github.com/argoproj-labs/argocd-operator@v0.10.0/deploy/olm-catalog/argocd-operator/0.0.3/argocd-operator-appproject.crd.yaml (about) 1 apiVersion: apiextensions.k8s.io/v1beta1 2 kind: CustomResourceDefinition 3 metadata: 4 labels: 5 app.kubernetes.io/name: appprojects.argoproj.io 6 app.kubernetes.io/part-of: argocd 7 name: appprojects.argoproj.io 8 spec: 9 group: argoproj.io 10 names: 11 kind: AppProject 12 plural: appprojects 13 shortNames: 14 - appproj 15 - appprojs 16 scope: Namespaced 17 validation: 18 openAPIV3Schema: 19 description: 'AppProject provides a logical grouping of applications, providing 20 controls for: * where the apps may deploy to (cluster whitelist) * what may 21 be deployed (repository whitelist, resource whitelist/blacklist) * who can 22 access these applications (roles, OIDC group claims bindings) * and what they 23 can do (RBAC policies) * automation access to these roles (JWT tokens)' 24 properties: 25 apiVersion: 26 description: 'APIVersion defines the versioned schema of this representation 27 of an object. Servers should convert recognized schemas to the latest 28 internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources' 29 type: string 30 kind: 31 description: 'Kind is a string value representing the REST resource this 32 object represents. Servers may infer this from the endpoint the client 33 submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds' 34 type: string 35 metadata: 36 properties: 37 annotations: 38 additionalProperties: 39 type: string 40 description: 'Annotations is an unstructured key value map stored with 41 a resource that may be set by external tools to store and retrieve 42 arbitrary metadata. They are not queryable and should be preserved 43 when modifying objects. More info: http://kubernetes.io/docs/user-guide/annotations' 44 type: object 45 clusterName: 46 description: The name of the cluster which the object belongs to. This 47 is used to distinguish resources with same name and namespace in different 48 clusters. This field is not set anywhere right now and apiserver is 49 going to ignore it if set in create or update request. 50 type: string 51 deletionGracePeriodSeconds: 52 description: Number of seconds allowed for this object to gracefully 53 terminate before it will be removed from the system. Only set when 54 deletionTimestamp is also set. May only be shortened. Read-only. 55 format: int64 56 type: integer 57 deletionTimestamp: 58 description: "DeletionTimestamp is RFC 3339 date and time at which this 59 resource will be deleted. This field is set by the server when a graceful 60 deletion is requested by the user, and is not directly settable by 61 a client. The resource is expected to be deleted (no longer visible 62 from resource lists, and not reachable by name) after the time in 63 this field, once the finalizers list is empty. As long as the finalizers 64 list contains items, deletion is blocked. Once the deletionTimestamp 65 is set, this value may not be unset or be set further into the future, 66 although it may be shortened or the resource may be deleted prior 67 to this time. For example, a user may request that a pod is deleted 68 in 30 seconds. The Kubelet will react by sending a graceful termination 69 signal to the containers in the pod. After that 30 seconds, the Kubelet 70 will send a hard termination signal (SIGKILL) to the container and 71 after cleanup, remove the pod from the API. In the presence of network 72 partitions, this object may still exist after this timestamp, until 73 an administrator or automated process can determine the resource is 74 fully terminated. If not set, graceful deletion of the object has 75 not been requested. \n Populated by the system when a graceful deletion 76 is requested. Read-only. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata" 77 format: date-time 78 type: string 79 finalizers: 80 description: Must be empty before the object is deleted from the registry. 81 Each entry is an identifier for the responsible component that will 82 remove the entry from the list. If the deletionTimestamp of the object 83 is non-nil, entries in this list can only be removed. 84 items: 85 type: string 86 type: array 87 generateName: 88 description: "GenerateName is an optional prefix, used by the server, 89 to generate a unique name ONLY IF the Name field has not been provided. 90 If this field is used, the name returned to the client will be different 91 than the name passed. This value will also be combined with a unique 92 suffix. The provided value has the same validation rules as the Name 93 field, and may be truncated by the length of the suffix required to 94 make the value unique on the server. \n If this field is specified 95 and the generated name exists, the server will NOT return a 409 - 96 instead, it will either return 201 Created or 500 with Reason ServerTimeout 97 indicating a unique name could not be found in the time allotted, 98 and the client should retry (optionally after the time indicated in 99 the Retry-After header). \n Applied only if Name is not specified. 100 More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#idempotency" 101 type: string 102 generation: 103 description: A sequence number representing a specific generation of 104 the desired state. Populated by the system. Read-only. 105 format: int64 106 type: integer 107 initializers: 108 description: "An initializer is a controller which enforces some system 109 invariant at object creation time. This field is a list of initializers 110 that have not yet acted on this object. If nil or empty, this object 111 has been completely initialized. Otherwise, the object is considered 112 uninitialized and is hidden (in list/watch and get calls) from clients 113 that haven't explicitly asked to observe uninitialized objects. \n 114 When an object is created, the system will populate this list with 115 the current set of initializers. Only privileged users may set or 116 modify this list. Once it is empty, it may not be modified further 117 by any user. \n DEPRECATED - initializers are an alpha field and will 118 be removed in v1.15." 119 properties: 120 pending: 121 description: Pending is a list of initializers that must execute 122 in order before this object is visible. When the last pending 123 initializer is removed, and no failing result is set, the initializers 124 struct will be set to nil and the object is considered as initialized 125 and visible to all clients. 126 items: 127 properties: 128 name: 129 description: name of the process that is responsible for initializing 130 this object. 131 type: string 132 required: 133 - name 134 type: object 135 type: array 136 result: 137 description: If result is set with the Failure field, the object 138 will be persisted to storage and then deleted, ensuring that other 139 clients can observe the deletion. 140 properties: 141 apiVersion: 142 description: 'APIVersion defines the versioned schema of this 143 representation of an object. Servers should convert recognized 144 schemas to the latest internal value, and may reject unrecognized 145 values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources' 146 type: string 147 code: 148 description: Suggested HTTP return code for this status, 0 if 149 not set. 150 format: int32 151 type: integer 152 details: 153 description: Extended data associated with the reason. Each 154 reason may define its own extended details. This field is 155 optional and the data returned is not guaranteed to conform 156 to any schema except that defined by the reason type. 157 properties: 158 causes: 159 description: The Causes array includes more details associated 160 with the StatusReason failure. Not all StatusReasons may 161 provide detailed causes. 162 items: 163 properties: 164 field: 165 description: "The field of the resource that has caused 166 this error, as named by its JSON serialization. 167 May include dot and postfix notation for nested 168 attributes. Arrays are zero-indexed. Fields may 169 appear more than once in an array of causes due 170 to fields having multiple errors. Optional. \n Examples: 171 \ \"name\" - the field \"name\" on the current 172 resource \"items[0].name\" - the field \"name\" 173 on the first array entry in \"items\"" 174 type: string 175 message: 176 description: A human-readable description of the cause 177 of the error. This field may be presented as-is 178 to a reader. 179 type: string 180 reason: 181 description: A machine-readable description of the 182 cause of the error. If this value is empty there 183 is no information available. 184 type: string 185 type: object 186 type: array 187 group: 188 description: The group attribute of the resource associated 189 with the status StatusReason. 190 type: string 191 kind: 192 description: 'The kind attribute of the resource associated 193 with the status StatusReason. On some operations may differ 194 from the requested resource Kind. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds' 195 type: string 196 name: 197 description: The name attribute of the resource associated 198 with the status StatusReason (when there is a single name 199 which can be described). 200 type: string 201 retryAfterSeconds: 202 description: If specified, the time in seconds before the 203 operation should be retried. Some errors may indicate 204 the client must take an alternate action - for those errors 205 this field may indicate how long to wait before taking 206 the alternate action. 207 format: int32 208 type: integer 209 uid: 210 description: 'UID of the resource. (when there is a single 211 resource which can be described). More info: http://kubernetes.io/docs/user-guide/identifiers#uids' 212 type: string 213 type: object 214 kind: 215 description: 'Kind is a string value representing the REST resource 216 this object represents. Servers may infer this from the endpoint 217 the client submits requests to. Cannot be updated. In CamelCase. 218 More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds' 219 type: string 220 message: 221 description: A human-readable description of the status of this 222 operation. 223 type: string 224 metadata: 225 description: 'Standard list metadata. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds' 226 properties: 227 continue: 228 description: continue may be set if the user set a limit 229 on the number of items returned, and indicates that the 230 server has more data available. The value is opaque and 231 may be used to issue another request to the endpoint that 232 served this list to retrieve the next set of available 233 objects. Continuing a consistent list may not be possible 234 if the server configuration has changed or more than a 235 few minutes have passed. The resourceVersion field returned 236 when using this continue value will be identical to the 237 value in the first response, unless you have received 238 this token from an error message. 239 type: string 240 resourceVersion: 241 description: 'String that identifies the server''s internal 242 version of this object that can be used by clients to 243 determine when objects have changed. Value must be treated 244 as opaque by clients and passed unmodified back to the 245 server. Populated by the system. Read-only. More info: 246 https://git.k8s.io/community/contributors/devel/api-conventions.md#concurrency-control-and-consistency' 247 type: string 248 selfLink: 249 description: selfLink is a URL representing this object. 250 Populated by the system. Read-only. 251 type: string 252 type: object 253 reason: 254 description: A machine-readable description of why this operation 255 is in the "Failure" status. If this value is empty there is 256 no information available. A Reason clarifies an HTTP status 257 code but does not override it. 258 type: string 259 status: 260 description: 'Status of the operation. One of: "Success" or 261 "Failure". More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#spec-and-status' 262 type: string 263 type: object 264 required: 265 - pending 266 type: object 267 labels: 268 additionalProperties: 269 type: string 270 description: 'Map of string keys and values that can be used to organize 271 and categorize (scope and select) objects. May match selectors of 272 replication controllers and services. More info: http://kubernetes.io/docs/user-guide/labels' 273 type: object 274 managedFields: 275 description: "ManagedFields maps workflow-id and version to the set 276 of fields that are managed by that workflow. This is mostly for internal 277 housekeeping, and users typically shouldn't need to set or understand 278 this field. A workflow can be the user's name, a controller's name, 279 or the name of a specific apply path like \"ci-cd\". The set of fields 280 is always in the version that the workflow used when modifying the 281 object. \n This field is alpha and can be changed or removed without 282 notice." 283 items: 284 properties: 285 apiVersion: 286 description: APIVersion defines the version of this resource that 287 this field set applies to. The format is "group/version" just 288 like the top-level APIVersion field. It is necessary to track 289 the version of a field set because it cannot be automatically 290 converted. 291 type: string 292 fields: 293 additionalProperties: true 294 description: Fields identifies a set of fields. 295 type: object 296 manager: 297 description: Manager is an identifier of the workflow managing 298 these fields. 299 type: string 300 operation: 301 description: Operation is the type of operation which lead to 302 this ManagedFieldsEntry being created. The only valid values 303 for this field are 'Apply' and 'Update'. 304 type: string 305 time: 306 description: Time is timestamp of when these fields were set. 307 It should always be empty if Operation is 'Apply' 308 format: date-time 309 type: string 310 type: object 311 type: array 312 name: 313 description: 'Name must be unique within a namespace. Is required when 314 creating resources, although some resources may allow a client to 315 request the generation of an appropriate name automatically. Name 316 is primarily intended for creation idempotence and configuration definition. 317 Cannot be updated. More info: http://kubernetes.io/docs/user-guide/identifiers#names' 318 type: string 319 namespace: 320 description: "Namespace defines the space within each name must be unique. 321 An empty namespace is equivalent to the \"default\" namespace, but 322 \"default\" is the canonical representation. Not all objects are required 323 to be scoped to a namespace - the value of this field for those objects 324 will be empty. \n Must be a DNS_LABEL. Cannot be updated. More info: 325 http://kubernetes.io/docs/user-guide/namespaces" 326 type: string 327 ownerReferences: 328 description: List of objects depended by this object. If ALL objects 329 in the list have been deleted, this object will be garbage collected. 330 If this object is managed by a controller, then an entry in this list 331 will point to this controller, with the controller field set to true. 332 There cannot be more than one managing controller. 333 items: 334 properties: 335 apiVersion: 336 description: API version of the referent. 337 type: string 338 blockOwnerDeletion: 339 description: If true, AND if the owner has the "foregroundDeletion" 340 finalizer, then the owner cannot be deleted from the key-value 341 store until this reference is removed. Defaults to false. To 342 set this field, a user needs "delete" permission of the owner, 343 otherwise 422 (Unprocessable Entity) will be returned. 344 type: boolean 345 controller: 346 description: If true, this reference points to the managing controller. 347 type: boolean 348 kind: 349 description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds' 350 type: string 351 name: 352 description: 'Name of the referent. More info: http://kubernetes.io/docs/user-guide/identifiers#names' 353 type: string 354 uid: 355 description: 'UID of the referent. More info: http://kubernetes.io/docs/user-guide/identifiers#uids' 356 type: string 357 required: 358 - apiVersion 359 - kind 360 - name 361 - uid 362 type: object 363 type: array 364 resourceVersion: 365 description: "An opaque value that represents the internal version of 366 this object that can be used by clients to determine when objects 367 have changed. May be used for optimistic concurrency, change detection, 368 and the watch operation on a resource or set of resources. Clients 369 must treat these values as opaque and passed unmodified back to the 370 server. They may only be valid for a particular resource or set of 371 resources. \n Populated by the system. Read-only. Value must be treated 372 as opaque by clients and . More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#concurrency-control-and-consistency" 373 type: string 374 selfLink: 375 description: SelfLink is a URL representing this object. Populated by 376 the system. Read-only. 377 type: string 378 uid: 379 description: "UID is the unique in time and space value for this object. 380 It is typically generated by the server on successful creation of 381 a resource and is not allowed to change on PUT operations. \n Populated 382 by the system. Read-only. More info: http://kubernetes.io/docs/user-guide/identifiers#uids" 383 type: string 384 type: object 385 spec: 386 properties: 387 clusterResourceWhitelist: 388 description: ClusterResourceWhitelist contains list of whitelisted cluster 389 level resources 390 items: 391 properties: 392 group: 393 type: string 394 kind: 395 type: string 396 required: 397 - group 398 - kind 399 type: object 400 type: array 401 description: 402 description: Description contains optional project description 403 type: string 404 destinations: 405 description: Destinations contains list of destinations available for 406 deployment 407 items: 408 properties: 409 namespace: 410 description: Namespace overrides the environment namespace value 411 in the ksonnet app.yaml 412 type: string 413 server: 414 description: Server overrides the environment server value in 415 the ksonnet app.yaml 416 type: string 417 type: object 418 type: array 419 namespaceResourceBlacklist: 420 description: NamespaceResourceBlacklist contains list of blacklisted 421 namespace level resources 422 items: 423 properties: 424 group: 425 type: string 426 kind: 427 type: string 428 required: 429 - group 430 - kind 431 type: object 432 type: array 433 orphanedResources: 434 description: OrphanedResources specifies if controller should monitor 435 orphaned resources of apps in this project 436 properties: 437 warn: 438 description: Warn indicates if warning condition should be created 439 for apps which have orphaned resources 440 type: boolean 441 type: object 442 roles: 443 description: Roles are user defined RBAC roles associated with this 444 project 445 items: 446 properties: 447 description: 448 description: Description is a description of the role 449 type: string 450 groups: 451 description: Groups are a list of OIDC group claims bound to this 452 role 453 items: 454 type: string 455 type: array 456 jwtTokens: 457 description: JWTTokens are a list of generated JWT tokens bound 458 to this role 459 items: 460 properties: 461 exp: 462 format: int64 463 type: integer 464 iat: 465 format: int64 466 type: integer 467 required: 468 - iat 469 type: object 470 type: array 471 name: 472 description: Name is a name for this role 473 type: string 474 policies: 475 description: Policies Stores a list of casbin formated strings 476 that define access policies for the role in the project 477 items: 478 type: string 479 type: array 480 required: 481 - name 482 type: object 483 type: array 484 sourceRepos: 485 description: SourceRepos contains list of repository URLs which can 486 be used for deployment 487 items: 488 type: string 489 type: array 490 syncWindows: 491 description: SyncWindows controls when syncs can be run for apps in 492 this project 493 items: 494 properties: 495 applications: 496 description: Applications contains a list of applications that 497 the window will apply to 498 items: 499 type: string 500 type: array 501 clusters: 502 description: Clusters contains a list of clusters that the window 503 will apply to 504 items: 505 type: string 506 type: array 507 duration: 508 description: Duration is the amount of time the sync window will 509 be open 510 type: string 511 kind: 512 description: Kind defines if the window allows or blocks syncs 513 type: string 514 manualSync: 515 description: ManualSync enables manual syncs when they would otherwise 516 be blocked 517 type: boolean 518 namespaces: 519 description: Namespaces contains a list of namespaces that the 520 window will apply to 521 items: 522 type: string 523 type: array 524 schedule: 525 description: Schedule is the time the window will begin, specified 526 in cron format 527 type: string 528 type: object 529 type: array 530 type: object 531 required: 532 - metadata 533 - spec 534 type: object 535 version: v1alpha1 536 versions: 537 - name: v1alpha1 538 served: true 539 storage: true