@@ -8736,9 +8736,6 @@ spec:
87368736 for all ArgoCD components.
87378737 type: string
87388738 type: object
8739- x-kubernetes-validations:
8740- - message: spec.sso and spec.oidcConfig cannot both be set
8741- rule: '!(has(self.sso) && has(self.oidcConfig))'
87428739 status:
87438740 description: ArgoCDStatus defines the observed state of ArgoCD
87448741 properties:
@@ -21945,6 +21942,237 @@ spec:
2194521942 - name
2194621943 type: object
2194721944 type: array
21945+ systemCATrust:
21946+ description: Custom certificates to inject into the repo server
21947+ container and its plugins to trust source hosting sites
21948+ properties:
21949+ clusterTrustBundles:
21950+ description: ClusterTrustBundles is a list of projected ClusterTrustBundle
21951+ volume definitions from where to take the trust certs.
21952+ items:
21953+ description: |-
21954+ ClusterTrustBundleProjection describes how to select a set of
21955+ ClusterTrustBundle objects and project their contents into the pod
21956+ filesystem.
21957+ properties:
21958+ labelSelector:
21959+ description: |-
21960+ Select all ClusterTrustBundles that match this label selector. Only has
21961+ effect if signerName is set. Mutually-exclusive with name. If unset,
21962+ interpreted as "match nothing". If set but empty, interpreted as "match
21963+ everything".
21964+ properties:
21965+ matchExpressions:
21966+ description: matchExpressions is a list of label
21967+ selector requirements. The requirements are ANDed.
21968+ items:
21969+ description: |-
21970+ A label selector requirement is a selector that contains values, a key, and an operator that
21971+ relates the key and values.
21972+ properties:
21973+ key:
21974+ description: key is the label key that the
21975+ selector applies to.
21976+ type: string
21977+ operator:
21978+ description: |-
21979+ operator represents a key's relationship to a set of values.
21980+ Valid operators are In, NotIn, Exists and DoesNotExist.
21981+ type: string
21982+ values:
21983+ description: |-
21984+ values is an array of string values. If the operator is In or NotIn,
21985+ the values array must be non-empty. If the operator is Exists or DoesNotExist,
21986+ the values array must be empty. This array is replaced during a strategic
21987+ merge patch.
21988+ items:
21989+ type: string
21990+ type: array
21991+ x-kubernetes-list-type: atomic
21992+ required:
21993+ - key
21994+ - operator
21995+ type: object
21996+ type: array
21997+ x-kubernetes-list-type: atomic
21998+ matchLabels:
21999+ additionalProperties:
22000+ type: string
22001+ description: |-
22002+ matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels
22003+ map is equivalent to an element of matchExpressions, whose key field is "key", the
22004+ operator is "In", and the values array contains only "value". The requirements are ANDed.
22005+ type: object
22006+ type: object
22007+ x-kubernetes-map-type: atomic
22008+ name:
22009+ description: |-
22010+ Select a single ClusterTrustBundle by object name. Mutually-exclusive
22011+ with signerName and labelSelector.
22012+ type: string
22013+ optional:
22014+ description: |-
22015+ If true, don't block pod startup if the referenced ClusterTrustBundle(s)
22016+ aren't available. If using name, then the named ClusterTrustBundle is
22017+ allowed not to exist. If using signerName, then the combination of
22018+ signerName and labelSelector is allowed to match zero
22019+ ClusterTrustBundles.
22020+ type: boolean
22021+ path:
22022+ description: Relative path from the volume root to write
22023+ the bundle.
22024+ type: string
22025+ signerName:
22026+ description: |-
22027+ Select all ClusterTrustBundles that match this signer name.
22028+ Mutually-exclusive with name. The contents of all selected
22029+ ClusterTrustBundles will be unified and deduplicated.
22030+ type: string
22031+ required:
22032+ - path
22033+ type: object
22034+ type: array
22035+ configMaps:
22036+ description: ConfigMaps is a list of projected ConfigMap volume
22037+ definitions from where to take the trust certs.
22038+ items:
22039+ description: |-
22040+ Adapts a ConfigMap into a projected volume.
22041+
22042+ The contents of the target ConfigMap's Data field will be presented in a
22043+ projected volume as files using the keys in the Data field as the file names,
22044+ unless the items element is populated with specific mappings of keys to paths.
22045+ Note that this is identical to a configmap volume source without the default
22046+ mode.
22047+ properties:
22048+ items:
22049+ description: |-
22050+ items if unspecified, each key-value pair in the Data field of the referenced
22051+ ConfigMap will be projected into the volume as a file whose name is the
22052+ key and content is the value. If specified, the listed keys will be
22053+ projected into the specified paths, and unlisted keys will not be
22054+ present. If a key is specified which is not present in the ConfigMap,
22055+ the volume setup will error unless it is marked optional. Paths must be
22056+ relative and may not contain the '..' path or start with '..'.
22057+ items:
22058+ description: Maps a string key to a path within a
22059+ volume.
22060+ properties:
22061+ key:
22062+ description: key is the key to project.
22063+ type: string
22064+ mode:
22065+ description: |-
22066+ mode is Optional: mode bits used to set permissions on this file.
22067+ Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511.
22068+ YAML accepts both octal and decimal values, JSON requires decimal values for mode bits.
22069+ If not specified, the volume defaultMode will be used.
22070+ This might be in conflict with other options that affect the file
22071+ mode, like fsGroup, and the result can be other mode bits set.
22072+ format: int32
22073+ type: integer
22074+ path:
22075+ description: |-
22076+ path is the relative path of the file to map the key to.
22077+ May not be an absolute path.
22078+ May not contain the path element '..'.
22079+ May not start with the string '..'.
22080+ type: string
22081+ required:
22082+ - key
22083+ - path
22084+ type: object
22085+ type: array
22086+ x-kubernetes-list-type: atomic
22087+ name:
22088+ default: ""
22089+ description: |-
22090+ Name of the referent.
22091+ This field is effectively required, but due to backwards compatibility is
22092+ allowed to be empty. Instances of this type with an empty value here are
22093+ almost certainly wrong.
22094+ More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
22095+ type: string
22096+ optional:
22097+ description: optional specify whether the ConfigMap
22098+ or its keys must be defined
22099+ type: boolean
22100+ type: object
22101+ x-kubernetes-map-type: atomic
22102+ type: array
22103+ dropImageCertificates:
22104+ description: DropImageCertificates will remove all certs that
22105+ are present in the image, leaving only those explicitly
22106+ configured here.
22107+ type: boolean
22108+ secrets:
22109+ description: Secrets is a list of projected Secret volume
22110+ definitions from where to take the trust certs.
22111+ items:
22112+ description: |-
22113+ Adapts a secret into a projected volume.
22114+
22115+ The contents of the target Secret's Data field will be presented in a
22116+ projected volume as files using the keys in the Data field as the file names.
22117+ Note that this is identical to a secret volume source without the default
22118+ mode.
22119+ properties:
22120+ items:
22121+ description: |-
22122+ items if unspecified, each key-value pair in the Data field of the referenced
22123+ Secret will be projected into the volume as a file whose name is the
22124+ key and content is the value. If specified, the listed keys will be
22125+ projected into the specified paths, and unlisted keys will not be
22126+ present. If a key is specified which is not present in the Secret,
22127+ the volume setup will error unless it is marked optional. Paths must be
22128+ relative and may not contain the '..' path or start with '..'.
22129+ items:
22130+ description: Maps a string key to a path within a
22131+ volume.
22132+ properties:
22133+ key:
22134+ description: key is the key to project.
22135+ type: string
22136+ mode:
22137+ description: |-
22138+ mode is Optional: mode bits used to set permissions on this file.
22139+ Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511.
22140+ YAML accepts both octal and decimal values, JSON requires decimal values for mode bits.
22141+ If not specified, the volume defaultMode will be used.
22142+ This might be in conflict with other options that affect the file
22143+ mode, like fsGroup, and the result can be other mode bits set.
22144+ format: int32
22145+ type: integer
22146+ path:
22147+ description: |-
22148+ path is the relative path of the file to map the key to.
22149+ May not be an absolute path.
22150+ May not contain the path element '..'.
22151+ May not start with the string '..'.
22152+ type: string
22153+ required:
22154+ - key
22155+ - path
22156+ type: object
22157+ type: array
22158+ x-kubernetes-list-type: atomic
22159+ name:
22160+ default: ""
22161+ description: |-
22162+ Name of the referent.
22163+ This field is effectively required, but due to backwards compatibility is
22164+ allowed to be empty. Instances of this type with an empty value here are
22165+ almost certainly wrong.
22166+ More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
22167+ type: string
22168+ optional:
22169+ description: optional field specify whether the Secret
22170+ or its key must be defined
22171+ type: boolean
22172+ type: object
22173+ x-kubernetes-map-type: atomic
22174+ type: array
22175+ type: object
2194822176 verifytls:
2194922177 description: VerifyTLS defines whether repo server API should
2195022178 be accessed using strict TLS validation
0 commit comments