diff --git a/operators/grafana-operator/5.22.0/manifests/grafana-operator-manager-config_v1_configmap.yaml b/operators/grafana-operator/5.22.0/manifests/grafana-operator-manager-config_v1_configmap.yaml
new file mode 100644
index 000000000000..0441dafa87e7
--- /dev/null
+++ b/operators/grafana-operator/5.22.0/manifests/grafana-operator-manager-config_v1_configmap.yaml
@@ -0,0 +1,17 @@
+apiVersion: v1
+data:
+ controller_manager_config.yaml: |
+ apiVersion: controller-runtime.sigs.k8s.io/v1alpha1
+ kind: ControllerManagerConfig
+ health:
+ healthProbeBindAddress: :8081
+ metrics:
+ bindAddress: 127.0.0.1:8080
+ webhook:
+ port: 9443
+ leaderElection:
+ leaderElect: true
+ resourceName: f75f3bba.integreatly.org
+kind: ConfigMap
+metadata:
+ name: grafana-operator-manager-config
diff --git a/operators/grafana-operator/5.22.0/manifests/grafana-operator-operator-metrics-service_v1_service.yaml b/operators/grafana-operator/5.22.0/manifests/grafana-operator-operator-metrics-service_v1_service.yaml
new file mode 100644
index 000000000000..118ffd22bb91
--- /dev/null
+++ b/operators/grafana-operator/5.22.0/manifests/grafana-operator-operator-metrics-service_v1_service.yaml
@@ -0,0 +1,23 @@
+apiVersion: v1
+kind: Service
+metadata:
+ creationTimestamp: null
+ labels:
+ app.kubernetes.io/managed-by: olm
+ app.kubernetes.io/name: grafana-operator
+ name: grafana-operator-operator-metrics-service
+spec:
+ ports:
+ - name: metrics
+ port: 9090
+ protocol: TCP
+ targetPort: metrics
+ - name: pprof
+ port: 8888
+ protocol: TCP
+ targetPort: pprof
+ selector:
+ app.kubernetes.io/managed-by: olm
+ app.kubernetes.io/name: grafana-operator
+status:
+ loadBalancer: {}
diff --git a/operators/grafana-operator/5.22.0/manifests/grafana-operator.clusterserviceversion.yaml b/operators/grafana-operator/5.22.0/manifests/grafana-operator.clusterserviceversion.yaml
new file mode 100644
index 000000000000..b98366856322
--- /dev/null
+++ b/operators/grafana-operator/5.22.0/manifests/grafana-operator.clusterserviceversion.yaml
@@ -0,0 +1,659 @@
+apiVersion: operators.coreos.com/v1alpha1
+kind: ClusterServiceVersion
+metadata:
+ annotations:
+ alm-examples: |-
+ [
+ {
+ "apiVersion": "grafana.integreatly.org/v1beta1",
+ "kind": "Grafana",
+ "metadata": {
+ "labels": {
+ "dashboards": "grafana-a",
+ "folders": "grafana-a"
+ },
+ "name": "grafana-a"
+ },
+ "spec": {
+ "config": {
+ "auth": {
+ "disable_login_form": "false"
+ },
+ "log": {
+ "mode": "console"
+ },
+ "security": {
+ "admin_password": "start",
+ "admin_user": "root"
+ }
+ }
+ }
+ },
+ {
+ "apiVersion": "grafana.integreatly.org/v1beta1",
+ "kind": "GrafanaAlertRuleGroup",
+ "metadata": {
+ "name": "grafanaalertrulegroup-sample"
+ },
+ "spec": {
+ "folderRef": "test-folder-from-operator",
+ "instanceSelector": {
+ "matchLabels": {
+ "dashboards": "grafana"
+ }
+ },
+ "interval": "5m",
+ "rules": [
+ {
+ "condition": "B",
+ "data": [
+ {
+ "datasourceUid": "grafanacloud-demoinfra-prom",
+ "model": {
+ "datasource": {
+ "type": "prometheus",
+ "uid": "grafanacloud-demoinfra-prom"
+ },
+ "editorMode": "code",
+ "expr": "weather_temp_c{}",
+ "instant": true,
+ "intervalMs": 1000,
+ "legendFormat": "__auto",
+ "maxDataPoints": 43200,
+ "range": false,
+ "refId": "A"
+ },
+ "refId": "A",
+ "relativeTimeRange": {
+ "from": 600
+ }
+ },
+ {
+ "datasourceUid": "__expr__",
+ "model": {
+ "conditions": [
+ {
+ "evaluator": {
+ "params": [
+ 0
+ ],
+ "type": "gt"
+ },
+ "operator": {
+ "type": "and"
+ },
+ "query": {
+ "params": [
+ "C"
+ ]
+ },
+ "reducer": {
+ "params": [],
+ "type": "last"
+ },
+ "type": "query"
+ }
+ ],
+ "datasource": {
+ "type": "__expr__",
+ "uid": "__expr__"
+ },
+ "expression": "A",
+ "intervalMs": 1000,
+ "maxDataPoints": 43200,
+ "refId": "B",
+ "type": "threshold"
+ },
+ "refId": "B",
+ "relativeTimeRange": {
+ "from": 600
+ }
+ }
+ ],
+ "execErrState": "Error",
+ "for": "5m0s",
+ "noDataState": "NoData",
+ "title": "Temperature below freezing",
+ "uid": "4843de5c-4f8a-4af0-9509-23526a04faf8"
+ }
+ ]
+ }
+ },
+ {
+ "apiVersion": "grafana.integreatly.org/v1beta1",
+ "kind": "GrafanaContactPoint",
+ "metadata": {
+ "labels": {
+ "app.kubernetes.io/created-by": "grafana-operator",
+ "app.kubernetes.io/instance": "grafanacontactpoint-sample",
+ "app.kubernetes.io/managed-by": "kustomize",
+ "app.kubernetes.io/name": "grafanacontactpoint",
+ "app.kubernetes.io/part-of": "grafana-operator"
+ },
+ "name": "grafanacontactpoint-sample"
+ },
+ "spec": {
+ "instanceSelector": {
+ "matchLabels": {
+ "dashboards": "grafana-a"
+ }
+ },
+ "name": "grafanacontactpoint-sample",
+ "settings": {
+ "email": null
+ },
+ "type": "email"
+ }
+ },
+ {
+ "apiVersion": "grafana.integreatly.org/v1beta1",
+ "kind": "GrafanaDashboard",
+ "metadata": {
+ "name": "grafanadashboard-sample"
+ },
+ "spec": {
+ "instanceSelector": {
+ "matchLabels": {
+ "dashboards": "grafana-a"
+ }
+ },
+ "json": "{\n\n \"id\": null,\n \"title\": \"Simple Dashboard\",\n \"tags\": [],\n \"style\": \"dark\",\n \"timezone\": \"browser\",\n \"editable\": true,\n \"hideControls\": false,\n \"graphTooltip\": 1,\n \"panels\": [],\n \"time\": {\n \"from\": \"now-6h\",\n \"to\": \"now\"\n },\n \"timepicker\": {\n \"time_options\": [],\n \"refresh_intervals\": []\n },\n \"templating\": {\n \"list\": []\n },\n \"annotations\": {\n \"list\": []\n },\n \"refresh\": \"5s\",\n \"schemaVersion\": 17,\n \"version\": 0,\n \"links\": []\n}\n"
+ }
+ },
+ {
+ "apiVersion": "grafana.integreatly.org/v1beta1",
+ "kind": "GrafanaDatasource",
+ "metadata": {
+ "name": "grafanadatasource-sample"
+ },
+ "spec": {
+ "datasource": {
+ "access": "proxy",
+ "isDefault": true,
+ "jsonData": {
+ "timeInterval": "5s",
+ "tlsSkipVerify": true
+ },
+ "name": "prometheus",
+ "type": "prometheus",
+ "url": "http://prometheus-service:9090"
+ },
+ "instanceSelector": {
+ "matchLabels": {
+ "dashboards": "grafana-a"
+ }
+ },
+ "plugins": [
+ {
+ "name": "grafana-clock-panel",
+ "version": "1.3.0"
+ }
+ ]
+ }
+ },
+ {
+ "apiVersion": "grafana.integreatly.org/v1beta1",
+ "kind": "GrafanaFolder",
+ "metadata": {
+ "name": "grafanafolder-sample"
+ },
+ "spec": {
+ "instanceSelector": {
+ "matchLabels": {
+ "dashboards": "grafana-a"
+ }
+ },
+ "title": "Example Folder"
+ }
+ },
+ {
+ "apiVersion": "grafana.integreatly.org/v1beta1",
+ "kind": "GrafanaLibraryPanel",
+ "metadata": {
+ "name": "grafana-library-panel-inline-envs"
+ },
+ "spec": {
+ "envs": [
+ {
+ "name": "CUSTOM_RANGE_ENV",
+ "value": "now - 12h"
+ }
+ ],
+ "instanceSelector": {
+ "matchLabels": {
+ "dashboards": "grafana"
+ }
+ },
+ "jsonnet": "local myRange = std.extVar('CUSTOM_RANGE_ENV'); {\n\n model: {}\n}\n",
+ "plugins": [
+ {
+ "name": "grafana-piechart-panel",
+ "version": "1.3.9"
+ }
+ ]
+ }
+ },
+ {
+ "apiVersion": "grafana.integreatly.org/v1beta1",
+ "kind": "GrafanaMuteTiming",
+ "metadata": {
+ "name": "mutetiming-sample"
+ },
+ "spec": {
+ "editable": false,
+ "instanceSelector": {
+ "matchLabels": {
+ "dashboards": "grafana"
+ }
+ },
+ "name": "mutetiming-sample",
+ "time_intervals": [
+ {
+ "days_of_month": [
+ "1",
+ "15"
+ ],
+ "location": "Asia/Shanghai",
+ "times": [
+ {
+ "end_time": "06:00",
+ "start_time": "00:00"
+ }
+ ],
+ "weekdays": [
+ "saturday"
+ ]
+ }
+ ]
+ }
+ },
+ {
+ "apiVersion": "grafana.integreatly.org/v1beta1",
+ "kind": "GrafanaNotificationPolicy",
+ "metadata": {
+ "name": "grafananotificationpolicy-sample"
+ },
+ "spec": {
+ "instanceSelector": {
+ "matchLabels": {
+ "dashboards": "grafana"
+ }
+ },
+ "route": {
+ "group_by": [
+ "grafana_folder",
+ "alertname"
+ ],
+ "receiver": "Grafana Cloud OnCall",
+ "routes": [
+ {
+ "object_matchers": [
+ [
+ "foo",
+ "=",
+ "bar"
+ ]
+ ],
+ "receiver": "grafana-default-email",
+ "routes": [
+ {
+ "object_matchers": [
+ [
+ "severity",
+ "=",
+ "critical"
+ ]
+ ],
+ "receiver": "Grafana Cloud OnCall"
+ }
+ ]
+ }
+ ]
+ }
+ }
+ },
+ {
+ "apiVersion": "grafana.integreatly.org/v1beta1",
+ "kind": "GrafanaNotificationPolicyRoute",
+ "metadata": {
+ "labels": {
+ "app.kubernetes.io/created-by": "grafana-operator",
+ "app.kubernetes.io/instance": "grafananotificationpolicyroute-sample",
+ "app.kubernetes.io/managed-by": "kustomize",
+ "app.kubernetes.io/name": "grafananotificationpolicyroute",
+ "app.kubernetes.io/part-of": "grafana-operator"
+ },
+ "name": "grafananotificationpolicyroute-sample"
+ },
+ "spec": null
+ },
+ {
+ "apiVersion": "grafana.integreatly.org/v1beta1",
+ "kind": "GrafanaNotificationTemplate",
+ "metadata": {
+ "name": "test"
+ },
+ "spec": {
+ "instanceSelector": {
+ "matchLabels": {
+ "dashboards": "grafana"
+ }
+ },
+ "name": "test",
+ "template": "{{ define \"SlackAlert\" }}\n [{{.Status}}] {{ .Labels.alertname }}\n {{ .Annotations.AlertValues }}\n{{ end }}\n\n{{ define \"SlackAlertMessage\" }}\n {{ if gt (len .Alerts.Firing) 0 }}\n {{ len .Alerts.Firing }} firing:\n {{ range .Alerts.Firing }} {{ template \"SlackAlert\" . }} {{ end }}\n {{ end }}\n {{ if gt (len .Alerts.Resolved) 0 }}\n {{ len .Alerts.Resolved }} resolved:\n {{ range .Alerts.Resolved }} {{ template \"SlackAlert\" . }} {{ end }}\n {{ end }}\n{{ end }}\n\n{{ template \"SlackAlertMessage\" . }}\n"
+ }
+ },
+ {
+ "apiVersion": "grafana.integreatly.org/v1beta1",
+ "kind": "GrafanaServiceAccount",
+ "metadata": {
+ "name": "my-service-account"
+ },
+ "spec": {
+ "instanceName": "my-grafana",
+ "isDisabled": false,
+ "name": "my-service-account",
+ "role": "Admin",
+ "tokens": [
+ {
+ "expires": "2029-12-31T14:00:00+02:00",
+ "name": "my-token-a",
+ "secretName": "thatsfine"
+ },
+ {
+ "name": "my-token-b"
+ }
+ ]
+ }
+ }
+ ]
+ capabilities: Basic Install
+ categories: Monitoring
+ createdAt: "2026-02-24T11:24:46Z"
+ description: Deploys and manages Grafana instances, dashboards and data sources
+ operators.operatorframework.io/builder: operator-sdk-v1.32.0
+ operators.operatorframework.io/project_layout: go.kubebuilder.io/v3
+ repository: https://github.com/grafana/grafana-operator
+ support: Grafana Labs
+ containerImage: ghcr.io/grafana/grafana-operator:v5.22.0
+ name: grafana-operator.v5.22.0
+ namespace: placeholder
+spec:
+ apiservicedefinitions: {}
+ customresourcedefinitions:
+ owned:
+ - description: Alert rule groups that contain multiple alert rules
+ displayName: Grafana Alert Rule Group
+ kind: GrafanaAlertRuleGroup
+ name: grafanaalertrulegroups.grafana.integreatly.org
+ version: v1beta1
+ - description: Contact Points
+ displayName: Grafana Contact Point
+ kind: GrafanaContactPoint
+ name: grafanacontactpoints.grafana.integreatly.org
+ version: v1beta1
+ - description: Dashboards
+ displayName: Grafana Dashboard
+ kind: GrafanaDashboard
+ name: grafanadashboards.grafana.integreatly.org
+ version: v1beta1
+ - description: Data Sources
+ displayName: Grafana Datasource
+ kind: GrafanaDatasource
+ name: grafanadatasources.grafana.integreatly.org
+ version: v1beta1
+ - description: Folder for dashboards & alerts
+ displayName: Grafana Folder
+ kind: GrafanaFolder
+ name: grafanafolders.grafana.integreatly.org
+ version: v1beta1
+ - description: Library Panel for use in dashboards
+ displayName: GrafanaLibraryPanel
+ kind: GrafanaLibraryPanel
+ name: grafanalibrarypanels.grafana.integreatly.org
+ version: v1beta1
+ - kind: GrafanaManifest
+ name: grafanamanifests.grafana.integreatly.org
+ version: v1beta1
+ - description: Mute Timings that silence alerts
+ kind: GrafanaMuteTiming
+ name: grafanamutetimings.grafana.integreatly.org
+ version: v1beta1
+ - description: Notification Policy Tree
+ displayName: Grafana Notification policy
+ kind: GrafanaNotificationPolicy
+ name: grafananotificationpolicies.grafana.integreatly.org
+ version: v1beta1
+ - description: GrafanaNotificationPolicyRoute is the Schema for the grafananotificationpolicyroutes API
+ displayName: Grafana Notification Policy Route
+ kind: GrafanaNotificationPolicyRoute
+ name: grafananotificationpolicyroutes.grafana.integreatly.org
+ version: v1beta1
+ - description: Templates for use in notifications
+ kind: GrafanaNotificationTemplate
+ name: grafananotificationtemplates.grafana.integreatly.org
+ version: v1beta1
+ - description: Grafana Instances
+ displayName: Grafana
+ kind: Grafana
+ name: grafanas.grafana.integreatly.org
+ version: v1beta1
+ - description: Grafana service accounts
+ kind: GrafanaServiceAccount
+ name: grafanaserviceaccounts.grafana.integreatly.org
+ version: v1beta1
+ description: Deploys and manages Grafana instances, dashboards and data sources
+ displayName: Grafana Operator
+ icon:
+ - base64data: PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0iVVRGLTgiIHN0YW5kYWxvbmU9Im5vIj8+CjwhLS0gR2VuZXJhdG9yOiBBZG9iZSBJbGx1c3RyYXRvciAyMC4xLjAsIFNWRyBFeHBvcnQgUGx1Zy1JbiAuIFNWRyBWZXJzaW9uOiA2LjAwIEJ1aWxkIDApICAtLT4KCjxzdmcKICAgeG1sbnM6ZGM9Imh0dHA6Ly9wdXJsLm9yZy9kYy9lbGVtZW50cy8xLjEvIgogICB4bWxuczpjYz0iaHR0cDovL2NyZWF0aXZlY29tbW9ucy5vcmcvbnMjIgogICB4bWxuczpyZGY9Imh0dHA6Ly93d3cudzMub3JnLzE5OTkvMDIvMjItcmRmLXN5bnRheC1ucyMiCiAgIHhtbG5zOnN2Zz0iaHR0cDovL3d3dy53My5vcmcvMjAwMC9zdmciCiAgIHhtbG5zPSJodHRwOi8vd3d3LnczLm9yZy8yMDAwL3N2ZyIKICAgeG1sbnM6c29kaXBvZGk9Imh0dHA6Ly9zb2RpcG9kaS5zb3VyY2Vmb3JnZS5uZXQvRFREL3NvZGlwb2RpLTAuZHRkIgogICB4bWxuczppbmtzY2FwZT0iaHR0cDovL3d3dy5pbmtzY2FwZS5vcmcvbmFtZXNwYWNlcy9pbmtzY2FwZSIKICAgdmVyc2lvbj0iMS4xIgogICBpZD0iTGF5ZXJfMSIKICAgeD0iMHB4IgogICB5PSIwcHgiCiAgIHdpZHRoPSI1Ny43OTk5OTkiCiAgIGhlaWdodD0iNTcuNzk5OTk5IgogICB2aWV3Qm94PSIwIDAgNTcuNzk5OTk5IDU3LjgiCiAgIHhtbDpzcGFjZT0icHJlc2VydmUiCiAgIHNvZGlwb2RpOmRvY25hbWU9ImxvZ29fc21hbGwuc3ZnIgogICBpbmtzY2FwZTp2ZXJzaW9uPSIwLjkyLjQgKDVkYTY4OWMzMTMsIDIwMTktMDEtMTQpIj48bWV0YWRhdGEKICAgaWQ9Im1ldGFkYXRhMzc4NSI+PHJkZjpSREY+PGNjOldvcmsKICAgICAgIHJkZjphYm91dD0iIj48ZGM6Zm9ybWF0PmltYWdlL3N2Zyt4bWw8L2RjOmZvcm1hdD48ZGM6dHlwZQogICAgICAgICByZGY6cmVzb3VyY2U9Imh0dHA6Ly9wdXJsLm9yZy9kYy9kY21pdHlwZS9TdGlsbEltYWdlIiAvPjxkYzp0aXRsZT48L2RjOnRpdGxlPjwvY2M6V29yaz48L3JkZjpSREY+PC9tZXRhZGF0YT48ZGVmcwogICBpZD0iZGVmczM3ODMiIC8+PHNvZGlwb2RpOm5hbWVkdmlldwogICBwYWdlY29sb3I9IiNmZmZmZmYiCiAgIGJvcmRlcmNvbG9yPSIjNjY2NjY2IgogICBib3JkZXJvcGFjaXR5PSIxIgogICBvYmplY3R0b2xlcmFuY2U9IjEwIgogICBncmlkdG9sZXJhbmNlPSIxMCIKICAgZ3VpZGV0b2xlcmFuY2U9IjEwIgogICBpbmtzY2FwZTpwYWdlb3BhY2l0eT0iMCIKICAgaW5rc2NhcGU6cGFnZXNoYWRvdz0iMiIKICAgaW5rc2NhcGU6d2luZG93LXdpZHRoPSIyNTYwIgogICBpbmtzY2FwZTp3aW5kb3ctaGVpZ2h0PSIxMzg2IgogICBpZD0ibmFtZWR2aWV3Mzc4MSIKICAgc2hvd2dyaWQ9ImZhbHNlIgogICBpbmtzY2FwZTp6b29tPSIxMy44NTg3MTQiCiAgIGlua3NjYXBlOmN4PSI3NS40MTI5MDQiCiAgIGlua3NjYXBlOmN5PSIyMy4wNzc2MDYiCiAgIGlua3NjYXBlOndpbmRvdy14PSIwIgogICBpbmtzY2FwZTp3aW5kb3cteT0iMCIKICAgaW5rc2NhcGU6d2luZG93LW1heGltaXplZD0iMSIKICAgaW5rc2NhcGU6Y3VycmVudC1sYXllcj0iTGF5ZXJfMSIgLz4KPHN0eWxlCiAgIHR5cGU9InRleHQvY3NzIgogICBpZD0ic3R5bGUzNzY5Ij4KCS5zdDB7ZmlsbDojRTZFN0U4O30KCS5zdDF7ZmlsbDp1cmwoI1NWR0lEXzFfKTt9Cjwvc3R5bGU+Cgo8bGluZWFyR3JhZGllbnQKICAgaWQ9IlNWR0lEXzFfIgogICBncmFkaWVudFVuaXRzPSJ1c2VyU3BhY2VPblVzZSIKICAgeDE9IjI2LjcwMDAwMSIKICAgeTE9Ii05Ljg1MDE5OTciCiAgIHgyPSIyNi43MDAwMDEiCiAgIHkyPSI0My4xNjYiCiAgIGdyYWRpZW50VHJhbnNmb3JtPSJtYXRyaXgoMSwwLDAsLTEsMiw2MC4wMDAwMDIpIj4KCTxzdG9wCiAgIG9mZnNldD0iMCIKICAgc3R5bGU9InN0b3AtY29sb3I6I0ZGRjEwMCIKICAgaWQ9InN0b3AzNzczIiAvPgoJPHN0b3AKICAgb2Zmc2V0PSIxIgogICBzdHlsZT0ic3RvcC1jb2xvcjojRjA1QTI4IgogICBpZD0ic3RvcDM3NzUiIC8+CjwvbGluZWFyR3JhZGllbnQ+CjxwYXRoCiAgIGNsYXNzPSJzdDEiCiAgIGQ9Im0gNTUuMSwyNS41MDAwMDIgYyAtMC4xLC0xIC0wLjMsLTIuMSAtMC42LC0zLjMgLTAuMywtMS4yIC0wLjgsLTIuNiAtMS41LC00IC0wLjcsLTEuNCAtMS42LC0yLjkgLTIuOCwtNC4zIC0wLjUsLTAuNiAtMSwtMS4xIC0xLjUsLTEuNiAwLjgsLTMuMjAwMDAwNCAtMSwtNi4wMDAwMDA0IC0xLC02LjAwMDAwMDQgLTMuMSwtMC4yIC01LjEsMSAtNS44LDEuNSAtMC4xLC0wLjEgLTAuMiwtMC4xIC0wLjQsLTAuMiAtMC41LC0wLjIgLTEsLTAuNCAtMS42LC0wLjYgLTAuNiwtMC4yIC0xLjEsLTAuMyAtMS43LC0wLjUgLTAuNiwtMC4xIC0xLjIsLTAuMyAtMS44LC0wLjMgLTAuMSwwIC0wLjIsMCAtMC4zLDAgQyAzNC44LDEuODAwMDAxNiAzMC45LDEuNTI1ODc4OWUtNiAzMC45LDEuNTI1ODc4OWUtNiAyNi42LDIuODAwMDAxNiAyNS43LDYuNjAwMDAxNiAyNS43LDYuNjAwMDAxNiBjIDAsMCAwLDAuMSAwLDAuMiAtMC4yLDAuMSAtMC41LDAuMSAtMC43LDAuMiAtMC4zLDAuMSAtMC43LDAuMiAtMSwwLjMgLTAuMywwLjEgLTAuNywwLjMgLTEsMC40IC0wLjcsMC4zIC0xLjMsMC42IC0xLjksMSAtMC42LDAuMyAtMS4yLDAuNyAtMS44LDEuMSAtMC4xLDAgLTAuMiwtMC4xIC0wLjIsLTAuMSAtNiwtMi4zIC0xMS40LDAuNTAwMDAwNCAtMTEuNCwwLjUwMDAwMDQgLTAuNSw2LjQgMi40LDEwLjQgMywxMS4yIC0wLjEsMC40IC0wLjMsMC44IC0wLjQsMS4yIC0wLjQsMS40IC0wLjgsMi45IC0xLDQuNSAwLDAuMiAtMC4xLDAuNCAtMC4xLDAuNyAtNS42LDIuNyAtNy4yLDguNCAtNy4yLDguNCA0LjYsNS4zIDEwLDUuNyAxMCw1LjcgdiAwIGMgMC43LDEuMiAxLjUsMi40IDIuNCwzLjUgMC40LDAuNSAwLjgsMC45IDEuMiwxLjMgLTEuNyw0LjggMC4yLDguOSAwLjIsOC45IDUuMiwwLjIgOC42LC0yLjMgOS4zLC0yLjggMC41LDAuMiAxLDAuMyAxLjYsMC41IDEuNiwwLjQgMy4yLDAuNiA0LjgsMC43IDAuNCwwIDAuOCwwIDEuMiwwIGggMC4yIDAuMSAwLjMgMC4zIHYgMCBjIDIuNCwzLjUgNi43LDQgNi43LDQgMy40LC0zLjYgMy4yLC03LjIgMy4yLC03LjIgbCAtMC4xLC0wLjEgYyAwLjcsLTAuNSAxLjMsLTEgMS45LC0xLjUgMS4yLC0xLjEgMi4zLC0yLjQgMy4yLC0zLjcgMC4xLC0wLjEgMC4yLC0wLjMgMC4yLC0wLjQgMy40LDAuMiA1LjksLTIuMSA1LjksLTIuMSAtMC42LC00IC0zLjEsLTUuNyAtMy4xLC01LjcgaCAtMC4xIGMgMCwtMC4yIDAsLTAuNSAwLjEsLTAuNyAwLC0wLjQgMCwtMC44IDAsLTEuMiB2IC0wLjMgLTAuMSAtMC4xIGMgMCwtMC4xIDAsLTAuMSAwLC0wLjEgdiAtMC4yIC0wLjMgYyAwLC0wLjEgMCwtMC4yIDAsLTAuMyAwLC0wLjEgMCwtMC4yIDAsLTAuMyB2IC0wLjMgLTAuMyBjIC0wLjEsLTAuNCAtMC4xLC0wLjggLTAuMiwtMS4yIC0wLjQsLTEuNSAtMSwtMyAtMS44LC00LjMgLTAuOCwtMS4zIC0xLjgsLTIuNSAtMi45LC0zLjUgLTEuMSwtMSAtMi40LC0xLjggLTMuNywtMi40IC0xLjMsLTAuNiAtMi43LC0xIC00LjEsLTEuMSAtMC43LC0wLjEgLTEuNCwtMC4xIC0yLC0wLjEgaCAtMC4zIC0wLjEgLTAuMSAtMC4xIC0wLjMgYyAtMC4xLDAgLTAuMiwwIC0wLjMsMCAtMC4zLDAgLTAuNywwLjEgLTEsMC4xIC0xLjQsMC4zIC0yLjcsMC43IC0zLjgsMS40IC0xLjEsMC43IC0yLjEsMS41IC0yLjksMi41IC0wLjgsMSAtMS40LDIgLTEuOSwzLjEgLTAuNCwxLjEgLTAuNywyLjIgLTAuNywzLjMgMCwwLjMgMCwwLjYgMCwwLjggMCwwLjEgMCwwLjEgMCwwLjIgdiAwLjIgYyAwLDAuMSAwLDAuMyAwLDAuNCAwLjEsMC42IDAuMiwxLjEgMC4zLDEuNiAwLjMsMSAwLjgsMiAxLjQsMi44IDAuNiwwLjggMS4zLDEuNSAyLjEsMiAwLjgsMC41IDEuNiwwLjkgMi40LDEuMSAwLjgsMC4yIDEuNiwwLjMgMi4zLDAuMyAwLjEsMCAwLjIsMCAwLjMsMCBoIDAuMSAwLjEgYyAwLjEsMCAwLjIsMCAwLjIsMCAwLDAgMCwwIDAuMSwwIGggMC4xIDAuMSBjIDAuMSwwIDAuMiwwIDAuMywwIDAuMSwwIDAuMiwwIDAuMywtMC4xIDAuMiwwIDAuMywtMC4xIDAuNSwtMC4xIDAuMywtMC4xIDAuNiwtMC4yIDAuOSwtMC40IDAuMywtMC4xIDAuNSwtMC4zIDAuOCwtMC41IDAuMSwtMC4xIDAuMSwtMC4xIDAuMiwtMC4yIDAuMywtMC4yIDAuMywtMC42IDAuMSwtMC44IC0wLjIsLTAuMiAtMC41LC0wLjMgLTAuNywtMC4xIC0wLjIsLTAuMiAtMC4yLC0wLjEgLTAuMywtMC4xIC0wLjIsMC4xIC0wLjQsMC4yIC0wLjcsMC4zIC0wLjIsMC4xIC0wLjUsMC4xIC0wLjgsMC4yIC0wLjEsMCAtMC4zLDAgLTAuNCwwIC0wLjEsMCAtMC4xLDAgLTAuMiwwIC0wLjEsMCAtMC4xLDAgLTAuMiwwIC0wLjEsMCAtMC4xLDAgLTAuMiwwIC0wLjEsMCAtMC4yLDAgLTAuMiwwIHYgMCAwIEggMzQuMSAzNCBjIC0wLjEsMCAtMC4xLDAgLTAuMiwwIC0wLjYsLTAuMSAtMS4yLC0wLjMgLTEuNywtMC41IC0wLjYsLTAuMyAtMS4xLC0wLjYgLTEuNiwtMS4xIC0wLjUsLTAuNCAtMC45LC0xIC0xLjMsLTEuNiAtMC4zLC0wLjYgLTAuNiwtMS4zIC0wLjcsLTIgLTAuMSwtMC4zIC0wLjEsLTAuNyAtMC4xLC0xLjEgMCwtMC4xIDAsLTAuMiAwLC0wLjMgdiAwIDAgLTAuMSAtMC4xIGMgMCwtMC4yIDAsLTAuNCAwLjEsLTAuNiAwLjMsLTEuNSAxLC0zIDIuMiwtNC4yIDAuMywtMC4zIDAuNiwtMC41IDEsLTAuOCAwLjMsLTAuMiAwLjcsLTAuNCAxLjEsLTAuNiAwLjQsLTAuMiAwLjgsLTAuMyAxLjIsLTAuNCAwLjQsLTAuMSAwLjgsLTAuMiAxLjIsLTAuMiAwLjIsMCAwLjQsMCAwLjYsMCAwLjEsMCAwLjEsMCAwLjEsMCBoIDAuMiAwLjEgdiAwIDAgaCAwLjIgYyAwLjUsMCAwLjksMC4xIDEuNCwwLjIgMC45LDAuMiAxLjgsMC41IDIuNiwxIDEuNiwwLjkgMywyLjMgMy45LDQgMC40LDAuOCAwLjcsMS44IDAuOSwyLjcgMCwwLjIgMC4xLDAuNSAwLjEsMC43IHYgMC4yIDAuMiBjIDAsMC4xIDAsMC4xIDAsMC4yIDAsMC4xIDAsMC4xIDAsMC4yIHYgMC4yIDAuMiBjIDAsMC4xIDAsMC4zIDAsMC40IDAsMC4zIDAsMC41IC0wLjEsMC44IDAsMC4zIC0wLjEsMC41IC0wLjEsMC44IC0wLjEsMC4xIC0wLjEsMC4zIC0wLjIsMC42IC0wLjEsMC41IC0wLjMsMSAtMC41LDEuNSAtMC40LDEgLTAuOSwxLjkgLTEuNSwyLjcgLTEuMiwxLjcgLTIuOSwzLjEgLTQuOCwzLjkgLTEsMC40IC0yLDAuNyAtMywwLjkgLTAuNSwwLjEgLTEsMC4xIC0xLjYsMC4yIGggLTAuMSAtMC4xIC0wLjIgLTAuMyAtMC4xIGMgMC4xLDAgMCwwIDAsMCBoIC0wLjEgYyAtMC4zLDAgLTAuNiwwIC0wLjgsMCAtMS4xLC0wLjEgLTIuMiwtMC4zIC0zLjMsLTAuNiAtMS4xLC0wLjMgLTIuMSwtMC43IC0zLjEsLTEuMiAtMiwtMSAtMy43LC0yLjUgLTUuMSwtNC4yIC0wLjcsLTAuOSAtMS4zLC0xLjggLTEuOCwtMi44IC0wLjUsLTEgLTAuOSwtMiAtMS4yLC0zIC0wLjMsLTEgLTAuNSwtMi4xIC0wLjUsLTMuMiB2IC0wLjIgLTAuMSAwIC0wLjEgLTAuMiAwIC0wLjEgLTAuMSAtMC4zIDAgMCAtMC4xIGMgMCwtMC4xIDAsLTAuMyAwLC0wLjQgMCwtMC41IDAuMSwtMS4xIDAuMSwtMS42IDAuMSwtMC41IDAuMiwtMS4xIDAuMywtMS42IDAuMSwtMC41IDAuMiwtMS4xIDAuNCwtMS42IDAuMywtMS4xIDAuNywtMi4xIDEuMSwtMy4xIDAuOSwtMiAyLjEsLTMuNyAzLjUsLTUuMSAwLjQsLTAuMyAwLjcsLTAuNyAxLjEsLTEgMC40LC0wLjMgMC44LC0wLjYgMS4yLC0wLjkgMC40LC0wLjMgMC44LC0wLjUgMS4zLC0wLjcgMC4yLC0wLjEgMC40LC0wLjIgMC43LC0wLjMgMC4xLDAgMC4yLC0wLjEgMC4zLC0wLjEgMC4xLC0wLjEgMC4yLC0wLjEgMC4zLC0wLjEgMC40LC0wLjIgMC45LC0wLjQgMS40LC0wLjUgMC4xLDAgMC4yLC0wLjEgMC40LC0wLjEgMC4xLDAgMC4yLC0wLjEgMC40LC0wLjEgMC4yLC0wLjEgMC41LC0wLjEgMC43LC0wLjIgMC4xLDAgMC4yLC0wLjEgMC40LC0wLjEgMC4xLDAgMC4yLC0wLjEgMC40LC0wLjEgMC4xLDAgMC4yLDAgMC40LC0wLjEgaCAwLjIgMC4yIGMgMC4xLDAgMC4yLDAgMC40LC0wLjEgMC4xLDAgMC4zLDAgMC40LC0wLjEgMC4xLDAgMC4zLDAgMC40LDAgMC4xLDAgMC4yLDAgMC4zLDAgaCAwLjIgMC4xIDAuMSBjIDAuMSwwIDAuMywwIDAuNCwwIGggMC4yIGMgMCwwIDAuMSwwIDAsMCB2IDAgaCAwLjEgYyAwLjEsMCAwLjIsMCAwLjQsMCAwLjUsMCAwLjksMCAxLjQsMCAwLjksMCAxLjgsMC4xIDIuNywwLjMgMS44LDAuMyAzLjQsMC45IDQuOSwxLjYgMS41LDAuNyAyLjksMS42IDQsMi42IDAuMSwwLjEgMC4xLDAuMSAwLjIsMC4yIDAuMSwwLjEgMC4xLDAuMSAwLjIsMC4yIDAuMSwwLjEgMC4zLDAuMyAwLjQsMC40IDAuMSwwLjEgMC4zLDAuMyAwLjQsMC40IDAuMSwwLjEgMC4zLDAuMyAwLjQsMC40IDAuNSwwLjUgMSwxLjEgMS40LDEuNiAwLjgsMS4xIDEuNSwyLjEgMiwzLjIgMCwwLjEgMC4xLDAuMSAwLjEsMC4yIDAsMC4xIDAuMSwwLjEgMC4xLDAuMiAwLjEsMC4xIDAuMSwwLjMgMC4yLDAuNCAwLjEsMC4xIDAuMSwwLjIgMC4yLDAuNCAwLjEsMC4xIDAuMSwwLjIgMC4yLDAuNCAwLjIsMC41IDAuNCwwLjkgMC41LDEuNCAwLjIsMC43IDAuNCwxLjMgMC42LDEuOSAwLjEsMC4yIDAuMywwLjQgMC41LDAuMyAwLjIsMCAwLjQsLTAuMiAwLjQsLTAuNCAtMC4yLC0xLjEgLTAuMiwtMS44IC0wLjMsLTIuNiB6IgogICBpZD0icGF0aDM3NzgiCiAgIGlua3NjYXBlOmNvbm5lY3Rvci1jdXJ2YXR1cmU9IjAiCiAgIHN0eWxlPSJmaWxsOnVybCgjU1ZHSURfMV8pIiAvPgo8L3N2Zz4=
+ mediatype: image/svg+xml
+ install:
+ spec:
+ clusterPermissions:
+ - rules:
+ - apiGroups:
+ - ""
+ resources:
+ - configmaps
+ - persistentvolumeclaims
+ - secrets
+ - serviceaccounts
+ - services
+ verbs:
+ - create
+ - delete
+ - get
+ - list
+ - patch
+ - update
+ - watch
+ - apiGroups:
+ - apps
+ resources:
+ - deployments
+ verbs:
+ - create
+ - delete
+ - get
+ - list
+ - patch
+ - update
+ - watch
+ - apiGroups:
+ - events.k8s.io
+ resources:
+ - events
+ verbs:
+ - create
+ - patch
+ - apiGroups:
+ - gateway.networking.k8s.io
+ resources:
+ - httproutes
+ verbs:
+ - create
+ - delete
+ - get
+ - list
+ - patch
+ - update
+ - watch
+ - apiGroups:
+ - grafana.integreatly.org
+ resources:
+ - '*'
+ verbs:
+ - get
+ - list
+ - patch
+ - watch
+ - apiGroups:
+ - grafana.integreatly.org
+ resources:
+ - '*/finalizers'
+ verbs:
+ - patch
+ - update
+ - apiGroups:
+ - grafana.integreatly.org
+ resources:
+ - '*/status'
+ verbs:
+ - get
+ - patch
+ - update
+ - apiGroups:
+ - networking.k8s.io
+ resources:
+ - ingresses
+ verbs:
+ - create
+ - delete
+ - get
+ - list
+ - patch
+ - update
+ - watch
+ - apiGroups:
+ - route.openshift.io
+ resources:
+ - routes
+ - routes/custom-host
+ verbs:
+ - create
+ - delete
+ - get
+ - list
+ - update
+ - watch
+ serviceAccountName: grafana-operator-controller-manager
+ deployments:
+ - label:
+ app.kubernetes.io/managed-by: olm
+ app.kubernetes.io/name: grafana-operator
+ name: grafana-operator-controller-manager-v5
+ spec:
+ replicas: 1
+ selector:
+ matchLabels:
+ app.kubernetes.io/managed-by: olm
+ app.kubernetes.io/name: grafana-operator
+ strategy: {}
+ template:
+ metadata:
+ labels:
+ app.kubernetes.io/managed-by: olm
+ app.kubernetes.io/name: grafana-operator
+ spec:
+ containers:
+ - args:
+ - --health-probe-bind-address=:8081
+ - --metrics-bind-address=0.0.0.0:9090
+ - --leader-elect
+ env:
+ - name: RELATED_IMAGE_GRAFANA
+ value: docker.io/grafana/grafana:12.3.3
+ - name: WATCH_NAMESPACE
+ valueFrom:
+ fieldRef:
+ fieldPath: metadata.annotations['olm.targetNamespaces']
+ image: ghcr.io/grafana/grafana-operator:v5.22.0
+ imagePullPolicy: Always
+ livenessProbe:
+ httpGet:
+ path: /healthz
+ port: 8081
+ initialDelaySeconds: 15
+ periodSeconds: 20
+ name: manager
+ ports:
+ - containerPort: 9090
+ name: metrics
+ protocol: TCP
+ - containerPort: 8888
+ name: pprof
+ protocol: TCP
+ readinessProbe:
+ httpGet:
+ path: /readyz
+ port: 8081
+ initialDelaySeconds: 5
+ periodSeconds: 10
+ resources:
+ limits:
+ cpu: 200m
+ memory: 550Mi
+ requests:
+ cpu: 100m
+ memory: 20Mi
+ securityContext:
+ allowPrivilegeEscalation: false
+ securityContext:
+ runAsNonRoot: true
+ serviceAccountName: grafana-operator-controller-manager
+ terminationGracePeriodSeconds: 10
+ permissions:
+ - rules:
+ - apiGroups:
+ - coordination.k8s.io
+ resources:
+ - leases
+ verbs:
+ - get
+ - list
+ - watch
+ - create
+ - update
+ - patch
+ - delete
+ serviceAccountName: grafana-operator-controller-manager
+ strategy: deployment
+ installModes:
+ - supported: true
+ type: OwnNamespace
+ - supported: true
+ type: SingleNamespace
+ - supported: true
+ type: MultiNamespace
+ - supported: true
+ type: AllNamespaces
+ keywords:
+ - Grafana
+ - Metrics
+ - Observability
+ links:
+ - name: Grafana Operator
+ url: https://grafana.github.io/grafana-operator
+ maintainers:
+ - email: grafana-operator@grafana.com
+ name: Grafana-operator maintainers
+ maturity: stable
+ minKubeVersion: 1.23.0
+ provider:
+ name: Grafana Labs
+ url: https://grafana.com
+ relatedImages:
+ - image: docker.io/grafana/grafana:12.3.3
+ name: grafana
+ version: 5.22.0
+ replaces: grafana-operator.v5.21.2
diff --git a/operators/grafana-operator/5.22.0/manifests/grafana.integreatly.org_grafanaalertrulegroups.yaml b/operators/grafana-operator/5.22.0/manifests/grafana.integreatly.org_grafanaalertrulegroups.yaml
new file mode 100644
index 000000000000..9ba72158dac4
--- /dev/null
+++ b/operators/grafana-operator/5.22.0/manifests/grafana.integreatly.org_grafanaalertrulegroups.yaml
@@ -0,0 +1,410 @@
+apiVersion: apiextensions.k8s.io/v1
+kind: CustomResourceDefinition
+metadata:
+ annotations:
+ controller-gen.kubebuilder.io/version: v0.20.1
+ creationTimestamp: null
+ name: grafanaalertrulegroups.grafana.integreatly.org
+spec:
+ group: grafana.integreatly.org
+ names:
+ categories:
+ - grafana-operator
+ kind: GrafanaAlertRuleGroup
+ listKind: GrafanaAlertRuleGroupList
+ plural: grafanaalertrulegroups
+ singular: grafanaalertrulegroup
+ scope: Namespaced
+ versions:
+ - additionalPrinterColumns:
+ - format: date-time
+ jsonPath: .status.lastResync
+ name: Last resync
+ type: date
+ - jsonPath: .metadata.creationTimestamp
+ name: Age
+ type: date
+ name: v1beta1
+ schema:
+ openAPIV3Schema:
+ description: GrafanaAlertRuleGroup is the Schema for the grafanaalertrulegroups
+ API
+ properties:
+ apiVersion:
+ description: |-
+ APIVersion defines the versioned schema of this representation of an object.
+ Servers should convert recognized schemas to the latest internal value, and
+ may reject unrecognized values.
+ More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
+ type: string
+ kind:
+ description: |-
+ Kind is a string value representing the REST resource this object represents.
+ Servers may infer this from the endpoint the client submits requests to.
+ Cannot be updated.
+ In CamelCase.
+ More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
+ type: string
+ metadata:
+ type: object
+ spec:
+ description: GrafanaAlertRuleGroupSpec defines the desired state of GrafanaAlertRuleGroup
+ properties:
+ allowCrossNamespaceImport:
+ default: false
+ description: Allow the Operator to match this resource with Grafanas
+ outside the current namespace
+ type: boolean
+ editable:
+ description: Whether to enable or disable editing of the alert rule
+ group in Grafana UI
+ type: boolean
+ x-kubernetes-validations:
+ - message: Value is immutable
+ rule: self == oldSelf
+ folderRef:
+ description: Match GrafanaFolders CRs to infer the uid
+ type: string
+ x-kubernetes-validations:
+ - message: Value is immutable
+ rule: self == oldSelf
+ folderUID:
+ description: |-
+ UID of the folder containing this rule group
+ Overrides the FolderSelector
+ type: string
+ x-kubernetes-validations:
+ - message: Value is immutable
+ rule: self == oldSelf
+ instanceSelector:
+ description: Selects Grafana instances for import
+ properties:
+ matchExpressions:
+ description: matchExpressions is a list of label selector requirements.
+ The requirements are ANDed.
+ items:
+ description: |-
+ A label selector requirement is a selector that contains values, a key, and an operator that
+ relates the key and values.
+ properties:
+ key:
+ description: key is the label key that the selector applies
+ to.
+ type: string
+ operator:
+ description: |-
+ operator represents a key's relationship to a set of values.
+ Valid operators are In, NotIn, Exists and DoesNotExist.
+ type: string
+ values:
+ description: |-
+ values is an array of string values. If the operator is In or NotIn,
+ the values array must be non-empty. If the operator is Exists or DoesNotExist,
+ the values array must be empty. This array is replaced during a strategic
+ merge patch.
+ items:
+ type: string
+ type: array
+ x-kubernetes-list-type: atomic
+ required:
+ - key
+ - operator
+ type: object
+ type: array
+ x-kubernetes-list-type: atomic
+ matchLabels:
+ additionalProperties:
+ type: string
+ description: |-
+ matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels
+ map is equivalent to an element of matchExpressions, whose key field is "key", the
+ operator is "In", and the values array contains only "value". The requirements are ANDed.
+ type: object
+ type: object
+ x-kubernetes-map-type: atomic
+ x-kubernetes-validations:
+ - message: spec.instanceSelector is immutable
+ rule: self == oldSelf
+ interval:
+ format: duration
+ pattern: ^([0-9]+(\.[0-9]+)?(ns|us|µs|ms|s|m|h))+$
+ type: string
+ name:
+ description: Name of the alert rule group. If not specified, the resource
+ name will be used.
+ type: string
+ resyncPeriod:
+ description: How often the resource is synced, defaults to 10m0s if
+ not set
+ pattern: ^([0-9]+(\.[0-9]+)?(ns|us|µs|ms|s|m|h))+$
+ type: string
+ rules:
+ items:
+ description: AlertRule defines a specific rule to be evaluated.
+ It is based on the upstream model with some k8s specific type
+ mappings
+ properties:
+ annotations:
+ additionalProperties:
+ type: string
+ type: object
+ condition:
+ type: string
+ dashboardUid:
+ description: 'Deprecated: The field is not used, use rules[].annotations.__dashboardUid__'
+ type: string
+ data:
+ items:
+ properties:
+ datasourceUid:
+ description: Grafana data source unique identifier; it
+ should be '__expr__' for a Server Side Expression operation.
+ type: string
+ model:
+ description: JSON is the raw JSON query and includes the
+ above properties as well as custom properties.
+ x-kubernetes-preserve-unknown-fields: true
+ queryType:
+ description: |-
+ QueryType is an optional identifier for the type of query.
+ It can be used to distinguish different types of queries.
+ type: string
+ refId:
+ description: RefID is the unique identifier of the query,
+ set by the frontend call.
+ type: string
+ relativeTimeRange:
+ description: relative time range
+ properties:
+ from:
+ description: from
+ format: int64
+ type: integer
+ to:
+ description: to
+ format: int64
+ type: integer
+ type: object
+ type: object
+ type: array
+ execErrState:
+ enum:
+ - OK
+ - Alerting
+ - Error
+ - KeepLast
+ type: string
+ for:
+ default: 0s
+ pattern: ^([0-9]+(\.[0-9]+)?(s|m|h|d|w))+$
+ type: string
+ isPaused:
+ type: boolean
+ keepFiringFor:
+ format: duration
+ pattern: ^([0-9]+(\.[0-9]+)?(ns|us|µs|ms|s|m|h))+$
+ type: string
+ labels:
+ additionalProperties:
+ type: string
+ type: object
+ missingSeriesEvalsToResolve:
+ description: The number of missing series evaluations that must
+ occur before the rule is considered to be resolved.
+ format: int64
+ type: integer
+ noDataState:
+ enum:
+ - Alerting
+ - NoData
+ - OK
+ - KeepLast
+ type: string
+ notificationSettings:
+ properties:
+ active_time_intervals:
+ description: ActiveTimeIntervals defines the time intervals
+ during which notifications should NOT be muted.
+ items:
+ type: string
+ type: array
+ group_by:
+ description: GroupBy defines the labels by which incoming
+ alerts are grouped together.
+ items:
+ type: string
+ type: array
+ group_interval:
+ description: |-
+ GroupInterval defines how long to wait before sending a notification about new alerts added
+ to a group for which an initial notification has already been sent. (e.g. 5m)
+ type: string
+ group_wait:
+ description: GroupWait defines how long to initially wait
+ to send a notification for a group of alerts. (e.g. 30s)
+ type: string
+ mute_time_intervals:
+ description: |-
+ MuteTimeIntervals defines the time intervals during which notifications should be muted.
+ These must match the name of a mute time interval defined in the Alertmanager configuration.
+ items:
+ type: string
+ type: array
+ receiver:
+ description: Receiver is the name of the receiver to send
+ notifications to.
+ minLength: 1
+ type: string
+ repeat_interval:
+ description: |-
+ RepeatInterval defines how long to wait before sending a notification again if it has already
+ been sent successfully for an alert. (e.g. 4h)
+ Should not be less than GroupInterval.
+ type: string
+ required:
+ - receiver
+ type: object
+ panelId:
+ description: 'Deprecated: The field is not used, use rules[].annotations.__panelId__'
+ type: integer
+ record:
+ properties:
+ from:
+ type: string
+ metric:
+ type: string
+ targetDatasourceUid:
+ type: string
+ required:
+ - from
+ - metric
+ type: object
+ title:
+ example: Always firing
+ maxLength: 190
+ minLength: 1
+ type: string
+ uid:
+ description: UID of the alert rule. Can be any string consisting
+ of alphanumeric characters, - and _ with a maximum length
+ of 40
+ maxLength: 40
+ pattern: ^[a-zA-Z0-9-_]+$
+ type: string
+ required:
+ - condition
+ - data
+ - execErrState
+ - for
+ - noDataState
+ - title
+ - uid
+ type: object
+ minItems: 1
+ type: array
+ suspend:
+ description: Suspend pauses synchronizing attempts and tells the operator
+ to ignore changes
+ type: boolean
+ required:
+ - instanceSelector
+ - interval
+ - rules
+ type: object
+ x-kubernetes-validations:
+ - message: Only one of FolderUID or FolderRef can be set and one must
+ be defined
+ rule: (has(self.folderUID) && !(has(self.folderRef))) || (has(self.folderRef)
+ && !(has(self.folderUID)))
+ - message: spec.editable is immutable
+ rule: ((!has(oldSelf.editable) && !has(self.editable)) || (has(oldSelf.editable)
+ && has(self.editable)))
+ - message: spec.folderUID is immutable
+ rule: ((!has(oldSelf.folderUID) && !has(self.folderUID)) || (has(oldSelf.folderUID)
+ && has(self.folderUID)))
+ - message: spec.folderRef is immutable
+ rule: ((!has(oldSelf.folderRef) && !has(self.folderRef)) || (has(oldSelf.folderRef)
+ && has(self.folderRef)))
+ - message: disabling spec.allowCrossNamespaceImport requires a recreate
+ to ensure desired state
+ rule: '!oldSelf.allowCrossNamespaceImport || (oldSelf.allowCrossNamespaceImport
+ && self.allowCrossNamespaceImport)'
+ status:
+ description: The most recent observed state of a Grafana resource
+ properties:
+ conditions:
+ description: Results when synchronizing resource with Grafana instances
+ items:
+ description: Condition contains details for one aspect of the current
+ state of this API Resource.
+ properties:
+ lastTransitionTime:
+ description: |-
+ lastTransitionTime is the last time the condition transitioned from one status to another.
+ This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable.
+ format: date-time
+ type: string
+ message:
+ description: |-
+ message is a human readable message indicating details about the transition.
+ This may be an empty string.
+ maxLength: 32768
+ type: string
+ observedGeneration:
+ description: |-
+ observedGeneration represents the .metadata.generation that the condition was set based upon.
+ For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date
+ with respect to the current state of the instance.
+ format: int64
+ minimum: 0
+ type: integer
+ reason:
+ description: |-
+ reason contains a programmatic identifier indicating the reason for the condition's last transition.
+ Producers of specific condition types may define expected values and meanings for this field,
+ and whether the values are considered a guaranteed API.
+ The value should be a CamelCase string.
+ This field may not be empty.
+ maxLength: 1024
+ minLength: 1
+ pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$
+ type: string
+ status:
+ description: status of the condition, one of True, False, Unknown.
+ enum:
+ - "True"
+ - "False"
+ - Unknown
+ type: string
+ type:
+ description: type of condition in CamelCase or in foo.example.com/CamelCase.
+ maxLength: 316
+ pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$
+ type: string
+ required:
+ - lastTransitionTime
+ - message
+ - reason
+ - status
+ - type
+ type: object
+ type: array
+ lastResync:
+ description: Last time the resource was synchronized with Grafana
+ instances
+ format: date-time
+ type: string
+ type: object
+ required:
+ - spec
+ type: object
+ served: true
+ storage: true
+ subresources:
+ status: {}
+status:
+ acceptedNames:
+ kind: ""
+ plural: ""
+ conditions: null
+ storedVersions: null
diff --git a/operators/grafana-operator/5.22.0/manifests/grafana.integreatly.org_grafanacontactpoints.yaml b/operators/grafana-operator/5.22.0/manifests/grafana.integreatly.org_grafanacontactpoints.yaml
new file mode 100644
index 000000000000..e9fbd8ac2fea
--- /dev/null
+++ b/operators/grafana-operator/5.22.0/manifests/grafana.integreatly.org_grafanacontactpoints.yaml
@@ -0,0 +1,410 @@
+apiVersion: apiextensions.k8s.io/v1
+kind: CustomResourceDefinition
+metadata:
+ annotations:
+ controller-gen.kubebuilder.io/version: v0.20.1
+ creationTimestamp: null
+ name: grafanacontactpoints.grafana.integreatly.org
+spec:
+ group: grafana.integreatly.org
+ names:
+ categories:
+ - grafana-operator
+ kind: GrafanaContactPoint
+ listKind: GrafanaContactPointList
+ plural: grafanacontactpoints
+ singular: grafanacontactpoint
+ scope: Namespaced
+ versions:
+ - additionalPrinterColumns:
+ - format: date-time
+ jsonPath: .status.lastResync
+ name: Last resync
+ type: date
+ - jsonPath: .metadata.creationTimestamp
+ name: Age
+ type: date
+ name: v1beta1
+ schema:
+ openAPIV3Schema:
+ description: GrafanaContactPoint is the Schema for the grafanacontactpoints
+ API
+ properties:
+ apiVersion:
+ description: |-
+ APIVersion defines the versioned schema of this representation of an object.
+ Servers should convert recognized schemas to the latest internal value, and
+ may reject unrecognized values.
+ More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
+ type: string
+ kind:
+ description: |-
+ Kind is a string value representing the REST resource this object represents.
+ Servers may infer this from the endpoint the client submits requests to.
+ Cannot be updated.
+ In CamelCase.
+ More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
+ type: string
+ metadata:
+ type: object
+ spec:
+ description: GrafanaContactPointSpec defines the desired state of GrafanaContactPoint
+ properties:
+ allowCrossNamespaceImport:
+ default: false
+ description: Allow the Operator to match this resource with Grafanas
+ outside the current namespace
+ type: boolean
+ disableResolveMessage:
+ description: |-
+ Deprecated: define the receiver under .spec.receivers[]
+ Will be removed in a later version
+ type: boolean
+ editable:
+ description: Whether to enable or disable editing of the contact point
+ in Grafana UI
+ type: boolean
+ x-kubernetes-validations:
+ - message: spec.editable is immutable
+ rule: self == oldSelf
+ instanceSelector:
+ description: Selects Grafana instances for import
+ properties:
+ matchExpressions:
+ description: matchExpressions is a list of label selector requirements.
+ The requirements are ANDed.
+ items:
+ description: |-
+ A label selector requirement is a selector that contains values, a key, and an operator that
+ relates the key and values.
+ properties:
+ key:
+ description: key is the label key that the selector applies
+ to.
+ type: string
+ operator:
+ description: |-
+ operator represents a key's relationship to a set of values.
+ Valid operators are In, NotIn, Exists and DoesNotExist.
+ type: string
+ values:
+ description: |-
+ values is an array of string values. If the operator is In or NotIn,
+ the values array must be non-empty. If the operator is Exists or DoesNotExist,
+ the values array must be empty. This array is replaced during a strategic
+ merge patch.
+ items:
+ type: string
+ type: array
+ x-kubernetes-list-type: atomic
+ required:
+ - key
+ - operator
+ type: object
+ type: array
+ x-kubernetes-list-type: atomic
+ matchLabels:
+ additionalProperties:
+ type: string
+ description: |-
+ matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels
+ map is equivalent to an element of matchExpressions, whose key field is "key", the
+ operator is "In", and the values array contains only "value". The requirements are ANDed.
+ type: object
+ type: object
+ x-kubernetes-map-type: atomic
+ x-kubernetes-validations:
+ - message: spec.instanceSelector is immutable
+ rule: self == oldSelf
+ name:
+ description: |-
+ Receivers are grouped under the same ContactPoint using the Name
+ Defaults to the name of the CR
+ type: string
+ x-kubernetes-validations:
+ - message: spec.name is immutable
+ rule: self == oldSelf
+ receivers:
+ description: List of receivers that Grafana will fan out notifications
+ to
+ items:
+ description: Represents an integration to external services that
+ receive Grafana notifications
+ properties:
+ disableResolveMessage:
+ type: boolean
+ settings:
+ x-kubernetes-preserve-unknown-fields: true
+ type:
+ minLength: 1
+ type: string
+ uid:
+ description: Manually specify the UID the Contact Point is created
+ with. Can be any string consisting of alphanumeric characters,
+ - and _ with a maximum length of 40
+ maxLength: 40
+ pattern: ^[a-zA-Z0-9-_]+$
+ type: string
+ valuesFrom:
+ items:
+ properties:
+ targetPath:
+ type: string
+ valueFrom:
+ properties:
+ configMapKeyRef:
+ description: Selects a key of a ConfigMap.
+ properties:
+ key:
+ description: The key to select.
+ type: string
+ name:
+ default: ""
+ description: |-
+ Name of the referent.
+ This field is effectively required, but due to backwards compatibility is
+ allowed to be empty. Instances of this type with an empty value here are
+ almost certainly wrong.
+ More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+ type: string
+ optional:
+ description: Specify whether the ConfigMap or
+ its key must be defined
+ type: boolean
+ required:
+ - key
+ type: object
+ x-kubernetes-map-type: atomic
+ secretKeyRef:
+ description: Selects a key of a Secret.
+ properties:
+ key:
+ description: The key of the secret to select from. Must
+ be a valid secret key.
+ type: string
+ name:
+ default: ""
+ description: |-
+ Name of the referent.
+ This field is effectively required, but due to backwards compatibility is
+ allowed to be empty. Instances of this type with an empty value here are
+ almost certainly wrong.
+ More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+ type: string
+ optional:
+ description: Specify whether the Secret or its
+ key must be defined
+ type: boolean
+ required:
+ - key
+ type: object
+ x-kubernetes-map-type: atomic
+ type: object
+ x-kubernetes-validations:
+ - message: Either configMapKeyRef or secretKeyRef must
+ be set
+ rule: (has(self.configMapKeyRef) && !has(self.secretKeyRef))
+ || (!has(self.configMapKeyRef) && has(self.secretKeyRef))
+ required:
+ - targetPath
+ - valueFrom
+ type: object
+ maxItems: 99
+ type: array
+ required:
+ - settings
+ - type
+ type: object
+ maxItems: 99
+ type: array
+ resyncPeriod:
+ description: How often the resource is synced, defaults to 10m0s if
+ not set
+ pattern: ^([0-9]+(\.[0-9]+)?(ns|us|µs|ms|s|m|h))+$
+ type: string
+ settings:
+ description: |-
+ Deprecated: define the receiver under .spec.receivers[]
+ Will be removed in a later version
+ x-kubernetes-preserve-unknown-fields: true
+ suspend:
+ description: Suspend pauses synchronizing attempts and tells the operator
+ to ignore changes
+ type: boolean
+ type:
+ description: |-
+ Deprecated: define the receiver under .spec.receivers[]
+ Will be removed in a later version
+ minLength: 1
+ type: string
+ uid:
+ description: |-
+ Deprecated: define the receiver under .spec.receivers[]
+ Manually specify the UID the Contact Point is created with. Can be any string consisting of alphanumeric characters, - and _ with a maximum length of 40
+ maxLength: 40
+ pattern: ^[a-zA-Z0-9-_]+$
+ type: string
+ x-kubernetes-validations:
+ - message: spec.uid is immutable
+ rule: self == oldSelf
+ valuesFrom:
+ description: |-
+ Deprecated: define the receiver under .spec.receivers[]
+ Will be removed in a later version
+ items:
+ properties:
+ targetPath:
+ type: string
+ valueFrom:
+ properties:
+ configMapKeyRef:
+ description: Selects a key of a ConfigMap.
+ properties:
+ key:
+ description: The key to select.
+ type: string
+ name:
+ default: ""
+ description: |-
+ Name of the referent.
+ This field is effectively required, but due to backwards compatibility is
+ allowed to be empty. Instances of this type with an empty value here are
+ almost certainly wrong.
+ More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+ type: string
+ optional:
+ description: Specify whether the ConfigMap or its key
+ must be defined
+ type: boolean
+ required:
+ - key
+ type: object
+ x-kubernetes-map-type: atomic
+ secretKeyRef:
+ description: Selects a key of a Secret.
+ properties:
+ key:
+ description: The key of the secret to select from. Must
+ be a valid secret key.
+ type: string
+ name:
+ default: ""
+ description: |-
+ Name of the referent.
+ This field is effectively required, but due to backwards compatibility is
+ allowed to be empty. Instances of this type with an empty value here are
+ almost certainly wrong.
+ More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+ type: string
+ optional:
+ description: Specify whether the Secret or its key must
+ be defined
+ type: boolean
+ required:
+ - key
+ type: object
+ x-kubernetes-map-type: atomic
+ type: object
+ x-kubernetes-validations:
+ - message: Either configMapKeyRef or secretKeyRef must be set
+ rule: (has(self.configMapKeyRef) && !has(self.secretKeyRef))
+ || (!has(self.configMapKeyRef) && has(self.secretKeyRef))
+ required:
+ - targetPath
+ - valueFrom
+ type: object
+ maxItems: 99
+ type: array
+ required:
+ - instanceSelector
+ type: object
+ x-kubernetes-validations:
+ - message: spec.name is immutable
+ rule: ((!has(oldSelf.name) && !has(self.name)) || (has(oldSelf.name)
+ && has(self.name)))
+ - message: spec.editable is immutable
+ rule: ((!has(oldSelf.editable) && !has(self.editable)) || (has(oldSelf.editable)
+ && has(self.editable)))
+ - message: disabling spec.allowCrossNamespaceImport requires a recreate
+ to ensure desired state
+ rule: '!oldSelf.allowCrossNamespaceImport || (oldSelf.allowCrossNamespaceImport
+ && self.allowCrossNamespaceImport)'
+ status:
+ description: The most recent observed state of a Grafana resource
+ properties:
+ conditions:
+ description: Results when synchronizing resource with Grafana instances
+ items:
+ description: Condition contains details for one aspect of the current
+ state of this API Resource.
+ properties:
+ lastTransitionTime:
+ description: |-
+ lastTransitionTime is the last time the condition transitioned from one status to another.
+ This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable.
+ format: date-time
+ type: string
+ message:
+ description: |-
+ message is a human readable message indicating details about the transition.
+ This may be an empty string.
+ maxLength: 32768
+ type: string
+ observedGeneration:
+ description: |-
+ observedGeneration represents the .metadata.generation that the condition was set based upon.
+ For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date
+ with respect to the current state of the instance.
+ format: int64
+ minimum: 0
+ type: integer
+ reason:
+ description: |-
+ reason contains a programmatic identifier indicating the reason for the condition's last transition.
+ Producers of specific condition types may define expected values and meanings for this field,
+ and whether the values are considered a guaranteed API.
+ The value should be a CamelCase string.
+ This field may not be empty.
+ maxLength: 1024
+ minLength: 1
+ pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$
+ type: string
+ status:
+ description: status of the condition, one of True, False, Unknown.
+ enum:
+ - "True"
+ - "False"
+ - Unknown
+ type: string
+ type:
+ description: type of condition in CamelCase or in foo.example.com/CamelCase.
+ maxLength: 316
+ pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$
+ type: string
+ required:
+ - lastTransitionTime
+ - message
+ - reason
+ - status
+ - type
+ type: object
+ type: array
+ lastResync:
+ description: Last time the resource was synchronized with Grafana
+ instances
+ format: date-time
+ type: string
+ type: object
+ required:
+ - spec
+ type: object
+ served: true
+ storage: true
+ subresources:
+ status: {}
+status:
+ acceptedNames:
+ kind: ""
+ plural: ""
+ conditions: null
+ storedVersions: null
diff --git a/operators/grafana-operator/5.22.0/manifests/grafana.integreatly.org_grafanadashboards.yaml b/operators/grafana-operator/5.22.0/manifests/grafana.integreatly.org_grafanadashboards.yaml
new file mode 100644
index 000000000000..ad102b9f31a2
--- /dev/null
+++ b/operators/grafana-operator/5.22.0/manifests/grafana.integreatly.org_grafanadashboards.yaml
@@ -0,0 +1,521 @@
+apiVersion: apiextensions.k8s.io/v1
+kind: CustomResourceDefinition
+metadata:
+ annotations:
+ controller-gen.kubebuilder.io/version: v0.20.1
+ creationTimestamp: null
+ name: grafanadashboards.grafana.integreatly.org
+spec:
+ group: grafana.integreatly.org
+ names:
+ categories:
+ - grafana-operator
+ kind: GrafanaDashboard
+ listKind: GrafanaDashboardList
+ plural: grafanadashboards
+ singular: grafanadashboard
+ scope: Namespaced
+ versions:
+ - additionalPrinterColumns:
+ - jsonPath: .status.NoMatchingInstances
+ name: No matching instances
+ type: boolean
+ - format: date-time
+ jsonPath: .status.lastResync
+ name: Last resync
+ type: date
+ - jsonPath: .metadata.creationTimestamp
+ name: Age
+ type: date
+ name: v1beta1
+ schema:
+ openAPIV3Schema:
+ description: GrafanaDashboard is the Schema for the grafanadashboards API
+ properties:
+ apiVersion:
+ description: |-
+ APIVersion defines the versioned schema of this representation of an object.
+ Servers should convert recognized schemas to the latest internal value, and
+ may reject unrecognized values.
+ More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
+ type: string
+ kind:
+ description: |-
+ Kind is a string value representing the REST resource this object represents.
+ Servers may infer this from the endpoint the client submits requests to.
+ Cannot be updated.
+ In CamelCase.
+ More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
+ type: string
+ metadata:
+ type: object
+ spec:
+ description: GrafanaDashboardSpec defines the desired state of GrafanaDashboard
+ properties:
+ allowCrossNamespaceImport:
+ default: false
+ description: Allow the Operator to match this resource with Grafanas
+ outside the current namespace
+ type: boolean
+ configMapRef:
+ description: model from configmap
+ properties:
+ key:
+ description: The key to select.
+ type: string
+ name:
+ default: ""
+ description: |-
+ Name of the referent.
+ This field is effectively required, but due to backwards compatibility is
+ allowed to be empty. Instances of this type with an empty value here are
+ almost certainly wrong.
+ More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+ type: string
+ optional:
+ description: Specify whether the ConfigMap or its key must be
+ defined
+ type: boolean
+ required:
+ - key
+ type: object
+ x-kubernetes-map-type: atomic
+ contentCacheDuration:
+ description: Cache duration for models fetched from URLs
+ type: string
+ datasources:
+ description: maps required data sources to existing ones
+ items:
+ description: |-
+ GrafanaResourceDatasource is used to set the datasource name of any templated datasources in
+ content definitions (e.g., dashboard JSON).
+ properties:
+ datasourceName:
+ type: string
+ inputName:
+ type: string
+ required:
+ - datasourceName
+ - inputName
+ type: object
+ type: array
+ envFrom:
+ description: environments variables from secrets or config maps
+ items:
+ properties:
+ configMapKeyRef:
+ description: Selects a key of a ConfigMap.
+ properties:
+ key:
+ description: The key to select.
+ type: string
+ name:
+ default: ""
+ description: |-
+ Name of the referent.
+ This field is effectively required, but due to backwards compatibility is
+ allowed to be empty. Instances of this type with an empty value here are
+ almost certainly wrong.
+ More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+ type: string
+ optional:
+ description: Specify whether the ConfigMap or its key must
+ be defined
+ type: boolean
+ required:
+ - key
+ type: object
+ x-kubernetes-map-type: atomic
+ secretKeyRef:
+ description: Selects a key of a Secret.
+ properties:
+ key:
+ description: The key of the secret to select from. Must
+ be a valid secret key.
+ type: string
+ name:
+ default: ""
+ description: |-
+ Name of the referent.
+ This field is effectively required, but due to backwards compatibility is
+ allowed to be empty. Instances of this type with an empty value here are
+ almost certainly wrong.
+ More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+ type: string
+ optional:
+ description: Specify whether the Secret or its key must
+ be defined
+ type: boolean
+ required:
+ - key
+ type: object
+ x-kubernetes-map-type: atomic
+ type: object
+ type: array
+ envs:
+ description: environments variables as a map
+ items:
+ properties:
+ name:
+ type: string
+ value:
+ description: Inline env value
+ type: string
+ valueFrom:
+ description: Reference on value source, might be the reference
+ on a secret or config map
+ properties:
+ configMapKeyRef:
+ description: Selects a key of a ConfigMap.
+ properties:
+ key:
+ description: The key to select.
+ type: string
+ name:
+ default: ""
+ description: |-
+ Name of the referent.
+ This field is effectively required, but due to backwards compatibility is
+ allowed to be empty. Instances of this type with an empty value here are
+ almost certainly wrong.
+ More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+ type: string
+ optional:
+ description: Specify whether the ConfigMap or its key
+ must be defined
+ type: boolean
+ required:
+ - key
+ type: object
+ x-kubernetes-map-type: atomic
+ secretKeyRef:
+ description: Selects a key of a Secret.
+ properties:
+ key:
+ description: The key of the secret to select from. Must
+ be a valid secret key.
+ type: string
+ name:
+ default: ""
+ description: |-
+ Name of the referent.
+ This field is effectively required, but due to backwards compatibility is
+ allowed to be empty. Instances of this type with an empty value here are
+ almost certainly wrong.
+ More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+ type: string
+ optional:
+ description: Specify whether the Secret or its key must
+ be defined
+ type: boolean
+ required:
+ - key
+ type: object
+ x-kubernetes-map-type: atomic
+ type: object
+ required:
+ - name
+ type: object
+ type: array
+ folder:
+ description: folder assignment for dashboard
+ type: string
+ folderRef:
+ description: Name of a `GrafanaFolder` resource in the same namespace
+ type: string
+ folderUID:
+ description: UID of the target folder for this dashboard
+ type: string
+ grafanaCom:
+ description: grafana.com/dashboards
+ properties:
+ id:
+ type: integer
+ revision:
+ type: integer
+ required:
+ - id
+ type: object
+ gzipJson:
+ description: GzipJson the model's JSON compressed with Gzip. Base64-encoded
+ when in YAML.
+ format: byte
+ type: string
+ instanceSelector:
+ description: Selects Grafana instances for import
+ properties:
+ matchExpressions:
+ description: matchExpressions is a list of label selector requirements.
+ The requirements are ANDed.
+ items:
+ description: |-
+ A label selector requirement is a selector that contains values, a key, and an operator that
+ relates the key and values.
+ properties:
+ key:
+ description: key is the label key that the selector applies
+ to.
+ type: string
+ operator:
+ description: |-
+ operator represents a key's relationship to a set of values.
+ Valid operators are In, NotIn, Exists and DoesNotExist.
+ type: string
+ values:
+ description: |-
+ values is an array of string values. If the operator is In or NotIn,
+ the values array must be non-empty. If the operator is Exists or DoesNotExist,
+ the values array must be empty. This array is replaced during a strategic
+ merge patch.
+ items:
+ type: string
+ type: array
+ x-kubernetes-list-type: atomic
+ required:
+ - key
+ - operator
+ type: object
+ type: array
+ x-kubernetes-list-type: atomic
+ matchLabels:
+ additionalProperties:
+ type: string
+ description: |-
+ matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels
+ map is equivalent to an element of matchExpressions, whose key field is "key", the
+ operator is "In", and the values array contains only "value". The requirements are ANDed.
+ type: object
+ type: object
+ x-kubernetes-map-type: atomic
+ x-kubernetes-validations:
+ - message: spec.instanceSelector is immutable
+ rule: self == oldSelf
+ json:
+ description: model json
+ type: string
+ jsonnet:
+ description: Jsonnet
+ type: string
+ jsonnetLib:
+ description: Jsonnet project build
+ properties:
+ fileName:
+ type: string
+ gzipJsonnetProject:
+ format: byte
+ type: string
+ jPath:
+ items:
+ type: string
+ type: array
+ required:
+ - fileName
+ - gzipJsonnetProject
+ type: object
+ plugins:
+ description: plugins
+ items:
+ properties:
+ name:
+ minLength: 1
+ type: string
+ version:
+ pattern: ^((0|[1-9]\d*)\.(0|[1-9]\d*)\.(0|[1-9]\d*)(?:-((?:0|[1-9]\d*|\d*[a-zA-Z-][0-9a-zA-Z-]*)(?:\.(?:0|[1-9]\d*|\d*[a-zA-Z-][0-9a-zA-Z-]*))*))?(?:\+([0-9a-zA-Z-]+(?:\.[0-9a-zA-Z-]+)*))?|latest)$
+ type: string
+ required:
+ - name
+ - version
+ type: object
+ type: array
+ resyncPeriod:
+ description: How often the resource is synced, defaults to 10m0s if
+ not set
+ pattern: ^([0-9]+(\.[0-9]+)?(ns|us|µs|ms|s|m|h))+$
+ type: string
+ suspend:
+ description: Suspend pauses synchronizing attempts and tells the operator
+ to ignore changes
+ type: boolean
+ uid:
+ description: |-
+ Manually specify the uid, overwrites uids already present in the json model.
+ Can be any string consisting of alphanumeric characters, - and _ with a maximum length of 40.
+ maxLength: 40
+ pattern: ^[a-zA-Z0-9-_]+$
+ type: string
+ x-kubernetes-validations:
+ - message: spec.uid is immutable
+ rule: self == oldSelf
+ url:
+ description: model url
+ pattern: ^https?://.+$
+ type: string
+ urlAuthorization:
+ description: authorization options for model from url
+ properties:
+ basicAuth:
+ properties:
+ password:
+ description: SecretKeySelector selects a key of a Secret.
+ properties:
+ key:
+ description: The key of the secret to select from. Must
+ be a valid secret key.
+ type: string
+ name:
+ default: ""
+ description: |-
+ Name of the referent.
+ This field is effectively required, but due to backwards compatibility is
+ allowed to be empty. Instances of this type with an empty value here are
+ almost certainly wrong.
+ More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+ type: string
+ optional:
+ description: Specify whether the Secret or its key must
+ be defined
+ type: boolean
+ required:
+ - key
+ type: object
+ x-kubernetes-map-type: atomic
+ username:
+ description: SecretKeySelector selects a key of a Secret.
+ properties:
+ key:
+ description: The key of the secret to select from. Must
+ be a valid secret key.
+ type: string
+ name:
+ default: ""
+ description: |-
+ Name of the referent.
+ This field is effectively required, but due to backwards compatibility is
+ allowed to be empty. Instances of this type with an empty value here are
+ almost certainly wrong.
+ More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+ type: string
+ optional:
+ description: Specify whether the Secret or its key must
+ be defined
+ type: boolean
+ required:
+ - key
+ type: object
+ x-kubernetes-map-type: atomic
+ type: object
+ type: object
+ required:
+ - instanceSelector
+ type: object
+ x-kubernetes-validations:
+ - message: Only one of folderUID or folderRef can be declared at the same
+ time
+ rule: (has(self.folderUID) && !(has(self.folderRef))) || (has(self.folderRef)
+ && !(has(self.folderUID))) || !(has(self.folderRef) && (has(self.folderUID)))
+ - message: folder field cannot be set when folderUID or folderRef is already
+ declared
+ rule: (has(self.folder) && !(has(self.folderRef) || has(self.folderUID)))
+ || !(has(self.folder))
+ - message: spec.uid is immutable
+ rule: ((!has(oldSelf.uid) && !has(self.uid)) || (has(oldSelf.uid) &&
+ has(self.uid)))
+ - message: disabling spec.allowCrossNamespaceImport requires a recreate
+ to ensure desired state
+ rule: '!oldSelf.allowCrossNamespaceImport || (oldSelf.allowCrossNamespaceImport
+ && self.allowCrossNamespaceImport)'
+ status:
+ description: GrafanaDashboardStatus defines the observed state of GrafanaDashboard
+ properties:
+ NoMatchingInstances:
+ description: The dashboard instanceSelector can't find matching grafana
+ instances
+ type: boolean
+ conditions:
+ description: Results when synchronizing resource with Grafana instances
+ items:
+ description: Condition contains details for one aspect of the current
+ state of this API Resource.
+ properties:
+ lastTransitionTime:
+ description: |-
+ lastTransitionTime is the last time the condition transitioned from one status to another.
+ This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable.
+ format: date-time
+ type: string
+ message:
+ description: |-
+ message is a human readable message indicating details about the transition.
+ This may be an empty string.
+ maxLength: 32768
+ type: string
+ observedGeneration:
+ description: |-
+ observedGeneration represents the .metadata.generation that the condition was set based upon.
+ For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date
+ with respect to the current state of the instance.
+ format: int64
+ minimum: 0
+ type: integer
+ reason:
+ description: |-
+ reason contains a programmatic identifier indicating the reason for the condition's last transition.
+ Producers of specific condition types may define expected values and meanings for this field,
+ and whether the values are considered a guaranteed API.
+ The value should be a CamelCase string.
+ This field may not be empty.
+ maxLength: 1024
+ minLength: 1
+ pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$
+ type: string
+ status:
+ description: status of the condition, one of True, False, Unknown.
+ enum:
+ - "True"
+ - "False"
+ - Unknown
+ type: string
+ type:
+ description: type of condition in CamelCase or in foo.example.com/CamelCase.
+ maxLength: 316
+ pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$
+ type: string
+ required:
+ - lastTransitionTime
+ - message
+ - reason
+ - status
+ - type
+ type: object
+ type: array
+ contentCache:
+ format: byte
+ type: string
+ contentTimestamp:
+ format: date-time
+ type: string
+ contentUrl:
+ type: string
+ hash:
+ type: string
+ lastResync:
+ description: Last time the resource was synchronized with Grafana
+ instances
+ format: date-time
+ type: string
+ uid:
+ type: string
+ type: object
+ required:
+ - spec
+ type: object
+ served: true
+ storage: true
+ subresources:
+ status: {}
+status:
+ acceptedNames:
+ kind: ""
+ plural: ""
+ conditions: null
+ storedVersions: null
diff --git a/operators/grafana-operator/5.22.0/manifests/grafana.integreatly.org_grafanadatasources.yaml b/operators/grafana-operator/5.22.0/manifests/grafana.integreatly.org_grafanadatasources.yaml
new file mode 100644
index 000000000000..53ab4e006571
--- /dev/null
+++ b/operators/grafana-operator/5.22.0/manifests/grafana.integreatly.org_grafanadatasources.yaml
@@ -0,0 +1,349 @@
+apiVersion: apiextensions.k8s.io/v1
+kind: CustomResourceDefinition
+metadata:
+ annotations:
+ controller-gen.kubebuilder.io/version: v0.20.1
+ creationTimestamp: null
+ name: grafanadatasources.grafana.integreatly.org
+spec:
+ group: grafana.integreatly.org
+ names:
+ categories:
+ - grafana-operator
+ kind: GrafanaDatasource
+ listKind: GrafanaDatasourceList
+ plural: grafanadatasources
+ singular: grafanadatasource
+ scope: Namespaced
+ versions:
+ - additionalPrinterColumns:
+ - jsonPath: .status.NoMatchingInstances
+ name: No matching instances
+ type: boolean
+ - format: date-time
+ jsonPath: .status.lastResync
+ name: Last resync
+ type: date
+ - jsonPath: .metadata.creationTimestamp
+ name: Age
+ type: date
+ name: v1beta1
+ schema:
+ openAPIV3Schema:
+ description: GrafanaDatasource is the Schema for the grafanadatasources API
+ properties:
+ apiVersion:
+ description: |-
+ APIVersion defines the versioned schema of this representation of an object.
+ Servers should convert recognized schemas to the latest internal value, and
+ may reject unrecognized values.
+ More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
+ type: string
+ kind:
+ description: |-
+ Kind is a string value representing the REST resource this object represents.
+ Servers may infer this from the endpoint the client submits requests to.
+ Cannot be updated.
+ In CamelCase.
+ More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
+ type: string
+ metadata:
+ type: object
+ spec:
+ description: GrafanaDatasourceSpec defines the desired state of GrafanaDatasource
+ properties:
+ allowCrossNamespaceImport:
+ default: false
+ description: Allow the Operator to match this resource with Grafanas
+ outside the current namespace
+ type: boolean
+ datasource:
+ properties:
+ access:
+ type: string
+ basicAuth:
+ type: boolean
+ basicAuthUser:
+ type: string
+ database:
+ type: string
+ editable:
+ description: Whether to enable/disable editing of the datasource
+ in Grafana UI
+ type: boolean
+ isDefault:
+ type: boolean
+ jsonData:
+ type: object
+ x-kubernetes-preserve-unknown-fields: true
+ name:
+ type: string
+ orgId:
+ description: Deprecated field, it has no effect
+ format: int64
+ type: integer
+ secureJsonData:
+ type: object
+ x-kubernetes-preserve-unknown-fields: true
+ type:
+ type: string
+ uid:
+ description: Deprecated field, use spec.uid instead
+ type: string
+ url:
+ type: string
+ user:
+ type: string
+ type: object
+ instanceSelector:
+ description: Selects Grafana instances for import
+ properties:
+ matchExpressions:
+ description: matchExpressions is a list of label selector requirements.
+ The requirements are ANDed.
+ items:
+ description: |-
+ A label selector requirement is a selector that contains values, a key, and an operator that
+ relates the key and values.
+ properties:
+ key:
+ description: key is the label key that the selector applies
+ to.
+ type: string
+ operator:
+ description: |-
+ operator represents a key's relationship to a set of values.
+ Valid operators are In, NotIn, Exists and DoesNotExist.
+ type: string
+ values:
+ description: |-
+ values is an array of string values. If the operator is In or NotIn,
+ the values array must be non-empty. If the operator is Exists or DoesNotExist,
+ the values array must be empty. This array is replaced during a strategic
+ merge patch.
+ items:
+ type: string
+ type: array
+ x-kubernetes-list-type: atomic
+ required:
+ - key
+ - operator
+ type: object
+ type: array
+ x-kubernetes-list-type: atomic
+ matchLabels:
+ additionalProperties:
+ type: string
+ description: |-
+ matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels
+ map is equivalent to an element of matchExpressions, whose key field is "key", the
+ operator is "In", and the values array contains only "value". The requirements are ANDed.
+ type: object
+ type: object
+ x-kubernetes-map-type: atomic
+ x-kubernetes-validations:
+ - message: spec.instanceSelector is immutable
+ rule: self == oldSelf
+ plugins:
+ description: plugins
+ items:
+ properties:
+ name:
+ minLength: 1
+ type: string
+ version:
+ pattern: ^((0|[1-9]\d*)\.(0|[1-9]\d*)\.(0|[1-9]\d*)(?:-((?:0|[1-9]\d*|\d*[a-zA-Z-][0-9a-zA-Z-]*)(?:\.(?:0|[1-9]\d*|\d*[a-zA-Z-][0-9a-zA-Z-]*))*))?(?:\+([0-9a-zA-Z-]+(?:\.[0-9a-zA-Z-]+)*))?|latest)$
+ type: string
+ required:
+ - name
+ - version
+ type: object
+ type: array
+ resyncPeriod:
+ description: How often the resource is synced, defaults to 10m0s if
+ not set
+ pattern: ^([0-9]+(\.[0-9]+)?(ns|us|µs|ms|s|m|h))+$
+ type: string
+ suspend:
+ description: Suspend pauses synchronizing attempts and tells the operator
+ to ignore changes
+ type: boolean
+ uid:
+ description: |-
+ The UID, for the datasource, fallback to the deprecated spec.datasource.uid
+ and metadata.uid. Can be any string consisting of alphanumeric characters,
+ - and _ with a maximum length of 40 +optional
+ maxLength: 40
+ pattern: ^[a-zA-Z0-9-_]+$
+ type: string
+ x-kubernetes-validations:
+ - message: spec.uid is immutable
+ rule: self == oldSelf
+ valuesFrom:
+ description: environments variables from secrets or config maps
+ items:
+ properties:
+ targetPath:
+ type: string
+ valueFrom:
+ properties:
+ configMapKeyRef:
+ description: Selects a key of a ConfigMap.
+ properties:
+ key:
+ description: The key to select.
+ type: string
+ name:
+ default: ""
+ description: |-
+ Name of the referent.
+ This field is effectively required, but due to backwards compatibility is
+ allowed to be empty. Instances of this type with an empty value here are
+ almost certainly wrong.
+ More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+ type: string
+ optional:
+ description: Specify whether the ConfigMap or its key
+ must be defined
+ type: boolean
+ required:
+ - key
+ type: object
+ x-kubernetes-map-type: atomic
+ secretKeyRef:
+ description: Selects a key of a Secret.
+ properties:
+ key:
+ description: The key of the secret to select from. Must
+ be a valid secret key.
+ type: string
+ name:
+ default: ""
+ description: |-
+ Name of the referent.
+ This field is effectively required, but due to backwards compatibility is
+ allowed to be empty. Instances of this type with an empty value here are
+ almost certainly wrong.
+ More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+ type: string
+ optional:
+ description: Specify whether the Secret or its key must
+ be defined
+ type: boolean
+ required:
+ - key
+ type: object
+ x-kubernetes-map-type: atomic
+ type: object
+ x-kubernetes-validations:
+ - message: Either configMapKeyRef or secretKeyRef must be set
+ rule: (has(self.configMapKeyRef) && !has(self.secretKeyRef))
+ || (!has(self.configMapKeyRef) && has(self.secretKeyRef))
+ required:
+ - targetPath
+ - valueFrom
+ type: object
+ maxItems: 99
+ type: array
+ required:
+ - datasource
+ - instanceSelector
+ type: object
+ x-kubernetes-validations:
+ - message: spec.uid is immutable
+ rule: ((!has(oldSelf.uid) && !has(self.uid)) || (has(oldSelf.uid) &&
+ has(self.uid)))
+ - message: disabling spec.allowCrossNamespaceImport requires a recreate
+ to ensure desired state
+ rule: '!oldSelf.allowCrossNamespaceImport || (oldSelf.allowCrossNamespaceImport
+ && self.allowCrossNamespaceImport)'
+ status:
+ description: GrafanaDatasourceStatus defines the observed state of GrafanaDatasource
+ properties:
+ NoMatchingInstances:
+ description: The datasource instanceSelector can't find matching grafana
+ instances
+ type: boolean
+ conditions:
+ description: Results when synchronizing resource with Grafana instances
+ items:
+ description: Condition contains details for one aspect of the current
+ state of this API Resource.
+ properties:
+ lastTransitionTime:
+ description: |-
+ lastTransitionTime is the last time the condition transitioned from one status to another.
+ This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable.
+ format: date-time
+ type: string
+ message:
+ description: |-
+ message is a human readable message indicating details about the transition.
+ This may be an empty string.
+ maxLength: 32768
+ type: string
+ observedGeneration:
+ description: |-
+ observedGeneration represents the .metadata.generation that the condition was set based upon.
+ For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date
+ with respect to the current state of the instance.
+ format: int64
+ minimum: 0
+ type: integer
+ reason:
+ description: |-
+ reason contains a programmatic identifier indicating the reason for the condition's last transition.
+ Producers of specific condition types may define expected values and meanings for this field,
+ and whether the values are considered a guaranteed API.
+ The value should be a CamelCase string.
+ This field may not be empty.
+ maxLength: 1024
+ minLength: 1
+ pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$
+ type: string
+ status:
+ description: status of the condition, one of True, False, Unknown.
+ enum:
+ - "True"
+ - "False"
+ - Unknown
+ type: string
+ type:
+ description: type of condition in CamelCase or in foo.example.com/CamelCase.
+ maxLength: 316
+ pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$
+ type: string
+ required:
+ - lastTransitionTime
+ - message
+ - reason
+ - status
+ - type
+ type: object
+ type: array
+ hash:
+ type: string
+ lastMessage:
+ description: 'Deprecated: Check status.conditions or operator logs'
+ type: string
+ lastResync:
+ description: Last time the resource was synchronized with Grafana
+ instances
+ format: date-time
+ type: string
+ uid:
+ type: string
+ type: object
+ required:
+ - spec
+ type: object
+ served: true
+ storage: true
+ subresources:
+ status: {}
+status:
+ acceptedNames:
+ kind: ""
+ plural: ""
+ conditions: null
+ storedVersions: null
diff --git a/operators/grafana-operator/5.22.0/manifests/grafana.integreatly.org_grafanafolders.yaml b/operators/grafana-operator/5.22.0/manifests/grafana.integreatly.org_grafanafolders.yaml
new file mode 100644
index 000000000000..d23c04bb9ea6
--- /dev/null
+++ b/operators/grafana-operator/5.22.0/manifests/grafana.integreatly.org_grafanafolders.yaml
@@ -0,0 +1,242 @@
+apiVersion: apiextensions.k8s.io/v1
+kind: CustomResourceDefinition
+metadata:
+ annotations:
+ controller-gen.kubebuilder.io/version: v0.20.1
+ creationTimestamp: null
+ name: grafanafolders.grafana.integreatly.org
+spec:
+ group: grafana.integreatly.org
+ names:
+ categories:
+ - grafana-operator
+ kind: GrafanaFolder
+ listKind: GrafanaFolderList
+ plural: grafanafolders
+ singular: grafanafolder
+ scope: Namespaced
+ versions:
+ - additionalPrinterColumns:
+ - jsonPath: .status.NoMatchingInstances
+ name: No matching instances
+ type: boolean
+ - format: date-time
+ jsonPath: .status.lastResync
+ name: Last resync
+ type: date
+ - jsonPath: .metadata.creationTimestamp
+ name: Age
+ type: date
+ name: v1beta1
+ schema:
+ openAPIV3Schema:
+ description: GrafanaFolder is the Schema for the grafanafolders API
+ properties:
+ apiVersion:
+ description: |-
+ APIVersion defines the versioned schema of this representation of an object.
+ Servers should convert recognized schemas to the latest internal value, and
+ may reject unrecognized values.
+ More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
+ type: string
+ kind:
+ description: |-
+ Kind is a string value representing the REST resource this object represents.
+ Servers may infer this from the endpoint the client submits requests to.
+ Cannot be updated.
+ In CamelCase.
+ More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
+ type: string
+ metadata:
+ type: object
+ spec:
+ description: GrafanaFolderSpec defines the desired state of GrafanaFolder
+ properties:
+ allowCrossNamespaceImport:
+ default: false
+ description: Allow the Operator to match this resource with Grafanas
+ outside the current namespace
+ type: boolean
+ instanceSelector:
+ description: Selects Grafana instances for import
+ properties:
+ matchExpressions:
+ description: matchExpressions is a list of label selector requirements.
+ The requirements are ANDed.
+ items:
+ description: |-
+ A label selector requirement is a selector that contains values, a key, and an operator that
+ relates the key and values.
+ properties:
+ key:
+ description: key is the label key that the selector applies
+ to.
+ type: string
+ operator:
+ description: |-
+ operator represents a key's relationship to a set of values.
+ Valid operators are In, NotIn, Exists and DoesNotExist.
+ type: string
+ values:
+ description: |-
+ values is an array of string values. If the operator is In or NotIn,
+ the values array must be non-empty. If the operator is Exists or DoesNotExist,
+ the values array must be empty. This array is replaced during a strategic
+ merge patch.
+ items:
+ type: string
+ type: array
+ x-kubernetes-list-type: atomic
+ required:
+ - key
+ - operator
+ type: object
+ type: array
+ x-kubernetes-list-type: atomic
+ matchLabels:
+ additionalProperties:
+ type: string
+ description: |-
+ matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels
+ map is equivalent to an element of matchExpressions, whose key field is "key", the
+ operator is "In", and the values array contains only "value". The requirements are ANDed.
+ type: object
+ type: object
+ x-kubernetes-map-type: atomic
+ x-kubernetes-validations:
+ - message: spec.instanceSelector is immutable
+ rule: self == oldSelf
+ parentFolderRef:
+ description: Reference to an existing GrafanaFolder CR in the same
+ namespace
+ type: string
+ parentFolderUID:
+ description: UID of the folder in which the current folder should
+ be created
+ type: string
+ permissions:
+ description: Raw json with folder permissions, potentially exported
+ from Grafana
+ type: string
+ resyncPeriod:
+ description: How often the resource is synced, defaults to 10m0s if
+ not set
+ pattern: ^([0-9]+(\.[0-9]+)?(ns|us|µs|ms|s|m|h))+$
+ type: string
+ suspend:
+ description: Suspend pauses synchronizing attempts and tells the operator
+ to ignore changes
+ type: boolean
+ title:
+ description: Display name of the folder in Grafana
+ type: string
+ uid:
+ description: Manually specify the UID the Folder is created with.
+ Can be any string consisting of alphanumeric characters, - and _
+ with a maximum length of 40
+ maxLength: 40
+ pattern: ^[a-zA-Z0-9-_]+$
+ type: string
+ x-kubernetes-validations:
+ - message: spec.uid is immutable
+ rule: self == oldSelf
+ required:
+ - instanceSelector
+ type: object
+ x-kubernetes-validations:
+ - message: Only one of parentFolderUID or parentFolderRef can be set
+ rule: (has(self.parentFolderUID) && !(has(self.parentFolderRef))) ||
+ (has(self.parentFolderRef) && !(has(self.parentFolderUID))) || !(has(self.parentFolderRef)
+ && (has(self.parentFolderUID)))
+ - message: spec.uid is immutable
+ rule: ((!has(oldSelf.uid) && !has(self.uid)) || (has(oldSelf.uid) &&
+ has(self.uid)))
+ - message: disabling spec.allowCrossNamespaceImport requires a recreate
+ to ensure desired state
+ rule: '!oldSelf.allowCrossNamespaceImport || (oldSelf.allowCrossNamespaceImport
+ && self.allowCrossNamespaceImport)'
+ status:
+ description: GrafanaFolderStatus defines the observed state of GrafanaFolder
+ properties:
+ NoMatchingInstances:
+ description: The folder instanceSelector can't find matching grafana
+ instances
+ type: boolean
+ conditions:
+ description: Results when synchronizing resource with Grafana instances
+ items:
+ description: Condition contains details for one aspect of the current
+ state of this API Resource.
+ properties:
+ lastTransitionTime:
+ description: |-
+ lastTransitionTime is the last time the condition transitioned from one status to another.
+ This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable.
+ format: date-time
+ type: string
+ message:
+ description: |-
+ message is a human readable message indicating details about the transition.
+ This may be an empty string.
+ maxLength: 32768
+ type: string
+ observedGeneration:
+ description: |-
+ observedGeneration represents the .metadata.generation that the condition was set based upon.
+ For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date
+ with respect to the current state of the instance.
+ format: int64
+ minimum: 0
+ type: integer
+ reason:
+ description: |-
+ reason contains a programmatic identifier indicating the reason for the condition's last transition.
+ Producers of specific condition types may define expected values and meanings for this field,
+ and whether the values are considered a guaranteed API.
+ The value should be a CamelCase string.
+ This field may not be empty.
+ maxLength: 1024
+ minLength: 1
+ pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$
+ type: string
+ status:
+ description: status of the condition, one of True, False, Unknown.
+ enum:
+ - "True"
+ - "False"
+ - Unknown
+ type: string
+ type:
+ description: type of condition in CamelCase or in foo.example.com/CamelCase.
+ maxLength: 316
+ pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$
+ type: string
+ required:
+ - lastTransitionTime
+ - message
+ - reason
+ - status
+ - type
+ type: object
+ type: array
+ hash:
+ type: string
+ lastResync:
+ description: Last time the resource was synchronized with Grafana
+ instances
+ format: date-time
+ type: string
+ type: object
+ required:
+ - spec
+ type: object
+ served: true
+ storage: true
+ subresources:
+ status: {}
+status:
+ acceptedNames:
+ kind: ""
+ plural: ""
+ conditions: null
+ storedVersions: null
diff --git a/operators/grafana-operator/5.22.0/manifests/grafana.integreatly.org_grafanalibrarypanels.yaml b/operators/grafana-operator/5.22.0/manifests/grafana.integreatly.org_grafanalibrarypanels.yaml
new file mode 100644
index 000000000000..0d98ec0b2e2b
--- /dev/null
+++ b/operators/grafana-operator/5.22.0/manifests/grafana.integreatly.org_grafanalibrarypanels.yaml
@@ -0,0 +1,508 @@
+apiVersion: apiextensions.k8s.io/v1
+kind: CustomResourceDefinition
+metadata:
+ annotations:
+ controller-gen.kubebuilder.io/version: v0.20.1
+ creationTimestamp: null
+ name: grafanalibrarypanels.grafana.integreatly.org
+spec:
+ group: grafana.integreatly.org
+ names:
+ categories:
+ - grafana-operator
+ kind: GrafanaLibraryPanel
+ listKind: GrafanaLibraryPanelList
+ plural: grafanalibrarypanels
+ singular: grafanalibrarypanel
+ scope: Namespaced
+ versions:
+ - additionalPrinterColumns:
+ - format: date-time
+ jsonPath: .status.lastResync
+ name: Last resync
+ type: date
+ - jsonPath: .metadata.creationTimestamp
+ name: Age
+ type: date
+ name: v1beta1
+ schema:
+ openAPIV3Schema:
+ description: GrafanaLibraryPanel is the Schema for the grafanalibrarypanels
+ API
+ properties:
+ apiVersion:
+ description: |-
+ APIVersion defines the versioned schema of this representation of an object.
+ Servers should convert recognized schemas to the latest internal value, and
+ may reject unrecognized values.
+ More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
+ type: string
+ kind:
+ description: |-
+ Kind is a string value representing the REST resource this object represents.
+ Servers may infer this from the endpoint the client submits requests to.
+ Cannot be updated.
+ In CamelCase.
+ More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
+ type: string
+ metadata:
+ type: object
+ spec:
+ description: GrafanaLibraryPanelSpec defines the desired state of GrafanaLibraryPanel
+ properties:
+ allowCrossNamespaceImport:
+ default: false
+ description: Allow the Operator to match this resource with Grafanas
+ outside the current namespace
+ type: boolean
+ configMapRef:
+ description: model from configmap
+ properties:
+ key:
+ description: The key to select.
+ type: string
+ name:
+ default: ""
+ description: |-
+ Name of the referent.
+ This field is effectively required, but due to backwards compatibility is
+ allowed to be empty. Instances of this type with an empty value here are
+ almost certainly wrong.
+ More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+ type: string
+ optional:
+ description: Specify whether the ConfigMap or its key must be
+ defined
+ type: boolean
+ required:
+ - key
+ type: object
+ x-kubernetes-map-type: atomic
+ contentCacheDuration:
+ description: Cache duration for models fetched from URLs
+ type: string
+ datasources:
+ description: maps required data sources to existing ones
+ items:
+ description: |-
+ GrafanaResourceDatasource is used to set the datasource name of any templated datasources in
+ content definitions (e.g., dashboard JSON).
+ properties:
+ datasourceName:
+ type: string
+ inputName:
+ type: string
+ required:
+ - datasourceName
+ - inputName
+ type: object
+ type: array
+ envFrom:
+ description: environments variables from secrets or config maps
+ items:
+ properties:
+ configMapKeyRef:
+ description: Selects a key of a ConfigMap.
+ properties:
+ key:
+ description: The key to select.
+ type: string
+ name:
+ default: ""
+ description: |-
+ Name of the referent.
+ This field is effectively required, but due to backwards compatibility is
+ allowed to be empty. Instances of this type with an empty value here are
+ almost certainly wrong.
+ More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+ type: string
+ optional:
+ description: Specify whether the ConfigMap or its key must
+ be defined
+ type: boolean
+ required:
+ - key
+ type: object
+ x-kubernetes-map-type: atomic
+ secretKeyRef:
+ description: Selects a key of a Secret.
+ properties:
+ key:
+ description: The key of the secret to select from. Must
+ be a valid secret key.
+ type: string
+ name:
+ default: ""
+ description: |-
+ Name of the referent.
+ This field is effectively required, but due to backwards compatibility is
+ allowed to be empty. Instances of this type with an empty value here are
+ almost certainly wrong.
+ More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+ type: string
+ optional:
+ description: Specify whether the Secret or its key must
+ be defined
+ type: boolean
+ required:
+ - key
+ type: object
+ x-kubernetes-map-type: atomic
+ type: object
+ type: array
+ envs:
+ description: environments variables as a map
+ items:
+ properties:
+ name:
+ type: string
+ value:
+ description: Inline env value
+ type: string
+ valueFrom:
+ description: Reference on value source, might be the reference
+ on a secret or config map
+ properties:
+ configMapKeyRef:
+ description: Selects a key of a ConfigMap.
+ properties:
+ key:
+ description: The key to select.
+ type: string
+ name:
+ default: ""
+ description: |-
+ Name of the referent.
+ This field is effectively required, but due to backwards compatibility is
+ allowed to be empty. Instances of this type with an empty value here are
+ almost certainly wrong.
+ More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+ type: string
+ optional:
+ description: Specify whether the ConfigMap or its key
+ must be defined
+ type: boolean
+ required:
+ - key
+ type: object
+ x-kubernetes-map-type: atomic
+ secretKeyRef:
+ description: Selects a key of a Secret.
+ properties:
+ key:
+ description: The key of the secret to select from. Must
+ be a valid secret key.
+ type: string
+ name:
+ default: ""
+ description: |-
+ Name of the referent.
+ This field is effectively required, but due to backwards compatibility is
+ allowed to be empty. Instances of this type with an empty value here are
+ almost certainly wrong.
+ More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+ type: string
+ optional:
+ description: Specify whether the Secret or its key must
+ be defined
+ type: boolean
+ required:
+ - key
+ type: object
+ x-kubernetes-map-type: atomic
+ type: object
+ required:
+ - name
+ type: object
+ type: array
+ folderRef:
+ description: Name of a `GrafanaFolder` resource in the same namespace
+ type: string
+ folderUID:
+ description: UID of the target folder for this dashboard
+ type: string
+ grafanaCom:
+ description: grafana.com/dashboards
+ properties:
+ id:
+ type: integer
+ revision:
+ type: integer
+ required:
+ - id
+ type: object
+ gzipJson:
+ description: GzipJson the model's JSON compressed with Gzip. Base64-encoded
+ when in YAML.
+ format: byte
+ type: string
+ instanceSelector:
+ description: Selects Grafana instances for import
+ properties:
+ matchExpressions:
+ description: matchExpressions is a list of label selector requirements.
+ The requirements are ANDed.
+ items:
+ description: |-
+ A label selector requirement is a selector that contains values, a key, and an operator that
+ relates the key and values.
+ properties:
+ key:
+ description: key is the label key that the selector applies
+ to.
+ type: string
+ operator:
+ description: |-
+ operator represents a key's relationship to a set of values.
+ Valid operators are In, NotIn, Exists and DoesNotExist.
+ type: string
+ values:
+ description: |-
+ values is an array of string values. If the operator is In or NotIn,
+ the values array must be non-empty. If the operator is Exists or DoesNotExist,
+ the values array must be empty. This array is replaced during a strategic
+ merge patch.
+ items:
+ type: string
+ type: array
+ x-kubernetes-list-type: atomic
+ required:
+ - key
+ - operator
+ type: object
+ type: array
+ x-kubernetes-list-type: atomic
+ matchLabels:
+ additionalProperties:
+ type: string
+ description: |-
+ matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels
+ map is equivalent to an element of matchExpressions, whose key field is "key", the
+ operator is "In", and the values array contains only "value". The requirements are ANDed.
+ type: object
+ type: object
+ x-kubernetes-map-type: atomic
+ x-kubernetes-validations:
+ - message: spec.instanceSelector is immutable
+ rule: self == oldSelf
+ json:
+ description: model json
+ type: string
+ jsonnet:
+ description: Jsonnet
+ type: string
+ jsonnetLib:
+ description: Jsonnet project build
+ properties:
+ fileName:
+ type: string
+ gzipJsonnetProject:
+ format: byte
+ type: string
+ jPath:
+ items:
+ type: string
+ type: array
+ required:
+ - fileName
+ - gzipJsonnetProject
+ type: object
+ plugins:
+ description: plugins
+ items:
+ properties:
+ name:
+ minLength: 1
+ type: string
+ version:
+ pattern: ^((0|[1-9]\d*)\.(0|[1-9]\d*)\.(0|[1-9]\d*)(?:-((?:0|[1-9]\d*|\d*[a-zA-Z-][0-9a-zA-Z-]*)(?:\.(?:0|[1-9]\d*|\d*[a-zA-Z-][0-9a-zA-Z-]*))*))?(?:\+([0-9a-zA-Z-]+(?:\.[0-9a-zA-Z-]+)*))?|latest)$
+ type: string
+ required:
+ - name
+ - version
+ type: object
+ type: array
+ resyncPeriod:
+ description: How often the resource is synced, defaults to 10m0s if
+ not set
+ pattern: ^([0-9]+(\.[0-9]+)?(ns|us|µs|ms|s|m|h))+$
+ type: string
+ suspend:
+ description: Suspend pauses synchronizing attempts and tells the operator
+ to ignore changes
+ type: boolean
+ uid:
+ description: |-
+ Manually specify the uid, overwrites uids already present in the json model.
+ Can be any string consisting of alphanumeric characters, - and _ with a maximum length of 40.
+ maxLength: 40
+ pattern: ^[a-zA-Z0-9-_]+$
+ type: string
+ x-kubernetes-validations:
+ - message: spec.uid is immutable
+ rule: self == oldSelf
+ url:
+ description: model url
+ pattern: ^https?://.+$
+ type: string
+ urlAuthorization:
+ description: authorization options for model from url
+ properties:
+ basicAuth:
+ properties:
+ password:
+ description: SecretKeySelector selects a key of a Secret.
+ properties:
+ key:
+ description: The key of the secret to select from. Must
+ be a valid secret key.
+ type: string
+ name:
+ default: ""
+ description: |-
+ Name of the referent.
+ This field is effectively required, but due to backwards compatibility is
+ allowed to be empty. Instances of this type with an empty value here are
+ almost certainly wrong.
+ More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+ type: string
+ optional:
+ description: Specify whether the Secret or its key must
+ be defined
+ type: boolean
+ required:
+ - key
+ type: object
+ x-kubernetes-map-type: atomic
+ username:
+ description: SecretKeySelector selects a key of a Secret.
+ properties:
+ key:
+ description: The key of the secret to select from. Must
+ be a valid secret key.
+ type: string
+ name:
+ default: ""
+ description: |-
+ Name of the referent.
+ This field is effectively required, but due to backwards compatibility is
+ allowed to be empty. Instances of this type with an empty value here are
+ almost certainly wrong.
+ More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+ type: string
+ optional:
+ description: Specify whether the Secret or its key must
+ be defined
+ type: boolean
+ required:
+ - key
+ type: object
+ x-kubernetes-map-type: atomic
+ type: object
+ type: object
+ required:
+ - instanceSelector
+ type: object
+ x-kubernetes-validations:
+ - message: Only one of folderUID or folderRef can be declared at the same
+ time
+ rule: (has(self.folderUID) && !(has(self.folderRef))) || (has(self.folderRef)
+ && !(has(self.folderUID))) || !(has(self.folderRef) && (has(self.folderUID)))
+ - message: spec.uid is immutable
+ rule: ((!has(oldSelf.uid) && !has(self.uid)) || (has(oldSelf.uid) &&
+ has(self.uid)))
+ - message: disabling spec.allowCrossNamespaceImport requires a recreate
+ to ensure desired state
+ rule: '!oldSelf.allowCrossNamespaceImport || (oldSelf.allowCrossNamespaceImport
+ && self.allowCrossNamespaceImport)'
+ status:
+ description: GrafanaLibraryPanelStatus defines the observed state of GrafanaLibraryPanel
+ properties:
+ conditions:
+ description: Results when synchronizing resource with Grafana instances
+ items:
+ description: Condition contains details for one aspect of the current
+ state of this API Resource.
+ properties:
+ lastTransitionTime:
+ description: |-
+ lastTransitionTime is the last time the condition transitioned from one status to another.
+ This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable.
+ format: date-time
+ type: string
+ message:
+ description: |-
+ message is a human readable message indicating details about the transition.
+ This may be an empty string.
+ maxLength: 32768
+ type: string
+ observedGeneration:
+ description: |-
+ observedGeneration represents the .metadata.generation that the condition was set based upon.
+ For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date
+ with respect to the current state of the instance.
+ format: int64
+ minimum: 0
+ type: integer
+ reason:
+ description: |-
+ reason contains a programmatic identifier indicating the reason for the condition's last transition.
+ Producers of specific condition types may define expected values and meanings for this field,
+ and whether the values are considered a guaranteed API.
+ The value should be a CamelCase string.
+ This field may not be empty.
+ maxLength: 1024
+ minLength: 1
+ pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$
+ type: string
+ status:
+ description: status of the condition, one of True, False, Unknown.
+ enum:
+ - "True"
+ - "False"
+ - Unknown
+ type: string
+ type:
+ description: type of condition in CamelCase or in foo.example.com/CamelCase.
+ maxLength: 316
+ pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$
+ type: string
+ required:
+ - lastTransitionTime
+ - message
+ - reason
+ - status
+ - type
+ type: object
+ type: array
+ contentCache:
+ format: byte
+ type: string
+ contentTimestamp:
+ format: date-time
+ type: string
+ contentUrl:
+ type: string
+ hash:
+ type: string
+ lastResync:
+ description: Last time the resource was synchronized with Grafana
+ instances
+ format: date-time
+ type: string
+ uid:
+ type: string
+ type: object
+ required:
+ - spec
+ type: object
+ served: true
+ storage: true
+ subresources:
+ status: {}
+status:
+ acceptedNames:
+ kind: ""
+ plural: ""
+ conditions: null
+ storedVersions: null
diff --git a/operators/grafana-operator/5.22.0/manifests/grafana.integreatly.org_grafanamanifests.yaml b/operators/grafana-operator/5.22.0/manifests/grafana.integreatly.org_grafanamanifests.yaml
new file mode 100644
index 000000000000..ace0f80000b2
--- /dev/null
+++ b/operators/grafana-operator/5.22.0/manifests/grafana.integreatly.org_grafanamanifests.yaml
@@ -0,0 +1,339 @@
+apiVersion: apiextensions.k8s.io/v1
+kind: CustomResourceDefinition
+metadata:
+ annotations:
+ controller-gen.kubebuilder.io/version: v0.20.1
+ creationTimestamp: null
+ name: grafanamanifests.grafana.integreatly.org
+spec:
+ group: grafana.integreatly.org
+ names:
+ categories:
+ - grafana-operator
+ kind: GrafanaManifest
+ listKind: GrafanaManifestList
+ plural: grafanamanifests
+ singular: grafanamanifest
+ scope: Namespaced
+ versions:
+ - additionalPrinterColumns:
+ - jsonPath: .spec.template.kind
+ name: Kind
+ type: string
+ - format: date-time
+ jsonPath: .status.lastResync
+ name: Last resync
+ type: date
+ - jsonPath: .metadata.creationTimestamp
+ name: Age
+ type: date
+ name: v1beta1
+ schema:
+ openAPIV3Schema:
+ description: GrafanaManifest is the Schema for the grafana manifests
+ properties:
+ apiVersion:
+ description: |-
+ APIVersion defines the versioned schema of this representation of an object.
+ Servers should convert recognized schemas to the latest internal value, and
+ may reject unrecognized values.
+ More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
+ type: string
+ kind:
+ description: |-
+ Kind is a string value representing the REST resource this object represents.
+ Servers may infer this from the endpoint the client submits requests to.
+ Cannot be updated.
+ In CamelCase.
+ More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
+ type: string
+ metadata:
+ type: object
+ spec:
+ description: GrafanaManifestSpec defines the desired state of a GrafanaManifest
+ properties:
+ allowCrossNamespaceImport:
+ default: false
+ description: Allow the Operator to match this resource with Grafanas
+ outside the current namespace
+ type: boolean
+ instanceSelector:
+ description: Selects Grafana instances for import
+ properties:
+ matchExpressions:
+ description: matchExpressions is a list of label selector requirements.
+ The requirements are ANDed.
+ items:
+ description: |-
+ A label selector requirement is a selector that contains values, a key, and an operator that
+ relates the key and values.
+ properties:
+ key:
+ description: key is the label key that the selector applies
+ to.
+ type: string
+ operator:
+ description: |-
+ operator represents a key's relationship to a set of values.
+ Valid operators are In, NotIn, Exists and DoesNotExist.
+ type: string
+ values:
+ description: |-
+ values is an array of string values. If the operator is In or NotIn,
+ the values array must be non-empty. If the operator is Exists or DoesNotExist,
+ the values array must be empty. This array is replaced during a strategic
+ merge patch.
+ items:
+ type: string
+ type: array
+ x-kubernetes-list-type: atomic
+ required:
+ - key
+ - operator
+ type: object
+ type: array
+ x-kubernetes-list-type: atomic
+ matchLabels:
+ additionalProperties:
+ type: string
+ description: |-
+ matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels
+ map is equivalent to an element of matchExpressions, whose key field is "key", the
+ operator is "In", and the values array contains only "value". The requirements are ANDed.
+ type: object
+ type: object
+ x-kubernetes-map-type: atomic
+ x-kubernetes-validations:
+ - message: spec.instanceSelector is immutable
+ rule: self == oldSelf
+ patch:
+ properties:
+ env:
+ items:
+ properties:
+ name:
+ type: string
+ valueFrom:
+ properties:
+ configMapKeyRef:
+ description: Selects a key of a ConfigMap.
+ properties:
+ key:
+ description: The key to select.
+ type: string
+ name:
+ default: ""
+ description: |-
+ Name of the referent.
+ This field is effectively required, but due to backwards compatibility is
+ allowed to be empty. Instances of this type with an empty value here are
+ almost certainly wrong.
+ More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+ type: string
+ optional:
+ description: Specify whether the ConfigMap or its
+ key must be defined
+ type: boolean
+ required:
+ - key
+ type: object
+ x-kubernetes-map-type: atomic
+ grafanaRef:
+ description: ObjectFieldSelector selects an APIVersioned
+ field of an object.
+ properties:
+ apiVersion:
+ description: Version of the schema the FieldPath
+ is written in terms of, defaults to "v1".
+ type: string
+ fieldPath:
+ description: Path of the field to select in the
+ specified API version.
+ type: string
+ required:
+ - fieldPath
+ type: object
+ x-kubernetes-map-type: atomic
+ secretKeyRef:
+ description: Selects a key of a Secret.
+ properties:
+ key:
+ description: The key of the secret to select from. Must
+ be a valid secret key.
+ type: string
+ name:
+ default: ""
+ description: |-
+ Name of the referent.
+ This field is effectively required, but due to backwards compatibility is
+ allowed to be empty. Instances of this type with an empty value here are
+ almost certainly wrong.
+ More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+ type: string
+ optional:
+ description: Specify whether the Secret or its key
+ must be defined
+ type: boolean
+ required:
+ - key
+ type: object
+ x-kubernetes-map-type: atomic
+ type: object
+ required:
+ - name
+ - valueFrom
+ type: object
+ type: array
+ scripts:
+ items:
+ type: string
+ type: array
+ required:
+ - scripts
+ type: object
+ resyncPeriod:
+ description: How often the resource is synced, defaults to 10m0s if
+ not set
+ pattern: ^([0-9]+(\.[0-9]+)?(ns|us|µs|ms|s|m|h))+$
+ type: string
+ suspend:
+ description: Suspend pauses synchronizing attempts and tells the operator
+ to ignore changes
+ type: boolean
+ template:
+ properties:
+ apiVersion:
+ description: APIVersion defines the versioned schema of this representation
+ of an object.
+ type: string
+ kind:
+ description: Kind is a string value representing the REST resource
+ this object represents.
+ type: string
+ x-kubernetes-validations:
+ - message: Value is immutable
+ rule: self == oldSelf
+ metadata:
+ description: |-
+ RequiredObjectMeta contains only a [subset of the fields included in k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta](https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.27/#objectmeta-v1-meta).
+ It requires `name` to be set
+ properties:
+ annotations:
+ additionalProperties:
+ type: string
+ type: object
+ labels:
+ additionalProperties:
+ type: string
+ type: object
+ name:
+ type: string
+ x-kubernetes-validations:
+ - message: Value is immutable
+ rule: self == oldSelf
+ namespace:
+ type: string
+ x-kubernetes-validations:
+ - message: Value is immutable
+ rule: self == oldSelf
+ required:
+ - name
+ type: object
+ x-kubernetes-validations:
+ - message: namespace is immutable
+ rule: (!(has(oldSelf.namespace) && !has(self.namespace)))
+ spec:
+ x-kubernetes-preserve-unknown-fields: true
+ required:
+ - apiVersion
+ - kind
+ - metadata
+ type: object
+ required:
+ - instanceSelector
+ - template
+ type: object
+ x-kubernetes-validations:
+ - message: disabling spec.allowCrossNamespaceImport requires a recreate
+ to ensure desired state
+ rule: '!oldSelf.allowCrossNamespaceImport || (oldSelf.allowCrossNamespaceImport
+ && self.allowCrossNamespaceImport)'
+ status:
+ description: GrafanaManifestStatus defines the observed state of GrafanaManifest
+ properties:
+ conditions:
+ description: Results when synchronizing resource with Grafana instances
+ items:
+ description: Condition contains details for one aspect of the current
+ state of this API Resource.
+ properties:
+ lastTransitionTime:
+ description: |-
+ lastTransitionTime is the last time the condition transitioned from one status to another.
+ This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable.
+ format: date-time
+ type: string
+ message:
+ description: |-
+ message is a human readable message indicating details about the transition.
+ This may be an empty string.
+ maxLength: 32768
+ type: string
+ observedGeneration:
+ description: |-
+ observedGeneration represents the .metadata.generation that the condition was set based upon.
+ For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date
+ with respect to the current state of the instance.
+ format: int64
+ minimum: 0
+ type: integer
+ reason:
+ description: |-
+ reason contains a programmatic identifier indicating the reason for the condition's last transition.
+ Producers of specific condition types may define expected values and meanings for this field,
+ and whether the values are considered a guaranteed API.
+ The value should be a CamelCase string.
+ This field may not be empty.
+ maxLength: 1024
+ minLength: 1
+ pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$
+ type: string
+ status:
+ description: status of the condition, one of True, False, Unknown.
+ enum:
+ - "True"
+ - "False"
+ - Unknown
+ type: string
+ type:
+ description: type of condition in CamelCase or in foo.example.com/CamelCase.
+ maxLength: 316
+ pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$
+ type: string
+ required:
+ - lastTransitionTime
+ - message
+ - reason
+ - status
+ - type
+ type: object
+ type: array
+ lastResync:
+ description: Last time the resource was synchronized with Grafana
+ instances
+ format: date-time
+ type: string
+ type: object
+ required:
+ - spec
+ type: object
+ served: true
+ storage: true
+ subresources:
+ status: {}
+status:
+ acceptedNames:
+ kind: ""
+ plural: ""
+ conditions: null
+ storedVersions: null
diff --git a/operators/grafana-operator/5.22.0/manifests/grafana.integreatly.org_grafanamutetimings.yaml b/operators/grafana-operator/5.22.0/manifests/grafana.integreatly.org_grafanamutetimings.yaml
new file mode 100644
index 000000000000..8368be72c3f5
--- /dev/null
+++ b/operators/grafana-operator/5.22.0/manifests/grafana.integreatly.org_grafanamutetimings.yaml
@@ -0,0 +1,270 @@
+apiVersion: apiextensions.k8s.io/v1
+kind: CustomResourceDefinition
+metadata:
+ annotations:
+ controller-gen.kubebuilder.io/version: v0.20.1
+ creationTimestamp: null
+ name: grafanamutetimings.grafana.integreatly.org
+spec:
+ group: grafana.integreatly.org
+ names:
+ categories:
+ - grafana-operator
+ kind: GrafanaMuteTiming
+ listKind: GrafanaMuteTimingList
+ plural: grafanamutetimings
+ singular: grafanamutetiming
+ scope: Namespaced
+ versions:
+ - additionalPrinterColumns:
+ - format: date-time
+ jsonPath: .status.lastResync
+ name: Last resync
+ type: date
+ - jsonPath: .metadata.creationTimestamp
+ name: Age
+ type: date
+ name: v1beta1
+ schema:
+ openAPIV3Schema:
+ description: GrafanaMuteTiming is the Schema for the GrafanaMuteTiming API
+ properties:
+ apiVersion:
+ description: |-
+ APIVersion defines the versioned schema of this representation of an object.
+ Servers should convert recognized schemas to the latest internal value, and
+ may reject unrecognized values.
+ More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
+ type: string
+ kind:
+ description: |-
+ Kind is a string value representing the REST resource this object represents.
+ Servers may infer this from the endpoint the client submits requests to.
+ Cannot be updated.
+ In CamelCase.
+ More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
+ type: string
+ metadata:
+ type: object
+ spec:
+ description: GrafanaMuteTimingSpec defines the desired state of GrafanaMuteTiming
+ properties:
+ allowCrossNamespaceImport:
+ default: false
+ description: Allow the Operator to match this resource with Grafanas
+ outside the current namespace
+ type: boolean
+ editable:
+ default: true
+ description: Whether to enable or disable editing of the mute timing
+ in Grafana UI
+ type: boolean
+ x-kubernetes-validations:
+ - message: spec.editable is immutable
+ rule: self == oldSelf
+ instanceSelector:
+ description: Selects Grafana instances for import
+ properties:
+ matchExpressions:
+ description: matchExpressions is a list of label selector requirements.
+ The requirements are ANDed.
+ items:
+ description: |-
+ A label selector requirement is a selector that contains values, a key, and an operator that
+ relates the key and values.
+ properties:
+ key:
+ description: key is the label key that the selector applies
+ to.
+ type: string
+ operator:
+ description: |-
+ operator represents a key's relationship to a set of values.
+ Valid operators are In, NotIn, Exists and DoesNotExist.
+ type: string
+ values:
+ description: |-
+ values is an array of string values. If the operator is In or NotIn,
+ the values array must be non-empty. If the operator is Exists or DoesNotExist,
+ the values array must be empty. This array is replaced during a strategic
+ merge patch.
+ items:
+ type: string
+ type: array
+ x-kubernetes-list-type: atomic
+ required:
+ - key
+ - operator
+ type: object
+ type: array
+ x-kubernetes-list-type: atomic
+ matchLabels:
+ additionalProperties:
+ type: string
+ description: |-
+ matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels
+ map is equivalent to an element of matchExpressions, whose key field is "key", the
+ operator is "In", and the values array contains only "value". The requirements are ANDed.
+ type: object
+ type: object
+ x-kubernetes-map-type: atomic
+ x-kubernetes-validations:
+ - message: spec.instanceSelector is immutable
+ rule: self == oldSelf
+ name:
+ description: A unique name for the mute timing
+ type: string
+ resyncPeriod:
+ description: How often the resource is synced, defaults to 10m0s if
+ not set
+ pattern: ^([0-9]+(\.[0-9]+)?(ns|us|µs|ms|s|m|h))+$
+ type: string
+ suspend:
+ description: Suspend pauses synchronizing attempts and tells the operator
+ to ignore changes
+ type: boolean
+ time_intervals:
+ description: Time intervals for muting
+ items:
+ properties:
+ days_of_month:
+ description: |-
+ The date 1-31 of a month. Negative values can also be used to represent days that begin at the end of the month.
+ For example: -1 for the last day of the month.
+ items:
+ type: string
+ type: array
+ location:
+ description: Depending on the location, the time range is displayed
+ in local time.
+ type: string
+ months:
+ description: |-
+ The months of the year in either numerical or the full calendar month.
+ For example: 1, may.
+ items:
+ type: string
+ type: array
+ times:
+ description: The time inclusive of the start and exclusive of
+ the end time (in UTC if no location has been selected, otherwise
+ local time).
+ items:
+ properties:
+ end_time:
+ description: end time
+ type: string
+ start_time:
+ description: start time
+ type: string
+ required:
+ - end_time
+ - start_time
+ type: object
+ type: array
+ weekdays:
+ description: |-
+ The day or range of days of the week.
+ For example: monday, thursday
+ items:
+ type: string
+ type: array
+ years:
+ description: |-
+ The year or years for the interval.
+ For example: 2021
+ items:
+ type: string
+ type: array
+ type: object
+ minItems: 1
+ type: array
+ required:
+ - instanceSelector
+ - name
+ - time_intervals
+ type: object
+ x-kubernetes-validations:
+ - message: disabling spec.allowCrossNamespaceImport requires a recreate
+ to ensure desired state
+ rule: '!oldSelf.allowCrossNamespaceImport || (oldSelf.allowCrossNamespaceImport
+ && self.allowCrossNamespaceImport)'
+ status:
+ description: The most recent observed state of a Grafana resource
+ properties:
+ conditions:
+ description: Results when synchronizing resource with Grafana instances
+ items:
+ description: Condition contains details for one aspect of the current
+ state of this API Resource.
+ properties:
+ lastTransitionTime:
+ description: |-
+ lastTransitionTime is the last time the condition transitioned from one status to another.
+ This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable.
+ format: date-time
+ type: string
+ message:
+ description: |-
+ message is a human readable message indicating details about the transition.
+ This may be an empty string.
+ maxLength: 32768
+ type: string
+ observedGeneration:
+ description: |-
+ observedGeneration represents the .metadata.generation that the condition was set based upon.
+ For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date
+ with respect to the current state of the instance.
+ format: int64
+ minimum: 0
+ type: integer
+ reason:
+ description: |-
+ reason contains a programmatic identifier indicating the reason for the condition's last transition.
+ Producers of specific condition types may define expected values and meanings for this field,
+ and whether the values are considered a guaranteed API.
+ The value should be a CamelCase string.
+ This field may not be empty.
+ maxLength: 1024
+ minLength: 1
+ pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$
+ type: string
+ status:
+ description: status of the condition, one of True, False, Unknown.
+ enum:
+ - "True"
+ - "False"
+ - Unknown
+ type: string
+ type:
+ description: type of condition in CamelCase or in foo.example.com/CamelCase.
+ maxLength: 316
+ pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$
+ type: string
+ required:
+ - lastTransitionTime
+ - message
+ - reason
+ - status
+ - type
+ type: object
+ type: array
+ lastResync:
+ description: Last time the resource was synchronized with Grafana
+ instances
+ format: date-time
+ type: string
+ type: object
+ required:
+ - spec
+ type: object
+ served: true
+ storage: true
+ subresources:
+ status: {}
+status:
+ acceptedNames:
+ kind: ""
+ plural: ""
+ conditions: null
+ storedVersions: null
diff --git a/operators/grafana-operator/5.22.0/manifests/grafana.integreatly.org_grafananotificationpolicies.yaml b/operators/grafana-operator/5.22.0/manifests/grafana.integreatly.org_grafananotificationpolicies.yaml
new file mode 100644
index 000000000000..cab250fc28d4
--- /dev/null
+++ b/operators/grafana-operator/5.22.0/manifests/grafana.integreatly.org_grafananotificationpolicies.yaml
@@ -0,0 +1,367 @@
+apiVersion: apiextensions.k8s.io/v1
+kind: CustomResourceDefinition
+metadata:
+ annotations:
+ controller-gen.kubebuilder.io/version: v0.20.1
+ creationTimestamp: null
+ name: grafananotificationpolicies.grafana.integreatly.org
+spec:
+ group: grafana.integreatly.org
+ names:
+ categories:
+ - grafana-operator
+ kind: GrafanaNotificationPolicy
+ listKind: GrafanaNotificationPolicyList
+ plural: grafananotificationpolicies
+ singular: grafananotificationpolicy
+ scope: Namespaced
+ versions:
+ - additionalPrinterColumns:
+ - format: date-time
+ jsonPath: .status.lastResync
+ name: Last resync
+ type: date
+ - jsonPath: .metadata.creationTimestamp
+ name: Age
+ type: date
+ name: v1beta1
+ schema:
+ openAPIV3Schema:
+ description: GrafanaNotificationPolicy is the Schema for the GrafanaNotificationPolicy
+ API
+ properties:
+ apiVersion:
+ description: |-
+ APIVersion defines the versioned schema of this representation of an object.
+ Servers should convert recognized schemas to the latest internal value, and
+ may reject unrecognized values.
+ More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
+ type: string
+ kind:
+ description: |-
+ Kind is a string value representing the REST resource this object represents.
+ Servers may infer this from the endpoint the client submits requests to.
+ Cannot be updated.
+ In CamelCase.
+ More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
+ type: string
+ metadata:
+ type: object
+ spec:
+ description: GrafanaNotificationPolicySpec defines the desired state of
+ GrafanaNotificationPolicy
+ properties:
+ allowCrossNamespaceImport:
+ default: false
+ description: Allow the Operator to match this resource with Grafanas
+ outside the current namespace
+ type: boolean
+ editable:
+ description: Whether to enable or disable editing of the notification
+ policy in Grafana UI
+ type: boolean
+ x-kubernetes-validations:
+ - message: Value is immutable
+ rule: self == oldSelf
+ instanceSelector:
+ description: Selects Grafana instances for import
+ properties:
+ matchExpressions:
+ description: matchExpressions is a list of label selector requirements.
+ The requirements are ANDed.
+ items:
+ description: |-
+ A label selector requirement is a selector that contains values, a key, and an operator that
+ relates the key and values.
+ properties:
+ key:
+ description: key is the label key that the selector applies
+ to.
+ type: string
+ operator:
+ description: |-
+ operator represents a key's relationship to a set of values.
+ Valid operators are In, NotIn, Exists and DoesNotExist.
+ type: string
+ values:
+ description: |-
+ values is an array of string values. If the operator is In or NotIn,
+ the values array must be non-empty. If the operator is Exists or DoesNotExist,
+ the values array must be empty. This array is replaced during a strategic
+ merge patch.
+ items:
+ type: string
+ type: array
+ x-kubernetes-list-type: atomic
+ required:
+ - key
+ - operator
+ type: object
+ type: array
+ x-kubernetes-list-type: atomic
+ matchLabels:
+ additionalProperties:
+ type: string
+ description: |-
+ matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels
+ map is equivalent to an element of matchExpressions, whose key field is "key", the
+ operator is "In", and the values array contains only "value". The requirements are ANDed.
+ type: object
+ type: object
+ x-kubernetes-map-type: atomic
+ x-kubernetes-validations:
+ - message: spec.instanceSelector is immutable
+ rule: self == oldSelf
+ resyncPeriod:
+ description: How often the resource is synced, defaults to 10m0s if
+ not set
+ pattern: ^([0-9]+(\.[0-9]+)?(ns|us|µs|ms|s|m|h))+$
+ type: string
+ route:
+ description: Routes for alerts to match against
+ properties:
+ active_time_intervals:
+ description: 'Deprecated: Never worked on the top level route
+ node'
+ items:
+ type: string
+ type: array
+ continue:
+ description: 'Deprecated: Never worked on the top level route
+ node'
+ type: boolean
+ group_by:
+ description: group by
+ items:
+ type: string
+ type: array
+ group_interval:
+ description: group interval
+ type: string
+ group_wait:
+ description: group wait
+ type: string
+ match_re:
+ additionalProperties:
+ type: string
+ description: 'Deprecated: Never worked on the top level route
+ node'
+ type: object
+ matchers:
+ description: 'Deprecated: Never worked on the top level route
+ node'
+ items:
+ properties:
+ isEqual:
+ description: is equal
+ type: boolean
+ isRegex:
+ description: is regex
+ type: boolean
+ name:
+ description: name
+ type: string
+ value:
+ description: value
+ type: string
+ required:
+ - isRegex
+ - value
+ type: object
+ type: array
+ mute_time_intervals:
+ description: 'Deprecated: Never worked on the top level route
+ node'
+ items:
+ type: string
+ type: array
+ object_matchers:
+ description: 'Deprecated: Never worked on the top level route
+ node'
+ items:
+ description: |-
+ ObjectMatcher ObjectMatcher is a matcher that can be used to filter alerts.
+
+ swagger:model ObjectMatcher
+ items:
+ type: string
+ type: array
+ type: array
+ provenance:
+ description: 'Deprecated: Does nothing'
+ type: string
+ receiver:
+ description: receiver
+ minLength: 1
+ type: string
+ repeat_interval:
+ description: repeat interval
+ type: string
+ routeSelector:
+ description: |-
+ selects GrafanaNotificationPolicyRoutes to merge in when specified
+ mutually exclusive with Routes
+ properties:
+ matchExpressions:
+ description: matchExpressions is a list of label selector
+ requirements. The requirements are ANDed.
+ items:
+ description: |-
+ A label selector requirement is a selector that contains values, a key, and an operator that
+ relates the key and values.
+ properties:
+ key:
+ description: key is the label key that the selector
+ applies to.
+ type: string
+ operator:
+ description: |-
+ operator represents a key's relationship to a set of values.
+ Valid operators are In, NotIn, Exists and DoesNotExist.
+ type: string
+ values:
+ description: |-
+ values is an array of string values. If the operator is In or NotIn,
+ the values array must be non-empty. If the operator is Exists or DoesNotExist,
+ the values array must be empty. This array is replaced during a strategic
+ merge patch.
+ items:
+ type: string
+ type: array
+ x-kubernetes-list-type: atomic
+ required:
+ - key
+ - operator
+ type: object
+ type: array
+ x-kubernetes-list-type: atomic
+ matchLabels:
+ additionalProperties:
+ type: string
+ description: |-
+ matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels
+ map is equivalent to an element of matchExpressions, whose key field is "key", the
+ operator is "In", and the values array contains only "value". The requirements are ANDed.
+ type: object
+ type: object
+ x-kubernetes-map-type: atomic
+ routes:
+ description: routes, mutually exclusive with RouteSelector
+ x-kubernetes-preserve-unknown-fields: true
+ required:
+ - receiver
+ type: object
+ x-kubernetes-validations:
+ - message: continue is invalid on the top level route node
+ rule: '!has(self.continue)'
+ - message: match_re is invalid on the top level route node
+ rule: '!has(self.match_re)'
+ - message: matchers is invalid on the top level route node
+ rule: '!has(self.matchers)'
+ - message: object_matchers is invalid on the top level route node
+ rule: '!has(self.object_matchers)'
+ - message: mute_time_intervals is invalid on the top level route node
+ rule: '!has(self.mute_time_intervals)'
+ - message: active_time_intervals is invalid on the top level route
+ node
+ rule: '!has(self.active_time_intervals)'
+ suspend:
+ description: Suspend pauses synchronizing attempts and tells the operator
+ to ignore changes
+ type: boolean
+ required:
+ - instanceSelector
+ - route
+ type: object
+ x-kubernetes-validations:
+ - message: spec.editable is immutable
+ rule: ((!has(oldSelf.editable) && !has(self.editable)) || (has(oldSelf.editable)
+ && has(self.editable)))
+ - message: disabling spec.allowCrossNamespaceImport requires a recreate
+ to ensure desired state
+ rule: '!oldSelf.allowCrossNamespaceImport || (oldSelf.allowCrossNamespaceImport
+ && self.allowCrossNamespaceImport)'
+ status:
+ description: GrafanaNotificationPolicyStatus defines the observed state
+ of GrafanaNotificationPolicy
+ properties:
+ conditions:
+ description: Results when synchronizing resource with Grafana instances
+ items:
+ description: Condition contains details for one aspect of the current
+ state of this API Resource.
+ properties:
+ lastTransitionTime:
+ description: |-
+ lastTransitionTime is the last time the condition transitioned from one status to another.
+ This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable.
+ format: date-time
+ type: string
+ message:
+ description: |-
+ message is a human readable message indicating details about the transition.
+ This may be an empty string.
+ maxLength: 32768
+ type: string
+ observedGeneration:
+ description: |-
+ observedGeneration represents the .metadata.generation that the condition was set based upon.
+ For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date
+ with respect to the current state of the instance.
+ format: int64
+ minimum: 0
+ type: integer
+ reason:
+ description: |-
+ reason contains a programmatic identifier indicating the reason for the condition's last transition.
+ Producers of specific condition types may define expected values and meanings for this field,
+ and whether the values are considered a guaranteed API.
+ The value should be a CamelCase string.
+ This field may not be empty.
+ maxLength: 1024
+ minLength: 1
+ pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$
+ type: string
+ status:
+ description: status of the condition, one of True, False, Unknown.
+ enum:
+ - "True"
+ - "False"
+ - Unknown
+ type: string
+ type:
+ description: type of condition in CamelCase or in foo.example.com/CamelCase.
+ maxLength: 316
+ pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$
+ type: string
+ required:
+ - lastTransitionTime
+ - message
+ - reason
+ - status
+ - type
+ type: object
+ type: array
+ discoveredRoutes:
+ items:
+ type: string
+ type: array
+ lastResync:
+ description: Last time the resource was synchronized with Grafana
+ instances
+ format: date-time
+ type: string
+ type: object
+ required:
+ - spec
+ type: object
+ served: true
+ storage: true
+ subresources:
+ status: {}
+status:
+ acceptedNames:
+ kind: ""
+ plural: ""
+ conditions: null
+ storedVersions: null
diff --git a/operators/grafana-operator/5.22.0/manifests/grafana.integreatly.org_grafananotificationpolicyroutes.yaml b/operators/grafana-operator/5.22.0/manifests/grafana.integreatly.org_grafananotificationpolicyroutes.yaml
new file mode 100644
index 000000000000..a5d13f60cd78
--- /dev/null
+++ b/operators/grafana-operator/5.22.0/manifests/grafana.integreatly.org_grafananotificationpolicyroutes.yaml
@@ -0,0 +1,249 @@
+apiVersion: apiextensions.k8s.io/v1
+kind: CustomResourceDefinition
+metadata:
+ annotations:
+ controller-gen.kubebuilder.io/version: v0.20.1
+ creationTimestamp: null
+ name: grafananotificationpolicyroutes.grafana.integreatly.org
+spec:
+ group: grafana.integreatly.org
+ names:
+ categories:
+ - grafana-operator
+ kind: GrafanaNotificationPolicyRoute
+ listKind: GrafanaNotificationPolicyRouteList
+ plural: grafananotificationpolicyroutes
+ singular: grafananotificationpolicyroute
+ scope: Namespaced
+ versions:
+ - name: v1beta1
+ schema:
+ openAPIV3Schema:
+ description: GrafanaNotificationPolicyRoute is the Schema for the grafananotificationpolicyroutes
+ API
+ properties:
+ apiVersion:
+ description: |-
+ APIVersion defines the versioned schema of this representation of an object.
+ Servers should convert recognized schemas to the latest internal value, and
+ may reject unrecognized values.
+ More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
+ type: string
+ kind:
+ description: |-
+ Kind is a string value representing the REST resource this object represents.
+ Servers may infer this from the endpoint the client submits requests to.
+ Cannot be updated.
+ In CamelCase.
+ More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
+ type: string
+ metadata:
+ type: object
+ spec:
+ description: GrafanaNotificationPolicyRouteSpec defines the desired state
+ of GrafanaNotificationPolicyRoute
+ properties:
+ active_time_intervals:
+ description: active time intervals
+ items:
+ type: string
+ type: array
+ continue:
+ description: continue
+ type: boolean
+ group_by:
+ description: group by
+ items:
+ type: string
+ type: array
+ group_interval:
+ description: group interval
+ type: string
+ group_wait:
+ description: group wait
+ type: string
+ match_re:
+ additionalProperties:
+ type: string
+ description: match re
+ type: object
+ matchers:
+ description: matchers
+ items:
+ properties:
+ isEqual:
+ description: is equal
+ type: boolean
+ isRegex:
+ description: is regex
+ type: boolean
+ name:
+ description: name
+ type: string
+ value:
+ description: value
+ type: string
+ required:
+ - isRegex
+ - value
+ type: object
+ type: array
+ mute_time_intervals:
+ description: mute time intervals
+ items:
+ type: string
+ type: array
+ object_matchers:
+ description: object matchers
+ items:
+ description: |-
+ ObjectMatcher ObjectMatcher is a matcher that can be used to filter alerts.
+
+ swagger:model ObjectMatcher
+ items:
+ type: string
+ type: array
+ type: array
+ provenance:
+ description: 'Deprecated: Does nothing'
+ type: string
+ receiver:
+ description: receiver
+ minLength: 1
+ type: string
+ repeat_interval:
+ description: repeat interval
+ type: string
+ routeSelector:
+ description: |-
+ selects GrafanaNotificationPolicyRoutes to merge in when specified
+ mutually exclusive with Routes
+ properties:
+ matchExpressions:
+ description: matchExpressions is a list of label selector requirements.
+ The requirements are ANDed.
+ items:
+ description: |-
+ A label selector requirement is a selector that contains values, a key, and an operator that
+ relates the key and values.
+ properties:
+ key:
+ description: key is the label key that the selector applies
+ to.
+ type: string
+ operator:
+ description: |-
+ operator represents a key's relationship to a set of values.
+ Valid operators are In, NotIn, Exists and DoesNotExist.
+ type: string
+ values:
+ description: |-
+ values is an array of string values. If the operator is In or NotIn,
+ the values array must be non-empty. If the operator is Exists or DoesNotExist,
+ the values array must be empty. This array is replaced during a strategic
+ merge patch.
+ items:
+ type: string
+ type: array
+ x-kubernetes-list-type: atomic
+ required:
+ - key
+ - operator
+ type: object
+ type: array
+ x-kubernetes-list-type: atomic
+ matchLabels:
+ additionalProperties:
+ type: string
+ description: |-
+ matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels
+ map is equivalent to an element of matchExpressions, whose key field is "key", the
+ operator is "In", and the values array contains only "value". The requirements are ANDed.
+ type: object
+ type: object
+ x-kubernetes-map-type: atomic
+ routes:
+ description: routes, mutually exclusive with RouteSelector
+ x-kubernetes-preserve-unknown-fields: true
+ required:
+ - receiver
+ type: object
+ status:
+ description: The most recent observed state of a Grafana resource
+ properties:
+ conditions:
+ description: Results when synchronizing resource with Grafana instances
+ items:
+ description: Condition contains details for one aspect of the current
+ state of this API Resource.
+ properties:
+ lastTransitionTime:
+ description: |-
+ lastTransitionTime is the last time the condition transitioned from one status to another.
+ This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable.
+ format: date-time
+ type: string
+ message:
+ description: |-
+ message is a human readable message indicating details about the transition.
+ This may be an empty string.
+ maxLength: 32768
+ type: string
+ observedGeneration:
+ description: |-
+ observedGeneration represents the .metadata.generation that the condition was set based upon.
+ For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date
+ with respect to the current state of the instance.
+ format: int64
+ minimum: 0
+ type: integer
+ reason:
+ description: |-
+ reason contains a programmatic identifier indicating the reason for the condition's last transition.
+ Producers of specific condition types may define expected values and meanings for this field,
+ and whether the values are considered a guaranteed API.
+ The value should be a CamelCase string.
+ This field may not be empty.
+ maxLength: 1024
+ minLength: 1
+ pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$
+ type: string
+ status:
+ description: status of the condition, one of True, False, Unknown.
+ enum:
+ - "True"
+ - "False"
+ - Unknown
+ type: string
+ type:
+ description: type of condition in CamelCase or in foo.example.com/CamelCase.
+ maxLength: 316
+ pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$
+ type: string
+ required:
+ - lastTransitionTime
+ - message
+ - reason
+ - status
+ - type
+ type: object
+ type: array
+ lastResync:
+ description: Last time the resource was synchronized with Grafana
+ instances
+ format: date-time
+ type: string
+ type: object
+ required:
+ - spec
+ type: object
+ served: true
+ storage: true
+ subresources:
+ status: {}
+status:
+ acceptedNames:
+ kind: ""
+ plural: ""
+ conditions: null
+ storedVersions: null
diff --git a/operators/grafana-operator/5.22.0/manifests/grafana.integreatly.org_grafananotificationtemplates.yaml b/operators/grafana-operator/5.22.0/manifests/grafana.integreatly.org_grafananotificationtemplates.yaml
new file mode 100644
index 000000000000..ab2f3ce9ad95
--- /dev/null
+++ b/operators/grafana-operator/5.22.0/manifests/grafana.integreatly.org_grafananotificationtemplates.yaml
@@ -0,0 +1,220 @@
+apiVersion: apiextensions.k8s.io/v1
+kind: CustomResourceDefinition
+metadata:
+ annotations:
+ controller-gen.kubebuilder.io/version: v0.20.1
+ creationTimestamp: null
+ name: grafananotificationtemplates.grafana.integreatly.org
+spec:
+ group: grafana.integreatly.org
+ names:
+ categories:
+ - grafana-operator
+ kind: GrafanaNotificationTemplate
+ listKind: GrafanaNotificationTemplateList
+ plural: grafananotificationtemplates
+ singular: grafananotificationtemplate
+ scope: Namespaced
+ versions:
+ - additionalPrinterColumns:
+ - format: date-time
+ jsonPath: .status.lastResync
+ name: Last resync
+ type: date
+ - jsonPath: .metadata.creationTimestamp
+ name: Age
+ type: date
+ name: v1beta1
+ schema:
+ openAPIV3Schema:
+ description: GrafanaNotificationTemplate is the Schema for the GrafanaNotificationTemplate
+ API
+ properties:
+ apiVersion:
+ description: |-
+ APIVersion defines the versioned schema of this representation of an object.
+ Servers should convert recognized schemas to the latest internal value, and
+ may reject unrecognized values.
+ More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
+ type: string
+ kind:
+ description: |-
+ Kind is a string value representing the REST resource this object represents.
+ Servers may infer this from the endpoint the client submits requests to.
+ Cannot be updated.
+ In CamelCase.
+ More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
+ type: string
+ metadata:
+ type: object
+ spec:
+ description: GrafanaNotificationTemplateSpec defines the desired state
+ of GrafanaNotificationTemplate
+ properties:
+ allowCrossNamespaceImport:
+ default: false
+ description: Allow the Operator to match this resource with Grafanas
+ outside the current namespace
+ type: boolean
+ editable:
+ description: Whether to enable or disable editing of the notification
+ template in Grafana UI
+ type: boolean
+ x-kubernetes-validations:
+ - message: spec.editable is immutable
+ rule: self == oldSelf
+ instanceSelector:
+ description: Selects Grafana instances for import
+ properties:
+ matchExpressions:
+ description: matchExpressions is a list of label selector requirements.
+ The requirements are ANDed.
+ items:
+ description: |-
+ A label selector requirement is a selector that contains values, a key, and an operator that
+ relates the key and values.
+ properties:
+ key:
+ description: key is the label key that the selector applies
+ to.
+ type: string
+ operator:
+ description: |-
+ operator represents a key's relationship to a set of values.
+ Valid operators are In, NotIn, Exists and DoesNotExist.
+ type: string
+ values:
+ description: |-
+ values is an array of string values. If the operator is In or NotIn,
+ the values array must be non-empty. If the operator is Exists or DoesNotExist,
+ the values array must be empty. This array is replaced during a strategic
+ merge patch.
+ items:
+ type: string
+ type: array
+ x-kubernetes-list-type: atomic
+ required:
+ - key
+ - operator
+ type: object
+ type: array
+ x-kubernetes-list-type: atomic
+ matchLabels:
+ additionalProperties:
+ type: string
+ description: |-
+ matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels
+ map is equivalent to an element of matchExpressions, whose key field is "key", the
+ operator is "In", and the values array contains only "value". The requirements are ANDed.
+ type: object
+ type: object
+ x-kubernetes-map-type: atomic
+ x-kubernetes-validations:
+ - message: spec.instanceSelector is immutable
+ rule: self == oldSelf
+ name:
+ description: Template name
+ type: string
+ resyncPeriod:
+ description: How often the resource is synced, defaults to 10m0s if
+ not set
+ pattern: ^([0-9]+(\.[0-9]+)?(ns|us|µs|ms|s|m|h))+$
+ type: string
+ suspend:
+ description: Suspend pauses synchronizing attempts and tells the operator
+ to ignore changes
+ type: boolean
+ template:
+ description: Template content
+ type: string
+ required:
+ - instanceSelector
+ - name
+ type: object
+ x-kubernetes-validations:
+ - message: spec.editable is immutable
+ rule: ((!has(oldSelf.editable) && !has(self.editable)) || (has(oldSelf.editable)
+ && has(self.editable)))
+ - message: disabling spec.allowCrossNamespaceImport requires a recreate
+ to ensure desired state
+ rule: '!oldSelf.allowCrossNamespaceImport || (oldSelf.allowCrossNamespaceImport
+ && self.allowCrossNamespaceImport)'
+ status:
+ description: The most recent observed state of a Grafana resource
+ properties:
+ conditions:
+ description: Results when synchronizing resource with Grafana instances
+ items:
+ description: Condition contains details for one aspect of the current
+ state of this API Resource.
+ properties:
+ lastTransitionTime:
+ description: |-
+ lastTransitionTime is the last time the condition transitioned from one status to another.
+ This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable.
+ format: date-time
+ type: string
+ message:
+ description: |-
+ message is a human readable message indicating details about the transition.
+ This may be an empty string.
+ maxLength: 32768
+ type: string
+ observedGeneration:
+ description: |-
+ observedGeneration represents the .metadata.generation that the condition was set based upon.
+ For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date
+ with respect to the current state of the instance.
+ format: int64
+ minimum: 0
+ type: integer
+ reason:
+ description: |-
+ reason contains a programmatic identifier indicating the reason for the condition's last transition.
+ Producers of specific condition types may define expected values and meanings for this field,
+ and whether the values are considered a guaranteed API.
+ The value should be a CamelCase string.
+ This field may not be empty.
+ maxLength: 1024
+ minLength: 1
+ pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$
+ type: string
+ status:
+ description: status of the condition, one of True, False, Unknown.
+ enum:
+ - "True"
+ - "False"
+ - Unknown
+ type: string
+ type:
+ description: type of condition in CamelCase or in foo.example.com/CamelCase.
+ maxLength: 316
+ pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$
+ type: string
+ required:
+ - lastTransitionTime
+ - message
+ - reason
+ - status
+ - type
+ type: object
+ type: array
+ lastResync:
+ description: Last time the resource was synchronized with Grafana
+ instances
+ format: date-time
+ type: string
+ type: object
+ required:
+ - spec
+ type: object
+ served: true
+ storage: true
+ subresources:
+ status: {}
+status:
+ acceptedNames:
+ kind: ""
+ plural: ""
+ conditions: null
+ storedVersions: null
diff --git a/operators/grafana-operator/5.22.0/manifests/grafana.integreatly.org_grafanas.yaml b/operators/grafana-operator/5.22.0/manifests/grafana.integreatly.org_grafanas.yaml
new file mode 100644
index 000000000000..5dedb714eed6
--- /dev/null
+++ b/operators/grafana-operator/5.22.0/manifests/grafana.integreatly.org_grafanas.yaml
@@ -0,0 +1,8702 @@
+apiVersion: apiextensions.k8s.io/v1
+kind: CustomResourceDefinition
+metadata:
+ annotations:
+ controller-gen.kubebuilder.io/version: v0.20.1
+ creationTimestamp: null
+ name: grafanas.grafana.integreatly.org
+spec:
+ group: grafana.integreatly.org
+ names:
+ categories:
+ - grafana-operator
+ kind: Grafana
+ listKind: GrafanaList
+ plural: grafanas
+ singular: grafana
+ scope: Namespaced
+ versions:
+ - additionalPrinterColumns:
+ - jsonPath: .status.version
+ name: Version
+ type: string
+ - jsonPath: .status.stage
+ name: Stage
+ type: string
+ - jsonPath: .status.stageStatus
+ name: Stage status
+ type: string
+ - jsonPath: .metadata.creationTimestamp
+ name: Age
+ type: date
+ name: v1beta1
+ schema:
+ openAPIV3Schema:
+ description: Grafana is the Schema for the grafanas API
+ properties:
+ apiVersion:
+ description: |-
+ APIVersion defines the versioned schema of this representation of an object.
+ Servers should convert recognized schemas to the latest internal value, and
+ may reject unrecognized values.
+ More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
+ type: string
+ kind:
+ description: |-
+ Kind is a string value representing the REST resource this object represents.
+ Servers may infer this from the endpoint the client submits requests to.
+ Cannot be updated.
+ In CamelCase.
+ More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
+ type: string
+ metadata:
+ type: object
+ spec:
+ description: GrafanaSpec defines the desired state of Grafana
+ properties:
+ client:
+ description: Client defines how the grafana-operator talks to the
+ grafana instance.
+ properties:
+ headers:
+ additionalProperties:
+ type: string
+ description: Custom HTTP headers to use when interacting with
+ this Grafana.
+ type: object
+ preferIngress:
+ description: If the operator should send it's request through
+ the grafana instances ingress object instead of through the
+ service.
+ nullable: true
+ type: boolean
+ timeout:
+ nullable: true
+ type: integer
+ tls:
+ description: TLS Configuration used to talk with the grafana instance.
+ properties:
+ certSecretRef:
+ description: Use a secret as a reference to give TLS Certificate
+ information
+ properties:
+ name:
+ description: name is unique within a namespace to reference
+ a secret resource.
+ type: string
+ namespace:
+ description: namespace defines the space within which
+ the secret name must be unique.
+ type: string
+ type: object
+ x-kubernetes-map-type: atomic
+ insecureSkipVerify:
+ description: Disable the CA check of the server
+ type: boolean
+ type: object
+ x-kubernetes-validations:
+ - message: insecureSkipVerify and certSecretRef cannot be set
+ at the same time
+ rule: (has(self.insecureSkipVerify) && !(has(self.certSecretRef)))
+ || (has(self.certSecretRef) && !(has(self.insecureSkipVerify)))
+ useKubeAuth:
+ description: |-
+ Use Kubernetes Serviceaccount as authentication
+ Requires configuring [auth.jwt] in the instance
+ type: boolean
+ type: object
+ config:
+ additionalProperties:
+ additionalProperties:
+ type: string
+ type: object
+ description: Config defines how your grafana ini file should looks
+ like.
+ type: object
+ x-kubernetes-preserve-unknown-fields: true
+ deployment:
+ description: Deployment sets how the deployment object should look
+ like with your grafana instance, contains a number of defaults.
+ properties:
+ metadata:
+ properties:
+ annotations:
+ additionalProperties:
+ type: string
+ type: object
+ labels:
+ additionalProperties:
+ type: string
+ type: object
+ type: object
+ spec:
+ properties:
+ minReadySeconds:
+ format: int32
+ type: integer
+ paused:
+ type: boolean
+ progressDeadlineSeconds:
+ format: int32
+ type: integer
+ replicas:
+ format: int32
+ type: integer
+ revisionHistoryLimit:
+ format: int32
+ type: integer
+ selector:
+ properties:
+ matchExpressions:
+ items:
+ properties:
+ key:
+ type: string
+ operator:
+ type: string
+ values:
+ items:
+ type: string
+ type: array
+ x-kubernetes-list-type: atomic
+ required:
+ - key
+ - operator
+ type: object
+ type: array
+ x-kubernetes-list-type: atomic
+ matchLabels:
+ additionalProperties:
+ type: string
+ type: object
+ type: object
+ x-kubernetes-map-type: atomic
+ strategy:
+ properties:
+ rollingUpdate:
+ properties:
+ maxSurge:
+ anyOf:
+ - type: integer
+ - type: string
+ x-kubernetes-int-or-string: true
+ maxUnavailable:
+ anyOf:
+ - type: integer
+ - type: string
+ x-kubernetes-int-or-string: true
+ type: object
+ type:
+ type: string
+ type: object
+ template:
+ properties:
+ metadata:
+ properties:
+ annotations:
+ additionalProperties:
+ type: string
+ type: object
+ labels:
+ additionalProperties:
+ type: string
+ type: object
+ type: object
+ spec:
+ properties:
+ activeDeadlineSeconds:
+ format: int64
+ type: integer
+ affinity:
+ properties:
+ nodeAffinity:
+ properties:
+ preferredDuringSchedulingIgnoredDuringExecution:
+ items:
+ properties:
+ preference:
+ properties:
+ matchExpressions:
+ items:
+ properties:
+ key:
+ type: string
+ operator:
+ type: string
+ values:
+ items:
+ type: string
+ type: array
+ x-kubernetes-list-type: atomic
+ required:
+ - key
+ - operator
+ type: object
+ type: array
+ x-kubernetes-list-type: atomic
+ matchFields:
+ items:
+ properties:
+ key:
+ type: string
+ operator:
+ type: string
+ values:
+ items:
+ type: string
+ type: array
+ x-kubernetes-list-type: atomic
+ required:
+ - key
+ - operator
+ type: object
+ type: array
+ x-kubernetes-list-type: atomic
+ type: object
+ x-kubernetes-map-type: atomic
+ weight:
+ format: int32
+ type: integer
+ required:
+ - preference
+ - weight
+ type: object
+ type: array
+ x-kubernetes-list-type: atomic
+ requiredDuringSchedulingIgnoredDuringExecution:
+ properties:
+ nodeSelectorTerms:
+ items:
+ properties:
+ matchExpressions:
+ items:
+ properties:
+ key:
+ type: string
+ operator:
+ type: string
+ values:
+ items:
+ type: string
+ type: array
+ x-kubernetes-list-type: atomic
+ required:
+ - key
+ - operator
+ type: object
+ type: array
+ x-kubernetes-list-type: atomic
+ matchFields:
+ items:
+ properties:
+ key:
+ type: string
+ operator:
+ type: string
+ values:
+ items:
+ type: string
+ type: array
+ x-kubernetes-list-type: atomic
+ required:
+ - key
+ - operator
+ type: object
+ type: array
+ x-kubernetes-list-type: atomic
+ type: object
+ x-kubernetes-map-type: atomic
+ type: array
+ x-kubernetes-list-type: atomic
+ required:
+ - nodeSelectorTerms
+ type: object
+ x-kubernetes-map-type: atomic
+ type: object
+ podAffinity:
+ properties:
+ preferredDuringSchedulingIgnoredDuringExecution:
+ items:
+ properties:
+ podAffinityTerm:
+ properties:
+ labelSelector:
+ properties:
+ matchExpressions:
+ items:
+ properties:
+ key:
+ type: string
+ operator:
+ type: string
+ values:
+ items:
+ type: string
+ type: array
+ x-kubernetes-list-type: atomic
+ required:
+ - key
+ - operator
+ type: object
+ type: array
+ x-kubernetes-list-type: atomic
+ matchLabels:
+ additionalProperties:
+ type: string
+ type: object
+ type: object
+ x-kubernetes-map-type: atomic
+ matchLabelKeys:
+ items:
+ type: string
+ type: array
+ x-kubernetes-list-type: atomic
+ mismatchLabelKeys:
+ items:
+ type: string
+ type: array
+ x-kubernetes-list-type: atomic
+ namespaceSelector:
+ properties:
+ matchExpressions:
+ items:
+ properties:
+ key:
+ type: string
+ operator:
+ type: string
+ values:
+ items:
+ type: string
+ type: array
+ x-kubernetes-list-type: atomic
+ required:
+ - key
+ - operator
+ type: object
+ type: array
+ x-kubernetes-list-type: atomic
+ matchLabels:
+ additionalProperties:
+ type: string
+ type: object
+ type: object
+ x-kubernetes-map-type: atomic
+ namespaces:
+ items:
+ type: string
+ type: array
+ x-kubernetes-list-type: atomic
+ topologyKey:
+ type: string
+ required:
+ - topologyKey
+ type: object
+ weight:
+ format: int32
+ type: integer
+ required:
+ - podAffinityTerm
+ - weight
+ type: object
+ type: array
+ x-kubernetes-list-type: atomic
+ requiredDuringSchedulingIgnoredDuringExecution:
+ items:
+ properties:
+ labelSelector:
+ properties:
+ matchExpressions:
+ items:
+ properties:
+ key:
+ type: string
+ operator:
+ type: string
+ values:
+ items:
+ type: string
+ type: array
+ x-kubernetes-list-type: atomic
+ required:
+ - key
+ - operator
+ type: object
+ type: array
+ x-kubernetes-list-type: atomic
+ matchLabels:
+ additionalProperties:
+ type: string
+ type: object
+ type: object
+ x-kubernetes-map-type: atomic
+ matchLabelKeys:
+ items:
+ type: string
+ type: array
+ x-kubernetes-list-type: atomic
+ mismatchLabelKeys:
+ items:
+ type: string
+ type: array
+ x-kubernetes-list-type: atomic
+ namespaceSelector:
+ properties:
+ matchExpressions:
+ items:
+ properties:
+ key:
+ type: string
+ operator:
+ type: string
+ values:
+ items:
+ type: string
+ type: array
+ x-kubernetes-list-type: atomic
+ required:
+ - key
+ - operator
+ type: object
+ type: array
+ x-kubernetes-list-type: atomic
+ matchLabels:
+ additionalProperties:
+ type: string
+ type: object
+ type: object
+ x-kubernetes-map-type: atomic
+ namespaces:
+ items:
+ type: string
+ type: array
+ x-kubernetes-list-type: atomic
+ topologyKey:
+ type: string
+ required:
+ - topologyKey
+ type: object
+ type: array
+ x-kubernetes-list-type: atomic
+ type: object
+ podAntiAffinity:
+ properties:
+ preferredDuringSchedulingIgnoredDuringExecution:
+ items:
+ properties:
+ podAffinityTerm:
+ properties:
+ labelSelector:
+ properties:
+ matchExpressions:
+ items:
+ properties:
+ key:
+ type: string
+ operator:
+ type: string
+ values:
+ items:
+ type: string
+ type: array
+ x-kubernetes-list-type: atomic
+ required:
+ - key
+ - operator
+ type: object
+ type: array
+ x-kubernetes-list-type: atomic
+ matchLabels:
+ additionalProperties:
+ type: string
+ type: object
+ type: object
+ x-kubernetes-map-type: atomic
+ matchLabelKeys:
+ items:
+ type: string
+ type: array
+ x-kubernetes-list-type: atomic
+ mismatchLabelKeys:
+ items:
+ type: string
+ type: array
+ x-kubernetes-list-type: atomic
+ namespaceSelector:
+ properties:
+ matchExpressions:
+ items:
+ properties:
+ key:
+ type: string
+ operator:
+ type: string
+ values:
+ items:
+ type: string
+ type: array
+ x-kubernetes-list-type: atomic
+ required:
+ - key
+ - operator
+ type: object
+ type: array
+ x-kubernetes-list-type: atomic
+ matchLabels:
+ additionalProperties:
+ type: string
+ type: object
+ type: object
+ x-kubernetes-map-type: atomic
+ namespaces:
+ items:
+ type: string
+ type: array
+ x-kubernetes-list-type: atomic
+ topologyKey:
+ type: string
+ required:
+ - topologyKey
+ type: object
+ weight:
+ format: int32
+ type: integer
+ required:
+ - podAffinityTerm
+ - weight
+ type: object
+ type: array
+ x-kubernetes-list-type: atomic
+ requiredDuringSchedulingIgnoredDuringExecution:
+ items:
+ properties:
+ labelSelector:
+ properties:
+ matchExpressions:
+ items:
+ properties:
+ key:
+ type: string
+ operator:
+ type: string
+ values:
+ items:
+ type: string
+ type: array
+ x-kubernetes-list-type: atomic
+ required:
+ - key
+ - operator
+ type: object
+ type: array
+ x-kubernetes-list-type: atomic
+ matchLabels:
+ additionalProperties:
+ type: string
+ type: object
+ type: object
+ x-kubernetes-map-type: atomic
+ matchLabelKeys:
+ items:
+ type: string
+ type: array
+ x-kubernetes-list-type: atomic
+ mismatchLabelKeys:
+ items:
+ type: string
+ type: array
+ x-kubernetes-list-type: atomic
+ namespaceSelector:
+ properties:
+ matchExpressions:
+ items:
+ properties:
+ key:
+ type: string
+ operator:
+ type: string
+ values:
+ items:
+ type: string
+ type: array
+ x-kubernetes-list-type: atomic
+ required:
+ - key
+ - operator
+ type: object
+ type: array
+ x-kubernetes-list-type: atomic
+ matchLabels:
+ additionalProperties:
+ type: string
+ type: object
+ type: object
+ x-kubernetes-map-type: atomic
+ namespaces:
+ items:
+ type: string
+ type: array
+ x-kubernetes-list-type: atomic
+ topologyKey:
+ type: string
+ required:
+ - topologyKey
+ type: object
+ type: array
+ x-kubernetes-list-type: atomic
+ type: object
+ type: object
+ automountServiceAccountToken:
+ type: boolean
+ containers:
+ items:
+ properties:
+ args:
+ items:
+ type: string
+ type: array
+ x-kubernetes-list-type: atomic
+ command:
+ items:
+ type: string
+ type: array
+ x-kubernetes-list-type: atomic
+ env:
+ items:
+ properties:
+ name:
+ type: string
+ value:
+ type: string
+ valueFrom:
+ properties:
+ configMapKeyRef:
+ properties:
+ key:
+ type: string
+ name:
+ default: ""
+ type: string
+ optional:
+ type: boolean
+ required:
+ - key
+ type: object
+ x-kubernetes-map-type: atomic
+ fieldRef:
+ properties:
+ apiVersion:
+ type: string
+ fieldPath:
+ type: string
+ required:
+ - fieldPath
+ type: object
+ x-kubernetes-map-type: atomic
+ fileKeyRef:
+ properties:
+ key:
+ type: string
+ optional:
+ default: false
+ type: boolean
+ path:
+ type: string
+ volumeName:
+ type: string
+ required:
+ - key
+ - path
+ - volumeName
+ type: object
+ x-kubernetes-map-type: atomic
+ resourceFieldRef:
+ properties:
+ containerName:
+ type: string
+ divisor:
+ anyOf:
+ - type: integer
+ - type: string
+ pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+ x-kubernetes-int-or-string: true
+ resource:
+ type: string
+ required:
+ - resource
+ type: object
+ x-kubernetes-map-type: atomic
+ secretKeyRef:
+ properties:
+ key:
+ type: string
+ name:
+ default: ""
+ type: string
+ optional:
+ type: boolean
+ required:
+ - key
+ type: object
+ x-kubernetes-map-type: atomic
+ type: object
+ required:
+ - name
+ type: object
+ type: array
+ x-kubernetes-list-map-keys:
+ - name
+ x-kubernetes-list-type: map
+ envFrom:
+ items:
+ properties:
+ configMapRef:
+ properties:
+ name:
+ default: ""
+ type: string
+ optional:
+ type: boolean
+ type: object
+ x-kubernetes-map-type: atomic
+ prefix:
+ type: string
+ secretRef:
+ properties:
+ name:
+ default: ""
+ type: string
+ optional:
+ type: boolean
+ type: object
+ x-kubernetes-map-type: atomic
+ type: object
+ type: array
+ x-kubernetes-list-type: atomic
+ image:
+ type: string
+ imagePullPolicy:
+ type: string
+ lifecycle:
+ properties:
+ postStart:
+ properties:
+ exec:
+ properties:
+ command:
+ items:
+ type: string
+ type: array
+ x-kubernetes-list-type: atomic
+ type: object
+ httpGet:
+ properties:
+ host:
+ type: string
+ httpHeaders:
+ items:
+ properties:
+ name:
+ type: string
+ value:
+ type: string
+ required:
+ - name
+ - value
+ type: object
+ type: array
+ x-kubernetes-list-type: atomic
+ path:
+ type: string
+ port:
+ anyOf:
+ - type: integer
+ - type: string
+ x-kubernetes-int-or-string: true
+ scheme:
+ type: string
+ required:
+ - port
+ type: object
+ sleep:
+ properties:
+ seconds:
+ format: int64
+ type: integer
+ required:
+ - seconds
+ type: object
+ tcpSocket:
+ properties:
+ host:
+ type: string
+ port:
+ anyOf:
+ - type: integer
+ - type: string
+ x-kubernetes-int-or-string: true
+ required:
+ - port
+ type: object
+ type: object
+ preStop:
+ properties:
+ exec:
+ properties:
+ command:
+ items:
+ type: string
+ type: array
+ x-kubernetes-list-type: atomic
+ type: object
+ httpGet:
+ properties:
+ host:
+ type: string
+ httpHeaders:
+ items:
+ properties:
+ name:
+ type: string
+ value:
+ type: string
+ required:
+ - name
+ - value
+ type: object
+ type: array
+ x-kubernetes-list-type: atomic
+ path:
+ type: string
+ port:
+ anyOf:
+ - type: integer
+ - type: string
+ x-kubernetes-int-or-string: true
+ scheme:
+ type: string
+ required:
+ - port
+ type: object
+ sleep:
+ properties:
+ seconds:
+ format: int64
+ type: integer
+ required:
+ - seconds
+ type: object
+ tcpSocket:
+ properties:
+ host:
+ type: string
+ port:
+ anyOf:
+ - type: integer
+ - type: string
+ x-kubernetes-int-or-string: true
+ required:
+ - port
+ type: object
+ type: object
+ stopSignal:
+ type: string
+ type: object
+ livenessProbe:
+ properties:
+ exec:
+ properties:
+ command:
+ items:
+ type: string
+ type: array
+ x-kubernetes-list-type: atomic
+ type: object
+ failureThreshold:
+ format: int32
+ type: integer
+ grpc:
+ properties:
+ port:
+ format: int32
+ type: integer
+ service:
+ default: ""
+ type: string
+ required:
+ - port
+ type: object
+ httpGet:
+ properties:
+ host:
+ type: string
+ httpHeaders:
+ items:
+ properties:
+ name:
+ type: string
+ value:
+ type: string
+ required:
+ - name
+ - value
+ type: object
+ type: array
+ x-kubernetes-list-type: atomic
+ path:
+ type: string
+ port:
+ anyOf:
+ - type: integer
+ - type: string
+ x-kubernetes-int-or-string: true
+ scheme:
+ type: string
+ required:
+ - port
+ type: object
+ initialDelaySeconds:
+ format: int32
+ type: integer
+ periodSeconds:
+ format: int32
+ type: integer
+ successThreshold:
+ format: int32
+ type: integer
+ tcpSocket:
+ properties:
+ host:
+ type: string
+ port:
+ anyOf:
+ - type: integer
+ - type: string
+ x-kubernetes-int-or-string: true
+ required:
+ - port
+ type: object
+ terminationGracePeriodSeconds:
+ format: int64
+ type: integer
+ timeoutSeconds:
+ format: int32
+ type: integer
+ type: object
+ name:
+ type: string
+ ports:
+ items:
+ properties:
+ containerPort:
+ format: int32
+ type: integer
+ hostIP:
+ type: string
+ hostPort:
+ format: int32
+ type: integer
+ name:
+ type: string
+ protocol:
+ default: TCP
+ type: string
+ required:
+ - containerPort
+ type: object
+ type: array
+ x-kubernetes-list-map-keys:
+ - containerPort
+ - protocol
+ x-kubernetes-list-type: map
+ readinessProbe:
+ properties:
+ exec:
+ properties:
+ command:
+ items:
+ type: string
+ type: array
+ x-kubernetes-list-type: atomic
+ type: object
+ failureThreshold:
+ format: int32
+ type: integer
+ grpc:
+ properties:
+ port:
+ format: int32
+ type: integer
+ service:
+ default: ""
+ type: string
+ required:
+ - port
+ type: object
+ httpGet:
+ properties:
+ host:
+ type: string
+ httpHeaders:
+ items:
+ properties:
+ name:
+ type: string
+ value:
+ type: string
+ required:
+ - name
+ - value
+ type: object
+ type: array
+ x-kubernetes-list-type: atomic
+ path:
+ type: string
+ port:
+ anyOf:
+ - type: integer
+ - type: string
+ x-kubernetes-int-or-string: true
+ scheme:
+ type: string
+ required:
+ - port
+ type: object
+ initialDelaySeconds:
+ format: int32
+ type: integer
+ periodSeconds:
+ format: int32
+ type: integer
+ successThreshold:
+ format: int32
+ type: integer
+ tcpSocket:
+ properties:
+ host:
+ type: string
+ port:
+ anyOf:
+ - type: integer
+ - type: string
+ x-kubernetes-int-or-string: true
+ required:
+ - port
+ type: object
+ terminationGracePeriodSeconds:
+ format: int64
+ type: integer
+ timeoutSeconds:
+ format: int32
+ type: integer
+ type: object
+ resizePolicy:
+ items:
+ properties:
+ resourceName:
+ type: string
+ restartPolicy:
+ type: string
+ required:
+ - resourceName
+ - restartPolicy
+ type: object
+ type: array
+ x-kubernetes-list-type: atomic
+ resources:
+ properties:
+ claims:
+ items:
+ properties:
+ name:
+ type: string
+ request:
+ type: string
+ required:
+ - name
+ type: object
+ type: array
+ x-kubernetes-list-map-keys:
+ - name
+ x-kubernetes-list-type: map
+ limits:
+ additionalProperties:
+ anyOf:
+ - type: integer
+ - type: string
+ pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+ x-kubernetes-int-or-string: true
+ type: object
+ requests:
+ additionalProperties:
+ anyOf:
+ - type: integer
+ - type: string
+ pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+ x-kubernetes-int-or-string: true
+ type: object
+ type: object
+ restartPolicy:
+ type: string
+ restartPolicyRules:
+ items:
+ properties:
+ action:
+ type: string
+ exitCodes:
+ properties:
+ operator:
+ type: string
+ values:
+ items:
+ format: int32
+ type: integer
+ type: array
+ x-kubernetes-list-type: set
+ required:
+ - operator
+ type: object
+ required:
+ - action
+ type: object
+ type: array
+ x-kubernetes-list-type: atomic
+ securityContext:
+ properties:
+ allowPrivilegeEscalation:
+ type: boolean
+ appArmorProfile:
+ properties:
+ localhostProfile:
+ type: string
+ type:
+ type: string
+ required:
+ - type
+ type: object
+ capabilities:
+ properties:
+ add:
+ items:
+ type: string
+ type: array
+ x-kubernetes-list-type: atomic
+ drop:
+ items:
+ type: string
+ type: array
+ x-kubernetes-list-type: atomic
+ type: object
+ privileged:
+ type: boolean
+ procMount:
+ type: string
+ readOnlyRootFilesystem:
+ type: boolean
+ runAsGroup:
+ format: int64
+ type: integer
+ runAsNonRoot:
+ type: boolean
+ runAsUser:
+ format: int64
+ type: integer
+ seLinuxOptions:
+ properties:
+ level:
+ type: string
+ role:
+ type: string
+ type:
+ type: string
+ user:
+ type: string
+ type: object
+ seccompProfile:
+ properties:
+ localhostProfile:
+ type: string
+ type:
+ type: string
+ required:
+ - type
+ type: object
+ windowsOptions:
+ properties:
+ gmsaCredentialSpec:
+ type: string
+ gmsaCredentialSpecName:
+ type: string
+ hostProcess:
+ type: boolean
+ runAsUserName:
+ type: string
+ type: object
+ type: object
+ startupProbe:
+ properties:
+ exec:
+ properties:
+ command:
+ items:
+ type: string
+ type: array
+ x-kubernetes-list-type: atomic
+ type: object
+ failureThreshold:
+ format: int32
+ type: integer
+ grpc:
+ properties:
+ port:
+ format: int32
+ type: integer
+ service:
+ default: ""
+ type: string
+ required:
+ - port
+ type: object
+ httpGet:
+ properties:
+ host:
+ type: string
+ httpHeaders:
+ items:
+ properties:
+ name:
+ type: string
+ value:
+ type: string
+ required:
+ - name
+ - value
+ type: object
+ type: array
+ x-kubernetes-list-type: atomic
+ path:
+ type: string
+ port:
+ anyOf:
+ - type: integer
+ - type: string
+ x-kubernetes-int-or-string: true
+ scheme:
+ type: string
+ required:
+ - port
+ type: object
+ initialDelaySeconds:
+ format: int32
+ type: integer
+ periodSeconds:
+ format: int32
+ type: integer
+ successThreshold:
+ format: int32
+ type: integer
+ tcpSocket:
+ properties:
+ host:
+ type: string
+ port:
+ anyOf:
+ - type: integer
+ - type: string
+ x-kubernetes-int-or-string: true
+ required:
+ - port
+ type: object
+ terminationGracePeriodSeconds:
+ format: int64
+ type: integer
+ timeoutSeconds:
+ format: int32
+ type: integer
+ type: object
+ stdin:
+ type: boolean
+ stdinOnce:
+ type: boolean
+ terminationMessagePath:
+ type: string
+ terminationMessagePolicy:
+ type: string
+ tty:
+ type: boolean
+ volumeDevices:
+ items:
+ properties:
+ devicePath:
+ type: string
+ name:
+ type: string
+ required:
+ - devicePath
+ - name
+ type: object
+ type: array
+ x-kubernetes-list-map-keys:
+ - devicePath
+ x-kubernetes-list-type: map
+ volumeMounts:
+ items:
+ properties:
+ mountPath:
+ type: string
+ mountPropagation:
+ type: string
+ name:
+ type: string
+ readOnly:
+ type: boolean
+ recursiveReadOnly:
+ type: string
+ subPath:
+ type: string
+ subPathExpr:
+ type: string
+ required:
+ - mountPath
+ - name
+ type: object
+ type: array
+ x-kubernetes-list-map-keys:
+ - mountPath
+ x-kubernetes-list-type: map
+ workingDir:
+ type: string
+ required:
+ - name
+ type: object
+ type: array
+ dnsConfig:
+ properties:
+ nameservers:
+ items:
+ type: string
+ type: array
+ x-kubernetes-list-type: atomic
+ options:
+ items:
+ properties:
+ name:
+ type: string
+ value:
+ type: string
+ type: object
+ type: array
+ x-kubernetes-list-type: atomic
+ searches:
+ items:
+ type: string
+ type: array
+ x-kubernetes-list-type: atomic
+ type: object
+ dnsPolicy:
+ type: string
+ enableServiceLinks:
+ type: boolean
+ ephemeralContainers:
+ items:
+ properties:
+ args:
+ items:
+ type: string
+ type: array
+ x-kubernetes-list-type: atomic
+ command:
+ items:
+ type: string
+ type: array
+ x-kubernetes-list-type: atomic
+ env:
+ items:
+ properties:
+ name:
+ type: string
+ value:
+ type: string
+ valueFrom:
+ properties:
+ configMapKeyRef:
+ properties:
+ key:
+ type: string
+ name:
+ default: ""
+ type: string
+ optional:
+ type: boolean
+ required:
+ - key
+ type: object
+ x-kubernetes-map-type: atomic
+ fieldRef:
+ properties:
+ apiVersion:
+ type: string
+ fieldPath:
+ type: string
+ required:
+ - fieldPath
+ type: object
+ x-kubernetes-map-type: atomic
+ fileKeyRef:
+ properties:
+ key:
+ type: string
+ optional:
+ default: false
+ type: boolean
+ path:
+ type: string
+ volumeName:
+ type: string
+ required:
+ - key
+ - path
+ - volumeName
+ type: object
+ x-kubernetes-map-type: atomic
+ resourceFieldRef:
+ properties:
+ containerName:
+ type: string
+ divisor:
+ anyOf:
+ - type: integer
+ - type: string
+ pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+ x-kubernetes-int-or-string: true
+ resource:
+ type: string
+ required:
+ - resource
+ type: object
+ x-kubernetes-map-type: atomic
+ secretKeyRef:
+ properties:
+ key:
+ type: string
+ name:
+ default: ""
+ type: string
+ optional:
+ type: boolean
+ required:
+ - key
+ type: object
+ x-kubernetes-map-type: atomic
+ type: object
+ required:
+ - name
+ type: object
+ type: array
+ x-kubernetes-list-map-keys:
+ - name
+ x-kubernetes-list-type: map
+ envFrom:
+ items:
+ properties:
+ configMapRef:
+ properties:
+ name:
+ default: ""
+ type: string
+ optional:
+ type: boolean
+ type: object
+ x-kubernetes-map-type: atomic
+ prefix:
+ type: string
+ secretRef:
+ properties:
+ name:
+ default: ""
+ type: string
+ optional:
+ type: boolean
+ type: object
+ x-kubernetes-map-type: atomic
+ type: object
+ type: array
+ x-kubernetes-list-type: atomic
+ image:
+ type: string
+ imagePullPolicy:
+ type: string
+ lifecycle:
+ properties:
+ postStart:
+ properties:
+ exec:
+ properties:
+ command:
+ items:
+ type: string
+ type: array
+ x-kubernetes-list-type: atomic
+ type: object
+ httpGet:
+ properties:
+ host:
+ type: string
+ httpHeaders:
+ items:
+ properties:
+ name:
+ type: string
+ value:
+ type: string
+ required:
+ - name
+ - value
+ type: object
+ type: array
+ x-kubernetes-list-type: atomic
+ path:
+ type: string
+ port:
+ anyOf:
+ - type: integer
+ - type: string
+ x-kubernetes-int-or-string: true
+ scheme:
+ type: string
+ required:
+ - port
+ type: object
+ sleep:
+ properties:
+ seconds:
+ format: int64
+ type: integer
+ required:
+ - seconds
+ type: object
+ tcpSocket:
+ properties:
+ host:
+ type: string
+ port:
+ anyOf:
+ - type: integer
+ - type: string
+ x-kubernetes-int-or-string: true
+ required:
+ - port
+ type: object
+ type: object
+ preStop:
+ properties:
+ exec:
+ properties:
+ command:
+ items:
+ type: string
+ type: array
+ x-kubernetes-list-type: atomic
+ type: object
+ httpGet:
+ properties:
+ host:
+ type: string
+ httpHeaders:
+ items:
+ properties:
+ name:
+ type: string
+ value:
+ type: string
+ required:
+ - name
+ - value
+ type: object
+ type: array
+ x-kubernetes-list-type: atomic
+ path:
+ type: string
+ port:
+ anyOf:
+ - type: integer
+ - type: string
+ x-kubernetes-int-or-string: true
+ scheme:
+ type: string
+ required:
+ - port
+ type: object
+ sleep:
+ properties:
+ seconds:
+ format: int64
+ type: integer
+ required:
+ - seconds
+ type: object
+ tcpSocket:
+ properties:
+ host:
+ type: string
+ port:
+ anyOf:
+ - type: integer
+ - type: string
+ x-kubernetes-int-or-string: true
+ required:
+ - port
+ type: object
+ type: object
+ stopSignal:
+ type: string
+ type: object
+ livenessProbe:
+ properties:
+ exec:
+ properties:
+ command:
+ items:
+ type: string
+ type: array
+ x-kubernetes-list-type: atomic
+ type: object
+ failureThreshold:
+ format: int32
+ type: integer
+ grpc:
+ properties:
+ port:
+ format: int32
+ type: integer
+ service:
+ default: ""
+ type: string
+ required:
+ - port
+ type: object
+ httpGet:
+ properties:
+ host:
+ type: string
+ httpHeaders:
+ items:
+ properties:
+ name:
+ type: string
+ value:
+ type: string
+ required:
+ - name
+ - value
+ type: object
+ type: array
+ x-kubernetes-list-type: atomic
+ path:
+ type: string
+ port:
+ anyOf:
+ - type: integer
+ - type: string
+ x-kubernetes-int-or-string: true
+ scheme:
+ type: string
+ required:
+ - port
+ type: object
+ initialDelaySeconds:
+ format: int32
+ type: integer
+ periodSeconds:
+ format: int32
+ type: integer
+ successThreshold:
+ format: int32
+ type: integer
+ tcpSocket:
+ properties:
+ host:
+ type: string
+ port:
+ anyOf:
+ - type: integer
+ - type: string
+ x-kubernetes-int-or-string: true
+ required:
+ - port
+ type: object
+ terminationGracePeriodSeconds:
+ format: int64
+ type: integer
+ timeoutSeconds:
+ format: int32
+ type: integer
+ type: object
+ name:
+ type: string
+ ports:
+ items:
+ properties:
+ containerPort:
+ format: int32
+ type: integer
+ hostIP:
+ type: string
+ hostPort:
+ format: int32
+ type: integer
+ name:
+ type: string
+ protocol:
+ default: TCP
+ type: string
+ required:
+ - containerPort
+ type: object
+ type: array
+ x-kubernetes-list-map-keys:
+ - containerPort
+ - protocol
+ x-kubernetes-list-type: map
+ readinessProbe:
+ properties:
+ exec:
+ properties:
+ command:
+ items:
+ type: string
+ type: array
+ x-kubernetes-list-type: atomic
+ type: object
+ failureThreshold:
+ format: int32
+ type: integer
+ grpc:
+ properties:
+ port:
+ format: int32
+ type: integer
+ service:
+ default: ""
+ type: string
+ required:
+ - port
+ type: object
+ httpGet:
+ properties:
+ host:
+ type: string
+ httpHeaders:
+ items:
+ properties:
+ name:
+ type: string
+ value:
+ type: string
+ required:
+ - name
+ - value
+ type: object
+ type: array
+ x-kubernetes-list-type: atomic
+ path:
+ type: string
+ port:
+ anyOf:
+ - type: integer
+ - type: string
+ x-kubernetes-int-or-string: true
+ scheme:
+ type: string
+ required:
+ - port
+ type: object
+ initialDelaySeconds:
+ format: int32
+ type: integer
+ periodSeconds:
+ format: int32
+ type: integer
+ successThreshold:
+ format: int32
+ type: integer
+ tcpSocket:
+ properties:
+ host:
+ type: string
+ port:
+ anyOf:
+ - type: integer
+ - type: string
+ x-kubernetes-int-or-string: true
+ required:
+ - port
+ type: object
+ terminationGracePeriodSeconds:
+ format: int64
+ type: integer
+ timeoutSeconds:
+ format: int32
+ type: integer
+ type: object
+ resizePolicy:
+ items:
+ properties:
+ resourceName:
+ type: string
+ restartPolicy:
+ type: string
+ required:
+ - resourceName
+ - restartPolicy
+ type: object
+ type: array
+ x-kubernetes-list-type: atomic
+ resources:
+ properties:
+ claims:
+ items:
+ properties:
+ name:
+ type: string
+ request:
+ type: string
+ required:
+ - name
+ type: object
+ type: array
+ x-kubernetes-list-map-keys:
+ - name
+ x-kubernetes-list-type: map
+ limits:
+ additionalProperties:
+ anyOf:
+ - type: integer
+ - type: string
+ pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+ x-kubernetes-int-or-string: true
+ type: object
+ requests:
+ additionalProperties:
+ anyOf:
+ - type: integer
+ - type: string
+ pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+ x-kubernetes-int-or-string: true
+ type: object
+ type: object
+ restartPolicy:
+ type: string
+ restartPolicyRules:
+ items:
+ properties:
+ action:
+ type: string
+ exitCodes:
+ properties:
+ operator:
+ type: string
+ values:
+ items:
+ format: int32
+ type: integer
+ type: array
+ x-kubernetes-list-type: set
+ required:
+ - operator
+ type: object
+ required:
+ - action
+ type: object
+ type: array
+ x-kubernetes-list-type: atomic
+ securityContext:
+ properties:
+ allowPrivilegeEscalation:
+ type: boolean
+ appArmorProfile:
+ properties:
+ localhostProfile:
+ type: string
+ type:
+ type: string
+ required:
+ - type
+ type: object
+ capabilities:
+ properties:
+ add:
+ items:
+ type: string
+ type: array
+ x-kubernetes-list-type: atomic
+ drop:
+ items:
+ type: string
+ type: array
+ x-kubernetes-list-type: atomic
+ type: object
+ privileged:
+ type: boolean
+ procMount:
+ type: string
+ readOnlyRootFilesystem:
+ type: boolean
+ runAsGroup:
+ format: int64
+ type: integer
+ runAsNonRoot:
+ type: boolean
+ runAsUser:
+ format: int64
+ type: integer
+ seLinuxOptions:
+ properties:
+ level:
+ type: string
+ role:
+ type: string
+ type:
+ type: string
+ user:
+ type: string
+ type: object
+ seccompProfile:
+ properties:
+ localhostProfile:
+ type: string
+ type:
+ type: string
+ required:
+ - type
+ type: object
+ windowsOptions:
+ properties:
+ gmsaCredentialSpec:
+ type: string
+ gmsaCredentialSpecName:
+ type: string
+ hostProcess:
+ type: boolean
+ runAsUserName:
+ type: string
+ type: object
+ type: object
+ startupProbe:
+ properties:
+ exec:
+ properties:
+ command:
+ items:
+ type: string
+ type: array
+ x-kubernetes-list-type: atomic
+ type: object
+ failureThreshold:
+ format: int32
+ type: integer
+ grpc:
+ properties:
+ port:
+ format: int32
+ type: integer
+ service:
+ default: ""
+ type: string
+ required:
+ - port
+ type: object
+ httpGet:
+ properties:
+ host:
+ type: string
+ httpHeaders:
+ items:
+ properties:
+ name:
+ type: string
+ value:
+ type: string
+ required:
+ - name
+ - value
+ type: object
+ type: array
+ x-kubernetes-list-type: atomic
+ path:
+ type: string
+ port:
+ anyOf:
+ - type: integer
+ - type: string
+ x-kubernetes-int-or-string: true
+ scheme:
+ type: string
+ required:
+ - port
+ type: object
+ initialDelaySeconds:
+ format: int32
+ type: integer
+ periodSeconds:
+ format: int32
+ type: integer
+ successThreshold:
+ format: int32
+ type: integer
+ tcpSocket:
+ properties:
+ host:
+ type: string
+ port:
+ anyOf:
+ - type: integer
+ - type: string
+ x-kubernetes-int-or-string: true
+ required:
+ - port
+ type: object
+ terminationGracePeriodSeconds:
+ format: int64
+ type: integer
+ timeoutSeconds:
+ format: int32
+ type: integer
+ type: object
+ stdin:
+ type: boolean
+ stdinOnce:
+ type: boolean
+ targetContainerName:
+ type: string
+ terminationMessagePath:
+ type: string
+ terminationMessagePolicy:
+ type: string
+ tty:
+ type: boolean
+ volumeDevices:
+ items:
+ properties:
+ devicePath:
+ type: string
+ name:
+ type: string
+ required:
+ - devicePath
+ - name
+ type: object
+ type: array
+ x-kubernetes-list-map-keys:
+ - devicePath
+ x-kubernetes-list-type: map
+ volumeMounts:
+ items:
+ properties:
+ mountPath:
+ type: string
+ mountPropagation:
+ type: string
+ name:
+ type: string
+ readOnly:
+ type: boolean
+ recursiveReadOnly:
+ type: string
+ subPath:
+ type: string
+ subPathExpr:
+ type: string
+ required:
+ - mountPath
+ - name
+ type: object
+ type: array
+ x-kubernetes-list-map-keys:
+ - mountPath
+ x-kubernetes-list-type: map
+ workingDir:
+ type: string
+ required:
+ - name
+ type: object
+ type: array
+ hostAliases:
+ items:
+ properties:
+ hostnames:
+ items:
+ type: string
+ type: array
+ x-kubernetes-list-type: atomic
+ ip:
+ type: string
+ required:
+ - ip
+ type: object
+ type: array
+ hostIPC:
+ type: boolean
+ hostNetwork:
+ type: boolean
+ hostPID:
+ type: boolean
+ hostUsers:
+ type: boolean
+ hostname:
+ type: string
+ imagePullSecrets:
+ items:
+ properties:
+ name:
+ default: ""
+ type: string
+ type: object
+ x-kubernetes-map-type: atomic
+ type: array
+ initContainers:
+ items:
+ properties:
+ args:
+ items:
+ type: string
+ type: array
+ x-kubernetes-list-type: atomic
+ command:
+ items:
+ type: string
+ type: array
+ x-kubernetes-list-type: atomic
+ env:
+ items:
+ properties:
+ name:
+ type: string
+ value:
+ type: string
+ valueFrom:
+ properties:
+ configMapKeyRef:
+ properties:
+ key:
+ type: string
+ name:
+ default: ""
+ type: string
+ optional:
+ type: boolean
+ required:
+ - key
+ type: object
+ x-kubernetes-map-type: atomic
+ fieldRef:
+ properties:
+ apiVersion:
+ type: string
+ fieldPath:
+ type: string
+ required:
+ - fieldPath
+ type: object
+ x-kubernetes-map-type: atomic
+ fileKeyRef:
+ properties:
+ key:
+ type: string
+ optional:
+ default: false
+ type: boolean
+ path:
+ type: string
+ volumeName:
+ type: string
+ required:
+ - key
+ - path
+ - volumeName
+ type: object
+ x-kubernetes-map-type: atomic
+ resourceFieldRef:
+ properties:
+ containerName:
+ type: string
+ divisor:
+ anyOf:
+ - type: integer
+ - type: string
+ pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+ x-kubernetes-int-or-string: true
+ resource:
+ type: string
+ required:
+ - resource
+ type: object
+ x-kubernetes-map-type: atomic
+ secretKeyRef:
+ properties:
+ key:
+ type: string
+ name:
+ default: ""
+ type: string
+ optional:
+ type: boolean
+ required:
+ - key
+ type: object
+ x-kubernetes-map-type: atomic
+ type: object
+ required:
+ - name
+ type: object
+ type: array
+ x-kubernetes-list-map-keys:
+ - name
+ x-kubernetes-list-type: map
+ envFrom:
+ items:
+ properties:
+ configMapRef:
+ properties:
+ name:
+ default: ""
+ type: string
+ optional:
+ type: boolean
+ type: object
+ x-kubernetes-map-type: atomic
+ prefix:
+ type: string
+ secretRef:
+ properties:
+ name:
+ default: ""
+ type: string
+ optional:
+ type: boolean
+ type: object
+ x-kubernetes-map-type: atomic
+ type: object
+ type: array
+ x-kubernetes-list-type: atomic
+ image:
+ type: string
+ imagePullPolicy:
+ type: string
+ lifecycle:
+ properties:
+ postStart:
+ properties:
+ exec:
+ properties:
+ command:
+ items:
+ type: string
+ type: array
+ x-kubernetes-list-type: atomic
+ type: object
+ httpGet:
+ properties:
+ host:
+ type: string
+ httpHeaders:
+ items:
+ properties:
+ name:
+ type: string
+ value:
+ type: string
+ required:
+ - name
+ - value
+ type: object
+ type: array
+ x-kubernetes-list-type: atomic
+ path:
+ type: string
+ port:
+ anyOf:
+ - type: integer
+ - type: string
+ x-kubernetes-int-or-string: true
+ scheme:
+ type: string
+ required:
+ - port
+ type: object
+ sleep:
+ properties:
+ seconds:
+ format: int64
+ type: integer
+ required:
+ - seconds
+ type: object
+ tcpSocket:
+ properties:
+ host:
+ type: string
+ port:
+ anyOf:
+ - type: integer
+ - type: string
+ x-kubernetes-int-or-string: true
+ required:
+ - port
+ type: object
+ type: object
+ preStop:
+ properties:
+ exec:
+ properties:
+ command:
+ items:
+ type: string
+ type: array
+ x-kubernetes-list-type: atomic
+ type: object
+ httpGet:
+ properties:
+ host:
+ type: string
+ httpHeaders:
+ items:
+ properties:
+ name:
+ type: string
+ value:
+ type: string
+ required:
+ - name
+ - value
+ type: object
+ type: array
+ x-kubernetes-list-type: atomic
+ path:
+ type: string
+ port:
+ anyOf:
+ - type: integer
+ - type: string
+ x-kubernetes-int-or-string: true
+ scheme:
+ type: string
+ required:
+ - port
+ type: object
+ sleep:
+ properties:
+ seconds:
+ format: int64
+ type: integer
+ required:
+ - seconds
+ type: object
+ tcpSocket:
+ properties:
+ host:
+ type: string
+ port:
+ anyOf:
+ - type: integer
+ - type: string
+ x-kubernetes-int-or-string: true
+ required:
+ - port
+ type: object
+ type: object
+ stopSignal:
+ type: string
+ type: object
+ livenessProbe:
+ properties:
+ exec:
+ properties:
+ command:
+ items:
+ type: string
+ type: array
+ x-kubernetes-list-type: atomic
+ type: object
+ failureThreshold:
+ format: int32
+ type: integer
+ grpc:
+ properties:
+ port:
+ format: int32
+ type: integer
+ service:
+ default: ""
+ type: string
+ required:
+ - port
+ type: object
+ httpGet:
+ properties:
+ host:
+ type: string
+ httpHeaders:
+ items:
+ properties:
+ name:
+ type: string
+ value:
+ type: string
+ required:
+ - name
+ - value
+ type: object
+ type: array
+ x-kubernetes-list-type: atomic
+ path:
+ type: string
+ port:
+ anyOf:
+ - type: integer
+ - type: string
+ x-kubernetes-int-or-string: true
+ scheme:
+ type: string
+ required:
+ - port
+ type: object
+ initialDelaySeconds:
+ format: int32
+ type: integer
+ periodSeconds:
+ format: int32
+ type: integer
+ successThreshold:
+ format: int32
+ type: integer
+ tcpSocket:
+ properties:
+ host:
+ type: string
+ port:
+ anyOf:
+ - type: integer
+ - type: string
+ x-kubernetes-int-or-string: true
+ required:
+ - port
+ type: object
+ terminationGracePeriodSeconds:
+ format: int64
+ type: integer
+ timeoutSeconds:
+ format: int32
+ type: integer
+ type: object
+ name:
+ type: string
+ ports:
+ items:
+ properties:
+ containerPort:
+ format: int32
+ type: integer
+ hostIP:
+ type: string
+ hostPort:
+ format: int32
+ type: integer
+ name:
+ type: string
+ protocol:
+ default: TCP
+ type: string
+ required:
+ - containerPort
+ type: object
+ type: array
+ x-kubernetes-list-map-keys:
+ - containerPort
+ - protocol
+ x-kubernetes-list-type: map
+ readinessProbe:
+ properties:
+ exec:
+ properties:
+ command:
+ items:
+ type: string
+ type: array
+ x-kubernetes-list-type: atomic
+ type: object
+ failureThreshold:
+ format: int32
+ type: integer
+ grpc:
+ properties:
+ port:
+ format: int32
+ type: integer
+ service:
+ default: ""
+ type: string
+ required:
+ - port
+ type: object
+ httpGet:
+ properties:
+ host:
+ type: string
+ httpHeaders:
+ items:
+ properties:
+ name:
+ type: string
+ value:
+ type: string
+ required:
+ - name
+ - value
+ type: object
+ type: array
+ x-kubernetes-list-type: atomic
+ path:
+ type: string
+ port:
+ anyOf:
+ - type: integer
+ - type: string
+ x-kubernetes-int-or-string: true
+ scheme:
+ type: string
+ required:
+ - port
+ type: object
+ initialDelaySeconds:
+ format: int32
+ type: integer
+ periodSeconds:
+ format: int32
+ type: integer
+ successThreshold:
+ format: int32
+ type: integer
+ tcpSocket:
+ properties:
+ host:
+ type: string
+ port:
+ anyOf:
+ - type: integer
+ - type: string
+ x-kubernetes-int-or-string: true
+ required:
+ - port
+ type: object
+ terminationGracePeriodSeconds:
+ format: int64
+ type: integer
+ timeoutSeconds:
+ format: int32
+ type: integer
+ type: object
+ resizePolicy:
+ items:
+ properties:
+ resourceName:
+ type: string
+ restartPolicy:
+ type: string
+ required:
+ - resourceName
+ - restartPolicy
+ type: object
+ type: array
+ x-kubernetes-list-type: atomic
+ resources:
+ properties:
+ claims:
+ items:
+ properties:
+ name:
+ type: string
+ request:
+ type: string
+ required:
+ - name
+ type: object
+ type: array
+ x-kubernetes-list-map-keys:
+ - name
+ x-kubernetes-list-type: map
+ limits:
+ additionalProperties:
+ anyOf:
+ - type: integer
+ - type: string
+ pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+ x-kubernetes-int-or-string: true
+ type: object
+ requests:
+ additionalProperties:
+ anyOf:
+ - type: integer
+ - type: string
+ pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+ x-kubernetes-int-or-string: true
+ type: object
+ type: object
+ restartPolicy:
+ type: string
+ restartPolicyRules:
+ items:
+ properties:
+ action:
+ type: string
+ exitCodes:
+ properties:
+ operator:
+ type: string
+ values:
+ items:
+ format: int32
+ type: integer
+ type: array
+ x-kubernetes-list-type: set
+ required:
+ - operator
+ type: object
+ required:
+ - action
+ type: object
+ type: array
+ x-kubernetes-list-type: atomic
+ securityContext:
+ properties:
+ allowPrivilegeEscalation:
+ type: boolean
+ appArmorProfile:
+ properties:
+ localhostProfile:
+ type: string
+ type:
+ type: string
+ required:
+ - type
+ type: object
+ capabilities:
+ properties:
+ add:
+ items:
+ type: string
+ type: array
+ x-kubernetes-list-type: atomic
+ drop:
+ items:
+ type: string
+ type: array
+ x-kubernetes-list-type: atomic
+ type: object
+ privileged:
+ type: boolean
+ procMount:
+ type: string
+ readOnlyRootFilesystem:
+ type: boolean
+ runAsGroup:
+ format: int64
+ type: integer
+ runAsNonRoot:
+ type: boolean
+ runAsUser:
+ format: int64
+ type: integer
+ seLinuxOptions:
+ properties:
+ level:
+ type: string
+ role:
+ type: string
+ type:
+ type: string
+ user:
+ type: string
+ type: object
+ seccompProfile:
+ properties:
+ localhostProfile:
+ type: string
+ type:
+ type: string
+ required:
+ - type
+ type: object
+ windowsOptions:
+ properties:
+ gmsaCredentialSpec:
+ type: string
+ gmsaCredentialSpecName:
+ type: string
+ hostProcess:
+ type: boolean
+ runAsUserName:
+ type: string
+ type: object
+ type: object
+ startupProbe:
+ properties:
+ exec:
+ properties:
+ command:
+ items:
+ type: string
+ type: array
+ x-kubernetes-list-type: atomic
+ type: object
+ failureThreshold:
+ format: int32
+ type: integer
+ grpc:
+ properties:
+ port:
+ format: int32
+ type: integer
+ service:
+ default: ""
+ type: string
+ required:
+ - port
+ type: object
+ httpGet:
+ properties:
+ host:
+ type: string
+ httpHeaders:
+ items:
+ properties:
+ name:
+ type: string
+ value:
+ type: string
+ required:
+ - name
+ - value
+ type: object
+ type: array
+ x-kubernetes-list-type: atomic
+ path:
+ type: string
+ port:
+ anyOf:
+ - type: integer
+ - type: string
+ x-kubernetes-int-or-string: true
+ scheme:
+ type: string
+ required:
+ - port
+ type: object
+ initialDelaySeconds:
+ format: int32
+ type: integer
+ periodSeconds:
+ format: int32
+ type: integer
+ successThreshold:
+ format: int32
+ type: integer
+ tcpSocket:
+ properties:
+ host:
+ type: string
+ port:
+ anyOf:
+ - type: integer
+ - type: string
+ x-kubernetes-int-or-string: true
+ required:
+ - port
+ type: object
+ terminationGracePeriodSeconds:
+ format: int64
+ type: integer
+ timeoutSeconds:
+ format: int32
+ type: integer
+ type: object
+ stdin:
+ type: boolean
+ stdinOnce:
+ type: boolean
+ terminationMessagePath:
+ type: string
+ terminationMessagePolicy:
+ type: string
+ tty:
+ type: boolean
+ volumeDevices:
+ items:
+ properties:
+ devicePath:
+ type: string
+ name:
+ type: string
+ required:
+ - devicePath
+ - name
+ type: object
+ type: array
+ x-kubernetes-list-map-keys:
+ - devicePath
+ x-kubernetes-list-type: map
+ volumeMounts:
+ items:
+ properties:
+ mountPath:
+ type: string
+ mountPropagation:
+ type: string
+ name:
+ type: string
+ readOnly:
+ type: boolean
+ recursiveReadOnly:
+ type: string
+ subPath:
+ type: string
+ subPathExpr:
+ type: string
+ required:
+ - mountPath
+ - name
+ type: object
+ type: array
+ x-kubernetes-list-map-keys:
+ - mountPath
+ x-kubernetes-list-type: map
+ workingDir:
+ type: string
+ required:
+ - name
+ type: object
+ type: array
+ nodeName:
+ type: string
+ nodeSelector:
+ additionalProperties:
+ type: string
+ type: object
+ x-kubernetes-map-type: atomic
+ os:
+ properties:
+ name:
+ type: string
+ required:
+ - name
+ type: object
+ overhead:
+ additionalProperties:
+ anyOf:
+ - type: integer
+ - type: string
+ pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+ x-kubernetes-int-or-string: true
+ type: object
+ preemptionPolicy:
+ type: string
+ priority:
+ format: int32
+ type: integer
+ priorityClassName:
+ type: string
+ readinessGates:
+ items:
+ properties:
+ conditionType:
+ type: string
+ required:
+ - conditionType
+ type: object
+ type: array
+ restartPolicy:
+ type: string
+ runtimeClassName:
+ type: string
+ schedulerName:
+ type: string
+ securityContext:
+ properties:
+ appArmorProfile:
+ properties:
+ localhostProfile:
+ type: string
+ type:
+ type: string
+ required:
+ - type
+ type: object
+ fsGroup:
+ format: int64
+ type: integer
+ fsGroupChangePolicy:
+ type: string
+ runAsGroup:
+ format: int64
+ type: integer
+ runAsNonRoot:
+ type: boolean
+ runAsUser:
+ format: int64
+ type: integer
+ seLinuxChangePolicy:
+ type: string
+ seLinuxOptions:
+ properties:
+ level:
+ type: string
+ role:
+ type: string
+ type:
+ type: string
+ user:
+ type: string
+ type: object
+ seccompProfile:
+ properties:
+ localhostProfile:
+ type: string
+ type:
+ type: string
+ required:
+ - type
+ type: object
+ supplementalGroups:
+ items:
+ format: int64
+ type: integer
+ type: array
+ x-kubernetes-list-type: atomic
+ supplementalGroupsPolicy:
+ type: string
+ sysctls:
+ items:
+ properties:
+ name:
+ type: string
+ value:
+ type: string
+ required:
+ - name
+ - value
+ type: object
+ type: array
+ x-kubernetes-list-type: atomic
+ windowsOptions:
+ properties:
+ gmsaCredentialSpec:
+ type: string
+ gmsaCredentialSpecName:
+ type: string
+ hostProcess:
+ type: boolean
+ runAsUserName:
+ type: string
+ type: object
+ type: object
+ serviceAccount:
+ type: string
+ serviceAccountName:
+ type: string
+ setHostnameAsFQDN:
+ type: boolean
+ shareProcessNamespace:
+ type: boolean
+ subdomain:
+ type: string
+ terminationGracePeriodSeconds:
+ format: int64
+ type: integer
+ tolerations:
+ items:
+ properties:
+ effect:
+ type: string
+ key:
+ type: string
+ operator:
+ type: string
+ tolerationSeconds:
+ format: int64
+ type: integer
+ value:
+ type: string
+ type: object
+ type: array
+ topologySpreadConstraints:
+ items:
+ properties:
+ labelSelector:
+ properties:
+ matchExpressions:
+ items:
+ properties:
+ key:
+ type: string
+ operator:
+ type: string
+ values:
+ items:
+ type: string
+ type: array
+ x-kubernetes-list-type: atomic
+ required:
+ - key
+ - operator
+ type: object
+ type: array
+ x-kubernetes-list-type: atomic
+ matchLabels:
+ additionalProperties:
+ type: string
+ type: object
+ type: object
+ x-kubernetes-map-type: atomic
+ matchLabelKeys:
+ items:
+ type: string
+ type: array
+ x-kubernetes-list-type: atomic
+ maxSkew:
+ format: int32
+ type: integer
+ minDomains:
+ format: int32
+ type: integer
+ nodeAffinityPolicy:
+ type: string
+ nodeTaintsPolicy:
+ type: string
+ topologyKey:
+ type: string
+ whenUnsatisfiable:
+ type: string
+ required:
+ - maxSkew
+ - topologyKey
+ - whenUnsatisfiable
+ type: object
+ type: array
+ x-kubernetes-list-map-keys:
+ - topologyKey
+ - whenUnsatisfiable
+ x-kubernetes-list-type: map
+ volumes:
+ items:
+ properties:
+ awsElasticBlockStore:
+ properties:
+ fsType:
+ type: string
+ partition:
+ format: int32
+ type: integer
+ readOnly:
+ type: boolean
+ volumeID:
+ type: string
+ required:
+ - volumeID
+ type: object
+ azureDisk:
+ properties:
+ cachingMode:
+ type: string
+ diskName:
+ type: string
+ diskURI:
+ type: string
+ fsType:
+ default: ext4
+ type: string
+ kind:
+ type: string
+ readOnly:
+ default: false
+ type: boolean
+ required:
+ - diskName
+ - diskURI
+ type: object
+ azureFile:
+ properties:
+ readOnly:
+ type: boolean
+ secretName:
+ type: string
+ shareName:
+ type: string
+ required:
+ - secretName
+ - shareName
+ type: object
+ cephfs:
+ properties:
+ monitors:
+ items:
+ type: string
+ type: array
+ x-kubernetes-list-type: atomic
+ path:
+ type: string
+ readOnly:
+ type: boolean
+ secretFile:
+ type: string
+ secretRef:
+ properties:
+ name:
+ default: ""
+ type: string
+ type: object
+ x-kubernetes-map-type: atomic
+ user:
+ type: string
+ required:
+ - monitors
+ type: object
+ cinder:
+ properties:
+ fsType:
+ type: string
+ readOnly:
+ type: boolean
+ secretRef:
+ properties:
+ name:
+ default: ""
+ type: string
+ type: object
+ x-kubernetes-map-type: atomic
+ volumeID:
+ type: string
+ required:
+ - volumeID
+ type: object
+ configMap:
+ properties:
+ defaultMode:
+ format: int32
+ type: integer
+ items:
+ items:
+ properties:
+ key:
+ type: string
+ mode:
+ format: int32
+ type: integer
+ path:
+ type: string
+ required:
+ - key
+ - path
+ type: object
+ type: array
+ x-kubernetes-list-type: atomic
+ name:
+ default: ""
+ type: string
+ optional:
+ type: boolean
+ type: object
+ x-kubernetes-map-type: atomic
+ csi:
+ properties:
+ driver:
+ type: string
+ fsType:
+ type: string
+ nodePublishSecretRef:
+ properties:
+ name:
+ default: ""
+ type: string
+ type: object
+ x-kubernetes-map-type: atomic
+ readOnly:
+ type: boolean
+ volumeAttributes:
+ additionalProperties:
+ type: string
+ type: object
+ required:
+ - driver
+ type: object
+ downwardAPI:
+ properties:
+ defaultMode:
+ format: int32
+ type: integer
+ items:
+ items:
+ properties:
+ fieldRef:
+ properties:
+ apiVersion:
+ type: string
+ fieldPath:
+ type: string
+ required:
+ - fieldPath
+ type: object
+ x-kubernetes-map-type: atomic
+ mode:
+ format: int32
+ type: integer
+ path:
+ type: string
+ resourceFieldRef:
+ properties:
+ containerName:
+ type: string
+ divisor:
+ anyOf:
+ - type: integer
+ - type: string
+ pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+ x-kubernetes-int-or-string: true
+ resource:
+ type: string
+ required:
+ - resource
+ type: object
+ x-kubernetes-map-type: atomic
+ required:
+ - path
+ type: object
+ type: array
+ x-kubernetes-list-type: atomic
+ type: object
+ emptyDir:
+ properties:
+ medium:
+ type: string
+ sizeLimit:
+ anyOf:
+ - type: integer
+ - type: string
+ pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+ x-kubernetes-int-or-string: true
+ type: object
+ ephemeral:
+ properties:
+ volumeClaimTemplate:
+ properties:
+ metadata:
+ type: object
+ spec:
+ properties:
+ accessModes:
+ items:
+ type: string
+ type: array
+ x-kubernetes-list-type: atomic
+ dataSource:
+ properties:
+ apiGroup:
+ type: string
+ kind:
+ type: string
+ name:
+ type: string
+ required:
+ - kind
+ - name
+ type: object
+ x-kubernetes-map-type: atomic
+ dataSourceRef:
+ properties:
+ apiGroup:
+ type: string
+ kind:
+ type: string
+ name:
+ type: string
+ namespace:
+ type: string
+ required:
+ - kind
+ - name
+ type: object
+ resources:
+ properties:
+ limits:
+ additionalProperties:
+ anyOf:
+ - type: integer
+ - type: string
+ pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+ x-kubernetes-int-or-string: true
+ type: object
+ requests:
+ additionalProperties:
+ anyOf:
+ - type: integer
+ - type: string
+ pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+ x-kubernetes-int-or-string: true
+ type: object
+ type: object
+ selector:
+ properties:
+ matchExpressions:
+ items:
+ properties:
+ key:
+ type: string
+ operator:
+ type: string
+ values:
+ items:
+ type: string
+ type: array
+ x-kubernetes-list-type: atomic
+ required:
+ - key
+ - operator
+ type: object
+ type: array
+ x-kubernetes-list-type: atomic
+ matchLabels:
+ additionalProperties:
+ type: string
+ type: object
+ type: object
+ x-kubernetes-map-type: atomic
+ storageClassName:
+ type: string
+ volumeAttributesClassName:
+ type: string
+ volumeMode:
+ type: string
+ volumeName:
+ type: string
+ type: object
+ required:
+ - spec
+ type: object
+ type: object
+ fc:
+ properties:
+ fsType:
+ type: string
+ lun:
+ format: int32
+ type: integer
+ readOnly:
+ type: boolean
+ targetWWNs:
+ items:
+ type: string
+ type: array
+ x-kubernetes-list-type: atomic
+ wwids:
+ items:
+ type: string
+ type: array
+ x-kubernetes-list-type: atomic
+ type: object
+ flexVolume:
+ properties:
+ driver:
+ type: string
+ fsType:
+ type: string
+ options:
+ additionalProperties:
+ type: string
+ type: object
+ readOnly:
+ type: boolean
+ secretRef:
+ properties:
+ name:
+ default: ""
+ type: string
+ type: object
+ x-kubernetes-map-type: atomic
+ required:
+ - driver
+ type: object
+ flocker:
+ properties:
+ datasetName:
+ type: string
+ datasetUUID:
+ type: string
+ type: object
+ gcePersistentDisk:
+ properties:
+ fsType:
+ type: string
+ partition:
+ format: int32
+ type: integer
+ pdName:
+ type: string
+ readOnly:
+ type: boolean
+ required:
+ - pdName
+ type: object
+ gitRepo:
+ properties:
+ directory:
+ type: string
+ repository:
+ type: string
+ revision:
+ type: string
+ required:
+ - repository
+ type: object
+ glusterfs:
+ properties:
+ endpoints:
+ type: string
+ path:
+ type: string
+ readOnly:
+ type: boolean
+ required:
+ - endpoints
+ - path
+ type: object
+ hostPath:
+ properties:
+ path:
+ type: string
+ type:
+ type: string
+ required:
+ - path
+ type: object
+ image:
+ properties:
+ pullPolicy:
+ type: string
+ reference:
+ type: string
+ type: object
+ iscsi:
+ properties:
+ chapAuthDiscovery:
+ type: boolean
+ chapAuthSession:
+ type: boolean
+ fsType:
+ type: string
+ initiatorName:
+ type: string
+ iqn:
+ type: string
+ iscsiInterface:
+ default: default
+ type: string
+ lun:
+ format: int32
+ type: integer
+ portals:
+ items:
+ type: string
+ type: array
+ x-kubernetes-list-type: atomic
+ readOnly:
+ type: boolean
+ secretRef:
+ properties:
+ name:
+ default: ""
+ type: string
+ type: object
+ x-kubernetes-map-type: atomic
+ targetPortal:
+ type: string
+ required:
+ - iqn
+ - lun
+ - targetPortal
+ type: object
+ name:
+ type: string
+ nfs:
+ properties:
+ path:
+ type: string
+ readOnly:
+ type: boolean
+ server:
+ type: string
+ required:
+ - path
+ - server
+ type: object
+ persistentVolumeClaim:
+ properties:
+ claimName:
+ type: string
+ readOnly:
+ type: boolean
+ required:
+ - claimName
+ type: object
+ photonPersistentDisk:
+ properties:
+ fsType:
+ type: string
+ pdID:
+ type: string
+ required:
+ - pdID
+ type: object
+ portworxVolume:
+ properties:
+ fsType:
+ type: string
+ readOnly:
+ type: boolean
+ volumeID:
+ type: string
+ required:
+ - volumeID
+ type: object
+ projected:
+ properties:
+ defaultMode:
+ format: int32
+ type: integer
+ sources:
+ items:
+ properties:
+ clusterTrustBundle:
+ properties:
+ labelSelector:
+ properties:
+ matchExpressions:
+ items:
+ properties:
+ key:
+ type: string
+ operator:
+ type: string
+ values:
+ items:
+ type: string
+ type: array
+ x-kubernetes-list-type: atomic
+ required:
+ - key
+ - operator
+ type: object
+ type: array
+ x-kubernetes-list-type: atomic
+ matchLabels:
+ additionalProperties:
+ type: string
+ type: object
+ type: object
+ x-kubernetes-map-type: atomic
+ name:
+ type: string
+ optional:
+ type: boolean
+ path:
+ type: string
+ signerName:
+ type: string
+ required:
+ - path
+ type: object
+ configMap:
+ properties:
+ items:
+ items:
+ properties:
+ key:
+ type: string
+ mode:
+ format: int32
+ type: integer
+ path:
+ type: string
+ required:
+ - key
+ - path
+ type: object
+ type: array
+ x-kubernetes-list-type: atomic
+ name:
+ default: ""
+ type: string
+ optional:
+ type: boolean
+ type: object
+ x-kubernetes-map-type: atomic
+ downwardAPI:
+ properties:
+ items:
+ items:
+ properties:
+ fieldRef:
+ properties:
+ apiVersion:
+ type: string
+ fieldPath:
+ type: string
+ required:
+ - fieldPath
+ type: object
+ x-kubernetes-map-type: atomic
+ mode:
+ format: int32
+ type: integer
+ path:
+ type: string
+ resourceFieldRef:
+ properties:
+ containerName:
+ type: string
+ divisor:
+ anyOf:
+ - type: integer
+ - type: string
+ pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+ x-kubernetes-int-or-string: true
+ resource:
+ type: string
+ required:
+ - resource
+ type: object
+ x-kubernetes-map-type: atomic
+ required:
+ - path
+ type: object
+ type: array
+ x-kubernetes-list-type: atomic
+ type: object
+ podCertificate:
+ properties:
+ certificateChainPath:
+ type: string
+ credentialBundlePath:
+ type: string
+ keyPath:
+ type: string
+ keyType:
+ type: string
+ maxExpirationSeconds:
+ format: int32
+ type: integer
+ signerName:
+ type: string
+ userAnnotations:
+ additionalProperties:
+ type: string
+ type: object
+ required:
+ - keyType
+ - signerName
+ type: object
+ secret:
+ properties:
+ items:
+ items:
+ properties:
+ key:
+ type: string
+ mode:
+ format: int32
+ type: integer
+ path:
+ type: string
+ required:
+ - key
+ - path
+ type: object
+ type: array
+ x-kubernetes-list-type: atomic
+ name:
+ default: ""
+ type: string
+ optional:
+ type: boolean
+ type: object
+ x-kubernetes-map-type: atomic
+ serviceAccountToken:
+ properties:
+ audience:
+ type: string
+ expirationSeconds:
+ format: int64
+ type: integer
+ path:
+ type: string
+ required:
+ - path
+ type: object
+ type: object
+ type: array
+ x-kubernetes-list-type: atomic
+ type: object
+ quobyte:
+ properties:
+ group:
+ type: string
+ readOnly:
+ type: boolean
+ registry:
+ type: string
+ tenant:
+ type: string
+ user:
+ type: string
+ volume:
+ type: string
+ required:
+ - registry
+ - volume
+ type: object
+ rbd:
+ properties:
+ fsType:
+ type: string
+ image:
+ type: string
+ keyring:
+ default: /etc/ceph/keyring
+ type: string
+ monitors:
+ items:
+ type: string
+ type: array
+ x-kubernetes-list-type: atomic
+ pool:
+ default: rbd
+ type: string
+ readOnly:
+ type: boolean
+ secretRef:
+ properties:
+ name:
+ default: ""
+ type: string
+ type: object
+ x-kubernetes-map-type: atomic
+ user:
+ default: admin
+ type: string
+ required:
+ - image
+ - monitors
+ type: object
+ scaleIO:
+ properties:
+ fsType:
+ default: xfs
+ type: string
+ gateway:
+ type: string
+ protectionDomain:
+ type: string
+ readOnly:
+ type: boolean
+ secretRef:
+ properties:
+ name:
+ default: ""
+ type: string
+ type: object
+ x-kubernetes-map-type: atomic
+ sslEnabled:
+ type: boolean
+ storageMode:
+ default: ThinProvisioned
+ type: string
+ storagePool:
+ type: string
+ system:
+ type: string
+ volumeName:
+ type: string
+ required:
+ - gateway
+ - secretRef
+ - system
+ type: object
+ secret:
+ properties:
+ defaultMode:
+ format: int32
+ type: integer
+ items:
+ items:
+ properties:
+ key:
+ type: string
+ mode:
+ format: int32
+ type: integer
+ path:
+ type: string
+ required:
+ - key
+ - path
+ type: object
+ type: array
+ x-kubernetes-list-type: atomic
+ optional:
+ type: boolean
+ secretName:
+ type: string
+ type: object
+ storageos:
+ properties:
+ fsType:
+ type: string
+ readOnly:
+ type: boolean
+ secretRef:
+ properties:
+ name:
+ default: ""
+ type: string
+ type: object
+ x-kubernetes-map-type: atomic
+ volumeName:
+ type: string
+ volumeNamespace:
+ type: string
+ type: object
+ vsphereVolume:
+ properties:
+ fsType:
+ type: string
+ storagePolicyID:
+ type: string
+ storagePolicyName:
+ type: string
+ volumePath:
+ type: string
+ required:
+ - volumePath
+ type: object
+ required:
+ - name
+ type: object
+ type: array
+ type: object
+ type: object
+ type: object
+ type: object
+ disableDefaultAdminSecret:
+ description: DisableDefaultAdminSecret prevents operator from creating
+ default admin-credentials secret
+ type: boolean
+ disableDefaultSecurityContext:
+ description: DisableDefaultSecurityContext prevents the operator from
+ populating securityContext on deployments
+ enum:
+ - Pod
+ - Container
+ - All
+ type: string
+ external:
+ description: External enables you to configure external grafana instances
+ that is not managed by the operator.
+ properties:
+ adminPassword:
+ description: AdminPassword key to talk to the external grafana
+ instance.
+ properties:
+ key:
+ description: The key of the secret to select from. Must be
+ a valid secret key.
+ type: string
+ name:
+ default: ""
+ description: |-
+ Name of the referent.
+ This field is effectively required, but due to backwards compatibility is
+ allowed to be empty. Instances of this type with an empty value here are
+ almost certainly wrong.
+ More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+ type: string
+ optional:
+ description: Specify whether the Secret or its key must be
+ defined
+ type: boolean
+ required:
+ - key
+ type: object
+ x-kubernetes-map-type: atomic
+ adminUser:
+ description: AdminUser key to talk to the external grafana instance.
+ properties:
+ key:
+ description: The key of the secret to select from. Must be
+ a valid secret key.
+ type: string
+ name:
+ default: ""
+ description: |-
+ Name of the referent.
+ This field is effectively required, but due to backwards compatibility is
+ allowed to be empty. Instances of this type with an empty value here are
+ almost certainly wrong.
+ More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+ type: string
+ optional:
+ description: Specify whether the Secret or its key must be
+ defined
+ type: boolean
+ required:
+ - key
+ type: object
+ x-kubernetes-map-type: atomic
+ apiKey:
+ description: The API key to talk to the external grafana instance,
+ you need to define ether apiKey or adminUser/adminPassword.
+ properties:
+ key:
+ description: The key of the secret to select from. Must be
+ a valid secret key.
+ type: string
+ name:
+ default: ""
+ description: |-
+ Name of the referent.
+ This field is effectively required, but due to backwards compatibility is
+ allowed to be empty. Instances of this type with an empty value here are
+ almost certainly wrong.
+ More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+ type: string
+ optional:
+ description: Specify whether the Secret or its key must be
+ defined
+ type: boolean
+ required:
+ - key
+ type: object
+ x-kubernetes-map-type: atomic
+ tenantNamespace:
+ default: default
+ description: |-
+ TenantNamespace is used as the `namespace` value for GrafanaManifest resources in multi-tenant scenarios
+ defaults to `default`
+ type: string
+ x-kubernetes-validations:
+ - message: Value is immutable
+ rule: self == oldSelf
+ tls:
+ description: DEPRECATED, use top level `tls` instead.
+ properties:
+ certSecretRef:
+ description: Use a secret as a reference to give TLS Certificate
+ information
+ properties:
+ name:
+ description: name is unique within a namespace to reference
+ a secret resource.
+ type: string
+ namespace:
+ description: namespace defines the space within which
+ the secret name must be unique.
+ type: string
+ type: object
+ x-kubernetes-map-type: atomic
+ insecureSkipVerify:
+ description: Disable the CA check of the server
+ type: boolean
+ type: object
+ x-kubernetes-validations:
+ - message: insecureSkipVerify and certSecretRef cannot be set
+ at the same time
+ rule: (has(self.insecureSkipVerify) && !(has(self.certSecretRef)))
+ || (has(self.certSecretRef) && !(has(self.insecureSkipVerify)))
+ url:
+ description: URL of the external grafana instance you want to
+ manage.
+ pattern: ^https?://.+$
+ type: string
+ required:
+ - tenantNamespace
+ - url
+ type: object
+ httpRoute:
+ description: HTTPRoute customizes the GatewayAPI HTTPRoute Object.
+ It will not be created if this is not set
+ properties:
+ metadata:
+ description: ObjectMeta contains only a [subset of the fields
+ included in k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta](https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.27/#objectmeta-v1-meta).
+ properties:
+ annotations:
+ additionalProperties:
+ type: string
+ type: object
+ labels:
+ additionalProperties:
+ type: string
+ type: object
+ type: object
+ spec:
+ description: HTTPRouteSpec defines the desired state of HTTPRoute
+ properties:
+ hostnames:
+ description: |-
+ Hostnames defines a set of hostnames that should match against the HTTP Host
+ header to select a HTTPRoute used to process the request. Implementations
+ MUST ignore any port value specified in the HTTP Host header while
+ performing a match and (absent of any applicable header modification
+ configuration) MUST forward this header unmodified to the backend.
+
+ Valid values for Hostnames are determined by RFC 1123 definition of a
+ hostname with 2 notable exceptions:
+
+ 1. IPs are not allowed.
+ 2. A hostname may be prefixed with a wildcard label (`*.`). The wildcard
+ label must appear by itself as the first label.
+
+ If a hostname is specified by both the Listener and HTTPRoute, there
+ must be at least one intersecting hostname for the HTTPRoute to be
+ attached to the Listener. For example:
+
+ * A Listener with `test.example.com` as the hostname matches HTTPRoutes
+ that have either not specified any hostnames, or have specified at
+ least one of `test.example.com` or `*.example.com`.
+ * A Listener with `*.example.com` as the hostname matches HTTPRoutes
+ that have either not specified any hostnames or have specified at least
+ one hostname that matches the Listener hostname. For example,
+ `*.example.com`, `test.example.com`, and `foo.test.example.com` would
+ all match. On the other hand, `example.com` and `test.example.net` would
+ not match.
+
+ Hostnames that are prefixed with a wildcard label (`*.`) are interpreted
+ as a suffix match. That means that a match for `*.example.com` would match
+ both `test.example.com`, and `foo.test.example.com`, but not `example.com`.
+
+ If both the Listener and HTTPRoute have specified hostnames, any
+ HTTPRoute hostnames that do not match the Listener hostname MUST be
+ ignored. For example, if a Listener specified `*.example.com`, and the
+ HTTPRoute specified `test.example.com` and `test.example.net`,
+ `test.example.net` must not be considered for a match.
+
+ If both the Listener and HTTPRoute have specified hostnames, and none
+ match with the criteria above, then the HTTPRoute is not accepted. The
+ implementation must raise an 'Accepted' Condition with a status of
+ `False` in the corresponding RouteParentStatus.
+
+ In the event that multiple HTTPRoutes specify intersecting hostnames (e.g.
+ overlapping wildcard matching and exact matching hostnames), precedence must
+ be given to rules from the HTTPRoute with the largest number of:
+
+ * Characters in a matching non-wildcard hostname.
+ * Characters in a matching hostname.
+
+ If ties exist across multiple Routes, the matching precedence rules for
+ HTTPRouteMatches takes over.
+
+ Support: Core
+ items:
+ description: |-
+ Hostname is the fully qualified domain name of a network host. This matches
+ the RFC 1123 definition of a hostname with 2 notable exceptions:
+
+ 1. IPs are not allowed.
+ 2. A hostname may be prefixed with a wildcard label (`*.`). The wildcard
+ label must appear by itself as the first label.
+
+ Hostname can be "precise" which is a domain name without the terminating
+ dot of a network host (e.g. "foo.example.com") or "wildcard", which is a
+ domain name prefixed with a single wildcard label (e.g. `*.example.com`).
+
+ Note that as per RFC1035 and RFC1123, a *label* must consist of lower case
+ alphanumeric characters or '-', and must start and end with an alphanumeric
+ character. No other punctuation is allowed.
+ maxLength: 253
+ minLength: 1
+ pattern: ^(\*\.)?[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$
+ type: string
+ maxItems: 16
+ type: array
+ parentRefs:
+ description: |-
+ ParentRefs references the resources (usually Gateways) that a Route wants
+ to be attached to. Note that the referenced parent resource needs to
+ allow this for the attachment to be complete. For Gateways, that means
+ the Gateway needs to allow attachment from Routes of this kind and
+ namespace. For Services, that means the Service must either be in the same
+ namespace for a "producer" route, or the mesh implementation must support
+ and allow "consumer" routes for the referenced Service. ReferenceGrant is
+ not applicable for governing ParentRefs to Services - it is not possible to
+ create a "producer" route for a Service in a different namespace from the
+ Route.
+
+ There are two kinds of parent resources with "Core" support:
+
+ * Gateway (Gateway conformance profile)
+ * Service (Mesh conformance profile, ClusterIP Services only)
+
+ This API may be extended in the future to support additional kinds of parent
+ resources.
+
+ ParentRefs must be _distinct_. This means either that:
+
+ * They select different objects. If this is the case, then parentRef
+ entries are distinct. In terms of fields, this means that the
+ multi-part key defined by `group`, `kind`, `namespace`, and `name` must
+ be unique across all parentRef entries in the Route.
+ * They do not select different objects, but for each optional field used,
+ each ParentRef that selects the same object must set the same set of
+ optional fields to different values. If one ParentRef sets a
+ combination of optional fields, all must set the same combination.
+
+ Some examples:
+
+ * If one ParentRef sets `sectionName`, all ParentRefs referencing the
+ same object must also set `sectionName`.
+ * If one ParentRef sets `port`, all ParentRefs referencing the same
+ object must also set `port`.
+ * If one ParentRef sets `sectionName` and `port`, all ParentRefs
+ referencing the same object must also set `sectionName` and `port`.
+
+ It is possible to separately reference multiple distinct objects that may
+ be collapsed by an implementation. For example, some implementations may
+ choose to merge compatible Gateway Listeners together. If that is the
+ case, the list of routes attached to those resources should also be
+ merged.
+
+ Note that for ParentRefs that cross namespace boundaries, there are specific
+ rules. Cross-namespace references are only valid if they are explicitly
+ allowed by something in the namespace they are referring to. For example,
+ Gateway has the AllowedRoutes field, and ReferenceGrant provides a
+ generic way to enable other kinds of cross-namespace reference.
+
+
+ ParentRefs from a Route to a Service in the same namespace are "producer"
+ routes, which apply default routing rules to inbound connections from
+ any namespace to the Service.
+
+ ParentRefs from a Route to a Service in a different namespace are
+ "consumer" routes, and these routing rules are only applied to outbound
+ connections originating from the same namespace as the Route, for which
+ the intended destination of the connections are a Service targeted as a
+ ParentRef of the Route.
+
+
+
+
+
+
+ items:
+ description: |-
+ ParentReference identifies an API object (usually a Gateway) that can be considered
+ a parent of this resource (usually a route). There are two kinds of parent resources
+ with "Core" support:
+
+ * Gateway (Gateway conformance profile)
+ * Service (Mesh conformance profile, ClusterIP Services only)
+
+ This API may be extended in the future to support additional kinds of parent
+ resources.
+
+ The API object must be valid in the cluster; the Group and Kind must
+ be registered in the cluster for this reference to be valid.
+ properties:
+ group:
+ default: gateway.networking.k8s.io
+ description: |-
+ Group is the group of the referent.
+ When unspecified, "gateway.networking.k8s.io" is inferred.
+ To set the core API group (such as for a "Service" kind referent),
+ Group must be explicitly set to "" (empty string).
+
+ Support: Core
+ maxLength: 253
+ pattern: ^$|^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$
+ type: string
+ kind:
+ default: Gateway
+ description: |-
+ Kind is kind of the referent.
+
+ There are two kinds of parent resources with "Core" support:
+
+ * Gateway (Gateway conformance profile)
+ * Service (Mesh conformance profile, ClusterIP Services only)
+
+ Support for other resources is Implementation-Specific.
+ maxLength: 63
+ minLength: 1
+ pattern: ^[a-zA-Z]([-a-zA-Z0-9]*[a-zA-Z0-9])?$
+ type: string
+ name:
+ description: |-
+ Name is the name of the referent.
+
+ Support: Core
+ maxLength: 253
+ minLength: 1
+ type: string
+ namespace:
+ description: |-
+ Namespace is the namespace of the referent. When unspecified, this refers
+ to the local namespace of the Route.
+
+ Note that there are specific rules for ParentRefs which cross namespace
+ boundaries. Cross-namespace references are only valid if they are explicitly
+ allowed by something in the namespace they are referring to. For example:
+ Gateway has the AllowedRoutes field, and ReferenceGrant provides a
+ generic way to enable any other kind of cross-namespace reference.
+
+
+ ParentRefs from a Route to a Service in the same namespace are "producer"
+ routes, which apply default routing rules to inbound connections from
+ any namespace to the Service.
+
+ ParentRefs from a Route to a Service in a different namespace are
+ "consumer" routes, and these routing rules are only applied to outbound
+ connections originating from the same namespace as the Route, for which
+ the intended destination of the connections are a Service targeted as a
+ ParentRef of the Route.
+
+
+ Support: Core
+ maxLength: 63
+ minLength: 1
+ pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?$
+ type: string
+ port:
+ description: |-
+ Port is the network port this Route targets. It can be interpreted
+ differently based on the type of parent resource.
+
+ When the parent resource is a Gateway, this targets all listeners
+ listening on the specified port that also support this kind of Route(and
+ select this Route). It's not recommended to set `Port` unless the
+ networking behaviors specified in a Route must apply to a specific port
+ as opposed to a listener(s) whose port(s) may be changed. When both Port
+ and SectionName are specified, the name and port of the selected listener
+ must match both specified values.
+
+
+ When the parent resource is a Service, this targets a specific port in the
+ Service spec. When both Port (experimental) and SectionName are specified,
+ the name and port of the selected port must match both specified values.
+
+
+ Implementations MAY choose to support other parent resources.
+ Implementations supporting other types of parent resources MUST clearly
+ document how/if Port is interpreted.
+
+ For the purpose of status, an attachment is considered successful as
+ long as the parent resource accepts it partially. For example, Gateway
+ listeners can restrict which Routes can attach to them by Route kind,
+ namespace, or hostname. If 1 of 2 Gateway listeners accept attachment
+ from the referencing Route, the Route MUST be considered successfully
+ attached. If no Gateway listeners accept attachment from this Route,
+ the Route MUST be considered detached from the Gateway.
+
+ Support: Extended
+ format: int32
+ maximum: 65535
+ minimum: 1
+ type: integer
+ sectionName:
+ description: |-
+ SectionName is the name of a section within the target resource. In the
+ following resources, SectionName is interpreted as the following:
+
+ * Gateway: Listener name. When both Port (experimental) and SectionName
+ are specified, the name and port of the selected listener must match
+ both specified values.
+ * Service: Port name. When both Port (experimental) and SectionName
+ are specified, the name and port of the selected listener must match
+ both specified values.
+
+ Implementations MAY choose to support attaching Routes to other resources.
+ If that is the case, they MUST clearly document how SectionName is
+ interpreted.
+
+ When unspecified (empty string), this will reference the entire resource.
+ For the purpose of status, an attachment is considered successful if at
+ least one section in the parent resource accepts it. For example, Gateway
+ listeners can restrict which Routes can attach to them by Route kind,
+ namespace, or hostname. If 1 of 2 Gateway listeners accept attachment from
+ the referencing Route, the Route MUST be considered successfully
+ attached. If no Gateway listeners accept attachment from this Route, the
+ Route MUST be considered detached from the Gateway.
+
+ Support: Core
+ maxLength: 253
+ minLength: 1
+ pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$
+ type: string
+ required:
+ - name
+ type: object
+ maxItems: 32
+ type: array
+ rules:
+ description: |-
+ Rules are a list of HTTP matchers, filters and actions.
+
+
+ items:
+ description: |-
+ HTTPRouteRule defines semantics for matching an HTTP request based on
+ conditions (matches), processing it (filters), and forwarding the request to
+ an API object (backendRefs).
+ properties:
+ backendRefs:
+ description: |-
+ BackendRefs defines the backend(s) where matching requests should be
+ sent.
+
+ Failure behavior here depends on how many BackendRefs are specified and
+ how many are invalid.
+
+ If *all* entries in BackendRefs are invalid, and there are also no filters
+ specified in this route rule, *all* traffic which matches this rule MUST
+ receive a 500 status code.
+
+ See the HTTPBackendRef definition for the rules about what makes a single
+ HTTPBackendRef invalid.
+
+ When a HTTPBackendRef is invalid, 500 status codes MUST be returned for
+ requests that would have otherwise been routed to an invalid backend. If
+ multiple backends are specified, and some are invalid, the proportion of
+ requests that would otherwise have been routed to an invalid backend
+ MUST receive a 500 status code.
+
+ For example, if two backends are specified with equal weights, and one is
+ invalid, 50 percent of traffic must receive a 500. Implementations may
+ choose how that 50 percent is determined.
+
+ When a HTTPBackendRef refers to a Service that has no ready endpoints,
+ implementations SHOULD return a 503 for requests to that backend instead.
+ If an implementation chooses to do this, all of the above rules for 500 responses
+ MUST also apply for responses that return a 503.
+
+ Support: Core for Kubernetes Service
+
+ Support: Extended for Kubernetes ServiceImport
+
+ Support: Implementation-specific for any other resource
+
+ Support for weight: Core
+ items:
+ description: |-
+ HTTPBackendRef defines how a HTTPRoute forwards a HTTP request.
+
+ Note that when a namespace different than the local namespace is specified, a
+ ReferenceGrant object is required in the referent namespace to allow that
+ namespace's owner to accept the reference. See the ReferenceGrant
+ documentation for details.
+
+
+
+ When the BackendRef points to a Kubernetes Service, implementations SHOULD
+ honor the appProtocol field if it is set for the target Service Port.
+
+ Implementations supporting appProtocol SHOULD recognize the Kubernetes
+ Standard Application Protocols defined in KEP-3726.
+
+ If a Service appProtocol isn't specified, an implementation MAY infer the
+ backend protocol through its own means. Implementations MAY infer the
+ protocol from the Route type referring to the backend Service.
+
+ If a Route is not able to send traffic to the backend using the specified
+ protocol then the backend is considered invalid. Implementations MUST set the
+ "ResolvedRefs" condition to "False" with the "UnsupportedProtocol" reason.
+
+
+ properties:
+ filters:
+ description: |-
+ Filters defined at this level should be executed if and only if the
+ request is being forwarded to the backend defined here.
+
+ Support: Implementation-specific (For broader support of filters, use the
+ Filters field in HTTPRouteRule.)
+ items:
+ description: |-
+ HTTPRouteFilter defines processing steps that must be completed during the
+ request or response lifecycle. HTTPRouteFilters are meant as an extension
+ point to express processing that may be done in Gateway implementations. Some
+ examples include request or response modification, implementing
+ authentication strategies, rate-limiting, and traffic shaping. API
+ guarantee/conformance is defined based on the type of the filter.
+
+
+
+ properties:
+ cors:
+ description: |-
+ CORS defines a schema for a filter that responds to the
+ cross-origin request based on HTTP response header.
+
+ Support: Extended
+
+
+ properties:
+ allowCredentials:
+ description: |-
+ AllowCredentials indicates whether the actual cross-origin request allows
+ to include credentials.
+
+ The only valid value for the `Access-Control-Allow-Credentials` response
+ header is true (case-sensitive).
+
+ If the credentials are not allowed in cross-origin requests, the gateway
+ will omit the header `Access-Control-Allow-Credentials` entirely rather
+ than setting its value to false.
+
+ Support: Extended
+ enum:
+ - true
+ type: boolean
+ allowHeaders:
+ description: |-
+ AllowHeaders indicates which HTTP request headers are supported for
+ accessing the requested resource.
+
+ Header names are not case sensitive.
+
+ Multiple header names in the value of the `Access-Control-Allow-Headers`
+ response header are separated by a comma (",").
+
+ When the `AllowHeaders` field is configured with one or more headers, the
+ gateway must return the `Access-Control-Allow-Headers` response header
+ which value is present in the `AllowHeaders` field.
+
+ If any header name in the `Access-Control-Request-Headers` request header
+ is not included in the list of header names specified by the response
+ header `Access-Control-Allow-Headers`, it will present an error on the
+ client side.
+
+ If any header name in the `Access-Control-Allow-Headers` response header
+ does not recognize by the client, it will also occur an error on the
+ client side.
+
+ A wildcard indicates that the requests with all HTTP headers are allowed.
+ The `Access-Control-Allow-Headers` response header can only use `*`
+ wildcard as value when the `AllowCredentials` field is unspecified.
+
+ When the `AllowCredentials` field is specified and `AllowHeaders` field
+ specified with the `*` wildcard, the gateway must specify one or more
+ HTTP headers in the value of the `Access-Control-Allow-Headers` response
+ header. The value of the header `Access-Control-Allow-Headers` is same as
+ the `Access-Control-Request-Headers` header provided by the client. If
+ the header `Access-Control-Request-Headers` is not included in the
+ request, the gateway will omit the `Access-Control-Allow-Headers`
+ response header, instead of specifying the `*` wildcard. A Gateway
+ implementation may choose to add implementation-specific default headers.
+
+ Support: Extended
+ items:
+ description: |-
+ HTTPHeaderName is the name of an HTTP header.
+
+ Valid values include:
+
+ * "Authorization"
+ * "Set-Cookie"
+
+ Invalid values include:
+
+ - ":method" - ":" is an invalid character. This means that HTTP/2 pseudo
+ headers are not currently supported by this type.
+ - "/invalid" - "/ " is an invalid character
+ maxLength: 256
+ minLength: 1
+ pattern: ^[A-Za-z0-9!#$%&'*+\-.^_\x60|~]+$
+ type: string
+ maxItems: 64
+ type: array
+ x-kubernetes-list-type: set
+ allowMethods:
+ description: |-
+ AllowMethods indicates which HTTP methods are supported for accessing the
+ requested resource.
+
+ Valid values are any method defined by RFC9110, along with the special
+ value `*`, which represents all HTTP methods are allowed.
+
+ Method names are case sensitive, so these values are also case-sensitive.
+ (See https://www.rfc-editor.org/rfc/rfc2616#section-5.1.1)
+
+ Multiple method names in the value of the `Access-Control-Allow-Methods`
+ response header are separated by a comma (",").
+
+ A CORS-safelisted method is a method that is `GET`, `HEAD`, or `POST`.
+ (See https://fetch.spec.whatwg.org/#cors-safelisted-method) The
+ CORS-safelisted methods are always allowed, regardless of whether they
+ are specified in the `AllowMethods` field.
+
+ When the `AllowMethods` field is configured with one or more methods, the
+ gateway must return the `Access-Control-Allow-Methods` response header
+ which value is present in the `AllowMethods` field.
+
+ If the HTTP method of the `Access-Control-Request-Method` request header
+ is not included in the list of methods specified by the response header
+ `Access-Control-Allow-Methods`, it will present an error on the client
+ side.
+
+ The `Access-Control-Allow-Methods` response header can only use `*`
+ wildcard as value when the `AllowCredentials` field is unspecified.
+
+ When the `AllowCredentials` field is specified and `AllowMethods` field
+ specified with the `*` wildcard, the gateway must specify one HTTP method
+ in the value of the Access-Control-Allow-Methods response header. The
+ value of the header `Access-Control-Allow-Methods` is same as the
+ `Access-Control-Request-Method` header provided by the client. If the
+ header `Access-Control-Request-Method` is not included in the request,
+ the gateway will omit the `Access-Control-Allow-Methods` response header,
+ instead of specifying the `*` wildcard. A Gateway implementation may
+ choose to add implementation-specific default methods.
+
+ Support: Extended
+ items:
+ enum:
+ - GET
+ - HEAD
+ - POST
+ - PUT
+ - DELETE
+ - CONNECT
+ - OPTIONS
+ - TRACE
+ - PATCH
+ - '*'
+ type: string
+ maxItems: 9
+ type: array
+ x-kubernetes-list-type: set
+ x-kubernetes-validations:
+ - message: AllowMethods cannot contain
+ '*' alongside other methods
+ rule: '!(''*'' in self && self.size()
+ > 1)'
+ allowOrigins:
+ description: |-
+ AllowOrigins indicates whether the response can be shared with requested
+ resource from the given `Origin`.
+
+ The `Origin` consists of a scheme and a host, with an optional port, and
+ takes the form `://(:)`.
+
+ Valid values for scheme are: `http` and `https`.
+
+ Valid values for port are any integer between 1 and 65535 (the list of
+ available TCP/UDP ports). Note that, if not included, port `80` is
+ assumed for `http` scheme origins, and port `443` is assumed for `https`
+ origins. This may affect origin matching.
+
+ The host part of the origin may contain the wildcard character `*`. These
+ wildcard characters behave as follows:
+
+ * `*` is a greedy match to the _left_, including any number of
+ DNS labels to the left of its position. This also means that
+ `*` will include any number of period `.` characters to the
+ left of its position.
+ * A wildcard by itself matches all hosts.
+
+ An origin value that includes _only_ the `*` character indicates requests
+ from all `Origin`s are allowed.
+
+ When the `AllowOrigins` field is configured with multiple origins, it
+ means the server supports clients from multiple origins. If the request
+ `Origin` matches the configured allowed origins, the gateway must return
+ the given `Origin` and sets value of the header
+ `Access-Control-Allow-Origin` same as the `Origin` header provided by the
+ client.
+
+ The status code of a successful response to a "preflight" request is
+ always an OK status (i.e., 204 or 200).
+
+ If the request `Origin` does not match the configured allowed origins,
+ the gateway returns 204/200 response but doesn't set the relevant
+ cross-origin response headers. Alternatively, the gateway responds with
+ 403 status to the "preflight" request is denied, coupled with omitting
+ the CORS headers. The cross-origin request fails on the client side.
+ Therefore, the client doesn't attempt the actual cross-origin request.
+
+ The `Access-Control-Allow-Origin` response header can only use `*`
+ wildcard as value when the `AllowCredentials` field is unspecified.
+
+ When the `AllowCredentials` field is specified and `AllowOrigins` field
+ specified with the `*` wildcard, the gateway must return a single origin
+ in the value of the `Access-Control-Allow-Origin` response header,
+ instead of specifying the `*` wildcard. The value of the header
+ `Access-Control-Allow-Origin` is same as the `Origin` header provided by
+ the client.
+
+ Support: Extended
+ items:
+ description: |-
+ The AbsoluteURI MUST NOT be a relative URI, and it MUST follow the URI syntax and
+ encoding rules specified in RFC3986. The AbsoluteURI MUST include both a
+ scheme (e.g., "http" or "spiffe") and a scheme-specific-part. URIs that
+ include an authority MUST include a fully qualified domain name or
+ IP address as the host.
+ The below regex is taken from the regex section in RFC 3986 with a slight modification to enforce a full URI and not relative.
+ maxLength: 253
+ minLength: 1
+ pattern: ^(([^:/?#]+):)(//([^/?#]*))([^?#]*)(\?([^#]*))?(#(.*))?
+ type: string
+ maxItems: 64
+ type: array
+ x-kubernetes-list-type: set
+ exposeHeaders:
+ description: |-
+ ExposeHeaders indicates which HTTP response headers can be exposed
+ to client-side scripts in response to a cross-origin request.
+
+ A CORS-safelisted response header is an HTTP header in a CORS response
+ that it is considered safe to expose to the client scripts.
+ The CORS-safelisted response headers include the following headers:
+ `Cache-Control`
+ `Content-Language`
+ `Content-Length`
+ `Content-Type`
+ `Expires`
+ `Last-Modified`
+ `Pragma`
+ (See https://fetch.spec.whatwg.org/#cors-safelisted-response-header-name)
+ The CORS-safelisted response headers are exposed to client by default.
+
+ When an HTTP header name is specified using the `ExposeHeaders` field,
+ this additional header will be exposed as part of the response to the
+ client.
+
+ Header names are not case sensitive.
+
+ Multiple header names in the value of the `Access-Control-Expose-Headers`
+ response header are separated by a comma (",").
+
+ A wildcard indicates that the responses with all HTTP headers are exposed
+ to clients. The `Access-Control-Expose-Headers` response header can only
+ use `*` wildcard as value when the `AllowCredentials` field is
+ unspecified.
+
+ Support: Extended
+ items:
+ description: |-
+ HTTPHeaderName is the name of an HTTP header.
+
+ Valid values include:
+
+ * "Authorization"
+ * "Set-Cookie"
+
+ Invalid values include:
+
+ - ":method" - ":" is an invalid character. This means that HTTP/2 pseudo
+ headers are not currently supported by this type.
+ - "/invalid" - "/ " is an invalid character
+ maxLength: 256
+ minLength: 1
+ pattern: ^[A-Za-z0-9!#$%&'*+\-.^_\x60|~]+$
+ type: string
+ maxItems: 64
+ type: array
+ x-kubernetes-list-type: set
+ maxAge:
+ default: 5
+ description: |-
+ MaxAge indicates the duration (in seconds) for the client to cache the
+ results of a "preflight" request.
+
+ The information provided by the `Access-Control-Allow-Methods` and
+ `Access-Control-Allow-Headers` response headers can be cached by the
+ client until the time specified by `Access-Control-Max-Age` elapses.
+
+ The default value of `Access-Control-Max-Age` response header is 5
+ (seconds).
+ format: int32
+ minimum: 1
+ type: integer
+ type: object
+ extensionRef:
+ description: |-
+ ExtensionRef is an optional, implementation-specific extension to the
+ "filter" behavior. For example, resource "myroutefilter" in group
+ "networking.example.net"). ExtensionRef MUST NOT be used for core and
+ extended filters.
+
+ This filter can be used multiple times within the same rule.
+
+ Support: Implementation-specific
+ properties:
+ group:
+ description: |-
+ Group is the group of the referent. For example, "gateway.networking.k8s.io".
+ When unspecified or empty string, core API group is inferred.
+ maxLength: 253
+ pattern: ^$|^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$
+ type: string
+ kind:
+ description: Kind is kind of the referent.
+ For example "HTTPRoute" or "Service".
+ maxLength: 63
+ minLength: 1
+ pattern: ^[a-zA-Z]([-a-zA-Z0-9]*[a-zA-Z0-9])?$
+ type: string
+ name:
+ description: Name is the name of the
+ referent.
+ maxLength: 253
+ minLength: 1
+ type: string
+ required:
+ - group
+ - kind
+ - name
+ type: object
+ requestHeaderModifier:
+ description: |-
+ RequestHeaderModifier defines a schema for a filter that modifies request
+ headers.
+
+ Support: Core
+ properties:
+ add:
+ description: |-
+ Add adds the given header(s) (name, value) to the request
+ before the action. It appends to any existing values associated
+ with the header name.
+
+ Input:
+ GET /foo HTTP/1.1
+ my-header: foo
+
+ Config:
+ add:
+ - name: "my-header"
+ value: "bar,baz"
+
+ Output:
+ GET /foo HTTP/1.1
+ my-header: foo,bar,baz
+ items:
+ description: HTTPHeader represents
+ an HTTP Header name and value as
+ defined by RFC 7230.
+ properties:
+ name:
+ description: |-
+ Name is the name of the HTTP Header to be matched. Name matching MUST be
+ case-insensitive. (See https://tools.ietf.org/html/rfc7230#section-3.2).
+
+ If multiple entries specify equivalent header names, the first entry with
+ an equivalent name MUST be considered for a match. Subsequent entries
+ with an equivalent header name MUST be ignored. Due to the
+ case-insensitivity of header names, "foo" and "Foo" are considered
+ equivalent.
+ maxLength: 256
+ minLength: 1
+ pattern: ^[A-Za-z0-9!#$%&'*+\-.^_\x60|~]+$
+ type: string
+ value:
+ description: Value is the value
+ of HTTP Header to be matched.
+ maxLength: 4096
+ minLength: 1
+ type: string
+ required:
+ - name
+ - value
+ type: object
+ maxItems: 16
+ type: array
+ x-kubernetes-list-map-keys:
+ - name
+ x-kubernetes-list-type: map
+ remove:
+ description: |-
+ Remove the given header(s) from the HTTP request before the action. The
+ value of Remove is a list of HTTP header names. Note that the header
+ names are case-insensitive (see
+ https://datatracker.ietf.org/doc/html/rfc2616#section-4.2).
+
+ Input:
+ GET /foo HTTP/1.1
+ my-header1: foo
+ my-header2: bar
+ my-header3: baz
+
+ Config:
+ remove: ["my-header1", "my-header3"]
+
+ Output:
+ GET /foo HTTP/1.1
+ my-header2: bar
+ items:
+ type: string
+ maxItems: 16
+ type: array
+ x-kubernetes-list-type: set
+ set:
+ description: |-
+ Set overwrites the request with the given header (name, value)
+ before the action.
+
+ Input:
+ GET /foo HTTP/1.1
+ my-header: foo
+
+ Config:
+ set:
+ - name: "my-header"
+ value: "bar"
+
+ Output:
+ GET /foo HTTP/1.1
+ my-header: bar
+ items:
+ description: HTTPHeader represents
+ an HTTP Header name and value as
+ defined by RFC 7230.
+ properties:
+ name:
+ description: |-
+ Name is the name of the HTTP Header to be matched. Name matching MUST be
+ case-insensitive. (See https://tools.ietf.org/html/rfc7230#section-3.2).
+
+ If multiple entries specify equivalent header names, the first entry with
+ an equivalent name MUST be considered for a match. Subsequent entries
+ with an equivalent header name MUST be ignored. Due to the
+ case-insensitivity of header names, "foo" and "Foo" are considered
+ equivalent.
+ maxLength: 256
+ minLength: 1
+ pattern: ^[A-Za-z0-9!#$%&'*+\-.^_\x60|~]+$
+ type: string
+ value:
+ description: Value is the value
+ of HTTP Header to be matched.
+ maxLength: 4096
+ minLength: 1
+ type: string
+ required:
+ - name
+ - value
+ type: object
+ maxItems: 16
+ type: array
+ x-kubernetes-list-map-keys:
+ - name
+ x-kubernetes-list-type: map
+ type: object
+ requestMirror:
+ description: |-
+ RequestMirror defines a schema for a filter that mirrors requests.
+ Requests are sent to the specified destination, but responses from
+ that destination are ignored.
+
+ This filter can be used multiple times within the same rule. Note that
+ not all implementations will be able to support mirroring to multiple
+ backends.
+
+ Support: Extended
+ properties:
+ backendRef:
+ description: |-
+ BackendRef references a resource where mirrored requests are sent.
+
+ Mirrored requests must be sent only to a single destination endpoint
+ within this BackendRef, irrespective of how many endpoints are present
+ within this BackendRef.
+
+ If the referent cannot be found, this BackendRef is invalid and must be
+ dropped from the Gateway. The controller must ensure the "ResolvedRefs"
+ condition on the Route status is set to `status: False` and not configure
+ this backend in the underlying implementation.
+
+ If there is a cross-namespace reference to an *existing* object
+ that is not allowed by a ReferenceGrant, the controller must ensure the
+ "ResolvedRefs" condition on the Route is set to `status: False`,
+ with the "RefNotPermitted" reason and not configure this backend in the
+ underlying implementation.
+
+ In either error case, the Message of the `ResolvedRefs` Condition
+ should be used to provide more detail about the problem.
+
+ Support: Extended for Kubernetes Service
+
+ Support: Implementation-specific for any other resource
+ properties:
+ group:
+ default: ""
+ description: |-
+ Group is the group of the referent. For example, "gateway.networking.k8s.io".
+ When unspecified or empty string, core API group is inferred.
+ maxLength: 253
+ pattern: ^$|^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$
+ type: string
+ kind:
+ default: Service
+ description: |-
+ Kind is the Kubernetes resource kind of the referent. For example
+ "Service".
+
+ Defaults to "Service" when not specified.
+
+ ExternalName services can refer to CNAME DNS records that may live
+ outside of the cluster and as such are difficult to reason about in
+ terms of conformance. They also may not be safe to forward to (see
+ CVE-2021-25740 for more information). Implementations SHOULD NOT
+ support ExternalName Services.
+
+ Support: Core (Services with a type other than ExternalName)
+
+ Support: Implementation-specific (Services with type ExternalName)
+ maxLength: 63
+ minLength: 1
+ pattern: ^[a-zA-Z]([-a-zA-Z0-9]*[a-zA-Z0-9])?$
+ type: string
+ name:
+ description: Name is the name of
+ the referent.
+ maxLength: 253
+ minLength: 1
+ type: string
+ namespace:
+ description: |-
+ Namespace is the namespace of the backend. When unspecified, the local
+ namespace is inferred.
+
+ Note that when a namespace different than the local namespace is specified,
+ a ReferenceGrant object is required in the referent namespace to allow that
+ namespace's owner to accept the reference. See the ReferenceGrant
+ documentation for details.
+
+ Support: Core
+ maxLength: 63
+ minLength: 1
+ pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?$
+ type: string
+ port:
+ description: |-
+ Port specifies the destination port number to use for this resource.
+ Port is required when the referent is a Kubernetes Service. In this
+ case, the port number is the service port number, not the target port.
+ For other resources, destination port might be derived from the referent
+ resource or this field.
+ format: int32
+ maximum: 65535
+ minimum: 1
+ type: integer
+ required:
+ - name
+ type: object
+ x-kubernetes-validations:
+ - message: Must have port for Service
+ reference
+ rule: '(size(self.group) == 0 && self.kind
+ == ''Service'') ? has(self.port)
+ : true'
+ fraction:
+ description: |-
+ Fraction represents the fraction of requests that should be
+ mirrored to BackendRef.
+
+ Only one of Fraction or Percent may be specified. If neither field
+ is specified, 100% of requests will be mirrored.
+ properties:
+ denominator:
+ default: 100
+ format: int32
+ minimum: 1
+ type: integer
+ numerator:
+ format: int32
+ minimum: 0
+ type: integer
+ required:
+ - numerator
+ type: object
+ x-kubernetes-validations:
+ - message: numerator must be less than
+ or equal to denominator
+ rule: self.numerator <= self.denominator
+ percent:
+ description: |-
+ Percent represents the percentage of requests that should be
+ mirrored to BackendRef. Its minimum value is 0 (indicating 0% of
+ requests) and its maximum value is 100 (indicating 100% of requests).
+
+ Only one of Fraction or Percent may be specified. If neither field
+ is specified, 100% of requests will be mirrored.
+ format: int32
+ maximum: 100
+ minimum: 0
+ type: integer
+ required:
+ - backendRef
+ type: object
+ x-kubernetes-validations:
+ - message: Only one of percent or fraction
+ may be specified in HTTPRequestMirrorFilter
+ rule: '!(has(self.percent) && has(self.fraction))'
+ requestRedirect:
+ description: |-
+ RequestRedirect defines a schema for a filter that responds to the
+ request with an HTTP redirection.
+
+ Support: Core
+ properties:
+ hostname:
+ description: |-
+ Hostname is the hostname to be used in the value of the `Location`
+ header in the response.
+ When empty, the hostname in the `Host` header of the request is used.
+
+ Support: Core
+ maxLength: 253
+ minLength: 1
+ pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$
+ type: string
+ path:
+ description: |-
+ Path defines parameters used to modify the path of the incoming request.
+ The modified path is then used to construct the `Location` header. When
+ empty, the request path is used as-is.
+
+ Support: Extended
+ properties:
+ replaceFullPath:
+ description: |-
+ ReplaceFullPath specifies the value with which to replace the full path
+ of a request during a rewrite or redirect.
+ maxLength: 1024
+ type: string
+ replacePrefixMatch:
+ description: |-
+ ReplacePrefixMatch specifies the value with which to replace the prefix
+ match of a request during a rewrite or redirect. For example, a request
+ to "/foo/bar" with a prefix match of "/foo" and a ReplacePrefixMatch
+ of "/xyz" would be modified to "/xyz/bar".
+
+ Note that this matches the behavior of the PathPrefix match type. This
+ matches full path elements. A path element refers to the list of labels
+ in the path split by the `/` separator. When specified, a trailing `/` is
+ ignored. For example, the paths `/abc`, `/abc/`, and `/abc/def` would all
+ match the prefix `/abc`, but the path `/abcd` would not.
+
+ ReplacePrefixMatch is only compatible with a `PathPrefix` HTTPRouteMatch.
+ Using any other HTTPRouteMatch type on the same HTTPRouteRule will result in
+ the implementation setting the Accepted Condition for the Route to `status: False`.
+
+ Request Path | Prefix Match | Replace Prefix | Modified Path
+ maxLength: 1024
+ type: string
+ type:
+ description: |-
+ Type defines the type of path modifier. Additional types may be
+ added in a future release of the API.
+
+ Note that values may be added to this enum, implementations
+ must ensure that unknown values will not cause a crash.
+
+ Unknown values here must result in the implementation setting the
+ Accepted Condition for the Route to `status: False`, with a
+ Reason of `UnsupportedValue`.
+ enum:
+ - ReplaceFullPath
+ - ReplacePrefixMatch
+ type: string
+ required:
+ - type
+ type: object
+ x-kubernetes-validations:
+ - message: replaceFullPath must be specified
+ when type is set to 'ReplaceFullPath'
+ rule: 'self.type == ''ReplaceFullPath''
+ ? has(self.replaceFullPath) : true'
+ - message: type must be 'ReplaceFullPath'
+ when replaceFullPath is set
+ rule: 'has(self.replaceFullPath) ?
+ self.type == ''ReplaceFullPath''
+ : true'
+ - message: replacePrefixMatch must be
+ specified when type is set to 'ReplacePrefixMatch'
+ rule: 'self.type == ''ReplacePrefixMatch''
+ ? has(self.replacePrefixMatch) :
+ true'
+ - message: type must be 'ReplacePrefixMatch'
+ when replacePrefixMatch is set
+ rule: 'has(self.replacePrefixMatch)
+ ? self.type == ''ReplacePrefixMatch''
+ : true'
+ port:
+ description: |-
+ Port is the port to be used in the value of the `Location`
+ header in the response.
+
+ If no port is specified, the redirect port MUST be derived using the
+ following rules:
+
+ * If redirect scheme is not-empty, the redirect port MUST be the well-known
+ port associated with the redirect scheme. Specifically "http" to port 80
+ and "https" to port 443. If the redirect scheme does not have a
+ well-known port, the listener port of the Gateway SHOULD be used.
+ * If redirect scheme is empty, the redirect port MUST be the Gateway
+ Listener port.
+
+ Implementations SHOULD NOT add the port number in the 'Location'
+ header in the following cases:
+
+ * A Location header that will use HTTP (whether that is determined via
+ the Listener protocol or the Scheme field) _and_ use port 80.
+ * A Location header that will use HTTPS (whether that is determined via
+ the Listener protocol or the Scheme field) _and_ use port 443.
+
+ Support: Extended
+ format: int32
+ maximum: 65535
+ minimum: 1
+ type: integer
+ scheme:
+ description: |-
+ Scheme is the scheme to be used in the value of the `Location` header in
+ the response. When empty, the scheme of the request is used.
+
+ Scheme redirects can affect the port of the redirect, for more information,
+ refer to the documentation for the port field of this filter.
+
+ Note that values may be added to this enum, implementations
+ must ensure that unknown values will not cause a crash.
+
+ Unknown values here must result in the implementation setting the
+ Accepted Condition for the Route to `status: False`, with a
+ Reason of `UnsupportedValue`.
+
+ Support: Extended
+ enum:
+ - http
+ - https
+ type: string
+ statusCode:
+ default: 302
+ description: |-
+ StatusCode is the HTTP status code to be used in response.
+
+ Note that values may be added to this enum, implementations
+ must ensure that unknown values will not cause a crash.
+
+ Unknown values here must result in the implementation setting the
+ Accepted Condition for the Route to `status: False`, with a
+ Reason of `UnsupportedValue`.
+
+ Support: Core
+ enum:
+ - 301
+ - 302
+ type: integer
+ type: object
+ responseHeaderModifier:
+ description: |-
+ ResponseHeaderModifier defines a schema for a filter that modifies response
+ headers.
+
+ Support: Extended
+ properties:
+ add:
+ description: |-
+ Add adds the given header(s) (name, value) to the request
+ before the action. It appends to any existing values associated
+ with the header name.
+
+ Input:
+ GET /foo HTTP/1.1
+ my-header: foo
+
+ Config:
+ add:
+ - name: "my-header"
+ value: "bar,baz"
+
+ Output:
+ GET /foo HTTP/1.1
+ my-header: foo,bar,baz
+ items:
+ description: HTTPHeader represents
+ an HTTP Header name and value as
+ defined by RFC 7230.
+ properties:
+ name:
+ description: |-
+ Name is the name of the HTTP Header to be matched. Name matching MUST be
+ case-insensitive. (See https://tools.ietf.org/html/rfc7230#section-3.2).
+
+ If multiple entries specify equivalent header names, the first entry with
+ an equivalent name MUST be considered for a match. Subsequent entries
+ with an equivalent header name MUST be ignored. Due to the
+ case-insensitivity of header names, "foo" and "Foo" are considered
+ equivalent.
+ maxLength: 256
+ minLength: 1
+ pattern: ^[A-Za-z0-9!#$%&'*+\-.^_\x60|~]+$
+ type: string
+ value:
+ description: Value is the value
+ of HTTP Header to be matched.
+ maxLength: 4096
+ minLength: 1
+ type: string
+ required:
+ - name
+ - value
+ type: object
+ maxItems: 16
+ type: array
+ x-kubernetes-list-map-keys:
+ - name
+ x-kubernetes-list-type: map
+ remove:
+ description: |-
+ Remove the given header(s) from the HTTP request before the action. The
+ value of Remove is a list of HTTP header names. Note that the header
+ names are case-insensitive (see
+ https://datatracker.ietf.org/doc/html/rfc2616#section-4.2).
+
+ Input:
+ GET /foo HTTP/1.1
+ my-header1: foo
+ my-header2: bar
+ my-header3: baz
+
+ Config:
+ remove: ["my-header1", "my-header3"]
+
+ Output:
+ GET /foo HTTP/1.1
+ my-header2: bar
+ items:
+ type: string
+ maxItems: 16
+ type: array
+ x-kubernetes-list-type: set
+ set:
+ description: |-
+ Set overwrites the request with the given header (name, value)
+ before the action.
+
+ Input:
+ GET /foo HTTP/1.1
+ my-header: foo
+
+ Config:
+ set:
+ - name: "my-header"
+ value: "bar"
+
+ Output:
+ GET /foo HTTP/1.1
+ my-header: bar
+ items:
+ description: HTTPHeader represents
+ an HTTP Header name and value as
+ defined by RFC 7230.
+ properties:
+ name:
+ description: |-
+ Name is the name of the HTTP Header to be matched. Name matching MUST be
+ case-insensitive. (See https://tools.ietf.org/html/rfc7230#section-3.2).
+
+ If multiple entries specify equivalent header names, the first entry with
+ an equivalent name MUST be considered for a match. Subsequent entries
+ with an equivalent header name MUST be ignored. Due to the
+ case-insensitivity of header names, "foo" and "Foo" are considered
+ equivalent.
+ maxLength: 256
+ minLength: 1
+ pattern: ^[A-Za-z0-9!#$%&'*+\-.^_\x60|~]+$
+ type: string
+ value:
+ description: Value is the value
+ of HTTP Header to be matched.
+ maxLength: 4096
+ minLength: 1
+ type: string
+ required:
+ - name
+ - value
+ type: object
+ maxItems: 16
+ type: array
+ x-kubernetes-list-map-keys:
+ - name
+ x-kubernetes-list-type: map
+ type: object
+ type:
+ description: |-
+ Type identifies the type of filter to apply. As with other API fields,
+ types are classified into three conformance levels:
+
+ - Core: Filter types and their corresponding configuration defined by
+ "Support: Core" in this package, e.g. "RequestHeaderModifier". All
+ implementations must support core filters.
+
+ - Extended: Filter types and their corresponding configuration defined by
+ "Support: Extended" in this package, e.g. "RequestMirror". Implementers
+ are encouraged to support extended filters.
+
+ - Implementation-specific: Filters that are defined and supported by
+ specific vendors.
+ In the future, filters showing convergence in behavior across multiple
+ implementations will be considered for inclusion in extended or core
+ conformance levels. Filter-specific configuration for such filters
+ is specified using the ExtensionRef field. `Type` should be set to
+ "ExtensionRef" for custom filters.
+
+ Implementers are encouraged to define custom implementation types to
+ extend the core API with implementation-specific behavior.
+
+ If a reference to a custom filter type cannot be resolved, the filter
+ MUST NOT be skipped. Instead, requests that would have been processed by
+ that filter MUST receive a HTTP error response.
+
+ Note that values may be added to this enum, implementations
+ must ensure that unknown values will not cause a crash.
+
+ Unknown values here must result in the implementation setting the
+ Accepted Condition for the Route to `status: False`, with a
+ Reason of `UnsupportedValue`.
+
+
+ enum:
+ - RequestHeaderModifier
+ - ResponseHeaderModifier
+ - RequestMirror
+ - RequestRedirect
+ - URLRewrite
+ - ExtensionRef
+ type: string
+ urlRewrite:
+ description: |-
+ URLRewrite defines a schema for a filter that modifies a request during forwarding.
+
+ Support: Extended
+ properties:
+ hostname:
+ description: |-
+ Hostname is the value to be used to replace the Host header value during
+ forwarding.
+
+ Support: Extended
+ maxLength: 253
+ minLength: 1
+ pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$
+ type: string
+ path:
+ description: |-
+ Path defines a path rewrite.
+
+ Support: Extended
+ properties:
+ replaceFullPath:
+ description: |-
+ ReplaceFullPath specifies the value with which to replace the full path
+ of a request during a rewrite or redirect.
+ maxLength: 1024
+ type: string
+ replacePrefixMatch:
+ description: |-
+ ReplacePrefixMatch specifies the value with which to replace the prefix
+ match of a request during a rewrite or redirect. For example, a request
+ to "/foo/bar" with a prefix match of "/foo" and a ReplacePrefixMatch
+ of "/xyz" would be modified to "/xyz/bar".
+
+ Note that this matches the behavior of the PathPrefix match type. This
+ matches full path elements. A path element refers to the list of labels
+ in the path split by the `/` separator. When specified, a trailing `/` is
+ ignored. For example, the paths `/abc`, `/abc/`, and `/abc/def` would all
+ match the prefix `/abc`, but the path `/abcd` would not.
+
+ ReplacePrefixMatch is only compatible with a `PathPrefix` HTTPRouteMatch.
+ Using any other HTTPRouteMatch type on the same HTTPRouteRule will result in
+ the implementation setting the Accepted Condition for the Route to `status: False`.
+
+ Request Path | Prefix Match | Replace Prefix | Modified Path
+ maxLength: 1024
+ type: string
+ type:
+ description: |-
+ Type defines the type of path modifier. Additional types may be
+ added in a future release of the API.
+
+ Note that values may be added to this enum, implementations
+ must ensure that unknown values will not cause a crash.
+
+ Unknown values here must result in the implementation setting the
+ Accepted Condition for the Route to `status: False`, with a
+ Reason of `UnsupportedValue`.
+ enum:
+ - ReplaceFullPath
+ - ReplacePrefixMatch
+ type: string
+ required:
+ - type
+ type: object
+ x-kubernetes-validations:
+ - message: replaceFullPath must be specified
+ when type is set to 'ReplaceFullPath'
+ rule: 'self.type == ''ReplaceFullPath''
+ ? has(self.replaceFullPath) : true'
+ - message: type must be 'ReplaceFullPath'
+ when replaceFullPath is set
+ rule: 'has(self.replaceFullPath) ?
+ self.type == ''ReplaceFullPath''
+ : true'
+ - message: replacePrefixMatch must be
+ specified when type is set to 'ReplacePrefixMatch'
+ rule: 'self.type == ''ReplacePrefixMatch''
+ ? has(self.replacePrefixMatch) :
+ true'
+ - message: type must be 'ReplacePrefixMatch'
+ when replacePrefixMatch is set
+ rule: 'has(self.replacePrefixMatch)
+ ? self.type == ''ReplacePrefixMatch''
+ : true'
+ type: object
+ required:
+ - type
+ type: object
+ x-kubernetes-validations:
+ - message: filter.requestHeaderModifier must
+ be nil if the filter.type is not RequestHeaderModifier
+ rule: '!(has(self.requestHeaderModifier) &&
+ self.type != ''RequestHeaderModifier'')'
+ - message: filter.requestHeaderModifier must
+ be specified for RequestHeaderModifier filter.type
+ rule: '!(!has(self.requestHeaderModifier)
+ && self.type == ''RequestHeaderModifier'')'
+ - message: filter.responseHeaderModifier must
+ be nil if the filter.type is not ResponseHeaderModifier
+ rule: '!(has(self.responseHeaderModifier)
+ && self.type != ''ResponseHeaderModifier'')'
+ - message: filter.responseHeaderModifier must
+ be specified for ResponseHeaderModifier
+ filter.type
+ rule: '!(!has(self.responseHeaderModifier)
+ && self.type == ''ResponseHeaderModifier'')'
+ - message: filter.requestMirror must be nil
+ if the filter.type is not RequestMirror
+ rule: '!(has(self.requestMirror) && self.type
+ != ''RequestMirror'')'
+ - message: filter.requestMirror must be specified
+ for RequestMirror filter.type
+ rule: '!(!has(self.requestMirror) && self.type
+ == ''RequestMirror'')'
+ - message: filter.requestRedirect must be nil
+ if the filter.type is not RequestRedirect
+ rule: '!(has(self.requestRedirect) && self.type
+ != ''RequestRedirect'')'
+ - message: filter.requestRedirect must be specified
+ for RequestRedirect filter.type
+ rule: '!(!has(self.requestRedirect) && self.type
+ == ''RequestRedirect'')'
+ - message: filter.urlRewrite must be nil if
+ the filter.type is not URLRewrite
+ rule: '!(has(self.urlRewrite) && self.type
+ != ''URLRewrite'')'
+ - message: filter.urlRewrite must be specified
+ for URLRewrite filter.type
+ rule: '!(!has(self.urlRewrite) && self.type
+ == ''URLRewrite'')'
+ - message: filter.extensionRef must be nil if
+ the filter.type is not ExtensionRef
+ rule: '!(has(self.extensionRef) && self.type
+ != ''ExtensionRef'')'
+ - message: filter.extensionRef must be specified
+ for ExtensionRef filter.type
+ rule: '!(!has(self.extensionRef) && self.type
+ == ''ExtensionRef'')'
+ maxItems: 16
+ type: array
+ x-kubernetes-validations:
+ - message: May specify either httpRouteFilterRequestRedirect
+ or httpRouteFilterRequestRewrite, but not
+ both
+ rule: '!(self.exists(f, f.type == ''RequestRedirect'')
+ && self.exists(f, f.type == ''URLRewrite''))'
+ - message: May specify either httpRouteFilterRequestRedirect
+ or httpRouteFilterRequestRewrite, but not
+ both
+ rule: '!(self.exists(f, f.type == ''RequestRedirect'')
+ && self.exists(f, f.type == ''URLRewrite''))'
+ - message: RequestHeaderModifier filter cannot
+ be repeated
+ rule: self.filter(f, f.type == 'RequestHeaderModifier').size()
+ <= 1
+ - message: ResponseHeaderModifier filter cannot
+ be repeated
+ rule: self.filter(f, f.type == 'ResponseHeaderModifier').size()
+ <= 1
+ - message: RequestRedirect filter cannot be repeated
+ rule: self.filter(f, f.type == 'RequestRedirect').size()
+ <= 1
+ - message: URLRewrite filter cannot be repeated
+ rule: self.filter(f, f.type == 'URLRewrite').size()
+ <= 1
+ group:
+ default: ""
+ description: |-
+ Group is the group of the referent. For example, "gateway.networking.k8s.io".
+ When unspecified or empty string, core API group is inferred.
+ maxLength: 253
+ pattern: ^$|^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$
+ type: string
+ kind:
+ default: Service
+ description: |-
+ Kind is the Kubernetes resource kind of the referent. For example
+ "Service".
+
+ Defaults to "Service" when not specified.
+
+ ExternalName services can refer to CNAME DNS records that may live
+ outside of the cluster and as such are difficult to reason about in
+ terms of conformance. They also may not be safe to forward to (see
+ CVE-2021-25740 for more information). Implementations SHOULD NOT
+ support ExternalName Services.
+
+ Support: Core (Services with a type other than ExternalName)
+
+ Support: Implementation-specific (Services with type ExternalName)
+ maxLength: 63
+ minLength: 1
+ pattern: ^[a-zA-Z]([-a-zA-Z0-9]*[a-zA-Z0-9])?$
+ type: string
+ name:
+ description: Name is the name of the referent.
+ maxLength: 253
+ minLength: 1
+ type: string
+ namespace:
+ description: |-
+ Namespace is the namespace of the backend. When unspecified, the local
+ namespace is inferred.
+
+ Note that when a namespace different than the local namespace is specified,
+ a ReferenceGrant object is required in the referent namespace to allow that
+ namespace's owner to accept the reference. See the ReferenceGrant
+ documentation for details.
+
+ Support: Core
+ maxLength: 63
+ minLength: 1
+ pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?$
+ type: string
+ port:
+ description: |-
+ Port specifies the destination port number to use for this resource.
+ Port is required when the referent is a Kubernetes Service. In this
+ case, the port number is the service port number, not the target port.
+ For other resources, destination port might be derived from the referent
+ resource or this field.
+ format: int32
+ maximum: 65535
+ minimum: 1
+ type: integer
+ weight:
+ default: 1
+ description: |-
+ Weight specifies the proportion of requests forwarded to the referenced
+ backend. This is computed as weight/(sum of all weights in this
+ BackendRefs list). For non-zero values, there may be some epsilon from
+ the exact proportion defined here depending on the precision an
+ implementation supports. Weight is not a percentage and the sum of
+ weights does not need to equal 100.
+
+ If only one backend is specified and it has a weight greater than 0, 100%
+ of the traffic is forwarded to that backend. If weight is set to 0, no
+ traffic should be forwarded for this entry. If unspecified, weight
+ defaults to 1.
+
+ Support for this field varies based on the context where used.
+ format: int32
+ maximum: 1000000
+ minimum: 0
+ type: integer
+ required:
+ - name
+ type: object
+ x-kubernetes-validations:
+ - message: Must have port for Service reference
+ rule: '(size(self.group) == 0 && self.kind == ''Service'')
+ ? has(self.port) : true'
+ maxItems: 16
+ type: array
+ filters:
+ description: |-
+ Filters define the filters that are applied to requests that match
+ this rule.
+
+ Wherever possible, implementations SHOULD implement filters in the order
+ they are specified.
+
+ Implementations MAY choose to implement this ordering strictly, rejecting
+ any combination or order of filters that cannot be supported. If implementations
+ choose a strict interpretation of filter ordering, they MUST clearly document
+ that behavior.
+
+ To reject an invalid combination or order of filters, implementations SHOULD
+ consider the Route Rules with this configuration invalid. If all Route Rules
+ in a Route are invalid, the entire Route would be considered invalid. If only
+ a portion of Route Rules are invalid, implementations MUST set the
+ "PartiallyInvalid" condition for the Route.
+
+ Conformance-levels at this level are defined based on the type of filter:
+
+ - ALL core filters MUST be supported by all implementations.
+ - Implementers are encouraged to support extended filters.
+ - Implementation-specific custom filters have no API guarantees across
+ implementations.
+
+ Specifying the same filter multiple times is not supported unless explicitly
+ indicated in the filter.
+
+ All filters are expected to be compatible with each other except for the
+ URLRewrite and RequestRedirect filters, which may not be combined. If an
+ implementation cannot support other combinations of filters, they must clearly
+ document that limitation. In cases where incompatible or unsupported
+ filters are specified and cause the `Accepted` condition to be set to status
+ `False`, implementations may use the `IncompatibleFilters` reason to specify
+ this configuration error.
+
+ Support: Core
+ items:
+ description: |-
+ HTTPRouteFilter defines processing steps that must be completed during the
+ request or response lifecycle. HTTPRouteFilters are meant as an extension
+ point to express processing that may be done in Gateway implementations. Some
+ examples include request or response modification, implementing
+ authentication strategies, rate-limiting, and traffic shaping. API
+ guarantee/conformance is defined based on the type of the filter.
+
+
+
+ properties:
+ cors:
+ description: |-
+ CORS defines a schema for a filter that responds to the
+ cross-origin request based on HTTP response header.
+
+ Support: Extended
+
+
+ properties:
+ allowCredentials:
+ description: |-
+ AllowCredentials indicates whether the actual cross-origin request allows
+ to include credentials.
+
+ The only valid value for the `Access-Control-Allow-Credentials` response
+ header is true (case-sensitive).
+
+ If the credentials are not allowed in cross-origin requests, the gateway
+ will omit the header `Access-Control-Allow-Credentials` entirely rather
+ than setting its value to false.
+
+ Support: Extended
+ enum:
+ - true
+ type: boolean
+ allowHeaders:
+ description: |-
+ AllowHeaders indicates which HTTP request headers are supported for
+ accessing the requested resource.
+
+ Header names are not case sensitive.
+
+ Multiple header names in the value of the `Access-Control-Allow-Headers`
+ response header are separated by a comma (",").
+
+ When the `AllowHeaders` field is configured with one or more headers, the
+ gateway must return the `Access-Control-Allow-Headers` response header
+ which value is present in the `AllowHeaders` field.
+
+ If any header name in the `Access-Control-Request-Headers` request header
+ is not included in the list of header names specified by the response
+ header `Access-Control-Allow-Headers`, it will present an error on the
+ client side.
+
+ If any header name in the `Access-Control-Allow-Headers` response header
+ does not recognize by the client, it will also occur an error on the
+ client side.
+
+ A wildcard indicates that the requests with all HTTP headers are allowed.
+ The `Access-Control-Allow-Headers` response header can only use `*`
+ wildcard as value when the `AllowCredentials` field is unspecified.
+
+ When the `AllowCredentials` field is specified and `AllowHeaders` field
+ specified with the `*` wildcard, the gateway must specify one or more
+ HTTP headers in the value of the `Access-Control-Allow-Headers` response
+ header. The value of the header `Access-Control-Allow-Headers` is same as
+ the `Access-Control-Request-Headers` header provided by the client. If
+ the header `Access-Control-Request-Headers` is not included in the
+ request, the gateway will omit the `Access-Control-Allow-Headers`
+ response header, instead of specifying the `*` wildcard. A Gateway
+ implementation may choose to add implementation-specific default headers.
+
+ Support: Extended
+ items:
+ description: |-
+ HTTPHeaderName is the name of an HTTP header.
+
+ Valid values include:
+
+ * "Authorization"
+ * "Set-Cookie"
+
+ Invalid values include:
+
+ - ":method" - ":" is an invalid character. This means that HTTP/2 pseudo
+ headers are not currently supported by this type.
+ - "/invalid" - "/ " is an invalid character
+ maxLength: 256
+ minLength: 1
+ pattern: ^[A-Za-z0-9!#$%&'*+\-.^_\x60|~]+$
+ type: string
+ maxItems: 64
+ type: array
+ x-kubernetes-list-type: set
+ allowMethods:
+ description: |-
+ AllowMethods indicates which HTTP methods are supported for accessing the
+ requested resource.
+
+ Valid values are any method defined by RFC9110, along with the special
+ value `*`, which represents all HTTP methods are allowed.
+
+ Method names are case sensitive, so these values are also case-sensitive.
+ (See https://www.rfc-editor.org/rfc/rfc2616#section-5.1.1)
+
+ Multiple method names in the value of the `Access-Control-Allow-Methods`
+ response header are separated by a comma (",").
+
+ A CORS-safelisted method is a method that is `GET`, `HEAD`, or `POST`.
+ (See https://fetch.spec.whatwg.org/#cors-safelisted-method) The
+ CORS-safelisted methods are always allowed, regardless of whether they
+ are specified in the `AllowMethods` field.
+
+ When the `AllowMethods` field is configured with one or more methods, the
+ gateway must return the `Access-Control-Allow-Methods` response header
+ which value is present in the `AllowMethods` field.
+
+ If the HTTP method of the `Access-Control-Request-Method` request header
+ is not included in the list of methods specified by the response header
+ `Access-Control-Allow-Methods`, it will present an error on the client
+ side.
+
+ The `Access-Control-Allow-Methods` response header can only use `*`
+ wildcard as value when the `AllowCredentials` field is unspecified.
+
+ When the `AllowCredentials` field is specified and `AllowMethods` field
+ specified with the `*` wildcard, the gateway must specify one HTTP method
+ in the value of the Access-Control-Allow-Methods response header. The
+ value of the header `Access-Control-Allow-Methods` is same as the
+ `Access-Control-Request-Method` header provided by the client. If the
+ header `Access-Control-Request-Method` is not included in the request,
+ the gateway will omit the `Access-Control-Allow-Methods` response header,
+ instead of specifying the `*` wildcard. A Gateway implementation may
+ choose to add implementation-specific default methods.
+
+ Support: Extended
+ items:
+ enum:
+ - GET
+ - HEAD
+ - POST
+ - PUT
+ - DELETE
+ - CONNECT
+ - OPTIONS
+ - TRACE
+ - PATCH
+ - '*'
+ type: string
+ maxItems: 9
+ type: array
+ x-kubernetes-list-type: set
+ x-kubernetes-validations:
+ - message: AllowMethods cannot contain '*'
+ alongside other methods
+ rule: '!(''*'' in self && self.size() >
+ 1)'
+ allowOrigins:
+ description: |-
+ AllowOrigins indicates whether the response can be shared with requested
+ resource from the given `Origin`.
+
+ The `Origin` consists of a scheme and a host, with an optional port, and
+ takes the form `://(:)`.
+
+ Valid values for scheme are: `http` and `https`.
+
+ Valid values for port are any integer between 1 and 65535 (the list of
+ available TCP/UDP ports). Note that, if not included, port `80` is
+ assumed for `http` scheme origins, and port `443` is assumed for `https`
+ origins. This may affect origin matching.
+
+ The host part of the origin may contain the wildcard character `*`. These
+ wildcard characters behave as follows:
+
+ * `*` is a greedy match to the _left_, including any number of
+ DNS labels to the left of its position. This also means that
+ `*` will include any number of period `.` characters to the
+ left of its position.
+ * A wildcard by itself matches all hosts.
+
+ An origin value that includes _only_ the `*` character indicates requests
+ from all `Origin`s are allowed.
+
+ When the `AllowOrigins` field is configured with multiple origins, it
+ means the server supports clients from multiple origins. If the request
+ `Origin` matches the configured allowed origins, the gateway must return
+ the given `Origin` and sets value of the header
+ `Access-Control-Allow-Origin` same as the `Origin` header provided by the
+ client.
+
+ The status code of a successful response to a "preflight" request is
+ always an OK status (i.e., 204 or 200).
+
+ If the request `Origin` does not match the configured allowed origins,
+ the gateway returns 204/200 response but doesn't set the relevant
+ cross-origin response headers. Alternatively, the gateway responds with
+ 403 status to the "preflight" request is denied, coupled with omitting
+ the CORS headers. The cross-origin request fails on the client side.
+ Therefore, the client doesn't attempt the actual cross-origin request.
+
+ The `Access-Control-Allow-Origin` response header can only use `*`
+ wildcard as value when the `AllowCredentials` field is unspecified.
+
+ When the `AllowCredentials` field is specified and `AllowOrigins` field
+ specified with the `*` wildcard, the gateway must return a single origin
+ in the value of the `Access-Control-Allow-Origin` response header,
+ instead of specifying the `*` wildcard. The value of the header
+ `Access-Control-Allow-Origin` is same as the `Origin` header provided by
+ the client.
+
+ Support: Extended
+ items:
+ description: |-
+ The AbsoluteURI MUST NOT be a relative URI, and it MUST follow the URI syntax and
+ encoding rules specified in RFC3986. The AbsoluteURI MUST include both a
+ scheme (e.g., "http" or "spiffe") and a scheme-specific-part. URIs that
+ include an authority MUST include a fully qualified domain name or
+ IP address as the host.
+ The below regex is taken from the regex section in RFC 3986 with a slight modification to enforce a full URI and not relative.
+ maxLength: 253
+ minLength: 1
+ pattern: ^(([^:/?#]+):)(//([^/?#]*))([^?#]*)(\?([^#]*))?(#(.*))?
+ type: string
+ maxItems: 64
+ type: array
+ x-kubernetes-list-type: set
+ exposeHeaders:
+ description: |-
+ ExposeHeaders indicates which HTTP response headers can be exposed
+ to client-side scripts in response to a cross-origin request.
+
+ A CORS-safelisted response header is an HTTP header in a CORS response
+ that it is considered safe to expose to the client scripts.
+ The CORS-safelisted response headers include the following headers:
+ `Cache-Control`
+ `Content-Language`
+ `Content-Length`
+ `Content-Type`
+ `Expires`
+ `Last-Modified`
+ `Pragma`
+ (See https://fetch.spec.whatwg.org/#cors-safelisted-response-header-name)
+ The CORS-safelisted response headers are exposed to client by default.
+
+ When an HTTP header name is specified using the `ExposeHeaders` field,
+ this additional header will be exposed as part of the response to the
+ client.
+
+ Header names are not case sensitive.
+
+ Multiple header names in the value of the `Access-Control-Expose-Headers`
+ response header are separated by a comma (",").
+
+ A wildcard indicates that the responses with all HTTP headers are exposed
+ to clients. The `Access-Control-Expose-Headers` response header can only
+ use `*` wildcard as value when the `AllowCredentials` field is
+ unspecified.
+
+ Support: Extended
+ items:
+ description: |-
+ HTTPHeaderName is the name of an HTTP header.
+
+ Valid values include:
+
+ * "Authorization"
+ * "Set-Cookie"
+
+ Invalid values include:
+
+ - ":method" - ":" is an invalid character. This means that HTTP/2 pseudo
+ headers are not currently supported by this type.
+ - "/invalid" - "/ " is an invalid character
+ maxLength: 256
+ minLength: 1
+ pattern: ^[A-Za-z0-9!#$%&'*+\-.^_\x60|~]+$
+ type: string
+ maxItems: 64
+ type: array
+ x-kubernetes-list-type: set
+ maxAge:
+ default: 5
+ description: |-
+ MaxAge indicates the duration (in seconds) for the client to cache the
+ results of a "preflight" request.
+
+ The information provided by the `Access-Control-Allow-Methods` and
+ `Access-Control-Allow-Headers` response headers can be cached by the
+ client until the time specified by `Access-Control-Max-Age` elapses.
+
+ The default value of `Access-Control-Max-Age` response header is 5
+ (seconds).
+ format: int32
+ minimum: 1
+ type: integer
+ type: object
+ extensionRef:
+ description: |-
+ ExtensionRef is an optional, implementation-specific extension to the
+ "filter" behavior. For example, resource "myroutefilter" in group
+ "networking.example.net"). ExtensionRef MUST NOT be used for core and
+ extended filters.
+
+ This filter can be used multiple times within the same rule.
+
+ Support: Implementation-specific
+ properties:
+ group:
+ description: |-
+ Group is the group of the referent. For example, "gateway.networking.k8s.io".
+ When unspecified or empty string, core API group is inferred.
+ maxLength: 253
+ pattern: ^$|^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$
+ type: string
+ kind:
+ description: Kind is kind of the referent.
+ For example "HTTPRoute" or "Service".
+ maxLength: 63
+ minLength: 1
+ pattern: ^[a-zA-Z]([-a-zA-Z0-9]*[a-zA-Z0-9])?$
+ type: string
+ name:
+ description: Name is the name of the referent.
+ maxLength: 253
+ minLength: 1
+ type: string
+ required:
+ - group
+ - kind
+ - name
+ type: object
+ requestHeaderModifier:
+ description: |-
+ RequestHeaderModifier defines a schema for a filter that modifies request
+ headers.
+
+ Support: Core
+ properties:
+ add:
+ description: |-
+ Add adds the given header(s) (name, value) to the request
+ before the action. It appends to any existing values associated
+ with the header name.
+
+ Input:
+ GET /foo HTTP/1.1
+ my-header: foo
+
+ Config:
+ add:
+ - name: "my-header"
+ value: "bar,baz"
+
+ Output:
+ GET /foo HTTP/1.1
+ my-header: foo,bar,baz
+ items:
+ description: HTTPHeader represents an HTTP
+ Header name and value as defined by RFC
+ 7230.
+ properties:
+ name:
+ description: |-
+ Name is the name of the HTTP Header to be matched. Name matching MUST be
+ case-insensitive. (See https://tools.ietf.org/html/rfc7230#section-3.2).
+
+ If multiple entries specify equivalent header names, the first entry with
+ an equivalent name MUST be considered for a match. Subsequent entries
+ with an equivalent header name MUST be ignored. Due to the
+ case-insensitivity of header names, "foo" and "Foo" are considered
+ equivalent.
+ maxLength: 256
+ minLength: 1
+ pattern: ^[A-Za-z0-9!#$%&'*+\-.^_\x60|~]+$
+ type: string
+ value:
+ description: Value is the value of HTTP
+ Header to be matched.
+ maxLength: 4096
+ minLength: 1
+ type: string
+ required:
+ - name
+ - value
+ type: object
+ maxItems: 16
+ type: array
+ x-kubernetes-list-map-keys:
+ - name
+ x-kubernetes-list-type: map
+ remove:
+ description: |-
+ Remove the given header(s) from the HTTP request before the action. The
+ value of Remove is a list of HTTP header names. Note that the header
+ names are case-insensitive (see
+ https://datatracker.ietf.org/doc/html/rfc2616#section-4.2).
+
+ Input:
+ GET /foo HTTP/1.1
+ my-header1: foo
+ my-header2: bar
+ my-header3: baz
+
+ Config:
+ remove: ["my-header1", "my-header3"]
+
+ Output:
+ GET /foo HTTP/1.1
+ my-header2: bar
+ items:
+ type: string
+ maxItems: 16
+ type: array
+ x-kubernetes-list-type: set
+ set:
+ description: |-
+ Set overwrites the request with the given header (name, value)
+ before the action.
+
+ Input:
+ GET /foo HTTP/1.1
+ my-header: foo
+
+ Config:
+ set:
+ - name: "my-header"
+ value: "bar"
+
+ Output:
+ GET /foo HTTP/1.1
+ my-header: bar
+ items:
+ description: HTTPHeader represents an HTTP
+ Header name and value as defined by RFC
+ 7230.
+ properties:
+ name:
+ description: |-
+ Name is the name of the HTTP Header to be matched. Name matching MUST be
+ case-insensitive. (See https://tools.ietf.org/html/rfc7230#section-3.2).
+
+ If multiple entries specify equivalent header names, the first entry with
+ an equivalent name MUST be considered for a match. Subsequent entries
+ with an equivalent header name MUST be ignored. Due to the
+ case-insensitivity of header names, "foo" and "Foo" are considered
+ equivalent.
+ maxLength: 256
+ minLength: 1
+ pattern: ^[A-Za-z0-9!#$%&'*+\-.^_\x60|~]+$
+ type: string
+ value:
+ description: Value is the value of HTTP
+ Header to be matched.
+ maxLength: 4096
+ minLength: 1
+ type: string
+ required:
+ - name
+ - value
+ type: object
+ maxItems: 16
+ type: array
+ x-kubernetes-list-map-keys:
+ - name
+ x-kubernetes-list-type: map
+ type: object
+ requestMirror:
+ description: |-
+ RequestMirror defines a schema for a filter that mirrors requests.
+ Requests are sent to the specified destination, but responses from
+ that destination are ignored.
+
+ This filter can be used multiple times within the same rule. Note that
+ not all implementations will be able to support mirroring to multiple
+ backends.
+
+ Support: Extended
+ properties:
+ backendRef:
+ description: |-
+ BackendRef references a resource where mirrored requests are sent.
+
+ Mirrored requests must be sent only to a single destination endpoint
+ within this BackendRef, irrespective of how many endpoints are present
+ within this BackendRef.
+
+ If the referent cannot be found, this BackendRef is invalid and must be
+ dropped from the Gateway. The controller must ensure the "ResolvedRefs"
+ condition on the Route status is set to `status: False` and not configure
+ this backend in the underlying implementation.
+
+ If there is a cross-namespace reference to an *existing* object
+ that is not allowed by a ReferenceGrant, the controller must ensure the
+ "ResolvedRefs" condition on the Route is set to `status: False`,
+ with the "RefNotPermitted" reason and not configure this backend in the
+ underlying implementation.
+
+ In either error case, the Message of the `ResolvedRefs` Condition
+ should be used to provide more detail about the problem.
+
+ Support: Extended for Kubernetes Service
+
+ Support: Implementation-specific for any other resource
+ properties:
+ group:
+ default: ""
+ description: |-
+ Group is the group of the referent. For example, "gateway.networking.k8s.io".
+ When unspecified or empty string, core API group is inferred.
+ maxLength: 253
+ pattern: ^$|^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$
+ type: string
+ kind:
+ default: Service
+ description: |-
+ Kind is the Kubernetes resource kind of the referent. For example
+ "Service".
+
+ Defaults to "Service" when not specified.
+
+ ExternalName services can refer to CNAME DNS records that may live
+ outside of the cluster and as such are difficult to reason about in
+ terms of conformance. They also may not be safe to forward to (see
+ CVE-2021-25740 for more information). Implementations SHOULD NOT
+ support ExternalName Services.
+
+ Support: Core (Services with a type other than ExternalName)
+
+ Support: Implementation-specific (Services with type ExternalName)
+ maxLength: 63
+ minLength: 1
+ pattern: ^[a-zA-Z]([-a-zA-Z0-9]*[a-zA-Z0-9])?$
+ type: string
+ name:
+ description: Name is the name of the referent.
+ maxLength: 253
+ minLength: 1
+ type: string
+ namespace:
+ description: |-
+ Namespace is the namespace of the backend. When unspecified, the local
+ namespace is inferred.
+
+ Note that when a namespace different than the local namespace is specified,
+ a ReferenceGrant object is required in the referent namespace to allow that
+ namespace's owner to accept the reference. See the ReferenceGrant
+ documentation for details.
+
+ Support: Core
+ maxLength: 63
+ minLength: 1
+ pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?$
+ type: string
+ port:
+ description: |-
+ Port specifies the destination port number to use for this resource.
+ Port is required when the referent is a Kubernetes Service. In this
+ case, the port number is the service port number, not the target port.
+ For other resources, destination port might be derived from the referent
+ resource or this field.
+ format: int32
+ maximum: 65535
+ minimum: 1
+ type: integer
+ required:
+ - name
+ type: object
+ x-kubernetes-validations:
+ - message: Must have port for Service reference
+ rule: '(size(self.group) == 0 && self.kind
+ == ''Service'') ? has(self.port) : true'
+ fraction:
+ description: |-
+ Fraction represents the fraction of requests that should be
+ mirrored to BackendRef.
+
+ Only one of Fraction or Percent may be specified. If neither field
+ is specified, 100% of requests will be mirrored.
+ properties:
+ denominator:
+ default: 100
+ format: int32
+ minimum: 1
+ type: integer
+ numerator:
+ format: int32
+ minimum: 0
+ type: integer
+ required:
+ - numerator
+ type: object
+ x-kubernetes-validations:
+ - message: numerator must be less than or
+ equal to denominator
+ rule: self.numerator <= self.denominator
+ percent:
+ description: |-
+ Percent represents the percentage of requests that should be
+ mirrored to BackendRef. Its minimum value is 0 (indicating 0% of
+ requests) and its maximum value is 100 (indicating 100% of requests).
+
+ Only one of Fraction or Percent may be specified. If neither field
+ is specified, 100% of requests will be mirrored.
+ format: int32
+ maximum: 100
+ minimum: 0
+ type: integer
+ required:
+ - backendRef
+ type: object
+ x-kubernetes-validations:
+ - message: Only one of percent or fraction may
+ be specified in HTTPRequestMirrorFilter
+ rule: '!(has(self.percent) && has(self.fraction))'
+ requestRedirect:
+ description: |-
+ RequestRedirect defines a schema for a filter that responds to the
+ request with an HTTP redirection.
+
+ Support: Core
+ properties:
+ hostname:
+ description: |-
+ Hostname is the hostname to be used in the value of the `Location`
+ header in the response.
+ When empty, the hostname in the `Host` header of the request is used.
+
+ Support: Core
+ maxLength: 253
+ minLength: 1
+ pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$
+ type: string
+ path:
+ description: |-
+ Path defines parameters used to modify the path of the incoming request.
+ The modified path is then used to construct the `Location` header. When
+ empty, the request path is used as-is.
+
+ Support: Extended
+ properties:
+ replaceFullPath:
+ description: |-
+ ReplaceFullPath specifies the value with which to replace the full path
+ of a request during a rewrite or redirect.
+ maxLength: 1024
+ type: string
+ replacePrefixMatch:
+ description: |-
+ ReplacePrefixMatch specifies the value with which to replace the prefix
+ match of a request during a rewrite or redirect. For example, a request
+ to "/foo/bar" with a prefix match of "/foo" and a ReplacePrefixMatch
+ of "/xyz" would be modified to "/xyz/bar".
+
+ Note that this matches the behavior of the PathPrefix match type. This
+ matches full path elements. A path element refers to the list of labels
+ in the path split by the `/` separator. When specified, a trailing `/` is
+ ignored. For example, the paths `/abc`, `/abc/`, and `/abc/def` would all
+ match the prefix `/abc`, but the path `/abcd` would not.
+
+ ReplacePrefixMatch is only compatible with a `PathPrefix` HTTPRouteMatch.
+ Using any other HTTPRouteMatch type on the same HTTPRouteRule will result in
+ the implementation setting the Accepted Condition for the Route to `status: False`.
+
+ Request Path | Prefix Match | Replace Prefix | Modified Path
+ maxLength: 1024
+ type: string
+ type:
+ description: |-
+ Type defines the type of path modifier. Additional types may be
+ added in a future release of the API.
+
+ Note that values may be added to this enum, implementations
+ must ensure that unknown values will not cause a crash.
+
+ Unknown values here must result in the implementation setting the
+ Accepted Condition for the Route to `status: False`, with a
+ Reason of `UnsupportedValue`.
+ enum:
+ - ReplaceFullPath
+ - ReplacePrefixMatch
+ type: string
+ required:
+ - type
+ type: object
+ x-kubernetes-validations:
+ - message: replaceFullPath must be specified
+ when type is set to 'ReplaceFullPath'
+ rule: 'self.type == ''ReplaceFullPath''
+ ? has(self.replaceFullPath) : true'
+ - message: type must be 'ReplaceFullPath'
+ when replaceFullPath is set
+ rule: 'has(self.replaceFullPath) ? self.type
+ == ''ReplaceFullPath'' : true'
+ - message: replacePrefixMatch must be specified
+ when type is set to 'ReplacePrefixMatch'
+ rule: 'self.type == ''ReplacePrefixMatch''
+ ? has(self.replacePrefixMatch) : true'
+ - message: type must be 'ReplacePrefixMatch'
+ when replacePrefixMatch is set
+ rule: 'has(self.replacePrefixMatch) ? self.type
+ == ''ReplacePrefixMatch'' : true'
+ port:
+ description: |-
+ Port is the port to be used in the value of the `Location`
+ header in the response.
+
+ If no port is specified, the redirect port MUST be derived using the
+ following rules:
+
+ * If redirect scheme is not-empty, the redirect port MUST be the well-known
+ port associated with the redirect scheme. Specifically "http" to port 80
+ and "https" to port 443. If the redirect scheme does not have a
+ well-known port, the listener port of the Gateway SHOULD be used.
+ * If redirect scheme is empty, the redirect port MUST be the Gateway
+ Listener port.
+
+ Implementations SHOULD NOT add the port number in the 'Location'
+ header in the following cases:
+
+ * A Location header that will use HTTP (whether that is determined via
+ the Listener protocol or the Scheme field) _and_ use port 80.
+ * A Location header that will use HTTPS (whether that is determined via
+ the Listener protocol or the Scheme field) _and_ use port 443.
+
+ Support: Extended
+ format: int32
+ maximum: 65535
+ minimum: 1
+ type: integer
+ scheme:
+ description: |-
+ Scheme is the scheme to be used in the value of the `Location` header in
+ the response. When empty, the scheme of the request is used.
+
+ Scheme redirects can affect the port of the redirect, for more information,
+ refer to the documentation for the port field of this filter.
+
+ Note that values may be added to this enum, implementations
+ must ensure that unknown values will not cause a crash.
+
+ Unknown values here must result in the implementation setting the
+ Accepted Condition for the Route to `status: False`, with a
+ Reason of `UnsupportedValue`.
+
+ Support: Extended
+ enum:
+ - http
+ - https
+ type: string
+ statusCode:
+ default: 302
+ description: |-
+ StatusCode is the HTTP status code to be used in response.
+
+ Note that values may be added to this enum, implementations
+ must ensure that unknown values will not cause a crash.
+
+ Unknown values here must result in the implementation setting the
+ Accepted Condition for the Route to `status: False`, with a
+ Reason of `UnsupportedValue`.
+
+ Support: Core
+ enum:
+ - 301
+ - 302
+ type: integer
+ type: object
+ responseHeaderModifier:
+ description: |-
+ ResponseHeaderModifier defines a schema for a filter that modifies response
+ headers.
+
+ Support: Extended
+ properties:
+ add:
+ description: |-
+ Add adds the given header(s) (name, value) to the request
+ before the action. It appends to any existing values associated
+ with the header name.
+
+ Input:
+ GET /foo HTTP/1.1
+ my-header: foo
+
+ Config:
+ add:
+ - name: "my-header"
+ value: "bar,baz"
+
+ Output:
+ GET /foo HTTP/1.1
+ my-header: foo,bar,baz
+ items:
+ description: HTTPHeader represents an HTTP
+ Header name and value as defined by RFC
+ 7230.
+ properties:
+ name:
+ description: |-
+ Name is the name of the HTTP Header to be matched. Name matching MUST be
+ case-insensitive. (See https://tools.ietf.org/html/rfc7230#section-3.2).
+
+ If multiple entries specify equivalent header names, the first entry with
+ an equivalent name MUST be considered for a match. Subsequent entries
+ with an equivalent header name MUST be ignored. Due to the
+ case-insensitivity of header names, "foo" and "Foo" are considered
+ equivalent.
+ maxLength: 256
+ minLength: 1
+ pattern: ^[A-Za-z0-9!#$%&'*+\-.^_\x60|~]+$
+ type: string
+ value:
+ description: Value is the value of HTTP
+ Header to be matched.
+ maxLength: 4096
+ minLength: 1
+ type: string
+ required:
+ - name
+ - value
+ type: object
+ maxItems: 16
+ type: array
+ x-kubernetes-list-map-keys:
+ - name
+ x-kubernetes-list-type: map
+ remove:
+ description: |-
+ Remove the given header(s) from the HTTP request before the action. The
+ value of Remove is a list of HTTP header names. Note that the header
+ names are case-insensitive (see
+ https://datatracker.ietf.org/doc/html/rfc2616#section-4.2).
+
+ Input:
+ GET /foo HTTP/1.1
+ my-header1: foo
+ my-header2: bar
+ my-header3: baz
+
+ Config:
+ remove: ["my-header1", "my-header3"]
+
+ Output:
+ GET /foo HTTP/1.1
+ my-header2: bar
+ items:
+ type: string
+ maxItems: 16
+ type: array
+ x-kubernetes-list-type: set
+ set:
+ description: |-
+ Set overwrites the request with the given header (name, value)
+ before the action.
+
+ Input:
+ GET /foo HTTP/1.1
+ my-header: foo
+
+ Config:
+ set:
+ - name: "my-header"
+ value: "bar"
+
+ Output:
+ GET /foo HTTP/1.1
+ my-header: bar
+ items:
+ description: HTTPHeader represents an HTTP
+ Header name and value as defined by RFC
+ 7230.
+ properties:
+ name:
+ description: |-
+ Name is the name of the HTTP Header to be matched. Name matching MUST be
+ case-insensitive. (See https://tools.ietf.org/html/rfc7230#section-3.2).
+
+ If multiple entries specify equivalent header names, the first entry with
+ an equivalent name MUST be considered for a match. Subsequent entries
+ with an equivalent header name MUST be ignored. Due to the
+ case-insensitivity of header names, "foo" and "Foo" are considered
+ equivalent.
+ maxLength: 256
+ minLength: 1
+ pattern: ^[A-Za-z0-9!#$%&'*+\-.^_\x60|~]+$
+ type: string
+ value:
+ description: Value is the value of HTTP
+ Header to be matched.
+ maxLength: 4096
+ minLength: 1
+ type: string
+ required:
+ - name
+ - value
+ type: object
+ maxItems: 16
+ type: array
+ x-kubernetes-list-map-keys:
+ - name
+ x-kubernetes-list-type: map
+ type: object
+ type:
+ description: |-
+ Type identifies the type of filter to apply. As with other API fields,
+ types are classified into three conformance levels:
+
+ - Core: Filter types and their corresponding configuration defined by
+ "Support: Core" in this package, e.g. "RequestHeaderModifier". All
+ implementations must support core filters.
+
+ - Extended: Filter types and their corresponding configuration defined by
+ "Support: Extended" in this package, e.g. "RequestMirror". Implementers
+ are encouraged to support extended filters.
+
+ - Implementation-specific: Filters that are defined and supported by
+ specific vendors.
+ In the future, filters showing convergence in behavior across multiple
+ implementations will be considered for inclusion in extended or core
+ conformance levels. Filter-specific configuration for such filters
+ is specified using the ExtensionRef field. `Type` should be set to
+ "ExtensionRef" for custom filters.
+
+ Implementers are encouraged to define custom implementation types to
+ extend the core API with implementation-specific behavior.
+
+ If a reference to a custom filter type cannot be resolved, the filter
+ MUST NOT be skipped. Instead, requests that would have been processed by
+ that filter MUST receive a HTTP error response.
+
+ Note that values may be added to this enum, implementations
+ must ensure that unknown values will not cause a crash.
+
+ Unknown values here must result in the implementation setting the
+ Accepted Condition for the Route to `status: False`, with a
+ Reason of `UnsupportedValue`.
+
+
+ enum:
+ - RequestHeaderModifier
+ - ResponseHeaderModifier
+ - RequestMirror
+ - RequestRedirect
+ - URLRewrite
+ - ExtensionRef
+ type: string
+ urlRewrite:
+ description: |-
+ URLRewrite defines a schema for a filter that modifies a request during forwarding.
+
+ Support: Extended
+ properties:
+ hostname:
+ description: |-
+ Hostname is the value to be used to replace the Host header value during
+ forwarding.
+
+ Support: Extended
+ maxLength: 253
+ minLength: 1
+ pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$
+ type: string
+ path:
+ description: |-
+ Path defines a path rewrite.
+
+ Support: Extended
+ properties:
+ replaceFullPath:
+ description: |-
+ ReplaceFullPath specifies the value with which to replace the full path
+ of a request during a rewrite or redirect.
+ maxLength: 1024
+ type: string
+ replacePrefixMatch:
+ description: |-
+ ReplacePrefixMatch specifies the value with which to replace the prefix
+ match of a request during a rewrite or redirect. For example, a request
+ to "/foo/bar" with a prefix match of "/foo" and a ReplacePrefixMatch
+ of "/xyz" would be modified to "/xyz/bar".
+
+ Note that this matches the behavior of the PathPrefix match type. This
+ matches full path elements. A path element refers to the list of labels
+ in the path split by the `/` separator. When specified, a trailing `/` is
+ ignored. For example, the paths `/abc`, `/abc/`, and `/abc/def` would all
+ match the prefix `/abc`, but the path `/abcd` would not.
+
+ ReplacePrefixMatch is only compatible with a `PathPrefix` HTTPRouteMatch.
+ Using any other HTTPRouteMatch type on the same HTTPRouteRule will result in
+ the implementation setting the Accepted Condition for the Route to `status: False`.
+
+ Request Path | Prefix Match | Replace Prefix | Modified Path
+ maxLength: 1024
+ type: string
+ type:
+ description: |-
+ Type defines the type of path modifier. Additional types may be
+ added in a future release of the API.
+
+ Note that values may be added to this enum, implementations
+ must ensure that unknown values will not cause a crash.
+
+ Unknown values here must result in the implementation setting the
+ Accepted Condition for the Route to `status: False`, with a
+ Reason of `UnsupportedValue`.
+ enum:
+ - ReplaceFullPath
+ - ReplacePrefixMatch
+ type: string
+ required:
+ - type
+ type: object
+ x-kubernetes-validations:
+ - message: replaceFullPath must be specified
+ when type is set to 'ReplaceFullPath'
+ rule: 'self.type == ''ReplaceFullPath''
+ ? has(self.replaceFullPath) : true'
+ - message: type must be 'ReplaceFullPath'
+ when replaceFullPath is set
+ rule: 'has(self.replaceFullPath) ? self.type
+ == ''ReplaceFullPath'' : true'
+ - message: replacePrefixMatch must be specified
+ when type is set to 'ReplacePrefixMatch'
+ rule: 'self.type == ''ReplacePrefixMatch''
+ ? has(self.replacePrefixMatch) : true'
+ - message: type must be 'ReplacePrefixMatch'
+ when replacePrefixMatch is set
+ rule: 'has(self.replacePrefixMatch) ? self.type
+ == ''ReplacePrefixMatch'' : true'
+ type: object
+ required:
+ - type
+ type: object
+ x-kubernetes-validations:
+ - message: filter.requestHeaderModifier must be nil
+ if the filter.type is not RequestHeaderModifier
+ rule: '!(has(self.requestHeaderModifier) && self.type
+ != ''RequestHeaderModifier'')'
+ - message: filter.requestHeaderModifier must be specified
+ for RequestHeaderModifier filter.type
+ rule: '!(!has(self.requestHeaderModifier) && self.type
+ == ''RequestHeaderModifier'')'
+ - message: filter.responseHeaderModifier must be nil
+ if the filter.type is not ResponseHeaderModifier
+ rule: '!(has(self.responseHeaderModifier) && self.type
+ != ''ResponseHeaderModifier'')'
+ - message: filter.responseHeaderModifier must be specified
+ for ResponseHeaderModifier filter.type
+ rule: '!(!has(self.responseHeaderModifier) && self.type
+ == ''ResponseHeaderModifier'')'
+ - message: filter.requestMirror must be nil if the
+ filter.type is not RequestMirror
+ rule: '!(has(self.requestMirror) && self.type !=
+ ''RequestMirror'')'
+ - message: filter.requestMirror must be specified
+ for RequestMirror filter.type
+ rule: '!(!has(self.requestMirror) && self.type ==
+ ''RequestMirror'')'
+ - message: filter.requestRedirect must be nil if the
+ filter.type is not RequestRedirect
+ rule: '!(has(self.requestRedirect) && self.type
+ != ''RequestRedirect'')'
+ - message: filter.requestRedirect must be specified
+ for RequestRedirect filter.type
+ rule: '!(!has(self.requestRedirect) && self.type
+ == ''RequestRedirect'')'
+ - message: filter.urlRewrite must be nil if the filter.type
+ is not URLRewrite
+ rule: '!(has(self.urlRewrite) && self.type != ''URLRewrite'')'
+ - message: filter.urlRewrite must be specified for
+ URLRewrite filter.type
+ rule: '!(!has(self.urlRewrite) && self.type == ''URLRewrite'')'
+ - message: filter.extensionRef must be nil if the
+ filter.type is not ExtensionRef
+ rule: '!(has(self.extensionRef) && self.type !=
+ ''ExtensionRef'')'
+ - message: filter.extensionRef must be specified for
+ ExtensionRef filter.type
+ rule: '!(!has(self.extensionRef) && self.type ==
+ ''ExtensionRef'')'
+ maxItems: 16
+ type: array
+ x-kubernetes-validations:
+ - message: May specify either httpRouteFilterRequestRedirect
+ or httpRouteFilterRequestRewrite, but not both
+ rule: '!(self.exists(f, f.type == ''RequestRedirect'')
+ && self.exists(f, f.type == ''URLRewrite''))'
+ - message: RequestHeaderModifier filter cannot be repeated
+ rule: self.filter(f, f.type == 'RequestHeaderModifier').size()
+ <= 1
+ - message: ResponseHeaderModifier filter cannot be repeated
+ rule: self.filter(f, f.type == 'ResponseHeaderModifier').size()
+ <= 1
+ - message: RequestRedirect filter cannot be repeated
+ rule: self.filter(f, f.type == 'RequestRedirect').size()
+ <= 1
+ - message: URLRewrite filter cannot be repeated
+ rule: self.filter(f, f.type == 'URLRewrite').size()
+ <= 1
+ matches:
+ default:
+ - path:
+ type: PathPrefix
+ value: /
+ description: |-
+ Matches define conditions used for matching the rule against incoming
+ HTTP requests. Each match is independent, i.e. this rule will be matched
+ if **any** one of the matches is satisfied.
+
+ For example, take the following matches configuration:
+
+ ```
+ matches:
+ - path:
+ value: "/foo"
+ headers:
+ - name: "version"
+ value: "v2"
+ - path:
+ value: "/v2/foo"
+ ```
+
+ For a request to match against this rule, a request must satisfy
+ EITHER of the two conditions:
+
+ - path prefixed with `/foo` AND contains the header `version: v2`
+ - path prefix of `/v2/foo`
+
+ See the documentation for HTTPRouteMatch on how to specify multiple
+ match conditions that should be ANDed together.
+
+ If no matches are specified, the default is a prefix
+ path match on "/", which has the effect of matching every
+ HTTP request.
+
+ Proxy or Load Balancer routing configuration generated from HTTPRoutes
+ MUST prioritize matches based on the following criteria, continuing on
+ ties. Across all rules specified on applicable Routes, precedence must be
+ given to the match having:
+
+ * "Exact" path match.
+ * "Prefix" path match with largest number of characters.
+ * Method match.
+ * Largest number of header matches.
+ * Largest number of query param matches.
+
+ Note: The precedence of RegularExpression path matches are implementation-specific.
+
+ If ties still exist across multiple Routes, matching precedence MUST be
+ determined in order of the following criteria, continuing on ties:
+
+ * The oldest Route based on creation timestamp.
+ * The Route appearing first in alphabetical order by
+ "{namespace}/{name}".
+
+ If ties still exist within an HTTPRoute, matching precedence MUST be granted
+ to the FIRST matching rule (in list order) with a match meeting the above
+ criteria.
+
+ When no rules matching a request have been successfully attached to the
+ parent a request is coming from, a HTTP 404 status code MUST be returned.
+ items:
+ description: "HTTPRouteMatch defines the predicate
+ used to match requests to a given\naction. Multiple
+ match types are ANDed together, i.e. the match will\nevaluate
+ to true only if all conditions are satisfied.\n\nFor
+ example, the match below will match a HTTP request
+ only if its path\nstarts with `/foo` AND it contains
+ the `version: v1` header:\n\n```\nmatch:\n\n\tpath:\n\t
+ \ value: \"/foo\"\n\theaders:\n\t- name: \"version\"\n\t
+ \ value \"v1\"\n\n```"
+ properties:
+ headers:
+ description: |-
+ Headers specifies HTTP request header matchers. Multiple match values are
+ ANDed together, meaning, a request must match all the specified headers
+ to select the route.
+ items:
+ description: |-
+ HTTPHeaderMatch describes how to select a HTTP route by matching HTTP request
+ headers.
+ properties:
+ name:
+ description: |-
+ Name is the name of the HTTP Header to be matched. Name matching MUST be
+ case-insensitive. (See https://tools.ietf.org/html/rfc7230#section-3.2).
+
+ If multiple entries specify equivalent header names, only the first
+ entry with an equivalent name MUST be considered for a match. Subsequent
+ entries with an equivalent header name MUST be ignored. Due to the
+ case-insensitivity of header names, "foo" and "Foo" are considered
+ equivalent.
+
+ When a header is repeated in an HTTP request, it is
+ implementation-specific behavior as to how this is represented.
+ Generally, proxies should follow the guidance from the RFC:
+ https://www.rfc-editor.org/rfc/rfc7230.html#section-3.2.2 regarding
+ processing a repeated header, with special handling for "Set-Cookie".
+ maxLength: 256
+ minLength: 1
+ pattern: ^[A-Za-z0-9!#$%&'*+\-.^_\x60|~]+$
+ type: string
+ type:
+ default: Exact
+ description: |-
+ Type specifies how to match against the value of the header.
+
+ Support: Core (Exact)
+
+ Support: Implementation-specific (RegularExpression)
+
+ Since RegularExpression HeaderMatchType has implementation-specific
+ conformance, implementations can support POSIX, PCRE or any other dialects
+ of regular expressions. Please read the implementation's documentation to
+ determine the supported dialect.
+ enum:
+ - Exact
+ - RegularExpression
+ type: string
+ value:
+ description: Value is the value of HTTP
+ Header to be matched.
+ maxLength: 4096
+ minLength: 1
+ type: string
+ required:
+ - name
+ - value
+ type: object
+ maxItems: 16
+ type: array
+ x-kubernetes-list-map-keys:
+ - name
+ x-kubernetes-list-type: map
+ method:
+ description: |-
+ Method specifies HTTP method matcher.
+ When specified, this route will be matched only if the request has the
+ specified method.
+
+ Support: Extended
+ enum:
+ - GET
+ - HEAD
+ - POST
+ - PUT
+ - DELETE
+ - CONNECT
+ - OPTIONS
+ - TRACE
+ - PATCH
+ type: string
+ path:
+ default:
+ type: PathPrefix
+ value: /
+ description: |-
+ Path specifies a HTTP request path matcher. If this field is not
+ specified, a default prefix match on the "/" path is provided.
+ properties:
+ type:
+ default: PathPrefix
+ description: |-
+ Type specifies how to match against the path Value.
+
+ Support: Core (Exact, PathPrefix)
+
+ Support: Implementation-specific (RegularExpression)
+ enum:
+ - Exact
+ - PathPrefix
+ - RegularExpression
+ type: string
+ value:
+ default: /
+ description: Value of the HTTP path to match
+ against.
+ maxLength: 1024
+ type: string
+ type: object
+ x-kubernetes-validations:
+ - message: value must be an absolute path and
+ start with '/' when type one of ['Exact',
+ 'PathPrefix']
+ rule: '(self.type in [''Exact'',''PathPrefix''])
+ ? self.value.startsWith(''/'') : true'
+ - message: must not contain '//' when type one
+ of ['Exact', 'PathPrefix']
+ rule: '(self.type in [''Exact'',''PathPrefix''])
+ ? !self.value.contains(''//'') : true'
+ - message: must not contain '/./' when type one
+ of ['Exact', 'PathPrefix']
+ rule: '(self.type in [''Exact'',''PathPrefix''])
+ ? !self.value.contains(''/./'') : true'
+ - message: must not contain '/../' when type one
+ of ['Exact', 'PathPrefix']
+ rule: '(self.type in [''Exact'',''PathPrefix''])
+ ? !self.value.contains(''/../'') : true'
+ - message: must not contain '%2f' when type one
+ of ['Exact', 'PathPrefix']
+ rule: '(self.type in [''Exact'',''PathPrefix''])
+ ? !self.value.contains(''%2f'') : true'
+ - message: must not contain '%2F' when type one
+ of ['Exact', 'PathPrefix']
+ rule: '(self.type in [''Exact'',''PathPrefix''])
+ ? !self.value.contains(''%2F'') : true'
+ - message: must not contain '#' when type one
+ of ['Exact', 'PathPrefix']
+ rule: '(self.type in [''Exact'',''PathPrefix''])
+ ? !self.value.contains(''#'') : true'
+ - message: must not end with '/..' when type one
+ of ['Exact', 'PathPrefix']
+ rule: '(self.type in [''Exact'',''PathPrefix''])
+ ? !self.value.endsWith(''/..'') : true'
+ - message: must not end with '/.' when type one
+ of ['Exact', 'PathPrefix']
+ rule: '(self.type in [''Exact'',''PathPrefix''])
+ ? !self.value.endsWith(''/.'') : true'
+ - message: type must be one of ['Exact', 'PathPrefix',
+ 'RegularExpression']
+ rule: self.type in ['Exact','PathPrefix'] ||
+ self.type == 'RegularExpression'
+ - message: must only contain valid characters
+ (matching ^(?:[-A-Za-z0-9/._~!$&'()*+,;=:@]|[%][0-9a-fA-F]{2})+$)
+ for types ['Exact', 'PathPrefix']
+ rule: '(self.type in [''Exact'',''PathPrefix''])
+ ? self.value.matches(r"""^(?:[-A-Za-z0-9/._~!$&''()*+,;=:@]|[%][0-9a-fA-F]{2})+$""")
+ : true'
+ queryParams:
+ description: |-
+ QueryParams specifies HTTP query parameter matchers. Multiple match
+ values are ANDed together, meaning, a request must match all the
+ specified query parameters to select the route.
+
+ Support: Extended
+ items:
+ description: |-
+ HTTPQueryParamMatch describes how to select a HTTP route by matching HTTP
+ query parameters.
+ properties:
+ name:
+ description: |-
+ Name is the name of the HTTP query param to be matched. This must be an
+ exact string match. (See
+ https://tools.ietf.org/html/rfc7230#section-2.7.3).
+
+ If multiple entries specify equivalent query param names, only the first
+ entry with an equivalent name MUST be considered for a match. Subsequent
+ entries with an equivalent query param name MUST be ignored.
+
+ If a query param is repeated in an HTTP request, the behavior is
+ purposely left undefined, since different data planes have different
+ capabilities. However, it is *recommended* that implementations should
+ match against the first value of the param if the data plane supports it,
+ as this behavior is expected in other load balancing contexts outside of
+ the Gateway API.
+
+ Users SHOULD NOT route traffic based on repeated query params to guard
+ themselves against potential differences in the implementations.
+ maxLength: 256
+ minLength: 1
+ pattern: ^[A-Za-z0-9!#$%&'*+\-.^_\x60|~]+$
+ type: string
+ type:
+ default: Exact
+ description: |-
+ Type specifies how to match against the value of the query parameter.
+
+ Support: Extended (Exact)
+
+ Support: Implementation-specific (RegularExpression)
+
+ Since RegularExpression QueryParamMatchType has Implementation-specific
+ conformance, implementations can support POSIX, PCRE or any other
+ dialects of regular expressions. Please read the implementation's
+ documentation to determine the supported dialect.
+ enum:
+ - Exact
+ - RegularExpression
+ type: string
+ value:
+ description: Value is the value of HTTP
+ query param to be matched.
+ maxLength: 1024
+ minLength: 1
+ type: string
+ required:
+ - name
+ - value
+ type: object
+ maxItems: 16
+ type: array
+ x-kubernetes-list-map-keys:
+ - name
+ x-kubernetes-list-type: map
+ type: object
+ maxItems: 64
+ type: array
+ name:
+ description: |-
+ Name is the name of the route rule. This name MUST be unique within a Route if it is set.
+
+ Support: Extended
+
+ maxLength: 253
+ minLength: 1
+ pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$
+ type: string
+ retry:
+ description: |-
+ Retry defines the configuration for when to retry an HTTP request.
+
+ Support: Extended
+
+
+ properties:
+ attempts:
+ description: |-
+ Attempts specifies the maximum number of times an individual request
+ from the gateway to a backend should be retried.
+
+ If the maximum number of retries has been attempted without a successful
+ response from the backend, the Gateway MUST return an error.
+
+ When this field is unspecified, the number of times to attempt to retry
+ a backend request is implementation-specific.
+
+ Support: Extended
+ type: integer
+ backoff:
+ description: |-
+ Backoff specifies the minimum duration a Gateway should wait between
+ retry attempts and is represented in Gateway API Duration formatting.
+
+ For example, setting the `rules[].retry.backoff` field to the value
+ `100ms` will cause a backend request to first be retried approximately
+ 100 milliseconds after timing out or receiving a response code configured
+ to be retryable.
+
+ An implementation MAY use an exponential or alternative backoff strategy
+ for subsequent retry attempts, MAY cap the maximum backoff duration to
+ some amount greater than the specified minimum, and MAY add arbitrary
+ jitter to stagger requests, as long as unsuccessful backend requests are
+ not retried before the configured minimum duration.
+
+ If a Request timeout (`rules[].timeouts.request`) is configured on the
+ route, the entire duration of the initial request and any retry attempts
+ MUST not exceed the Request timeout duration. If any retry attempts are
+ still in progress when the Request timeout duration has been reached,
+ these SHOULD be canceled if possible and the Gateway MUST immediately
+ return a timeout error.
+
+ If a BackendRequest timeout (`rules[].timeouts.backendRequest`) is
+ configured on the route, any retry attempts which reach the configured
+ BackendRequest timeout duration without a response SHOULD be canceled if
+ possible and the Gateway should wait for at least the specified backoff
+ duration before attempting to retry the backend request again.
+
+ If a BackendRequest timeout is _not_ configured on the route, retry
+ attempts MAY time out after an implementation default duration, or MAY
+ remain pending until a configured Request timeout or implementation
+ default duration for total request time is reached.
+
+ When this field is unspecified, the time to wait between retry attempts
+ is implementation-specific.
+
+ Support: Extended
+ pattern: ^([0-9]{1,5}(h|m|s|ms)){1,4}$
+ type: string
+ codes:
+ description: |-
+ Codes defines the HTTP response status codes for which a backend request
+ should be retried.
+
+ Support: Extended
+ items:
+ description: |-
+ HTTPRouteRetryStatusCode defines an HTTP response status code for
+ which a backend request should be retried.
+
+ Implementations MUST support the following status codes as retryable:
+
+ * 500
+ * 502
+ * 503
+ * 504
+
+ Implementations MAY support specifying additional discrete values in the
+ 500-599 range.
+
+ Implementations MAY support specifying discrete values in the 400-499 range,
+ which are often inadvisable to retry.
+
+
+ maximum: 599
+ minimum: 400
+ type: integer
+ type: array
+ type: object
+ sessionPersistence:
+ description: |-
+ SessionPersistence defines and configures session persistence
+ for the route rule.
+
+ Support: Extended
+
+
+ properties:
+ absoluteTimeout:
+ description: |-
+ AbsoluteTimeout defines the absolute timeout of the persistent
+ session. Once the AbsoluteTimeout duration has elapsed, the
+ session becomes invalid.
+
+ Support: Extended
+ pattern: ^([0-9]{1,5}(h|m|s|ms)){1,4}$
+ type: string
+ cookieConfig:
+ description: |-
+ CookieConfig provides configuration settings that are specific
+ to cookie-based session persistence.
+
+ Support: Core
+ properties:
+ lifetimeType:
+ default: Session
+ description: |-
+ LifetimeType specifies whether the cookie has a permanent or
+ session-based lifetime. A permanent cookie persists until its
+ specified expiry time, defined by the Expires or Max-Age cookie
+ attributes, while a session cookie is deleted when the current
+ session ends.
+
+ When set to "Permanent", AbsoluteTimeout indicates the
+ cookie's lifetime via the Expires or Max-Age cookie attributes
+ and is required.
+
+ When set to "Session", AbsoluteTimeout indicates the
+ absolute lifetime of the cookie tracked by the gateway and
+ is optional.
+
+ Defaults to "Session".
+
+ Support: Core for "Session" type
+
+ Support: Extended for "Permanent" type
+ enum:
+ - Permanent
+ - Session
+ type: string
+ type: object
+ idleTimeout:
+ description: |-
+ IdleTimeout defines the idle timeout of the persistent session.
+ Once the session has been idle for more than the specified
+ IdleTimeout duration, the session becomes invalid.
+
+ Support: Extended
+ pattern: ^([0-9]{1,5}(h|m|s|ms)){1,4}$
+ type: string
+ sessionName:
+ description: |-
+ SessionName defines the name of the persistent session token
+ which may be reflected in the cookie or the header. Users
+ should avoid reusing session names to prevent unintended
+ consequences, such as rejection or unpredictable behavior.
+
+ Support: Implementation-specific
+ maxLength: 128
+ type: string
+ type:
+ default: Cookie
+ description: |-
+ Type defines the type of session persistence such as through
+ the use a header or cookie. Defaults to cookie based session
+ persistence.
+
+ Support: Core for "Cookie" type
+
+ Support: Extended for "Header" type
+ enum:
+ - Cookie
+ - Header
+ type: string
+ type: object
+ x-kubernetes-validations:
+ - message: AbsoluteTimeout must be specified when cookie
+ lifetimeType is Permanent
+ rule: '!has(self.cookieConfig) || !has(self.cookieConfig.lifetimeType)
+ || self.cookieConfig.lifetimeType != ''Permanent''
+ || has(self.absoluteTimeout)'
+ timeouts:
+ description: |-
+ Timeouts defines the timeouts that can be configured for an HTTP request.
+
+ Support: Extended
+ properties:
+ backendRequest:
+ description: |-
+ BackendRequest specifies a timeout for an individual request from the gateway
+ to a backend. This covers the time from when the request first starts being
+ sent from the gateway to when the full response has been received from the backend.
+
+ Setting a timeout to the zero duration (e.g. "0s") SHOULD disable the timeout
+ completely. Implementations that cannot completely disable the timeout MUST
+ instead interpret the zero duration as the longest possible value to which
+ the timeout can be set.
+
+ An entire client HTTP transaction with a gateway, covered by the Request timeout,
+ may result in more than one call from the gateway to the destination backend,
+ for example, if automatic retries are supported.
+
+ The value of BackendRequest must be a Gateway API Duration string as defined by
+ GEP-2257. When this field is unspecified, its behavior is implementation-specific;
+ when specified, the value of BackendRequest must be no more than the value of the
+ Request timeout (since the Request timeout encompasses the BackendRequest timeout).
+
+ Support: Extended
+ pattern: ^([0-9]{1,5}(h|m|s|ms)){1,4}$
+ type: string
+ request:
+ description: |-
+ Request specifies the maximum duration for a gateway to respond to an HTTP request.
+ If the gateway has not been able to respond before this deadline is met, the gateway
+ MUST return a timeout error.
+
+ For example, setting the `rules.timeouts.request` field to the value `10s` in an
+ `HTTPRoute` will cause a timeout if a client request is taking longer than 10 seconds
+ to complete.
+
+ Setting a timeout to the zero duration (e.g. "0s") SHOULD disable the timeout
+ completely. Implementations that cannot completely disable the timeout MUST
+ instead interpret the zero duration as the longest possible value to which
+ the timeout can be set.
+
+ This timeout is intended to cover as close to the whole request-response transaction
+ as possible although an implementation MAY choose to start the timeout after the entire
+ request stream has been received instead of immediately after the transaction is
+ initiated by the client.
+
+ The value of Request is a Gateway API Duration string as defined by GEP-2257. When this
+ field is unspecified, request timeout behavior is implementation-specific.
+
+ Support: Extended
+ pattern: ^([0-9]{1,5}(h|m|s|ms)){1,4}$
+ type: string
+ type: object
+ x-kubernetes-validations:
+ - message: backendRequest timeout cannot be longer than
+ request timeout
+ rule: '!(has(self.request) && has(self.backendRequest)
+ && duration(self.request) != duration(''0s'') &&
+ duration(self.backendRequest) > duration(self.request))'
+ type: object
+ x-kubernetes-validations:
+ - message: RequestRedirect filter must not be used together
+ with backendRefs
+ rule: '(has(self.backendRefs) && size(self.backendRefs)
+ > 0) ? (!has(self.filters) || self.filters.all(f, !has(f.requestRedirect))):
+ true'
+ - message: When using RequestRedirect filter with path.replacePrefixMatch,
+ exactly one PathPrefix match must be specified
+ rule: '(has(self.filters) && self.filters.exists_one(f,
+ has(f.requestRedirect) && has(f.requestRedirect.path)
+ && f.requestRedirect.path.type == ''ReplacePrefixMatch''
+ && has(f.requestRedirect.path.replacePrefixMatch)))
+ ? ((size(self.matches) != 1 || !has(self.matches[0].path)
+ || self.matches[0].path.type != ''PathPrefix'') ? false
+ : true) : true'
+ - message: When using URLRewrite filter with path.replacePrefixMatch,
+ exactly one PathPrefix match must be specified
+ rule: '(has(self.filters) && self.filters.exists_one(f,
+ has(f.urlRewrite) && has(f.urlRewrite.path) && f.urlRewrite.path.type
+ == ''ReplacePrefixMatch'' && has(f.urlRewrite.path.replacePrefixMatch)))
+ ? ((size(self.matches) != 1 || !has(self.matches[0].path)
+ || self.matches[0].path.type != ''PathPrefix'') ? false
+ : true) : true'
+ - message: Within backendRefs, when using RequestRedirect
+ filter with path.replacePrefixMatch, exactly one PathPrefix
+ match must be specified
+ rule: '(has(self.backendRefs) && self.backendRefs.exists_one(b,
+ (has(b.filters) && b.filters.exists_one(f, has(f.requestRedirect)
+ && has(f.requestRedirect.path) && f.requestRedirect.path.type
+ == ''ReplacePrefixMatch'' && has(f.requestRedirect.path.replacePrefixMatch)))
+ )) ? ((size(self.matches) != 1 || !has(self.matches[0].path)
+ || self.matches[0].path.type != ''PathPrefix'') ? false
+ : true) : true'
+ - message: Within backendRefs, When using URLRewrite filter
+ with path.replacePrefixMatch, exactly one PathPrefix
+ match must be specified
+ rule: '(has(self.backendRefs) && self.backendRefs.exists_one(b,
+ (has(b.filters) && b.filters.exists_one(f, has(f.urlRewrite)
+ && has(f.urlRewrite.path) && f.urlRewrite.path.type
+ == ''ReplacePrefixMatch'' && has(f.urlRewrite.path.replacePrefixMatch)))
+ )) ? ((size(self.matches) != 1 || !has(self.matches[0].path)
+ || self.matches[0].path.type != ''PathPrefix'') ? false
+ : true) : true'
+ maxItems: 16
+ type: array
+ x-kubernetes-validations:
+ - message: While 16 rules and 64 matches per rule are allowed,
+ the total number of matches across all rules in a route
+ must be less than 128
+ rule: '(self.size() > 0 ? self[0].matches.size() : 0) +
+ (self.size() > 1 ? self[1].matches.size() : 0) + (self.size()
+ > 2 ? self[2].matches.size() : 0) + (self.size() > 3 ?
+ self[3].matches.size() : 0) + (self.size() > 4 ? self[4].matches.size()
+ : 0) + (self.size() > 5 ? self[5].matches.size() : 0)
+ + (self.size() > 6 ? self[6].matches.size() : 0) + (self.size()
+ > 7 ? self[7].matches.size() : 0) + (self.size() > 8 ?
+ self[8].matches.size() : 0) + (self.size() > 9 ? self[9].matches.size()
+ : 0) + (self.size() > 10 ? self[10].matches.size() : 0)
+ + (self.size() > 11 ? self[11].matches.size() : 0) + (self.size()
+ > 12 ? self[12].matches.size() : 0) + (self.size() > 13
+ ? self[13].matches.size() : 0) + (self.size() > 14 ? self[14].matches.size()
+ : 0) + (self.size() > 15 ? self[15].matches.size() : 0)
+ <= 128'
+ type: object
+ type: object
+ ingress:
+ description: Ingress sets how the ingress object should look like
+ with your grafana instance.
+ properties:
+ metadata:
+ description: ObjectMeta contains only a [subset of the fields
+ included in k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta](https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.27/#objectmeta-v1-meta).
+ properties:
+ annotations:
+ additionalProperties:
+ type: string
+ type: object
+ labels:
+ additionalProperties:
+ type: string
+ type: object
+ type: object
+ spec:
+ description: IngressSpec describes the Ingress the user wishes
+ to exist.
+ properties:
+ defaultBackend:
+ description: |-
+ defaultBackend is the backend that should handle requests that don't
+ match any rule. If Rules are not specified, DefaultBackend must be specified.
+ If DefaultBackend is not set, the handling of requests that do not match any
+ of the rules will be up to the Ingress controller.
+ properties:
+ resource:
+ description: |-
+ resource is an ObjectRef to another Kubernetes resource in the namespace
+ of the Ingress object. If resource is specified, a service.Name and
+ service.Port must not be specified.
+ This is a mutually exclusive setting with "Service".
+ properties:
+ apiGroup:
+ description: |-
+ APIGroup is the group for the resource being referenced.
+ If APIGroup is not specified, the specified Kind must be in the core API group.
+ For any other third-party types, APIGroup is required.
+ type: string
+ kind:
+ description: Kind is the type of resource being referenced
+ type: string
+ name:
+ description: Name is the name of resource being referenced
+ type: string
+ required:
+ - kind
+ - name
+ type: object
+ x-kubernetes-map-type: atomic
+ service:
+ description: |-
+ service references a service as a backend.
+ This is a mutually exclusive setting with "Resource".
+ properties:
+ name:
+ description: |-
+ name is the referenced service. The service must exist in
+ the same namespace as the Ingress object.
+ type: string
+ port:
+ description: |-
+ port of the referenced service. A port name or port number
+ is required for a IngressServiceBackend.
+ properties:
+ name:
+ description: |-
+ name is the name of the port on the Service.
+ This is a mutually exclusive setting with "Number".
+ type: string
+ number:
+ description: |-
+ number is the numerical port number (e.g. 80) on the Service.
+ This is a mutually exclusive setting with "Name".
+ format: int32
+ type: integer
+ type: object
+ x-kubernetes-map-type: atomic
+ required:
+ - name
+ type: object
+ type: object
+ ingressClassName:
+ description: |-
+ ingressClassName is the name of an IngressClass cluster resource. Ingress
+ controller implementations use this field to know whether they should be
+ serving this Ingress resource, by a transitive connection
+ (controller -> IngressClass -> Ingress resource). Although the
+ `kubernetes.io/ingress.class` annotation (simple constant name) was never
+ formally defined, it was widely supported by Ingress controllers to create
+ a direct binding between Ingress controller and Ingress resources. Newly
+ created Ingress resources should prefer using the field. However, even
+ though the annotation is officially deprecated, for backwards compatibility
+ reasons, ingress controllers should still honor that annotation if present.
+ type: string
+ rules:
+ description: |-
+ rules is a list of host rules used to configure the Ingress. If unspecified,
+ or no rule matches, all traffic is sent to the default backend.
+ items:
+ description: |-
+ IngressRule represents the rules mapping the paths under a specified host to
+ the related backend services. Incoming requests are first evaluated for a host
+ match, then routed to the backend associated with the matching IngressRuleValue.
+ properties:
+ host:
+ description: "host is the fully qualified domain name
+ of a network host, as defined by RFC 3986.\nNote the
+ following deviations from the \"host\" part of the\nURI
+ as defined in RFC 3986:\n1. IPs are not allowed. Currently
+ an IngressRuleValue can only apply to\n the IP in
+ the Spec of the parent Ingress.\n2. The `:` delimiter
+ is not respected because ports are not allowed.\n\t
+ \ Currently the port of an Ingress is implicitly :80
+ for http and\n\t :443 for https.\nBoth these may
+ change in the future.\nIncoming requests are matched
+ against the host before the\nIngressRuleValue. If
+ the host is unspecified, the Ingress routes all\ntraffic
+ based on the specified IngressRuleValue.\n\nhost can
+ be \"precise\" which is a domain name without the
+ terminating dot of\na network host (e.g. \"foo.bar.com\")
+ or \"wildcard\", which is a domain name\nprefixed
+ with a single wildcard label (e.g. \"*.foo.com\").\nThe
+ wildcard character '*' must appear by itself as the
+ first DNS label and\nmatches only a single label.
+ You cannot have a wildcard label by itself (e.g. Host
+ == \"*\").\nRequests will be matched against the Host
+ field in the following way:\n1. If host is precise,
+ the request matches this rule if the http host header
+ is equal to Host.\n2. If host is a wildcard, then
+ the request matches this rule if the http host header\nis
+ to equal to the suffix (removing the first label)
+ of the wildcard rule."
+ type: string
+ http:
+ description: |-
+ HTTPIngressRuleValue is a list of http selectors pointing to backends.
+ In the example: http:///? -> backend where
+ where parts of the url correspond to RFC 3986, this resource will be used
+ to match against everything after the last '/' and before the first '?'
+ or '#'.
+ properties:
+ paths:
+ description: paths is a collection of paths that
+ map requests to backends.
+ items:
+ description: |-
+ HTTPIngressPath associates a path with a backend. Incoming urls matching the
+ path are forwarded to the backend.
+ properties:
+ backend:
+ description: |-
+ backend defines the referenced service endpoint to which the traffic
+ will be forwarded to.
+ properties:
+ resource:
+ description: |-
+ resource is an ObjectRef to another Kubernetes resource in the namespace
+ of the Ingress object. If resource is specified, a service.Name and
+ service.Port must not be specified.
+ This is a mutually exclusive setting with "Service".
+ properties:
+ apiGroup:
+ description: |-
+ APIGroup is the group for the resource being referenced.
+ If APIGroup is not specified, the specified Kind must be in the core API group.
+ For any other third-party types, APIGroup is required.
+ type: string
+ kind:
+ description: Kind is the type of resource
+ being referenced
+ type: string
+ name:
+ description: Name is the name of resource
+ being referenced
+ type: string
+ required:
+ - kind
+ - name
+ type: object
+ x-kubernetes-map-type: atomic
+ service:
+ description: |-
+ service references a service as a backend.
+ This is a mutually exclusive setting with "Resource".
+ properties:
+ name:
+ description: |-
+ name is the referenced service. The service must exist in
+ the same namespace as the Ingress object.
+ type: string
+ port:
+ description: |-
+ port of the referenced service. A port name or port number
+ is required for a IngressServiceBackend.
+ properties:
+ name:
+ description: |-
+ name is the name of the port on the Service.
+ This is a mutually exclusive setting with "Number".
+ type: string
+ number:
+ description: |-
+ number is the numerical port number (e.g. 80) on the Service.
+ This is a mutually exclusive setting with "Name".
+ format: int32
+ type: integer
+ type: object
+ x-kubernetes-map-type: atomic
+ required:
+ - name
+ type: object
+ type: object
+ path:
+ description: |-
+ path is matched against the path of an incoming request. Currently it can
+ contain characters disallowed from the conventional "path" part of a URL
+ as defined by RFC 3986. Paths must begin with a '/' and must be present
+ when using PathType with value "Exact" or "Prefix".
+ type: string
+ pathType:
+ description: |-
+ pathType determines the interpretation of the path matching. PathType can
+ be one of the following values:
+ * Exact: Matches the URL path exactly.
+ * Prefix: Matches based on a URL path prefix split by '/'. Matching is
+ done on a path element by element basis. A path element refers is the
+ list of labels in the path split by the '/' separator. A request is a
+ match for path p if every p is an element-wise prefix of p of the
+ request path. Note that if the last element of the path is a substring
+ of the last element in request path, it is not a match (e.g. /foo/bar
+ matches /foo/bar/baz, but does not match /foo/barbaz).
+ * ImplementationSpecific: Interpretation of the Path matching is up to
+ the IngressClass. Implementations can treat this as a separate PathType
+ or treat it identically to Prefix or Exact path types.
+ Implementations are required to support all path types.
+ type: string
+ required:
+ - backend
+ - pathType
+ type: object
+ type: array
+ x-kubernetes-list-type: atomic
+ required:
+ - paths
+ type: object
+ type: object
+ type: array
+ x-kubernetes-list-type: atomic
+ tls:
+ description: |-
+ tls represents the TLS configuration. Currently the Ingress only supports a
+ single TLS port, 443. If multiple members of this list specify different hosts,
+ they will be multiplexed on the same port according to the hostname specified
+ through the SNI TLS extension, if the ingress controller fulfilling the
+ ingress supports SNI.
+ items:
+ description: IngressTLS describes the transport layer security
+ associated with an ingress.
+ properties:
+ hosts:
+ description: |-
+ hosts is a list of hosts included in the TLS certificate. The values in
+ this list must match the name/s used in the tlsSecret. Defaults to the
+ wildcard host setting for the loadbalancer controller fulfilling this
+ Ingress, if left unspecified.
+ items:
+ type: string
+ type: array
+ x-kubernetes-list-type: atomic
+ secretName:
+ description: |-
+ secretName is the name of the secret used to terminate TLS traffic on
+ port 443. Field is left optional to allow TLS routing based on SNI
+ hostname alone. If the SNI host in a listener conflicts with the "Host"
+ header field used by an IngressRule, the SNI host is used for termination
+ and value of the "Host" header is used for routing.
+ type: string
+ type: object
+ type: array
+ x-kubernetes-list-type: atomic
+ type: object
+ type: object
+ jsonnet:
+ properties:
+ libraryLabelSelector:
+ description: |-
+ A label selector is a label query over a set of resources. The result of matchLabels and
+ matchExpressions are ANDed. An empty label selector matches all objects. A null
+ label selector matches no objects.
+ properties:
+ matchExpressions:
+ description: matchExpressions is a list of label selector
+ requirements. The requirements are ANDed.
+ items:
+ description: |-
+ A label selector requirement is a selector that contains values, a key, and an operator that
+ relates the key and values.
+ properties:
+ key:
+ description: key is the label key that the selector
+ applies to.
+ type: string
+ operator:
+ description: |-
+ operator represents a key's relationship to a set of values.
+ Valid operators are In, NotIn, Exists and DoesNotExist.
+ type: string
+ values:
+ description: |-
+ values is an array of string values. If the operator is In or NotIn,
+ the values array must be non-empty. If the operator is Exists or DoesNotExist,
+ the values array must be empty. This array is replaced during a strategic
+ merge patch.
+ items:
+ type: string
+ type: array
+ x-kubernetes-list-type: atomic
+ required:
+ - key
+ - operator
+ type: object
+ type: array
+ x-kubernetes-list-type: atomic
+ matchLabels:
+ additionalProperties:
+ type: string
+ description: |-
+ matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels
+ map is equivalent to an element of matchExpressions, whose key field is "key", the
+ operator is "In", and the values array contains only "value". The requirements are ANDed.
+ type: object
+ type: object
+ x-kubernetes-map-type: atomic
+ type: object
+ persistentVolumeClaim:
+ description: PersistentVolumeClaim creates a PVC if you need to attach
+ one to your grafana instance.
+ properties:
+ metadata:
+ description: ObjectMeta contains only a [subset of the fields
+ included in k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta](https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.27/#objectmeta-v1-meta).
+ properties:
+ annotations:
+ additionalProperties:
+ type: string
+ type: object
+ labels:
+ additionalProperties:
+ type: string
+ type: object
+ type: object
+ spec:
+ properties:
+ accessModes:
+ items:
+ type: string
+ type: array
+ dataSource:
+ description: |-
+ TypedLocalObjectReference contains enough information to let you locate the
+ typed referenced object inside the same namespace.
+ properties:
+ apiGroup:
+ description: |-
+ APIGroup is the group for the resource being referenced.
+ If APIGroup is not specified, the specified Kind must be in the core API group.
+ For any other third-party types, APIGroup is required.
+ type: string
+ kind:
+ description: Kind is the type of resource being referenced
+ type: string
+ name:
+ description: Name is the name of resource being referenced
+ type: string
+ required:
+ - kind
+ - name
+ type: object
+ x-kubernetes-map-type: atomic
+ dataSourceRef:
+ description: |-
+ TypedLocalObjectReference contains enough information to let you locate the
+ typed referenced object inside the same namespace.
+ properties:
+ apiGroup:
+ description: |-
+ APIGroup is the group for the resource being referenced.
+ If APIGroup is not specified, the specified Kind must be in the core API group.
+ For any other third-party types, APIGroup is required.
+ type: string
+ kind:
+ description: Kind is the type of resource being referenced
+ type: string
+ name:
+ description: Name is the name of resource being referenced
+ type: string
+ required:
+ - kind
+ - name
+ type: object
+ x-kubernetes-map-type: atomic
+ resources:
+ description: ResourceRequirements describes the compute resource
+ requirements.
+ properties:
+ claims:
+ description: |-
+ Claims lists the names of resources, defined in spec.resourceClaims,
+ that are used by this container.
+
+ This field depends on the
+ DynamicResourceAllocation feature gate.
+
+ This field is immutable. It can only be set for containers.
+ items:
+ description: ResourceClaim references one entry in PodSpec.ResourceClaims.
+ properties:
+ name:
+ description: |-
+ Name must match the name of one entry in pod.spec.resourceClaims of
+ the Pod where this field is used. It makes that resource available
+ inside a container.
+ type: string
+ request:
+ description: |-
+ Request is the name chosen for a request in the referenced claim.
+ If empty, everything from the claim is made available, otherwise
+ only the result of this request.
+ type: string
+ required:
+ - name
+ type: object
+ type: array
+ x-kubernetes-list-map-keys:
+ - name
+ x-kubernetes-list-type: map
+ limits:
+ additionalProperties:
+ anyOf:
+ - type: integer
+ - type: string
+ pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+ x-kubernetes-int-or-string: true
+ description: |-
+ Limits describes the maximum amount of compute resources allowed.
+ More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/
+ type: object
+ requests:
+ additionalProperties:
+ anyOf:
+ - type: integer
+ - type: string
+ pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+ x-kubernetes-int-or-string: true
+ description: |-
+ Requests describes the minimum amount of compute resources required.
+ If Requests is omitted for a container, it defaults to Limits if that is explicitly specified,
+ otherwise to an implementation-defined value. Requests cannot exceed Limits.
+ More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/
+ type: object
+ type: object
+ selector:
+ description: |-
+ A label selector is a label query over a set of resources. The result of matchLabels and
+ matchExpressions are ANDed. An empty label selector matches all objects. A null
+ label selector matches no objects.
+ properties:
+ matchExpressions:
+ description: matchExpressions is a list of label selector
+ requirements. The requirements are ANDed.
+ items:
+ description: |-
+ A label selector requirement is a selector that contains values, a key, and an operator that
+ relates the key and values.
+ properties:
+ key:
+ description: key is the label key that the selector
+ applies to.
+ type: string
+ operator:
+ description: |-
+ operator represents a key's relationship to a set of values.
+ Valid operators are In, NotIn, Exists and DoesNotExist.
+ type: string
+ values:
+ description: |-
+ values is an array of string values. If the operator is In or NotIn,
+ the values array must be non-empty. If the operator is Exists or DoesNotExist,
+ the values array must be empty. This array is replaced during a strategic
+ merge patch.
+ items:
+ type: string
+ type: array
+ x-kubernetes-list-type: atomic
+ required:
+ - key
+ - operator
+ type: object
+ type: array
+ x-kubernetes-list-type: atomic
+ matchLabels:
+ additionalProperties:
+ type: string
+ description: |-
+ matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels
+ map is equivalent to an element of matchExpressions, whose key field is "key", the
+ operator is "In", and the values array contains only "value". The requirements are ANDed.
+ type: object
+ type: object
+ x-kubernetes-map-type: atomic
+ storageClassName:
+ type: string
+ volumeMode:
+ description: PersistentVolumeMode describes how a volume is
+ intended to be consumed, either Block or Filesystem.
+ type: string
+ volumeName:
+ description: VolumeName is the binding reference to the PersistentVolume
+ backing this claim.
+ type: string
+ type: object
+ type: object
+ preferences:
+ description: Preferences holds the Grafana Preferences settings
+ properties:
+ homeDashboardUid:
+ type: string
+ type: object
+ route:
+ description: Route sets how the ingress object should look like with
+ your grafana instance, this only works in Openshift.
+ properties:
+ metadata:
+ description: ObjectMeta contains only a [subset of the fields
+ included in k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta](https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.27/#objectmeta-v1-meta).
+ properties:
+ annotations:
+ additionalProperties:
+ type: string
+ type: object
+ labels:
+ additionalProperties:
+ type: string
+ type: object
+ type: object
+ spec:
+ properties:
+ alternateBackends:
+ items:
+ description: |-
+ RouteTargetReference specifies the target that resolve into endpoints. Only the 'Service'
+ kind is allowed. Use 'weight' field to emphasize one over others.
+ properties:
+ kind:
+ default: Service
+ description: The kind of target that the route is referring
+ to. Currently, only 'Service' is allowed
+ enum:
+ - Service
+ - ""
+ type: string
+ name:
+ description: name of the service/target that is being
+ referred to. e.g. name of the service
+ minLength: 1
+ type: string
+ weight:
+ default: 100
+ description: |-
+ weight as an integer between 0 and 256, default 100, that specifies the target's relative weight
+ against other target reference objects. 0 suppresses requests to this backend.
+ format: int32
+ maximum: 256
+ minimum: 0
+ type: integer
+ required:
+ - kind
+ - name
+ type: object
+ type: array
+ host:
+ type: string
+ path:
+ type: string
+ port:
+ description: RoutePort defines a port mapping from a router
+ to an endpoint in the service endpoints.
+ properties:
+ targetPort:
+ anyOf:
+ - type: integer
+ - type: string
+ description: |-
+ The target port on pods selected by the service this route points to.
+ If this is a string, it will be looked up as a named port in the target
+ endpoints port list. Required
+ x-kubernetes-int-or-string: true
+ required:
+ - targetPort
+ type: object
+ subdomain:
+ type: string
+ tls:
+ description: TLSConfig defines config used to secure a route
+ and provide termination
+ properties:
+ caCertificate:
+ description: caCertificate provides the cert authority
+ certificate contents
+ type: string
+ certificate:
+ description: |-
+ certificate provides certificate contents. This should be a single serving certificate, not a certificate
+ chain. Do not include a CA certificate.
+ type: string
+ destinationCACertificate:
+ description: |-
+ destinationCACertificate provides the contents of the ca certificate of the final destination. When using reencrypt
+ termination this file should be provided in order to have routers use it for health checks on the secure connection.
+ If this field is not specified, the router may provide its own destination CA and perform hostname validation using
+ the short service name (service.namespace.svc), which allows infrastructure generated certificates to automatically
+ verify.
+ type: string
+ externalCertificate:
+ description: |-
+ externalCertificate provides certificate contents as a secret reference.
+ This should be a single serving certificate, not a certificate
+ chain. Do not include a CA certificate. The secret referenced should
+ be present in the same namespace as that of the Route.
+ Forbidden when `certificate` is set.
+ The router service account needs to be granted with read-only access to this secret,
+ please refer to openshift docs for additional details.
+ properties:
+ name:
+ description: |-
+ name of the referent.
+ More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+ type: string
+ type: object
+ x-kubernetes-map-type: atomic
+ insecureEdgeTerminationPolicy:
+ description: |-
+ insecureEdgeTerminationPolicy indicates the desired behavior for insecure connections to a route. While
+ each router may make its own decisions on which ports to expose, this is normally port 80.
+
+ If a route does not specify insecureEdgeTerminationPolicy, then the default behavior is "None".
+
+ * Allow - traffic is sent to the server on the insecure port (edge/reencrypt terminations only).
+
+ * None - no traffic is allowed on the insecure port (default).
+
+ * Redirect - clients are redirected to the secure port.
+ enum:
+ - Allow
+ - None
+ - Redirect
+ - ""
+ type: string
+ key:
+ description: key provides key file contents
+ type: string
+ termination:
+ description: |-
+ termination indicates termination type.
+
+ * edge - TLS termination is done by the router and http is used to communicate with the backend (default)
+ * passthrough - Traffic is sent straight to the destination without the router providing TLS termination
+ * reencrypt - TLS termination is done by the router and https is used to communicate with the backend
+
+ Note: passthrough termination is incompatible with httpHeader actions
+ enum:
+ - edge
+ - reencrypt
+ - passthrough
+ type: string
+ required:
+ - termination
+ type: object
+ x-kubernetes-validations:
+ - message: 'cannot have both spec.tls.termination: passthrough
+ and spec.tls.insecureEdgeTerminationPolicy: Allow'
+ rule: 'has(self.termination) && has(self.insecureEdgeTerminationPolicy)
+ ? !((self.termination==''passthrough'') && (self.insecureEdgeTerminationPolicy==''Allow''))
+ : true'
+ to:
+ description: |-
+ RouteTargetReference specifies the target that resolve into endpoints. Only the 'Service'
+ kind is allowed. Use 'weight' field to emphasize one over others.
+ properties:
+ kind:
+ default: Service
+ description: The kind of target that the route is referring
+ to. Currently, only 'Service' is allowed
+ enum:
+ - Service
+ - ""
+ type: string
+ name:
+ description: name of the service/target that is being
+ referred to. e.g. name of the service
+ minLength: 1
+ type: string
+ weight:
+ default: 100
+ description: |-
+ weight as an integer between 0 and 256, default 100, that specifies the target's relative weight
+ against other target reference objects. 0 suppresses requests to this backend.
+ format: int32
+ maximum: 256
+ minimum: 0
+ type: integer
+ required:
+ - kind
+ - name
+ type: object
+ wildcardPolicy:
+ description: WildcardPolicyType indicates the type of wildcard
+ support needed by routes.
+ type: string
+ type: object
+ type: object
+ service:
+ description: Service sets how the service object should look like
+ with your grafana instance, contains a number of defaults.
+ properties:
+ metadata:
+ description: ObjectMeta contains only a [subset of the fields
+ included in k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta](https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.27/#objectmeta-v1-meta).
+ properties:
+ annotations:
+ additionalProperties:
+ type: string
+ type: object
+ labels:
+ additionalProperties:
+ type: string
+ type: object
+ type: object
+ spec:
+ description: ServiceSpec describes the attributes that a user
+ creates on a service.
+ properties:
+ allocateLoadBalancerNodePorts:
+ description: |-
+ allocateLoadBalancerNodePorts defines if NodePorts will be automatically
+ allocated for services with type LoadBalancer. Default is "true". It
+ may be set to "false" if the cluster load-balancer does not rely on
+ NodePorts. If the caller requests specific NodePorts (by specifying a
+ value), those requests will be respected, regardless of this field.
+ This field may only be set for services with type LoadBalancer and will
+ be cleared if the type is changed to any other type.
+ type: boolean
+ clusterIP:
+ description: |-
+ clusterIP is the IP address of the service and is usually assigned
+ randomly. If an address is specified manually, is in-range (as per
+ system configuration), and is not in use, it will be allocated to the
+ service; otherwise creation of the service will fail. This field may not
+ be changed through updates unless the type field is also being changed
+ to ExternalName (which requires this field to be blank) or the type
+ field is being changed from ExternalName (in which case this field may
+ optionally be specified, as describe above). Valid values are "None",
+ empty string (""), or a valid IP address. Setting this to "None" makes a
+ "headless service" (no virtual IP), which is useful when direct endpoint
+ connections are preferred and proxying is not required. Only applies to
+ types ClusterIP, NodePort, and LoadBalancer. If this field is specified
+ when creating a Service of type ExternalName, creation will fail. This
+ field will be wiped when updating a Service to type ExternalName.
+ More info: https://kubernetes.io/docs/concepts/services-networking/service/#virtual-ips-and-service-proxies
+ type: string
+ clusterIPs:
+ description: |-
+ ClusterIPs is a list of IP addresses assigned to this service, and are
+ usually assigned randomly. If an address is specified manually, is
+ in-range (as per system configuration), and is not in use, it will be
+ allocated to the service; otherwise creation of the service will fail.
+ This field may not be changed through updates unless the type field is
+ also being changed to ExternalName (which requires this field to be
+ empty) or the type field is being changed from ExternalName (in which
+ case this field may optionally be specified, as describe above). Valid
+ values are "None", empty string (""), or a valid IP address. Setting
+ this to "None" makes a "headless service" (no virtual IP), which is
+ useful when direct endpoint connections are preferred and proxying is
+ not required. Only applies to types ClusterIP, NodePort, and
+ LoadBalancer. If this field is specified when creating a Service of type
+ ExternalName, creation will fail. This field will be wiped when updating
+ a Service to type ExternalName. If this field is not specified, it will
+ be initialized from the clusterIP field. If this field is specified,
+ clients must ensure that clusterIPs[0] and clusterIP have the same
+ value.
+
+ This field may hold a maximum of two entries (dual-stack IPs, in either order).
+ These IPs must correspond to the values of the ipFamilies field. Both
+ clusterIPs and ipFamilies are governed by the ipFamilyPolicy field.
+ More info: https://kubernetes.io/docs/concepts/services-networking/service/#virtual-ips-and-service-proxies
+ items:
+ type: string
+ type: array
+ x-kubernetes-list-type: atomic
+ externalIPs:
+ description: |-
+ externalIPs is a list of IP addresses for which nodes in the cluster
+ will also accept traffic for this service. These IPs are not managed by
+ Kubernetes. The user is responsible for ensuring that traffic arrives
+ at a node with this IP. A common example is external load-balancers
+ that are not part of the Kubernetes system.
+ items:
+ type: string
+ type: array
+ x-kubernetes-list-type: atomic
+ externalName:
+ description: |-
+ externalName is the external reference that discovery mechanisms will
+ return as an alias for this service (e.g. a DNS CNAME record). No
+ proxying will be involved. Must be a lowercase RFC-1123 hostname
+ (https://tools.ietf.org/html/rfc1123) and requires `type` to be "ExternalName".
+ type: string
+ externalTrafficPolicy:
+ description: |-
+ externalTrafficPolicy describes how nodes distribute service traffic they
+ receive on one of the Service's "externally-facing" addresses (NodePorts,
+ ExternalIPs, and LoadBalancer IPs). If set to "Local", the proxy will configure
+ the service in a way that assumes that external load balancers will take care
+ of balancing the service traffic between nodes, and so each node will deliver
+ traffic only to the node-local endpoints of the service, without masquerading
+ the client source IP. (Traffic mistakenly sent to a node with no endpoints will
+ be dropped.) The default value, "Cluster", uses the standard behavior of
+ routing to all endpoints evenly (possibly modified by topology and other
+ features). Note that traffic sent to an External IP or LoadBalancer IP from
+ within the cluster will always get "Cluster" semantics, but clients sending to
+ a NodePort from within the cluster may need to take traffic policy into account
+ when picking a node.
+ type: string
+ healthCheckNodePort:
+ description: |-
+ healthCheckNodePort specifies the healthcheck nodePort for the service.
+ This only applies when type is set to LoadBalancer and
+ externalTrafficPolicy is set to Local. If a value is specified, is
+ in-range, and is not in use, it will be used. If not specified, a value
+ will be automatically allocated. External systems (e.g. load-balancers)
+ can use this port to determine if a given node holds endpoints for this
+ service or not. If this field is specified when creating a Service
+ which does not need it, creation will fail. This field will be wiped
+ when updating a Service to no longer need it (e.g. changing type).
+ This field cannot be updated once set.
+ format: int32
+ type: integer
+ internalTrafficPolicy:
+ description: |-
+ InternalTrafficPolicy describes how nodes distribute service traffic they
+ receive on the ClusterIP. If set to "Local", the proxy will assume that pods
+ only want to talk to endpoints of the service on the same node as the pod,
+ dropping the traffic if there are no local endpoints. The default value,
+ "Cluster", uses the standard behavior of routing to all endpoints evenly
+ (possibly modified by topology and other features).
+ type: string
+ ipFamilies:
+ description: |-
+ IPFamilies is a list of IP families (e.g. IPv4, IPv6) assigned to this
+ service. This field is usually assigned automatically based on cluster
+ configuration and the ipFamilyPolicy field. If this field is specified
+ manually, the requested family is available in the cluster,
+ and ipFamilyPolicy allows it, it will be used; otherwise creation of
+ the service will fail. This field is conditionally mutable: it allows
+ for adding or removing a secondary IP family, but it does not allow
+ changing the primary IP family of the Service. Valid values are "IPv4"
+ and "IPv6". This field only applies to Services of types ClusterIP,
+ NodePort, and LoadBalancer, and does apply to "headless" services.
+ This field will be wiped when updating a Service to type ExternalName.
+
+ This field may hold a maximum of two entries (dual-stack families, in
+ either order). These families must correspond to the values of the
+ clusterIPs field, if specified. Both clusterIPs and ipFamilies are
+ governed by the ipFamilyPolicy field.
+ items:
+ description: |-
+ IPFamily represents the IP Family (IPv4 or IPv6). This type is used
+ to express the family of an IP expressed by a type (e.g. service.spec.ipFamilies).
+ type: string
+ type: array
+ x-kubernetes-list-type: atomic
+ ipFamilyPolicy:
+ description: |-
+ IPFamilyPolicy represents the dual-stack-ness requested or required by
+ this Service. If there is no value provided, then this field will be set
+ to SingleStack. Services can be "SingleStack" (a single IP family),
+ "PreferDualStack" (two IP families on dual-stack configured clusters or
+ a single IP family on single-stack clusters), or "RequireDualStack"
+ (two IP families on dual-stack configured clusters, otherwise fail). The
+ ipFamilies and clusterIPs fields depend on the value of this field. This
+ field will be wiped when updating a service to type ExternalName.
+ type: string
+ loadBalancerClass:
+ description: |-
+ loadBalancerClass is the class of the load balancer implementation this Service belongs to.
+ If specified, the value of this field must be a label-style identifier, with an optional prefix,
+ e.g. "internal-vip" or "example.com/internal-vip". Unprefixed names are reserved for end-users.
+ This field can only be set when the Service type is 'LoadBalancer'. If not set, the default load
+ balancer implementation is used, today this is typically done through the cloud provider integration,
+ but should apply for any default implementation. If set, it is assumed that a load balancer
+ implementation is watching for Services with a matching class. Any default load balancer
+ implementation (e.g. cloud providers) should ignore Services that set this field.
+ This field can only be set when creating or updating a Service to type 'LoadBalancer'.
+ Once set, it can not be changed. This field will be wiped when a service is updated to a non 'LoadBalancer' type.
+ type: string
+ loadBalancerIP:
+ description: |-
+ Only applies to Service Type: LoadBalancer.
+ This feature depends on whether the underlying cloud-provider supports specifying
+ the loadBalancerIP when a load balancer is created.
+ This field will be ignored if the cloud-provider does not support the feature.
+ Deprecated: This field was under-specified and its meaning varies across implementations.
+ Using it is non-portable and it may not support dual-stack.
+ Users are encouraged to use implementation-specific annotations when available.
+ type: string
+ loadBalancerSourceRanges:
+ description: |-
+ If specified and supported by the platform, this will restrict traffic through the cloud-provider
+ load-balancer will be restricted to the specified client IPs. This field will be ignored if the
+ cloud-provider does not support the feature."
+ More info: https://kubernetes.io/docs/tasks/access-application-cluster/create-external-load-balancer/
+ items:
+ type: string
+ type: array
+ x-kubernetes-list-type: atomic
+ ports:
+ description: |-
+ The list of ports that are exposed by this service.
+ More info: https://kubernetes.io/docs/concepts/services-networking/service/#virtual-ips-and-service-proxies
+ items:
+ description: ServicePort contains information on service's
+ port.
+ properties:
+ appProtocol:
+ description: |-
+ The application protocol for this port.
+ This is used as a hint for implementations to offer richer behavior for protocols that they understand.
+ This field follows standard Kubernetes label syntax.
+ Valid values are either:
+
+ * Un-prefixed protocol names - reserved for IANA standard service names (as per
+ RFC-6335 and https://www.iana.org/assignments/service-names).
+
+ * Kubernetes-defined prefixed names:
+ * 'kubernetes.io/h2c' - HTTP/2 prior knowledge over cleartext as described in https://www.rfc-editor.org/rfc/rfc9113.html#name-starting-http-2-with-prior-
+ * 'kubernetes.io/ws' - WebSocket over cleartext as described in https://www.rfc-editor.org/rfc/rfc6455
+ * 'kubernetes.io/wss' - WebSocket over TLS as described in https://www.rfc-editor.org/rfc/rfc6455
+
+ * Other protocols should use implementation-defined prefixed names such as
+ mycompany.com/my-custom-protocol.
+ type: string
+ name:
+ description: |-
+ The name of this port within the service. This must be a DNS_LABEL.
+ All ports within a ServiceSpec must have unique names. When considering
+ the endpoints for a Service, this must match the 'name' field in the
+ EndpointPort.
+ Optional if only one ServicePort is defined on this service.
+ type: string
+ nodePort:
+ description: |-
+ The port on each node on which this service is exposed when type is
+ NodePort or LoadBalancer. Usually assigned by the system. If a value is
+ specified, in-range, and not in use it will be used, otherwise the
+ operation will fail. If not specified, a port will be allocated if this
+ Service requires one. If this field is specified when creating a
+ Service which does not need it, creation will fail. This field will be
+ wiped when updating a Service to no longer need it (e.g. changing type
+ from NodePort to ClusterIP).
+ More info: https://kubernetes.io/docs/concepts/services-networking/service/#type-nodeport
+ format: int32
+ type: integer
+ port:
+ description: The port that will be exposed by this service.
+ format: int32
+ type: integer
+ protocol:
+ default: TCP
+ description: |-
+ The IP protocol for this port. Supports "TCP", "UDP", and "SCTP".
+ Default is TCP.
+ type: string
+ targetPort:
+ anyOf:
+ - type: integer
+ - type: string
+ description: |-
+ Number or name of the port to access on the pods targeted by the service.
+ Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME.
+ If this is a string, it will be looked up as a named port in the
+ target Pod's container ports. If this is not specified, the value
+ of the 'port' field is used (an identity map).
+ This field is ignored for services with clusterIP=None, and should be
+ omitted or set equal to the 'port' field.
+ More info: https://kubernetes.io/docs/concepts/services-networking/service/#defining-a-service
+ x-kubernetes-int-or-string: true
+ required:
+ - port
+ type: object
+ type: array
+ x-kubernetes-list-map-keys:
+ - port
+ - protocol
+ x-kubernetes-list-type: map
+ publishNotReadyAddresses:
+ description: |-
+ publishNotReadyAddresses indicates that any agent which deals with endpoints for this
+ Service should disregard any indications of ready/not-ready.
+ The primary use case for setting this field is for a StatefulSet's Headless Service to
+ propagate SRV DNS records for its Pods for the purpose of peer discovery.
+ The Kubernetes controllers that generate Endpoints and EndpointSlice resources for
+ Services interpret this to mean that all endpoints are considered "ready" even if the
+ Pods themselves are not. Agents which consume only Kubernetes generated endpoints
+ through the Endpoints or EndpointSlice resources can safely assume this behavior.
+ type: boolean
+ selector:
+ additionalProperties:
+ type: string
+ description: |-
+ Route service traffic to pods with label keys and values matching this
+ selector. If empty or not present, the service is assumed to have an
+ external process managing its endpoints, which Kubernetes will not
+ modify. Only applies to types ClusterIP, NodePort, and LoadBalancer.
+ Ignored if type is ExternalName.
+ More info: https://kubernetes.io/docs/concepts/services-networking/service/
+ type: object
+ x-kubernetes-map-type: atomic
+ sessionAffinity:
+ description: |-
+ Supports "ClientIP" and "None". Used to maintain session affinity.
+ Enable client IP based session affinity.
+ Must be ClientIP or None.
+ Defaults to None.
+ More info: https://kubernetes.io/docs/concepts/services-networking/service/#virtual-ips-and-service-proxies
+ type: string
+ sessionAffinityConfig:
+ description: sessionAffinityConfig contains the configurations
+ of session affinity.
+ properties:
+ clientIP:
+ description: clientIP contains the configurations of Client
+ IP based session affinity.
+ properties:
+ timeoutSeconds:
+ description: |-
+ timeoutSeconds specifies the seconds of ClientIP type session sticky time.
+ The value must be >0 && <=86400(for 1 day) if ServiceAffinity == "ClientIP".
+ Default value is 10800(for 3 hours).
+ format: int32
+ type: integer
+ type: object
+ type: object
+ trafficDistribution:
+ description: |-
+ TrafficDistribution offers a way to express preferences for how traffic
+ is distributed to Service endpoints. Implementations can use this field
+ as a hint, but are not required to guarantee strict adherence. If the
+ field is not set, the implementation will apply its default routing
+ strategy. If set to "PreferClose", implementations should prioritize
+ endpoints that are in the same zone.
+ type: string
+ type:
+ description: |-
+ type determines how the Service is exposed. Defaults to ClusterIP. Valid
+ options are ExternalName, ClusterIP, NodePort, and LoadBalancer.
+ "ClusterIP" allocates a cluster-internal IP address for load-balancing
+ to endpoints. Endpoints are determined by the selector or if that is not
+ specified, by manual construction of an Endpoints object or
+ EndpointSlice objects. If clusterIP is "None", no virtual IP is
+ allocated and the endpoints are published as a set of endpoints rather
+ than a virtual IP.
+ "NodePort" builds on ClusterIP and allocates a port on every node which
+ routes to the same endpoints as the clusterIP.
+ "LoadBalancer" builds on NodePort and creates an external load-balancer
+ (if supported in the current cloud) which routes to the same endpoints
+ as the clusterIP.
+ "ExternalName" aliases this service to the specified externalName.
+ Several other fields do not apply to ExternalName services.
+ More info: https://kubernetes.io/docs/concepts/services-networking/service/#publishing-services-service-types
+ type: string
+ type: object
+ type: object
+ serviceAccount:
+ description: ServiceAccount sets how the ServiceAccount object should
+ look like with your grafana instance, contains a number of defaults.
+ properties:
+ automountServiceAccountToken:
+ type: boolean
+ imagePullSecrets:
+ items:
+ description: |-
+ LocalObjectReference contains enough information to let you locate the
+ referenced object inside the same namespace.
+ properties:
+ name:
+ default: ""
+ description: |-
+ Name of the referent.
+ This field is effectively required, but due to backwards compatibility is
+ allowed to be empty. Instances of this type with an empty value here are
+ almost certainly wrong.
+ More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+ type: string
+ type: object
+ x-kubernetes-map-type: atomic
+ type: array
+ metadata:
+ description: ObjectMeta contains only a [subset of the fields
+ included in k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta](https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.27/#objectmeta-v1-meta).
+ properties:
+ annotations:
+ additionalProperties:
+ type: string
+ type: object
+ labels:
+ additionalProperties:
+ type: string
+ type: object
+ type: object
+ secrets:
+ items:
+ description: ObjectReference contains enough information to
+ let you inspect or modify the referred object.
+ properties:
+ apiVersion:
+ description: API version of the referent.
+ type: string
+ fieldPath:
+ description: |-
+ If referring to a piece of an object instead of an entire object, this string
+ should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2].
+ For example, if the object reference is to a container within a pod, this would take on a value like:
+ "spec.containers{name}" (where "name" refers to the name of the container that triggered
+ the event) or if no container name is specified "spec.containers[2]" (container with
+ index 2 in this pod). This syntax is chosen only to have some well-defined way of
+ referencing a part of an object.
+ type: string
+ kind:
+ description: |-
+ Kind of the referent.
+ More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
+ type: string
+ name:
+ description: |-
+ Name of the referent.
+ More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+ type: string
+ namespace:
+ description: |-
+ Namespace of the referent.
+ More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/
+ type: string
+ resourceVersion:
+ description: |-
+ Specific resourceVersion to which this reference is made, if any.
+ More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency
+ type: string
+ uid:
+ description: |-
+ UID of the referent.
+ More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids
+ type: string
+ type: object
+ x-kubernetes-map-type: atomic
+ type: array
+ type: object
+ suspend:
+ description: Suspend pauses reconciliation of owned resources like
+ deployments, Services, Etc. upon changes
+ type: boolean
+ version:
+ description: |-
+ Version sets the tag of the default image: docker.io/grafana/grafana.
+ Allows full image refs with/without sha256checksum: "registry/repo/image:tag@sha"
+ default: 12.3.3
+ type: string
+ type: object
+ status:
+ description: GrafanaStatus defines the observed state of Grafana
+ properties:
+ adminUrl:
+ type: string
+ alertRuleGroups:
+ items:
+ type: string
+ type: array
+ conditions:
+ items:
+ description: Condition contains details for one aspect of the current
+ state of this API Resource.
+ properties:
+ lastTransitionTime:
+ description: |-
+ lastTransitionTime is the last time the condition transitioned from one status to another.
+ This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable.
+ format: date-time
+ type: string
+ message:
+ description: |-
+ message is a human readable message indicating details about the transition.
+ This may be an empty string.
+ maxLength: 32768
+ type: string
+ observedGeneration:
+ description: |-
+ observedGeneration represents the .metadata.generation that the condition was set based upon.
+ For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date
+ with respect to the current state of the instance.
+ format: int64
+ minimum: 0
+ type: integer
+ reason:
+ description: |-
+ reason contains a programmatic identifier indicating the reason for the condition's last transition.
+ Producers of specific condition types may define expected values and meanings for this field,
+ and whether the values are considered a guaranteed API.
+ The value should be a CamelCase string.
+ This field may not be empty.
+ maxLength: 1024
+ minLength: 1
+ pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$
+ type: string
+ status:
+ description: status of the condition, one of True, False, Unknown.
+ enum:
+ - "True"
+ - "False"
+ - Unknown
+ type: string
+ type:
+ description: type of condition in CamelCase or in foo.example.com/CamelCase.
+ maxLength: 316
+ pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$
+ type: string
+ required:
+ - lastTransitionTime
+ - message
+ - reason
+ - status
+ - type
+ type: object
+ type: array
+ contactPoints:
+ items:
+ type: string
+ type: array
+ dashboards:
+ items:
+ type: string
+ type: array
+ datasources:
+ items:
+ type: string
+ type: array
+ folders:
+ items:
+ type: string
+ type: array
+ lastMessage:
+ type: string
+ libraryPanels:
+ items:
+ type: string
+ type: array
+ manifests:
+ items:
+ type: string
+ type: array
+ muteTimings:
+ items:
+ type: string
+ type: array
+ notificationTemplates:
+ items:
+ type: string
+ type: array
+ serviceaccounts:
+ items:
+ type: string
+ type: array
+ stage:
+ type: string
+ stageStatus:
+ type: string
+ version:
+ type: string
+ type: object
+ required:
+ - spec
+ type: object
+ served: true
+ storage: true
+ subresources:
+ status: {}
+status:
+ acceptedNames:
+ kind: ""
+ plural: ""
+ conditions: null
+ storedVersions: null
diff --git a/operators/grafana-operator/5.22.0/manifests/grafana.integreatly.org_grafanaserviceaccounts.yaml b/operators/grafana-operator/5.22.0/manifests/grafana.integreatly.org_grafanaserviceaccounts.yaml
new file mode 100644
index 000000000000..bfa7a863407d
--- /dev/null
+++ b/operators/grafana-operator/5.22.0/manifests/grafana.integreatly.org_grafanaserviceaccounts.yaml
@@ -0,0 +1,261 @@
+apiVersion: apiextensions.k8s.io/v1
+kind: CustomResourceDefinition
+metadata:
+ annotations:
+ controller-gen.kubebuilder.io/version: v0.20.1
+ creationTimestamp: null
+ name: grafanaserviceaccounts.grafana.integreatly.org
+spec:
+ group: grafana.integreatly.org
+ names:
+ categories:
+ - grafana-operator
+ kind: GrafanaServiceAccount
+ listKind: GrafanaServiceAccountList
+ plural: grafanaserviceaccounts
+ singular: grafanaserviceaccount
+ scope: Namespaced
+ versions:
+ - additionalPrinterColumns:
+ - format: date-time
+ jsonPath: .status.lastResync
+ name: Last resync
+ type: date
+ - jsonPath: .metadata.creationTimestamp
+ name: Age
+ type: date
+ name: v1beta1
+ schema:
+ openAPIV3Schema:
+ description: GrafanaServiceAccount is the Schema for the grafanaserviceaccounts
+ API
+ properties:
+ apiVersion:
+ description: |-
+ APIVersion defines the versioned schema of this representation of an object.
+ Servers should convert recognized schemas to the latest internal value, and
+ may reject unrecognized values.
+ More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
+ type: string
+ kind:
+ description: |-
+ Kind is a string value representing the REST resource this object represents.
+ Servers may infer this from the endpoint the client submits requests to.
+ Cannot be updated.
+ In CamelCase.
+ More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
+ type: string
+ metadata:
+ type: object
+ spec:
+ description: GrafanaServiceAccountSpec defines the desired state of a
+ GrafanaServiceAccount.
+ properties:
+ instanceName:
+ description: Name of the Grafana instance to create the service account
+ for
+ minLength: 1
+ type: string
+ x-kubernetes-validations:
+ - message: spec.instanceName is immutable
+ rule: self == oldSelf
+ isDisabled:
+ default: false
+ description: Whether the service account is disabled
+ type: boolean
+ name:
+ description: Name of the service account in Grafana
+ minLength: 1
+ type: string
+ x-kubernetes-validations:
+ - message: spec.name is immutable
+ rule: self == oldSelf
+ resyncPeriod:
+ description: How often the resource is synced, defaults to 10m0s if
+ not set
+ pattern: ^([0-9]+(\.[0-9]+)?(ns|us|µs|ms|s|m|h))+$
+ type: string
+ x-kubernetes-validations:
+ - message: spec.resyncPeriod must be greater than 0
+ rule: duration(self) > duration('0s')
+ role:
+ description: Role of the service account (Viewer, Editor, Admin)
+ enum:
+ - Viewer
+ - Editor
+ - Admin
+ type: string
+ suspend:
+ default: false
+ description: Suspend pauses reconciliation of the service account
+ type: boolean
+ tokens:
+ description: Tokens to create for the service account
+ items:
+ description: GrafanaServiceAccountTokenSpec defines a token for
+ a service account
+ properties:
+ expires:
+ description: Expiration date of the token. If not set, the token
+ never expires
+ format: date-time
+ type: string
+ name:
+ description: Name of the token
+ minLength: 1
+ type: string
+ secretName:
+ description: Name of the secret to store the token. If not set,
+ a name will be generated
+ minLength: 1
+ type: string
+ required:
+ - name
+ type: object
+ type: array
+ x-kubernetes-list-map-keys:
+ - name
+ x-kubernetes-list-type: map
+ required:
+ - instanceName
+ - role
+ type: object
+ x-kubernetes-validations:
+ - message: spec.name is immutable
+ rule: ((!has(oldSelf.name) && !has(self.name)) || (has(oldSelf.name)
+ && has(self.name)))
+ status:
+ description: GrafanaServiceAccountStatus defines the observed state of
+ a GrafanaServiceAccount
+ properties:
+ account:
+ description: Info contains the Grafana service account information
+ properties:
+ id:
+ description: ID of the service account in Grafana
+ format: int64
+ type: integer
+ isDisabled:
+ description: IsDisabled indicates if the service account is disabled
+ type: boolean
+ login:
+ type: string
+ name:
+ type: string
+ role:
+ description: Role is the Grafana role for the service account
+ (Viewer, Editor, Admin)
+ type: string
+ tokens:
+ description: Information about tokens
+ items:
+ description: GrafanaServiceAccountTokenStatus describes a token
+ created in Grafana.
+ properties:
+ expires:
+ description: |-
+ Expiration time of the token
+ N.B. There's possible discrepancy with the expiration time in spec
+ It happens because Grafana API accepts TTL in seconds then calculates the expiration time against the current time
+ format: date-time
+ type: string
+ id:
+ description: ID of the token in Grafana
+ format: int64
+ type: integer
+ name:
+ type: string
+ secret:
+ description: Name of the secret containing the token
+ properties:
+ name:
+ type: string
+ namespace:
+ type: string
+ type: object
+ required:
+ - id
+ - name
+ type: object
+ type: array
+ required:
+ - id
+ - isDisabled
+ - login
+ - name
+ - role
+ type: object
+ conditions:
+ description: Results when synchronizing resource with Grafana instances
+ items:
+ description: Condition contains details for one aspect of the current
+ state of this API Resource.
+ properties:
+ lastTransitionTime:
+ description: |-
+ lastTransitionTime is the last time the condition transitioned from one status to another.
+ This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable.
+ format: date-time
+ type: string
+ message:
+ description: |-
+ message is a human readable message indicating details about the transition.
+ This may be an empty string.
+ maxLength: 32768
+ type: string
+ observedGeneration:
+ description: |-
+ observedGeneration represents the .metadata.generation that the condition was set based upon.
+ For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date
+ with respect to the current state of the instance.
+ format: int64
+ minimum: 0
+ type: integer
+ reason:
+ description: |-
+ reason contains a programmatic identifier indicating the reason for the condition's last transition.
+ Producers of specific condition types may define expected values and meanings for this field,
+ and whether the values are considered a guaranteed API.
+ The value should be a CamelCase string.
+ This field may not be empty.
+ maxLength: 1024
+ minLength: 1
+ pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$
+ type: string
+ status:
+ description: status of the condition, one of True, False, Unknown.
+ enum:
+ - "True"
+ - "False"
+ - Unknown
+ type: string
+ type:
+ description: type of condition in CamelCase or in foo.example.com/CamelCase.
+ maxLength: 316
+ pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$
+ type: string
+ required:
+ - lastTransitionTime
+ - message
+ - reason
+ - status
+ - type
+ type: object
+ type: array
+ lastResync:
+ description: Last time the resource was synchronized with Grafana
+ instances
+ format: date-time
+ type: string
+ type: object
+ type: object
+ served: true
+ storage: true
+ subresources:
+ status: {}
+status:
+ acceptedNames:
+ kind: ""
+ plural: ""
+ conditions: null
+ storedVersions: null
diff --git a/operators/grafana-operator/5.22.0/metadata/annotations.yaml b/operators/grafana-operator/5.22.0/metadata/annotations.yaml
new file mode 100644
index 000000000000..b9f452233735
--- /dev/null
+++ b/operators/grafana-operator/5.22.0/metadata/annotations.yaml
@@ -0,0 +1,14 @@
+annotations:
+ # Core bundle annotations.
+ operators.operatorframework.io.bundle.mediatype.v1: registry+v1
+ operators.operatorframework.io.bundle.manifests.v1: manifests/
+ operators.operatorframework.io.bundle.metadata.v1: metadata/
+ operators.operatorframework.io.bundle.package.v1: grafana-operator
+ operators.operatorframework.io.bundle.channels.v1: v5
+ operators.operatorframework.io.bundle.channel.default.v1: v5
+ operators.operatorframework.io.metrics.builder: operator-sdk-v1.32.0
+ operators.operatorframework.io.metrics.mediatype.v1: metrics+v1
+ operators.operatorframework.io.metrics.project_layout: go.kubebuilder.io/v3
+
+ # OpenShift specific annotations
+ com.redhat.openshift.versions: "v4.11"