github.com/argoproj-labs/argocd-operator@v0.10.0/deploy/olm-catalog/argocd-operator/0.0.4/argoproj.io_appprojects_crd.yaml (about) 1 apiVersion: apiextensions.k8s.io/v1beta1 2 kind: CustomResourceDefinition 3 metadata: 4 labels: 5 app.kubernetes.io/name: appprojects.argoproj.io 6 app.kubernetes.io/part-of: argocd 7 name: appprojects.argoproj.io 8 spec: 9 group: argoproj.io 10 names: 11 kind: AppProject 12 listKind: AppProjectList 13 plural: appprojects 14 shortNames: 15 - appproj 16 - appprojs 17 singular: appproject 18 scope: Namespaced 19 validation: 20 openAPIV3Schema: 21 description: 'AppProject provides a logical grouping of applications, providing 22 controls for: * where the apps may deploy to (cluster whitelist) * what may 23 be deployed (repository whitelist, resource whitelist/blacklist) * who can 24 access these applications (roles, OIDC group claims bindings) * and what they 25 can do (RBAC policies) * automation access to these roles (JWT tokens)' 26 properties: 27 apiVersion: 28 description: 'APIVersion defines the versioned schema of this representation 29 of an object. Servers should convert recognized schemas to the latest 30 internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' 31 type: string 32 kind: 33 description: 'Kind is a string value representing the REST resource this 34 object represents. Servers may infer this from the endpoint the client 35 submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' 36 type: string 37 metadata: 38 type: object 39 spec: 40 description: AppProjectSpec is the specification of an AppProject 41 properties: 42 clusterResourceWhitelist: 43 description: ClusterResourceWhitelist contains list of whitelisted cluster 44 level resources 45 items: 46 description: GroupKind specifies a Group and a Kind, but does not 47 force a version. This is useful for identifying concepts during 48 lookup stages without having partially valid types 49 properties: 50 group: 51 type: string 52 kind: 53 type: string 54 required: 55 - group 56 - kind 57 type: object 58 type: array 59 description: 60 description: Description contains optional project description 61 type: string 62 destinations: 63 description: Destinations contains list of destinations available for 64 deployment 65 items: 66 description: ApplicationDestination contains deployment destination 67 information 68 properties: 69 namespace: 70 description: Namespace overrides the environment namespace value 71 in the ksonnet app.yaml 72 type: string 73 server: 74 description: Server overrides the environment server value in 75 the ksonnet app.yaml 76 type: string 77 type: object 78 type: array 79 namespaceResourceBlacklist: 80 description: NamespaceResourceBlacklist contains list of blacklisted 81 namespace level resources 82 items: 83 description: GroupKind specifies a Group and a Kind, but does not 84 force a version. This is useful for identifying concepts during 85 lookup stages without having partially valid types 86 properties: 87 group: 88 type: string 89 kind: 90 type: string 91 required: 92 - group 93 - kind 94 type: object 95 type: array 96 orphanedResources: 97 description: OrphanedResources specifies if controller should monitor 98 orphaned resources of apps in this project 99 properties: 100 warn: 101 description: Warn indicates if warning condition should be created 102 for apps which have orphaned resources 103 type: boolean 104 type: object 105 roles: 106 description: Roles are user defined RBAC roles associated with this 107 project 108 items: 109 description: ProjectRole represents a role that has access to a project 110 properties: 111 description: 112 description: Description is a description of the role 113 type: string 114 groups: 115 description: Groups are a list of OIDC group claims bound to this 116 role 117 items: 118 type: string 119 type: array 120 jwtTokens: 121 description: JWTTokens are a list of generated JWT tokens bound 122 to this role 123 items: 124 description: JWTToken holds the issuedAt and expiresAt values 125 of a token 126 properties: 127 exp: 128 format: int64 129 type: integer 130 iat: 131 format: int64 132 type: integer 133 required: 134 - iat 135 type: object 136 type: array 137 name: 138 description: Name is a name for this role 139 type: string 140 policies: 141 description: Policies Stores a list of casbin formated strings 142 that define access policies for the role in the project 143 items: 144 type: string 145 type: array 146 required: 147 - name 148 type: object 149 type: array 150 sourceRepos: 151 description: SourceRepos contains list of repository URLs which can 152 be used for deployment 153 items: 154 type: string 155 type: array 156 syncWindows: 157 description: SyncWindows controls when syncs can be run for apps in 158 this project 159 items: 160 description: SyncWindow contains the kind, time, duration and attributes 161 that are used to assign the syncWindows to apps 162 properties: 163 applications: 164 description: Applications contains a list of applications that 165 the window will apply to 166 items: 167 type: string 168 type: array 169 clusters: 170 description: Clusters contains a list of clusters that the window 171 will apply to 172 items: 173 type: string 174 type: array 175 duration: 176 description: Duration is the amount of time the sync window will 177 be open 178 type: string 179 kind: 180 description: Kind defines if the window allows or blocks syncs 181 type: string 182 manualSync: 183 description: ManualSync enables manual syncs when they would otherwise 184 be blocked 185 type: boolean 186 namespaces: 187 description: Namespaces contains a list of namespaces that the 188 window will apply to 189 items: 190 type: string 191 type: array 192 schedule: 193 description: Schedule is the time the window will begin, specified 194 in cron format 195 type: string 196 type: object 197 type: array 198 type: object 199 required: 200 - metadata 201 - spec 202 type: object 203 version: v1alpha1 204 versions: 205 - name: v1alpha1 206 served: true 207 storage: true