-
Notifications
You must be signed in to change notification settings - Fork 4
Expand file tree
/
Copy pathimagepolicy-image-v1beta2.json
More file actions
262 lines (262 loc) · 11.1 KB
/
imagepolicy-image-v1beta2.json
File metadata and controls
262 lines (262 loc) · 11.1 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
{
"description": "ImagePolicy is the Schema for the imagepolicies API",
"properties": {
"apiVersion": {
"description": "APIVersion defines the versioned schema of this representation of an object.\nServers should convert recognized schemas to the latest internal value, and\nmay reject unrecognized values.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources",
"type": "string"
},
"kind": {
"description": "Kind is a string value representing the REST resource this object represents.\nServers may infer this from the endpoint the client submits requests to.\nCannot be updated.\nIn CamelCase.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds",
"type": "string"
},
"metadata": {
"type": "object"
},
"spec": {
"description": "ImagePolicySpec defines the parameters for calculating the\nImagePolicy.",
"properties": {
"digestReflectionPolicy": {
"default": "Never",
"description": "DigestReflectionPolicy governs the setting of the `.status.latestRef.digest` field.\n\nNever: The digest field will always be set to the empty string.\n\nIfNotPresent: The digest field will be set to the digest of the elected\nlatest image if the field is empty and the image did not change.\n\nAlways: The digest field will always be set to the digest of the elected\nlatest image.\n\nDefault: Never.",
"enum": [
"Always",
"IfNotPresent",
"Never"
],
"type": "string"
},
"filterTags": {
"description": "FilterTags enables filtering for only a subset of tags based on a set of\nrules. If no rules are provided, all the tags from the repository will be\nordered and compared.",
"properties": {
"extract": {
"description": "Extract allows a capture group to be extracted from the specified regular\nexpression pattern, useful before tag evaluation.",
"type": "string"
},
"pattern": {
"description": "Pattern specifies a regular expression pattern used to filter for image\ntags.",
"type": "string"
}
},
"type": "object",
"additionalProperties": false
},
"imageRepositoryRef": {
"description": "ImageRepositoryRef points at the object specifying the image\nbeing scanned",
"properties": {
"name": {
"description": "Name of the referent.",
"type": "string"
},
"namespace": {
"description": "Namespace of the referent, when not specified it acts as LocalObjectReference.",
"type": "string"
}
},
"required": [
"name"
],
"type": "object",
"additionalProperties": false
},
"interval": {
"description": "Interval is the length of time to wait between\nrefreshing the digest of the latest tag when the\nreflection policy is set to \"Always\".\n\nDefaults to 10m.",
"pattern": "^([0-9]+(\\.[0-9]+)?(ms|s|m|h))+$",
"type": "string"
},
"policy": {
"description": "Policy gives the particulars of the policy to be followed in\nselecting the most recent image",
"properties": {
"alphabetical": {
"description": "Alphabetical set of rules to use for alphabetical ordering of the tags.",
"properties": {
"order": {
"default": "asc",
"description": "Order specifies the sorting order of the tags. Given the letters of the\nalphabet as tags, ascending order would select Z, and descending order\nwould select A.",
"enum": [
"asc",
"desc"
],
"type": "string"
}
},
"type": "object",
"additionalProperties": false
},
"numerical": {
"description": "Numerical set of rules to use for numerical ordering of the tags.",
"properties": {
"order": {
"default": "asc",
"description": "Order specifies the sorting order of the tags. Given the integer values\nfrom 0 to 9 as tags, ascending order would select 9, and descending order\nwould select 0.",
"enum": [
"asc",
"desc"
],
"type": "string"
}
},
"type": "object",
"additionalProperties": false
},
"semver": {
"description": "SemVer gives a semantic version range to check against the tags\navailable.",
"properties": {
"range": {
"description": "Range gives a semver range for the image tag; the highest\nversion within the range that's a tag yields the latest image.",
"type": "string"
}
},
"required": [
"range"
],
"type": "object",
"additionalProperties": false
}
},
"type": "object",
"additionalProperties": false
},
"suspend": {
"description": "This flag tells the controller to suspend subsequent policy reconciliations.\nIt does not apply to already started reconciliations. Defaults to false.",
"type": "boolean"
}
},
"required": [
"imageRepositoryRef",
"policy"
],
"type": "object",
"x-kubernetes-validations": [
{
"message": "spec.interval is only accepted when spec.digestReflectionPolicy is set to 'Always'",
"rule": "!has(self.interval) || (has(self.digestReflectionPolicy) && self.digestReflectionPolicy == 'Always')"
},
{
"message": "spec.interval must be set when spec.digestReflectionPolicy is set to 'Always'",
"rule": "has(self.interval) || !has(self.digestReflectionPolicy) || self.digestReflectionPolicy != 'Always'"
}
],
"additionalProperties": false
},
"status": {
"default": {
"observedGeneration": -1
},
"description": "ImagePolicyStatus defines the observed state of ImagePolicy",
"properties": {
"conditions": {
"items": {
"description": "Condition contains details for one aspect of the current state of this API Resource.",
"properties": {
"lastTransitionTime": {
"description": "lastTransitionTime is the last time the condition transitioned from one status to another.\nThis should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable.",
"format": "date-time",
"type": "string"
},
"message": {
"description": "message is a human readable message indicating details about the transition.\nThis may be an empty string.",
"maxLength": 32768,
"type": "string"
},
"observedGeneration": {
"description": "observedGeneration represents the .metadata.generation that the condition was set based upon.\nFor instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date\nwith respect to the current state of the instance.",
"format": "int64",
"minimum": 0,
"type": "integer"
},
"reason": {
"description": "reason contains a programmatic identifier indicating the reason for the condition's last transition.\nProducers of specific condition types may define expected values and meanings for this field,\nand whether the values are considered a guaranteed API.\nThe value should be a CamelCase string.\nThis field may not be empty.",
"maxLength": 1024,
"minLength": 1,
"pattern": "^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$",
"type": "string"
},
"status": {
"description": "status of the condition, one of True, False, Unknown.",
"enum": [
"True",
"False",
"Unknown"
],
"type": "string"
},
"type": {
"description": "type of condition in CamelCase or in foo.example.com/CamelCase.",
"maxLength": 316,
"pattern": "^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$",
"type": "string"
}
},
"required": [
"lastTransitionTime",
"message",
"reason",
"status",
"type"
],
"type": "object",
"additionalProperties": false
},
"type": "array"
},
"lastHandledReconcileAt": {
"description": "LastHandledReconcileAt holds the value of the most recent\nreconcile request value, so a change of the annotation value\ncan be detected.",
"type": "string"
},
"latestRef": {
"description": "LatestRef gives the first in the list of images scanned by\nthe image repository, when filtered and ordered according\nto the policy.",
"properties": {
"digest": {
"description": "Digest is the image's digest.",
"type": "string"
},
"name": {
"description": "Name is the bare image's name.",
"type": "string"
},
"tag": {
"description": "Tag is the image's tag.",
"type": "string"
}
},
"required": [
"name",
"tag"
],
"type": "object",
"additionalProperties": false
},
"observedGeneration": {
"format": "int64",
"type": "integer"
},
"observedPreviousRef": {
"description": "ObservedPreviousRef is the observed previous LatestRef. It is used\nto keep track of the previous and current images.",
"properties": {
"digest": {
"description": "Digest is the image's digest.",
"type": "string"
},
"name": {
"description": "Name is the bare image's name.",
"type": "string"
},
"tag": {
"description": "Tag is the image's tag.",
"type": "string"
}
},
"required": [
"name",
"tag"
],
"type": "object",
"additionalProperties": false
}
},
"type": "object",
"additionalProperties": false
}
},
"type": "object"
}