed to be + run by the controller. + type: object + version: + description: Version is the version of the release object in + storage. + type: integer + required: + - chartName + - chartVersion + - configDigest + - digest + - firstDeployed + - lastDeployed + - name + - namespace + - status + - version + type: object + type: array + installFailures: + description: |- + InstallFailures is the install failure count against the latest desired + state. It is reset after a successful reconciliation. + format: int64 + type: integer + lastAppliedRevision: + description: LastAppliedRevision is the revision of the last successfully + applied source. + type: string + lastAttemptedConfigDigest: + description: |- + LastAttemptedConfigDigest is the digest for the config (better known as + "values") of the last reconciliation attempt. + + + Note: this field is provisional to the v2beta2 API, and not actively used + by v2beta1 HelmReleases. + type: string + lastAttemptedGeneration: + description: |- + LastAttemptedGeneration is the last generation the controller attempted + to reconcile. + + + Note: this field is provisional to the v2beta2 API, and not actively used + by v2beta1 HelmReleases. + format: int64 + type: integer + lastAttemptedReleaseAction: + description: |- + LastAttemptedReleaseAction is the last release action performed for this + HelmRelease. It is used to determine the active remediation strategy. + + + Note: this field is provisional to the v2beta2 API, and not actively used + by v2beta1 HelmReleases. + type: string + lastAttemptedRevision: + description: LastAttemptedRevision is the revision of the last reconciliation + attempt. + type: string + lastAttemptedValuesChecksum: + description: |- + LastAttemptedValuesChecksum is the SHA1 checksum of the values of the last + reconciliation attempt. + type: string + lastHandledForceAt: + description: |- + LastHandledForceAt holds the value of the most recent force request + value, so a change of the annotation value can be detected. + + + Note: this field is provisional to the v2beta2 API, and not actively used + by v2beta1 HelmReleases. + type: string + lastHandledReconcileAt: + description: |- + LastHandledReconcileAt holds the value of the most recent + reconcile request value, so a change of the annotation value + can be detected. + type: string + lastHandledResetAt: + description: |- + LastHandledResetAt holds the value of the most recent reset request + value, so a change of the annotation value can be detected. + + + Note: this field is provisional to the v2beta2 API, and not actively used + by v2beta1 HelmReleases. + type: string + lastReleaseRevision: + description: LastReleaseRevision is the revision of the last successful + Helm release. + type: integer + observedGeneration: + description: ObservedGeneration is the last observed generation. + format: int64 + type: integer + observedPostRenderersDigest: + description: |- + ObservedPostRenderersDigest is the digest for the post-renderers of + the last successful reconciliation attempt. + type: string + storageNamespace: + description: |- + StorageNamespace is the namespace of the Helm release storage for the + current release. + + + Note: this field is provisional to the v2beta2 API, and not actively used + by v2beta1 HelmReleases. + type: string + upgradeFailures: + description: |- + UpgradeFailures is the upgrade failure count against the latest desired + state. It is reset after a successful reconciliation. + format: int64 + type: integer + type: object + type: object + served: true + storage: false + subresources: + status: {} + - additionalPrinterColumns: + - jsonPath: .metadata.creationTimestamp + name: Age + type: date + - jsonPath: .status.conditions[?(@.type=="Ready")].status + name: Ready + type: string + - jsonPath: .status.conditions[?(@.type=="Ready")].message + name: Status + type: string + deprecated: true + deprecationWarning: v2beta2 HelmRelease is deprecated, upgrade to v2 + name: v2beta2 + schema: + openAPIV3Schema: + description: HelmRelease is the Schema for the helmreleases API + properties: + apiVersion: + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources + type: string + kind: + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds + type: string + metadata: + type: object + spec: + description: HelmReleaseSpec defines the desired state of a Helm release. + properties: + chart: + description: |- + Chart defines the template of the v1beta2.HelmChart that should be created + for this HelmRelease. + properties: + metadata: + description: ObjectMeta holds the template for metadata like labels + and annotations. + properties: + annotations: + additionalProperties: + type: string + description: |- + Annotations is an unstructured key value map stored with a resource that may be + set by external tools to store and retrieve arbitrary metadata. They are not + queryable and should be preserved when modifying objects. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations/ + type: object + labels: + additionalProperties: + type: string + description: |- + Map of string keys and values that can be used to organize and categorize + (scope and select) objects. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/ + type: object + type: object + spec: + description: Spec holds the template for the v1beta2.HelmChartSpec + for this HelmRelease. + properties: + chart: + description: The name or path the Helm chart is available + at in the SourceRef. + maxLength: 2048 + minLength: 1 + type: string + ignoreMissingValuesFiles: + description: IgnoreMissingValuesFiles controls whether to + silently ignore missing values files rather than failing. + type: boolean + interval: + description: |- + Interval at which to check the v1.Source for updates. Defaults to + 'HelmReleaseSpec.Interval'. + pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$ + type: string + reconcileStrategy: + default: ChartVersion + description: |- + Determines what enables the creation of a new artifact. Valid values are + ('ChartVersion', 'Revision'). + See the documentation of the values for an explanation on their behavior. + Defaults to ChartVersion when omitted. + enum: + - ChartVersion + - Revision + type: string + sourceRef: + description: The name and namespace of the v1.Source the chart + is available at. + properties: + apiVersion: + description: APIVersion of the referent. + type: string + kind: + description: Kind of the referent. + enum: + - HelmRepository + - GitRepository + - Bucket + type: string + name: + description: Name of the referent. + maxLength: 253 + minLength: 1 + type: string + namespace: + description: Namespace of the referent. + maxLength: 63 + minLength: 1 + type: string + required: + - name + type: object + valuesFile: + description: |- + Alternative values file to use as the default chart values, expected to + be a relative path in the SourceRef. Deprecated in favor of ValuesFiles, + for backwards compatibility the file defined here is merged before the + ValuesFiles items. Ignored when omitted. + type: string + valuesFiles: + description: |- + Alternative list of values files to use as the chart values (values.yaml + is not included by default), expected to be a relative path in the SourceRef. + Values files are merged in the order of this list with the last file overriding + the first. Ignored when omitted. + items: + type: string + type: array + verify: + description: |- + Verify contains the secret name containing the trusted public keys + used to verify the signature and specifies which provider to use to check + whether OCI image is authentic. + This field is only supported for OCI sources. + Chart dependencies, which are not bundled in the umbrella chart artifact, + are not verified. + properties: + provider: + default: cosign + description: Provider specifies the technology used to + sign the OCI Helm chart. + enum: + - cosign + - notation + type: string + secretRef: + description: |- + SecretRef specifies the Kubernetes Secret containing the + trusted public keys. + properties: + name: + description: Name of the referent. + type: string + required: + - name + type: object + required: + - provider + type: object + version: + default: '*' + description: |- + Version semver expression, ignored for charts from v1beta2.GitRepository and + v1beta2.Bucket sources. Defaults to latest when omitted. + type: string + required: + - chart + - sourceRef + type: object + required: + - spec + type: object + chartRef: + description: |- + ChartRef holds a reference to a source controller resource containing the + Helm chart artifact. + + + Note: this field is provisional to the v2 API, and not actively used + by v2beta2 HelmReleases. + properties: + apiVersion: + description: APIVersion of the referent. + type: string + kind: + description: Kind of the referent. + enum: + - OCIRepository + - HelmChart + type: string + name: + description: Name of the referent. + maxLength: 253 + minLength: 1 + type: string + namespace: + description: |- + Namespace of the referent, defaults to the namespace of the Kubernetes + resource object that contains the reference. + maxLength: 63 + minLength: 1 + type: string + required: + - kind + - name + type: object + dependsOn: + description: |- + DependsOn may contain a meta.NamespacedObjectReference slice with + references to HelmRelease resources that must be ready before this HelmRelease + can be reconciled. + items: + description: |- + NamespacedObjectReference contains enough information to locate the referenced Kubernetes resource object in any + namespace. + properties: + name: + description: Name of the referent. + type: string + namespace: + description: Namespace of the referent, when not specified it + acts as LocalObjectReference. + type: string + required: + - name + type: object + type: array + driftDetection: + description: |- + DriftDetection holds the configuration for detecting and handling + differences between the manifest in the Helm storage and the resources + currently existing in the cluster. + properties: + ignore: + description: |- + Ignore contains a list of rules for specifying which changes to ignore + during diffing. + items: + description: |- + IgnoreRule defines a rule to selectively disregard specific changes during + the drift detection process. + properties: + paths: + description: |- + Paths is a list of JSON Pointer (RFC 6901) paths to be excluded from + consideration in a Kubernetes object. + items: + type: string + type: array + target: + description: |- + Target is a selector for specifying Kubernetes objects to which this + rule applies. + If Target is not set, the Paths will be ignored for all Kubernetes + objects within the manifest of the Helm release. + properties: + annotationSelector: + description: |- + AnnotationSelector is a string that follows the label selection expression + https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#api + It matches with the resource annotations. + type: string + group: + description: |- + Group is the API group to select resources from. + Together with Version and Kind it is capable of unambiguously identifying and/or selecting resources. + https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md + type: string + kind: + description: |- + Kind of the API Group to select resources from. + Together with Group and Version it is capable of unambiguously + identifying and/or selecting resources. + https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md + type: string + labelSelector: + description: |- + LabelSelector is a string that follows the label selection expression + https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#api + It matches with the resource labels. + type: string + name: + description: Name to match resources with. + type: string + namespace: + description: Namespace to select resources from. + type: string + version: + description: |- + Version of the API Group to select resources from. + Together with Group and Kind it is capable of unambiguously identifying and/or selecting resources. + https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md + type: string + type: object + required: + - paths + type: object + type: array + mode: + description: |- + Mode defines how differences should be handled between the Helm manifest + and the manifest currently applied to the cluster. + If not explicitly set, it defaults to DiffModeDisabled. + enum: + - enabled + - warn + - disabled + type: string + type: object + install: + description: Install holds the configuration for Helm install actions + for this HelmRelease. properties: crds: - description: "CRDs upgrade CRDs from the Helm Chart's crds directory according to the CRD upgrade policy - provided here. Valid values are `Skip`, `Create` or `CreateReplace`. Default is `Create` and if omitted - CRDs are installed but not updated. \n Skip: do neither install nor replace (update) any CRDs. \n Create: - new CRDs are created, existing CRDs are neither updated nor deleted. \n CreateReplace: new CRDs are - created, existing CRDs are updated (replaced) but not deleted. \n By default, CRDs are applied (installed) - during Helm install action. With this option users can opt-in to CRD replace existing CRDs on Helm install - actions, which is not (yet) natively supported by Helm. https://helm.sh/docs/chart_best_practices/custom_resource_definitions." + description: |- + CRDs upgrade CRDs from the Helm Chart's crds directory according + to the CRD upgrade policy provided here. Valid values are `Skip`, + `Create` or `CreateReplace`. Default is `Create` and if omitted + CRDs are installed but not updated. + + + Skip: do neither install nor replace (update) any CRDs. + + + Create: new CRDs are created, existing CRDs are neither updated nor deleted. + + + CreateReplace: new CRDs are created, existing CRDs are updated (replaced) + but not deleted. + + + By default, CRDs are applied (installed) during Helm install action. + With this option users can opt in to CRD replace existing CRDs on Helm + install actions, which is not (yet) natively supported by Helm. + https://helm.sh/docs/chart_best_practices/custom_resource_definitions. enum: - Skip - Create - CreateReplace type: string createNamespace: - description: CreateNamespace tells the Helm install action to create the HelmReleaseSpec.TargetNamespace - if it does not exist yet. On uninstall, the namespace will not be garbage collected. + description: |- + CreateNamespace tells the Helm install action to create the + HelmReleaseSpec.TargetNamespace if it does not exist yet. + On uninstall, the namespace will not be garbage collected. type: boolean disableHooks: - description: DisableHooks prevents hooks from running during the Helm install action. + description: DisableHooks prevents hooks from running during the + Helm install action. type: boolean disableOpenAPIValidation: - description: DisableOpenAPIValidation prevents the Helm install action from validating rendered templates - against the Kubernetes OpenAPI Schema. + description: |- + DisableOpenAPIValidation prevents the Helm install action from validating + rendered templates against the Kubernetes OpenAPI Schema. type: boolean disableWait: - description: DisableWait disables the waiting for resources to be ready after a Helm install has been - performed. + description: |- + DisableWait disables the waiting for resources to be ready after a Helm + install has been performed. type: boolean disableWaitForJobs: - description: DisableWaitForJobs disables waiting for jobs to complete after a Helm install has been performed. + description: |- + DisableWaitForJobs disables waiting for jobs to complete after a Helm + install has been performed. type: boolean remediation: - description: Remediation holds the remediation configuration for when the Helm install action for the - HelmRelease fails. The default is to not perform any action. + description: |- + Remediation holds the remediation configuration for when the Helm install + action for the HelmRelease fails. The default is to not perform any action. properties: ignoreTestFailures: - description: IgnoreTestFailures tells the controller to skip remediation when the Helm tests are run - after an install action but fail. Defaults to 'Test.IgnoreFailures'. + description: |- + IgnoreTestFailures tells the controller to skip remediation when the Helm + tests are run after an install action but fail. Defaults to + 'Test.IgnoreFailures'. type: boolean remediateLastFailure: - description: RemediateLastFailure tells the controller to remediate the last failure, when no retries - remain. Defaults to 'false'. + description: |- + RemediateLastFailure tells the controller to remediate the last failure, when + no retries remain. Defaults to 'false'. type: boolean retries: - description: Retries is the number of retries that should be attempted on failures before bailing. - Remediation, using an uninstall, is performed between each attempt. Defaults to '0', a negative - integer equals to unlimited retries. + description: |- + Retries is the number of retries that should be attempted on failures before + bailing. Remediation, using an uninstall, is performed between each attempt. + Defaults to '0', a negative integer equals to unlimited retries. type: integer type: object replace: - description: Replace tells the Helm install action to re-use the 'ReleaseName', but only if that name - is a deleted release which remains in the history. + description: |- + Replace tells the Helm install action to re-use the 'ReleaseName', but only + if that name is a deleted release which remains in the history. type: boolean skipCRDs: - description: "SkipCRDs tells the Helm install action to not install any CRDs. By default, CRDs are installed - if not already present. \n Deprecated use CRD policy (`crds`) attribute with value `Skip` instead." + description: |- + SkipCRDs tells the Helm install action to not install any CRDs. By default, + CRDs are installed if not already present. + + + Deprecated use CRD policy (`crds`) attribute with value `Skip` instead. type: boolean timeout: - description: Timeout is the time to wait for any individual Kubernetes operation (like Jobs for hooks) - during the performance of a Helm install action. Defaults to 'HelmReleaseSpec.Timeout'. + description: |- + Timeout is the time to wait for any individual Kubernetes operation (like + Jobs for hooks) during the performance of a Helm install action. Defaults to + 'HelmReleaseSpec.Timeout'. pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$ type: string type: object interval: - description: Interval at which to reconcile the Helm release. This interval is approximate and may be subject - to jitter to ensure efficient use of resources. + description: Interval at which to reconcile the Helm release. pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$ type: string kubeConfig: - description: KubeConfig for reconciling the HelmRelease on a remote cluster. When used in combination with - HelmReleaseSpec.ServiceAccountName, forces the controller to act on behalf of that Service Account at the - target cluster. If the --default-service-account flag is set, its value will be used as a controller level - fallback for when HelmReleaseSpec.ServiceAccountName is empty. + description: |- + KubeConfig for reconciling the HelmRelease on a remote cluster. + When used in combination with HelmReleaseSpec.ServiceAccountName, + forces the controller to act on behalf of that Service Account at the + target cluster. + If the --default-service-account flag is set, its value will be used as + a controller level fallback for when HelmReleaseSpec.ServiceAccountName + is empty. properties: secretRef: - description: SecretRef holds the name of a secret that contains a key with the kubeconfig file as the - value. If no key is set, the key will default to 'value'. It is recommended that the kubeconfig is self-contained, - and the secret is regularly updated if credentials such as a cloud-access-token expire. Cloud specific - `cmd-path` auth helpers will not function without adding binaries and credentials to the Pod that is - responsible for reconciling Kubernetes resources. + description: |- + SecretRef holds the name of a secret that contains a key with + the kubeconfig file as the value. If no key is set, the key will default + to 'value'. + It is recommended that the kubeconfig is self-contained, and the secret + is regularly updated if credentials such as a cloud-access-token expire. + Cloud specific `cmd-path` auth helpers will not function without adding + binaries and credentials to the Pod that is responsible for reconciling + Kubernetes resources. properties: key: - description: Key in the Secret, when not specified an implementation-specific default key is used. + description: Key in the Secret, when not specified an implementation-specific + default key is used. type: string name: description: Name of the Secret. @@ -5049,19 +9411,30 @@ spec: - secretRef type: object maxHistory: - description: MaxHistory is the number of revisions saved by Helm for this HelmRelease. Use '0' for an unlimited - number of revisions; defaults to '10'. + description: |- + MaxHistory is the number of revisions saved by Helm for this HelmRelease. + Use '0' for an unlimited number of revisions; defaults to '5'. type: integer persistentClient: - description: "PersistentClient tells the controller to use a persistent Kubernetes client for this release. - When enabled, the client will be reused for the duration of the reconciliation, instead of being created - and destroyed for each (step of a) Helm action. \n This can improve performance, but may cause issues with - some Helm charts that for example do create Custom Resource Definitions during installation outside Helm's - CRD lifecycle hooks, which are then not observed to be available by e.g. post-install hooks. \n If not set, - it defaults to true." + description: |- + PersistentClient tells the controller to use a persistent Kubernetes + client for this release. When enabled, the client will be reused for the + duration of the reconciliation, instead of being created and destroyed + for each (step of a) Helm action. + + + This can improve performance, but may cause issues with some Helm charts + that for example do create Custom Resource Definitions during installation + outside Helm's CRD lifecycle hooks, which are then not observed to be + available by e.g. post-install hooks. + + + If not set, it defaults to true. type: boolean postRenderers: - description: PostRenderers holds an array of Helm PostRenderers, which will be applied in order of their definition. + description: |- + PostRenderers holds an array of Helm PostRenderers, which will be applied in order + of their definition. items: description: PostRenderer contains a Helm PostRenderer specification. properties: @@ -5069,58 +9442,76 @@ spec: description: Kustomization to apply as PostRenderer. properties: images: - description: Images is a list of (image name, new name, new tag or digest) for changing image names, - tags or digests. This can also be achieved with a patch, but this operator is simpler to specify. + description: |- + Images is a list of (image name, new name, new tag or digest) + for changing image names, tags or digests. This can also be achieved with a + patch, but this operator is simpler to specify. items: - description: Image contains an image name, a new name, a new tag or digest, which will replace - the original name and tag. + description: Image contains an image name, a new name, + a new tag or digest, which will replace the original + name and tag. properties: digest: - description: Digest is the value used to replace the original image tag. If digest is present - NewTag value is ignored. + description: |- + Digest is the value used to replace the original image tag. + If digest is present NewTag value is ignored. type: string name: description: Name is a tag-less image name. type: string newName: - description: NewName is the value used to replace the original name. + description: NewName is the value used to replace + the original name. type: string newTag: - description: NewTag is the value used to replace the original tag. + description: NewTag is the value used to replace the + original tag. type: string required: - name type: object type: array patches: - description: Strategic merge and JSON patches, defined as inline YAML objects, capable of targeting - objects based on kind, label and annotation selectors. + description: |- + Strategic merge and JSON patches, defined as inline YAML objects, + capable of targeting objects based on kind, label and annotation selectors. items: - description: Patch contains an inline StrategicMerge or JSON6902 patch, and the target the patch - should be applied to. + description: |- + Patch contains an inline StrategicMerge or JSON6902 patch, and the target the patch should + be applied to. properties: patch: - description: Patch contains an inline StrategicMerge patch or an inline JSON6902 patch with + description: |- + Patch contains an inline StrategicMerge patch or an inline JSON6902 patch with an array of operation objects. type: string target: - description: Target points to the resources that the patch document should be applied to. + description: Target points to the resources that the + patch document should be applied to. properties: annotationSelector: - description: AnnotationSelector is a string that follows the label selection expression - https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#api It matches - with the resource annotations. + description: |- + AnnotationSelector is a string that follows the label selection expression + https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#api + It matches with the resource annotations. type: string group: - description: Group is the API group to select resources from. Together with Version and - Kind it is capable of unambiguously identifying and/or selecting resources. https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md + description: |- + Group is the API group to select resources from. + Together with Version and Kind it is capable of unambiguously identifying and/or selecting resources. + https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md type: string kind: - description: Kind of the API Group to select resources from. Together with Group and Version - it is capable of unambiguously identifying and/or selecting resources. https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md + description: |- + Kind of the API Group to select resources from. + Together with Group and Version it is capable of unambiguously + identifying and/or selecting resources. + https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md type: string labelSelector: - description: LabelSelector is a string that follows the label selection expression https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#api + description: |- + LabelSelector is a string that follows the label selection expression + https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#api It matches with the resource labels. type: string name: @@ -5130,8 +9521,10 @@ spec: description: Namespace to select resources from. type: string version: - description: Version of the API Group to select resources from. Together with Group and - Kind it is capable of unambiguously identifying and/or selecting resources. https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md + description: |- + Version of the API Group to select resources from. + Together with Group and Kind it is capable of unambiguously identifying and/or selecting resources. + https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md type: string type: object required: @@ -5139,24 +9532,31 @@ spec: type: object type: array patchesJson6902: - description: JSON 6902 patches, defined as inline YAML objects. + description: |- + JSON 6902 patches, defined as inline YAML objects. + Deprecated: use Patches instead. items: - description: JSON6902Patch contains a JSON6902 patch and the target the patch should be applied - to. + description: JSON6902Patch contains a JSON6902 patch and + the target the patch should be applied to. properties: patch: - description: Patch contains the JSON6902 patch document with an array of operation objects. + description: Patch contains the JSON6902 patch document + with an array of operation objects. items: - description: JSON6902 is a JSON6902 operation object. https://datatracker.ietf.org/doc/html/rfc6902#section-4 + description: |- + JSON6902 is a JSON6902 operation object. + https://datatracker.ietf.org/doc/html/rfc6902#section-4 properties: from: - description: From contains a JSON-pointer value that references a location within the - target document where the operation is performed. The meaning of the value depends - on the value of Op, and is NOT taken into account by all operations. + description: |- + From contains a JSON-pointer value that references a location within the target document where the operation is + performed. The meaning of the value depends on the value of Op, and is NOT taken into account by all operations. type: string op: - description: Op indicates the operation to perform. Its value MUST be one of "add", - "remove", "replace", "move", "copy", or "test". https://datatracker.ietf.org/doc/html/rfc6902#section-4 + description: |- + Op indicates the operation to perform. Its value MUST be one of "add", "remove", "replace", "move", "copy", or + "test". + https://datatracker.ietf.org/doc/html/rfc6902#section-4 enum: - test - remove @@ -5166,13 +9566,14 @@ spec: - copy type: string path: - description: Path contains the JSON-pointer value that references a location within - the target document where the operation is performed. The meaning of the value depends - on the value of Op. + description: |- + Path contains the JSON-pointer value that references a location within the target document where the operation + is performed. The meaning of the value depends on the value of Op. type: string value: - description: Value contains a valid JSON structure. The meaning of the value depends - on the value of Op, and is NOT taken into account by all operations. + description: |- + Value contains a valid JSON structure. The meaning of the value depends on the value of Op, and is NOT taken into + account by all operations. x-kubernetes-preserve-unknown-fields: true required: - op @@ -5180,23 +9581,32 @@ spec: type: object type: array target: - description: Target points to the resources that the patch document should be applied to. + description: Target points to the resources that the + patch document should be applied to. properties: annotationSelector: - description: AnnotationSelector is a string that follows the label selection expression - https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#api It matches - with the resource annotations. + description: |- + AnnotationSelector is a string that follows the label selection expression + https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#api + It matches with the resource annotations. type: string group: - description: Group is the API group to select resources from. Together with Version and - Kind it is capable of unambiguously identifying and/or selecting resources. https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md + description: |- + Group is the API group to select resources from. + Together with Version and Kind it is capable of unambiguously identifying and/or selecting resources. + https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md type: string kind: - description: Kind of the API Group to select resources from. Together with Group and Version - it is capable of unambiguously identifying and/or selecting resources. https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md + description: |- + Kind of the API Group to select resources from. + Together with Group and Version it is capable of unambiguously + identifying and/or selecting resources. + https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md type: string labelSelector: - description: LabelSelector is a string that follows the label selection expression https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#api + description: |- + LabelSelector is a string that follows the label selection expression + https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#api It matches with the resource labels. type: string name: @@ -5206,8 +9616,10 @@ spec: description: Namespace to select resources from. type: string version: - description: Version of the API Group to select resources from. Together with Group and - Kind it is capable of unambiguously identifying and/or selecting resources. https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md + description: |- + Version of the API Group to select resources from. + Together with Group and Kind it is capable of unambiguously identifying and/or selecting resources. + https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md type: string type: object required: @@ -5216,7 +9628,9 @@ spec: type: object type: array patchesStrategicMerge: - description: Strategic merge patches, defined as inline YAML objects. + description: |- + Strategic merge patches, defined as inline YAML objects. + Deprecated: use Patches instead. items: x-kubernetes-preserve-unknown-fields: true type: array @@ -5224,176 +9638,260 @@ spec: type: object type: array releaseName: - description: ReleaseName used for the Helm release. Defaults to a composition of '[TargetNamespace-]Name'. + description: |- + ReleaseName used for the Helm release. Defaults to a composition of + '[TargetNamespace-]Name'. maxLength: 53 minLength: 1 type: string rollback: - description: Rollback holds the configuration for Helm rollback actions for this HelmRelease. + description: Rollback holds the configuration for Helm rollback actions + for this HelmRelease. properties: cleanupOnFail: - description: CleanupOnFail allows deletion of new resources created during the Helm rollback action when - it fails. + description: |- + CleanupOnFail allows deletion of new resources created during the Helm + rollback action when it fails. type: boolean disableHooks: - description: DisableHooks prevents hooks from running during the Helm rollback action. + description: DisableHooks prevents hooks from running during the + Helm rollback action. type: boolean disableWait: - description: DisableWait disables the waiting for resources to be ready after a Helm rollback has been - performed. + description: |- + DisableWait disables the waiting for resources to be ready after a Helm + rollback has been performed. type: boolean disableWaitForJobs: - description: DisableWaitForJobs disables waiting for jobs to complete after a Helm rollback has been performed. + description: |- + DisableWaitForJobs disables waiting for jobs to complete after a Helm + rollback has been performed. type: boolean force: - description: Force forces resource updates through a replacement strategy. + description: Force forces resource updates through a replacement + strategy. type: boolean recreate: - description: Recreate performs pod restarts for the resource if applicable. + description: Recreate performs pod restarts for the resource if + applicable. type: boolean timeout: - description: Timeout is the time to wait for any individual Kubernetes operation (like Jobs for hooks) - during the performance of a Helm rollback action. Defaults to 'HelmReleaseSpec.Timeout'. + description: |- + Timeout is the time to wait for any individual Kubernetes operation (like + Jobs for hooks) during the performance of a Helm rollback action. Defaults to + 'HelmReleaseSpec.Timeout'. pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$ type: string type: object serviceAccountName: - description: The name of the Kubernetes service account to impersonate when reconciling this HelmRelease. + description: |- + The name of the Kubernetes service account to impersonate + when reconciling this HelmRelease. + maxLength: 253 + minLength: 1 type: string storageNamespace: - description: StorageNamespace used for the Helm storage. Defaults to the namespace of the HelmRelease. + description: |- + StorageNamespace used for the Helm storage. + Defaults to the namespace of the HelmRelease. maxLength: 63 minLength: 1 type: string suspend: - description: Suspend tells the controller to suspend reconciliation for this HelmRelease, it does not apply - to already started reconciliations. Defaults to false. + description: |- + Suspend tells the controller to suspend reconciliation for this HelmRelease, + it does not apply to already started reconciliations. Defaults to false. type: boolean targetNamespace: - description: TargetNamespace to target when performing operations for the HelmRelease. Defaults to the namespace - of the HelmRelease. + description: |- + TargetNamespace to target when performing operations for the HelmRelease. + Defaults to the namespace of the HelmRelease. maxLength: 63 minLength: 1 type: string test: - description: Test holds the configuration for Helm test actions for this HelmRelease. + description: Test holds the configuration for Helm test actions for + this HelmRelease. properties: enable: - description: Enable enables Helm test actions for this HelmRelease after an Helm install or upgrade action - has been performed. + description: |- + Enable enables Helm test actions for this HelmRelease after an Helm install + or upgrade action has been performed. type: boolean + filters: + description: Filters is a list of tests to run or exclude from + running. + items: + description: Filter holds the configuration for individual Helm + test filters. + properties: + exclude: + description: Exclude specifies whether the named test should + be excluded. + type: boolean + name: + description: Name is the name of the test. + maxLength: 253 + minLength: 1 + type: string + required: + - name + type: object + type: array ignoreFailures: - description: IgnoreFailures tells the controller to skip remediation when the Helm tests are run but fail. - Can be overwritten for tests run after install or upgrade actions in 'Install.IgnoreTestFailures' and - 'Upgrade.IgnoreTestFailures'. + description: |- + IgnoreFailures tells the controller to skip remediation when the Helm tests + are run but fail. Can be overwritten for tests run after install or upgrade + actions in 'Install.IgnoreTestFailures' and 'Upgrade.IgnoreTestFailures'. type: boolean timeout: - description: Timeout is the time to wait for any individual Kubernetes operation during the performance - of a Helm test action. Defaults to 'HelmReleaseSpec.Timeout'. + description: |- + Timeout is the time to wait for any individual Kubernetes operation during + the performance of a Helm test action. Defaults to 'HelmReleaseSpec.Timeout'. pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$ type: string type: object timeout: - description: Timeout is the time to wait for any individual Kubernetes operation (like Jobs for hooks) during - the performance of a Helm action. Defaults to '5m0s'. + description: |- + Timeout is the time to wait for any individual Kubernetes operation (like Jobs + for hooks) during the performance of a Helm action. Defaults to '5m0s'. pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$ type: string uninstall: - description: Uninstall holds the configuration for Helm uninstall actions for this HelmRelease. + description: Uninstall holds the configuration for Helm uninstall + actions for this HelmRelease. properties: deletionPropagation: default: background - description: DeletionPropagation specifies the deletion propagation policy when a Helm uninstall is performed. + description: |- + DeletionPropagation specifies the deletion propagation policy when + a Helm uninstall is performed. enum: - background - foreground - orphan type: string disableHooks: - description: DisableHooks prevents hooks from running during the Helm rollback action. + description: DisableHooks prevents hooks from running during the + Helm rollback action. type: boolean disableWait: - description: DisableWait disables waiting for all the resources to be deleted after a Helm uninstall is - performed. + description: |- + DisableWait disables waiting for all the resources to be deleted after + a Helm uninstall is performed. type: boolean keepHistory: - description: KeepHistory tells Helm to remove all associated resources and mark the release as deleted, - but retain the release history. + description: |- + KeepHistory tells Helm to remove all associated resources and mark the + release as deleted, but retain the release history. type: boolean timeout: - description: Timeout is the time to wait for any individual Kubernetes operation (like Jobs for hooks) - during the performance of a Helm uninstall action. Defaults to 'HelmReleaseSpec.Timeout'. + description: |- + Timeout is the time to wait for any individual Kubernetes operation (like + Jobs for hooks) during the performance of a Helm uninstall action. Defaults + to 'HelmReleaseSpec.Timeout'. pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$ type: string type: object upgrade: - description: Upgrade holds the configuration for Helm upgrade actions for this HelmRelease. + description: Upgrade holds the configuration for Helm upgrade actions + for this HelmRelease. properties: cleanupOnFail: - description: CleanupOnFail allows deletion of new resources created during the Helm upgrade action when - it fails. + description: |- + CleanupOnFail allows deletion of new resources created during the Helm + upgrade action when it fails. type: boolean crds: - description: "CRDs upgrade CRDs from the Helm Chart's crds directory according to the CRD upgrade policy - provided here. Valid values are `Skip`, `Create` or `CreateReplace`. Default is `Skip` and if omitted - CRDs are neither installed nor upgraded. \n Skip: do neither install nor replace (update) any CRDs. - \n Create: new CRDs are created, existing CRDs are neither updated nor deleted. \n CreateReplace: new - CRDs are created, existing CRDs are updated (replaced) but not deleted. \n By default, CRDs are not - applied during Helm upgrade action. With this option users can opt-in to CRD upgrade, which is not (yet) - natively supported by Helm. https://helm.sh/docs/chart_best_practices/custom_resource_definitions." + description: |- + CRDs upgrade CRDs from the Helm Chart's crds directory according + to the CRD upgrade policy provided here. Valid values are `Skip`, + `Create` or `CreateReplace`. Default is `Skip` and if omitted + CRDs are neither installed nor upgraded. + + + Skip: do neither install nor replace (update) any CRDs. + + + Create: new CRDs are created, existing CRDs are neither updated nor deleted. + + + CreateReplace: new CRDs are created, existing CRDs are updated (replaced) + but not deleted. + + + By default, CRDs are not applied during Helm upgrade action. With this + option users can opt-in to CRD upgrade, which is not (yet) natively supported by Helm. + https://helm.sh/docs/chart_best_practices/custom_resource_definitions. enum: - Skip - Create - CreateReplace type: string disableHooks: - description: DisableHooks prevents hooks from running during the Helm upgrade action. + description: DisableHooks prevents hooks from running during the + Helm upgrade action. type: boolean disableOpenAPIValidation: - description: DisableOpenAPIValidation prevents the Helm upgrade action from validating rendered templates - against the Kubernetes OpenAPI Schema. + description: |- + DisableOpenAPIValidation prevents the Helm upgrade action from validating + rendered templates against the Kubernetes OpenAPI Schema. type: boolean disableWait: - description: DisableWait disables the waiting for resources to be ready after a Helm upgrade has been - performed. + description: |- + DisableWait disables the waiting for resources to be ready after a Helm + upgrade has been performed. type: boolean disableWaitForJobs: - description: DisableWaitForJobs disables waiting for jobs to complete after a Helm upgrade has been performed. + description: |- + DisableWaitForJobs disables waiting for jobs to complete after a Helm + upgrade has been performed. type: boolean force: - description: Force forces resource updates through a replacement strategy. + description: Force forces resource updates through a replacement + strategy. type: boolean preserveValues: - description: PreserveValues will make Helm reuse the last release's values and merge in overrides from - 'Values'. Setting this flag makes the HelmRelease non-declarative. + description: |- + PreserveValues will make Helm reuse the last release's values and merge in + overrides from 'Values'. Setting this flag makes the HelmRelease + non-declarative. type: boolean remediation: - description: Remediation holds the remediation configuration for when the Helm upgrade action for the - HelmRelease fails. The default is to not perform any action. + description: |- + Remediation holds the remediation configuration for when the Helm upgrade + action for the HelmRelease fails. The default is to not perform any action. properties: ignoreTestFailures: - description: IgnoreTestFailures tells the controller to skip remediation when the Helm tests are run - after an upgrade action but fail. Defaults to 'Test.IgnoreFailures'. + description: |- + IgnoreTestFailures tells the controller to skip remediation when the Helm + tests are run after an upgrade action but fail. + Defaults to 'Test.IgnoreFailures'. type: boolean remediateLastFailure: - description: RemediateLastFailure tells the controller to remediate the last failure, when no retries - remain. Defaults to 'false' unless 'Retries' is greater than 0. + description: |- + RemediateLastFailure tells the controller to remediate the last failure, when + no retries remain. Defaults to 'false' unless 'Retries' is greater than 0. type: boolean retries: - description: Retries is the number of retries that should be attempted on failures before bailing. - Remediation, using 'Strategy', is performed between each attempt. Defaults to '0', a negative integer - equals to unlimited retries. + description: |- + Retries is the number of retries that should be attempted on failures before + bailing. Remediation, using 'Strategy', is performed between each attempt. + Defaults to '0', a negative integer equals to unlimited retries. type: integer strategy: - description: Strategy to use for failure remediation. Defaults to 'rollback'. + description: Strategy to use for failure remediation. Defaults + to 'rollback'. enum: - rollback - uninstall type: string type: object timeout: - description: Timeout is the time to wait for any individual Kubernetes operation (like Jobs for hooks) - during the performance of a Helm upgrade action. Defaults to 'HelmReleaseSpec.Timeout'. + description: |- + Timeout is the time to wait for any individual Kubernetes operation (like + Jobs for hooks) during the performance of a Helm upgrade action. Defaults to + 'HelmReleaseSpec.Timeout'. pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$ type: string type: object @@ -5401,39 +9899,46 @@ spec: description: Values holds the values for this Helm release. x-kubernetes-preserve-unknown-fields: true valuesFrom: - description: ValuesFrom holds references to resources containing Helm values for this HelmRelease, and information - about how they should be merged. + description: |- + ValuesFrom holds references to resources containing Helm values for this HelmRelease, + and information about how they should be merged. items: - description: ValuesReference contains a reference to a resource containing Helm values, and optionally the - key they can be found at. + description: |- + ValuesReference contains a reference to a resource containing Helm values, + and optionally the key they can be found at. properties: kind: - description: Kind of the values referent, valid values are ('Secret', 'ConfigMap'). + description: Kind of the values referent, valid values are ('Secret', + 'ConfigMap'). enum: - Secret - ConfigMap type: string name: - description: Name of the values referent. Should reside in the same namespace as the referring resource. + description: |- + Name of the values referent. Should reside in the same namespace as the + referring resource. maxLength: 253 minLength: 1 type: string optional: - description: Optional marks this ValuesReference as optional. When set, a not found error for the values - reference is ignored, but any ValuesKey, TargetPath or transient error will still result in a reconciliation - failure. + description: |- + Optional marks this ValuesReference as optional. When set, a not found error + for the values reference is ignored, but any ValuesKey, TargetPath or + transient error will still result in a reconciliation failure. type: boolean targetPath: - description: TargetPath is the YAML dot notation path the value should be merged at. When set, the ValuesKey - is expected to be a single flat value. Defaults to 'None', which results in the values getting merged - at the root. + description: |- + TargetPath is the YAML dot notation path the value should be merged at. When + set, the ValuesKey is expected to be a single flat value. Defaults to 'None', + which results in the values getting merged at the root. maxLength: 250 pattern: ^([a-zA-Z0-9_\-.\\\/]|\[[0-9]{1,5}\])+$ type: string valuesKey: - description: ValuesKey is the data key where the values.yaml or a specific value can be found at. Defaults - to 'values.yaml'. When set, must be a valid Data Key, consisting of alphanumeric characters, '-', - '_' or '.'. + description: |- + ValuesKey is the data key where the values.yaml or a specific value can be + found at. Defaults to 'values.yaml'. maxLength: 253 pattern: ^[\-._a-zA-Z0-9]+$ type: string @@ -5443,9 +9948,12 @@ spec: type: object type: array required: - - chart - interval type: object + x-kubernetes-validations: + - message: either chart or chartRef must be set + rule: (has(self.chart) && !has(self.chartRef)) || (!has(self.chart) + && has(self.chartRef)) status: default: observedGeneration: -1 @@ -5454,35 +9962,43 @@ spec: conditions: description: Conditions holds the conditions for the HelmRelease. items: - description: "Condition contains details for one aspect of the current state of this API Resource. --- This - struct is intended for direct use as an array at the field path .status.conditions. For example, \n type - FooStatus struct{ // Represents the observations of a foo's current state. // Known .status.conditions.type - are: \"Available\", \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge // - +listType=map // +listMapKey=type Conditions []metav1.Condition `json:\"conditions,omitempty\" patchStrategy:\"merge\" - patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" + description: "Condition contains details for one aspect of the current + state of this API Resource.\n---\nThis struct is intended for + direct use as an array at the field path .status.conditions. For + example,\n\n\n\ttype FooStatus struct{\n\t // Represents the + observations of a foo's current state.\n\t // Known .status.conditions.type + are: \"Available\", \"Progressing\", and \"Degraded\"\n\t // + +patchMergeKey=type\n\t // +patchStrategy=merge\n\t // +listType=map\n\t + \ // +listMapKey=type\n\t Conditions []metav1.Condition `json:\"conditions,omitempty\" + patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"`\n\n\n\t + \ // other fields\n\t}" properties: lastTransitionTime: - description: lastTransitionTime is the last time the condition transitioned from one status to another. - This should be when the underlying condition changed. If that is not known, then using the time when - the API field changed is acceptable. + description: |- + lastTransitionTime is the last time the condition transitioned from one status to another. + This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. format: date-time type: string message: - description: message is a human readable message indicating details about the transition. This may be - an empty string. + description: |- + message is a human readable message indicating details about the transition. + This may be an empty string. maxLength: 32768 type: string observedGeneration: - description: observedGeneration represents the .metadata.generation that the condition was set based - upon. For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration - is 9, the condition is out of date with respect to the current state of the instance. + description: |- + observedGeneration represents the .metadata.generation that the condition was set based upon. + For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date + with respect to the current state of the instance. format: int64 minimum: 0 type: integer reason: - description: reason contains a programmatic identifier indicating the reason for the condition's last - transition. Producers of specific condition types may define expected values and meanings for this - field, and whether the values are considered a guaranteed API. The value should be a CamelCase string. + description: |- + reason contains a programmatic identifier indicating the reason for the condition's last transition. + Producers of specific condition types may define expected values and meanings for this field, + and whether the values are considered a guaranteed API. + The value should be a CamelCase string. This field may not be empty. maxLength: 1024 minLength: 1 @@ -5496,9 +10012,12 @@ spec: - Unknown type: string type: - description: type of condition in CamelCase or in foo.example.com/CamelCase. --- Many .condition.type - values are consistent across resources like Available, but because arbitrary conditions can be useful - (see .node.status.conditions), the ability to deconflict is important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + description: |- + type of condition in CamelCase or in foo.example.com/CamelCase. + --- + Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be + useful (see .node.status.conditions), the ability to deconflict is important. + The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) maxLength: 316 pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ type: string @@ -5511,48 +10030,217 @@ spec: type: object type: array failures: - description: Failures is the reconciliation failure count against the latest desired state. It is reset after - a successful reconciliation. + description: |- + Failures is the reconciliation failure count against the latest desired + state. It is reset after a successful reconciliation. format: int64 type: integer helmChart: - description: HelmChart is the namespaced name of the HelmChart resource created by the controller for the - HelmRelease. - type: string + description: |- + HelmChart is the namespaced name of the HelmChart resource created by + the controller for the HelmRelease. + type: string + history: + description: |- + History holds the history of Helm releases performed for this HelmRelease + up to the last successfully completed release. + items: + description: |- + Snapshot captures a point-in-time copy of the status information for a Helm release, + as managed by the controller. + properties: + apiVersion: + description: |- + APIVersion is the API version of the Snapshot. + Provisional: when the calculation method of the Digest field is changed, + this field will be used to distinguish between the old and new methods. + type: string + appVersion: + description: AppVersion is the chart app version of the release + object in storage. + type: string + chartName: + description: ChartName is the chart name of the release object + in storage. + type: string + chartVersion: + description: |- + ChartVersion is the chart version of the release object in + storage. + type: string + configDigest: + description: |- + ConfigDigest is the checksum of the config (better known as + "values") of the release object in storage. + It has the format of `:`. + type: string + deleted: + description: Deleted is when the release was deleted. + format: date-time + type: string + digest: + description: |- + Digest is the checksum of the release object in storage. + It has the format of `:`. + type: string + firstDeployed: + description: FirstDeployed is when the release was first deployed. + format: date-time + type: string + lastDeployed: + description: LastDeployed is when the release was last deployed. + format: date-time + type: string + name: + description: Name is the name of the release. + type: string + namespace: + description: Namespace is the namespace the release is deployed + to. + type: string + ociDigest: + description: OCIDigest is the digest of the OCI artifact associated + with the release. + type: string + status: + description: Status is the current state of the release. + type: string + testHooks: + additionalProperties: + description: |- + TestHookStatus holds the status information for a test hook as observed + to be run by the controller. + properties: + lastCompleted: + description: LastCompleted is the time the test hook last + completed. + format: date-time + type: string + lastStarted: + description: LastStarted is the time the test hook was + last started. + format: date-time + type: string + phase: + description: Phase the test hook was observed to be in. + type: string + type: object + description: |- + TestHooks is the list of test hooks for the release as observed to be + run by the controller. + type: object + version: + description: Version is the version of the release object in + storage. + type: integer + required: + - chartName + - chartVersion + - configDigest + - digest + - firstDeployed + - lastDeployed + - name + - namespace + - status + - version + type: object + type: array installFailures: - description: InstallFailures is the install failure count against the latest desired state. It is reset after - a successful reconciliation. + description: |- + InstallFailures is the install failure count against the latest desired + state. It is reset after a successful reconciliation. format: int64 type: integer lastAppliedRevision: - description: LastAppliedRevision is the revision of the last successfully applied source. + description: |- + LastAppliedRevision is the revision of the last successfully applied + source. + Deprecated: the revision can now be found in the History. + type: string + lastAttemptedConfigDigest: + description: |- + LastAttemptedConfigDigest is the digest for the config (better known as + "values") of the last reconciliation attempt. + type: string + lastAttemptedGeneration: + description: |- + LastAttemptedGeneration is the last generation the controller attempted + to reconcile. + format: int64 + type: integer + lastAttemptedReleaseAction: + description: |- + LastAttemptedReleaseAction is the last release action performed for this + HelmRelease. It is used to determine the active remediation strategy. + enum: + - install + - upgrade type: string lastAttemptedRevision: - description: LastAttemptedRevision is the revision of the last reconciliation attempt. + description: |- + LastAttemptedRevision is the Source revision of the last reconciliation + attempt. For OCIRepository sources, the 12 first characters of the digest are + appended to the chart version e.g. "1.2.3+1234567890ab". + type: string + lastAttemptedRevisionDigest: + description: |- + LastAttemptedRevisionDigest is the digest of the last reconciliation attempt. + This is only set for OCIRepository sources. type: string lastAttemptedValuesChecksum: - description: LastAttemptedValuesChecksum is the SHA1 checksum of the values of the last reconciliation attempt. + description: |- + LastAttemptedValuesChecksum is the SHA1 checksum for the values of the last + reconciliation attempt. + Deprecated: Use LastAttemptedConfigDigest instead. + type: string + lastHandledForceAt: + description: |- + LastHandledForceAt holds the value of the most recent force request + value, so a change of the annotation value can be detected. type: string lastHandledReconcileAt: - description: LastHandledReconcileAt holds the value of the most recent reconcile request value, so a change - of the annotation value can be detected. + description: |- + LastHandledReconcileAt holds the value of the most recent + reconcile request value, so a change of the annotation value + can be detected. + type: string + lastHandledResetAt: + description: |- + LastHandledResetAt holds the value of the most recent reset request + value, so a change of the annotation value can be detected. type: string lastReleaseRevision: - description: LastReleaseRevision is the revision of the last successful Helm release. + description: |- + LastReleaseRevision is the revision of the last successful Helm release. + Deprecated: Use History instead. type: integer observedGeneration: description: ObservedGeneration is the last observed generation. format: int64 type: integer + observedPostRenderersDigest: + description: |- + ObservedPostRenderersDigest is the digest for the post-renderers of + the last successful reconciliation attempt. + type: string + storageNamespace: + description: |- + StorageNamespace is the namespace of the Helm release storage for the + current release. + maxLength: 63 + minLength: 1 + type: string upgradeFailures: - description: UpgradeFailures is the upgrade failure count against the latest desired state. It is reset after - a successful reconciliation. + description: |- + UpgradeFailures is the upgrade failure count against the latest desired + state. It is reset after a successful reconciliation. format: int64 type: integer type: object type: object served: true - storage: true + storage: false subresources: status: {} --- @@ -5563,7 +10251,7 @@ metadata: app.kubernetes.io/component: helm-controller app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v2.1.1 + app.kubernetes.io/version: v2.3.0 name: helm-controller namespace: flux-system --- @@ -5574,7 +10262,7 @@ metadata: app.kubernetes.io/component: helm-controller app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v2.1.1 + app.kubernetes.io/version: v2.3.0 control-plane: controller name: helm-controller namespace: flux-system @@ -5603,7 +10291,17 @@ spec: valueFrom: fieldRef: fieldPath: metadata.namespace - image: ghcr.io/fluxcd/helm-controller:v0.36.1 + - name: GOMAXPROCS + valueFrom: + resourceFieldRef: + containerName: manager + resource: limits.cpu + - name: GOMEMLIMIT + valueFrom: + resourceFieldRef: + containerName: manager + resource: limits.memory + image: ghcr.io/fluxcd/helm-controller:v1.0.1 imagePullPolicy: IfNotPresent livenessProbe: httpGet: @@ -5655,12 +10353,12 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.12.0 + controller-gen.kubebuilder.io/version: v0.15.0 labels: app.kubernetes.io/component: notification-controller app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v2.1.1 + app.kubernetes.io/version: v2.3.0 name: alerts.notification.toolkit.fluxcd.io spec: group: notification.toolkit.fluxcd.io @@ -5681,27 +10379,39 @@ spec: - jsonPath: .status.conditions[?(@.type=="Ready")].message name: Status type: string + deprecated: true + deprecationWarning: v1beta1 Alert is deprecated, upgrade to v1beta3 name: v1beta1 schema: openAPIV3Schema: description: Alert is the Schema for the alerts API properties: apiVersion: - description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert - recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string kind: - description: 'Kind is a string value representing the REST resource this object represents. Servers may infer - this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string metadata: type: object spec: - description: AlertSpec defines an alerting rule for events involving a list of objects + description: AlertSpec defines an alerting rule for events involving a + list of objects properties: eventSeverity: default: info - description: Filter events based on severity, defaults to ('info'). If set to 'info' no events will be filtered. + description: |- + Filter events based on severity, defaults to ('info'). + If set to 'info' no events will be filtered. enum: - info - error @@ -5709,8 +10419,9 @@ spec: eventSources: description: Filter events based on the involved objects. items: - description: CrossNamespaceObjectReference contains enough information to let you locate the typed referenced - object at cluster level + description: |- + CrossNamespaceObjectReference contains enough information to let you locate the + typed referenced object at cluster level properties: apiVersion: description: API version of the referent @@ -5732,9 +10443,10 @@ spec: matchLabels: additionalProperties: type: string - description: MatchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map - is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and - the values array contains only "value". The requirements are ANDed. + description: |- + MatchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, whose key field is "key", the + operator is "In", and the values array contains only "value". The requirements are ANDed. type: object name: description: Name of the referent @@ -5751,7 +10463,8 @@ spec: type: object type: array exclusionList: - description: A list of Golang regular expressions to be used for excluding messages. + description: A list of Golang regular expressions to be used for excluding + messages. items: type: string type: array @@ -5768,7 +10481,9 @@ spec: description: Short description of the impact and affected cluster. type: string suspend: - description: This flag tells the controller to suspend subsequent events dispatching. Defaults to false. + description: |- + This flag tells the controller to suspend subsequent events dispatching. + Defaults to false. type: boolean required: - eventSources @@ -5781,35 +10496,43 @@ spec: properties: conditions: items: - description: "Condition contains details for one aspect of the current state of this API Resource. --- This - struct is intended for direct use as an array at the field path .status.conditions. For example, \n type - FooStatus struct{ // Represents the observations of a foo's current state. // Known .status.conditions.type - are: \"Available\", \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge // - +listType=map // +listMapKey=type Conditions []metav1.Condition `json:\"conditions,omitempty\" patchStrategy:\"merge\" - patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" + description: "Condition contains details for one aspect of the current + state of this API Resource.\n---\nThis struct is intended for + direct use as an array at the field path .status.conditions. For + example,\n\n\n\ttype FooStatus struct{\n\t // Represents the + observations of a foo's current state.\n\t // Known .status.conditions.type + are: \"Available\", \"Progressing\", and \"Degraded\"\n\t // + +patchMergeKey=type\n\t // +patchStrategy=merge\n\t // +listType=map\n\t + \ // +listMapKey=type\n\t Conditions []metav1.Condition `json:\"conditions,omitempty\" + patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"`\n\n\n\t + \ // other fields\n\t}" properties: lastTransitionTime: - description: lastTransitionTime is the last time the condition transitioned from one status to another. - This should be when the underlying condition changed. If that is not known, then using the time when - the API field changed is acceptable. + description: |- + lastTransitionTime is the last time the condition transitioned from one status to another. + This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. format: date-time type: string message: - description: message is a human readable message indicating details about the transition. This may be - an empty string. + description: |- + message is a human readable message indicating details about the transition. + This may be an empty string. maxLength: 32768 type: string observedGeneration: - description: observedGeneration represents the .metadata.generation that the condition was set based - upon. For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration - is 9, the condition is out of date with respect to the current state of the instance. + description: |- + observedGeneration represents the .metadata.generation that the condition was set based upon. + For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date + with respect to the current state of the instance. format: int64 minimum: 0 type: integer reason: - description: reason contains a programmatic identifier indicating the reason for the condition's last - transition. Producers of specific condition types may define expected values and meanings for this - field, and whether the values are considered a guaranteed API. The value should be a CamelCase string. + description: |- + reason contains a programmatic identifier indicating the reason for the condition's last transition. + Producers of specific condition types may define expected values and meanings for this field, + and whether the values are considered a guaranteed API. + The value should be a CamelCase string. This field may not be empty. maxLength: 1024 minLength: 1 @@ -5823,9 +10546,12 @@ spec: - Unknown type: string type: - description: type of condition in CamelCase or in foo.example.com/CamelCase. --- Many .condition.type - values are consistent across resources like Available, but because arbitrary conditions can be useful - (see .node.status.conditions), the ability to deconflict is important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + description: |- + type of condition in CamelCase or in foo.example.com/CamelCase. + --- + Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be + useful (see .node.status.conditions), the ability to deconflict is important. + The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) maxLength: 316 pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ type: string @@ -5857,45 +10583,61 @@ spec: - jsonPath: .status.conditions[?(@.type=="Ready")].message name: Status type: string + deprecated: true + deprecationWarning: v1beta2 Alert is deprecated, upgrade to v1beta3 name: v1beta2 schema: openAPIV3Schema: description: Alert is the Schema for the alerts API properties: apiVersion: - description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert - recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string kind: - description: 'Kind is a string value representing the REST resource this object represents. Servers may infer - this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string metadata: type: object spec: - description: AlertSpec defines an alerting rule for events involving a list of objects. + description: AlertSpec defines an alerting rule for events involving a + list of objects. properties: eventMetadata: additionalProperties: type: string - description: EventMetadata is an optional field for adding metadata to events dispatched by the controller. - This can be used for enhancing the context of the event. If a field would override one already present on - the original event as generated by the emitter, then the override doesn't happen, i.e. the original value - is preserved, and an info log is printed. + description: |- + EventMetadata is an optional field for adding metadata to events dispatched by the + controller. This can be used for enhancing the context of the event. If a field + would override one already present on the original event as generated by the emitter, + then the override doesn't happen, i.e. the original value is preserved, and an info + log is printed. type: object eventSeverity: default: info - description: EventSeverity specifies how to filter events based on severity. If set to 'info' no events will - be filtered. + description: |- + EventSeverity specifies how to filter events based on severity. + If set to 'info' no events will be filtered. enum: - info - error type: string eventSources: - description: EventSources specifies how to filter events based on the involved object kind, name and namespace. + description: |- + EventSources specifies how to filter events based + on the involved object kind, name and namespace. items: - description: CrossNamespaceObjectReference contains enough information to let you locate the typed referenced - object at cluster level + description: |- + CrossNamespaceObjectReference contains enough information to let you locate the + typed referenced object at cluster level properties: apiVersion: description: API version of the referent @@ -5917,13 +10659,16 @@ spec: matchLabels: additionalProperties: type: string - description: MatchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map - is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and - the values array contains only "value". The requirements are ANDed. MatchLabels requires the name - to be set to `*`. + description: |- + MatchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, whose key field is "key", the + operator is "In", and the values array contains only "value". The requirements are ANDed. + MatchLabels requires the name to be set to `*`. type: object name: - description: Name of the referent If multiple resources are targeted `*` may be set. + description: |- + Name of the referent + If multiple resources are targeted `*` may be set. maxLength: 53 minLength: 1 type: string @@ -5938,17 +10683,22 @@ spec: type: object type: array exclusionList: - description: ExclusionList specifies a list of Golang regular expressions to be used for excluding messages. + description: |- + ExclusionList specifies a list of Golang regular expressions + to be used for excluding messages. items: type: string type: array inclusionList: - description: InclusionList specifies a list of Golang regular expressions to be used for including messages. + description: |- + InclusionList specifies a list of Golang regular expressions + to be used for including messages. items: type: string type: array providerRef: - description: ProviderRef specifies which Provider this Alert should use. + description: ProviderRef specifies which Provider this Alert should + use. properties: name: description: Name of the referent. @@ -5957,11 +10707,14 @@ spec: - name type: object summary: - description: Summary holds a short description of the impact and affected cluster. + description: Summary holds a short description of the impact and affected + cluster. maxLength: 255 type: string suspend: - description: Suspend tells the controller to suspend subsequent events handling for this Alert. + description: |- + Suspend tells the controller to suspend subsequent + events handling for this Alert. type: boolean required: - eventSources @@ -5975,35 +10728,43 @@ spec: conditions: description: Conditions holds the conditions for the Alert. items: - description: "Condition contains details for one aspect of the current state of this API Resource. --- This - struct is intended for direct use as an array at the field path .status.conditions. For example, \n type - FooStatus struct{ // Represents the observations of a foo's current state. // Known .status.conditions.type - are: \"Available\", \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge // - +listType=map // +listMapKey=type Conditions []metav1.Condition `json:\"conditions,omitempty\" patchStrategy:\"merge\" - patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" + description: "Condition contains details for one aspect of the current + state of this API Resource.\n---\nThis struct is intended for + direct use as an array at the field path .status.conditions. For + example,\n\n\n\ttype FooStatus struct{\n\t // Represents the + observations of a foo's current state.\n\t // Known .status.conditions.type + are: \"Available\", \"Progressing\", and \"Degraded\"\n\t // + +patchMergeKey=type\n\t // +patchStrategy=merge\n\t // +listType=map\n\t + \ // +listMapKey=type\n\t Conditions []metav1.Condition `json:\"conditions,omitempty\" + patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"`\n\n\n\t + \ // other fields\n\t}" properties: lastTransitionTime: - description: lastTransitionTime is the last time the condition transitioned from one status to another. - This should be when the underlying condition changed. If that is not known, then using the time when - the API field changed is acceptable. + description: |- + lastTransitionTime is the last time the condition transitioned from one status to another. + This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. format: date-time type: string message: - description: message is a human readable message indicating details about the transition. This may be - an empty string. + description: |- + message is a human readable message indicating details about the transition. + This may be an empty string. maxLength: 32768 type: string observedGeneration: - description: observedGeneration represents the .metadata.generation that the condition was set based - upon. For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration - is 9, the condition is out of date with respect to the current state of the instance. + description: |- + observedGeneration represents the .metadata.generation that the condition was set based upon. + For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date + with respect to the current state of the instance. format: int64 minimum: 0 type: integer reason: - description: reason contains a programmatic identifier indicating the reason for the condition's last - transition. Producers of specific condition types may define expected values and meanings for this - field, and whether the values are considered a guaranteed API. The value should be a CamelCase string. + description: |- + reason contains a programmatic identifier indicating the reason for the condition's last transition. + Producers of specific condition types may define expected values and meanings for this field, + and whether the values are considered a guaranteed API. + The value should be a CamelCase string. This field may not be empty. maxLength: 1024 minLength: 1 @@ -6017,9 +10778,12 @@ spec: - Unknown type: string type: - description: type of condition in CamelCase or in foo.example.com/CamelCase. --- Many .condition.type - values are consistent across resources like Available, but because arbitrary conditions can be useful - (see .node.status.conditions), the ability to deconflict is important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + description: |- + type of condition in CamelCase or in foo.example.com/CamelCase. + --- + Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be + useful (see .node.status.conditions), the ability to deconflict is important. + The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) maxLength: 316 pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ type: string @@ -6032,8 +10796,10 @@ spec: type: object type: array lastHandledReconcileAt: - description: LastHandledReconcileAt holds the value of the most recent reconcile request value, so a change - of the annotation value can be detected. + description: |- + LastHandledReconcileAt holds the value of the most recent + reconcile request value, so a change of the annotation value + can be detected. type: string observedGeneration: description: ObservedGeneration is the last observed generation. @@ -6042,20 +10808,163 @@ spec: type: object type: object served: true - storage: true + storage: false subresources: status: {} + - additionalPrinterColumns: + - jsonPath: .metadata.creationTimestamp + name: Age + type: date + name: v1beta3 + schema: + openAPIV3Schema: + description: Alert is the Schema for the alerts API + properties: + apiVersion: + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources + type: string + kind: + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds + type: string + metadata: + type: object + spec: + description: AlertSpec defines an alerting rule for events involving a + list of objects. + properties: + eventMetadata: + additionalProperties: + type: string + description: |- + EventMetadata is an optional field for adding metadata to events dispatched by the + controller. This can be used for enhancing the context of the event. If a field + would override one already present on the original event as generated by the emitter, + then the override doesn't happen, i.e. the original value is preserved, and an info + log is printed. + type: object + eventSeverity: + default: info + description: |- + EventSeverity specifies how to filter events based on severity. + If set to 'info' no events will be filtered. + enum: + - info + - error + type: string + eventSources: + description: |- + EventSources specifies how to filter events based + on the involved object kind, name and namespace. + items: + description: |- + CrossNamespaceObjectReference contains enough information to let you locate the + typed referenced object at cluster level + properties: + apiVersion: + description: API version of the referent + type: string + kind: + description: Kind of the referent + enum: + - Bucket + - GitRepository + - Kustomization + - HelmRelease + - HelmChart + - HelmRepository + - ImageRepository + - ImagePolicy + - ImageUpdateAutomation + - OCIRepository + type: string + matchLabels: + additionalProperties: + type: string + description: |- + MatchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, whose key field is "key", the + operator is "In", and the values array contains only "value". The requirements are ANDed. + MatchLabels requires the name to be set to `*`. + type: object + name: + description: |- + Name of the referent + If multiple resources are targeted `*` may be set. + maxLength: 53 + minLength: 1 + type: string + namespace: + description: Namespace of the referent + maxLength: 53 + minLength: 1 + type: string + required: + - kind + - name + type: object + type: array + exclusionList: + description: |- + ExclusionList specifies a list of Golang regular expressions + to be used for excluding messages. + items: + type: string + type: array + inclusionList: + description: |- + InclusionList specifies a list of Golang regular expressions + to be used for including messages. + items: + type: string + type: array + providerRef: + description: ProviderRef specifies which Provider this Alert should + use. + properties: + name: + description: Name of the referent. + type: string + required: + - name + type: object + summary: + description: Summary holds a short description of the impact and affected + cluster. + maxLength: 255 + type: string + suspend: + description: |- + Suspend tells the controller to suspend subsequent + events handling for this Alert. + type: boolean + required: + - eventSources + - providerRef + type: object + type: object + served: true + storage: true + subresources: {} --- apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.12.0 + controller-gen.kubebuilder.io/version: v0.15.0 labels: app.kubernetes.io/component: notification-controller app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v2.1.1 + app.kubernetes.io/version: v2.3.0 name: providers.notification.toolkit.fluxcd.io spec: group: notification.toolkit.fluxcd.io @@ -6076,18 +10985,27 @@ spec: - jsonPath: .status.conditions[?(@.type=="Ready")].message name: Status type: string + deprecated: true + deprecationWarning: v1beta1 Provider is deprecated, upgrade to v1beta3 name: v1beta1 schema: openAPIV3Schema: description: Provider is the Schema for the providers API properties: apiVersion: - description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert - recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string kind: - description: 'Kind is a string value representing the REST resource this object represents. Servers may infer - this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string metadata: type: object @@ -6099,7 +11017,9 @@ spec: pattern: ^(http|https):// type: string certSecretRef: - description: CertSecretRef can be given the name of a secret containing a PEM-encoded CA certificate (`caFile`) + description: |- + CertSecretRef can be given the name of a secret containing + a PEM-encoded CA certificate (`caFile`) properties: name: description: Name of the referent. @@ -6115,7 +11035,9 @@ spec: pattern: ^(http|https):// type: string secretRef: - description: Secret reference containing the provider webhook URL using "address" as data key + description: |- + Secret reference containing the provider webhook URL + using "address" as data key properties: name: description: Name of the referent. @@ -6124,7 +11046,9 @@ spec: - name type: object suspend: - description: This flag tells the controller to suspend subsequent events handling. Defaults to false. + description: |- + This flag tells the controller to suspend subsequent events handling. + Defaults to false. type: boolean timeout: description: Timeout for sending alerts to the provider. @@ -6168,35 +11092,43 @@ spec: properties: conditions: items: - description: "Condition contains details for one aspect of the current state of this API Resource. --- This - struct is intended for direct use as an array at the field path .status.conditions. For example, \n type - FooStatus struct{ // Represents the observations of a foo's current state. // Known .status.conditions.type - are: \"Available\", \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge // - +listType=map // +listMapKey=type Conditions []metav1.Condition `json:\"conditions,omitempty\" patchStrategy:\"merge\" - patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" + description: "Condition contains details for one aspect of the current + state of this API Resource.\n---\nThis struct is intended for + direct use as an array at the field path .status.conditions. For + example,\n\n\n\ttype FooStatus struct{\n\t // Represents the + observations of a foo's current state.\n\t // Known .status.conditions.type + are: \"Available\", \"Progressing\", and \"Degraded\"\n\t // + +patchMergeKey=type\n\t // +patchStrategy=merge\n\t // +listType=map\n\t + \ // +listMapKey=type\n\t Conditions []metav1.Condition `json:\"conditions,omitempty\" + patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"`\n\n\n\t + \ // other fields\n\t}" properties: lastTransitionTime: - description: lastTransitionTime is the last time the condition transitioned from one status to another. - This should be when the underlying condition changed. If that is not known, then using the time when - the API field changed is acceptable. + description: |- + lastTransitionTime is the last time the condition transitioned from one status to another. + This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. format: date-time type: string message: - description: message is a human readable message indicating details about the transition. This may be - an empty string. + description: |- + message is a human readable message indicating details about the transition. + This may be an empty string. maxLength: 32768 type: string observedGeneration: - description: observedGeneration represents the .metadata.generation that the condition was set based - upon. For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration - is 9, the condition is out of date with respect to the current state of the instance. + description: |- + observedGeneration represents the .metadata.generation that the condition was set based upon. + For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date + with respect to the current state of the instance. format: int64 minimum: 0 type: integer reason: - description: reason contains a programmatic identifier indicating the reason for the condition's last - transition. Producers of specific condition types may define expected values and meanings for this - field, and whether the values are considered a guaranteed API. The value should be a CamelCase string. + description: |- + reason contains a programmatic identifier indicating the reason for the condition's last transition. + Producers of specific condition types may define expected values and meanings for this field, + and whether the values are considered a guaranteed API. + The value should be a CamelCase string. This field may not be empty. maxLength: 1024 minLength: 1 @@ -6210,9 +11142,12 @@ spec: - Unknown type: string type: - description: type of condition in CamelCase or in foo.example.com/CamelCase. --- Many .condition.type - values are consistent across resources like Available, but because arbitrary conditions can be useful - (see .node.status.conditions), the ability to deconflict is important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + description: |- + type of condition in CamelCase or in foo.example.com/CamelCase. + --- + Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be + useful (see .node.status.conditions), the ability to deconflict is important. + The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) maxLength: 316 pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ type: string @@ -6244,18 +11179,27 @@ spec: - jsonPath: .status.conditions[?(@.type=="Ready")].message name: Status type: string + deprecated: true + deprecationWarning: v1beta2 Provider is deprecated, upgrade to v1beta3 name: v1beta2 schema: openAPIV3Schema: description: Provider is the Schema for the providers API. properties: apiVersion: - description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert - recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string kind: - description: 'Kind is a string value representing the REST resource this object represents. Servers may infer - this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string metadata: type: object @@ -6263,14 +11207,21 @@ spec: description: ProviderSpec defines the desired state of the Provider. properties: address: - description: Address specifies the endpoint, in a generic sense, to where alerts are sent. What kind of endpoint - depends on the specific Provider type being used. For the generic Provider, for example, this is an HTTP/S - address. For other Provider types this could be a project ID or a namespace. + description: |- + Address specifies the endpoint, in a generic sense, to where alerts are sent. + What kind of endpoint depends on the specific Provider type being used. + For the generic Provider, for example, this is an HTTP/S address. + For other Provider types this could be a project ID or a namespace. maxLength: 2048 type: string certSecretRef: - description: "CertSecretRef specifies the Secret containing a PEM-encoded CA certificate (in the `ca.crt` - key). \n Note: Support for the `caFile` key has been deprecated." + description: |- + CertSecretRef specifies the Secret containing + a PEM-encoded CA certificate (in the `ca.crt` key). + + + Note: Support for the `caFile` key has + been deprecated. properties: name: description: Name of the referent. @@ -6279,11 +11230,13 @@ spec: - name type: object channel: - description: Channel specifies the destination channel where events should be posted. + description: Channel specifies the destination channel where events + should be posted. maxLength: 2048 type: string interval: - description: Interval at which to reconcile the Provider with its Secret references. + description: Interval at which to reconcile the Provider with its + Secret references. pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$ type: string proxy: @@ -6292,7 +11245,9 @@ spec: pattern: ^(http|https)://.*$ type: string secretRef: - description: SecretRef specifies the Secret containing the authentication credentials for this Provider. + description: |- + SecretRef specifies the Secret containing the authentication + credentials for this Provider. properties: name: description: Name of the referent. @@ -6301,7 +11256,9 @@ spec: - name type: object suspend: - description: Suspend tells the controller to suspend subsequent events handling for this Provider. + description: |- + Suspend tells the controller to suspend subsequent + events handling for this Provider. type: boolean timeout: description: Timeout for sending alerts to the Provider. @@ -6319,6 +11276,7 @@ spec: - github - gitlab - gitea + - bitbucketserver - bitbucket - azuredevops - googlechat @@ -6351,35 +11309,43 @@ spec: conditions: description: Conditions holds the conditions for the Provider. items: - description: "Condition contains details for one aspect of the current state of this API Resource. --- This - struct is intended for direct use as an array at the field path .status.conditions. For example, \n type - FooStatus struct{ // Represents the observations of a foo's current state. // Known .status.conditions.type - are: \"Available\", \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge // - +listType=map // +listMapKey=type Conditions []metav1.Condition `json:\"conditions,omitempty\" patchStrategy:\"merge\" - patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" + description: "Condition contains details for one aspect of the current + state of this API Resource.\n---\nThis struct is intended for + direct use as an array at the field path .status.conditions. For + example,\n\n\n\ttype FooStatus struct{\n\t // Represents the + observations of a foo's current state.\n\t // Known .status.conditions.type + are: \"Available\", \"Progressing\", and \"Degraded\"\n\t // + +patchMergeKey=type\n\t // +patchStrategy=merge\n\t // +listType=map\n\t + \ // +listMapKey=type\n\t Conditions []metav1.Condition `json:\"conditions,omitempty\" + patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"`\n\n\n\t + \ // other fields\n\t}" properties: lastTransitionTime: - description: lastTransitionTime is the last time the condition transitioned from one status to another. - This should be when the underlying condition changed. If that is not known, then using the time when - the API field changed is acceptable. + description: |- + lastTransitionTime is the last time the condition transitioned from one status to another. + This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. format: date-time type: string message: - description: message is a human readable message indicating details about the transition. This may be - an empty string. + description: |- + message is a human readable message indicating details about the transition. + This may be an empty string. maxLength: 32768 type: string observedGeneration: - description: observedGeneration represents the .metadata.generation that the condition was set based - upon. For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration - is 9, the condition is out of date with respect to the current state of the instance. + description: |- + observedGeneration represents the .metadata.generation that the condition was set based upon. + For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date + with respect to the current state of the instance. format: int64 minimum: 0 type: integer reason: - description: reason contains a programmatic identifier indicating the reason for the condition's last - transition. Producers of specific condition types may define expected values and meanings for this - field, and whether the values are considered a guaranteed API. The value should be a CamelCase string. + description: |- + reason contains a programmatic identifier indicating the reason for the condition's last transition. + Producers of specific condition types may define expected values and meanings for this field, + and whether the values are considered a guaranteed API. + The value should be a CamelCase string. This field may not be empty. maxLength: 1024 minLength: 1 @@ -6393,9 +11359,12 @@ spec: - Unknown type: string type: - description: type of condition in CamelCase or in foo.example.com/CamelCase. --- Many .condition.type - values are consistent across resources like Available, but because arbitrary conditions can be useful - (see .node.status.conditions), the ability to deconflict is important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + description: |- + type of condition in CamelCase or in foo.example.com/CamelCase. + --- + Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be + useful (see .node.status.conditions), the ability to deconflict is important. + The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) maxLength: 316 pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ type: string @@ -6408,8 +11377,10 @@ spec: type: object type: array lastHandledReconcileAt: - description: LastHandledReconcileAt holds the value of the most recent reconcile request value, so a change - of the annotation value can be detected. + description: |- + LastHandledReconcileAt holds the value of the most recent + reconcile request value, so a change of the annotation value + can be detected. type: string observedGeneration: description: ObservedGeneration is the last reconciled generation. @@ -6418,20 +11389,150 @@ spec: type: object type: object served: true - storage: true + storage: false subresources: status: {} + - additionalPrinterColumns: + - jsonPath: .metadata.creationTimestamp + name: Age + type: date + name: v1beta3 + schema: + openAPIV3Schema: + description: Provider is the Schema for the providers API + properties: + apiVersion: + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources + type: string + kind: + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds + type: string + metadata: + type: object + spec: + description: ProviderSpec defines the desired state of the Provider. + properties: + address: + description: |- + Address specifies the endpoint, in a generic sense, to where alerts are sent. + What kind of endpoint depends on the specific Provider type being used. + For the generic Provider, for example, this is an HTTP/S address. + For other Provider types this could be a project ID or a namespace. + maxLength: 2048 + type: string + certSecretRef: + description: |- + CertSecretRef specifies the Secret containing + a PEM-encoded CA certificate (in the `ca.crt` key). + + + Note: Support for the `caFile` key has + been deprecated. + properties: + name: + description: Name of the referent. + type: string + required: + - name + type: object + channel: + description: Channel specifies the destination channel where events + should be posted. + maxLength: 2048 + type: string + interval: + description: |- + Interval at which to reconcile the Provider with its Secret references. + Deprecated and not used in v1beta3. + pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$ + type: string + proxy: + description: Proxy the HTTP/S address of the proxy server. + maxLength: 2048 + pattern: ^(http|https)://.*$ + type: string + secretRef: + description: |- + SecretRef specifies the Secret containing the authentication + credentials for this Provider. + properties: + name: + description: Name of the referent. + type: string + required: + - name + type: object + suspend: + description: |- + Suspend tells the controller to suspend subsequent + events handling for this Provider. + type: boolean + timeout: + description: Timeout for sending alerts to the Provider. + pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m))+$ + type: string + type: + description: Type specifies which Provider implementation to use. + enum: + - slack + - discord + - msteams + - rocket + - generic + - generic-hmac + - github + - gitlab + - gitea + - bitbucketserver + - bitbucket + - azuredevops + - googlechat + - googlepubsub + - webex + - sentry + - azureeventhub + - telegram + - lark + - matrix + - opsgenie + - alertmanager + - grafana + - githubdispatch + - pagerduty + - datadog + - nats + type: string + username: + description: Username specifies the name under which events are posted. + maxLength: 2048 + type: string + required: + - type + type: object + type: object + served: true + storage: true + subresources: {} --- apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.12.0 + controller-gen.kubebuilder.io/version: v0.15.0 labels: app.kubernetes.io/component: notification-controller app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v2.1.1 + app.kubernetes.io/version: v2.3.0 name: receivers.notification.toolkit.fluxcd.io spec: group: notification.toolkit.fluxcd.io @@ -6458,12 +11559,19 @@ spec: description: Receiver is the Schema for the receivers API. properties: apiVersion: - description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert - recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string kind: - description: 'Kind is a string value representing the REST resource this object represents. Servers may infer - this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string metadata: type: object @@ -6471,21 +11579,24 @@ spec: description: ReceiverSpec defines the desired state of the Receiver. properties: events: - description: Events specifies the list of event types to handle, e.g. 'push' for GitHub or 'Push Hook' for - GitLab. + description: |- + Events specifies the list of event types to handle, + e.g. 'push' for GitHub or 'Push Hook' for GitLab. items: type: string type: array interval: default: 10m - description: Interval at which to reconcile the Receiver with its Secret references. + description: Interval at which to reconcile the Receiver with its + Secret references. pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$ type: string resources: description: A list of resources to be notified about changes. items: - description: CrossNamespaceObjectReference contains enough information to let you locate the typed referenced - object at cluster level + description: |- + CrossNamespaceObjectReference contains enough information to let you locate the + typed referenced object at cluster level properties: apiVersion: description: API version of the referent @@ -6507,13 +11618,16 @@ spec: matchLabels: additionalProperties: type: string - description: MatchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map - is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and - the values array contains only "value". The requirements are ANDed. MatchLabels requires the name - to be set to `*`. + description: |- + MatchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, whose key field is "key", the + operator is "In", and the values array contains only "value". The requirements are ANDed. + MatchLabels requires the name to be set to `*`. type: object name: - description: Name of the referent If multiple resources are targeted `*` may be set. + description: |- + Name of the referent + If multiple resources are targeted `*` may be set. maxLength: 53 minLength: 1 type: string @@ -6528,7 +11642,9 @@ spec: type: object type: array secretRef: - description: SecretRef specifies the Secret containing the token used to validate the payload authenticity. + description: |- + SecretRef specifies the Secret containing the token used + to validate the payload authenticity. properties: name: description: Name of the referent. @@ -6537,10 +11653,14 @@ spec: - name type: object suspend: - description: Suspend tells the controller to suspend subsequent events handling for this receiver. + description: |- + Suspend tells the controller to suspend subsequent + events handling for this receiver. type: boolean type: - description: Type of webhook sender, used to determine the validation procedure and payload deserialization. + description: |- + Type of webhook sender, used to determine + the validation procedure and payload deserialization. enum: - generic - generic-hmac @@ -6553,6 +11673,7 @@ spec: - gcr - nexus - acr + - cdevents type: string required: - resources @@ -6567,35 +11688,43 @@ spec: conditions: description: Conditions holds the conditions for the Receiver. items: - description: "Condition contains details for one aspect of the current state of this API Resource. --- This - struct is intended for direct use as an array at the field path .status.conditions. For example, \n type - FooStatus struct{ // Represents the observations of a foo's current state. // Known .status.conditions.type - are: \"Available\", \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge // - +listType=map // +listMapKey=type Conditions []metav1.Condition `json:\"conditions,omitempty\" patchStrategy:\"merge\" - patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" + description: "Condition contains details for one aspect of the current + state of this API Resource.\n---\nThis struct is intended for + direct use as an array at the field path .status.conditions. For + example,\n\n\n\ttype FooStatus struct{\n\t // Represents the + observations of a foo's current state.\n\t // Known .status.conditions.type + are: \"Available\", \"Progressing\", and \"Degraded\"\n\t // + +patchMergeKey=type\n\t // +patchStrategy=merge\n\t // +listType=map\n\t + \ // +listMapKey=type\n\t Conditions []metav1.Condition `json:\"conditions,omitempty\" + patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"`\n\n\n\t + \ // other fields\n\t}" properties: lastTransitionTime: - description: lastTransitionTime is the last time the condition transitioned from one status to another. - This should be when the underlying condition changed. If that is not known, then using the time when - the API field changed is acceptable. + description: |- + lastTransitionTime is the last time the condition transitioned from one status to another. + This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. format: date-time type: string message: - description: message is a human readable message indicating details about the transition. This may be - an empty string. + description: |- + message is a human readable message indicating details about the transition. + This may be an empty string. maxLength: 32768 type: string observedGeneration: - description: observedGeneration represents the .metadata.generation that the condition was set based - upon. For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration - is 9, the condition is out of date with respect to the current state of the instance. + description: |- + observedGeneration represents the .metadata.generation that the condition was set based upon. + For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date + with respect to the current state of the instance. format: int64 minimum: 0 type: integer reason: - description: reason contains a programmatic identifier indicating the reason for the condition's last - transition. Producers of specific condition types may define expected values and meanings for this - field, and whether the values are considered a guaranteed API. The value should be a CamelCase string. + description: |- + reason contains a programmatic identifier indicating the reason for the condition's last transition. + Producers of specific condition types may define expected values and meanings for this field, + and whether the values are considered a guaranteed API. + The value should be a CamelCase string. This field may not be empty. maxLength: 1024 minLength: 1 @@ -6609,9 +11738,12 @@ spec: - Unknown type: string type: - description: type of condition in CamelCase or in foo.example.com/CamelCase. --- Many .condition.type - values are consistent across resources like Available, but because arbitrary conditions can be useful - (see .node.status.conditions), the ability to deconflict is important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + description: |- + type of condition in CamelCase or in foo.example.com/CamelCase. + --- + Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be + useful (see .node.status.conditions), the ability to deconflict is important. + The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) maxLength: 316 pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ type: string @@ -6624,15 +11756,20 @@ spec: type: object type: array lastHandledReconcileAt: - description: LastHandledReconcileAt holds the value of the most recent reconcile request value, so a change - of the annotation value can be detected. + description: |- + LastHandledReconcileAt holds the value of the most recent + reconcile request value, so a change of the annotation value + can be detected. type: string observedGeneration: - description: ObservedGeneration is the last observed generation of the Receiver object. + description: ObservedGeneration is the last observed generation of + the Receiver object. format: int64 type: integer webhookPath: - description: WebhookPath is the generated incoming webhook address in the format of '/hook/sha256sum(token+name+namespace)'. + description: |- + WebhookPath is the generated incoming webhook address in the format + of '/hook/sha256sum(token+name+namespace)'. type: string type: object type: object @@ -6658,12 +11795,19 @@ spec: description: Receiver is the Schema for the receivers API properties: apiVersion: - description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert - recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string kind: - description: 'Kind is a string value representing the REST resource this object represents. Servers may infer - this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string metadata: type: object @@ -6671,15 +11815,18 @@ spec: description: ReceiverSpec defines the desired state of Receiver properties: events: - description: A list of events to handle, e.g. 'push' for GitHub or 'Push Hook' for GitLab. + description: |- + A list of events to handle, + e.g. 'push' for GitHub or 'Push Hook' for GitLab. items: type: string type: array resources: description: A list of resources to be notified about changes. items: - description: CrossNamespaceObjectReference contains enough information to let you locate the typed referenced - object at cluster level + description: |- + CrossNamespaceObjectReference contains enough information to let you locate the + typed referenced object at cluster level properties: apiVersion: description: API version of the referent @@ -6701,9 +11848,10 @@ spec: matchLabels: additionalProperties: type: string - description: MatchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map - is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and - the values array contains only "value". The requirements are ANDed. + description: |- + MatchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, whose key field is "key", the + operator is "In", and the values array contains only "value". The requirements are ANDed. type: object name: description: Name of the referent @@ -6720,7 +11868,9 @@ spec: type: object type: array secretRef: - description: Secret reference containing the token used to validate the payload authenticity + description: |- + Secret reference containing the token used + to validate the payload authenticity properties: name: description: Name of the referent. @@ -6729,10 +11879,14 @@ spec: - name type: object suspend: - description: This flag tells the controller to suspend subsequent events handling. Defaults to false. + description: |- + This flag tells the controller to suspend subsequent events handling. + Defaults to false. type: boolean type: - description: Type of webhook sender, used to determine the validation procedure and payload deserialization. + description: |- + Type of webhook sender, used to determine + the validation procedure and payload deserialization. enum: - generic - generic-hmac @@ -6757,35 +11911,43 @@ spec: properties: conditions: items: - description: "Condition contains details for one aspect of the current state of this API Resource. --- This - struct is intended for direct use as an array at the field path .status.conditions. For example, \n type - FooStatus struct{ // Represents the observations of a foo's current state. // Known .status.conditions.type - are: \"Available\", \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge // - +listType=map // +listMapKey=type Conditions []metav1.Condition `json:\"conditions,omitempty\" patchStrategy:\"merge\" - patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" + description: "Condition contains details for one aspect of the current + state of this API Resource.\n---\nThis struct is intended for + direct use as an array at the field path .status.conditions. For + example,\n\n\n\ttype FooStatus struct{\n\t // Represents the + observations of a foo's current state.\n\t // Known .status.conditions.type + are: \"Available\", \"Progressing\", and \"Degraded\"\n\t // + +patchMergeKey=type\n\t // +patchStrategy=merge\n\t // +listType=map\n\t + \ // +listMapKey=type\n\t Conditions []metav1.Condition `json:\"conditions,omitempty\" + patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"`\n\n\n\t + \ // other fields\n\t}" properties: lastTransitionTime: - description: lastTransitionTime is the last time the condition transitioned from one status to another. - This should be when the underlying condition changed. If that is not known, then using the time when - the API field changed is acceptable. + description: |- + lastTransitionTime is the last time the condition transitioned from one status to another. + This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. format: date-time type: string message: - description: message is a human readable message indicating details about the transition. This may be - an empty string. + description: |- + message is a human readable message indicating details about the transition. + This may be an empty string. maxLength: 32768 type: string observedGeneration: - description: observedGeneration represents the .metadata.generation that the condition was set based - upon. For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration - is 9, the condition is out of date with respect to the current state of the instance. + description: |- + observedGeneration represents the .metadata.generation that the condition was set based upon. + For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date + with respect to the current state of the instance. format: int64 minimum: 0 type: integer reason: - description: reason contains a programmatic identifier indicating the reason for the condition's last - transition. Producers of specific condition types may define expected values and meanings for this - field, and whether the values are considered a guaranteed API. The value should be a CamelCase string. + description: |- + reason contains a programmatic identifier indicating the reason for the condition's last transition. + Producers of specific condition types may define expected values and meanings for this field, + and whether the values are considered a guaranteed API. + The value should be a CamelCase string. This field may not be empty. maxLength: 1024 minLength: 1 @@ -6799,9 +11961,12 @@ spec: - Unknown type: string type: - description: type of condition in CamelCase or in foo.example.com/CamelCase. --- Many .condition.type - values are consistent across resources like Available, but because arbitrary conditions can be useful - (see .node.status.conditions), the ability to deconflict is important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + description: |- + type of condition in CamelCase or in foo.example.com/CamelCase. + --- + Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be + useful (see .node.status.conditions), the ability to deconflict is important. + The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) maxLength: 316 pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ type: string @@ -6818,7 +11983,9 @@ spec: format: int64 type: integer url: - description: Generated webhook URL in the format of '/hook/sha256sum(token+name+namespace)'. + description: |- + Generated webhook URL in the format + of '/hook/sha256sum(token+name+namespace)'. type: string type: object type: object @@ -6844,12 +12011,19 @@ spec: description: Receiver is the Schema for the receivers API. properties: apiVersion: - description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert - recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string kind: - description: 'Kind is a string value representing the REST resource this object represents. Servers may infer - this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string metadata: type: object @@ -6857,20 +12031,23 @@ spec: description: ReceiverSpec defines the desired state of the Receiver. properties: events: - description: Events specifies the list of event types to handle, e.g. 'push' for GitHub or 'Push Hook' for - GitLab. + description: |- + Events specifies the list of event types to handle, + e.g. 'push' for GitHub or 'Push Hook' for GitLab. items: type: string type: array interval: - description: Interval at which to reconcile the Receiver with its Secret references. + description: Interval at which to reconcile the Receiver with its + Secret references. pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$ type: string resources: description: A list of resources to be notified about changes. items: - description: CrossNamespaceObjectReference contains enough information to let you locate the typed referenced - object at cluster level + description: |- + CrossNamespaceObjectReference contains enough information to let you locate the + typed referenced object at cluster level properties: apiVersion: description: API version of the referent @@ -6892,13 +12069,16 @@ spec: matchLabels: additionalProperties: type: string - description: MatchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map - is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and - the values array contains only "value". The requirements are ANDed. MatchLabels requires the name - to be set to `*`. + description: |- + MatchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, whose key field is "key", the + operator is "In", and the values array contains only "value". The requirements are ANDed. + MatchLabels requires the name to be set to `*`. type: object name: - description: Name of the referent If multiple resources are targeted `*` may be set. + description: |- + Name of the referent + If multiple resources are targeted `*` may be set. maxLength: 53 minLength: 1 type: string @@ -6913,7 +12093,9 @@ spec: type: object type: array secretRef: - description: SecretRef specifies the Secret containing the token used to validate the payload authenticity. + description: |- + SecretRef specifies the Secret containing the token used + to validate the payload authenticity. properties: name: description: Name of the referent. @@ -6922,10 +12104,14 @@ spec: - name type: object suspend: - description: Suspend tells the controller to suspend subsequent events handling for this receiver. + description: |- + Suspend tells the controller to suspend subsequent + events handling for this receiver. type: boolean type: - description: Type of webhook sender, used to determine the validation procedure and payload deserialization. + description: |- + Type of webhook sender, used to determine + the validation procedure and payload deserialization. enum: - generic - generic-hmac @@ -6951,35 +12137,43 @@ spec: conditions: description: Conditions holds the conditions for the Receiver. items: - description: "Condition contains details for one aspect of the current state of this API Resource. --- This - struct is intended for direct use as an array at the field path .status.conditions. For example, \n type - FooStatus struct{ // Represents the observations of a foo's current state. // Known .status.conditions.type - are: \"Available\", \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge // - +listType=map // +listMapKey=type Conditions []metav1.Condition `json:\"conditions,omitempty\" patchStrategy:\"merge\" - patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" + description: "Condition contains details for one aspect of the current + state of this API Resource.\n---\nThis struct is intended for + direct use as an array at the field path .status.conditions. For + example,\n\n\n\ttype FooStatus struct{\n\t // Represents the + observations of a foo's current state.\n\t // Known .status.conditions.type + are: \"Available\", \"Progressing\", and \"Degraded\"\n\t // + +patchMergeKey=type\n\t // +patchStrategy=merge\n\t // +listType=map\n\t + \ // +listMapKey=type\n\t Conditions []metav1.Condition `json:\"conditions,omitempty\" + patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"`\n\n\n\t + \ // other fields\n\t}" properties: lastTransitionTime: - description: lastTransitionTime is the last time the condition transitioned from one status to another. - This should be when the underlying condition changed. If that is not known, then using the time when - the API field changed is acceptable. + description: |- + lastTransitionTime is the last time the condition transitioned from one status to another. + This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. format: date-time type: string message: - description: message is a human readable message indicating details about the transition. This may be - an empty string. + description: |- + message is a human readable message indicating details about the transition. + This may be an empty string. maxLength: 32768 type: string observedGeneration: - description: observedGeneration represents the .metadata.generation that the condition was set based - upon. For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration - is 9, the condition is out of date with respect to the current state of the instance. + description: |- + observedGeneration represents the .metadata.generation that the condition was set based upon. + For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date + with respect to the current state of the instance. format: int64 minimum: 0 type: integer reason: - description: reason contains a programmatic identifier indicating the reason for the condition's last - transition. Producers of specific condition types may define expected values and meanings for this - field, and whether the values are considered a guaranteed API. The value should be a CamelCase string. + description: |- + reason contains a programmatic identifier indicating the reason for the condition's last transition. + Producers of specific condition types may define expected values and meanings for this field, + and whether the values are considered a guaranteed API. + The value should be a CamelCase string. This field may not be empty. maxLength: 1024 minLength: 1 @@ -6993,9 +12187,12 @@ spec: - Unknown type: string type: - description: type of condition in CamelCase or in foo.example.com/CamelCase. --- Many .condition.type - values are consistent across resources like Available, but because arbitrary conditions can be useful - (see .node.status.conditions), the ability to deconflict is important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + description: |- + type of condition in CamelCase or in foo.example.com/CamelCase. + --- + Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be + useful (see .node.status.conditions), the ability to deconflict is important. + The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) maxLength: 316 pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ type: string @@ -7008,19 +12205,26 @@ spec: type: object type: array lastHandledReconcileAt: - description: LastHandledReconcileAt holds the value of the most recent reconcile request value, so a change - of the annotation value can be detected. + description: |- + LastHandledReconcileAt holds the value of the most recent + reconcile request value, so a change of the annotation value + can be detected. type: string observedGeneration: - description: ObservedGeneration is the last observed generation of the Receiver object. + description: ObservedGeneration is the last observed generation of + the Receiver object. format: int64 type: integer url: - description: 'URL is the generated incoming webhook address in the format of ''/hook/sha256sum(token+name+namespace)''. - Deprecated: Replaced by WebhookPath.' + description: |- + URL is the generated incoming webhook address in the format + of '/hook/sha256sum(token+name+namespace)'. + Deprecated: Replaced by WebhookPath. type: string webhookPath: - description: WebhookPath is the generated incoming webhook address in the format of '/hook/sha256sum(token+name+namespace)'. + description: |- + WebhookPath is the generated incoming webhook address in the format + of '/hook/sha256sum(token+name+namespace)'. type: string type: object type: object @@ -7036,7 +12240,7 @@ metadata: app.kubernetes.io/component: notification-controller app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v2.1.1 + app.kubernetes.io/version: v2.3.0 name: notification-controller namespace: flux-system --- @@ -7047,7 +12251,7 @@ metadata: app.kubernetes.io/component: notification-controller app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v2.1.1 + app.kubernetes.io/version: v2.3.0 control-plane: controller name: notification-controller namespace: flux-system @@ -7068,7 +12272,7 @@ metadata: app.kubernetes.io/component: notification-controller app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v2.1.1 + app.kubernetes.io/version: v2.3.0 control-plane: controller name: webhook-receiver namespace: flux-system @@ -7089,7 +12293,7 @@ metadata: app.kubernetes.io/component: notification-controller app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v2.1.1 + app.kubernetes.io/version: v2.3.0 control-plane: controller name: notification-controller namespace: flux-system @@ -7117,7 +12321,17 @@ spec: valueFrom: fieldRef: fieldPath: metadata.namespace - image: ghcr.io/fluxcd/notification-controller:v1.1.0 + - name: GOMAXPROCS + valueFrom: + resourceFieldRef: + containerName: manager + resource: limits.cpu + - name: GOMEMLIMIT + valueFrom: + resourceFieldRef: + containerName: manager + resource: limits.memory + image: ghcr.io/fluxcd/notification-controller:v1.3.0 imagePullPolicy: IfNotPresent livenessProbe: httpGet: