From 02ea1399a8a5b1cbd4507a763de09a692cd566c8 Mon Sep 17 00:00:00 2001 From: Clay Risser Date: Wed, 8 Nov 2023 16:49:19 -0500 Subject: [PATCH] operator integration-operator (1.0.0) Signed-off-by: Clay Risser --- ...operator.v1.0.0.clusterserviceversion.yaml | 242 +++ .../integration.rock8s.com_plugs.yaml | 1821 ++++++++++++++++ .../integration.rock8s.com_sockets.yaml | 1877 +++++++++++++++++ .../1.0.0/metadata/annotations.yaml | 7 + operators/integration-operator/ci.yaml | 3 + 5 files changed, 3950 insertions(+) create mode 100644 operators/integration-operator/1.0.0/manifests/integration-operator.v1.0.0.clusterserviceversion.yaml create mode 100644 operators/integration-operator/1.0.0/manifests/integration.rock8s.com_plugs.yaml create mode 100644 operators/integration-operator/1.0.0/manifests/integration.rock8s.com_sockets.yaml create mode 100644 operators/integration-operator/1.0.0/metadata/annotations.yaml create mode 100644 operators/integration-operator/ci.yaml diff --git a/operators/integration-operator/1.0.0/manifests/integration-operator.v1.0.0.clusterserviceversion.yaml b/operators/integration-operator/1.0.0/manifests/integration-operator.v1.0.0.clusterserviceversion.yaml new file mode 100644 index 00000000000..156713a40f3 --- /dev/null +++ b/operators/integration-operator/1.0.0/manifests/integration-operator.v1.0.0.clusterserviceversion.yaml @@ -0,0 +1,242 @@ +apiVersion: operators.coreos.com/v1alpha1 +kind: ClusterServiceVersion +metadata: + name: integration-operator.v1.0.0 + namespace: placeholder + annotations: + alm-examples: >- + [{"apiVersion":"integration.rock8s.com/v1beta1","kind":"Plug","metadata":{"name":"postgres","namespace":"app"},"spec":{"socket":{"name":"postgres","namespace":"postgres-namespace"},"config":{"database":"app"}}},{"apiVersion":"integration.rock8s.com/v1beta1","kind":"Socket","metadata":{"name":"postgres","namespace":"postgres-namespace"},"spec":{"interface":{"config":{"socket":{"protocol":{"required":true},"username":{"required":true},"password":{"required":true},"hostname":{"required":true},"port":{"required":true}},"plug":{"database":{"required":true}}}},"config":{"protocol":"psql","username":"postgres","hostname":"postgres-service.postgres-namespace.svc.cluster.local","port":"5432"},"configSecretName":"postgres-secret","resources":[{"when":["coupled","updated"],"do":"recreate","template":{"apiVersion":"batch/v1","kind":"Job","metadata":{"name":"postgres-coupled-or-updated-{% .plug.metadata.namespace %}"},"spec":{"template":{"spec":{"containers":[{"name":"psql","image":"registry.gitlab.com/bitspur/rock8s/images/kube-commands-psql:0.0.1","env":[{"name":"POSTGRES_PROTOCOL","value":"{% .socketConfig.protocol %}"},{"name":"POSTGRES_USERNAME","value":"{% .socketConfig.username %}"},{"name":"POSTGRES_HOSTNAME","value":"{% .socketConfig.hostname %}"},{"name":"POSTGRES_PORT","value":"{% .socketConfig.port %}"},{"name":"POSTGRES_DATABASE","value":"{% .plugConfig.database %}"},{"name":"POSTGRES_PASSWORD","value":"{% .socketConfig.password %}"}],"command":["sh","-c","export PGPASSFILE=\"/tmp/.pgpass\"\nexport STDOUT=\"/tmp/createdb.out\"\necho \"*:*:*:*:$POSTGRES_PASSWORD\" > $PGPASSFILE\nchmod 600 $PGPASSFILE\ncreatedb -h $POSTGRES_HOSTNAME -U $POSTGRES_USERNAME -p $POSTGRES_PORT -w $POSTGRES_DATABASE || true\n"]}]}}}}}]}}] + k8sMinVersion: "" + k8sMaxVersion: "" + categories: Integration & Delivery + certified: "false" + createdAt: "" + description: kubernetes operator to integrate deployments + containerImage: registry.gitlab.com/bitspur/rock8s/integration-operator:1.0.0 + support: "" + capabilities: Full Lifecycle + repository: "" +spec: + displayName: Integration Operator + description: > + This operator takes inspiration from [Juju](https://juju.is) [Charm](https://juju.is/docs/sdk) + [Relations](https://juju.is/docs/sdk/relations) by [Canonical](https://canonical.com). + + ## Terminology + + | Term | Juju Equivalent | Definition | + | --------------- | --------------- | --------------------------------------------------------------------------------------------- | + | Integration | Relation | means to unite and connect applications through mutual communication and shared configuration | + | Plug | Requires | request from an application to integrate with another application | + | Socket | Provides | fulfils requests from applications trying to integrate | + | Interface | Interface | plug and socket schema required to connect | + | Created Event | Created Event | event triggered when plug or socket created | + | Updated Event | Changed Event | event triggered when plug or socket updated | + | Coupled Event | Joined Event | event triggered when applications connected | + | Decoupled Event | Detached Event | event triggered when applications disconnected | + + ## Architecture + + ### A simple analogy + + The best way to explain the architecture is to think about how plugs and sockets work in the real world. + + Let's say I have a laptop purchased in the United States. In order to power my laptop, I need to **integrate** it with the power grid. + Since the laptop was purchased in the United States, the **interface** of the **plug** is Type A as illustrated below. + + ![Type A](https://gitlab.com/bitspur/rock8s/integration-operator/-/raw/main/images/typea.png) + + This means the **socket** I connect to must be also be Type A. + + Now, let's say I travel to India and the only **socket** available to me is Type D as illustrated below. + + ![Type D](https://gitlab.com/bitspur/rock8s/integration-operator/-/raw/main/images/typed.png) + + Since the **socket** interface does not match the **plug** interface, I cannot integrate my laptop with the power grid in India. Of course + this can be overcome with converters, but that is beyond the scope of this analogy. + + ### A real example + + Let's say I have an express application that needs to **integrate** with a mongo database. The express deployment will have a **plug** with + a mongo **interface** and the mongo deployment will have a **socket** with a mongo **interface**. If the **interface** of the **socket** is + a postgres **interface** then the integration will fail. In other words, you cannot connect a mongo **plug** to a postgres **socket**. That + would be like trying to plug a US Type A **plug** into an Indian Type D **socket**. You can only connect a mongo **plug** to a mongo **socket**. + + maturity: stable + version: 1.0.0 + minKubeVersion: 1.26.0 + keywords: + - integration + - plug + - socket + maintainers: + - name: Clay Risser + email: email@clayrisser.com + provider: + name: BitSpur + labels: {} + selector: + matchLabels: {} + links: + - name: Integration Operator + url: "https://gitlab.com/bitspur/rock8s/integration-operator" + - name: Inspired by Juju Charms + url: "https://juju.is" + icon: + - base64data: >- + PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0iVVRGLTgiIHN0YW5kYWxvbmU9Im5vIj8+CjwhLS0gQ3JlYXRlZCB3aXRoIElua3NjYXBlIChodHRwOi8vd3d3Lmlua3NjYXBlLm9yZy8pIC0tPgoKPHN2ZwogICB2ZXJzaW9uPSIxLjEiCiAgIGlkPSJzdmcxIgogICB3aWR0aD0iMTk4LjY0NDgxIgogICBoZWlnaHQ9IjE5OC42NDQ4MiIKICAgdmlld0JveD0iMCAwIDE5OC42NDQ4MSAxOTguNjQ0ODIiCiAgIHNvZGlwb2RpOmRvY25hbWU9ImNsYXlyaXNzZXJfYV9taW5pbWFsaXN0XzItY29sb3JfbG9nb19vZl9hX3BsdWdfYW5kX3NvY2tldF81YmM0MDc3YS1hZDQ5LTRmMjYtOTZjMi1iNDEyOTY5ZTA1OGEuc3ZnIgogICBpbmtzY2FwZTpleHBvcnQtZmlsZW5hbWU9Imljb24uc3ZnIgogICBpbmtzY2FwZTpleHBvcnQteGRwaT0iNzMxLjUxNzciCiAgIGlua3NjYXBlOmV4cG9ydC15ZHBpPSI3MzEuNTE3NyIKICAgaW5rc2NhcGU6dmVyc2lvbj0iMS4zICgwZTE1MGVkLCAyMDIzLTA3LTIxKSIKICAgeG1sbnM6aW5rc2NhcGU9Imh0dHA6Ly93d3cuaW5rc2NhcGUub3JnL25hbWVzcGFjZXMvaW5rc2NhcGUiCiAgIHhtbG5zOnNvZGlwb2RpPSJodHRwOi8vc29kaXBvZGkuc291cmNlZm9yZ2UubmV0L0RURC9zb2RpcG9kaS0wLmR0ZCIKICAgeG1sbnM9Imh0dHA6Ly93d3cudzMub3JnLzIwMDAvc3ZnIgogICB4bWxuczpzdmc9Imh0dHA6Ly93d3cudzMub3JnLzIwMDAvc3ZnIj4KICA8ZGVmcwogICAgIGlkPSJkZWZzMSIgLz4KICA8c29kaXBvZGk6bmFtZWR2aWV3CiAgICAgaWQ9Im5hbWVkdmlldzEiCiAgICAgcGFnZWNvbG9yPSIjZmZmZmZmIgogICAgIGJvcmRlcmNvbG9yPSIjMDAwMDAwIgogICAgIGJvcmRlcm9wYWNpdHk9IjAuMjUiCiAgICAgaW5rc2NhcGU6c2hvd3BhZ2VzaGFkb3c9IjIiCiAgICAgaW5rc2NhcGU6cGFnZW9wYWNpdHk9IjAuMCIKICAgICBpbmtzY2FwZTpwYWdlY2hlY2tlcmJvYXJkPSIwIgogICAgIGlua3NjYXBlOmRlc2tjb2xvcj0iI2QxZDFkMSIKICAgICBzaG93Z3JpZD0iZmFsc2UiCiAgICAgaW5rc2NhcGU6em9vbT0iMC43MTQ4NDM3NSIKICAgICBpbmtzY2FwZTpjeD0iMjAwLjc0MzE3IgogICAgIGlua3NjYXBlOmN5PSIyMzkuMjEzMTEiCiAgICAgaW5rc2NhcGU6d2luZG93LXdpZHRoPSIxNTEyIgogICAgIGlua3NjYXBlOndpbmRvdy1oZWlnaHQ9Ijk0NSIKICAgICBpbmtzY2FwZTp3aW5kb3cteD0iMCIKICAgICBpbmtzY2FwZTp3aW5kb3cteT0iMzciCiAgICAgaW5rc2NhcGU6d2luZG93LW1heGltaXplZD0iMCIKICAgICBpbmtzY2FwZTpjdXJyZW50LWxheWVyPSJnMSIgLz4KICA8ZwogICAgIGlua3NjYXBlOmdyb3VwbW9kZT0ibGF5ZXIiCiAgICAgaW5rc2NhcGU6bGFiZWw9IkltYWdlIgogICAgIGlkPSJnMSIKICAgICB0cmFuc2Zvcm09InRyYW5zbGF0ZSgtMzM4LjE0NjM2LC0zMDMuODIyNTEpIj4KICAgIDxyZWN0CiAgICAgICBzdHlsZT0iZmlsbDojZmY5NjIwO2ZpbGwtb3BhY2l0eToxO3N0cm9rZS13aWR0aDoxLjA0MTtzdHJva2UtZGFzaGFycmF5Om5vbmUiCiAgICAgICBpZD0icmVjdDEiCiAgICAgICB3aWR0aD0iMTk4LjY0NDgxIgogICAgICAgaGVpZ2h0PSIxOTguNjQ0ODIiCiAgICAgICB4PSIzMzguMTQ2MzYiCiAgICAgICB5PSIzMDMuODIyNTEiCiAgICAgICBpbmtzY2FwZTpsYWJlbD0icmVjdDEiCiAgICAgICByeT0iNDguMjYyMjY0IiAvPgogICAgPHBhdGgKICAgICAgIHN0eWxlPSJmaWxsOiMwMDAwMDAiCiAgICAgICBkPSJtIDQxMi42ODgzMSw0NjguMjU1NDYgYyAtMC4wOTAzLC0xLjUxMjUgLTAuMDQ5MywtNSAwLjA5MTEsLTcuNzUgMS4wODgxOSwtMjEuMzE5NzEgMjYuMjM1NjQsLTMxLjQzMjY5IDQxLjEyODU5LC0xNi41Mzk3NCA1LjUzMzYzLDUuNTMzNjMgNy45NDQ1LDExLjk3MzUxIDcuOTQ0NSwyMS4yMjEyNCB2IDUuODE4NSBoIC0yNC41MDAwNCAtMjQuNSB6IG0gLTIxLjgzNTg1LC0xMDEuNzUgdiAtMjkuNSBoIDkgOSB2IDI5LjUgMjkuNSBoIC05IC05IHogbSA3NC42NDE4NSwyNS43NSBjIC0wLjM0MDkxLC0yLjA2MjUgLTAuNjI0NzksLTE1LjMzNzUgLTAuNjMwODQsLTI5LjUgbCAtMC4wMTEsLTI1Ljc1IGggOSA5IHYgMjkuNSAyOS41IGggLTguMzY5MTYgLTguMzY5MTYgeiIKICAgICAgIGlkPSJwYXRoMSIKICAgICAgIHNvZGlwb2RpOm5vZGV0eXBlcz0ic2Nzc2NjY3NjY2NjY2NjY2Nzc2NjY2NjY2NzIgogICAgICAgaW5rc2NhcGU6bGFiZWw9InBhdGgxIiAvPgogIDwvZz4KPC9zdmc+Cg== + mediatype: image/svg+xml + customresourcedefinitions: + owned: + - name: plugs.integration.rock8s.com + displayName: Plug + kind: Plug + version: v1beta1 + description: Plug + resources: [] + specDescriptors: [] + statusDescriptors: [] + - name: sockets.integration.rock8s.com + displayName: Socket + kind: Socket + version: v1beta1 + description: Socket + resources: [] + specDescriptors: [] + statusDescriptors: [] + required: [] + install: + strategy: deployment + spec: + permissions: + - serviceAccountName: integration-operator + rules: + - apiGroups: + - "" + resources: + - events + verbs: + - create + - delete + - get + - list + - patch + - update + - watch + - apiGroups: + - "" + resources: + - serviceaccounts + verbs: + - impersonate + - apiGroups: + - integration.rock8s.com + resources: + - plugs + - sockets + verbs: + - "*" + - apiGroups: + - integration.rock8s.com + resources: + - plugs/status + - sockets/status + verbs: + - get + - update + - patch + - apiGroups: + - integration.rock8s.com + resources: + - plugs/finalizers + - sockets/finalizers + verbs: + - update + - apiGroups: + - coordination.k8s.io + resources: + - leases + verbs: + - create + - delete + - get + - list + - patch + - update + - watch + clusterPermissions: [] + deployments: + - name: add-deployment + spec: + replicas: 1 + strategy: + type: RollingUpdate + selector: + matchLabels: + app.kubernetes.io/name: integration-operator + template: + metadata: + labels: + app.kubernetes.io/name: integration-operator + spec: + affinity: + nodeAffinity: + requiredDuringSchedulingIgnoredDuringExecution: + nodeSelectorTerms: + - matchExpressions: + - key: kubernetes.io/arch + operator: In + values: + - amd64 + serviceAccountName: integration-operator + containers: + - image: registry.gitlab.com/bitspur/rock8s/integration-operator:1.0.0 + imagePullPolicy: Always + name: integration-operator + args: + - "--leader-elect" + - "--health-probe-bind-address=:8081" + - "--zap-devel=false" + resources: + limits: + cpu: 200m + memory: 100Mi + requests: + cpu: 100m + memory: 50Mi + env: + - name: WATCH_NAMESPACE + valueFrom: + fieldRef: + fieldPath: "metadata.annotations['olm.targetNamespaces']" + - name: POD_NAME + valueFrom: + fieldRef: + fieldPath: metadata.name + - name: OPERATOR_NAME + value: integration-operator + - name: MAX_CONCURRENT_RECONCILES + value: "3" + nodeSelector: + beta.kubernetes.io/os: linux + livenessProbe: + httpGet: + path: /healthz + port: 8081 + initialDelaySeconds: 15 + periodSeconds: 20 + readinessProbe: + httpGet: + path: /readyz + port: 8081 + initialDelaySeconds: 5 + periodSeconds: 10 + installModes: + - type: OwnNamespace + supported: true + - type: SingleNamespace + supported: true + - type: MultiNamespace + supported: true + - type: AllNamespaces + supported: true diff --git a/operators/integration-operator/1.0.0/manifests/integration.rock8s.com_plugs.yaml b/operators/integration-operator/1.0.0/manifests/integration.rock8s.com_plugs.yaml new file mode 100644 index 00000000000..2e9617b5ceb --- /dev/null +++ b/operators/integration-operator/1.0.0/manifests/integration.rock8s.com_plugs.yaml @@ -0,0 +1,1821 @@ +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.11.1 + creationTimestamp: null + name: plugs.integration.rock8s.com +spec: + group: integration.rock8s.com + names: + kind: Plug + listKind: PlugList + plural: plugs + singular: plug + scope: Namespaced + versions: + - name: v1beta1 + schema: + openAPIV3Schema: + description: Plug is the Schema for the plugs API + properties: + apiVersion: + description: + "APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" + type: string + kind: + description: + "Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + type: string + metadata: + type: object + spec: + description: PlugSpec defines the desired state of Plug + properties: + apparatus: + description: apparatus + properties: + containers: + description: + List of containers belonging to the apparatus. Containers + cannot currently be added or removed. There must be at least + one container in an apparatus. Cannot be updated. + items: + description: + A single application container that you want to + run within a pod. + properties: + args: + description: + 'Arguments to the entrypoint. The container + image''s CMD is used if this is not provided. Variable + references $(VAR_NAME) are expanded using the container''s + environment. If a variable cannot be resolved, the reference + in the input string will be unchanged. Double $$ are reduced + to a single $, which allows for escaping the $(VAR_NAME) + syntax: i.e. "$$(VAR_NAME)" will produce the string literal + "$(VAR_NAME)". Escaped references will never be expanded, + regardless of whether the variable exists or not. Cannot + be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell' + items: + type: string + type: array + command: + description: + 'Entrypoint array. Not executed within a shell. + The container image''s ENTRYPOINT is used if this is not + provided. Variable references $(VAR_NAME) are expanded + using the container''s environment. If a variable cannot + be resolved, the reference in the input string will be + unchanged. Double $$ are reduced to a single $, which + allows for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" + will produce the string literal "$(VAR_NAME)". Escaped + references will never be expanded, regardless of whether + the variable exists or not. Cannot be updated. More info: + https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell' + items: + type: string + type: array + env: + description: + List of environment variables to set in the + container. Cannot be updated. + items: + description: + EnvVar represents an environment variable + present in a Container. + properties: + name: + description: + Name of the environment variable. Must + be a C_IDENTIFIER. + type: string + value: + description: + 'Variable references $(VAR_NAME) are + expanded using the previously defined environment + variables in the container and any service environment + variables. If a variable cannot be resolved, the + reference in the input string will be unchanged. + Double $$ are reduced to a single $, which allows + for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" + will produce the string literal "$(VAR_NAME)". Escaped + references will never be expanded, regardless of + whether the variable exists or not. Defaults to + "".' + type: string + valueFrom: + description: + Source for the environment variable's + value. Cannot be used if value is not empty. + properties: + configMapKeyRef: + description: Selects a key of a ConfigMap. + properties: + key: + description: The key to select. + type: string + name: + description: + "Name of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?" + type: string + optional: + description: + Specify whether the ConfigMap + or its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + fieldRef: + description: + "Selects a field of the pod: supports + metadata.name, metadata.namespace, `metadata.labels['']`, + `metadata.annotations['']`, spec.nodeName, + spec.serviceAccountName, status.hostIP, status.podIP, + status.podIPs." + properties: + apiVersion: + description: + Version of the schema the FieldPath + is written in terms of, defaults to "v1". + type: string + fieldPath: + description: + Path of the field to select in + the specified API version. + type: string + required: + - fieldPath + type: object + x-kubernetes-map-type: atomic + resourceFieldRef: + description: + "Selects a resource of the container: + only resources limits and requests (limits.cpu, + limits.memory, limits.ephemeral-storage, requests.cpu, + requests.memory and requests.ephemeral-storage) + are currently supported." + properties: + containerName: + description: + "Container name: required for + volumes, optional for env vars" + type: string + divisor: + anyOf: + - type: integer + - type: string + description: + Specifies the output format of + the exposed resources, defaults to "1" + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + resource: + description: "Required: resource to select" + type: string + required: + - resource + type: object + x-kubernetes-map-type: atomic + secretKeyRef: + description: + Selects a key of a secret in the + pod's namespace + properties: + key: + description: + The key of the secret to select + from. Must be a valid secret key. + type: string + name: + description: + "Name of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?" + type: string + optional: + description: + Specify whether the Secret or + its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + required: + - name + type: object + type: array + envFrom: + description: + List of sources to populate environment variables + in the container. The keys defined within a source must + be a C_IDENTIFIER. All invalid keys will be reported as + an event when the container is starting. When a key exists + in multiple sources, the value associated with the last + source will take precedence. Values defined by an Env + with a duplicate key will take precedence. Cannot be updated. + items: + description: + EnvFromSource represents the source of a + set of ConfigMaps + properties: + configMapRef: + description: The ConfigMap to select from + properties: + name: + description: + "Name of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, + uid?" + type: string + optional: + description: + Specify whether the ConfigMap must + be defined + type: boolean + type: object + x-kubernetes-map-type: atomic + prefix: + description: + An optional identifier to prepend to + each key in the ConfigMap. Must be a C_IDENTIFIER. + type: string + secretRef: + description: The Secret to select from + properties: + name: + description: + "Name of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, + uid?" + type: string + optional: + description: + Specify whether the Secret must be + defined + type: boolean + type: object + x-kubernetes-map-type: atomic + type: object + type: array + image: + description: + "Container image name. More info: https://kubernetes.io/docs/concepts/containers/images + This field is optional to allow higher level config management + to default or override container images in workload controllers + like Deployments and StatefulSets." + type: string + imagePullPolicy: + description: + "Image pull policy. One of Always, Never, IfNotPresent. + Defaults to Always if :latest tag is specified, or IfNotPresent + otherwise. Cannot be updated. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images" + type: string + lifecycle: + description: + Actions that the management system should take + in response to container lifecycle events. Cannot be updated. + properties: + postStart: + description: + "PostStart is called immediately after + a container is created. If the handler fails, the + container is terminated and restarted according to + its restart policy. Other management of the container + blocks until the hook completes. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks" + properties: + exec: + description: Exec specifies the action to take. + properties: + command: + description: + Command is the command line to + execute inside the container, the working + directory for the command is root ('/') in + the container's filesystem. The command is + simply exec'd, it is not run inside a shell, + so traditional shell instructions ('|', etc) + won't work. To use a shell, you need to explicitly + call out to that shell. Exit status of 0 is + treated as live/healthy and non-zero is unhealthy. + items: + type: string + type: array + type: object + httpGet: + description: + HTTPGet specifies the http request + to perform. + properties: + host: + description: + Host name to connect to, defaults + to the pod IP. You probably want to set "Host" + in httpHeaders instead. + type: string + httpHeaders: + description: + Custom headers to set in the request. + HTTP allows repeated headers. + items: + description: + HTTPHeader describes a custom + header to be used in HTTP probes + properties: + name: + description: The header field name + type: string + value: + description: The header field value + type: string + required: + - name + - value + type: object + type: array + path: + description: Path to access on the HTTP server. + type: string + port: + anyOf: + - type: integer + - type: string + description: + Name or number of the port to access + on the container. Number must be in the range + 1 to 65535. Name must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + scheme: + description: + Scheme to use for connecting to + the host. Defaults to HTTP. + type: string + required: + - port + type: object + tcpSocket: + description: + Deprecated. TCPSocket is NOT supported + as a LifecycleHandler and kept for the backward + compatibility. There are no validation of this + field and lifecycle hooks will fail in runtime + when tcp handler is specified. + properties: + host: + description: + "Optional: Host name to connect + to, defaults to the pod IP." + type: string + port: + anyOf: + - type: integer + - type: string + description: + Number or name of the port to access + on the container. Number must be in the range + 1 to 65535. Name must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + required: + - port + type: object + type: object + preStop: + description: + "PreStop is called immediately before a + container is terminated due to an API request or management + event such as liveness/startup probe failure, preemption, + resource contention, etc. The handler is not called + if the container crashes or exits. The Pod's termination + grace period countdown begins before the PreStop hook + is executed. Regardless of the outcome of the handler, + the container will eventually terminate within the + Pod's termination grace period (unless delayed by + finalizers). Other management of the container blocks + until the hook completes or until the termination + grace period is reached. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks" + properties: + exec: + description: Exec specifies the action to take. + properties: + command: + description: + Command is the command line to + execute inside the container, the working + directory for the command is root ('/') in + the container's filesystem. The command is + simply exec'd, it is not run inside a shell, + so traditional shell instructions ('|', etc) + won't work. To use a shell, you need to explicitly + call out to that shell. Exit status of 0 is + treated as live/healthy and non-zero is unhealthy. + items: + type: string + type: array + type: object + httpGet: + description: + HTTPGet specifies the http request + to perform. + properties: + host: + description: + Host name to connect to, defaults + to the pod IP. You probably want to set "Host" + in httpHeaders instead. + type: string + httpHeaders: + description: + Custom headers to set in the request. + HTTP allows repeated headers. + items: + description: + HTTPHeader describes a custom + header to be used in HTTP probes + properties: + name: + description: The header field name + type: string + value: + description: The header field value + type: string + required: + - name + - value + type: object + type: array + path: + description: Path to access on the HTTP server. + type: string + port: + anyOf: + - type: integer + - type: string + description: + Name or number of the port to access + on the container. Number must be in the range + 1 to 65535. Name must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + scheme: + description: + Scheme to use for connecting to + the host. Defaults to HTTP. + type: string + required: + - port + type: object + tcpSocket: + description: + Deprecated. TCPSocket is NOT supported + as a LifecycleHandler and kept for the backward + compatibility. There are no validation of this + field and lifecycle hooks will fail in runtime + when tcp handler is specified. + properties: + host: + description: + "Optional: Host name to connect + to, defaults to the pod IP." + type: string + port: + anyOf: + - type: integer + - type: string + description: + Number or name of the port to access + on the container. Number must be in the range + 1 to 65535. Name must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + required: + - port + type: object + type: object + type: object + livenessProbe: + description: + "Periodic probe of container liveness. Container + will be restarted if the probe fails. Cannot be updated. + More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" + properties: + exec: + description: Exec specifies the action to take. + properties: + command: + description: + Command is the command line to execute + inside the container, the working directory for + the command is root ('/') in the container's + filesystem. The command is simply exec'd, it is + not run inside a shell, so traditional shell instructions + ('|', etc) won't work. To use a shell, you need + to explicitly call out to that shell. Exit status + of 0 is treated as live/healthy and non-zero is + unhealthy. + items: + type: string + type: array + type: object + failureThreshold: + description: + Minimum consecutive failures for the probe + to be considered failed after having succeeded. Defaults + to 3. Minimum value is 1. + format: int32 + type: integer + grpc: + description: + GRPC specifies an action involving a GRPC + port. This is a beta field and requires enabling GRPCContainerProbe + feature gate. + properties: + port: + description: + Port number of the gRPC service. Number + must be in the range 1 to 65535. + format: int32 + type: integer + service: + description: + "Service is the name of the service + to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). + \n If this is not specified, the default behavior + is defined by gRPC." + type: string + required: + - port + type: object + httpGet: + description: HTTPGet specifies the http request to perform. + properties: + host: + description: + Host name to connect to, defaults to + the pod IP. You probably want to set "Host" in + httpHeaders instead. + type: string + httpHeaders: + description: + Custom headers to set in the request. + HTTP allows repeated headers. + items: + description: + HTTPHeader describes a custom header + to be used in HTTP probes + properties: + name: + description: The header field name + type: string + value: + description: The header field value + type: string + required: + - name + - value + type: object + type: array + path: + description: Path to access on the HTTP server. + type: string + port: + anyOf: + - type: integer + - type: string + description: + Name or number of the port to access + on the container. Number must be in the range + 1 to 65535. Name must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + scheme: + description: + Scheme to use for connecting to the + host. Defaults to HTTP. + type: string + required: + - port + type: object + initialDelaySeconds: + description: + "Number of seconds after the container + has started before liveness probes are initiated. + More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" + format: int32 + type: integer + periodSeconds: + description: + How often (in seconds) to perform the probe. + Default to 10 seconds. Minimum value is 1. + format: int32 + type: integer + successThreshold: + description: + Minimum consecutive successes for the probe + to be considered successful after having failed. Defaults + to 1. Must be 1 for liveness and startup. Minimum + value is 1. + format: int32 + type: integer + tcpSocket: + description: + TCPSocket specifies an action involving + a TCP port. + properties: + host: + description: + "Optional: Host name to connect to, + defaults to the pod IP." + type: string + port: + anyOf: + - type: integer + - type: string + description: + Number or name of the port to access + on the container. Number must be in the range + 1 to 65535. Name must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + required: + - port + type: object + terminationGracePeriodSeconds: + description: + Optional duration in seconds the pod needs + to terminate gracefully upon probe failure. The grace + period is the duration in seconds after the processes + running in the pod are sent a termination signal and + the time when the processes are forcibly halted with + a kill signal. Set this value longer than the expected + cleanup time for your process. If this value is nil, + the pod's terminationGracePeriodSeconds will be used. + Otherwise, this value overrides the value provided + by the pod spec. Value must be non-negative integer. + The value zero indicates stop immediately via the + kill signal (no opportunity to shut down). This is + a beta field and requires enabling ProbeTerminationGracePeriod + feature gate. Minimum value is 1. spec.terminationGracePeriodSeconds + is used if unset. + format: int64 + type: integer + timeoutSeconds: + description: + "Number of seconds after which the probe + times out. Defaults to 1 second. Minimum value is + 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" + format: int32 + type: integer + type: object + name: + description: + Name of the container specified as a DNS_LABEL. + Each container in a pod must have a unique name (DNS_LABEL). + Cannot be updated. + type: string + ports: + description: + List of ports to expose from the container. + Not specifying a port here DOES NOT prevent that port + from being exposed. Any port which is listening on the + default "0.0.0.0" address inside a container will be accessible + from the network. Modifying this array with strategic + merge patch may corrupt the data. For more information + See https://github.com/kubernetes/kubernetes/issues/108255. + Cannot be updated. + items: + description: + ContainerPort represents a network port in + a single container. + properties: + containerPort: + description: + Number of port to expose on the pod's + IP address. This must be a valid port number, 0 + < x < 65536. + format: int32 + type: integer + hostIP: + description: + What host IP to bind the external port + to. + type: string + hostPort: + description: + Number of port to expose on the host. + If specified, this must be a valid port number, + 0 < x < 65536. If HostNetwork is specified, this + must match ContainerPort. Most containers do not + need this. + format: int32 + type: integer + name: + description: + If specified, this must be an IANA_SVC_NAME + and unique within the pod. Each named port in a + pod must have a unique name. Name for the port that + can be referred to by services. + type: string + protocol: + default: TCP + description: + Protocol for port. Must be UDP, TCP, + or SCTP. Defaults to "TCP". + type: string + required: + - containerPort + type: object + type: array + x-kubernetes-list-map-keys: + - containerPort + - protocol + x-kubernetes-list-type: map + readinessProbe: + description: + "Periodic probe of container service readiness. + Container will be removed from service endpoints if the + probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" + properties: + exec: + description: Exec specifies the action to take. + properties: + command: + description: + Command is the command line to execute + inside the container, the working directory for + the command is root ('/') in the container's + filesystem. The command is simply exec'd, it is + not run inside a shell, so traditional shell instructions + ('|', etc) won't work. To use a shell, you need + to explicitly call out to that shell. Exit status + of 0 is treated as live/healthy and non-zero is + unhealthy. + items: + type: string + type: array + type: object + failureThreshold: + description: + Minimum consecutive failures for the probe + to be considered failed after having succeeded. Defaults + to 3. Minimum value is 1. + format: int32 + type: integer + grpc: + description: + GRPC specifies an action involving a GRPC + port. This is a beta field and requires enabling GRPCContainerProbe + feature gate. + properties: + port: + description: + Port number of the gRPC service. Number + must be in the range 1 to 65535. + format: int32 + type: integer + service: + description: + "Service is the name of the service + to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). + \n If this is not specified, the default behavior + is defined by gRPC." + type: string + required: + - port + type: object + httpGet: + description: HTTPGet specifies the http request to perform. + properties: + host: + description: + Host name to connect to, defaults to + the pod IP. You probably want to set "Host" in + httpHeaders instead. + type: string + httpHeaders: + description: + Custom headers to set in the request. + HTTP allows repeated headers. + items: + description: + HTTPHeader describes a custom header + to be used in HTTP probes + properties: + name: + description: The header field name + type: string + value: + description: The header field value + type: string + required: + - name + - value + type: object + type: array + path: + description: Path to access on the HTTP server. + type: string + port: + anyOf: + - type: integer + - type: string + description: + Name or number of the port to access + on the container. Number must be in the range + 1 to 65535. Name must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + scheme: + description: + Scheme to use for connecting to the + host. Defaults to HTTP. + type: string + required: + - port + type: object + initialDelaySeconds: + description: + "Number of seconds after the container + has started before liveness probes are initiated. + More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" + format: int32 + type: integer + periodSeconds: + description: + How often (in seconds) to perform the probe. + Default to 10 seconds. Minimum value is 1. + format: int32 + type: integer + successThreshold: + description: + Minimum consecutive successes for the probe + to be considered successful after having failed. Defaults + to 1. Must be 1 for liveness and startup. Minimum + value is 1. + format: int32 + type: integer + tcpSocket: + description: + TCPSocket specifies an action involving + a TCP port. + properties: + host: + description: + "Optional: Host name to connect to, + defaults to the pod IP." + type: string + port: + anyOf: + - type: integer + - type: string + description: + Number or name of the port to access + on the container. Number must be in the range + 1 to 65535. Name must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + required: + - port + type: object + terminationGracePeriodSeconds: + description: + Optional duration in seconds the pod needs + to terminate gracefully upon probe failure. The grace + period is the duration in seconds after the processes + running in the pod are sent a termination signal and + the time when the processes are forcibly halted with + a kill signal. Set this value longer than the expected + cleanup time for your process. If this value is nil, + the pod's terminationGracePeriodSeconds will be used. + Otherwise, this value overrides the value provided + by the pod spec. Value must be non-negative integer. + The value zero indicates stop immediately via the + kill signal (no opportunity to shut down). This is + a beta field and requires enabling ProbeTerminationGracePeriod + feature gate. Minimum value is 1. spec.terminationGracePeriodSeconds + is used if unset. + format: int64 + type: integer + timeoutSeconds: + description: + "Number of seconds after which the probe + times out. Defaults to 1 second. Minimum value is + 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" + format: int32 + type: integer + type: object + resources: + description: + "Compute Resources required by this container. + Cannot be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" + properties: + claims: + description: + "Claims lists the names of resources, defined + in spec.resourceClaims, that are used by this container. + \n This is an alpha field and requires enabling the + DynamicResourceAllocation feature gate. \n This field + is immutable." + items: + description: + ResourceClaim references one entry in + PodSpec.ResourceClaims. + properties: + name: + description: + Name must match the name of one entry + in pod.spec.resourceClaims of the Pod where + this field is used. It makes that resource available + inside a container. + type: string + required: + - name + type: object + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: + "Limits describes the maximum amount of + compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: + "Requests describes the minimum amount + of compute resources required. If Requests is omitted + for a container, it defaults to Limits if that is + explicitly specified, otherwise to an implementation-defined + value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" + type: object + type: object + securityContext: + description: + "SecurityContext defines the security options + the container should be run with. If set, the fields of + SecurityContext override the equivalent fields of PodSecurityContext. + More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/" + properties: + allowPrivilegeEscalation: + description: + "AllowPrivilegeEscalation controls whether + a process can gain more privileges than its parent + process. This bool directly controls if the no_new_privs + flag will be set on the container process. AllowPrivilegeEscalation + is true always when the container is: 1) run as Privileged + 2) has CAP_SYS_ADMIN Note that this field cannot be + set when spec.os.name is windows." + type: boolean + capabilities: + description: + The capabilities to add/drop when running + containers. Defaults to the default set of capabilities + granted by the container runtime. Note that this field + cannot be set when spec.os.name is windows. + properties: + add: + description: Added capabilities + items: + description: + Capability represent POSIX capabilities + type + type: string + type: array + drop: + description: Removed capabilities + items: + description: + Capability represent POSIX capabilities + type + type: string + type: array + type: object + privileged: + description: + Run container in privileged mode. Processes + in privileged containers are essentially equivalent + to root on the host. Defaults to false. Note that + this field cannot be set when spec.os.name is windows. + type: boolean + procMount: + description: + procMount denotes the type of proc mount + to use for the containers. The default is DefaultProcMount + which uses the container runtime defaults for readonly + paths and masked paths. This requires the ProcMountType + feature flag to be enabled. Note that this field cannot + be set when spec.os.name is windows. + type: string + readOnlyRootFilesystem: + description: + Whether this container has a read-only + root filesystem. Default is false. Note that this + field cannot be set when spec.os.name is windows. + type: boolean + runAsGroup: + description: + The GID to run the entrypoint of the container + process. Uses runtime default if unset. May also be + set in PodSecurityContext. If set in both SecurityContext + and PodSecurityContext, the value specified in SecurityContext + takes precedence. Note that this field cannot be set + when spec.os.name is windows. + format: int64 + type: integer + runAsNonRoot: + description: + Indicates that the container must run as + a non-root user. If true, the Kubelet will validate + the image at runtime to ensure that it does not run + as UID 0 (root) and fail to start the container if + it does. If unset or false, no such validation will + be performed. May also be set in PodSecurityContext. If + set in both SecurityContext and PodSecurityContext, + the value specified in SecurityContext takes precedence. + type: boolean + runAsUser: + description: + The UID to run the entrypoint of the container + process. Defaults to user specified in image metadata + if unspecified. May also be set in PodSecurityContext. If + set in both SecurityContext and PodSecurityContext, + the value specified in SecurityContext takes precedence. + Note that this field cannot be set when spec.os.name + is windows. + format: int64 + type: integer + seLinuxOptions: + description: + The SELinux context to be applied to the + container. If unspecified, the container runtime will + allocate a random SELinux context for each container. May + also be set in PodSecurityContext. If set in both + SecurityContext and PodSecurityContext, the value + specified in SecurityContext takes precedence. Note + that this field cannot be set when spec.os.name is + windows. + properties: + level: + description: + Level is SELinux level label that applies + to the container. + type: string + role: + description: + Role is a SELinux role label that applies + to the container. + type: string + type: + description: + Type is a SELinux type label that applies + to the container. + type: string + user: + description: + User is a SELinux user label that applies + to the container. + type: string + type: object + seccompProfile: + description: + The seccomp options to use by this container. + If seccomp options are provided at both the pod & + container level, the container options override the + pod options. Note that this field cannot be set when + spec.os.name is windows. + properties: + localhostProfile: + description: + localhostProfile indicates a profile + defined in a file on the node should be used. + The profile must be preconfigured on the node + to work. Must be a descending path, relative to + the kubelet's configured seccomp profile location. + Must only be set if type is "Localhost". + type: string + type: + description: + "type indicates which kind of seccomp + profile will be applied. Valid options are: \n + Localhost - a profile defined in a file on the + node should be used. RuntimeDefault - the container + runtime default profile should be used. Unconfined + - no profile should be applied." + type: string + required: + - type + type: object + windowsOptions: + description: + The Windows specific settings applied to + all containers. If unspecified, the options from the + PodSecurityContext will be used. If set in both SecurityContext + and PodSecurityContext, the value specified in SecurityContext + takes precedence. Note that this field cannot be set + when spec.os.name is linux. + properties: + gmsaCredentialSpec: + description: + GMSACredentialSpec is where the GMSA + admission webhook (https://github.com/kubernetes-sigs/windows-gmsa) + inlines the contents of the GMSA credential spec + named by the GMSACredentialSpecName field. + type: string + gmsaCredentialSpecName: + description: + GMSACredentialSpecName is the name + of the GMSA credential spec to use. + type: string + hostProcess: + description: + HostProcess determines if a container + should be run as a 'Host Process' container. This + field is alpha-level and will only be honored + by components that enable the WindowsHostProcessContainers + feature flag. Setting this field without the feature + flag will result in errors when validating the + Pod. All of a Pod's containers must have the same + effective HostProcess value (it is not allowed + to have a mix of HostProcess containers and non-HostProcess + containers). In addition, if HostProcess is true + then HostNetwork must also be set to true. + type: boolean + runAsUserName: + description: + The UserName in Windows to run the + entrypoint of the container process. Defaults + to the user specified in image metadata if unspecified. + May also be set in PodSecurityContext. If set + in both SecurityContext and PodSecurityContext, + the value specified in SecurityContext takes precedence. + type: string + type: object + type: object + startupProbe: + description: + "StartupProbe indicates that the Pod has successfully + initialized. If specified, no other probes are executed + until this completes successfully. If this probe fails, + the Pod will be restarted, just as if the livenessProbe + failed. This can be used to provide different probe parameters + at the beginning of a Pod's lifecycle, when it might + take a long time to load data or warm a cache, than during + steady-state operation. This cannot be updated. More info: + https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" + properties: + exec: + description: Exec specifies the action to take. + properties: + command: + description: + Command is the command line to execute + inside the container, the working directory for + the command is root ('/') in the container's + filesystem. The command is simply exec'd, it is + not run inside a shell, so traditional shell instructions + ('|', etc) won't work. To use a shell, you need + to explicitly call out to that shell. Exit status + of 0 is treated as live/healthy and non-zero is + unhealthy. + items: + type: string + type: array + type: object + failureThreshold: + description: + Minimum consecutive failures for the probe + to be considered failed after having succeeded. Defaults + to 3. Minimum value is 1. + format: int32 + type: integer + grpc: + description: + GRPC specifies an action involving a GRPC + port. This is a beta field and requires enabling GRPCContainerProbe + feature gate. + properties: + port: + description: + Port number of the gRPC service. Number + must be in the range 1 to 65535. + format: int32 + type: integer + service: + description: + "Service is the name of the service + to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). + \n If this is not specified, the default behavior + is defined by gRPC." + type: string + required: + - port + type: object + httpGet: + description: HTTPGet specifies the http request to perform. + properties: + host: + description: + Host name to connect to, defaults to + the pod IP. You probably want to set "Host" in + httpHeaders instead. + type: string + httpHeaders: + description: + Custom headers to set in the request. + HTTP allows repeated headers. + items: + description: + HTTPHeader describes a custom header + to be used in HTTP probes + properties: + name: + description: The header field name + type: string + value: + description: The header field value + type: string + required: + - name + - value + type: object + type: array + path: + description: Path to access on the HTTP server. + type: string + port: + anyOf: + - type: integer + - type: string + description: + Name or number of the port to access + on the container. Number must be in the range + 1 to 65535. Name must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + scheme: + description: + Scheme to use for connecting to the + host. Defaults to HTTP. + type: string + required: + - port + type: object + initialDelaySeconds: + description: + "Number of seconds after the container + has started before liveness probes are initiated. + More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" + format: int32 + type: integer + periodSeconds: + description: + How often (in seconds) to perform the probe. + Default to 10 seconds. Minimum value is 1. + format: int32 + type: integer + successThreshold: + description: + Minimum consecutive successes for the probe + to be considered successful after having failed. Defaults + to 1. Must be 1 for liveness and startup. Minimum + value is 1. + format: int32 + type: integer + tcpSocket: + description: + TCPSocket specifies an action involving + a TCP port. + properties: + host: + description: + "Optional: Host name to connect to, + defaults to the pod IP." + type: string + port: + anyOf: + - type: integer + - type: string + description: + Number or name of the port to access + on the container. Number must be in the range + 1 to 65535. Name must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + required: + - port + type: object + terminationGracePeriodSeconds: + description: + Optional duration in seconds the pod needs + to terminate gracefully upon probe failure. The grace + period is the duration in seconds after the processes + running in the pod are sent a termination signal and + the time when the processes are forcibly halted with + a kill signal. Set this value longer than the expected + cleanup time for your process. If this value is nil, + the pod's terminationGracePeriodSeconds will be used. + Otherwise, this value overrides the value provided + by the pod spec. Value must be non-negative integer. + The value zero indicates stop immediately via the + kill signal (no opportunity to shut down). This is + a beta field and requires enabling ProbeTerminationGracePeriod + feature gate. Minimum value is 1. spec.terminationGracePeriodSeconds + is used if unset. + format: int64 + type: integer + timeoutSeconds: + description: + "Number of seconds after which the probe + times out. Defaults to 1 second. Minimum value is + 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" + format: int32 + type: integer + type: object + stdin: + description: + Whether this container should allocate a buffer + for stdin in the container runtime. If this is not set, + reads from stdin in the container will always result in + EOF. Default is false. + type: boolean + stdinOnce: + description: + Whether the container runtime should close + the stdin channel after it has been opened by a single + attach. When stdin is true the stdin stream will remain + open across multiple attach sessions. If stdinOnce is + set to true, stdin is opened on container start, is empty + until the first client attaches to stdin, and then remains + open and accepts data until the client disconnects, at + which time stdin is closed and remains closed until the + container is restarted. If this flag is false, a container + processes that reads from stdin will never receive an + EOF. Default is false + type: boolean + terminationMessagePath: + description: + "Optional: Path at which the file to which + the container's termination message will be written is + mounted into the container's filesystem. Message written + is intended to be brief final status, such as an assertion + failure message. Will be truncated by the node if greater + than 4096 bytes. The total message length across all containers + will be limited to 12kb. Defaults to /dev/termination-log. + Cannot be updated." + type: string + terminationMessagePolicy: + description: + Indicate how the termination message should + be populated. File will use the contents of terminationMessagePath + to populate the container status message on both success + and failure. FallbackToLogsOnError will use the last chunk + of container log output if the termination message file + is empty and the container exited with an error. The log + output is limited to 2048 bytes or 80 lines, whichever + is smaller. Defaults to File. Cannot be updated. + type: string + tty: + description: + Whether this container should allocate a TTY + for itself, also requires 'stdin' to be true. Default + is false. + type: boolean + volumeDevices: + description: + volumeDevices is the list of block devices + to be used by the container. + items: + description: + volumeDevice describes a mapping of a raw + block device within a container. + properties: + devicePath: + description: + devicePath is the path inside of the + container that the device will be mapped to. + type: string + name: + description: + name must match the name of a persistentVolumeClaim + in the pod + type: string + required: + - devicePath + - name + type: object + type: array + volumeMounts: + description: + Pod volumes to mount into the container's filesystem. + Cannot be updated. + items: + description: + VolumeMount describes a mounting of a Volume + within a container. + properties: + mountPath: + description: + Path within the container at which the + volume should be mounted. Must not contain ':'. + type: string + mountPropagation: + description: + mountPropagation determines how mounts + are propagated from the host to container and the + other way around. When not set, MountPropagationNone + is used. This field is beta in 1.10. + type: string + name: + description: This must match the Name of a Volume. + type: string + readOnly: + description: + Mounted read-only if true, read-write + otherwise (false or unspecified). Defaults to false. + type: boolean + subPath: + description: + Path within the volume from which the + container's volume should be mounted. Defaults to + "" (volume's root). + type: string + subPathExpr: + description: + Expanded path within the volume from + which the container's volume should be mounted. + Behaves similarly to SubPath but environment variable + references $(VAR_NAME) are expanded using the container's + environment. Defaults to "" (volume's root). SubPathExpr + and SubPath are mutually exclusive. + type: string + required: + - mountPath + - name + type: object + type: array + workingDir: + description: + Container's working directory. If not specified, + the container runtime's default will be used, which might + be configured in the container image. Cannot be updated. + type: string + required: + - name + type: object + type: array + endpoint: + description: endpoint + type: string + idleTimeout: + description: terminate apparatus after idle for timeout in milliseconds + type: integer + required: + - containers + type: object + config: + additionalProperties: + type: string + description: config + type: object + configConfigMapName: + description: config configmap name + type: string + configSecretName: + description: config secret name + type: string + configTemplate: + additionalProperties: + type: string + description: config template + type: object + data: + additionalProperties: + type: string + description: data + type: object + dataConfigMapName: + description: data configmap name + type: string + dataSecretName: + description: data secret name + type: string + epoch: + description: change epoch to force an update + type: string + resources: + description: resources + items: + properties: + do: + type: string + preserveWhenDecoupled: + type: boolean + stringTemplate: + type: string + stringTemplates: + items: + type: string + type: array + template: + x-kubernetes-preserve-unknown-fields: true + templates: + items: + x-kubernetes-preserve-unknown-fields: true + type: array + when: + items: + type: string + type: array + type: object + type: array + result: + additionalProperties: + type: string + description: result + type: object + resultConfigMapName: + description: result configmap name + type: string + resultResources: + description: result resources + items: + properties: + do: + type: string + stringTemplate: + type: string + stringTemplates: + items: + type: string + type: array + template: + x-kubernetes-preserve-unknown-fields: true + templates: + items: + x-kubernetes-preserve-unknown-fields: true + type: array + type: object + type: array + resultSecretName: + description: result secret name + type: string + resultTemplate: + additionalProperties: + type: string + description: result template + type: object + resultVars: + description: result vars + items: + description: + Var represents a variable whose value will be sourced + from a field in a Kubernetes object. + properties: + fieldref: + description: + "FieldRef refers to the field of the object referred + to by ObjRef whose value will be extracted for use in replacing + $(FOO). If unspecified, this defaults to fieldPath: $defaultFieldPath" + properties: + fieldPath: + type: string + type: object + name: + description: + Value of identifier name e.g. FOO used in container + args, annotations Appears in pod template as $(FOO) + type: string + objref: + description: + ObjRef must refer to a Kubernetes resource under + the purview of this kustomization. ObjRef should use the raw + name of the object (the name specified in its YAML, before + addition of a namePrefix and a nameSuffix). + properties: + apiVersion: + type: string + group: + type: string + kind: + type: string + name: + type: string + namespace: + type: string + version: + type: string + required: + - name + type: object + required: + - name + - objref + type: object + type: array + serviceAccountName: + description: + "ServiceAccountName is the name of the ServiceAccount + to use to run integrations. More info: https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/" + type: string + socket: + description: socket + properties: + name: + description: name + type: string + namespace: + description: namespace + type: string + required: + - name + type: object + vars: + description: vars + items: + description: + Var represents a variable whose value will be sourced + from a field in a Kubernetes object. + properties: + fieldref: + description: + "FieldRef refers to the field of the object referred + to by ObjRef whose value will be extracted for use in replacing + $(FOO). If unspecified, this defaults to fieldPath: $defaultFieldPath" + properties: + fieldPath: + type: string + type: object + name: + description: + Value of identifier name e.g. FOO used in container + args, annotations Appears in pod template as $(FOO) + type: string + objref: + description: + ObjRef must refer to a Kubernetes resource under + the purview of this kustomization. ObjRef should use the raw + name of the object (the name specified in its YAML, before + addition of a namePrefix and a nameSuffix). + properties: + apiVersion: + type: string + group: + type: string + kind: + type: string + name: + type: string + namespace: + type: string + version: + type: string + required: + - name + type: object + required: + - name + - objref + type: object + type: array + type: object + status: + description: PlugStatus defines the observed state of Plug + properties: + conditions: + description: + Conditions represent the latest available observations + of an object's state + items: + description: + "Condition contains details for one aspect of the current + state of this API Resource. --- This struct is intended for direct + use as an array at the field path .status.conditions. For example, + \n type FooStatus struct{ // Represents the observations of a + foo's current state. // Known .status.conditions.type are: \"Available\", + \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge + // +listType=map // +listMapKey=type Conditions []metav1.Condition + `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" + protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" + properties: + lastTransitionTime: + description: + lastTransitionTime is the last time the condition + transitioned from one status to another. This should be when + the underlying condition changed. If that is not known, then + using the time when the API field changed is acceptable. + format: date-time + type: string + message: + description: + message is a human readable message indicating + details about the transition. This may be an empty string. + maxLength: 32768 + type: string + observedGeneration: + description: + observedGeneration represents the .metadata.generation + that the condition was set based upon. For instance, if .metadata.generation + is currently 12, but the .status.conditions[x].observedGeneration + is 9, the condition is out of date with respect to the current + state of the instance. + format: int64 + minimum: 0 + type: integer + reason: + description: + reason contains a programmatic identifier indicating + the reason for the condition's last transition. Producers + of specific condition types may define expected values and + meanings for this field, and whether the values are considered + a guaranteed API. The value should be a CamelCase string. + This field may not be empty. + maxLength: 1024 + minLength: 1 + pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ + type: string + status: + description: status of the condition, one of True, False, Unknown. + enum: + - "True" + - "False" + - Unknown + type: string + type: + description: + type of condition in CamelCase or in foo.example.com/CamelCase. + --- Many .condition.type values are consistent across resources + like Available, but because arbitrary conditions can be useful + (see .node.status.conditions), the ability to deconflict is + important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + maxLength: 316 + pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ + type: string + required: + - lastTransitionTime + - message + - reason + - status + - type + type: object + type: array + coupledResult: + description: coupled result + properties: + observedGeneration: + description: observed generation + format: int64 + type: integer + plug: + additionalProperties: + type: string + description: plug result + type: object + socket: + additionalProperties: + type: string + description: socket result + type: object + type: object + coupledSocket: + description: socket coupled to plug + properties: + apiVersion: + description: API version of the socket + type: string + kind: + description: Kind of the socket + type: string + name: + description: Name of the socket + type: string + namespace: + description: Namespace of the socket + type: string + uid: + description: UID of the socket + type: string + type: object + type: object + type: object + served: true + storage: true + subresources: + status: {} diff --git a/operators/integration-operator/1.0.0/manifests/integration.rock8s.com_sockets.yaml b/operators/integration-operator/1.0.0/manifests/integration.rock8s.com_sockets.yaml new file mode 100644 index 00000000000..bae596227a7 --- /dev/null +++ b/operators/integration-operator/1.0.0/manifests/integration.rock8s.com_sockets.yaml @@ -0,0 +1,1877 @@ +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.11.1 + creationTimestamp: null + name: sockets.integration.rock8s.com +spec: + group: integration.rock8s.com + names: + kind: Socket + listKind: SocketList + plural: sockets + singular: socket + scope: Namespaced + versions: + - name: v1beta1 + schema: + openAPIV3Schema: + description: Socket is the Schema for the sockets API + properties: + apiVersion: + description: + "APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" + type: string + kind: + description: + "Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + type: string + metadata: + type: object + spec: + description: SocketSpec defines the desired state of Socket + properties: + apparatus: + description: apparatus + properties: + containers: + description: + List of containers belonging to the apparatus. Containers + cannot currently be added or removed. There must be at least + one container in an apparatus. Cannot be updated. + items: + description: + A single application container that you want to + run within a pod. + properties: + args: + description: + 'Arguments to the entrypoint. The container + image''s CMD is used if this is not provided. Variable + references $(VAR_NAME) are expanded using the container''s + environment. If a variable cannot be resolved, the reference + in the input string will be unchanged. Double $$ are reduced + to a single $, which allows for escaping the $(VAR_NAME) + syntax: i.e. "$$(VAR_NAME)" will produce the string literal + "$(VAR_NAME)". Escaped references will never be expanded, + regardless of whether the variable exists or not. Cannot + be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell' + items: + type: string + type: array + command: + description: + 'Entrypoint array. Not executed within a shell. + The container image''s ENTRYPOINT is used if this is not + provided. Variable references $(VAR_NAME) are expanded + using the container''s environment. If a variable cannot + be resolved, the reference in the input string will be + unchanged. Double $$ are reduced to a single $, which + allows for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" + will produce the string literal "$(VAR_NAME)". Escaped + references will never be expanded, regardless of whether + the variable exists or not. Cannot be updated. More info: + https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell' + items: + type: string + type: array + env: + description: + List of environment variables to set in the + container. Cannot be updated. + items: + description: + EnvVar represents an environment variable + present in a Container. + properties: + name: + description: + Name of the environment variable. Must + be a C_IDENTIFIER. + type: string + value: + description: + 'Variable references $(VAR_NAME) are + expanded using the previously defined environment + variables in the container and any service environment + variables. If a variable cannot be resolved, the + reference in the input string will be unchanged. + Double $$ are reduced to a single $, which allows + for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" + will produce the string literal "$(VAR_NAME)". Escaped + references will never be expanded, regardless of + whether the variable exists or not. Defaults to + "".' + type: string + valueFrom: + description: + Source for the environment variable's + value. Cannot be used if value is not empty. + properties: + configMapKeyRef: + description: Selects a key of a ConfigMap. + properties: + key: + description: The key to select. + type: string + name: + description: + "Name of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?" + type: string + optional: + description: + Specify whether the ConfigMap + or its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + fieldRef: + description: + "Selects a field of the pod: supports + metadata.name, metadata.namespace, `metadata.labels['']`, + `metadata.annotations['']`, spec.nodeName, + spec.serviceAccountName, status.hostIP, status.podIP, + status.podIPs." + properties: + apiVersion: + description: + Version of the schema the FieldPath + is written in terms of, defaults to "v1". + type: string + fieldPath: + description: + Path of the field to select in + the specified API version. + type: string + required: + - fieldPath + type: object + x-kubernetes-map-type: atomic + resourceFieldRef: + description: + "Selects a resource of the container: + only resources limits and requests (limits.cpu, + limits.memory, limits.ephemeral-storage, requests.cpu, + requests.memory and requests.ephemeral-storage) + are currently supported." + properties: + containerName: + description: + "Container name: required for + volumes, optional for env vars" + type: string + divisor: + anyOf: + - type: integer + - type: string + description: + Specifies the output format of + the exposed resources, defaults to "1" + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + resource: + description: "Required: resource to select" + type: string + required: + - resource + type: object + x-kubernetes-map-type: atomic + secretKeyRef: + description: + Selects a key of a secret in the + pod's namespace + properties: + key: + description: + The key of the secret to select + from. Must be a valid secret key. + type: string + name: + description: + "Name of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?" + type: string + optional: + description: + Specify whether the Secret or + its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + required: + - name + type: object + type: array + envFrom: + description: + List of sources to populate environment variables + in the container. The keys defined within a source must + be a C_IDENTIFIER. All invalid keys will be reported as + an event when the container is starting. When a key exists + in multiple sources, the value associated with the last + source will take precedence. Values defined by an Env + with a duplicate key will take precedence. Cannot be updated. + items: + description: + EnvFromSource represents the source of a + set of ConfigMaps + properties: + configMapRef: + description: The ConfigMap to select from + properties: + name: + description: + "Name of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, + uid?" + type: string + optional: + description: + Specify whether the ConfigMap must + be defined + type: boolean + type: object + x-kubernetes-map-type: atomic + prefix: + description: + An optional identifier to prepend to + each key in the ConfigMap. Must be a C_IDENTIFIER. + type: string + secretRef: + description: The Secret to select from + properties: + name: + description: + "Name of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, + uid?" + type: string + optional: + description: + Specify whether the Secret must be + defined + type: boolean + type: object + x-kubernetes-map-type: atomic + type: object + type: array + image: + description: + "Container image name. More info: https://kubernetes.io/docs/concepts/containers/images + This field is optional to allow higher level config management + to default or override container images in workload controllers + like Deployments and StatefulSets." + type: string + imagePullPolicy: + description: + "Image pull policy. One of Always, Never, IfNotPresent. + Defaults to Always if :latest tag is specified, or IfNotPresent + otherwise. Cannot be updated. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images" + type: string + lifecycle: + description: + Actions that the management system should take + in response to container lifecycle events. Cannot be updated. + properties: + postStart: + description: + "PostStart is called immediately after + a container is created. If the handler fails, the + container is terminated and restarted according to + its restart policy. Other management of the container + blocks until the hook completes. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks" + properties: + exec: + description: Exec specifies the action to take. + properties: + command: + description: + Command is the command line to + execute inside the container, the working + directory for the command is root ('/') in + the container's filesystem. The command is + simply exec'd, it is not run inside a shell, + so traditional shell instructions ('|', etc) + won't work. To use a shell, you need to explicitly + call out to that shell. Exit status of 0 is + treated as live/healthy and non-zero is unhealthy. + items: + type: string + type: array + type: object + httpGet: + description: + HTTPGet specifies the http request + to perform. + properties: + host: + description: + Host name to connect to, defaults + to the pod IP. You probably want to set "Host" + in httpHeaders instead. + type: string + httpHeaders: + description: + Custom headers to set in the request. + HTTP allows repeated headers. + items: + description: + HTTPHeader describes a custom + header to be used in HTTP probes + properties: + name: + description: The header field name + type: string + value: + description: The header field value + type: string + required: + - name + - value + type: object + type: array + path: + description: Path to access on the HTTP server. + type: string + port: + anyOf: + - type: integer + - type: string + description: + Name or number of the port to access + on the container. Number must be in the range + 1 to 65535. Name must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + scheme: + description: + Scheme to use for connecting to + the host. Defaults to HTTP. + type: string + required: + - port + type: object + tcpSocket: + description: + Deprecated. TCPSocket is NOT supported + as a LifecycleHandler and kept for the backward + compatibility. There are no validation of this + field and lifecycle hooks will fail in runtime + when tcp handler is specified. + properties: + host: + description: + "Optional: Host name to connect + to, defaults to the pod IP." + type: string + port: + anyOf: + - type: integer + - type: string + description: + Number or name of the port to access + on the container. Number must be in the range + 1 to 65535. Name must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + required: + - port + type: object + type: object + preStop: + description: + "PreStop is called immediately before a + container is terminated due to an API request or management + event such as liveness/startup probe failure, preemption, + resource contention, etc. The handler is not called + if the container crashes or exits. The Pod's termination + grace period countdown begins before the PreStop hook + is executed. Regardless of the outcome of the handler, + the container will eventually terminate within the + Pod's termination grace period (unless delayed by + finalizers). Other management of the container blocks + until the hook completes or until the termination + grace period is reached. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks" + properties: + exec: + description: Exec specifies the action to take. + properties: + command: + description: + Command is the command line to + execute inside the container, the working + directory for the command is root ('/') in + the container's filesystem. The command is + simply exec'd, it is not run inside a shell, + so traditional shell instructions ('|', etc) + won't work. To use a shell, you need to explicitly + call out to that shell. Exit status of 0 is + treated as live/healthy and non-zero is unhealthy. + items: + type: string + type: array + type: object + httpGet: + description: + HTTPGet specifies the http request + to perform. + properties: + host: + description: + Host name to connect to, defaults + to the pod IP. You probably want to set "Host" + in httpHeaders instead. + type: string + httpHeaders: + description: + Custom headers to set in the request. + HTTP allows repeated headers. + items: + description: + HTTPHeader describes a custom + header to be used in HTTP probes + properties: + name: + description: The header field name + type: string + value: + description: The header field value + type: string + required: + - name + - value + type: object + type: array + path: + description: Path to access on the HTTP server. + type: string + port: + anyOf: + - type: integer + - type: string + description: + Name or number of the port to access + on the container. Number must be in the range + 1 to 65535. Name must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + scheme: + description: + Scheme to use for connecting to + the host. Defaults to HTTP. + type: string + required: + - port + type: object + tcpSocket: + description: + Deprecated. TCPSocket is NOT supported + as a LifecycleHandler and kept for the backward + compatibility. There are no validation of this + field and lifecycle hooks will fail in runtime + when tcp handler is specified. + properties: + host: + description: + "Optional: Host name to connect + to, defaults to the pod IP." + type: string + port: + anyOf: + - type: integer + - type: string + description: + Number or name of the port to access + on the container. Number must be in the range + 1 to 65535. Name must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + required: + - port + type: object + type: object + type: object + livenessProbe: + description: + "Periodic probe of container liveness. Container + will be restarted if the probe fails. Cannot be updated. + More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" + properties: + exec: + description: Exec specifies the action to take. + properties: + command: + description: + Command is the command line to execute + inside the container, the working directory for + the command is root ('/') in the container's + filesystem. The command is simply exec'd, it is + not run inside a shell, so traditional shell instructions + ('|', etc) won't work. To use a shell, you need + to explicitly call out to that shell. Exit status + of 0 is treated as live/healthy and non-zero is + unhealthy. + items: + type: string + type: array + type: object + failureThreshold: + description: + Minimum consecutive failures for the probe + to be considered failed after having succeeded. Defaults + to 3. Minimum value is 1. + format: int32 + type: integer + grpc: + description: + GRPC specifies an action involving a GRPC + port. This is a beta field and requires enabling GRPCContainerProbe + feature gate. + properties: + port: + description: + Port number of the gRPC service. Number + must be in the range 1 to 65535. + format: int32 + type: integer + service: + description: + "Service is the name of the service + to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). + \n If this is not specified, the default behavior + is defined by gRPC." + type: string + required: + - port + type: object + httpGet: + description: HTTPGet specifies the http request to perform. + properties: + host: + description: + Host name to connect to, defaults to + the pod IP. You probably want to set "Host" in + httpHeaders instead. + type: string + httpHeaders: + description: + Custom headers to set in the request. + HTTP allows repeated headers. + items: + description: + HTTPHeader describes a custom header + to be used in HTTP probes + properties: + name: + description: The header field name + type: string + value: + description: The header field value + type: string + required: + - name + - value + type: object + type: array + path: + description: Path to access on the HTTP server. + type: string + port: + anyOf: + - type: integer + - type: string + description: + Name or number of the port to access + on the container. Number must be in the range + 1 to 65535. Name must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + scheme: + description: + Scheme to use for connecting to the + host. Defaults to HTTP. + type: string + required: + - port + type: object + initialDelaySeconds: + description: + "Number of seconds after the container + has started before liveness probes are initiated. + More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" + format: int32 + type: integer + periodSeconds: + description: + How often (in seconds) to perform the probe. + Default to 10 seconds. Minimum value is 1. + format: int32 + type: integer + successThreshold: + description: + Minimum consecutive successes for the probe + to be considered successful after having failed. Defaults + to 1. Must be 1 for liveness and startup. Minimum + value is 1. + format: int32 + type: integer + tcpSocket: + description: + TCPSocket specifies an action involving + a TCP port. + properties: + host: + description: + "Optional: Host name to connect to, + defaults to the pod IP." + type: string + port: + anyOf: + - type: integer + - type: string + description: + Number or name of the port to access + on the container. Number must be in the range + 1 to 65535. Name must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + required: + - port + type: object + terminationGracePeriodSeconds: + description: + Optional duration in seconds the pod needs + to terminate gracefully upon probe failure. The grace + period is the duration in seconds after the processes + running in the pod are sent a termination signal and + the time when the processes are forcibly halted with + a kill signal. Set this value longer than the expected + cleanup time for your process. If this value is nil, + the pod's terminationGracePeriodSeconds will be used. + Otherwise, this value overrides the value provided + by the pod spec. Value must be non-negative integer. + The value zero indicates stop immediately via the + kill signal (no opportunity to shut down). This is + a beta field and requires enabling ProbeTerminationGracePeriod + feature gate. Minimum value is 1. spec.terminationGracePeriodSeconds + is used if unset. + format: int64 + type: integer + timeoutSeconds: + description: + "Number of seconds after which the probe + times out. Defaults to 1 second. Minimum value is + 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" + format: int32 + type: integer + type: object + name: + description: + Name of the container specified as a DNS_LABEL. + Each container in a pod must have a unique name (DNS_LABEL). + Cannot be updated. + type: string + ports: + description: + List of ports to expose from the container. + Not specifying a port here DOES NOT prevent that port + from being exposed. Any port which is listening on the + default "0.0.0.0" address inside a container will be accessible + from the network. Modifying this array with strategic + merge patch may corrupt the data. For more information + See https://github.com/kubernetes/kubernetes/issues/108255. + Cannot be updated. + items: + description: + ContainerPort represents a network port in + a single container. + properties: + containerPort: + description: + Number of port to expose on the pod's + IP address. This must be a valid port number, 0 + < x < 65536. + format: int32 + type: integer + hostIP: + description: + What host IP to bind the external port + to. + type: string + hostPort: + description: + Number of port to expose on the host. + If specified, this must be a valid port number, + 0 < x < 65536. If HostNetwork is specified, this + must match ContainerPort. Most containers do not + need this. + format: int32 + type: integer + name: + description: + If specified, this must be an IANA_SVC_NAME + and unique within the pod. Each named port in a + pod must have a unique name. Name for the port that + can be referred to by services. + type: string + protocol: + default: TCP + description: + Protocol for port. Must be UDP, TCP, + or SCTP. Defaults to "TCP". + type: string + required: + - containerPort + type: object + type: array + x-kubernetes-list-map-keys: + - containerPort + - protocol + x-kubernetes-list-type: map + readinessProbe: + description: + "Periodic probe of container service readiness. + Container will be removed from service endpoints if the + probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" + properties: + exec: + description: Exec specifies the action to take. + properties: + command: + description: + Command is the command line to execute + inside the container, the working directory for + the command is root ('/') in the container's + filesystem. The command is simply exec'd, it is + not run inside a shell, so traditional shell instructions + ('|', etc) won't work. To use a shell, you need + to explicitly call out to that shell. Exit status + of 0 is treated as live/healthy and non-zero is + unhealthy. + items: + type: string + type: array + type: object + failureThreshold: + description: + Minimum consecutive failures for the probe + to be considered failed after having succeeded. Defaults + to 3. Minimum value is 1. + format: int32 + type: integer + grpc: + description: + GRPC specifies an action involving a GRPC + port. This is a beta field and requires enabling GRPCContainerProbe + feature gate. + properties: + port: + description: + Port number of the gRPC service. Number + must be in the range 1 to 65535. + format: int32 + type: integer + service: + description: + "Service is the name of the service + to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). + \n If this is not specified, the default behavior + is defined by gRPC." + type: string + required: + - port + type: object + httpGet: + description: HTTPGet specifies the http request to perform. + properties: + host: + description: + Host name to connect to, defaults to + the pod IP. You probably want to set "Host" in + httpHeaders instead. + type: string + httpHeaders: + description: + Custom headers to set in the request. + HTTP allows repeated headers. + items: + description: + HTTPHeader describes a custom header + to be used in HTTP probes + properties: + name: + description: The header field name + type: string + value: + description: The header field value + type: string + required: + - name + - value + type: object + type: array + path: + description: Path to access on the HTTP server. + type: string + port: + anyOf: + - type: integer + - type: string + description: + Name or number of the port to access + on the container. Number must be in the range + 1 to 65535. Name must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + scheme: + description: + Scheme to use for connecting to the + host. Defaults to HTTP. + type: string + required: + - port + type: object + initialDelaySeconds: + description: + "Number of seconds after the container + has started before liveness probes are initiated. + More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" + format: int32 + type: integer + periodSeconds: + description: + How often (in seconds) to perform the probe. + Default to 10 seconds. Minimum value is 1. + format: int32 + type: integer + successThreshold: + description: + Minimum consecutive successes for the probe + to be considered successful after having failed. Defaults + to 1. Must be 1 for liveness and startup. Minimum + value is 1. + format: int32 + type: integer + tcpSocket: + description: + TCPSocket specifies an action involving + a TCP port. + properties: + host: + description: + "Optional: Host name to connect to, + defaults to the pod IP." + type: string + port: + anyOf: + - type: integer + - type: string + description: + Number or name of the port to access + on the container. Number must be in the range + 1 to 65535. Name must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + required: + - port + type: object + terminationGracePeriodSeconds: + description: + Optional duration in seconds the pod needs + to terminate gracefully upon probe failure. The grace + period is the duration in seconds after the processes + running in the pod are sent a termination signal and + the time when the processes are forcibly halted with + a kill signal. Set this value longer than the expected + cleanup time for your process. If this value is nil, + the pod's terminationGracePeriodSeconds will be used. + Otherwise, this value overrides the value provided + by the pod spec. Value must be non-negative integer. + The value zero indicates stop immediately via the + kill signal (no opportunity to shut down). This is + a beta field and requires enabling ProbeTerminationGracePeriod + feature gate. Minimum value is 1. spec.terminationGracePeriodSeconds + is used if unset. + format: int64 + type: integer + timeoutSeconds: + description: + "Number of seconds after which the probe + times out. Defaults to 1 second. Minimum value is + 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" + format: int32 + type: integer + type: object + resources: + description: + "Compute Resources required by this container. + Cannot be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" + properties: + claims: + description: + "Claims lists the names of resources, defined + in spec.resourceClaims, that are used by this container. + \n This is an alpha field and requires enabling the + DynamicResourceAllocation feature gate. \n This field + is immutable." + items: + description: + ResourceClaim references one entry in + PodSpec.ResourceClaims. + properties: + name: + description: + Name must match the name of one entry + in pod.spec.resourceClaims of the Pod where + this field is used. It makes that resource available + inside a container. + type: string + required: + - name + type: object + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: + "Limits describes the maximum amount of + compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: + "Requests describes the minimum amount + of compute resources required. If Requests is omitted + for a container, it defaults to Limits if that is + explicitly specified, otherwise to an implementation-defined + value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" + type: object + type: object + securityContext: + description: + "SecurityContext defines the security options + the container should be run with. If set, the fields of + SecurityContext override the equivalent fields of PodSecurityContext. + More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/" + properties: + allowPrivilegeEscalation: + description: + "AllowPrivilegeEscalation controls whether + a process can gain more privileges than its parent + process. This bool directly controls if the no_new_privs + flag will be set on the container process. AllowPrivilegeEscalation + is true always when the container is: 1) run as Privileged + 2) has CAP_SYS_ADMIN Note that this field cannot be + set when spec.os.name is windows." + type: boolean + capabilities: + description: + The capabilities to add/drop when running + containers. Defaults to the default set of capabilities + granted by the container runtime. Note that this field + cannot be set when spec.os.name is windows. + properties: + add: + description: Added capabilities + items: + description: + Capability represent POSIX capabilities + type + type: string + type: array + drop: + description: Removed capabilities + items: + description: + Capability represent POSIX capabilities + type + type: string + type: array + type: object + privileged: + description: + Run container in privileged mode. Processes + in privileged containers are essentially equivalent + to root on the host. Defaults to false. Note that + this field cannot be set when spec.os.name is windows. + type: boolean + procMount: + description: + procMount denotes the type of proc mount + to use for the containers. The default is DefaultProcMount + which uses the container runtime defaults for readonly + paths and masked paths. This requires the ProcMountType + feature flag to be enabled. Note that this field cannot + be set when spec.os.name is windows. + type: string + readOnlyRootFilesystem: + description: + Whether this container has a read-only + root filesystem. Default is false. Note that this + field cannot be set when spec.os.name is windows. + type: boolean + runAsGroup: + description: + The GID to run the entrypoint of the container + process. Uses runtime default if unset. May also be + set in PodSecurityContext. If set in both SecurityContext + and PodSecurityContext, the value specified in SecurityContext + takes precedence. Note that this field cannot be set + when spec.os.name is windows. + format: int64 + type: integer + runAsNonRoot: + description: + Indicates that the container must run as + a non-root user. If true, the Kubelet will validate + the image at runtime to ensure that it does not run + as UID 0 (root) and fail to start the container if + it does. If unset or false, no such validation will + be performed. May also be set in PodSecurityContext. If + set in both SecurityContext and PodSecurityContext, + the value specified in SecurityContext takes precedence. + type: boolean + runAsUser: + description: + The UID to run the entrypoint of the container + process. Defaults to user specified in image metadata + if unspecified. May also be set in PodSecurityContext. If + set in both SecurityContext and PodSecurityContext, + the value specified in SecurityContext takes precedence. + Note that this field cannot be set when spec.os.name + is windows. + format: int64 + type: integer + seLinuxOptions: + description: + The SELinux context to be applied to the + container. If unspecified, the container runtime will + allocate a random SELinux context for each container. May + also be set in PodSecurityContext. If set in both + SecurityContext and PodSecurityContext, the value + specified in SecurityContext takes precedence. Note + that this field cannot be set when spec.os.name is + windows. + properties: + level: + description: + Level is SELinux level label that applies + to the container. + type: string + role: + description: + Role is a SELinux role label that applies + to the container. + type: string + type: + description: + Type is a SELinux type label that applies + to the container. + type: string + user: + description: + User is a SELinux user label that applies + to the container. + type: string + type: object + seccompProfile: + description: + The seccomp options to use by this container. + If seccomp options are provided at both the pod & + container level, the container options override the + pod options. Note that this field cannot be set when + spec.os.name is windows. + properties: + localhostProfile: + description: + localhostProfile indicates a profile + defined in a file on the node should be used. + The profile must be preconfigured on the node + to work. Must be a descending path, relative to + the kubelet's configured seccomp profile location. + Must only be set if type is "Localhost". + type: string + type: + description: + "type indicates which kind of seccomp + profile will be applied. Valid options are: \n + Localhost - a profile defined in a file on the + node should be used. RuntimeDefault - the container + runtime default profile should be used. Unconfined + - no profile should be applied." + type: string + required: + - type + type: object + windowsOptions: + description: + The Windows specific settings applied to + all containers. If unspecified, the options from the + PodSecurityContext will be used. If set in both SecurityContext + and PodSecurityContext, the value specified in SecurityContext + takes precedence. Note that this field cannot be set + when spec.os.name is linux. + properties: + gmsaCredentialSpec: + description: + GMSACredentialSpec is where the GMSA + admission webhook (https://github.com/kubernetes-sigs/windows-gmsa) + inlines the contents of the GMSA credential spec + named by the GMSACredentialSpecName field. + type: string + gmsaCredentialSpecName: + description: + GMSACredentialSpecName is the name + of the GMSA credential spec to use. + type: string + hostProcess: + description: + HostProcess determines if a container + should be run as a 'Host Process' container. This + field is alpha-level and will only be honored + by components that enable the WindowsHostProcessContainers + feature flag. Setting this field without the feature + flag will result in errors when validating the + Pod. All of a Pod's containers must have the same + effective HostProcess value (it is not allowed + to have a mix of HostProcess containers and non-HostProcess + containers). In addition, if HostProcess is true + then HostNetwork must also be set to true. + type: boolean + runAsUserName: + description: + The UserName in Windows to run the + entrypoint of the container process. Defaults + to the user specified in image metadata if unspecified. + May also be set in PodSecurityContext. If set + in both SecurityContext and PodSecurityContext, + the value specified in SecurityContext takes precedence. + type: string + type: object + type: object + startupProbe: + description: + "StartupProbe indicates that the Pod has successfully + initialized. If specified, no other probes are executed + until this completes successfully. If this probe fails, + the Pod will be restarted, just as if the livenessProbe + failed. This can be used to provide different probe parameters + at the beginning of a Pod's lifecycle, when it might + take a long time to load data or warm a cache, than during + steady-state operation. This cannot be updated. More info: + https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" + properties: + exec: + description: Exec specifies the action to take. + properties: + command: + description: + Command is the command line to execute + inside the container, the working directory for + the command is root ('/') in the container's + filesystem. The command is simply exec'd, it is + not run inside a shell, so traditional shell instructions + ('|', etc) won't work. To use a shell, you need + to explicitly call out to that shell. Exit status + of 0 is treated as live/healthy and non-zero is + unhealthy. + items: + type: string + type: array + type: object + failureThreshold: + description: + Minimum consecutive failures for the probe + to be considered failed after having succeeded. Defaults + to 3. Minimum value is 1. + format: int32 + type: integer + grpc: + description: + GRPC specifies an action involving a GRPC + port. This is a beta field and requires enabling GRPCContainerProbe + feature gate. + properties: + port: + description: + Port number of the gRPC service. Number + must be in the range 1 to 65535. + format: int32 + type: integer + service: + description: + "Service is the name of the service + to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). + \n If this is not specified, the default behavior + is defined by gRPC." + type: string + required: + - port + type: object + httpGet: + description: HTTPGet specifies the http request to perform. + properties: + host: + description: + Host name to connect to, defaults to + the pod IP. You probably want to set "Host" in + httpHeaders instead. + type: string + httpHeaders: + description: + Custom headers to set in the request. + HTTP allows repeated headers. + items: + description: + HTTPHeader describes a custom header + to be used in HTTP probes + properties: + name: + description: The header field name + type: string + value: + description: The header field value + type: string + required: + - name + - value + type: object + type: array + path: + description: Path to access on the HTTP server. + type: string + port: + anyOf: + - type: integer + - type: string + description: + Name or number of the port to access + on the container. Number must be in the range + 1 to 65535. Name must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + scheme: + description: + Scheme to use for connecting to the + host. Defaults to HTTP. + type: string + required: + - port + type: object + initialDelaySeconds: + description: + "Number of seconds after the container + has started before liveness probes are initiated. + More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" + format: int32 + type: integer + periodSeconds: + description: + How often (in seconds) to perform the probe. + Default to 10 seconds. Minimum value is 1. + format: int32 + type: integer + successThreshold: + description: + Minimum consecutive successes for the probe + to be considered successful after having failed. Defaults + to 1. Must be 1 for liveness and startup. Minimum + value is 1. + format: int32 + type: integer + tcpSocket: + description: + TCPSocket specifies an action involving + a TCP port. + properties: + host: + description: + "Optional: Host name to connect to, + defaults to the pod IP." + type: string + port: + anyOf: + - type: integer + - type: string + description: + Number or name of the port to access + on the container. Number must be in the range + 1 to 65535. Name must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + required: + - port + type: object + terminationGracePeriodSeconds: + description: + Optional duration in seconds the pod needs + to terminate gracefully upon probe failure. The grace + period is the duration in seconds after the processes + running in the pod are sent a termination signal and + the time when the processes are forcibly halted with + a kill signal. Set this value longer than the expected + cleanup time for your process. If this value is nil, + the pod's terminationGracePeriodSeconds will be used. + Otherwise, this value overrides the value provided + by the pod spec. Value must be non-negative integer. + The value zero indicates stop immediately via the + kill signal (no opportunity to shut down). This is + a beta field and requires enabling ProbeTerminationGracePeriod + feature gate. Minimum value is 1. spec.terminationGracePeriodSeconds + is used if unset. + format: int64 + type: integer + timeoutSeconds: + description: + "Number of seconds after which the probe + times out. Defaults to 1 second. Minimum value is + 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" + format: int32 + type: integer + type: object + stdin: + description: + Whether this container should allocate a buffer + for stdin in the container runtime. If this is not set, + reads from stdin in the container will always result in + EOF. Default is false. + type: boolean + stdinOnce: + description: + Whether the container runtime should close + the stdin channel after it has been opened by a single + attach. When stdin is true the stdin stream will remain + open across multiple attach sessions. If stdinOnce is + set to true, stdin is opened on container start, is empty + until the first client attaches to stdin, and then remains + open and accepts data until the client disconnects, at + which time stdin is closed and remains closed until the + container is restarted. If this flag is false, a container + processes that reads from stdin will never receive an + EOF. Default is false + type: boolean + terminationMessagePath: + description: + "Optional: Path at which the file to which + the container's termination message will be written is + mounted into the container's filesystem. Message written + is intended to be brief final status, such as an assertion + failure message. Will be truncated by the node if greater + than 4096 bytes. The total message length across all containers + will be limited to 12kb. Defaults to /dev/termination-log. + Cannot be updated." + type: string + terminationMessagePolicy: + description: + Indicate how the termination message should + be populated. File will use the contents of terminationMessagePath + to populate the container status message on both success + and failure. FallbackToLogsOnError will use the last chunk + of container log output if the termination message file + is empty and the container exited with an error. The log + output is limited to 2048 bytes or 80 lines, whichever + is smaller. Defaults to File. Cannot be updated. + type: string + tty: + description: + Whether this container should allocate a TTY + for itself, also requires 'stdin' to be true. Default + is false. + type: boolean + volumeDevices: + description: + volumeDevices is the list of block devices + to be used by the container. + items: + description: + volumeDevice describes a mapping of a raw + block device within a container. + properties: + devicePath: + description: + devicePath is the path inside of the + container that the device will be mapped to. + type: string + name: + description: + name must match the name of a persistentVolumeClaim + in the pod + type: string + required: + - devicePath + - name + type: object + type: array + volumeMounts: + description: + Pod volumes to mount into the container's filesystem. + Cannot be updated. + items: + description: + VolumeMount describes a mounting of a Volume + within a container. + properties: + mountPath: + description: + Path within the container at which the + volume should be mounted. Must not contain ':'. + type: string + mountPropagation: + description: + mountPropagation determines how mounts + are propagated from the host to container and the + other way around. When not set, MountPropagationNone + is used. This field is beta in 1.10. + type: string + name: + description: This must match the Name of a Volume. + type: string + readOnly: + description: + Mounted read-only if true, read-write + otherwise (false or unspecified). Defaults to false. + type: boolean + subPath: + description: + Path within the volume from which the + container's volume should be mounted. Defaults to + "" (volume's root). + type: string + subPathExpr: + description: + Expanded path within the volume from + which the container's volume should be mounted. + Behaves similarly to SubPath but environment variable + references $(VAR_NAME) are expanded using the container's + environment. Defaults to "" (volume's root). SubPathExpr + and SubPath are mutually exclusive. + type: string + required: + - mountPath + - name + type: object + type: array + workingDir: + description: + Container's working directory. If not specified, + the container runtime's default will be used, which might + be configured in the container image. Cannot be updated. + type: string + required: + - name + type: object + type: array + endpoint: + description: endpoint + type: string + idleTimeout: + description: terminate apparatus after idle for timeout in milliseconds + type: integer + required: + - containers + type: object + config: + additionalProperties: + type: string + description: config + type: object + configConfigMapName: + description: config configmap name + type: string + configSecretName: + description: config secret name + type: string + configTemplate: + additionalProperties: + type: string + description: config template + type: object + data: + additionalProperties: + type: string + description: data + type: object + dataConfigMapName: + description: data configmap name + type: string + dataSecretName: + description: data secret name + type: string + epoch: + description: change epoch to force an update + type: string + interface: + description: interface + properties: + config: + description: config interface + properties: + plug: + additionalProperties: + properties: + default: + type: string + description: + type: string + required: + type: boolean + type: object + description: plug config properties + type: object + socket: + additionalProperties: + properties: + default: + type: string + description: + type: string + required: + type: boolean + type: object + description: socket config properties + type: object + type: object + result: + description: result interface + properties: + plug: + additionalProperties: + properties: + default: + type: string + description: + type: string + required: + type: boolean + type: object + description: plug result properties + type: object + socket: + additionalProperties: + properties: + default: + type: string + description: + type: string + required: + type: boolean + type: object + description: socket result properties + type: object + type: object + type: object + limit: + description: limit + format: int32 + type: integer + resources: + description: resources + items: + properties: + do: + type: string + preserveWhenDecoupled: + type: boolean + stringTemplate: + type: string + stringTemplates: + items: + type: string + type: array + template: + x-kubernetes-preserve-unknown-fields: true + templates: + items: + x-kubernetes-preserve-unknown-fields: true + type: array + when: + items: + type: string + type: array + type: object + type: array + result: + additionalProperties: + type: string + description: result + type: object + resultConfigMapName: + description: result configmap name + type: string + resultResources: + description: result resources + items: + properties: + do: + type: string + stringTemplate: + type: string + stringTemplates: + items: + type: string + type: array + template: + x-kubernetes-preserve-unknown-fields: true + templates: + items: + x-kubernetes-preserve-unknown-fields: true + type: array + type: object + type: array + resultSecretName: + description: result secret name + type: string + resultTemplate: + additionalProperties: + type: string + description: result template + type: object + resultVars: + description: result vars + items: + description: + Var represents a variable whose value will be sourced + from a field in a Kubernetes object. + properties: + fieldref: + description: + "FieldRef refers to the field of the object referred + to by ObjRef whose value will be extracted for use in replacing + $(FOO). If unspecified, this defaults to fieldPath: $defaultFieldPath" + properties: + fieldPath: + type: string + type: object + name: + description: + Value of identifier name e.g. FOO used in container + args, annotations Appears in pod template as $(FOO) + type: string + objref: + description: + ObjRef must refer to a Kubernetes resource under + the purview of this kustomization. ObjRef should use the raw + name of the object (the name specified in its YAML, before + addition of a namePrefix and a nameSuffix). + properties: + apiVersion: + type: string + group: + type: string + kind: + type: string + name: + type: string + namespace: + type: string + version: + type: string + required: + - name + type: object + required: + - name + - objref + type: object + type: array + serviceAccountName: + description: + "ServiceAccountName is the name of the ServiceAccount + to use to run integrations. More info: https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/" + type: string + validation: + description: validation + properties: + namespaceBlacklist: + description: namespace blacklist + items: + type: string + type: array + namespaceWhitelist: + description: namespace whitelist + items: + type: string + type: array + type: object + vars: + description: vars + items: + description: + Var represents a variable whose value will be sourced + from a field in a Kubernetes object. + properties: + fieldref: + description: + "FieldRef refers to the field of the object referred + to by ObjRef whose value will be extracted for use in replacing + $(FOO). If unspecified, this defaults to fieldPath: $defaultFieldPath" + properties: + fieldPath: + type: string + type: object + name: + description: + Value of identifier name e.g. FOO used in container + args, annotations Appears in pod template as $(FOO) + type: string + objref: + description: + ObjRef must refer to a Kubernetes resource under + the purview of this kustomization. ObjRef should use the raw + name of the object (the name specified in its YAML, before + addition of a namePrefix and a nameSuffix). + properties: + apiVersion: + type: string + group: + type: string + kind: + type: string + name: + type: string + namespace: + type: string + version: + type: string + required: + - name + type: object + required: + - name + - objref + type: object + type: array + type: object + status: + description: SocketStatus defines the observed state of Socket + properties: + conditions: + description: + Conditions represent the latest available observations + of an object's state + items: + description: + "Condition contains details for one aspect of the current + state of this API Resource. --- This struct is intended for direct + use as an array at the field path .status.conditions. For example, + \n type FooStatus struct{ // Represents the observations of a + foo's current state. // Known .status.conditions.type are: \"Available\", + \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge + // +listType=map // +listMapKey=type Conditions []metav1.Condition + `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" + protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" + properties: + lastTransitionTime: + description: + lastTransitionTime is the last time the condition + transitioned from one status to another. This should be when + the underlying condition changed. If that is not known, then + using the time when the API field changed is acceptable. + format: date-time + type: string + message: + description: + message is a human readable message indicating + details about the transition. This may be an empty string. + maxLength: 32768 + type: string + observedGeneration: + description: + observedGeneration represents the .metadata.generation + that the condition was set based upon. For instance, if .metadata.generation + is currently 12, but the .status.conditions[x].observedGeneration + is 9, the condition is out of date with respect to the current + state of the instance. + format: int64 + minimum: 0 + type: integer + reason: + description: + reason contains a programmatic identifier indicating + the reason for the condition's last transition. Producers + of specific condition types may define expected values and + meanings for this field, and whether the values are considered + a guaranteed API. The value should be a CamelCase string. + This field may not be empty. + maxLength: 1024 + minLength: 1 + pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ + type: string + status: + description: status of the condition, one of True, False, Unknown. + enum: + - "True" + - "False" + - Unknown + type: string + type: + description: + type of condition in CamelCase or in foo.example.com/CamelCase. + --- Many .condition.type values are consistent across resources + like Available, but because arbitrary conditions can be useful + (see .node.status.conditions), the ability to deconflict is + important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + maxLength: 316 + pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ + type: string + required: + - lastTransitionTime + - message + - reason + - status + - type + type: object + type: array + coupledPlugs: + description: plugs coupled to socket + items: + properties: + apiVersion: + description: API version of the plug + type: string + kind: + description: Kind of the plug + type: string + name: + description: Name of the plug + type: string + namespace: + description: Namespace of the plug + type: string + uid: + description: UID of the plug + type: string + required: + - apiVersion + - kind + - name + - namespace + - uid + type: object + type: array + type: object + type: object + served: true + storage: true + subresources: + status: {} diff --git a/operators/integration-operator/1.0.0/metadata/annotations.yaml b/operators/integration-operator/1.0.0/metadata/annotations.yaml new file mode 100644 index 00000000000..5d62b2a70b7 --- /dev/null +++ b/operators/integration-operator/1.0.0/metadata/annotations.yaml @@ -0,0 +1,7 @@ +annotations: + operators.operatorframework.io.bundle.channel.default.v1: stable + operators.operatorframework.io.bundle.channels.v1: stable + operators.operatorframework.io.bundle.manifests.v1: manifests/ + operators.operatorframework.io.bundle.mediatype.v1: registry+v1 + operators.operatorframework.io.bundle.metadata.v1: metadata/ + operators.operatorframework.io.bundle.package.v1: integration-operator diff --git a/operators/integration-operator/ci.yaml b/operators/integration-operator/ci.yaml new file mode 100644 index 00000000000..abd2a1cdc47 --- /dev/null +++ b/operators/integration-operator/ci.yaml @@ -0,0 +1,3 @@ +--- +# Use `replaces-mode` or `semver-mode`. Once you switch to `semver-mode`, there is no easy way back. +updateGraph: semver-mode