github.com/argoproj-labs/argocd-operator@v0.10.0/deploy/olm-catalog/argocd-operator/0.2.0/argoproj.io_appprojects.yaml (about) 1 apiVersion: apiextensions.k8s.io/v1 2 kind: CustomResourceDefinition 3 metadata: 4 creationTimestamp: null 5 labels: 6 app.kubernetes.io/name: appprojects.argoproj.io 7 app.kubernetes.io/part-of: argocd 8 name: appprojects.argoproj.io 9 spec: 10 group: argoproj.io 11 names: 12 kind: AppProject 13 listKind: AppProjectList 14 plural: appprojects 15 shortNames: 16 - appproj 17 - appprojs 18 singular: appproject 19 scope: Namespaced 20 versions: 21 - name: v1alpha1 22 schema: 23 openAPIV3Schema: 24 description: 'AppProject provides a logical grouping of applications, providing 25 controls for: * where the apps may deploy to (cluster whitelist) * what 26 may be deployed (repository whitelist, resource whitelist/blacklist) * who 27 can access these applications (roles, OIDC group claims bindings) * and 28 what they can do (RBAC policies) * automation access to these roles (JWT 29 tokens)' 30 properties: 31 apiVersion: 32 description: 'APIVersion defines the versioned schema of this representation 33 of an object. Servers should convert recognized schemas to the latest 34 internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' 35 type: string 36 kind: 37 description: 'Kind is a string value representing the REST resource this 38 object represents. Servers may infer this from the endpoint the client 39 submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' 40 type: string 41 metadata: 42 type: object 43 spec: 44 description: AppProjectSpec is the specification of an AppProject 45 properties: 46 clusterResourceBlacklist: 47 description: ClusterResourceBlacklist contains list of blacklisted 48 cluster level resources 49 items: 50 description: GroupKind specifies a Group and a Kind, but does not 51 force a version. This is useful for identifying concepts during 52 lookup stages without having partially valid types 53 properties: 54 group: 55 type: string 56 kind: 57 type: string 58 required: 59 - group 60 - kind 61 type: object 62 type: array 63 clusterResourceWhitelist: 64 description: ClusterResourceWhitelist contains list of whitelisted 65 cluster level resources 66 items: 67 description: GroupKind specifies a Group and a Kind, but does not 68 force a version. This is useful for identifying concepts during 69 lookup stages without having partially valid types 70 properties: 71 group: 72 type: string 73 kind: 74 type: string 75 required: 76 - group 77 - kind 78 type: object 79 type: array 80 description: 81 description: Description contains optional project description 82 type: string 83 destinations: 84 description: Destinations contains list of destinations available 85 for deployment 86 items: 87 description: ApplicationDestination holds information about the 88 application's destination 89 properties: 90 name: 91 description: Name is an alternate way of specifying the target 92 cluster by its symbolic name 93 type: string 94 namespace: 95 description: Namespace specifies the target namespace for the 96 application's resources. The namespace will only be set for 97 namespace-scoped resources that have not set a value for .metadata.namespace 98 type: string 99 server: 100 description: Server specifies the URL of the target cluster 101 and must be set to the Kubernetes control plane API 102 type: string 103 type: object 104 type: array 105 namespaceResourceBlacklist: 106 description: NamespaceResourceBlacklist contains list of blacklisted 107 namespace level resources 108 items: 109 description: GroupKind specifies a Group and a Kind, but does not 110 force a version. This is useful for identifying concepts during 111 lookup stages without having partially valid types 112 properties: 113 group: 114 type: string 115 kind: 116 type: string 117 required: 118 - group 119 - kind 120 type: object 121 type: array 122 namespaceResourceWhitelist: 123 description: NamespaceResourceWhitelist contains list of whitelisted 124 namespace level resources 125 items: 126 description: GroupKind specifies a Group and a Kind, but does not 127 force a version. This is useful for identifying concepts during 128 lookup stages without having partially valid types 129 properties: 130 group: 131 type: string 132 kind: 133 type: string 134 required: 135 - group 136 - kind 137 type: object 138 type: array 139 orphanedResources: 140 description: OrphanedResources specifies if controller should monitor 141 orphaned resources of apps in this project 142 properties: 143 ignore: 144 description: Ignore contains a list of resources that are to be 145 excluded from orphaned resources monitoring 146 items: 147 description: OrphanedResourceKey is a reference to a resource 148 to be ignored from 149 properties: 150 group: 151 type: string 152 kind: 153 type: string 154 name: 155 type: string 156 type: object 157 type: array 158 warn: 159 description: Warn indicates if warning condition should be created 160 for apps which have orphaned resources 161 type: boolean 162 type: object 163 roles: 164 description: Roles are user defined RBAC roles associated with this 165 project 166 items: 167 description: ProjectRole represents a role that has access to a 168 project 169 properties: 170 description: 171 description: Description is a description of the role 172 type: string 173 groups: 174 description: Groups are a list of OIDC group claims bound to 175 this role 176 items: 177 type: string 178 type: array 179 jwtTokens: 180 description: JWTTokens are a list of generated JWT tokens bound 181 to this role 182 items: 183 description: JWTToken holds the issuedAt and expiresAt values 184 of a token 185 properties: 186 exp: 187 format: int64 188 type: integer 189 iat: 190 format: int64 191 type: integer 192 id: 193 type: string 194 required: 195 - iat 196 type: object 197 type: array 198 name: 199 description: Name is a name for this role 200 type: string 201 policies: 202 description: Policies Stores a list of casbin formated strings 203 that define access policies for the role in the project 204 items: 205 type: string 206 type: array 207 required: 208 - name 209 type: object 210 type: array 211 signatureKeys: 212 description: SignatureKeys contains a list of PGP key IDs that commits 213 in Git must be signed with in order to be allowed for sync 214 items: 215 description: SignatureKey is the specification of a key required 216 to verify commit signatures with 217 properties: 218 keyID: 219 description: The ID of the key in hexadecimal notation 220 type: string 221 required: 222 - keyID 223 type: object 224 type: array 225 sourceRepos: 226 description: SourceRepos contains list of repository URLs which can 227 be used for deployment 228 items: 229 type: string 230 type: array 231 syncWindows: 232 description: SyncWindows controls when syncs can be run for apps in 233 this project 234 items: 235 description: SyncWindow contains the kind, time, duration and attributes 236 that are used to assign the syncWindows to apps 237 properties: 238 applications: 239 description: Applications contains a list of applications that 240 the window will apply to 241 items: 242 type: string 243 type: array 244 clusters: 245 description: Clusters contains a list of clusters that the window 246 will apply to 247 items: 248 type: string 249 type: array 250 duration: 251 description: Duration is the amount of time the sync window 252 will be open 253 type: string 254 kind: 255 description: Kind defines if the window allows or blocks syncs 256 type: string 257 manualSync: 258 description: ManualSync enables manual syncs when they would 259 otherwise be blocked 260 type: boolean 261 namespaces: 262 description: Namespaces contains a list of namespaces that the 263 window will apply to 264 items: 265 type: string 266 type: array 267 schedule: 268 description: Schedule is the time the window will begin, specified 269 in cron format 270 type: string 271 timeZone: 272 description: TimeZone of the sync that will be applied to the 273 schedule 274 type: string 275 type: object 276 type: array 277 type: object 278 status: 279 description: AppProjectStatus contains status information for AppProject 280 CRs 281 properties: 282 jwtTokensByRole: 283 additionalProperties: 284 description: JWTTokens represents a list of JWT tokens 285 properties: 286 items: 287 items: 288 description: JWTToken holds the issuedAt and expiresAt values 289 of a token 290 properties: 291 exp: 292 format: int64 293 type: integer 294 iat: 295 format: int64 296 type: integer 297 id: 298 type: string 299 required: 300 - iat 301 type: object 302 type: array 303 type: object 304 description: JWTTokensByRole contains a list of JWT tokens issued 305 for a given role 306 type: object 307 type: object 308 required: 309 - metadata 310 - spec 311 type: object 312 served: true 313 storage: true 314 status: 315 acceptedNames: 316 kind: "" 317 plural: "" 318 conditions: null 319 storedVersions: null