diff --git a/crd-catalog/DataDog/datadog-operator/datadoghq.com/v1alpha1/datadogmetrics.yaml b/crd-catalog/DataDog/datadog-operator/datadoghq.com/v1alpha1/datadogmetrics.yaml index 11471be0b..21026830d 100644 --- a/crd-catalog/DataDog/datadog-operator/datadoghq.com/v1alpha1/datadogmetrics.yaml +++ b/crd-catalog/DataDog/datadog-operator/datadoghq.com/v1alpha1/datadogmetrics.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.16.3" + controller-gen.kubebuilder.io/version: "v0.17.3" name: "datadogmetrics.datadoghq.com" spec: group: "datadoghq.com" diff --git a/crd-catalog/DataDog/datadog-operator/datadoghq.com/v1alpha1/datadogmonitors.yaml b/crd-catalog/DataDog/datadog-operator/datadoghq.com/v1alpha1/datadogmonitors.yaml index 3b0ae707c..da3e55c6e 100644 --- a/crd-catalog/DataDog/datadog-operator/datadoghq.com/v1alpha1/datadogmonitors.yaml +++ b/crd-catalog/DataDog/datadog-operator/datadoghq.com/v1alpha1/datadogmonitors.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.16.3" + controller-gen.kubebuilder.io/version: "v0.17.3" name: "datadogmonitors.datadoghq.com" spec: group: "datadoghq.com" @@ -77,6 +77,9 @@ spec: description: "Time (in seconds) to delay evaluation, as a non-negative integer. For example, if the value is set to 300 (5min),\nthe timeframe is set to last_5m and the time is 7:00, the monitor evaluates data from 6:50 to 6:55.\nThis is useful for AWS CloudWatch and other backfilled metrics to ensure the monitor always has data during evaluation." format: "int64" type: "integer" + groupRetentionDuration: + description: "The time span after which groups with missing data are dropped from the monitor state.\nThe minimum value is one hour, and the maximum value is 72 hours.\nExample values are: \"60m\", \"1h\", and \"2d\".\nThis option is only available for APM Trace Analytics, Audit Trail, CI, Error Tracking, Event, Logs, and RUM monitors." + type: "string" groupbySimpleMonitor: description: "A Boolean indicating whether the log alert monitor triggers a single alert or multiple alerts when any group breaches a threshold." type: "boolean" diff --git a/crd-catalog/DataDog/datadog-operator/datadoghq.com/v1alpha1/datadogslos.yaml b/crd-catalog/DataDog/datadog-operator/datadoghq.com/v1alpha1/datadogslos.yaml index 4027aed86..59c21b0a3 100644 --- a/crd-catalog/DataDog/datadog-operator/datadoghq.com/v1alpha1/datadogslos.yaml +++ b/crd-catalog/DataDog/datadog-operator/datadoghq.com/v1alpha1/datadogslos.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.16.3" + controller-gen.kubebuilder.io/version: "v0.17.3" name: "datadogslos.datadoghq.com" spec: group: "datadoghq.com" diff --git a/crd-catalog/DataDog/datadog-operator/datadoghq.com/v2alpha1/datadogagents.yaml b/crd-catalog/DataDog/datadog-operator/datadoghq.com/v2alpha1/datadogagents.yaml index ee434c7c6..25a30effd 100644 --- a/crd-catalog/DataDog/datadog-operator/datadoghq.com/v2alpha1/datadogagents.yaml +++ b/crd-catalog/DataDog/datadog-operator/datadoghq.com/v2alpha1/datadogagents.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.16.3" + controller-gen.kubebuilder.io/version: "v0.17.3" name: "datadogagents.datadoghq.com" spec: group: "datadoghq.com" @@ -852,6 +852,9 @@ spec: type: "string" type: "object" type: "object" + directSendFromSystemProbe: + description: "DirectSendFromSystemProbe configures CWS to send payloads directly from the system-probe, without using the security-agent.\nThis is an experimental feature. Contact support before using.\nDefault: false" + type: "boolean" enabled: description: "Enabled enables Cloud Workload Security.\nDefault: false" type: "boolean" @@ -1052,6 +1055,9 @@ spec: enabled: description: "Enabled enables GPU monitoring core check.\nDefault: false" type: "boolean" + patchCgroupPermissions: + description: "PatchCgroupPermissions enables the patch of cgroup permissions for GPU monitoring, in case\nthe container runtime is not properly configured and the Agent containers lose access to GPU devices.\nDefault: false" + type: "boolean" privilegedMode: description: "PrivilegedMode enables GPU Probe module in System Probe.\nDefault: false" type: "boolean" @@ -1077,6 +1083,155 @@ spec: kubeStateMetricsCore: description: "KubeStateMetricsCore check configuration." properties: + collectCrMetrics: + description: "`CollectCrMetrics` defines custom resources for the kube-state-metrics core check to collect.\n\nThe datadog agent uses the same logic as upstream `kube-state-metrics`. So is its configuration.\nThe exact structure and existing fields of each item in this list can be found in:\nhttps://github.com/kubernetes/kube-state-metrics/blob/main/docs/metrics/extend/customresourcestate-metrics.md" + items: + description: "Resource configures a custom resource for metric generation." + properties: + commonLabels: + additionalProperties: + type: "string" + description: "CommonLabels are added to all metrics." + type: "object" + groupVersionKind: + description: "GroupVersionKind of the custom resource to be monitored." + properties: + group: + type: "string" + kind: + type: "string" + version: + type: "string" + type: "object" + labelsFromPath: + additionalProperties: + items: + type: "string" + type: "array" + description: "LabelsFromPath adds additional labels where the value is taken from a field in the resource." + type: "object" + metricNamePrefix: + description: "MetricNamePrefix defines a prefix for all metrics of the resource.\nIf set to \"\", no prefix will be added.\nExample: If set to \"foo\", MetricNamePrefix will be \"foo_\"." + type: "string" + metrics: + description: "Metrics are the custom resource fields to be collected." + items: + description: "Generator describes a unique metric name." + properties: + commonLabels: + additionalProperties: + type: "string" + description: "CommonLabels are added to all metrics." + type: "object" + each: + description: "Each targets a value or values from the resource." + properties: + gauge: + description: "Gauge defines a gauge metric." + properties: + labelFromKey: + description: "LabelFromKey adds a label with the given name if Path is an object. The label value will be the object key." + type: "string" + labelsFromPath: + additionalProperties: + items: + type: "string" + type: "array" + description: "LabelsFromPath adds additional labels where the value of the label is taken from a field under Path." + type: "object" + nilIsZero: + description: "NilIsZero indicates that if a value is nil it will be treated as zero value." + type: "boolean" + path: + description: "Path is the path to to generate metric(s) for." + items: + type: "string" + type: "array" + valueFrom: + description: "ValueFrom is the path to a numeric field under Path that will be the metric value." + items: + type: "string" + type: "array" + required: + - "path" + type: "object" + info: + description: "Info defines an info metric." + properties: + labelFromKey: + description: "LabelFromKey adds a label with the given name if Path is an object. The label value will be the object key." + type: "string" + labelsFromPath: + additionalProperties: + items: + type: "string" + type: "array" + description: "LabelsFromPath adds additional labels where the value of the label is taken from a field under Path." + type: "object" + path: + description: "Path is the path to to generate metric(s) for." + items: + type: "string" + type: "array" + required: + - "path" + type: "object" + stateSet: + description: "StateSet defines a state set metric." + properties: + labelName: + description: "LabelName is the key of the label which is used for each entry in List to expose the value." + type: "string" + labelsFromPath: + additionalProperties: + items: + type: "string" + type: "array" + description: "LabelsFromPath adds additional labels where the value of the label is taken from a field under Path." + type: "object" + list: + description: "List is the list of values to expose a value for." + items: + type: "string" + type: "array" + path: + description: "Path is the path to to generate metric(s) for." + items: + type: "string" + type: "array" + valueFrom: + description: "ValueFrom is the subpath to compare the list to." + items: + type: "string" + type: "array" + required: + - "path" + type: "object" + type: + description: "Type defines the type of the metric." + type: "string" + type: "object" + help: + description: "Help text for the metric." + type: "string" + labelsFromPath: + additionalProperties: + items: + type: "string" + type: "array" + description: "LabelsFromPath adds additional labels where the value is taken from a field in the resource." + type: "object" + name: + description: "Name of the metric. Subject to prefixing based on the configuration of the Resource." + type: "string" + type: "object" + type: "array" + resourcePlural: + description: "ResourcePlural sets the plural name of the resource. Defaults to the plural version of the Kind according to flect.Pluralize." + type: "string" + type: "object" + type: "array" + x-kubernetes-list-type: "atomic" conf: description: "Conf overrides the configuration for the default Kubernetes State Metrics Core check.\nThis must point to a ConfigMap containing a valid cluster check configuration." properties: @@ -1141,6 +1296,9 @@ spec: logCollection: description: "LogCollection configuration." properties: + autoMultiLineDetection: + description: "AutoMultiLineDetection allows the Agent to detect and aggregate common multi-line logs automatically.\nSee also: https://docs.datadoghq.com/agent/logs/auto_multiline_detection/" + type: "boolean" containerCollectAll: description: "ContainerCollectAll enables Log collection from all containers.\nDefault: false" type: "boolean" @@ -2016,7 +2174,7 @@ spec: description: "Registry is the image registry to use for all Agent images.\nUse 'public.ecr.aws/datadog' for AWS ECR.\nUse 'datadoghq.azurecr.io' for Azure Container Registry.\nUse 'gcr.io/datadoghq' for Google Container Registry.\nUse 'eu.gcr.io/datadoghq' for Google Container Registry in the EU region.\nUse 'asia.gcr.io/datadoghq' for Google Container Registry in the Asia region.\nUse 'docker.io/datadog' for DockerHub.\nDefault: 'gcr.io/datadoghq'" type: "string" runProcessChecksInCoreAgent: - description: "Configure whether the Process Agent or core Agent collects process and/or container information (Linux only).\nIf no other checks are running, the Process Agent container will not initialize.\n(Requires Agent 7.60.0+)\nDefault: 'true'" + description: "Configure whether the Process Agent or core Agent collects process and/or container information (Linux only).\nIf no other checks are running, the Process Agent container will not initialize.\n(Requires Agent 7.60.0+)\nDefault: 'true'\nDeprecated: Functionality now handled automatically. Use env var `DD_PROCESS_CONFIG_RUN_IN_CORE_AGENT_ENABLED` to override." type: "boolean" secretBackend: description: "Configure the secret backend feature https://docs.datadoghq.com/agent/guide/secrets-management\nSee also: https://github.com/DataDog/datadog-operator/blob/main/docs/secret_management.md" @@ -5981,6 +6139,9 @@ spec: type: "string" type: "object" type: "object" + directSendFromSystemProbe: + description: "DirectSendFromSystemProbe configures CWS to send payloads directly from the system-probe, without using the security-agent.\nThis is an experimental feature. Contact support before using.\nDefault: false" + type: "boolean" enabled: description: "Enabled enables Cloud Workload Security.\nDefault: false" type: "boolean" @@ -6181,6 +6342,9 @@ spec: enabled: description: "Enabled enables GPU monitoring core check.\nDefault: false" type: "boolean" + patchCgroupPermissions: + description: "PatchCgroupPermissions enables the patch of cgroup permissions for GPU monitoring, in case\nthe container runtime is not properly configured and the Agent containers lose access to GPU devices.\nDefault: false" + type: "boolean" privilegedMode: description: "PrivilegedMode enables GPU Probe module in System Probe.\nDefault: false" type: "boolean" @@ -6206,6 +6370,155 @@ spec: kubeStateMetricsCore: description: "KubeStateMetricsCore check configuration." properties: + collectCrMetrics: + description: "`CollectCrMetrics` defines custom resources for the kube-state-metrics core check to collect.\n\nThe datadog agent uses the same logic as upstream `kube-state-metrics`. So is its configuration.\nThe exact structure and existing fields of each item in this list can be found in:\nhttps://github.com/kubernetes/kube-state-metrics/blob/main/docs/metrics/extend/customresourcestate-metrics.md" + items: + description: "Resource configures a custom resource for metric generation." + properties: + commonLabels: + additionalProperties: + type: "string" + description: "CommonLabels are added to all metrics." + type: "object" + groupVersionKind: + description: "GroupVersionKind of the custom resource to be monitored." + properties: + group: + type: "string" + kind: + type: "string" + version: + type: "string" + type: "object" + labelsFromPath: + additionalProperties: + items: + type: "string" + type: "array" + description: "LabelsFromPath adds additional labels where the value is taken from a field in the resource." + type: "object" + metricNamePrefix: + description: "MetricNamePrefix defines a prefix for all metrics of the resource.\nIf set to \"\", no prefix will be added.\nExample: If set to \"foo\", MetricNamePrefix will be \"foo_\"." + type: "string" + metrics: + description: "Metrics are the custom resource fields to be collected." + items: + description: "Generator describes a unique metric name." + properties: + commonLabels: + additionalProperties: + type: "string" + description: "CommonLabels are added to all metrics." + type: "object" + each: + description: "Each targets a value or values from the resource." + properties: + gauge: + description: "Gauge defines a gauge metric." + properties: + labelFromKey: + description: "LabelFromKey adds a label with the given name if Path is an object. The label value will be the object key." + type: "string" + labelsFromPath: + additionalProperties: + items: + type: "string" + type: "array" + description: "LabelsFromPath adds additional labels where the value of the label is taken from a field under Path." + type: "object" + nilIsZero: + description: "NilIsZero indicates that if a value is nil it will be treated as zero value." + type: "boolean" + path: + description: "Path is the path to to generate metric(s) for." + items: + type: "string" + type: "array" + valueFrom: + description: "ValueFrom is the path to a numeric field under Path that will be the metric value." + items: + type: "string" + type: "array" + required: + - "path" + type: "object" + info: + description: "Info defines an info metric." + properties: + labelFromKey: + description: "LabelFromKey adds a label with the given name if Path is an object. The label value will be the object key." + type: "string" + labelsFromPath: + additionalProperties: + items: + type: "string" + type: "array" + description: "LabelsFromPath adds additional labels where the value of the label is taken from a field under Path." + type: "object" + path: + description: "Path is the path to to generate metric(s) for." + items: + type: "string" + type: "array" + required: + - "path" + type: "object" + stateSet: + description: "StateSet defines a state set metric." + properties: + labelName: + description: "LabelName is the key of the label which is used for each entry in List to expose the value." + type: "string" + labelsFromPath: + additionalProperties: + items: + type: "string" + type: "array" + description: "LabelsFromPath adds additional labels where the value of the label is taken from a field under Path." + type: "object" + list: + description: "List is the list of values to expose a value for." + items: + type: "string" + type: "array" + path: + description: "Path is the path to to generate metric(s) for." + items: + type: "string" + type: "array" + valueFrom: + description: "ValueFrom is the subpath to compare the list to." + items: + type: "string" + type: "array" + required: + - "path" + type: "object" + type: + description: "Type defines the type of the metric." + type: "string" + type: "object" + help: + description: "Help text for the metric." + type: "string" + labelsFromPath: + additionalProperties: + items: + type: "string" + type: "array" + description: "LabelsFromPath adds additional labels where the value is taken from a field in the resource." + type: "object" + name: + description: "Name of the metric. Subject to prefixing based on the configuration of the Resource." + type: "string" + type: "object" + type: "array" + resourcePlural: + description: "ResourcePlural sets the plural name of the resource. Defaults to the plural version of the Kind according to flect.Pluralize." + type: "string" + type: "object" + type: "array" + x-kubernetes-list-type: "atomic" conf: description: "Conf overrides the configuration for the default Kubernetes State Metrics Core check.\nThis must point to a ConfigMap containing a valid cluster check configuration." properties: @@ -6270,6 +6583,9 @@ spec: logCollection: description: "LogCollection configuration." properties: + autoMultiLineDetection: + description: "AutoMultiLineDetection allows the Agent to detect and aggregate common multi-line logs automatically.\nSee also: https://docs.datadoghq.com/agent/logs/auto_multiline_detection/" + type: "boolean" containerCollectAll: description: "ContainerCollectAll enables Log collection from all containers.\nDefault: false" type: "boolean" diff --git a/crd-catalog/ROCm/gpu-operator/amd.com/v1alpha1/deviceconfigs.yaml b/crd-catalog/ROCm/gpu-operator/amd.com/v1alpha1/deviceconfigs.yaml index 6e72dad8f..93fcc9742 100644 --- a/crd-catalog/ROCm/gpu-operator/amd.com/v1alpha1/deviceconfigs.yaml +++ b/crd-catalog/ROCm/gpu-operator/amd.com/v1alpha1/deviceconfigs.yaml @@ -281,10 +281,10 @@ spec: properties: baseImageRegistry: default: "docker.io" - description: "image registry to fetch base image for building driver image, default value is docker.io, the builder will search for corresponding OS base image from given registry\ne.g. if your worker node is using Ubuntu 22.04, by default the base image would be docker.io/ubuntu:22.04\nNOTE: this field won't apply for OpenShift since OpenShift is using its own DriverToolKit image to build driver image" + description: "image registry to fetch base image for building driver image, default value is docker.io, the builder will search for corresponding OS base image from given registry\ne.g. if your worker node is using Ubuntu 22.04, by default the base image would be docker.io/ubuntu:22.04\nUse spec.driver.imageRegistrySecret for authentication with private registries.\nNOTE: this field won't apply for OpenShift since OpenShift is using its own DriverToolKit image to build driver image" type: "string" baseImageRegistryTLS: - description: "TLS settings for fetching base image" + description: "TLS settings for fetching base image\nthis field will be applied to SourceImageRepo as well" properties: insecure: description: "If true, check if the container image already exists using plain HTTP." @@ -293,6 +293,9 @@ spec: description: "If true, skip any TLS server certificate validation" type: "boolean" type: "object" + sourceImageRepo: + description: "SourceImageRepo specifies the image repository for the driver source code (OpenShift only).\nUsed when spec.driver.useSourceImage is true. The operator automatically determines the image tag\nbased on cluster RHEL version and spec.driver.version (format: coreos--).\nDefault: docker.io/rocm/amdgpu-driver\nUse spec.driver.imageRegistrySecret for authentication with private registries." + type: "string" type: "object" imageRegistrySecret: description: "secrets used for pull/push images from/to private registry specified in driversImage" @@ -434,6 +437,9 @@ spec: description: "reboot between driver upgrades, enabled by default, if enabled spec.commonConfig.utilsContainer will be used to perform reboot on worker nodes" type: "boolean" type: "object" + useSourceImage: + description: "NOTE: currently only for OpenShift cluster\nset to true to use source image to build driver image on the fly\notherwise use installer debian/rpm packages from radeon repo to build driver image" + type: "boolean" version: description: "version of the drivers source code, can be used as part of image of dockerfile source image\ndefault value for different OS is: ubuntu: 6.1.3, coreOS: 6.2.2" type: "string" diff --git a/crd-catalog/aerospike/aerospike-kubernetes-operator/asdb.aerospike.com/v1/aerospikeclusters.yaml b/crd-catalog/aerospike/aerospike-kubernetes-operator/asdb.aerospike.com/v1/aerospikeclusters.yaml index 5df6f8b76..afb7d5f8f 100644 --- a/crd-catalog/aerospike/aerospike-kubernetes-operator/asdb.aerospike.com/v1/aerospikeclusters.yaml +++ b/crd-catalog/aerospike/aerospike-kubernetes-operator/asdb.aerospike.com/v1/aerospikeclusters.yaml @@ -3,7 +3,7 @@ kind: "CustomResourceDefinition" metadata: annotations: aerospike-kubernetes-operator/version: "4.2.0-dev1" - controller-gen.kubebuilder.io/version: "v0.17.2" + controller-gen.kubebuilder.io/version: "v0.18.0" name: "aerospikeclusters.asdb.aerospike.com" spec: group: "asdb.aerospike.com" @@ -823,13 +823,13 @@ spec: type: "object" x-kubernetes-map-type: "atomic" matchLabelKeys: - description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set.\nThis is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default)." + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" mismatchLabelKeys: - description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set.\nThis is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default)." + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set." items: type: "string" type: "array" @@ -928,13 +928,13 @@ spec: type: "object" x-kubernetes-map-type: "atomic" matchLabelKeys: - description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set.\nThis is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default)." + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" mismatchLabelKeys: - description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set.\nThis is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default)." + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set." items: type: "string" type: "array" @@ -1032,13 +1032,13 @@ spec: type: "object" x-kubernetes-map-type: "atomic" matchLabelKeys: - description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set.\nThis is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default)." + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" mismatchLabelKeys: - description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set.\nThis is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default)." + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set." items: type: "string" type: "array" @@ -1137,13 +1137,13 @@ spec: type: "object" x-kubernetes-map-type: "atomic" matchLabelKeys: - description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set.\nThis is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default)." + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" mismatchLabelKeys: - description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set.\nThis is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default)." + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set." items: type: "string" type: "array" @@ -1357,7 +1357,7 @@ spec: envFrom: description: "List of sources to populate environment variables in the container.\nThe keys defined within a source must be a C_IDENTIFIER. All invalid keys\nwill be reported as an event when the container is starting. When a key exists in multiple\nsources, the value associated with the last source will take precedence.\nValues defined by an Env with a duplicate key will take precedence.\nCannot be updated." items: - description: "EnvFromSource represents the source of a set of ConfigMaps" + description: "EnvFromSource represents the source of a set of ConfigMaps or Secrets" properties: configMapRef: description: "The ConfigMap to select from" @@ -1372,7 +1372,7 @@ spec: type: "object" x-kubernetes-map-type: "atomic" prefix: - description: "An optional identifier to prepend to each key in the ConfigMap. Must be a C_IDENTIFIER." + description: "Optional text to prepend to the name of each environment variable. Must be a C_IDENTIFIER." type: "string" secretRef: description: "The Secret to select from" @@ -1552,6 +1552,9 @@ spec: - "port" type: "object" type: "object" + stopSignal: + description: "StopSignal defines which signal will be sent to a container when it is being stopped.\nIf not specified, the default is defined by the container runtime in use.\nStopSignal can only be set for Pods with a non-empty .spec.os.name" + type: "string" type: "object" livenessProbe: description: "Periodic probe of container liveness.\nContainer will be restarted if the probe fails.\nCannot be updated.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" @@ -2377,7 +2380,7 @@ spec: envFrom: description: "List of sources to populate environment variables in the container.\nThe keys defined within a source must be a C_IDENTIFIER. All invalid keys\nwill be reported as an event when the container is starting. When a key exists in multiple\nsources, the value associated with the last source will take precedence.\nValues defined by an Env with a duplicate key will take precedence.\nCannot be updated." items: - description: "EnvFromSource represents the source of a set of ConfigMaps" + description: "EnvFromSource represents the source of a set of ConfigMaps or Secrets" properties: configMapRef: description: "The ConfigMap to select from" @@ -2392,7 +2395,7 @@ spec: type: "object" x-kubernetes-map-type: "atomic" prefix: - description: "An optional identifier to prepend to each key in the ConfigMap. Must be a C_IDENTIFIER." + description: "Optional text to prepend to the name of each environment variable. Must be a C_IDENTIFIER." type: "string" secretRef: description: "The Secret to select from" @@ -2572,6 +2575,9 @@ spec: - "port" type: "object" type: "object" + stopSignal: + description: "StopSignal defines which signal will be sent to a container when it is being stopped.\nIf not specified, the default is defined by the container runtime in use.\nStopSignal can only be set for Pods with a non-empty .spec.os.name" + type: "string" type: "object" livenessProbe: description: "Periodic probe of container liveness.\nContainer will be restarted if the probe fails.\nCannot be updated.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" @@ -3392,13 +3398,13 @@ spec: type: "object" x-kubernetes-map-type: "atomic" matchLabelKeys: - description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set.\nThis is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default)." + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" mismatchLabelKeys: - description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set.\nThis is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default)." + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set." items: type: "string" type: "array" @@ -3497,13 +3503,13 @@ spec: type: "object" x-kubernetes-map-type: "atomic" matchLabelKeys: - description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set.\nThis is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default)." + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" mismatchLabelKeys: - description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set.\nThis is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default)." + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set." items: type: "string" type: "array" @@ -3601,13 +3607,13 @@ spec: type: "object" x-kubernetes-map-type: "atomic" matchLabelKeys: - description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set.\nThis is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default)." + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" mismatchLabelKeys: - description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set.\nThis is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default)." + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set." items: type: "string" type: "array" @@ -3706,13 +3712,13 @@ spec: type: "object" x-kubernetes-map-type: "atomic" matchLabelKeys: - description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set.\nThis is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default)." + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" mismatchLabelKeys: - description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set.\nThis is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default)." + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set." items: type: "string" type: "array" @@ -4408,13 +4414,13 @@ spec: type: "object" x-kubernetes-map-type: "atomic" matchLabelKeys: - description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set.\nThis is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default)." + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" mismatchLabelKeys: - description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set.\nThis is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default)." + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set." items: type: "string" type: "array" @@ -4513,13 +4519,13 @@ spec: type: "object" x-kubernetes-map-type: "atomic" matchLabelKeys: - description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set.\nThis is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default)." + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" mismatchLabelKeys: - description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set.\nThis is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default)." + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set." items: type: "string" type: "array" @@ -4617,13 +4623,13 @@ spec: type: "object" x-kubernetes-map-type: "atomic" matchLabelKeys: - description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set.\nThis is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default)." + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" mismatchLabelKeys: - description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set.\nThis is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default)." + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set." items: type: "string" type: "array" @@ -4722,13 +4728,13 @@ spec: type: "object" x-kubernetes-map-type: "atomic" matchLabelKeys: - description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set.\nThis is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default)." + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" mismatchLabelKeys: - description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set.\nThis is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default)." + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set." items: type: "string" type: "array" @@ -6540,13 +6546,13 @@ spec: type: "object" x-kubernetes-map-type: "atomic" matchLabelKeys: - description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set.\nThis is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default)." + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" mismatchLabelKeys: - description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set.\nThis is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default)." + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set." items: type: "string" type: "array" @@ -6645,13 +6651,13 @@ spec: type: "object" x-kubernetes-map-type: "atomic" matchLabelKeys: - description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set.\nThis is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default)." + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" mismatchLabelKeys: - description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set.\nThis is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default)." + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set." items: type: "string" type: "array" @@ -6749,13 +6755,13 @@ spec: type: "object" x-kubernetes-map-type: "atomic" matchLabelKeys: - description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set.\nThis is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default)." + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" mismatchLabelKeys: - description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set.\nThis is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default)." + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set." items: type: "string" type: "array" @@ -6854,13 +6860,13 @@ spec: type: "object" x-kubernetes-map-type: "atomic" matchLabelKeys: - description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set.\nThis is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default)." + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" mismatchLabelKeys: - description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set.\nThis is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default)." + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set." items: type: "string" type: "array" @@ -7074,7 +7080,7 @@ spec: envFrom: description: "List of sources to populate environment variables in the container.\nThe keys defined within a source must be a C_IDENTIFIER. All invalid keys\nwill be reported as an event when the container is starting. When a key exists in multiple\nsources, the value associated with the last source will take precedence.\nValues defined by an Env with a duplicate key will take precedence.\nCannot be updated." items: - description: "EnvFromSource represents the source of a set of ConfigMaps" + description: "EnvFromSource represents the source of a set of ConfigMaps or Secrets" properties: configMapRef: description: "The ConfigMap to select from" @@ -7089,7 +7095,7 @@ spec: type: "object" x-kubernetes-map-type: "atomic" prefix: - description: "An optional identifier to prepend to each key in the ConfigMap. Must be a C_IDENTIFIER." + description: "Optional text to prepend to the name of each environment variable. Must be a C_IDENTIFIER." type: "string" secretRef: description: "The Secret to select from" @@ -7269,6 +7275,9 @@ spec: - "port" type: "object" type: "object" + stopSignal: + description: "StopSignal defines which signal will be sent to a container when it is being stopped.\nIf not specified, the default is defined by the container runtime in use.\nStopSignal can only be set for Pods with a non-empty .spec.os.name" + type: "string" type: "object" livenessProbe: description: "Periodic probe of container liveness.\nContainer will be restarted if the probe fails.\nCannot be updated.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" @@ -8094,7 +8103,7 @@ spec: envFrom: description: "List of sources to populate environment variables in the container.\nThe keys defined within a source must be a C_IDENTIFIER. All invalid keys\nwill be reported as an event when the container is starting. When a key exists in multiple\nsources, the value associated with the last source will take precedence.\nValues defined by an Env with a duplicate key will take precedence.\nCannot be updated." items: - description: "EnvFromSource represents the source of a set of ConfigMaps" + description: "EnvFromSource represents the source of a set of ConfigMaps or Secrets" properties: configMapRef: description: "The ConfigMap to select from" @@ -8109,7 +8118,7 @@ spec: type: "object" x-kubernetes-map-type: "atomic" prefix: - description: "An optional identifier to prepend to each key in the ConfigMap. Must be a C_IDENTIFIER." + description: "Optional text to prepend to the name of each environment variable. Must be a C_IDENTIFIER." type: "string" secretRef: description: "The Secret to select from" @@ -8289,6 +8298,9 @@ spec: - "port" type: "object" type: "object" + stopSignal: + description: "StopSignal defines which signal will be sent to a container when it is being stopped.\nIf not specified, the default is defined by the container runtime in use.\nStopSignal can only be set for Pods with a non-empty .spec.os.name" + type: "string" type: "object" livenessProbe: description: "Periodic probe of container liveness.\nContainer will be restarted if the probe fails.\nCannot be updated.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" @@ -9219,13 +9231,13 @@ spec: type: "object" x-kubernetes-map-type: "atomic" matchLabelKeys: - description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set.\nThis is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default)." + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" mismatchLabelKeys: - description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set.\nThis is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default)." + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set." items: type: "string" type: "array" @@ -9324,13 +9336,13 @@ spec: type: "object" x-kubernetes-map-type: "atomic" matchLabelKeys: - description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set.\nThis is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default)." + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" mismatchLabelKeys: - description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set.\nThis is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default)." + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set." items: type: "string" type: "array" @@ -9428,13 +9440,13 @@ spec: type: "object" x-kubernetes-map-type: "atomic" matchLabelKeys: - description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set.\nThis is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default)." + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" mismatchLabelKeys: - description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set.\nThis is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default)." + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set." items: type: "string" type: "array" @@ -9533,13 +9545,13 @@ spec: type: "object" x-kubernetes-map-type: "atomic" matchLabelKeys: - description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set.\nThis is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default)." + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" mismatchLabelKeys: - description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set.\nThis is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default)." + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set." items: type: "string" type: "array" @@ -10235,13 +10247,13 @@ spec: type: "object" x-kubernetes-map-type: "atomic" matchLabelKeys: - description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set.\nThis is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default)." + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" mismatchLabelKeys: - description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set.\nThis is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default)." + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set." items: type: "string" type: "array" @@ -10340,13 +10352,13 @@ spec: type: "object" x-kubernetes-map-type: "atomic" matchLabelKeys: - description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set.\nThis is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default)." + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" mismatchLabelKeys: - description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set.\nThis is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default)." + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set." items: type: "string" type: "array" @@ -10444,13 +10456,13 @@ spec: type: "object" x-kubernetes-map-type: "atomic" matchLabelKeys: - description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set.\nThis is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default)." + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" mismatchLabelKeys: - description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set.\nThis is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default)." + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set." items: type: "string" type: "array" @@ -10549,13 +10561,13 @@ spec: type: "object" x-kubernetes-map-type: "atomic" matchLabelKeys: - description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set.\nThis is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default)." + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" mismatchLabelKeys: - description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set.\nThis is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default)." + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set." items: type: "string" type: "array" diff --git a/crd-catalog/aws/eks-anywhere/anywhere.eks.amazonaws.com/v1alpha1/bundles.yaml b/crd-catalog/aws/eks-anywhere/anywhere.eks.amazonaws.com/v1alpha1/bundles.yaml index 48b10c4ff..aa57a0097 100644 --- a/crd-catalog/aws/eks-anywhere/anywhere.eks.amazonaws.com/v1alpha1/bundles.yaml +++ b/crd-catalog/aws/eks-anywhere/anywhere.eks.amazonaws.com/v1alpha1/bundles.yaml @@ -209,6 +209,38 @@ spec: - "metadata" - "version" type: "object" + bottlerocketBootstrapContainers: + properties: + multiNetworkBootstrap: + properties: + arch: + description: "Architectures of the asset" + items: + type: "string" + type: "array" + description: + type: "string" + imageDigest: + description: "The SHA256 digest of the image manifest" + type: "string" + name: + description: "The asset name" + type: "string" + os: + description: "Operating system of the asset" + enum: + - "linux" + - "darwin" + - "windows" + type: "string" + osName: + description: "Name of the OS like ubuntu, bottlerocket" + type: "string" + uri: + description: "The image repository, name, and tag" + type: "string" + type: "object" + type: "object" bottlerocketHostContainers: properties: admin: diff --git a/crd-catalog/external-secrets/external-secrets/external-secrets.io/v1/clustersecretstores.yaml b/crd-catalog/external-secrets/external-secrets/external-secrets.io/v1/clustersecretstores.yaml index a8fdcf1e2..4c0775467 100644 --- a/crd-catalog/external-secrets/external-secrets/external-secrets.io/v1/clustersecretstores.yaml +++ b/crd-catalog/external-secrets/external-secrets/external-secrets.io/v1/clustersecretstores.yaml @@ -1828,6 +1828,9 @@ spec: secretRef: description: "IBMAuthSecretRef contains the secret reference for IBM Cloud API key authentication." properties: + iamEndpoint: + description: "The IAM endpoint used to obain a token" + type: "string" secretApiKeySecretRef: description: "The SecretAccessKey is used for authentication" properties: @@ -3297,6 +3300,41 @@ spec: secretserver: description: "SecretServer configures this store to sync secrets using SecretServer provider\nhttps://docs.delinea.com/online-help/secret-server/start.htm" properties: + caBundle: + description: "PEM/base64 encoded CA bundle used to validate Secret ServerURL. Only used\nif the ServerURL URL is using HTTPS protocol. If not set the system root certificates\nare used to validate the TLS connection." + format: "byte" + type: "string" + caProvider: + description: "The provider for the CA bundle to use to validate Secret ServerURL certificate." + properties: + key: + description: "The key where the CA certificate can be found in the Secret or ConfigMap." + maxLength: 253 + minLength: 1 + pattern: "^[-._a-zA-Z0-9]+$" + type: "string" + name: + description: "The name of the object located at the provider type." + maxLength: 253 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$" + type: "string" + namespace: + description: "The namespace the Provider type is in.\nCan only be defined when used in a ClusterSecretStore." + maxLength: 63 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?$" + type: "string" + type: + description: "The type of provider to use such as \"Secret\", or \"ConfigMap\"." + enum: + - "Secret" + - "ConfigMap" + type: "string" + required: + - "name" + - "type" + type: "object" domain: description: "Domain is the secret server domain." type: "string" @@ -3531,6 +3569,112 @@ spec: type: "string" type: "object" type: "object" + gcp: + description: "Gcp authenticates with Vault using Google Cloud Platform authentication method\nGCP authentication method" + properties: + location: + description: "Location optionally defines a location/region for the secret" + type: "string" + path: + default: "gcp" + description: "Path where the GCP auth method is enabled in Vault, e.g: \"gcp\"" + type: "string" + projectID: + description: "Project ID of the Google Cloud Platform project" + type: "string" + role: + description: "Vault Role. In Vault, a role describes an identity with a set of permissions, groups, or policies you want to attach to a user of the secrets engine." + type: "string" + secretRef: + description: "Specify credentials in a Secret object" + properties: + secretAccessKeySecretRef: + description: "The SecretAccessKey is used for authentication" + properties: + key: + description: "A key in the referenced Secret.\nSome instances of this field may be defaulted, in others it may be required." + maxLength: 253 + minLength: 1 + pattern: "^[-._a-zA-Z0-9]+$" + type: "string" + name: + description: "The name of the Secret resource being referred to." + maxLength: 253 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$" + type: "string" + namespace: + description: "The namespace of the Secret resource being referred to.\nIgnored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent." + maxLength: 63 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?$" + type: "string" + type: "object" + type: "object" + serviceAccountRef: + description: "ServiceAccountRef to a service account for impersonation" + properties: + audiences: + description: "Audience specifies the `aud` claim for the service account token\nIf the service account uses a well-known annotation for e.g. IRSA or GCP Workload Identity\nthen this audiences will be appended to the list" + items: + type: "string" + type: "array" + name: + description: "The name of the ServiceAccount resource being referred to." + maxLength: 253 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$" + type: "string" + namespace: + description: "Namespace of the resource being referred to.\nIgnored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent." + maxLength: 63 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?$" + type: "string" + required: + - "name" + type: "object" + workloadIdentity: + description: "Specify a service account with Workload Identity" + properties: + clusterLocation: + description: "ClusterLocation is the location of the cluster\nIf not specified, it fetches information from the metadata server" + type: "string" + clusterName: + description: "ClusterName is the name of the cluster\nIf not specified, it fetches information from the metadata server" + type: "string" + clusterProjectID: + description: "ClusterProjectID is the project ID of the cluster\nIf not specified, it fetches information from the metadata server" + type: "string" + serviceAccountRef: + description: "ServiceAccountSelector is a reference to a ServiceAccount resource." + properties: + audiences: + description: "Audience specifies the `aud` claim for the service account token\nIf the service account uses a well-known annotation for e.g. IRSA or GCP Workload Identity\nthen this audiences will be appended to the list" + items: + type: "string" + type: "array" + name: + description: "The name of the ServiceAccount resource being referred to." + maxLength: 253 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$" + type: "string" + namespace: + description: "Namespace of the resource being referred to.\nIgnored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent." + maxLength: 63 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?$" + type: "string" + required: + - "name" + type: "object" + required: + - "serviceAccountRef" + type: "object" + required: + - "role" + type: "object" iam: description: "Iam authenticates with vault by passing a special AWS request signed with AWS IAM credentials\nAWS IAM authentication method" properties: diff --git a/crd-catalog/external-secrets/external-secrets/external-secrets.io/v1/secretstores.yaml b/crd-catalog/external-secrets/external-secrets/external-secrets.io/v1/secretstores.yaml index 0e2c275b6..897a95512 100644 --- a/crd-catalog/external-secrets/external-secrets/external-secrets.io/v1/secretstores.yaml +++ b/crd-catalog/external-secrets/external-secrets/external-secrets.io/v1/secretstores.yaml @@ -1828,6 +1828,9 @@ spec: secretRef: description: "IBMAuthSecretRef contains the secret reference for IBM Cloud API key authentication." properties: + iamEndpoint: + description: "The IAM endpoint used to obain a token" + type: "string" secretApiKeySecretRef: description: "The SecretAccessKey is used for authentication" properties: @@ -3297,6 +3300,41 @@ spec: secretserver: description: "SecretServer configures this store to sync secrets using SecretServer provider\nhttps://docs.delinea.com/online-help/secret-server/start.htm" properties: + caBundle: + description: "PEM/base64 encoded CA bundle used to validate Secret ServerURL. Only used\nif the ServerURL URL is using HTTPS protocol. If not set the system root certificates\nare used to validate the TLS connection." + format: "byte" + type: "string" + caProvider: + description: "The provider for the CA bundle to use to validate Secret ServerURL certificate." + properties: + key: + description: "The key where the CA certificate can be found in the Secret or ConfigMap." + maxLength: 253 + minLength: 1 + pattern: "^[-._a-zA-Z0-9]+$" + type: "string" + name: + description: "The name of the object located at the provider type." + maxLength: 253 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$" + type: "string" + namespace: + description: "The namespace the Provider type is in.\nCan only be defined when used in a ClusterSecretStore." + maxLength: 63 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?$" + type: "string" + type: + description: "The type of provider to use such as \"Secret\", or \"ConfigMap\"." + enum: + - "Secret" + - "ConfigMap" + type: "string" + required: + - "name" + - "type" + type: "object" domain: description: "Domain is the secret server domain." type: "string" @@ -3531,6 +3569,112 @@ spec: type: "string" type: "object" type: "object" + gcp: + description: "Gcp authenticates with Vault using Google Cloud Platform authentication method\nGCP authentication method" + properties: + location: + description: "Location optionally defines a location/region for the secret" + type: "string" + path: + default: "gcp" + description: "Path where the GCP auth method is enabled in Vault, e.g: \"gcp\"" + type: "string" + projectID: + description: "Project ID of the Google Cloud Platform project" + type: "string" + role: + description: "Vault Role. In Vault, a role describes an identity with a set of permissions, groups, or policies you want to attach to a user of the secrets engine." + type: "string" + secretRef: + description: "Specify credentials in a Secret object" + properties: + secretAccessKeySecretRef: + description: "The SecretAccessKey is used for authentication" + properties: + key: + description: "A key in the referenced Secret.\nSome instances of this field may be defaulted, in others it may be required." + maxLength: 253 + minLength: 1 + pattern: "^[-._a-zA-Z0-9]+$" + type: "string" + name: + description: "The name of the Secret resource being referred to." + maxLength: 253 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$" + type: "string" + namespace: + description: "The namespace of the Secret resource being referred to.\nIgnored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent." + maxLength: 63 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?$" + type: "string" + type: "object" + type: "object" + serviceAccountRef: + description: "ServiceAccountRef to a service account for impersonation" + properties: + audiences: + description: "Audience specifies the `aud` claim for the service account token\nIf the service account uses a well-known annotation for e.g. IRSA or GCP Workload Identity\nthen this audiences will be appended to the list" + items: + type: "string" + type: "array" + name: + description: "The name of the ServiceAccount resource being referred to." + maxLength: 253 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$" + type: "string" + namespace: + description: "Namespace of the resource being referred to.\nIgnored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent." + maxLength: 63 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?$" + type: "string" + required: + - "name" + type: "object" + workloadIdentity: + description: "Specify a service account with Workload Identity" + properties: + clusterLocation: + description: "ClusterLocation is the location of the cluster\nIf not specified, it fetches information from the metadata server" + type: "string" + clusterName: + description: "ClusterName is the name of the cluster\nIf not specified, it fetches information from the metadata server" + type: "string" + clusterProjectID: + description: "ClusterProjectID is the project ID of the cluster\nIf not specified, it fetches information from the metadata server" + type: "string" + serviceAccountRef: + description: "ServiceAccountSelector is a reference to a ServiceAccount resource." + properties: + audiences: + description: "Audience specifies the `aud` claim for the service account token\nIf the service account uses a well-known annotation for e.g. IRSA or GCP Workload Identity\nthen this audiences will be appended to the list" + items: + type: "string" + type: "array" + name: + description: "The name of the ServiceAccount resource being referred to." + maxLength: 253 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$" + type: "string" + namespace: + description: "Namespace of the resource being referred to.\nIgnored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent." + maxLength: 63 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?$" + type: "string" + required: + - "name" + type: "object" + required: + - "serviceAccountRef" + type: "object" + required: + - "role" + type: "object" iam: description: "Iam authenticates with vault by passing a special AWS request signed with AWS IAM credentials\nAWS IAM authentication method" properties: diff --git a/crd-catalog/external-secrets/external-secrets/generators.external-secrets.io/v1alpha1/clustergenerators.yaml b/crd-catalog/external-secrets/external-secrets/generators.external-secrets.io/v1alpha1/clustergenerators.yaml index 42d4d0c26..e62a8a971 100644 --- a/crd-catalog/external-secrets/external-secrets/generators.external-secrets.io/v1alpha1/clustergenerators.yaml +++ b/crd-catalog/external-secrets/external-secrets/generators.external-secrets.io/v1alpha1/clustergenerators.yaml @@ -1021,6 +1021,112 @@ spec: type: "string" type: "object" type: "object" + gcp: + description: "Gcp authenticates with Vault using Google Cloud Platform authentication method\nGCP authentication method" + properties: + location: + description: "Location optionally defines a location/region for the secret" + type: "string" + path: + default: "gcp" + description: "Path where the GCP auth method is enabled in Vault, e.g: \"gcp\"" + type: "string" + projectID: + description: "Project ID of the Google Cloud Platform project" + type: "string" + role: + description: "Vault Role. In Vault, a role describes an identity with a set of permissions, groups, or policies you want to attach to a user of the secrets engine." + type: "string" + secretRef: + description: "Specify credentials in a Secret object" + properties: + secretAccessKeySecretRef: + description: "The SecretAccessKey is used for authentication" + properties: + key: + description: "A key in the referenced Secret.\nSome instances of this field may be defaulted, in others it may be required." + maxLength: 253 + minLength: 1 + pattern: "^[-._a-zA-Z0-9]+$" + type: "string" + name: + description: "The name of the Secret resource being referred to." + maxLength: 253 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$" + type: "string" + namespace: + description: "The namespace of the Secret resource being referred to.\nIgnored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent." + maxLength: 63 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?$" + type: "string" + type: "object" + type: "object" + serviceAccountRef: + description: "ServiceAccountRef to a service account for impersonation" + properties: + audiences: + description: "Audience specifies the `aud` claim for the service account token\nIf the service account uses a well-known annotation for e.g. IRSA or GCP Workload Identity\nthen this audiences will be appended to the list" + items: + type: "string" + type: "array" + name: + description: "The name of the ServiceAccount resource being referred to." + maxLength: 253 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$" + type: "string" + namespace: + description: "Namespace of the resource being referred to.\nIgnored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent." + maxLength: 63 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?$" + type: "string" + required: + - "name" + type: "object" + workloadIdentity: + description: "Specify a service account with Workload Identity" + properties: + clusterLocation: + description: "ClusterLocation is the location of the cluster\nIf not specified, it fetches information from the metadata server" + type: "string" + clusterName: + description: "ClusterName is the name of the cluster\nIf not specified, it fetches information from the metadata server" + type: "string" + clusterProjectID: + description: "ClusterProjectID is the project ID of the cluster\nIf not specified, it fetches information from the metadata server" + type: "string" + serviceAccountRef: + description: "ServiceAccountSelector is a reference to a ServiceAccount resource." + properties: + audiences: + description: "Audience specifies the `aud` claim for the service account token\nIf the service account uses a well-known annotation for e.g. IRSA or GCP Workload Identity\nthen this audiences will be appended to the list" + items: + type: "string" + type: "array" + name: + description: "The name of the ServiceAccount resource being referred to." + maxLength: 253 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$" + type: "string" + namespace: + description: "Namespace of the resource being referred to.\nIgnored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent." + maxLength: 63 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?$" + type: "string" + required: + - "name" + type: "object" + required: + - "serviceAccountRef" + type: "object" + required: + - "role" + type: "object" iam: description: "Iam authenticates with vault by passing a special AWS request signed with AWS IAM credentials\nAWS IAM authentication method" properties: diff --git a/crd-catalog/external-secrets/external-secrets/generators.external-secrets.io/v1alpha1/vaultdynamicsecrets.yaml b/crd-catalog/external-secrets/external-secrets/generators.external-secrets.io/v1alpha1/vaultdynamicsecrets.yaml index 558b791ba..f0211998e 100644 --- a/crd-catalog/external-secrets/external-secrets/generators.external-secrets.io/v1alpha1/vaultdynamicsecrets.yaml +++ b/crd-catalog/external-secrets/external-secrets/generators.external-secrets.io/v1alpha1/vaultdynamicsecrets.yaml @@ -166,6 +166,112 @@ spec: type: "string" type: "object" type: "object" + gcp: + description: "Gcp authenticates with Vault using Google Cloud Platform authentication method\nGCP authentication method" + properties: + location: + description: "Location optionally defines a location/region for the secret" + type: "string" + path: + default: "gcp" + description: "Path where the GCP auth method is enabled in Vault, e.g: \"gcp\"" + type: "string" + projectID: + description: "Project ID of the Google Cloud Platform project" + type: "string" + role: + description: "Vault Role. In Vault, a role describes an identity with a set of permissions, groups, or policies you want to attach to a user of the secrets engine." + type: "string" + secretRef: + description: "Specify credentials in a Secret object" + properties: + secretAccessKeySecretRef: + description: "The SecretAccessKey is used for authentication" + properties: + key: + description: "A key in the referenced Secret.\nSome instances of this field may be defaulted, in others it may be required." + maxLength: 253 + minLength: 1 + pattern: "^[-._a-zA-Z0-9]+$" + type: "string" + name: + description: "The name of the Secret resource being referred to." + maxLength: 253 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$" + type: "string" + namespace: + description: "The namespace of the Secret resource being referred to.\nIgnored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent." + maxLength: 63 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?$" + type: "string" + type: "object" + type: "object" + serviceAccountRef: + description: "ServiceAccountRef to a service account for impersonation" + properties: + audiences: + description: "Audience specifies the `aud` claim for the service account token\nIf the service account uses a well-known annotation for e.g. IRSA or GCP Workload Identity\nthen this audiences will be appended to the list" + items: + type: "string" + type: "array" + name: + description: "The name of the ServiceAccount resource being referred to." + maxLength: 253 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$" + type: "string" + namespace: + description: "Namespace of the resource being referred to.\nIgnored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent." + maxLength: 63 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?$" + type: "string" + required: + - "name" + type: "object" + workloadIdentity: + description: "Specify a service account with Workload Identity" + properties: + clusterLocation: + description: "ClusterLocation is the location of the cluster\nIf not specified, it fetches information from the metadata server" + type: "string" + clusterName: + description: "ClusterName is the name of the cluster\nIf not specified, it fetches information from the metadata server" + type: "string" + clusterProjectID: + description: "ClusterProjectID is the project ID of the cluster\nIf not specified, it fetches information from the metadata server" + type: "string" + serviceAccountRef: + description: "ServiceAccountSelector is a reference to a ServiceAccount resource." + properties: + audiences: + description: "Audience specifies the `aud` claim for the service account token\nIf the service account uses a well-known annotation for e.g. IRSA or GCP Workload Identity\nthen this audiences will be appended to the list" + items: + type: "string" + type: "array" + name: + description: "The name of the ServiceAccount resource being referred to." + maxLength: 253 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$" + type: "string" + namespace: + description: "Namespace of the resource being referred to.\nIgnored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent." + maxLength: 63 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?$" + type: "string" + required: + - "name" + type: "object" + required: + - "serviceAccountRef" + type: "object" + required: + - "role" + type: "object" iam: description: "Iam authenticates with vault by passing a special AWS request signed with AWS IAM credentials\nAWS IAM authentication method" properties: diff --git a/crd-catalog/grafana/grafana-operator/grafana.integreatly.org/v1beta1/grafanas.yaml b/crd-catalog/grafana/grafana-operator/grafana.integreatly.org/v1beta1/grafanas.yaml index c9eb30a54..cfbc46c43 100644 --- a/crd-catalog/grafana/grafana-operator/grafana.integreatly.org/v1beta1/grafanas.yaml +++ b/crd-catalog/grafana/grafana-operator/grafana.integreatly.org/v1beta1/grafanas.yaml @@ -3958,6 +3958,1250 @@ spec: required: - "url" type: "object" + httpRoute: + description: "HTTPRoute customizes the GatewayAPI HTTPRoute Object. It will not be created if this is not set" + properties: + metadata: + description: "ObjectMeta contains only a [subset of the fields included in k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta](https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.27/#objectmeta-v1-meta)." + properties: + annotations: + additionalProperties: + type: "string" + type: "object" + labels: + additionalProperties: + type: "string" + type: "object" + type: "object" + spec: + description: "HTTPRouteSpec defines the desired state of HTTPRoute" + properties: + hostnames: + description: "Hostnames defines a set of hostnames that should match against the HTTP Host\nheader to select a HTTPRoute used to process the request. Implementations\nMUST ignore any port value specified in the HTTP Host header while\nperforming a match and (absent of any applicable header modification\nconfiguration) MUST forward this header unmodified to the backend.\n\nValid values for Hostnames are determined by RFC 1123 definition of a\nhostname with 2 notable exceptions:\n\n1. IPs are not allowed.\n2. A hostname may be prefixed with a wildcard label (`*.`). The wildcard\n label must appear by itself as the first label.\n\nIf a hostname is specified by both the Listener and HTTPRoute, there\nmust be at least one intersecting hostname for the HTTPRoute to be\nattached to the Listener. For example:\n\n* A Listener with `test.example.com` as the hostname matches HTTPRoutes\n that have either not specified any hostnames, or have specified at\n least one of `test.example.com` or `*.example.com`.\n* A Listener with `*.example.com` as the hostname matches HTTPRoutes\n that have either not specified any hostnames or have specified at least\n one hostname that matches the Listener hostname. For example,\n `*.example.com`, `test.example.com`, and `foo.test.example.com` would\n all match. On the other hand, `example.com` and `test.example.net` would\n not match.\n\nHostnames that are prefixed with a wildcard label (`*.`) are interpreted\nas a suffix match. That means that a match for `*.example.com` would match\nboth `test.example.com`, and `foo.test.example.com`, but not `example.com`.\n\nIf both the Listener and HTTPRoute have specified hostnames, any\nHTTPRoute hostnames that do not match the Listener hostname MUST be\nignored. For example, if a Listener specified `*.example.com`, and the\nHTTPRoute specified `test.example.com` and `test.example.net`,\n`test.example.net` must not be considered for a match.\n\nIf both the Listener and HTTPRoute have specified hostnames, and none\nmatch with the criteria above, then the HTTPRoute is not accepted. The\nimplementation must raise an 'Accepted' Condition with a status of\n`False` in the corresponding RouteParentStatus.\n\nIn the event that multiple HTTPRoutes specify intersecting hostnames (e.g.\noverlapping wildcard matching and exact matching hostnames), precedence must\nbe given to rules from the HTTPRoute with the largest number of:\n\n* Characters in a matching non-wildcard hostname.\n* Characters in a matching hostname.\n\nIf ties exist across multiple Routes, the matching precedence rules for\nHTTPRouteMatches takes over.\n\nSupport: Core" + items: + description: "Hostname is the fully qualified domain name of a network host. This matches\nthe RFC 1123 definition of a hostname with 2 notable exceptions:\n\n 1. IPs are not allowed.\n 2. A hostname may be prefixed with a wildcard label (`*.`). The wildcard\n label must appear by itself as the first label.\n\nHostname can be \"precise\" which is a domain name without the terminating\ndot of a network host (e.g. \"foo.example.com\") or \"wildcard\", which is a\ndomain name prefixed with a single wildcard label (e.g. `*.example.com`).\n\nNote that as per RFC1035 and RFC1123, a *label* must consist of lower case\nalphanumeric characters or '-', and must start and end with an alphanumeric\ncharacter. No other punctuation is allowed." + maxLength: 253 + minLength: 1 + pattern: "^(\\*\\.)?[a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$" + type: "string" + maxItems: 16 + type: "array" + parentRefs: + description: "ParentRefs references the resources (usually Gateways) that a Route wants\nto be attached to. Note that the referenced parent resource needs to\nallow this for the attachment to be complete. For Gateways, that means\nthe Gateway needs to allow attachment from Routes of this kind and\nnamespace. For Services, that means the Service must either be in the same\nnamespace for a \"producer\" route, or the mesh implementation must support\nand allow \"consumer\" routes for the referenced Service. ReferenceGrant is\nnot applicable for governing ParentRefs to Services - it is not possible to\ncreate a \"producer\" route for a Service in a different namespace from the\nRoute.\n\nThere are two kinds of parent resources with \"Core\" support:\n\n* Gateway (Gateway conformance profile)\n* Service (Mesh conformance profile, ClusterIP Services only)\n\nThis API may be extended in the future to support additional kinds of parent\nresources.\n\nParentRefs must be _distinct_. This means either that:\n\n* They select different objects. If this is the case, then parentRef\n entries are distinct. In terms of fields, this means that the\n multi-part key defined by `group`, `kind`, `namespace`, and `name` must\n be unique across all parentRef entries in the Route.\n* They do not select different objects, but for each optional field used,\n each ParentRef that selects the same object must set the same set of\n optional fields to different values. If one ParentRef sets a\n combination of optional fields, all must set the same combination.\n\nSome examples:\n\n* If one ParentRef sets `sectionName`, all ParentRefs referencing the\n same object must also set `sectionName`.\n* If one ParentRef sets `port`, all ParentRefs referencing the same\n object must also set `port`.\n* If one ParentRef sets `sectionName` and `port`, all ParentRefs\n referencing the same object must also set `sectionName` and `port`.\n\nIt is possible to separately reference multiple distinct objects that may\nbe collapsed by an implementation. For example, some implementations may\nchoose to merge compatible Gateway Listeners together. If that is the\ncase, the list of routes attached to those resources should also be\nmerged.\n\nNote that for ParentRefs that cross namespace boundaries, there are specific\nrules. Cross-namespace references are only valid if they are explicitly\nallowed by something in the namespace they are referring to. For example,\nGateway has the AllowedRoutes field, and ReferenceGrant provides a\ngeneric way to enable other kinds of cross-namespace reference.\n\n\nParentRefs from a Route to a Service in the same namespace are \"producer\"\nroutes, which apply default routing rules to inbound connections from\nany namespace to the Service.\n\nParentRefs from a Route to a Service in a different namespace are\n\"consumer\" routes, and these routing rules are only applied to outbound\nconnections originating from the same namespace as the Route, for which\nthe intended destination of the connections are a Service targeted as a\nParentRef of the Route.\n\n\n\n\n\n" + items: + description: "ParentReference identifies an API object (usually a Gateway) that can be considered\na parent of this resource (usually a route). There are two kinds of parent resources\nwith \"Core\" support:\n\n* Gateway (Gateway conformance profile)\n* Service (Mesh conformance profile, ClusterIP Services only)\n\nThis API may be extended in the future to support additional kinds of parent\nresources.\n\nThe API object must be valid in the cluster; the Group and Kind must\nbe registered in the cluster for this reference to be valid." + properties: + group: + default: "gateway.networking.k8s.io" + description: "Group is the group of the referent.\nWhen unspecified, \"gateway.networking.k8s.io\" is inferred.\nTo set the core API group (such as for a \"Service\" kind referent),\nGroup must be explicitly set to \"\" (empty string).\n\nSupport: Core" + maxLength: 253 + pattern: "^$|^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$" + type: "string" + kind: + default: "Gateway" + description: "Kind is kind of the referent.\n\nThere are two kinds of parent resources with \"Core\" support:\n\n* Gateway (Gateway conformance profile)\n* Service (Mesh conformance profile, ClusterIP Services only)\n\nSupport for other resources is Implementation-Specific." + maxLength: 63 + minLength: 1 + pattern: "^[a-zA-Z]([-a-zA-Z0-9]*[a-zA-Z0-9])?$" + type: "string" + name: + description: "Name is the name of the referent.\n\nSupport: Core" + maxLength: 253 + minLength: 1 + type: "string" + namespace: + description: "Namespace is the namespace of the referent. When unspecified, this refers\nto the local namespace of the Route.\n\nNote that there are specific rules for ParentRefs which cross namespace\nboundaries. Cross-namespace references are only valid if they are explicitly\nallowed by something in the namespace they are referring to. For example:\nGateway has the AllowedRoutes field, and ReferenceGrant provides a\ngeneric way to enable any other kind of cross-namespace reference.\n\n\nParentRefs from a Route to a Service in the same namespace are \"producer\"\nroutes, which apply default routing rules to inbound connections from\nany namespace to the Service.\n\nParentRefs from a Route to a Service in a different namespace are\n\"consumer\" routes, and these routing rules are only applied to outbound\nconnections originating from the same namespace as the Route, for which\nthe intended destination of the connections are a Service targeted as a\nParentRef of the Route.\n\n\nSupport: Core" + maxLength: 63 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?$" + type: "string" + port: + description: "Port is the network port this Route targets. It can be interpreted\ndifferently based on the type of parent resource.\n\nWhen the parent resource is a Gateway, this targets all listeners\nlistening on the specified port that also support this kind of Route(and\nselect this Route). It's not recommended to set `Port` unless the\nnetworking behaviors specified in a Route must apply to a specific port\nas opposed to a listener(s) whose port(s) may be changed. When both Port\nand SectionName are specified, the name and port of the selected listener\nmust match both specified values.\n\n\nWhen the parent resource is a Service, this targets a specific port in the\nService spec. When both Port (experimental) and SectionName are specified,\nthe name and port of the selected port must match both specified values.\n\n\nImplementations MAY choose to support other parent resources.\nImplementations supporting other types of parent resources MUST clearly\ndocument how/if Port is interpreted.\n\nFor the purpose of status, an attachment is considered successful as\nlong as the parent resource accepts it partially. For example, Gateway\nlisteners can restrict which Routes can attach to them by Route kind,\nnamespace, or hostname. If 1 of 2 Gateway listeners accept attachment\nfrom the referencing Route, the Route MUST be considered successfully\nattached. If no Gateway listeners accept attachment from this Route,\nthe Route MUST be considered detached from the Gateway.\n\nSupport: Extended" + format: "int32" + maximum: 65535.0 + minimum: 1.0 + type: "integer" + sectionName: + description: "SectionName is the name of a section within the target resource. In the\nfollowing resources, SectionName is interpreted as the following:\n\n* Gateway: Listener name. When both Port (experimental) and SectionName\nare specified, the name and port of the selected listener must match\nboth specified values.\n* Service: Port name. When both Port (experimental) and SectionName\nare specified, the name and port of the selected listener must match\nboth specified values.\n\nImplementations MAY choose to support attaching Routes to other resources.\nIf that is the case, they MUST clearly document how SectionName is\ninterpreted.\n\nWhen unspecified (empty string), this will reference the entire resource.\nFor the purpose of status, an attachment is considered successful if at\nleast one section in the parent resource accepts it. For example, Gateway\nlisteners can restrict which Routes can attach to them by Route kind,\nnamespace, or hostname. If 1 of 2 Gateway listeners accept attachment from\nthe referencing Route, the Route MUST be considered successfully\nattached. If no Gateway listeners accept attachment from this Route, the\nRoute MUST be considered detached from the Gateway.\n\nSupport: Core" + maxLength: 253 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$" + type: "string" + required: + - "name" + type: "object" + maxItems: 32 + type: "array" + rules: + default: + - matches: + - path: + type: "PathPrefix" + value: "/" + description: "Rules are a list of HTTP matchers, filters and actions.\n\n" + items: + description: "HTTPRouteRule defines semantics for matching an HTTP request based on\nconditions (matches), processing it (filters), and forwarding the request to\nan API object (backendRefs)." + properties: + backendRefs: + description: "BackendRefs defines the backend(s) where matching requests should be\nsent.\n\nFailure behavior here depends on how many BackendRefs are specified and\nhow many are invalid.\n\nIf *all* entries in BackendRefs are invalid, and there are also no filters\nspecified in this route rule, *all* traffic which matches this rule MUST\nreceive a 500 status code.\n\nSee the HTTPBackendRef definition for the rules about what makes a single\nHTTPBackendRef invalid.\n\nWhen a HTTPBackendRef is invalid, 500 status codes MUST be returned for\nrequests that would have otherwise been routed to an invalid backend. If\nmultiple backends are specified, and some are invalid, the proportion of\nrequests that would otherwise have been routed to an invalid backend\nMUST receive a 500 status code.\n\nFor example, if two backends are specified with equal weights, and one is\ninvalid, 50 percent of traffic must receive a 500. Implementations may\nchoose how that 50 percent is determined.\n\nWhen a HTTPBackendRef refers to a Service that has no ready endpoints,\nimplementations SHOULD return a 503 for requests to that backend instead.\nIf an implementation chooses to do this, all of the above rules for 500 responses\nMUST also apply for responses that return a 503.\n\nSupport: Core for Kubernetes Service\n\nSupport: Extended for Kubernetes ServiceImport\n\nSupport: Implementation-specific for any other resource\n\nSupport for weight: Core" + items: + description: "HTTPBackendRef defines how a HTTPRoute forwards a HTTP request.\n\nNote that when a namespace different than the local namespace is specified, a\nReferenceGrant object is required in the referent namespace to allow that\nnamespace's owner to accept the reference. See the ReferenceGrant\ndocumentation for details.\n\n\n\nWhen the BackendRef points to a Kubernetes Service, implementations SHOULD\nhonor the appProtocol field if it is set for the target Service Port.\n\nImplementations supporting appProtocol SHOULD recognize the Kubernetes\nStandard Application Protocols defined in KEP-3726.\n\nIf a Service appProtocol isn't specified, an implementation MAY infer the\nbackend protocol through its own means. Implementations MAY infer the\nprotocol from the Route type referring to the backend Service.\n\nIf a Route is not able to send traffic to the backend using the specified\nprotocol then the backend is considered invalid. Implementations MUST set the\n\"ResolvedRefs\" condition to \"False\" with the \"UnsupportedProtocol\" reason.\n\n" + properties: + filters: + description: "Filters defined at this level should be executed if and only if the\nrequest is being forwarded to the backend defined here.\n\nSupport: Implementation-specific (For broader support of filters, use the\nFilters field in HTTPRouteRule.)" + items: + description: "HTTPRouteFilter defines processing steps that must be completed during the\nrequest or response lifecycle. HTTPRouteFilters are meant as an extension\npoint to express processing that may be done in Gateway implementations. Some\nexamples include request or response modification, implementing\nauthentication strategies, rate-limiting, and traffic shaping. API\nguarantee/conformance is defined based on the type of the filter.\n\n\n" + properties: + cors: + description: "CORS defines a schema for a filter that responds to the\ncross-origin request based on HTTP response header.\n\nSupport: Extended\n\n" + properties: + allowCredentials: + description: "AllowCredentials indicates whether the actual cross-origin request allows\nto include credentials.\n\nThe only valid value for the `Access-Control-Allow-Credentials` response\nheader is true (case-sensitive).\n\nIf the credentials are not allowed in cross-origin requests, the gateway\nwill omit the header `Access-Control-Allow-Credentials` entirely rather\nthan setting its value to false.\n\nSupport: Extended" + enum: + - true + type: "boolean" + allowHeaders: + description: "AllowHeaders indicates which HTTP request headers are supported for\naccessing the requested resource.\n\nHeader names are not case sensitive.\n\nMultiple header names in the value of the `Access-Control-Allow-Headers`\nresponse header are separated by a comma (\",\").\n\nWhen the `AllowHeaders` field is configured with one or more headers, the\ngateway must return the `Access-Control-Allow-Headers` response header\nwhich value is present in the `AllowHeaders` field.\n\nIf any header name in the `Access-Control-Request-Headers` request header\nis not included in the list of header names specified by the response\nheader `Access-Control-Allow-Headers`, it will present an error on the\nclient side.\n\nIf any header name in the `Access-Control-Allow-Headers` response header\ndoes not recognize by the client, it will also occur an error on the\nclient side.\n\nA wildcard indicates that the requests with all HTTP headers are allowed.\nThe `Access-Control-Allow-Headers` response header can only use `*`\nwildcard as value when the `AllowCredentials` field is unspecified.\n\nWhen the `AllowCredentials` field is specified and `AllowHeaders` field\nspecified with the `*` wildcard, the gateway must specify one or more\nHTTP headers in the value of the `Access-Control-Allow-Headers` response\nheader. The value of the header `Access-Control-Allow-Headers` is same as\nthe `Access-Control-Request-Headers` header provided by the client. If\nthe header `Access-Control-Request-Headers` is not included in the\nrequest, the gateway will omit the `Access-Control-Allow-Headers`\nresponse header, instead of specifying the `*` wildcard. A Gateway\nimplementation may choose to add implementation-specific default headers.\n\nSupport: Extended" + items: + description: "HTTPHeaderName is the name of an HTTP header.\n\nValid values include:\n\n* \"Authorization\"\n* \"Set-Cookie\"\n\nInvalid values include:\n\n - \":method\" - \":\" is an invalid character. This means that HTTP/2 pseudo\n headers are not currently supported by this type.\n - \"/invalid\" - \"/ \" is an invalid character" + maxLength: 256 + minLength: 1 + pattern: "^[A-Za-z0-9!#$%&'*+\\-.^_\\x60|~]+$" + type: "string" + maxItems: 64 + type: "array" + x-kubernetes-list-type: "set" + allowMethods: + description: "AllowMethods indicates which HTTP methods are supported for accessing the\nrequested resource.\n\nValid values are any method defined by RFC9110, along with the special\nvalue `*`, which represents all HTTP methods are allowed.\n\nMethod names are case sensitive, so these values are also case-sensitive.\n(See https://www.rfc-editor.org/rfc/rfc2616#section-5.1.1)\n\nMultiple method names in the value of the `Access-Control-Allow-Methods`\nresponse header are separated by a comma (\",\").\n\nA CORS-safelisted method is a method that is `GET`, `HEAD`, or `POST`.\n(See https://fetch.spec.whatwg.org/#cors-safelisted-method) The\nCORS-safelisted methods are always allowed, regardless of whether they\nare specified in the `AllowMethods` field.\n\nWhen the `AllowMethods` field is configured with one or more methods, the\ngateway must return the `Access-Control-Allow-Methods` response header\nwhich value is present in the `AllowMethods` field.\n\nIf the HTTP method of the `Access-Control-Request-Method` request header\nis not included in the list of methods specified by the response header\n`Access-Control-Allow-Methods`, it will present an error on the client\nside.\n\nThe `Access-Control-Allow-Methods` response header can only use `*`\nwildcard as value when the `AllowCredentials` field is unspecified.\n\nWhen the `AllowCredentials` field is specified and `AllowMethods` field\nspecified with the `*` wildcard, the gateway must specify one HTTP method\nin the value of the Access-Control-Allow-Methods response header. The\nvalue of the header `Access-Control-Allow-Methods` is same as the\n`Access-Control-Request-Method` header provided by the client. If the\nheader `Access-Control-Request-Method` is not included in the request,\nthe gateway will omit the `Access-Control-Allow-Methods` response header,\ninstead of specifying the `*` wildcard. A Gateway implementation may\nchoose to add implementation-specific default methods.\n\nSupport: Extended" + items: + enum: + - "GET" + - "HEAD" + - "POST" + - "PUT" + - "DELETE" + - "CONNECT" + - "OPTIONS" + - "TRACE" + - "PATCH" + - "*" + type: "string" + maxItems: 9 + type: "array" + x-kubernetes-list-type: "set" + x-kubernetes-validations: + - message: "AllowMethods cannot contain '*' alongside other methods" + rule: "!('*' in self && self.size() > 1)" + allowOrigins: + description: "AllowOrigins indicates whether the response can be shared with requested\nresource from the given `Origin`.\n\nThe `Origin` consists of a scheme and a host, with an optional port, and\ntakes the form `://(:)`.\n\nValid values for scheme are: `http` and `https`.\n\nValid values for port are any integer between 1 and 65535 (the list of\navailable TCP/UDP ports). Note that, if not included, port `80` is\nassumed for `http` scheme origins, and port `443` is assumed for `https`\norigins. This may affect origin matching.\n\nThe host part of the origin may contain the wildcard character `*`. These\nwildcard characters behave as follows:\n\n* `*` is a greedy match to the _left_, including any number of\n DNS labels to the left of its position. This also means that\n `*` will include any number of period `.` characters to the\n left of its position.\n* A wildcard by itself matches all hosts.\n\nAn origin value that includes _only_ the `*` character indicates requests\nfrom all `Origin`s are allowed.\n\nWhen the `AllowOrigins` field is configured with multiple origins, it\nmeans the server supports clients from multiple origins. If the request\n`Origin` matches the configured allowed origins, the gateway must return\nthe given `Origin` and sets value of the header\n`Access-Control-Allow-Origin` same as the `Origin` header provided by the\nclient.\n\nThe status code of a successful response to a \"preflight\" request is\nalways an OK status (i.e., 204 or 200).\n\nIf the request `Origin` does not match the configured allowed origins,\nthe gateway returns 204/200 response but doesn't set the relevant\ncross-origin response headers. Alternatively, the gateway responds with\n403 status to the \"preflight\" request is denied, coupled with omitting\nthe CORS headers. The cross-origin request fails on the client side.\nTherefore, the client doesn't attempt the actual cross-origin request.\n\nThe `Access-Control-Allow-Origin` response header can only use `*`\nwildcard as value when the `AllowCredentials` field is unspecified.\n\nWhen the `AllowCredentials` field is specified and `AllowOrigins` field\nspecified with the `*` wildcard, the gateway must return a single origin\nin the value of the `Access-Control-Allow-Origin` response header,\ninstead of specifying the `*` wildcard. The value of the header\n`Access-Control-Allow-Origin` is same as the `Origin` header provided by\nthe client.\n\nSupport: Extended" + items: + description: "The AbsoluteURI MUST NOT be a relative URI, and it MUST follow the URI syntax and\nencoding rules specified in RFC3986. The AbsoluteURI MUST include both a\nscheme (e.g., \"http\" or \"spiffe\") and a scheme-specific-part. URIs that\ninclude an authority MUST include a fully qualified domain name or\nIP address as the host.\n The below regex is taken from the regex section in RFC 3986 with a slight modification to enforce a full URI and not relative. " + maxLength: 253 + minLength: 1 + pattern: "^(([^:/?#]+):)(//([^/?#]*))([^?#]*)(\\?([^#]*))?(#(.*))?" + type: "string" + maxItems: 64 + type: "array" + x-kubernetes-list-type: "set" + exposeHeaders: + description: "ExposeHeaders indicates which HTTP response headers can be exposed\nto client-side scripts in response to a cross-origin request.\n\nA CORS-safelisted response header is an HTTP header in a CORS response\nthat it is considered safe to expose to the client scripts.\nThe CORS-safelisted response headers include the following headers:\n`Cache-Control`\n`Content-Language`\n`Content-Length`\n`Content-Type`\n`Expires`\n`Last-Modified`\n`Pragma`\n(See https://fetch.spec.whatwg.org/#cors-safelisted-response-header-name)\nThe CORS-safelisted response headers are exposed to client by default.\n\nWhen an HTTP header name is specified using the `ExposeHeaders` field,\nthis additional header will be exposed as part of the response to the\nclient.\n\nHeader names are not case sensitive.\n\nMultiple header names in the value of the `Access-Control-Expose-Headers`\nresponse header are separated by a comma (\",\").\n\nA wildcard indicates that the responses with all HTTP headers are exposed\nto clients. The `Access-Control-Expose-Headers` response header can only\nuse `*` wildcard as value when the `AllowCredentials` field is\nunspecified.\n\nSupport: Extended" + items: + description: "HTTPHeaderName is the name of an HTTP header.\n\nValid values include:\n\n* \"Authorization\"\n* \"Set-Cookie\"\n\nInvalid values include:\n\n - \":method\" - \":\" is an invalid character. This means that HTTP/2 pseudo\n headers are not currently supported by this type.\n - \"/invalid\" - \"/ \" is an invalid character" + maxLength: 256 + minLength: 1 + pattern: "^[A-Za-z0-9!#$%&'*+\\-.^_\\x60|~]+$" + type: "string" + maxItems: 64 + type: "array" + x-kubernetes-list-type: "set" + maxAge: + default: 5 + description: "MaxAge indicates the duration (in seconds) for the client to cache the\nresults of a \"preflight\" request.\n\nThe information provided by the `Access-Control-Allow-Methods` and\n`Access-Control-Allow-Headers` response headers can be cached by the\nclient until the time specified by `Access-Control-Max-Age` elapses.\n\nThe default value of `Access-Control-Max-Age` response header is 5\n(seconds)." + format: "int32" + minimum: 1.0 + type: "integer" + type: "object" + extensionRef: + description: "ExtensionRef is an optional, implementation-specific extension to the\n\"filter\" behavior. For example, resource \"myroutefilter\" in group\n\"networking.example.net\"). ExtensionRef MUST NOT be used for core and\nextended filters.\n\nThis filter can be used multiple times within the same rule.\n\nSupport: Implementation-specific" + properties: + group: + description: "Group is the group of the referent. For example, \"gateway.networking.k8s.io\".\nWhen unspecified or empty string, core API group is inferred." + maxLength: 253 + pattern: "^$|^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$" + type: "string" + kind: + description: "Kind is kind of the referent. For example \"HTTPRoute\" or \"Service\"." + maxLength: 63 + minLength: 1 + pattern: "^[a-zA-Z]([-a-zA-Z0-9]*[a-zA-Z0-9])?$" + type: "string" + name: + description: "Name is the name of the referent." + maxLength: 253 + minLength: 1 + type: "string" + required: + - "group" + - "kind" + - "name" + type: "object" + requestHeaderModifier: + description: "RequestHeaderModifier defines a schema for a filter that modifies request\nheaders.\n\nSupport: Core" + properties: + add: + description: "Add adds the given header(s) (name, value) to the request\nbefore the action. It appends to any existing values associated\nwith the header name.\n\nInput:\n GET /foo HTTP/1.1\n my-header: foo\n\nConfig:\n add:\n - name: \"my-header\"\n value: \"bar,baz\"\n\nOutput:\n GET /foo HTTP/1.1\n my-header: foo,bar,baz" + items: + description: "HTTPHeader represents an HTTP Header name and value as defined by RFC 7230." + properties: + name: + description: "Name is the name of the HTTP Header to be matched. Name matching MUST be\ncase-insensitive. (See https://tools.ietf.org/html/rfc7230#section-3.2).\n\nIf multiple entries specify equivalent header names, the first entry with\nan equivalent name MUST be considered for a match. Subsequent entries\nwith an equivalent header name MUST be ignored. Due to the\ncase-insensitivity of header names, \"foo\" and \"Foo\" are considered\nequivalent." + maxLength: 256 + minLength: 1 + pattern: "^[A-Za-z0-9!#$%&'*+\\-.^_\\x60|~]+$" + type: "string" + value: + description: "Value is the value of HTTP Header to be matched." + maxLength: 4096 + minLength: 1 + type: "string" + required: + - "name" + - "value" + type: "object" + maxItems: 16 + type: "array" + x-kubernetes-list-map-keys: + - "name" + x-kubernetes-list-type: "map" + remove: + description: "Remove the given header(s) from the HTTP request before the action. The\nvalue of Remove is a list of HTTP header names. Note that the header\nnames are case-insensitive (see\nhttps://datatracker.ietf.org/doc/html/rfc2616#section-4.2).\n\nInput:\n GET /foo HTTP/1.1\n my-header1: foo\n my-header2: bar\n my-header3: baz\n\nConfig:\n remove: [\"my-header1\", \"my-header3\"]\n\nOutput:\n GET /foo HTTP/1.1\n my-header2: bar" + items: + type: "string" + maxItems: 16 + type: "array" + x-kubernetes-list-type: "set" + set: + description: "Set overwrites the request with the given header (name, value)\nbefore the action.\n\nInput:\n GET /foo HTTP/1.1\n my-header: foo\n\nConfig:\n set:\n - name: \"my-header\"\n value: \"bar\"\n\nOutput:\n GET /foo HTTP/1.1\n my-header: bar" + items: + description: "HTTPHeader represents an HTTP Header name and value as defined by RFC 7230." + properties: + name: + description: "Name is the name of the HTTP Header to be matched. Name matching MUST be\ncase-insensitive. (See https://tools.ietf.org/html/rfc7230#section-3.2).\n\nIf multiple entries specify equivalent header names, the first entry with\nan equivalent name MUST be considered for a match. Subsequent entries\nwith an equivalent header name MUST be ignored. Due to the\ncase-insensitivity of header names, \"foo\" and \"Foo\" are considered\nequivalent." + maxLength: 256 + minLength: 1 + pattern: "^[A-Za-z0-9!#$%&'*+\\-.^_\\x60|~]+$" + type: "string" + value: + description: "Value is the value of HTTP Header to be matched." + maxLength: 4096 + minLength: 1 + type: "string" + required: + - "name" + - "value" + type: "object" + maxItems: 16 + type: "array" + x-kubernetes-list-map-keys: + - "name" + x-kubernetes-list-type: "map" + type: "object" + requestMirror: + description: "RequestMirror defines a schema for a filter that mirrors requests.\nRequests are sent to the specified destination, but responses from\nthat destination are ignored.\n\nThis filter can be used multiple times within the same rule. Note that\nnot all implementations will be able to support mirroring to multiple\nbackends.\n\nSupport: Extended" + properties: + backendRef: + description: "BackendRef references a resource where mirrored requests are sent.\n\nMirrored requests must be sent only to a single destination endpoint\nwithin this BackendRef, irrespective of how many endpoints are present\nwithin this BackendRef.\n\nIf the referent cannot be found, this BackendRef is invalid and must be\ndropped from the Gateway. The controller must ensure the \"ResolvedRefs\"\ncondition on the Route status is set to `status: False` and not configure\nthis backend in the underlying implementation.\n\nIf there is a cross-namespace reference to an *existing* object\nthat is not allowed by a ReferenceGrant, the controller must ensure the\n\"ResolvedRefs\" condition on the Route is set to `status: False`,\nwith the \"RefNotPermitted\" reason and not configure this backend in the\nunderlying implementation.\n\nIn either error case, the Message of the `ResolvedRefs` Condition\nshould be used to provide more detail about the problem.\n\nSupport: Extended for Kubernetes Service\n\nSupport: Implementation-specific for any other resource" + properties: + group: + default: "" + description: "Group is the group of the referent. For example, \"gateway.networking.k8s.io\".\nWhen unspecified or empty string, core API group is inferred." + maxLength: 253 + pattern: "^$|^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$" + type: "string" + kind: + default: "Service" + description: "Kind is the Kubernetes resource kind of the referent. For example\n\"Service\".\n\nDefaults to \"Service\" when not specified.\n\nExternalName services can refer to CNAME DNS records that may live\noutside of the cluster and as such are difficult to reason about in\nterms of conformance. They also may not be safe to forward to (see\nCVE-2021-25740 for more information). Implementations SHOULD NOT\nsupport ExternalName Services.\n\nSupport: Core (Services with a type other than ExternalName)\n\nSupport: Implementation-specific (Services with type ExternalName)" + maxLength: 63 + minLength: 1 + pattern: "^[a-zA-Z]([-a-zA-Z0-9]*[a-zA-Z0-9])?$" + type: "string" + name: + description: "Name is the name of the referent." + maxLength: 253 + minLength: 1 + type: "string" + namespace: + description: "Namespace is the namespace of the backend. When unspecified, the local\nnamespace is inferred.\n\nNote that when a namespace different than the local namespace is specified,\na ReferenceGrant object is required in the referent namespace to allow that\nnamespace's owner to accept the reference. See the ReferenceGrant\ndocumentation for details.\n\nSupport: Core" + maxLength: 63 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?$" + type: "string" + port: + description: "Port specifies the destination port number to use for this resource.\nPort is required when the referent is a Kubernetes Service. In this\ncase, the port number is the service port number, not the target port.\nFor other resources, destination port might be derived from the referent\nresource or this field." + format: "int32" + maximum: 65535.0 + minimum: 1.0 + type: "integer" + required: + - "name" + type: "object" + x-kubernetes-validations: + - message: "Must have port for Service reference" + rule: "(size(self.group) == 0 && self.kind == 'Service') ? has(self.port) : true" + fraction: + description: "Fraction represents the fraction of requests that should be\nmirrored to BackendRef.\n\nOnly one of Fraction or Percent may be specified. If neither field\nis specified, 100% of requests will be mirrored." + properties: + denominator: + default: 100 + format: "int32" + minimum: 1.0 + type: "integer" + numerator: + format: "int32" + minimum: 0.0 + type: "integer" + required: + - "numerator" + type: "object" + x-kubernetes-validations: + - message: "numerator must be less than or equal to denominator" + rule: "self.numerator <= self.denominator" + percent: + description: "Percent represents the percentage of requests that should be\nmirrored to BackendRef. Its minimum value is 0 (indicating 0% of\nrequests) and its maximum value is 100 (indicating 100% of requests).\n\nOnly one of Fraction or Percent may be specified. If neither field\nis specified, 100% of requests will be mirrored." + format: "int32" + maximum: 100.0 + minimum: 0.0 + type: "integer" + required: + - "backendRef" + type: "object" + x-kubernetes-validations: + - message: "Only one of percent or fraction may be specified in HTTPRequestMirrorFilter" + rule: "!(has(self.percent) && has(self.fraction))" + requestRedirect: + description: "RequestRedirect defines a schema for a filter that responds to the\nrequest with an HTTP redirection.\n\nSupport: Core" + properties: + hostname: + description: "Hostname is the hostname to be used in the value of the `Location`\nheader in the response.\nWhen empty, the hostname in the `Host` header of the request is used.\n\nSupport: Core" + maxLength: 253 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$" + type: "string" + path: + description: "Path defines parameters used to modify the path of the incoming request.\nThe modified path is then used to construct the `Location` header. When\nempty, the request path is used as-is.\n\nSupport: Extended" + properties: + replaceFullPath: + description: "ReplaceFullPath specifies the value with which to replace the full path\nof a request during a rewrite or redirect." + maxLength: 1024 + type: "string" + replacePrefixMatch: + description: "ReplacePrefixMatch specifies the value with which to replace the prefix\nmatch of a request during a rewrite or redirect. For example, a request\nto \"/foo/bar\" with a prefix match of \"/foo\" and a ReplacePrefixMatch\nof \"/xyz\" would be modified to \"/xyz/bar\".\n\nNote that this matches the behavior of the PathPrefix match type. This\nmatches full path elements. A path element refers to the list of labels\nin the path split by the `/` separator. When specified, a trailing `/` is\nignored. For example, the paths `/abc`, `/abc/`, and `/abc/def` would all\nmatch the prefix `/abc`, but the path `/abcd` would not.\n\nReplacePrefixMatch is only compatible with a `PathPrefix` HTTPRouteMatch.\nUsing any other HTTPRouteMatch type on the same HTTPRouteRule will result in\nthe implementation setting the Accepted Condition for the Route to `status: False`.\n\nRequest Path | Prefix Match | Replace Prefix | Modified Path" + maxLength: 1024 + type: "string" + type: + description: "Type defines the type of path modifier. Additional types may be\nadded in a future release of the API.\n\nNote that values may be added to this enum, implementations\nmust ensure that unknown values will not cause a crash.\n\nUnknown values here must result in the implementation setting the\nAccepted Condition for the Route to `status: False`, with a\nReason of `UnsupportedValue`." + enum: + - "ReplaceFullPath" + - "ReplacePrefixMatch" + type: "string" + required: + - "type" + type: "object" + x-kubernetes-validations: + - message: "replaceFullPath must be specified when type is set to 'ReplaceFullPath'" + rule: "self.type == 'ReplaceFullPath' ? has(self.replaceFullPath) : true" + - message: "type must be 'ReplaceFullPath' when replaceFullPath is set" + rule: "has(self.replaceFullPath) ? self.type == 'ReplaceFullPath' : true" + - message: "replacePrefixMatch must be specified when type is set to 'ReplacePrefixMatch'" + rule: "self.type == 'ReplacePrefixMatch' ? has(self.replacePrefixMatch) : true" + - message: "type must be 'ReplacePrefixMatch' when replacePrefixMatch is set" + rule: "has(self.replacePrefixMatch) ? self.type == 'ReplacePrefixMatch' : true" + port: + description: "Port is the port to be used in the value of the `Location`\nheader in the response.\n\nIf no port is specified, the redirect port MUST be derived using the\nfollowing rules:\n\n* If redirect scheme is not-empty, the redirect port MUST be the well-known\n port associated with the redirect scheme. Specifically \"http\" to port 80\n and \"https\" to port 443. If the redirect scheme does not have a\n well-known port, the listener port of the Gateway SHOULD be used.\n* If redirect scheme is empty, the redirect port MUST be the Gateway\n Listener port.\n\nImplementations SHOULD NOT add the port number in the 'Location'\nheader in the following cases:\n\n* A Location header that will use HTTP (whether that is determined via\n the Listener protocol or the Scheme field) _and_ use port 80.\n* A Location header that will use HTTPS (whether that is determined via\n the Listener protocol or the Scheme field) _and_ use port 443.\n\nSupport: Extended" + format: "int32" + maximum: 65535.0 + minimum: 1.0 + type: "integer" + scheme: + description: "Scheme is the scheme to be used in the value of the `Location` header in\nthe response. When empty, the scheme of the request is used.\n\nScheme redirects can affect the port of the redirect, for more information,\nrefer to the documentation for the port field of this filter.\n\nNote that values may be added to this enum, implementations\nmust ensure that unknown values will not cause a crash.\n\nUnknown values here must result in the implementation setting the\nAccepted Condition for the Route to `status: False`, with a\nReason of `UnsupportedValue`.\n\nSupport: Extended" + enum: + - "http" + - "https" + type: "string" + statusCode: + default: 302 + description: "StatusCode is the HTTP status code to be used in response.\n\nNote that values may be added to this enum, implementations\nmust ensure that unknown values will not cause a crash.\n\nUnknown values here must result in the implementation setting the\nAccepted Condition for the Route to `status: False`, with a\nReason of `UnsupportedValue`.\n\nSupport: Core" + enum: + - 301 + - 302 + type: "integer" + type: "object" + responseHeaderModifier: + description: "ResponseHeaderModifier defines a schema for a filter that modifies response\nheaders.\n\nSupport: Extended" + properties: + add: + description: "Add adds the given header(s) (name, value) to the request\nbefore the action. It appends to any existing values associated\nwith the header name.\n\nInput:\n GET /foo HTTP/1.1\n my-header: foo\n\nConfig:\n add:\n - name: \"my-header\"\n value: \"bar,baz\"\n\nOutput:\n GET /foo HTTP/1.1\n my-header: foo,bar,baz" + items: + description: "HTTPHeader represents an HTTP Header name and value as defined by RFC 7230." + properties: + name: + description: "Name is the name of the HTTP Header to be matched. Name matching MUST be\ncase-insensitive. (See https://tools.ietf.org/html/rfc7230#section-3.2).\n\nIf multiple entries specify equivalent header names, the first entry with\nan equivalent name MUST be considered for a match. Subsequent entries\nwith an equivalent header name MUST be ignored. Due to the\ncase-insensitivity of header names, \"foo\" and \"Foo\" are considered\nequivalent." + maxLength: 256 + minLength: 1 + pattern: "^[A-Za-z0-9!#$%&'*+\\-.^_\\x60|~]+$" + type: "string" + value: + description: "Value is the value of HTTP Header to be matched." + maxLength: 4096 + minLength: 1 + type: "string" + required: + - "name" + - "value" + type: "object" + maxItems: 16 + type: "array" + x-kubernetes-list-map-keys: + - "name" + x-kubernetes-list-type: "map" + remove: + description: "Remove the given header(s) from the HTTP request before the action. The\nvalue of Remove is a list of HTTP header names. Note that the header\nnames are case-insensitive (see\nhttps://datatracker.ietf.org/doc/html/rfc2616#section-4.2).\n\nInput:\n GET /foo HTTP/1.1\n my-header1: foo\n my-header2: bar\n my-header3: baz\n\nConfig:\n remove: [\"my-header1\", \"my-header3\"]\n\nOutput:\n GET /foo HTTP/1.1\n my-header2: bar" + items: + type: "string" + maxItems: 16 + type: "array" + x-kubernetes-list-type: "set" + set: + description: "Set overwrites the request with the given header (name, value)\nbefore the action.\n\nInput:\n GET /foo HTTP/1.1\n my-header: foo\n\nConfig:\n set:\n - name: \"my-header\"\n value: \"bar\"\n\nOutput:\n GET /foo HTTP/1.1\n my-header: bar" + items: + description: "HTTPHeader represents an HTTP Header name and value as defined by RFC 7230." + properties: + name: + description: "Name is the name of the HTTP Header to be matched. Name matching MUST be\ncase-insensitive. (See https://tools.ietf.org/html/rfc7230#section-3.2).\n\nIf multiple entries specify equivalent header names, the first entry with\nan equivalent name MUST be considered for a match. Subsequent entries\nwith an equivalent header name MUST be ignored. Due to the\ncase-insensitivity of header names, \"foo\" and \"Foo\" are considered\nequivalent." + maxLength: 256 + minLength: 1 + pattern: "^[A-Za-z0-9!#$%&'*+\\-.^_\\x60|~]+$" + type: "string" + value: + description: "Value is the value of HTTP Header to be matched." + maxLength: 4096 + minLength: 1 + type: "string" + required: + - "name" + - "value" + type: "object" + maxItems: 16 + type: "array" + x-kubernetes-list-map-keys: + - "name" + x-kubernetes-list-type: "map" + type: "object" + type: + description: "Type identifies the type of filter to apply. As with other API fields,\ntypes are classified into three conformance levels:\n\n- Core: Filter types and their corresponding configuration defined by\n \"Support: Core\" in this package, e.g. \"RequestHeaderModifier\". All\n implementations must support core filters.\n\n- Extended: Filter types and their corresponding configuration defined by\n \"Support: Extended\" in this package, e.g. \"RequestMirror\". Implementers\n are encouraged to support extended filters.\n\n- Implementation-specific: Filters that are defined and supported by\n specific vendors.\n In the future, filters showing convergence in behavior across multiple\n implementations will be considered for inclusion in extended or core\n conformance levels. Filter-specific configuration for such filters\n is specified using the ExtensionRef field. `Type` should be set to\n \"ExtensionRef\" for custom filters.\n\nImplementers are encouraged to define custom implementation types to\nextend the core API with implementation-specific behavior.\n\nIf a reference to a custom filter type cannot be resolved, the filter\nMUST NOT be skipped. Instead, requests that would have been processed by\nthat filter MUST receive a HTTP error response.\n\nNote that values may be added to this enum, implementations\nmust ensure that unknown values will not cause a crash.\n\nUnknown values here must result in the implementation setting the\nAccepted Condition for the Route to `status: False`, with a\nReason of `UnsupportedValue`.\n\n" + enum: + - "RequestHeaderModifier" + - "ResponseHeaderModifier" + - "RequestMirror" + - "RequestRedirect" + - "URLRewrite" + - "ExtensionRef" + type: "string" + urlRewrite: + description: "URLRewrite defines a schema for a filter that modifies a request during forwarding.\n\nSupport: Extended" + properties: + hostname: + description: "Hostname is the value to be used to replace the Host header value during\nforwarding.\n\nSupport: Extended" + maxLength: 253 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$" + type: "string" + path: + description: "Path defines a path rewrite.\n\nSupport: Extended" + properties: + replaceFullPath: + description: "ReplaceFullPath specifies the value with which to replace the full path\nof a request during a rewrite or redirect." + maxLength: 1024 + type: "string" + replacePrefixMatch: + description: "ReplacePrefixMatch specifies the value with which to replace the prefix\nmatch of a request during a rewrite or redirect. For example, a request\nto \"/foo/bar\" with a prefix match of \"/foo\" and a ReplacePrefixMatch\nof \"/xyz\" would be modified to \"/xyz/bar\".\n\nNote that this matches the behavior of the PathPrefix match type. This\nmatches full path elements. A path element refers to the list of labels\nin the path split by the `/` separator. When specified, a trailing `/` is\nignored. For example, the paths `/abc`, `/abc/`, and `/abc/def` would all\nmatch the prefix `/abc`, but the path `/abcd` would not.\n\nReplacePrefixMatch is only compatible with a `PathPrefix` HTTPRouteMatch.\nUsing any other HTTPRouteMatch type on the same HTTPRouteRule will result in\nthe implementation setting the Accepted Condition for the Route to `status: False`.\n\nRequest Path | Prefix Match | Replace Prefix | Modified Path" + maxLength: 1024 + type: "string" + type: + description: "Type defines the type of path modifier. Additional types may be\nadded in a future release of the API.\n\nNote that values may be added to this enum, implementations\nmust ensure that unknown values will not cause a crash.\n\nUnknown values here must result in the implementation setting the\nAccepted Condition for the Route to `status: False`, with a\nReason of `UnsupportedValue`." + enum: + - "ReplaceFullPath" + - "ReplacePrefixMatch" + type: "string" + required: + - "type" + type: "object" + x-kubernetes-validations: + - message: "replaceFullPath must be specified when type is set to 'ReplaceFullPath'" + rule: "self.type == 'ReplaceFullPath' ? has(self.replaceFullPath) : true" + - message: "type must be 'ReplaceFullPath' when replaceFullPath is set" + rule: "has(self.replaceFullPath) ? self.type == 'ReplaceFullPath' : true" + - message: "replacePrefixMatch must be specified when type is set to 'ReplacePrefixMatch'" + rule: "self.type == 'ReplacePrefixMatch' ? has(self.replacePrefixMatch) : true" + - message: "type must be 'ReplacePrefixMatch' when replacePrefixMatch is set" + rule: "has(self.replacePrefixMatch) ? self.type == 'ReplacePrefixMatch' : true" + type: "object" + required: + - "type" + type: "object" + x-kubernetes-validations: + - message: "filter.requestHeaderModifier must be nil if the filter.type is not RequestHeaderModifier" + rule: "!(has(self.requestHeaderModifier) && self.type != 'RequestHeaderModifier')" + - message: "filter.requestHeaderModifier must be specified for RequestHeaderModifier filter.type" + rule: "!(!has(self.requestHeaderModifier) && self.type == 'RequestHeaderModifier')" + - message: "filter.responseHeaderModifier must be nil if the filter.type is not ResponseHeaderModifier" + rule: "!(has(self.responseHeaderModifier) && self.type != 'ResponseHeaderModifier')" + - message: "filter.responseHeaderModifier must be specified for ResponseHeaderModifier filter.type" + rule: "!(!has(self.responseHeaderModifier) && self.type == 'ResponseHeaderModifier')" + - message: "filter.requestMirror must be nil if the filter.type is not RequestMirror" + rule: "!(has(self.requestMirror) && self.type != 'RequestMirror')" + - message: "filter.requestMirror must be specified for RequestMirror filter.type" + rule: "!(!has(self.requestMirror) && self.type == 'RequestMirror')" + - message: "filter.requestRedirect must be nil if the filter.type is not RequestRedirect" + rule: "!(has(self.requestRedirect) && self.type != 'RequestRedirect')" + - message: "filter.requestRedirect must be specified for RequestRedirect filter.type" + rule: "!(!has(self.requestRedirect) && self.type == 'RequestRedirect')" + - message: "filter.urlRewrite must be nil if the filter.type is not URLRewrite" + rule: "!(has(self.urlRewrite) && self.type != 'URLRewrite')" + - message: "filter.urlRewrite must be specified for URLRewrite filter.type" + rule: "!(!has(self.urlRewrite) && self.type == 'URLRewrite')" + - message: "filter.extensionRef must be nil if the filter.type is not ExtensionRef" + rule: "!(has(self.extensionRef) && self.type != 'ExtensionRef')" + - message: "filter.extensionRef must be specified for ExtensionRef filter.type" + rule: "!(!has(self.extensionRef) && self.type == 'ExtensionRef')" + maxItems: 16 + type: "array" + x-kubernetes-validations: + - message: "May specify either httpRouteFilterRequestRedirect or httpRouteFilterRequestRewrite, but not both" + rule: "!(self.exists(f, f.type == 'RequestRedirect') && self.exists(f, f.type == 'URLRewrite'))" + - message: "May specify either httpRouteFilterRequestRedirect or httpRouteFilterRequestRewrite, but not both" + rule: "!(self.exists(f, f.type == 'RequestRedirect') && self.exists(f, f.type == 'URLRewrite'))" + - message: "RequestHeaderModifier filter cannot be repeated" + rule: "self.filter(f, f.type == 'RequestHeaderModifier').size() <= 1" + - message: "ResponseHeaderModifier filter cannot be repeated" + rule: "self.filter(f, f.type == 'ResponseHeaderModifier').size() <= 1" + - message: "RequestRedirect filter cannot be repeated" + rule: "self.filter(f, f.type == 'RequestRedirect').size() <= 1" + - message: "URLRewrite filter cannot be repeated" + rule: "self.filter(f, f.type == 'URLRewrite').size() <= 1" + group: + default: "" + description: "Group is the group of the referent. For example, \"gateway.networking.k8s.io\".\nWhen unspecified or empty string, core API group is inferred." + maxLength: 253 + pattern: "^$|^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$" + type: "string" + kind: + default: "Service" + description: "Kind is the Kubernetes resource kind of the referent. For example\n\"Service\".\n\nDefaults to \"Service\" when not specified.\n\nExternalName services can refer to CNAME DNS records that may live\noutside of the cluster and as such are difficult to reason about in\nterms of conformance. They also may not be safe to forward to (see\nCVE-2021-25740 for more information). Implementations SHOULD NOT\nsupport ExternalName Services.\n\nSupport: Core (Services with a type other than ExternalName)\n\nSupport: Implementation-specific (Services with type ExternalName)" + maxLength: 63 + minLength: 1 + pattern: "^[a-zA-Z]([-a-zA-Z0-9]*[a-zA-Z0-9])?$" + type: "string" + name: + description: "Name is the name of the referent." + maxLength: 253 + minLength: 1 + type: "string" + namespace: + description: "Namespace is the namespace of the backend. When unspecified, the local\nnamespace is inferred.\n\nNote that when a namespace different than the local namespace is specified,\na ReferenceGrant object is required in the referent namespace to allow that\nnamespace's owner to accept the reference. See the ReferenceGrant\ndocumentation for details.\n\nSupport: Core" + maxLength: 63 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?$" + type: "string" + port: + description: "Port specifies the destination port number to use for this resource.\nPort is required when the referent is a Kubernetes Service. In this\ncase, the port number is the service port number, not the target port.\nFor other resources, destination port might be derived from the referent\nresource or this field." + format: "int32" + maximum: 65535.0 + minimum: 1.0 + type: "integer" + weight: + default: 1 + description: "Weight specifies the proportion of requests forwarded to the referenced\nbackend. This is computed as weight/(sum of all weights in this\nBackendRefs list). For non-zero values, there may be some epsilon from\nthe exact proportion defined here depending on the precision an\nimplementation supports. Weight is not a percentage and the sum of\nweights does not need to equal 100.\n\nIf only one backend is specified and it has a weight greater than 0, 100%\nof the traffic is forwarded to that backend. If weight is set to 0, no\ntraffic should be forwarded for this entry. If unspecified, weight\ndefaults to 1.\n\nSupport for this field varies based on the context where used." + format: "int32" + maximum: 1000000.0 + minimum: 0.0 + type: "integer" + required: + - "name" + type: "object" + x-kubernetes-validations: + - message: "Must have port for Service reference" + rule: "(size(self.group) == 0 && self.kind == 'Service') ? has(self.port) : true" + maxItems: 16 + type: "array" + filters: + description: "Filters define the filters that are applied to requests that match\nthis rule.\n\nWherever possible, implementations SHOULD implement filters in the order\nthey are specified.\n\nImplementations MAY choose to implement this ordering strictly, rejecting\nany combination or order of filters that cannot be supported. If implementations\nchoose a strict interpretation of filter ordering, they MUST clearly document\nthat behavior.\n\nTo reject an invalid combination or order of filters, implementations SHOULD\nconsider the Route Rules with this configuration invalid. If all Route Rules\nin a Route are invalid, the entire Route would be considered invalid. If only\na portion of Route Rules are invalid, implementations MUST set the\n\"PartiallyInvalid\" condition for the Route.\n\nConformance-levels at this level are defined based on the type of filter:\n\n- ALL core filters MUST be supported by all implementations.\n- Implementers are encouraged to support extended filters.\n- Implementation-specific custom filters have no API guarantees across\n implementations.\n\nSpecifying the same filter multiple times is not supported unless explicitly\nindicated in the filter.\n\nAll filters are expected to be compatible with each other except for the\nURLRewrite and RequestRedirect filters, which may not be combined. If an\nimplementation cannot support other combinations of filters, they must clearly\ndocument that limitation. In cases where incompatible or unsupported\nfilters are specified and cause the `Accepted` condition to be set to status\n`False`, implementations may use the `IncompatibleFilters` reason to specify\nthis configuration error.\n\nSupport: Core" + items: + description: "HTTPRouteFilter defines processing steps that must be completed during the\nrequest or response lifecycle. HTTPRouteFilters are meant as an extension\npoint to express processing that may be done in Gateway implementations. Some\nexamples include request or response modification, implementing\nauthentication strategies, rate-limiting, and traffic shaping. API\nguarantee/conformance is defined based on the type of the filter.\n\n\n" + properties: + cors: + description: "CORS defines a schema for a filter that responds to the\ncross-origin request based on HTTP response header.\n\nSupport: Extended\n\n" + properties: + allowCredentials: + description: "AllowCredentials indicates whether the actual cross-origin request allows\nto include credentials.\n\nThe only valid value for the `Access-Control-Allow-Credentials` response\nheader is true (case-sensitive).\n\nIf the credentials are not allowed in cross-origin requests, the gateway\nwill omit the header `Access-Control-Allow-Credentials` entirely rather\nthan setting its value to false.\n\nSupport: Extended" + enum: + - true + type: "boolean" + allowHeaders: + description: "AllowHeaders indicates which HTTP request headers are supported for\naccessing the requested resource.\n\nHeader names are not case sensitive.\n\nMultiple header names in the value of the `Access-Control-Allow-Headers`\nresponse header are separated by a comma (\",\").\n\nWhen the `AllowHeaders` field is configured with one or more headers, the\ngateway must return the `Access-Control-Allow-Headers` response header\nwhich value is present in the `AllowHeaders` field.\n\nIf any header name in the `Access-Control-Request-Headers` request header\nis not included in the list of header names specified by the response\nheader `Access-Control-Allow-Headers`, it will present an error on the\nclient side.\n\nIf any header name in the `Access-Control-Allow-Headers` response header\ndoes not recognize by the client, it will also occur an error on the\nclient side.\n\nA wildcard indicates that the requests with all HTTP headers are allowed.\nThe `Access-Control-Allow-Headers` response header can only use `*`\nwildcard as value when the `AllowCredentials` field is unspecified.\n\nWhen the `AllowCredentials` field is specified and `AllowHeaders` field\nspecified with the `*` wildcard, the gateway must specify one or more\nHTTP headers in the value of the `Access-Control-Allow-Headers` response\nheader. The value of the header `Access-Control-Allow-Headers` is same as\nthe `Access-Control-Request-Headers` header provided by the client. If\nthe header `Access-Control-Request-Headers` is not included in the\nrequest, the gateway will omit the `Access-Control-Allow-Headers`\nresponse header, instead of specifying the `*` wildcard. A Gateway\nimplementation may choose to add implementation-specific default headers.\n\nSupport: Extended" + items: + description: "HTTPHeaderName is the name of an HTTP header.\n\nValid values include:\n\n* \"Authorization\"\n* \"Set-Cookie\"\n\nInvalid values include:\n\n - \":method\" - \":\" is an invalid character. This means that HTTP/2 pseudo\n headers are not currently supported by this type.\n - \"/invalid\" - \"/ \" is an invalid character" + maxLength: 256 + minLength: 1 + pattern: "^[A-Za-z0-9!#$%&'*+\\-.^_\\x60|~]+$" + type: "string" + maxItems: 64 + type: "array" + x-kubernetes-list-type: "set" + allowMethods: + description: "AllowMethods indicates which HTTP methods are supported for accessing the\nrequested resource.\n\nValid values are any method defined by RFC9110, along with the special\nvalue `*`, which represents all HTTP methods are allowed.\n\nMethod names are case sensitive, so these values are also case-sensitive.\n(See https://www.rfc-editor.org/rfc/rfc2616#section-5.1.1)\n\nMultiple method names in the value of the `Access-Control-Allow-Methods`\nresponse header are separated by a comma (\",\").\n\nA CORS-safelisted method is a method that is `GET`, `HEAD`, or `POST`.\n(See https://fetch.spec.whatwg.org/#cors-safelisted-method) The\nCORS-safelisted methods are always allowed, regardless of whether they\nare specified in the `AllowMethods` field.\n\nWhen the `AllowMethods` field is configured with one or more methods, the\ngateway must return the `Access-Control-Allow-Methods` response header\nwhich value is present in the `AllowMethods` field.\n\nIf the HTTP method of the `Access-Control-Request-Method` request header\nis not included in the list of methods specified by the response header\n`Access-Control-Allow-Methods`, it will present an error on the client\nside.\n\nThe `Access-Control-Allow-Methods` response header can only use `*`\nwildcard as value when the `AllowCredentials` field is unspecified.\n\nWhen the `AllowCredentials` field is specified and `AllowMethods` field\nspecified with the `*` wildcard, the gateway must specify one HTTP method\nin the value of the Access-Control-Allow-Methods response header. The\nvalue of the header `Access-Control-Allow-Methods` is same as the\n`Access-Control-Request-Method` header provided by the client. If the\nheader `Access-Control-Request-Method` is not included in the request,\nthe gateway will omit the `Access-Control-Allow-Methods` response header,\ninstead of specifying the `*` wildcard. A Gateway implementation may\nchoose to add implementation-specific default methods.\n\nSupport: Extended" + items: + enum: + - "GET" + - "HEAD" + - "POST" + - "PUT" + - "DELETE" + - "CONNECT" + - "OPTIONS" + - "TRACE" + - "PATCH" + - "*" + type: "string" + maxItems: 9 + type: "array" + x-kubernetes-list-type: "set" + x-kubernetes-validations: + - message: "AllowMethods cannot contain '*' alongside other methods" + rule: "!('*' in self && self.size() > 1)" + allowOrigins: + description: "AllowOrigins indicates whether the response can be shared with requested\nresource from the given `Origin`.\n\nThe `Origin` consists of a scheme and a host, with an optional port, and\ntakes the form `://(:)`.\n\nValid values for scheme are: `http` and `https`.\n\nValid values for port are any integer between 1 and 65535 (the list of\navailable TCP/UDP ports). Note that, if not included, port `80` is\nassumed for `http` scheme origins, and port `443` is assumed for `https`\norigins. This may affect origin matching.\n\nThe host part of the origin may contain the wildcard character `*`. These\nwildcard characters behave as follows:\n\n* `*` is a greedy match to the _left_, including any number of\n DNS labels to the left of its position. This also means that\n `*` will include any number of period `.` characters to the\n left of its position.\n* A wildcard by itself matches all hosts.\n\nAn origin value that includes _only_ the `*` character indicates requests\nfrom all `Origin`s are allowed.\n\nWhen the `AllowOrigins` field is configured with multiple origins, it\nmeans the server supports clients from multiple origins. If the request\n`Origin` matches the configured allowed origins, the gateway must return\nthe given `Origin` and sets value of the header\n`Access-Control-Allow-Origin` same as the `Origin` header provided by the\nclient.\n\nThe status code of a successful response to a \"preflight\" request is\nalways an OK status (i.e., 204 or 200).\n\nIf the request `Origin` does not match the configured allowed origins,\nthe gateway returns 204/200 response but doesn't set the relevant\ncross-origin response headers. Alternatively, the gateway responds with\n403 status to the \"preflight\" request is denied, coupled with omitting\nthe CORS headers. The cross-origin request fails on the client side.\nTherefore, the client doesn't attempt the actual cross-origin request.\n\nThe `Access-Control-Allow-Origin` response header can only use `*`\nwildcard as value when the `AllowCredentials` field is unspecified.\n\nWhen the `AllowCredentials` field is specified and `AllowOrigins` field\nspecified with the `*` wildcard, the gateway must return a single origin\nin the value of the `Access-Control-Allow-Origin` response header,\ninstead of specifying the `*` wildcard. The value of the header\n`Access-Control-Allow-Origin` is same as the `Origin` header provided by\nthe client.\n\nSupport: Extended" + items: + description: "The AbsoluteURI MUST NOT be a relative URI, and it MUST follow the URI syntax and\nencoding rules specified in RFC3986. The AbsoluteURI MUST include both a\nscheme (e.g., \"http\" or \"spiffe\") and a scheme-specific-part. URIs that\ninclude an authority MUST include a fully qualified domain name or\nIP address as the host.\n The below regex is taken from the regex section in RFC 3986 with a slight modification to enforce a full URI and not relative. " + maxLength: 253 + minLength: 1 + pattern: "^(([^:/?#]+):)(//([^/?#]*))([^?#]*)(\\?([^#]*))?(#(.*))?" + type: "string" + maxItems: 64 + type: "array" + x-kubernetes-list-type: "set" + exposeHeaders: + description: "ExposeHeaders indicates which HTTP response headers can be exposed\nto client-side scripts in response to a cross-origin request.\n\nA CORS-safelisted response header is an HTTP header in a CORS response\nthat it is considered safe to expose to the client scripts.\nThe CORS-safelisted response headers include the following headers:\n`Cache-Control`\n`Content-Language`\n`Content-Length`\n`Content-Type`\n`Expires`\n`Last-Modified`\n`Pragma`\n(See https://fetch.spec.whatwg.org/#cors-safelisted-response-header-name)\nThe CORS-safelisted response headers are exposed to client by default.\n\nWhen an HTTP header name is specified using the `ExposeHeaders` field,\nthis additional header will be exposed as part of the response to the\nclient.\n\nHeader names are not case sensitive.\n\nMultiple header names in the value of the `Access-Control-Expose-Headers`\nresponse header are separated by a comma (\",\").\n\nA wildcard indicates that the responses with all HTTP headers are exposed\nto clients. The `Access-Control-Expose-Headers` response header can only\nuse `*` wildcard as value when the `AllowCredentials` field is\nunspecified.\n\nSupport: Extended" + items: + description: "HTTPHeaderName is the name of an HTTP header.\n\nValid values include:\n\n* \"Authorization\"\n* \"Set-Cookie\"\n\nInvalid values include:\n\n - \":method\" - \":\" is an invalid character. This means that HTTP/2 pseudo\n headers are not currently supported by this type.\n - \"/invalid\" - \"/ \" is an invalid character" + maxLength: 256 + minLength: 1 + pattern: "^[A-Za-z0-9!#$%&'*+\\-.^_\\x60|~]+$" + type: "string" + maxItems: 64 + type: "array" + x-kubernetes-list-type: "set" + maxAge: + default: 5 + description: "MaxAge indicates the duration (in seconds) for the client to cache the\nresults of a \"preflight\" request.\n\nThe information provided by the `Access-Control-Allow-Methods` and\n`Access-Control-Allow-Headers` response headers can be cached by the\nclient until the time specified by `Access-Control-Max-Age` elapses.\n\nThe default value of `Access-Control-Max-Age` response header is 5\n(seconds)." + format: "int32" + minimum: 1.0 + type: "integer" + type: "object" + extensionRef: + description: "ExtensionRef is an optional, implementation-specific extension to the\n\"filter\" behavior. For example, resource \"myroutefilter\" in group\n\"networking.example.net\"). ExtensionRef MUST NOT be used for core and\nextended filters.\n\nThis filter can be used multiple times within the same rule.\n\nSupport: Implementation-specific" + properties: + group: + description: "Group is the group of the referent. For example, \"gateway.networking.k8s.io\".\nWhen unspecified or empty string, core API group is inferred." + maxLength: 253 + pattern: "^$|^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$" + type: "string" + kind: + description: "Kind is kind of the referent. For example \"HTTPRoute\" or \"Service\"." + maxLength: 63 + minLength: 1 + pattern: "^[a-zA-Z]([-a-zA-Z0-9]*[a-zA-Z0-9])?$" + type: "string" + name: + description: "Name is the name of the referent." + maxLength: 253 + minLength: 1 + type: "string" + required: + - "group" + - "kind" + - "name" + type: "object" + requestHeaderModifier: + description: "RequestHeaderModifier defines a schema for a filter that modifies request\nheaders.\n\nSupport: Core" + properties: + add: + description: "Add adds the given header(s) (name, value) to the request\nbefore the action. It appends to any existing values associated\nwith the header name.\n\nInput:\n GET /foo HTTP/1.1\n my-header: foo\n\nConfig:\n add:\n - name: \"my-header\"\n value: \"bar,baz\"\n\nOutput:\n GET /foo HTTP/1.1\n my-header: foo,bar,baz" + items: + description: "HTTPHeader represents an HTTP Header name and value as defined by RFC 7230." + properties: + name: + description: "Name is the name of the HTTP Header to be matched. Name matching MUST be\ncase-insensitive. (See https://tools.ietf.org/html/rfc7230#section-3.2).\n\nIf multiple entries specify equivalent header names, the first entry with\nan equivalent name MUST be considered for a match. Subsequent entries\nwith an equivalent header name MUST be ignored. Due to the\ncase-insensitivity of header names, \"foo\" and \"Foo\" are considered\nequivalent." + maxLength: 256 + minLength: 1 + pattern: "^[A-Za-z0-9!#$%&'*+\\-.^_\\x60|~]+$" + type: "string" + value: + description: "Value is the value of HTTP Header to be matched." + maxLength: 4096 + minLength: 1 + type: "string" + required: + - "name" + - "value" + type: "object" + maxItems: 16 + type: "array" + x-kubernetes-list-map-keys: + - "name" + x-kubernetes-list-type: "map" + remove: + description: "Remove the given header(s) from the HTTP request before the action. The\nvalue of Remove is a list of HTTP header names. Note that the header\nnames are case-insensitive (see\nhttps://datatracker.ietf.org/doc/html/rfc2616#section-4.2).\n\nInput:\n GET /foo HTTP/1.1\n my-header1: foo\n my-header2: bar\n my-header3: baz\n\nConfig:\n remove: [\"my-header1\", \"my-header3\"]\n\nOutput:\n GET /foo HTTP/1.1\n my-header2: bar" + items: + type: "string" + maxItems: 16 + type: "array" + x-kubernetes-list-type: "set" + set: + description: "Set overwrites the request with the given header (name, value)\nbefore the action.\n\nInput:\n GET /foo HTTP/1.1\n my-header: foo\n\nConfig:\n set:\n - name: \"my-header\"\n value: \"bar\"\n\nOutput:\n GET /foo HTTP/1.1\n my-header: bar" + items: + description: "HTTPHeader represents an HTTP Header name and value as defined by RFC 7230." + properties: + name: + description: "Name is the name of the HTTP Header to be matched. Name matching MUST be\ncase-insensitive. (See https://tools.ietf.org/html/rfc7230#section-3.2).\n\nIf multiple entries specify equivalent header names, the first entry with\nan equivalent name MUST be considered for a match. Subsequent entries\nwith an equivalent header name MUST be ignored. Due to the\ncase-insensitivity of header names, \"foo\" and \"Foo\" are considered\nequivalent." + maxLength: 256 + minLength: 1 + pattern: "^[A-Za-z0-9!#$%&'*+\\-.^_\\x60|~]+$" + type: "string" + value: + description: "Value is the value of HTTP Header to be matched." + maxLength: 4096 + minLength: 1 + type: "string" + required: + - "name" + - "value" + type: "object" + maxItems: 16 + type: "array" + x-kubernetes-list-map-keys: + - "name" + x-kubernetes-list-type: "map" + type: "object" + requestMirror: + description: "RequestMirror defines a schema for a filter that mirrors requests.\nRequests are sent to the specified destination, but responses from\nthat destination are ignored.\n\nThis filter can be used multiple times within the same rule. Note that\nnot all implementations will be able to support mirroring to multiple\nbackends.\n\nSupport: Extended" + properties: + backendRef: + description: "BackendRef references a resource where mirrored requests are sent.\n\nMirrored requests must be sent only to a single destination endpoint\nwithin this BackendRef, irrespective of how many endpoints are present\nwithin this BackendRef.\n\nIf the referent cannot be found, this BackendRef is invalid and must be\ndropped from the Gateway. The controller must ensure the \"ResolvedRefs\"\ncondition on the Route status is set to `status: False` and not configure\nthis backend in the underlying implementation.\n\nIf there is a cross-namespace reference to an *existing* object\nthat is not allowed by a ReferenceGrant, the controller must ensure the\n\"ResolvedRefs\" condition on the Route is set to `status: False`,\nwith the \"RefNotPermitted\" reason and not configure this backend in the\nunderlying implementation.\n\nIn either error case, the Message of the `ResolvedRefs` Condition\nshould be used to provide more detail about the problem.\n\nSupport: Extended for Kubernetes Service\n\nSupport: Implementation-specific for any other resource" + properties: + group: + default: "" + description: "Group is the group of the referent. For example, \"gateway.networking.k8s.io\".\nWhen unspecified or empty string, core API group is inferred." + maxLength: 253 + pattern: "^$|^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$" + type: "string" + kind: + default: "Service" + description: "Kind is the Kubernetes resource kind of the referent. For example\n\"Service\".\n\nDefaults to \"Service\" when not specified.\n\nExternalName services can refer to CNAME DNS records that may live\noutside of the cluster and as such are difficult to reason about in\nterms of conformance. They also may not be safe to forward to (see\nCVE-2021-25740 for more information). Implementations SHOULD NOT\nsupport ExternalName Services.\n\nSupport: Core (Services with a type other than ExternalName)\n\nSupport: Implementation-specific (Services with type ExternalName)" + maxLength: 63 + minLength: 1 + pattern: "^[a-zA-Z]([-a-zA-Z0-9]*[a-zA-Z0-9])?$" + type: "string" + name: + description: "Name is the name of the referent." + maxLength: 253 + minLength: 1 + type: "string" + namespace: + description: "Namespace is the namespace of the backend. When unspecified, the local\nnamespace is inferred.\n\nNote that when a namespace different than the local namespace is specified,\na ReferenceGrant object is required in the referent namespace to allow that\nnamespace's owner to accept the reference. See the ReferenceGrant\ndocumentation for details.\n\nSupport: Core" + maxLength: 63 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?$" + type: "string" + port: + description: "Port specifies the destination port number to use for this resource.\nPort is required when the referent is a Kubernetes Service. In this\ncase, the port number is the service port number, not the target port.\nFor other resources, destination port might be derived from the referent\nresource or this field." + format: "int32" + maximum: 65535.0 + minimum: 1.0 + type: "integer" + required: + - "name" + type: "object" + x-kubernetes-validations: + - message: "Must have port for Service reference" + rule: "(size(self.group) == 0 && self.kind == 'Service') ? has(self.port) : true" + fraction: + description: "Fraction represents the fraction of requests that should be\nmirrored to BackendRef.\n\nOnly one of Fraction or Percent may be specified. If neither field\nis specified, 100% of requests will be mirrored." + properties: + denominator: + default: 100 + format: "int32" + minimum: 1.0 + type: "integer" + numerator: + format: "int32" + minimum: 0.0 + type: "integer" + required: + - "numerator" + type: "object" + x-kubernetes-validations: + - message: "numerator must be less than or equal to denominator" + rule: "self.numerator <= self.denominator" + percent: + description: "Percent represents the percentage of requests that should be\nmirrored to BackendRef. Its minimum value is 0 (indicating 0% of\nrequests) and its maximum value is 100 (indicating 100% of requests).\n\nOnly one of Fraction or Percent may be specified. If neither field\nis specified, 100% of requests will be mirrored." + format: "int32" + maximum: 100.0 + minimum: 0.0 + type: "integer" + required: + - "backendRef" + type: "object" + x-kubernetes-validations: + - message: "Only one of percent or fraction may be specified in HTTPRequestMirrorFilter" + rule: "!(has(self.percent) && has(self.fraction))" + requestRedirect: + description: "RequestRedirect defines a schema for a filter that responds to the\nrequest with an HTTP redirection.\n\nSupport: Core" + properties: + hostname: + description: "Hostname is the hostname to be used in the value of the `Location`\nheader in the response.\nWhen empty, the hostname in the `Host` header of the request is used.\n\nSupport: Core" + maxLength: 253 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$" + type: "string" + path: + description: "Path defines parameters used to modify the path of the incoming request.\nThe modified path is then used to construct the `Location` header. When\nempty, the request path is used as-is.\n\nSupport: Extended" + properties: + replaceFullPath: + description: "ReplaceFullPath specifies the value with which to replace the full path\nof a request during a rewrite or redirect." + maxLength: 1024 + type: "string" + replacePrefixMatch: + description: "ReplacePrefixMatch specifies the value with which to replace the prefix\nmatch of a request during a rewrite or redirect. For example, a request\nto \"/foo/bar\" with a prefix match of \"/foo\" and a ReplacePrefixMatch\nof \"/xyz\" would be modified to \"/xyz/bar\".\n\nNote that this matches the behavior of the PathPrefix match type. This\nmatches full path elements. A path element refers to the list of labels\nin the path split by the `/` separator. When specified, a trailing `/` is\nignored. For example, the paths `/abc`, `/abc/`, and `/abc/def` would all\nmatch the prefix `/abc`, but the path `/abcd` would not.\n\nReplacePrefixMatch is only compatible with a `PathPrefix` HTTPRouteMatch.\nUsing any other HTTPRouteMatch type on the same HTTPRouteRule will result in\nthe implementation setting the Accepted Condition for the Route to `status: False`.\n\nRequest Path | Prefix Match | Replace Prefix | Modified Path" + maxLength: 1024 + type: "string" + type: + description: "Type defines the type of path modifier. Additional types may be\nadded in a future release of the API.\n\nNote that values may be added to this enum, implementations\nmust ensure that unknown values will not cause a crash.\n\nUnknown values here must result in the implementation setting the\nAccepted Condition for the Route to `status: False`, with a\nReason of `UnsupportedValue`." + enum: + - "ReplaceFullPath" + - "ReplacePrefixMatch" + type: "string" + required: + - "type" + type: "object" + x-kubernetes-validations: + - message: "replaceFullPath must be specified when type is set to 'ReplaceFullPath'" + rule: "self.type == 'ReplaceFullPath' ? has(self.replaceFullPath) : true" + - message: "type must be 'ReplaceFullPath' when replaceFullPath is set" + rule: "has(self.replaceFullPath) ? self.type == 'ReplaceFullPath' : true" + - message: "replacePrefixMatch must be specified when type is set to 'ReplacePrefixMatch'" + rule: "self.type == 'ReplacePrefixMatch' ? has(self.replacePrefixMatch) : true" + - message: "type must be 'ReplacePrefixMatch' when replacePrefixMatch is set" + rule: "has(self.replacePrefixMatch) ? self.type == 'ReplacePrefixMatch' : true" + port: + description: "Port is the port to be used in the value of the `Location`\nheader in the response.\n\nIf no port is specified, the redirect port MUST be derived using the\nfollowing rules:\n\n* If redirect scheme is not-empty, the redirect port MUST be the well-known\n port associated with the redirect scheme. Specifically \"http\" to port 80\n and \"https\" to port 443. If the redirect scheme does not have a\n well-known port, the listener port of the Gateway SHOULD be used.\n* If redirect scheme is empty, the redirect port MUST be the Gateway\n Listener port.\n\nImplementations SHOULD NOT add the port number in the 'Location'\nheader in the following cases:\n\n* A Location header that will use HTTP (whether that is determined via\n the Listener protocol or the Scheme field) _and_ use port 80.\n* A Location header that will use HTTPS (whether that is determined via\n the Listener protocol or the Scheme field) _and_ use port 443.\n\nSupport: Extended" + format: "int32" + maximum: 65535.0 + minimum: 1.0 + type: "integer" + scheme: + description: "Scheme is the scheme to be used in the value of the `Location` header in\nthe response. When empty, the scheme of the request is used.\n\nScheme redirects can affect the port of the redirect, for more information,\nrefer to the documentation for the port field of this filter.\n\nNote that values may be added to this enum, implementations\nmust ensure that unknown values will not cause a crash.\n\nUnknown values here must result in the implementation setting the\nAccepted Condition for the Route to `status: False`, with a\nReason of `UnsupportedValue`.\n\nSupport: Extended" + enum: + - "http" + - "https" + type: "string" + statusCode: + default: 302 + description: "StatusCode is the HTTP status code to be used in response.\n\nNote that values may be added to this enum, implementations\nmust ensure that unknown values will not cause a crash.\n\nUnknown values here must result in the implementation setting the\nAccepted Condition for the Route to `status: False`, with a\nReason of `UnsupportedValue`.\n\nSupport: Core" + enum: + - 301 + - 302 + type: "integer" + type: "object" + responseHeaderModifier: + description: "ResponseHeaderModifier defines a schema for a filter that modifies response\nheaders.\n\nSupport: Extended" + properties: + add: + description: "Add adds the given header(s) (name, value) to the request\nbefore the action. It appends to any existing values associated\nwith the header name.\n\nInput:\n GET /foo HTTP/1.1\n my-header: foo\n\nConfig:\n add:\n - name: \"my-header\"\n value: \"bar,baz\"\n\nOutput:\n GET /foo HTTP/1.1\n my-header: foo,bar,baz" + items: + description: "HTTPHeader represents an HTTP Header name and value as defined by RFC 7230." + properties: + name: + description: "Name is the name of the HTTP Header to be matched. Name matching MUST be\ncase-insensitive. (See https://tools.ietf.org/html/rfc7230#section-3.2).\n\nIf multiple entries specify equivalent header names, the first entry with\nan equivalent name MUST be considered for a match. Subsequent entries\nwith an equivalent header name MUST be ignored. Due to the\ncase-insensitivity of header names, \"foo\" and \"Foo\" are considered\nequivalent." + maxLength: 256 + minLength: 1 + pattern: "^[A-Za-z0-9!#$%&'*+\\-.^_\\x60|~]+$" + type: "string" + value: + description: "Value is the value of HTTP Header to be matched." + maxLength: 4096 + minLength: 1 + type: "string" + required: + - "name" + - "value" + type: "object" + maxItems: 16 + type: "array" + x-kubernetes-list-map-keys: + - "name" + x-kubernetes-list-type: "map" + remove: + description: "Remove the given header(s) from the HTTP request before the action. The\nvalue of Remove is a list of HTTP header names. Note that the header\nnames are case-insensitive (see\nhttps://datatracker.ietf.org/doc/html/rfc2616#section-4.2).\n\nInput:\n GET /foo HTTP/1.1\n my-header1: foo\n my-header2: bar\n my-header3: baz\n\nConfig:\n remove: [\"my-header1\", \"my-header3\"]\n\nOutput:\n GET /foo HTTP/1.1\n my-header2: bar" + items: + type: "string" + maxItems: 16 + type: "array" + x-kubernetes-list-type: "set" + set: + description: "Set overwrites the request with the given header (name, value)\nbefore the action.\n\nInput:\n GET /foo HTTP/1.1\n my-header: foo\n\nConfig:\n set:\n - name: \"my-header\"\n value: \"bar\"\n\nOutput:\n GET /foo HTTP/1.1\n my-header: bar" + items: + description: "HTTPHeader represents an HTTP Header name and value as defined by RFC 7230." + properties: + name: + description: "Name is the name of the HTTP Header to be matched. Name matching MUST be\ncase-insensitive. (See https://tools.ietf.org/html/rfc7230#section-3.2).\n\nIf multiple entries specify equivalent header names, the first entry with\nan equivalent name MUST be considered for a match. Subsequent entries\nwith an equivalent header name MUST be ignored. Due to the\ncase-insensitivity of header names, \"foo\" and \"Foo\" are considered\nequivalent." + maxLength: 256 + minLength: 1 + pattern: "^[A-Za-z0-9!#$%&'*+\\-.^_\\x60|~]+$" + type: "string" + value: + description: "Value is the value of HTTP Header to be matched." + maxLength: 4096 + minLength: 1 + type: "string" + required: + - "name" + - "value" + type: "object" + maxItems: 16 + type: "array" + x-kubernetes-list-map-keys: + - "name" + x-kubernetes-list-type: "map" + type: "object" + type: + description: "Type identifies the type of filter to apply. As with other API fields,\ntypes are classified into three conformance levels:\n\n- Core: Filter types and their corresponding configuration defined by\n \"Support: Core\" in this package, e.g. \"RequestHeaderModifier\". All\n implementations must support core filters.\n\n- Extended: Filter types and their corresponding configuration defined by\n \"Support: Extended\" in this package, e.g. \"RequestMirror\". Implementers\n are encouraged to support extended filters.\n\n- Implementation-specific: Filters that are defined and supported by\n specific vendors.\n In the future, filters showing convergence in behavior across multiple\n implementations will be considered for inclusion in extended or core\n conformance levels. Filter-specific configuration for such filters\n is specified using the ExtensionRef field. `Type` should be set to\n \"ExtensionRef\" for custom filters.\n\nImplementers are encouraged to define custom implementation types to\nextend the core API with implementation-specific behavior.\n\nIf a reference to a custom filter type cannot be resolved, the filter\nMUST NOT be skipped. Instead, requests that would have been processed by\nthat filter MUST receive a HTTP error response.\n\nNote that values may be added to this enum, implementations\nmust ensure that unknown values will not cause a crash.\n\nUnknown values here must result in the implementation setting the\nAccepted Condition for the Route to `status: False`, with a\nReason of `UnsupportedValue`.\n\n" + enum: + - "RequestHeaderModifier" + - "ResponseHeaderModifier" + - "RequestMirror" + - "RequestRedirect" + - "URLRewrite" + - "ExtensionRef" + type: "string" + urlRewrite: + description: "URLRewrite defines a schema for a filter that modifies a request during forwarding.\n\nSupport: Extended" + properties: + hostname: + description: "Hostname is the value to be used to replace the Host header value during\nforwarding.\n\nSupport: Extended" + maxLength: 253 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$" + type: "string" + path: + description: "Path defines a path rewrite.\n\nSupport: Extended" + properties: + replaceFullPath: + description: "ReplaceFullPath specifies the value with which to replace the full path\nof a request during a rewrite or redirect." + maxLength: 1024 + type: "string" + replacePrefixMatch: + description: "ReplacePrefixMatch specifies the value with which to replace the prefix\nmatch of a request during a rewrite or redirect. For example, a request\nto \"/foo/bar\" with a prefix match of \"/foo\" and a ReplacePrefixMatch\nof \"/xyz\" would be modified to \"/xyz/bar\".\n\nNote that this matches the behavior of the PathPrefix match type. This\nmatches full path elements. A path element refers to the list of labels\nin the path split by the `/` separator. When specified, a trailing `/` is\nignored. For example, the paths `/abc`, `/abc/`, and `/abc/def` would all\nmatch the prefix `/abc`, but the path `/abcd` would not.\n\nReplacePrefixMatch is only compatible with a `PathPrefix` HTTPRouteMatch.\nUsing any other HTTPRouteMatch type on the same HTTPRouteRule will result in\nthe implementation setting the Accepted Condition for the Route to `status: False`.\n\nRequest Path | Prefix Match | Replace Prefix | Modified Path" + maxLength: 1024 + type: "string" + type: + description: "Type defines the type of path modifier. Additional types may be\nadded in a future release of the API.\n\nNote that values may be added to this enum, implementations\nmust ensure that unknown values will not cause a crash.\n\nUnknown values here must result in the implementation setting the\nAccepted Condition for the Route to `status: False`, with a\nReason of `UnsupportedValue`." + enum: + - "ReplaceFullPath" + - "ReplacePrefixMatch" + type: "string" + required: + - "type" + type: "object" + x-kubernetes-validations: + - message: "replaceFullPath must be specified when type is set to 'ReplaceFullPath'" + rule: "self.type == 'ReplaceFullPath' ? has(self.replaceFullPath) : true" + - message: "type must be 'ReplaceFullPath' when replaceFullPath is set" + rule: "has(self.replaceFullPath) ? self.type == 'ReplaceFullPath' : true" + - message: "replacePrefixMatch must be specified when type is set to 'ReplacePrefixMatch'" + rule: "self.type == 'ReplacePrefixMatch' ? has(self.replacePrefixMatch) : true" + - message: "type must be 'ReplacePrefixMatch' when replacePrefixMatch is set" + rule: "has(self.replacePrefixMatch) ? self.type == 'ReplacePrefixMatch' : true" + type: "object" + required: + - "type" + type: "object" + x-kubernetes-validations: + - message: "filter.requestHeaderModifier must be nil if the filter.type is not RequestHeaderModifier" + rule: "!(has(self.requestHeaderModifier) && self.type != 'RequestHeaderModifier')" + - message: "filter.requestHeaderModifier must be specified for RequestHeaderModifier filter.type" + rule: "!(!has(self.requestHeaderModifier) && self.type == 'RequestHeaderModifier')" + - message: "filter.responseHeaderModifier must be nil if the filter.type is not ResponseHeaderModifier" + rule: "!(has(self.responseHeaderModifier) && self.type != 'ResponseHeaderModifier')" + - message: "filter.responseHeaderModifier must be specified for ResponseHeaderModifier filter.type" + rule: "!(!has(self.responseHeaderModifier) && self.type == 'ResponseHeaderModifier')" + - message: "filter.requestMirror must be nil if the filter.type is not RequestMirror" + rule: "!(has(self.requestMirror) && self.type != 'RequestMirror')" + - message: "filter.requestMirror must be specified for RequestMirror filter.type" + rule: "!(!has(self.requestMirror) && self.type == 'RequestMirror')" + - message: "filter.requestRedirect must be nil if the filter.type is not RequestRedirect" + rule: "!(has(self.requestRedirect) && self.type != 'RequestRedirect')" + - message: "filter.requestRedirect must be specified for RequestRedirect filter.type" + rule: "!(!has(self.requestRedirect) && self.type == 'RequestRedirect')" + - message: "filter.urlRewrite must be nil if the filter.type is not URLRewrite" + rule: "!(has(self.urlRewrite) && self.type != 'URLRewrite')" + - message: "filter.urlRewrite must be specified for URLRewrite filter.type" + rule: "!(!has(self.urlRewrite) && self.type == 'URLRewrite')" + - message: "filter.extensionRef must be nil if the filter.type is not ExtensionRef" + rule: "!(has(self.extensionRef) && self.type != 'ExtensionRef')" + - message: "filter.extensionRef must be specified for ExtensionRef filter.type" + rule: "!(!has(self.extensionRef) && self.type == 'ExtensionRef')" + maxItems: 16 + type: "array" + x-kubernetes-validations: + - message: "May specify either httpRouteFilterRequestRedirect or httpRouteFilterRequestRewrite, but not both" + rule: "!(self.exists(f, f.type == 'RequestRedirect') && self.exists(f, f.type == 'URLRewrite'))" + - message: "RequestHeaderModifier filter cannot be repeated" + rule: "self.filter(f, f.type == 'RequestHeaderModifier').size() <= 1" + - message: "ResponseHeaderModifier filter cannot be repeated" + rule: "self.filter(f, f.type == 'ResponseHeaderModifier').size() <= 1" + - message: "RequestRedirect filter cannot be repeated" + rule: "self.filter(f, f.type == 'RequestRedirect').size() <= 1" + - message: "URLRewrite filter cannot be repeated" + rule: "self.filter(f, f.type == 'URLRewrite').size() <= 1" + matches: + default: + - path: + type: "PathPrefix" + value: "/" + description: "Matches define conditions used for matching the rule against incoming\nHTTP requests. Each match is independent, i.e. this rule will be matched\nif **any** one of the matches is satisfied.\n\nFor example, take the following matches configuration:\n\n```\nmatches:\n- path:\n value: \"/foo\"\n headers:\n - name: \"version\"\n value: \"v2\"\n- path:\n value: \"/v2/foo\"\n```\n\nFor a request to match against this rule, a request must satisfy\nEITHER of the two conditions:\n\n- path prefixed with `/foo` AND contains the header `version: v2`\n- path prefix of `/v2/foo`\n\nSee the documentation for HTTPRouteMatch on how to specify multiple\nmatch conditions that should be ANDed together.\n\nIf no matches are specified, the default is a prefix\npath match on \"/\", which has the effect of matching every\nHTTP request.\n\nProxy or Load Balancer routing configuration generated from HTTPRoutes\nMUST prioritize matches based on the following criteria, continuing on\nties. Across all rules specified on applicable Routes, precedence must be\ngiven to the match having:\n\n* \"Exact\" path match.\n* \"Prefix\" path match with largest number of characters.\n* Method match.\n* Largest number of header matches.\n* Largest number of query param matches.\n\nNote: The precedence of RegularExpression path matches are implementation-specific.\n\nIf ties still exist across multiple Routes, matching precedence MUST be\ndetermined in order of the following criteria, continuing on ties:\n\n* The oldest Route based on creation timestamp.\n* The Route appearing first in alphabetical order by\n \"{namespace}/{name}\".\n\nIf ties still exist within an HTTPRoute, matching precedence MUST be granted\nto the FIRST matching rule (in list order) with a match meeting the above\ncriteria.\n\nWhen no rules matching a request have been successfully attached to the\nparent a request is coming from, a HTTP 404 status code MUST be returned." + items: + description: "HTTPRouteMatch defines the predicate used to match requests to a given\naction. Multiple match types are ANDed together, i.e. the match will\nevaluate to true only if all conditions are satisfied.\n\nFor example, the match below will match a HTTP request only if its path\nstarts with `/foo` AND it contains the `version: v1` header:\n\n```\nmatch:\n\n\tpath:\n\t value: \"/foo\"\n\theaders:\n\t- name: \"version\"\n\t value \"v1\"\n\n```" + properties: + headers: + description: "Headers specifies HTTP request header matchers. Multiple match values are\nANDed together, meaning, a request must match all the specified headers\nto select the route." + items: + description: "HTTPHeaderMatch describes how to select a HTTP route by matching HTTP request\nheaders." + properties: + name: + description: "Name is the name of the HTTP Header to be matched. Name matching MUST be\ncase-insensitive. (See https://tools.ietf.org/html/rfc7230#section-3.2).\n\nIf multiple entries specify equivalent header names, only the first\nentry with an equivalent name MUST be considered for a match. Subsequent\nentries with an equivalent header name MUST be ignored. Due to the\ncase-insensitivity of header names, \"foo\" and \"Foo\" are considered\nequivalent.\n\nWhen a header is repeated in an HTTP request, it is\nimplementation-specific behavior as to how this is represented.\nGenerally, proxies should follow the guidance from the RFC:\nhttps://www.rfc-editor.org/rfc/rfc7230.html#section-3.2.2 regarding\nprocessing a repeated header, with special handling for \"Set-Cookie\"." + maxLength: 256 + minLength: 1 + pattern: "^[A-Za-z0-9!#$%&'*+\\-.^_\\x60|~]+$" + type: "string" + type: + default: "Exact" + description: "Type specifies how to match against the value of the header.\n\nSupport: Core (Exact)\n\nSupport: Implementation-specific (RegularExpression)\n\nSince RegularExpression HeaderMatchType has implementation-specific\nconformance, implementations can support POSIX, PCRE or any other dialects\nof regular expressions. Please read the implementation's documentation to\ndetermine the supported dialect." + enum: + - "Exact" + - "RegularExpression" + type: "string" + value: + description: "Value is the value of HTTP Header to be matched." + maxLength: 4096 + minLength: 1 + type: "string" + required: + - "name" + - "value" + type: "object" + maxItems: 16 + type: "array" + x-kubernetes-list-map-keys: + - "name" + x-kubernetes-list-type: "map" + method: + description: "Method specifies HTTP method matcher.\nWhen specified, this route will be matched only if the request has the\nspecified method.\n\nSupport: Extended" + enum: + - "GET" + - "HEAD" + - "POST" + - "PUT" + - "DELETE" + - "CONNECT" + - "OPTIONS" + - "TRACE" + - "PATCH" + type: "string" + path: + default: + type: "PathPrefix" + value: "/" + description: "Path specifies a HTTP request path matcher. If this field is not\nspecified, a default prefix match on the \"/\" path is provided." + properties: + type: + default: "PathPrefix" + description: "Type specifies how to match against the path Value.\n\nSupport: Core (Exact, PathPrefix)\n\nSupport: Implementation-specific (RegularExpression)" + enum: + - "Exact" + - "PathPrefix" + - "RegularExpression" + type: "string" + value: + default: "/" + description: "Value of the HTTP path to match against." + maxLength: 1024 + type: "string" + type: "object" + x-kubernetes-validations: + - message: "value must be an absolute path and start with '/' when type one of ['Exact', 'PathPrefix']" + rule: "(self.type in ['Exact','PathPrefix']) ? self.value.startsWith('/') : true" + - message: "must not contain '//' when type one of ['Exact', 'PathPrefix']" + rule: "(self.type in ['Exact','PathPrefix']) ? !self.value.contains('//') : true" + - message: "must not contain '/./' when type one of ['Exact', 'PathPrefix']" + rule: "(self.type in ['Exact','PathPrefix']) ? !self.value.contains('/./') : true" + - message: "must not contain '/../' when type one of ['Exact', 'PathPrefix']" + rule: "(self.type in ['Exact','PathPrefix']) ? !self.value.contains('/../') : true" + - message: "must not contain '%2f' when type one of ['Exact', 'PathPrefix']" + rule: "(self.type in ['Exact','PathPrefix']) ? !self.value.contains('%2f') : true" + - message: "must not contain '%2F' when type one of ['Exact', 'PathPrefix']" + rule: "(self.type in ['Exact','PathPrefix']) ? !self.value.contains('%2F') : true" + - message: "must not contain '#' when type one of ['Exact', 'PathPrefix']" + rule: "(self.type in ['Exact','PathPrefix']) ? !self.value.contains('#') : true" + - message: "must not end with '/..' when type one of ['Exact', 'PathPrefix']" + rule: "(self.type in ['Exact','PathPrefix']) ? !self.value.endsWith('/..') : true" + - message: "must not end with '/.' when type one of ['Exact', 'PathPrefix']" + rule: "(self.type in ['Exact','PathPrefix']) ? !self.value.endsWith('/.') : true" + - message: "type must be one of ['Exact', 'PathPrefix', 'RegularExpression']" + rule: "self.type in ['Exact','PathPrefix'] || self.type == 'RegularExpression'" + - message: "must only contain valid characters (matching ^(?:[-A-Za-z0-9/._~!$&'()*+,;=:@]|[%][0-9a-fA-F]{2})+$) for types ['Exact', 'PathPrefix']" + rule: "(self.type in ['Exact','PathPrefix']) ? self.value.matches(r\"\"\"^(?:[-A-Za-z0-9/._~!$&'()*+,;=:@]|[%][0-9a-fA-F]{2})+$\"\"\") : true" + queryParams: + description: "QueryParams specifies HTTP query parameter matchers. Multiple match\nvalues are ANDed together, meaning, a request must match all the\nspecified query parameters to select the route.\n\nSupport: Extended" + items: + description: "HTTPQueryParamMatch describes how to select a HTTP route by matching HTTP\nquery parameters." + properties: + name: + description: "Name is the name of the HTTP query param to be matched. This must be an\nexact string match. (See\nhttps://tools.ietf.org/html/rfc7230#section-2.7.3).\n\nIf multiple entries specify equivalent query param names, only the first\nentry with an equivalent name MUST be considered for a match. Subsequent\nentries with an equivalent query param name MUST be ignored.\n\nIf a query param is repeated in an HTTP request, the behavior is\npurposely left undefined, since different data planes have different\ncapabilities. However, it is *recommended* that implementations should\nmatch against the first value of the param if the data plane supports it,\nas this behavior is expected in other load balancing contexts outside of\nthe Gateway API.\n\nUsers SHOULD NOT route traffic based on repeated query params to guard\nthemselves against potential differences in the implementations." + maxLength: 256 + minLength: 1 + pattern: "^[A-Za-z0-9!#$%&'*+\\-.^_\\x60|~]+$" + type: "string" + type: + default: "Exact" + description: "Type specifies how to match against the value of the query parameter.\n\nSupport: Extended (Exact)\n\nSupport: Implementation-specific (RegularExpression)\n\nSince RegularExpression QueryParamMatchType has Implementation-specific\nconformance, implementations can support POSIX, PCRE or any other\ndialects of regular expressions. Please read the implementation's\ndocumentation to determine the supported dialect." + enum: + - "Exact" + - "RegularExpression" + type: "string" + value: + description: "Value is the value of HTTP query param to be matched." + maxLength: 1024 + minLength: 1 + type: "string" + required: + - "name" + - "value" + type: "object" + maxItems: 16 + type: "array" + x-kubernetes-list-map-keys: + - "name" + x-kubernetes-list-type: "map" + type: "object" + maxItems: 64 + type: "array" + name: + description: "Name is the name of the route rule. This name MUST be unique within a Route if it is set.\n\nSupport: Extended\n" + maxLength: 253 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$" + type: "string" + retry: + description: "Retry defines the configuration for when to retry an HTTP request.\n\nSupport: Extended\n\n" + properties: + attempts: + description: "Attempts specifies the maximum number of times an individual request\nfrom the gateway to a backend should be retried.\n\nIf the maximum number of retries has been attempted without a successful\nresponse from the backend, the Gateway MUST return an error.\n\nWhen this field is unspecified, the number of times to attempt to retry\na backend request is implementation-specific.\n\nSupport: Extended" + type: "integer" + backoff: + description: "Backoff specifies the minimum duration a Gateway should wait between\nretry attempts and is represented in Gateway API Duration formatting.\n\nFor example, setting the `rules[].retry.backoff` field to the value\n`100ms` will cause a backend request to first be retried approximately\n100 milliseconds after timing out or receiving a response code configured\nto be retryable.\n\nAn implementation MAY use an exponential or alternative backoff strategy\nfor subsequent retry attempts, MAY cap the maximum backoff duration to\nsome amount greater than the specified minimum, and MAY add arbitrary\njitter to stagger requests, as long as unsuccessful backend requests are\nnot retried before the configured minimum duration.\n\nIf a Request timeout (`rules[].timeouts.request`) is configured on the\nroute, the entire duration of the initial request and any retry attempts\nMUST not exceed the Request timeout duration. If any retry attempts are\nstill in progress when the Request timeout duration has been reached,\nthese SHOULD be canceled if possible and the Gateway MUST immediately\nreturn a timeout error.\n\nIf a BackendRequest timeout (`rules[].timeouts.backendRequest`) is\nconfigured on the route, any retry attempts which reach the configured\nBackendRequest timeout duration without a response SHOULD be canceled if\npossible and the Gateway should wait for at least the specified backoff\nduration before attempting to retry the backend request again.\n\nIf a BackendRequest timeout is _not_ configured on the route, retry\nattempts MAY time out after an implementation default duration, or MAY\nremain pending until a configured Request timeout or implementation\ndefault duration for total request time is reached.\n\nWhen this field is unspecified, the time to wait between retry attempts\nis implementation-specific.\n\nSupport: Extended" + pattern: "^([0-9]{1,5}(h|m|s|ms)){1,4}$" + type: "string" + codes: + description: "Codes defines the HTTP response status codes for which a backend request\nshould be retried.\n\nSupport: Extended" + items: + description: "HTTPRouteRetryStatusCode defines an HTTP response status code for\nwhich a backend request should be retried.\n\nImplementations MUST support the following status codes as retryable:\n\n* 500\n* 502\n* 503\n* 504\n\nImplementations MAY support specifying additional discrete values in the\n500-599 range.\n\nImplementations MAY support specifying discrete values in the 400-499 range,\nwhich are often inadvisable to retry.\n\n" + maximum: 599.0 + minimum: 400.0 + type: "integer" + type: "array" + type: "object" + sessionPersistence: + description: "SessionPersistence defines and configures session persistence\nfor the route rule.\n\nSupport: Extended\n\n" + properties: + absoluteTimeout: + description: "AbsoluteTimeout defines the absolute timeout of the persistent\nsession. Once the AbsoluteTimeout duration has elapsed, the\nsession becomes invalid.\n\nSupport: Extended" + pattern: "^([0-9]{1,5}(h|m|s|ms)){1,4}$" + type: "string" + cookieConfig: + description: "CookieConfig provides configuration settings that are specific\nto cookie-based session persistence.\n\nSupport: Core" + properties: + lifetimeType: + default: "Session" + description: "LifetimeType specifies whether the cookie has a permanent or\nsession-based lifetime. A permanent cookie persists until its\nspecified expiry time, defined by the Expires or Max-Age cookie\nattributes, while a session cookie is deleted when the current\nsession ends.\n\nWhen set to \"Permanent\", AbsoluteTimeout indicates the\ncookie's lifetime via the Expires or Max-Age cookie attributes\nand is required.\n\nWhen set to \"Session\", AbsoluteTimeout indicates the\nabsolute lifetime of the cookie tracked by the gateway and\nis optional.\n\nDefaults to \"Session\".\n\nSupport: Core for \"Session\" type\n\nSupport: Extended for \"Permanent\" type" + enum: + - "Permanent" + - "Session" + type: "string" + type: "object" + idleTimeout: + description: "IdleTimeout defines the idle timeout of the persistent session.\nOnce the session has been idle for more than the specified\nIdleTimeout duration, the session becomes invalid.\n\nSupport: Extended" + pattern: "^([0-9]{1,5}(h|m|s|ms)){1,4}$" + type: "string" + sessionName: + description: "SessionName defines the name of the persistent session token\nwhich may be reflected in the cookie or the header. Users\nshould avoid reusing session names to prevent unintended\nconsequences, such as rejection or unpredictable behavior.\n\nSupport: Implementation-specific" + maxLength: 128 + type: "string" + type: + default: "Cookie" + description: "Type defines the type of session persistence such as through\nthe use a header or cookie. Defaults to cookie based session\npersistence.\n\nSupport: Core for \"Cookie\" type\n\nSupport: Extended for \"Header\" type" + enum: + - "Cookie" + - "Header" + type: "string" + type: "object" + x-kubernetes-validations: + - message: "AbsoluteTimeout must be specified when cookie lifetimeType is Permanent" + rule: "!has(self.cookieConfig) || !has(self.cookieConfig.lifetimeType) || self.cookieConfig.lifetimeType != 'Permanent' || has(self.absoluteTimeout)" + timeouts: + description: "Timeouts defines the timeouts that can be configured for an HTTP request.\n\nSupport: Extended" + properties: + backendRequest: + description: "BackendRequest specifies a timeout for an individual request from the gateway\nto a backend. This covers the time from when the request first starts being\nsent from the gateway to when the full response has been received from the backend.\n\nSetting a timeout to the zero duration (e.g. \"0s\") SHOULD disable the timeout\ncompletely. Implementations that cannot completely disable the timeout MUST\ninstead interpret the zero duration as the longest possible value to which\nthe timeout can be set.\n\nAn entire client HTTP transaction with a gateway, covered by the Request timeout,\nmay result in more than one call from the gateway to the destination backend,\nfor example, if automatic retries are supported.\n\nThe value of BackendRequest must be a Gateway API Duration string as defined by\nGEP-2257. When this field is unspecified, its behavior is implementation-specific;\nwhen specified, the value of BackendRequest must be no more than the value of the\nRequest timeout (since the Request timeout encompasses the BackendRequest timeout).\n\nSupport: Extended" + pattern: "^([0-9]{1,5}(h|m|s|ms)){1,4}$" + type: "string" + request: + description: "Request specifies the maximum duration for a gateway to respond to an HTTP request.\nIf the gateway has not been able to respond before this deadline is met, the gateway\nMUST return a timeout error.\n\nFor example, setting the `rules.timeouts.request` field to the value `10s` in an\n`HTTPRoute` will cause a timeout if a client request is taking longer than 10 seconds\nto complete.\n\nSetting a timeout to the zero duration (e.g. \"0s\") SHOULD disable the timeout\ncompletely. Implementations that cannot completely disable the timeout MUST\ninstead interpret the zero duration as the longest possible value to which\nthe timeout can be set.\n\nThis timeout is intended to cover as close to the whole request-response transaction\nas possible although an implementation MAY choose to start the timeout after the entire\nrequest stream has been received instead of immediately after the transaction is\ninitiated by the client.\n\nThe value of Request is a Gateway API Duration string as defined by GEP-2257. When this\nfield is unspecified, request timeout behavior is implementation-specific.\n\nSupport: Extended" + pattern: "^([0-9]{1,5}(h|m|s|ms)){1,4}$" + type: "string" + type: "object" + x-kubernetes-validations: + - message: "backendRequest timeout cannot be longer than request timeout" + rule: "!(has(self.request) && has(self.backendRequest) && duration(self.request) != duration('0s') && duration(self.backendRequest) > duration(self.request))" + type: "object" + x-kubernetes-validations: + - message: "RequestRedirect filter must not be used together with backendRefs" + rule: "(has(self.backendRefs) && size(self.backendRefs) > 0) ? (!has(self.filters) || self.filters.all(f, !has(f.requestRedirect))): true" + - message: "When using RequestRedirect filter with path.replacePrefixMatch, exactly one PathPrefix match must be specified" + rule: "(has(self.filters) && self.filters.exists_one(f, has(f.requestRedirect) && has(f.requestRedirect.path) && f.requestRedirect.path.type == 'ReplacePrefixMatch' && has(f.requestRedirect.path.replacePrefixMatch))) ? ((size(self.matches) != 1 || !has(self.matches[0].path) || self.matches[0].path.type != 'PathPrefix') ? false : true) : true" + - message: "When using URLRewrite filter with path.replacePrefixMatch, exactly one PathPrefix match must be specified" + rule: "(has(self.filters) && self.filters.exists_one(f, has(f.urlRewrite) && has(f.urlRewrite.path) && f.urlRewrite.path.type == 'ReplacePrefixMatch' && has(f.urlRewrite.path.replacePrefixMatch))) ? ((size(self.matches) != 1 || !has(self.matches[0].path) || self.matches[0].path.type != 'PathPrefix') ? false : true) : true" + - message: "Within backendRefs, when using RequestRedirect filter with path.replacePrefixMatch, exactly one PathPrefix match must be specified" + rule: "(has(self.backendRefs) && self.backendRefs.exists_one(b, (has(b.filters) && b.filters.exists_one(f, has(f.requestRedirect) && has(f.requestRedirect.path) && f.requestRedirect.path.type == 'ReplacePrefixMatch' && has(f.requestRedirect.path.replacePrefixMatch))) )) ? ((size(self.matches) != 1 || !has(self.matches[0].path) || self.matches[0].path.type != 'PathPrefix') ? false : true) : true" + - message: "Within backendRefs, When using URLRewrite filter with path.replacePrefixMatch, exactly one PathPrefix match must be specified" + rule: "(has(self.backendRefs) && self.backendRefs.exists_one(b, (has(b.filters) && b.filters.exists_one(f, has(f.urlRewrite) && has(f.urlRewrite.path) && f.urlRewrite.path.type == 'ReplacePrefixMatch' && has(f.urlRewrite.path.replacePrefixMatch))) )) ? ((size(self.matches) != 1 || !has(self.matches[0].path) || self.matches[0].path.type != 'PathPrefix') ? false : true) : true" + maxItems: 16 + type: "array" + x-kubernetes-validations: + - message: "While 16 rules and 64 matches per rule are allowed, the total number of matches across all rules in a route must be less than 128" + rule: "(self.size() > 0 ? self[0].matches.size() : 0) + (self.size() > 1 ? self[1].matches.size() : 0) + (self.size() > 2 ? self[2].matches.size() : 0) + (self.size() > 3 ? self[3].matches.size() : 0) + (self.size() > 4 ? self[4].matches.size() : 0) + (self.size() > 5 ? self[5].matches.size() : 0) + (self.size() > 6 ? self[6].matches.size() : 0) + (self.size() > 7 ? self[7].matches.size() : 0) + (self.size() > 8 ? self[8].matches.size() : 0) + (self.size() > 9 ? self[9].matches.size() : 0) + (self.size() > 10 ? self[10].matches.size() : 0) + (self.size() > 11 ? self[11].matches.size() : 0) + (self.size() > 12 ? self[12].matches.size() : 0) + (self.size() > 13 ? self[13].matches.size() : 0) + (self.size() > 14 ? self[14].matches.size() : 0) + (self.size() > 15 ? self[15].matches.size() : 0) <= 128" + type: "object" + type: "object" ingress: description: "Ingress sets how the ingress object should look like with your grafana instance." properties: diff --git a/crd-catalog/istio/istio/networking.istio.io/v1/destinationrules.yaml b/crd-catalog/istio/istio/networking.istio.io/v1/destinationrules.yaml index 6cdb876c9..4a005fce7 100644 --- a/crd-catalog/istio/istio/networking.istio.io/v1/destinationrules.yaml +++ b/crd-catalog/istio/istio/networking.istio.io/v1/destinationrules.yaml @@ -311,7 +311,7 @@ spec: aggression: description: "This parameter controls the speed of traffic increase over the warmup duration." format: "double" - minimum: 1.0 + minimum: 0.0 nullable: true type: "number" duration: @@ -635,7 +635,7 @@ spec: aggression: description: "This parameter controls the speed of traffic increase over the warmup duration." format: "double" - minimum: 1.0 + minimum: 0.0 nullable: true type: "number" duration: @@ -1096,7 +1096,7 @@ spec: aggression: description: "This parameter controls the speed of traffic increase over the warmup duration." format: "double" - minimum: 1.0 + minimum: 0.0 nullable: true type: "number" duration: @@ -1420,7 +1420,7 @@ spec: aggression: description: "This parameter controls the speed of traffic increase over the warmup duration." format: "double" - minimum: 1.0 + minimum: 0.0 nullable: true type: "number" duration: diff --git a/crd-catalog/istio/istio/networking.istio.io/v1alpha3/destinationrules.yaml b/crd-catalog/istio/istio/networking.istio.io/v1alpha3/destinationrules.yaml index 8d94b3acb..df993c3de 100644 --- a/crd-catalog/istio/istio/networking.istio.io/v1alpha3/destinationrules.yaml +++ b/crd-catalog/istio/istio/networking.istio.io/v1alpha3/destinationrules.yaml @@ -311,7 +311,7 @@ spec: aggression: description: "This parameter controls the speed of traffic increase over the warmup duration." format: "double" - minimum: 1.0 + minimum: 0.0 nullable: true type: "number" duration: @@ -635,7 +635,7 @@ spec: aggression: description: "This parameter controls the speed of traffic increase over the warmup duration." format: "double" - minimum: 1.0 + minimum: 0.0 nullable: true type: "number" duration: @@ -1096,7 +1096,7 @@ spec: aggression: description: "This parameter controls the speed of traffic increase over the warmup duration." format: "double" - minimum: 1.0 + minimum: 0.0 nullable: true type: "number" duration: @@ -1420,7 +1420,7 @@ spec: aggression: description: "This parameter controls the speed of traffic increase over the warmup duration." format: "double" - minimum: 1.0 + minimum: 0.0 nullable: true type: "number" duration: diff --git a/crd-catalog/istio/istio/networking.istio.io/v1beta1/destinationrules.yaml b/crd-catalog/istio/istio/networking.istio.io/v1beta1/destinationrules.yaml index 7a12c20a6..ba2e50966 100644 --- a/crd-catalog/istio/istio/networking.istio.io/v1beta1/destinationrules.yaml +++ b/crd-catalog/istio/istio/networking.istio.io/v1beta1/destinationrules.yaml @@ -311,7 +311,7 @@ spec: aggression: description: "This parameter controls the speed of traffic increase over the warmup duration." format: "double" - minimum: 1.0 + minimum: 0.0 nullable: true type: "number" duration: @@ -635,7 +635,7 @@ spec: aggression: description: "This parameter controls the speed of traffic increase over the warmup duration." format: "double" - minimum: 1.0 + minimum: 0.0 nullable: true type: "number" duration: @@ -1096,7 +1096,7 @@ spec: aggression: description: "This parameter controls the speed of traffic increase over the warmup duration." format: "double" - minimum: 1.0 + minimum: 0.0 nullable: true type: "number" duration: @@ -1420,7 +1420,7 @@ spec: aggression: description: "This parameter controls the speed of traffic increase over the warmup duration." format: "double" - minimum: 1.0 + minimum: 0.0 nullable: true type: "number" duration: diff --git a/crd-catalog/istio/istio/telemetry.istio.io/v1/telemetries.yaml b/crd-catalog/istio/istio/telemetry.istio.io/v1/telemetries.yaml index 7cf596709..9e1d3544d 100644 --- a/crd-catalog/istio/istio/telemetry.istio.io/v1/telemetries.yaml +++ b/crd-catalog/istio/istio/telemetry.istio.io/v1/telemetries.yaml @@ -265,12 +265,16 @@ spec: - "environment" - required: - "header" + - required: + - "formatter" - required: - "literal" - required: - "environment" - required: - "header" + - required: + - "formatter" properties: environment: description: "Environment adds the value of an environment variable to each span." @@ -285,6 +289,16 @@ spec: required: - "name" type: "object" + formatter: + description: "Formatter adds the value of access logging substitution formatter." + properties: + value: + description: "The formatter tag value to use, same formatter as HTTP access logging (e.g." + minLength: 1 + type: "string" + required: + - "value" + type: "object" header: description: "RequestHeader adds the value of an header from the request to each span." properties: diff --git a/crd-catalog/istio/istio/telemetry.istio.io/v1alpha1/telemetries.yaml b/crd-catalog/istio/istio/telemetry.istio.io/v1alpha1/telemetries.yaml index 5b5f0b065..9854653ea 100644 --- a/crd-catalog/istio/istio/telemetry.istio.io/v1alpha1/telemetries.yaml +++ b/crd-catalog/istio/istio/telemetry.istio.io/v1alpha1/telemetries.yaml @@ -265,12 +265,16 @@ spec: - "environment" - required: - "header" + - required: + - "formatter" - required: - "literal" - required: - "environment" - required: - "header" + - required: + - "formatter" properties: environment: description: "Environment adds the value of an environment variable to each span." @@ -285,6 +289,16 @@ spec: required: - "name" type: "object" + formatter: + description: "Formatter adds the value of access logging substitution formatter." + properties: + value: + description: "The formatter tag value to use, same formatter as HTTP access logging (e.g." + minLength: 1 + type: "string" + required: + - "value" + type: "object" header: description: "RequestHeader adds the value of an header from the request to each span." properties: diff --git a/crd-catalog/k8gb-io/k8gb/k8gb.absa.oss/v1beta1/gslbs.yaml b/crd-catalog/k8gb-io/k8gb/k8gb.absa.oss/v1beta1/gslbs.yaml index 8a224e959..05b837906 100644 --- a/crd-catalog/k8gb-io/k8gb/k8gb.absa.oss/v1beta1/gslbs.yaml +++ b/crd-catalog/k8gb-io/k8gb/k8gb.absa.oss/v1beta1/gslbs.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.18.0" + controller-gen.kubebuilder.io/version: "v0.19.0" name: "gslbs.k8gb.absa.oss" spec: group: "k8gb.absa.oss" diff --git a/crd-catalog/keycloak/keycloak-k8s-resources/k8s.keycloak.org/v2alpha1/keycloaks.yaml b/crd-catalog/keycloak/keycloak-k8s-resources/k8s.keycloak.org/v2alpha1/keycloaks.yaml index 182383e8c..a96295ab8 100644 --- a/crd-catalog/keycloak/keycloak-k8s-resources/k8s.keycloak.org/v2alpha1/keycloaks.yaml +++ b/crd-catalog/keycloak/keycloak-k8s-resources/k8s.keycloak.org/v2alpha1/keycloaks.yaml @@ -37,6 +37,9 @@ spec: type: "string" type: "object" type: "array" + automountServiceAccountToken: + description: "Set this to to false to disable automounting the default ServiceAccount Token and Service CA. This is enabled by default." + type: "boolean" bootstrapAdmin: description: "In this section you can configure Keycloak's bootstrap admin - will be used only for initial cluster creation." properties: diff --git a/crd-catalog/kubeedge/kubeedge/devices.kubeedge.io/v1alpha2/devices.yaml b/crd-catalog/kubeedge/kubeedge/devices.kubeedge.io/v1alpha2/devices.yaml index 2ad547e7b..ad067c09e 100644 --- a/crd-catalog/kubeedge/kubeedge/devices.kubeedge.io/v1alpha2/devices.yaml +++ b/crd-catalog/kubeedge/kubeedge/devices.kubeedge.io/v1alpha2/devices.yaml @@ -27,7 +27,7 @@ spec: metadata: type: "object" spec: - description: "DeviceSpec represents a single device instance. It is an instantation of a device model." + description: "DeviceSpec represents a single device instance. It is an instantiation of a device model." properties: data: description: "Data section describe a list of time-series properties which should be processed\non edge node." diff --git a/crd-catalog/kubernetes-sigs/cluster-api-provider-ibmcloud/infrastructure.cluster.x-k8s.io/v1beta2/ibmpowervsclusters.yaml b/crd-catalog/kubernetes-sigs/cluster-api-provider-ibmcloud/infrastructure.cluster.x-k8s.io/v1beta2/ibmpowervsclusters.yaml index a96aad212..bdbec0d50 100644 --- a/crd-catalog/kubernetes-sigs/cluster-api-provider-ibmcloud/infrastructure.cluster.x-k8s.io/v1beta2/ibmpowervsclusters.yaml +++ b/crd-catalog/kubernetes-sigs/cluster-api-provider-ibmcloud/infrastructure.cluster.x-k8s.io/v1beta2/ibmpowervsclusters.yaml @@ -369,7 +369,7 @@ spec: type: "string" type: "object" serviceInstanceID: - description: "ServiceInstanceID is the id of the power cloud instance where the vsi instance will get deployed.\nDeprecated: use ServiceInstance instead" + description: "Deprecated: use ServiceInstance instead\n\nServiceInstanceID is the id of the power cloud instance where the vsi instance will get deployed." type: "string" transitGateway: description: "transitGateway contains information about IBM Cloud TransitGateway\nIBM Cloud TransitGateway helps in establishing network connectivity between IBM Cloud Power VS and VPC infrastructure\nmore information about TransitGateway can be found here https://www.ibm.com/products/transit-gateway.\nwhen TransitGateway.ID is set, its expected that there exist a TransitGateway with ID or else system will give error.\nwhen TransitGateway.Name is set, system will first check for TransitGateway with Name, if not exist system will create new TransitGateway." diff --git a/crd-catalog/kubernetes-sigs/cluster-api-provider-ibmcloud/infrastructure.cluster.x-k8s.io/v1beta2/ibmpowervsclustertemplates.yaml b/crd-catalog/kubernetes-sigs/cluster-api-provider-ibmcloud/infrastructure.cluster.x-k8s.io/v1beta2/ibmpowervsclustertemplates.yaml index a1e0b909f..f6b5599f0 100644 --- a/crd-catalog/kubernetes-sigs/cluster-api-provider-ibmcloud/infrastructure.cluster.x-k8s.io/v1beta2/ibmpowervsclustertemplates.yaml +++ b/crd-catalog/kubernetes-sigs/cluster-api-provider-ibmcloud/infrastructure.cluster.x-k8s.io/v1beta2/ibmpowervsclustertemplates.yaml @@ -375,7 +375,7 @@ spec: type: "string" type: "object" serviceInstanceID: - description: "ServiceInstanceID is the id of the power cloud instance where the vsi instance will get deployed.\nDeprecated: use ServiceInstance instead" + description: "Deprecated: use ServiceInstance instead\n\nServiceInstanceID is the id of the power cloud instance where the vsi instance will get deployed." type: "string" transitGateway: description: "transitGateway contains information about IBM Cloud TransitGateway\nIBM Cloud TransitGateway helps in establishing network connectivity between IBM Cloud Power VS and VPC infrastructure\nmore information about TransitGateway can be found here https://www.ibm.com/products/transit-gateway.\nwhen TransitGateway.ID is set, its expected that there exist a TransitGateway with ID or else system will give error.\nwhen TransitGateway.Name is set, system will first check for TransitGateway with Name, if not exist system will create new TransitGateway." diff --git a/crd-catalog/kubernetes-sigs/cluster-api-provider-ibmcloud/infrastructure.cluster.x-k8s.io/v1beta2/ibmpowervsimages.yaml b/crd-catalog/kubernetes-sigs/cluster-api-provider-ibmcloud/infrastructure.cluster.x-k8s.io/v1beta2/ibmpowervsimages.yaml index ab1cbffed..03b2e8255 100644 --- a/crd-catalog/kubernetes-sigs/cluster-api-provider-ibmcloud/infrastructure.cluster.x-k8s.io/v1beta2/ibmpowervsimages.yaml +++ b/crd-catalog/kubernetes-sigs/cluster-api-provider-ibmcloud/infrastructure.cluster.x-k8s.io/v1beta2/ibmpowervsimages.yaml @@ -75,7 +75,7 @@ spec: type: "string" type: "object" serviceInstanceID: - description: "ServiceInstanceID is the id of the power cloud instance where the image will get imported.\nDeprecated: use ServiceInstance instead" + description: "Deprecated: use ServiceInstance instead\n\nServiceInstanceID is the id of the power cloud instance where the image will get imported." type: "string" storageType: default: "tier1" diff --git a/crd-catalog/kubernetes-sigs/cluster-api-provider-ibmcloud/infrastructure.cluster.x-k8s.io/v1beta2/ibmpowervsmachines.yaml b/crd-catalog/kubernetes-sigs/cluster-api-provider-ibmcloud/infrastructure.cluster.x-k8s.io/v1beta2/ibmpowervsmachines.yaml index 8e4bdd595..5333f2045 100644 --- a/crd-catalog/kubernetes-sigs/cluster-api-provider-ibmcloud/infrastructure.cluster.x-k8s.io/v1beta2/ibmpowervsmachines.yaml +++ b/crd-catalog/kubernetes-sigs/cluster-api-provider-ibmcloud/infrastructure.cluster.x-k8s.io/v1beta2/ibmpowervsmachines.yaml @@ -144,7 +144,7 @@ spec: type: "string" type: "object" serviceInstanceID: - description: "ServiceInstanceID is the id of the power cloud instance where the vsi instance will get deployed.\nDeprecated: use ServiceInstance instead" + description: "Deprecated: use ServiceInstance instead\n\nServiceInstanceID is the id of the power cloud instance where the vsi instance will get deployed." type: "string" sshKey: description: "SSHKey is the name of the SSH key pair provided to the vsi for authenticating users." diff --git a/crd-catalog/kubernetes-sigs/cluster-api-provider-ibmcloud/infrastructure.cluster.x-k8s.io/v1beta2/ibmpowervsmachinetemplates.yaml b/crd-catalog/kubernetes-sigs/cluster-api-provider-ibmcloud/infrastructure.cluster.x-k8s.io/v1beta2/ibmpowervsmachinetemplates.yaml index 618bbfb12..6f689644c 100644 --- a/crd-catalog/kubernetes-sigs/cluster-api-provider-ibmcloud/infrastructure.cluster.x-k8s.io/v1beta2/ibmpowervsmachinetemplates.yaml +++ b/crd-catalog/kubernetes-sigs/cluster-api-provider-ibmcloud/infrastructure.cluster.x-k8s.io/v1beta2/ibmpowervsmachinetemplates.yaml @@ -114,7 +114,7 @@ spec: type: "string" type: "object" serviceInstanceID: - description: "ServiceInstanceID is the id of the power cloud instance where the vsi instance will get deployed.\nDeprecated: use ServiceInstance instead" + description: "Deprecated: use ServiceInstance instead\n\nServiceInstanceID is the id of the power cloud instance where the vsi instance will get deployed." type: "string" sshKey: description: "SSHKey is the name of the SSH key pair provided to the vsi for authenticating users." diff --git a/crd-catalog/kubernetes-sigs/container-object-storage-interface/objectstorage.k8s.io/v1alpha2/bucketaccesses.yaml b/crd-catalog/kubernetes-sigs/container-object-storage-interface/objectstorage.k8s.io/v1alpha2/bucketaccesses.yaml index a8bb0d90d..1e13d8a81 100644 --- a/crd-catalog/kubernetes-sigs/container-object-storage-interface/objectstorage.k8s.io/v1alpha2/bucketaccesses.yaml +++ b/crd-catalog/kubernetes-sigs/container-object-storage-interface/objectstorage.k8s.io/v1alpha2/bucketaccesses.yaml @@ -104,14 +104,12 @@ spec: accessedBuckets: description: "accessedBuckets is a list of Buckets the provisioned access must have permissions for, along\nwith per-Bucket access options. This field is populated by the COSI Controller based on the\nreferenced BucketClaims in the spec." items: - description: "AccessedBucket identifies a Bucket and corresponding access parameters." + description: "AccessedBucket identifies a Bucket and correlates it to a BucketClaimAccess from the spec." properties: - accessMode: - description: "accessMode is the Read/Write access mode that the access should have for the bucket." - enum: - - "ReadWrite" - - "ReadOnly" - - "WriteOnly" + bucketClaimName: + description: "bucketClaimName must match a BucketClaimAccess's BucketClaimName from the spec." + maxLength: 253 + minLength: 1 type: "string" bucketName: description: "bucketName is the name of a Bucket the access should have permissions for." @@ -119,7 +117,7 @@ spec: minLength: 1 type: "string" required: - - "accessMode" + - "bucketClaimName" - "bucketName" type: "object" type: "array" diff --git a/crd-catalog/kubernetes-sigs/gateway-api/gateway.networking.k8s.io/v1alpha3/backendtlspolicies.yaml b/crd-catalog/kubernetes-sigs/gateway-api/gateway.networking.k8s.io/v1alpha3/backendtlspolicies.yaml index b63f7f7a0..96de31b0e 100644 --- a/crd-catalog/kubernetes-sigs/gateway-api/gateway.networking.k8s.io/v1alpha3/backendtlspolicies.yaml +++ b/crd-catalog/kubernetes-sigs/gateway-api/gateway.networking.k8s.io/v1alpha3/backendtlspolicies.yaml @@ -303,6 +303,8 @@ spec: type: "object" served: true storage: false + subresources: + status: {} status: acceptedNames: kind: "" diff --git a/crd-catalog/kubernetes-sigs/kueue/kueue.x-k8s.io/v1beta1/admissionchecks.yaml b/crd-catalog/kubernetes-sigs/kueue/kueue.x-k8s.io/v1beta1/admissionchecks.yaml index c2d592c73..a38b69403 100644 --- a/crd-catalog/kubernetes-sigs/kueue/kueue.x-k8s.io/v1beta1/admissionchecks.yaml +++ b/crd-catalog/kubernetes-sigs/kueue/kueue.x-k8s.io/v1beta1/admissionchecks.yaml @@ -60,7 +60,7 @@ spec: type: "object" retryDelayMinutes: default: 15 - description: "retryDelayMinutes specifies how long to keep the workload suspended after\na failed check (after it transitioned to False). When the delay period has passed, the check\nstate goes to \"Unknown\". The default is 15 min.\nDeprecated: retryDelayMinutes has already been deprecated since v0.8 and will be removed in v1beta2." + description: "retryDelayMinutes specifies how long to keep the workload suspended after\na failed check (after it transitioned to False). When the delay period has passed, the check\nstate goes to \"Unknown\". The default is 15 min.\n\nDeprecated: retryDelayMinutes has already been deprecated since v0.8 and will be removed in v1beta2." format: "int64" type: "integer" required: diff --git a/crd-catalog/kubernetes-sigs/kueue/kueue.x-k8s.io/v1beta1/clusterqueues.yaml b/crd-catalog/kubernetes-sigs/kueue/kueue.x-k8s.io/v1beta1/clusterqueues.yaml index 1f0a3e4fb..21aa9eecf 100644 --- a/crd-catalog/kubernetes-sigs/kueue/kueue.x-k8s.io/v1beta1/clusterqueues.yaml +++ b/crd-catalog/kubernetes-sigs/kueue/kueue.x-k8s.io/v1beta1/clusterqueues.yaml @@ -112,6 +112,12 @@ spec: default: {} description: "flavorFungibility defines whether a workload should try the next flavor\nbefore borrowing or preempting in the flavor being evaluated." properties: + preference: + description: "preference guides the choosing of the flavor for admission in case all candidate flavors\nrequire either preemption, borrowing, or both. The possible values are:\n- `BorrowingOverPreemption` (default): prefer to use borrowing rather than preemption\nwhen such a choice is possible. More technically it minimizes the borrowing distance\nin the cohort tree, and solves tie-breaks by preferring better preemption mode\n(reclaim over preemption within ClusterQueue).\n- `PreemptionOverBorrowing`: prefer to use preemption rather than borrowing\nwhen such a choice is possible. More technically it optimizes the preemption mode\n(reclaim over preemption within ClusterQueue), and solves tie-breaks by minimizing\nthe borrowing distance in the cohort tree." + enum: + - "BorrowingOverPreemption" + - "PreemptionOverBorrowing" + type: "string" whenCanBorrow: default: "MayStopSearch" description: "whenCanBorrow determines whether a workload should try the next flavor\nbefore borrowing in current flavor. The possible values are:\n\n- `MayStopSearch` (default): stop the search for candidate flavors if workload\n fits or requires borrowing to fit.\n- `TryNextFlavor`: try next flavor if workload requires borrowing to fit.\n- `Borrow` (deprecated): old name for `MayStopSearch`; please use new name." @@ -129,6 +135,9 @@ spec: - "Preempt" type: "string" type: "object" + x-kubernetes-validations: + - message: "preference can only be set when both whenCanBorrow and whenCanPreempt are TryNextFlavor" + rule: "!has(self.preference) || (self.whenCanBorrow == 'TryNextFlavor' && self.whenCanPreempt == 'TryNextFlavor')" namespaceSelector: description: "namespaceSelector defines which namespaces are allowed to submit workloads to\nthis clusterQueue. Beyond this basic support for policy, a policy agent like\nGatekeeper should be used to enforce more advanced policies.\nDefaults to null which is a nothing selector (no namespaces eligible).\nIf set to an empty selector `{}`, then all namespaces are eligible." properties: @@ -483,7 +492,7 @@ spec: format: "int32" type: "integer" pendingWorkloadsStatus: - description: "pendingWorkloadsStatus contains the information exposed about the current\nstatus of the pending workloads in the cluster queue.\nDeprecated: This field is no longer effective since v0.14.0, which means Kueue no longer stores and updates information.\nYou can migrate to VisibilityOnDemand\n(https://kueue.sigs.k8s.io/docs/tasks/manage/monitor_pending_workloads/pending_workloads_on_demand/)\ninstead." + description: "pendingWorkloadsStatus contains the information exposed about the current\nstatus of the pending workloads in the cluster queue.\n\nDeprecated: This field is no longer effective since v0.14.0, which means Kueue no longer stores and updates information.\nYou can migrate to VisibilityOnDemand\n(https://kueue.sigs.k8s.io/docs/tasks/manage/monitor_pending_workloads/pending_workloads_on_demand/)\ninstead." properties: clusterQueuePendingWorkload: description: "clusterQueuePendingWorkload contains the list of top pending workloads." diff --git a/crd-catalog/kubernetes-sigs/kueue/kueue.x-k8s.io/v1beta1/localqueues.yaml b/crd-catalog/kubernetes-sigs/kueue/kueue.x-k8s.io/v1beta1/localqueues.yaml index b53b13af3..2f7ce71b0 100644 --- a/crd-catalog/kubernetes-sigs/kueue/kueue.x-k8s.io/v1beta1/localqueues.yaml +++ b/crd-catalog/kubernetes-sigs/kueue/kueue.x-k8s.io/v1beta1/localqueues.yaml @@ -200,7 +200,7 @@ spec: - "name" x-kubernetes-list-type: "map" flavors: - description: "flavors lists all currently available ResourceFlavors in specified ClusterQueue.\nDeprecated: Flavors is deprecated and marked for removal in v1beta2." + description: "flavors lists all currently available ResourceFlavors in specified ClusterQueue.\n\nDeprecated: Flavors is deprecated and marked for removal in v1beta2." items: description: "Deprecated: LocalQueueFlavorStatus is deprecated and marked for removal in v1beta2." properties: diff --git a/crd-catalog/kubernetes-sigs/kueue/kueue.x-k8s.io/v1beta1/workloads.yaml b/crd-catalog/kubernetes-sigs/kueue/kueue.x-k8s.io/v1beta1/workloads.yaml index cee5ee58d..f5758660e 100644 --- a/crd-catalog/kubernetes-sigs/kueue/kueue.x-k8s.io/v1beta1/workloads.yaml +++ b/crd-catalog/kubernetes-sigs/kueue/kueue.x-k8s.io/v1beta1/workloads.yaml @@ -5302,6 +5302,16 @@ spec: maxItems: 8 type: "array" x-kubernetes-list-type: "atomic" + requeueAfterSeconds: + description: "requeueAfterSeconds indicates how long to wait at least before\nretrying to admit the workload.\nThe admission check controllers can set this field when State=Retry\nto implement delays between retry attempts.\n\nIf nil when State=Retry, Kueue will retry immediately.\nIf set, Kueue will add the workload back to the queue after\n lastTransitionTime + RequeueAfterSeconds is over." + format: "int32" + minimum: 0.0 + type: "integer" + retryCount: + description: "retryCount tracks retry attempts for this admission check.\nKueue automatically increments the counter whenever the\nstate transitions to Retry." + format: "int32" + minimum: 0.0 + type: "integer" state: description: "state of the admissionCheck, one of Pending, Ready, Retry, Rejected" enum: diff --git a/crd-catalog/kubernetes-sigs/kueue/kueue.x-k8s.io/v1beta2/clusterqueues.yaml b/crd-catalog/kubernetes-sigs/kueue/kueue.x-k8s.io/v1beta2/clusterqueues.yaml index 681af1e00..f4921a20f 100644 --- a/crd-catalog/kubernetes-sigs/kueue/kueue.x-k8s.io/v1beta2/clusterqueues.yaml +++ b/crd-catalog/kubernetes-sigs/kueue/kueue.x-k8s.io/v1beta2/clusterqueues.yaml @@ -118,6 +118,12 @@ spec: default: {} description: "flavorFungibility defines whether a workload should try the next flavor\nbefore borrowing or preempting in the flavor being evaluated." properties: + preference: + description: "preference guides the choosing of the flavor for admission in case all candidate flavors\nrequire either preemption, borrowing, or both. The possible values are:\n- `BorrowingOverPreemption` (default): prefer to use borrowing rather than preemption\nwhen such a choice is possible. More technically it minimizes the borrowing distance\nin the cohort tree, and solves tie-breaks by preferring better preemption mode\n(reclaim over preemption within ClusterQueue).\n- `PreemptionOverBorrowing`: prefer to use preemption rather than borrowing\nwhen such a choice is possible. More technically it optimizes the preemption mode\n(reclaim over preemption within ClusterQueue), and solves tie-breaks by minimizing\nthe borrowing distance in the cohort tree." + enum: + - "BorrowingOverPreemption" + - "PreemptionOverBorrowing" + type: "string" whenCanBorrow: default: "MayStopSearch" description: "whenCanBorrow determines whether a workload should try the next flavor\nbefore borrowing in current flavor. The possible values are:\n\n- `MayStopSearch` (default): stop the search for candidate flavors if workload\n fits or requires borrowing to fit.\n- `TryNextFlavor`: try next flavor if workload requires borrowing to fit." @@ -133,6 +139,9 @@ spec: - "TryNextFlavor" type: "string" type: "object" + x-kubernetes-validations: + - message: "preference can only be set when both whenCanBorrow and whenCanPreempt are TryNextFlavor" + rule: "!has(self.preference) || (self.whenCanBorrow == 'TryNextFlavor' && self.whenCanPreempt == 'TryNextFlavor')" namespaceSelector: description: "namespaceSelector defines which namespaces are allowed to submit workloads to\nthis clusterQueue. Beyond this basic support for policy, a policy agent like\nGatekeeper should be used to enforce more advanced policies.\nDefaults to null which is a nothing selector (no namespaces eligible).\nIf set to an empty selector `{}`, then all namespaces are eligible." properties: @@ -363,26 +372,6 @@ spec: fairSharing: description: "fairSharing contains the current state for this ClusterQueue\nwhen participating in Fair Sharing.\nThis is recorded only when Fair Sharing is enabled in the Kueue configuration." properties: - admissionFairSharingStatus: - description: "admissionFairSharingStatus represents information relevant to the Admission Fair Sharing" - properties: - consumedResources: - additionalProperties: - anyOf: - - type: "integer" - - type: "string" - pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" - x-kubernetes-int-or-string: true - description: "consumedResources represents the aggregated usage of resources over time,\nwith decaying function applied.\nThe value is populated if usage consumption functionality is enabled in Kueue config." - type: "object" - lastUpdate: - description: "lastUpdate is the time when share and consumed resources were updated." - format: "date-time" - type: "string" - required: - - "consumedResources" - - "lastUpdate" - type: "object" weightedShare: description: "weightedShare represents the maximum of the ratios of usage\nabove nominal quota to the lendable resources in the\nCohort, among all the resources provided by the Node, and\ndivided by the weight. If zero, it means that the usage of\nthe Node is below the nominal quota. If the Node has a\nweight of zero and is borrowing, this will return\n9223372036854775807, the maximum possible share value." format: "int64" diff --git a/crd-catalog/kubernetes-sigs/kueue/kueue.x-k8s.io/v1beta2/cohorts.yaml b/crd-catalog/kubernetes-sigs/kueue/kueue.x-k8s.io/v1beta2/cohorts.yaml index 90827023c..191582351 100644 --- a/crd-catalog/kubernetes-sigs/kueue/kueue.x-k8s.io/v1beta2/cohorts.yaml +++ b/crd-catalog/kubernetes-sigs/kueue/kueue.x-k8s.io/v1beta2/cohorts.yaml @@ -133,26 +133,6 @@ spec: fairSharing: description: "fairSharing contains the current state for this Cohort\nwhen participating in Fair Sharing.\nThe is recorded only when Fair Sharing is enabled in the Kueue configuration." properties: - admissionFairSharingStatus: - description: "admissionFairSharingStatus represents information relevant to the Admission Fair Sharing" - properties: - consumedResources: - additionalProperties: - anyOf: - - type: "integer" - - type: "string" - pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" - x-kubernetes-int-or-string: true - description: "consumedResources represents the aggregated usage of resources over time,\nwith decaying function applied.\nThe value is populated if usage consumption functionality is enabled in Kueue config." - type: "object" - lastUpdate: - description: "lastUpdate is the time when share and consumed resources were updated." - format: "date-time" - type: "string" - required: - - "consumedResources" - - "lastUpdate" - type: "object" weightedShare: description: "weightedShare represents the maximum of the ratios of usage\nabove nominal quota to the lendable resources in the\nCohort, among all the resources provided by the Node, and\ndivided by the weight. If zero, it means that the usage of\nthe Node is below the nominal quota. If the Node has a\nweight of zero and is borrowing, this will return\n9223372036854775807, the maximum possible share value." format: "int64" diff --git a/crd-catalog/kubernetes-sigs/kueue/kueue.x-k8s.io/v1beta2/multikueueclusters.yaml b/crd-catalog/kubernetes-sigs/kueue/kueue.x-k8s.io/v1beta2/multikueueclusters.yaml index ecbef00d1..26c889538 100644 --- a/crd-catalog/kubernetes-sigs/kueue/kueue.x-k8s.io/v1beta2/multikueueclusters.yaml +++ b/crd-catalog/kubernetes-sigs/kueue/kueue.x-k8s.io/v1beta2/multikueueclusters.yaml @@ -38,6 +38,23 @@ spec: spec: description: "spec is the specification of the MultiKueueCluster." properties: + clusterProfile: + description: "clusterProfile is the reference to the ClusterProfile object used to connect to the cluster." + properties: + name: + description: "name of the ClusterProfile." + maxLength: 256 + minLength: 1 + type: "string" + namespace: + description: "namespace of the ClusterProfile." + maxLength: 256 + minLength: 1 + type: "string" + required: + - "name" + - "namespace" + type: "object" kubeConfig: description: "kubeConfig is information on how to connect to the cluster." properties: @@ -56,9 +73,10 @@ spec: required: - "location" type: "object" - required: - - "kubeConfig" type: "object" + x-kubernetes-validations: + - message: "exactly one of the fields in [kubeConfig clusterProfile] must be set" + rule: "[has(self.kubeConfig),has(self.clusterProfile)].filter(x,x==true).size() == 1" status: description: "status is the status of the MultiKueueCluster." properties: diff --git a/crd-catalog/kubernetes-sigs/kueue/kueue.x-k8s.io/v1beta2/workloads.yaml b/crd-catalog/kubernetes-sigs/kueue/kueue.x-k8s.io/v1beta2/workloads.yaml index 0e10029bd..d69004c7d 100644 --- a/crd-catalog/kubernetes-sigs/kueue/kueue.x-k8s.io/v1beta2/workloads.yaml +++ b/crd-catalog/kubernetes-sigs/kueue/kueue.x-k8s.io/v1beta2/workloads.yaml @@ -5197,7 +5197,7 @@ spec: description: "resourceUsage keeps track of the total resources all the pods in the podset need to run.\n\nBeside what is provided in podSet's specs, this calculation takes into account\nthe LimitRange defaults and RuntimeClass overheads at the moment of admission.\nThis field will not change in case of quota reclaim." type: "object" topologyAssignment: - description: "topologyAssignment indicates the topology assignment divided into\ntopology domains corresponding to the lowest level of the topology.\nThe assignment specifies the number of Pods to be scheduled per topology\ndomain and specifies the node selectors for each topology domain, in the\nfollowing way:\n* `levels` specifies the node selector keys (same for all domains).\n - If the TopologySpec.Levels field contains \"kubernetes.io/hostname\" label,\n topologyAssignment will contain data only for this label,\n and omit higher levels in the topology.\n* `slices` specifies the node selector values and pod counts for all domains\n (which may be partitioned into separate slices).\n - The node selector values are arranged first by topology level, only then by domain.\n (This allows \"optimizing\" similar values; see below).\n* The format of `slices` supports the following variations\n (aimed to optimize the total bytesize for very large number of domains; see examples below):\n - When all node selector values (at a given topology level, in a given slice)\n share a common prefix and/or suffix, these may be stored\n in dedicated `commonPrefix`/`commonSuffix` fields.\n If so, the array of `roots` will only store the remaining parts of these strings.\n - When all node selector values (at a given topology level, in a given slice)\n are identical, this may be represented by `universal` value.\n - When all pod counts (in a given slice) are identical,\n this may be represented by `universal` pod count.\n\nExample 1:\n\nThe following represents an assignment in which:\n* 4 Pods are to be scheduled on nodes matching the node selector:\n - cloud.provider.com/topology-block: block-1\n - cloud.provider.com/topology-rack: rack-1\n* 2 Pods are to be scheduled on nodes matching the node selector:\n - cloud.provider.com/topology-block: block-1\n - cloud.provider.com/topology-rack: rack-2\n\ntopologyAssignment:\n levels:\n - cloud.provider.com/topology-block\n - cloud.provider.com/topology-rack\n slices:\n - domainCount: 2\n valuesPerLevel:\n - individual:\n roots: [block-1, block-1]\n - individual:\n roots: [rack-1, rack-2]\n podCounts:\n individual: [4, 2]\n\nExample 2:\n\nThe following is equivalent to Example 1 - but using extracted prefix and universalValue.\n\ntopologyAssignment:\n levels:\n - cloud.provider.com/topology-block\n - cloud.provider.com/topology-rack\n slices:\n - domainCount: 2\n valuesPerLevel:\n - universal: block-1\n - individual:\n prefix: rack-\n\t\t roots: [1, 2]\n podCounts:\n individual: [4, 2]\n\nExample 3:\n\nNow suppose that:\n- the Topology object defines kubernetes.io/hostname as the lowest level\n (and hence, in the topologyAssignment, we omit all other levels\n since the hostname label suffices to explicitly identify a proper node),\n- we assign 1 Pod per each node,\n- the node naming scheme is `block-{blockId}-rack-{rackId}-node-{nodeId}`.\nThen, using the \"extraction of commons\", the assignment from Examples 1-2 would look as follows:\n\ntopologyAssignment:\n levels:\n - kubernetes.io/hostname\n slices:\n - domainCount: 6\n valuesPerLevel:\n - individual:\n prefix: block-1-rack-\n\t\t roots: [1-node-1, 1-node-2, 1-node-3, 1-node-4, 2-node-1, 2-node-2]\n podCounts:\n universal: 1\n\nExample 4:\n\nBy using multiple slices, we can afford even longer common prefixes.\nThe assignment from Example 3 can be alternatively represented as follows:\n\ntopologyAssignment:\n levels:\n - kubernetes.io/hostname\n slices:\n - domainCount: 4\n valuesPerLevel:\n - individual:\n prefix: block-1-rack-1-node-\n\t\t roots: [1, 2, 3, 4]\n podCounts:\n universal: 1\n - domainCount: 2\n valuesPerLevel:\n - individual:\n prefix: block-1-rack-2-node-\n\t\t roots: [1, 2]\n podCounts:\n universal: 1" + description: "topologyAssignment indicates the topology assignment divided into\ntopology domains corresponding to the lowest level of the topology.\nThe assignment specifies the number of Pods to be scheduled per topology\ndomain and specifies the node selectors for each topology domain, in the\nfollowing way:\n* `levels` specifies the node selector keys (same for all domains).\n - If the TopologySpec.Levels field contains \"kubernetes.io/hostname\" label,\n topologyAssignment will contain data only for this label,\n and omit higher levels in the topology.\n* `slices` specifies the node selector values and pod counts for all domains\n (which may be partitioned into separate slices).\n - The node selector values are arranged first by topology level, only then by domain.\n (This allows \"optimizing\" similar values; see below).\n* The format of `slices` supports the following variations\n (aimed to optimize the total bytesize for very large number of domains; see examples below):\n - When all node selector values (at a given topology level, in a given slice)\n share a common prefix and/or suffix, these may be stored\n in dedicated `prefix`/`suffix` fields.\n If so, the array of `roots` will only store the remaining parts of these strings.\n - When all node selector values (at a given topology level, in a given slice)\n are identical, this may be represented by `universal` value.\n - When all pod counts (in a given slice) are identical,\n this may be represented by `universal` pod count.\n\nExample 1:\n\nThe following represents an assignment in which:\n* 4 Pods are to be scheduled on nodes matching the node selector:\n - cloud.provider.com/topology-block: block-1\n - cloud.provider.com/topology-rack: rack-1\n* 2 Pods are to be scheduled on nodes matching the node selector:\n - cloud.provider.com/topology-block: block-1\n - cloud.provider.com/topology-rack: rack-2\n\ntopologyAssignment:\n levels:\n - cloud.provider.com/topology-block\n - cloud.provider.com/topology-rack\n slices:\n - domainCount: 2\n valuesPerLevel:\n - individual:\n roots: [block-1, block-1]\n - individual:\n roots: [rack-1, rack-2]\n podCounts:\n individual: [4, 2]\n\nExample 2:\n\nThe following is equivalent to Example 1 - but using extracted prefix and universalValue.\n\ntopologyAssignment:\n levels:\n - cloud.provider.com/topology-block\n - cloud.provider.com/topology-rack\n slices:\n - domainCount: 2\n valuesPerLevel:\n - universal: block-1\n - individual:\n prefix: rack-\n\t\t roots: [1, 2]\n podCounts:\n individual: [4, 2]\n\nExample 3:\n\nNow suppose that:\n- the Topology object defines kubernetes.io/hostname as the lowest level\n (and hence, in the topologyAssignment, we omit all other levels\n since the hostname label suffices to explicitly identify a proper node),\n- we assign 1 Pod per each node,\n- the node naming scheme is `block-{blockId}-rack-{rackId}-node-{nodeId}`.\nThen, using the \"extraction of commons\", the assignment from Examples 1-2 would look as follows:\n\ntopologyAssignment:\n levels:\n - kubernetes.io/hostname\n slices:\n - domainCount: 6\n valuesPerLevel:\n - individual:\n prefix: block-1-rack-\n\t\t roots: [1-node-1, 1-node-2, 1-node-3, 1-node-4, 2-node-1, 2-node-2]\n podCounts:\n universal: 1\n\nExample 4:\n\nBy using multiple slices, we can afford even longer common prefixes.\nThe assignment from Example 3 can be alternatively represented as follows:\n\ntopologyAssignment:\n levels:\n - kubernetes.io/hostname\n slices:\n - domainCount: 4\n valuesPerLevel:\n - individual:\n prefix: block-1-rack-1-node-\n\t\t roots: [1, 2, 3, 4]\n podCounts:\n universal: 1\n - domainCount: 2\n valuesPerLevel:\n - individual:\n prefix: block-1-rack-2-node-\n\t\t roots: [1, 2]\n podCounts:\n universal: 1" properties: levels: description: "levels is an ordered list of keys denoting the levels of the assigned\ntopology (i.e. node label keys), from the highest to the lowest level of\nthe topology." @@ -5246,16 +5246,12 @@ spec: individual: description: "individual - if set - specifies multiple topology placement values (at a particular topology level)\nthat apply to the pods in the current TopologyAssignmentSlice.\nExactly one of universal, individual must be set." properties: - commonPrefix: - description: "commonPrefix specifies a common prefix for all values in this slice assignment.\nIt must be either nil pointer or a non-empty string." - maxLength: 63 - type: "string" - commonSuffix: - description: "commonSuffix specifies a common suffix for all values in this slice assignment.\nIt must be either nil pointer or a non-empty string." + prefix: + description: "prefix specifies a common prefix for all values in this slice assignment.\nIt must be either nil pointer or a non-empty string." maxLength: 63 type: "string" roots: - description: "roots specifies the values in this assignment (excluding commonPrefix and commonSuffix, if non-empty).\nIts length must be equal to the \"domainCount\" field of the TopologyAssignmentSlice." + description: "roots specifies the values in this assignment (excluding prefix and suffix, if non-empty).\nIts length must be equal to the \"domainCount\" field of the TopologyAssignmentSlice." items: maxLength: 63 type: "string" @@ -5263,6 +5259,10 @@ spec: minItems: 1 type: "array" x-kubernetes-list-type: "atomic" + suffix: + description: "suffix specifies a common suffix for all values in this slice assignment.\nIt must be either nil pointer or a non-empty string." + maxLength: 63 + type: "string" required: - "roots" type: "object" @@ -5389,6 +5389,16 @@ spec: maxItems: 8 type: "array" x-kubernetes-list-type: "atomic" + requeueAfterSeconds: + description: "requeueAfterSeconds indicates how long to wait at least before\nretrying to admit the workload.\nThe admission check controllers can set this field when State=Retry\nto implement delays between retry attempts.\n\nIf nil when State=Retry, Kueue will retry immediately.\nIf set, Kueue will add the workload back to the queue after\n lastTransitionTime + RequeueAfterSeconds is over." + format: "int32" + minimum: 0.0 + type: "integer" + retryCount: + description: "retryCount tracks retry attempts for this admission check.\nKueue automatically increments the counter whenever the\nstate transitions to Retry." + format: "int32" + minimum: 0.0 + type: "integer" state: description: "state of the admissionCheck, one of Pending, Ready, Retry, Rejected" enum: diff --git a/crd-catalog/longhorn/longhorn/longhorn.io/v1beta2/backups.yaml b/crd-catalog/longhorn/longhorn/longhorn.io/v1beta2/backups.yaml index 7663f8740..aca6f10d5 100644 --- a/crd-catalog/longhorn/longhorn/longhorn.io/v1beta2/backups.yaml +++ b/crd-catalog/longhorn/longhorn/longhorn.io/v1beta2/backups.yaml @@ -74,7 +74,6 @@ spec: enum: - "full" - "incremental" - - "" type: "string" labels: additionalProperties: diff --git a/crd-catalog/longhorn/longhorn/longhorn.io/v1beta2/engines.yaml b/crd-catalog/longhorn/longhorn/longhorn.io/v1beta2/engines.yaml index 316cfcb3f..f702641f3 100644 --- a/crd-catalog/longhorn/longhorn/longhorn.io/v1beta2/engines.yaml +++ b/crd-catalog/longhorn/longhorn/longhorn.io/v1beta2/engines.yaml @@ -104,6 +104,12 @@ spec: snapshotMaxSize: format: "int64" type: "string" + ublkNumberOfQueue: + description: "ublkNumberOfQueue controls the number of queues for ublk frontend." + type: "integer" + ublkQueueDepth: + description: "ublkQueueDepth controls the depth of each queue for ublk frontend." + type: "integer" unmapMarkSnapChainRemovedEnabled: type: "boolean" upgradedReplicaAddressMap: diff --git a/crd-catalog/longhorn/longhorn/longhorn.io/v1beta2/volumes.yaml b/crd-catalog/longhorn/longhorn/longhorn.io/v1beta2/volumes.yaml index 39d488ca2..d26e4c5fc 100644 --- a/crd-catalog/longhorn/longhorn/longhorn.io/v1beta2/volumes.yaml +++ b/crd-catalog/longhorn/longhorn/longhorn.io/v1beta2/volumes.yaml @@ -69,6 +69,7 @@ spec: accessMode: enum: - "rwo" + - "rwop" - "rwx" type: "string" backingImage: @@ -220,6 +221,12 @@ spec: type: "string" staleReplicaTimeout: type: "integer" + ublkNumberOfQueue: + description: "ublkNumberOfQueue controls the number of queues for ublk frontend." + type: "integer" + ublkQueueDepth: + description: "ublkQueueDepth controls the depth of each queue for ublk frontend." + type: "integer" unmapMarkSnapChainRemoved: enum: - "ignored" diff --git a/crd-catalog/netobserv/network-observability-operator/flows.netobserv.io/v1beta2/flowcollectors.yaml b/crd-catalog/netobserv/network-observability-operator/flows.netobserv.io/v1beta2/flowcollectors.yaml index fb6f64e65..974d843fb 100644 --- a/crd-catalog/netobserv/network-observability-operator/flows.netobserv.io/v1beta2/flowcollectors.yaml +++ b/crd-catalog/netobserv/network-observability-operator/flows.netobserv.io/v1beta2/flowcollectors.yaml @@ -2123,7 +2123,7 @@ spec: type: "object" deploymentModel: default: "Direct" - description: "`deploymentModel` defines the desired type of deployment for flow processing. Possible values are:
\n- `Direct` (default) to make the flow processor listen directly from the agents using the host network, backed by a DaemonSet.
\n- `Service` to make the flow processor listen as a Kubernetes Service, backed by a scalable Deployment.
\n- `Kafka` to make flows sent to a Kafka pipeline before consumption by the processor.
\nKafka can provide better scalability, resiliency, and high availability (for more details, see https://www.redhat.com/en/topics/integration/what-is-apache-kafka).
\n`Direct` is not recommended on large clusters as it is less memory efficient." + description: "`deploymentModel` defines the desired type of deployment for flow processing. Possible values are:
\n- `Direct` (default) to make the flow processor listen directly from the agents using the host network, backed by a DaemonSet. Only recommended on small clusters, below 15 nodes.
\n- `Service` to make the flow processor listen as a Kubernetes Service, backed by a scalable Deployment.
\n- `Kafka` to make flows sent to a Kafka pipeline before consumption by the processor.
\nKafka can provide better scalability, resiliency, and high availability (for more details, see https://www.redhat.com/en/topics/integration/what-is-apache-kafka).
\n`Direct` is not recommended on large clusters as it is less memory efficient." enum: - "Direct" - "Service" @@ -2907,8 +2907,6 @@ spec: - message: "Namespace is immutable. If you need to change it, delete and recreate the resource." rule: "self == oldSelf" networkPolicy: - default: - enable: true description: "`networkPolicy` defines network policy settings for NetObserv components isolation." properties: additionalNamespaces: @@ -2917,7 +2915,7 @@ spec: type: "string" type: "array" enable: - description: "Deploys network policies on the namespaces used by NetObserv (main and privileged).\nThese network policies better isolate the NetObserv components to prevent undesired connections to them.\nThis option is enabled by default, disable it to manually manage network policies" + description: "Deploys network policies on the namespaces used by NetObserv (main and privileged).\nThese network policies better isolate the NetObserv components to prevent undesired connections from and to them.\nThis option is enabled by default when using with OVNKubernetes, and disabled otherwise (it has not been tested with other CNIs).\nWhen disabled, you can create manually the network policies for the NetObserv components." type: "boolean" type: "object" processor: diff --git a/crd-catalog/open-cluster-management-io/ocm/operator.open-cluster-management.io/v1/clustermanagers.yaml b/crd-catalog/open-cluster-management-io/ocm/operator.open-cluster-management.io/v1/clustermanagers.yaml index 6a65ab3be..dafa88159 100644 --- a/crd-catalog/open-cluster-management-io/ocm/operator.open-cluster-management.io/v1/clustermanagers.yaml +++ b/crd-catalog/open-cluster-management-io/ocm/operator.open-cluster-management.io/v1/clustermanagers.yaml @@ -416,11 +416,35 @@ spec: required: - "host" type: "object" + loadBalancer: + description: "LoadBalancer points customized configuration for loadBalancer type." + properties: + caBundle: + description: "CABundle is a customized caBundle of the endpoint." + format: "byte" + type: "string" + host: + description: "Host is the customized host name of the endpoint." + type: "string" + type: "object" + route: + description: "Route points customized configuration for route type." + properties: + caBundle: + description: "CABundle is a customized caBundle of the endpoint." + format: "byte" + type: "string" + host: + description: "Host is the customized host name of the endpoint." + type: "string" + type: "object" type: default: "hostname" description: "type specifies how the endpoint is exposed.\nYou may need to apply an object to expose the endpoint, for example: a route." enum: - "hostname" + - "loadBalancer" + - "route" type: "string" required: - "type" @@ -441,11 +465,35 @@ spec: required: - "host" type: "object" + loadBalancer: + description: "LoadBalancer points customized configuration for loadBalancer type." + properties: + caBundle: + description: "CABundle is a customized caBundle of the endpoint." + format: "byte" + type: "string" + host: + description: "Host is the customized host name of the endpoint." + type: "string" + type: "object" + route: + description: "Route points customized configuration for route type." + properties: + caBundle: + description: "CABundle is a customized caBundle of the endpoint." + format: "byte" + type: "string" + host: + description: "Host is the customized host name of the endpoint." + type: "string" + type: "object" type: default: "hostname" description: "type specifies how the endpoint is exposed.\nYou may need to apply an object to expose the endpoint, for example: a route." enum: - "hostname" + - "loadBalancer" + - "route" type: "string" required: - "type" diff --git a/crd-catalog/open-policy-agent/gatekeeper/config.gatekeeper.sh/v1alpha1/configs.yaml b/crd-catalog/open-policy-agent/gatekeeper/config.gatekeeper.sh/v1alpha1/configs.yaml index 043579e95..380daf17e 100644 --- a/crd-catalog/open-policy-agent/gatekeeper/config.gatekeeper.sh/v1alpha1/configs.yaml +++ b/crd-catalog/open-policy-agent/gatekeeper/config.gatekeeper.sh/v1alpha1/configs.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.14.0" + controller-gen.kubebuilder.io/version: "v0.19.0" labels: gatekeeper.sh/system: "yes" name: "configs.config.gatekeeper.sh" diff --git a/crd-catalog/open-policy-agent/gatekeeper/expansion.gatekeeper.sh/v1alpha1/expansiontemplate.yaml b/crd-catalog/open-policy-agent/gatekeeper/expansion.gatekeeper.sh/v1alpha1/expansiontemplate.yaml index f23afe1c3..dc409155a 100644 --- a/crd-catalog/open-policy-agent/gatekeeper/expansion.gatekeeper.sh/v1alpha1/expansiontemplate.yaml +++ b/crd-catalog/open-policy-agent/gatekeeper/expansion.gatekeeper.sh/v1alpha1/expansiontemplate.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.14.0" + controller-gen.kubebuilder.io/version: "v0.19.0" labels: gatekeeper.sh/system: "yes" name: "expansiontemplate.expansion.gatekeeper.sh" diff --git a/crd-catalog/open-policy-agent/gatekeeper/expansion.gatekeeper.sh/v1beta1/expansiontemplate.yaml b/crd-catalog/open-policy-agent/gatekeeper/expansion.gatekeeper.sh/v1beta1/expansiontemplate.yaml index 97cc299ba..46b0e7c84 100644 --- a/crd-catalog/open-policy-agent/gatekeeper/expansion.gatekeeper.sh/v1beta1/expansiontemplate.yaml +++ b/crd-catalog/open-policy-agent/gatekeeper/expansion.gatekeeper.sh/v1beta1/expansiontemplate.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.14.0" + controller-gen.kubebuilder.io/version: "v0.19.0" labels: gatekeeper.sh/system: "yes" name: "expansiontemplate.expansion.gatekeeper.sh" diff --git a/crd-catalog/open-policy-agent/gatekeeper/externaldata.gatekeeper.sh/v1alpha1/providers.yaml b/crd-catalog/open-policy-agent/gatekeeper/externaldata.gatekeeper.sh/v1alpha1/providers.yaml index 13a3642b4..9e4310216 100644 --- a/crd-catalog/open-policy-agent/gatekeeper/externaldata.gatekeeper.sh/v1alpha1/providers.yaml +++ b/crd-catalog/open-policy-agent/gatekeeper/externaldata.gatekeeper.sh/v1alpha1/providers.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.14.0" + controller-gen.kubebuilder.io/version: "v0.19.0" labels: gatekeeper.sh/system: "yes" name: "providers.externaldata.gatekeeper.sh" @@ -44,6 +44,57 @@ spec: description: "URL is the url for the provider. URL is prefixed with https://." type: "string" type: "object" + status: + description: "ProviderStatus defines the observed state of Provider." + properties: + byPod: + description: "ByPod is the status of the provider by pod" + items: + description: "ProviderPodStatusStatus defines the observed state of ProviderPodStatus." + properties: + active: + type: "boolean" + errors: + items: + description: "ProviderError represents a single error caught while managing providers." + properties: + errorTimestamp: + format: "date-time" + type: "string" + message: + type: "string" + retryable: + type: "boolean" + type: + description: "Type indicates a specific class of error for use by controller code.\nIf not present, the error should be treated as not matching any known type." + type: "string" + required: + - "message" + type: "object" + type: "array" + id: + type: "string" + lastCacheUpdateTime: + format: "date-time" + type: "string" + lastTransitionTime: + format: "date-time" + type: "string" + observedGeneration: + format: "int64" + type: "integer" + operations: + items: + type: "string" + type: "array" + providerUID: + description: "Storing the provider UID allows us to detect drift, such as\nwhen a provider has been recreated after its CRD was deleted\nout from under it, interrupting the watch" + type: "string" + type: "object" + type: "array" + type: "object" type: "object" served: true storage: false + subresources: + status: {} diff --git a/crd-catalog/open-policy-agent/gatekeeper/externaldata.gatekeeper.sh/v1beta1/providers.yaml b/crd-catalog/open-policy-agent/gatekeeper/externaldata.gatekeeper.sh/v1beta1/providers.yaml index 0347cf1aa..de1ba1367 100644 --- a/crd-catalog/open-policy-agent/gatekeeper/externaldata.gatekeeper.sh/v1beta1/providers.yaml +++ b/crd-catalog/open-policy-agent/gatekeeper/externaldata.gatekeeper.sh/v1beta1/providers.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.14.0" + controller-gen.kubebuilder.io/version: "v0.19.0" labels: gatekeeper.sh/system: "yes" name: "providers.externaldata.gatekeeper.sh" @@ -42,6 +42,57 @@ spec: description: "URL is the url for the provider. URL is prefixed with https://." type: "string" type: "object" + status: + description: "ProviderStatus defines the observed state of Provider." + properties: + byPod: + description: "ByPod is the status of the provider by pod" + items: + description: "ProviderPodStatusStatus defines the observed state of ProviderPodStatus." + properties: + active: + type: "boolean" + errors: + items: + description: "ProviderError represents a single error caught while managing providers." + properties: + errorTimestamp: + format: "date-time" + type: "string" + message: + type: "string" + retryable: + type: "boolean" + type: + description: "Type indicates a specific class of error for use by controller code.\nIf not present, the error should be treated as not matching any known type." + type: "string" + required: + - "message" + type: "object" + type: "array" + id: + type: "string" + lastCacheUpdateTime: + format: "date-time" + type: "string" + lastTransitionTime: + format: "date-time" + type: "string" + observedGeneration: + format: "int64" + type: "integer" + operations: + items: + type: "string" + type: "array" + providerUID: + description: "Storing the provider UID allows us to detect drift, such as\nwhen a provider has been recreated after its CRD was deleted\nout from under it, interrupting the watch" + type: "string" + type: "object" + type: "array" + type: "object" type: "object" served: true storage: true + subresources: + status: {} diff --git a/crd-catalog/open-policy-agent/gatekeeper/mutations.gatekeeper.sh/v1/assign.yaml b/crd-catalog/open-policy-agent/gatekeeper/mutations.gatekeeper.sh/v1/assign.yaml index edd28e7d8..9cc80097c 100644 --- a/crd-catalog/open-policy-agent/gatekeeper/mutations.gatekeeper.sh/v1/assign.yaml +++ b/crd-catalog/open-policy-agent/gatekeeper/mutations.gatekeeper.sh/v1/assign.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.14.0" + controller-gen.kubebuilder.io/version: "v0.19.0" labels: gatekeeper.sh/system: "yes" name: "assign.mutations.gatekeeper.sh" @@ -201,6 +201,8 @@ spec: provider: description: "Provider is the name of the external data provider." type: "string" + required: + - "provider" type: "object" fromMetadata: description: "FromMetadata assigns a value from the specified metadata field." @@ -215,7 +217,7 @@ spec: type: "object" pathTests: items: - description: "PathTest allows the user to customize how the mutation works if parent\npaths are missing. It traverses the list in order. All sub paths are\ntested against the provided condition, if the test fails, the mutation is\nnot applied. All `subPath` entries must be a prefix of `location`. Any\nglob characters will take on the same value as was used to\nexpand the matching glob in `location`.\n\n\nAvailable Tests:\n* MustExist - the path must exist or do not mutate\n* MustNotExist - the path must not exist or do not mutate." + description: "PathTest allows the user to customize how the mutation works if parent\npaths are missing. It traverses the list in order. All sub paths are\ntested against the provided condition, if the test fails, the mutation is\nnot applied. All `subPath` entries must be a prefix of `location`. Any\nglob characters will take on the same value as was used to\nexpand the matching glob in `location`.\n\nAvailable Tests:\n* MustExist - the path must exist or do not mutate\n* MustNotExist - the path must not exist or do not mutate." properties: condition: description: "Condition describes whether the path either MustExist or MustNotExist in the original object" diff --git a/crd-catalog/open-policy-agent/gatekeeper/mutations.gatekeeper.sh/v1/assignmetadata.yaml b/crd-catalog/open-policy-agent/gatekeeper/mutations.gatekeeper.sh/v1/assignmetadata.yaml index a5eb248fd..fb5879bf0 100644 --- a/crd-catalog/open-policy-agent/gatekeeper/mutations.gatekeeper.sh/v1/assignmetadata.yaml +++ b/crd-catalog/open-policy-agent/gatekeeper/mutations.gatekeeper.sh/v1/assignmetadata.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.14.0" + controller-gen.kubebuilder.io/version: "v0.19.0" labels: gatekeeper.sh/system: "yes" name: "assignmetadata.mutations.gatekeeper.sh" @@ -180,6 +180,8 @@ spec: provider: description: "Provider is the name of the external data provider." type: "string" + required: + - "provider" type: "object" fromMetadata: description: "FromMetadata assigns a value from the specified metadata field." diff --git a/crd-catalog/open-policy-agent/gatekeeper/mutations.gatekeeper.sh/v1/modifyset.yaml b/crd-catalog/open-policy-agent/gatekeeper/mutations.gatekeeper.sh/v1/modifyset.yaml index 014d639dd..8437b947f 100644 --- a/crd-catalog/open-policy-agent/gatekeeper/mutations.gatekeeper.sh/v1/modifyset.yaml +++ b/crd-catalog/open-policy-agent/gatekeeper/mutations.gatekeeper.sh/v1/modifyset.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.14.0" + controller-gen.kubebuilder.io/version: "v0.19.0" labels: gatekeeper.sh/system: "yes" name: "modifyset.mutations.gatekeeper.sh" @@ -184,7 +184,7 @@ spec: pathTests: description: "PathTests are a series of existence tests that can be checked\nbefore a mutation is applied" items: - description: "PathTest allows the user to customize how the mutation works if parent\npaths are missing. It traverses the list in order. All sub paths are\ntested against the provided condition, if the test fails, the mutation is\nnot applied. All `subPath` entries must be a prefix of `location`. Any\nglob characters will take on the same value as was used to\nexpand the matching glob in `location`.\n\n\nAvailable Tests:\n* MustExist - the path must exist or do not mutate\n* MustNotExist - the path must not exist or do not mutate." + description: "PathTest allows the user to customize how the mutation works if parent\npaths are missing. It traverses the list in order. All sub paths are\ntested against the provided condition, if the test fails, the mutation is\nnot applied. All `subPath` entries must be a prefix of `location`. Any\nglob characters will take on the same value as was used to\nexpand the matching glob in `location`.\n\nAvailable Tests:\n* MustExist - the path must exist or do not mutate\n* MustNotExist - the path must not exist or do not mutate." properties: condition: description: "Condition describes whether the path either MustExist or MustNotExist in the original object" diff --git a/crd-catalog/open-policy-agent/gatekeeper/mutations.gatekeeper.sh/v1alpha1/assign.yaml b/crd-catalog/open-policy-agent/gatekeeper/mutations.gatekeeper.sh/v1alpha1/assign.yaml index b5af16488..b4a2c7339 100644 --- a/crd-catalog/open-policy-agent/gatekeeper/mutations.gatekeeper.sh/v1alpha1/assign.yaml +++ b/crd-catalog/open-policy-agent/gatekeeper/mutations.gatekeeper.sh/v1alpha1/assign.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.14.0" + controller-gen.kubebuilder.io/version: "v0.19.0" labels: gatekeeper.sh/system: "yes" name: "assign.mutations.gatekeeper.sh" @@ -197,6 +197,8 @@ spec: provider: description: "Provider is the name of the external data provider." type: "string" + required: + - "provider" type: "object" fromMetadata: description: "FromMetadata assigns a value from the specified metadata field." @@ -211,7 +213,7 @@ spec: type: "object" pathTests: items: - description: "PathTest allows the user to customize how the mutation works if parent\npaths are missing. It traverses the list in order. All sub paths are\ntested against the provided condition, if the test fails, the mutation is\nnot applied. All `subPath` entries must be a prefix of `location`. Any\nglob characters will take on the same value as was used to\nexpand the matching glob in `location`.\n\n\nAvailable Tests:\n* MustExist - the path must exist or do not mutate\n* MustNotExist - the path must not exist or do not mutate." + description: "PathTest allows the user to customize how the mutation works if parent\npaths are missing. It traverses the list in order. All sub paths are\ntested against the provided condition, if the test fails, the mutation is\nnot applied. All `subPath` entries must be a prefix of `location`. Any\nglob characters will take on the same value as was used to\nexpand the matching glob in `location`.\n\nAvailable Tests:\n* MustExist - the path must exist or do not mutate\n* MustNotExist - the path must not exist or do not mutate." properties: condition: description: "Condition describes whether the path either MustExist or MustNotExist in the original object" diff --git a/crd-catalog/open-policy-agent/gatekeeper/mutations.gatekeeper.sh/v1alpha1/assignimage.yaml b/crd-catalog/open-policy-agent/gatekeeper/mutations.gatekeeper.sh/v1alpha1/assignimage.yaml index 88e2fe416..6927c23c0 100644 --- a/crd-catalog/open-policy-agent/gatekeeper/mutations.gatekeeper.sh/v1alpha1/assignimage.yaml +++ b/crd-catalog/open-policy-agent/gatekeeper/mutations.gatekeeper.sh/v1alpha1/assignimage.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.14.0" + controller-gen.kubebuilder.io/version: "v0.19.0" labels: gatekeeper.sh/system: "yes" name: "assignimage.mutations.gatekeeper.sh" @@ -185,7 +185,7 @@ spec: type: "string" pathTests: items: - description: "PathTest allows the user to customize how the mutation works if parent\npaths are missing. It traverses the list in order. All sub paths are\ntested against the provided condition, if the test fails, the mutation is\nnot applied. All `subPath` entries must be a prefix of `location`. Any\nglob characters will take on the same value as was used to\nexpand the matching glob in `location`.\n\n\nAvailable Tests:\n* MustExist - the path must exist or do not mutate\n* MustNotExist - the path must not exist or do not mutate." + description: "PathTest allows the user to customize how the mutation works if parent\npaths are missing. It traverses the list in order. All sub paths are\ntested against the provided condition, if the test fails, the mutation is\nnot applied. All `subPath` entries must be a prefix of `location`. Any\nglob characters will take on the same value as was used to\nexpand the matching glob in `location`.\n\nAvailable Tests:\n* MustExist - the path must exist or do not mutate\n* MustNotExist - the path must not exist or do not mutate." properties: condition: description: "Condition describes whether the path either MustExist or MustNotExist in the original object" diff --git a/crd-catalog/open-policy-agent/gatekeeper/mutations.gatekeeper.sh/v1alpha1/assignmetadata.yaml b/crd-catalog/open-policy-agent/gatekeeper/mutations.gatekeeper.sh/v1alpha1/assignmetadata.yaml index 517bf8d95..05f145688 100644 --- a/crd-catalog/open-policy-agent/gatekeeper/mutations.gatekeeper.sh/v1alpha1/assignmetadata.yaml +++ b/crd-catalog/open-policy-agent/gatekeeper/mutations.gatekeeper.sh/v1alpha1/assignmetadata.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.14.0" + controller-gen.kubebuilder.io/version: "v0.19.0" labels: gatekeeper.sh/system: "yes" name: "assignmetadata.mutations.gatekeeper.sh" @@ -176,6 +176,8 @@ spec: provider: description: "Provider is the name of the external data provider." type: "string" + required: + - "provider" type: "object" fromMetadata: description: "FromMetadata assigns a value from the specified metadata field." diff --git a/crd-catalog/open-policy-agent/gatekeeper/mutations.gatekeeper.sh/v1alpha1/modifyset.yaml b/crd-catalog/open-policy-agent/gatekeeper/mutations.gatekeeper.sh/v1alpha1/modifyset.yaml index ae9c20884..b45e302a5 100644 --- a/crd-catalog/open-policy-agent/gatekeeper/mutations.gatekeeper.sh/v1alpha1/modifyset.yaml +++ b/crd-catalog/open-policy-agent/gatekeeper/mutations.gatekeeper.sh/v1alpha1/modifyset.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.14.0" + controller-gen.kubebuilder.io/version: "v0.19.0" labels: gatekeeper.sh/system: "yes" name: "modifyset.mutations.gatekeeper.sh" @@ -180,7 +180,7 @@ spec: pathTests: description: "PathTests are a series of existence tests that can be checked\nbefore a mutation is applied" items: - description: "PathTest allows the user to customize how the mutation works if parent\npaths are missing. It traverses the list in order. All sub paths are\ntested against the provided condition, if the test fails, the mutation is\nnot applied. All `subPath` entries must be a prefix of `location`. Any\nglob characters will take on the same value as was used to\nexpand the matching glob in `location`.\n\n\nAvailable Tests:\n* MustExist - the path must exist or do not mutate\n* MustNotExist - the path must not exist or do not mutate." + description: "PathTest allows the user to customize how the mutation works if parent\npaths are missing. It traverses the list in order. All sub paths are\ntested against the provided condition, if the test fails, the mutation is\nnot applied. All `subPath` entries must be a prefix of `location`. Any\nglob characters will take on the same value as was used to\nexpand the matching glob in `location`.\n\nAvailable Tests:\n* MustExist - the path must exist or do not mutate\n* MustNotExist - the path must not exist or do not mutate." properties: condition: description: "Condition describes whether the path either MustExist or MustNotExist in the original object" diff --git a/crd-catalog/open-policy-agent/gatekeeper/mutations.gatekeeper.sh/v1beta1/assign.yaml b/crd-catalog/open-policy-agent/gatekeeper/mutations.gatekeeper.sh/v1beta1/assign.yaml index cda62f19a..37238d53a 100644 --- a/crd-catalog/open-policy-agent/gatekeeper/mutations.gatekeeper.sh/v1beta1/assign.yaml +++ b/crd-catalog/open-policy-agent/gatekeeper/mutations.gatekeeper.sh/v1beta1/assign.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.14.0" + controller-gen.kubebuilder.io/version: "v0.19.0" labels: gatekeeper.sh/system: "yes" name: "assign.mutations.gatekeeper.sh" @@ -197,6 +197,8 @@ spec: provider: description: "Provider is the name of the external data provider." type: "string" + required: + - "provider" type: "object" fromMetadata: description: "FromMetadata assigns a value from the specified metadata field." @@ -211,7 +213,7 @@ spec: type: "object" pathTests: items: - description: "PathTest allows the user to customize how the mutation works if parent\npaths are missing. It traverses the list in order. All sub paths are\ntested against the provided condition, if the test fails, the mutation is\nnot applied. All `subPath` entries must be a prefix of `location`. Any\nglob characters will take on the same value as was used to\nexpand the matching glob in `location`.\n\n\nAvailable Tests:\n* MustExist - the path must exist or do not mutate\n* MustNotExist - the path must not exist or do not mutate." + description: "PathTest allows the user to customize how the mutation works if parent\npaths are missing. It traverses the list in order. All sub paths are\ntested against the provided condition, if the test fails, the mutation is\nnot applied. All `subPath` entries must be a prefix of `location`. Any\nglob characters will take on the same value as was used to\nexpand the matching glob in `location`.\n\nAvailable Tests:\n* MustExist - the path must exist or do not mutate\n* MustNotExist - the path must not exist or do not mutate." properties: condition: description: "Condition describes whether the path either MustExist or MustNotExist in the original object" diff --git a/crd-catalog/open-policy-agent/gatekeeper/mutations.gatekeeper.sh/v1beta1/assignmetadata.yaml b/crd-catalog/open-policy-agent/gatekeeper/mutations.gatekeeper.sh/v1beta1/assignmetadata.yaml index ddbf21776..8f5352c61 100644 --- a/crd-catalog/open-policy-agent/gatekeeper/mutations.gatekeeper.sh/v1beta1/assignmetadata.yaml +++ b/crd-catalog/open-policy-agent/gatekeeper/mutations.gatekeeper.sh/v1beta1/assignmetadata.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.14.0" + controller-gen.kubebuilder.io/version: "v0.19.0" labels: gatekeeper.sh/system: "yes" name: "assignmetadata.mutations.gatekeeper.sh" @@ -176,6 +176,8 @@ spec: provider: description: "Provider is the name of the external data provider." type: "string" + required: + - "provider" type: "object" fromMetadata: description: "FromMetadata assigns a value from the specified metadata field." diff --git a/crd-catalog/open-policy-agent/gatekeeper/mutations.gatekeeper.sh/v1beta1/modifyset.yaml b/crd-catalog/open-policy-agent/gatekeeper/mutations.gatekeeper.sh/v1beta1/modifyset.yaml index 34507c046..c627b3920 100644 --- a/crd-catalog/open-policy-agent/gatekeeper/mutations.gatekeeper.sh/v1beta1/modifyset.yaml +++ b/crd-catalog/open-policy-agent/gatekeeper/mutations.gatekeeper.sh/v1beta1/modifyset.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.14.0" + controller-gen.kubebuilder.io/version: "v0.19.0" labels: gatekeeper.sh/system: "yes" name: "modifyset.mutations.gatekeeper.sh" @@ -180,7 +180,7 @@ spec: pathTests: description: "PathTests are a series of existence tests that can be checked\nbefore a mutation is applied" items: - description: "PathTest allows the user to customize how the mutation works if parent\npaths are missing. It traverses the list in order. All sub paths are\ntested against the provided condition, if the test fails, the mutation is\nnot applied. All `subPath` entries must be a prefix of `location`. Any\nglob characters will take on the same value as was used to\nexpand the matching glob in `location`.\n\n\nAvailable Tests:\n* MustExist - the path must exist or do not mutate\n* MustNotExist - the path must not exist or do not mutate." + description: "PathTest allows the user to customize how the mutation works if parent\npaths are missing. It traverses the list in order. All sub paths are\ntested against the provided condition, if the test fails, the mutation is\nnot applied. All `subPath` entries must be a prefix of `location`. Any\nglob characters will take on the same value as was used to\nexpand the matching glob in `location`.\n\nAvailable Tests:\n* MustExist - the path must exist or do not mutate\n* MustNotExist - the path must not exist or do not mutate." properties: condition: description: "Condition describes whether the path either MustExist or MustNotExist in the original object" diff --git a/crd-catalog/open-policy-agent/gatekeeper/status.gatekeeper.sh/v1beta1/constraintpodstatuses.yaml b/crd-catalog/open-policy-agent/gatekeeper/status.gatekeeper.sh/v1beta1/constraintpodstatuses.yaml index 09615e777..29de0ddd0 100644 --- a/crd-catalog/open-policy-agent/gatekeeper/status.gatekeeper.sh/v1beta1/constraintpodstatuses.yaml +++ b/crd-catalog/open-policy-agent/gatekeeper/status.gatekeeper.sh/v1beta1/constraintpodstatuses.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.14.0" + controller-gen.kubebuilder.io/version: "v0.19.0" labels: gatekeeper.sh/system: "yes" name: "constraintpodstatuses.status.gatekeeper.sh" diff --git a/crd-catalog/open-policy-agent/gatekeeper/status.gatekeeper.sh/v1beta1/constrainttemplatepodstatuses.yaml b/crd-catalog/open-policy-agent/gatekeeper/status.gatekeeper.sh/v1beta1/constrainttemplatepodstatuses.yaml index 53e5a27d9..21745504b 100644 --- a/crd-catalog/open-policy-agent/gatekeeper/status.gatekeeper.sh/v1beta1/constrainttemplatepodstatuses.yaml +++ b/crd-catalog/open-policy-agent/gatekeeper/status.gatekeeper.sh/v1beta1/constrainttemplatepodstatuses.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.14.0" + controller-gen.kubebuilder.io/version: "v0.19.0" labels: gatekeeper.sh/system: "yes" name: "constrainttemplatepodstatuses.status.gatekeeper.sh" diff --git a/crd-catalog/open-policy-agent/gatekeeper/status.gatekeeper.sh/v1beta1/expansiontemplatepodstatuses.yaml b/crd-catalog/open-policy-agent/gatekeeper/status.gatekeeper.sh/v1beta1/expansiontemplatepodstatuses.yaml index f24735ed9..124ee6b06 100644 --- a/crd-catalog/open-policy-agent/gatekeeper/status.gatekeeper.sh/v1beta1/expansiontemplatepodstatuses.yaml +++ b/crd-catalog/open-policy-agent/gatekeeper/status.gatekeeper.sh/v1beta1/expansiontemplatepodstatuses.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.14.0" + controller-gen.kubebuilder.io/version: "v0.19.0" labels: gatekeeper.sh/system: "yes" name: "expansiontemplatepodstatuses.status.gatekeeper.sh" diff --git a/crd-catalog/open-policy-agent/gatekeeper/status.gatekeeper.sh/v1beta1/mutatorpodstatuses.yaml b/crd-catalog/open-policy-agent/gatekeeper/status.gatekeeper.sh/v1beta1/mutatorpodstatuses.yaml index 27d0c7d9c..b3875dab0 100644 --- a/crd-catalog/open-policy-agent/gatekeeper/status.gatekeeper.sh/v1beta1/mutatorpodstatuses.yaml +++ b/crd-catalog/open-policy-agent/gatekeeper/status.gatekeeper.sh/v1beta1/mutatorpodstatuses.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.14.0" + controller-gen.kubebuilder.io/version: "v0.19.0" labels: gatekeeper.sh/system: "yes" name: "mutatorpodstatuses.status.gatekeeper.sh" diff --git a/crd-catalog/open-policy-agent/gatekeeper/templates.gatekeeper.sh/v1/constrainttemplates.yaml b/crd-catalog/open-policy-agent/gatekeeper/templates.gatekeeper.sh/v1/constrainttemplates.yaml index afe6aaf20..48a8f493f 100644 --- a/crd-catalog/open-policy-agent/gatekeeper/templates.gatekeeper.sh/v1/constrainttemplates.yaml +++ b/crd-catalog/open-policy-agent/gatekeeper/templates.gatekeeper.sh/v1/constrainttemplates.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.14.0" + controller-gen.kubebuilder.io/version: "v0.19.0" labels: gatekeeper.sh/system: "yes" name: "constrainttemplates.templates.gatekeeper.sh" @@ -83,6 +83,17 @@ spec: items: type: "string" type: "array" + operations: + items: + description: "OperationType specifies an operation for a request." + enum: + - "*" + - "CREATE" + - "DELETE" + - "UPDATE" + - "CONNECT" + type: "string" + type: "array" rego: type: "string" target: diff --git a/crd-catalog/open-policy-agent/gatekeeper/templates.gatekeeper.sh/v1alpha1/constrainttemplates.yaml b/crd-catalog/open-policy-agent/gatekeeper/templates.gatekeeper.sh/v1alpha1/constrainttemplates.yaml index 5d8f4a767..dff55d233 100644 --- a/crd-catalog/open-policy-agent/gatekeeper/templates.gatekeeper.sh/v1alpha1/constrainttemplates.yaml +++ b/crd-catalog/open-policy-agent/gatekeeper/templates.gatekeeper.sh/v1alpha1/constrainttemplates.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.14.0" + controller-gen.kubebuilder.io/version: "v0.19.0" labels: gatekeeper.sh/system: "yes" name: "constrainttemplates.templates.gatekeeper.sh" @@ -83,6 +83,17 @@ spec: items: type: "string" type: "array" + operations: + enum: + - "*" + - "CREATE" + - "DELETE" + - "UPDATE" + - "CONNECT" + items: + description: "OperationType specifies an operation for a request." + type: "string" + type: "array" rego: type: "string" target: diff --git a/crd-catalog/open-policy-agent/gatekeeper/templates.gatekeeper.sh/v1beta1/constrainttemplates.yaml b/crd-catalog/open-policy-agent/gatekeeper/templates.gatekeeper.sh/v1beta1/constrainttemplates.yaml index def8c733e..d87ee562f 100644 --- a/crd-catalog/open-policy-agent/gatekeeper/templates.gatekeeper.sh/v1beta1/constrainttemplates.yaml +++ b/crd-catalog/open-policy-agent/gatekeeper/templates.gatekeeper.sh/v1beta1/constrainttemplates.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.14.0" + controller-gen.kubebuilder.io/version: "v0.19.0" labels: gatekeeper.sh/system: "yes" name: "constrainttemplates.templates.gatekeeper.sh" @@ -83,6 +83,17 @@ spec: items: type: "string" type: "array" + operations: + items: + description: "OperationType specifies an operation for a request." + enum: + - "*" + - "CREATE" + - "DELETE" + - "UPDATE" + - "CONNECT" + type: "string" + type: "array" rego: type: "string" target: diff --git a/crd-catalog/opensearch-project/opensearch-k8s-operator/opensearch.opster.io/v1/opensearchclusters.yaml b/crd-catalog/opensearch-project/opensearch-k8s-operator/opensearch.opster.io/v1/opensearchclusters.yaml index 6640d2891..fe4c900a0 100644 --- a/crd-catalog/opensearch-project/opensearch-k8s-operator/opensearch.opster.io/v1/opensearchclusters.yaml +++ b/crd-catalog/opensearch-project/opensearch-k8s-operator/opensearch.opster.io/v1/opensearchclusters.yaml @@ -815,6 +815,16 @@ spec: path: description: "Path in the container to mount the volume at. Required." type: "string" + persistentVolumeClaim: + description: "PersistentVolumeClaim object to use to populate the volume" + properties: + claimName: + description: "The name of a PersistentVolumeClaim in the same namespace as the pod using this volume.\nMore info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims" + type: "string" + readOnly: + description: "Will force the ReadOnly setting in VolumeMounts.\nDefault false." + type: "boolean" + type: "object" projected: description: "Projected object to use to populate the volume" properties: @@ -2177,6 +2187,16 @@ spec: path: description: "Path in the container to mount the volume at. Required." type: "string" + persistentVolumeClaim: + description: "PersistentVolumeClaim object to use to populate the volume" + properties: + claimName: + description: "The name of a PersistentVolumeClaim in the same namespace as the pod using this volume.\nMore info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims" + type: "string" + readOnly: + description: "Will force the ReadOnly setting in VolumeMounts.\nDefault false." + type: "boolean" + type: "object" projected: description: "Projected object to use to populate the volume" properties: @@ -2721,6 +2741,7 @@ spec: serviceName: type: "string" setVMMaxMapCount: + default: true type: "boolean" snapshotRepositories: items: diff --git a/crd-catalog/percona/everest-operator/everest.percona.com/v1alpha1/databaseclusters.yaml b/crd-catalog/percona/everest-operator/everest.percona.com/v1alpha1/databaseclusters.yaml index 408217851..1f1fa3108 100644 --- a/crd-catalog/percona/everest-operator/everest.percona.com/v1alpha1/databaseclusters.yaml +++ b/crd-catalog/percona/everest-operator/everest.percona.com/v1alpha1/databaseclusters.yaml @@ -271,6 +271,17 @@ spec: - "storage" - "type" type: "object" + engineFeatures: + description: "EngineFeatures represents configuration of additional features for the database engine." + properties: + psmdb: + description: "PSMDB represents additional features for the PSMDB engine." + properties: + splitHorizonDnsConfigName: + description: "SplitHorizonDNSConfigName is the name of a SplitHorizonDNSConfig CR.\nThe SplitHorizonDNSConfig must be created in the same namespace as the DatabaseCluster." + type: "string" + type: "object" + type: "object" monitoring: description: "Monitoring is the monitoring configuration" properties: @@ -281,7 +292,7 @@ spec: description: "Resources defines resource limitations for the monitoring." properties: claims: - description: "Claims lists the names of resources, defined in spec.resourceClaims,\nthat are used by this container.\n\nThis is an alpha field and requires enabling the\nDynamicResourceAllocation feature gate.\n\nThis field is immutable. It can only be set for containers." + description: "Claims lists the names of resources, defined in spec.resourceClaims,\nthat are used by this container.\n\nThis field depends on the\nDynamicResourceAllocation feature gate.\n\nThis field is immutable. It can only be set for containers." items: description: "ResourceClaim references one entry in PodSpec.ResourceClaims." properties: @@ -474,6 +485,37 @@ spec: details: description: "Details provides full status of the upstream cluster as a plain text." type: "string" + engineFeatures: + description: "EngineFeaturesStatus represents additional features statuses for the database engine." + properties: + psmdb: + description: "PSMDB represents additional features statuses for the PSMDB engine." + properties: + splitHorizon: + description: "SplitHorizon status of SplitHorizon feature." + properties: + domains: + description: "SplitHorizon status of SplitHorizon feature." + items: + description: "SplitHorizonDomain defines SplitHorizon domain status (domain -> IPs mapping)." + properties: + domain: + description: "Domain is the SplitHorizon domain name." + type: "string" + privateIP: + description: "PrivateIP is the private IP address for the domain." + type: "string" + publicIP: + description: "PublicIP is the public IP address for the domain." + type: "string" + type: "object" + type: "array" + host: + description: "ConnectionURL is the connection URL using SplitHorizon domains." + type: "string" + type: "object" + type: "object" + type: "object" hostname: description: "Hostname is the hostname where the cluster can be reached" type: "string" diff --git a/crd-catalog/percona/everest-operator/everest.percona.com/v1alpha1/monitoringconfigs.yaml b/crd-catalog/percona/everest-operator/everest.percona.com/v1alpha1/monitoringconfigs.yaml index 5bfc6dfe8..3f10ea851 100644 --- a/crd-catalog/percona/everest-operator/everest.percona.com/v1alpha1/monitoringconfigs.yaml +++ b/crd-catalog/percona/everest-operator/everest.percona.com/v1alpha1/monitoringconfigs.yaml @@ -85,6 +85,9 @@ spec: description: "LastObservedGeneration is the most recent generation observed for this MonitoringConfig." format: "int64" type: "integer" + pmmServerVersion: + description: "PMMServerVersion shows PMM server version" + type: "string" type: "object" type: "object" served: true diff --git a/crd-catalog/percona/percona-xtradb-cluster-operator/pxc.percona.com/v1/perconaxtradbclusters.yaml b/crd-catalog/percona/percona-xtradb-cluster-operator/pxc.percona.com/v1/perconaxtradbclusters.yaml index b8c51ad5f..dc6867ed1 100644 --- a/crd-catalog/percona/percona-xtradb-cluster-operator/pxc.percona.com/v1/perconaxtradbclusters.yaml +++ b/crd-catalog/percona/percona-xtradb-cluster-operator/pxc.percona.com/v1/perconaxtradbclusters.yaml @@ -4411,6 +4411,29 @@ spec: runtimeClassName: type: "string" type: "object" + passwordGenerationOptions: + properties: + maxLength: + default: 20 + maximum: 32.0 + minimum: 8.0 + type: "integer" + minLength: + default: 16 + maximum: 32.0 + minimum: 8.0 + type: "integer" + symbols: + default: "!#$%&()*+,-.<=>?@[]^_{}~" + maxLength: 32 + type: "string" + required: + - "maxLength" + - "minLength" + - "symbols" + type: "object" + x-kubernetes-validations: + - rule: "self.maxLength > self.minLength" pause: type: "boolean" platform: @@ -10722,6 +10745,10 @@ spec: items: type: "string" type: "array" + caValidityDuration: + type: "string" + certValidityDuration: + type: "string" enabled: type: "boolean" issuerConf: diff --git a/crd-catalog/planetscale/vitess-operator/planetscale.com/v2/vitessclusters.yaml b/crd-catalog/planetscale/vitess-operator/planetscale.com/v2/vitessclusters.yaml index bd356045f..cb68ce812 100644 --- a/crd-catalog/planetscale/vitess-operator/planetscale.com/v2/vitessclusters.yaml +++ b/crd-catalog/planetscale/vitess-operator/planetscale.com/v2/vitessclusters.yaml @@ -2196,6 +2196,10 @@ spec: terminationGracePeriodSeconds: format: "int64" type: "integer" + vtbackupExtraFlags: + additionalProperties: + type: "string" + type: "object" required: - "resources" type: "object" @@ -2662,6 +2666,10 @@ spec: terminationGracePeriodSeconds: format: "int64" type: "integer" + vtbackupExtraFlags: + additionalProperties: + type: "string" + type: "object" required: - "resources" type: "object" diff --git a/crd-catalog/planetscale/vitess-operator/planetscale.com/v2/vitesskeyspaces.yaml b/crd-catalog/planetscale/vitess-operator/planetscale.com/v2/vitesskeyspaces.yaml index 95e544d08..7cd6ea1a1 100644 --- a/crd-catalog/planetscale/vitess-operator/planetscale.com/v2/vitesskeyspaces.yaml +++ b/crd-catalog/planetscale/vitess-operator/planetscale.com/v2/vitesskeyspaces.yaml @@ -672,6 +672,10 @@ spec: terminationGracePeriodSeconds: format: "int64" type: "integer" + vtbackupExtraFlags: + additionalProperties: + type: "string" + type: "object" required: - "resources" type: "object" @@ -1138,6 +1142,10 @@ spec: terminationGracePeriodSeconds: format: "int64" type: "integer" + vtbackupExtraFlags: + additionalProperties: + type: "string" + type: "object" required: - "resources" type: "object" diff --git a/crd-catalog/planetscale/vitess-operator/planetscale.com/v2/vitessshards.yaml b/crd-catalog/planetscale/vitess-operator/planetscale.com/v2/vitessshards.yaml index c5d597114..03c7b1295 100644 --- a/crd-catalog/planetscale/vitess-operator/planetscale.com/v2/vitessshards.yaml +++ b/crd-catalog/planetscale/vitess-operator/planetscale.com/v2/vitessshards.yaml @@ -655,6 +655,10 @@ spec: terminationGracePeriodSeconds: format: "int64" type: "integer" + vtbackupExtraFlags: + additionalProperties: + type: "string" + type: "object" required: - "resources" type: "object" diff --git a/crd-catalog/projectcalico/calico/crd.projectcalico.org/v1/felixconfigurations.yaml b/crd-catalog/projectcalico/calico/crd.projectcalico.org/v1/felixconfigurations.yaml index 00c21cde0..f9124ff3c 100644 --- a/crd-catalog/projectcalico/calico/crd.projectcalico.org/v1/felixconfigurations.yaml +++ b/crd-catalog/projectcalico/calico/crd.projectcalico.org/v1/felixconfigurations.yaml @@ -568,7 +568,6 @@ spec: enum: - "Disabled" - "Enabled" - - "Auto" type: "string" nftablesRefreshInterval: description: "NftablesRefreshInterval controls the interval at which Felix periodically refreshes the nftables rules. [Default: 90s]" diff --git a/crd-catalog/projectcapsule/capsule/capsule.clastix.io/v1beta1/tenants.yaml b/crd-catalog/projectcapsule/capsule/capsule.clastix.io/v1beta1/tenants.yaml index c42e6c2f2..949ac49d3 100644 --- a/crd-catalog/projectcapsule/capsule/capsule.clastix.io/v1beta1/tenants.yaml +++ b/crd-catalog/projectcapsule/capsule/capsule.clastix.io/v1beta1/tenants.yaml @@ -100,10 +100,12 @@ spec: description: "Specifies the trusted Image Registries assigned to the Tenant. Capsule assures that all Pods resources created in the Tenant can use only one of the allowed trusted registries. Optional." properties: allowed: + description: "Match exact elements which are allowed as class names within this tenant" items: type: "string" type: "array" allowedRegex: + description: "Match elements by regex (DEPRECATED)" type: "string" type: "object" imagePullPolicies: @@ -122,20 +124,24 @@ spec: description: "Specifies the allowed IngressClasses assigned to the Tenant. Capsule assures that all Ingress resources created in the Tenant can use only one of the allowed IngressClasses. Optional." properties: allowed: + description: "Match exact elements which are allowed as class names within this tenant" items: type: "string" type: "array" allowedRegex: + description: "Match elements by regex (DEPRECATED)" type: "string" type: "object" allowedHostnames: description: "Specifies the allowed hostnames in Ingresses for the given Tenant. Capsule assures that all Ingress resources created in the Tenant can use only one of the allowed hostnames. Optional." properties: allowed: + description: "Match exact elements which are allowed as class names within this tenant" items: type: "string" type: "array" allowedRegex: + description: "Match elements by regex (DEPRECATED)" type: "string" type: "object" hostnameCollisionScope: @@ -577,10 +583,12 @@ spec: description: "Specifies the allowed priorityClasses assigned to the Tenant. Capsule assures that all Pods resources created in the Tenant can use only one of the allowed PriorityClasses. Optional." properties: allowed: + description: "Match exact elements which are allowed as class names within this tenant" items: type: "string" type: "array" allowedRegex: + description: "Match elements by regex (DEPRECATED)" type: "string" type: "object" resourceQuotas: @@ -711,10 +719,12 @@ spec: description: "Specifies the allowed StorageClasses assigned to the Tenant. Capsule assures that all PersistentVolumeClaim resources created in the Tenant can use only one of the allowed StorageClasses. Optional." properties: allowed: + description: "Match exact elements which are allowed as class names within this tenant" items: type: "string" type: "array" allowedRegex: + description: "Match elements by regex (DEPRECATED)" type: "string" type: "object" required: diff --git a/crd-catalog/projectcapsule/capsule/capsule.clastix.io/v1beta2/capsuleconfigurations.yaml b/crd-catalog/projectcapsule/capsule/capsule.clastix.io/v1beta2/capsuleconfigurations.yaml index a683f2a64..f0a374f5d 100644 --- a/crd-catalog/projectcapsule/capsule/capsule.clastix.io/v1beta2/capsuleconfigurations.yaml +++ b/crd-catalog/projectcapsule/capsule/capsule.clastix.io/v1beta2/capsuleconfigurations.yaml @@ -29,6 +29,25 @@ spec: spec: description: "CapsuleConfigurationSpec defines the Capsule configuration." properties: + administrators: + description: "Define entities which can act as Administrators in the capsule construct\nThese entities are automatically owners for all existing tenants. Meaning they can add namespaces to any tenant. However they must be specific by using the capsule label\nfor interacting with namespaces. Because if that label is not defined, it's assumed that namespace interaction was not targeted towards a tenant and will therefor\nbe ignored by capsule." + items: + properties: + kind: + description: "Kind of entity. Possible values are \"User\", \"Group\", and \"ServiceAccount\"" + enum: + - "User" + - "Group" + - "ServiceAccount" + type: "string" + name: + description: "Name of the entity." + type: "string" + required: + - "kind" + - "name" + type: "object" + type: "array" allowServiceAccountPromotion: default: false description: "ServiceAccounts within tenant namespaces can be promoted to owners of the given tenant\nthis can be achieved by labeling the serviceaccount and then they are considered owners. This can only be done by other owners of the tenant.\nHowever ServiceAccounts which have been promoted to owner can not promote further serviceAccounts." diff --git a/crd-catalog/projectcapsule/capsule/capsule.clastix.io/v1beta2/tenants.yaml b/crd-catalog/projectcapsule/capsule/capsule.clastix.io/v1beta2/tenants.yaml index 8c9cc831f..9d48d3714 100644 --- a/crd-catalog/projectcapsule/capsule/capsule.clastix.io/v1beta2/tenants.yaml +++ b/crd-catalog/projectcapsule/capsule/capsule.clastix.io/v1beta2/tenants.yaml @@ -108,10 +108,12 @@ spec: description: "Specifies the trusted Image Registries assigned to the Tenant. Capsule assures that all Pods resources created in the Tenant can use only one of the allowed trusted registries. Optional." properties: allowed: + description: "Match exact elements which are allowed as class names within this tenant" items: type: "string" type: "array" allowedRegex: + description: "Match elements by regex (DEPRECATED)" type: "string" type: "object" cordoned: @@ -126,6 +128,14 @@ spec: properties: allowedClasses: properties: + allowed: + description: "Match exact elements which are allowed as class names within this tenant" + items: + type: "string" + type: "array" + allowedRegex: + description: "Match elements by regex (DEPRECATED)" + type: "string" default: type: "string" matchExpressions: @@ -178,10 +188,12 @@ spec: description: "Specifies the allowed IngressClasses assigned to the Tenant.\nCapsule assures that all Ingress resources created in the Tenant can use only one of the allowed IngressClasses.\nA default value can be specified, and all the Ingress resources created will inherit the declared class.\nOptional." properties: allowed: + description: "Match exact elements which are allowed as class names within this tenant" items: type: "string" type: "array" allowedRegex: + description: "Match elements by regex (DEPRECATED)" type: "string" default: type: "string" @@ -219,10 +231,12 @@ spec: description: "Specifies the allowed hostnames in Ingresses for the given Tenant. Capsule assures that all Ingress resources created in the Tenant can use only one of the allowed hostnames. Optional." properties: allowed: + description: "Match exact elements which are allowed as class names within this tenant" items: type: "string" type: "array" allowedRegex: + description: "Match elements by regex (DEPRECATED)" type: "string" type: "object" hostnameCollisionScope: @@ -706,7 +720,7 @@ spec: type: "string" type: "array" kind: - description: "Kind of tenant owner. Possible values are \"User\", \"Group\", and \"ServiceAccount\"" + description: "Kind of entity. Possible values are \"User\", \"Group\", and \"ServiceAccount\"" enum: - "User" - "Group" @@ -718,7 +732,7 @@ spec: description: "Additional Labels for the synchronized rolebindings" type: "object" name: - description: "Name of tenant owner." + description: "Name of the entity." type: "string" proxySettings: description: "Proxy settings for tenant owner." @@ -775,10 +789,12 @@ spec: description: "Specifies the allowed priorityClasses assigned to the Tenant.\nCapsule assures that all Pods resources created in the Tenant can use only one of the allowed PriorityClasses.\nA default value can be specified, and all the Pod resources created will inherit the declared class.\nOptional." properties: allowed: + description: "Match exact elements which are allowed as class names within this tenant" items: type: "string" type: "array" allowedRegex: + description: "Match elements by regex (DEPRECATED)" type: "string" default: type: "string" @@ -877,10 +893,12 @@ spec: description: "Specifies the allowed RuntimeClasses assigned to the Tenant.\nCapsule assures that all Pods resources created in the Tenant can use only one of the allowed RuntimeClasses.\nOptional." properties: allowed: + description: "Match exact elements which are allowed as class names within this tenant" items: type: "string" type: "array" allowedRegex: + description: "Match elements by regex (DEPRECATED)" type: "string" default: type: "string" @@ -981,10 +999,12 @@ spec: description: "Specifies the allowed StorageClasses assigned to the Tenant.\nCapsule assures that all PersistentVolumeClaim resources created in the Tenant can use only one of the allowed StorageClasses.\nA default value can be specified, and all the PersistentVolumeClaim resources created will inherit the declared class.\nOptional." properties: allowed: + description: "Match exact elements which are allowed as class names within this tenant" items: type: "string" type: "array" allowedRegex: + description: "Match elements by regex (DEPRECATED)" type: "string" default: type: "string" @@ -1022,6 +1042,30 @@ spec: status: description: "Returns the observed state of the Tenant." properties: + classes: + description: "Available Class Types within Tenant" + properties: + gateway: + description: "Available GatewayClasses" + items: + type: "string" + type: "array" + priority: + description: "Available PriorityClasses" + items: + type: "string" + type: "array" + runtime: + description: "Available StorageClasses" + items: + type: "string" + type: "array" + storage: + description: "Available Storageclasses (Only collected if any matching condition is specified)" + items: + type: "string" + type: "array" + type: "object" conditions: description: "Tenant Condition" items: diff --git a/crd-catalog/prometheus-operator/prometheus-operator/monitoring.coreos.com/v1/prometheuses.yaml b/crd-catalog/prometheus-operator/prometheus-operator/monitoring.coreos.com/v1/prometheuses.yaml index 237a791b5..70d6c4b40 100644 --- a/crd-catalog/prometheus-operator/prometheus-operator/monitoring.coreos.com/v1/prometheuses.yaml +++ b/crd-catalog/prometheus-operator/prometheus-operator/monitoring.coreos.com/v1/prometheuses.yaml @@ -4364,10 +4364,9 @@ spec: description: "managedIdentity defines the Azure User-assigned Managed identity.\nCannot be set at the same time as `oauth` or `sdk`." properties: clientId: - description: "clientId defines defines the Azure User-assigned Managed identity." + description: "clientId defines the Azure User-assigned Managed identity.\n\nFor Prometheus >= 3.5.0 and Thanos >= 0.40.0, this field is allowed to be empty to support system-assigned managed identities." + minLength: 1 type: "string" - required: - - "clientId" type: "object" oauth: description: "oauth defines the oauth config that is being used to authenticate.\nCannot be set at the same time as `managedIdentity` or `sdk`.\n\nIt requires Prometheus >= v2.48.0 or Thanos >= v0.31.0." diff --git a/crd-catalog/prometheus-operator/prometheus-operator/monitoring.coreos.com/v1/thanosrulers.yaml b/crd-catalog/prometheus-operator/prometheus-operator/monitoring.coreos.com/v1/thanosrulers.yaml index e4faca913..4487166c6 100644 --- a/crd-catalog/prometheus-operator/prometheus-operator/monitoring.coreos.com/v1/thanosrulers.yaml +++ b/crd-catalog/prometheus-operator/prometheus-operator/monitoring.coreos.com/v1/thanosrulers.yaml @@ -3006,10 +3006,9 @@ spec: description: "managedIdentity defines the Azure User-assigned Managed identity.\nCannot be set at the same time as `oauth` or `sdk`." properties: clientId: - description: "clientId defines defines the Azure User-assigned Managed identity." + description: "clientId defines the Azure User-assigned Managed identity.\n\nFor Prometheus >= 3.5.0 and Thanos >= 0.40.0, this field is allowed to be empty to support system-assigned managed identities." + minLength: 1 type: "string" - required: - - "clientId" type: "object" oauth: description: "oauth defines the oauth config that is being used to authenticate.\nCannot be set at the same time as `managedIdentity` or `sdk`.\n\nIt requires Prometheus >= v2.48.0 or Thanos >= v0.31.0." diff --git a/crd-catalog/prometheus-operator/prometheus-operator/monitoring.coreos.com/v1alpha1/alertmanagerconfigs.yaml b/crd-catalog/prometheus-operator/prometheus-operator/monitoring.coreos.com/v1alpha1/alertmanagerconfigs.yaml index 4b877c584..d7a45d01d 100644 --- a/crd-catalog/prometheus-operator/prometheus-operator/monitoring.coreos.com/v1alpha1/alertmanagerconfigs.yaml +++ b/crd-catalog/prometheus-operator/prometheus-operator/monitoring.coreos.com/v1alpha1/alertmanagerconfigs.yaml @@ -3582,6 +3582,9 @@ spec: message: description: "message defines the notification message content.\nThis is the main body text of the Pushover notification." type: "string" + monospace: + description: "monospace optional HTML/monospace formatting for the message, see https://pushover.net/api#html\nhtml and monospace formatting are mutually exclusive." + type: "boolean" priority: description: "priority defines the notification priority level.\nSee https://pushover.net/api#priority for valid values and behavior." type: "string" diff --git a/crd-catalog/prometheus-operator/prometheus-operator/monitoring.coreos.com/v1alpha1/prometheusagents.yaml b/crd-catalog/prometheus-operator/prometheus-operator/monitoring.coreos.com/v1alpha1/prometheusagents.yaml index aca6c21bd..1019f1e44 100644 --- a/crd-catalog/prometheus-operator/prometheus-operator/monitoring.coreos.com/v1alpha1/prometheusagents.yaml +++ b/crd-catalog/prometheus-operator/prometheus-operator/monitoring.coreos.com/v1alpha1/prometheusagents.yaml @@ -3328,10 +3328,9 @@ spec: description: "managedIdentity defines the Azure User-assigned Managed identity.\nCannot be set at the same time as `oauth` or `sdk`." properties: clientId: - description: "clientId defines defines the Azure User-assigned Managed identity." + description: "clientId defines the Azure User-assigned Managed identity.\n\nFor Prometheus >= 3.5.0 and Thanos >= 0.40.0, this field is allowed to be empty to support system-assigned managed identities." + minLength: 1 type: "string" - required: - - "clientId" type: "object" oauth: description: "oauth defines the oauth config that is being used to authenticate.\nCannot be set at the same time as `managedIdentity` or `sdk`.\n\nIt requires Prometheus >= v2.48.0 or Thanos >= v0.31.0." diff --git a/crd-catalog/prometheus-operator/prometheus-operator/monitoring.coreos.com/v1beta1/alertmanagerconfigs.yaml b/crd-catalog/prometheus-operator/prometheus-operator/monitoring.coreos.com/v1beta1/alertmanagerconfigs.yaml index 34aca4504..65f02ccc8 100644 --- a/crd-catalog/prometheus-operator/prometheus-operator/monitoring.coreos.com/v1beta1/alertmanagerconfigs.yaml +++ b/crd-catalog/prometheus-operator/prometheus-operator/monitoring.coreos.com/v1beta1/alertmanagerconfigs.yaml @@ -3479,6 +3479,9 @@ spec: message: description: "message defines the notification message content.\nThis is the main body text of the Pushover notification." type: "string" + monospace: + description: "monospace optional HTML/monospace formatting for the message, see https://pushover.net/api#html\nhtml and monospace formatting are mutually exclusive." + type: "boolean" priority: description: "priority defines the notification priority level.\nSee https://pushover.net/api#priority for valid values and behavior." type: "string" diff --git a/crd-catalog/ray-project/kuberay/ray.io/v1/rayclusters.yaml b/crd-catalog/ray-project/kuberay/ray.io/v1/rayclusters.yaml index 39d3f4f10..117192ca2 100644 --- a/crd-catalog/ray-project/kuberay/ray.io/v1/rayclusters.yaml +++ b/crd-catalog/ray-project/kuberay/ray.io/v1/rayclusters.yaml @@ -61,6 +61,14 @@ spec: type: "object" spec: properties: + authOptions: + properties: + mode: + enum: + - "disabled" + - "token" + type: "string" + type: "object" autoscalerOptions: properties: env: diff --git a/crd-catalog/ray-project/kuberay/ray.io/v1/rayjobs.yaml b/crd-catalog/ray-project/kuberay/ray.io/v1/rayjobs.yaml index a2d01e671..4333dc615 100644 --- a/crd-catalog/ray-project/kuberay/ray.io/v1/rayjobs.yaml +++ b/crd-catalog/ray-project/kuberay/ray.io/v1/rayjobs.yaml @@ -140,6 +140,14 @@ spec: type: "object" rayClusterSpec: properties: + authOptions: + properties: + mode: + enum: + - "disabled" + - "token" + type: "string" + type: "object" autoscalerOptions: properties: env: diff --git a/crd-catalog/ray-project/kuberay/ray.io/v1/rayservices.yaml b/crd-catalog/ray-project/kuberay/ray.io/v1/rayservices.yaml index 2451983b6..ce7529f80 100644 --- a/crd-catalog/ray-project/kuberay/ray.io/v1/rayservices.yaml +++ b/crd-catalog/ray-project/kuberay/ray.io/v1/rayservices.yaml @@ -41,6 +41,14 @@ spec: type: "boolean" rayClusterConfig: properties: + authOptions: + properties: + mode: + enum: + - "disabled" + - "token" + type: "string" + type: "object" autoscalerOptions: properties: env: diff --git a/crd-catalog/schemahero/schemahero/databases.schemahero.io/v1alpha4/databases.yaml b/crd-catalog/schemahero/schemahero/databases.schemahero.io/v1alpha4/databases.yaml index 283bd44e5..766f6e2a1 100644 --- a/crd-catalog/schemahero/schemahero/databases.schemahero.io/v1alpha4/databases.yaml +++ b/crd-catalog/schemahero/schemahero/databases.schemahero.io/v1alpha4/databases.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.14.0" + controller-gen.kubebuilder.io/version: "v0.19.0" name: "databases.databases.schemahero.io" spec: group: "databases.schemahero.io" diff --git a/crd-catalog/schemahero/schemahero/schemas.schemahero.io/v1alpha4/datatypes.yaml b/crd-catalog/schemahero/schemahero/schemas.schemahero.io/v1alpha4/datatypes.yaml index ab6fa2555..080bfab12 100644 --- a/crd-catalog/schemahero/schemahero/schemas.schemahero.io/v1alpha4/datatypes.yaml +++ b/crd-catalog/schemahero/schemahero/schemas.schemahero.io/v1alpha4/datatypes.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.14.0" + controller-gen.kubebuilder.io/version: "v0.19.0" name: "datatypes.schemas.schemahero.io" spec: group: "schemas.schemahero.io" diff --git a/crd-catalog/schemahero/schemahero/schemas.schemahero.io/v1alpha4/migrations.yaml b/crd-catalog/schemahero/schemahero/schemas.schemahero.io/v1alpha4/migrations.yaml index 75ee9f923..7d7e8ba85 100644 --- a/crd-catalog/schemahero/schemahero/schemas.schemahero.io/v1alpha4/migrations.yaml +++ b/crd-catalog/schemahero/schemahero/schemas.schemahero.io/v1alpha4/migrations.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.14.0" + controller-gen.kubebuilder.io/version: "v0.19.0" name: "migrations.schemas.schemahero.io" spec: group: "schemas.schemahero.io" diff --git a/crd-catalog/schemahero/schemahero/schemas.schemahero.io/v1alpha4/tables.yaml b/crd-catalog/schemahero/schemahero/schemas.schemahero.io/v1alpha4/tables.yaml index 80b65bf5e..9986d38d3 100644 --- a/crd-catalog/schemahero/schemahero/schemas.schemahero.io/v1alpha4/tables.yaml +++ b/crd-catalog/schemahero/schemahero/schemas.schemahero.io/v1alpha4/tables.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.14.0" + controller-gen.kubebuilder.io/version: "v0.19.0" name: "tables.schemas.schemahero.io" spec: group: "schemas.schemahero.io" @@ -255,6 +255,9 @@ spec: required: - "events" type: "object" + x-kubernetes-validations: + - message: "exactly one of the fields in [execute executeProcedure] must be set" + rule: "[has(self.execute),has(self.executeProcedure)].filter(x,x==true).size() == 1" type: "array" primaryKey: items: @@ -319,8 +322,14 @@ spec: required: - "events" type: "object" + x-kubernetes-validations: + - message: "exactly one of the fields in [execute executeProcedure] must be set" + rule: "[has(self.execute),has(self.executeProcedure)].filter(x,x==true).size() == 1" type: "array" type: "object" + x-kubernetes-validations: + - message: "exactly one of the fields in [triggers json:triggers] must be set" + rule: "[has(self.triggers),has(self.json:triggers)].filter(x,x==true).size() == 1" mysql: properties: collation: @@ -538,6 +547,9 @@ spec: required: - "events" type: "object" + x-kubernetes-validations: + - message: "exactly one of the fields in [execute executeProcedure] must be set" + rule: "[has(self.execute),has(self.executeProcedure)].filter(x,x==true).size() == 1" type: "array" primaryKey: items: @@ -602,8 +614,14 @@ spec: required: - "events" type: "object" + x-kubernetes-validations: + - message: "exactly one of the fields in [execute executeProcedure] must be set" + rule: "[has(self.execute),has(self.executeProcedure)].filter(x,x==true).size() == 1" type: "array" type: "object" + x-kubernetes-validations: + - message: "exactly one of the fields in [triggers json:triggers] must be set" + rule: "[has(self.triggers),has(self.json:triggers)].filter(x,x==true).size() == 1" rqlite: properties: columns: @@ -946,6 +964,9 @@ spec: required: - "events" type: "object" + x-kubernetes-validations: + - message: "exactly one of the fields in [execute executeProcedure] must be set" + rule: "[has(self.execute),has(self.executeProcedure)].filter(x,x==true).size() == 1" type: "array" type: "object" type: "object" diff --git a/crd-catalog/stackabletech/opa-operator/opa.stackable.tech/v1alpha1/opaclusters.yaml b/crd-catalog/stackabletech/opa-operator/opa.stackable.tech/v1alpha1/opaclusters.yaml index 647111ef1..9abb6ab1a 100644 --- a/crd-catalog/stackabletech/opa-operator/opa.stackable.tech/v1alpha1/opaclusters.yaml +++ b/crd-catalog/stackabletech/opa-operator/opa.stackable.tech/v1alpha1/opaclusters.yaml @@ -67,6 +67,8 @@ spec: - "experimentalActiveDirectory" - required: - "experimentalEntra" + - required: + - "experimentalOpenLdap" properties: experimentalActiveDirectory: description: "Backend that fetches user information from Active Directory" @@ -210,6 +212,123 @@ spec: - "clientCredentialsSecret" - "tenantId" type: "object" + experimentalOpenLdap: + description: "Backend that fetches user information from OpenLDAP" + properties: + bindCredentials: + description: "Credentials for binding to the LDAP server.\n\nThe bind account is used to search for users and groups in the LDAP directory." + properties: + scope: + description: "[Scope](https://docs.stackable.tech/home/nightly/secret-operator/scope) of the\n[SecretClass](https://docs.stackable.tech/home/nightly/secret-operator/secretclass)." + nullable: true + properties: + listenerVolumes: + default: [] + description: "The listener volume scope allows Node and Service scopes to be inferred from the applicable listeners.\nThis must correspond to Volume names in the Pod that mount Listeners." + items: + type: "string" + type: "array" + node: + default: false + description: "The node scope is resolved to the name of the Kubernetes Node object that the Pod is running on.\nThis will typically be the DNS name of the node." + type: "boolean" + pod: + default: false + description: "The pod scope is resolved to the name of the Kubernetes Pod.\nThis allows the secret to differentiate between StatefulSet replicas." + type: "boolean" + services: + default: [] + description: "The service scope allows Pod objects to specify custom scopes.\nThis should typically correspond to Service objects that the Pod participates in." + items: + type: "string" + type: "array" + type: "object" + secretClass: + description: "[SecretClass](https://docs.stackable.tech/home/nightly/secret-operator/secretclass) containing the LDAP bind credentials." + type: "string" + required: + - "secretClass" + type: "object" + customAttributeMappings: + additionalProperties: + type: "string" + default: {} + description: "Custom attributes, and their LDAP attribute names." + type: "object" + groupMemberAttribute: + default: "member" + description: "LDAP attribute on group objects that contains member references.\n\nCommon values:\n- `member`: For `groupOfNames` objects (uses full DN)\n- `memberUid`: For `posixGroup` objects (uses username)\n\nDefaults to `member`." + type: "string" + groupsSearchBase: + description: "LDAP search base for groups, e.g. `ou=groups,dc=example,dc=org`.\n\nIf not specified, uses the main `searchBase`." + nullable: true + type: "string" + hostname: + description: "Hostname of the LDAP server, e.g. `my.ldap.server`." + type: "string" + port: + description: "Port of the LDAP server. If TLS is used defaults to `636`, otherwise to `389`." + format: "uint16" + maximum: 65535.0 + minimum: 0.0 + nullable: true + type: "integer" + searchBase: + default: "" + description: "LDAP search base, e.g. `ou=users,dc=example,dc=org`." + type: "string" + tls: + description: "Use a TLS connection. If not specified no TLS will be used." + nullable: true + properties: + verification: + description: "The verification method used to verify the certificates of the server and/or the client." + oneOf: + - required: + - "none" + - required: + - "server" + properties: + none: + description: "Use TLS but don't verify certificates." + type: "object" + server: + description: "Use TLS and a CA certificate to verify the server." + properties: + caCert: + description: "CA cert to verify the server." + oneOf: + - required: + - "webPki" + - required: + - "secretClass" + properties: + secretClass: + description: "Name of the [SecretClass](https://docs.stackable.tech/home/nightly/secret-operator/secretclass) which will provide the CA certificate.\nNote that a SecretClass does not need to have a key but can also work with just a CA certificate,\nso if you got provided with a CA cert but don't have access to the key you can still use this method." + type: "string" + webPki: + description: "Use TLS and the CA certificates trusted by the common web browsers to verify the server.\nThis can be useful when you e.g. use public AWS S3 or other public available services." + type: "object" + type: "object" + required: + - "caCert" + type: "object" + type: "object" + required: + - "verification" + type: "object" + userIdAttribute: + default: "entryUUID" + description: "LDAP attribute used for the user's unique identifier. Defaults to `entryUUID`." + type: "string" + userNameAttribute: + default: "uid" + description: "LDAP attribute used for the username. Defaults to `uid`." + type: "string" + required: + - "bindCredentials" + - "hostname" + type: "object" experimentalXfscAas: description: "Backend that fetches user information from the Gaia-X\nCross Federation Services Components (XFSC) Authentication & Authorization Service." properties: diff --git a/crd-catalog/volcano-sh/volcano/batch.volcano.sh/v1alpha1/jobs.yaml b/crd-catalog/volcano-sh/volcano/batch.volcano.sh/v1alpha1/jobs.yaml index 0eef0e20a..bef5d44a9 100644 --- a/crd-catalog/volcano-sh/volcano/batch.volcano.sh/v1alpha1/jobs.yaml +++ b/crd-catalog/volcano-sh/volcano/batch.volcano.sh/v1alpha1/jobs.yaml @@ -59,8 +59,9 @@ spec: networkTopology: properties: highestTierAllowed: - default: 1 type: "integer" + highestTierName: + type: "string" mode: default: "hard" enum: @@ -144,6 +145,35 @@ spec: type: "integer" name: type: "string" + partitionPolicy: + properties: + minPartitions: + default: 0 + format: "int32" + type: "integer" + networkTopology: + properties: + highestTierAllowed: + type: "integer" + highestTierName: + type: "string" + mode: + default: "hard" + enum: + - "hard" + - "soft" + type: "string" + type: "object" + partitionSize: + format: "int32" + type: "integer" + totalPartitions: + format: "int32" + type: "integer" + required: + - "partitionSize" + - "totalPartitions" + type: "object" policies: items: properties: diff --git a/crd-catalog/volcano-sh/volcano/flow.volcano.sh/v1alpha1/jobflows.yaml b/crd-catalog/volcano-sh/volcano/flow.volcano.sh/v1alpha1/jobflows.yaml index 689e53e75..d1d9f33cb 100644 --- a/crd-catalog/volcano-sh/volcano/flow.volcano.sh/v1alpha1/jobflows.yaml +++ b/crd-catalog/volcano-sh/volcano/flow.volcano.sh/v1alpha1/jobflows.yaml @@ -113,8 +113,9 @@ spec: networkTopology: properties: highestTierAllowed: - default: 1 type: "integer" + highestTierName: + type: "string" mode: default: "hard" enum: @@ -198,6 +199,35 @@ spec: type: "integer" name: type: "string" + partitionPolicy: + properties: + minPartitions: + default: 0 + format: "int32" + type: "integer" + networkTopology: + properties: + highestTierAllowed: + type: "integer" + highestTierName: + type: "string" + mode: + default: "hard" + enum: + - "hard" + - "soft" + type: "string" + type: "object" + partitionSize: + format: "int32" + type: "integer" + totalPartitions: + format: "int32" + type: "integer" + required: + - "partitionSize" + - "totalPartitions" + type: "object" policies: items: properties: diff --git a/crd-catalog/volcano-sh/volcano/flow.volcano.sh/v1alpha1/jobtemplates.yaml b/crd-catalog/volcano-sh/volcano/flow.volcano.sh/v1alpha1/jobtemplates.yaml index 3944ed913..efd28ee8f 100644 --- a/crd-catalog/volcano-sh/volcano/flow.volcano.sh/v1alpha1/jobtemplates.yaml +++ b/crd-catalog/volcano-sh/volcano/flow.volcano.sh/v1alpha1/jobtemplates.yaml @@ -41,8 +41,9 @@ spec: networkTopology: properties: highestTierAllowed: - default: 1 type: "integer" + highestTierName: + type: "string" mode: default: "hard" enum: @@ -126,6 +127,35 @@ spec: type: "integer" name: type: "string" + partitionPolicy: + properties: + minPartitions: + default: 0 + format: "int32" + type: "integer" + networkTopology: + properties: + highestTierAllowed: + type: "integer" + highestTierName: + type: "string" + mode: + default: "hard" + enum: + - "hard" + - "soft" + type: "string" + type: "object" + partitionSize: + format: "int32" + type: "integer" + totalPartitions: + format: "int32" + type: "integer" + required: + - "partitionSize" + - "totalPartitions" + type: "object" policies: items: properties: diff --git a/crd-catalog/volcano-sh/volcano/scheduling.volcano.sh/v1beta1/podgroups.yaml b/crd-catalog/volcano-sh/volcano/scheduling.volcano.sh/v1beta1/podgroups.yaml index b3b76b181..19f485236 100644 --- a/crd-catalog/volcano-sh/volcano/scheduling.volcano.sh/v1beta1/podgroups.yaml +++ b/crd-catalog/volcano-sh/volcano/scheduling.volcano.sh/v1beta1/podgroups.yaml @@ -72,9 +72,11 @@ spec: description: "NetworkTopology defines the NetworkTopology config, this field works in conjunction with network topology feature and hyperNode CRD." properties: highestTierAllowed: - default: 1 description: "HighestTierAllowed specifies the highest tier that a job allowed to cross when scheduling." type: "integer" + highestTierName: + description: "HighestTierName specifies the highest tier name that a job allowed to cross when scheduling.\nHighestTierName and HighestTierAllowed cannot be set simultaneously." + type: "string" mode: default: "hard" description: "Mode specifies the mode of the network topology constrain." @@ -90,6 +92,50 @@ spec: default: "default" description: "Queue defines the queue to allocate resource for PodGroup; if queue does not exist,\nthe PodGroup will not be scheduled. Defaults to `default` Queue with the lowest weight." type: "string" + subGroupPolicy: + description: "SubGroupPolicy defines policies for dividing all pods within the podGroup into multiple groups." + items: + properties: + matchPolicy: + description: "MatchPolicy defines matching strategies for different groups, where pods with the same labelKey value are grouped together.\nThe LabelKey in the list is unique." + items: + properties: + labelKey: + description: "LabelKey specifies the label key used to group pods." + type: "string" + type: "object" + type: "array" + minSubGroups: + default: 0 + description: "MinSubGroups defines the minimum number of sub-affinity groups required." + format: "int32" + type: "integer" + name: + description: "Name specifies the name of SubGroupPolicy" + type: "string" + networkTopology: + description: "NetworkTopology defines the NetworkTopology config, this field works in conjunction with network topology feature and hyperNode CRD." + properties: + highestTierAllowed: + description: "HighestTierAllowed specifies the highest tier that a job allowed to cross when scheduling." + type: "integer" + highestTierName: + description: "HighestTierName specifies the highest tier name that a job allowed to cross when scheduling.\nHighestTierName and HighestTierAllowed cannot be set simultaneously." + type: "string" + mode: + default: "hard" + description: "Mode specifies the mode of the network topology constrain." + enum: + - "hard" + - "soft" + type: "string" + type: "object" + subGroupSize: + description: "SubGroupSize defines the number of pods in each sub-affinity group.\nOnly when a subGroup of pods, with a size of \"subGroupSize\", can satisfy the network topology constraint then will the subGroup be scheduled." + format: "int32" + type: "integer" + type: "object" + type: "array" type: "object" status: description: "Status represents the current information about a pod group.\nThis data may not be up to date." diff --git a/crd-catalog/volcano-sh/volcano/topology.volcano.sh/v1alpha1/hypernodes.yaml b/crd-catalog/volcano-sh/volcano/topology.volcano.sh/v1alpha1/hypernodes.yaml index 0afeddbfe..98f3e4390 100644 --- a/crd-catalog/volcano-sh/volcano/topology.volcano.sh/v1alpha1/hypernodes.yaml +++ b/crd-catalog/volcano-sh/volcano/topology.volcano.sh/v1alpha1/hypernodes.yaml @@ -19,6 +19,9 @@ spec: - jsonPath: ".spec.tier" name: "Tier" type: "string" + - jsonPath: ".spec.tierName" + name: "TierName" + type: "string" - jsonPath: ".status.nodeCount" name: "NodeCount" type: "integer" @@ -115,6 +118,9 @@ spec: tier: description: "Tier categorizes the performance level of the HyperNode." type: "integer" + tierName: + description: "TierName represents the level name of the HyperNode." + type: "string" required: - "tier" type: "object" diff --git a/custom-resources/amd_com/src/v1alpha1/deviceconfigs.rs b/custom-resources/amd_com/src/v1alpha1/deviceconfigs.rs index d3eed290f..e97a8ead1 100644 --- a/custom-resources/amd_com/src/v1alpha1/deviceconfigs.rs +++ b/custom-resources/amd_com/src/v1alpha1/deviceconfigs.rs @@ -401,6 +401,11 @@ pub struct DeviceConfigDriver { /// policy to upgrade the drivers #[serde(default, skip_serializing_if = "Option::is_none", rename = "upgradePolicy")] pub upgrade_policy: Option, + /// NOTE: currently only for OpenShift cluster + /// set to true to use source image to build driver image on the fly + /// otherwise use installer debian/rpm packages from radeon repo to build driver image + #[serde(default, skip_serializing_if = "Option::is_none", rename = "useSourceImage")] + pub use_source_image: Option, /// version of the drivers source code, can be used as part of image of dockerfile source image /// default value for different OS is: ubuntu: 6.1.3, coreOS: 6.2.2 #[serde(default, skip_serializing_if = "Option::is_none")] @@ -427,15 +432,25 @@ pub enum DeviceConfigDriverDriverType { pub struct DeviceConfigDriverImageBuild { /// image registry to fetch base image for building driver image, default value is docker.io, the builder will search for corresponding OS base image from given registry /// e.g. if your worker node is using Ubuntu 22.04, by default the base image would be docker.io/ubuntu:22.04 + /// Use spec.driver.imageRegistrySecret for authentication with private registries. /// NOTE: this field won't apply for OpenShift since OpenShift is using its own DriverToolKit image to build driver image #[serde(default, skip_serializing_if = "Option::is_none", rename = "baseImageRegistry")] pub base_image_registry: Option, /// TLS settings for fetching base image + /// this field will be applied to SourceImageRepo as well #[serde(default, skip_serializing_if = "Option::is_none", rename = "baseImageRegistryTLS")] pub base_image_registry_tls: Option, + /// SourceImageRepo specifies the image repository for the driver source code (OpenShift only). + /// Used when spec.driver.useSourceImage is true. The operator automatically determines the image tag + /// based on cluster RHEL version and spec.driver.version (format: coreos--). + /// Default: docker.io/rocm/amdgpu-driver + /// Use spec.driver.imageRegistrySecret for authentication with private registries. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "sourceImageRepo")] + pub source_image_repo: Option, } /// TLS settings for fetching base image +/// this field will be applied to SourceImageRepo as well #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct DeviceConfigDriverImageBuildBaseImageRegistryTls { /// If true, check if the container image already exists using plain HTTP. diff --git a/custom-resources/anywhere_eks_amazonaws_com/src/v1alpha1/bundles.rs b/custom-resources/anywhere_eks_amazonaws_com/src/v1alpha1/bundles.rs index c3cebb0a5..63863d135 100644 --- a/custom-resources/anywhere_eks_amazonaws_com/src/v1alpha1/bundles.rs +++ b/custom-resources/anywhere_eks_amazonaws_com/src/v1alpha1/bundles.rs @@ -33,6 +33,8 @@ pub struct BundlesVersionsBundles { #[serde(default, skip_serializing_if = "Option::is_none")] pub aws: Option, pub bootstrap: BundlesVersionsBundlesBootstrap, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "bottlerocketBootstrapContainers")] + pub bottlerocket_bootstrap_containers: Option, #[serde(rename = "bottlerocketHostContainers")] pub bottlerocket_host_containers: BundlesVersionsBundlesBottlerocketHostContainers, #[serde(rename = "certManager")] @@ -269,6 +271,46 @@ pub struct BundlesVersionsBundlesBootstrapMetadata { pub uri: Option, } +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct BundlesVersionsBundlesBottlerocketBootstrapContainers { + #[serde(default, skip_serializing_if = "Option::is_none", rename = "multiNetworkBootstrap")] + pub multi_network_bootstrap: Option, +} + +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct BundlesVersionsBundlesBottlerocketBootstrapContainersMultiNetworkBootstrap { + /// Architectures of the asset + #[serde(default, skip_serializing_if = "Option::is_none")] + pub arch: Option>, + #[serde(default, skip_serializing_if = "Option::is_none")] + pub description: Option, + /// The SHA256 digest of the image manifest + #[serde(default, skip_serializing_if = "Option::is_none", rename = "imageDigest")] + pub image_digest: Option, + /// The asset name + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, + /// Operating system of the asset + #[serde(default, skip_serializing_if = "Option::is_none")] + pub os: Option, + /// Name of the OS like ubuntu, bottlerocket + #[serde(default, skip_serializing_if = "Option::is_none", rename = "osName")] + pub os_name: Option, + /// The image repository, name, and tag + #[serde(default, skip_serializing_if = "Option::is_none")] + pub uri: Option, +} + +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub enum BundlesVersionsBundlesBottlerocketBootstrapContainersMultiNetworkBootstrapOs { + #[serde(rename = "linux")] + Linux, + #[serde(rename = "darwin")] + Darwin, + #[serde(rename = "windows")] + Windows, +} + #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct BundlesVersionsBundlesBottlerocketHostContainers { pub admin: BundlesVersionsBundlesBottlerocketHostContainersAdmin, diff --git a/custom-resources/asdb_aerospike_com/src/v1/aerospikeclusters.rs b/custom-resources/asdb_aerospike_com/src/v1/aerospikeclusters.rs index 8d99ddabf..597549ef1 100644 --- a/custom-resources/asdb_aerospike_com/src/v1/aerospikeclusters.rs +++ b/custom-resources/asdb_aerospike_com/src/v1/aerospikeclusters.rs @@ -1172,7 +1172,6 @@ pub struct AerospikeClusterPodSpecAffinityPodAffinityPreferredDuringSchedulingIg /// pod labels will be ignored. The default value is empty. /// The same key is forbidden to exist in both matchLabelKeys and labelSelector. /// Also, matchLabelKeys cannot be set when labelSelector isn't set. - /// This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] pub match_label_keys: Option>, /// MismatchLabelKeys is a set of pod label keys to select which pods will @@ -1183,7 +1182,6 @@ pub struct AerospikeClusterPodSpecAffinityPodAffinityPreferredDuringSchedulingIg /// pod labels will be ignored. The default value is empty. /// The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. /// Also, mismatchLabelKeys cannot be set when labelSelector isn't set. - /// This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] pub mismatch_label_keys: Option>, /// A label query over the set of namespaces that the term applies to. @@ -1293,7 +1291,6 @@ pub struct AerospikeClusterPodSpecAffinityPodAffinityRequiredDuringSchedulingIgn /// pod labels will be ignored. The default value is empty. /// The same key is forbidden to exist in both matchLabelKeys and labelSelector. /// Also, matchLabelKeys cannot be set when labelSelector isn't set. - /// This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] pub match_label_keys: Option>, /// MismatchLabelKeys is a set of pod label keys to select which pods will @@ -1304,7 +1301,6 @@ pub struct AerospikeClusterPodSpecAffinityPodAffinityRequiredDuringSchedulingIgn /// pod labels will be ignored. The default value is empty. /// The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. /// Also, mismatchLabelKeys cannot be set when labelSelector isn't set. - /// This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] pub mismatch_label_keys: Option>, /// A label query over the set of namespaces that the term applies to. @@ -1445,7 +1441,6 @@ pub struct AerospikeClusterPodSpecAffinityPodAntiAffinityPreferredDuringScheduli /// pod labels will be ignored. The default value is empty. /// The same key is forbidden to exist in both matchLabelKeys and labelSelector. /// Also, matchLabelKeys cannot be set when labelSelector isn't set. - /// This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] pub match_label_keys: Option>, /// MismatchLabelKeys is a set of pod label keys to select which pods will @@ -1456,7 +1451,6 @@ pub struct AerospikeClusterPodSpecAffinityPodAntiAffinityPreferredDuringScheduli /// pod labels will be ignored. The default value is empty. /// The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. /// Also, mismatchLabelKeys cannot be set when labelSelector isn't set. - /// This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] pub mismatch_label_keys: Option>, /// A label query over the set of namespaces that the term applies to. @@ -1566,7 +1560,6 @@ pub struct AerospikeClusterPodSpecAffinityPodAntiAffinityRequiredDuringSchedulin /// pod labels will be ignored. The default value is empty. /// The same key is forbidden to exist in both matchLabelKeys and labelSelector. /// Also, matchLabelKeys cannot be set when labelSelector isn't set. - /// This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] pub match_label_keys: Option>, /// MismatchLabelKeys is a set of pod label keys to select which pods will @@ -1577,7 +1570,6 @@ pub struct AerospikeClusterPodSpecAffinityPodAntiAffinityRequiredDuringSchedulin /// pod labels will be ignored. The default value is empty. /// The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. /// Also, mismatchLabelKeys cannot be set when labelSelector isn't set. - /// This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] pub mismatch_label_keys: Option>, /// A label query over the set of namespaces that the term applies to. @@ -1981,13 +1973,13 @@ pub struct AerospikeClusterPodSpecInitContainersEnvValueFromSecretKeyRef { pub optional: Option, } -/// EnvFromSource represents the source of a set of ConfigMaps +/// EnvFromSource represents the source of a set of ConfigMaps or Secrets #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct AerospikeClusterPodSpecInitContainersEnvFrom { /// The ConfigMap to select from #[serde(default, skip_serializing_if = "Option::is_none", rename = "configMapRef")] pub config_map_ref: Option, - /// An optional identifier to prepend to each key in the ConfigMap. Must be a C_IDENTIFIER. + /// Optional text to prepend to the name of each environment variable. Must be a C_IDENTIFIER. #[serde(default, skip_serializing_if = "Option::is_none")] pub prefix: Option, /// The Secret to select from @@ -2046,6 +2038,11 @@ pub struct AerospikeClusterPodSpecInitContainersLifecycle { /// More info: #[serde(default, skip_serializing_if = "Option::is_none", rename = "preStop")] pub pre_stop: Option, + /// StopSignal defines which signal will be sent to a container when it is being stopped. + /// If not specified, the default is defined by the container runtime in use. + /// StopSignal can only be set for Pods with a non-empty .spec.os.name + #[serde(default, skip_serializing_if = "Option::is_none", rename = "stopSignal")] + pub stop_signal: Option, } /// PostStart is called immediately after a container is created. If the handler fails, @@ -3428,13 +3425,13 @@ pub struct AerospikeClusterPodSpecSidecarsEnvValueFromSecretKeyRef { pub optional: Option, } -/// EnvFromSource represents the source of a set of ConfigMaps +/// EnvFromSource represents the source of a set of ConfigMaps or Secrets #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct AerospikeClusterPodSpecSidecarsEnvFrom { /// The ConfigMap to select from #[serde(default, skip_serializing_if = "Option::is_none", rename = "configMapRef")] pub config_map_ref: Option, - /// An optional identifier to prepend to each key in the ConfigMap. Must be a C_IDENTIFIER. + /// Optional text to prepend to the name of each environment variable. Must be a C_IDENTIFIER. #[serde(default, skip_serializing_if = "Option::is_none")] pub prefix: Option, /// The Secret to select from @@ -3493,6 +3490,11 @@ pub struct AerospikeClusterPodSpecSidecarsLifecycle { /// More info: #[serde(default, skip_serializing_if = "Option::is_none", rename = "preStop")] pub pre_stop: Option, + /// StopSignal defines which signal will be sent to a container when it is being stopped. + /// If not specified, the default is defined by the container runtime in use. + /// StopSignal can only be set for Pods with a non-empty .spec.os.name + #[serde(default, skip_serializing_if = "Option::is_none", rename = "stopSignal")] + pub stop_signal: Option, } /// PostStart is called immediately after a container is created. If the handler fails, @@ -4702,7 +4704,6 @@ pub struct AerospikeClusterRackConfigRacksEffectivePodSpecAffinityPodAffinityPre /// pod labels will be ignored. The default value is empty. /// The same key is forbidden to exist in both matchLabelKeys and labelSelector. /// Also, matchLabelKeys cannot be set when labelSelector isn't set. - /// This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] pub match_label_keys: Option>, /// MismatchLabelKeys is a set of pod label keys to select which pods will @@ -4713,7 +4714,6 @@ pub struct AerospikeClusterRackConfigRacksEffectivePodSpecAffinityPodAffinityPre /// pod labels will be ignored. The default value is empty. /// The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. /// Also, mismatchLabelKeys cannot be set when labelSelector isn't set. - /// This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] pub mismatch_label_keys: Option>, /// A label query over the set of namespaces that the term applies to. @@ -4823,7 +4823,6 @@ pub struct AerospikeClusterRackConfigRacksEffectivePodSpecAffinityPodAffinityReq /// pod labels will be ignored. The default value is empty. /// The same key is forbidden to exist in both matchLabelKeys and labelSelector. /// Also, matchLabelKeys cannot be set when labelSelector isn't set. - /// This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] pub match_label_keys: Option>, /// MismatchLabelKeys is a set of pod label keys to select which pods will @@ -4834,7 +4833,6 @@ pub struct AerospikeClusterRackConfigRacksEffectivePodSpecAffinityPodAffinityReq /// pod labels will be ignored. The default value is empty. /// The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. /// Also, mismatchLabelKeys cannot be set when labelSelector isn't set. - /// This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] pub mismatch_label_keys: Option>, /// A label query over the set of namespaces that the term applies to. @@ -4975,7 +4973,6 @@ pub struct AerospikeClusterRackConfigRacksEffectivePodSpecAffinityPodAntiAffinit /// pod labels will be ignored. The default value is empty. /// The same key is forbidden to exist in both matchLabelKeys and labelSelector. /// Also, matchLabelKeys cannot be set when labelSelector isn't set. - /// This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] pub match_label_keys: Option>, /// MismatchLabelKeys is a set of pod label keys to select which pods will @@ -4986,7 +4983,6 @@ pub struct AerospikeClusterRackConfigRacksEffectivePodSpecAffinityPodAntiAffinit /// pod labels will be ignored. The default value is empty. /// The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. /// Also, mismatchLabelKeys cannot be set when labelSelector isn't set. - /// This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] pub mismatch_label_keys: Option>, /// A label query over the set of namespaces that the term applies to. @@ -5096,7 +5092,6 @@ pub struct AerospikeClusterRackConfigRacksEffectivePodSpecAffinityPodAntiAffinit /// pod labels will be ignored. The default value is empty. /// The same key is forbidden to exist in both matchLabelKeys and labelSelector. /// Also, matchLabelKeys cannot be set when labelSelector isn't set. - /// This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] pub match_label_keys: Option>, /// MismatchLabelKeys is a set of pod label keys to select which pods will @@ -5107,7 +5102,6 @@ pub struct AerospikeClusterRackConfigRacksEffectivePodSpecAffinityPodAntiAffinit /// pod labels will be ignored. The default value is empty. /// The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. /// Also, mismatchLabelKeys cannot be set when labelSelector isn't set. - /// This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] pub mismatch_label_keys: Option>, /// A label query over the set of namespaces that the term applies to. @@ -6073,7 +6067,6 @@ pub struct AerospikeClusterRackConfigRacksPodSpecAffinityPodAffinityPreferredDur /// pod labels will be ignored. The default value is empty. /// The same key is forbidden to exist in both matchLabelKeys and labelSelector. /// Also, matchLabelKeys cannot be set when labelSelector isn't set. - /// This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] pub match_label_keys: Option>, /// MismatchLabelKeys is a set of pod label keys to select which pods will @@ -6084,7 +6077,6 @@ pub struct AerospikeClusterRackConfigRacksPodSpecAffinityPodAffinityPreferredDur /// pod labels will be ignored. The default value is empty. /// The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. /// Also, mismatchLabelKeys cannot be set when labelSelector isn't set. - /// This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] pub mismatch_label_keys: Option>, /// A label query over the set of namespaces that the term applies to. @@ -6194,7 +6186,6 @@ pub struct AerospikeClusterRackConfigRacksPodSpecAffinityPodAffinityRequiredDuri /// pod labels will be ignored. The default value is empty. /// The same key is forbidden to exist in both matchLabelKeys and labelSelector. /// Also, matchLabelKeys cannot be set when labelSelector isn't set. - /// This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] pub match_label_keys: Option>, /// MismatchLabelKeys is a set of pod label keys to select which pods will @@ -6205,7 +6196,6 @@ pub struct AerospikeClusterRackConfigRacksPodSpecAffinityPodAffinityRequiredDuri /// pod labels will be ignored. The default value is empty. /// The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. /// Also, mismatchLabelKeys cannot be set when labelSelector isn't set. - /// This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] pub mismatch_label_keys: Option>, /// A label query over the set of namespaces that the term applies to. @@ -6346,7 +6336,6 @@ pub struct AerospikeClusterRackConfigRacksPodSpecAffinityPodAntiAffinityPreferre /// pod labels will be ignored. The default value is empty. /// The same key is forbidden to exist in both matchLabelKeys and labelSelector. /// Also, matchLabelKeys cannot be set when labelSelector isn't set. - /// This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] pub match_label_keys: Option>, /// MismatchLabelKeys is a set of pod label keys to select which pods will @@ -6357,7 +6346,6 @@ pub struct AerospikeClusterRackConfigRacksPodSpecAffinityPodAntiAffinityPreferre /// pod labels will be ignored. The default value is empty. /// The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. /// Also, mismatchLabelKeys cannot be set when labelSelector isn't set. - /// This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] pub mismatch_label_keys: Option>, /// A label query over the set of namespaces that the term applies to. @@ -6467,7 +6455,6 @@ pub struct AerospikeClusterRackConfigRacksPodSpecAffinityPodAntiAffinityRequired /// pod labels will be ignored. The default value is empty. /// The same key is forbidden to exist in both matchLabelKeys and labelSelector. /// Also, matchLabelKeys cannot be set when labelSelector isn't set. - /// This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] pub match_label_keys: Option>, /// MismatchLabelKeys is a set of pod label keys to select which pods will @@ -6478,7 +6465,6 @@ pub struct AerospikeClusterRackConfigRacksPodSpecAffinityPodAntiAffinityRequired /// pod labels will be ignored. The default value is empty. /// The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. /// Also, mismatchLabelKeys cannot be set when labelSelector isn't set. - /// This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] pub mismatch_label_keys: Option>, /// A label query over the set of namespaces that the term applies to. @@ -9099,7 +9085,6 @@ pub struct AerospikeClusterStatusPodSpecAffinityPodAffinityPreferredDuringSchedu /// pod labels will be ignored. The default value is empty. /// The same key is forbidden to exist in both matchLabelKeys and labelSelector. /// Also, matchLabelKeys cannot be set when labelSelector isn't set. - /// This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] pub match_label_keys: Option>, /// MismatchLabelKeys is a set of pod label keys to select which pods will @@ -9110,7 +9095,6 @@ pub struct AerospikeClusterStatusPodSpecAffinityPodAffinityPreferredDuringSchedu /// pod labels will be ignored. The default value is empty. /// The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. /// Also, mismatchLabelKeys cannot be set when labelSelector isn't set. - /// This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] pub mismatch_label_keys: Option>, /// A label query over the set of namespaces that the term applies to. @@ -9220,7 +9204,6 @@ pub struct AerospikeClusterStatusPodSpecAffinityPodAffinityRequiredDuringSchedul /// pod labels will be ignored. The default value is empty. /// The same key is forbidden to exist in both matchLabelKeys and labelSelector. /// Also, matchLabelKeys cannot be set when labelSelector isn't set. - /// This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] pub match_label_keys: Option>, /// MismatchLabelKeys is a set of pod label keys to select which pods will @@ -9231,7 +9214,6 @@ pub struct AerospikeClusterStatusPodSpecAffinityPodAffinityRequiredDuringSchedul /// pod labels will be ignored. The default value is empty. /// The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. /// Also, mismatchLabelKeys cannot be set when labelSelector isn't set. - /// This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] pub mismatch_label_keys: Option>, /// A label query over the set of namespaces that the term applies to. @@ -9372,7 +9354,6 @@ pub struct AerospikeClusterStatusPodSpecAffinityPodAntiAffinityPreferredDuringSc /// pod labels will be ignored. The default value is empty. /// The same key is forbidden to exist in both matchLabelKeys and labelSelector. /// Also, matchLabelKeys cannot be set when labelSelector isn't set. - /// This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] pub match_label_keys: Option>, /// MismatchLabelKeys is a set of pod label keys to select which pods will @@ -9383,7 +9364,6 @@ pub struct AerospikeClusterStatusPodSpecAffinityPodAntiAffinityPreferredDuringSc /// pod labels will be ignored. The default value is empty. /// The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. /// Also, mismatchLabelKeys cannot be set when labelSelector isn't set. - /// This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] pub mismatch_label_keys: Option>, /// A label query over the set of namespaces that the term applies to. @@ -9493,7 +9473,6 @@ pub struct AerospikeClusterStatusPodSpecAffinityPodAntiAffinityRequiredDuringSch /// pod labels will be ignored. The default value is empty. /// The same key is forbidden to exist in both matchLabelKeys and labelSelector. /// Also, matchLabelKeys cannot be set when labelSelector isn't set. - /// This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] pub match_label_keys: Option>, /// MismatchLabelKeys is a set of pod label keys to select which pods will @@ -9504,7 +9483,6 @@ pub struct AerospikeClusterStatusPodSpecAffinityPodAntiAffinityRequiredDuringSch /// pod labels will be ignored. The default value is empty. /// The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. /// Also, mismatchLabelKeys cannot be set when labelSelector isn't set. - /// This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] pub mismatch_label_keys: Option>, /// A label query over the set of namespaces that the term applies to. @@ -9908,13 +9886,13 @@ pub struct AerospikeClusterStatusPodSpecInitContainersEnvValueFromSecretKeyRef { pub optional: Option, } -/// EnvFromSource represents the source of a set of ConfigMaps +/// EnvFromSource represents the source of a set of ConfigMaps or Secrets #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct AerospikeClusterStatusPodSpecInitContainersEnvFrom { /// The ConfigMap to select from #[serde(default, skip_serializing_if = "Option::is_none", rename = "configMapRef")] pub config_map_ref: Option, - /// An optional identifier to prepend to each key in the ConfigMap. Must be a C_IDENTIFIER. + /// Optional text to prepend to the name of each environment variable. Must be a C_IDENTIFIER. #[serde(default, skip_serializing_if = "Option::is_none")] pub prefix: Option, /// The Secret to select from @@ -9973,6 +9951,11 @@ pub struct AerospikeClusterStatusPodSpecInitContainersLifecycle { /// More info: #[serde(default, skip_serializing_if = "Option::is_none", rename = "preStop")] pub pre_stop: Option, + /// StopSignal defines which signal will be sent to a container when it is being stopped. + /// If not specified, the default is defined by the container runtime in use. + /// StopSignal can only be set for Pods with a non-empty .spec.os.name + #[serde(default, skip_serializing_if = "Option::is_none", rename = "stopSignal")] + pub stop_signal: Option, } /// PostStart is called immediately after a container is created. If the handler fails, @@ -11355,13 +11338,13 @@ pub struct AerospikeClusterStatusPodSpecSidecarsEnvValueFromSecretKeyRef { pub optional: Option, } -/// EnvFromSource represents the source of a set of ConfigMaps +/// EnvFromSource represents the source of a set of ConfigMaps or Secrets #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct AerospikeClusterStatusPodSpecSidecarsEnvFrom { /// The ConfigMap to select from #[serde(default, skip_serializing_if = "Option::is_none", rename = "configMapRef")] pub config_map_ref: Option, - /// An optional identifier to prepend to each key in the ConfigMap. Must be a C_IDENTIFIER. + /// Optional text to prepend to the name of each environment variable. Must be a C_IDENTIFIER. #[serde(default, skip_serializing_if = "Option::is_none")] pub prefix: Option, /// The Secret to select from @@ -11420,6 +11403,11 @@ pub struct AerospikeClusterStatusPodSpecSidecarsLifecycle { /// More info: #[serde(default, skip_serializing_if = "Option::is_none", rename = "preStop")] pub pre_stop: Option, + /// StopSignal defines which signal will be sent to a container when it is being stopped. + /// If not specified, the default is defined by the container runtime in use. + /// StopSignal can only be set for Pods with a non-empty .spec.os.name + #[serde(default, skip_serializing_if = "Option::is_none", rename = "stopSignal")] + pub stop_signal: Option, } /// PostStart is called immediately after a container is created. If the handler fails, @@ -12732,7 +12720,6 @@ pub struct AerospikeClusterStatusRackConfigRacksEffectivePodSpecAffinityPodAffin /// pod labels will be ignored. The default value is empty. /// The same key is forbidden to exist in both matchLabelKeys and labelSelector. /// Also, matchLabelKeys cannot be set when labelSelector isn't set. - /// This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] pub match_label_keys: Option>, /// MismatchLabelKeys is a set of pod label keys to select which pods will @@ -12743,7 +12730,6 @@ pub struct AerospikeClusterStatusRackConfigRacksEffectivePodSpecAffinityPodAffin /// pod labels will be ignored. The default value is empty. /// The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. /// Also, mismatchLabelKeys cannot be set when labelSelector isn't set. - /// This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] pub mismatch_label_keys: Option>, /// A label query over the set of namespaces that the term applies to. @@ -12853,7 +12839,6 @@ pub struct AerospikeClusterStatusRackConfigRacksEffectivePodSpecAffinityPodAffin /// pod labels will be ignored. The default value is empty. /// The same key is forbidden to exist in both matchLabelKeys and labelSelector. /// Also, matchLabelKeys cannot be set when labelSelector isn't set. - /// This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] pub match_label_keys: Option>, /// MismatchLabelKeys is a set of pod label keys to select which pods will @@ -12864,7 +12849,6 @@ pub struct AerospikeClusterStatusRackConfigRacksEffectivePodSpecAffinityPodAffin /// pod labels will be ignored. The default value is empty. /// The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. /// Also, mismatchLabelKeys cannot be set when labelSelector isn't set. - /// This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] pub mismatch_label_keys: Option>, /// A label query over the set of namespaces that the term applies to. @@ -13005,7 +12989,6 @@ pub struct AerospikeClusterStatusRackConfigRacksEffectivePodSpecAffinityPodAntiA /// pod labels will be ignored. The default value is empty. /// The same key is forbidden to exist in both matchLabelKeys and labelSelector. /// Also, matchLabelKeys cannot be set when labelSelector isn't set. - /// This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] pub match_label_keys: Option>, /// MismatchLabelKeys is a set of pod label keys to select which pods will @@ -13016,7 +12999,6 @@ pub struct AerospikeClusterStatusRackConfigRacksEffectivePodSpecAffinityPodAntiA /// pod labels will be ignored. The default value is empty. /// The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. /// Also, mismatchLabelKeys cannot be set when labelSelector isn't set. - /// This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] pub mismatch_label_keys: Option>, /// A label query over the set of namespaces that the term applies to. @@ -13126,7 +13108,6 @@ pub struct AerospikeClusterStatusRackConfigRacksEffectivePodSpecAffinityPodAntiA /// pod labels will be ignored. The default value is empty. /// The same key is forbidden to exist in both matchLabelKeys and labelSelector. /// Also, matchLabelKeys cannot be set when labelSelector isn't set. - /// This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] pub match_label_keys: Option>, /// MismatchLabelKeys is a set of pod label keys to select which pods will @@ -13137,7 +13118,6 @@ pub struct AerospikeClusterStatusRackConfigRacksEffectivePodSpecAffinityPodAntiA /// pod labels will be ignored. The default value is empty. /// The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. /// Also, mismatchLabelKeys cannot be set when labelSelector isn't set. - /// This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] pub mismatch_label_keys: Option>, /// A label query over the set of namespaces that the term applies to. @@ -14103,7 +14083,6 @@ pub struct AerospikeClusterStatusRackConfigRacksPodSpecAffinityPodAffinityPrefer /// pod labels will be ignored. The default value is empty. /// The same key is forbidden to exist in both matchLabelKeys and labelSelector. /// Also, matchLabelKeys cannot be set when labelSelector isn't set. - /// This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] pub match_label_keys: Option>, /// MismatchLabelKeys is a set of pod label keys to select which pods will @@ -14114,7 +14093,6 @@ pub struct AerospikeClusterStatusRackConfigRacksPodSpecAffinityPodAffinityPrefer /// pod labels will be ignored. The default value is empty. /// The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. /// Also, mismatchLabelKeys cannot be set when labelSelector isn't set. - /// This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] pub mismatch_label_keys: Option>, /// A label query over the set of namespaces that the term applies to. @@ -14224,7 +14202,6 @@ pub struct AerospikeClusterStatusRackConfigRacksPodSpecAffinityPodAffinityRequir /// pod labels will be ignored. The default value is empty. /// The same key is forbidden to exist in both matchLabelKeys and labelSelector. /// Also, matchLabelKeys cannot be set when labelSelector isn't set. - /// This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] pub match_label_keys: Option>, /// MismatchLabelKeys is a set of pod label keys to select which pods will @@ -14235,7 +14212,6 @@ pub struct AerospikeClusterStatusRackConfigRacksPodSpecAffinityPodAffinityRequir /// pod labels will be ignored. The default value is empty. /// The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. /// Also, mismatchLabelKeys cannot be set when labelSelector isn't set. - /// This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] pub mismatch_label_keys: Option>, /// A label query over the set of namespaces that the term applies to. @@ -14376,7 +14352,6 @@ pub struct AerospikeClusterStatusRackConfigRacksPodSpecAffinityPodAntiAffinityPr /// pod labels will be ignored. The default value is empty. /// The same key is forbidden to exist in both matchLabelKeys and labelSelector. /// Also, matchLabelKeys cannot be set when labelSelector isn't set. - /// This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] pub match_label_keys: Option>, /// MismatchLabelKeys is a set of pod label keys to select which pods will @@ -14387,7 +14362,6 @@ pub struct AerospikeClusterStatusRackConfigRacksPodSpecAffinityPodAntiAffinityPr /// pod labels will be ignored. The default value is empty. /// The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. /// Also, mismatchLabelKeys cannot be set when labelSelector isn't set. - /// This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] pub mismatch_label_keys: Option>, /// A label query over the set of namespaces that the term applies to. @@ -14497,7 +14471,6 @@ pub struct AerospikeClusterStatusRackConfigRacksPodSpecAffinityPodAntiAffinityRe /// pod labels will be ignored. The default value is empty. /// The same key is forbidden to exist in both matchLabelKeys and labelSelector. /// Also, matchLabelKeys cannot be set when labelSelector isn't set. - /// This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] pub match_label_keys: Option>, /// MismatchLabelKeys is a set of pod label keys to select which pods will @@ -14508,7 +14481,6 @@ pub struct AerospikeClusterStatusRackConfigRacksPodSpecAffinityPodAntiAffinityRe /// pod labels will be ignored. The default value is empty. /// The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. /// Also, mismatchLabelKeys cannot be set when labelSelector isn't set. - /// This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] pub mismatch_label_keys: Option>, /// A label query over the set of namespaces that the term applies to. diff --git a/custom-resources/batch_volcano_sh/src/v1alpha1/jobs.rs b/custom-resources/batch_volcano_sh/src/v1alpha1/jobs.rs index c8df0d22a..5333185b5 100644 --- a/custom-resources/batch_volcano_sh/src/v1alpha1/jobs.rs +++ b/custom-resources/batch_volcano_sh/src/v1alpha1/jobs.rs @@ -51,6 +51,8 @@ pub struct JobSpec { pub struct JobNetworkTopology { #[serde(default, skip_serializing_if = "Option::is_none", rename = "highestTierAllowed")] pub highest_tier_allowed: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "highestTierName")] + pub highest_tier_name: Option, #[serde(default, skip_serializing_if = "Option::is_none")] pub mode: Option, } @@ -103,6 +105,8 @@ pub struct JobTasks { pub min_available: Option, #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "partitionPolicy")] + pub partition_policy: Option, #[serde(default, skip_serializing_if = "Option::is_none")] pub policies: Option>, #[serde(default, skip_serializing_if = "Option::is_none")] @@ -121,6 +125,36 @@ pub struct JobTasksDependsOn { pub name: Option>, } +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct JobTasksPartitionPolicy { + #[serde(default, skip_serializing_if = "Option::is_none", rename = "minPartitions")] + pub min_partitions: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "networkTopology")] + pub network_topology: Option, + #[serde(rename = "partitionSize")] + pub partition_size: i32, + #[serde(rename = "totalPartitions")] + pub total_partitions: i32, +} + +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct JobTasksPartitionPolicyNetworkTopology { + #[serde(default, skip_serializing_if = "Option::is_none", rename = "highestTierAllowed")] + pub highest_tier_allowed: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "highestTierName")] + pub highest_tier_name: Option, + #[serde(default, skip_serializing_if = "Option::is_none")] + pub mode: Option, +} + +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub enum JobTasksPartitionPolicyNetworkTopologyMode { + #[serde(rename = "hard")] + Hard, + #[serde(rename = "soft")] + Soft, +} + #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct JobTasksPolicies { #[serde(default, skip_serializing_if = "Option::is_none")] diff --git a/custom-resources/capsule_clastix_io/src/v1beta1/tenants.rs b/custom-resources/capsule_clastix_io/src/v1beta1/tenants.rs index a5662c328..23f06ad14 100644 --- a/custom-resources/capsule_clastix_io/src/v1beta1/tenants.rs +++ b/custom-resources/capsule_clastix_io/src/v1beta1/tenants.rs @@ -96,8 +96,10 @@ pub struct TenantAdditionalRoleBindingsSubjects { /// Specifies the trusted Image Registries assigned to the Tenant. Capsule assures that all Pods resources created in the Tenant can use only one of the allowed trusted registries. Optional. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct TenantContainerRegistries { + /// Match exact elements which are allowed as class names within this tenant #[serde(default, skip_serializing_if = "Option::is_none")] pub allowed: Option>, + /// Match elements by regex (DEPRECATED) #[serde(default, skip_serializing_if = "Option::is_none", rename = "allowedRegex")] pub allowed_regex: Option, } @@ -127,8 +129,10 @@ pub struct TenantIngressOptions { /// Specifies the allowed IngressClasses assigned to the Tenant. Capsule assures that all Ingress resources created in the Tenant can use only one of the allowed IngressClasses. Optional. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct TenantIngressOptionsAllowedClasses { + /// Match exact elements which are allowed as class names within this tenant #[serde(default, skip_serializing_if = "Option::is_none")] pub allowed: Option>, + /// Match elements by regex (DEPRECATED) #[serde(default, skip_serializing_if = "Option::is_none", rename = "allowedRegex")] pub allowed_regex: Option, } @@ -136,8 +140,10 @@ pub struct TenantIngressOptionsAllowedClasses { /// Specifies the allowed hostnames in Ingresses for the given Tenant. Capsule assures that all Ingress resources created in the Tenant can use only one of the allowed hostnames. Optional. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct TenantIngressOptionsAllowedHostnames { + /// Match exact elements which are allowed as class names within this tenant #[serde(default, skip_serializing_if = "Option::is_none")] pub allowed: Option>, + /// Match elements by regex (DEPRECATED) #[serde(default, skip_serializing_if = "Option::is_none", rename = "allowedRegex")] pub allowed_regex: Option, } @@ -631,8 +637,10 @@ pub enum TenantOwnersProxySettingsKind { /// Specifies the allowed priorityClasses assigned to the Tenant. Capsule assures that all Pods resources created in the Tenant can use only one of the allowed PriorityClasses. Optional. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct TenantPriorityClasses { + /// Match exact elements which are allowed as class names within this tenant #[serde(default, skip_serializing_if = "Option::is_none")] pub allowed: Option>, + /// Match elements by regex (DEPRECATED) #[serde(default, skip_serializing_if = "Option::is_none", rename = "allowedRegex")] pub allowed_regex: Option, } @@ -770,8 +778,10 @@ pub struct TenantServiceOptionsForbiddenLabels { /// Specifies the allowed StorageClasses assigned to the Tenant. Capsule assures that all PersistentVolumeClaim resources created in the Tenant can use only one of the allowed StorageClasses. Optional. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct TenantStorageClasses { + /// Match exact elements which are allowed as class names within this tenant #[serde(default, skip_serializing_if = "Option::is_none")] pub allowed: Option>, + /// Match elements by regex (DEPRECATED) #[serde(default, skip_serializing_if = "Option::is_none", rename = "allowedRegex")] pub allowed_regex: Option, } diff --git a/custom-resources/capsule_clastix_io/src/v1beta2/capsuleconfigurations.rs b/custom-resources/capsule_clastix_io/src/v1beta2/capsuleconfigurations.rs index 825078a02..4df80e034 100644 --- a/custom-resources/capsule_clastix_io/src/v1beta2/capsuleconfigurations.rs +++ b/custom-resources/capsule_clastix_io/src/v1beta2/capsuleconfigurations.rs @@ -16,6 +16,12 @@ use self::prelude::*; #[kube(derive="Default")] #[kube(derive="PartialEq")] pub struct CapsuleConfigurationSpec { + /// Define entities which can act as Administrators in the capsule construct + /// These entities are automatically owners for all existing tenants. Meaning they can add namespaces to any tenant. However they must be specific by using the capsule label + /// for interacting with namespaces. Because if that label is not defined, it's assumed that namespace interaction was not targeted towards a tenant and will therefor + /// be ignored by capsule. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub administrators: Option>, /// ServiceAccounts within tenant namespaces can be promoted to owners of the given tenant /// this can be achieved by labeling the serviceaccount and then they are considered owners. This can only be done by other owners of the tenant. /// However ServiceAccounts which have been promoted to owner can not promote further serviceAccounts. @@ -52,6 +58,21 @@ pub struct CapsuleConfigurationSpec { pub user_names: Option>, } +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub struct CapsuleConfigurationAdministrators { + /// Kind of entity. Possible values are "User", "Group", and "ServiceAccount" + pub kind: CapsuleConfigurationAdministratorsKind, + /// Name of the entity. + pub name: String, +} + +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub enum CapsuleConfigurationAdministratorsKind { + User, + Group, + ServiceAccount, +} + /// Allows to set the forbidden metadata for the worker nodes that could be patched by a Tenant. /// This applies only if the Tenant has an active NodeSelector, and the Owner have right to patch their nodes. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] diff --git a/custom-resources/capsule_clastix_io/src/v1beta2/tenants.rs b/custom-resources/capsule_clastix_io/src/v1beta2/tenants.rs index fc34478b6..cb3d0ca99 100644 --- a/custom-resources/capsule_clastix_io/src/v1beta2/tenants.rs +++ b/custom-resources/capsule_clastix_io/src/v1beta2/tenants.rs @@ -135,8 +135,10 @@ pub struct TenantAdditionalRoleBindingsSubjects { /// Specifies the trusted Image Registries assigned to the Tenant. Capsule assures that all Pods resources created in the Tenant can use only one of the allowed trusted registries. Optional. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct TenantContainerRegistries { + /// Match exact elements which are allowed as class names within this tenant #[serde(default, skip_serializing_if = "Option::is_none")] pub allowed: Option>, + /// Match elements by regex (DEPRECATED) #[serde(default, skip_serializing_if = "Option::is_none", rename = "allowedRegex")] pub allowed_regex: Option, } @@ -150,6 +152,12 @@ pub struct TenantGatewayOptions { #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct TenantGatewayOptionsAllowedClasses { + /// Match exact elements which are allowed as class names within this tenant + #[serde(default, skip_serializing_if = "Option::is_none")] + pub allowed: Option>, + /// Match elements by regex (DEPRECATED) + #[serde(default, skip_serializing_if = "Option::is_none", rename = "allowedRegex")] + pub allowed_regex: Option, #[serde(default, skip_serializing_if = "Option::is_none")] pub default: Option, /// matchExpressions is a list of label selector requirements. The requirements are ANDed. @@ -213,8 +221,10 @@ pub struct TenantIngressOptions { /// Optional. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct TenantIngressOptionsAllowedClasses { + /// Match exact elements which are allowed as class names within this tenant #[serde(default, skip_serializing_if = "Option::is_none")] pub allowed: Option>, + /// Match elements by regex (DEPRECATED) #[serde(default, skip_serializing_if = "Option::is_none", rename = "allowedRegex")] pub allowed_regex: Option, #[serde(default, skip_serializing_if = "Option::is_none")] @@ -249,8 +259,10 @@ pub struct TenantIngressOptionsAllowedClassesMatchExpressions { /// Specifies the allowed hostnames in Ingresses for the given Tenant. Capsule assures that all Ingress resources created in the Tenant can use only one of the allowed hostnames. Optional. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct TenantIngressOptionsAllowedHostnames { + /// Match exact elements which are allowed as class names within this tenant #[serde(default, skip_serializing_if = "Option::is_none")] pub allowed: Option>, + /// Match elements by regex (DEPRECATED) #[serde(default, skip_serializing_if = "Option::is_none", rename = "allowedRegex")] pub allowed_regex: Option, } @@ -796,12 +808,12 @@ pub struct TenantOwners { /// Defines additional cluster-roles for the specific Owner. #[serde(default, skip_serializing_if = "Option::is_none", rename = "clusterRoles")] pub cluster_roles: Option>, - /// Kind of tenant owner. Possible values are "User", "Group", and "ServiceAccount" + /// Kind of entity. Possible values are "User", "Group", and "ServiceAccount" pub kind: TenantOwnersKind, /// Additional Labels for the synchronized rolebindings #[serde(default, skip_serializing_if = "Option::is_none")] pub labels: Option>, - /// Name of tenant owner. + /// Name of the entity. pub name: String, /// Proxy settings for tenant owner. #[serde(default, skip_serializing_if = "Option::is_none", rename = "proxySettings")] @@ -854,8 +866,10 @@ pub struct TenantPodOptionsAdditionalMetadata { /// Optional. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct TenantPriorityClasses { + /// Match exact elements which are allowed as class names within this tenant #[serde(default, skip_serializing_if = "Option::is_none")] pub allowed: Option>, + /// Match elements by regex (DEPRECATED) #[serde(default, skip_serializing_if = "Option::is_none", rename = "allowedRegex")] pub allowed_regex: Option, #[serde(default, skip_serializing_if = "Option::is_none")] @@ -955,8 +969,10 @@ pub enum TenantResourceQuotasScope { /// Optional. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct TenantRuntimeClasses { + /// Match exact elements which are allowed as class names within this tenant #[serde(default, skip_serializing_if = "Option::is_none")] pub allowed: Option>, + /// Match elements by regex (DEPRECATED) #[serde(default, skip_serializing_if = "Option::is_none", rename = "allowedRegex")] pub allowed_regex: Option, #[serde(default, skip_serializing_if = "Option::is_none")] @@ -1061,8 +1077,10 @@ pub struct TenantServiceOptionsForbiddenLabels { /// Optional. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct TenantStorageClasses { + /// Match exact elements which are allowed as class names within this tenant #[serde(default, skip_serializing_if = "Option::is_none")] pub allowed: Option>, + /// Match elements by regex (DEPRECATED) #[serde(default, skip_serializing_if = "Option::is_none", rename = "allowedRegex")] pub allowed_regex: Option, #[serde(default, skip_serializing_if = "Option::is_none")] @@ -1097,6 +1115,9 @@ pub struct TenantStorageClassesMatchExpressions { /// Returns the observed state of the Tenant. #[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] pub struct TenantStatus { + /// Available Class Types within Tenant + #[serde(default, skip_serializing_if = "Option::is_none")] + pub classes: Option, /// Tenant Condition pub conditions: Vec, /// List of namespaces assigned to the Tenant. (Deprecated) @@ -1111,6 +1132,23 @@ pub struct TenantStatus { pub state: TenantStatusState, } +/// Available Class Types within Tenant +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct TenantStatusClasses { + /// Available GatewayClasses + #[serde(default, skip_serializing_if = "Option::is_none")] + pub gateway: Option>, + /// Available PriorityClasses + #[serde(default, skip_serializing_if = "Option::is_none")] + pub priority: Option>, + /// Available StorageClasses + #[serde(default, skip_serializing_if = "Option::is_none")] + pub runtime: Option>, + /// Available Storageclasses (Only collected if any matching condition is specified) + #[serde(default, skip_serializing_if = "Option::is_none")] + pub storage: Option>, +} + #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct TenantStatusSpaces { /// Conditions diff --git a/custom-resources/crd_projectcalico_org/src/v1/felixconfigurations.rs b/custom-resources/crd_projectcalico_org/src/v1/felixconfigurations.rs index fa3634217..8c1387a59 100644 --- a/custom-resources/crd_projectcalico_org/src/v1/felixconfigurations.rs +++ b/custom-resources/crd_projectcalico_org/src/v1/felixconfigurations.rs @@ -1025,7 +1025,6 @@ pub enum FelixConfigurationNatOutgoingExclusions { pub enum FelixConfigurationNftablesMode { Disabled, Enabled, - Auto, } /// FelixConfigurationSpec contains the values of the Felix configuration. diff --git a/custom-resources/datadoghq_com/src/v1alpha1/datadogmonitors.rs b/custom-resources/datadoghq_com/src/v1alpha1/datadogmonitors.rs index 288e2006a..899e65d14 100644 --- a/custom-resources/datadoghq_com/src/v1alpha1/datadogmonitors.rs +++ b/custom-resources/datadoghq_com/src/v1alpha1/datadogmonitors.rs @@ -68,6 +68,12 @@ pub struct DatadogMonitorOptions { /// This is useful for AWS CloudWatch and other backfilled metrics to ensure the monitor always has data during evaluation. #[serde(default, skip_serializing_if = "Option::is_none", rename = "evaluationDelay")] pub evaluation_delay: Option, + /// The time span after which groups with missing data are dropped from the monitor state. + /// The minimum value is one hour, and the maximum value is 72 hours. + /// Example values are: "60m", "1h", and "2d". + /// This option is only available for APM Trace Analytics, Audit Trail, CI, Error Tracking, Event, Logs, and RUM monitors. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "groupRetentionDuration")] + pub group_retention_duration: Option, /// A Boolean indicating whether the log alert monitor triggers a single alert or multiple alerts when any group breaches a threshold. #[serde(default, skip_serializing_if = "Option::is_none", rename = "groupbySimpleMonitor")] pub groupby_simple_monitor: Option, diff --git a/custom-resources/datadoghq_com/src/v2alpha1/datadogagents.rs b/custom-resources/datadoghq_com/src/v2alpha1/datadogagents.rs index 95fdc14f1..33ca1bc5d 100644 --- a/custom-resources/datadoghq_com/src/v2alpha1/datadogagents.rs +++ b/custom-resources/datadoghq_com/src/v2alpha1/datadogagents.rs @@ -1176,6 +1176,11 @@ pub struct DatadogAgentFeaturesCws { /// Any policies with the same name as those existing in the agent will take precedence. #[serde(default, skip_serializing_if = "Option::is_none", rename = "customPolicies")] pub custom_policies: Option, + /// DirectSendFromSystemProbe configures CWS to send payloads directly from the system-probe, without using the security-agent. + /// This is an experimental feature. Contact support before using. + /// Default: false + #[serde(default, skip_serializing_if = "Option::is_none", rename = "directSendFromSystemProbe")] + pub direct_send_from_system_probe: Option, /// Enabled enables Cloud Workload Security. /// Default: false #[serde(default, skip_serializing_if = "Option::is_none")] @@ -1503,6 +1508,11 @@ pub struct DatadogAgentFeaturesGpu { /// Default: false #[serde(default, skip_serializing_if = "Option::is_none")] pub enabled: Option, + /// PatchCgroupPermissions enables the patch of cgroup permissions for GPU monitoring, in case + /// the container runtime is not properly configured and the Agent containers lose access to GPU devices. + /// Default: false + #[serde(default, skip_serializing_if = "Option::is_none", rename = "patchCgroupPermissions")] + pub patch_cgroup_permissions: Option, /// PrivilegedMode enables GPU Probe module in System Probe. /// Default: false #[serde(default, skip_serializing_if = "Option::is_none", rename = "privilegedMode")] @@ -1536,6 +1546,13 @@ pub struct DatadogAgentFeaturesHelmCheck { /// KubeStateMetricsCore check configuration. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct DatadogAgentFeaturesKubeStateMetricsCore { + /// `CollectCrMetrics` defines custom resources for the kube-state-metrics core check to collect. + /// + /// The datadog agent uses the same logic as upstream `kube-state-metrics`. So is its configuration. + /// The exact structure and existing fields of each item in this list can be found in: + /// + #[serde(default, skip_serializing_if = "Option::is_none", rename = "collectCrMetrics")] + pub collect_cr_metrics: Option>, /// Conf overrides the configuration for the default Kubernetes State Metrics Core check. /// This must point to a ConfigMap containing a valid cluster check configuration. #[serde(default, skip_serializing_if = "Option::is_none")] @@ -1546,6 +1563,130 @@ pub struct DatadogAgentFeaturesKubeStateMetricsCore { pub enabled: Option, } +/// Resource configures a custom resource for metric generation. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct DatadogAgentFeaturesKubeStateMetricsCoreCollectCrMetrics { + /// CommonLabels are added to all metrics. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "commonLabels")] + pub common_labels: Option>, + /// GroupVersionKind of the custom resource to be monitored. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "groupVersionKind")] + pub group_version_kind: Option, + /// LabelsFromPath adds additional labels where the value is taken from a field in the resource. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelsFromPath")] + pub labels_from_path: Option>>, + /// MetricNamePrefix defines a prefix for all metrics of the resource. + /// If set to "", no prefix will be added. + /// Example: If set to "foo", MetricNamePrefix will be "foo_". + #[serde(default, skip_serializing_if = "Option::is_none", rename = "metricNamePrefix")] + pub metric_name_prefix: Option, + /// Metrics are the custom resource fields to be collected. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub metrics: Option>, + /// ResourcePlural sets the plural name of the resource. Defaults to the plural version of the Kind according to flect.Pluralize. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "resourcePlural")] + pub resource_plural: Option, +} + +/// GroupVersionKind of the custom resource to be monitored. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct DatadogAgentFeaturesKubeStateMetricsCoreCollectCrMetricsGroupVersionKind { + #[serde(default, skip_serializing_if = "Option::is_none")] + pub group: Option, + #[serde(default, skip_serializing_if = "Option::is_none")] + pub kind: Option, + #[serde(default, skip_serializing_if = "Option::is_none")] + pub version: Option, +} + +/// Generator describes a unique metric name. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct DatadogAgentFeaturesKubeStateMetricsCoreCollectCrMetricsMetrics { + /// CommonLabels are added to all metrics. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "commonLabels")] + pub common_labels: Option>, + /// Each targets a value or values from the resource. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub each: Option, + /// Help text for the metric. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub help: Option, + /// LabelsFromPath adds additional labels where the value is taken from a field in the resource. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelsFromPath")] + pub labels_from_path: Option>>, + /// Name of the metric. Subject to prefixing based on the configuration of the Resource. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, +} + +/// Each targets a value or values from the resource. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct DatadogAgentFeaturesKubeStateMetricsCoreCollectCrMetricsMetricsEach { + /// Gauge defines a gauge metric. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub gauge: Option, + /// Info defines an info metric. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub info: Option, + /// StateSet defines a state set metric. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "stateSet")] + pub state_set: Option, + /// Type defines the type of the metric. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "type")] + pub r#type: Option, +} + +/// Gauge defines a gauge metric. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct DatadogAgentFeaturesKubeStateMetricsCoreCollectCrMetricsMetricsEachGauge { + /// LabelFromKey adds a label with the given name if Path is an object. The label value will be the object key. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelFromKey")] + pub label_from_key: Option, + /// LabelsFromPath adds additional labels where the value of the label is taken from a field under Path. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelsFromPath")] + pub labels_from_path: Option>>, + /// NilIsZero indicates that if a value is nil it will be treated as zero value. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "nilIsZero")] + pub nil_is_zero: Option, + /// Path is the path to to generate metric(s) for. + pub path: Vec, + /// ValueFrom is the path to a numeric field under Path that will be the metric value. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "valueFrom")] + pub value_from: Option>, +} + +/// Info defines an info metric. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct DatadogAgentFeaturesKubeStateMetricsCoreCollectCrMetricsMetricsEachInfo { + /// LabelFromKey adds a label with the given name if Path is an object. The label value will be the object key. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelFromKey")] + pub label_from_key: Option, + /// LabelsFromPath adds additional labels where the value of the label is taken from a field under Path. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelsFromPath")] + pub labels_from_path: Option>>, + /// Path is the path to to generate metric(s) for. + pub path: Vec, +} + +/// StateSet defines a state set metric. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct DatadogAgentFeaturesKubeStateMetricsCoreCollectCrMetricsMetricsEachStateSet { + /// LabelName is the key of the label which is used for each entry in List to expose the value. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelName")] + pub label_name: Option, + /// LabelsFromPath adds additional labels where the value of the label is taken from a field under Path. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelsFromPath")] + pub labels_from_path: Option>>, + /// List is the list of values to expose a value for. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub list: Option>, + /// Path is the path to to generate metric(s) for. + pub path: Vec, + /// ValueFrom is the subpath to compare the list to. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "valueFrom")] + pub value_from: Option>, +} + /// Conf overrides the configuration for the default Kubernetes State Metrics Core check. /// This must point to a ConfigMap containing a valid cluster check configuration. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] @@ -1618,6 +1759,10 @@ pub struct DatadogAgentFeaturesLiveProcessCollection { /// LogCollection configuration. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct DatadogAgentFeaturesLogCollection { + /// AutoMultiLineDetection allows the Agent to detect and aggregate common multi-line logs automatically. + /// See also: + #[serde(default, skip_serializing_if = "Option::is_none", rename = "autoMultiLineDetection")] + pub auto_multi_line_detection: Option, /// ContainerCollectAll enables Log collection from all containers. /// Default: false #[serde(default, skip_serializing_if = "Option::is_none", rename = "containerCollectAll")] @@ -2194,6 +2339,7 @@ pub struct DatadogAgentGlobal { /// If no other checks are running, the Process Agent container will not initialize. /// (Requires Agent 7.60.0+) /// Default: 'true' + /// Deprecated: Functionality now handled automatically. Use env var `DD_PROCESS_CONFIG_RUN_IN_CORE_AGENT_ENABLED` to override. #[serde(default, skip_serializing_if = "Option::is_none", rename = "runProcessChecksInCoreAgent")] pub run_process_checks_in_core_agent: Option, /// Configure the secret backend feature @@ -8292,6 +8438,11 @@ pub struct DatadogAgentStatusRemoteConfigConfigurationFeaturesCws { /// Any policies with the same name as those existing in the agent will take precedence. #[serde(default, skip_serializing_if = "Option::is_none", rename = "customPolicies")] pub custom_policies: Option, + /// DirectSendFromSystemProbe configures CWS to send payloads directly from the system-probe, without using the security-agent. + /// This is an experimental feature. Contact support before using. + /// Default: false + #[serde(default, skip_serializing_if = "Option::is_none", rename = "directSendFromSystemProbe")] + pub direct_send_from_system_probe: Option, /// Enabled enables Cloud Workload Security. /// Default: false #[serde(default, skip_serializing_if = "Option::is_none")] @@ -8619,6 +8770,11 @@ pub struct DatadogAgentStatusRemoteConfigConfigurationFeaturesGpu { /// Default: false #[serde(default, skip_serializing_if = "Option::is_none")] pub enabled: Option, + /// PatchCgroupPermissions enables the patch of cgroup permissions for GPU monitoring, in case + /// the container runtime is not properly configured and the Agent containers lose access to GPU devices. + /// Default: false + #[serde(default, skip_serializing_if = "Option::is_none", rename = "patchCgroupPermissions")] + pub patch_cgroup_permissions: Option, /// PrivilegedMode enables GPU Probe module in System Probe. /// Default: false #[serde(default, skip_serializing_if = "Option::is_none", rename = "privilegedMode")] @@ -8652,6 +8808,13 @@ pub struct DatadogAgentStatusRemoteConfigConfigurationFeaturesHelmCheck { /// KubeStateMetricsCore check configuration. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct DatadogAgentStatusRemoteConfigConfigurationFeaturesKubeStateMetricsCore { + /// `CollectCrMetrics` defines custom resources for the kube-state-metrics core check to collect. + /// + /// The datadog agent uses the same logic as upstream `kube-state-metrics`. So is its configuration. + /// The exact structure and existing fields of each item in this list can be found in: + /// + #[serde(default, skip_serializing_if = "Option::is_none", rename = "collectCrMetrics")] + pub collect_cr_metrics: Option>, /// Conf overrides the configuration for the default Kubernetes State Metrics Core check. /// This must point to a ConfigMap containing a valid cluster check configuration. #[serde(default, skip_serializing_if = "Option::is_none")] @@ -8662,6 +8825,130 @@ pub struct DatadogAgentStatusRemoteConfigConfigurationFeaturesKubeStateMetricsCo pub enabled: Option, } +/// Resource configures a custom resource for metric generation. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct DatadogAgentStatusRemoteConfigConfigurationFeaturesKubeStateMetricsCoreCollectCrMetrics { + /// CommonLabels are added to all metrics. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "commonLabels")] + pub common_labels: Option>, + /// GroupVersionKind of the custom resource to be monitored. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "groupVersionKind")] + pub group_version_kind: Option, + /// LabelsFromPath adds additional labels where the value is taken from a field in the resource. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelsFromPath")] + pub labels_from_path: Option>>, + /// MetricNamePrefix defines a prefix for all metrics of the resource. + /// If set to "", no prefix will be added. + /// Example: If set to "foo", MetricNamePrefix will be "foo_". + #[serde(default, skip_serializing_if = "Option::is_none", rename = "metricNamePrefix")] + pub metric_name_prefix: Option, + /// Metrics are the custom resource fields to be collected. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub metrics: Option>, + /// ResourcePlural sets the plural name of the resource. Defaults to the plural version of the Kind according to flect.Pluralize. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "resourcePlural")] + pub resource_plural: Option, +} + +/// GroupVersionKind of the custom resource to be monitored. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct DatadogAgentStatusRemoteConfigConfigurationFeaturesKubeStateMetricsCoreCollectCrMetricsGroupVersionKind { + #[serde(default, skip_serializing_if = "Option::is_none")] + pub group: Option, + #[serde(default, skip_serializing_if = "Option::is_none")] + pub kind: Option, + #[serde(default, skip_serializing_if = "Option::is_none")] + pub version: Option, +} + +/// Generator describes a unique metric name. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct DatadogAgentStatusRemoteConfigConfigurationFeaturesKubeStateMetricsCoreCollectCrMetricsMetrics { + /// CommonLabels are added to all metrics. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "commonLabels")] + pub common_labels: Option>, + /// Each targets a value or values from the resource. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub each: Option, + /// Help text for the metric. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub help: Option, + /// LabelsFromPath adds additional labels where the value is taken from a field in the resource. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelsFromPath")] + pub labels_from_path: Option>>, + /// Name of the metric. Subject to prefixing based on the configuration of the Resource. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, +} + +/// Each targets a value or values from the resource. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct DatadogAgentStatusRemoteConfigConfigurationFeaturesKubeStateMetricsCoreCollectCrMetricsMetricsEach { + /// Gauge defines a gauge metric. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub gauge: Option, + /// Info defines an info metric. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub info: Option, + /// StateSet defines a state set metric. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "stateSet")] + pub state_set: Option, + /// Type defines the type of the metric. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "type")] + pub r#type: Option, +} + +/// Gauge defines a gauge metric. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct DatadogAgentStatusRemoteConfigConfigurationFeaturesKubeStateMetricsCoreCollectCrMetricsMetricsEachGauge { + /// LabelFromKey adds a label with the given name if Path is an object. The label value will be the object key. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelFromKey")] + pub label_from_key: Option, + /// LabelsFromPath adds additional labels where the value of the label is taken from a field under Path. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelsFromPath")] + pub labels_from_path: Option>>, + /// NilIsZero indicates that if a value is nil it will be treated as zero value. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "nilIsZero")] + pub nil_is_zero: Option, + /// Path is the path to to generate metric(s) for. + pub path: Vec, + /// ValueFrom is the path to a numeric field under Path that will be the metric value. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "valueFrom")] + pub value_from: Option>, +} + +/// Info defines an info metric. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct DatadogAgentStatusRemoteConfigConfigurationFeaturesKubeStateMetricsCoreCollectCrMetricsMetricsEachInfo { + /// LabelFromKey adds a label with the given name if Path is an object. The label value will be the object key. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelFromKey")] + pub label_from_key: Option, + /// LabelsFromPath adds additional labels where the value of the label is taken from a field under Path. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelsFromPath")] + pub labels_from_path: Option>>, + /// Path is the path to to generate metric(s) for. + pub path: Vec, +} + +/// StateSet defines a state set metric. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct DatadogAgentStatusRemoteConfigConfigurationFeaturesKubeStateMetricsCoreCollectCrMetricsMetricsEachStateSet { + /// LabelName is the key of the label which is used for each entry in List to expose the value. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelName")] + pub label_name: Option, + /// LabelsFromPath adds additional labels where the value of the label is taken from a field under Path. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelsFromPath")] + pub labels_from_path: Option>>, + /// List is the list of values to expose a value for. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub list: Option>, + /// Path is the path to to generate metric(s) for. + pub path: Vec, + /// ValueFrom is the subpath to compare the list to. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "valueFrom")] + pub value_from: Option>, +} + /// Conf overrides the configuration for the default Kubernetes State Metrics Core check. /// This must point to a ConfigMap containing a valid cluster check configuration. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] @@ -8734,6 +9021,10 @@ pub struct DatadogAgentStatusRemoteConfigConfigurationFeaturesLiveProcessCollect /// LogCollection configuration. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct DatadogAgentStatusRemoteConfigConfigurationFeaturesLogCollection { + /// AutoMultiLineDetection allows the Agent to detect and aggregate common multi-line logs automatically. + /// See also: + #[serde(default, skip_serializing_if = "Option::is_none", rename = "autoMultiLineDetection")] + pub auto_multi_line_detection: Option, /// ContainerCollectAll enables Log collection from all containers. /// Default: false #[serde(default, skip_serializing_if = "Option::is_none", rename = "containerCollectAll")] diff --git a/custom-resources/devices_kubeedge_io/src/v1alpha2/devices.rs b/custom-resources/devices_kubeedge_io/src/v1alpha2/devices.rs index 3638dfa80..6d1671cb6 100644 --- a/custom-resources/devices_kubeedge_io/src/v1alpha2/devices.rs +++ b/custom-resources/devices_kubeedge_io/src/v1alpha2/devices.rs @@ -10,7 +10,7 @@ mod prelude { } use self::prelude::*; -/// DeviceSpec represents a single device instance. It is an instantation of a device model. +/// DeviceSpec represents a single device instance. It is an instantiation of a device model. #[derive(CustomResource, Serialize, Deserialize, Clone, Debug, Default, PartialEq)] #[kube(group = "devices.kubeedge.io", version = "v1alpha2", kind = "Device", plural = "devices")] #[kube(namespaced)] diff --git a/custom-resources/everest_percona_com/src/v1alpha1/databaseclusters.rs b/custom-resources/everest_percona_com/src/v1alpha1/databaseclusters.rs index fa96ad21d..f399453c8 100644 --- a/custom-resources/everest_percona_com/src/v1alpha1/databaseclusters.rs +++ b/custom-resources/everest_percona_com/src/v1alpha1/databaseclusters.rs @@ -33,6 +33,9 @@ pub struct DatabaseClusterSpec { pub data_source: Option, /// Engine is the database engine specification pub engine: DatabaseClusterEngine, + /// EngineFeatures represents configuration of additional features for the database engine. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "engineFeatures")] + pub engine_features: Option, /// Monitoring is the monitoring configuration #[serde(default, skip_serializing_if = "Option::is_none")] pub monitoring: Option, @@ -280,6 +283,23 @@ pub enum DatabaseClusterEngineType { Psmdb, } +/// EngineFeatures represents configuration of additional features for the database engine. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct DatabaseClusterEngineFeatures { + /// PSMDB represents additional features for the PSMDB engine. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub psmdb: Option, +} + +/// PSMDB represents additional features for the PSMDB engine. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct DatabaseClusterEngineFeaturesPsmdb { + /// SplitHorizonDNSConfigName is the name of a SplitHorizonDNSConfig CR. + /// The SplitHorizonDNSConfig must be created in the same namespace as the DatabaseCluster. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "splitHorizonDnsConfigName")] + pub split_horizon_dns_config_name: Option, +} + /// Monitoring is the monitoring configuration #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct DatabaseClusterMonitoring { @@ -298,7 +318,7 @@ pub struct DatabaseClusterMonitoringResources { /// Claims lists the names of resources, defined in spec.resourceClaims, /// that are used by this container. /// - /// This is an alpha field and requires enabling the + /// This field depends on the /// DynamicResourceAllocation feature gate. /// /// This field is immutable. It can only be set for containers. @@ -444,6 +464,9 @@ pub struct DatabaseClusterStatus { /// Details provides full status of the upstream cluster as a plain text. #[serde(default, skip_serializing_if = "Option::is_none")] pub details: Option, + /// EngineFeaturesStatus represents additional features statuses for the database engine. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "engineFeatures")] + pub engine_features: Option, /// Hostname is the hostname where the cluster can be reached #[serde(default, skip_serializing_if = "Option::is_none")] pub hostname: Option, @@ -475,3 +498,44 @@ pub struct DatabaseClusterStatus { pub status: Option, } +/// EngineFeaturesStatus represents additional features statuses for the database engine. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct DatabaseClusterStatusEngineFeatures { + /// PSMDB represents additional features statuses for the PSMDB engine. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub psmdb: Option, +} + +/// PSMDB represents additional features statuses for the PSMDB engine. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct DatabaseClusterStatusEngineFeaturesPsmdb { + /// SplitHorizon status of SplitHorizon feature. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "splitHorizon")] + pub split_horizon: Option, +} + +/// SplitHorizon status of SplitHorizon feature. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct DatabaseClusterStatusEngineFeaturesPsmdbSplitHorizon { + /// SplitHorizon status of SplitHorizon feature. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub domains: Option>, + /// ConnectionURL is the connection URL using SplitHorizon domains. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub host: Option, +} + +/// SplitHorizonDomain defines SplitHorizon domain status (domain -> IPs mapping). +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct DatabaseClusterStatusEngineFeaturesPsmdbSplitHorizonDomains { + /// Domain is the SplitHorizon domain name. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub domain: Option, + /// PrivateIP is the private IP address for the domain. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "privateIP")] + pub private_ip: Option, + /// PublicIP is the public IP address for the domain. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "publicIP")] + pub public_ip: Option, +} + diff --git a/custom-resources/everest_percona_com/src/v1alpha1/monitoringconfigs.rs b/custom-resources/everest_percona_com/src/v1alpha1/monitoringconfigs.rs index 3f83010c9..2f3575086 100644 --- a/custom-resources/everest_percona_com/src/v1alpha1/monitoringconfigs.rs +++ b/custom-resources/everest_percona_com/src/v1alpha1/monitoringconfigs.rs @@ -60,5 +60,8 @@ pub struct MonitoringConfigStatus { /// LastObservedGeneration is the most recent generation observed for this MonitoringConfig. #[serde(default, skip_serializing_if = "Option::is_none", rename = "lastObservedGeneration")] pub last_observed_generation: Option, + /// PMMServerVersion shows PMM server version + #[serde(default, skip_serializing_if = "Option::is_none", rename = "pmmServerVersion")] + pub pmm_server_version: Option, } diff --git a/custom-resources/external_secrets_io/src/v1/clustersecretstores.rs b/custom-resources/external_secrets_io/src/v1/clustersecretstores.rs index 52ae269d4..98e9b9390 100644 --- a/custom-resources/external_secrets_io/src/v1/clustersecretstores.rs +++ b/custom-resources/external_secrets_io/src/v1/clustersecretstores.rs @@ -1970,6 +1970,9 @@ pub struct ClusterSecretStoreProviderIbmAuthContainerAuth { /// IBMAuthSecretRef contains the secret reference for IBM Cloud API key authentication. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ClusterSecretStoreProviderIbmAuthSecretRef { + /// The IAM endpoint used to obain a token + #[serde(default, skip_serializing_if = "Option::is_none", rename = "iamEndpoint")] + pub iam_endpoint: Option, /// The SecretAccessKey is used for authentication #[serde(default, skip_serializing_if = "Option::is_none", rename = "secretApiKeySecretRef")] pub secret_api_key_secret_ref: Option, @@ -3368,6 +3371,14 @@ pub struct ClusterSecretStoreProviderScalewaySecretKeySecretRef { /// #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ClusterSecretStoreProviderSecretserver { + /// PEM/base64 encoded CA bundle used to validate Secret ServerURL. Only used + /// if the ServerURL URL is using HTTPS protocol. If not set the system root certificates + /// are used to validate the TLS connection. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "caBundle")] + pub ca_bundle: Option, + /// The provider for the CA bundle to use to validate Secret ServerURL certificate. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "caProvider")] + pub ca_provider: Option, /// Domain is the secret server domain. #[serde(default, skip_serializing_if = "Option::is_none")] pub domain: Option, @@ -3381,6 +3392,30 @@ pub struct ClusterSecretStoreProviderSecretserver { pub username: ClusterSecretStoreProviderSecretserverUsername, } +/// The provider for the CA bundle to use to validate Secret ServerURL certificate. +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub struct ClusterSecretStoreProviderSecretserverCaProvider { + /// The key where the CA certificate can be found in the Secret or ConfigMap. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub key: Option, + /// The name of the object located at the provider type. + pub name: String, + /// The namespace the Provider type is in. + /// Can only be defined when used in a ClusterSecretStore. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub namespace: Option, + /// The type of provider to use such as "Secret", or "ConfigMap". + #[serde(rename = "type")] + pub r#type: ClusterSecretStoreProviderSecretserverCaProviderType, +} + +/// The provider for the CA bundle to use to validate Secret ServerURL certificate. +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub enum ClusterSecretStoreProviderSecretserverCaProviderType { + Secret, + ConfigMap, +} + /// Password is the secret server account password. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ClusterSecretStoreProviderSecretserverPassword { @@ -3549,6 +3584,10 @@ pub struct ClusterSecretStoreProviderVaultAuth { /// Cert authentication method #[serde(default, skip_serializing_if = "Option::is_none")] pub cert: Option, + /// Gcp authenticates with Vault using Google Cloud Platform authentication method + /// GCP authentication method + #[serde(default, skip_serializing_if = "Option::is_none")] + pub gcp: Option, /// Iam authenticates with vault by passing a special AWS request signed with AWS IAM credentials /// AWS IAM authentication method #[serde(default, skip_serializing_if = "Option::is_none")] @@ -3695,6 +3734,108 @@ pub struct ClusterSecretStoreProviderVaultAuthCertSecretRef { pub namespace: Option, } +/// Gcp authenticates with Vault using Google Cloud Platform authentication method +/// GCP authentication method +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ClusterSecretStoreProviderVaultAuthGcp { + /// Location optionally defines a location/region for the secret + #[serde(default, skip_serializing_if = "Option::is_none")] + pub location: Option, + /// Path where the GCP auth method is enabled in Vault, e.g: "gcp" + #[serde(default, skip_serializing_if = "Option::is_none")] + pub path: Option, + /// Project ID of the Google Cloud Platform project + #[serde(default, skip_serializing_if = "Option::is_none", rename = "projectID")] + pub project_id: Option, + /// Vault Role. In Vault, a role describes an identity with a set of permissions, groups, or policies you want to attach to a user of the secrets engine. + pub role: String, + /// Specify credentials in a Secret object + #[serde(default, skip_serializing_if = "Option::is_none", rename = "secretRef")] + pub secret_ref: Option, + /// ServiceAccountRef to a service account for impersonation + #[serde(default, skip_serializing_if = "Option::is_none", rename = "serviceAccountRef")] + pub service_account_ref: Option, + /// Specify a service account with Workload Identity + #[serde(default, skip_serializing_if = "Option::is_none", rename = "workloadIdentity")] + pub workload_identity: Option, +} + +/// Specify credentials in a Secret object +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ClusterSecretStoreProviderVaultAuthGcpSecretRef { + /// The SecretAccessKey is used for authentication + #[serde(default, skip_serializing_if = "Option::is_none", rename = "secretAccessKeySecretRef")] + pub secret_access_key_secret_ref: Option, +} + +/// The SecretAccessKey is used for authentication +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ClusterSecretStoreProviderVaultAuthGcpSecretRefSecretAccessKeySecretRef { + /// A key in the referenced Secret. + /// Some instances of this field may be defaulted, in others it may be required. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub key: Option, + /// The name of the Secret resource being referred to. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, + /// The namespace of the Secret resource being referred to. + /// Ignored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub namespace: Option, +} + +/// ServiceAccountRef to a service account for impersonation +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ClusterSecretStoreProviderVaultAuthGcpServiceAccountRef { + /// Audience specifies the `aud` claim for the service account token + /// If the service account uses a well-known annotation for e.g. IRSA or GCP Workload Identity + /// then this audiences will be appended to the list + #[serde(default, skip_serializing_if = "Option::is_none")] + pub audiences: Option>, + /// The name of the ServiceAccount resource being referred to. + pub name: String, + /// Namespace of the resource being referred to. + /// Ignored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub namespace: Option, +} + +/// Specify a service account with Workload Identity +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ClusterSecretStoreProviderVaultAuthGcpWorkloadIdentity { + /// ClusterLocation is the location of the cluster + /// If not specified, it fetches information from the metadata server + #[serde(default, skip_serializing_if = "Option::is_none", rename = "clusterLocation")] + pub cluster_location: Option, + /// ClusterName is the name of the cluster + /// If not specified, it fetches information from the metadata server + #[serde(default, skip_serializing_if = "Option::is_none", rename = "clusterName")] + pub cluster_name: Option, + /// ClusterProjectID is the project ID of the cluster + /// If not specified, it fetches information from the metadata server + #[serde(default, skip_serializing_if = "Option::is_none", rename = "clusterProjectID")] + pub cluster_project_id: Option, + /// ServiceAccountSelector is a reference to a ServiceAccount resource. + #[serde(rename = "serviceAccountRef")] + pub service_account_ref: ClusterSecretStoreProviderVaultAuthGcpWorkloadIdentityServiceAccountRef, +} + +/// ServiceAccountSelector is a reference to a ServiceAccount resource. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ClusterSecretStoreProviderVaultAuthGcpWorkloadIdentityServiceAccountRef { + /// Audience specifies the `aud` claim for the service account token + /// If the service account uses a well-known annotation for e.g. IRSA or GCP Workload Identity + /// then this audiences will be appended to the list + #[serde(default, skip_serializing_if = "Option::is_none")] + pub audiences: Option>, + /// The name of the ServiceAccount resource being referred to. + pub name: String, + /// Namespace of the resource being referred to. + /// Ignored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub namespace: Option, +} + /// Iam authenticates with vault by passing a special AWS request signed with AWS IAM credentials /// AWS IAM authentication method #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] diff --git a/custom-resources/external_secrets_io/src/v1/secretstores.rs b/custom-resources/external_secrets_io/src/v1/secretstores.rs index 4e5ffcf71..063836804 100644 --- a/custom-resources/external_secrets_io/src/v1/secretstores.rs +++ b/custom-resources/external_secrets_io/src/v1/secretstores.rs @@ -1971,6 +1971,9 @@ pub struct SecretStoreProviderIbmAuthContainerAuth { /// IBMAuthSecretRef contains the secret reference for IBM Cloud API key authentication. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SecretStoreProviderIbmAuthSecretRef { + /// The IAM endpoint used to obain a token + #[serde(default, skip_serializing_if = "Option::is_none", rename = "iamEndpoint")] + pub iam_endpoint: Option, /// The SecretAccessKey is used for authentication #[serde(default, skip_serializing_if = "Option::is_none", rename = "secretApiKeySecretRef")] pub secret_api_key_secret_ref: Option, @@ -3369,6 +3372,14 @@ pub struct SecretStoreProviderScalewaySecretKeySecretRef { /// #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SecretStoreProviderSecretserver { + /// PEM/base64 encoded CA bundle used to validate Secret ServerURL. Only used + /// if the ServerURL URL is using HTTPS protocol. If not set the system root certificates + /// are used to validate the TLS connection. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "caBundle")] + pub ca_bundle: Option, + /// The provider for the CA bundle to use to validate Secret ServerURL certificate. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "caProvider")] + pub ca_provider: Option, /// Domain is the secret server domain. #[serde(default, skip_serializing_if = "Option::is_none")] pub domain: Option, @@ -3382,6 +3393,30 @@ pub struct SecretStoreProviderSecretserver { pub username: SecretStoreProviderSecretserverUsername, } +/// The provider for the CA bundle to use to validate Secret ServerURL certificate. +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub struct SecretStoreProviderSecretserverCaProvider { + /// The key where the CA certificate can be found in the Secret or ConfigMap. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub key: Option, + /// The name of the object located at the provider type. + pub name: String, + /// The namespace the Provider type is in. + /// Can only be defined when used in a ClusterSecretStore. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub namespace: Option, + /// The type of provider to use such as "Secret", or "ConfigMap". + #[serde(rename = "type")] + pub r#type: SecretStoreProviderSecretserverCaProviderType, +} + +/// The provider for the CA bundle to use to validate Secret ServerURL certificate. +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub enum SecretStoreProviderSecretserverCaProviderType { + Secret, + ConfigMap, +} + /// Password is the secret server account password. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SecretStoreProviderSecretserverPassword { @@ -3550,6 +3585,10 @@ pub struct SecretStoreProviderVaultAuth { /// Cert authentication method #[serde(default, skip_serializing_if = "Option::is_none")] pub cert: Option, + /// Gcp authenticates with Vault using Google Cloud Platform authentication method + /// GCP authentication method + #[serde(default, skip_serializing_if = "Option::is_none")] + pub gcp: Option, /// Iam authenticates with vault by passing a special AWS request signed with AWS IAM credentials /// AWS IAM authentication method #[serde(default, skip_serializing_if = "Option::is_none")] @@ -3696,6 +3735,108 @@ pub struct SecretStoreProviderVaultAuthCertSecretRef { pub namespace: Option, } +/// Gcp authenticates with Vault using Google Cloud Platform authentication method +/// GCP authentication method +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct SecretStoreProviderVaultAuthGcp { + /// Location optionally defines a location/region for the secret + #[serde(default, skip_serializing_if = "Option::is_none")] + pub location: Option, + /// Path where the GCP auth method is enabled in Vault, e.g: "gcp" + #[serde(default, skip_serializing_if = "Option::is_none")] + pub path: Option, + /// Project ID of the Google Cloud Platform project + #[serde(default, skip_serializing_if = "Option::is_none", rename = "projectID")] + pub project_id: Option, + /// Vault Role. In Vault, a role describes an identity with a set of permissions, groups, or policies you want to attach to a user of the secrets engine. + pub role: String, + /// Specify credentials in a Secret object + #[serde(default, skip_serializing_if = "Option::is_none", rename = "secretRef")] + pub secret_ref: Option, + /// ServiceAccountRef to a service account for impersonation + #[serde(default, skip_serializing_if = "Option::is_none", rename = "serviceAccountRef")] + pub service_account_ref: Option, + /// Specify a service account with Workload Identity + #[serde(default, skip_serializing_if = "Option::is_none", rename = "workloadIdentity")] + pub workload_identity: Option, +} + +/// Specify credentials in a Secret object +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct SecretStoreProviderVaultAuthGcpSecretRef { + /// The SecretAccessKey is used for authentication + #[serde(default, skip_serializing_if = "Option::is_none", rename = "secretAccessKeySecretRef")] + pub secret_access_key_secret_ref: Option, +} + +/// The SecretAccessKey is used for authentication +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct SecretStoreProviderVaultAuthGcpSecretRefSecretAccessKeySecretRef { + /// A key in the referenced Secret. + /// Some instances of this field may be defaulted, in others it may be required. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub key: Option, + /// The name of the Secret resource being referred to. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, + /// The namespace of the Secret resource being referred to. + /// Ignored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub namespace: Option, +} + +/// ServiceAccountRef to a service account for impersonation +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct SecretStoreProviderVaultAuthGcpServiceAccountRef { + /// Audience specifies the `aud` claim for the service account token + /// If the service account uses a well-known annotation for e.g. IRSA or GCP Workload Identity + /// then this audiences will be appended to the list + #[serde(default, skip_serializing_if = "Option::is_none")] + pub audiences: Option>, + /// The name of the ServiceAccount resource being referred to. + pub name: String, + /// Namespace of the resource being referred to. + /// Ignored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub namespace: Option, +} + +/// Specify a service account with Workload Identity +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct SecretStoreProviderVaultAuthGcpWorkloadIdentity { + /// ClusterLocation is the location of the cluster + /// If not specified, it fetches information from the metadata server + #[serde(default, skip_serializing_if = "Option::is_none", rename = "clusterLocation")] + pub cluster_location: Option, + /// ClusterName is the name of the cluster + /// If not specified, it fetches information from the metadata server + #[serde(default, skip_serializing_if = "Option::is_none", rename = "clusterName")] + pub cluster_name: Option, + /// ClusterProjectID is the project ID of the cluster + /// If not specified, it fetches information from the metadata server + #[serde(default, skip_serializing_if = "Option::is_none", rename = "clusterProjectID")] + pub cluster_project_id: Option, + /// ServiceAccountSelector is a reference to a ServiceAccount resource. + #[serde(rename = "serviceAccountRef")] + pub service_account_ref: SecretStoreProviderVaultAuthGcpWorkloadIdentityServiceAccountRef, +} + +/// ServiceAccountSelector is a reference to a ServiceAccount resource. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct SecretStoreProviderVaultAuthGcpWorkloadIdentityServiceAccountRef { + /// Audience specifies the `aud` claim for the service account token + /// If the service account uses a well-known annotation for e.g. IRSA or GCP Workload Identity + /// then this audiences will be appended to the list + #[serde(default, skip_serializing_if = "Option::is_none")] + pub audiences: Option>, + /// The name of the ServiceAccount resource being referred to. + pub name: String, + /// Namespace of the resource being referred to. + /// Ignored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub namespace: Option, +} + /// Iam authenticates with vault by passing a special AWS request signed with AWS IAM credentials /// AWS IAM authentication method #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] diff --git a/custom-resources/externaldata_gatekeeper_sh/src/v1alpha1/providers.rs b/custom-resources/externaldata_gatekeeper_sh/src/v1alpha1/providers.rs index cc43d9393..dad0de350 100644 --- a/custom-resources/externaldata_gatekeeper_sh/src/v1alpha1/providers.rs +++ b/custom-resources/externaldata_gatekeeper_sh/src/v1alpha1/providers.rs @@ -12,6 +12,7 @@ use self::prelude::*; /// Spec defines the Provider specifications. #[derive(CustomResource, Serialize, Deserialize, Clone, Debug, Default, PartialEq)] #[kube(group = "externaldata.gatekeeper.sh", version = "v1alpha1", kind = "Provider", plural = "providers")] +#[kube(status = "ProviderStatus")] #[kube(schema = "disabled")] #[kube(derive="Default")] #[kube(derive="PartialEq")] @@ -28,3 +29,49 @@ pub struct ProviderSpec { pub url: Option, } +/// ProviderStatus defines the observed state of Provider. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ProviderStatus { + /// ByPod is the status of the provider by pod + #[serde(default, skip_serializing_if = "Option::is_none", rename = "byPod")] + pub by_pod: Option>, +} + +/// ProviderPodStatusStatus defines the observed state of ProviderPodStatus. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ProviderStatusByPod { + #[serde(default, skip_serializing_if = "Option::is_none")] + pub active: Option, + #[serde(default, skip_serializing_if = "Option::is_none")] + pub errors: Option>, + #[serde(default, skip_serializing_if = "Option::is_none")] + pub id: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "lastCacheUpdateTime")] + pub last_cache_update_time: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "lastTransitionTime")] + pub last_transition_time: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "observedGeneration")] + pub observed_generation: Option, + #[serde(default, skip_serializing_if = "Option::is_none")] + pub operations: Option>, + /// Storing the provider UID allows us to detect drift, such as + /// when a provider has been recreated after its CRD was deleted + /// out from under it, interrupting the watch + #[serde(default, skip_serializing_if = "Option::is_none", rename = "providerUID")] + pub provider_uid: Option, +} + +/// ProviderError represents a single error caught while managing providers. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ProviderStatusByPodErrors { + #[serde(default, skip_serializing_if = "Option::is_none", rename = "errorTimestamp")] + pub error_timestamp: Option, + pub message: String, + #[serde(default, skip_serializing_if = "Option::is_none")] + pub retryable: Option, + /// Type indicates a specific class of error for use by controller code. + /// If not present, the error should be treated as not matching any known type. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "type")] + pub r#type: Option, +} + diff --git a/custom-resources/externaldata_gatekeeper_sh/src/v1beta1/providers.rs b/custom-resources/externaldata_gatekeeper_sh/src/v1beta1/providers.rs index c36a7afb9..2666d1bab 100644 --- a/custom-resources/externaldata_gatekeeper_sh/src/v1beta1/providers.rs +++ b/custom-resources/externaldata_gatekeeper_sh/src/v1beta1/providers.rs @@ -12,6 +12,7 @@ use self::prelude::*; /// Spec defines the Provider specifications. #[derive(CustomResource, Serialize, Deserialize, Clone, Debug, Default, PartialEq)] #[kube(group = "externaldata.gatekeeper.sh", version = "v1beta1", kind = "Provider", plural = "providers")] +#[kube(status = "ProviderStatus")] #[kube(schema = "disabled")] #[kube(derive="Default")] #[kube(derive="PartialEq")] @@ -28,3 +29,49 @@ pub struct ProviderSpec { pub url: Option, } +/// ProviderStatus defines the observed state of Provider. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ProviderStatus { + /// ByPod is the status of the provider by pod + #[serde(default, skip_serializing_if = "Option::is_none", rename = "byPod")] + pub by_pod: Option>, +} + +/// ProviderPodStatusStatus defines the observed state of ProviderPodStatus. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ProviderStatusByPod { + #[serde(default, skip_serializing_if = "Option::is_none")] + pub active: Option, + #[serde(default, skip_serializing_if = "Option::is_none")] + pub errors: Option>, + #[serde(default, skip_serializing_if = "Option::is_none")] + pub id: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "lastCacheUpdateTime")] + pub last_cache_update_time: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "lastTransitionTime")] + pub last_transition_time: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "observedGeneration")] + pub observed_generation: Option, + #[serde(default, skip_serializing_if = "Option::is_none")] + pub operations: Option>, + /// Storing the provider UID allows us to detect drift, such as + /// when a provider has been recreated after its CRD was deleted + /// out from under it, interrupting the watch + #[serde(default, skip_serializing_if = "Option::is_none", rename = "providerUID")] + pub provider_uid: Option, +} + +/// ProviderError represents a single error caught while managing providers. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ProviderStatusByPodErrors { + #[serde(default, skip_serializing_if = "Option::is_none", rename = "errorTimestamp")] + pub error_timestamp: Option, + pub message: String, + #[serde(default, skip_serializing_if = "Option::is_none")] + pub retryable: Option, + /// Type indicates a specific class of error for use by controller code. + /// If not present, the error should be treated as not matching any known type. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "type")] + pub r#type: Option, +} + diff --git a/custom-resources/flow_volcano_sh/src/v1alpha1/jobflows.rs b/custom-resources/flow_volcano_sh/src/v1alpha1/jobflows.rs index cbf1cc102..5dc0eecf2 100644 --- a/custom-resources/flow_volcano_sh/src/v1alpha1/jobflows.rs +++ b/custom-resources/flow_volcano_sh/src/v1alpha1/jobflows.rs @@ -125,6 +125,8 @@ pub struct JobFlowFlowsPatchJobSpec { pub struct JobFlowFlowsPatchJobSpecNetworkTopology { #[serde(default, skip_serializing_if = "Option::is_none", rename = "highestTierAllowed")] pub highest_tier_allowed: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "highestTierName")] + pub highest_tier_name: Option, #[serde(default, skip_serializing_if = "Option::is_none")] pub mode: Option, } @@ -177,6 +179,8 @@ pub struct JobFlowFlowsPatchJobSpecTasks { pub min_available: Option, #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "partitionPolicy")] + pub partition_policy: Option, #[serde(default, skip_serializing_if = "Option::is_none")] pub policies: Option>, #[serde(default, skip_serializing_if = "Option::is_none")] @@ -195,6 +199,36 @@ pub struct JobFlowFlowsPatchJobSpecTasksDependsOn { pub name: Option>, } +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct JobFlowFlowsPatchJobSpecTasksPartitionPolicy { + #[serde(default, skip_serializing_if = "Option::is_none", rename = "minPartitions")] + pub min_partitions: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "networkTopology")] + pub network_topology: Option, + #[serde(rename = "partitionSize")] + pub partition_size: i32, + #[serde(rename = "totalPartitions")] + pub total_partitions: i32, +} + +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct JobFlowFlowsPatchJobSpecTasksPartitionPolicyNetworkTopology { + #[serde(default, skip_serializing_if = "Option::is_none", rename = "highestTierAllowed")] + pub highest_tier_allowed: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "highestTierName")] + pub highest_tier_name: Option, + #[serde(default, skip_serializing_if = "Option::is_none")] + pub mode: Option, +} + +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub enum JobFlowFlowsPatchJobSpecTasksPartitionPolicyNetworkTopologyMode { + #[serde(rename = "hard")] + Hard, + #[serde(rename = "soft")] + Soft, +} + #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct JobFlowFlowsPatchJobSpecTasksPolicies { #[serde(default, skip_serializing_if = "Option::is_none")] diff --git a/custom-resources/flow_volcano_sh/src/v1alpha1/jobtemplates.rs b/custom-resources/flow_volcano_sh/src/v1alpha1/jobtemplates.rs index 946997786..514c45320 100644 --- a/custom-resources/flow_volcano_sh/src/v1alpha1/jobtemplates.rs +++ b/custom-resources/flow_volcano_sh/src/v1alpha1/jobtemplates.rs @@ -51,6 +51,8 @@ pub struct JobTemplateSpec { pub struct JobTemplateNetworkTopology { #[serde(default, skip_serializing_if = "Option::is_none", rename = "highestTierAllowed")] pub highest_tier_allowed: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "highestTierName")] + pub highest_tier_name: Option, #[serde(default, skip_serializing_if = "Option::is_none")] pub mode: Option, } @@ -103,6 +105,8 @@ pub struct JobTemplateTasks { pub min_available: Option, #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "partitionPolicy")] + pub partition_policy: Option, #[serde(default, skip_serializing_if = "Option::is_none")] pub policies: Option>, #[serde(default, skip_serializing_if = "Option::is_none")] @@ -121,6 +125,36 @@ pub struct JobTemplateTasksDependsOn { pub name: Option>, } +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct JobTemplateTasksPartitionPolicy { + #[serde(default, skip_serializing_if = "Option::is_none", rename = "minPartitions")] + pub min_partitions: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "networkTopology")] + pub network_topology: Option, + #[serde(rename = "partitionSize")] + pub partition_size: i32, + #[serde(rename = "totalPartitions")] + pub total_partitions: i32, +} + +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct JobTemplateTasksPartitionPolicyNetworkTopology { + #[serde(default, skip_serializing_if = "Option::is_none", rename = "highestTierAllowed")] + pub highest_tier_allowed: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "highestTierName")] + pub highest_tier_name: Option, + #[serde(default, skip_serializing_if = "Option::is_none")] + pub mode: Option, +} + +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub enum JobTemplateTasksPartitionPolicyNetworkTopologyMode { + #[serde(rename = "hard")] + Hard, + #[serde(rename = "soft")] + Soft, +} + #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct JobTemplateTasksPolicies { #[serde(default, skip_serializing_if = "Option::is_none")] diff --git a/custom-resources/flows_netobserv_io/src/v1beta2/flowcollectors.rs b/custom-resources/flows_netobserv_io/src/v1beta2/flowcollectors.rs index 7fa3759a2..5d82434b7 100644 --- a/custom-resources/flows_netobserv_io/src/v1beta2/flowcollectors.rs +++ b/custom-resources/flows_netobserv_io/src/v1beta2/flowcollectors.rs @@ -32,7 +32,7 @@ pub struct FlowCollectorSpec { #[serde(default, skip_serializing_if = "Option::is_none", rename = "consolePlugin")] pub console_plugin: Option, /// `deploymentModel` defines the desired type of deployment for flow processing. Possible values are:
- /// - `Direct` (default) to make the flow processor listen directly from the agents using the host network, backed by a DaemonSet.
+ /// - `Direct` (default) to make the flow processor listen directly from the agents using the host network, backed by a DaemonSet. Only recommended on small clusters, below 15 nodes.
/// - `Service` to make the flow processor listen as a Kubernetes Service, backed by a scalable Deployment.
/// - `Kafka` to make flows sent to a Kafka pipeline before consumption by the processor.
/// Kafka can provide better scalability, resiliency, and high availability (for more details, see > @@ -3570,8 +3570,9 @@ pub struct FlowCollectorNetworkPolicy { #[serde(default, skip_serializing_if = "Option::is_none", rename = "additionalNamespaces")] pub additional_namespaces: Option>, /// Deploys network policies on the namespaces used by NetObserv (main and privileged). - /// These network policies better isolate the NetObserv components to prevent undesired connections to them. - /// This option is enabled by default, disable it to manually manage network policies + /// These network policies better isolate the NetObserv components to prevent undesired connections from and to them. + /// This option is enabled by default when using with OVNKubernetes, and disabled otherwise (it has not been tested with other CNIs). + /// When disabled, you can create manually the network policies for the NetObserv components. #[serde(default, skip_serializing_if = "Option::is_none")] pub enable: Option, } diff --git a/custom-resources/generators_external_secrets_io/src/v1alpha1/clustergenerators.rs b/custom-resources/generators_external_secrets_io/src/v1alpha1/clustergenerators.rs index 75c535561..b004ff6e5 100644 --- a/custom-resources/generators_external_secrets_io/src/v1alpha1/clustergenerators.rs +++ b/custom-resources/generators_external_secrets_io/src/v1alpha1/clustergenerators.rs @@ -1078,6 +1078,10 @@ pub struct ClusterGeneratorGeneratorVaultDynamicSecretSpecProviderAuth { /// Cert authentication method #[serde(default, skip_serializing_if = "Option::is_none")] pub cert: Option, + /// Gcp authenticates with Vault using Google Cloud Platform authentication method + /// GCP authentication method + #[serde(default, skip_serializing_if = "Option::is_none")] + pub gcp: Option, /// Iam authenticates with vault by passing a special AWS request signed with AWS IAM credentials /// AWS IAM authentication method #[serde(default, skip_serializing_if = "Option::is_none")] @@ -1224,6 +1228,108 @@ pub struct ClusterGeneratorGeneratorVaultDynamicSecretSpecProviderAuthCertSecret pub namespace: Option, } +/// Gcp authenticates with Vault using Google Cloud Platform authentication method +/// GCP authentication method +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ClusterGeneratorGeneratorVaultDynamicSecretSpecProviderAuthGcp { + /// Location optionally defines a location/region for the secret + #[serde(default, skip_serializing_if = "Option::is_none")] + pub location: Option, + /// Path where the GCP auth method is enabled in Vault, e.g: "gcp" + #[serde(default, skip_serializing_if = "Option::is_none")] + pub path: Option, + /// Project ID of the Google Cloud Platform project + #[serde(default, skip_serializing_if = "Option::is_none", rename = "projectID")] + pub project_id: Option, + /// Vault Role. In Vault, a role describes an identity with a set of permissions, groups, or policies you want to attach to a user of the secrets engine. + pub role: String, + /// Specify credentials in a Secret object + #[serde(default, skip_serializing_if = "Option::is_none", rename = "secretRef")] + pub secret_ref: Option, + /// ServiceAccountRef to a service account for impersonation + #[serde(default, skip_serializing_if = "Option::is_none", rename = "serviceAccountRef")] + pub service_account_ref: Option, + /// Specify a service account with Workload Identity + #[serde(default, skip_serializing_if = "Option::is_none", rename = "workloadIdentity")] + pub workload_identity: Option, +} + +/// Specify credentials in a Secret object +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ClusterGeneratorGeneratorVaultDynamicSecretSpecProviderAuthGcpSecretRef { + /// The SecretAccessKey is used for authentication + #[serde(default, skip_serializing_if = "Option::is_none", rename = "secretAccessKeySecretRef")] + pub secret_access_key_secret_ref: Option, +} + +/// The SecretAccessKey is used for authentication +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ClusterGeneratorGeneratorVaultDynamicSecretSpecProviderAuthGcpSecretRefSecretAccessKeySecretRef { + /// A key in the referenced Secret. + /// Some instances of this field may be defaulted, in others it may be required. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub key: Option, + /// The name of the Secret resource being referred to. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, + /// The namespace of the Secret resource being referred to. + /// Ignored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub namespace: Option, +} + +/// ServiceAccountRef to a service account for impersonation +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ClusterGeneratorGeneratorVaultDynamicSecretSpecProviderAuthGcpServiceAccountRef { + /// Audience specifies the `aud` claim for the service account token + /// If the service account uses a well-known annotation for e.g. IRSA or GCP Workload Identity + /// then this audiences will be appended to the list + #[serde(default, skip_serializing_if = "Option::is_none")] + pub audiences: Option>, + /// The name of the ServiceAccount resource being referred to. + pub name: String, + /// Namespace of the resource being referred to. + /// Ignored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub namespace: Option, +} + +/// Specify a service account with Workload Identity +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ClusterGeneratorGeneratorVaultDynamicSecretSpecProviderAuthGcpWorkloadIdentity { + /// ClusterLocation is the location of the cluster + /// If not specified, it fetches information from the metadata server + #[serde(default, skip_serializing_if = "Option::is_none", rename = "clusterLocation")] + pub cluster_location: Option, + /// ClusterName is the name of the cluster + /// If not specified, it fetches information from the metadata server + #[serde(default, skip_serializing_if = "Option::is_none", rename = "clusterName")] + pub cluster_name: Option, + /// ClusterProjectID is the project ID of the cluster + /// If not specified, it fetches information from the metadata server + #[serde(default, skip_serializing_if = "Option::is_none", rename = "clusterProjectID")] + pub cluster_project_id: Option, + /// ServiceAccountSelector is a reference to a ServiceAccount resource. + #[serde(rename = "serviceAccountRef")] + pub service_account_ref: ClusterGeneratorGeneratorVaultDynamicSecretSpecProviderAuthGcpWorkloadIdentityServiceAccountRef, +} + +/// ServiceAccountSelector is a reference to a ServiceAccount resource. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ClusterGeneratorGeneratorVaultDynamicSecretSpecProviderAuthGcpWorkloadIdentityServiceAccountRef { + /// Audience specifies the `aud` claim for the service account token + /// If the service account uses a well-known annotation for e.g. IRSA or GCP Workload Identity + /// then this audiences will be appended to the list + #[serde(default, skip_serializing_if = "Option::is_none")] + pub audiences: Option>, + /// The name of the ServiceAccount resource being referred to. + pub name: String, + /// Namespace of the resource being referred to. + /// Ignored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub namespace: Option, +} + /// Iam authenticates with vault by passing a special AWS request signed with AWS IAM credentials /// AWS IAM authentication method #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] diff --git a/custom-resources/generators_external_secrets_io/src/v1alpha1/vaultdynamicsecrets.rs b/custom-resources/generators_external_secrets_io/src/v1alpha1/vaultdynamicsecrets.rs index 18620face..d37d64c13 100644 --- a/custom-resources/generators_external_secrets_io/src/v1alpha1/vaultdynamicsecrets.rs +++ b/custom-resources/generators_external_secrets_io/src/v1alpha1/vaultdynamicsecrets.rs @@ -120,6 +120,10 @@ pub struct VaultDynamicSecretProviderAuth { /// Cert authentication method #[serde(default, skip_serializing_if = "Option::is_none")] pub cert: Option, + /// Gcp authenticates with Vault using Google Cloud Platform authentication method + /// GCP authentication method + #[serde(default, skip_serializing_if = "Option::is_none")] + pub gcp: Option, /// Iam authenticates with vault by passing a special AWS request signed with AWS IAM credentials /// AWS IAM authentication method #[serde(default, skip_serializing_if = "Option::is_none")] @@ -266,6 +270,108 @@ pub struct VaultDynamicSecretProviderAuthCertSecretRef { pub namespace: Option, } +/// Gcp authenticates with Vault using Google Cloud Platform authentication method +/// GCP authentication method +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct VaultDynamicSecretProviderAuthGcp { + /// Location optionally defines a location/region for the secret + #[serde(default, skip_serializing_if = "Option::is_none")] + pub location: Option, + /// Path where the GCP auth method is enabled in Vault, e.g: "gcp" + #[serde(default, skip_serializing_if = "Option::is_none")] + pub path: Option, + /// Project ID of the Google Cloud Platform project + #[serde(default, skip_serializing_if = "Option::is_none", rename = "projectID")] + pub project_id: Option, + /// Vault Role. In Vault, a role describes an identity with a set of permissions, groups, or policies you want to attach to a user of the secrets engine. + pub role: String, + /// Specify credentials in a Secret object + #[serde(default, skip_serializing_if = "Option::is_none", rename = "secretRef")] + pub secret_ref: Option, + /// ServiceAccountRef to a service account for impersonation + #[serde(default, skip_serializing_if = "Option::is_none", rename = "serviceAccountRef")] + pub service_account_ref: Option, + /// Specify a service account with Workload Identity + #[serde(default, skip_serializing_if = "Option::is_none", rename = "workloadIdentity")] + pub workload_identity: Option, +} + +/// Specify credentials in a Secret object +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct VaultDynamicSecretProviderAuthGcpSecretRef { + /// The SecretAccessKey is used for authentication + #[serde(default, skip_serializing_if = "Option::is_none", rename = "secretAccessKeySecretRef")] + pub secret_access_key_secret_ref: Option, +} + +/// The SecretAccessKey is used for authentication +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct VaultDynamicSecretProviderAuthGcpSecretRefSecretAccessKeySecretRef { + /// A key in the referenced Secret. + /// Some instances of this field may be defaulted, in others it may be required. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub key: Option, + /// The name of the Secret resource being referred to. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, + /// The namespace of the Secret resource being referred to. + /// Ignored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub namespace: Option, +} + +/// ServiceAccountRef to a service account for impersonation +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct VaultDynamicSecretProviderAuthGcpServiceAccountRef { + /// Audience specifies the `aud` claim for the service account token + /// If the service account uses a well-known annotation for e.g. IRSA or GCP Workload Identity + /// then this audiences will be appended to the list + #[serde(default, skip_serializing_if = "Option::is_none")] + pub audiences: Option>, + /// The name of the ServiceAccount resource being referred to. + pub name: String, + /// Namespace of the resource being referred to. + /// Ignored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub namespace: Option, +} + +/// Specify a service account with Workload Identity +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct VaultDynamicSecretProviderAuthGcpWorkloadIdentity { + /// ClusterLocation is the location of the cluster + /// If not specified, it fetches information from the metadata server + #[serde(default, skip_serializing_if = "Option::is_none", rename = "clusterLocation")] + pub cluster_location: Option, + /// ClusterName is the name of the cluster + /// If not specified, it fetches information from the metadata server + #[serde(default, skip_serializing_if = "Option::is_none", rename = "clusterName")] + pub cluster_name: Option, + /// ClusterProjectID is the project ID of the cluster + /// If not specified, it fetches information from the metadata server + #[serde(default, skip_serializing_if = "Option::is_none", rename = "clusterProjectID")] + pub cluster_project_id: Option, + /// ServiceAccountSelector is a reference to a ServiceAccount resource. + #[serde(rename = "serviceAccountRef")] + pub service_account_ref: VaultDynamicSecretProviderAuthGcpWorkloadIdentityServiceAccountRef, +} + +/// ServiceAccountSelector is a reference to a ServiceAccount resource. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct VaultDynamicSecretProviderAuthGcpWorkloadIdentityServiceAccountRef { + /// Audience specifies the `aud` claim for the service account token + /// If the service account uses a well-known annotation for e.g. IRSA or GCP Workload Identity + /// then this audiences will be appended to the list + #[serde(default, skip_serializing_if = "Option::is_none")] + pub audiences: Option>, + /// The name of the ServiceAccount resource being referred to. + pub name: String, + /// Namespace of the resource being referred to. + /// Ignored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub namespace: Option, +} + /// Iam authenticates with vault by passing a special AWS request signed with AWS IAM credentials /// AWS IAM authentication method #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] diff --git a/custom-resources/grafana_integreatly_org/src/v1beta1/grafanas.rs b/custom-resources/grafana_integreatly_org/src/v1beta1/grafanas.rs index 1a9938836..9ce9b4e05 100644 --- a/custom-resources/grafana_integreatly_org/src/v1beta1/grafanas.rs +++ b/custom-resources/grafana_integreatly_org/src/v1beta1/grafanas.rs @@ -2,4398 +2,3 @@ // kopium command: kopium --docs --derive=Default --derive=PartialEq --smart-derive-elision --filename crd-catalog/grafana/grafana-operator/grafana.integreatly.org/v1beta1/grafanas.yaml // kopium version: 0.22.5 -#[allow(unused_imports)] -mod prelude { - pub use kube::CustomResource; - pub use serde::{Serialize, Deserialize}; - pub use std::collections::BTreeMap; - pub use k8s_openapi::apimachinery::pkg::util::intstr::IntOrString; - pub use k8s_openapi::apimachinery::pkg::apis::meta::v1::Condition; - pub use k8s_openapi::api::core::v1::ObjectReference; -} -use self::prelude::*; - -/// GrafanaSpec defines the desired state of Grafana -#[derive(CustomResource, Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -#[kube(group = "grafana.integreatly.org", version = "v1beta1", kind = "Grafana", plural = "grafanas")] -#[kube(namespaced)] -#[kube(status = "GrafanaStatus")] -#[kube(schema = "disabled")] -#[kube(derive="Default")] -#[kube(derive="PartialEq")] -pub struct GrafanaSpec { - /// Client defines how the grafana-operator talks to the grafana instance. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub client: Option, - /// Config defines how your grafana ini file should looks like. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub config: Option>>, - /// Deployment sets how the deployment object should look like with your grafana instance, contains a number of defaults. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub deployment: Option, - /// DisableDefaultAdminSecret prevents operator from creating default admin-credentials secret - #[serde(default, skip_serializing_if = "Option::is_none", rename = "disableDefaultAdminSecret")] - pub disable_default_admin_secret: Option, - /// DisableDefaultSecurityContext prevents the operator from populating securityContext on deployments - #[serde(default, skip_serializing_if = "Option::is_none", rename = "disableDefaultSecurityContext")] - pub disable_default_security_context: Option, - /// External enables you to configure external grafana instances that is not managed by the operator. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub external: Option, - /// Ingress sets how the ingress object should look like with your grafana instance. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub ingress: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub jsonnet: Option, - /// PersistentVolumeClaim creates a PVC if you need to attach one to your grafana instance. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "persistentVolumeClaim")] - pub persistent_volume_claim: Option, - /// Preferences holds the Grafana Preferences settings - #[serde(default, skip_serializing_if = "Option::is_none")] - pub preferences: Option, - /// Route sets how the ingress object should look like with your grafana instance, this only works in Openshift. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub route: Option, - /// Service sets how the service object should look like with your grafana instance, contains a number of defaults. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub service: Option, - /// ServiceAccount sets how the ServiceAccount object should look like with your grafana instance, contains a number of defaults. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "serviceAccount")] - pub service_account: Option, - /// Suspend pauses reconciliation of owned resources like deployments, Services, Etc. upon changes - #[serde(default, skip_serializing_if = "Option::is_none")] - pub suspend: Option, - /// Version sets the tag of the default image: docker.io/grafana/grafana. - /// Allows full image refs with/without sha256checksum: "registry/repo/image:tag@sha" - /// default: 12.2.1 - #[serde(default, skip_serializing_if = "Option::is_none")] - pub version: Option, -} - -/// Client defines how the grafana-operator talks to the grafana instance. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct GrafanaClient { - /// Custom HTTP headers to use when interacting with this Grafana. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub headers: Option>, - /// If the operator should send it's request through the grafana instances ingress object instead of through the service. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "preferIngress")] - pub prefer_ingress: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub timeout: Option, - /// TLS Configuration used to talk with the grafana instance. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub tls: Option, - /// Use Kubernetes Serviceaccount as authentication - /// Requires configuring [auth.jwt] in the instance - #[serde(default, skip_serializing_if = "Option::is_none", rename = "useKubeAuth")] - pub use_kube_auth: Option, -} - -/// TLS Configuration used to talk with the grafana instance. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct GrafanaClientTls { - /// Use a secret as a reference to give TLS Certificate information - #[serde(default, skip_serializing_if = "Option::is_none", rename = "certSecretRef")] - pub cert_secret_ref: Option, - /// Disable the CA check of the server - #[serde(default, skip_serializing_if = "Option::is_none", rename = "insecureSkipVerify")] - pub insecure_skip_verify: Option, -} - -/// Use a secret as a reference to give TLS Certificate information -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct GrafanaClientTlsCertSecretRef { - /// name is unique within a namespace to reference a secret resource. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub name: Option, - /// namespace defines the space within which the secret name must be unique. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub namespace: Option, -} - -/// Deployment sets how the deployment object should look like with your grafana instance, contains a number of defaults. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct GrafanaDeployment { - #[serde(default, skip_serializing_if = "Option::is_none")] - pub metadata: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub spec: Option, -} - -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct GrafanaDeploymentMetadata { - #[serde(default, skip_serializing_if = "Option::is_none")] - pub annotations: Option>, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub labels: Option>, -} - -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct GrafanaDeploymentSpec { - #[serde(default, skip_serializing_if = "Option::is_none", rename = "minReadySeconds")] - pub min_ready_seconds: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub paused: Option, - #[serde(default, skip_serializing_if = "Option::is_none", rename = "progressDeadlineSeconds")] - pub progress_deadline_seconds: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub replicas: Option, - #[serde(default, skip_serializing_if = "Option::is_none", rename = "revisionHistoryLimit")] - pub revision_history_limit: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub selector: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub strategy: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub template: Option, -} - -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct GrafanaDeploymentSpecSelector { - #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] - pub match_expressions: Option>, - #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] - pub match_labels: Option>, -} - -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct GrafanaDeploymentSpecSelectorMatchExpressions { - pub key: String, - pub operator: String, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub values: Option>, -} - -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct GrafanaDeploymentSpecStrategy { - #[serde(default, skip_serializing_if = "Option::is_none", rename = "rollingUpdate")] - pub rolling_update: Option, - #[serde(default, skip_serializing_if = "Option::is_none", rename = "type")] - pub r#type: Option, -} - -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct GrafanaDeploymentSpecStrategyRollingUpdate { - #[serde(default, skip_serializing_if = "Option::is_none", rename = "maxSurge")] - pub max_surge: Option, - #[serde(default, skip_serializing_if = "Option::is_none", rename = "maxUnavailable")] - pub max_unavailable: Option, -} - -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct GrafanaDeploymentSpecTemplate { - #[serde(default, skip_serializing_if = "Option::is_none")] - pub metadata: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub spec: Option, -} - -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct GrafanaDeploymentSpecTemplateMetadata { - #[serde(default, skip_serializing_if = "Option::is_none")] - pub annotations: Option>, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub labels: Option>, -} - -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct GrafanaDeploymentSpecTemplateSpec { - #[serde(default, skip_serializing_if = "Option::is_none", rename = "activeDeadlineSeconds")] - pub active_deadline_seconds: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub affinity: Option, - #[serde(default, skip_serializing_if = "Option::is_none", rename = "automountServiceAccountToken")] - pub automount_service_account_token: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub containers: Option>, - #[serde(default, skip_serializing_if = "Option::is_none", rename = "dnsConfig")] - pub dns_config: Option, - #[serde(default, skip_serializing_if = "Option::is_none", rename = "dnsPolicy")] - pub dns_policy: Option, - #[serde(default, skip_serializing_if = "Option::is_none", rename = "enableServiceLinks")] - pub enable_service_links: Option, - #[serde(default, skip_serializing_if = "Option::is_none", rename = "ephemeralContainers")] - pub ephemeral_containers: Option>, - #[serde(default, skip_serializing_if = "Option::is_none", rename = "hostAliases")] - pub host_aliases: Option>, - #[serde(default, skip_serializing_if = "Option::is_none", rename = "hostIPC")] - pub host_ipc: Option, - #[serde(default, skip_serializing_if = "Option::is_none", rename = "hostNetwork")] - pub host_network: Option, - #[serde(default, skip_serializing_if = "Option::is_none", rename = "hostPID")] - pub host_pid: Option, - #[serde(default, skip_serializing_if = "Option::is_none", rename = "hostUsers")] - pub host_users: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub hostname: Option, - #[serde(default, skip_serializing_if = "Option::is_none", rename = "imagePullSecrets")] - pub image_pull_secrets: Option>, - #[serde(default, skip_serializing_if = "Option::is_none", rename = "initContainers")] - pub init_containers: Option>, - #[serde(default, skip_serializing_if = "Option::is_none", rename = "nodeName")] - pub node_name: Option, - #[serde(default, skip_serializing_if = "Option::is_none", rename = "nodeSelector")] - pub node_selector: Option>, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub os: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub overhead: Option>, - #[serde(default, skip_serializing_if = "Option::is_none", rename = "preemptionPolicy")] - pub preemption_policy: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub priority: Option, - #[serde(default, skip_serializing_if = "Option::is_none", rename = "priorityClassName")] - pub priority_class_name: Option, - #[serde(default, skip_serializing_if = "Option::is_none", rename = "readinessGates")] - pub readiness_gates: Option>, - #[serde(default, skip_serializing_if = "Option::is_none", rename = "restartPolicy")] - pub restart_policy: Option, - #[serde(default, skip_serializing_if = "Option::is_none", rename = "runtimeClassName")] - pub runtime_class_name: Option, - #[serde(default, skip_serializing_if = "Option::is_none", rename = "schedulerName")] - pub scheduler_name: Option, - #[serde(default, skip_serializing_if = "Option::is_none", rename = "securityContext")] - pub security_context: Option, - #[serde(default, skip_serializing_if = "Option::is_none", rename = "serviceAccount")] - pub service_account: Option, - #[serde(default, skip_serializing_if = "Option::is_none", rename = "serviceAccountName")] - pub service_account_name: Option, - #[serde(default, skip_serializing_if = "Option::is_none", rename = "setHostnameAsFQDN")] - pub set_hostname_as_fqdn: Option, - #[serde(default, skip_serializing_if = "Option::is_none", rename = "shareProcessNamespace")] - pub share_process_namespace: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub subdomain: Option, - #[serde(default, skip_serializing_if = "Option::is_none", rename = "terminationGracePeriodSeconds")] - pub termination_grace_period_seconds: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub tolerations: Option>, - #[serde(default, skip_serializing_if = "Option::is_none", rename = "topologySpreadConstraints")] - pub topology_spread_constraints: Option>, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub volumes: Option>, -} - -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct GrafanaDeploymentSpecTemplateSpecAffinity { - #[serde(default, skip_serializing_if = "Option::is_none", rename = "nodeAffinity")] - pub node_affinity: Option, - #[serde(default, skip_serializing_if = "Option::is_none", rename = "podAffinity")] - pub pod_affinity: Option, - #[serde(default, skip_serializing_if = "Option::is_none", rename = "podAntiAffinity")] - pub pod_anti_affinity: Option, -} - -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct GrafanaDeploymentSpecTemplateSpecAffinityNodeAffinity { - #[serde(default, skip_serializing_if = "Option::is_none", rename = "preferredDuringSchedulingIgnoredDuringExecution")] - pub preferred_during_scheduling_ignored_during_execution: Option>, - #[serde(default, skip_serializing_if = "Option::is_none", rename = "requiredDuringSchedulingIgnoredDuringExecution")] - pub required_during_scheduling_ignored_during_execution: Option, -} - -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct GrafanaDeploymentSpecTemplateSpecAffinityNodeAffinityPreferredDuringSchedulingIgnoredDuringExecution { - pub preference: GrafanaDeploymentSpecTemplateSpecAffinityNodeAffinityPreferredDuringSchedulingIgnoredDuringExecutionPreference, - pub weight: i32, -} - -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct GrafanaDeploymentSpecTemplateSpecAffinityNodeAffinityPreferredDuringSchedulingIgnoredDuringExecutionPreference { - #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] - pub match_expressions: Option>, - #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchFields")] - pub match_fields: Option>, -} - -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct GrafanaDeploymentSpecTemplateSpecAffinityNodeAffinityPreferredDuringSchedulingIgnoredDuringExecutionPreferenceMatchExpressions { - pub key: String, - pub operator: String, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub values: Option>, -} - -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct GrafanaDeploymentSpecTemplateSpecAffinityNodeAffinityPreferredDuringSchedulingIgnoredDuringExecutionPreferenceMatchFields { - pub key: String, - pub operator: String, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub values: Option>, -} - -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct GrafanaDeploymentSpecTemplateSpecAffinityNodeAffinityRequiredDuringSchedulingIgnoredDuringExecution { - #[serde(rename = "nodeSelectorTerms")] - pub node_selector_terms: Vec, -} - -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct GrafanaDeploymentSpecTemplateSpecAffinityNodeAffinityRequiredDuringSchedulingIgnoredDuringExecutionNodeSelectorTerms { - #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] - pub match_expressions: Option>, - #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchFields")] - pub match_fields: Option>, -} - -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct GrafanaDeploymentSpecTemplateSpecAffinityNodeAffinityRequiredDuringSchedulingIgnoredDuringExecutionNodeSelectorTermsMatchExpressions { - pub key: String, - pub operator: String, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub values: Option>, -} - -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct GrafanaDeploymentSpecTemplateSpecAffinityNodeAffinityRequiredDuringSchedulingIgnoredDuringExecutionNodeSelectorTermsMatchFields { - pub key: String, - pub operator: String, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub values: Option>, -} - -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct GrafanaDeploymentSpecTemplateSpecAffinityPodAffinity { - #[serde(default, skip_serializing_if = "Option::is_none", rename = "preferredDuringSchedulingIgnoredDuringExecution")] - pub preferred_during_scheduling_ignored_during_execution: Option>, - #[serde(default, skip_serializing_if = "Option::is_none", rename = "requiredDuringSchedulingIgnoredDuringExecution")] - pub required_during_scheduling_ignored_during_execution: Option>, -} - -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct GrafanaDeploymentSpecTemplateSpecAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecution { - #[serde(rename = "podAffinityTerm")] - pub pod_affinity_term: GrafanaDeploymentSpecTemplateSpecAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTerm, - pub weight: i32, -} - -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct GrafanaDeploymentSpecTemplateSpecAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTerm { - #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelector")] - pub label_selector: Option, - #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] - pub match_label_keys: Option>, - #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] - pub mismatch_label_keys: Option>, - #[serde(default, skip_serializing_if = "Option::is_none", rename = "namespaceSelector")] - pub namespace_selector: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub namespaces: Option>, - #[serde(rename = "topologyKey")] - pub topology_key: String, -} - -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct GrafanaDeploymentSpecTemplateSpecAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermLabelSelector { - #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] - pub match_expressions: Option>, - #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] - pub match_labels: Option>, -} - -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct GrafanaDeploymentSpecTemplateSpecAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermLabelSelectorMatchExpressions { - pub key: String, - pub operator: String, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub values: Option>, -} - -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct GrafanaDeploymentSpecTemplateSpecAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermNamespaceSelector { - #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] - pub match_expressions: Option>, - #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] - pub match_labels: Option>, -} - -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct GrafanaDeploymentSpecTemplateSpecAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermNamespaceSelectorMatchExpressions { - pub key: String, - pub operator: String, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub values: Option>, -} - -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct GrafanaDeploymentSpecTemplateSpecAffinityPodAffinityRequiredDuringSchedulingIgnoredDuringExecution { - #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelector")] - pub label_selector: Option, - #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] - pub match_label_keys: Option>, - #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] - pub mismatch_label_keys: Option>, - #[serde(default, skip_serializing_if = "Option::is_none", rename = "namespaceSelector")] - pub namespace_selector: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub namespaces: Option>, - #[serde(rename = "topologyKey")] - pub topology_key: String, -} - -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct GrafanaDeploymentSpecTemplateSpecAffinityPodAffinityRequiredDuringSchedulingIgnoredDuringExecutionLabelSelector { - #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] - pub match_expressions: Option>, - #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] - pub match_labels: Option>, -} - -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct GrafanaDeploymentSpecTemplateSpecAffinityPodAffinityRequiredDuringSchedulingIgnoredDuringExecutionLabelSelectorMatchExpressions { - pub key: String, - pub operator: String, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub values: Option>, -} - -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct GrafanaDeploymentSpecTemplateSpecAffinityPodAffinityRequiredDuringSchedulingIgnoredDuringExecutionNamespaceSelector { - #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] - pub match_expressions: Option>, - #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] - pub match_labels: Option>, -} - -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct GrafanaDeploymentSpecTemplateSpecAffinityPodAffinityRequiredDuringSchedulingIgnoredDuringExecutionNamespaceSelectorMatchExpressions { - pub key: String, - pub operator: String, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub values: Option>, -} - -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct GrafanaDeploymentSpecTemplateSpecAffinityPodAntiAffinity { - #[serde(default, skip_serializing_if = "Option::is_none", rename = "preferredDuringSchedulingIgnoredDuringExecution")] - pub preferred_during_scheduling_ignored_during_execution: Option>, - #[serde(default, skip_serializing_if = "Option::is_none", rename = "requiredDuringSchedulingIgnoredDuringExecution")] - pub required_during_scheduling_ignored_during_execution: Option>, -} - -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct GrafanaDeploymentSpecTemplateSpecAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecution { - #[serde(rename = "podAffinityTerm")] - pub pod_affinity_term: GrafanaDeploymentSpecTemplateSpecAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTerm, - pub weight: i32, -} - -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct GrafanaDeploymentSpecTemplateSpecAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTerm { - #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelector")] - pub label_selector: Option, - #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] - pub match_label_keys: Option>, - #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] - pub mismatch_label_keys: Option>, - #[serde(default, skip_serializing_if = "Option::is_none", rename = "namespaceSelector")] - pub namespace_selector: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub namespaces: Option>, - #[serde(rename = "topologyKey")] - pub topology_key: String, -} - -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct GrafanaDeploymentSpecTemplateSpecAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermLabelSelector { - #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] - pub match_expressions: Option>, - #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] - pub match_labels: Option>, -} - -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct GrafanaDeploymentSpecTemplateSpecAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermLabelSelectorMatchExpressions { - pub key: String, - pub operator: String, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub values: Option>, -} - -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct GrafanaDeploymentSpecTemplateSpecAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermNamespaceSelector { - #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] - pub match_expressions: Option>, - #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] - pub match_labels: Option>, -} - -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct GrafanaDeploymentSpecTemplateSpecAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermNamespaceSelectorMatchExpressions { - pub key: String, - pub operator: String, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub values: Option>, -} - -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct GrafanaDeploymentSpecTemplateSpecAffinityPodAntiAffinityRequiredDuringSchedulingIgnoredDuringExecution { - #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelector")] - pub label_selector: Option, - #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] - pub match_label_keys: Option>, - #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] - pub mismatch_label_keys: Option>, - #[serde(default, skip_serializing_if = "Option::is_none", rename = "namespaceSelector")] - pub namespace_selector: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub namespaces: Option>, - #[serde(rename = "topologyKey")] - pub topology_key: String, -} - -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct GrafanaDeploymentSpecTemplateSpecAffinityPodAntiAffinityRequiredDuringSchedulingIgnoredDuringExecutionLabelSelector { - #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] - pub match_expressions: Option>, - #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] - pub match_labels: Option>, -} - -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct GrafanaDeploymentSpecTemplateSpecAffinityPodAntiAffinityRequiredDuringSchedulingIgnoredDuringExecutionLabelSelectorMatchExpressions { - pub key: String, - pub operator: String, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub values: Option>, -} - -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct GrafanaDeploymentSpecTemplateSpecAffinityPodAntiAffinityRequiredDuringSchedulingIgnoredDuringExecutionNamespaceSelector { - #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] - pub match_expressions: Option>, - #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] - pub match_labels: Option>, -} - -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct GrafanaDeploymentSpecTemplateSpecAffinityPodAntiAffinityRequiredDuringSchedulingIgnoredDuringExecutionNamespaceSelectorMatchExpressions { - pub key: String, - pub operator: String, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub values: Option>, -} - -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct GrafanaDeploymentSpecTemplateSpecContainers { - #[serde(default, skip_serializing_if = "Option::is_none")] - pub args: Option>, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub command: Option>, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub env: Option>, - #[serde(default, skip_serializing_if = "Option::is_none", rename = "envFrom")] - pub env_from: Option>, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub image: Option, - #[serde(default, skip_serializing_if = "Option::is_none", rename = "imagePullPolicy")] - pub image_pull_policy: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub lifecycle: Option, - #[serde(default, skip_serializing_if = "Option::is_none", rename = "livenessProbe")] - pub liveness_probe: Option, - pub name: String, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub ports: Option>, - #[serde(default, skip_serializing_if = "Option::is_none", rename = "readinessProbe")] - pub readiness_probe: Option, - #[serde(default, skip_serializing_if = "Option::is_none", rename = "resizePolicy")] - pub resize_policy: Option>, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub resources: Option, - #[serde(default, skip_serializing_if = "Option::is_none", rename = "restartPolicy")] - pub restart_policy: Option, - #[serde(default, skip_serializing_if = "Option::is_none", rename = "restartPolicyRules")] - pub restart_policy_rules: Option>, - #[serde(default, skip_serializing_if = "Option::is_none", rename = "securityContext")] - pub security_context: Option, - #[serde(default, skip_serializing_if = "Option::is_none", rename = "startupProbe")] - pub startup_probe: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub stdin: Option, - #[serde(default, skip_serializing_if = "Option::is_none", rename = "stdinOnce")] - pub stdin_once: Option, - #[serde(default, skip_serializing_if = "Option::is_none", rename = "terminationMessagePath")] - pub termination_message_path: Option, - #[serde(default, skip_serializing_if = "Option::is_none", rename = "terminationMessagePolicy")] - pub termination_message_policy: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub tty: Option, - #[serde(default, skip_serializing_if = "Option::is_none", rename = "volumeDevices")] - pub volume_devices: Option>, - #[serde(default, skip_serializing_if = "Option::is_none", rename = "volumeMounts")] - pub volume_mounts: Option>, - #[serde(default, skip_serializing_if = "Option::is_none", rename = "workingDir")] - pub working_dir: Option, -} - -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct GrafanaDeploymentSpecTemplateSpecContainersEnv { - pub name: String, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub value: Option, - #[serde(default, skip_serializing_if = "Option::is_none", rename = "valueFrom")] - pub value_from: Option, -} - -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct GrafanaDeploymentSpecTemplateSpecContainersEnvValueFrom { - #[serde(default, skip_serializing_if = "Option::is_none", rename = "configMapKeyRef")] - pub config_map_key_ref: Option, - #[serde(default, skip_serializing_if = "Option::is_none", rename = "fieldRef")] - pub field_ref: Option, - #[serde(default, skip_serializing_if = "Option::is_none", rename = "fileKeyRef")] - pub file_key_ref: Option, - #[serde(default, skip_serializing_if = "Option::is_none", rename = "resourceFieldRef")] - pub resource_field_ref: Option, - #[serde(default, skip_serializing_if = "Option::is_none", rename = "secretKeyRef")] - pub secret_key_ref: Option, -} - -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct GrafanaDeploymentSpecTemplateSpecContainersEnvValueFromConfigMapKeyRef { - pub key: String, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub name: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub optional: Option, -} - -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct GrafanaDeploymentSpecTemplateSpecContainersEnvValueFromFieldRef { - #[serde(default, skip_serializing_if = "Option::is_none", rename = "apiVersion")] - pub api_version: Option, - #[serde(rename = "fieldPath")] - pub field_path: String, -} - -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct GrafanaDeploymentSpecTemplateSpecContainersEnvValueFromFileKeyRef { - pub key: String, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub optional: Option, - pub path: String, - #[serde(rename = "volumeName")] - pub volume_name: String, -} - -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct GrafanaDeploymentSpecTemplateSpecContainersEnvValueFromResourceFieldRef { - #[serde(default, skip_serializing_if = "Option::is_none", rename = "containerName")] - pub container_name: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub divisor: Option, - pub resource: String, -} - -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct GrafanaDeploymentSpecTemplateSpecContainersEnvValueFromSecretKeyRef { - pub key: String, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub name: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub optional: Option, -} - -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct GrafanaDeploymentSpecTemplateSpecContainersEnvFrom { - #[serde(default, skip_serializing_if = "Option::is_none", rename = "configMapRef")] - pub config_map_ref: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub prefix: Option, - #[serde(default, skip_serializing_if = "Option::is_none", rename = "secretRef")] - pub secret_ref: Option, -} - -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct GrafanaDeploymentSpecTemplateSpecContainersEnvFromConfigMapRef { - #[serde(default, skip_serializing_if = "Option::is_none")] - pub name: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub optional: Option, -} - -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct GrafanaDeploymentSpecTemplateSpecContainersEnvFromSecretRef { - #[serde(default, skip_serializing_if = "Option::is_none")] - pub name: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub optional: Option, -} - -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct GrafanaDeploymentSpecTemplateSpecContainersLifecycle { - #[serde(default, skip_serializing_if = "Option::is_none", rename = "postStart")] - pub post_start: Option, - #[serde(default, skip_serializing_if = "Option::is_none", rename = "preStop")] - pub pre_stop: Option, - #[serde(default, skip_serializing_if = "Option::is_none", rename = "stopSignal")] - pub stop_signal: Option, -} - -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct GrafanaDeploymentSpecTemplateSpecContainersLifecyclePostStart { - #[serde(default, skip_serializing_if = "Option::is_none")] - pub exec: Option, - #[serde(default, skip_serializing_if = "Option::is_none", rename = "httpGet")] - pub http_get: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub sleep: Option, - #[serde(default, skip_serializing_if = "Option::is_none", rename = "tcpSocket")] - pub tcp_socket: Option, -} - -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct GrafanaDeploymentSpecTemplateSpecContainersLifecyclePostStartExec { - #[serde(default, skip_serializing_if = "Option::is_none")] - pub command: Option>, -} - -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct GrafanaDeploymentSpecTemplateSpecContainersLifecyclePostStartHttpGet { - #[serde(default, skip_serializing_if = "Option::is_none")] - pub host: Option, - #[serde(default, skip_serializing_if = "Option::is_none", rename = "httpHeaders")] - pub http_headers: Option>, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub path: Option, - pub port: IntOrString, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub scheme: Option, -} - -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct GrafanaDeploymentSpecTemplateSpecContainersLifecyclePostStartHttpGetHttpHeaders { - pub name: String, - pub value: String, -} - -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct GrafanaDeploymentSpecTemplateSpecContainersLifecyclePostStartSleep { - pub seconds: i64, -} - -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct GrafanaDeploymentSpecTemplateSpecContainersLifecyclePostStartTcpSocket { - #[serde(default, skip_serializing_if = "Option::is_none")] - pub host: Option, - pub port: IntOrString, -} - -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct GrafanaDeploymentSpecTemplateSpecContainersLifecyclePreStop { - #[serde(default, skip_serializing_if = "Option::is_none")] - pub exec: Option, - #[serde(default, skip_serializing_if = "Option::is_none", rename = "httpGet")] - pub http_get: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub sleep: Option, - #[serde(default, skip_serializing_if = "Option::is_none", rename = "tcpSocket")] - pub tcp_socket: Option, -} - -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct GrafanaDeploymentSpecTemplateSpecContainersLifecyclePreStopExec { - #[serde(default, skip_serializing_if = "Option::is_none")] - pub command: Option>, -} - -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct GrafanaDeploymentSpecTemplateSpecContainersLifecyclePreStopHttpGet { - #[serde(default, skip_serializing_if = "Option::is_none")] - pub host: Option, - #[serde(default, skip_serializing_if = "Option::is_none", rename = "httpHeaders")] - pub http_headers: Option>, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub path: Option, - pub port: IntOrString, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub scheme: Option, -} - -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct GrafanaDeploymentSpecTemplateSpecContainersLifecyclePreStopHttpGetHttpHeaders { - pub name: String, - pub value: String, -} - -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct GrafanaDeploymentSpecTemplateSpecContainersLifecyclePreStopSleep { - pub seconds: i64, -} - -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct GrafanaDeploymentSpecTemplateSpecContainersLifecyclePreStopTcpSocket { - #[serde(default, skip_serializing_if = "Option::is_none")] - pub host: Option, - pub port: IntOrString, -} - -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct GrafanaDeploymentSpecTemplateSpecContainersLivenessProbe { - #[serde(default, skip_serializing_if = "Option::is_none")] - pub exec: Option, - #[serde(default, skip_serializing_if = "Option::is_none", rename = "failureThreshold")] - pub failure_threshold: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub grpc: Option, - #[serde(default, skip_serializing_if = "Option::is_none", rename = "httpGet")] - pub http_get: Option, - #[serde(default, skip_serializing_if = "Option::is_none", rename = "initialDelaySeconds")] - pub initial_delay_seconds: Option, - #[serde(default, skip_serializing_if = "Option::is_none", rename = "periodSeconds")] - pub period_seconds: Option, - #[serde(default, skip_serializing_if = "Option::is_none", rename = "successThreshold")] - pub success_threshold: Option, - #[serde(default, skip_serializing_if = "Option::is_none", rename = "tcpSocket")] - pub tcp_socket: Option, - #[serde(default, skip_serializing_if = "Option::is_none", rename = "terminationGracePeriodSeconds")] - pub termination_grace_period_seconds: Option, - #[serde(default, skip_serializing_if = "Option::is_none", rename = "timeoutSeconds")] - pub timeout_seconds: Option, -} - -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct GrafanaDeploymentSpecTemplateSpecContainersLivenessProbeExec { - #[serde(default, skip_serializing_if = "Option::is_none")] - pub command: Option>, -} - -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct GrafanaDeploymentSpecTemplateSpecContainersLivenessProbeGrpc { - pub port: i32, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub service: Option, -} - -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct GrafanaDeploymentSpecTemplateSpecContainersLivenessProbeHttpGet { - #[serde(default, skip_serializing_if = "Option::is_none")] - pub host: Option, - #[serde(default, skip_serializing_if = "Option::is_none", rename = "httpHeaders")] - pub http_headers: Option>, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub path: Option, - pub port: IntOrString, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub scheme: Option, -} - -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct GrafanaDeploymentSpecTemplateSpecContainersLivenessProbeHttpGetHttpHeaders { - pub name: String, - pub value: String, -} - -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct GrafanaDeploymentSpecTemplateSpecContainersLivenessProbeTcpSocket { - #[serde(default, skip_serializing_if = "Option::is_none")] - pub host: Option, - pub port: IntOrString, -} - -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct GrafanaDeploymentSpecTemplateSpecContainersPorts { - #[serde(rename = "containerPort")] - pub container_port: i32, - #[serde(default, skip_serializing_if = "Option::is_none", rename = "hostIP")] - pub host_ip: Option, - #[serde(default, skip_serializing_if = "Option::is_none", rename = "hostPort")] - pub host_port: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub name: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub protocol: Option, -} - -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct GrafanaDeploymentSpecTemplateSpecContainersReadinessProbe { - #[serde(default, skip_serializing_if = "Option::is_none")] - pub exec: Option, - #[serde(default, skip_serializing_if = "Option::is_none", rename = "failureThreshold")] - pub failure_threshold: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub grpc: Option, - #[serde(default, skip_serializing_if = "Option::is_none", rename = "httpGet")] - pub http_get: Option, - #[serde(default, skip_serializing_if = "Option::is_none", rename = "initialDelaySeconds")] - pub initial_delay_seconds: Option, - #[serde(default, skip_serializing_if = "Option::is_none", rename = "periodSeconds")] - pub period_seconds: Option, - #[serde(default, skip_serializing_if = "Option::is_none", rename = "successThreshold")] - pub success_threshold: Option, - #[serde(default, skip_serializing_if = "Option::is_none", rename = "tcpSocket")] - pub tcp_socket: Option, - #[serde(default, skip_serializing_if = "Option::is_none", rename = "terminationGracePeriodSeconds")] - pub termination_grace_period_seconds: Option, - #[serde(default, skip_serializing_if = "Option::is_none", rename = "timeoutSeconds")] - pub timeout_seconds: Option, -} - -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct GrafanaDeploymentSpecTemplateSpecContainersReadinessProbeExec { - #[serde(default, skip_serializing_if = "Option::is_none")] - pub command: Option>, -} - -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct GrafanaDeploymentSpecTemplateSpecContainersReadinessProbeGrpc { - pub port: i32, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub service: Option, -} - -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct GrafanaDeploymentSpecTemplateSpecContainersReadinessProbeHttpGet { - #[serde(default, skip_serializing_if = "Option::is_none")] - pub host: Option, - #[serde(default, skip_serializing_if = "Option::is_none", rename = "httpHeaders")] - pub http_headers: Option>, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub path: Option, - pub port: IntOrString, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub scheme: Option, -} - -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct GrafanaDeploymentSpecTemplateSpecContainersReadinessProbeHttpGetHttpHeaders { - pub name: String, - pub value: String, -} - -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct GrafanaDeploymentSpecTemplateSpecContainersReadinessProbeTcpSocket { - #[serde(default, skip_serializing_if = "Option::is_none")] - pub host: Option, - pub port: IntOrString, -} - -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct GrafanaDeploymentSpecTemplateSpecContainersResizePolicy { - #[serde(rename = "resourceName")] - pub resource_name: String, - #[serde(rename = "restartPolicy")] - pub restart_policy: String, -} - -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct GrafanaDeploymentSpecTemplateSpecContainersResources { - #[serde(default, skip_serializing_if = "Option::is_none")] - pub claims: Option>, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub limits: Option>, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub requests: Option>, -} - -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct GrafanaDeploymentSpecTemplateSpecContainersResourcesClaims { - pub name: String, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub request: Option, -} - -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct GrafanaDeploymentSpecTemplateSpecContainersRestartPolicyRules { - pub action: String, - #[serde(default, skip_serializing_if = "Option::is_none", rename = "exitCodes")] - pub exit_codes: Option, -} - -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct GrafanaDeploymentSpecTemplateSpecContainersRestartPolicyRulesExitCodes { - pub operator: String, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub values: Option>, -} - -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct GrafanaDeploymentSpecTemplateSpecContainersSecurityContext { - #[serde(default, skip_serializing_if = "Option::is_none", rename = "allowPrivilegeEscalation")] - pub allow_privilege_escalation: Option, - #[serde(default, skip_serializing_if = "Option::is_none", rename = "appArmorProfile")] - pub app_armor_profile: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub capabilities: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub privileged: Option, - #[serde(default, skip_serializing_if = "Option::is_none", rename = "procMount")] - pub proc_mount: Option, - #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnlyRootFilesystem")] - pub read_only_root_filesystem: Option, - #[serde(default, skip_serializing_if = "Option::is_none", rename = "runAsGroup")] - pub run_as_group: Option, - #[serde(default, skip_serializing_if = "Option::is_none", rename = "runAsNonRoot")] - pub run_as_non_root: Option, - #[serde(default, skip_serializing_if = "Option::is_none", rename = "runAsUser")] - pub run_as_user: Option, - #[serde(default, skip_serializing_if = "Option::is_none", rename = "seLinuxOptions")] - pub se_linux_options: Option, - #[serde(default, skip_serializing_if = "Option::is_none", rename = "seccompProfile")] - pub seccomp_profile: Option, - #[serde(default, skip_serializing_if = "Option::is_none", rename = "windowsOptions")] - pub windows_options: Option, -} - -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct GrafanaDeploymentSpecTemplateSpecContainersSecurityContextAppArmorProfile { - #[serde(default, skip_serializing_if = "Option::is_none", rename = "localhostProfile")] - pub localhost_profile: Option, - #[serde(rename = "type")] - pub r#type: String, -} - -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct GrafanaDeploymentSpecTemplateSpecContainersSecurityContextCapabilities { - #[serde(default, skip_serializing_if = "Option::is_none")] - pub add: Option>, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub drop: Option>, -} - -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct GrafanaDeploymentSpecTemplateSpecContainersSecurityContextSeLinuxOptions { - #[serde(default, skip_serializing_if = "Option::is_none")] - pub level: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub role: Option, - #[serde(default, skip_serializing_if = "Option::is_none", rename = "type")] - pub r#type: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub user: Option, -} - -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct GrafanaDeploymentSpecTemplateSpecContainersSecurityContextSeccompProfile { - #[serde(default, skip_serializing_if = "Option::is_none", rename = "localhostProfile")] - pub localhost_profile: Option, - #[serde(rename = "type")] - pub r#type: String, -} - -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct GrafanaDeploymentSpecTemplateSpecContainersSecurityContextWindowsOptions { - #[serde(default, skip_serializing_if = "Option::is_none", rename = "gmsaCredentialSpec")] - pub gmsa_credential_spec: Option, - #[serde(default, skip_serializing_if = "Option::is_none", rename = "gmsaCredentialSpecName")] - pub gmsa_credential_spec_name: Option, - #[serde(default, skip_serializing_if = "Option::is_none", rename = "hostProcess")] - pub host_process: Option, - #[serde(default, skip_serializing_if = "Option::is_none", rename = "runAsUserName")] - pub run_as_user_name: Option, -} - -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct GrafanaDeploymentSpecTemplateSpecContainersStartupProbe { - #[serde(default, skip_serializing_if = "Option::is_none")] - pub exec: Option, - #[serde(default, skip_serializing_if = "Option::is_none", rename = "failureThreshold")] - pub failure_threshold: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub grpc: Option, - #[serde(default, skip_serializing_if = "Option::is_none", rename = "httpGet")] - pub http_get: Option, - #[serde(default, skip_serializing_if = "Option::is_none", rename = "initialDelaySeconds")] - pub initial_delay_seconds: Option, - #[serde(default, skip_serializing_if = "Option::is_none", rename = "periodSeconds")] - pub period_seconds: Option, - #[serde(default, skip_serializing_if = "Option::is_none", rename = "successThreshold")] - pub success_threshold: Option, - #[serde(default, skip_serializing_if = "Option::is_none", rename = "tcpSocket")] - pub tcp_socket: Option, - #[serde(default, skip_serializing_if = "Option::is_none", rename = "terminationGracePeriodSeconds")] - pub termination_grace_period_seconds: Option, - #[serde(default, skip_serializing_if = "Option::is_none", rename = "timeoutSeconds")] - pub timeout_seconds: Option, -} - -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct GrafanaDeploymentSpecTemplateSpecContainersStartupProbeExec { - #[serde(default, skip_serializing_if = "Option::is_none")] - pub command: Option>, -} - -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct GrafanaDeploymentSpecTemplateSpecContainersStartupProbeGrpc { - pub port: i32, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub service: Option, -} - -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct GrafanaDeploymentSpecTemplateSpecContainersStartupProbeHttpGet { - #[serde(default, skip_serializing_if = "Option::is_none")] - pub host: Option, - #[serde(default, skip_serializing_if = "Option::is_none", rename = "httpHeaders")] - pub http_headers: Option>, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub path: Option, - pub port: IntOrString, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub scheme: Option, -} - -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct GrafanaDeploymentSpecTemplateSpecContainersStartupProbeHttpGetHttpHeaders { - pub name: String, - pub value: String, -} - -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct GrafanaDeploymentSpecTemplateSpecContainersStartupProbeTcpSocket { - #[serde(default, skip_serializing_if = "Option::is_none")] - pub host: Option, - pub port: IntOrString, -} - -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct GrafanaDeploymentSpecTemplateSpecContainersVolumeDevices { - #[serde(rename = "devicePath")] - pub device_path: String, - pub name: String, -} - -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct GrafanaDeploymentSpecTemplateSpecContainersVolumeMounts { - #[serde(rename = "mountPath")] - pub mount_path: String, - #[serde(default, skip_serializing_if = "Option::is_none", rename = "mountPropagation")] - pub mount_propagation: Option, - pub name: String, - #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] - pub read_only: Option, - #[serde(default, skip_serializing_if = "Option::is_none", rename = "recursiveReadOnly")] - pub recursive_read_only: Option, - #[serde(default, skip_serializing_if = "Option::is_none", rename = "subPath")] - pub sub_path: Option, - #[serde(default, skip_serializing_if = "Option::is_none", rename = "subPathExpr")] - pub sub_path_expr: Option, -} - -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct GrafanaDeploymentSpecTemplateSpecDnsConfig { - #[serde(default, skip_serializing_if = "Option::is_none")] - pub nameservers: Option>, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub options: Option>, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub searches: Option>, -} - -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct GrafanaDeploymentSpecTemplateSpecDnsConfigOptions { - #[serde(default, skip_serializing_if = "Option::is_none")] - pub name: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub value: Option, -} - -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct GrafanaDeploymentSpecTemplateSpecEphemeralContainers { - #[serde(default, skip_serializing_if = "Option::is_none")] - pub args: Option>, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub command: Option>, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub env: Option>, - #[serde(default, skip_serializing_if = "Option::is_none", rename = "envFrom")] - pub env_from: Option>, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub image: Option, - #[serde(default, skip_serializing_if = "Option::is_none", rename = "imagePullPolicy")] - pub image_pull_policy: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub lifecycle: Option, - #[serde(default, skip_serializing_if = "Option::is_none", rename = "livenessProbe")] - pub liveness_probe: Option, - pub name: String, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub ports: Option>, - #[serde(default, skip_serializing_if = "Option::is_none", rename = "readinessProbe")] - pub readiness_probe: Option, - #[serde(default, skip_serializing_if = "Option::is_none", rename = "resizePolicy")] - pub resize_policy: Option>, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub resources: Option, - #[serde(default, skip_serializing_if = "Option::is_none", rename = "restartPolicy")] - pub restart_policy: Option, - #[serde(default, skip_serializing_if = "Option::is_none", rename = "restartPolicyRules")] - pub restart_policy_rules: Option>, - #[serde(default, skip_serializing_if = "Option::is_none", rename = "securityContext")] - pub security_context: Option, - #[serde(default, skip_serializing_if = "Option::is_none", rename = "startupProbe")] - pub startup_probe: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub stdin: Option, - #[serde(default, skip_serializing_if = "Option::is_none", rename = "stdinOnce")] - pub stdin_once: Option, - #[serde(default, skip_serializing_if = "Option::is_none", rename = "targetContainerName")] - pub target_container_name: Option, - #[serde(default, skip_serializing_if = "Option::is_none", rename = "terminationMessagePath")] - pub termination_message_path: Option, - #[serde(default, skip_serializing_if = "Option::is_none", rename = "terminationMessagePolicy")] - pub termination_message_policy: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub tty: Option, - #[serde(default, skip_serializing_if = "Option::is_none", rename = "volumeDevices")] - pub volume_devices: Option>, - #[serde(default, skip_serializing_if = "Option::is_none", rename = "volumeMounts")] - pub volume_mounts: Option>, - #[serde(default, skip_serializing_if = "Option::is_none", rename = "workingDir")] - pub working_dir: Option, -} - -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct GrafanaDeploymentSpecTemplateSpecEphemeralContainersEnv { - pub name: String, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub value: Option, - #[serde(default, skip_serializing_if = "Option::is_none", rename = "valueFrom")] - pub value_from: Option, -} - -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct GrafanaDeploymentSpecTemplateSpecEphemeralContainersEnvValueFrom { - #[serde(default, skip_serializing_if = "Option::is_none", rename = "configMapKeyRef")] - pub config_map_key_ref: Option, - #[serde(default, skip_serializing_if = "Option::is_none", rename = "fieldRef")] - pub field_ref: Option, - #[serde(default, skip_serializing_if = "Option::is_none", rename = "fileKeyRef")] - pub file_key_ref: Option, - #[serde(default, skip_serializing_if = "Option::is_none", rename = "resourceFieldRef")] - pub resource_field_ref: Option, - #[serde(default, skip_serializing_if = "Option::is_none", rename = "secretKeyRef")] - pub secret_key_ref: Option, -} - -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct GrafanaDeploymentSpecTemplateSpecEphemeralContainersEnvValueFromConfigMapKeyRef { - pub key: String, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub name: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub optional: Option, -} - -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct GrafanaDeploymentSpecTemplateSpecEphemeralContainersEnvValueFromFieldRef { - #[serde(default, skip_serializing_if = "Option::is_none", rename = "apiVersion")] - pub api_version: Option, - #[serde(rename = "fieldPath")] - pub field_path: String, -} - -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct GrafanaDeploymentSpecTemplateSpecEphemeralContainersEnvValueFromFileKeyRef { - pub key: String, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub optional: Option, - pub path: String, - #[serde(rename = "volumeName")] - pub volume_name: String, -} - -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct GrafanaDeploymentSpecTemplateSpecEphemeralContainersEnvValueFromResourceFieldRef { - #[serde(default, skip_serializing_if = "Option::is_none", rename = "containerName")] - pub container_name: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub divisor: Option, - pub resource: String, -} - -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct GrafanaDeploymentSpecTemplateSpecEphemeralContainersEnvValueFromSecretKeyRef { - pub key: String, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub name: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub optional: Option, -} - -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct GrafanaDeploymentSpecTemplateSpecEphemeralContainersEnvFrom { - #[serde(default, skip_serializing_if = "Option::is_none", rename = "configMapRef")] - pub config_map_ref: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub prefix: Option, - #[serde(default, skip_serializing_if = "Option::is_none", rename = "secretRef")] - pub secret_ref: Option, -} - -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct GrafanaDeploymentSpecTemplateSpecEphemeralContainersEnvFromConfigMapRef { - #[serde(default, skip_serializing_if = "Option::is_none")] - pub name: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub optional: Option, -} - -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct GrafanaDeploymentSpecTemplateSpecEphemeralContainersEnvFromSecretRef { - #[serde(default, skip_serializing_if = "Option::is_none")] - pub name: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub optional: Option, -} - -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct GrafanaDeploymentSpecTemplateSpecEphemeralContainersLifecycle { - #[serde(default, skip_serializing_if = "Option::is_none", rename = "postStart")] - pub post_start: Option, - #[serde(default, skip_serializing_if = "Option::is_none", rename = "preStop")] - pub pre_stop: Option, - #[serde(default, skip_serializing_if = "Option::is_none", rename = "stopSignal")] - pub stop_signal: Option, -} - -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct GrafanaDeploymentSpecTemplateSpecEphemeralContainersLifecyclePostStart { - #[serde(default, skip_serializing_if = "Option::is_none")] - pub exec: Option, - #[serde(default, skip_serializing_if = "Option::is_none", rename = "httpGet")] - pub http_get: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub sleep: Option, - #[serde(default, skip_serializing_if = "Option::is_none", rename = "tcpSocket")] - pub tcp_socket: Option, -} - -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct GrafanaDeploymentSpecTemplateSpecEphemeralContainersLifecyclePostStartExec { - #[serde(default, skip_serializing_if = "Option::is_none")] - pub command: Option>, -} - -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct GrafanaDeploymentSpecTemplateSpecEphemeralContainersLifecyclePostStartHttpGet { - #[serde(default, skip_serializing_if = "Option::is_none")] - pub host: Option, - #[serde(default, skip_serializing_if = "Option::is_none", rename = "httpHeaders")] - pub http_headers: Option>, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub path: Option, - pub port: IntOrString, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub scheme: Option, -} - -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct GrafanaDeploymentSpecTemplateSpecEphemeralContainersLifecyclePostStartHttpGetHttpHeaders { - pub name: String, - pub value: String, -} - -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct GrafanaDeploymentSpecTemplateSpecEphemeralContainersLifecyclePostStartSleep { - pub seconds: i64, -} - -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct GrafanaDeploymentSpecTemplateSpecEphemeralContainersLifecyclePostStartTcpSocket { - #[serde(default, skip_serializing_if = "Option::is_none")] - pub host: Option, - pub port: IntOrString, -} - -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct GrafanaDeploymentSpecTemplateSpecEphemeralContainersLifecyclePreStop { - #[serde(default, skip_serializing_if = "Option::is_none")] - pub exec: Option, - #[serde(default, skip_serializing_if = "Option::is_none", rename = "httpGet")] - pub http_get: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub sleep: Option, - #[serde(default, skip_serializing_if = "Option::is_none", rename = "tcpSocket")] - pub tcp_socket: Option, -} - -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct GrafanaDeploymentSpecTemplateSpecEphemeralContainersLifecyclePreStopExec { - #[serde(default, skip_serializing_if = "Option::is_none")] - pub command: Option>, -} - -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct GrafanaDeploymentSpecTemplateSpecEphemeralContainersLifecyclePreStopHttpGet { - #[serde(default, skip_serializing_if = "Option::is_none")] - pub host: Option, - #[serde(default, skip_serializing_if = "Option::is_none", rename = "httpHeaders")] - pub http_headers: Option>, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub path: Option, - pub port: IntOrString, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub scheme: Option, -} - -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct GrafanaDeploymentSpecTemplateSpecEphemeralContainersLifecyclePreStopHttpGetHttpHeaders { - pub name: String, - pub value: String, -} - -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct GrafanaDeploymentSpecTemplateSpecEphemeralContainersLifecyclePreStopSleep { - pub seconds: i64, -} - -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct GrafanaDeploymentSpecTemplateSpecEphemeralContainersLifecyclePreStopTcpSocket { - #[serde(default, skip_serializing_if = "Option::is_none")] - pub host: Option, - pub port: IntOrString, -} - -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct GrafanaDeploymentSpecTemplateSpecEphemeralContainersLivenessProbe { - #[serde(default, skip_serializing_if = "Option::is_none")] - pub exec: Option, - #[serde(default, skip_serializing_if = "Option::is_none", rename = "failureThreshold")] - pub failure_threshold: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub grpc: Option, - #[serde(default, skip_serializing_if = "Option::is_none", rename = "httpGet")] - pub http_get: Option, - #[serde(default, skip_serializing_if = "Option::is_none", rename = "initialDelaySeconds")] - pub initial_delay_seconds: Option, - #[serde(default, skip_serializing_if = "Option::is_none", rename = "periodSeconds")] - pub period_seconds: Option, - #[serde(default, skip_serializing_if = "Option::is_none", rename = "successThreshold")] - pub success_threshold: Option, - #[serde(default, skip_serializing_if = "Option::is_none", rename = "tcpSocket")] - pub tcp_socket: Option, - #[serde(default, skip_serializing_if = "Option::is_none", rename = "terminationGracePeriodSeconds")] - pub termination_grace_period_seconds: Option, - #[serde(default, skip_serializing_if = "Option::is_none", rename = "timeoutSeconds")] - pub timeout_seconds: Option, -} - -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct GrafanaDeploymentSpecTemplateSpecEphemeralContainersLivenessProbeExec { - #[serde(default, skip_serializing_if = "Option::is_none")] - pub command: Option>, -} - -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct GrafanaDeploymentSpecTemplateSpecEphemeralContainersLivenessProbeGrpc { - pub port: i32, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub service: Option, -} - -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct GrafanaDeploymentSpecTemplateSpecEphemeralContainersLivenessProbeHttpGet { - #[serde(default, skip_serializing_if = "Option::is_none")] - pub host: Option, - #[serde(default, skip_serializing_if = "Option::is_none", rename = "httpHeaders")] - pub http_headers: Option>, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub path: Option, - pub port: IntOrString, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub scheme: Option, -} - -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct GrafanaDeploymentSpecTemplateSpecEphemeralContainersLivenessProbeHttpGetHttpHeaders { - pub name: String, - pub value: String, -} - -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct GrafanaDeploymentSpecTemplateSpecEphemeralContainersLivenessProbeTcpSocket { - #[serde(default, skip_serializing_if = "Option::is_none")] - pub host: Option, - pub port: IntOrString, -} - -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct GrafanaDeploymentSpecTemplateSpecEphemeralContainersPorts { - #[serde(rename = "containerPort")] - pub container_port: i32, - #[serde(default, skip_serializing_if = "Option::is_none", rename = "hostIP")] - pub host_ip: Option, - #[serde(default, skip_serializing_if = "Option::is_none", rename = "hostPort")] - pub host_port: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub name: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub protocol: Option, -} - -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct GrafanaDeploymentSpecTemplateSpecEphemeralContainersReadinessProbe { - #[serde(default, skip_serializing_if = "Option::is_none")] - pub exec: Option, - #[serde(default, skip_serializing_if = "Option::is_none", rename = "failureThreshold")] - pub failure_threshold: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub grpc: Option, - #[serde(default, skip_serializing_if = "Option::is_none", rename = "httpGet")] - pub http_get: Option, - #[serde(default, skip_serializing_if = "Option::is_none", rename = "initialDelaySeconds")] - pub initial_delay_seconds: Option, - #[serde(default, skip_serializing_if = "Option::is_none", rename = "periodSeconds")] - pub period_seconds: Option, - #[serde(default, skip_serializing_if = "Option::is_none", rename = "successThreshold")] - pub success_threshold: Option, - #[serde(default, skip_serializing_if = "Option::is_none", rename = "tcpSocket")] - pub tcp_socket: Option, - #[serde(default, skip_serializing_if = "Option::is_none", rename = "terminationGracePeriodSeconds")] - pub termination_grace_period_seconds: Option, - #[serde(default, skip_serializing_if = "Option::is_none", rename = "timeoutSeconds")] - pub timeout_seconds: Option, -} - -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct GrafanaDeploymentSpecTemplateSpecEphemeralContainersReadinessProbeExec { - #[serde(default, skip_serializing_if = "Option::is_none")] - pub command: Option>, -} - -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct GrafanaDeploymentSpecTemplateSpecEphemeralContainersReadinessProbeGrpc { - pub port: i32, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub service: Option, -} - -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct GrafanaDeploymentSpecTemplateSpecEphemeralContainersReadinessProbeHttpGet { - #[serde(default, skip_serializing_if = "Option::is_none")] - pub host: Option, - #[serde(default, skip_serializing_if = "Option::is_none", rename = "httpHeaders")] - pub http_headers: Option>, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub path: Option, - pub port: IntOrString, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub scheme: Option, -} - -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct GrafanaDeploymentSpecTemplateSpecEphemeralContainersReadinessProbeHttpGetHttpHeaders { - pub name: String, - pub value: String, -} - -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct GrafanaDeploymentSpecTemplateSpecEphemeralContainersReadinessProbeTcpSocket { - #[serde(default, skip_serializing_if = "Option::is_none")] - pub host: Option, - pub port: IntOrString, -} - -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct GrafanaDeploymentSpecTemplateSpecEphemeralContainersResizePolicy { - #[serde(rename = "resourceName")] - pub resource_name: String, - #[serde(rename = "restartPolicy")] - pub restart_policy: String, -} - -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct GrafanaDeploymentSpecTemplateSpecEphemeralContainersResources { - #[serde(default, skip_serializing_if = "Option::is_none")] - pub claims: Option>, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub limits: Option>, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub requests: Option>, -} - -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct GrafanaDeploymentSpecTemplateSpecEphemeralContainersResourcesClaims { - pub name: String, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub request: Option, -} - -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct GrafanaDeploymentSpecTemplateSpecEphemeralContainersRestartPolicyRules { - pub action: String, - #[serde(default, skip_serializing_if = "Option::is_none", rename = "exitCodes")] - pub exit_codes: Option, -} - -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct GrafanaDeploymentSpecTemplateSpecEphemeralContainersRestartPolicyRulesExitCodes { - pub operator: String, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub values: Option>, -} - -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct GrafanaDeploymentSpecTemplateSpecEphemeralContainersSecurityContext { - #[serde(default, skip_serializing_if = "Option::is_none", rename = "allowPrivilegeEscalation")] - pub allow_privilege_escalation: Option, - #[serde(default, skip_serializing_if = "Option::is_none", rename = "appArmorProfile")] - pub app_armor_profile: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub capabilities: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub privileged: Option, - #[serde(default, skip_serializing_if = "Option::is_none", rename = "procMount")] - pub proc_mount: Option, - #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnlyRootFilesystem")] - pub read_only_root_filesystem: Option, - #[serde(default, skip_serializing_if = "Option::is_none", rename = "runAsGroup")] - pub run_as_group: Option, - #[serde(default, skip_serializing_if = "Option::is_none", rename = "runAsNonRoot")] - pub run_as_non_root: Option, - #[serde(default, skip_serializing_if = "Option::is_none", rename = "runAsUser")] - pub run_as_user: Option, - #[serde(default, skip_serializing_if = "Option::is_none", rename = "seLinuxOptions")] - pub se_linux_options: Option, - #[serde(default, skip_serializing_if = "Option::is_none", rename = "seccompProfile")] - pub seccomp_profile: Option, - #[serde(default, skip_serializing_if = "Option::is_none", rename = "windowsOptions")] - pub windows_options: Option, -} - -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct GrafanaDeploymentSpecTemplateSpecEphemeralContainersSecurityContextAppArmorProfile { - #[serde(default, skip_serializing_if = "Option::is_none", rename = "localhostProfile")] - pub localhost_profile: Option, - #[serde(rename = "type")] - pub r#type: String, -} - -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct GrafanaDeploymentSpecTemplateSpecEphemeralContainersSecurityContextCapabilities { - #[serde(default, skip_serializing_if = "Option::is_none")] - pub add: Option>, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub drop: Option>, -} - -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct GrafanaDeploymentSpecTemplateSpecEphemeralContainersSecurityContextSeLinuxOptions { - #[serde(default, skip_serializing_if = "Option::is_none")] - pub level: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub role: Option, - #[serde(default, skip_serializing_if = "Option::is_none", rename = "type")] - pub r#type: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub user: Option, -} - -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct GrafanaDeploymentSpecTemplateSpecEphemeralContainersSecurityContextSeccompProfile { - #[serde(default, skip_serializing_if = "Option::is_none", rename = "localhostProfile")] - pub localhost_profile: Option, - #[serde(rename = "type")] - pub r#type: String, -} - -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct GrafanaDeploymentSpecTemplateSpecEphemeralContainersSecurityContextWindowsOptions { - #[serde(default, skip_serializing_if = "Option::is_none", rename = "gmsaCredentialSpec")] - pub gmsa_credential_spec: Option, - #[serde(default, skip_serializing_if = "Option::is_none", rename = "gmsaCredentialSpecName")] - pub gmsa_credential_spec_name: Option, - #[serde(default, skip_serializing_if = "Option::is_none", rename = "hostProcess")] - pub host_process: Option, - #[serde(default, skip_serializing_if = "Option::is_none", rename = "runAsUserName")] - pub run_as_user_name: Option, -} - -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct GrafanaDeploymentSpecTemplateSpecEphemeralContainersStartupProbe { - #[serde(default, skip_serializing_if = "Option::is_none")] - pub exec: Option, - #[serde(default, skip_serializing_if = "Option::is_none", rename = "failureThreshold")] - pub failure_threshold: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub grpc: Option, - #[serde(default, skip_serializing_if = "Option::is_none", rename = "httpGet")] - pub http_get: Option, - #[serde(default, skip_serializing_if = "Option::is_none", rename = "initialDelaySeconds")] - pub initial_delay_seconds: Option, - #[serde(default, skip_serializing_if = "Option::is_none", rename = "periodSeconds")] - pub period_seconds: Option, - #[serde(default, skip_serializing_if = "Option::is_none", rename = "successThreshold")] - pub success_threshold: Option, - #[serde(default, skip_serializing_if = "Option::is_none", rename = "tcpSocket")] - pub tcp_socket: Option, - #[serde(default, skip_serializing_if = "Option::is_none", rename = "terminationGracePeriodSeconds")] - pub termination_grace_period_seconds: Option, - #[serde(default, skip_serializing_if = "Option::is_none", rename = "timeoutSeconds")] - pub timeout_seconds: Option, -} - -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct GrafanaDeploymentSpecTemplateSpecEphemeralContainersStartupProbeExec { - #[serde(default, skip_serializing_if = "Option::is_none")] - pub command: Option>, -} - -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct GrafanaDeploymentSpecTemplateSpecEphemeralContainersStartupProbeGrpc { - pub port: i32, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub service: Option, -} - -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct GrafanaDeploymentSpecTemplateSpecEphemeralContainersStartupProbeHttpGet { - #[serde(default, skip_serializing_if = "Option::is_none")] - pub host: Option, - #[serde(default, skip_serializing_if = "Option::is_none", rename = "httpHeaders")] - pub http_headers: Option>, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub path: Option, - pub port: IntOrString, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub scheme: Option, -} - -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct GrafanaDeploymentSpecTemplateSpecEphemeralContainersStartupProbeHttpGetHttpHeaders { - pub name: String, - pub value: String, -} - -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct GrafanaDeploymentSpecTemplateSpecEphemeralContainersStartupProbeTcpSocket { - #[serde(default, skip_serializing_if = "Option::is_none")] - pub host: Option, - pub port: IntOrString, -} - -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct GrafanaDeploymentSpecTemplateSpecEphemeralContainersVolumeDevices { - #[serde(rename = "devicePath")] - pub device_path: String, - pub name: String, -} - -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct GrafanaDeploymentSpecTemplateSpecEphemeralContainersVolumeMounts { - #[serde(rename = "mountPath")] - pub mount_path: String, - #[serde(default, skip_serializing_if = "Option::is_none", rename = "mountPropagation")] - pub mount_propagation: Option, - pub name: String, - #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] - pub read_only: Option, - #[serde(default, skip_serializing_if = "Option::is_none", rename = "recursiveReadOnly")] - pub recursive_read_only: Option, - #[serde(default, skip_serializing_if = "Option::is_none", rename = "subPath")] - pub sub_path: Option, - #[serde(default, skip_serializing_if = "Option::is_none", rename = "subPathExpr")] - pub sub_path_expr: Option, -} - -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct GrafanaDeploymentSpecTemplateSpecHostAliases { - #[serde(default, skip_serializing_if = "Option::is_none")] - pub hostnames: Option>, - pub ip: String, -} - -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct GrafanaDeploymentSpecTemplateSpecImagePullSecrets { - #[serde(default, skip_serializing_if = "Option::is_none")] - pub name: Option, -} - -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct GrafanaDeploymentSpecTemplateSpecInitContainers { - #[serde(default, skip_serializing_if = "Option::is_none")] - pub args: Option>, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub command: Option>, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub env: Option>, - #[serde(default, skip_serializing_if = "Option::is_none", rename = "envFrom")] - pub env_from: Option>, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub image: Option, - #[serde(default, skip_serializing_if = "Option::is_none", rename = "imagePullPolicy")] - pub image_pull_policy: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub lifecycle: Option, - #[serde(default, skip_serializing_if = "Option::is_none", rename = "livenessProbe")] - pub liveness_probe: Option, - pub name: String, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub ports: Option>, - #[serde(default, skip_serializing_if = "Option::is_none", rename = "readinessProbe")] - pub readiness_probe: Option, - #[serde(default, skip_serializing_if = "Option::is_none", rename = "resizePolicy")] - pub resize_policy: Option>, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub resources: Option, - #[serde(default, skip_serializing_if = "Option::is_none", rename = "restartPolicy")] - pub restart_policy: Option, - #[serde(default, skip_serializing_if = "Option::is_none", rename = "restartPolicyRules")] - pub restart_policy_rules: Option>, - #[serde(default, skip_serializing_if = "Option::is_none", rename = "securityContext")] - pub security_context: Option, - #[serde(default, skip_serializing_if = "Option::is_none", rename = "startupProbe")] - pub startup_probe: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub stdin: Option, - #[serde(default, skip_serializing_if = "Option::is_none", rename = "stdinOnce")] - pub stdin_once: Option, - #[serde(default, skip_serializing_if = "Option::is_none", rename = "terminationMessagePath")] - pub termination_message_path: Option, - #[serde(default, skip_serializing_if = "Option::is_none", rename = "terminationMessagePolicy")] - pub termination_message_policy: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub tty: Option, - #[serde(default, skip_serializing_if = "Option::is_none", rename = "volumeDevices")] - pub volume_devices: Option>, - #[serde(default, skip_serializing_if = "Option::is_none", rename = "volumeMounts")] - pub volume_mounts: Option>, - #[serde(default, skip_serializing_if = "Option::is_none", rename = "workingDir")] - pub working_dir: Option, -} - -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct GrafanaDeploymentSpecTemplateSpecInitContainersEnv { - pub name: String, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub value: Option, - #[serde(default, skip_serializing_if = "Option::is_none", rename = "valueFrom")] - pub value_from: Option, -} - -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct GrafanaDeploymentSpecTemplateSpecInitContainersEnvValueFrom { - #[serde(default, skip_serializing_if = "Option::is_none", rename = "configMapKeyRef")] - pub config_map_key_ref: Option, - #[serde(default, skip_serializing_if = "Option::is_none", rename = "fieldRef")] - pub field_ref: Option, - #[serde(default, skip_serializing_if = "Option::is_none", rename = "fileKeyRef")] - pub file_key_ref: Option, - #[serde(default, skip_serializing_if = "Option::is_none", rename = "resourceFieldRef")] - pub resource_field_ref: Option, - #[serde(default, skip_serializing_if = "Option::is_none", rename = "secretKeyRef")] - pub secret_key_ref: Option, -} - -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct GrafanaDeploymentSpecTemplateSpecInitContainersEnvValueFromConfigMapKeyRef { - pub key: String, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub name: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub optional: Option, -} - -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct GrafanaDeploymentSpecTemplateSpecInitContainersEnvValueFromFieldRef { - #[serde(default, skip_serializing_if = "Option::is_none", rename = "apiVersion")] - pub api_version: Option, - #[serde(rename = "fieldPath")] - pub field_path: String, -} - -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct GrafanaDeploymentSpecTemplateSpecInitContainersEnvValueFromFileKeyRef { - pub key: String, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub optional: Option, - pub path: String, - #[serde(rename = "volumeName")] - pub volume_name: String, -} - -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct GrafanaDeploymentSpecTemplateSpecInitContainersEnvValueFromResourceFieldRef { - #[serde(default, skip_serializing_if = "Option::is_none", rename = "containerName")] - pub container_name: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub divisor: Option, - pub resource: String, -} - -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct GrafanaDeploymentSpecTemplateSpecInitContainersEnvValueFromSecretKeyRef { - pub key: String, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub name: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub optional: Option, -} - -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct GrafanaDeploymentSpecTemplateSpecInitContainersEnvFrom { - #[serde(default, skip_serializing_if = "Option::is_none", rename = "configMapRef")] - pub config_map_ref: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub prefix: Option, - #[serde(default, skip_serializing_if = "Option::is_none", rename = "secretRef")] - pub secret_ref: Option, -} - -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct GrafanaDeploymentSpecTemplateSpecInitContainersEnvFromConfigMapRef { - #[serde(default, skip_serializing_if = "Option::is_none")] - pub name: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub optional: Option, -} - -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct GrafanaDeploymentSpecTemplateSpecInitContainersEnvFromSecretRef { - #[serde(default, skip_serializing_if = "Option::is_none")] - pub name: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub optional: Option, -} - -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct GrafanaDeploymentSpecTemplateSpecInitContainersLifecycle { - #[serde(default, skip_serializing_if = "Option::is_none", rename = "postStart")] - pub post_start: Option, - #[serde(default, skip_serializing_if = "Option::is_none", rename = "preStop")] - pub pre_stop: Option, - #[serde(default, skip_serializing_if = "Option::is_none", rename = "stopSignal")] - pub stop_signal: Option, -} - -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct GrafanaDeploymentSpecTemplateSpecInitContainersLifecyclePostStart { - #[serde(default, skip_serializing_if = "Option::is_none")] - pub exec: Option, - #[serde(default, skip_serializing_if = "Option::is_none", rename = "httpGet")] - pub http_get: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub sleep: Option, - #[serde(default, skip_serializing_if = "Option::is_none", rename = "tcpSocket")] - pub tcp_socket: Option, -} - -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct GrafanaDeploymentSpecTemplateSpecInitContainersLifecyclePostStartExec { - #[serde(default, skip_serializing_if = "Option::is_none")] - pub command: Option>, -} - -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct GrafanaDeploymentSpecTemplateSpecInitContainersLifecyclePostStartHttpGet { - #[serde(default, skip_serializing_if = "Option::is_none")] - pub host: Option, - #[serde(default, skip_serializing_if = "Option::is_none", rename = "httpHeaders")] - pub http_headers: Option>, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub path: Option, - pub port: IntOrString, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub scheme: Option, -} - -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct GrafanaDeploymentSpecTemplateSpecInitContainersLifecyclePostStartHttpGetHttpHeaders { - pub name: String, - pub value: String, -} - -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct GrafanaDeploymentSpecTemplateSpecInitContainersLifecyclePostStartSleep { - pub seconds: i64, -} - -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct GrafanaDeploymentSpecTemplateSpecInitContainersLifecyclePostStartTcpSocket { - #[serde(default, skip_serializing_if = "Option::is_none")] - pub host: Option, - pub port: IntOrString, -} - -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct GrafanaDeploymentSpecTemplateSpecInitContainersLifecyclePreStop { - #[serde(default, skip_serializing_if = "Option::is_none")] - pub exec: Option, - #[serde(default, skip_serializing_if = "Option::is_none", rename = "httpGet")] - pub http_get: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub sleep: Option, - #[serde(default, skip_serializing_if = "Option::is_none", rename = "tcpSocket")] - pub tcp_socket: Option, -} - -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct GrafanaDeploymentSpecTemplateSpecInitContainersLifecyclePreStopExec { - #[serde(default, skip_serializing_if = "Option::is_none")] - pub command: Option>, -} - -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct GrafanaDeploymentSpecTemplateSpecInitContainersLifecyclePreStopHttpGet { - #[serde(default, skip_serializing_if = "Option::is_none")] - pub host: Option, - #[serde(default, skip_serializing_if = "Option::is_none", rename = "httpHeaders")] - pub http_headers: Option>, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub path: Option, - pub port: IntOrString, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub scheme: Option, -} - -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct GrafanaDeploymentSpecTemplateSpecInitContainersLifecyclePreStopHttpGetHttpHeaders { - pub name: String, - pub value: String, -} - -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct GrafanaDeploymentSpecTemplateSpecInitContainersLifecyclePreStopSleep { - pub seconds: i64, -} - -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct GrafanaDeploymentSpecTemplateSpecInitContainersLifecyclePreStopTcpSocket { - #[serde(default, skip_serializing_if = "Option::is_none")] - pub host: Option, - pub port: IntOrString, -} - -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct GrafanaDeploymentSpecTemplateSpecInitContainersLivenessProbe { - #[serde(default, skip_serializing_if = "Option::is_none")] - pub exec: Option, - #[serde(default, skip_serializing_if = "Option::is_none", rename = "failureThreshold")] - pub failure_threshold: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub grpc: Option, - #[serde(default, skip_serializing_if = "Option::is_none", rename = "httpGet")] - pub http_get: Option, - #[serde(default, skip_serializing_if = "Option::is_none", rename = "initialDelaySeconds")] - pub initial_delay_seconds: Option, - #[serde(default, skip_serializing_if = "Option::is_none", rename = "periodSeconds")] - pub period_seconds: Option, - #[serde(default, skip_serializing_if = "Option::is_none", rename = "successThreshold")] - pub success_threshold: Option, - #[serde(default, skip_serializing_if = "Option::is_none", rename = "tcpSocket")] - pub tcp_socket: Option, - #[serde(default, skip_serializing_if = "Option::is_none", rename = "terminationGracePeriodSeconds")] - pub termination_grace_period_seconds: Option, - #[serde(default, skip_serializing_if = "Option::is_none", rename = "timeoutSeconds")] - pub timeout_seconds: Option, -} - -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct GrafanaDeploymentSpecTemplateSpecInitContainersLivenessProbeExec { - #[serde(default, skip_serializing_if = "Option::is_none")] - pub command: Option>, -} - -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct GrafanaDeploymentSpecTemplateSpecInitContainersLivenessProbeGrpc { - pub port: i32, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub service: Option, -} - -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct GrafanaDeploymentSpecTemplateSpecInitContainersLivenessProbeHttpGet { - #[serde(default, skip_serializing_if = "Option::is_none")] - pub host: Option, - #[serde(default, skip_serializing_if = "Option::is_none", rename = "httpHeaders")] - pub http_headers: Option>, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub path: Option, - pub port: IntOrString, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub scheme: Option, -} - -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct GrafanaDeploymentSpecTemplateSpecInitContainersLivenessProbeHttpGetHttpHeaders { - pub name: String, - pub value: String, -} - -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct GrafanaDeploymentSpecTemplateSpecInitContainersLivenessProbeTcpSocket { - #[serde(default, skip_serializing_if = "Option::is_none")] - pub host: Option, - pub port: IntOrString, -} - -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct GrafanaDeploymentSpecTemplateSpecInitContainersPorts { - #[serde(rename = "containerPort")] - pub container_port: i32, - #[serde(default, skip_serializing_if = "Option::is_none", rename = "hostIP")] - pub host_ip: Option, - #[serde(default, skip_serializing_if = "Option::is_none", rename = "hostPort")] - pub host_port: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub name: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub protocol: Option, -} - -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct GrafanaDeploymentSpecTemplateSpecInitContainersReadinessProbe { - #[serde(default, skip_serializing_if = "Option::is_none")] - pub exec: Option, - #[serde(default, skip_serializing_if = "Option::is_none", rename = "failureThreshold")] - pub failure_threshold: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub grpc: Option, - #[serde(default, skip_serializing_if = "Option::is_none", rename = "httpGet")] - pub http_get: Option, - #[serde(default, skip_serializing_if = "Option::is_none", rename = "initialDelaySeconds")] - pub initial_delay_seconds: Option, - #[serde(default, skip_serializing_if = "Option::is_none", rename = "periodSeconds")] - pub period_seconds: Option, - #[serde(default, skip_serializing_if = "Option::is_none", rename = "successThreshold")] - pub success_threshold: Option, - #[serde(default, skip_serializing_if = "Option::is_none", rename = "tcpSocket")] - pub tcp_socket: Option, - #[serde(default, skip_serializing_if = "Option::is_none", rename = "terminationGracePeriodSeconds")] - pub termination_grace_period_seconds: Option, - #[serde(default, skip_serializing_if = "Option::is_none", rename = "timeoutSeconds")] - pub timeout_seconds: Option, -} - -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct GrafanaDeploymentSpecTemplateSpecInitContainersReadinessProbeExec { - #[serde(default, skip_serializing_if = "Option::is_none")] - pub command: Option>, -} - -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct GrafanaDeploymentSpecTemplateSpecInitContainersReadinessProbeGrpc { - pub port: i32, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub service: Option, -} - -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct GrafanaDeploymentSpecTemplateSpecInitContainersReadinessProbeHttpGet { - #[serde(default, skip_serializing_if = "Option::is_none")] - pub host: Option, - #[serde(default, skip_serializing_if = "Option::is_none", rename = "httpHeaders")] - pub http_headers: Option>, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub path: Option, - pub port: IntOrString, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub scheme: Option, -} - -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct GrafanaDeploymentSpecTemplateSpecInitContainersReadinessProbeHttpGetHttpHeaders { - pub name: String, - pub value: String, -} - -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct GrafanaDeploymentSpecTemplateSpecInitContainersReadinessProbeTcpSocket { - #[serde(default, skip_serializing_if = "Option::is_none")] - pub host: Option, - pub port: IntOrString, -} - -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct GrafanaDeploymentSpecTemplateSpecInitContainersResizePolicy { - #[serde(rename = "resourceName")] - pub resource_name: String, - #[serde(rename = "restartPolicy")] - pub restart_policy: String, -} - -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct GrafanaDeploymentSpecTemplateSpecInitContainersResources { - #[serde(default, skip_serializing_if = "Option::is_none")] - pub claims: Option>, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub limits: Option>, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub requests: Option>, -} - -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct GrafanaDeploymentSpecTemplateSpecInitContainersResourcesClaims { - pub name: String, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub request: Option, -} - -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct GrafanaDeploymentSpecTemplateSpecInitContainersRestartPolicyRules { - pub action: String, - #[serde(default, skip_serializing_if = "Option::is_none", rename = "exitCodes")] - pub exit_codes: Option, -} - -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct GrafanaDeploymentSpecTemplateSpecInitContainersRestartPolicyRulesExitCodes { - pub operator: String, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub values: Option>, -} - -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct GrafanaDeploymentSpecTemplateSpecInitContainersSecurityContext { - #[serde(default, skip_serializing_if = "Option::is_none", rename = "allowPrivilegeEscalation")] - pub allow_privilege_escalation: Option, - #[serde(default, skip_serializing_if = "Option::is_none", rename = "appArmorProfile")] - pub app_armor_profile: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub capabilities: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub privileged: Option, - #[serde(default, skip_serializing_if = "Option::is_none", rename = "procMount")] - pub proc_mount: Option, - #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnlyRootFilesystem")] - pub read_only_root_filesystem: Option, - #[serde(default, skip_serializing_if = "Option::is_none", rename = "runAsGroup")] - pub run_as_group: Option, - #[serde(default, skip_serializing_if = "Option::is_none", rename = "runAsNonRoot")] - pub run_as_non_root: Option, - #[serde(default, skip_serializing_if = "Option::is_none", rename = "runAsUser")] - pub run_as_user: Option, - #[serde(default, skip_serializing_if = "Option::is_none", rename = "seLinuxOptions")] - pub se_linux_options: Option, - #[serde(default, skip_serializing_if = "Option::is_none", rename = "seccompProfile")] - pub seccomp_profile: Option, - #[serde(default, skip_serializing_if = "Option::is_none", rename = "windowsOptions")] - pub windows_options: Option, -} - -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct GrafanaDeploymentSpecTemplateSpecInitContainersSecurityContextAppArmorProfile { - #[serde(default, skip_serializing_if = "Option::is_none", rename = "localhostProfile")] - pub localhost_profile: Option, - #[serde(rename = "type")] - pub r#type: String, -} - -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct GrafanaDeploymentSpecTemplateSpecInitContainersSecurityContextCapabilities { - #[serde(default, skip_serializing_if = "Option::is_none")] - pub add: Option>, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub drop: Option>, -} - -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct GrafanaDeploymentSpecTemplateSpecInitContainersSecurityContextSeLinuxOptions { - #[serde(default, skip_serializing_if = "Option::is_none")] - pub level: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub role: Option, - #[serde(default, skip_serializing_if = "Option::is_none", rename = "type")] - pub r#type: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub user: Option, -} - -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct GrafanaDeploymentSpecTemplateSpecInitContainersSecurityContextSeccompProfile { - #[serde(default, skip_serializing_if = "Option::is_none", rename = "localhostProfile")] - pub localhost_profile: Option, - #[serde(rename = "type")] - pub r#type: String, -} - -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct GrafanaDeploymentSpecTemplateSpecInitContainersSecurityContextWindowsOptions { - #[serde(default, skip_serializing_if = "Option::is_none", rename = "gmsaCredentialSpec")] - pub gmsa_credential_spec: Option, - #[serde(default, skip_serializing_if = "Option::is_none", rename = "gmsaCredentialSpecName")] - pub gmsa_credential_spec_name: Option, - #[serde(default, skip_serializing_if = "Option::is_none", rename = "hostProcess")] - pub host_process: Option, - #[serde(default, skip_serializing_if = "Option::is_none", rename = "runAsUserName")] - pub run_as_user_name: Option, -} - -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct GrafanaDeploymentSpecTemplateSpecInitContainersStartupProbe { - #[serde(default, skip_serializing_if = "Option::is_none")] - pub exec: Option, - #[serde(default, skip_serializing_if = "Option::is_none", rename = "failureThreshold")] - pub failure_threshold: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub grpc: Option, - #[serde(default, skip_serializing_if = "Option::is_none", rename = "httpGet")] - pub http_get: Option, - #[serde(default, skip_serializing_if = "Option::is_none", rename = "initialDelaySeconds")] - pub initial_delay_seconds: Option, - #[serde(default, skip_serializing_if = "Option::is_none", rename = "periodSeconds")] - pub period_seconds: Option, - #[serde(default, skip_serializing_if = "Option::is_none", rename = "successThreshold")] - pub success_threshold: Option, - #[serde(default, skip_serializing_if = "Option::is_none", rename = "tcpSocket")] - pub tcp_socket: Option, - #[serde(default, skip_serializing_if = "Option::is_none", rename = "terminationGracePeriodSeconds")] - pub termination_grace_period_seconds: Option, - #[serde(default, skip_serializing_if = "Option::is_none", rename = "timeoutSeconds")] - pub timeout_seconds: Option, -} - -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct GrafanaDeploymentSpecTemplateSpecInitContainersStartupProbeExec { - #[serde(default, skip_serializing_if = "Option::is_none")] - pub command: Option>, -} - -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct GrafanaDeploymentSpecTemplateSpecInitContainersStartupProbeGrpc { - pub port: i32, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub service: Option, -} - -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct GrafanaDeploymentSpecTemplateSpecInitContainersStartupProbeHttpGet { - #[serde(default, skip_serializing_if = "Option::is_none")] - pub host: Option, - #[serde(default, skip_serializing_if = "Option::is_none", rename = "httpHeaders")] - pub http_headers: Option>, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub path: Option, - pub port: IntOrString, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub scheme: Option, -} - -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct GrafanaDeploymentSpecTemplateSpecInitContainersStartupProbeHttpGetHttpHeaders { - pub name: String, - pub value: String, -} - -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct GrafanaDeploymentSpecTemplateSpecInitContainersStartupProbeTcpSocket { - #[serde(default, skip_serializing_if = "Option::is_none")] - pub host: Option, - pub port: IntOrString, -} - -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct GrafanaDeploymentSpecTemplateSpecInitContainersVolumeDevices { - #[serde(rename = "devicePath")] - pub device_path: String, - pub name: String, -} - -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct GrafanaDeploymentSpecTemplateSpecInitContainersVolumeMounts { - #[serde(rename = "mountPath")] - pub mount_path: String, - #[serde(default, skip_serializing_if = "Option::is_none", rename = "mountPropagation")] - pub mount_propagation: Option, - pub name: String, - #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] - pub read_only: Option, - #[serde(default, skip_serializing_if = "Option::is_none", rename = "recursiveReadOnly")] - pub recursive_read_only: Option, - #[serde(default, skip_serializing_if = "Option::is_none", rename = "subPath")] - pub sub_path: Option, - #[serde(default, skip_serializing_if = "Option::is_none", rename = "subPathExpr")] - pub sub_path_expr: Option, -} - -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct GrafanaDeploymentSpecTemplateSpecOs { - pub name: String, -} - -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct GrafanaDeploymentSpecTemplateSpecReadinessGates { - #[serde(rename = "conditionType")] - pub condition_type: String, -} - -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct GrafanaDeploymentSpecTemplateSpecSecurityContext { - #[serde(default, skip_serializing_if = "Option::is_none", rename = "appArmorProfile")] - pub app_armor_profile: Option, - #[serde(default, skip_serializing_if = "Option::is_none", rename = "fsGroup")] - pub fs_group: Option, - #[serde(default, skip_serializing_if = "Option::is_none", rename = "fsGroupChangePolicy")] - pub fs_group_change_policy: Option, - #[serde(default, skip_serializing_if = "Option::is_none", rename = "runAsGroup")] - pub run_as_group: Option, - #[serde(default, skip_serializing_if = "Option::is_none", rename = "runAsNonRoot")] - pub run_as_non_root: Option, - #[serde(default, skip_serializing_if = "Option::is_none", rename = "runAsUser")] - pub run_as_user: Option, - #[serde(default, skip_serializing_if = "Option::is_none", rename = "seLinuxChangePolicy")] - pub se_linux_change_policy: Option, - #[serde(default, skip_serializing_if = "Option::is_none", rename = "seLinuxOptions")] - pub se_linux_options: Option, - #[serde(default, skip_serializing_if = "Option::is_none", rename = "seccompProfile")] - pub seccomp_profile: Option, - #[serde(default, skip_serializing_if = "Option::is_none", rename = "supplementalGroups")] - pub supplemental_groups: Option>, - #[serde(default, skip_serializing_if = "Option::is_none", rename = "supplementalGroupsPolicy")] - pub supplemental_groups_policy: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub sysctls: Option>, - #[serde(default, skip_serializing_if = "Option::is_none", rename = "windowsOptions")] - pub windows_options: Option, -} - -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct GrafanaDeploymentSpecTemplateSpecSecurityContextAppArmorProfile { - #[serde(default, skip_serializing_if = "Option::is_none", rename = "localhostProfile")] - pub localhost_profile: Option, - #[serde(rename = "type")] - pub r#type: String, -} - -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct GrafanaDeploymentSpecTemplateSpecSecurityContextSeLinuxOptions { - #[serde(default, skip_serializing_if = "Option::is_none")] - pub level: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub role: Option, - #[serde(default, skip_serializing_if = "Option::is_none", rename = "type")] - pub r#type: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub user: Option, -} - -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct GrafanaDeploymentSpecTemplateSpecSecurityContextSeccompProfile { - #[serde(default, skip_serializing_if = "Option::is_none", rename = "localhostProfile")] - pub localhost_profile: Option, - #[serde(rename = "type")] - pub r#type: String, -} - -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct GrafanaDeploymentSpecTemplateSpecSecurityContextSysctls { - pub name: String, - pub value: String, -} - -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct GrafanaDeploymentSpecTemplateSpecSecurityContextWindowsOptions { - #[serde(default, skip_serializing_if = "Option::is_none", rename = "gmsaCredentialSpec")] - pub gmsa_credential_spec: Option, - #[serde(default, skip_serializing_if = "Option::is_none", rename = "gmsaCredentialSpecName")] - pub gmsa_credential_spec_name: Option, - #[serde(default, skip_serializing_if = "Option::is_none", rename = "hostProcess")] - pub host_process: Option, - #[serde(default, skip_serializing_if = "Option::is_none", rename = "runAsUserName")] - pub run_as_user_name: Option, -} - -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct GrafanaDeploymentSpecTemplateSpecTolerations { - #[serde(default, skip_serializing_if = "Option::is_none")] - pub effect: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub key: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub operator: Option, - #[serde(default, skip_serializing_if = "Option::is_none", rename = "tolerationSeconds")] - pub toleration_seconds: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub value: Option, -} - -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct GrafanaDeploymentSpecTemplateSpecTopologySpreadConstraints { - #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelector")] - pub label_selector: Option, - #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] - pub match_label_keys: Option>, - #[serde(rename = "maxSkew")] - pub max_skew: i32, - #[serde(default, skip_serializing_if = "Option::is_none", rename = "minDomains")] - pub min_domains: Option, - #[serde(default, skip_serializing_if = "Option::is_none", rename = "nodeAffinityPolicy")] - pub node_affinity_policy: Option, - #[serde(default, skip_serializing_if = "Option::is_none", rename = "nodeTaintsPolicy")] - pub node_taints_policy: Option, - #[serde(rename = "topologyKey")] - pub topology_key: String, - #[serde(rename = "whenUnsatisfiable")] - pub when_unsatisfiable: String, -} - -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct GrafanaDeploymentSpecTemplateSpecTopologySpreadConstraintsLabelSelector { - #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] - pub match_expressions: Option>, - #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] - pub match_labels: Option>, -} - -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct GrafanaDeploymentSpecTemplateSpecTopologySpreadConstraintsLabelSelectorMatchExpressions { - pub key: String, - pub operator: String, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub values: Option>, -} - -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct GrafanaDeploymentSpecTemplateSpecVolumes { - #[serde(default, skip_serializing_if = "Option::is_none", rename = "awsElasticBlockStore")] - pub aws_elastic_block_store: Option, - #[serde(default, skip_serializing_if = "Option::is_none", rename = "azureDisk")] - pub azure_disk: Option, - #[serde(default, skip_serializing_if = "Option::is_none", rename = "azureFile")] - pub azure_file: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub cephfs: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub cinder: Option, - #[serde(default, skip_serializing_if = "Option::is_none", rename = "configMap")] - pub config_map: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub csi: Option, - #[serde(default, skip_serializing_if = "Option::is_none", rename = "downwardAPI")] - pub downward_api: Option, - #[serde(default, skip_serializing_if = "Option::is_none", rename = "emptyDir")] - pub empty_dir: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub ephemeral: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub fc: Option, - #[serde(default, skip_serializing_if = "Option::is_none", rename = "flexVolume")] - pub flex_volume: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub flocker: Option, - #[serde(default, skip_serializing_if = "Option::is_none", rename = "gcePersistentDisk")] - pub gce_persistent_disk: Option, - #[serde(default, skip_serializing_if = "Option::is_none", rename = "gitRepo")] - pub git_repo: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub glusterfs: Option, - #[serde(default, skip_serializing_if = "Option::is_none", rename = "hostPath")] - pub host_path: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub image: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub iscsi: Option, - pub name: String, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub nfs: Option, - #[serde(default, skip_serializing_if = "Option::is_none", rename = "persistentVolumeClaim")] - pub persistent_volume_claim: Option, - #[serde(default, skip_serializing_if = "Option::is_none", rename = "photonPersistentDisk")] - pub photon_persistent_disk: Option, - #[serde(default, skip_serializing_if = "Option::is_none", rename = "portworxVolume")] - pub portworx_volume: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub projected: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub quobyte: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub rbd: Option, - #[serde(default, skip_serializing_if = "Option::is_none", rename = "scaleIO")] - pub scale_io: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub secret: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub storageos: Option, - #[serde(default, skip_serializing_if = "Option::is_none", rename = "vsphereVolume")] - pub vsphere_volume: Option, -} - -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct GrafanaDeploymentSpecTemplateSpecVolumesAwsElasticBlockStore { - #[serde(default, skip_serializing_if = "Option::is_none", rename = "fsType")] - pub fs_type: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub partition: Option, - #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] - pub read_only: Option, - #[serde(rename = "volumeID")] - pub volume_id: String, -} - -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct GrafanaDeploymentSpecTemplateSpecVolumesAzureDisk { - #[serde(default, skip_serializing_if = "Option::is_none", rename = "cachingMode")] - pub caching_mode: Option, - #[serde(rename = "diskName")] - pub disk_name: String, - #[serde(rename = "diskURI")] - pub disk_uri: String, - #[serde(default, skip_serializing_if = "Option::is_none", rename = "fsType")] - pub fs_type: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub kind: Option, - #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] - pub read_only: Option, -} - -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct GrafanaDeploymentSpecTemplateSpecVolumesAzureFile { - #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] - pub read_only: Option, - #[serde(rename = "secretName")] - pub secret_name: String, - #[serde(rename = "shareName")] - pub share_name: String, -} - -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct GrafanaDeploymentSpecTemplateSpecVolumesCephfs { - pub monitors: Vec, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub path: Option, - #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] - pub read_only: Option, - #[serde(default, skip_serializing_if = "Option::is_none", rename = "secretFile")] - pub secret_file: Option, - #[serde(default, skip_serializing_if = "Option::is_none", rename = "secretRef")] - pub secret_ref: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub user: Option, -} - -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct GrafanaDeploymentSpecTemplateSpecVolumesCephfsSecretRef { - #[serde(default, skip_serializing_if = "Option::is_none")] - pub name: Option, -} - -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct GrafanaDeploymentSpecTemplateSpecVolumesCinder { - #[serde(default, skip_serializing_if = "Option::is_none", rename = "fsType")] - pub fs_type: Option, - #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] - pub read_only: Option, - #[serde(default, skip_serializing_if = "Option::is_none", rename = "secretRef")] - pub secret_ref: Option, - #[serde(rename = "volumeID")] - pub volume_id: String, -} - -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct GrafanaDeploymentSpecTemplateSpecVolumesCinderSecretRef { - #[serde(default, skip_serializing_if = "Option::is_none")] - pub name: Option, -} - -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct GrafanaDeploymentSpecTemplateSpecVolumesConfigMap { - #[serde(default, skip_serializing_if = "Option::is_none", rename = "defaultMode")] - pub default_mode: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub items: Option>, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub name: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub optional: Option, -} - -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct GrafanaDeploymentSpecTemplateSpecVolumesConfigMapItems { - pub key: String, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub mode: Option, - pub path: String, -} - -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct GrafanaDeploymentSpecTemplateSpecVolumesCsi { - pub driver: String, - #[serde(default, skip_serializing_if = "Option::is_none", rename = "fsType")] - pub fs_type: Option, - #[serde(default, skip_serializing_if = "Option::is_none", rename = "nodePublishSecretRef")] - pub node_publish_secret_ref: Option, - #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] - pub read_only: Option, - #[serde(default, skip_serializing_if = "Option::is_none", rename = "volumeAttributes")] - pub volume_attributes: Option>, -} - -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct GrafanaDeploymentSpecTemplateSpecVolumesCsiNodePublishSecretRef { - #[serde(default, skip_serializing_if = "Option::is_none")] - pub name: Option, -} - -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct GrafanaDeploymentSpecTemplateSpecVolumesDownwardApi { - #[serde(default, skip_serializing_if = "Option::is_none", rename = "defaultMode")] - pub default_mode: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub items: Option>, -} - -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct GrafanaDeploymentSpecTemplateSpecVolumesDownwardApiItems { - #[serde(default, skip_serializing_if = "Option::is_none", rename = "fieldRef")] - pub field_ref: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub mode: Option, - pub path: String, - #[serde(default, skip_serializing_if = "Option::is_none", rename = "resourceFieldRef")] - pub resource_field_ref: Option, -} - -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct GrafanaDeploymentSpecTemplateSpecVolumesDownwardApiItemsFieldRef { - #[serde(default, skip_serializing_if = "Option::is_none", rename = "apiVersion")] - pub api_version: Option, - #[serde(rename = "fieldPath")] - pub field_path: String, -} - -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct GrafanaDeploymentSpecTemplateSpecVolumesDownwardApiItemsResourceFieldRef { - #[serde(default, skip_serializing_if = "Option::is_none", rename = "containerName")] - pub container_name: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub divisor: Option, - pub resource: String, -} - -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct GrafanaDeploymentSpecTemplateSpecVolumesEmptyDir { - #[serde(default, skip_serializing_if = "Option::is_none")] - pub medium: Option, - #[serde(default, skip_serializing_if = "Option::is_none", rename = "sizeLimit")] - pub size_limit: Option, -} - -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct GrafanaDeploymentSpecTemplateSpecVolumesEphemeral { - #[serde(default, skip_serializing_if = "Option::is_none", rename = "volumeClaimTemplate")] - pub volume_claim_template: Option, -} - -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct GrafanaDeploymentSpecTemplateSpecVolumesEphemeralVolumeClaimTemplate { - #[serde(default, skip_serializing_if = "Option::is_none")] - pub metadata: Option, - pub spec: GrafanaDeploymentSpecTemplateSpecVolumesEphemeralVolumeClaimTemplateSpec, -} - -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct GrafanaDeploymentSpecTemplateSpecVolumesEphemeralVolumeClaimTemplateMetadata { -} - -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct GrafanaDeploymentSpecTemplateSpecVolumesEphemeralVolumeClaimTemplateSpec { - #[serde(default, skip_serializing_if = "Option::is_none", rename = "accessModes")] - pub access_modes: Option>, - #[serde(default, skip_serializing_if = "Option::is_none", rename = "dataSource")] - pub data_source: Option, - #[serde(default, skip_serializing_if = "Option::is_none", rename = "dataSourceRef")] - pub data_source_ref: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub resources: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub selector: Option, - #[serde(default, skip_serializing_if = "Option::is_none", rename = "storageClassName")] - pub storage_class_name: Option, - #[serde(default, skip_serializing_if = "Option::is_none", rename = "volumeAttributesClassName")] - pub volume_attributes_class_name: Option, - #[serde(default, skip_serializing_if = "Option::is_none", rename = "volumeMode")] - pub volume_mode: Option, - #[serde(default, skip_serializing_if = "Option::is_none", rename = "volumeName")] - pub volume_name: Option, -} - -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct GrafanaDeploymentSpecTemplateSpecVolumesEphemeralVolumeClaimTemplateSpecDataSource { - #[serde(default, skip_serializing_if = "Option::is_none", rename = "apiGroup")] - pub api_group: Option, - pub kind: String, - pub name: String, -} - -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct GrafanaDeploymentSpecTemplateSpecVolumesEphemeralVolumeClaimTemplateSpecDataSourceRef { - #[serde(default, skip_serializing_if = "Option::is_none", rename = "apiGroup")] - pub api_group: Option, - pub kind: String, - pub name: String, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub namespace: Option, -} - -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct GrafanaDeploymentSpecTemplateSpecVolumesEphemeralVolumeClaimTemplateSpecResources { - #[serde(default, skip_serializing_if = "Option::is_none")] - pub limits: Option>, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub requests: Option>, -} - -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct GrafanaDeploymentSpecTemplateSpecVolumesEphemeralVolumeClaimTemplateSpecSelector { - #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] - pub match_expressions: Option>, - #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] - pub match_labels: Option>, -} - -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct GrafanaDeploymentSpecTemplateSpecVolumesEphemeralVolumeClaimTemplateSpecSelectorMatchExpressions { - pub key: String, - pub operator: String, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub values: Option>, -} - -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct GrafanaDeploymentSpecTemplateSpecVolumesFc { - #[serde(default, skip_serializing_if = "Option::is_none", rename = "fsType")] - pub fs_type: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub lun: Option, - #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] - pub read_only: Option, - #[serde(default, skip_serializing_if = "Option::is_none", rename = "targetWWNs")] - pub target_ww_ns: Option>, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub wwids: Option>, -} - -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct GrafanaDeploymentSpecTemplateSpecVolumesFlexVolume { - pub driver: String, - #[serde(default, skip_serializing_if = "Option::is_none", rename = "fsType")] - pub fs_type: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub options: Option>, - #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] - pub read_only: Option, - #[serde(default, skip_serializing_if = "Option::is_none", rename = "secretRef")] - pub secret_ref: Option, -} - -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct GrafanaDeploymentSpecTemplateSpecVolumesFlexVolumeSecretRef { - #[serde(default, skip_serializing_if = "Option::is_none")] - pub name: Option, -} - -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct GrafanaDeploymentSpecTemplateSpecVolumesFlocker { - #[serde(default, skip_serializing_if = "Option::is_none", rename = "datasetName")] - pub dataset_name: Option, - #[serde(default, skip_serializing_if = "Option::is_none", rename = "datasetUUID")] - pub dataset_uuid: Option, -} - -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct GrafanaDeploymentSpecTemplateSpecVolumesGcePersistentDisk { - #[serde(default, skip_serializing_if = "Option::is_none", rename = "fsType")] - pub fs_type: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub partition: Option, - #[serde(rename = "pdName")] - pub pd_name: String, - #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] - pub read_only: Option, -} - -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct GrafanaDeploymentSpecTemplateSpecVolumesGitRepo { - #[serde(default, skip_serializing_if = "Option::is_none")] - pub directory: Option, - pub repository: String, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub revision: Option, -} - -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct GrafanaDeploymentSpecTemplateSpecVolumesGlusterfs { - pub endpoints: String, - pub path: String, - #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] - pub read_only: Option, -} - -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct GrafanaDeploymentSpecTemplateSpecVolumesHostPath { - pub path: String, - #[serde(default, skip_serializing_if = "Option::is_none", rename = "type")] - pub r#type: Option, -} - -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct GrafanaDeploymentSpecTemplateSpecVolumesImage { - #[serde(default, skip_serializing_if = "Option::is_none", rename = "pullPolicy")] - pub pull_policy: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub reference: Option, -} - -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct GrafanaDeploymentSpecTemplateSpecVolumesIscsi { - #[serde(default, skip_serializing_if = "Option::is_none", rename = "chapAuthDiscovery")] - pub chap_auth_discovery: Option, - #[serde(default, skip_serializing_if = "Option::is_none", rename = "chapAuthSession")] - pub chap_auth_session: Option, - #[serde(default, skip_serializing_if = "Option::is_none", rename = "fsType")] - pub fs_type: Option, - #[serde(default, skip_serializing_if = "Option::is_none", rename = "initiatorName")] - pub initiator_name: Option, - pub iqn: String, - #[serde(default, skip_serializing_if = "Option::is_none", rename = "iscsiInterface")] - pub iscsi_interface: Option, - pub lun: i32, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub portals: Option>, - #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] - pub read_only: Option, - #[serde(default, skip_serializing_if = "Option::is_none", rename = "secretRef")] - pub secret_ref: Option, - #[serde(rename = "targetPortal")] - pub target_portal: String, -} - -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct GrafanaDeploymentSpecTemplateSpecVolumesIscsiSecretRef { - #[serde(default, skip_serializing_if = "Option::is_none")] - pub name: Option, -} - -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct GrafanaDeploymentSpecTemplateSpecVolumesNfs { - pub path: String, - #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] - pub read_only: Option, - pub server: String, -} - -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct GrafanaDeploymentSpecTemplateSpecVolumesPersistentVolumeClaim { - #[serde(rename = "claimName")] - pub claim_name: String, - #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] - pub read_only: Option, -} - -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct GrafanaDeploymentSpecTemplateSpecVolumesPhotonPersistentDisk { - #[serde(default, skip_serializing_if = "Option::is_none", rename = "fsType")] - pub fs_type: Option, - #[serde(rename = "pdID")] - pub pd_id: String, -} - -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct GrafanaDeploymentSpecTemplateSpecVolumesPortworxVolume { - #[serde(default, skip_serializing_if = "Option::is_none", rename = "fsType")] - pub fs_type: Option, - #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] - pub read_only: Option, - #[serde(rename = "volumeID")] - pub volume_id: String, -} - -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct GrafanaDeploymentSpecTemplateSpecVolumesProjected { - #[serde(default, skip_serializing_if = "Option::is_none", rename = "defaultMode")] - pub default_mode: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub sources: Option>, -} - -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct GrafanaDeploymentSpecTemplateSpecVolumesProjectedSources { - #[serde(default, skip_serializing_if = "Option::is_none", rename = "clusterTrustBundle")] - pub cluster_trust_bundle: Option, - #[serde(default, skip_serializing_if = "Option::is_none", rename = "configMap")] - pub config_map: Option, - #[serde(default, skip_serializing_if = "Option::is_none", rename = "downwardAPI")] - pub downward_api: Option, - #[serde(default, skip_serializing_if = "Option::is_none", rename = "podCertificate")] - pub pod_certificate: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub secret: Option, - #[serde(default, skip_serializing_if = "Option::is_none", rename = "serviceAccountToken")] - pub service_account_token: Option, -} - -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct GrafanaDeploymentSpecTemplateSpecVolumesProjectedSourcesClusterTrustBundle { - #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelector")] - pub label_selector: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub name: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub optional: Option, - pub path: String, - #[serde(default, skip_serializing_if = "Option::is_none", rename = "signerName")] - pub signer_name: Option, -} - -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct GrafanaDeploymentSpecTemplateSpecVolumesProjectedSourcesClusterTrustBundleLabelSelector { - #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] - pub match_expressions: Option>, - #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] - pub match_labels: Option>, -} - -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct GrafanaDeploymentSpecTemplateSpecVolumesProjectedSourcesClusterTrustBundleLabelSelectorMatchExpressions { - pub key: String, - pub operator: String, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub values: Option>, -} - -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct GrafanaDeploymentSpecTemplateSpecVolumesProjectedSourcesConfigMap { - #[serde(default, skip_serializing_if = "Option::is_none")] - pub items: Option>, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub name: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub optional: Option, -} - -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct GrafanaDeploymentSpecTemplateSpecVolumesProjectedSourcesConfigMapItems { - pub key: String, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub mode: Option, - pub path: String, -} - -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct GrafanaDeploymentSpecTemplateSpecVolumesProjectedSourcesDownwardApi { - #[serde(default, skip_serializing_if = "Option::is_none")] - pub items: Option>, -} - -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct GrafanaDeploymentSpecTemplateSpecVolumesProjectedSourcesDownwardApiItems { - #[serde(default, skip_serializing_if = "Option::is_none", rename = "fieldRef")] - pub field_ref: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub mode: Option, - pub path: String, - #[serde(default, skip_serializing_if = "Option::is_none", rename = "resourceFieldRef")] - pub resource_field_ref: Option, -} - -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct GrafanaDeploymentSpecTemplateSpecVolumesProjectedSourcesDownwardApiItemsFieldRef { - #[serde(default, skip_serializing_if = "Option::is_none", rename = "apiVersion")] - pub api_version: Option, - #[serde(rename = "fieldPath")] - pub field_path: String, -} - -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct GrafanaDeploymentSpecTemplateSpecVolumesProjectedSourcesDownwardApiItemsResourceFieldRef { - #[serde(default, skip_serializing_if = "Option::is_none", rename = "containerName")] - pub container_name: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub divisor: Option, - pub resource: String, -} - -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct GrafanaDeploymentSpecTemplateSpecVolumesProjectedSourcesPodCertificate { - #[serde(default, skip_serializing_if = "Option::is_none", rename = "certificateChainPath")] - pub certificate_chain_path: Option, - #[serde(default, skip_serializing_if = "Option::is_none", rename = "credentialBundlePath")] - pub credential_bundle_path: Option, - #[serde(default, skip_serializing_if = "Option::is_none", rename = "keyPath")] - pub key_path: Option, - #[serde(rename = "keyType")] - pub key_type: String, - #[serde(default, skip_serializing_if = "Option::is_none", rename = "maxExpirationSeconds")] - pub max_expiration_seconds: Option, - #[serde(rename = "signerName")] - pub signer_name: String, -} - -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct GrafanaDeploymentSpecTemplateSpecVolumesProjectedSourcesSecret { - #[serde(default, skip_serializing_if = "Option::is_none")] - pub items: Option>, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub name: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub optional: Option, -} - -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct GrafanaDeploymentSpecTemplateSpecVolumesProjectedSourcesSecretItems { - pub key: String, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub mode: Option, - pub path: String, -} - -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct GrafanaDeploymentSpecTemplateSpecVolumesProjectedSourcesServiceAccountToken { - #[serde(default, skip_serializing_if = "Option::is_none")] - pub audience: Option, - #[serde(default, skip_serializing_if = "Option::is_none", rename = "expirationSeconds")] - pub expiration_seconds: Option, - pub path: String, -} - -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct GrafanaDeploymentSpecTemplateSpecVolumesQuobyte { - #[serde(default, skip_serializing_if = "Option::is_none")] - pub group: Option, - #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] - pub read_only: Option, - pub registry: String, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub tenant: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub user: Option, - pub volume: String, -} - -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct GrafanaDeploymentSpecTemplateSpecVolumesRbd { - #[serde(default, skip_serializing_if = "Option::is_none", rename = "fsType")] - pub fs_type: Option, - pub image: String, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub keyring: Option, - pub monitors: Vec, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub pool: Option, - #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] - pub read_only: Option, - #[serde(default, skip_serializing_if = "Option::is_none", rename = "secretRef")] - pub secret_ref: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub user: Option, -} - -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct GrafanaDeploymentSpecTemplateSpecVolumesRbdSecretRef { - #[serde(default, skip_serializing_if = "Option::is_none")] - pub name: Option, -} - -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct GrafanaDeploymentSpecTemplateSpecVolumesScaleIo { - #[serde(default, skip_serializing_if = "Option::is_none", rename = "fsType")] - pub fs_type: Option, - pub gateway: String, - #[serde(default, skip_serializing_if = "Option::is_none", rename = "protectionDomain")] - pub protection_domain: Option, - #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] - pub read_only: Option, - #[serde(rename = "secretRef")] - pub secret_ref: GrafanaDeploymentSpecTemplateSpecVolumesScaleIoSecretRef, - #[serde(default, skip_serializing_if = "Option::is_none", rename = "sslEnabled")] - pub ssl_enabled: Option, - #[serde(default, skip_serializing_if = "Option::is_none", rename = "storageMode")] - pub storage_mode: Option, - #[serde(default, skip_serializing_if = "Option::is_none", rename = "storagePool")] - pub storage_pool: Option, - pub system: String, - #[serde(default, skip_serializing_if = "Option::is_none", rename = "volumeName")] - pub volume_name: Option, -} - -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct GrafanaDeploymentSpecTemplateSpecVolumesScaleIoSecretRef { - #[serde(default, skip_serializing_if = "Option::is_none")] - pub name: Option, -} - -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct GrafanaDeploymentSpecTemplateSpecVolumesSecret { - #[serde(default, skip_serializing_if = "Option::is_none", rename = "defaultMode")] - pub default_mode: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub items: Option>, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub optional: Option, - #[serde(default, skip_serializing_if = "Option::is_none", rename = "secretName")] - pub secret_name: Option, -} - -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct GrafanaDeploymentSpecTemplateSpecVolumesSecretItems { - pub key: String, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub mode: Option, - pub path: String, -} - -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct GrafanaDeploymentSpecTemplateSpecVolumesStorageos { - #[serde(default, skip_serializing_if = "Option::is_none", rename = "fsType")] - pub fs_type: Option, - #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] - pub read_only: Option, - #[serde(default, skip_serializing_if = "Option::is_none", rename = "secretRef")] - pub secret_ref: Option, - #[serde(default, skip_serializing_if = "Option::is_none", rename = "volumeName")] - pub volume_name: Option, - #[serde(default, skip_serializing_if = "Option::is_none", rename = "volumeNamespace")] - pub volume_namespace: Option, -} - -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct GrafanaDeploymentSpecTemplateSpecVolumesStorageosSecretRef { - #[serde(default, skip_serializing_if = "Option::is_none")] - pub name: Option, -} - -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct GrafanaDeploymentSpecTemplateSpecVolumesVsphereVolume { - #[serde(default, skip_serializing_if = "Option::is_none", rename = "fsType")] - pub fs_type: Option, - #[serde(default, skip_serializing_if = "Option::is_none", rename = "storagePolicyID")] - pub storage_policy_id: Option, - #[serde(default, skip_serializing_if = "Option::is_none", rename = "storagePolicyName")] - pub storage_policy_name: Option, - #[serde(rename = "volumePath")] - pub volume_path: String, -} - -/// GrafanaSpec defines the desired state of Grafana -#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] -pub enum GrafanaDisableDefaultSecurityContext { - Pod, - Container, - All, -} - -/// External enables you to configure external grafana instances that is not managed by the operator. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct GrafanaExternal { - /// AdminPassword key to talk to the external grafana instance. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "adminPassword")] - pub admin_password: Option, - /// AdminUser key to talk to the external grafana instance. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "adminUser")] - pub admin_user: Option, - /// The API key to talk to the external grafana instance, you need to define ether apiKey or adminUser/adminPassword. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "apiKey")] - pub api_key: Option, - /// DEPRECATED, use top level `tls` instead. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub tls: Option, - /// URL of the external grafana instance you want to manage. - pub url: String, -} - -/// AdminPassword key to talk to the external grafana instance. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct GrafanaExternalAdminPassword { - /// The key of the secret to select from. Must be a valid secret key. - pub key: String, - /// Name of the referent. - /// This field is effectively required, but due to backwards compatibility is - /// allowed to be empty. Instances of this type with an empty value here are - /// almost certainly wrong. - /// More info: - #[serde(default, skip_serializing_if = "Option::is_none")] - pub name: Option, - /// Specify whether the Secret or its key must be defined - #[serde(default, skip_serializing_if = "Option::is_none")] - pub optional: Option, -} - -/// AdminUser key to talk to the external grafana instance. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct GrafanaExternalAdminUser { - /// The key of the secret to select from. Must be a valid secret key. - pub key: String, - /// Name of the referent. - /// This field is effectively required, but due to backwards compatibility is - /// allowed to be empty. Instances of this type with an empty value here are - /// almost certainly wrong. - /// More info: - #[serde(default, skip_serializing_if = "Option::is_none")] - pub name: Option, - /// Specify whether the Secret or its key must be defined - #[serde(default, skip_serializing_if = "Option::is_none")] - pub optional: Option, -} - -/// The API key to talk to the external grafana instance, you need to define ether apiKey or adminUser/adminPassword. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct GrafanaExternalApiKey { - /// The key of the secret to select from. Must be a valid secret key. - pub key: String, - /// Name of the referent. - /// This field is effectively required, but due to backwards compatibility is - /// allowed to be empty. Instances of this type with an empty value here are - /// almost certainly wrong. - /// More info: - #[serde(default, skip_serializing_if = "Option::is_none")] - pub name: Option, - /// Specify whether the Secret or its key must be defined - #[serde(default, skip_serializing_if = "Option::is_none")] - pub optional: Option, -} - -/// DEPRECATED, use top level `tls` instead. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct GrafanaExternalTls { - /// Use a secret as a reference to give TLS Certificate information - #[serde(default, skip_serializing_if = "Option::is_none", rename = "certSecretRef")] - pub cert_secret_ref: Option, - /// Disable the CA check of the server - #[serde(default, skip_serializing_if = "Option::is_none", rename = "insecureSkipVerify")] - pub insecure_skip_verify: Option, -} - -/// Use a secret as a reference to give TLS Certificate information -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct GrafanaExternalTlsCertSecretRef { - /// name is unique within a namespace to reference a secret resource. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub name: Option, - /// namespace defines the space within which the secret name must be unique. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub namespace: Option, -} - -/// Ingress sets how the ingress object should look like with your grafana instance. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct GrafanaIngress { - /// ObjectMeta contains only a [subset of the fields included in k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta]( - #[serde(default, skip_serializing_if = "Option::is_none")] - pub metadata: Option, - /// IngressSpec describes the Ingress the user wishes to exist. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub spec: Option, -} - -/// ObjectMeta contains only a [subset of the fields included in k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta]( -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct GrafanaIngressMetadata { - #[serde(default, skip_serializing_if = "Option::is_none")] - pub annotations: Option>, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub labels: Option>, -} - -/// IngressSpec describes the Ingress the user wishes to exist. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct GrafanaIngressSpec { - /// defaultBackend is the backend that should handle requests that don't - /// match any rule. If Rules are not specified, DefaultBackend must be specified. - /// If DefaultBackend is not set, the handling of requests that do not match any - /// of the rules will be up to the Ingress controller. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "defaultBackend")] - pub default_backend: Option, - /// ingressClassName is the name of an IngressClass cluster resource. Ingress - /// controller implementations use this field to know whether they should be - /// serving this Ingress resource, by a transitive connection - /// (controller -> IngressClass -> Ingress resource). Although the - /// `kubernetes.io/ingress.class` annotation (simple constant name) was never - /// formally defined, it was widely supported by Ingress controllers to create - /// a direct binding between Ingress controller and Ingress resources. Newly - /// created Ingress resources should prefer using the field. However, even - /// though the annotation is officially deprecated, for backwards compatibility - /// reasons, ingress controllers should still honor that annotation if present. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "ingressClassName")] - pub ingress_class_name: Option, - /// rules is a list of host rules used to configure the Ingress. If unspecified, - /// or no rule matches, all traffic is sent to the default backend. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub rules: Option>, - /// tls represents the TLS configuration. Currently the Ingress only supports a - /// single TLS port, 443. If multiple members of this list specify different hosts, - /// they will be multiplexed on the same port according to the hostname specified - /// through the SNI TLS extension, if the ingress controller fulfilling the - /// ingress supports SNI. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub tls: Option>, -} - -/// defaultBackend is the backend that should handle requests that don't -/// match any rule. If Rules are not specified, DefaultBackend must be specified. -/// If DefaultBackend is not set, the handling of requests that do not match any -/// of the rules will be up to the Ingress controller. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct GrafanaIngressSpecDefaultBackend { - /// resource is an ObjectRef to another Kubernetes resource in the namespace - /// of the Ingress object. If resource is specified, a service.Name and - /// service.Port must not be specified. - /// This is a mutually exclusive setting with "Service". - #[serde(default, skip_serializing_if = "Option::is_none")] - pub resource: Option, - /// service references a service as a backend. - /// This is a mutually exclusive setting with "Resource". - #[serde(default, skip_serializing_if = "Option::is_none")] - pub service: Option, -} - -/// resource is an ObjectRef to another Kubernetes resource in the namespace -/// of the Ingress object. If resource is specified, a service.Name and -/// service.Port must not be specified. -/// This is a mutually exclusive setting with "Service". -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct GrafanaIngressSpecDefaultBackendResource { - /// APIGroup is the group for the resource being referenced. - /// If APIGroup is not specified, the specified Kind must be in the core API group. - /// For any other third-party types, APIGroup is required. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "apiGroup")] - pub api_group: Option, - /// Kind is the type of resource being referenced - pub kind: String, - /// Name is the name of resource being referenced - pub name: String, -} - -/// service references a service as a backend. -/// This is a mutually exclusive setting with "Resource". -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct GrafanaIngressSpecDefaultBackendService { - /// name is the referenced service. The service must exist in - /// the same namespace as the Ingress object. - pub name: String, - /// port of the referenced service. A port name or port number - /// is required for a IngressServiceBackend. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub port: Option, -} - -/// port of the referenced service. A port name or port number -/// is required for a IngressServiceBackend. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct GrafanaIngressSpecDefaultBackendServicePort { - /// name is the name of the port on the Service. - /// This is a mutually exclusive setting with "Number". - #[serde(default, skip_serializing_if = "Option::is_none")] - pub name: Option, - /// number is the numerical port number (e.g. 80) on the Service. - /// This is a mutually exclusive setting with "Name". - #[serde(default, skip_serializing_if = "Option::is_none")] - pub number: Option, -} - -/// IngressRule represents the rules mapping the paths under a specified host to -/// the related backend services. Incoming requests are first evaluated for a host -/// match, then routed to the backend associated with the matching IngressRuleValue. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct GrafanaIngressSpecRules { - /// host is the fully qualified domain name of a network host, as defined by RFC 3986. - /// Note the following deviations from the "host" part of the - /// URI as defined in RFC 3986: - /// 1. IPs are not allowed. Currently an IngressRuleValue can only apply to - /// the IP in the Spec of the parent Ingress. - /// 2. The `:` delimiter is not respected because ports are not allowed. - /// Currently the port of an Ingress is implicitly :80 for http and - /// :443 for https. - /// Both these may change in the future. - /// Incoming requests are matched against the host before the - /// IngressRuleValue. If the host is unspecified, the Ingress routes all - /// traffic based on the specified IngressRuleValue. - /// - /// host can be "precise" which is a domain name without the terminating dot of - /// a network host (e.g. "foo.bar.com") or "wildcard", which is a domain name - /// prefixed with a single wildcard label (e.g. "*.foo.com"). - /// The wildcard character '*' must appear by itself as the first DNS label and - /// matches only a single label. You cannot have a wildcard label by itself (e.g. Host == "*"). - /// Requests will be matched against the Host field in the following way: - /// 1. If host is precise, the request matches this rule if the http host header is equal to Host. - /// 2. If host is a wildcard, then the request matches this rule if the http host header - /// is to equal to the suffix (removing the first label) of the wildcard rule. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub host: Option, - /// HTTPIngressRuleValue is a list of http selectors pointing to backends. - /// In the example: /?> -> backend where - /// where parts of the url correspond to RFC 3986, this resource will be used - /// to match against everything after the last '/' and before the first '?' - /// or '#'. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub http: Option, -} - -/// HTTPIngressRuleValue is a list of http selectors pointing to backends. -/// In the example: /?> -> backend where -/// where parts of the url correspond to RFC 3986, this resource will be used -/// to match against everything after the last '/' and before the first '?' -/// or '#'. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct GrafanaIngressSpecRulesHttp { - /// paths is a collection of paths that map requests to backends. - pub paths: Vec, -} - -/// HTTPIngressPath associates a path with a backend. Incoming urls matching the -/// path are forwarded to the backend. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct GrafanaIngressSpecRulesHttpPaths { - /// backend defines the referenced service endpoint to which the traffic - /// will be forwarded to. - pub backend: GrafanaIngressSpecRulesHttpPathsBackend, - /// path is matched against the path of an incoming request. Currently it can - /// contain characters disallowed from the conventional "path" part of a URL - /// as defined by RFC 3986. Paths must begin with a '/' and must be present - /// when using PathType with value "Exact" or "Prefix". - #[serde(default, skip_serializing_if = "Option::is_none")] - pub path: Option, - /// pathType determines the interpretation of the path matching. PathType can - /// be one of the following values: - /// * Exact: Matches the URL path exactly. - /// * Prefix: Matches based on a URL path prefix split by '/'. Matching is - /// done on a path element by element basis. A path element refers is the - /// list of labels in the path split by the '/' separator. A request is a - /// match for path p if every p is an element-wise prefix of p of the - /// request path. Note that if the last element of the path is a substring - /// of the last element in request path, it is not a match (e.g. /foo/bar - /// matches /foo/bar/baz, but does not match /foo/barbaz). - /// * ImplementationSpecific: Interpretation of the Path matching is up to - /// the IngressClass. Implementations can treat this as a separate PathType - /// or treat it identically to Prefix or Exact path types. - /// Implementations are required to support all path types. - #[serde(rename = "pathType")] - pub path_type: String, -} - -/// backend defines the referenced service endpoint to which the traffic -/// will be forwarded to. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct GrafanaIngressSpecRulesHttpPathsBackend { - /// resource is an ObjectRef to another Kubernetes resource in the namespace - /// of the Ingress object. If resource is specified, a service.Name and - /// service.Port must not be specified. - /// This is a mutually exclusive setting with "Service". - #[serde(default, skip_serializing_if = "Option::is_none")] - pub resource: Option, - /// service references a service as a backend. - /// This is a mutually exclusive setting with "Resource". - #[serde(default, skip_serializing_if = "Option::is_none")] - pub service: Option, -} - -/// resource is an ObjectRef to another Kubernetes resource in the namespace -/// of the Ingress object. If resource is specified, a service.Name and -/// service.Port must not be specified. -/// This is a mutually exclusive setting with "Service". -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct GrafanaIngressSpecRulesHttpPathsBackendResource { - /// APIGroup is the group for the resource being referenced. - /// If APIGroup is not specified, the specified Kind must be in the core API group. - /// For any other third-party types, APIGroup is required. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "apiGroup")] - pub api_group: Option, - /// Kind is the type of resource being referenced - pub kind: String, - /// Name is the name of resource being referenced - pub name: String, -} - -/// service references a service as a backend. -/// This is a mutually exclusive setting with "Resource". -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct GrafanaIngressSpecRulesHttpPathsBackendService { - /// name is the referenced service. The service must exist in - /// the same namespace as the Ingress object. - pub name: String, - /// port of the referenced service. A port name or port number - /// is required for a IngressServiceBackend. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub port: Option, -} - -/// port of the referenced service. A port name or port number -/// is required for a IngressServiceBackend. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct GrafanaIngressSpecRulesHttpPathsBackendServicePort { - /// name is the name of the port on the Service. - /// This is a mutually exclusive setting with "Number". - #[serde(default, skip_serializing_if = "Option::is_none")] - pub name: Option, - /// number is the numerical port number (e.g. 80) on the Service. - /// This is a mutually exclusive setting with "Name". - #[serde(default, skip_serializing_if = "Option::is_none")] - pub number: Option, -} - -/// IngressTLS describes the transport layer security associated with an ingress. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct GrafanaIngressSpecTls { - /// hosts is a list of hosts included in the TLS certificate. The values in - /// this list must match the name/s used in the tlsSecret. Defaults to the - /// wildcard host setting for the loadbalancer controller fulfilling this - /// Ingress, if left unspecified. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub hosts: Option>, - /// secretName is the name of the secret used to terminate TLS traffic on - /// port 443. Field is left optional to allow TLS routing based on SNI - /// hostname alone. If the SNI host in a listener conflicts with the "Host" - /// header field used by an IngressRule, the SNI host is used for termination - /// and value of the "Host" header is used for routing. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "secretName")] - pub secret_name: Option, -} - -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct GrafanaJsonnet { - /// A label selector is a label query over a set of resources. The result of matchLabels and - /// matchExpressions are ANDed. An empty label selector matches all objects. A null - /// label selector matches no objects. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "libraryLabelSelector")] - pub library_label_selector: Option, -} - -/// A label selector is a label query over a set of resources. The result of matchLabels and -/// matchExpressions are ANDed. An empty label selector matches all objects. A null -/// label selector matches no objects. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct GrafanaJsonnetLibraryLabelSelector { - /// matchExpressions is a list of label selector requirements. The requirements are ANDed. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] - pub match_expressions: Option>, - /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels - /// map is equivalent to an element of matchExpressions, whose key field is "key", the - /// operator is "In", and the values array contains only "value". The requirements are ANDed. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] - pub match_labels: Option>, -} - -/// A label selector requirement is a selector that contains values, a key, and an operator that -/// relates the key and values. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct GrafanaJsonnetLibraryLabelSelectorMatchExpressions { - /// key is the label key that the selector applies to. - pub key: String, - /// operator represents a key's relationship to a set of values. - /// Valid operators are In, NotIn, Exists and DoesNotExist. - pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, - /// the values array must be non-empty. If the operator is Exists or DoesNotExist, - /// the values array must be empty. This array is replaced during a strategic - /// merge patch. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub values: Option>, -} - -/// PersistentVolumeClaim creates a PVC if you need to attach one to your grafana instance. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct GrafanaPersistentVolumeClaim { - /// ObjectMeta contains only a [subset of the fields included in k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta]( - #[serde(default, skip_serializing_if = "Option::is_none")] - pub metadata: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub spec: Option, -} - -/// ObjectMeta contains only a [subset of the fields included in k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta]( -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct GrafanaPersistentVolumeClaimMetadata { - #[serde(default, skip_serializing_if = "Option::is_none")] - pub annotations: Option>, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub labels: Option>, -} - -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct GrafanaPersistentVolumeClaimSpec { - #[serde(default, skip_serializing_if = "Option::is_none", rename = "accessModes")] - pub access_modes: Option>, - /// TypedLocalObjectReference contains enough information to let you locate the - /// typed referenced object inside the same namespace. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "dataSource")] - pub data_source: Option, - /// TypedLocalObjectReference contains enough information to let you locate the - /// typed referenced object inside the same namespace. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "dataSourceRef")] - pub data_source_ref: Option, - /// ResourceRequirements describes the compute resource requirements. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub resources: Option, - /// A label selector is a label query over a set of resources. The result of matchLabels and - /// matchExpressions are ANDed. An empty label selector matches all objects. A null - /// label selector matches no objects. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub selector: Option, - #[serde(default, skip_serializing_if = "Option::is_none", rename = "storageClassName")] - pub storage_class_name: Option, - /// PersistentVolumeMode describes how a volume is intended to be consumed, either Block or Filesystem. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "volumeMode")] - pub volume_mode: Option, - /// VolumeName is the binding reference to the PersistentVolume backing this claim. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "volumeName")] - pub volume_name: Option, -} - -/// TypedLocalObjectReference contains enough information to let you locate the -/// typed referenced object inside the same namespace. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct GrafanaPersistentVolumeClaimSpecDataSource { - /// APIGroup is the group for the resource being referenced. - /// If APIGroup is not specified, the specified Kind must be in the core API group. - /// For any other third-party types, APIGroup is required. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "apiGroup")] - pub api_group: Option, - /// Kind is the type of resource being referenced - pub kind: String, - /// Name is the name of resource being referenced - pub name: String, -} - -/// TypedLocalObjectReference contains enough information to let you locate the -/// typed referenced object inside the same namespace. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct GrafanaPersistentVolumeClaimSpecDataSourceRef { - /// APIGroup is the group for the resource being referenced. - /// If APIGroup is not specified, the specified Kind must be in the core API group. - /// For any other third-party types, APIGroup is required. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "apiGroup")] - pub api_group: Option, - /// Kind is the type of resource being referenced - pub kind: String, - /// Name is the name of resource being referenced - pub name: String, -} - -/// ResourceRequirements describes the compute resource requirements. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct GrafanaPersistentVolumeClaimSpecResources { - /// Claims lists the names of resources, defined in spec.resourceClaims, - /// that are used by this container. - /// - /// This field depends on the - /// DynamicResourceAllocation feature gate. - /// - /// This field is immutable. It can only be set for containers. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub claims: Option>, - /// Limits describes the maximum amount of compute resources allowed. - /// More info: - #[serde(default, skip_serializing_if = "Option::is_none")] - pub limits: Option>, - /// Requests describes the minimum amount of compute resources required. - /// If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, - /// otherwise to an implementation-defined value. Requests cannot exceed Limits. - /// More info: - #[serde(default, skip_serializing_if = "Option::is_none")] - pub requests: Option>, -} - -/// ResourceClaim references one entry in PodSpec.ResourceClaims. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct GrafanaPersistentVolumeClaimSpecResourcesClaims { - /// Name must match the name of one entry in pod.spec.resourceClaims of - /// the Pod where this field is used. It makes that resource available - /// inside a container. - pub name: String, - /// Request is the name chosen for a request in the referenced claim. - /// If empty, everything from the claim is made available, otherwise - /// only the result of this request. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub request: Option, -} - -/// A label selector is a label query over a set of resources. The result of matchLabels and -/// matchExpressions are ANDed. An empty label selector matches all objects. A null -/// label selector matches no objects. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct GrafanaPersistentVolumeClaimSpecSelector { - /// matchExpressions is a list of label selector requirements. The requirements are ANDed. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] - pub match_expressions: Option>, - /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels - /// map is equivalent to an element of matchExpressions, whose key field is "key", the - /// operator is "In", and the values array contains only "value". The requirements are ANDed. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] - pub match_labels: Option>, -} - -/// A label selector requirement is a selector that contains values, a key, and an operator that -/// relates the key and values. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct GrafanaPersistentVolumeClaimSpecSelectorMatchExpressions { - /// key is the label key that the selector applies to. - pub key: String, - /// operator represents a key's relationship to a set of values. - /// Valid operators are In, NotIn, Exists and DoesNotExist. - pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, - /// the values array must be non-empty. If the operator is Exists or DoesNotExist, - /// the values array must be empty. This array is replaced during a strategic - /// merge patch. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub values: Option>, -} - -/// Preferences holds the Grafana Preferences settings -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct GrafanaPreferences { - #[serde(default, skip_serializing_if = "Option::is_none", rename = "homeDashboardUid")] - pub home_dashboard_uid: Option, -} - -/// Route sets how the ingress object should look like with your grafana instance, this only works in Openshift. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct GrafanaRoute { - /// ObjectMeta contains only a [subset of the fields included in k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta]( - #[serde(default, skip_serializing_if = "Option::is_none")] - pub metadata: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub spec: Option, -} - -/// ObjectMeta contains only a [subset of the fields included in k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta]( -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct GrafanaRouteMetadata { - #[serde(default, skip_serializing_if = "Option::is_none")] - pub annotations: Option>, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub labels: Option>, -} - -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct GrafanaRouteSpec { - #[serde(default, skip_serializing_if = "Option::is_none", rename = "alternateBackends")] - pub alternate_backends: Option>, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub host: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub path: Option, - /// RoutePort defines a port mapping from a router to an endpoint in the service endpoints. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub port: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub subdomain: Option, - /// TLSConfig defines config used to secure a route and provide termination - #[serde(default, skip_serializing_if = "Option::is_none")] - pub tls: Option, - /// RouteTargetReference specifies the target that resolve into endpoints. Only the 'Service' - /// kind is allowed. Use 'weight' field to emphasize one over others. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub to: Option, - /// WildcardPolicyType indicates the type of wildcard support needed by routes. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "wildcardPolicy")] - pub wildcard_policy: Option, -} - -/// RouteTargetReference specifies the target that resolve into endpoints. Only the 'Service' -/// kind is allowed. Use 'weight' field to emphasize one over others. -#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] -pub struct GrafanaRouteSpecAlternateBackends { - /// The kind of target that the route is referring to. Currently, only 'Service' is allowed - pub kind: GrafanaRouteSpecAlternateBackendsKind, - /// name of the service/target that is being referred to. e.g. name of the service - pub name: String, - /// weight as an integer between 0 and 256, default 100, that specifies the target's relative weight - /// against other target reference objects. 0 suppresses requests to this backend. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub weight: Option, -} - -/// RouteTargetReference specifies the target that resolve into endpoints. Only the 'Service' -/// kind is allowed. Use 'weight' field to emphasize one over others. -#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] -pub enum GrafanaRouteSpecAlternateBackendsKind { - Service, - #[serde(rename = "")] - KopiumEmpty, -} - -/// RoutePort defines a port mapping from a router to an endpoint in the service endpoints. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct GrafanaRouteSpecPort { - /// The target port on pods selected by the service this route points to. - /// If this is a string, it will be looked up as a named port in the target - /// endpoints port list. Required - #[serde(rename = "targetPort")] - pub target_port: IntOrString, -} - -/// TLSConfig defines config used to secure a route and provide termination -#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] -pub struct GrafanaRouteSpecTls { - /// caCertificate provides the cert authority certificate contents - #[serde(default, skip_serializing_if = "Option::is_none", rename = "caCertificate")] - pub ca_certificate: Option, - /// certificate provides certificate contents. This should be a single serving certificate, not a certificate - /// chain. Do not include a CA certificate. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub certificate: Option, - /// destinationCACertificate provides the contents of the ca certificate of the final destination. When using reencrypt - /// termination this file should be provided in order to have routers use it for health checks on the secure connection. - /// If this field is not specified, the router may provide its own destination CA and perform hostname validation using - /// the short service name (service.namespace.svc), which allows infrastructure generated certificates to automatically - /// verify. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "destinationCACertificate")] - pub destination_ca_certificate: Option, - /// externalCertificate provides certificate contents as a secret reference. - /// This should be a single serving certificate, not a certificate - /// chain. Do not include a CA certificate. The secret referenced should - /// be present in the same namespace as that of the Route. - /// Forbidden when `certificate` is set. - /// The router service account needs to be granted with read-only access to this secret, - /// please refer to openshift docs for additional details. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "externalCertificate")] - pub external_certificate: Option, - /// insecureEdgeTerminationPolicy indicates the desired behavior for insecure connections to a route. While - /// each router may make its own decisions on which ports to expose, this is normally port 80. - /// - /// If a route does not specify insecureEdgeTerminationPolicy, then the default behavior is "None". - /// - /// * Allow - traffic is sent to the server on the insecure port (edge/reencrypt terminations only). - /// - /// * None - no traffic is allowed on the insecure port (default). - /// - /// * Redirect - clients are redirected to the secure port. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "insecureEdgeTerminationPolicy")] - pub insecure_edge_termination_policy: Option, - /// key provides key file contents - #[serde(default, skip_serializing_if = "Option::is_none")] - pub key: Option, - /// termination indicates termination type. - /// - /// * edge - TLS termination is done by the router and http is used to communicate with the backend (default) - /// * passthrough - Traffic is sent straight to the destination without the router providing TLS termination - /// * reencrypt - TLS termination is done by the router and https is used to communicate with the backend - /// - /// Note: passthrough termination is incompatible with httpHeader actions - pub termination: GrafanaRouteSpecTlsTermination, -} - -/// externalCertificate provides certificate contents as a secret reference. -/// This should be a single serving certificate, not a certificate -/// chain. Do not include a CA certificate. The secret referenced should -/// be present in the same namespace as that of the Route. -/// Forbidden when `certificate` is set. -/// The router service account needs to be granted with read-only access to this secret, -/// please refer to openshift docs for additional details. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct GrafanaRouteSpecTlsExternalCertificate { - /// name of the referent. - /// More info: - #[serde(default, skip_serializing_if = "Option::is_none")] - pub name: Option, -} - -/// TLSConfig defines config used to secure a route and provide termination -#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] -pub enum GrafanaRouteSpecTlsInsecureEdgeTerminationPolicy { - Allow, - None, - Redirect, - #[serde(rename = "")] - KopiumEmpty, -} - -/// TLSConfig defines config used to secure a route and provide termination -#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] -pub enum GrafanaRouteSpecTlsTermination { - #[serde(rename = "edge")] - Edge, - #[serde(rename = "reencrypt")] - Reencrypt, - #[serde(rename = "passthrough")] - Passthrough, -} - -/// RouteTargetReference specifies the target that resolve into endpoints. Only the 'Service' -/// kind is allowed. Use 'weight' field to emphasize one over others. -#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] -pub struct GrafanaRouteSpecTo { - /// The kind of target that the route is referring to. Currently, only 'Service' is allowed - pub kind: GrafanaRouteSpecToKind, - /// name of the service/target that is being referred to. e.g. name of the service - pub name: String, - /// weight as an integer between 0 and 256, default 100, that specifies the target's relative weight - /// against other target reference objects. 0 suppresses requests to this backend. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub weight: Option, -} - -/// RouteTargetReference specifies the target that resolve into endpoints. Only the 'Service' -/// kind is allowed. Use 'weight' field to emphasize one over others. -#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] -pub enum GrafanaRouteSpecToKind { - Service, - #[serde(rename = "")] - KopiumEmpty, -} - -/// Service sets how the service object should look like with your grafana instance, contains a number of defaults. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct GrafanaService { - /// ObjectMeta contains only a [subset of the fields included in k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta]( - #[serde(default, skip_serializing_if = "Option::is_none")] - pub metadata: Option, - /// ServiceSpec describes the attributes that a user creates on a service. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub spec: Option, -} - -/// ObjectMeta contains only a [subset of the fields included in k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta]( -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct GrafanaServiceMetadata { - #[serde(default, skip_serializing_if = "Option::is_none")] - pub annotations: Option>, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub labels: Option>, -} - -/// ServiceSpec describes the attributes that a user creates on a service. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct GrafanaServiceSpec { - /// allocateLoadBalancerNodePorts defines if NodePorts will be automatically - /// allocated for services with type LoadBalancer. Default is "true". It - /// may be set to "false" if the cluster load-balancer does not rely on - /// NodePorts. If the caller requests specific NodePorts (by specifying a - /// value), those requests will be respected, regardless of this field. - /// This field may only be set for services with type LoadBalancer and will - /// be cleared if the type is changed to any other type. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "allocateLoadBalancerNodePorts")] - pub allocate_load_balancer_node_ports: Option, - /// clusterIP is the IP address of the service and is usually assigned - /// randomly. If an address is specified manually, is in-range (as per - /// system configuration), and is not in use, it will be allocated to the - /// service; otherwise creation of the service will fail. This field may not - /// be changed through updates unless the type field is also being changed - /// to ExternalName (which requires this field to be blank) or the type - /// field is being changed from ExternalName (in which case this field may - /// optionally be specified, as describe above). Valid values are "None", - /// empty string (""), or a valid IP address. Setting this to "None" makes a - /// "headless service" (no virtual IP), which is useful when direct endpoint - /// connections are preferred and proxying is not required. Only applies to - /// types ClusterIP, NodePort, and LoadBalancer. If this field is specified - /// when creating a Service of type ExternalName, creation will fail. This - /// field will be wiped when updating a Service to type ExternalName. - /// More info: - #[serde(default, skip_serializing_if = "Option::is_none", rename = "clusterIP")] - pub cluster_ip: Option, - /// ClusterIPs is a list of IP addresses assigned to this service, and are - /// usually assigned randomly. If an address is specified manually, is - /// in-range (as per system configuration), and is not in use, it will be - /// allocated to the service; otherwise creation of the service will fail. - /// This field may not be changed through updates unless the type field is - /// also being changed to ExternalName (which requires this field to be - /// empty) or the type field is being changed from ExternalName (in which - /// case this field may optionally be specified, as describe above). Valid - /// values are "None", empty string (""), or a valid IP address. Setting - /// this to "None" makes a "headless service" (no virtual IP), which is - /// useful when direct endpoint connections are preferred and proxying is - /// not required. Only applies to types ClusterIP, NodePort, and - /// LoadBalancer. If this field is specified when creating a Service of type - /// ExternalName, creation will fail. This field will be wiped when updating - /// a Service to type ExternalName. If this field is not specified, it will - /// be initialized from the clusterIP field. If this field is specified, - /// clients must ensure that clusterIPs[0] and clusterIP have the same - /// value. - /// - /// This field may hold a maximum of two entries (dual-stack IPs, in either order). - /// These IPs must correspond to the values of the ipFamilies field. Both - /// clusterIPs and ipFamilies are governed by the ipFamilyPolicy field. - /// More info: - #[serde(default, skip_serializing_if = "Option::is_none", rename = "clusterIPs")] - pub cluster_i_ps: Option>, - /// externalIPs is a list of IP addresses for which nodes in the cluster - /// will also accept traffic for this service. These IPs are not managed by - /// Kubernetes. The user is responsible for ensuring that traffic arrives - /// at a node with this IP. A common example is external load-balancers - /// that are not part of the Kubernetes system. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "externalIPs")] - pub external_i_ps: Option>, - /// externalName is the external reference that discovery mechanisms will - /// return as an alias for this service (e.g. a DNS CNAME record). No - /// proxying will be involved. Must be a lowercase RFC-1123 hostname - /// ( and requires `type` to be "ExternalName". - #[serde(default, skip_serializing_if = "Option::is_none", rename = "externalName")] - pub external_name: Option, - /// externalTrafficPolicy describes how nodes distribute service traffic they - /// receive on one of the Service's "externally-facing" addresses (NodePorts, - /// ExternalIPs, and LoadBalancer IPs). If set to "Local", the proxy will configure - /// the service in a way that assumes that external load balancers will take care - /// of balancing the service traffic between nodes, and so each node will deliver - /// traffic only to the node-local endpoints of the service, without masquerading - /// the client source IP. (Traffic mistakenly sent to a node with no endpoints will - /// be dropped.) The default value, "Cluster", uses the standard behavior of - /// routing to all endpoints evenly (possibly modified by topology and other - /// features). Note that traffic sent to an External IP or LoadBalancer IP from - /// within the cluster will always get "Cluster" semantics, but clients sending to - /// a NodePort from within the cluster may need to take traffic policy into account - /// when picking a node. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "externalTrafficPolicy")] - pub external_traffic_policy: Option, - /// healthCheckNodePort specifies the healthcheck nodePort for the service. - /// This only applies when type is set to LoadBalancer and - /// externalTrafficPolicy is set to Local. If a value is specified, is - /// in-range, and is not in use, it will be used. If not specified, a value - /// will be automatically allocated. External systems (e.g. load-balancers) - /// can use this port to determine if a given node holds endpoints for this - /// service or not. If this field is specified when creating a Service - /// which does not need it, creation will fail. This field will be wiped - /// when updating a Service to no longer need it (e.g. changing type). - /// This field cannot be updated once set. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "healthCheckNodePort")] - pub health_check_node_port: Option, - /// InternalTrafficPolicy describes how nodes distribute service traffic they - /// receive on the ClusterIP. If set to "Local", the proxy will assume that pods - /// only want to talk to endpoints of the service on the same node as the pod, - /// dropping the traffic if there are no local endpoints. The default value, - /// "Cluster", uses the standard behavior of routing to all endpoints evenly - /// (possibly modified by topology and other features). - #[serde(default, skip_serializing_if = "Option::is_none", rename = "internalTrafficPolicy")] - pub internal_traffic_policy: Option, - /// IPFamilies is a list of IP families (e.g. IPv4, IPv6) assigned to this - /// service. This field is usually assigned automatically based on cluster - /// configuration and the ipFamilyPolicy field. If this field is specified - /// manually, the requested family is available in the cluster, - /// and ipFamilyPolicy allows it, it will be used; otherwise creation of - /// the service will fail. This field is conditionally mutable: it allows - /// for adding or removing a secondary IP family, but it does not allow - /// changing the primary IP family of the Service. Valid values are "IPv4" - /// and "IPv6". This field only applies to Services of types ClusterIP, - /// NodePort, and LoadBalancer, and does apply to "headless" services. - /// This field will be wiped when updating a Service to type ExternalName. - /// - /// This field may hold a maximum of two entries (dual-stack families, in - /// either order). These families must correspond to the values of the - /// clusterIPs field, if specified. Both clusterIPs and ipFamilies are - /// governed by the ipFamilyPolicy field. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "ipFamilies")] - pub ip_families: Option>, - /// IPFamilyPolicy represents the dual-stack-ness requested or required by - /// this Service. If there is no value provided, then this field will be set - /// to SingleStack. Services can be "SingleStack" (a single IP family), - /// "PreferDualStack" (two IP families on dual-stack configured clusters or - /// a single IP family on single-stack clusters), or "RequireDualStack" - /// (two IP families on dual-stack configured clusters, otherwise fail). The - /// ipFamilies and clusterIPs fields depend on the value of this field. This - /// field will be wiped when updating a service to type ExternalName. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "ipFamilyPolicy")] - pub ip_family_policy: Option, - /// loadBalancerClass is the class of the load balancer implementation this Service belongs to. - /// If specified, the value of this field must be a label-style identifier, with an optional prefix, - /// e.g. "internal-vip" or "example.com/internal-vip". Unprefixed names are reserved for end-users. - /// This field can only be set when the Service type is 'LoadBalancer'. If not set, the default load - /// balancer implementation is used, today this is typically done through the cloud provider integration, - /// but should apply for any default implementation. If set, it is assumed that a load balancer - /// implementation is watching for Services with a matching class. Any default load balancer - /// implementation (e.g. cloud providers) should ignore Services that set this field. - /// This field can only be set when creating or updating a Service to type 'LoadBalancer'. - /// Once set, it can not be changed. This field will be wiped when a service is updated to a non 'LoadBalancer' type. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "loadBalancerClass")] - pub load_balancer_class: Option, - /// Only applies to Service Type: LoadBalancer. - /// This feature depends on whether the underlying cloud-provider supports specifying - /// the loadBalancerIP when a load balancer is created. - /// This field will be ignored if the cloud-provider does not support the feature. - /// Deprecated: This field was under-specified and its meaning varies across implementations. - /// Using it is non-portable and it may not support dual-stack. - /// Users are encouraged to use implementation-specific annotations when available. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "loadBalancerIP")] - pub load_balancer_ip: Option, - /// If specified and supported by the platform, this will restrict traffic through the cloud-provider - /// load-balancer will be restricted to the specified client IPs. This field will be ignored if the - /// cloud-provider does not support the feature." - /// More info: - #[serde(default, skip_serializing_if = "Option::is_none", rename = "loadBalancerSourceRanges")] - pub load_balancer_source_ranges: Option>, - /// The list of ports that are exposed by this service. - /// More info: - #[serde(default, skip_serializing_if = "Option::is_none")] - pub ports: Option>, - /// publishNotReadyAddresses indicates that any agent which deals with endpoints for this - /// Service should disregard any indications of ready/not-ready. - /// The primary use case for setting this field is for a StatefulSet's Headless Service to - /// propagate SRV DNS records for its Pods for the purpose of peer discovery. - /// The Kubernetes controllers that generate Endpoints and EndpointSlice resources for - /// Services interpret this to mean that all endpoints are considered "ready" even if the - /// Pods themselves are not. Agents which consume only Kubernetes generated endpoints - /// through the Endpoints or EndpointSlice resources can safely assume this behavior. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "publishNotReadyAddresses")] - pub publish_not_ready_addresses: Option, - /// Route service traffic to pods with label keys and values matching this - /// selector. If empty or not present, the service is assumed to have an - /// external process managing its endpoints, which Kubernetes will not - /// modify. Only applies to types ClusterIP, NodePort, and LoadBalancer. - /// Ignored if type is ExternalName. - /// More info: - #[serde(default, skip_serializing_if = "Option::is_none")] - pub selector: Option>, - /// Supports "ClientIP" and "None". Used to maintain session affinity. - /// Enable client IP based session affinity. - /// Must be ClientIP or None. - /// Defaults to None. - /// More info: - #[serde(default, skip_serializing_if = "Option::is_none", rename = "sessionAffinity")] - pub session_affinity: Option, - /// sessionAffinityConfig contains the configurations of session affinity. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "sessionAffinityConfig")] - pub session_affinity_config: Option, - /// TrafficDistribution offers a way to express preferences for how traffic - /// is distributed to Service endpoints. Implementations can use this field - /// as a hint, but are not required to guarantee strict adherence. If the - /// field is not set, the implementation will apply its default routing - /// strategy. If set to "PreferClose", implementations should prioritize - /// endpoints that are in the same zone. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "trafficDistribution")] - pub traffic_distribution: Option, - /// type determines how the Service is exposed. Defaults to ClusterIP. Valid - /// options are ExternalName, ClusterIP, NodePort, and LoadBalancer. - /// "ClusterIP" allocates a cluster-internal IP address for load-balancing - /// to endpoints. Endpoints are determined by the selector or if that is not - /// specified, by manual construction of an Endpoints object or - /// EndpointSlice objects. If clusterIP is "None", no virtual IP is - /// allocated and the endpoints are published as a set of endpoints rather - /// than a virtual IP. - /// "NodePort" builds on ClusterIP and allocates a port on every node which - /// routes to the same endpoints as the clusterIP. - /// "LoadBalancer" builds on NodePort and creates an external load-balancer - /// (if supported in the current cloud) which routes to the same endpoints - /// as the clusterIP. - /// "ExternalName" aliases this service to the specified externalName. - /// Several other fields do not apply to ExternalName services. - /// More info: - #[serde(default, skip_serializing_if = "Option::is_none", rename = "type")] - pub r#type: Option, -} - -/// ServicePort contains information on service's port. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct GrafanaServiceSpecPorts { - /// The application protocol for this port. - /// This is used as a hint for implementations to offer richer behavior for protocols that they understand. - /// This field follows standard Kubernetes label syntax. - /// Valid values are either: - /// - /// * Un-prefixed protocol names - reserved for IANA standard service names (as per - /// RFC-6335 and - /// - /// * Kubernetes-defined prefixed names: - /// * 'kubernetes.io/h2c' - HTTP/2 prior knowledge over cleartext as described in - /// * 'kubernetes.io/ws' - WebSocket over cleartext as described in - /// * 'kubernetes.io/wss' - WebSocket over TLS as described in - /// - /// * Other protocols should use implementation-defined prefixed names such as - /// mycompany.com/my-custom-protocol. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "appProtocol")] - pub app_protocol: Option, - /// The name of this port within the service. This must be a DNS_LABEL. - /// All ports within a ServiceSpec must have unique names. When considering - /// the endpoints for a Service, this must match the 'name' field in the - /// EndpointPort. - /// Optional if only one ServicePort is defined on this service. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub name: Option, - /// The port on each node on which this service is exposed when type is - /// NodePort or LoadBalancer. Usually assigned by the system. If a value is - /// specified, in-range, and not in use it will be used, otherwise the - /// operation will fail. If not specified, a port will be allocated if this - /// Service requires one. If this field is specified when creating a - /// Service which does not need it, creation will fail. This field will be - /// wiped when updating a Service to no longer need it (e.g. changing type - /// from NodePort to ClusterIP). - /// More info: - #[serde(default, skip_serializing_if = "Option::is_none", rename = "nodePort")] - pub node_port: Option, - /// The port that will be exposed by this service. - pub port: i32, - /// The IP protocol for this port. Supports "TCP", "UDP", and "SCTP". - /// Default is TCP. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub protocol: Option, - /// Number or name of the port to access on the pods targeted by the service. - /// Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. - /// If this is a string, it will be looked up as a named port in the - /// target Pod's container ports. If this is not specified, the value - /// of the 'port' field is used (an identity map). - /// This field is ignored for services with clusterIP=None, and should be - /// omitted or set equal to the 'port' field. - /// More info: - #[serde(default, skip_serializing_if = "Option::is_none", rename = "targetPort")] - pub target_port: Option, -} - -/// sessionAffinityConfig contains the configurations of session affinity. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct GrafanaServiceSpecSessionAffinityConfig { - /// clientIP contains the configurations of Client IP based session affinity. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "clientIP")] - pub client_ip: Option, -} - -/// clientIP contains the configurations of Client IP based session affinity. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct GrafanaServiceSpecSessionAffinityConfigClientIp { - /// timeoutSeconds specifies the seconds of ClientIP type session sticky time. - /// The value must be >0 && <=86400(for 1 day) if ServiceAffinity == "ClientIP". - /// Default value is 10800(for 3 hours). - #[serde(default, skip_serializing_if = "Option::is_none", rename = "timeoutSeconds")] - pub timeout_seconds: Option, -} - -/// ServiceAccount sets how the ServiceAccount object should look like with your grafana instance, contains a number of defaults. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct GrafanaServiceAccount { - #[serde(default, skip_serializing_if = "Option::is_none", rename = "automountServiceAccountToken")] - pub automount_service_account_token: Option, - #[serde(default, skip_serializing_if = "Option::is_none", rename = "imagePullSecrets")] - pub image_pull_secrets: Option>, - /// ObjectMeta contains only a [subset of the fields included in k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta]( - #[serde(default, skip_serializing_if = "Option::is_none")] - pub metadata: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub secrets: Option>, -} - -/// LocalObjectReference contains enough information to let you locate the -/// referenced object inside the same namespace. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct GrafanaServiceAccountImagePullSecrets { - /// Name of the referent. - /// This field is effectively required, but due to backwards compatibility is - /// allowed to be empty. Instances of this type with an empty value here are - /// almost certainly wrong. - /// More info: - #[serde(default, skip_serializing_if = "Option::is_none")] - pub name: Option, -} - -/// ObjectMeta contains only a [subset of the fields included in k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta]( -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct GrafanaServiceAccountMetadata { - #[serde(default, skip_serializing_if = "Option::is_none")] - pub annotations: Option>, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub labels: Option>, -} - -/// GrafanaStatus defines the observed state of Grafana -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct GrafanaStatus { - #[serde(default, skip_serializing_if = "Option::is_none", rename = "adminUrl")] - pub admin_url: Option, - #[serde(default, skip_serializing_if = "Option::is_none", rename = "alertRuleGroups")] - pub alert_rule_groups: Option>, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub conditions: Option>, - #[serde(default, skip_serializing_if = "Option::is_none", rename = "contactPoints")] - pub contact_points: Option>, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub dashboards: Option>, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub datasources: Option>, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub folders: Option>, - #[serde(default, skip_serializing_if = "Option::is_none", rename = "lastMessage")] - pub last_message: Option, - #[serde(default, skip_serializing_if = "Option::is_none", rename = "libraryPanels")] - pub library_panels: Option>, - #[serde(default, skip_serializing_if = "Option::is_none", rename = "muteTimings")] - pub mute_timings: Option>, - #[serde(default, skip_serializing_if = "Option::is_none", rename = "notificationTemplates")] - pub notification_templates: Option>, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub serviceaccounts: Option>, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub stage: Option, - #[serde(default, skip_serializing_if = "Option::is_none", rename = "stageStatus")] - pub stage_status: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub version: Option, -} - diff --git a/custom-resources/infrastructure_cluster_x_k8s_io/src/v1beta2/ibmpowervsclusters.rs b/custom-resources/infrastructure_cluster_x_k8s_io/src/v1beta2/ibmpowervsclusters.rs index dae9d4ec5..e1bc8157a 100644 --- a/custom-resources/infrastructure_cluster_x_k8s_io/src/v1beta2/ibmpowervsclusters.rs +++ b/custom-resources/infrastructure_cluster_x_k8s_io/src/v1beta2/ibmpowervsclusters.rs @@ -78,8 +78,9 @@ pub struct IbmPowerVsClusterSpec { /// ServiceInstance.Regex is not yet supported not yet supported and system will ignore the value. #[serde(default, skip_serializing_if = "Option::is_none", rename = "serviceInstance")] pub service_instance: Option, - /// ServiceInstanceID is the id of the power cloud instance where the vsi instance will get deployed. /// Deprecated: use ServiceInstance instead + /// + /// ServiceInstanceID is the id of the power cloud instance where the vsi instance will get deployed. #[serde(rename = "serviceInstanceID")] pub service_instance_id: String, /// transitGateway contains information about IBM Cloud TransitGateway diff --git a/custom-resources/infrastructure_cluster_x_k8s_io/src/v1beta2/ibmpowervsclustertemplates.rs b/custom-resources/infrastructure_cluster_x_k8s_io/src/v1beta2/ibmpowervsclustertemplates.rs index 649531701..b030ac315 100644 --- a/custom-resources/infrastructure_cluster_x_k8s_io/src/v1beta2/ibmpowervsclustertemplates.rs +++ b/custom-resources/infrastructure_cluster_x_k8s_io/src/v1beta2/ibmpowervsclustertemplates.rs @@ -112,8 +112,9 @@ pub struct IbmPowerVsClusterTemplateTemplateSpec { /// ServiceInstance.Regex is not yet supported not yet supported and system will ignore the value. #[serde(default, skip_serializing_if = "Option::is_none", rename = "serviceInstance")] pub service_instance: Option, - /// ServiceInstanceID is the id of the power cloud instance where the vsi instance will get deployed. /// Deprecated: use ServiceInstance instead + /// + /// ServiceInstanceID is the id of the power cloud instance where the vsi instance will get deployed. #[serde(rename = "serviceInstanceID")] pub service_instance_id: String, /// transitGateway contains information about IBM Cloud TransitGateway diff --git a/custom-resources/infrastructure_cluster_x_k8s_io/src/v1beta2/ibmpowervsimages.rs b/custom-resources/infrastructure_cluster_x_k8s_io/src/v1beta2/ibmpowervsimages.rs index af9cb6f54..08fcd0aac 100644 --- a/custom-resources/infrastructure_cluster_x_k8s_io/src/v1beta2/ibmpowervsimages.rs +++ b/custom-resources/infrastructure_cluster_x_k8s_io/src/v1beta2/ibmpowervsimages.rs @@ -40,8 +40,9 @@ pub struct IbmPowerVsImageSpec { /// when omitted system will dynamically create the service instance #[serde(default, skip_serializing_if = "Option::is_none", rename = "serviceInstance")] pub service_instance: Option, - /// ServiceInstanceID is the id of the power cloud instance where the image will get imported. /// Deprecated: use ServiceInstance instead + /// + /// ServiceInstanceID is the id of the power cloud instance where the image will get imported. #[serde(rename = "serviceInstanceID")] pub service_instance_id: String, /// Type of storage, storage pool with the most available space will be selected. diff --git a/custom-resources/infrastructure_cluster_x_k8s_io/src/v1beta2/ibmpowervsmachines.rs b/custom-resources/infrastructure_cluster_x_k8s_io/src/v1beta2/ibmpowervsmachines.rs index 3aefff81e..832b0f0f5 100644 --- a/custom-resources/infrastructure_cluster_x_k8s_io/src/v1beta2/ibmpowervsmachines.rs +++ b/custom-resources/infrastructure_cluster_x_k8s_io/src/v1beta2/ibmpowervsmachines.rs @@ -72,8 +72,9 @@ pub struct IbmPowerVsMachineSpec { /// when omitted system will dynamically create the service instance #[serde(default, skip_serializing_if = "Option::is_none", rename = "serviceInstance")] pub service_instance: Option, - /// ServiceInstanceID is the id of the power cloud instance where the vsi instance will get deployed. /// Deprecated: use ServiceInstance instead + /// + /// ServiceInstanceID is the id of the power cloud instance where the vsi instance will get deployed. #[serde(rename = "serviceInstanceID")] pub service_instance_id: String, /// SSHKey is the name of the SSH key pair provided to the vsi for authenticating users. diff --git a/custom-resources/infrastructure_cluster_x_k8s_io/src/v1beta2/ibmpowervsmachinetemplates.rs b/custom-resources/infrastructure_cluster_x_k8s_io/src/v1beta2/ibmpowervsmachinetemplates.rs index bbc166177..04746339d 100644 --- a/custom-resources/infrastructure_cluster_x_k8s_io/src/v1beta2/ibmpowervsmachinetemplates.rs +++ b/custom-resources/infrastructure_cluster_x_k8s_io/src/v1beta2/ibmpowervsmachinetemplates.rs @@ -86,8 +86,9 @@ pub struct IbmPowerVsMachineTemplateTemplateSpec { /// when omitted system will dynamically create the service instance #[serde(default, skip_serializing_if = "Option::is_none", rename = "serviceInstance")] pub service_instance: Option, - /// ServiceInstanceID is the id of the power cloud instance where the vsi instance will get deployed. /// Deprecated: use ServiceInstance instead + /// + /// ServiceInstanceID is the id of the power cloud instance where the vsi instance will get deployed. #[serde(rename = "serviceInstanceID")] pub service_instance_id: String, /// SSHKey is the name of the SSH key pair provided to the vsi for authenticating users. diff --git a/custom-resources/k8s_keycloak_org/src/v2alpha1/keycloaks.rs b/custom-resources/k8s_keycloak_org/src/v2alpha1/keycloaks.rs index 00bf305aa..3eb4df1c1 100644 --- a/custom-resources/k8s_keycloak_org/src/v2alpha1/keycloaks.rs +++ b/custom-resources/k8s_keycloak_org/src/v2alpha1/keycloaks.rs @@ -23,6 +23,9 @@ pub struct KeycloakSpec { /// expressed as a keys (reference: and values that can be either direct values or references to secrets. #[serde(default, skip_serializing_if = "Option::is_none", rename = "additionalOptions")] pub additional_options: Option>, + /// Set this to to false to disable automounting the default ServiceAccount Token and Service CA. This is enabled by default. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "automountServiceAccountToken")] + pub automount_service_account_token: Option, /// In this section you can configure Keycloak's bootstrap admin - will be used only for initial cluster creation. #[serde(default, skip_serializing_if = "Option::is_none", rename = "bootstrapAdmin")] pub bootstrap_admin: Option, diff --git a/custom-resources/kueue_x_k8s_io/src/v1beta1/admissionchecks.rs b/custom-resources/kueue_x_k8s_io/src/v1beta1/admissionchecks.rs index dc62f7b66..d9768bba7 100644 --- a/custom-resources/kueue_x_k8s_io/src/v1beta1/admissionchecks.rs +++ b/custom-resources/kueue_x_k8s_io/src/v1beta1/admissionchecks.rs @@ -29,6 +29,7 @@ pub struct AdmissionCheckSpec { /// retryDelayMinutes specifies how long to keep the workload suspended after /// a failed check (after it transitioned to False). When the delay period has passed, the check /// state goes to "Unknown". The default is 15 min. + /// /// Deprecated: retryDelayMinutes has already been deprecated since v0.8 and will be removed in v1beta2. #[serde(default, skip_serializing_if = "Option::is_none", rename = "retryDelayMinutes")] pub retry_delay_minutes: Option, diff --git a/custom-resources/kueue_x_k8s_io/src/v1beta1/clusterqueues.rs b/custom-resources/kueue_x_k8s_io/src/v1beta1/clusterqueues.rs index 3c1acfc83..4b1b77316 100644 --- a/custom-resources/kueue_x_k8s_io/src/v1beta1/clusterqueues.rs +++ b/custom-resources/kueue_x_k8s_io/src/v1beta1/clusterqueues.rs @@ -150,6 +150,18 @@ pub struct ClusterQueueFairSharing { /// before borrowing or preempting in the flavor being evaluated. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ClusterQueueFlavorFungibility { + /// preference guides the choosing of the flavor for admission in case all candidate flavors + /// require either preemption, borrowing, or both. The possible values are: + /// - `BorrowingOverPreemption` (default): prefer to use borrowing rather than preemption + /// when such a choice is possible. More technically it minimizes the borrowing distance + /// in the cohort tree, and solves tie-breaks by preferring better preemption mode + /// (reclaim over preemption within ClusterQueue). + /// - `PreemptionOverBorrowing`: prefer to use preemption rather than borrowing + /// when such a choice is possible. More technically it optimizes the preemption mode + /// (reclaim over preemption within ClusterQueue), and solves tie-breaks by minimizing + /// the borrowing distance in the cohort tree. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub preference: Option, /// whenCanBorrow determines whether a workload should try the next flavor /// before borrowing in current flavor. The possible values are: /// @@ -171,6 +183,14 @@ pub struct ClusterQueueFlavorFungibility { pub when_can_preempt: Option, } +/// flavorFungibility defines whether a workload should try the next flavor +/// before borrowing or preempting in the flavor being evaluated. +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub enum ClusterQueueFlavorFungibilityPreference { + BorrowingOverPreemption, + PreemptionOverBorrowing, +} + /// flavorFungibility defines whether a workload should try the next flavor /// before borrowing or preempting in the flavor being evaluated. #[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] @@ -430,6 +450,7 @@ pub struct ClusterQueueStatus { pub pending_workloads: Option, /// pendingWorkloadsStatus contains the information exposed about the current /// status of the pending workloads in the cluster queue. + /// /// Deprecated: This field is no longer effective since v0.14.0, which means Kueue no longer stores and updates information. /// You can migrate to VisibilityOnDemand /// ( @@ -520,6 +541,7 @@ pub struct ClusterQueueStatusFlavorsUsageResources { /// pendingWorkloadsStatus contains the information exposed about the current /// status of the pending workloads in the cluster queue. +/// /// Deprecated: This field is no longer effective since v0.14.0, which means Kueue no longer stores and updates information. /// You can migrate to VisibilityOnDemand /// ( diff --git a/custom-resources/kueue_x_k8s_io/src/v1beta1/localqueues.rs b/custom-resources/kueue_x_k8s_io/src/v1beta1/localqueues.rs index e2fd89a2c..3536a57a4 100644 --- a/custom-resources/kueue_x_k8s_io/src/v1beta1/localqueues.rs +++ b/custom-resources/kueue_x_k8s_io/src/v1beta1/localqueues.rs @@ -88,6 +88,7 @@ pub struct LocalQueueStatus { #[serde(default, skip_serializing_if = "Option::is_none", rename = "flavorUsage")] pub flavor_usage: Option>, /// flavors lists all currently available ResourceFlavors in specified ClusterQueue. + /// /// Deprecated: Flavors is deprecated and marked for removal in v1beta2. #[serde(default, skip_serializing_if = "Option::is_none")] pub flavors: Option>, diff --git a/custom-resources/kueue_x_k8s_io/src/v1beta1/workloads.rs b/custom-resources/kueue_x_k8s_io/src/v1beta1/workloads.rs index cfdea6fab..47b379a69 100644 --- a/custom-resources/kueue_x_k8s_io/src/v1beta1/workloads.rs +++ b/custom-resources/kueue_x_k8s_io/src/v1beta1/workloads.rs @@ -7666,6 +7666,21 @@ pub struct WorkloadStatusAdmissionChecks { /// podSetUpdates contains a list of pod set modifications suggested by AdmissionChecks. #[serde(default, skip_serializing_if = "Option::is_none", rename = "podSetUpdates")] pub pod_set_updates: Option>, + /// requeueAfterSeconds indicates how long to wait at least before + /// retrying to admit the workload. + /// The admission check controllers can set this field when State=Retry + /// to implement delays between retry attempts. + /// + /// If nil when State=Retry, Kueue will retry immediately. + /// If set, Kueue will add the workload back to the queue after + /// lastTransitionTime + RequeueAfterSeconds is over. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "requeueAfterSeconds")] + pub requeue_after_seconds: Option, + /// retryCount tracks retry attempts for this admission check. + /// Kueue automatically increments the counter whenever the + /// state transitions to Retry. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "retryCount")] + pub retry_count: Option, /// state of the admissionCheck, one of Pending, Ready, Retry, Rejected pub state: WorkloadStatusAdmissionChecksState, } diff --git a/custom-resources/kueue_x_k8s_io/src/v1beta2/clusterqueues.rs b/custom-resources/kueue_x_k8s_io/src/v1beta2/clusterqueues.rs index 3c516f85a..83dc9092b 100644 --- a/custom-resources/kueue_x_k8s_io/src/v1beta2/clusterqueues.rs +++ b/custom-resources/kueue_x_k8s_io/src/v1beta2/clusterqueues.rs @@ -151,6 +151,18 @@ pub struct ClusterQueueFairSharing { /// before borrowing or preempting in the flavor being evaluated. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ClusterQueueFlavorFungibility { + /// preference guides the choosing of the flavor for admission in case all candidate flavors + /// require either preemption, borrowing, or both. The possible values are: + /// - `BorrowingOverPreemption` (default): prefer to use borrowing rather than preemption + /// when such a choice is possible. More technically it minimizes the borrowing distance + /// in the cohort tree, and solves tie-breaks by preferring better preemption mode + /// (reclaim over preemption within ClusterQueue). + /// - `PreemptionOverBorrowing`: prefer to use preemption rather than borrowing + /// when such a choice is possible. More technically it optimizes the preemption mode + /// (reclaim over preemption within ClusterQueue), and solves tie-breaks by minimizing + /// the borrowing distance in the cohort tree. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub preference: Option, /// whenCanBorrow determines whether a workload should try the next flavor /// before borrowing in current flavor. The possible values are: /// @@ -170,6 +182,14 @@ pub struct ClusterQueueFlavorFungibility { pub when_can_preempt: Option, } +/// flavorFungibility defines whether a workload should try the next flavor +/// before borrowing or preempting in the flavor being evaluated. +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub enum ClusterQueueFlavorFungibilityPreference { + BorrowingOverPreemption, + PreemptionOverBorrowing, +} + /// flavorFungibility defines whether a workload should try the next flavor /// before borrowing or preempting in the flavor being evaluated. #[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] @@ -438,9 +458,6 @@ pub struct ClusterQueueStatus { /// This is recorded only when Fair Sharing is enabled in the Kueue configuration. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ClusterQueueStatusFairSharing { - /// admissionFairSharingStatus represents information relevant to the Admission Fair Sharing - #[serde(default, skip_serializing_if = "Option::is_none", rename = "admissionFairSharingStatus")] - pub admission_fair_sharing_status: Option, /// weightedShare represents the maximum of the ratios of usage /// above nominal quota to the lendable resources in the /// Cohort, among all the resources provided by the Node, and @@ -452,19 +469,6 @@ pub struct ClusterQueueStatusFairSharing { pub weighted_share: i64, } -/// admissionFairSharingStatus represents information relevant to the Admission Fair Sharing -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterQueueStatusFairSharingAdmissionFairSharingStatus { - /// consumedResources represents the aggregated usage of resources over time, - /// with decaying function applied. - /// The value is populated if usage consumption functionality is enabled in Kueue config. - #[serde(rename = "consumedResources")] - pub consumed_resources: BTreeMap, - /// lastUpdate is the time when share and consumed resources were updated. - #[serde(rename = "lastUpdate")] - pub last_update: String, -} - #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ClusterQueueStatusFlavorsReservation { /// name of the flavor. diff --git a/custom-resources/kueue_x_k8s_io/src/v1beta2/cohorts.rs b/custom-resources/kueue_x_k8s_io/src/v1beta2/cohorts.rs index 13798d40e..ea54b25ee 100644 --- a/custom-resources/kueue_x_k8s_io/src/v1beta2/cohorts.rs +++ b/custom-resources/kueue_x_k8s_io/src/v1beta2/cohorts.rs @@ -6,7 +6,6 @@ mod prelude { pub use kube::CustomResource; pub use serde::{Serialize, Deserialize}; - pub use std::collections::BTreeMap; pub use k8s_openapi::apimachinery::pkg::util::intstr::IntOrString; } use self::prelude::*; @@ -171,9 +170,6 @@ pub struct CohortStatus { /// The is recorded only when Fair Sharing is enabled in the Kueue configuration. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct CohortStatusFairSharing { - /// admissionFairSharingStatus represents information relevant to the Admission Fair Sharing - #[serde(default, skip_serializing_if = "Option::is_none", rename = "admissionFairSharingStatus")] - pub admission_fair_sharing_status: Option, /// weightedShare represents the maximum of the ratios of usage /// above nominal quota to the lendable resources in the /// Cohort, among all the resources provided by the Node, and @@ -185,16 +181,3 @@ pub struct CohortStatusFairSharing { pub weighted_share: i64, } -/// admissionFairSharingStatus represents information relevant to the Admission Fair Sharing -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct CohortStatusFairSharingAdmissionFairSharingStatus { - /// consumedResources represents the aggregated usage of resources over time, - /// with decaying function applied. - /// The value is populated if usage consumption functionality is enabled in Kueue config. - #[serde(rename = "consumedResources")] - pub consumed_resources: BTreeMap, - /// lastUpdate is the time when share and consumed resources were updated. - #[serde(rename = "lastUpdate")] - pub last_update: String, -} - diff --git a/custom-resources/kueue_x_k8s_io/src/v1beta2/multikueueclusters.rs b/custom-resources/kueue_x_k8s_io/src/v1beta2/multikueueclusters.rs index c9ad07e34..d2a10bc4d 100644 --- a/custom-resources/kueue_x_k8s_io/src/v1beta2/multikueueclusters.rs +++ b/custom-resources/kueue_x_k8s_io/src/v1beta2/multikueueclusters.rs @@ -18,9 +18,21 @@ use self::prelude::*; #[kube(derive="Default")] #[kube(derive="PartialEq")] pub struct MultiKueueClusterSpec { + /// clusterProfile is the reference to the ClusterProfile object used to connect to the cluster. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "clusterProfile")] + pub cluster_profile: Option, /// kubeConfig is information on how to connect to the cluster. - #[serde(rename = "kubeConfig")] - pub kube_config: MultiKueueClusterKubeConfig, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "kubeConfig")] + pub kube_config: Option, +} + +/// clusterProfile is the reference to the ClusterProfile object used to connect to the cluster. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct MultiKueueClusterClusterProfile { + /// name of the ClusterProfile. + pub name: String, + /// namespace of the ClusterProfile. + pub namespace: String, } /// kubeConfig is information on how to connect to the cluster. diff --git a/custom-resources/kueue_x_k8s_io/src/v1beta2/workloads.rs b/custom-resources/kueue_x_k8s_io/src/v1beta2/workloads.rs index ac42f166b..78e127295 100644 --- a/custom-resources/kueue_x_k8s_io/src/v1beta2/workloads.rs +++ b/custom-resources/kueue_x_k8s_io/src/v1beta2/workloads.rs @@ -7577,7 +7577,7 @@ pub struct WorkloadStatusAdmissionPodSetAssignments { /// (aimed to optimize the total bytesize for very large number of domains; see examples below): /// - When all node selector values (at a given topology level, in a given slice) /// share a common prefix and/or suffix, these may be stored - /// in dedicated `commonPrefix`/`commonSuffix` fields. + /// in dedicated `prefix`/`suffix` fields. /// If so, the array of `roots` will only store the remaining parts of these strings. /// - When all node selector values (at a given topology level, in a given slice) /// are identical, this may be represented by `universal` value. @@ -7698,7 +7698,7 @@ pub enum WorkloadStatusAdmissionPodSetAssignmentsDelayedTopologyRequest { /// (aimed to optimize the total bytesize for very large number of domains; see examples below): /// - When all node selector values (at a given topology level, in a given slice) /// share a common prefix and/or suffix, these may be stored -/// in dedicated `commonPrefix`/`commonSuffix` fields. +/// in dedicated `prefix`/`suffix` fields. /// If so, the array of `roots` will only store the remaining parts of these strings. /// - When all node selector values (at a given topology level, in a given slice) /// are identical, this may be represented by `universal` value. @@ -7850,17 +7850,17 @@ pub struct WorkloadStatusAdmissionPodSetAssignmentsTopologyAssignmentSlicesValue /// Exactly one of universal, individual must be set. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkloadStatusAdmissionPodSetAssignmentsTopologyAssignmentSlicesValuesPerLevelIndividual { - /// commonPrefix specifies a common prefix for all values in this slice assignment. + /// prefix specifies a common prefix for all values in this slice assignment. /// It must be either nil pointer or a non-empty string. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "commonPrefix")] - pub common_prefix: Option, - /// commonSuffix specifies a common suffix for all values in this slice assignment. - /// It must be either nil pointer or a non-empty string. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "commonSuffix")] - pub common_suffix: Option, - /// roots specifies the values in this assignment (excluding commonPrefix and commonSuffix, if non-empty). + #[serde(default, skip_serializing_if = "Option::is_none")] + pub prefix: Option, + /// roots specifies the values in this assignment (excluding prefix and suffix, if non-empty). /// Its length must be equal to the "domainCount" field of the TopologyAssignmentSlice. pub roots: Vec, + /// suffix specifies a common suffix for all values in this slice assignment. + /// It must be either nil pointer or a non-empty string. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub suffix: Option, } #[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] @@ -7877,6 +7877,21 @@ pub struct WorkloadStatusAdmissionChecks { /// podSetUpdates contains a list of pod set modifications suggested by AdmissionChecks. #[serde(default, skip_serializing_if = "Option::is_none", rename = "podSetUpdates")] pub pod_set_updates: Option>, + /// requeueAfterSeconds indicates how long to wait at least before + /// retrying to admit the workload. + /// The admission check controllers can set this field when State=Retry + /// to implement delays between retry attempts. + /// + /// If nil when State=Retry, Kueue will retry immediately. + /// If set, Kueue will add the workload back to the queue after + /// lastTransitionTime + RequeueAfterSeconds is over. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "requeueAfterSeconds")] + pub requeue_after_seconds: Option, + /// retryCount tracks retry attempts for this admission check. + /// Kueue automatically increments the counter whenever the + /// state transitions to Retry. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "retryCount")] + pub retry_count: Option, /// state of the admissionCheck, one of Pending, Ready, Retry, Rejected pub state: WorkloadStatusAdmissionChecksState, } diff --git a/custom-resources/longhorn_io/src/v1beta2/backups.rs b/custom-resources/longhorn_io/src/v1beta2/backups.rs index dc1d0152c..ae1b91916 100644 --- a/custom-resources/longhorn_io/src/v1beta2/backups.rs +++ b/custom-resources/longhorn_io/src/v1beta2/backups.rs @@ -55,8 +55,6 @@ pub enum BackupBackupMode { Full, #[serde(rename = "incremental")] Incremental, - #[serde(rename = "")] - KopiumEmpty, } /// BackupStatus defines the observed state of the Longhorn backup diff --git a/custom-resources/longhorn_io/src/v1beta2/engines.rs b/custom-resources/longhorn_io/src/v1beta2/engines.rs index 186a142d2..2cb5c41fa 100644 --- a/custom-resources/longhorn_io/src/v1beta2/engines.rs +++ b/custom-resources/longhorn_io/src/v1beta2/engines.rs @@ -52,6 +52,12 @@ pub struct EngineSpec { pub snapshot_max_count: Option, #[serde(default, skip_serializing_if = "Option::is_none", rename = "snapshotMaxSize")] pub snapshot_max_size: Option, + /// ublkNumberOfQueue controls the number of queues for ublk frontend. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "ublkNumberOfQueue")] + pub ublk_number_of_queue: Option, + /// ublkQueueDepth controls the depth of each queue for ublk frontend. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "ublkQueueDepth")] + pub ublk_queue_depth: Option, #[serde(default, skip_serializing_if = "Option::is_none", rename = "unmapMarkSnapChainRemovedEnabled")] pub unmap_mark_snap_chain_removed_enabled: Option, #[serde(default, skip_serializing_if = "Option::is_none", rename = "upgradedReplicaAddressMap")] diff --git a/custom-resources/longhorn_io/src/v1beta2/volumes.rs b/custom-resources/longhorn_io/src/v1beta2/volumes.rs index f5eba4f3a..b679d32e7 100644 --- a/custom-resources/longhorn_io/src/v1beta2/volumes.rs +++ b/custom-resources/longhorn_io/src/v1beta2/volumes.rs @@ -102,6 +102,12 @@ pub struct VolumeSpec { pub snapshot_max_size: Option, #[serde(default, skip_serializing_if = "Option::is_none", rename = "staleReplicaTimeout")] pub stale_replica_timeout: Option, + /// ublkNumberOfQueue controls the number of queues for ublk frontend. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "ublkNumberOfQueue")] + pub ublk_number_of_queue: Option, + /// ublkQueueDepth controls the depth of each queue for ublk frontend. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "ublkQueueDepth")] + pub ublk_queue_depth: Option, #[serde(default, skip_serializing_if = "Option::is_none", rename = "unmapMarkSnapChainRemoved")] pub unmap_mark_snap_chain_removed: Option, } @@ -111,6 +117,8 @@ pub struct VolumeSpec { pub enum VolumeAccessMode { #[serde(rename = "rwo")] Rwo, + #[serde(rename = "rwop")] + Rwop, #[serde(rename = "rwx")] Rwx, } diff --git a/custom-resources/monitoring_coreos_com/src/v1/prometheuses.rs b/custom-resources/monitoring_coreos_com/src/v1/prometheuses.rs index 67e00bed0..130ac7894 100644 --- a/custom-resources/monitoring_coreos_com/src/v1/prometheuses.rs +++ b/custom-resources/monitoring_coreos_com/src/v1/prometheuses.rs @@ -6653,9 +6653,11 @@ pub enum PrometheusRemoteWriteAzureAdCloud { /// Cannot be set at the same time as `oauth` or `sdk`. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PrometheusRemoteWriteAzureAdManagedIdentity { - /// clientId defines defines the Azure User-assigned Managed identity. - #[serde(rename = "clientId")] - pub client_id: String, + /// clientId defines the Azure User-assigned Managed identity. + /// + /// For Prometheus >= 3.5.0 and Thanos >= 0.40.0, this field is allowed to be empty to support system-assigned managed identities. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "clientId")] + pub client_id: Option, } /// oauth defines the oauth config that is being used to authenticate. diff --git a/custom-resources/monitoring_coreos_com/src/v1/thanosrulers.rs b/custom-resources/monitoring_coreos_com/src/v1/thanosrulers.rs index e15d681a5..adf46d152 100644 --- a/custom-resources/monitoring_coreos_com/src/v1/thanosrulers.rs +++ b/custom-resources/monitoring_coreos_com/src/v1/thanosrulers.rs @@ -4372,9 +4372,11 @@ pub enum ThanosRulerRemoteWriteAzureAdCloud { /// Cannot be set at the same time as `oauth` or `sdk`. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ThanosRulerRemoteWriteAzureAdManagedIdentity { - /// clientId defines defines the Azure User-assigned Managed identity. - #[serde(rename = "clientId")] - pub client_id: String, + /// clientId defines the Azure User-assigned Managed identity. + /// + /// For Prometheus >= 3.5.0 and Thanos >= 0.40.0, this field is allowed to be empty to support system-assigned managed identities. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "clientId")] + pub client_id: Option, } /// oauth defines the oauth config that is being used to authenticate. diff --git a/custom-resources/monitoring_coreos_com/src/v1alpha1/alertmanagerconfigs.rs b/custom-resources/monitoring_coreos_com/src/v1alpha1/alertmanagerconfigs.rs index 33a5d2c81..7c84fa52d 100644 --- a/custom-resources/monitoring_coreos_com/src/v1alpha1/alertmanagerconfigs.rs +++ b/custom-resources/monitoring_coreos_com/src/v1alpha1/alertmanagerconfigs.rs @@ -4151,6 +4151,10 @@ pub struct AlertmanagerConfigReceiversPushoverConfigs { /// This is the main body text of the Pushover notification. #[serde(default, skip_serializing_if = "Option::is_none")] pub message: Option, + /// monospace optional HTML/monospace formatting for the message, see + /// html and monospace formatting are mutually exclusive. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub monospace: Option, /// priority defines the notification priority level. /// See for valid values and behavior. #[serde(default, skip_serializing_if = "Option::is_none")] diff --git a/custom-resources/monitoring_coreos_com/src/v1alpha1/prometheusagents.rs b/custom-resources/monitoring_coreos_com/src/v1alpha1/prometheusagents.rs index 50d6b1063..013c6056a 100644 --- a/custom-resources/monitoring_coreos_com/src/v1alpha1/prometheusagents.rs +++ b/custom-resources/monitoring_coreos_com/src/v1alpha1/prometheusagents.rs @@ -5105,9 +5105,11 @@ pub enum PrometheusAgentRemoteWriteAzureAdCloud { /// Cannot be set at the same time as `oauth` or `sdk`. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PrometheusAgentRemoteWriteAzureAdManagedIdentity { - /// clientId defines defines the Azure User-assigned Managed identity. - #[serde(rename = "clientId")] - pub client_id: String, + /// clientId defines the Azure User-assigned Managed identity. + /// + /// For Prometheus >= 3.5.0 and Thanos >= 0.40.0, this field is allowed to be empty to support system-assigned managed identities. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "clientId")] + pub client_id: Option, } /// oauth defines the oauth config that is being used to authenticate. diff --git a/custom-resources/monitoring_coreos_com/src/v1beta1/alertmanagerconfigs.rs b/custom-resources/monitoring_coreos_com/src/v1beta1/alertmanagerconfigs.rs index 24fb4943d..94fa04fee 100644 --- a/custom-resources/monitoring_coreos_com/src/v1beta1/alertmanagerconfigs.rs +++ b/custom-resources/monitoring_coreos_com/src/v1beta1/alertmanagerconfigs.rs @@ -4007,6 +4007,10 @@ pub struct AlertmanagerConfigReceiversPushoverConfigs { /// This is the main body text of the Pushover notification. #[serde(default, skip_serializing_if = "Option::is_none")] pub message: Option, + /// monospace optional HTML/monospace formatting for the message, see + /// html and monospace formatting are mutually exclusive. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub monospace: Option, /// priority defines the notification priority level. /// See for valid values and behavior. #[serde(default, skip_serializing_if = "Option::is_none")] diff --git a/custom-resources/mutations_gatekeeper_sh/src/v1/assign.rs b/custom-resources/mutations_gatekeeper_sh/src/v1/assign.rs index 0cdc8ab1d..4a6d6e1f8 100644 --- a/custom-resources/mutations_gatekeeper_sh/src/v1/assign.rs +++ b/custom-resources/mutations_gatekeeper_sh/src/v1/assign.rs @@ -230,8 +230,7 @@ pub struct AssignParametersAssignExternalData { #[serde(default, skip_serializing_if = "Option::is_none", rename = "failurePolicy")] pub failure_policy: Option, /// Provider is the name of the external data provider. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub provider: Option, + pub provider: String, } /// ExternalData describes the external data provider to be used for mutation. @@ -264,7 +263,6 @@ pub struct AssignParametersAssignFromMetadata { /// glob characters will take on the same value as was used to /// expand the matching glob in `location`. /// -/// /// Available Tests: /// * MustExist - the path must exist or do not mutate /// * MustNotExist - the path must not exist or do not mutate. @@ -284,7 +282,6 @@ pub struct AssignParametersPathTests { /// glob characters will take on the same value as was used to /// expand the matching glob in `location`. /// -/// /// Available Tests: /// * MustExist - the path must exist or do not mutate /// * MustNotExist - the path must not exist or do not mutate. diff --git a/custom-resources/mutations_gatekeeper_sh/src/v1/assignmetadata.rs b/custom-resources/mutations_gatekeeper_sh/src/v1/assignmetadata.rs index 2a4a846a8..8f06e85d7 100644 --- a/custom-resources/mutations_gatekeeper_sh/src/v1/assignmetadata.rs +++ b/custom-resources/mutations_gatekeeper_sh/src/v1/assignmetadata.rs @@ -202,8 +202,7 @@ pub struct AssignMetadataParametersAssignExternalData { #[serde(default, skip_serializing_if = "Option::is_none", rename = "failurePolicy")] pub failure_policy: Option, /// Provider is the name of the external data provider. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub provider: Option, + pub provider: String, } /// ExternalData describes the external data provider to be used for mutation. diff --git a/custom-resources/mutations_gatekeeper_sh/src/v1/modifyset.rs b/custom-resources/mutations_gatekeeper_sh/src/v1/modifyset.rs index 33ae8e395..ea72fd4d8 100644 --- a/custom-resources/mutations_gatekeeper_sh/src/v1/modifyset.rs +++ b/custom-resources/mutations_gatekeeper_sh/src/v1/modifyset.rs @@ -221,7 +221,6 @@ pub enum ModifySetParametersOperation { /// glob characters will take on the same value as was used to /// expand the matching glob in `location`. /// -/// /// Available Tests: /// * MustExist - the path must exist or do not mutate /// * MustNotExist - the path must not exist or do not mutate. @@ -241,7 +240,6 @@ pub struct ModifySetParametersPathTests { /// glob characters will take on the same value as was used to /// expand the matching glob in `location`. /// -/// /// Available Tests: /// * MustExist - the path must exist or do not mutate /// * MustNotExist - the path must not exist or do not mutate. diff --git a/custom-resources/mutations_gatekeeper_sh/src/v1alpha1/assign.rs b/custom-resources/mutations_gatekeeper_sh/src/v1alpha1/assign.rs index ca8701113..2af9f98de 100644 --- a/custom-resources/mutations_gatekeeper_sh/src/v1alpha1/assign.rs +++ b/custom-resources/mutations_gatekeeper_sh/src/v1alpha1/assign.rs @@ -230,8 +230,7 @@ pub struct AssignParametersAssignExternalData { #[serde(default, skip_serializing_if = "Option::is_none", rename = "failurePolicy")] pub failure_policy: Option, /// Provider is the name of the external data provider. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub provider: Option, + pub provider: String, } /// ExternalData describes the external data provider to be used for mutation. @@ -264,7 +263,6 @@ pub struct AssignParametersAssignFromMetadata { /// glob characters will take on the same value as was used to /// expand the matching glob in `location`. /// -/// /// Available Tests: /// * MustExist - the path must exist or do not mutate /// * MustNotExist - the path must not exist or do not mutate. @@ -284,7 +282,6 @@ pub struct AssignParametersPathTests { /// glob characters will take on the same value as was used to /// expand the matching glob in `location`. /// -/// /// Available Tests: /// * MustExist - the path must exist or do not mutate /// * MustNotExist - the path must not exist or do not mutate. diff --git a/custom-resources/mutations_gatekeeper_sh/src/v1alpha1/assignimage.rs b/custom-resources/mutations_gatekeeper_sh/src/v1alpha1/assignimage.rs index 259518e5a..72e0ee527 100644 --- a/custom-resources/mutations_gatekeeper_sh/src/v1alpha1/assignimage.rs +++ b/custom-resources/mutations_gatekeeper_sh/src/v1alpha1/assignimage.rs @@ -215,7 +215,6 @@ pub struct AssignImageParameters { /// glob characters will take on the same value as was used to /// expand the matching glob in `location`. /// -/// /// Available Tests: /// * MustExist - the path must exist or do not mutate /// * MustNotExist - the path must not exist or do not mutate. @@ -235,7 +234,6 @@ pub struct AssignImageParametersPathTests { /// glob characters will take on the same value as was used to /// expand the matching glob in `location`. /// -/// /// Available Tests: /// * MustExist - the path must exist or do not mutate /// * MustNotExist - the path must not exist or do not mutate. diff --git a/custom-resources/mutations_gatekeeper_sh/src/v1alpha1/assignmetadata.rs b/custom-resources/mutations_gatekeeper_sh/src/v1alpha1/assignmetadata.rs index a7805d008..cccbfa77e 100644 --- a/custom-resources/mutations_gatekeeper_sh/src/v1alpha1/assignmetadata.rs +++ b/custom-resources/mutations_gatekeeper_sh/src/v1alpha1/assignmetadata.rs @@ -202,8 +202,7 @@ pub struct AssignMetadataParametersAssignExternalData { #[serde(default, skip_serializing_if = "Option::is_none", rename = "failurePolicy")] pub failure_policy: Option, /// Provider is the name of the external data provider. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub provider: Option, + pub provider: String, } /// ExternalData describes the external data provider to be used for mutation. diff --git a/custom-resources/mutations_gatekeeper_sh/src/v1alpha1/modifyset.rs b/custom-resources/mutations_gatekeeper_sh/src/v1alpha1/modifyset.rs index 1139d93f2..a4cc50370 100644 --- a/custom-resources/mutations_gatekeeper_sh/src/v1alpha1/modifyset.rs +++ b/custom-resources/mutations_gatekeeper_sh/src/v1alpha1/modifyset.rs @@ -221,7 +221,6 @@ pub enum ModifySetParametersOperation { /// glob characters will take on the same value as was used to /// expand the matching glob in `location`. /// -/// /// Available Tests: /// * MustExist - the path must exist or do not mutate /// * MustNotExist - the path must not exist or do not mutate. @@ -241,7 +240,6 @@ pub struct ModifySetParametersPathTests { /// glob characters will take on the same value as was used to /// expand the matching glob in `location`. /// -/// /// Available Tests: /// * MustExist - the path must exist or do not mutate /// * MustNotExist - the path must not exist or do not mutate. diff --git a/custom-resources/mutations_gatekeeper_sh/src/v1beta1/assign.rs b/custom-resources/mutations_gatekeeper_sh/src/v1beta1/assign.rs index 92076e87d..8a907c251 100644 --- a/custom-resources/mutations_gatekeeper_sh/src/v1beta1/assign.rs +++ b/custom-resources/mutations_gatekeeper_sh/src/v1beta1/assign.rs @@ -230,8 +230,7 @@ pub struct AssignParametersAssignExternalData { #[serde(default, skip_serializing_if = "Option::is_none", rename = "failurePolicy")] pub failure_policy: Option, /// Provider is the name of the external data provider. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub provider: Option, + pub provider: String, } /// ExternalData describes the external data provider to be used for mutation. @@ -264,7 +263,6 @@ pub struct AssignParametersAssignFromMetadata { /// glob characters will take on the same value as was used to /// expand the matching glob in `location`. /// -/// /// Available Tests: /// * MustExist - the path must exist or do not mutate /// * MustNotExist - the path must not exist or do not mutate. @@ -284,7 +282,6 @@ pub struct AssignParametersPathTests { /// glob characters will take on the same value as was used to /// expand the matching glob in `location`. /// -/// /// Available Tests: /// * MustExist - the path must exist or do not mutate /// * MustNotExist - the path must not exist or do not mutate. diff --git a/custom-resources/mutations_gatekeeper_sh/src/v1beta1/assignmetadata.rs b/custom-resources/mutations_gatekeeper_sh/src/v1beta1/assignmetadata.rs index 10b2a066a..9ba987d19 100644 --- a/custom-resources/mutations_gatekeeper_sh/src/v1beta1/assignmetadata.rs +++ b/custom-resources/mutations_gatekeeper_sh/src/v1beta1/assignmetadata.rs @@ -202,8 +202,7 @@ pub struct AssignMetadataParametersAssignExternalData { #[serde(default, skip_serializing_if = "Option::is_none", rename = "failurePolicy")] pub failure_policy: Option, /// Provider is the name of the external data provider. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub provider: Option, + pub provider: String, } /// ExternalData describes the external data provider to be used for mutation. diff --git a/custom-resources/mutations_gatekeeper_sh/src/v1beta1/modifyset.rs b/custom-resources/mutations_gatekeeper_sh/src/v1beta1/modifyset.rs index b6dab1b42..a2ba5a19d 100644 --- a/custom-resources/mutations_gatekeeper_sh/src/v1beta1/modifyset.rs +++ b/custom-resources/mutations_gatekeeper_sh/src/v1beta1/modifyset.rs @@ -221,7 +221,6 @@ pub enum ModifySetParametersOperation { /// glob characters will take on the same value as was used to /// expand the matching glob in `location`. /// -/// /// Available Tests: /// * MustExist - the path must exist or do not mutate /// * MustNotExist - the path must not exist or do not mutate. @@ -241,7 +240,6 @@ pub struct ModifySetParametersPathTests { /// glob characters will take on the same value as was used to /// expand the matching glob in `location`. /// -/// /// Available Tests: /// * MustExist - the path must exist or do not mutate /// * MustNotExist - the path must not exist or do not mutate. diff --git a/custom-resources/objectstorage_k8s_io/src/v1alpha2/bucketaccesses.rs b/custom-resources/objectstorage_k8s_io/src/v1alpha2/bucketaccesses.rs index a06e66db7..88481ae73 100644 --- a/custom-resources/objectstorage_k8s_io/src/v1alpha2/bucketaccesses.rs +++ b/custom-resources/objectstorage_k8s_io/src/v1alpha2/bucketaccesses.rs @@ -114,25 +114,17 @@ pub struct BucketAccessStatus { pub ready_to_use: bool, } -/// AccessedBucket identifies a Bucket and corresponding access parameters. -#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +/// AccessedBucket identifies a Bucket and correlates it to a BucketClaimAccess from the spec. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct BucketAccessStatusAccessedBuckets { - /// accessMode is the Read/Write access mode that the access should have for the bucket. - #[serde(rename = "accessMode")] - pub access_mode: BucketAccessStatusAccessedBucketsAccessMode, + /// bucketClaimName must match a BucketClaimAccess's BucketClaimName from the spec. + #[serde(rename = "bucketClaimName")] + pub bucket_claim_name: String, /// bucketName is the name of a Bucket the access should have permissions for. #[serde(rename = "bucketName")] pub bucket_name: String, } -/// AccessedBucket identifies a Bucket and corresponding access parameters. -#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] -pub enum BucketAccessStatusAccessedBucketsAccessMode { - ReadWrite, - ReadOnly, - WriteOnly, -} - /// status defines the observed state of BucketAccess #[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] pub enum BucketAccessStatusAuthenticationType { diff --git a/custom-resources/opensearch_opster_io/src/v1/opensearchclusters.rs b/custom-resources/opensearch_opster_io/src/v1/opensearchclusters.rs index da6406fee..90398bda9 100644 --- a/custom-resources/opensearch_opster_io/src/v1/opensearchclusters.rs +++ b/custom-resources/opensearch_opster_io/src/v1/opensearchclusters.rs @@ -930,6 +930,9 @@ pub struct OpenSearchClusterDashboardsAdditionalVolumes { pub name: String, /// Path in the container to mount the volume at. Required. pub path: String, + /// PersistentVolumeClaim object to use to populate the volume + #[serde(default, skip_serializing_if = "Option::is_none", rename = "persistentVolumeClaim")] + pub persistent_volume_claim: Option, /// Projected object to use to populate the volume #[serde(default, skip_serializing_if = "Option::is_none")] pub projected: Option, @@ -1060,6 +1063,19 @@ pub struct OpenSearchClusterDashboardsAdditionalVolumesEmptyDir { pub size_limit: Option, } +/// PersistentVolumeClaim object to use to populate the volume +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct OpenSearchClusterDashboardsAdditionalVolumesPersistentVolumeClaim { + /// The name of a PersistentVolumeClaim in the same namespace as the pod using this volume. + /// More info: + #[serde(default, skip_serializing_if = "Option::is_none", rename = "claimName")] + pub claim_name: Option, + /// Will force the ReadOnly setting in VolumeMounts. + /// Default false. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] + pub read_only: Option, +} + /// Projected object to use to populate the volume #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct OpenSearchClusterDashboardsAdditionalVolumesProjected { @@ -2826,6 +2842,9 @@ pub struct OpenSearchClusterGeneralAdditionalVolumes { pub name: String, /// Path in the container to mount the volume at. Required. pub path: String, + /// PersistentVolumeClaim object to use to populate the volume + #[serde(default, skip_serializing_if = "Option::is_none", rename = "persistentVolumeClaim")] + pub persistent_volume_claim: Option, /// Projected object to use to populate the volume #[serde(default, skip_serializing_if = "Option::is_none")] pub projected: Option, @@ -2956,6 +2975,19 @@ pub struct OpenSearchClusterGeneralAdditionalVolumesEmptyDir { pub size_limit: Option, } +/// PersistentVolumeClaim object to use to populate the volume +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct OpenSearchClusterGeneralAdditionalVolumesPersistentVolumeClaim { + /// The name of a PersistentVolumeClaim in the same namespace as the pod using this volume. + /// More info: + #[serde(default, skip_serializing_if = "Option::is_none", rename = "claimName")] + pub claim_name: Option, + /// Will force the ReadOnly setting in VolumeMounts. + /// Default false. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] + pub read_only: Option, +} + /// Projected object to use to populate the volume #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct OpenSearchClusterGeneralAdditionalVolumesProjected { diff --git a/custom-resources/operator_open_cluster_management_io/src/v1/clustermanagers.rs b/custom-resources/operator_open_cluster_management_io/src/v1/clustermanagers.rs index a90898cf0..7f01907b7 100644 --- a/custom-resources/operator_open_cluster_management_io/src/v1/clustermanagers.rs +++ b/custom-resources/operator_open_cluster_management_io/src/v1/clustermanagers.rs @@ -504,6 +504,12 @@ pub struct ClusterManagerServerConfigurationEndpointsExposureGrpc { /// hostname points to a fixed hostname for serving agents' handshakes. #[serde(default, skip_serializing_if = "Option::is_none")] pub hostname: Option, + /// LoadBalancer points customized configuration for loadBalancer type. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "loadBalancer")] + pub load_balancer: Option, + /// Route points customized configuration for route type. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub route: Option, /// type specifies how the endpoint is exposed. /// You may need to apply an object to expose the endpoint, for example: a route. #[serde(rename = "type")] @@ -520,11 +526,37 @@ pub struct ClusterManagerServerConfigurationEndpointsExposureGrpcHostname { pub host: String, } +/// LoadBalancer points customized configuration for loadBalancer type. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ClusterManagerServerConfigurationEndpointsExposureGrpcLoadBalancer { + /// CABundle is a customized caBundle of the endpoint. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "caBundle")] + pub ca_bundle: Option, + /// Host is the customized host name of the endpoint. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub host: Option, +} + +/// Route points customized configuration for route type. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ClusterManagerServerConfigurationEndpointsExposureGrpcRoute { + /// CABundle is a customized caBundle of the endpoint. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "caBundle")] + pub ca_bundle: Option, + /// Host is the customized host name of the endpoint. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub host: Option, +} + /// grpc represents the configuration for grpc endpoint. #[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] pub enum ClusterManagerServerConfigurationEndpointsExposureGrpcType { #[serde(rename = "hostname")] Hostname, + #[serde(rename = "loadBalancer")] + LoadBalancer, + #[serde(rename = "route")] + Route, } /// https represents the configuration for https endpoint. @@ -533,6 +565,12 @@ pub struct ClusterManagerServerConfigurationEndpointsExposureHttps { /// hostname points to a fixed hostname for serving agents' handshakes. #[serde(default, skip_serializing_if = "Option::is_none")] pub hostname: Option, + /// LoadBalancer points customized configuration for loadBalancer type. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "loadBalancer")] + pub load_balancer: Option, + /// Route points customized configuration for route type. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub route: Option, /// type specifies how the endpoint is exposed. /// You may need to apply an object to expose the endpoint, for example: a route. #[serde(rename = "type")] @@ -549,11 +587,37 @@ pub struct ClusterManagerServerConfigurationEndpointsExposureHttpsHostname { pub host: String, } +/// LoadBalancer points customized configuration for loadBalancer type. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ClusterManagerServerConfigurationEndpointsExposureHttpsLoadBalancer { + /// CABundle is a customized caBundle of the endpoint. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "caBundle")] + pub ca_bundle: Option, + /// Host is the customized host name of the endpoint. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub host: Option, +} + +/// Route points customized configuration for route type. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ClusterManagerServerConfigurationEndpointsExposureHttpsRoute { + /// CABundle is a customized caBundle of the endpoint. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "caBundle")] + pub ca_bundle: Option, + /// Host is the customized host name of the endpoint. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub host: Option, +} + /// https represents the configuration for https endpoint. #[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] pub enum ClusterManagerServerConfigurationEndpointsExposureHttpsType { #[serde(rename = "hostname")] Hostname, + #[serde(rename = "loadBalancer")] + LoadBalancer, + #[serde(rename = "route")] + Route, } #[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] diff --git a/custom-resources/planetscale_com/src/v2/vitessclusters.rs b/custom-resources/planetscale_com/src/v2/vitessclusters.rs index 0ed6ce8f4..893b3eb57 100644 --- a/custom-resources/planetscale_com/src/v2/vitessclusters.rs +++ b/custom-resources/planetscale_com/src/v2/vitessclusters.rs @@ -1795,6 +1795,8 @@ pub struct VitessClusterKeyspacesPartitioningsCustomShardsTabletPoolsVttablet { pub resources: VitessClusterKeyspacesPartitioningsCustomShardsTabletPoolsVttabletResources, #[serde(default, skip_serializing_if = "Option::is_none", rename = "terminationGracePeriodSeconds")] pub termination_grace_period_seconds: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "vtbackupExtraFlags")] + pub vtbackup_extra_flags: Option>, } #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] @@ -2146,6 +2148,8 @@ pub struct VitessClusterKeyspacesPartitioningsEqualShardTemplateTabletPoolsVttab pub resources: VitessClusterKeyspacesPartitioningsEqualShardTemplateTabletPoolsVttabletResources, #[serde(default, skip_serializing_if = "Option::is_none", rename = "terminationGracePeriodSeconds")] pub termination_grace_period_seconds: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "vtbackupExtraFlags")] + pub vtbackup_extra_flags: Option>, } #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] diff --git a/custom-resources/planetscale_com/src/v2/vitesskeyspaces.rs b/custom-resources/planetscale_com/src/v2/vitesskeyspaces.rs index d708f95f1..114cf46a9 100644 --- a/custom-resources/planetscale_com/src/v2/vitesskeyspaces.rs +++ b/custom-resources/planetscale_com/src/v2/vitesskeyspaces.rs @@ -559,6 +559,8 @@ pub struct VitessKeyspacePartitioningsCustomShardsTabletPoolsVttablet { pub resources: VitessKeyspacePartitioningsCustomShardsTabletPoolsVttabletResources, #[serde(default, skip_serializing_if = "Option::is_none", rename = "terminationGracePeriodSeconds")] pub termination_grace_period_seconds: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "vtbackupExtraFlags")] + pub vtbackup_extra_flags: Option>, } #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] @@ -910,6 +912,8 @@ pub struct VitessKeyspacePartitioningsEqualShardTemplateTabletPoolsVttablet { pub resources: VitessKeyspacePartitioningsEqualShardTemplateTabletPoolsVttabletResources, #[serde(default, skip_serializing_if = "Option::is_none", rename = "terminationGracePeriodSeconds")] pub termination_grace_period_seconds: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "vtbackupExtraFlags")] + pub vtbackup_extra_flags: Option>, } #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] diff --git a/custom-resources/planetscale_com/src/v2/vitessshards.rs b/custom-resources/planetscale_com/src/v2/vitessshards.rs index 5a57fef54..231cf469b 100644 --- a/custom-resources/planetscale_com/src/v2/vitessshards.rs +++ b/custom-resources/planetscale_com/src/v2/vitessshards.rs @@ -531,6 +531,8 @@ pub struct VitessShardTabletPoolsVttablet { pub resources: VitessShardTabletPoolsVttabletResources, #[serde(default, skip_serializing_if = "Option::is_none", rename = "terminationGracePeriodSeconds")] pub termination_grace_period_seconds: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "vtbackupExtraFlags")] + pub vtbackup_extra_flags: Option>, } #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] diff --git a/custom-resources/pxc_percona_com/src/v1/perconaxtradbclusters.rs b/custom-resources/pxc_percona_com/src/v1/perconaxtradbclusters.rs index 7f2e1b497..bba6a6b0a 100644 --- a/custom-resources/pxc_percona_com/src/v1/perconaxtradbclusters.rs +++ b/custom-resources/pxc_percona_com/src/v1/perconaxtradbclusters.rs @@ -44,6 +44,8 @@ pub struct PerconaXtraDbClusterSpec { pub log_collector_secret_name: Option, #[serde(default, skip_serializing_if = "Option::is_none")] pub logcollector: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "passwordGenerationOptions")] + pub password_generation_options: Option, #[serde(default, skip_serializing_if = "Option::is_none")] pub pause: Option, #[serde(default, skip_serializing_if = "Option::is_none")] @@ -3638,6 +3640,15 @@ pub struct PerconaXtraDbClusterLogcollectorResourcesClaims { pub request: Option, } +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct PerconaXtraDbClusterPasswordGenerationOptions { + #[serde(rename = "maxLength")] + pub max_length: i64, + #[serde(rename = "minLength")] + pub min_length: i64, + pub symbols: String, +} + #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PerconaXtraDbClusterPmm { #[serde(default, skip_serializing_if = "Option::is_none", rename = "containerSecurityContext")] @@ -8827,6 +8838,10 @@ pub struct PerconaXtraDbClusterPxcVolumeSpecPersistentVolumeClaimSelectorMatchEx pub struct PerconaXtraDbClusterTls { #[serde(default, skip_serializing_if = "Option::is_none", rename = "SANs")] pub sa_ns: Option>, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "caValidityDuration")] + pub ca_validity_duration: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "certValidityDuration")] + pub cert_validity_duration: Option, #[serde(default, skip_serializing_if = "Option::is_none")] pub enabled: Option, #[serde(default, skip_serializing_if = "Option::is_none", rename = "issuerConf")] diff --git a/custom-resources/ray_io/src/v1/rayclusters.rs b/custom-resources/ray_io/src/v1/rayclusters.rs index 4c7ccdeec..1b80df51a 100644 --- a/custom-resources/ray_io/src/v1/rayclusters.rs +++ b/custom-resources/ray_io/src/v1/rayclusters.rs @@ -20,6 +20,8 @@ use self::prelude::*; #[kube(derive="Default")] #[kube(derive="PartialEq")] pub struct RayClusterSpec { + #[serde(default, skip_serializing_if = "Option::is_none", rename = "authOptions")] + pub auth_options: Option, #[serde(default, skip_serializing_if = "Option::is_none", rename = "autoscalerOptions")] pub autoscaler_options: Option, #[serde(default, skip_serializing_if = "Option::is_none", rename = "enableInTreeAutoscaling")] @@ -40,6 +42,20 @@ pub struct RayClusterSpec { pub worker_group_specs: Option>, } +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct RayClusterAuthOptions { + #[serde(default, skip_serializing_if = "Option::is_none")] + pub mode: Option, +} + +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub enum RayClusterAuthOptionsMode { + #[serde(rename = "disabled")] + Disabled, + #[serde(rename = "token")] + Token, +} + #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct RayClusterAutoscalerOptions { #[serde(default, skip_serializing_if = "Option::is_none")] diff --git a/custom-resources/ray_io/src/v1/rayjobs.rs b/custom-resources/ray_io/src/v1/rayjobs.rs index 28670e9c5..f46c8eb13 100644 --- a/custom-resources/ray_io/src/v1/rayjobs.rs +++ b/custom-resources/ray_io/src/v1/rayjobs.rs @@ -130,6 +130,8 @@ pub enum RayJobDeletionStrategyOnSuccessPolicy { #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct RayJobRayClusterSpec { + #[serde(default, skip_serializing_if = "Option::is_none", rename = "authOptions")] + pub auth_options: Option, #[serde(default, skip_serializing_if = "Option::is_none", rename = "autoscalerOptions")] pub autoscaler_options: Option, #[serde(default, skip_serializing_if = "Option::is_none", rename = "enableInTreeAutoscaling")] @@ -150,6 +152,20 @@ pub struct RayJobRayClusterSpec { pub worker_group_specs: Option>, } +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct RayJobRayClusterSpecAuthOptions { + #[serde(default, skip_serializing_if = "Option::is_none")] + pub mode: Option, +} + +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub enum RayJobRayClusterSpecAuthOptionsMode { + #[serde(rename = "disabled")] + Disabled, + #[serde(rename = "token")] + Token, +} + #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct RayJobRayClusterSpecAutoscalerOptions { #[serde(default, skip_serializing_if = "Option::is_none")] diff --git a/custom-resources/ray_io/src/v1/rayservices.rs b/custom-resources/ray_io/src/v1/rayservices.rs index a00fdad7b..a0eabed45 100644 --- a/custom-resources/ray_io/src/v1/rayservices.rs +++ b/custom-resources/ray_io/src/v1/rayservices.rs @@ -40,6 +40,8 @@ pub struct RayServiceSpec { #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct RayServiceRayClusterConfig { + #[serde(default, skip_serializing_if = "Option::is_none", rename = "authOptions")] + pub auth_options: Option, #[serde(default, skip_serializing_if = "Option::is_none", rename = "autoscalerOptions")] pub autoscaler_options: Option, #[serde(default, skip_serializing_if = "Option::is_none", rename = "enableInTreeAutoscaling")] @@ -60,6 +62,20 @@ pub struct RayServiceRayClusterConfig { pub worker_group_specs: Option>, } +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct RayServiceRayClusterConfigAuthOptions { + #[serde(default, skip_serializing_if = "Option::is_none")] + pub mode: Option, +} + +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub enum RayServiceRayClusterConfigAuthOptionsMode { + #[serde(rename = "disabled")] + Disabled, + #[serde(rename = "token")] + Token, +} + #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct RayServiceRayClusterConfigAutoscalerOptions { #[serde(default, skip_serializing_if = "Option::is_none")] diff --git a/custom-resources/scheduling_volcano_sh/src/v1beta1/podgroups.rs b/custom-resources/scheduling_volcano_sh/src/v1beta1/podgroups.rs index 5d41f1c44..f288ba9ff 100644 --- a/custom-resources/scheduling_volcano_sh/src/v1beta1/podgroups.rs +++ b/custom-resources/scheduling_volcano_sh/src/v1beta1/podgroups.rs @@ -52,6 +52,9 @@ pub struct PodGroupSpec { /// the PodGroup will not be scheduled. Defaults to `default` Queue with the lowest weight. #[serde(default, skip_serializing_if = "Option::is_none")] pub queue: Option, + /// SubGroupPolicy defines policies for dividing all pods within the podGroup into multiple groups. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "subGroupPolicy")] + pub sub_group_policy: Option>, } /// NetworkTopology defines the NetworkTopology config, this field works in conjunction with network topology feature and hyperNode CRD. @@ -60,6 +63,10 @@ pub struct PodGroupNetworkTopology { /// HighestTierAllowed specifies the highest tier that a job allowed to cross when scheduling. #[serde(default, skip_serializing_if = "Option::is_none", rename = "highestTierAllowed")] pub highest_tier_allowed: Option, + /// HighestTierName specifies the highest tier name that a job allowed to cross when scheduling. + /// HighestTierName and HighestTierAllowed cannot be set simultaneously. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "highestTierName")] + pub highest_tier_name: Option, /// Mode specifies the mode of the network topology constrain. #[serde(default, skip_serializing_if = "Option::is_none")] pub mode: Option, @@ -74,6 +81,58 @@ pub enum PodGroupNetworkTopologyMode { Soft, } +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct PodGroupSubGroupPolicy { + /// MatchPolicy defines matching strategies for different groups, where pods with the same labelKey value are grouped together. + /// The LabelKey in the list is unique. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchPolicy")] + pub match_policy: Option>, + /// MinSubGroups defines the minimum number of sub-affinity groups required. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "minSubGroups")] + pub min_sub_groups: Option, + /// Name specifies the name of SubGroupPolicy + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, + /// NetworkTopology defines the NetworkTopology config, this field works in conjunction with network topology feature and hyperNode CRD. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "networkTopology")] + pub network_topology: Option, + /// SubGroupSize defines the number of pods in each sub-affinity group. + /// Only when a subGroup of pods, with a size of "subGroupSize", can satisfy the network topology constraint then will the subGroup be scheduled. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "subGroupSize")] + pub sub_group_size: Option, +} + +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct PodGroupSubGroupPolicyMatchPolicy { + /// LabelKey specifies the label key used to group pods. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelKey")] + pub label_key: Option, +} + +/// NetworkTopology defines the NetworkTopology config, this field works in conjunction with network topology feature and hyperNode CRD. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct PodGroupSubGroupPolicyNetworkTopology { + /// HighestTierAllowed specifies the highest tier that a job allowed to cross when scheduling. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "highestTierAllowed")] + pub highest_tier_allowed: Option, + /// HighestTierName specifies the highest tier name that a job allowed to cross when scheduling. + /// HighestTierName and HighestTierAllowed cannot be set simultaneously. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "highestTierName")] + pub highest_tier_name: Option, + /// Mode specifies the mode of the network topology constrain. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub mode: Option, +} + +/// NetworkTopology defines the NetworkTopology config, this field works in conjunction with network topology feature and hyperNode CRD. +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub enum PodGroupSubGroupPolicyNetworkTopologyMode { + #[serde(rename = "hard")] + Hard, + #[serde(rename = "soft")] + Soft, +} + /// Status represents the current information about a pod group. /// This data may not be up to date. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] diff --git a/custom-resources/telemetry_istio_io/src/v1/telemetries.rs b/custom-resources/telemetry_istio_io/src/v1/telemetries.rs index 626fd5dc7..b7c821e08 100644 --- a/custom-resources/telemetry_istio_io/src/v1/telemetries.rs +++ b/custom-resources/telemetry_istio_io/src/v1/telemetries.rs @@ -267,6 +267,9 @@ pub struct TelemetryTracingCustomTags { /// Environment adds the value of an environment variable to each span. #[serde(default, skip_serializing_if = "Option::is_none")] pub environment: Option, + /// Formatter adds the value of access logging substitution formatter. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub formatter: Option, /// RequestHeader adds the value of an header from the request to each span. #[serde(default, skip_serializing_if = "Option::is_none")] pub header: Option, @@ -285,6 +288,13 @@ pub struct TelemetryTracingCustomTagsEnvironment { pub name: String, } +/// Formatter adds the value of access logging substitution formatter. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct TelemetryTracingCustomTagsFormatter { + /// The formatter tag value to use, same formatter as HTTP access logging (e.g. + pub value: String, +} + /// RequestHeader adds the value of an header from the request to each span. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct TelemetryTracingCustomTagsHeader { diff --git a/custom-resources/telemetry_istio_io/src/v1alpha1/telemetries.rs b/custom-resources/telemetry_istio_io/src/v1alpha1/telemetries.rs index 712b00da6..2e06b9165 100644 --- a/custom-resources/telemetry_istio_io/src/v1alpha1/telemetries.rs +++ b/custom-resources/telemetry_istio_io/src/v1alpha1/telemetries.rs @@ -267,6 +267,9 @@ pub struct TelemetryTracingCustomTags { /// Environment adds the value of an environment variable to each span. #[serde(default, skip_serializing_if = "Option::is_none")] pub environment: Option, + /// Formatter adds the value of access logging substitution formatter. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub formatter: Option, /// RequestHeader adds the value of an header from the request to each span. #[serde(default, skip_serializing_if = "Option::is_none")] pub header: Option, @@ -285,6 +288,13 @@ pub struct TelemetryTracingCustomTagsEnvironment { pub name: String, } +/// Formatter adds the value of access logging substitution formatter. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct TelemetryTracingCustomTagsFormatter { + /// The formatter tag value to use, same formatter as HTTP access logging (e.g. + pub value: String, +} + /// RequestHeader adds the value of an header from the request to each span. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct TelemetryTracingCustomTagsHeader { diff --git a/custom-resources/templates_gatekeeper_sh/src/v1/constrainttemplates.rs b/custom-resources/templates_gatekeeper_sh/src/v1/constrainttemplates.rs index 87677d190..95b4e3e65 100644 --- a/custom-resources/templates_gatekeeper_sh/src/v1/constrainttemplates.rs +++ b/custom-resources/templates_gatekeeper_sh/src/v1/constrainttemplates.rs @@ -63,6 +63,8 @@ pub struct ConstraintTemplateTargets { #[serde(default, skip_serializing_if = "Option::is_none")] pub libs: Option>, #[serde(default, skip_serializing_if = "Option::is_none")] + pub operations: Option>, + #[serde(default, skip_serializing_if = "Option::is_none")] pub rego: Option, #[serde(default, skip_serializing_if = "Option::is_none")] pub target: Option, diff --git a/custom-resources/templates_gatekeeper_sh/src/v1alpha1/constrainttemplates.rs b/custom-resources/templates_gatekeeper_sh/src/v1alpha1/constrainttemplates.rs index 88be36083..9b4571b4f 100644 --- a/custom-resources/templates_gatekeeper_sh/src/v1alpha1/constrainttemplates.rs +++ b/custom-resources/templates_gatekeeper_sh/src/v1alpha1/constrainttemplates.rs @@ -63,6 +63,8 @@ pub struct ConstraintTemplateTargets { #[serde(default, skip_serializing_if = "Option::is_none")] pub libs: Option>, #[serde(default, skip_serializing_if = "Option::is_none")] + pub operations: Option>, + #[serde(default, skip_serializing_if = "Option::is_none")] pub rego: Option, #[serde(default, skip_serializing_if = "Option::is_none")] pub target: Option, diff --git a/custom-resources/templates_gatekeeper_sh/src/v1beta1/constrainttemplates.rs b/custom-resources/templates_gatekeeper_sh/src/v1beta1/constrainttemplates.rs index 923772ff6..103d295b6 100644 --- a/custom-resources/templates_gatekeeper_sh/src/v1beta1/constrainttemplates.rs +++ b/custom-resources/templates_gatekeeper_sh/src/v1beta1/constrainttemplates.rs @@ -63,6 +63,8 @@ pub struct ConstraintTemplateTargets { #[serde(default, skip_serializing_if = "Option::is_none")] pub libs: Option>, #[serde(default, skip_serializing_if = "Option::is_none")] + pub operations: Option>, + #[serde(default, skip_serializing_if = "Option::is_none")] pub rego: Option, #[serde(default, skip_serializing_if = "Option::is_none")] pub target: Option, diff --git a/custom-resources/topology_volcano_sh/src/v1alpha1/hypernodes.rs b/custom-resources/topology_volcano_sh/src/v1alpha1/hypernodes.rs index 6e6f3e5b8..2a7d1488a 100644 --- a/custom-resources/topology_volcano_sh/src/v1alpha1/hypernodes.rs +++ b/custom-resources/topology_volcano_sh/src/v1alpha1/hypernodes.rs @@ -24,6 +24,9 @@ pub struct HyperNodeSpec { pub members: Option>, /// Tier categorizes the performance level of the HyperNode. pub tier: i64, + /// TierName represents the level name of the HyperNode. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "tierName")] + pub tier_name: Option, } /// MemberSpec represents a specific node or a hyperNodes in the hyperNode.