github.com/argoproj-labs/argocd-operator@v0.10.0/deploy/olm-catalog/argocd-operator/0.0.15/argoproj.io_appprojects_crd.yaml (about) 1 apiVersion: apiextensions.k8s.io/v1 2 kind: CustomResourceDefinition 3 metadata: 4 labels: 5 app.kubernetes.io/name: appprojects.argoproj.io 6 app.kubernetes.io/part-of: argocd 7 name: appprojects.argoproj.io 8 spec: 9 group: argoproj.io 10 names: 11 kind: AppProject 12 listKind: AppProjectList 13 plural: appprojects 14 shortNames: 15 - appproj 16 - appprojs 17 singular: appproject 18 scope: Namespaced 19 versions: 20 - name: v1alpha1 21 schema: 22 openAPIV3Schema: 23 description: 'AppProject provides a logical grouping of applications, providing controls for: * where the apps may deploy to (cluster whitelist) * what may be deployed (repository whitelist, resource whitelist/blacklist) * who can access these applications (roles, OIDC group claims bindings) * and what they can do (RBAC policies) * automation access to these roles (JWT tokens)' 24 properties: 25 apiVersion: 26 description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' 27 type: string 28 kind: 29 description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' 30 type: string 31 metadata: 32 type: object 33 spec: 34 description: AppProjectSpec is the specification of an AppProject 35 properties: 36 clusterResourceBlacklist: 37 description: ClusterResourceBlacklist contains list of blacklisted cluster level resources 38 items: 39 description: GroupKind specifies a Group and a Kind, but does not force a version. This is useful for identifying concepts during lookup stages without having partially valid types 40 properties: 41 group: 42 type: string 43 kind: 44 type: string 45 required: 46 - group 47 - kind 48 type: object 49 type: array 50 clusterResourceWhitelist: 51 description: ClusterResourceWhitelist contains list of whitelisted cluster level resources 52 items: 53 description: GroupKind specifies a Group and a Kind, but does not force a version. This is useful for identifying concepts during lookup stages without having partially valid types 54 properties: 55 group: 56 type: string 57 kind: 58 type: string 59 required: 60 - group 61 - kind 62 type: object 63 type: array 64 description: 65 description: Description contains optional project description 66 type: string 67 destinations: 68 description: Destinations contains list of destinations available for deployment 69 items: 70 description: ApplicationDestination holds information about the application's destination 71 properties: 72 name: 73 description: Name is an alternate way of specifying the target cluster by its symbolic name 74 type: string 75 namespace: 76 description: Namespace specifies the target namespace for the application's resources. The namespace will only be set for namespace-scoped resources that have not set a value for .metadata.namespace 77 type: string 78 server: 79 description: Server specifies the URL of the target cluster and must be set to the Kubernetes control plane API 80 type: string 81 type: object 82 type: array 83 namespaceResourceBlacklist: 84 description: NamespaceResourceBlacklist contains list of blacklisted namespace level resources 85 items: 86 description: GroupKind specifies a Group and a Kind, but does not force a version. This is useful for identifying concepts during lookup stages without having partially valid types 87 properties: 88 group: 89 type: string 90 kind: 91 type: string 92 required: 93 - group 94 - kind 95 type: object 96 type: array 97 namespaceResourceWhitelist: 98 description: NamespaceResourceWhitelist contains list of whitelisted namespace level resources 99 items: 100 description: GroupKind specifies a Group and a Kind, but does not force a version. This is useful for identifying concepts during lookup stages without having partially valid types 101 properties: 102 group: 103 type: string 104 kind: 105 type: string 106 required: 107 - group 108 - kind 109 type: object 110 type: array 111 orphanedResources: 112 description: OrphanedResources specifies if controller should monitor orphaned resources of apps in this project 113 properties: 114 ignore: 115 description: Ignore contains a list of resources that are to be excluded from orphaned resources monitoring 116 items: 117 description: OrphanedResourceKey is a reference to a resource to be ignored from 118 properties: 119 group: 120 type: string 121 kind: 122 type: string 123 name: 124 type: string 125 type: object 126 type: array 127 warn: 128 description: Warn indicates if warning condition should be created for apps which have orphaned resources 129 type: boolean 130 type: object 131 roles: 132 description: Roles are user defined RBAC roles associated with this project 133 items: 134 description: ProjectRole represents a role that has access to a project 135 properties: 136 description: 137 description: Description is a description of the role 138 type: string 139 groups: 140 description: Groups are a list of OIDC group claims bound to this role 141 items: 142 type: string 143 type: array 144 jwtTokens: 145 description: JWTTokens are a list of generated JWT tokens bound to this role 146 items: 147 description: JWTToken holds the issuedAt and expiresAt values of a token 148 properties: 149 exp: 150 format: int64 151 type: integer 152 iat: 153 format: int64 154 type: integer 155 id: 156 type: string 157 required: 158 - iat 159 type: object 160 type: array 161 name: 162 description: Name is a name for this role 163 type: string 164 policies: 165 description: Policies Stores a list of casbin formated strings that define access policies for the role in the project 166 items: 167 type: string 168 type: array 169 required: 170 - name 171 type: object 172 type: array 173 signatureKeys: 174 description: SignatureKeys contains a list of PGP key IDs that commits in Git must be signed with in order to be allowed for sync 175 items: 176 description: SignatureKey is the specification of a key required to verify commit signatures with 177 properties: 178 keyID: 179 description: The ID of the key in hexadecimal notation 180 type: string 181 required: 182 - keyID 183 type: object 184 type: array 185 sourceRepos: 186 description: SourceRepos contains list of repository URLs which can be used for deployment 187 items: 188 type: string 189 type: array 190 syncWindows: 191 description: SyncWindows controls when syncs can be run for apps in this project 192 items: 193 description: SyncWindow contains the kind, time, duration and attributes that are used to assign the syncWindows to apps 194 properties: 195 applications: 196 description: Applications contains a list of applications that the window will apply to 197 items: 198 type: string 199 type: array 200 clusters: 201 description: Clusters contains a list of clusters that the window will apply to 202 items: 203 type: string 204 type: array 205 duration: 206 description: Duration is the amount of time the sync window will be open 207 type: string 208 kind: 209 description: Kind defines if the window allows or blocks syncs 210 type: string 211 manualSync: 212 description: ManualSync enables manual syncs when they would otherwise be blocked 213 type: boolean 214 namespaces: 215 description: Namespaces contains a list of namespaces that the window will apply to 216 items: 217 type: string 218 type: array 219 schedule: 220 description: Schedule is the time the window will begin, specified in cron format 221 type: string 222 type: object 223 type: array 224 type: object 225 status: 226 description: AppProjectStatus contains status information for AppProject CRs 227 properties: 228 jwtTokensByRole: 229 additionalProperties: 230 description: JWTTokens represents a list of JWT tokens 231 properties: 232 items: 233 items: 234 description: JWTToken holds the issuedAt and expiresAt values of a token 235 properties: 236 exp: 237 format: int64 238 type: integer 239 iat: 240 format: int64 241 type: integer 242 id: 243 type: string 244 required: 245 - iat 246 type: object 247 type: array 248 type: object 249 description: JWTTokensByRole contains a list of JWT tokens issued for a given role 250 type: object 251 type: object 252 required: 253 - metadata 254 - spec 255 type: object 256 served: true 257 storage: true