diff --git a/operators/integration-operator/1.0.0/manifests/integration-operator.v1.0.0.clusterserviceversion.yaml b/operators/integration-operator/1.0.0/manifests/integration-operator.v1.0.0.clusterserviceversion.yaml
new file mode 100644
index 00000000000..38687236b7a
--- /dev/null
+++ b/operators/integration-operator/1.0.0/manifests/integration-operator.v1.0.0.clusterserviceversion.yaml
@@ -0,0 +1,700 @@
+apiVersion: operators.coreos.com/v1alpha1
+kind: ClusterServiceVersion
+metadata:
+ name: integration-operator.v1.0.0
+ namespace: placeholder
+ annotations:
+ alm-examples: >-
+ [{"apiVersion":"integration.rock8s.com/v1beta1","kind":"Plug","metadata":{"name":"postgres","namespace":"app"},"spec":{"socket":{"name":"postgres","namespace":"postgres-namespace"},"config":{"database":"app"}}},{"apiVersion":"integration.rock8s.com/v1beta1","kind":"Socket","metadata":{"name":"postgres","namespace":"postgres-namespace"},"spec":{"interface":{"config":{"socket":{"protocol":{"required":true},"username":{"required":true},"password":{"required":true},"hostname":{"required":true},"port":{"required":true}},"plug":{"database":{"required":true}}}},"config":{"protocol":"psql","username":"postgres","hostname":"postgres-service.postgres-namespace.svc.cluster.local","port":"5432"},"configSecretName":"postgres-secret","resources":[{"when":["coupled","updated"],"do":"recreate","template":{"apiVersion":"batch/v1","kind":"Job","metadata":{"name":"postgres-coupled-or-updated-{% .plug.metadata.namespace %}"},"spec":{"template":{"spec":{"containers":[{"name":"psql","image":"registry.gitlab.com/bitspur/rock8s/images/kube-commands-psql:0.0.1","env":[{"name":"POSTGRES_PROTOCOL","value":"{% .socketConfig.protocol %}"},{"name":"POSTGRES_USERNAME","value":"{% .socketConfig.username %}"},{"name":"POSTGRES_HOSTNAME","value":"{% .socketConfig.hostname %}"},{"name":"POSTGRES_PORT","value":"{% .socketConfig.port %}"},{"name":"POSTGRES_DATABASE","value":"{% .plugConfig.database %}"},{"name":"POSTGRES_PASSWORD","value":"{% .socketConfig.password %}"}],"command":["sh","-c","export PGPASSFILE=\"/tmp/.pgpass\"\nexport STDOUT=\"/tmp/createdb.out\"\necho \"*:*:*:*:$POSTGRES_PASSWORD\" > $PGPASSFILE\nchmod 600 $PGPASSFILE\ncreatedb -h $POSTGRES_HOSTNAME -U $POSTGRES_USERNAME -p $POSTGRES_PORT -w $POSTGRES_DATABASE || true\n"]}]}}}}}]}}]
+ k8sMinVersion: ""
+ k8sMaxVersion: ""
+ categories: Integration & Delivery
+ certified: "false"
+ createdAt: ""
+ description: kubernetes operator to integrate deployments
+ containerImage: registry.gitlab.com/bitspur/rock8s/integration-operator:1.0.0
+ support: ""
+ capabilities: Full Lifecycle
+ repository: "https://gitlab.com/bitspur/rock8s/integration-operator"
+spec:
+ displayName: Integration Operator
+ description: >
+ This operator takes inspiration from [Juju](https://juju.is) [Charm](https://juju.is/docs/sdk)
+ [Relations](https://juju.is/docs/sdk/relations) by [Canonical](https://canonical.com).
+
+ ## Terminology
+
+
+
+ | Term |
+ Juju Equivalent |
+ Definition |
+
+
+ | Integration |
+ Relation |
+ unite and connect applications through mutual communication and shared configuration |
+
+
+ | Plug |
+ Requires |
+ request from an application to integrate with another application |
+
+
+ | Socket |
+ Provides |
+ fulfils requests from applications trying to integrate |
+
+
+ | Interface |
+ Interface |
+ plug and socket schema required to connect |
+
+
+ | Created Event |
+ Created Event |
+ event triggered when plug or socket created |
+
+
+ | Updated Event |
+ Changed Event |
+ event triggered when plug or socket updated |
+
+
+ | Coupled Event |
+ Joined Event |
+ event triggered when applications connected |
+
+
+ | Decoupled Event |
+ Detached Event |
+ event triggered when applications disconnected |
+
+
+
+ ## Architecture
+
+ ### A simple analogy
+
+ The best way to explain the architecture is to think about how plugs and sockets work in the real world.
+
+
+ Let's say I have a laptop purchased in the United States. In order to power my laptop, I need to **integrate** it with the power grid.
+ Since the laptop was purchased in the United States, the **interface** of the **plug** is Type A.
+
+
+ This means the **socket** I connect to must be also be Type A.
+
+
+ Now, let's say I travel to India and the only **socket** available to me is Type D.
+
+
+ Since the **socket** interface does not match the **plug** interface, I cannot integrate my laptop with the power grid in India. Of course
+ this can be overcome with converters, but that is beyond the scope of this analogy.
+
+ ### A real example
+
+ Let's say I have an express application that needs to **integrate** with a mongo database. The express deployment will have a **plug** with
+ a mongo **interface** and the mongo deployment will have a **socket** with a mongo **interface**. If the **interface** of the **socket** is
+ a postgres **interface** then the integration will fail. In other words, you cannot connect a mongo **plug** to a postgres **socket**. That
+ would be like trying to plug a US Type A **plug** into an Indian Type D **socket**. You can only connect a mongo **plug** to a mongo **socket**.
+
+ ## Concepts
+
+ ### Socket
+
+ A socket is a custom kubernetes resource that fulfills integration requests from other applications.
+ It carries out the following tasks:
+
+ - defines the interface for the configuration and result of the plug and socket
+
+ - provides the configuration for the socket
+
+ - provides the result for the socket
+
+ - templates any resources within the socket's namespace
+
+ - executes any apparatuses within the socket's namespace
+
+ - templates result resources within the socket's namespace
+
+
+ **Example:**
+
+ apiVersion: v1
+
+ kind: Socket
+
+ metadata:
+ name: foo
+ namespace: foo-namespace
+ spec:
+ config:
+ hello: world
+
+
+ ### Plug
+
+ A plug is a custom kubernetes resource that initiates an integration request with another application.
+ It does not define its own interface as it utilizes the interface defined by the socket.
+ The plug carries out the following tasks:
+
+ - couples to a socket
+
+ - provides the configuration for the plug
+
+ - provides the result for the plug
+
+ - templates any resources within the plug's namespace
+
+ - executes any apparatuses within the plug's namespace
+
+ - templates result resources within the plug's namespace
+
+
+ **Example:**
+
+ apiVersion: v1
+
+ kind: Plug
+
+ metadata:
+ name: bar
+ namespace: bar-namespace
+ spec:
+ socket:
+ name: foo
+ namespace: foo-namespace
+ configSecretName: my-secret
+
+
+ ### Data
+
+ The _data_ in the plug or socket is a flexible and unstructured form of information exchange. It is
+ used during the preliminary stages of the integration process, before the final _config_ is established.
+ Unlike _config_ and _result_, _data_ is not bound by an interface. It is used for exchanging or simplifying
+ preliminary details or any other information that might be necessary for generating the final _config_.
+
+
+ The _data_ can be supplied directly through the `data` field, and indirectly through the `dataConfigMapName` field
+ and `dataSecretName` field. The `data` field is a key-value pair that can be defined directly within the plug or
+ socket. If the `dataConfigMapName` or `dataSecretName` field is used, the _data_ will be retrieved from a ConfigMap
+ or Secret respectively.
+
+
+ It is important to know that _data_ is utilized exclusively by the `configTemplate` field, `resultTemplate` field, and
+ the `/config` endpoint of an apparatus. It enables the exchange of information between plugs and sockets before the
+ final _config_ is established. This process prevents potential recursive issues that could arise if the _config_ of
+ the plug and socket were interdependent. As such, _data_ serves as an initial medium for information exchange,
+ facilitating the creation of the final _config_ for the integration process.
+
+
+ **Example:**
+
+
+ _this is a simplified incomplete example, only including necessary fields_
+
+ spec:
+ dataConfigMapName: my-configmap
+ dataSecretName: my-secret
+ data:
+ username: admin
+ password: secret
+
+
+ ### Vars
+
+ The _vars_ allows the capture and insertion of values from one resource's field to another, functioning
+ similarly to vars in Kustomize. It is defined by the `vars` field. Like _data_, _vars_ can only be used
+ by the `configTemplate` field and the `/config` endpoint of an apparatus. Since _vars_ is used by _config_, the
+ lookup occurs before the _config_ is finalized.
+
+
+ In addition to the `vars` field, there is a separate field, known as `resultVars`, which is used by
+ the `resultTemplate` field. Since _resultVars_ is used by _result_, the lookup occurs after the integration has
+ been established or updated. This allows for the creation of _resultVars_ based on the results of the integration.
+
+
+ For more detailed information, please refer to the
+ [Kustomize Vars Documentation](https://kubectl.docs.kubernetes.io/references/kustomize/kustomization/vars/).
+
+
+ **Example:**
+
+
+ _this is a simplified incomplete example, only including necessary fields_
+
+ spec:
+ vars:
+ - name: serviceAccountName
+ objref:
+ apiVersion: apps/v1
+ kind: Deployment
+ name: my-deployment
+ namespace: default
+ fieldref:
+ fieldPath: spec.template.spec.serviceAccountName
+ resultVars:
+ - name: jobSuccessful
+ objref:
+ apiVersion: batch/v1
+ kind: Job
+ name: my-job
+ namespace: default
+ fieldref:
+ fieldPath: status.successful
+
+
+ ### Config
+
+ The _config_ is the most fundamental concept of the integrations, serving as a key-value data pair that enables secure
+ information exchange between the plug and socket. It contains essential details and information necessary for the
+ integration.
+
+
+ The _config_ can be supplied directly through the `config` field, or indirectly through the `configConfigMapName` field,
+ `configSecretName` field, `configTemplate` field and the `/config` endpoint of an apparatus. The `config` field is a
+ key-value pair that can be defined directly within the plug or socket. If the `configConfigMapName` or `configSecretName`
+ field is used, the _config_ will be retrieved from a ConfigMap or Secret respectively. If the `configTemplate` field is
+ used, the _config_ will be templated, allowing the composition of values from `vars`, `plugData`, `socketData`, `plug`
+ and `socket`. If the `/config` endpoint of an apparatus is used, the _config_ will come from the response payload. The
+ request body will contain `vars`, `plugData` and `socketData`. Please note that `plugConfig` and `socketConfig` will not
+ be available to the `configTemplate` field or the `/config` endpoint of an apparatus. All of these strategies for creating
+ the _config_ can be used in combination.
+
+
+ The _config_ is validated against the _config interface_ before the integration process begins. This ensures that the
+ _config_ contains all the necessary information, adheres to the correct format and enforces a contract between the
+ plug and socket integration
+
+
+ **Example:**
+
+
+ _this is a simplified incomplete example, only including necessary fields_
+
+ spec:
+ config:
+ protocol: http
+ port: "8080"
+ configTemplate:
+ hostname: "{% .vars.ingressHost %}"
+ configConfigMapName: my-configmap
+ configSecretName: my-secret
+
+
+ ### Results
+
+ The _result_ serves as a key-value data pair that contains essential details and information after an integration
+ has been coupled or updated. It can be used in the `resultResources` field.
+
+
+ The _result_ can be supplied directly through the `result` field, or indirectly through the `resultConfigMapName`
+ or `resultSecretName` field. If the `resultConfigMapName` or `resultSecretName` field is used, the _result_ will be
+ retrieved from a ConfigMap or Secret respectively. If the `resultTemplate` field is used, the _result_ will be templated,
+ allowing the composition of values from `resultVars`, `plugData`, `socketData`, `plugConfig`, `socketConfig`, `plug`,
+ and `socket`. All of these strategies for creating the _result_ can be used in combination.
+
+
+ The _result_ is validated against the _result interface_ after the integration is coupled or updated. This ensures that
+ the _result_ contains all the necessary information, adheres to the correct format and enforces a contract between the
+ plug and socket integration.
+
+
+ **Example:**
+
+
+ _this is a simplified incomplete example, only including necessary fields_
+
+ spec:
+ result:
+ hello: world
+ resultTemplate:
+ foo: "{% .plugConfig.foo %}"
+ resultConfigMapName: my-configmap
+ resultSecretName: my-secret
+
+
+ ### Interface
+
+ The _interface_ validates the _config_ and _result_ against a defined schema, ensuring they contain all necessary
+ properties. The integration fails if the _interface_ requires a _config_ or _result_ that is missing. Any _config_
+ or _result_ provided that isn't defined in the _interface_ will be ignored. This guarantees that only properties
+ defined in the _interface_ are used during integration, preserving integrity and consistency. If no _interface_ is
+ provided, the _config_ and _result_ are not validated and can be any value. However, this is discouraged as it may
+ lead to inconsistencies and unexpected behavior during the integration process.
+
+
+ **Example:**
+
+
+ _this is a simplified incomplete example, only including necessary fields_
+
+ kind: Socket
+
+ spec:
+ interface:
+ config:
+ plug:
+ hello:
+ default: world
+ socket:
+ howdy:
+ required: true
+ result:
+ socket:
+ foo:
+ required: true
+ plug:
+ bar: {}
+
+
+ ### Resources
+
+ Resources are utilized during the integration process to template kubernetes resources. They are defined within the plug or
+ socket and can encompass any valid Kubernetes resource such as Jobs, Pods, Services, and more. These resources play a
+ pivotal role in executing the integration process.
+
+
+ Resource templates are defined using the `template` and `templates` fields. The `template` field is used for a single
+ resource template, while the `templates` field is used for multiple resource templates. These templates are defined in YAML
+ format.
+
+
+ The `stringTemplate` and `stringTemplates` fields are analogous to `template` and `templates`, but they accept resource
+ templates in string format. This is particularly useful when dealing with complex resource templates that require
+ conditional templating, such as wrapping a resource in an if statement.
+
+
+ The `do` field specifies the action to be performed on the resource. It can be `delete`, `apply`, or `recreate`.
+
+
+ The `when` field specifies the stage of the integration process when the resource action should be performed. It can
+ be `updated`, `coupled`, `decoupled`, `created`, or `deleted`.
+
+
+ The `preserveWhenDecoupled` field is a boolean that determines whether the resource should be preserved when the
+ integration is decoupled. If `true`, the resource will not be deleted during decoupling. If `false` or omitted, the
+ resource will be deleted unless the `when` field contains `decoupled`.
+
+
+ A unique field, `resultResources`, is used to create resources after the integration has been coupled or updated. The
+ templating of `resultResources` takes place after the integration process has been coupled or updated. This allows for
+ the creation of resources based on the results of the integration process.
+
+
+ The `resultResources` field is used to create resources after the integration has been coupled or updated. The templating
+ of `resultResources` takes place after the integration process has been coupled or updated. This allows for the creation
+ of resources based on the results of the integration process.
+
+
+ **Example:**
+
+
+ _this is a simplified incomplete example, only including necessary fields_
+
+ spec:
+ resources:
+ - when: [coupled, updated]
+ do: apply
+ template:
+ apiVersion: batch/v1
+ kind: Job
+ metadata:
+ name: my-job
+ spec:
+ template:
+ spec:
+ containers:
+ - name: my-job
+ image: my-job-image
+ env:
+ - name: HELLO
+ value: "{% .plugConfig.hello %}"
+ resultResources:
+ - when: [coupled, updated]
+ do: apply
+ stringTemplate: |
+ {%- if (eq .result.resultJob "1") %}
+ apiVersion: batch/v1
+ kind: Job
+ metadata:
+ name: my-result-job
+ spec:
+ template:
+ spec:
+ containers:
+ - name: my-result-job
+ image: my-result-job-image
+ {%- endif %}
+
+
+ ### Apparatus
+
+ The apparatus is a unique component that offers a unique approach to executing the integration process. Unlike resources,
+ which are primarily used for templating Kubernetes resources, the apparatus is a pod that operates a REST API. These APIs
+ are invoked at different stages of the integration process, passing data such as the `plug`, `socket`, `plugConfig`, and
+ `socketConfig` in the request body.
+
+
+ It's important to note that an apparatus and resources can be used together during the integration process. This
+ combination provides a flexible and robust integration process capable of handling a wide range of scenarios.
+
+
+ The apparatus pod is automatically cleaned up when it's not in use and will be created automatically when integrations
+ require it. The apparatus schema is the same as the schema used to define a pod.
+
+
+ An good example of an apparatus use case is the
+ [Keycloak Integration Apparatus](https://gitlab.com/bitspur/rock8s/keycloak-integration-apparatus). This apparatus is
+ necessary because the Keycloak integration involves interacting with the Keycloak API
+ via a TypeScript client, which would be challenging to accomplish using only resources. By constructing it
+ as an apparatus, we can leverage a NodeJS REST API to effectively communicate with Keycloak.
+
+
+ The apparatus controller, which can be programmed in any language due to its REST architecture, should implement the following endpoints:
+
+
+
+ | Method |
+ Endpoint |
+ Description |
+ Request Body |
+
+
+ | GET |
+ /ping |
+ checks the health |
+ |
+
+
+ | POST |
+ /config |
+ retrieves the config |
+ vars, plug, socket, plugData, socketData |
+
+
+ | POST |
+ /created |
+ invoked when created |
+ plug, socket, plugConfig, socketConfig |
+
+
+ | POST |
+ /coupled |
+ invoked when coupled |
+ plug, socket, plugConfig, socketConfig |
+
+
+ | POST |
+ /updated |
+ invoked when updated |
+ plug, socket, plugConfig, socketConfig |
+
+
+ | POST |
+ /decoupled |
+ invoked when decoupled |
+ plug, socket, plugConfig, socketConfig |
+
+
+ | POST |
+ /deleted |
+ invoked when deleted |
+ plug, socket, plugConfig, socketConfig |
+
+
+
+
+ **Example:**
+
+
+ _this is a simplified incomplete example, only including necessary fields_
+
+ spec:
+ apparatus:
+ endpoint: /socket
+ containers:
+ - name: my-apparatus
+ image: my-apparatus-image
+ ports:
+ - containerPort: 3000
+ name: container
+ protocol: TCP
+
+ maturity: stable
+ version: 1.0.0
+ minKubeVersion: 1.26.0
+ keywords:
+ - integration
+ - plug
+ - socket
+ maintainers:
+ - name: Clay Risser
+ email: email@clayrisser.com
+ provider:
+ name: BitSpur
+ labels: {}
+ selector:
+ matchLabels: {}
+ links:
+ - name: Inspired by Juju Charms
+ url: "https://juju.is"
+ icon:
+ - base64data: >-
+ PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0iVVRGLTgiIHN0YW5kYWxvbmU9Im5vIj8+CjwhLS0gQ3JlYXRlZCB3aXRoIElua3NjYXBlIChodHRwOi8vd3d3Lmlua3NjYXBlLm9yZy8pIC0tPgoKPHN2ZwogICB2ZXJzaW9uPSIxLjEiCiAgIGlkPSJzdmcxIgogICB3aWR0aD0iMTk4LjY0NDgxIgogICBoZWlnaHQ9IjE5OC42NDQ4MiIKICAgdmlld0JveD0iMCAwIDE5OC42NDQ4MSAxOTguNjQ0ODIiCiAgIHNvZGlwb2RpOmRvY25hbWU9ImNsYXlyaXNzZXJfYV9taW5pbWFsaXN0XzItY29sb3JfbG9nb19vZl9hX3BsdWdfYW5kX3NvY2tldF81YmM0MDc3YS1hZDQ5LTRmMjYtOTZjMi1iNDEyOTY5ZTA1OGEuc3ZnIgogICBpbmtzY2FwZTpleHBvcnQtZmlsZW5hbWU9Imljb24uc3ZnIgogICBpbmtzY2FwZTpleHBvcnQteGRwaT0iNzMxLjUxNzciCiAgIGlua3NjYXBlOmV4cG9ydC15ZHBpPSI3MzEuNTE3NyIKICAgaW5rc2NhcGU6dmVyc2lvbj0iMS4zICgwZTE1MGVkLCAyMDIzLTA3LTIxKSIKICAgeG1sbnM6aW5rc2NhcGU9Imh0dHA6Ly93d3cuaW5rc2NhcGUub3JnL25hbWVzcGFjZXMvaW5rc2NhcGUiCiAgIHhtbG5zOnNvZGlwb2RpPSJodHRwOi8vc29kaXBvZGkuc291cmNlZm9yZ2UubmV0L0RURC9zb2RpcG9kaS0wLmR0ZCIKICAgeG1sbnM9Imh0dHA6Ly93d3cudzMub3JnLzIwMDAvc3ZnIgogICB4bWxuczpzdmc9Imh0dHA6Ly93d3cudzMub3JnLzIwMDAvc3ZnIj4KICA8ZGVmcwogICAgIGlkPSJkZWZzMSIgLz4KICA8c29kaXBvZGk6bmFtZWR2aWV3CiAgICAgaWQ9Im5hbWVkdmlldzEiCiAgICAgcGFnZWNvbG9yPSIjZmZmZmZmIgogICAgIGJvcmRlcmNvbG9yPSIjMDAwMDAwIgogICAgIGJvcmRlcm9wYWNpdHk9IjAuMjUiCiAgICAgaW5rc2NhcGU6c2hvd3BhZ2VzaGFkb3c9IjIiCiAgICAgaW5rc2NhcGU6cGFnZW9wYWNpdHk9IjAuMCIKICAgICBpbmtzY2FwZTpwYWdlY2hlY2tlcmJvYXJkPSIwIgogICAgIGlua3NjYXBlOmRlc2tjb2xvcj0iI2QxZDFkMSIKICAgICBzaG93Z3JpZD0iZmFsc2UiCiAgICAgaW5rc2NhcGU6em9vbT0iMC43MTQ4NDM3NSIKICAgICBpbmtzY2FwZTpjeD0iMjAwLjc0MzE3IgogICAgIGlua3NjYXBlOmN5PSIyMzkuMjEzMTEiCiAgICAgaW5rc2NhcGU6d2luZG93LXdpZHRoPSIxNTEyIgogICAgIGlua3NjYXBlOndpbmRvdy1oZWlnaHQ9Ijk0NSIKICAgICBpbmtzY2FwZTp3aW5kb3cteD0iMCIKICAgICBpbmtzY2FwZTp3aW5kb3cteT0iMzciCiAgICAgaW5rc2NhcGU6d2luZG93LW1heGltaXplZD0iMCIKICAgICBpbmtzY2FwZTpjdXJyZW50LWxheWVyPSJnMSIgLz4KICA8ZwogICAgIGlua3NjYXBlOmdyb3VwbW9kZT0ibGF5ZXIiCiAgICAgaW5rc2NhcGU6bGFiZWw9IkltYWdlIgogICAgIGlkPSJnMSIKICAgICB0cmFuc2Zvcm09InRyYW5zbGF0ZSgtMzM4LjE0NjM2LC0zMDMuODIyNTEpIj4KICAgIDxyZWN0CiAgICAgICBzdHlsZT0iZmlsbDojZmY5NjIwO2ZpbGwtb3BhY2l0eToxO3N0cm9rZS13aWR0aDoxLjA0MTtzdHJva2UtZGFzaGFycmF5Om5vbmUiCiAgICAgICBpZD0icmVjdDEiCiAgICAgICB3aWR0aD0iMTk4LjY0NDgxIgogICAgICAgaGVpZ2h0PSIxOTguNjQ0ODIiCiAgICAgICB4PSIzMzguMTQ2MzYiCiAgICAgICB5PSIzMDMuODIyNTEiCiAgICAgICBpbmtzY2FwZTpsYWJlbD0icmVjdDEiCiAgICAgICByeT0iNDguMjYyMjY0IiAvPgogICAgPHBhdGgKICAgICAgIHN0eWxlPSJmaWxsOiMwMDAwMDAiCiAgICAgICBkPSJtIDQxMi42ODgzMSw0NjguMjU1NDYgYyAtMC4wOTAzLC0xLjUxMjUgLTAuMDQ5MywtNSAwLjA5MTEsLTcuNzUgMS4wODgxOSwtMjEuMzE5NzEgMjYuMjM1NjQsLTMxLjQzMjY5IDQxLjEyODU5LC0xNi41Mzk3NCA1LjUzMzYzLDUuNTMzNjMgNy45NDQ1LDExLjk3MzUxIDcuOTQ0NSwyMS4yMjEyNCB2IDUuODE4NSBoIC0yNC41MDAwNCAtMjQuNSB6IG0gLTIxLjgzNTg1LC0xMDEuNzUgdiAtMjkuNSBoIDkgOSB2IDI5LjUgMjkuNSBoIC05IC05IHogbSA3NC42NDE4NSwyNS43NSBjIC0wLjM0MDkxLC0yLjA2MjUgLTAuNjI0NzksLTE1LjMzNzUgLTAuNjMwODQsLTI5LjUgbCAtMC4wMTEsLTI1Ljc1IGggOSA5IHYgMjkuNSAyOS41IGggLTguMzY5MTYgLTguMzY5MTYgeiIKICAgICAgIGlkPSJwYXRoMSIKICAgICAgIHNvZGlwb2RpOm5vZGV0eXBlcz0ic2Nzc2NjY3NjY2NjY2NjY2Nzc2NjY2NjY2NzIgogICAgICAgaW5rc2NhcGU6bGFiZWw9InBhdGgxIiAvPgogIDwvZz4KPC9zdmc+Cg==
+ mediatype: image/svg+xml
+ customresourcedefinitions:
+ owned:
+ - name: plugs.integration.rock8s.com
+ displayName: Plug
+ kind: Plug
+ version: v1beta1
+ description: Plug
+ resources: []
+ specDescriptors: []
+ statusDescriptors: []
+ - name: sockets.integration.rock8s.com
+ displayName: Socket
+ kind: Socket
+ version: v1beta1
+ description: Socket
+ resources: []
+ specDescriptors: []
+ statusDescriptors: []
+ required: []
+ install:
+ strategy: deployment
+ spec:
+ permissions:
+ - serviceAccountName: integration-operator
+ rules:
+ - apiGroups:
+ - ""
+ resources:
+ - events
+ verbs:
+ - create
+ - delete
+ - get
+ - list
+ - patch
+ - update
+ - watch
+ - apiGroups:
+ - ""
+ resources:
+ - serviceaccounts
+ verbs:
+ - impersonate
+ - apiGroups:
+ - integration.rock8s.com
+ resources:
+ - plugs
+ - sockets
+ verbs:
+ - "*"
+ - apiGroups:
+ - integration.rock8s.com
+ resources:
+ - plugs/status
+ - sockets/status
+ verbs:
+ - get
+ - update
+ - patch
+ - apiGroups:
+ - integration.rock8s.com
+ resources:
+ - plugs/finalizers
+ - sockets/finalizers
+ verbs:
+ - update
+ - apiGroups:
+ - coordination.k8s.io
+ resources:
+ - leases
+ verbs:
+ - create
+ - delete
+ - get
+ - list
+ - patch
+ - update
+ - watch
+ clusterPermissions: []
+ deployments:
+ - name: add-deployment
+ spec:
+ replicas: 1
+ strategy:
+ type: RollingUpdate
+ selector:
+ matchLabels:
+ app.kubernetes.io/name: integration-operator
+ template:
+ metadata:
+ labels:
+ app.kubernetes.io/name: integration-operator
+ spec:
+ affinity:
+ nodeAffinity:
+ requiredDuringSchedulingIgnoredDuringExecution:
+ nodeSelectorTerms:
+ - matchExpressions:
+ - key: kubernetes.io/arch
+ operator: In
+ values:
+ - amd64
+ serviceAccountName: integration-operator
+ containers:
+ - image: registry.gitlab.com/bitspur/rock8s/integration-operator:1.0.0
+ imagePullPolicy: Always
+ name: integration-operator
+ args:
+ - "--leader-elect"
+ - "--health-probe-bind-address=:8081"
+ - "--zap-devel=false"
+ resources:
+ limits:
+ cpu: 200m
+ memory: 100Mi
+ requests:
+ cpu: 100m
+ memory: 50Mi
+ env:
+ - name: WATCH_NAMESPACE
+ valueFrom:
+ fieldRef:
+ fieldPath: "metadata.annotations['olm.targetNamespaces']"
+ - name: POD_NAME
+ valueFrom:
+ fieldRef:
+ fieldPath: metadata.name
+ - name: OPERATOR_NAME
+ value: integration-operator
+ - name: MAX_CONCURRENT_RECONCILES
+ value: "3"
+ nodeSelector:
+ beta.kubernetes.io/os: linux
+ livenessProbe:
+ httpGet:
+ path: /healthz
+ port: 8081
+ initialDelaySeconds: 15
+ periodSeconds: 20
+ readinessProbe:
+ httpGet:
+ path: /readyz
+ port: 8081
+ initialDelaySeconds: 5
+ periodSeconds: 10
+ installModes:
+ - type: OwnNamespace
+ supported: true
+ - type: SingleNamespace
+ supported: true
+ - type: MultiNamespace
+ supported: true
+ - type: AllNamespaces
+ supported: true
diff --git a/operators/integration-operator/1.0.0/manifests/integration.rock8s.com_plugs.yaml b/operators/integration-operator/1.0.0/manifests/integration.rock8s.com_plugs.yaml
new file mode 100644
index 00000000000..4cbb259c1b7
--- /dev/null
+++ b/operators/integration-operator/1.0.0/manifests/integration.rock8s.com_plugs.yaml
@@ -0,0 +1,1821 @@
+---
+apiVersion: apiextensions.k8s.io/v1
+kind: CustomResourceDefinition
+metadata:
+ annotations:
+ controller-gen.kubebuilder.io/version: v0.11.1
+ creationTimestamp: null
+ name: plugs.integration.rock8s.com
+spec:
+ group: integration.rock8s.com
+ names:
+ kind: Plug
+ listKind: PlugList
+ plural: plugs
+ singular: plug
+ scope: Namespaced
+ versions:
+ - name: v1beta1
+ schema:
+ openAPIV3Schema:
+ description: Plug is the Schema for the plugs API
+ properties:
+ apiVersion:
+ description:
+ "APIVersion defines the versioned schema of this representation
+ of an object. Servers should convert recognized schemas to the latest
+ internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources"
+ type: string
+ kind:
+ description:
+ "Kind is a string value representing the REST resource this
+ object represents. Servers may infer this from the endpoint the client
+ submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds"
+ type: string
+ metadata:
+ type: object
+ spec:
+ description: PlugSpec defines the desired state of Plug
+ properties:
+ apparatus:
+ description: apparatus
+ properties:
+ containers:
+ description:
+ List of containers belonging to the apparatus. Containers
+ cannot currently be added or removed. There must be at least
+ one container in an apparatus. Cannot be updated.
+ items:
+ description:
+ A single application container that you want to
+ run within a pod.
+ properties:
+ args:
+ description:
+ 'Arguments to the entrypoint. The container
+ image''s CMD is used if this is not provided. Variable
+ references $(VAR_NAME) are expanded using the container''s
+ environment. If a variable cannot be resolved, the reference
+ in the input string will be unchanged. Double $$ are reduced
+ to a single $, which allows for escaping the $(VAR_NAME)
+ syntax: i.e. "$$(VAR_NAME)" will produce the string literal
+ "$(VAR_NAME)". Escaped references will never be expanded,
+ regardless of whether the variable exists or not. Cannot
+ be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell'
+ items:
+ type: string
+ type: array
+ command:
+ description:
+ 'Entrypoint array. Not executed within a shell.
+ The container image''s ENTRYPOINT is used if this is not
+ provided. Variable references $(VAR_NAME) are expanded
+ using the container''s environment. If a variable cannot
+ be resolved, the reference in the input string will be
+ unchanged. Double $$ are reduced to a single $, which
+ allows for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)"
+ will produce the string literal "$(VAR_NAME)". Escaped
+ references will never be expanded, regardless of whether
+ the variable exists or not. Cannot be updated. More info:
+ https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell'
+ items:
+ type: string
+ type: array
+ env:
+ description:
+ List of environment variables to set in the
+ container. Cannot be updated.
+ items:
+ description:
+ EnvVar represents an environment variable
+ present in a Container.
+ properties:
+ name:
+ description:
+ Name of the environment variable. Must
+ be a C_IDENTIFIER.
+ type: string
+ value:
+ description:
+ 'Variable references $(VAR_NAME) are
+ expanded using the previously defined environment
+ variables in the container and any service environment
+ variables. If a variable cannot be resolved, the
+ reference in the input string will be unchanged.
+ Double $$ are reduced to a single $, which allows
+ for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)"
+ will produce the string literal "$(VAR_NAME)". Escaped
+ references will never be expanded, regardless of
+ whether the variable exists or not. Defaults to
+ "".'
+ type: string
+ valueFrom:
+ description:
+ Source for the environment variable's
+ value. Cannot be used if value is not empty.
+ properties:
+ configMapKeyRef:
+ description: Selects a key of a ConfigMap.
+ properties:
+ key:
+ description: The key to select.
+ type: string
+ name:
+ description:
+ "Name of the referent. More info:
+ https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+ TODO: Add other useful fields. apiVersion,
+ kind, uid?"
+ type: string
+ optional:
+ description:
+ Specify whether the ConfigMap
+ or its key must be defined
+ type: boolean
+ required:
+ - key
+ type: object
+ x-kubernetes-map-type: atomic
+ fieldRef:
+ description:
+ "Selects a field of the pod: supports
+ metadata.name, metadata.namespace, `metadata.labels['']`,
+ `metadata.annotations['']`, spec.nodeName,
+ spec.serviceAccountName, status.hostIP, status.podIP,
+ status.podIPs."
+ properties:
+ apiVersion:
+ description:
+ Version of the schema the FieldPath
+ is written in terms of, defaults to "v1".
+ type: string
+ fieldPath:
+ description:
+ Path of the field to select in
+ the specified API version.
+ type: string
+ required:
+ - fieldPath
+ type: object
+ x-kubernetes-map-type: atomic
+ resourceFieldRef:
+ description:
+ "Selects a resource of the container:
+ only resources limits and requests (limits.cpu,
+ limits.memory, limits.ephemeral-storage, requests.cpu,
+ requests.memory and requests.ephemeral-storage)
+ are currently supported."
+ properties:
+ containerName:
+ description:
+ "Container name: required for
+ volumes, optional for env vars"
+ type: string
+ divisor:
+ anyOf:
+ - type: integer
+ - type: string
+ description:
+ Specifies the output format of
+ the exposed resources, defaults to "1"
+ pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+ x-kubernetes-int-or-string: true
+ resource:
+ description: "Required: resource to select"
+ type: string
+ required:
+ - resource
+ type: object
+ x-kubernetes-map-type: atomic
+ secretKeyRef:
+ description:
+ Selects a key of a secret in the
+ pod's namespace
+ properties:
+ key:
+ description:
+ The key of the secret to select
+ from. Must be a valid secret key.
+ type: string
+ name:
+ description:
+ "Name of the referent. More info:
+ https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+ TODO: Add other useful fields. apiVersion,
+ kind, uid?"
+ type: string
+ optional:
+ description:
+ Specify whether the Secret or
+ its key must be defined
+ type: boolean
+ required:
+ - key
+ type: object
+ x-kubernetes-map-type: atomic
+ type: object
+ required:
+ - name
+ type: object
+ type: array
+ envFrom:
+ description:
+ List of sources to populate environment variables
+ in the container. The keys defined within a source must
+ be a C_IDENTIFIER. All invalid keys will be reported as
+ an event when the container is starting. When a key exists
+ in multiple sources, the value associated with the last
+ source will take precedence. Values defined by an Env
+ with a duplicate key will take precedence. Cannot be updated.
+ items:
+ description:
+ EnvFromSource represents the source of a
+ set of ConfigMaps
+ properties:
+ configMapRef:
+ description: The ConfigMap to select from
+ properties:
+ name:
+ description:
+ "Name of the referent. More info:
+ https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+ TODO: Add other useful fields. apiVersion, kind,
+ uid?"
+ type: string
+ optional:
+ description:
+ Specify whether the ConfigMap must
+ be defined
+ type: boolean
+ type: object
+ x-kubernetes-map-type: atomic
+ prefix:
+ description:
+ An optional identifier to prepend to
+ each key in the ConfigMap. Must be a C_IDENTIFIER.
+ type: string
+ secretRef:
+ description: The Secret to select from
+ properties:
+ name:
+ description:
+ "Name of the referent. More info:
+ https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+ TODO: Add other useful fields. apiVersion, kind,
+ uid?"
+ type: string
+ optional:
+ description:
+ Specify whether the Secret must be
+ defined
+ type: boolean
+ type: object
+ x-kubernetes-map-type: atomic
+ type: object
+ type: array
+ image:
+ description:
+ "Container image name. More info: https://kubernetes.io/docs/concepts/containers/images
+ This field is optional to allow higher level config management
+ to default or override container images in workload controllers
+ like Deployments and StatefulSets."
+ type: string
+ imagePullPolicy:
+ description:
+ "Image pull policy. One of Always, Never, IfNotPresent.
+ Defaults to Always if :latest tag is specified, or IfNotPresent
+ otherwise. Cannot be updated. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images"
+ type: string
+ lifecycle:
+ description:
+ Actions that the management system should take
+ in response to container lifecycle events. Cannot be updated.
+ properties:
+ postStart:
+ description:
+ "PostStart is called immediately after
+ a container is created. If the handler fails, the
+ container is terminated and restarted according to
+ its restart policy. Other management of the container
+ blocks until the hook completes. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks"
+ properties:
+ exec:
+ description: Exec specifies the action to take.
+ properties:
+ command:
+ description:
+ Command is the command line to
+ execute inside the container, the working
+ directory for the command is root ('/') in
+ the container's filesystem. The command is
+ simply exec'd, it is not run inside a shell,
+ so traditional shell instructions ('|', etc)
+ won't work. To use a shell, you need to explicitly
+ call out to that shell. Exit status of 0 is
+ treated as live/healthy and non-zero is unhealthy.
+ items:
+ type: string
+ type: array
+ type: object
+ httpGet:
+ description:
+ HTTPGet specifies the http request
+ to perform.
+ properties:
+ host:
+ description:
+ Host name to connect to, defaults
+ to the pod IP. You probably want to set "Host"
+ in httpHeaders instead.
+ type: string
+ httpHeaders:
+ description:
+ Custom headers to set in the request.
+ HTTP allows repeated headers.
+ items:
+ description:
+ HTTPHeader describes a custom
+ header to be used in HTTP probes
+ properties:
+ name:
+ description: The header field name
+ type: string
+ value:
+ description: The header field value
+ type: string
+ required:
+ - name
+ - value
+ type: object
+ type: array
+ path:
+ description: Path to access on the HTTP server.
+ type: string
+ port:
+ anyOf:
+ - type: integer
+ - type: string
+ description:
+ Name or number of the port to access
+ on the container. Number must be in the range
+ 1 to 65535. Name must be an IANA_SVC_NAME.
+ x-kubernetes-int-or-string: true
+ scheme:
+ description:
+ Scheme to use for connecting to
+ the host. Defaults to HTTP.
+ type: string
+ required:
+ - port
+ type: object
+ tcpSocket:
+ description:
+ Deprecated. TCPSocket is NOT supported
+ as a LifecycleHandler and kept for the backward
+ compatibility. There are no validation of this
+ field and lifecycle hooks will fail in runtime
+ when tcp handler is specified.
+ properties:
+ host:
+ description:
+ "Optional: Host name to connect
+ to, defaults to the pod IP."
+ type: string
+ port:
+ anyOf:
+ - type: integer
+ - type: string
+ description:
+ Number or name of the port to access
+ on the container. Number must be in the range
+ 1 to 65535. Name must be an IANA_SVC_NAME.
+ x-kubernetes-int-or-string: true
+ required:
+ - port
+ type: object
+ type: object
+ preStop:
+ description:
+ "PreStop is called immediately before a
+ container is terminated due to an API request or management
+ event such as liveness/startup probe failure, preemption,
+ resource contention, etc. The handler is not called
+ if the container crashes or exits. The Pod's termination
+ grace period countdown begins before the PreStop hook
+ is executed. Regardless of the outcome of the handler,
+ the container will eventually terminate within the
+ Pod's termination grace period (unless delayed by
+ finalizers). Other management of the container blocks
+ until the hook completes or until the termination
+ grace period is reached. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks"
+ properties:
+ exec:
+ description: Exec specifies the action to take.
+ properties:
+ command:
+ description:
+ Command is the command line to
+ execute inside the container, the working
+ directory for the command is root ('/') in
+ the container's filesystem. The command is
+ simply exec'd, it is not run inside a shell,
+ so traditional shell instructions ('|', etc)
+ won't work. To use a shell, you need to explicitly
+ call out to that shell. Exit status of 0 is
+ treated as live/healthy and non-zero is unhealthy.
+ items:
+ type: string
+ type: array
+ type: object
+ httpGet:
+ description:
+ HTTPGet specifies the http request
+ to perform.
+ properties:
+ host:
+ description:
+ Host name to connect to, defaults
+ to the pod IP. You probably want to set "Host"
+ in httpHeaders instead.
+ type: string
+ httpHeaders:
+ description:
+ Custom headers to set in the request.
+ HTTP allows repeated headers.
+ items:
+ description:
+ HTTPHeader describes a custom
+ header to be used in HTTP probes
+ properties:
+ name:
+ description: The header field name
+ type: string
+ value:
+ description: The header field value
+ type: string
+ required:
+ - name
+ - value
+ type: object
+ type: array
+ path:
+ description: Path to access on the HTTP server.
+ type: string
+ port:
+ anyOf:
+ - type: integer
+ - type: string
+ description:
+ Name or number of the port to access
+ on the container. Number must be in the range
+ 1 to 65535. Name must be an IANA_SVC_NAME.
+ x-kubernetes-int-or-string: true
+ scheme:
+ description:
+ Scheme to use for connecting to
+ the host. Defaults to HTTP.
+ type: string
+ required:
+ - port
+ type: object
+ tcpSocket:
+ description:
+ Deprecated. TCPSocket is NOT supported
+ as a LifecycleHandler and kept for the backward
+ compatibility. There are no validation of this
+ field and lifecycle hooks will fail in runtime
+ when tcp handler is specified.
+ properties:
+ host:
+ description:
+ "Optional: Host name to connect
+ to, defaults to the pod IP."
+ type: string
+ port:
+ anyOf:
+ - type: integer
+ - type: string
+ description:
+ Number or name of the port to access
+ on the container. Number must be in the range
+ 1 to 65535. Name must be an IANA_SVC_NAME.
+ x-kubernetes-int-or-string: true
+ required:
+ - port
+ type: object
+ type: object
+ type: object
+ livenessProbe:
+ description:
+ "Periodic probe of container liveness. Container
+ will be restarted if the probe fails. Cannot be updated.
+ More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes"
+ properties:
+ exec:
+ description: Exec specifies the action to take.
+ properties:
+ command:
+ description:
+ Command is the command line to execute
+ inside the container, the working directory for
+ the command is root ('/') in the container's
+ filesystem. The command is simply exec'd, it is
+ not run inside a shell, so traditional shell instructions
+ ('|', etc) won't work. To use a shell, you need
+ to explicitly call out to that shell. Exit status
+ of 0 is treated as live/healthy and non-zero is
+ unhealthy.
+ items:
+ type: string
+ type: array
+ type: object
+ failureThreshold:
+ description:
+ Minimum consecutive failures for the probe
+ to be considered failed after having succeeded. Defaults
+ to 3. Minimum value is 1.
+ format: int32
+ type: integer
+ grpc:
+ description:
+ GRPC specifies an action involving a GRPC
+ port. This is a beta field and requires enabling GRPCContainerProbe
+ feature gate.
+ properties:
+ port:
+ description:
+ Port number of the gRPC service. Number
+ must be in the range 1 to 65535.
+ format: int32
+ type: integer
+ service:
+ description:
+ "Service is the name of the service
+ to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md).
+ \n If this is not specified, the default behavior
+ is defined by gRPC."
+ type: string
+ required:
+ - port
+ type: object
+ httpGet:
+ description: HTTPGet specifies the http request to perform.
+ properties:
+ host:
+ description:
+ Host name to connect to, defaults to
+ the pod IP. You probably want to set "Host" in
+ httpHeaders instead.
+ type: string
+ httpHeaders:
+ description:
+ Custom headers to set in the request.
+ HTTP allows repeated headers.
+ items:
+ description:
+ HTTPHeader describes a custom header
+ to be used in HTTP probes
+ properties:
+ name:
+ description: The header field name
+ type: string
+ value:
+ description: The header field value
+ type: string
+ required:
+ - name
+ - value
+ type: object
+ type: array
+ path:
+ description: Path to access on the HTTP server.
+ type: string
+ port:
+ anyOf:
+ - type: integer
+ - type: string
+ description:
+ Name or number of the port to access
+ on the container. Number must be in the range
+ 1 to 65535. Name must be an IANA_SVC_NAME.
+ x-kubernetes-int-or-string: true
+ scheme:
+ description:
+ Scheme to use for connecting to the
+ host. Defaults to HTTP.
+ type: string
+ required:
+ - port
+ type: object
+ initialDelaySeconds:
+ description:
+ "Number of seconds after the container
+ has started before liveness probes are initiated.
+ More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes"
+ format: int32
+ type: integer
+ periodSeconds:
+ description:
+ How often (in seconds) to perform the probe.
+ Default to 10 seconds. Minimum value is 1.
+ format: int32
+ type: integer
+ successThreshold:
+ description:
+ Minimum consecutive successes for the probe
+ to be considered successful after having failed. Defaults
+ to 1. Must be 1 for liveness and startup. Minimum
+ value is 1.
+ format: int32
+ type: integer
+ tcpSocket:
+ description:
+ TCPSocket specifies an action involving
+ a TCP port.
+ properties:
+ host:
+ description:
+ "Optional: Host name to connect to,
+ defaults to the pod IP."
+ type: string
+ port:
+ anyOf:
+ - type: integer
+ - type: string
+ description:
+ Number or name of the port to access
+ on the container. Number must be in the range
+ 1 to 65535. Name must be an IANA_SVC_NAME.
+ x-kubernetes-int-or-string: true
+ required:
+ - port
+ type: object
+ terminationGracePeriodSeconds:
+ description:
+ Optional duration in seconds the pod needs
+ to terminate gracefully upon probe failure. The grace
+ period is the duration in seconds after the processes
+ running in the pod are sent a termination signal and
+ the time when the processes are forcibly halted with
+ a kill signal. Set this value longer than the expected
+ cleanup time for your process. If this value is nil,
+ the pod's terminationGracePeriodSeconds will be used.
+ Otherwise, this value overrides the value provided
+ by the pod spec. Value must be non-negative integer.
+ The value zero indicates stop immediately via the
+ kill signal (no opportunity to shut down). This is
+ a beta field and requires enabling ProbeTerminationGracePeriod
+ feature gate. Minimum value is 1. spec.terminationGracePeriodSeconds
+ is used if unset.
+ format: int64
+ type: integer
+ timeoutSeconds:
+ description:
+ "Number of seconds after which the probe
+ times out. Defaults to 1 second. Minimum value is
+ 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes"
+ format: int32
+ type: integer
+ type: object
+ name:
+ description:
+ Name of the container specified as a DNS_LABEL.
+ Each container in a pod must have a unique name (DNS_LABEL).
+ Cannot be updated.
+ type: string
+ ports:
+ description:
+ List of ports to expose from the container.
+ Not specifying a port here DOES NOT prevent that port
+ from being exposed. Any port which is listening on the
+ default "0.0.0.0" address inside a container will be accessible
+ from the network. Modifying this array with strategic
+ merge patch may corrupt the data. For more information
+ See https://github.com/kubernetes/kubernetes/issues/108255.
+ Cannot be updated.
+ items:
+ description:
+ ContainerPort represents a network port in
+ a single container.
+ properties:
+ containerPort:
+ description:
+ Number of port to expose on the pod's
+ IP address. This must be a valid port number, 0
+ < x < 65536.
+ format: int32
+ type: integer
+ hostIP:
+ description:
+ What host IP to bind the external port
+ to.
+ type: string
+ hostPort:
+ description:
+ Number of port to expose on the host.
+ If specified, this must be a valid port number,
+ 0 < x < 65536. If HostNetwork is specified, this
+ must match ContainerPort. Most containers do not
+ need this.
+ format: int32
+ type: integer
+ name:
+ description:
+ If specified, this must be an IANA_SVC_NAME
+ and unique within the pod. Each named port in a
+ pod must have a unique name. Name for the port that
+ can be referred to by services.
+ type: string
+ protocol:
+ default: TCP
+ description:
+ Protocol for port. Must be UDP, TCP,
+ or SCTP. Defaults to "TCP".
+ type: string
+ required:
+ - containerPort
+ type: object
+ type: array
+ x-kubernetes-list-map-keys:
+ - containerPort
+ - protocol
+ x-kubernetes-list-type: map
+ readinessProbe:
+ description:
+ "Periodic probe of container service readiness.
+ Container will be removed from service endpoints if the
+ probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes"
+ properties:
+ exec:
+ description: Exec specifies the action to take.
+ properties:
+ command:
+ description:
+ Command is the command line to execute
+ inside the container, the working directory for
+ the command is root ('/') in the container's
+ filesystem. The command is simply exec'd, it is
+ not run inside a shell, so traditional shell instructions
+ ('|', etc) won't work. To use a shell, you need
+ to explicitly call out to that shell. Exit status
+ of 0 is treated as live/healthy and non-zero is
+ unhealthy.
+ items:
+ type: string
+ type: array
+ type: object
+ failureThreshold:
+ description:
+ Minimum consecutive failures for the probe
+ to be considered failed after having succeeded. Defaults
+ to 3. Minimum value is 1.
+ format: int32
+ type: integer
+ grpc:
+ description:
+ GRPC specifies an action involving a GRPC
+ port. This is a beta field and requires enabling GRPCContainerProbe
+ feature gate.
+ properties:
+ port:
+ description:
+ Port number of the gRPC service. Number
+ must be in the range 1 to 65535.
+ format: int32
+ type: integer
+ service:
+ description:
+ "Service is the name of the service
+ to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md).
+ \n If this is not specified, the default behavior
+ is defined by gRPC."
+ type: string
+ required:
+ - port
+ type: object
+ httpGet:
+ description: HTTPGet specifies the http request to perform.
+ properties:
+ host:
+ description:
+ Host name to connect to, defaults to
+ the pod IP. You probably want to set "Host" in
+ httpHeaders instead.
+ type: string
+ httpHeaders:
+ description:
+ Custom headers to set in the request.
+ HTTP allows repeated headers.
+ items:
+ description:
+ HTTPHeader describes a custom header
+ to be used in HTTP probes
+ properties:
+ name:
+ description: The header field name
+ type: string
+ value:
+ description: The header field value
+ type: string
+ required:
+ - name
+ - value
+ type: object
+ type: array
+ path:
+ description: Path to access on the HTTP server.
+ type: string
+ port:
+ anyOf:
+ - type: integer
+ - type: string
+ description:
+ Name or number of the port to access
+ on the container. Number must be in the range
+ 1 to 65535. Name must be an IANA_SVC_NAME.
+ x-kubernetes-int-or-string: true
+ scheme:
+ description:
+ Scheme to use for connecting to the
+ host. Defaults to HTTP.
+ type: string
+ required:
+ - port
+ type: object
+ initialDelaySeconds:
+ description:
+ "Number of seconds after the container
+ has started before liveness probes are initiated.
+ More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes"
+ format: int32
+ type: integer
+ periodSeconds:
+ description:
+ How often (in seconds) to perform the probe.
+ Default to 10 seconds. Minimum value is 1.
+ format: int32
+ type: integer
+ successThreshold:
+ description:
+ Minimum consecutive successes for the probe
+ to be considered successful after having failed. Defaults
+ to 1. Must be 1 for liveness and startup. Minimum
+ value is 1.
+ format: int32
+ type: integer
+ tcpSocket:
+ description:
+ TCPSocket specifies an action involving
+ a TCP port.
+ properties:
+ host:
+ description:
+ "Optional: Host name to connect to,
+ defaults to the pod IP."
+ type: string
+ port:
+ anyOf:
+ - type: integer
+ - type: string
+ description:
+ Number or name of the port to access
+ on the container. Number must be in the range
+ 1 to 65535. Name must be an IANA_SVC_NAME.
+ x-kubernetes-int-or-string: true
+ required:
+ - port
+ type: object
+ terminationGracePeriodSeconds:
+ description:
+ Optional duration in seconds the pod needs
+ to terminate gracefully upon probe failure. The grace
+ period is the duration in seconds after the processes
+ running in the pod are sent a termination signal and
+ the time when the processes are forcibly halted with
+ a kill signal. Set this value longer than the expected
+ cleanup time for your process. If this value is nil,
+ the pod's terminationGracePeriodSeconds will be used.
+ Otherwise, this value overrides the value provided
+ by the pod spec. Value must be non-negative integer.
+ The value zero indicates stop immediately via the
+ kill signal (no opportunity to shut down). This is
+ a beta field and requires enabling ProbeTerminationGracePeriod
+ feature gate. Minimum value is 1. spec.terminationGracePeriodSeconds
+ is used if unset.
+ format: int64
+ type: integer
+ timeoutSeconds:
+ description:
+ "Number of seconds after which the probe
+ times out. Defaults to 1 second. Minimum value is
+ 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes"
+ format: int32
+ type: integer
+ type: object
+ resources:
+ description:
+ "Compute Resources required by this container.
+ Cannot be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/"
+ properties:
+ claims:
+ description:
+ "Claims lists the names of resources, defined
+ in spec.resourceClaims, that are used by this container.
+ \n This is an alpha field and requires enabling the
+ DynamicResourceAllocation feature gate. \n This field
+ is immutable."
+ items:
+ description:
+ ResourceClaim references one entry in
+ PodSpec.ResourceClaims.
+ properties:
+ name:
+ description:
+ Name must match the name of one entry
+ in pod.spec.resourceClaims of the Pod where
+ this field is used. It makes that resource available
+ inside a container.
+ type: string
+ required:
+ - name
+ type: object
+ type: array
+ x-kubernetes-list-map-keys:
+ - name
+ x-kubernetes-list-type: map
+ limits:
+ additionalProperties:
+ anyOf:
+ - type: integer
+ - type: string
+ pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+ x-kubernetes-int-or-string: true
+ description:
+ "Limits describes the maximum amount of
+ compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/"
+ type: object
+ requests:
+ additionalProperties:
+ anyOf:
+ - type: integer
+ - type: string
+ pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+ x-kubernetes-int-or-string: true
+ description:
+ "Requests describes the minimum amount
+ of compute resources required. If Requests is omitted
+ for a container, it defaults to Limits if that is
+ explicitly specified, otherwise to an implementation-defined
+ value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/"
+ type: object
+ type: object
+ securityContext:
+ description:
+ "SecurityContext defines the security options
+ the container should be run with. If set, the fields of
+ SecurityContext override the equivalent fields of PodSecurityContext.
+ More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/"
+ properties:
+ allowPrivilegeEscalation:
+ description:
+ "AllowPrivilegeEscalation controls whether
+ a process can gain more privileges than its parent
+ process. This bool directly controls if the no_new_privs
+ flag will be set on the container process. AllowPrivilegeEscalation
+ is true always when the container is: 1) run as Privileged
+ 2) has CAP_SYS_ADMIN Note that this field cannot be
+ set when spec.os.name is windows."
+ type: boolean
+ capabilities:
+ description:
+ The capabilities to add/drop when running
+ containers. Defaults to the default set of capabilities
+ granted by the container runtime. Note that this field
+ cannot be set when spec.os.name is windows.
+ properties:
+ add:
+ description: Added capabilities
+ items:
+ description:
+ Capability represent POSIX capabilities
+ type
+ type: string
+ type: array
+ drop:
+ description: Removed capabilities
+ items:
+ description:
+ Capability represent POSIX capabilities
+ type
+ type: string
+ type: array
+ type: object
+ privileged:
+ description:
+ Run container in privileged mode. Processes
+ in privileged containers are essentially equivalent
+ to root on the host. Defaults to false. Note that
+ this field cannot be set when spec.os.name is windows.
+ type: boolean
+ procMount:
+ description:
+ procMount denotes the type of proc mount
+ to use for the containers. The default is DefaultProcMount
+ which uses the container runtime defaults for readonly
+ paths and masked paths. This requires the ProcMountType
+ feature flag to be enabled. Note that this field cannot
+ be set when spec.os.name is windows.
+ type: string
+ readOnlyRootFilesystem:
+ description:
+ Whether this container has a read-only
+ root filesystem. Default is false. Note that this
+ field cannot be set when spec.os.name is windows.
+ type: boolean
+ runAsGroup:
+ description:
+ The GID to run the entrypoint of the container
+ process. Uses runtime default if unset. May also be
+ set in PodSecurityContext. If set in both SecurityContext
+ and PodSecurityContext, the value specified in SecurityContext
+ takes precedence. Note that this field cannot be set
+ when spec.os.name is windows.
+ format: int64
+ type: integer
+ runAsNonRoot:
+ description:
+ Indicates that the container must run as
+ a non-root user. If true, the Kubelet will validate
+ the image at runtime to ensure that it does not run
+ as UID 0 (root) and fail to start the container if
+ it does. If unset or false, no such validation will
+ be performed. May also be set in PodSecurityContext. If
+ set in both SecurityContext and PodSecurityContext,
+ the value specified in SecurityContext takes precedence.
+ type: boolean
+ runAsUser:
+ description:
+ The UID to run the entrypoint of the container
+ process. Defaults to user specified in image metadata
+ if unspecified. May also be set in PodSecurityContext. If
+ set in both SecurityContext and PodSecurityContext,
+ the value specified in SecurityContext takes precedence.
+ Note that this field cannot be set when spec.os.name
+ is windows.
+ format: int64
+ type: integer
+ seLinuxOptions:
+ description:
+ The SELinux context to be applied to the
+ container. If unspecified, the container runtime will
+ allocate a random SELinux context for each container. May
+ also be set in PodSecurityContext. If set in both
+ SecurityContext and PodSecurityContext, the value
+ specified in SecurityContext takes precedence. Note
+ that this field cannot be set when spec.os.name is
+ windows.
+ properties:
+ level:
+ description:
+ Level is SELinux level label that applies
+ to the container.
+ type: string
+ role:
+ description:
+ Role is a SELinux role label that applies
+ to the container.
+ type: string
+ type:
+ description:
+ Type is a SELinux type label that applies
+ to the container.
+ type: string
+ user:
+ description:
+ User is a SELinux user label that applies
+ to the container.
+ type: string
+ type: object
+ seccompProfile:
+ description:
+ The seccomp options to use by this container.
+ If seccomp options are provided at both the pod &
+ container level, the container options override the
+ pod options. Note that this field cannot be set when
+ spec.os.name is windows.
+ properties:
+ localhostProfile:
+ description:
+ localhostProfile indicates a profile
+ defined in a file on the node should be used.
+ The profile must be preconfigured on the node
+ to work. Must be a descending path, relative to
+ the kubelet's configured seccomp profile location.
+ Must only be set if type is "Localhost".
+ type: string
+ type:
+ description:
+ "type indicates which kind of seccomp
+ profile will be applied. Valid options are: \n
+ Localhost - a profile defined in a file on the
+ node should be used. RuntimeDefault - the container
+ runtime default profile should be used. Unconfined
+ - no profile should be applied."
+ type: string
+ required:
+ - type
+ type: object
+ windowsOptions:
+ description:
+ The Windows specific settings applied to
+ all containers. If unspecified, the options from the
+ PodSecurityContext will be used. If set in both SecurityContext
+ and PodSecurityContext, the value specified in SecurityContext
+ takes precedence. Note that this field cannot be set
+ when spec.os.name is linux.
+ properties:
+ gmsaCredentialSpec:
+ description:
+ GMSACredentialSpec is where the GMSA
+ admission webhook (https://github.com/kubernetes-sigs/windows-gmsa)
+ inlines the contents of the GMSA credential spec
+ named by the GMSACredentialSpecName field.
+ type: string
+ gmsaCredentialSpecName:
+ description:
+ GMSACredentialSpecName is the name
+ of the GMSA credential spec to use.
+ type: string
+ hostProcess:
+ description:
+ HostProcess determines if a container
+ should be run as a 'Host Process' container. This
+ field is alpha-level and will only be honored
+ by components that enable the WindowsHostProcessContainers
+ feature flag. Setting this field without the feature
+ flag will result in errors when validating the
+ Pod. All of a Pod's containers must have the same
+ effective HostProcess value (it is not allowed
+ to have a mix of HostProcess containers and non-HostProcess
+ containers). In addition, if HostProcess is true
+ then HostNetwork must also be set to true.
+ type: boolean
+ runAsUserName:
+ description:
+ The UserName in Windows to run the
+ entrypoint of the container process. Defaults
+ to the user specified in image metadata if unspecified.
+ May also be set in PodSecurityContext. If set
+ in both SecurityContext and PodSecurityContext,
+ the value specified in SecurityContext takes precedence.
+ type: string
+ type: object
+ type: object
+ startupProbe:
+ description:
+ "StartupProbe indicates that the Pod has successfully
+ initialized. If specified, no other probes are executed
+ until this completes successfully. If this probe fails,
+ the Pod will be restarted, just as if the livenessProbe
+ failed. This can be used to provide different probe parameters
+ at the beginning of a Pod's lifecycle, when it might
+ take a long time to load data or warm a cache, than during
+ steady-state operation. This cannot be updated. More info:
+ https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes"
+ properties:
+ exec:
+ description: Exec specifies the action to take.
+ properties:
+ command:
+ description:
+ Command is the command line to execute
+ inside the container, the working directory for
+ the command is root ('/') in the container's
+ filesystem. The command is simply exec'd, it is
+ not run inside a shell, so traditional shell instructions
+ ('|', etc) won't work. To use a shell, you need
+ to explicitly call out to that shell. Exit status
+ of 0 is treated as live/healthy and non-zero is
+ unhealthy.
+ items:
+ type: string
+ type: array
+ type: object
+ failureThreshold:
+ description:
+ Minimum consecutive failures for the probe
+ to be considered failed after having succeeded. Defaults
+ to 3. Minimum value is 1.
+ format: int32
+ type: integer
+ grpc:
+ description:
+ GRPC specifies an action involving a GRPC
+ port. This is a beta field and requires enabling GRPCContainerProbe
+ feature gate.
+ properties:
+ port:
+ description:
+ Port number of the gRPC service. Number
+ must be in the range 1 to 65535.
+ format: int32
+ type: integer
+ service:
+ description:
+ "Service is the name of the service
+ to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md).
+ \n If this is not specified, the default behavior
+ is defined by gRPC."
+ type: string
+ required:
+ - port
+ type: object
+ httpGet:
+ description: HTTPGet specifies the http request to perform.
+ properties:
+ host:
+ description:
+ Host name to connect to, defaults to
+ the pod IP. You probably want to set "Host" in
+ httpHeaders instead.
+ type: string
+ httpHeaders:
+ description:
+ Custom headers to set in the request.
+ HTTP allows repeated headers.
+ items:
+ description:
+ HTTPHeader describes a custom header
+ to be used in HTTP probes
+ properties:
+ name:
+ description: The header field name
+ type: string
+ value:
+ description: The header field value
+ type: string
+ required:
+ - name
+ - value
+ type: object
+ type: array
+ path:
+ description: Path to access on the HTTP server.
+ type: string
+ port:
+ anyOf:
+ - type: integer
+ - type: string
+ description:
+ Name or number of the port to access
+ on the container. Number must be in the range
+ 1 to 65535. Name must be an IANA_SVC_NAME.
+ x-kubernetes-int-or-string: true
+ scheme:
+ description:
+ Scheme to use for connecting to the
+ host. Defaults to HTTP.
+ type: string
+ required:
+ - port
+ type: object
+ initialDelaySeconds:
+ description:
+ "Number of seconds after the container
+ has started before liveness probes are initiated.
+ More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes"
+ format: int32
+ type: integer
+ periodSeconds:
+ description:
+ How often (in seconds) to perform the probe.
+ Default to 10 seconds. Minimum value is 1.
+ format: int32
+ type: integer
+ successThreshold:
+ description:
+ Minimum consecutive successes for the probe
+ to be considered successful after having failed. Defaults
+ to 1. Must be 1 for liveness and startup. Minimum
+ value is 1.
+ format: int32
+ type: integer
+ tcpSocket:
+ description:
+ TCPSocket specifies an action involving
+ a TCP port.
+ properties:
+ host:
+ description:
+ "Optional: Host name to connect to,
+ defaults to the pod IP."
+ type: string
+ port:
+ anyOf:
+ - type: integer
+ - type: string
+ description:
+ Number or name of the port to access
+ on the container. Number must be in the range
+ 1 to 65535. Name must be an IANA_SVC_NAME.
+ x-kubernetes-int-or-string: true
+ required:
+ - port
+ type: object
+ terminationGracePeriodSeconds:
+ description:
+ Optional duration in seconds the pod needs
+ to terminate gracefully upon probe failure. The grace
+ period is the duration in seconds after the processes
+ running in the pod are sent a termination signal and
+ the time when the processes are forcibly halted with
+ a kill signal. Set this value longer than the expected
+ cleanup time for your process. If this value is nil,
+ the pod's terminationGracePeriodSeconds will be used.
+ Otherwise, this value overrides the value provided
+ by the pod spec. Value must be non-negative integer.
+ The value zero indicates stop immediately via the
+ kill signal (no opportunity to shut down). This is
+ a beta field and requires enabling ProbeTerminationGracePeriod
+ feature gate. Minimum value is 1. spec.terminationGracePeriodSeconds
+ is used if unset.
+ format: int64
+ type: integer
+ timeoutSeconds:
+ description:
+ "Number of seconds after which the probe
+ times out. Defaults to 1 second. Minimum value is
+ 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes"
+ format: int32
+ type: integer
+ type: object
+ stdin:
+ description:
+ Whether this container should allocate a buffer
+ for stdin in the container runtime. If this is not set,
+ reads from stdin in the container will always result in
+ EOF. Default is false.
+ type: boolean
+ stdinOnce:
+ description:
+ Whether the container runtime should close
+ the stdin channel after it has been opened by a single
+ attach. When stdin is true the stdin stream will remain
+ open across multiple attach sessions. If stdinOnce is
+ set to true, stdin is opened on container start, is empty
+ until the first client attaches to stdin, and then remains
+ open and accepts data until the client disconnects, at
+ which time stdin is closed and remains closed until the
+ container is restarted. If this flag is false, a container
+ processes that reads from stdin will never receive an
+ EOF. Default is false
+ type: boolean
+ terminationMessagePath:
+ description:
+ "Optional: Path at which the file to which
+ the container's termination message will be written is
+ mounted into the container's filesystem. Message written
+ is intended to be brief final status, such as an assertion
+ failure message. Will be truncated by the node if greater
+ than 4096 bytes. The total message length across all containers
+ will be limited to 12kb. Defaults to /dev/termination-log.
+ Cannot be updated."
+ type: string
+ terminationMessagePolicy:
+ description:
+ Indicate how the termination message should
+ be populated. File will use the contents of terminationMessagePath
+ to populate the container status message on both success
+ and failure. FallbackToLogsOnError will use the last chunk
+ of container log output if the termination message file
+ is empty and the container exited with an error. The log
+ output is limited to 2048 bytes or 80 lines, whichever
+ is smaller. Defaults to File. Cannot be updated.
+ type: string
+ tty:
+ description:
+ Whether this container should allocate a TTY
+ for itself, also requires 'stdin' to be true. Default
+ is false.
+ type: boolean
+ volumeDevices:
+ description:
+ volumeDevices is the list of block devices
+ to be used by the container.
+ items:
+ description:
+ volumeDevice describes a mapping of a raw
+ block device within a container.
+ properties:
+ devicePath:
+ description:
+ devicePath is the path inside of the
+ container that the device will be mapped to.
+ type: string
+ name:
+ description:
+ name must match the name of a persistentVolumeClaim
+ in the pod
+ type: string
+ required:
+ - devicePath
+ - name
+ type: object
+ type: array
+ volumeMounts:
+ description:
+ Pod volumes to mount into the container's filesystem.
+ Cannot be updated.
+ items:
+ description:
+ VolumeMount describes a mounting of a Volume
+ within a container.
+ properties:
+ mountPath:
+ description:
+ Path within the container at which the
+ volume should be mounted. Must not contain ':'.
+ type: string
+ mountPropagation:
+ description:
+ mountPropagation determines how mounts
+ are propagated from the host to container and the
+ other way around. When not set, MountPropagationNone
+ is used. This field is beta in 1.10.
+ type: string
+ name:
+ description: This must match the Name of a Volume.
+ type: string
+ readOnly:
+ description:
+ Mounted read-only if true, read-write
+ otherwise (false or unspecified). Defaults to false.
+ type: boolean
+ subPath:
+ description:
+ Path within the volume from which the
+ container's volume should be mounted. Defaults to
+ "" (volume's root).
+ type: string
+ subPathExpr:
+ description:
+ Expanded path within the volume from
+ which the container's volume should be mounted.
+ Behaves similarly to SubPath but environment variable
+ references $(VAR_NAME) are expanded using the container's
+ environment. Defaults to "" (volume's root). SubPathExpr
+ and SubPath are mutually exclusive.
+ type: string
+ required:
+ - mountPath
+ - name
+ type: object
+ type: array
+ workingDir:
+ description:
+ Container's working directory. If not specified,
+ the container runtime's default will be used, which might
+ be configured in the container image. Cannot be updated.
+ type: string
+ required:
+ - name
+ type: object
+ type: array
+ endpoint:
+ description: endpoint
+ type: string
+ idleTimeout:
+ description: terminate apparatus after idle for timeout in milliseconds
+ type: integer
+ required:
+ - containers
+ type: object
+ config:
+ additionalProperties:
+ type: string
+ description: config
+ type: object
+ configConfigMapName:
+ description: config configmap name
+ type: string
+ configSecretName:
+ description: config secret name
+ type: string
+ configTemplate:
+ additionalProperties:
+ type: string
+ description: config template
+ type: object
+ data:
+ additionalProperties:
+ type: string
+ description: data
+ type: object
+ dataConfigMapName:
+ description: data configmap name
+ type: string
+ dataSecretName:
+ description: data secret name
+ type: string
+ epoch:
+ description: change epoch to force an update
+ type: string
+ resources:
+ description: resources
+ items:
+ properties:
+ do:
+ type: string
+ retainWhenDecoupled:
+ type: boolean
+ stringTemplate:
+ type: string
+ stringTemplates:
+ items:
+ type: string
+ type: array
+ template:
+ x-kubernetes-preserve-unknown-fields: true
+ templates:
+ items:
+ x-kubernetes-preserve-unknown-fields: true
+ type: array
+ when:
+ items:
+ type: string
+ type: array
+ type: object
+ type: array
+ result:
+ additionalProperties:
+ type: string
+ description: result
+ type: object
+ resultConfigMapName:
+ description: result configmap name
+ type: string
+ resultResources:
+ description: result resources
+ items:
+ properties:
+ do:
+ type: string
+ stringTemplate:
+ type: string
+ stringTemplates:
+ items:
+ type: string
+ type: array
+ template:
+ x-kubernetes-preserve-unknown-fields: true
+ templates:
+ items:
+ x-kubernetes-preserve-unknown-fields: true
+ type: array
+ type: object
+ type: array
+ resultSecretName:
+ description: result secret name
+ type: string
+ resultTemplate:
+ additionalProperties:
+ type: string
+ description: result template
+ type: object
+ resultVars:
+ description: result vars
+ items:
+ description:
+ Var represents a variable whose value will be sourced
+ from a field in a Kubernetes object.
+ properties:
+ fieldref:
+ description:
+ "FieldRef refers to the field of the object referred
+ to by ObjRef whose value will be extracted for use in replacing
+ $(FOO). If unspecified, this defaults to fieldPath: $defaultFieldPath"
+ properties:
+ fieldPath:
+ type: string
+ type: object
+ name:
+ description:
+ Value of identifier name e.g. FOO used in container
+ args, annotations Appears in pod template as $(FOO)
+ type: string
+ objref:
+ description:
+ ObjRef must refer to a Kubernetes resource under
+ the purview of this kustomization. ObjRef should use the raw
+ name of the object (the name specified in its YAML, before
+ addition of a namePrefix and a nameSuffix).
+ properties:
+ apiVersion:
+ type: string
+ group:
+ type: string
+ kind:
+ type: string
+ name:
+ type: string
+ namespace:
+ type: string
+ version:
+ type: string
+ required:
+ - name
+ type: object
+ required:
+ - name
+ - objref
+ type: object
+ type: array
+ serviceAccountName:
+ description:
+ "ServiceAccountName is the name of the ServiceAccount
+ to use to run integrations. More info: https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/"
+ type: string
+ socket:
+ description: socket
+ properties:
+ name:
+ description: name
+ type: string
+ namespace:
+ description: namespace
+ type: string
+ required:
+ - name
+ type: object
+ vars:
+ description: vars
+ items:
+ description:
+ Var represents a variable whose value will be sourced
+ from a field in a Kubernetes object.
+ properties:
+ fieldref:
+ description:
+ "FieldRef refers to the field of the object referred
+ to by ObjRef whose value will be extracted for use in replacing
+ $(FOO). If unspecified, this defaults to fieldPath: $defaultFieldPath"
+ properties:
+ fieldPath:
+ type: string
+ type: object
+ name:
+ description:
+ Value of identifier name e.g. FOO used in container
+ args, annotations Appears in pod template as $(FOO)
+ type: string
+ objref:
+ description:
+ ObjRef must refer to a Kubernetes resource under
+ the purview of this kustomization. ObjRef should use the raw
+ name of the object (the name specified in its YAML, before
+ addition of a namePrefix and a nameSuffix).
+ properties:
+ apiVersion:
+ type: string
+ group:
+ type: string
+ kind:
+ type: string
+ name:
+ type: string
+ namespace:
+ type: string
+ version:
+ type: string
+ required:
+ - name
+ type: object
+ required:
+ - name
+ - objref
+ type: object
+ type: array
+ type: object
+ status:
+ description: PlugStatus defines the observed state of Plug
+ properties:
+ conditions:
+ description:
+ Conditions represent the latest available observations
+ of an object's state
+ items:
+ description:
+ "Condition contains details for one aspect of the current
+ state of this API Resource. --- This struct is intended for direct
+ use as an array at the field path .status.conditions. For example,
+ \n type FooStatus struct{ // Represents the observations of a
+ foo's current state. // Known .status.conditions.type are: \"Available\",
+ \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge
+ // +listType=map // +listMapKey=type Conditions []metav1.Condition
+ `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\"
+ protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }"
+ properties:
+ lastTransitionTime:
+ description:
+ lastTransitionTime is the last time the condition
+ transitioned from one status to another. This should be when
+ the underlying condition changed. If that is not known, then
+ using the time when the API field changed is acceptable.
+ format: date-time
+ type: string
+ message:
+ description:
+ message is a human readable message indicating
+ details about the transition. This may be an empty string.
+ maxLength: 32768
+ type: string
+ observedGeneration:
+ description:
+ observedGeneration represents the .metadata.generation
+ that the condition was set based upon. For instance, if .metadata.generation
+ is currently 12, but the .status.conditions[x].observedGeneration
+ is 9, the condition is out of date with respect to the current
+ state of the instance.
+ format: int64
+ minimum: 0
+ type: integer
+ reason:
+ description:
+ reason contains a programmatic identifier indicating
+ the reason for the condition's last transition. Producers
+ of specific condition types may define expected values and
+ meanings for this field, and whether the values are considered
+ a guaranteed API. The value should be a CamelCase string.
+ This field may not be empty.
+ maxLength: 1024
+ minLength: 1
+ pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$
+ type: string
+ status:
+ description: status of the condition, one of True, False, Unknown.
+ enum:
+ - "True"
+ - "False"
+ - Unknown
+ type: string
+ type:
+ description:
+ type of condition in CamelCase or in foo.example.com/CamelCase.
+ --- Many .condition.type values are consistent across resources
+ like Available, but because arbitrary conditions can be useful
+ (see .node.status.conditions), the ability to deconflict is
+ important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt)
+ maxLength: 316
+ pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$
+ type: string
+ required:
+ - lastTransitionTime
+ - message
+ - reason
+ - status
+ - type
+ type: object
+ type: array
+ coupledResult:
+ description: coupled result
+ properties:
+ observedGeneration:
+ description: observed generation
+ format: int64
+ type: integer
+ plug:
+ additionalProperties:
+ type: string
+ description: plug result
+ type: object
+ socket:
+ additionalProperties:
+ type: string
+ description: socket result
+ type: object
+ type: object
+ coupledSocket:
+ description: socket coupled to plug
+ properties:
+ apiVersion:
+ description: API version of the socket
+ type: string
+ kind:
+ description: Kind of the socket
+ type: string
+ name:
+ description: Name of the socket
+ type: string
+ namespace:
+ description: Namespace of the socket
+ type: string
+ uid:
+ description: UID of the socket
+ type: string
+ type: object
+ type: object
+ type: object
+ served: true
+ storage: true
+ subresources:
+ status: {}
diff --git a/operators/integration-operator/1.0.0/manifests/integration.rock8s.com_sockets.yaml b/operators/integration-operator/1.0.0/manifests/integration.rock8s.com_sockets.yaml
new file mode 100644
index 00000000000..bb9f4a52d72
--- /dev/null
+++ b/operators/integration-operator/1.0.0/manifests/integration.rock8s.com_sockets.yaml
@@ -0,0 +1,1877 @@
+---
+apiVersion: apiextensions.k8s.io/v1
+kind: CustomResourceDefinition
+metadata:
+ annotations:
+ controller-gen.kubebuilder.io/version: v0.11.1
+ creationTimestamp: null
+ name: sockets.integration.rock8s.com
+spec:
+ group: integration.rock8s.com
+ names:
+ kind: Socket
+ listKind: SocketList
+ plural: sockets
+ singular: socket
+ scope: Namespaced
+ versions:
+ - name: v1beta1
+ schema:
+ openAPIV3Schema:
+ description: Socket is the Schema for the sockets API
+ properties:
+ apiVersion:
+ description:
+ "APIVersion defines the versioned schema of this representation
+ of an object. Servers should convert recognized schemas to the latest
+ internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources"
+ type: string
+ kind:
+ description:
+ "Kind is a string value representing the REST resource this
+ object represents. Servers may infer this from the endpoint the client
+ submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds"
+ type: string
+ metadata:
+ type: object
+ spec:
+ description: SocketSpec defines the desired state of Socket
+ properties:
+ apparatus:
+ description: apparatus
+ properties:
+ containers:
+ description:
+ List of containers belonging to the apparatus. Containers
+ cannot currently be added or removed. There must be at least
+ one container in an apparatus. Cannot be updated.
+ items:
+ description:
+ A single application container that you want to
+ run within a pod.
+ properties:
+ args:
+ description:
+ 'Arguments to the entrypoint. The container
+ image''s CMD is used if this is not provided. Variable
+ references $(VAR_NAME) are expanded using the container''s
+ environment. If a variable cannot be resolved, the reference
+ in the input string will be unchanged. Double $$ are reduced
+ to a single $, which allows for escaping the $(VAR_NAME)
+ syntax: i.e. "$$(VAR_NAME)" will produce the string literal
+ "$(VAR_NAME)". Escaped references will never be expanded,
+ regardless of whether the variable exists or not. Cannot
+ be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell'
+ items:
+ type: string
+ type: array
+ command:
+ description:
+ 'Entrypoint array. Not executed within a shell.
+ The container image''s ENTRYPOINT is used if this is not
+ provided. Variable references $(VAR_NAME) are expanded
+ using the container''s environment. If a variable cannot
+ be resolved, the reference in the input string will be
+ unchanged. Double $$ are reduced to a single $, which
+ allows for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)"
+ will produce the string literal "$(VAR_NAME)". Escaped
+ references will never be expanded, regardless of whether
+ the variable exists or not. Cannot be updated. More info:
+ https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell'
+ items:
+ type: string
+ type: array
+ env:
+ description:
+ List of environment variables to set in the
+ container. Cannot be updated.
+ items:
+ description:
+ EnvVar represents an environment variable
+ present in a Container.
+ properties:
+ name:
+ description:
+ Name of the environment variable. Must
+ be a C_IDENTIFIER.
+ type: string
+ value:
+ description:
+ 'Variable references $(VAR_NAME) are
+ expanded using the previously defined environment
+ variables in the container and any service environment
+ variables. If a variable cannot be resolved, the
+ reference in the input string will be unchanged.
+ Double $$ are reduced to a single $, which allows
+ for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)"
+ will produce the string literal "$(VAR_NAME)". Escaped
+ references will never be expanded, regardless of
+ whether the variable exists or not. Defaults to
+ "".'
+ type: string
+ valueFrom:
+ description:
+ Source for the environment variable's
+ value. Cannot be used if value is not empty.
+ properties:
+ configMapKeyRef:
+ description: Selects a key of a ConfigMap.
+ properties:
+ key:
+ description: The key to select.
+ type: string
+ name:
+ description:
+ "Name of the referent. More info:
+ https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+ TODO: Add other useful fields. apiVersion,
+ kind, uid?"
+ type: string
+ optional:
+ description:
+ Specify whether the ConfigMap
+ or its key must be defined
+ type: boolean
+ required:
+ - key
+ type: object
+ x-kubernetes-map-type: atomic
+ fieldRef:
+ description:
+ "Selects a field of the pod: supports
+ metadata.name, metadata.namespace, `metadata.labels['']`,
+ `metadata.annotations['']`, spec.nodeName,
+ spec.serviceAccountName, status.hostIP, status.podIP,
+ status.podIPs."
+ properties:
+ apiVersion:
+ description:
+ Version of the schema the FieldPath
+ is written in terms of, defaults to "v1".
+ type: string
+ fieldPath:
+ description:
+ Path of the field to select in
+ the specified API version.
+ type: string
+ required:
+ - fieldPath
+ type: object
+ x-kubernetes-map-type: atomic
+ resourceFieldRef:
+ description:
+ "Selects a resource of the container:
+ only resources limits and requests (limits.cpu,
+ limits.memory, limits.ephemeral-storage, requests.cpu,
+ requests.memory and requests.ephemeral-storage)
+ are currently supported."
+ properties:
+ containerName:
+ description:
+ "Container name: required for
+ volumes, optional for env vars"
+ type: string
+ divisor:
+ anyOf:
+ - type: integer
+ - type: string
+ description:
+ Specifies the output format of
+ the exposed resources, defaults to "1"
+ pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+ x-kubernetes-int-or-string: true
+ resource:
+ description: "Required: resource to select"
+ type: string
+ required:
+ - resource
+ type: object
+ x-kubernetes-map-type: atomic
+ secretKeyRef:
+ description:
+ Selects a key of a secret in the
+ pod's namespace
+ properties:
+ key:
+ description:
+ The key of the secret to select
+ from. Must be a valid secret key.
+ type: string
+ name:
+ description:
+ "Name of the referent. More info:
+ https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+ TODO: Add other useful fields. apiVersion,
+ kind, uid?"
+ type: string
+ optional:
+ description:
+ Specify whether the Secret or
+ its key must be defined
+ type: boolean
+ required:
+ - key
+ type: object
+ x-kubernetes-map-type: atomic
+ type: object
+ required:
+ - name
+ type: object
+ type: array
+ envFrom:
+ description:
+ List of sources to populate environment variables
+ in the container. The keys defined within a source must
+ be a C_IDENTIFIER. All invalid keys will be reported as
+ an event when the container is starting. When a key exists
+ in multiple sources, the value associated with the last
+ source will take precedence. Values defined by an Env
+ with a duplicate key will take precedence. Cannot be updated.
+ items:
+ description:
+ EnvFromSource represents the source of a
+ set of ConfigMaps
+ properties:
+ configMapRef:
+ description: The ConfigMap to select from
+ properties:
+ name:
+ description:
+ "Name of the referent. More info:
+ https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+ TODO: Add other useful fields. apiVersion, kind,
+ uid?"
+ type: string
+ optional:
+ description:
+ Specify whether the ConfigMap must
+ be defined
+ type: boolean
+ type: object
+ x-kubernetes-map-type: atomic
+ prefix:
+ description:
+ An optional identifier to prepend to
+ each key in the ConfigMap. Must be a C_IDENTIFIER.
+ type: string
+ secretRef:
+ description: The Secret to select from
+ properties:
+ name:
+ description:
+ "Name of the referent. More info:
+ https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+ TODO: Add other useful fields. apiVersion, kind,
+ uid?"
+ type: string
+ optional:
+ description:
+ Specify whether the Secret must be
+ defined
+ type: boolean
+ type: object
+ x-kubernetes-map-type: atomic
+ type: object
+ type: array
+ image:
+ description:
+ "Container image name. More info: https://kubernetes.io/docs/concepts/containers/images
+ This field is optional to allow higher level config management
+ to default or override container images in workload controllers
+ like Deployments and StatefulSets."
+ type: string
+ imagePullPolicy:
+ description:
+ "Image pull policy. One of Always, Never, IfNotPresent.
+ Defaults to Always if :latest tag is specified, or IfNotPresent
+ otherwise. Cannot be updated. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images"
+ type: string
+ lifecycle:
+ description:
+ Actions that the management system should take
+ in response to container lifecycle events. Cannot be updated.
+ properties:
+ postStart:
+ description:
+ "PostStart is called immediately after
+ a container is created. If the handler fails, the
+ container is terminated and restarted according to
+ its restart policy. Other management of the container
+ blocks until the hook completes. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks"
+ properties:
+ exec:
+ description: Exec specifies the action to take.
+ properties:
+ command:
+ description:
+ Command is the command line to
+ execute inside the container, the working
+ directory for the command is root ('/') in
+ the container's filesystem. The command is
+ simply exec'd, it is not run inside a shell,
+ so traditional shell instructions ('|', etc)
+ won't work. To use a shell, you need to explicitly
+ call out to that shell. Exit status of 0 is
+ treated as live/healthy and non-zero is unhealthy.
+ items:
+ type: string
+ type: array
+ type: object
+ httpGet:
+ description:
+ HTTPGet specifies the http request
+ to perform.
+ properties:
+ host:
+ description:
+ Host name to connect to, defaults
+ to the pod IP. You probably want to set "Host"
+ in httpHeaders instead.
+ type: string
+ httpHeaders:
+ description:
+ Custom headers to set in the request.
+ HTTP allows repeated headers.
+ items:
+ description:
+ HTTPHeader describes a custom
+ header to be used in HTTP probes
+ properties:
+ name:
+ description: The header field name
+ type: string
+ value:
+ description: The header field value
+ type: string
+ required:
+ - name
+ - value
+ type: object
+ type: array
+ path:
+ description: Path to access on the HTTP server.
+ type: string
+ port:
+ anyOf:
+ - type: integer
+ - type: string
+ description:
+ Name or number of the port to access
+ on the container. Number must be in the range
+ 1 to 65535. Name must be an IANA_SVC_NAME.
+ x-kubernetes-int-or-string: true
+ scheme:
+ description:
+ Scheme to use for connecting to
+ the host. Defaults to HTTP.
+ type: string
+ required:
+ - port
+ type: object
+ tcpSocket:
+ description:
+ Deprecated. TCPSocket is NOT supported
+ as a LifecycleHandler and kept for the backward
+ compatibility. There are no validation of this
+ field and lifecycle hooks will fail in runtime
+ when tcp handler is specified.
+ properties:
+ host:
+ description:
+ "Optional: Host name to connect
+ to, defaults to the pod IP."
+ type: string
+ port:
+ anyOf:
+ - type: integer
+ - type: string
+ description:
+ Number or name of the port to access
+ on the container. Number must be in the range
+ 1 to 65535. Name must be an IANA_SVC_NAME.
+ x-kubernetes-int-or-string: true
+ required:
+ - port
+ type: object
+ type: object
+ preStop:
+ description:
+ "PreStop is called immediately before a
+ container is terminated due to an API request or management
+ event such as liveness/startup probe failure, preemption,
+ resource contention, etc. The handler is not called
+ if the container crashes or exits. The Pod's termination
+ grace period countdown begins before the PreStop hook
+ is executed. Regardless of the outcome of the handler,
+ the container will eventually terminate within the
+ Pod's termination grace period (unless delayed by
+ finalizers). Other management of the container blocks
+ until the hook completes or until the termination
+ grace period is reached. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks"
+ properties:
+ exec:
+ description: Exec specifies the action to take.
+ properties:
+ command:
+ description:
+ Command is the command line to
+ execute inside the container, the working
+ directory for the command is root ('/') in
+ the container's filesystem. The command is
+ simply exec'd, it is not run inside a shell,
+ so traditional shell instructions ('|', etc)
+ won't work. To use a shell, you need to explicitly
+ call out to that shell. Exit status of 0 is
+ treated as live/healthy and non-zero is unhealthy.
+ items:
+ type: string
+ type: array
+ type: object
+ httpGet:
+ description:
+ HTTPGet specifies the http request
+ to perform.
+ properties:
+ host:
+ description:
+ Host name to connect to, defaults
+ to the pod IP. You probably want to set "Host"
+ in httpHeaders instead.
+ type: string
+ httpHeaders:
+ description:
+ Custom headers to set in the request.
+ HTTP allows repeated headers.
+ items:
+ description:
+ HTTPHeader describes a custom
+ header to be used in HTTP probes
+ properties:
+ name:
+ description: The header field name
+ type: string
+ value:
+ description: The header field value
+ type: string
+ required:
+ - name
+ - value
+ type: object
+ type: array
+ path:
+ description: Path to access on the HTTP server.
+ type: string
+ port:
+ anyOf:
+ - type: integer
+ - type: string
+ description:
+ Name or number of the port to access
+ on the container. Number must be in the range
+ 1 to 65535. Name must be an IANA_SVC_NAME.
+ x-kubernetes-int-or-string: true
+ scheme:
+ description:
+ Scheme to use for connecting to
+ the host. Defaults to HTTP.
+ type: string
+ required:
+ - port
+ type: object
+ tcpSocket:
+ description:
+ Deprecated. TCPSocket is NOT supported
+ as a LifecycleHandler and kept for the backward
+ compatibility. There are no validation of this
+ field and lifecycle hooks will fail in runtime
+ when tcp handler is specified.
+ properties:
+ host:
+ description:
+ "Optional: Host name to connect
+ to, defaults to the pod IP."
+ type: string
+ port:
+ anyOf:
+ - type: integer
+ - type: string
+ description:
+ Number or name of the port to access
+ on the container. Number must be in the range
+ 1 to 65535. Name must be an IANA_SVC_NAME.
+ x-kubernetes-int-or-string: true
+ required:
+ - port
+ type: object
+ type: object
+ type: object
+ livenessProbe:
+ description:
+ "Periodic probe of container liveness. Container
+ will be restarted if the probe fails. Cannot be updated.
+ More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes"
+ properties:
+ exec:
+ description: Exec specifies the action to take.
+ properties:
+ command:
+ description:
+ Command is the command line to execute
+ inside the container, the working directory for
+ the command is root ('/') in the container's
+ filesystem. The command is simply exec'd, it is
+ not run inside a shell, so traditional shell instructions
+ ('|', etc) won't work. To use a shell, you need
+ to explicitly call out to that shell. Exit status
+ of 0 is treated as live/healthy and non-zero is
+ unhealthy.
+ items:
+ type: string
+ type: array
+ type: object
+ failureThreshold:
+ description:
+ Minimum consecutive failures for the probe
+ to be considered failed after having succeeded. Defaults
+ to 3. Minimum value is 1.
+ format: int32
+ type: integer
+ grpc:
+ description:
+ GRPC specifies an action involving a GRPC
+ port. This is a beta field and requires enabling GRPCContainerProbe
+ feature gate.
+ properties:
+ port:
+ description:
+ Port number of the gRPC service. Number
+ must be in the range 1 to 65535.
+ format: int32
+ type: integer
+ service:
+ description:
+ "Service is the name of the service
+ to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md).
+ \n If this is not specified, the default behavior
+ is defined by gRPC."
+ type: string
+ required:
+ - port
+ type: object
+ httpGet:
+ description: HTTPGet specifies the http request to perform.
+ properties:
+ host:
+ description:
+ Host name to connect to, defaults to
+ the pod IP. You probably want to set "Host" in
+ httpHeaders instead.
+ type: string
+ httpHeaders:
+ description:
+ Custom headers to set in the request.
+ HTTP allows repeated headers.
+ items:
+ description:
+ HTTPHeader describes a custom header
+ to be used in HTTP probes
+ properties:
+ name:
+ description: The header field name
+ type: string
+ value:
+ description: The header field value
+ type: string
+ required:
+ - name
+ - value
+ type: object
+ type: array
+ path:
+ description: Path to access on the HTTP server.
+ type: string
+ port:
+ anyOf:
+ - type: integer
+ - type: string
+ description:
+ Name or number of the port to access
+ on the container. Number must be in the range
+ 1 to 65535. Name must be an IANA_SVC_NAME.
+ x-kubernetes-int-or-string: true
+ scheme:
+ description:
+ Scheme to use for connecting to the
+ host. Defaults to HTTP.
+ type: string
+ required:
+ - port
+ type: object
+ initialDelaySeconds:
+ description:
+ "Number of seconds after the container
+ has started before liveness probes are initiated.
+ More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes"
+ format: int32
+ type: integer
+ periodSeconds:
+ description:
+ How often (in seconds) to perform the probe.
+ Default to 10 seconds. Minimum value is 1.
+ format: int32
+ type: integer
+ successThreshold:
+ description:
+ Minimum consecutive successes for the probe
+ to be considered successful after having failed. Defaults
+ to 1. Must be 1 for liveness and startup. Minimum
+ value is 1.
+ format: int32
+ type: integer
+ tcpSocket:
+ description:
+ TCPSocket specifies an action involving
+ a TCP port.
+ properties:
+ host:
+ description:
+ "Optional: Host name to connect to,
+ defaults to the pod IP."
+ type: string
+ port:
+ anyOf:
+ - type: integer
+ - type: string
+ description:
+ Number or name of the port to access
+ on the container. Number must be in the range
+ 1 to 65535. Name must be an IANA_SVC_NAME.
+ x-kubernetes-int-or-string: true
+ required:
+ - port
+ type: object
+ terminationGracePeriodSeconds:
+ description:
+ Optional duration in seconds the pod needs
+ to terminate gracefully upon probe failure. The grace
+ period is the duration in seconds after the processes
+ running in the pod are sent a termination signal and
+ the time when the processes are forcibly halted with
+ a kill signal. Set this value longer than the expected
+ cleanup time for your process. If this value is nil,
+ the pod's terminationGracePeriodSeconds will be used.
+ Otherwise, this value overrides the value provided
+ by the pod spec. Value must be non-negative integer.
+ The value zero indicates stop immediately via the
+ kill signal (no opportunity to shut down). This is
+ a beta field and requires enabling ProbeTerminationGracePeriod
+ feature gate. Minimum value is 1. spec.terminationGracePeriodSeconds
+ is used if unset.
+ format: int64
+ type: integer
+ timeoutSeconds:
+ description:
+ "Number of seconds after which the probe
+ times out. Defaults to 1 second. Minimum value is
+ 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes"
+ format: int32
+ type: integer
+ type: object
+ name:
+ description:
+ Name of the container specified as a DNS_LABEL.
+ Each container in a pod must have a unique name (DNS_LABEL).
+ Cannot be updated.
+ type: string
+ ports:
+ description:
+ List of ports to expose from the container.
+ Not specifying a port here DOES NOT prevent that port
+ from being exposed. Any port which is listening on the
+ default "0.0.0.0" address inside a container will be accessible
+ from the network. Modifying this array with strategic
+ merge patch may corrupt the data. For more information
+ See https://github.com/kubernetes/kubernetes/issues/108255.
+ Cannot be updated.
+ items:
+ description:
+ ContainerPort represents a network port in
+ a single container.
+ properties:
+ containerPort:
+ description:
+ Number of port to expose on the pod's
+ IP address. This must be a valid port number, 0
+ < x < 65536.
+ format: int32
+ type: integer
+ hostIP:
+ description:
+ What host IP to bind the external port
+ to.
+ type: string
+ hostPort:
+ description:
+ Number of port to expose on the host.
+ If specified, this must be a valid port number,
+ 0 < x < 65536. If HostNetwork is specified, this
+ must match ContainerPort. Most containers do not
+ need this.
+ format: int32
+ type: integer
+ name:
+ description:
+ If specified, this must be an IANA_SVC_NAME
+ and unique within the pod. Each named port in a
+ pod must have a unique name. Name for the port that
+ can be referred to by services.
+ type: string
+ protocol:
+ default: TCP
+ description:
+ Protocol for port. Must be UDP, TCP,
+ or SCTP. Defaults to "TCP".
+ type: string
+ required:
+ - containerPort
+ type: object
+ type: array
+ x-kubernetes-list-map-keys:
+ - containerPort
+ - protocol
+ x-kubernetes-list-type: map
+ readinessProbe:
+ description:
+ "Periodic probe of container service readiness.
+ Container will be removed from service endpoints if the
+ probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes"
+ properties:
+ exec:
+ description: Exec specifies the action to take.
+ properties:
+ command:
+ description:
+ Command is the command line to execute
+ inside the container, the working directory for
+ the command is root ('/') in the container's
+ filesystem. The command is simply exec'd, it is
+ not run inside a shell, so traditional shell instructions
+ ('|', etc) won't work. To use a shell, you need
+ to explicitly call out to that shell. Exit status
+ of 0 is treated as live/healthy and non-zero is
+ unhealthy.
+ items:
+ type: string
+ type: array
+ type: object
+ failureThreshold:
+ description:
+ Minimum consecutive failures for the probe
+ to be considered failed after having succeeded. Defaults
+ to 3. Minimum value is 1.
+ format: int32
+ type: integer
+ grpc:
+ description:
+ GRPC specifies an action involving a GRPC
+ port. This is a beta field and requires enabling GRPCContainerProbe
+ feature gate.
+ properties:
+ port:
+ description:
+ Port number of the gRPC service. Number
+ must be in the range 1 to 65535.
+ format: int32
+ type: integer
+ service:
+ description:
+ "Service is the name of the service
+ to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md).
+ \n If this is not specified, the default behavior
+ is defined by gRPC."
+ type: string
+ required:
+ - port
+ type: object
+ httpGet:
+ description: HTTPGet specifies the http request to perform.
+ properties:
+ host:
+ description:
+ Host name to connect to, defaults to
+ the pod IP. You probably want to set "Host" in
+ httpHeaders instead.
+ type: string
+ httpHeaders:
+ description:
+ Custom headers to set in the request.
+ HTTP allows repeated headers.
+ items:
+ description:
+ HTTPHeader describes a custom header
+ to be used in HTTP probes
+ properties:
+ name:
+ description: The header field name
+ type: string
+ value:
+ description: The header field value
+ type: string
+ required:
+ - name
+ - value
+ type: object
+ type: array
+ path:
+ description: Path to access on the HTTP server.
+ type: string
+ port:
+ anyOf:
+ - type: integer
+ - type: string
+ description:
+ Name or number of the port to access
+ on the container. Number must be in the range
+ 1 to 65535. Name must be an IANA_SVC_NAME.
+ x-kubernetes-int-or-string: true
+ scheme:
+ description:
+ Scheme to use for connecting to the
+ host. Defaults to HTTP.
+ type: string
+ required:
+ - port
+ type: object
+ initialDelaySeconds:
+ description:
+ "Number of seconds after the container
+ has started before liveness probes are initiated.
+ More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes"
+ format: int32
+ type: integer
+ periodSeconds:
+ description:
+ How often (in seconds) to perform the probe.
+ Default to 10 seconds. Minimum value is 1.
+ format: int32
+ type: integer
+ successThreshold:
+ description:
+ Minimum consecutive successes for the probe
+ to be considered successful after having failed. Defaults
+ to 1. Must be 1 for liveness and startup. Minimum
+ value is 1.
+ format: int32
+ type: integer
+ tcpSocket:
+ description:
+ TCPSocket specifies an action involving
+ a TCP port.
+ properties:
+ host:
+ description:
+ "Optional: Host name to connect to,
+ defaults to the pod IP."
+ type: string
+ port:
+ anyOf:
+ - type: integer
+ - type: string
+ description:
+ Number or name of the port to access
+ on the container. Number must be in the range
+ 1 to 65535. Name must be an IANA_SVC_NAME.
+ x-kubernetes-int-or-string: true
+ required:
+ - port
+ type: object
+ terminationGracePeriodSeconds:
+ description:
+ Optional duration in seconds the pod needs
+ to terminate gracefully upon probe failure. The grace
+ period is the duration in seconds after the processes
+ running in the pod are sent a termination signal and
+ the time when the processes are forcibly halted with
+ a kill signal. Set this value longer than the expected
+ cleanup time for your process. If this value is nil,
+ the pod's terminationGracePeriodSeconds will be used.
+ Otherwise, this value overrides the value provided
+ by the pod spec. Value must be non-negative integer.
+ The value zero indicates stop immediately via the
+ kill signal (no opportunity to shut down). This is
+ a beta field and requires enabling ProbeTerminationGracePeriod
+ feature gate. Minimum value is 1. spec.terminationGracePeriodSeconds
+ is used if unset.
+ format: int64
+ type: integer
+ timeoutSeconds:
+ description:
+ "Number of seconds after which the probe
+ times out. Defaults to 1 second. Minimum value is
+ 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes"
+ format: int32
+ type: integer
+ type: object
+ resources:
+ description:
+ "Compute Resources required by this container.
+ Cannot be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/"
+ properties:
+ claims:
+ description:
+ "Claims lists the names of resources, defined
+ in spec.resourceClaims, that are used by this container.
+ \n This is an alpha field and requires enabling the
+ DynamicResourceAllocation feature gate. \n This field
+ is immutable."
+ items:
+ description:
+ ResourceClaim references one entry in
+ PodSpec.ResourceClaims.
+ properties:
+ name:
+ description:
+ Name must match the name of one entry
+ in pod.spec.resourceClaims of the Pod where
+ this field is used. It makes that resource available
+ inside a container.
+ type: string
+ required:
+ - name
+ type: object
+ type: array
+ x-kubernetes-list-map-keys:
+ - name
+ x-kubernetes-list-type: map
+ limits:
+ additionalProperties:
+ anyOf:
+ - type: integer
+ - type: string
+ pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+ x-kubernetes-int-or-string: true
+ description:
+ "Limits describes the maximum amount of
+ compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/"
+ type: object
+ requests:
+ additionalProperties:
+ anyOf:
+ - type: integer
+ - type: string
+ pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+ x-kubernetes-int-or-string: true
+ description:
+ "Requests describes the minimum amount
+ of compute resources required. If Requests is omitted
+ for a container, it defaults to Limits if that is
+ explicitly specified, otherwise to an implementation-defined
+ value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/"
+ type: object
+ type: object
+ securityContext:
+ description:
+ "SecurityContext defines the security options
+ the container should be run with. If set, the fields of
+ SecurityContext override the equivalent fields of PodSecurityContext.
+ More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/"
+ properties:
+ allowPrivilegeEscalation:
+ description:
+ "AllowPrivilegeEscalation controls whether
+ a process can gain more privileges than its parent
+ process. This bool directly controls if the no_new_privs
+ flag will be set on the container process. AllowPrivilegeEscalation
+ is true always when the container is: 1) run as Privileged
+ 2) has CAP_SYS_ADMIN Note that this field cannot be
+ set when spec.os.name is windows."
+ type: boolean
+ capabilities:
+ description:
+ The capabilities to add/drop when running
+ containers. Defaults to the default set of capabilities
+ granted by the container runtime. Note that this field
+ cannot be set when spec.os.name is windows.
+ properties:
+ add:
+ description: Added capabilities
+ items:
+ description:
+ Capability represent POSIX capabilities
+ type
+ type: string
+ type: array
+ drop:
+ description: Removed capabilities
+ items:
+ description:
+ Capability represent POSIX capabilities
+ type
+ type: string
+ type: array
+ type: object
+ privileged:
+ description:
+ Run container in privileged mode. Processes
+ in privileged containers are essentially equivalent
+ to root on the host. Defaults to false. Note that
+ this field cannot be set when spec.os.name is windows.
+ type: boolean
+ procMount:
+ description:
+ procMount denotes the type of proc mount
+ to use for the containers. The default is DefaultProcMount
+ which uses the container runtime defaults for readonly
+ paths and masked paths. This requires the ProcMountType
+ feature flag to be enabled. Note that this field cannot
+ be set when spec.os.name is windows.
+ type: string
+ readOnlyRootFilesystem:
+ description:
+ Whether this container has a read-only
+ root filesystem. Default is false. Note that this
+ field cannot be set when spec.os.name is windows.
+ type: boolean
+ runAsGroup:
+ description:
+ The GID to run the entrypoint of the container
+ process. Uses runtime default if unset. May also be
+ set in PodSecurityContext. If set in both SecurityContext
+ and PodSecurityContext, the value specified in SecurityContext
+ takes precedence. Note that this field cannot be set
+ when spec.os.name is windows.
+ format: int64
+ type: integer
+ runAsNonRoot:
+ description:
+ Indicates that the container must run as
+ a non-root user. If true, the Kubelet will validate
+ the image at runtime to ensure that it does not run
+ as UID 0 (root) and fail to start the container if
+ it does. If unset or false, no such validation will
+ be performed. May also be set in PodSecurityContext. If
+ set in both SecurityContext and PodSecurityContext,
+ the value specified in SecurityContext takes precedence.
+ type: boolean
+ runAsUser:
+ description:
+ The UID to run the entrypoint of the container
+ process. Defaults to user specified in image metadata
+ if unspecified. May also be set in PodSecurityContext. If
+ set in both SecurityContext and PodSecurityContext,
+ the value specified in SecurityContext takes precedence.
+ Note that this field cannot be set when spec.os.name
+ is windows.
+ format: int64
+ type: integer
+ seLinuxOptions:
+ description:
+ The SELinux context to be applied to the
+ container. If unspecified, the container runtime will
+ allocate a random SELinux context for each container. May
+ also be set in PodSecurityContext. If set in both
+ SecurityContext and PodSecurityContext, the value
+ specified in SecurityContext takes precedence. Note
+ that this field cannot be set when spec.os.name is
+ windows.
+ properties:
+ level:
+ description:
+ Level is SELinux level label that applies
+ to the container.
+ type: string
+ role:
+ description:
+ Role is a SELinux role label that applies
+ to the container.
+ type: string
+ type:
+ description:
+ Type is a SELinux type label that applies
+ to the container.
+ type: string
+ user:
+ description:
+ User is a SELinux user label that applies
+ to the container.
+ type: string
+ type: object
+ seccompProfile:
+ description:
+ The seccomp options to use by this container.
+ If seccomp options are provided at both the pod &
+ container level, the container options override the
+ pod options. Note that this field cannot be set when
+ spec.os.name is windows.
+ properties:
+ localhostProfile:
+ description:
+ localhostProfile indicates a profile
+ defined in a file on the node should be used.
+ The profile must be preconfigured on the node
+ to work. Must be a descending path, relative to
+ the kubelet's configured seccomp profile location.
+ Must only be set if type is "Localhost".
+ type: string
+ type:
+ description:
+ "type indicates which kind of seccomp
+ profile will be applied. Valid options are: \n
+ Localhost - a profile defined in a file on the
+ node should be used. RuntimeDefault - the container
+ runtime default profile should be used. Unconfined
+ - no profile should be applied."
+ type: string
+ required:
+ - type
+ type: object
+ windowsOptions:
+ description:
+ The Windows specific settings applied to
+ all containers. If unspecified, the options from the
+ PodSecurityContext will be used. If set in both SecurityContext
+ and PodSecurityContext, the value specified in SecurityContext
+ takes precedence. Note that this field cannot be set
+ when spec.os.name is linux.
+ properties:
+ gmsaCredentialSpec:
+ description:
+ GMSACredentialSpec is where the GMSA
+ admission webhook (https://github.com/kubernetes-sigs/windows-gmsa)
+ inlines the contents of the GMSA credential spec
+ named by the GMSACredentialSpecName field.
+ type: string
+ gmsaCredentialSpecName:
+ description:
+ GMSACredentialSpecName is the name
+ of the GMSA credential spec to use.
+ type: string
+ hostProcess:
+ description:
+ HostProcess determines if a container
+ should be run as a 'Host Process' container. This
+ field is alpha-level and will only be honored
+ by components that enable the WindowsHostProcessContainers
+ feature flag. Setting this field without the feature
+ flag will result in errors when validating the
+ Pod. All of a Pod's containers must have the same
+ effective HostProcess value (it is not allowed
+ to have a mix of HostProcess containers and non-HostProcess
+ containers). In addition, if HostProcess is true
+ then HostNetwork must also be set to true.
+ type: boolean
+ runAsUserName:
+ description:
+ The UserName in Windows to run the
+ entrypoint of the container process. Defaults
+ to the user specified in image metadata if unspecified.
+ May also be set in PodSecurityContext. If set
+ in both SecurityContext and PodSecurityContext,
+ the value specified in SecurityContext takes precedence.
+ type: string
+ type: object
+ type: object
+ startupProbe:
+ description:
+ "StartupProbe indicates that the Pod has successfully
+ initialized. If specified, no other probes are executed
+ until this completes successfully. If this probe fails,
+ the Pod will be restarted, just as if the livenessProbe
+ failed. This can be used to provide different probe parameters
+ at the beginning of a Pod's lifecycle, when it might
+ take a long time to load data or warm a cache, than during
+ steady-state operation. This cannot be updated. More info:
+ https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes"
+ properties:
+ exec:
+ description: Exec specifies the action to take.
+ properties:
+ command:
+ description:
+ Command is the command line to execute
+ inside the container, the working directory for
+ the command is root ('/') in the container's
+ filesystem. The command is simply exec'd, it is
+ not run inside a shell, so traditional shell instructions
+ ('|', etc) won't work. To use a shell, you need
+ to explicitly call out to that shell. Exit status
+ of 0 is treated as live/healthy and non-zero is
+ unhealthy.
+ items:
+ type: string
+ type: array
+ type: object
+ failureThreshold:
+ description:
+ Minimum consecutive failures for the probe
+ to be considered failed after having succeeded. Defaults
+ to 3. Minimum value is 1.
+ format: int32
+ type: integer
+ grpc:
+ description:
+ GRPC specifies an action involving a GRPC
+ port. This is a beta field and requires enabling GRPCContainerProbe
+ feature gate.
+ properties:
+ port:
+ description:
+ Port number of the gRPC service. Number
+ must be in the range 1 to 65535.
+ format: int32
+ type: integer
+ service:
+ description:
+ "Service is the name of the service
+ to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md).
+ \n If this is not specified, the default behavior
+ is defined by gRPC."
+ type: string
+ required:
+ - port
+ type: object
+ httpGet:
+ description: HTTPGet specifies the http request to perform.
+ properties:
+ host:
+ description:
+ Host name to connect to, defaults to
+ the pod IP. You probably want to set "Host" in
+ httpHeaders instead.
+ type: string
+ httpHeaders:
+ description:
+ Custom headers to set in the request.
+ HTTP allows repeated headers.
+ items:
+ description:
+ HTTPHeader describes a custom header
+ to be used in HTTP probes
+ properties:
+ name:
+ description: The header field name
+ type: string
+ value:
+ description: The header field value
+ type: string
+ required:
+ - name
+ - value
+ type: object
+ type: array
+ path:
+ description: Path to access on the HTTP server.
+ type: string
+ port:
+ anyOf:
+ - type: integer
+ - type: string
+ description:
+ Name or number of the port to access
+ on the container. Number must be in the range
+ 1 to 65535. Name must be an IANA_SVC_NAME.
+ x-kubernetes-int-or-string: true
+ scheme:
+ description:
+ Scheme to use for connecting to the
+ host. Defaults to HTTP.
+ type: string
+ required:
+ - port
+ type: object
+ initialDelaySeconds:
+ description:
+ "Number of seconds after the container
+ has started before liveness probes are initiated.
+ More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes"
+ format: int32
+ type: integer
+ periodSeconds:
+ description:
+ How often (in seconds) to perform the probe.
+ Default to 10 seconds. Minimum value is 1.
+ format: int32
+ type: integer
+ successThreshold:
+ description:
+ Minimum consecutive successes for the probe
+ to be considered successful after having failed. Defaults
+ to 1. Must be 1 for liveness and startup. Minimum
+ value is 1.
+ format: int32
+ type: integer
+ tcpSocket:
+ description:
+ TCPSocket specifies an action involving
+ a TCP port.
+ properties:
+ host:
+ description:
+ "Optional: Host name to connect to,
+ defaults to the pod IP."
+ type: string
+ port:
+ anyOf:
+ - type: integer
+ - type: string
+ description:
+ Number or name of the port to access
+ on the container. Number must be in the range
+ 1 to 65535. Name must be an IANA_SVC_NAME.
+ x-kubernetes-int-or-string: true
+ required:
+ - port
+ type: object
+ terminationGracePeriodSeconds:
+ description:
+ Optional duration in seconds the pod needs
+ to terminate gracefully upon probe failure. The grace
+ period is the duration in seconds after the processes
+ running in the pod are sent a termination signal and
+ the time when the processes are forcibly halted with
+ a kill signal. Set this value longer than the expected
+ cleanup time for your process. If this value is nil,
+ the pod's terminationGracePeriodSeconds will be used.
+ Otherwise, this value overrides the value provided
+ by the pod spec. Value must be non-negative integer.
+ The value zero indicates stop immediately via the
+ kill signal (no opportunity to shut down). This is
+ a beta field and requires enabling ProbeTerminationGracePeriod
+ feature gate. Minimum value is 1. spec.terminationGracePeriodSeconds
+ is used if unset.
+ format: int64
+ type: integer
+ timeoutSeconds:
+ description:
+ "Number of seconds after which the probe
+ times out. Defaults to 1 second. Minimum value is
+ 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes"
+ format: int32
+ type: integer
+ type: object
+ stdin:
+ description:
+ Whether this container should allocate a buffer
+ for stdin in the container runtime. If this is not set,
+ reads from stdin in the container will always result in
+ EOF. Default is false.
+ type: boolean
+ stdinOnce:
+ description:
+ Whether the container runtime should close
+ the stdin channel after it has been opened by a single
+ attach. When stdin is true the stdin stream will remain
+ open across multiple attach sessions. If stdinOnce is
+ set to true, stdin is opened on container start, is empty
+ until the first client attaches to stdin, and then remains
+ open and accepts data until the client disconnects, at
+ which time stdin is closed and remains closed until the
+ container is restarted. If this flag is false, a container
+ processes that reads from stdin will never receive an
+ EOF. Default is false
+ type: boolean
+ terminationMessagePath:
+ description:
+ "Optional: Path at which the file to which
+ the container's termination message will be written is
+ mounted into the container's filesystem. Message written
+ is intended to be brief final status, such as an assertion
+ failure message. Will be truncated by the node if greater
+ than 4096 bytes. The total message length across all containers
+ will be limited to 12kb. Defaults to /dev/termination-log.
+ Cannot be updated."
+ type: string
+ terminationMessagePolicy:
+ description:
+ Indicate how the termination message should
+ be populated. File will use the contents of terminationMessagePath
+ to populate the container status message on both success
+ and failure. FallbackToLogsOnError will use the last chunk
+ of container log output if the termination message file
+ is empty and the container exited with an error. The log
+ output is limited to 2048 bytes or 80 lines, whichever
+ is smaller. Defaults to File. Cannot be updated.
+ type: string
+ tty:
+ description:
+ Whether this container should allocate a TTY
+ for itself, also requires 'stdin' to be true. Default
+ is false.
+ type: boolean
+ volumeDevices:
+ description:
+ volumeDevices is the list of block devices
+ to be used by the container.
+ items:
+ description:
+ volumeDevice describes a mapping of a raw
+ block device within a container.
+ properties:
+ devicePath:
+ description:
+ devicePath is the path inside of the
+ container that the device will be mapped to.
+ type: string
+ name:
+ description:
+ name must match the name of a persistentVolumeClaim
+ in the pod
+ type: string
+ required:
+ - devicePath
+ - name
+ type: object
+ type: array
+ volumeMounts:
+ description:
+ Pod volumes to mount into the container's filesystem.
+ Cannot be updated.
+ items:
+ description:
+ VolumeMount describes a mounting of a Volume
+ within a container.
+ properties:
+ mountPath:
+ description:
+ Path within the container at which the
+ volume should be mounted. Must not contain ':'.
+ type: string
+ mountPropagation:
+ description:
+ mountPropagation determines how mounts
+ are propagated from the host to container and the
+ other way around. When not set, MountPropagationNone
+ is used. This field is beta in 1.10.
+ type: string
+ name:
+ description: This must match the Name of a Volume.
+ type: string
+ readOnly:
+ description:
+ Mounted read-only if true, read-write
+ otherwise (false or unspecified). Defaults to false.
+ type: boolean
+ subPath:
+ description:
+ Path within the volume from which the
+ container's volume should be mounted. Defaults to
+ "" (volume's root).
+ type: string
+ subPathExpr:
+ description:
+ Expanded path within the volume from
+ which the container's volume should be mounted.
+ Behaves similarly to SubPath but environment variable
+ references $(VAR_NAME) are expanded using the container's
+ environment. Defaults to "" (volume's root). SubPathExpr
+ and SubPath are mutually exclusive.
+ type: string
+ required:
+ - mountPath
+ - name
+ type: object
+ type: array
+ workingDir:
+ description:
+ Container's working directory. If not specified,
+ the container runtime's default will be used, which might
+ be configured in the container image. Cannot be updated.
+ type: string
+ required:
+ - name
+ type: object
+ type: array
+ endpoint:
+ description: endpoint
+ type: string
+ idleTimeout:
+ description: terminate apparatus after idle for timeout in milliseconds
+ type: integer
+ required:
+ - containers
+ type: object
+ config:
+ additionalProperties:
+ type: string
+ description: config
+ type: object
+ configConfigMapName:
+ description: config configmap name
+ type: string
+ configSecretName:
+ description: config secret name
+ type: string
+ configTemplate:
+ additionalProperties:
+ type: string
+ description: config template
+ type: object
+ data:
+ additionalProperties:
+ type: string
+ description: data
+ type: object
+ dataConfigMapName:
+ description: data configmap name
+ type: string
+ dataSecretName:
+ description: data secret name
+ type: string
+ epoch:
+ description: change epoch to force an update
+ type: string
+ interface:
+ description: interface
+ properties:
+ config:
+ description: config interface
+ properties:
+ plug:
+ additionalProperties:
+ properties:
+ default:
+ type: string
+ description:
+ type: string
+ required:
+ type: boolean
+ type: object
+ description: plug config properties
+ type: object
+ socket:
+ additionalProperties:
+ properties:
+ default:
+ type: string
+ description:
+ type: string
+ required:
+ type: boolean
+ type: object
+ description: socket config properties
+ type: object
+ type: object
+ result:
+ description: result interface
+ properties:
+ plug:
+ additionalProperties:
+ properties:
+ default:
+ type: string
+ description:
+ type: string
+ required:
+ type: boolean
+ type: object
+ description: plug result properties
+ type: object
+ socket:
+ additionalProperties:
+ properties:
+ default:
+ type: string
+ description:
+ type: string
+ required:
+ type: boolean
+ type: object
+ description: socket result properties
+ type: object
+ type: object
+ type: object
+ limit:
+ description: limit
+ format: int32
+ type: integer
+ resources:
+ description: resources
+ items:
+ properties:
+ do:
+ type: string
+ retainWhenDecoupled:
+ type: boolean
+ stringTemplate:
+ type: string
+ stringTemplates:
+ items:
+ type: string
+ type: array
+ template:
+ x-kubernetes-preserve-unknown-fields: true
+ templates:
+ items:
+ x-kubernetes-preserve-unknown-fields: true
+ type: array
+ when:
+ items:
+ type: string
+ type: array
+ type: object
+ type: array
+ result:
+ additionalProperties:
+ type: string
+ description: result
+ type: object
+ resultConfigMapName:
+ description: result configmap name
+ type: string
+ resultResources:
+ description: result resources
+ items:
+ properties:
+ do:
+ type: string
+ stringTemplate:
+ type: string
+ stringTemplates:
+ items:
+ type: string
+ type: array
+ template:
+ x-kubernetes-preserve-unknown-fields: true
+ templates:
+ items:
+ x-kubernetes-preserve-unknown-fields: true
+ type: array
+ type: object
+ type: array
+ resultSecretName:
+ description: result secret name
+ type: string
+ resultTemplate:
+ additionalProperties:
+ type: string
+ description: result template
+ type: object
+ resultVars:
+ description: result vars
+ items:
+ description:
+ Var represents a variable whose value will be sourced
+ from a field in a Kubernetes object.
+ properties:
+ fieldref:
+ description:
+ "FieldRef refers to the field of the object referred
+ to by ObjRef whose value will be extracted for use in replacing
+ $(FOO). If unspecified, this defaults to fieldPath: $defaultFieldPath"
+ properties:
+ fieldPath:
+ type: string
+ type: object
+ name:
+ description:
+ Value of identifier name e.g. FOO used in container
+ args, annotations Appears in pod template as $(FOO)
+ type: string
+ objref:
+ description:
+ ObjRef must refer to a Kubernetes resource under
+ the purview of this kustomization. ObjRef should use the raw
+ name of the object (the name specified in its YAML, before
+ addition of a namePrefix and a nameSuffix).
+ properties:
+ apiVersion:
+ type: string
+ group:
+ type: string
+ kind:
+ type: string
+ name:
+ type: string
+ namespace:
+ type: string
+ version:
+ type: string
+ required:
+ - name
+ type: object
+ required:
+ - name
+ - objref
+ type: object
+ type: array
+ serviceAccountName:
+ description:
+ "ServiceAccountName is the name of the ServiceAccount
+ to use to run integrations. More info: https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/"
+ type: string
+ validation:
+ description: validation
+ properties:
+ namespaceBlacklist:
+ description: namespace blacklist
+ items:
+ type: string
+ type: array
+ namespaceWhitelist:
+ description: namespace whitelist
+ items:
+ type: string
+ type: array
+ type: object
+ vars:
+ description: vars
+ items:
+ description:
+ Var represents a variable whose value will be sourced
+ from a field in a Kubernetes object.
+ properties:
+ fieldref:
+ description:
+ "FieldRef refers to the field of the object referred
+ to by ObjRef whose value will be extracted for use in replacing
+ $(FOO). If unspecified, this defaults to fieldPath: $defaultFieldPath"
+ properties:
+ fieldPath:
+ type: string
+ type: object
+ name:
+ description:
+ Value of identifier name e.g. FOO used in container
+ args, annotations Appears in pod template as $(FOO)
+ type: string
+ objref:
+ description:
+ ObjRef must refer to a Kubernetes resource under
+ the purview of this kustomization. ObjRef should use the raw
+ name of the object (the name specified in its YAML, before
+ addition of a namePrefix and a nameSuffix).
+ properties:
+ apiVersion:
+ type: string
+ group:
+ type: string
+ kind:
+ type: string
+ name:
+ type: string
+ namespace:
+ type: string
+ version:
+ type: string
+ required:
+ - name
+ type: object
+ required:
+ - name
+ - objref
+ type: object
+ type: array
+ type: object
+ status:
+ description: SocketStatus defines the observed state of Socket
+ properties:
+ conditions:
+ description:
+ Conditions represent the latest available observations
+ of an object's state
+ items:
+ description:
+ "Condition contains details for one aspect of the current
+ state of this API Resource. --- This struct is intended for direct
+ use as an array at the field path .status.conditions. For example,
+ \n type FooStatus struct{ // Represents the observations of a
+ foo's current state. // Known .status.conditions.type are: \"Available\",
+ \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge
+ // +listType=map // +listMapKey=type Conditions []metav1.Condition
+ `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\"
+ protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }"
+ properties:
+ lastTransitionTime:
+ description:
+ lastTransitionTime is the last time the condition
+ transitioned from one status to another. This should be when
+ the underlying condition changed. If that is not known, then
+ using the time when the API field changed is acceptable.
+ format: date-time
+ type: string
+ message:
+ description:
+ message is a human readable message indicating
+ details about the transition. This may be an empty string.
+ maxLength: 32768
+ type: string
+ observedGeneration:
+ description:
+ observedGeneration represents the .metadata.generation
+ that the condition was set based upon. For instance, if .metadata.generation
+ is currently 12, but the .status.conditions[x].observedGeneration
+ is 9, the condition is out of date with respect to the current
+ state of the instance.
+ format: int64
+ minimum: 0
+ type: integer
+ reason:
+ description:
+ reason contains a programmatic identifier indicating
+ the reason for the condition's last transition. Producers
+ of specific condition types may define expected values and
+ meanings for this field, and whether the values are considered
+ a guaranteed API. The value should be a CamelCase string.
+ This field may not be empty.
+ maxLength: 1024
+ minLength: 1
+ pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$
+ type: string
+ status:
+ description: status of the condition, one of True, False, Unknown.
+ enum:
+ - "True"
+ - "False"
+ - Unknown
+ type: string
+ type:
+ description:
+ type of condition in CamelCase or in foo.example.com/CamelCase.
+ --- Many .condition.type values are consistent across resources
+ like Available, but because arbitrary conditions can be useful
+ (see .node.status.conditions), the ability to deconflict is
+ important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt)
+ maxLength: 316
+ pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$
+ type: string
+ required:
+ - lastTransitionTime
+ - message
+ - reason
+ - status
+ - type
+ type: object
+ type: array
+ coupledPlugs:
+ description: plugs coupled to socket
+ items:
+ properties:
+ apiVersion:
+ description: API version of the plug
+ type: string
+ kind:
+ description: Kind of the plug
+ type: string
+ name:
+ description: Name of the plug
+ type: string
+ namespace:
+ description: Namespace of the plug
+ type: string
+ uid:
+ description: UID of the plug
+ type: string
+ required:
+ - apiVersion
+ - kind
+ - name
+ - namespace
+ - uid
+ type: object
+ type: array
+ type: object
+ type: object
+ served: true
+ storage: true
+ subresources:
+ status: {}
diff --git a/operators/integration-operator/1.0.0/metadata/annotations.yaml b/operators/integration-operator/1.0.0/metadata/annotations.yaml
new file mode 100644
index 00000000000..5d62b2a70b7
--- /dev/null
+++ b/operators/integration-operator/1.0.0/metadata/annotations.yaml
@@ -0,0 +1,7 @@
+annotations:
+ operators.operatorframework.io.bundle.channel.default.v1: stable
+ operators.operatorframework.io.bundle.channels.v1: stable
+ operators.operatorframework.io.bundle.manifests.v1: manifests/
+ operators.operatorframework.io.bundle.mediatype.v1: registry+v1
+ operators.operatorframework.io.bundle.metadata.v1: metadata/
+ operators.operatorframework.io.bundle.package.v1: integration-operator
diff --git a/operators/integration-operator/ci.yaml b/operators/integration-operator/ci.yaml
new file mode 100644
index 00000000000..abd2a1cdc47
--- /dev/null
+++ b/operators/integration-operator/ci.yaml
@@ -0,0 +1,3 @@
+---
+# Use `replaces-mode` or `semver-mode`. Once you switch to `semver-mode`, there is no easy way back.
+updateGraph: semver-mode