github.com/argoproj-labs/argocd-operator@v0.10.0/deploy/olm-catalog/argocd-operator/0.2.0/argoproj.io_argocds.yaml (about) 1 apiVersion: apiextensions.k8s.io/v1 2 kind: CustomResourceDefinition 3 metadata: 4 annotations: 5 controller-gen.kubebuilder.io/version: v0.6.1 6 creationTimestamp: null 7 name: argocds.argoproj.io 8 spec: 9 group: argoproj.io 10 names: 11 kind: ArgoCD 12 listKind: ArgoCDList 13 plural: argocds 14 singular: argocd 15 scope: Namespaced 16 versions: 17 - name: v1alpha1 18 schema: 19 openAPIV3Schema: 20 description: ArgoCD is the Schema for the argocds API 21 properties: 22 apiVersion: 23 description: 'APIVersion defines the versioned schema of this representation 24 of an object. Servers should convert recognized schemas to the latest 25 internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' 26 type: string 27 kind: 28 description: 'Kind is a string value representing the REST resource this 29 object represents. Servers may infer this from the endpoint the client 30 submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' 31 type: string 32 metadata: 33 type: object 34 spec: 35 description: ArgoCDSpec defines the desired state of ArgoCD 36 properties: 37 applicationInstanceLabelKey: 38 description: ApplicationInstanceLabelKey is the key name where Argo 39 CD injects the app name as a tracking label. 40 type: string 41 applicationSet: 42 description: ArgoCDApplicationSet defines whether the Argo CD ApplicationSet 43 controller should be installed. 44 properties: 45 image: 46 description: Image is the Argo CD ApplicationSet image (optional) 47 type: string 48 logLevel: 49 description: LogLevel describes the log level that should be used 50 by the ApplicationSet controller. Defaults to ArgoCDDefaultLogLevel 51 if not set. Valid options are debug,info, error, and warn. 52 type: string 53 resources: 54 description: Resources defines the Compute Resources required 55 by the container for ApplicationSet. 56 properties: 57 limits: 58 additionalProperties: 59 anyOf: 60 - type: integer 61 - type: string 62 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 63 x-kubernetes-int-or-string: true 64 description: 'Limits describes the maximum amount of compute 65 resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' 66 type: object 67 requests: 68 additionalProperties: 69 anyOf: 70 - type: integer 71 - type: string 72 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 73 x-kubernetes-int-or-string: true 74 description: 'Requests describes the minimum amount of compute 75 resources required. If Requests is omitted for a container, 76 it defaults to Limits if that is explicitly specified, otherwise 77 to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' 78 type: object 79 type: object 80 version: 81 description: Version is the Argo CD ApplicationSet image tag. 82 (optional) 83 type: string 84 type: object 85 banner: 86 description: Banner defines an additional banner to be displayed in 87 Argo CD UI 88 properties: 89 content: 90 description: Content defines the banner message content to display 91 type: string 92 url: 93 description: URL defines an optional URL to be used as banner 94 message link 95 type: string 96 required: 97 - content 98 type: object 99 configManagementPlugins: 100 description: ConfigManagementPlugins is used to specify additional 101 config management plugins. 102 type: string 103 controller: 104 description: Controller defines the Application Controller options 105 for ArgoCD. 106 properties: 107 appSync: 108 description: "AppSync is used to control the sync frequency, by 109 default the ArgoCD controller polls Git every 3m by default. 110 \n Set this to a duration, e.g. 10m or 600s to control the synchronisation 111 frequency." 112 type: string 113 env: 114 description: Env lets you specify environment for application 115 controller pods 116 items: 117 description: EnvVar represents an environment variable present 118 in a Container. 119 properties: 120 name: 121 description: Name of the environment variable. Must be a 122 C_IDENTIFIER. 123 type: string 124 value: 125 description: 'Variable references $(VAR_NAME) are expanded 126 using the previously defined environment variables in 127 the container and any service environment variables. If 128 a variable cannot be resolved, the reference in the input 129 string will be unchanged. Double $$ are reduced to a single 130 $, which allows for escaping the $(VAR_NAME) syntax: i.e. 131 "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". 132 Escaped references will never be expanded, regardless 133 of whether the variable exists or not. Defaults to "".' 134 type: string 135 valueFrom: 136 description: Source for the environment variable's value. 137 Cannot be used if value is not empty. 138 properties: 139 configMapKeyRef: 140 description: Selects a key of a ConfigMap. 141 properties: 142 key: 143 description: The key to select. 144 type: string 145 name: 146 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 147 TODO: Add other useful fields. apiVersion, kind, 148 uid?' 149 type: string 150 optional: 151 description: Specify whether the ConfigMap or its 152 key must be defined 153 type: boolean 154 required: 155 - key 156 type: object 157 fieldRef: 158 description: 'Selects a field of the pod: supports metadata.name, 159 metadata.namespace, `metadata.labels[''<KEY>'']`, 160 `metadata.annotations[''<KEY>'']`, spec.nodeName, 161 spec.serviceAccountName, status.hostIP, status.podIP, 162 status.podIPs.' 163 properties: 164 apiVersion: 165 description: Version of the schema the FieldPath 166 is written in terms of, defaults to "v1". 167 type: string 168 fieldPath: 169 description: Path of the field to select in the 170 specified API version. 171 type: string 172 required: 173 - fieldPath 174 type: object 175 resourceFieldRef: 176 description: 'Selects a resource of the container: only 177 resources limits and requests (limits.cpu, limits.memory, 178 limits.ephemeral-storage, requests.cpu, requests.memory 179 and requests.ephemeral-storage) are currently supported.' 180 properties: 181 containerName: 182 description: 'Container name: required for volumes, 183 optional for env vars' 184 type: string 185 divisor: 186 anyOf: 187 - type: integer 188 - type: string 189 description: Specifies the output format of the 190 exposed resources, defaults to "1" 191 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 192 x-kubernetes-int-or-string: true 193 resource: 194 description: 'Required: resource to select' 195 type: string 196 required: 197 - resource 198 type: object 199 secretKeyRef: 200 description: Selects a key of a secret in the pod's 201 namespace 202 properties: 203 key: 204 description: The key of the secret to select from. Must 205 be a valid secret key. 206 type: string 207 name: 208 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 209 TODO: Add other useful fields. apiVersion, kind, 210 uid?' 211 type: string 212 optional: 213 description: Specify whether the Secret or its key 214 must be defined 215 type: boolean 216 required: 217 - key 218 type: object 219 type: object 220 required: 221 - name 222 type: object 223 type: array 224 logFormat: 225 description: LogFormat refers to the log format used by the Application 226 Controller component. Defaults to ArgoCDDefaultLogFormat if 227 not configured. Valid options are text or json. 228 type: string 229 logLevel: 230 description: LogLevel refers to the log level used by the Application 231 Controller component. Defaults to ArgoCDDefaultLogLevel if not 232 configured. Valid options are debug, info, error, and warn. 233 type: string 234 parallelismLimit: 235 description: ParallelismLimit defines the limit for parallel kubectl 236 operations 237 format: int32 238 type: integer 239 processors: 240 description: Processors contains the options for the Application 241 Controller processors. 242 properties: 243 operation: 244 description: Operation is the number of application operation 245 processors. 246 format: int32 247 type: integer 248 status: 249 description: Status is the number of application status processors. 250 format: int32 251 type: integer 252 type: object 253 resources: 254 description: Resources defines the Compute Resources required 255 by the container for the Application Controller. 256 properties: 257 limits: 258 additionalProperties: 259 anyOf: 260 - type: integer 261 - type: string 262 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 263 x-kubernetes-int-or-string: true 264 description: 'Limits describes the maximum amount of compute 265 resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' 266 type: object 267 requests: 268 additionalProperties: 269 anyOf: 270 - type: integer 271 - type: string 272 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 273 x-kubernetes-int-or-string: true 274 description: 'Requests describes the minimum amount of compute 275 resources required. If Requests is omitted for a container, 276 it defaults to Limits if that is explicitly specified, otherwise 277 to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' 278 type: object 279 type: object 280 sharding: 281 description: Sharding contains the options for the Application 282 Controller sharding configuration. 283 properties: 284 enabled: 285 description: Enabled defines whether sharding should be enabled 286 on the Application Controller component. 287 type: boolean 288 replicas: 289 description: Replicas defines the number of replicas to run 290 in the Application controller shard. 291 format: int32 292 type: integer 293 type: object 294 type: object 295 dex: 296 description: Dex defines the Dex server options for ArgoCD. 297 properties: 298 config: 299 description: Config is the dex connector configuration. 300 type: string 301 groups: 302 description: Optional list of required groups a user must be a 303 member of 304 items: 305 type: string 306 type: array 307 image: 308 description: Image is the Dex container image. 309 type: string 310 openShiftOAuth: 311 description: OpenShiftOAuth enables OpenShift OAuth authentication 312 for the Dex server. 313 type: boolean 314 resources: 315 description: Resources defines the Compute Resources required 316 by the container for Dex. 317 properties: 318 limits: 319 additionalProperties: 320 anyOf: 321 - type: integer 322 - type: string 323 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 324 x-kubernetes-int-or-string: true 325 description: 'Limits describes the maximum amount of compute 326 resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' 327 type: object 328 requests: 329 additionalProperties: 330 anyOf: 331 - type: integer 332 - type: string 333 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 334 x-kubernetes-int-or-string: true 335 description: 'Requests describes the minimum amount of compute 336 resources required. If Requests is omitted for a container, 337 it defaults to Limits if that is explicitly specified, otherwise 338 to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' 339 type: object 340 type: object 341 version: 342 description: Version is the Dex container image tag. 343 type: string 344 type: object 345 disableAdmin: 346 description: DisableAdmin will disable the admin user. 347 type: boolean 348 gaAnonymizeUsers: 349 description: GAAnonymizeUsers toggles user IDs being hashed before 350 sending to google analytics. 351 type: boolean 352 gaTrackingID: 353 description: GATrackingID is the google analytics tracking ID to use. 354 type: string 355 grafana: 356 description: Grafana defines the Grafana server options for ArgoCD. 357 properties: 358 enabled: 359 description: Enabled will toggle Grafana support globally for 360 ArgoCD. 361 type: boolean 362 host: 363 description: Host is the hostname to use for Ingress/Route resources. 364 type: string 365 image: 366 description: Image is the Grafana container image. 367 type: string 368 ingress: 369 description: Ingress defines the desired state for an Ingress 370 for the Grafana component. 371 properties: 372 annotations: 373 additionalProperties: 374 type: string 375 description: Annotations is the map of annotations to apply 376 to the Ingress. 377 type: object 378 enabled: 379 description: Enabled will toggle the creation of the Ingress. 380 type: boolean 381 path: 382 description: Path used for the Ingress resource. 383 type: string 384 tls: 385 description: TLS configuration. Currently the Ingress only 386 supports a single TLS port, 443. If multiple members of 387 this list specify different hosts, they will be multiplexed 388 on the same port according to the hostname specified through 389 the SNI TLS extension, if the ingress controller fulfilling 390 the ingress supports SNI. 391 items: 392 description: IngressTLS describes the transport layer security 393 associated with an Ingress. 394 properties: 395 hosts: 396 description: Hosts are a list of hosts included in the 397 TLS certificate. The values in this list must match 398 the name/s used in the tlsSecret. Defaults to the 399 wildcard host setting for the loadbalancer controller 400 fulfilling this Ingress, if left unspecified. 401 items: 402 type: string 403 type: array 404 x-kubernetes-list-type: atomic 405 secretName: 406 description: SecretName is the name of the secret used 407 to terminate TLS traffic on port 443. Field is left 408 optional to allow TLS routing based on SNI hostname 409 alone. If the SNI host in a listener conflicts with 410 the "Host" header field used by an IngressRule, the 411 SNI host is used for termination and value of the 412 Host header is used for routing. 413 type: string 414 type: object 415 type: array 416 required: 417 - enabled 418 type: object 419 resources: 420 description: Resources defines the Compute Resources required 421 by the container for Grafana. 422 properties: 423 limits: 424 additionalProperties: 425 anyOf: 426 - type: integer 427 - type: string 428 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 429 x-kubernetes-int-or-string: true 430 description: 'Limits describes the maximum amount of compute 431 resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' 432 type: object 433 requests: 434 additionalProperties: 435 anyOf: 436 - type: integer 437 - type: string 438 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 439 x-kubernetes-int-or-string: true 440 description: 'Requests describes the minimum amount of compute 441 resources required. If Requests is omitted for a container, 442 it defaults to Limits if that is explicitly specified, otherwise 443 to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' 444 type: object 445 type: object 446 route: 447 description: Route defines the desired state for an OpenShift 448 Route for the Grafana component. 449 properties: 450 annotations: 451 additionalProperties: 452 type: string 453 description: Annotations is the map of annotations to use 454 for the Route resource. 455 type: object 456 enabled: 457 description: Enabled will toggle the creation of the OpenShift 458 Route. 459 type: boolean 460 labels: 461 additionalProperties: 462 type: string 463 description: Labels is the map of labels to use for the Route 464 resource 465 type: object 466 path: 467 description: Path the router watches for, to route traffic 468 for to the service. 469 type: string 470 tls: 471 description: TLS provides the ability to configure certificates 472 and termination for the Route. 473 properties: 474 caCertificate: 475 description: caCertificate provides the cert authority 476 certificate contents 477 type: string 478 certificate: 479 description: certificate provides certificate contents 480 type: string 481 destinationCACertificate: 482 description: destinationCACertificate provides the contents 483 of the ca certificate of the final destination. When 484 using reencrypt termination this file should be provided 485 in order to have routers use it for health checks on 486 the secure connection. If this field is not specified, 487 the router may provide its own destination CA and perform 488 hostname validation using the short service name (service.namespace.svc), 489 which allows infrastructure generated certificates to 490 automatically verify. 491 type: string 492 insecureEdgeTerminationPolicy: 493 description: "insecureEdgeTerminationPolicy indicates 494 the desired behavior for insecure connections to a route. 495 While each router may make its own decisions on which 496 ports to expose, this is normally port 80. \n * Allow 497 - traffic is sent to the server on the insecure port 498 (default) * Disable - no traffic is allowed on the insecure 499 port. * Redirect - clients are redirected to the secure 500 port." 501 type: string 502 key: 503 description: key provides key file contents 504 type: string 505 termination: 506 description: termination indicates termination type. 507 type: string 508 required: 509 - termination 510 type: object 511 wildcardPolicy: 512 description: WildcardPolicy if any for the route. Currently 513 only 'Subdomain' or 'None' is allowed. 514 type: string 515 required: 516 - enabled 517 type: object 518 size: 519 description: Size is the replica count for the Grafana Deployment. 520 format: int32 521 type: integer 522 version: 523 description: Version is the Grafana container image tag. 524 type: string 525 required: 526 - enabled 527 type: object 528 ha: 529 description: HA options for High Availability support for the Redis 530 component. 531 properties: 532 enabled: 533 description: Enabled will toggle HA support globally for Argo 534 CD. 535 type: boolean 536 redisProxyImage: 537 description: RedisProxyImage is the Redis HAProxy container image. 538 type: string 539 redisProxyVersion: 540 description: RedisProxyVersion is the Redis HAProxy container 541 image tag. 542 type: string 543 resources: 544 description: Resources defines the Compute Resources required 545 by the container for HA. 546 properties: 547 limits: 548 additionalProperties: 549 anyOf: 550 - type: integer 551 - type: string 552 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 553 x-kubernetes-int-or-string: true 554 description: 'Limits describes the maximum amount of compute 555 resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' 556 type: object 557 requests: 558 additionalProperties: 559 anyOf: 560 - type: integer 561 - type: string 562 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 563 x-kubernetes-int-or-string: true 564 description: 'Requests describes the minimum amount of compute 565 resources required. If Requests is omitted for a container, 566 it defaults to Limits if that is explicitly specified, otherwise 567 to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' 568 type: object 569 type: object 570 required: 571 - enabled 572 type: object 573 helpChatText: 574 description: HelpChatText is the text for getting chat help, defaults 575 to "Chat now!" 576 type: string 577 helpChatURL: 578 description: HelpChatURL is the URL for getting chat help, this will 579 typically be your Slack channel for support. 580 type: string 581 image: 582 description: Image is the ArgoCD container image for all ArgoCD components. 583 type: string 584 import: 585 description: Import is the import/restore options for ArgoCD. 586 properties: 587 name: 588 description: Name of an ArgoCDExport from which to import data. 589 type: string 590 namespace: 591 description: Namespace for the ArgoCDExport, defaults to the same 592 namespace as the ArgoCD. 593 type: string 594 required: 595 - name 596 type: object 597 initialRepositories: 598 description: InitialRepositories to configure Argo CD with upon creation 599 of the cluster. 600 type: string 601 initialSSHKnownHosts: 602 description: InitialSSHKnownHosts defines the SSH known hosts data 603 upon creation of the cluster for connecting Git repositories via 604 SSH. 605 properties: 606 excludedefaulthosts: 607 description: ExcludeDefaultHosts describes whether you would like 608 to include the default list of SSH Known Hosts provided by ArgoCD. 609 type: boolean 610 keys: 611 description: Keys describes a custom set of SSH Known Hosts that 612 you would like to have included in your ArgoCD server. 613 type: string 614 type: object 615 kustomizeBuildOptions: 616 description: KustomizeBuildOptions is used to specify build options/parameters 617 to use with `kustomize build`. 618 type: string 619 kustomizeVersions: 620 description: KustomizeVersions is a listing of configured versions 621 of Kustomize to be made available within ArgoCD. 622 items: 623 description: KustomizeVersionSpec is used to specify information 624 about a kustomize version to be used within ArgoCD. 625 properties: 626 path: 627 description: Path is the path to a configured kustomize version 628 on the filesystem of your repo server. 629 type: string 630 version: 631 description: Version is a configured kustomize version in the 632 format of vX.Y.Z 633 type: string 634 type: object 635 type: array 636 nodePlacement: 637 description: NodePlacement defines NodeSelectors and Taints for Argo 638 CD workloads 639 properties: 640 nodeSelector: 641 additionalProperties: 642 type: string 643 description: NodeSelector is a field of PodSpec, it is a map of 644 key value pairs used for node selection 645 type: object 646 tolerations: 647 description: Tolerations allow the pods to schedule onto nodes 648 with matching taints 649 items: 650 description: The pod this Toleration is attached to tolerates 651 any taint that matches the triple <key,value,effect> using 652 the matching operator <operator>. 653 properties: 654 effect: 655 description: Effect indicates the taint effect to match. 656 Empty means match all taint effects. When specified, allowed 657 values are NoSchedule, PreferNoSchedule and NoExecute. 658 type: string 659 key: 660 description: Key is the taint key that the toleration applies 661 to. Empty means match all taint keys. If the key is empty, 662 operator must be Exists; this combination means to match 663 all values and all keys. 664 type: string 665 operator: 666 description: Operator represents a key's relationship to 667 the value. Valid operators are Exists and Equal. Defaults 668 to Equal. Exists is equivalent to wildcard for value, 669 so that a pod can tolerate all taints of a particular 670 category. 671 type: string 672 tolerationSeconds: 673 description: TolerationSeconds represents the period of 674 time the toleration (which must be of effect NoExecute, 675 otherwise this field is ignored) tolerates the taint. 676 By default, it is not set, which means tolerate the taint 677 forever (do not evict). Zero and negative values will 678 be treated as 0 (evict immediately) by the system. 679 format: int64 680 type: integer 681 value: 682 description: Value is the taint value the toleration matches 683 to. If the operator is Exists, the value should be empty, 684 otherwise just a regular string. 685 type: string 686 type: object 687 type: array 688 type: object 689 oidcConfig: 690 description: OIDCConfig is the OIDC configuration as an alternative 691 to dex. 692 type: string 693 prometheus: 694 description: Prometheus defines the Prometheus server options for 695 ArgoCD. 696 properties: 697 enabled: 698 description: Enabled will toggle Prometheus support globally for 699 ArgoCD. 700 type: boolean 701 host: 702 description: Host is the hostname to use for Ingress/Route resources. 703 type: string 704 ingress: 705 description: Ingress defines the desired state for an Ingress 706 for the Prometheus component. 707 properties: 708 annotations: 709 additionalProperties: 710 type: string 711 description: Annotations is the map of annotations to apply 712 to the Ingress. 713 type: object 714 enabled: 715 description: Enabled will toggle the creation of the Ingress. 716 type: boolean 717 path: 718 description: Path used for the Ingress resource. 719 type: string 720 tls: 721 description: TLS configuration. Currently the Ingress only 722 supports a single TLS port, 443. If multiple members of 723 this list specify different hosts, they will be multiplexed 724 on the same port according to the hostname specified through 725 the SNI TLS extension, if the ingress controller fulfilling 726 the ingress supports SNI. 727 items: 728 description: IngressTLS describes the transport layer security 729 associated with an Ingress. 730 properties: 731 hosts: 732 description: Hosts are a list of hosts included in the 733 TLS certificate. The values in this list must match 734 the name/s used in the tlsSecret. Defaults to the 735 wildcard host setting for the loadbalancer controller 736 fulfilling this Ingress, if left unspecified. 737 items: 738 type: string 739 type: array 740 x-kubernetes-list-type: atomic 741 secretName: 742 description: SecretName is the name of the secret used 743 to terminate TLS traffic on port 443. Field is left 744 optional to allow TLS routing based on SNI hostname 745 alone. If the SNI host in a listener conflicts with 746 the "Host" header field used by an IngressRule, the 747 SNI host is used for termination and value of the 748 Host header is used for routing. 749 type: string 750 type: object 751 type: array 752 required: 753 - enabled 754 type: object 755 route: 756 description: Route defines the desired state for an OpenShift 757 Route for the Prometheus component. 758 properties: 759 annotations: 760 additionalProperties: 761 type: string 762 description: Annotations is the map of annotations to use 763 for the Route resource. 764 type: object 765 enabled: 766 description: Enabled will toggle the creation of the OpenShift 767 Route. 768 type: boolean 769 labels: 770 additionalProperties: 771 type: string 772 description: Labels is the map of labels to use for the Route 773 resource 774 type: object 775 path: 776 description: Path the router watches for, to route traffic 777 for to the service. 778 type: string 779 tls: 780 description: TLS provides the ability to configure certificates 781 and termination for the Route. 782 properties: 783 caCertificate: 784 description: caCertificate provides the cert authority 785 certificate contents 786 type: string 787 certificate: 788 description: certificate provides certificate contents 789 type: string 790 destinationCACertificate: 791 description: destinationCACertificate provides the contents 792 of the ca certificate of the final destination. When 793 using reencrypt termination this file should be provided 794 in order to have routers use it for health checks on 795 the secure connection. If this field is not specified, 796 the router may provide its own destination CA and perform 797 hostname validation using the short service name (service.namespace.svc), 798 which allows infrastructure generated certificates to 799 automatically verify. 800 type: string 801 insecureEdgeTerminationPolicy: 802 description: "insecureEdgeTerminationPolicy indicates 803 the desired behavior for insecure connections to a route. 804 While each router may make its own decisions on which 805 ports to expose, this is normally port 80. \n * Allow 806 - traffic is sent to the server on the insecure port 807 (default) * Disable - no traffic is allowed on the insecure 808 port. * Redirect - clients are redirected to the secure 809 port." 810 type: string 811 key: 812 description: key provides key file contents 813 type: string 814 termination: 815 description: termination indicates termination type. 816 type: string 817 required: 818 - termination 819 type: object 820 wildcardPolicy: 821 description: WildcardPolicy if any for the route. Currently 822 only 'Subdomain' or 'None' is allowed. 823 type: string 824 required: 825 - enabled 826 type: object 827 size: 828 description: Size is the replica count for the Prometheus StatefulSet. 829 format: int32 830 type: integer 831 required: 832 - enabled 833 type: object 834 rbac: 835 description: RBAC defines the RBAC configuration for Argo CD. 836 properties: 837 defaultPolicy: 838 description: DefaultPolicy is the name of the default role which 839 Argo CD will falls back to, when authorizing API requests (optional). 840 If omitted or empty, users may be still be able to login, but 841 will see no apps, projects, etc... 842 type: string 843 policy: 844 description: 'Policy is CSV containing user-defined RBAC policies 845 and role definitions. Policy rules are in the form: p, subject, 846 resource, action, object, effect Role definitions and bindings 847 are in the form: g, subject, inherited-subject See https://github.com/argoproj/argo-cd/blob/master/docs/operator-manual/rbac.md 848 for additional information.' 849 type: string 850 scopes: 851 description: 'Scopes controls which OIDC scopes to examine during 852 rbac enforcement (in addition to `sub` scope). If omitted, defaults 853 to: ''[groups]''.' 854 type: string 855 type: object 856 redis: 857 description: Redis defines the Redis server options for ArgoCD. 858 properties: 859 image: 860 description: Image is the Redis container image. 861 type: string 862 resources: 863 description: Resources defines the Compute Resources required 864 by the container for Redis. 865 properties: 866 limits: 867 additionalProperties: 868 anyOf: 869 - type: integer 870 - type: string 871 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 872 x-kubernetes-int-or-string: true 873 description: 'Limits describes the maximum amount of compute 874 resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' 875 type: object 876 requests: 877 additionalProperties: 878 anyOf: 879 - type: integer 880 - type: string 881 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 882 x-kubernetes-int-or-string: true 883 description: 'Requests describes the minimum amount of compute 884 resources required. If Requests is omitted for a container, 885 it defaults to Limits if that is explicitly specified, otherwise 886 to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' 887 type: object 888 type: object 889 version: 890 description: Version is the Redis container image tag. 891 type: string 892 type: object 893 repo: 894 description: Repo defines the repo server options for Argo CD. 895 properties: 896 autotls: 897 description: 'AutoTLS specifies the method to use for automatic 898 TLS configuration for the repo server The value specified here 899 can currently be: - openshift - Use the OpenShift service CA 900 to request TLS config' 901 type: string 902 env: 903 description: Env lets you specify environment for repo server 904 pods 905 items: 906 description: EnvVar represents an environment variable present 907 in a Container. 908 properties: 909 name: 910 description: Name of the environment variable. Must be a 911 C_IDENTIFIER. 912 type: string 913 value: 914 description: 'Variable references $(VAR_NAME) are expanded 915 using the previously defined environment variables in 916 the container and any service environment variables. If 917 a variable cannot be resolved, the reference in the input 918 string will be unchanged. Double $$ are reduced to a single 919 $, which allows for escaping the $(VAR_NAME) syntax: i.e. 920 "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". 921 Escaped references will never be expanded, regardless 922 of whether the variable exists or not. Defaults to "".' 923 type: string 924 valueFrom: 925 description: Source for the environment variable's value. 926 Cannot be used if value is not empty. 927 properties: 928 configMapKeyRef: 929 description: Selects a key of a ConfigMap. 930 properties: 931 key: 932 description: The key to select. 933 type: string 934 name: 935 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 936 TODO: Add other useful fields. apiVersion, kind, 937 uid?' 938 type: string 939 optional: 940 description: Specify whether the ConfigMap or its 941 key must be defined 942 type: boolean 943 required: 944 - key 945 type: object 946 fieldRef: 947 description: 'Selects a field of the pod: supports metadata.name, 948 metadata.namespace, `metadata.labels[''<KEY>'']`, 949 `metadata.annotations[''<KEY>'']`, spec.nodeName, 950 spec.serviceAccountName, status.hostIP, status.podIP, 951 status.podIPs.' 952 properties: 953 apiVersion: 954 description: Version of the schema the FieldPath 955 is written in terms of, defaults to "v1". 956 type: string 957 fieldPath: 958 description: Path of the field to select in the 959 specified API version. 960 type: string 961 required: 962 - fieldPath 963 type: object 964 resourceFieldRef: 965 description: 'Selects a resource of the container: only 966 resources limits and requests (limits.cpu, limits.memory, 967 limits.ephemeral-storage, requests.cpu, requests.memory 968 and requests.ephemeral-storage) are currently supported.' 969 properties: 970 containerName: 971 description: 'Container name: required for volumes, 972 optional for env vars' 973 type: string 974 divisor: 975 anyOf: 976 - type: integer 977 - type: string 978 description: Specifies the output format of the 979 exposed resources, defaults to "1" 980 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 981 x-kubernetes-int-or-string: true 982 resource: 983 description: 'Required: resource to select' 984 type: string 985 required: 986 - resource 987 type: object 988 secretKeyRef: 989 description: Selects a key of a secret in the pod's 990 namespace 991 properties: 992 key: 993 description: The key of the secret to select from. Must 994 be a valid secret key. 995 type: string 996 name: 997 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 998 TODO: Add other useful fields. apiVersion, kind, 999 uid?' 1000 type: string 1001 optional: 1002 description: Specify whether the Secret or its key 1003 must be defined 1004 type: boolean 1005 required: 1006 - key 1007 type: object 1008 type: object 1009 required: 1010 - name 1011 type: object 1012 type: array 1013 execTimeout: 1014 description: ExecTimeout specifies the timeout in seconds for 1015 tool execution 1016 type: integer 1017 image: 1018 description: Image is the ArgoCD Repo Server container image. 1019 type: string 1020 initContainers: 1021 description: InitContainers defines the list of initialization 1022 containers for the repo server deployment 1023 items: 1024 description: A single application container that you want to 1025 run within a pod. 1026 properties: 1027 args: 1028 description: 'Arguments to the entrypoint. The docker image''s 1029 CMD is used if this is not provided. Variable references 1030 $(VAR_NAME) are expanded using the container''s environment. 1031 If a variable cannot be resolved, the reference in the 1032 input string will be unchanged. Double $$ are reduced 1033 to a single $, which allows for escaping the $(VAR_NAME) 1034 syntax: i.e. "$$(VAR_NAME)" will produce the string literal 1035 "$(VAR_NAME)". Escaped references will never be expanded, 1036 regardless of whether the variable exists or not. Cannot 1037 be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell' 1038 items: 1039 type: string 1040 type: array 1041 command: 1042 description: 'Entrypoint array. Not executed within a shell. 1043 The docker image''s ENTRYPOINT is used if this is not 1044 provided. Variable references $(VAR_NAME) are expanded 1045 using the container''s environment. If a variable cannot 1046 be resolved, the reference in the input string will be 1047 unchanged. Double $$ are reduced to a single $, which 1048 allows for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" 1049 will produce the string literal "$(VAR_NAME)". Escaped 1050 references will never be expanded, regardless of whether 1051 the variable exists or not. Cannot be updated. More info: 1052 https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell' 1053 items: 1054 type: string 1055 type: array 1056 env: 1057 description: List of environment variables to set in the 1058 container. Cannot be updated. 1059 items: 1060 description: EnvVar represents an environment variable 1061 present in a Container. 1062 properties: 1063 name: 1064 description: Name of the environment variable. Must 1065 be a C_IDENTIFIER. 1066 type: string 1067 value: 1068 description: 'Variable references $(VAR_NAME) are 1069 expanded using the previously defined environment 1070 variables in the container and any service environment 1071 variables. If a variable cannot be resolved, the 1072 reference in the input string will be unchanged. 1073 Double $$ are reduced to a single $, which allows 1074 for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" 1075 will produce the string literal "$(VAR_NAME)". Escaped 1076 references will never be expanded, regardless of 1077 whether the variable exists or not. Defaults to 1078 "".' 1079 type: string 1080 valueFrom: 1081 description: Source for the environment variable's 1082 value. Cannot be used if value is not empty. 1083 properties: 1084 configMapKeyRef: 1085 description: Selects a key of a ConfigMap. 1086 properties: 1087 key: 1088 description: The key to select. 1089 type: string 1090 name: 1091 description: 'Name of the referent. More info: 1092 https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 1093 TODO: Add other useful fields. apiVersion, 1094 kind, uid?' 1095 type: string 1096 optional: 1097 description: Specify whether the ConfigMap 1098 or its key must be defined 1099 type: boolean 1100 required: 1101 - key 1102 type: object 1103 fieldRef: 1104 description: 'Selects a field of the pod: supports 1105 metadata.name, metadata.namespace, `metadata.labels[''<KEY>'']`, 1106 `metadata.annotations[''<KEY>'']`, spec.nodeName, 1107 spec.serviceAccountName, status.hostIP, status.podIP, 1108 status.podIPs.' 1109 properties: 1110 apiVersion: 1111 description: Version of the schema the FieldPath 1112 is written in terms of, defaults to "v1". 1113 type: string 1114 fieldPath: 1115 description: Path of the field to select in 1116 the specified API version. 1117 type: string 1118 required: 1119 - fieldPath 1120 type: object 1121 resourceFieldRef: 1122 description: 'Selects a resource of the container: 1123 only resources limits and requests (limits.cpu, 1124 limits.memory, limits.ephemeral-storage, requests.cpu, 1125 requests.memory and requests.ephemeral-storage) 1126 are currently supported.' 1127 properties: 1128 containerName: 1129 description: 'Container name: required for 1130 volumes, optional for env vars' 1131 type: string 1132 divisor: 1133 anyOf: 1134 - type: integer 1135 - type: string 1136 description: Specifies the output format of 1137 the exposed resources, defaults to "1" 1138 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 1139 x-kubernetes-int-or-string: true 1140 resource: 1141 description: 'Required: resource to select' 1142 type: string 1143 required: 1144 - resource 1145 type: object 1146 secretKeyRef: 1147 description: Selects a key of a secret in the 1148 pod's namespace 1149 properties: 1150 key: 1151 description: The key of the secret to select 1152 from. Must be a valid secret key. 1153 type: string 1154 name: 1155 description: 'Name of the referent. More info: 1156 https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 1157 TODO: Add other useful fields. apiVersion, 1158 kind, uid?' 1159 type: string 1160 optional: 1161 description: Specify whether the Secret or 1162 its key must be defined 1163 type: boolean 1164 required: 1165 - key 1166 type: object 1167 type: object 1168 required: 1169 - name 1170 type: object 1171 type: array 1172 envFrom: 1173 description: List of sources to populate environment variables 1174 in the container. The keys defined within a source must 1175 be a C_IDENTIFIER. All invalid keys will be reported as 1176 an event when the container is starting. When a key exists 1177 in multiple sources, the value associated with the last 1178 source will take precedence. Values defined by an Env 1179 with a duplicate key will take precedence. Cannot be updated. 1180 items: 1181 description: EnvFromSource represents the source of a 1182 set of ConfigMaps 1183 properties: 1184 configMapRef: 1185 description: The ConfigMap to select from 1186 properties: 1187 name: 1188 description: 'Name of the referent. More info: 1189 https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 1190 TODO: Add other useful fields. apiVersion, kind, 1191 uid?' 1192 type: string 1193 optional: 1194 description: Specify whether the ConfigMap must 1195 be defined 1196 type: boolean 1197 type: object 1198 prefix: 1199 description: An optional identifier to prepend to 1200 each key in the ConfigMap. Must be a C_IDENTIFIER. 1201 type: string 1202 secretRef: 1203 description: The Secret to select from 1204 properties: 1205 name: 1206 description: 'Name of the referent. More info: 1207 https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 1208 TODO: Add other useful fields. apiVersion, kind, 1209 uid?' 1210 type: string 1211 optional: 1212 description: Specify whether the Secret must be 1213 defined 1214 type: boolean 1215 type: object 1216 type: object 1217 type: array 1218 image: 1219 description: 'Docker image name. More info: https://kubernetes.io/docs/concepts/containers/images 1220 This field is optional to allow higher level config management 1221 to default or override container images in workload controllers 1222 like Deployments and StatefulSets.' 1223 type: string 1224 imagePullPolicy: 1225 description: 'Image pull policy. One of Always, Never, IfNotPresent. 1226 Defaults to Always if :latest tag is specified, or IfNotPresent 1227 otherwise. Cannot be updated. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images' 1228 type: string 1229 lifecycle: 1230 description: Actions that the management system should take 1231 in response to container lifecycle events. Cannot be updated. 1232 properties: 1233 postStart: 1234 description: 'PostStart is called immediately after 1235 a container is created. If the handler fails, the 1236 container is terminated and restarted according to 1237 its restart policy. Other management of the container 1238 blocks until the hook completes. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks' 1239 properties: 1240 exec: 1241 description: One and only one of the following should 1242 be specified. Exec specifies the action to take. 1243 properties: 1244 command: 1245 description: Command is the command line to 1246 execute inside the container, the working 1247 directory for the command is root ('/') in 1248 the container's filesystem. The command is 1249 simply exec'd, it is not run inside a shell, 1250 so traditional shell instructions ('|', etc) 1251 won't work. To use a shell, you need to explicitly 1252 call out to that shell. Exit status of 0 is 1253 treated as live/healthy and non-zero is unhealthy. 1254 items: 1255 type: string 1256 type: array 1257 type: object 1258 httpGet: 1259 description: HTTPGet specifies the http request 1260 to perform. 1261 properties: 1262 host: 1263 description: Host name to connect to, defaults 1264 to the pod IP. You probably want to set "Host" 1265 in httpHeaders instead. 1266 type: string 1267 httpHeaders: 1268 description: Custom headers to set in the request. 1269 HTTP allows repeated headers. 1270 items: 1271 description: HTTPHeader describes a custom 1272 header to be used in HTTP probes 1273 properties: 1274 name: 1275 description: The header field name 1276 type: string 1277 value: 1278 description: The header field value 1279 type: string 1280 required: 1281 - name 1282 - value 1283 type: object 1284 type: array 1285 path: 1286 description: Path to access on the HTTP server. 1287 type: string 1288 port: 1289 anyOf: 1290 - type: integer 1291 - type: string 1292 description: Name or number of the port to access 1293 on the container. Number must be in the range 1294 1 to 65535. Name must be an IANA_SVC_NAME. 1295 x-kubernetes-int-or-string: true 1296 scheme: 1297 description: Scheme to use for connecting to 1298 the host. Defaults to HTTP. 1299 type: string 1300 required: 1301 - port 1302 type: object 1303 tcpSocket: 1304 description: 'TCPSocket specifies an action involving 1305 a TCP port. TCP hooks not yet supported TODO: 1306 implement a realistic TCP lifecycle hook' 1307 properties: 1308 host: 1309 description: 'Optional: Host name to connect 1310 to, defaults to the pod IP.' 1311 type: string 1312 port: 1313 anyOf: 1314 - type: integer 1315 - type: string 1316 description: Number or name of the port to access 1317 on the container. Number must be in the range 1318 1 to 65535. Name must be an IANA_SVC_NAME. 1319 x-kubernetes-int-or-string: true 1320 required: 1321 - port 1322 type: object 1323 type: object 1324 preStop: 1325 description: 'PreStop is called immediately before a 1326 container is terminated due to an API request or management 1327 event such as liveness/startup probe failure, preemption, 1328 resource contention, etc. The handler is not called 1329 if the container crashes or exits. The reason for 1330 termination is passed to the handler. The Pod''s termination 1331 grace period countdown begins before the PreStop hooked 1332 is executed. Regardless of the outcome of the handler, 1333 the container will eventually terminate within the 1334 Pod''s termination grace period. Other management 1335 of the container blocks until the hook completes or 1336 until the termination grace period is reached. More 1337 info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks' 1338 properties: 1339 exec: 1340 description: One and only one of the following should 1341 be specified. Exec specifies the action to take. 1342 properties: 1343 command: 1344 description: Command is the command line to 1345 execute inside the container, the working 1346 directory for the command is root ('/') in 1347 the container's filesystem. The command is 1348 simply exec'd, it is not run inside a shell, 1349 so traditional shell instructions ('|', etc) 1350 won't work. To use a shell, you need to explicitly 1351 call out to that shell. Exit status of 0 is 1352 treated as live/healthy and non-zero is unhealthy. 1353 items: 1354 type: string 1355 type: array 1356 type: object 1357 httpGet: 1358 description: HTTPGet specifies the http request 1359 to perform. 1360 properties: 1361 host: 1362 description: Host name to connect to, defaults 1363 to the pod IP. You probably want to set "Host" 1364 in httpHeaders instead. 1365 type: string 1366 httpHeaders: 1367 description: Custom headers to set in the request. 1368 HTTP allows repeated headers. 1369 items: 1370 description: HTTPHeader describes a custom 1371 header to be used in HTTP probes 1372 properties: 1373 name: 1374 description: The header field name 1375 type: string 1376 value: 1377 description: The header field value 1378 type: string 1379 required: 1380 - name 1381 - value 1382 type: object 1383 type: array 1384 path: 1385 description: Path to access on the HTTP server. 1386 type: string 1387 port: 1388 anyOf: 1389 - type: integer 1390 - type: string 1391 description: Name or number of the port to access 1392 on the container. Number must be in the range 1393 1 to 65535. Name must be an IANA_SVC_NAME. 1394 x-kubernetes-int-or-string: true 1395 scheme: 1396 description: Scheme to use for connecting to 1397 the host. Defaults to HTTP. 1398 type: string 1399 required: 1400 - port 1401 type: object 1402 tcpSocket: 1403 description: 'TCPSocket specifies an action involving 1404 a TCP port. TCP hooks not yet supported TODO: 1405 implement a realistic TCP lifecycle hook' 1406 properties: 1407 host: 1408 description: 'Optional: Host name to connect 1409 to, defaults to the pod IP.' 1410 type: string 1411 port: 1412 anyOf: 1413 - type: integer 1414 - type: string 1415 description: Number or name of the port to access 1416 on the container. Number must be in the range 1417 1 to 65535. Name must be an IANA_SVC_NAME. 1418 x-kubernetes-int-or-string: true 1419 required: 1420 - port 1421 type: object 1422 type: object 1423 type: object 1424 livenessProbe: 1425 description: 'Periodic probe of container liveness. Container 1426 will be restarted if the probe fails. Cannot be updated. 1427 More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' 1428 properties: 1429 exec: 1430 description: One and only one of the following should 1431 be specified. Exec specifies the action to take. 1432 properties: 1433 command: 1434 description: Command is the command line to execute 1435 inside the container, the working directory for 1436 the command is root ('/') in the container's 1437 filesystem. The command is simply exec'd, it is 1438 not run inside a shell, so traditional shell instructions 1439 ('|', etc) won't work. To use a shell, you need 1440 to explicitly call out to that shell. Exit status 1441 of 0 is treated as live/healthy and non-zero is 1442 unhealthy. 1443 items: 1444 type: string 1445 type: array 1446 type: object 1447 failureThreshold: 1448 description: Minimum consecutive failures for the probe 1449 to be considered failed after having succeeded. Defaults 1450 to 3. Minimum value is 1. 1451 format: int32 1452 type: integer 1453 httpGet: 1454 description: HTTPGet specifies the http request to perform. 1455 properties: 1456 host: 1457 description: Host name to connect to, defaults to 1458 the pod IP. You probably want to set "Host" in 1459 httpHeaders instead. 1460 type: string 1461 httpHeaders: 1462 description: Custom headers to set in the request. 1463 HTTP allows repeated headers. 1464 items: 1465 description: HTTPHeader describes a custom header 1466 to be used in HTTP probes 1467 properties: 1468 name: 1469 description: The header field name 1470 type: string 1471 value: 1472 description: The header field value 1473 type: string 1474 required: 1475 - name 1476 - value 1477 type: object 1478 type: array 1479 path: 1480 description: Path to access on the HTTP server. 1481 type: string 1482 port: 1483 anyOf: 1484 - type: integer 1485 - type: string 1486 description: Name or number of the port to access 1487 on the container. Number must be in the range 1488 1 to 65535. Name must be an IANA_SVC_NAME. 1489 x-kubernetes-int-or-string: true 1490 scheme: 1491 description: Scheme to use for connecting to the 1492 host. Defaults to HTTP. 1493 type: string 1494 required: 1495 - port 1496 type: object 1497 initialDelaySeconds: 1498 description: 'Number of seconds after the container 1499 has started before liveness probes are initiated. 1500 More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' 1501 format: int32 1502 type: integer 1503 periodSeconds: 1504 description: How often (in seconds) to perform the probe. 1505 Default to 10 seconds. Minimum value is 1. 1506 format: int32 1507 type: integer 1508 successThreshold: 1509 description: Minimum consecutive successes for the probe 1510 to be considered successful after having failed. Defaults 1511 to 1. Must be 1 for liveness and startup. Minimum 1512 value is 1. 1513 format: int32 1514 type: integer 1515 tcpSocket: 1516 description: 'TCPSocket specifies an action involving 1517 a TCP port. TCP hooks not yet supported TODO: implement 1518 a realistic TCP lifecycle hook' 1519 properties: 1520 host: 1521 description: 'Optional: Host name to connect to, 1522 defaults to the pod IP.' 1523 type: string 1524 port: 1525 anyOf: 1526 - type: integer 1527 - type: string 1528 description: Number or name of the port to access 1529 on the container. Number must be in the range 1530 1 to 65535. Name must be an IANA_SVC_NAME. 1531 x-kubernetes-int-or-string: true 1532 required: 1533 - port 1534 type: object 1535 terminationGracePeriodSeconds: 1536 description: Optional duration in seconds the pod needs 1537 to terminate gracefully upon probe failure. The grace 1538 period is the duration in seconds after the processes 1539 running in the pod are sent a termination signal and 1540 the time when the processes are forcibly halted with 1541 a kill signal. Set this value longer than the expected 1542 cleanup time for your process. If this value is nil, 1543 the pod's terminationGracePeriodSeconds will be used. 1544 Otherwise, this value overrides the value provided 1545 by the pod spec. Value must be non-negative integer. 1546 The value zero indicates stop immediately via the 1547 kill signal (no opportunity to shut down). This is 1548 a beta field and requires enabling ProbeTerminationGracePeriod 1549 feature gate. Minimum value is 1. spec.terminationGracePeriodSeconds 1550 is used if unset. 1551 format: int64 1552 type: integer 1553 timeoutSeconds: 1554 description: 'Number of seconds after which the probe 1555 times out. Defaults to 1 second. Minimum value is 1556 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' 1557 format: int32 1558 type: integer 1559 type: object 1560 name: 1561 description: Name of the container specified as a DNS_LABEL. 1562 Each container in a pod must have a unique name (DNS_LABEL). 1563 Cannot be updated. 1564 type: string 1565 ports: 1566 description: List of ports to expose from the container. 1567 Exposing a port here gives the system additional information 1568 about the network connections a container uses, but is 1569 primarily informational. Not specifying a port here DOES 1570 NOT prevent that port from being exposed. Any port which 1571 is listening on the default "0.0.0.0" address inside a 1572 container will be accessible from the network. Cannot 1573 be updated. 1574 items: 1575 description: ContainerPort represents a network port in 1576 a single container. 1577 properties: 1578 containerPort: 1579 description: Number of port to expose on the pod's 1580 IP address. This must be a valid port number, 0 1581 < x < 65536. 1582 format: int32 1583 type: integer 1584 hostIP: 1585 description: What host IP to bind the external port 1586 to. 1587 type: string 1588 hostPort: 1589 description: Number of port to expose on the host. 1590 If specified, this must be a valid port number, 1591 0 < x < 65536. If HostNetwork is specified, this 1592 must match ContainerPort. Most containers do not 1593 need this. 1594 format: int32 1595 type: integer 1596 name: 1597 description: If specified, this must be an IANA_SVC_NAME 1598 and unique within the pod. Each named port in a 1599 pod must have a unique name. Name for the port that 1600 can be referred to by services. 1601 type: string 1602 protocol: 1603 default: TCP 1604 description: Protocol for port. Must be UDP, TCP, 1605 or SCTP. Defaults to "TCP". 1606 type: string 1607 required: 1608 - containerPort 1609 type: object 1610 type: array 1611 x-kubernetes-list-map-keys: 1612 - containerPort 1613 - protocol 1614 x-kubernetes-list-type: map 1615 readinessProbe: 1616 description: 'Periodic probe of container service readiness. 1617 Container will be removed from service endpoints if the 1618 probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' 1619 properties: 1620 exec: 1621 description: One and only one of the following should 1622 be specified. Exec specifies the action to take. 1623 properties: 1624 command: 1625 description: Command is the command line to execute 1626 inside the container, the working directory for 1627 the command is root ('/') in the container's 1628 filesystem. The command is simply exec'd, it is 1629 not run inside a shell, so traditional shell instructions 1630 ('|', etc) won't work. To use a shell, you need 1631 to explicitly call out to that shell. Exit status 1632 of 0 is treated as live/healthy and non-zero is 1633 unhealthy. 1634 items: 1635 type: string 1636 type: array 1637 type: object 1638 failureThreshold: 1639 description: Minimum consecutive failures for the probe 1640 to be considered failed after having succeeded. Defaults 1641 to 3. Minimum value is 1. 1642 format: int32 1643 type: integer 1644 httpGet: 1645 description: HTTPGet specifies the http request to perform. 1646 properties: 1647 host: 1648 description: Host name to connect to, defaults to 1649 the pod IP. You probably want to set "Host" in 1650 httpHeaders instead. 1651 type: string 1652 httpHeaders: 1653 description: Custom headers to set in the request. 1654 HTTP allows repeated headers. 1655 items: 1656 description: HTTPHeader describes a custom header 1657 to be used in HTTP probes 1658 properties: 1659 name: 1660 description: The header field name 1661 type: string 1662 value: 1663 description: The header field value 1664 type: string 1665 required: 1666 - name 1667 - value 1668 type: object 1669 type: array 1670 path: 1671 description: Path to access on the HTTP server. 1672 type: string 1673 port: 1674 anyOf: 1675 - type: integer 1676 - type: string 1677 description: Name or number of the port to access 1678 on the container. Number must be in the range 1679 1 to 65535. Name must be an IANA_SVC_NAME. 1680 x-kubernetes-int-or-string: true 1681 scheme: 1682 description: Scheme to use for connecting to the 1683 host. Defaults to HTTP. 1684 type: string 1685 required: 1686 - port 1687 type: object 1688 initialDelaySeconds: 1689 description: 'Number of seconds after the container 1690 has started before liveness probes are initiated. 1691 More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' 1692 format: int32 1693 type: integer 1694 periodSeconds: 1695 description: How often (in seconds) to perform the probe. 1696 Default to 10 seconds. Minimum value is 1. 1697 format: int32 1698 type: integer 1699 successThreshold: 1700 description: Minimum consecutive successes for the probe 1701 to be considered successful after having failed. Defaults 1702 to 1. Must be 1 for liveness and startup. Minimum 1703 value is 1. 1704 format: int32 1705 type: integer 1706 tcpSocket: 1707 description: 'TCPSocket specifies an action involving 1708 a TCP port. TCP hooks not yet supported TODO: implement 1709 a realistic TCP lifecycle hook' 1710 properties: 1711 host: 1712 description: 'Optional: Host name to connect to, 1713 defaults to the pod IP.' 1714 type: string 1715 port: 1716 anyOf: 1717 - type: integer 1718 - type: string 1719 description: Number or name of the port to access 1720 on the container. Number must be in the range 1721 1 to 65535. Name must be an IANA_SVC_NAME. 1722 x-kubernetes-int-or-string: true 1723 required: 1724 - port 1725 type: object 1726 terminationGracePeriodSeconds: 1727 description: Optional duration in seconds the pod needs 1728 to terminate gracefully upon probe failure. The grace 1729 period is the duration in seconds after the processes 1730 running in the pod are sent a termination signal and 1731 the time when the processes are forcibly halted with 1732 a kill signal. Set this value longer than the expected 1733 cleanup time for your process. If this value is nil, 1734 the pod's terminationGracePeriodSeconds will be used. 1735 Otherwise, this value overrides the value provided 1736 by the pod spec. Value must be non-negative integer. 1737 The value zero indicates stop immediately via the 1738 kill signal (no opportunity to shut down). This is 1739 a beta field and requires enabling ProbeTerminationGracePeriod 1740 feature gate. Minimum value is 1. spec.terminationGracePeriodSeconds 1741 is used if unset. 1742 format: int64 1743 type: integer 1744 timeoutSeconds: 1745 description: 'Number of seconds after which the probe 1746 times out. Defaults to 1 second. Minimum value is 1747 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' 1748 format: int32 1749 type: integer 1750 type: object 1751 resources: 1752 description: 'Compute Resources required by this container. 1753 Cannot be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' 1754 properties: 1755 limits: 1756 additionalProperties: 1757 anyOf: 1758 - type: integer 1759 - type: string 1760 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 1761 x-kubernetes-int-or-string: true 1762 description: 'Limits describes the maximum amount of 1763 compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' 1764 type: object 1765 requests: 1766 additionalProperties: 1767 anyOf: 1768 - type: integer 1769 - type: string 1770 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 1771 x-kubernetes-int-or-string: true 1772 description: 'Requests describes the minimum amount 1773 of compute resources required. If Requests is omitted 1774 for a container, it defaults to Limits if that is 1775 explicitly specified, otherwise to an implementation-defined 1776 value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' 1777 type: object 1778 type: object 1779 securityContext: 1780 description: 'SecurityContext defines the security options 1781 the container should be run with. If set, the fields of 1782 SecurityContext override the equivalent fields of PodSecurityContext. 1783 More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/' 1784 properties: 1785 allowPrivilegeEscalation: 1786 description: 'AllowPrivilegeEscalation controls whether 1787 a process can gain more privileges than its parent 1788 process. This bool directly controls if the no_new_privs 1789 flag will be set on the container process. AllowPrivilegeEscalation 1790 is true always when the container is: 1) run as Privileged 1791 2) has CAP_SYS_ADMIN' 1792 type: boolean 1793 capabilities: 1794 description: The capabilities to add/drop when running 1795 containers. Defaults to the default set of capabilities 1796 granted by the container runtime. 1797 properties: 1798 add: 1799 description: Added capabilities 1800 items: 1801 description: Capability represent POSIX capabilities 1802 type 1803 type: string 1804 type: array 1805 drop: 1806 description: Removed capabilities 1807 items: 1808 description: Capability represent POSIX capabilities 1809 type 1810 type: string 1811 type: array 1812 type: object 1813 privileged: 1814 description: Run container in privileged mode. Processes 1815 in privileged containers are essentially equivalent 1816 to root on the host. Defaults to false. 1817 type: boolean 1818 procMount: 1819 description: procMount denotes the type of proc mount 1820 to use for the containers. The default is DefaultProcMount 1821 which uses the container runtime defaults for readonly 1822 paths and masked paths. This requires the ProcMountType 1823 feature flag to be enabled. 1824 type: string 1825 readOnlyRootFilesystem: 1826 description: Whether this container has a read-only 1827 root filesystem. Default is false. 1828 type: boolean 1829 runAsGroup: 1830 description: The GID to run the entrypoint of the container 1831 process. Uses runtime default if unset. May also be 1832 set in PodSecurityContext. If set in both SecurityContext 1833 and PodSecurityContext, the value specified in SecurityContext 1834 takes precedence. 1835 format: int64 1836 type: integer 1837 runAsNonRoot: 1838 description: Indicates that the container must run as 1839 a non-root user. If true, the Kubelet will validate 1840 the image at runtime to ensure that it does not run 1841 as UID 0 (root) and fail to start the container if 1842 it does. If unset or false, no such validation will 1843 be performed. May also be set in PodSecurityContext. If 1844 set in both SecurityContext and PodSecurityContext, 1845 the value specified in SecurityContext takes precedence. 1846 type: boolean 1847 runAsUser: 1848 description: The UID to run the entrypoint of the container 1849 process. Defaults to user specified in image metadata 1850 if unspecified. May also be set in PodSecurityContext. If 1851 set in both SecurityContext and PodSecurityContext, 1852 the value specified in SecurityContext takes precedence. 1853 format: int64 1854 type: integer 1855 seLinuxOptions: 1856 description: The SELinux context to be applied to the 1857 container. If unspecified, the container runtime will 1858 allocate a random SELinux context for each container. May 1859 also be set in PodSecurityContext. If set in both 1860 SecurityContext and PodSecurityContext, the value 1861 specified in SecurityContext takes precedence. 1862 properties: 1863 level: 1864 description: Level is SELinux level label that applies 1865 to the container. 1866 type: string 1867 role: 1868 description: Role is a SELinux role label that applies 1869 to the container. 1870 type: string 1871 type: 1872 description: Type is a SELinux type label that applies 1873 to the container. 1874 type: string 1875 user: 1876 description: User is a SELinux user label that applies 1877 to the container. 1878 type: string 1879 type: object 1880 seccompProfile: 1881 description: The seccomp options to use by this container. 1882 If seccomp options are provided at both the pod & 1883 container level, the container options override the 1884 pod options. 1885 properties: 1886 localhostProfile: 1887 description: localhostProfile indicates a profile 1888 defined in a file on the node should be used. 1889 The profile must be preconfigured on the node 1890 to work. Must be a descending path, relative to 1891 the kubelet's configured seccomp profile location. 1892 Must only be set if type is "Localhost". 1893 type: string 1894 type: 1895 description: "type indicates which kind of seccomp 1896 profile will be applied. Valid options are: \n 1897 Localhost - a profile defined in a file on the 1898 node should be used. RuntimeDefault - the container 1899 runtime default profile should be used. Unconfined 1900 - no profile should be applied." 1901 type: string 1902 required: 1903 - type 1904 type: object 1905 windowsOptions: 1906 description: The Windows specific settings applied to 1907 all containers. If unspecified, the options from the 1908 PodSecurityContext will be used. If set in both SecurityContext 1909 and PodSecurityContext, the value specified in SecurityContext 1910 takes precedence. 1911 properties: 1912 gmsaCredentialSpec: 1913 description: GMSACredentialSpec is where the GMSA 1914 admission webhook (https://github.com/kubernetes-sigs/windows-gmsa) 1915 inlines the contents of the GMSA credential spec 1916 named by the GMSACredentialSpecName field. 1917 type: string 1918 gmsaCredentialSpecName: 1919 description: GMSACredentialSpecName is the name 1920 of the GMSA credential spec to use. 1921 type: string 1922 hostProcess: 1923 description: HostProcess determines if a container 1924 should be run as a 'Host Process' container. This 1925 field is alpha-level and will only be honored 1926 by components that enable the WindowsHostProcessContainers 1927 feature flag. Setting this field without the feature 1928 flag will result in errors when validating the 1929 Pod. All of a Pod's containers must have the same 1930 effective HostProcess value (it is not allowed 1931 to have a mix of HostProcess containers and non-HostProcess 1932 containers). In addition, if HostProcess is true 1933 then HostNetwork must also be set to true. 1934 type: boolean 1935 runAsUserName: 1936 description: The UserName in Windows to run the 1937 entrypoint of the container process. Defaults 1938 to the user specified in image metadata if unspecified. 1939 May also be set in PodSecurityContext. If set 1940 in both SecurityContext and PodSecurityContext, 1941 the value specified in SecurityContext takes precedence. 1942 type: string 1943 type: object 1944 type: object 1945 startupProbe: 1946 description: 'StartupProbe indicates that the Pod has successfully 1947 initialized. If specified, no other probes are executed 1948 until this completes successfully. If this probe fails, 1949 the Pod will be restarted, just as if the livenessProbe 1950 failed. This can be used to provide different probe parameters 1951 at the beginning of a Pod''s lifecycle, when it might 1952 take a long time to load data or warm a cache, than during 1953 steady-state operation. This cannot be updated. More info: 1954 https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' 1955 properties: 1956 exec: 1957 description: One and only one of the following should 1958 be specified. Exec specifies the action to take. 1959 properties: 1960 command: 1961 description: Command is the command line to execute 1962 inside the container, the working directory for 1963 the command is root ('/') in the container's 1964 filesystem. The command is simply exec'd, it is 1965 not run inside a shell, so traditional shell instructions 1966 ('|', etc) won't work. To use a shell, you need 1967 to explicitly call out to that shell. Exit status 1968 of 0 is treated as live/healthy and non-zero is 1969 unhealthy. 1970 items: 1971 type: string 1972 type: array 1973 type: object 1974 failureThreshold: 1975 description: Minimum consecutive failures for the probe 1976 to be considered failed after having succeeded. Defaults 1977 to 3. Minimum value is 1. 1978 format: int32 1979 type: integer 1980 httpGet: 1981 description: HTTPGet specifies the http request to perform. 1982 properties: 1983 host: 1984 description: Host name to connect to, defaults to 1985 the pod IP. You probably want to set "Host" in 1986 httpHeaders instead. 1987 type: string 1988 httpHeaders: 1989 description: Custom headers to set in the request. 1990 HTTP allows repeated headers. 1991 items: 1992 description: HTTPHeader describes a custom header 1993 to be used in HTTP probes 1994 properties: 1995 name: 1996 description: The header field name 1997 type: string 1998 value: 1999 description: The header field value 2000 type: string 2001 required: 2002 - name 2003 - value 2004 type: object 2005 type: array 2006 path: 2007 description: Path to access on the HTTP server. 2008 type: string 2009 port: 2010 anyOf: 2011 - type: integer 2012 - type: string 2013 description: Name or number of the port to access 2014 on the container. Number must be in the range 2015 1 to 65535. Name must be an IANA_SVC_NAME. 2016 x-kubernetes-int-or-string: true 2017 scheme: 2018 description: Scheme to use for connecting to the 2019 host. Defaults to HTTP. 2020 type: string 2021 required: 2022 - port 2023 type: object 2024 initialDelaySeconds: 2025 description: 'Number of seconds after the container 2026 has started before liveness probes are initiated. 2027 More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' 2028 format: int32 2029 type: integer 2030 periodSeconds: 2031 description: How often (in seconds) to perform the probe. 2032 Default to 10 seconds. Minimum value is 1. 2033 format: int32 2034 type: integer 2035 successThreshold: 2036 description: Minimum consecutive successes for the probe 2037 to be considered successful after having failed. Defaults 2038 to 1. Must be 1 for liveness and startup. Minimum 2039 value is 1. 2040 format: int32 2041 type: integer 2042 tcpSocket: 2043 description: 'TCPSocket specifies an action involving 2044 a TCP port. TCP hooks not yet supported TODO: implement 2045 a realistic TCP lifecycle hook' 2046 properties: 2047 host: 2048 description: 'Optional: Host name to connect to, 2049 defaults to the pod IP.' 2050 type: string 2051 port: 2052 anyOf: 2053 - type: integer 2054 - type: string 2055 description: Number or name of the port to access 2056 on the container. Number must be in the range 2057 1 to 65535. Name must be an IANA_SVC_NAME. 2058 x-kubernetes-int-or-string: true 2059 required: 2060 - port 2061 type: object 2062 terminationGracePeriodSeconds: 2063 description: Optional duration in seconds the pod needs 2064 to terminate gracefully upon probe failure. The grace 2065 period is the duration in seconds after the processes 2066 running in the pod are sent a termination signal and 2067 the time when the processes are forcibly halted with 2068 a kill signal. Set this value longer than the expected 2069 cleanup time for your process. If this value is nil, 2070 the pod's terminationGracePeriodSeconds will be used. 2071 Otherwise, this value overrides the value provided 2072 by the pod spec. Value must be non-negative integer. 2073 The value zero indicates stop immediately via the 2074 kill signal (no opportunity to shut down). This is 2075 a beta field and requires enabling ProbeTerminationGracePeriod 2076 feature gate. Minimum value is 1. spec.terminationGracePeriodSeconds 2077 is used if unset. 2078 format: int64 2079 type: integer 2080 timeoutSeconds: 2081 description: 'Number of seconds after which the probe 2082 times out. Defaults to 1 second. Minimum value is 2083 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' 2084 format: int32 2085 type: integer 2086 type: object 2087 stdin: 2088 description: Whether this container should allocate a buffer 2089 for stdin in the container runtime. If this is not set, 2090 reads from stdin in the container will always result in 2091 EOF. Default is false. 2092 type: boolean 2093 stdinOnce: 2094 description: Whether the container runtime should close 2095 the stdin channel after it has been opened by a single 2096 attach. When stdin is true the stdin stream will remain 2097 open across multiple attach sessions. If stdinOnce is 2098 set to true, stdin is opened on container start, is empty 2099 until the first client attaches to stdin, and then remains 2100 open and accepts data until the client disconnects, at 2101 which time stdin is closed and remains closed until the 2102 container is restarted. If this flag is false, a container 2103 processes that reads from stdin will never receive an 2104 EOF. Default is false 2105 type: boolean 2106 terminationMessagePath: 2107 description: 'Optional: Path at which the file to which 2108 the container''s termination message will be written is 2109 mounted into the container''s filesystem. Message written 2110 is intended to be brief final status, such as an assertion 2111 failure message. Will be truncated by the node if greater 2112 than 4096 bytes. The total message length across all containers 2113 will be limited to 12kb. Defaults to /dev/termination-log. 2114 Cannot be updated.' 2115 type: string 2116 terminationMessagePolicy: 2117 description: Indicate how the termination message should 2118 be populated. File will use the contents of terminationMessagePath 2119 to populate the container status message on both success 2120 and failure. FallbackToLogsOnError will use the last chunk 2121 of container log output if the termination message file 2122 is empty and the container exited with an error. The log 2123 output is limited to 2048 bytes or 80 lines, whichever 2124 is smaller. Defaults to File. Cannot be updated. 2125 type: string 2126 tty: 2127 description: Whether this container should allocate a TTY 2128 for itself, also requires 'stdin' to be true. Default 2129 is false. 2130 type: boolean 2131 volumeDevices: 2132 description: volumeDevices is the list of block devices 2133 to be used by the container. 2134 items: 2135 description: volumeDevice describes a mapping of a raw 2136 block device within a container. 2137 properties: 2138 devicePath: 2139 description: devicePath is the path inside of the 2140 container that the device will be mapped to. 2141 type: string 2142 name: 2143 description: name must match the name of a persistentVolumeClaim 2144 in the pod 2145 type: string 2146 required: 2147 - devicePath 2148 - name 2149 type: object 2150 type: array 2151 volumeMounts: 2152 description: Pod volumes to mount into the container's filesystem. 2153 Cannot be updated. 2154 items: 2155 description: VolumeMount describes a mounting of a Volume 2156 within a container. 2157 properties: 2158 mountPath: 2159 description: Path within the container at which the 2160 volume should be mounted. Must not contain ':'. 2161 type: string 2162 mountPropagation: 2163 description: mountPropagation determines how mounts 2164 are propagated from the host to container and the 2165 other way around. When not set, MountPropagationNone 2166 is used. This field is beta in 1.10. 2167 type: string 2168 name: 2169 description: This must match the Name of a Volume. 2170 type: string 2171 readOnly: 2172 description: Mounted read-only if true, read-write 2173 otherwise (false or unspecified). Defaults to false. 2174 type: boolean 2175 subPath: 2176 description: Path within the volume from which the 2177 container's volume should be mounted. Defaults to 2178 "" (volume's root). 2179 type: string 2180 subPathExpr: 2181 description: Expanded path within the volume from 2182 which the container's volume should be mounted. 2183 Behaves similarly to SubPath but environment variable 2184 references $(VAR_NAME) are expanded using the container's 2185 environment. Defaults to "" (volume's root). SubPathExpr 2186 and SubPath are mutually exclusive. 2187 type: string 2188 required: 2189 - mountPath 2190 - name 2191 type: object 2192 type: array 2193 workingDir: 2194 description: Container's working directory. If not specified, 2195 the container runtime's default will be used, which might 2196 be configured in the container image. Cannot be updated. 2197 type: string 2198 required: 2199 - name 2200 type: object 2201 type: array 2202 logFormat: 2203 description: LogFormat describes the log format that should be 2204 used by the Repo Server. Defaults to ArgoCDDefaultLogFormat 2205 if not configured. Valid options are text or json. 2206 type: string 2207 logLevel: 2208 description: LogLevel describes the log level that should be used 2209 by the Repo Server. Defaults to ArgoCDDefaultLogLevel if not 2210 set. Valid options are debug, info, error, and warn. 2211 type: string 2212 mountsatoken: 2213 description: MountSAToken describes whether you would like to 2214 have the Repo server mount the service account token 2215 type: boolean 2216 replicas: 2217 description: Replicas defines the number of replicas for argocd-repo-server. 2218 Value should be greater than or equal to 0. Default is nil. 2219 format: int32 2220 type: integer 2221 resources: 2222 description: Resources defines the Compute Resources required 2223 by the container for Redis. 2224 properties: 2225 limits: 2226 additionalProperties: 2227 anyOf: 2228 - type: integer 2229 - type: string 2230 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 2231 x-kubernetes-int-or-string: true 2232 description: 'Limits describes the maximum amount of compute 2233 resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' 2234 type: object 2235 requests: 2236 additionalProperties: 2237 anyOf: 2238 - type: integer 2239 - type: string 2240 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 2241 x-kubernetes-int-or-string: true 2242 description: 'Requests describes the minimum amount of compute 2243 resources required. If Requests is omitted for a container, 2244 it defaults to Limits if that is explicitly specified, otherwise 2245 to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' 2246 type: object 2247 type: object 2248 serviceaccount: 2249 description: ServiceAccount defines the ServiceAccount user that 2250 you would like the Repo server to use 2251 type: string 2252 verifytls: 2253 description: VerifyTLS defines whether repo server API should 2254 be accessed using strict TLS validation 2255 type: boolean 2256 version: 2257 description: Version is the ArgoCD Repo Server container image 2258 tag. 2259 type: string 2260 volumeMounts: 2261 description: VolumeMounts adds volumeMounts to the repo server 2262 container 2263 items: 2264 description: VolumeMount describes a mounting of a Volume within 2265 a container. 2266 properties: 2267 mountPath: 2268 description: Path within the container at which the volume 2269 should be mounted. Must not contain ':'. 2270 type: string 2271 mountPropagation: 2272 description: mountPropagation determines how mounts are 2273 propagated from the host to container and the other way 2274 around. When not set, MountPropagationNone is used. This 2275 field is beta in 1.10. 2276 type: string 2277 name: 2278 description: This must match the Name of a Volume. 2279 type: string 2280 readOnly: 2281 description: Mounted read-only if true, read-write otherwise 2282 (false or unspecified). Defaults to false. 2283 type: boolean 2284 subPath: 2285 description: Path within the volume from which the container's 2286 volume should be mounted. Defaults to "" (volume's root). 2287 type: string 2288 subPathExpr: 2289 description: Expanded path within the volume from which 2290 the container's volume should be mounted. Behaves similarly 2291 to SubPath but environment variable references $(VAR_NAME) 2292 are expanded using the container's environment. Defaults 2293 to "" (volume's root). SubPathExpr and SubPath are mutually 2294 exclusive. 2295 type: string 2296 required: 2297 - mountPath 2298 - name 2299 type: object 2300 type: array 2301 volumes: 2302 description: Volumes adds volumes to the repo server deployment 2303 items: 2304 description: Volume represents a named volume in a pod that 2305 may be accessed by any container in the pod. 2306 properties: 2307 awsElasticBlockStore: 2308 description: 'AWSElasticBlockStore represents an AWS Disk 2309 resource that is attached to a kubelet''s host machine 2310 and then exposed to the pod. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore' 2311 properties: 2312 fsType: 2313 description: 'Filesystem type of the volume that you 2314 want to mount. Tip: Ensure that the filesystem type 2315 is supported by the host operating system. Examples: 2316 "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" 2317 if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore 2318 TODO: how do we prevent errors in the filesystem from 2319 compromising the machine' 2320 type: string 2321 partition: 2322 description: 'The partition in the volume that you want 2323 to mount. If omitted, the default is to mount by volume 2324 name. Examples: For volume /dev/sda1, you specify 2325 the partition as "1". Similarly, the volume partition 2326 for /dev/sda is "0" (or you can leave the property 2327 empty).' 2328 format: int32 2329 type: integer 2330 readOnly: 2331 description: 'Specify "true" to force and set the ReadOnly 2332 property in VolumeMounts to "true". If omitted, the 2333 default is "false". More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore' 2334 type: boolean 2335 volumeID: 2336 description: 'Unique ID of the persistent disk resource 2337 in AWS (Amazon EBS volume). More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore' 2338 type: string 2339 required: 2340 - volumeID 2341 type: object 2342 azureDisk: 2343 description: AzureDisk represents an Azure Data Disk mount 2344 on the host and bind mount to the pod. 2345 properties: 2346 cachingMode: 2347 description: 'Host Caching mode: None, Read Only, Read 2348 Write.' 2349 type: string 2350 diskName: 2351 description: The Name of the data disk in the blob storage 2352 type: string 2353 diskURI: 2354 description: The URI the data disk in the blob storage 2355 type: string 2356 fsType: 2357 description: Filesystem type to mount. Must be a filesystem 2358 type supported by the host operating system. Ex. "ext4", 2359 "xfs", "ntfs". Implicitly inferred to be "ext4" if 2360 unspecified. 2361 type: string 2362 kind: 2363 description: 'Expected values Shared: multiple blob 2364 disks per storage account Dedicated: single blob 2365 disk per storage account Managed: azure managed data 2366 disk (only in managed availability set). defaults 2367 to shared' 2368 type: string 2369 readOnly: 2370 description: Defaults to false (read/write). ReadOnly 2371 here will force the ReadOnly setting in VolumeMounts. 2372 type: boolean 2373 required: 2374 - diskName 2375 - diskURI 2376 type: object 2377 azureFile: 2378 description: AzureFile represents an Azure File Service 2379 mount on the host and bind mount to the pod. 2380 properties: 2381 readOnly: 2382 description: Defaults to false (read/write). ReadOnly 2383 here will force the ReadOnly setting in VolumeMounts. 2384 type: boolean 2385 secretName: 2386 description: the name of secret that contains Azure 2387 Storage Account Name and Key 2388 type: string 2389 shareName: 2390 description: Share Name 2391 type: string 2392 required: 2393 - secretName 2394 - shareName 2395 type: object 2396 cephfs: 2397 description: CephFS represents a Ceph FS mount on the host 2398 that shares a pod's lifetime 2399 properties: 2400 monitors: 2401 description: 'Required: Monitors is a collection of 2402 Ceph monitors More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it' 2403 items: 2404 type: string 2405 type: array 2406 path: 2407 description: 'Optional: Used as the mounted root, rather 2408 than the full Ceph tree, default is /' 2409 type: string 2410 readOnly: 2411 description: 'Optional: Defaults to false (read/write). 2412 ReadOnly here will force the ReadOnly setting in VolumeMounts. 2413 More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it' 2414 type: boolean 2415 secretFile: 2416 description: 'Optional: SecretFile is the path to key 2417 ring for User, default is /etc/ceph/user.secret More 2418 info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it' 2419 type: string 2420 secretRef: 2421 description: 'Optional: SecretRef is reference to the 2422 authentication secret for User, default is empty. 2423 More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it' 2424 properties: 2425 name: 2426 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 2427 TODO: Add other useful fields. apiVersion, kind, 2428 uid?' 2429 type: string 2430 type: object 2431 user: 2432 description: 'Optional: User is the rados user name, 2433 default is admin More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it' 2434 type: string 2435 required: 2436 - monitors 2437 type: object 2438 cinder: 2439 description: 'Cinder represents a cinder volume attached 2440 and mounted on kubelets host machine. More info: https://examples.k8s.io/mysql-cinder-pd/README.md' 2441 properties: 2442 fsType: 2443 description: 'Filesystem type to mount. Must be a filesystem 2444 type supported by the host operating system. Examples: 2445 "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" 2446 if unspecified. More info: https://examples.k8s.io/mysql-cinder-pd/README.md' 2447 type: string 2448 readOnly: 2449 description: 'Optional: Defaults to false (read/write). 2450 ReadOnly here will force the ReadOnly setting in VolumeMounts. 2451 More info: https://examples.k8s.io/mysql-cinder-pd/README.md' 2452 type: boolean 2453 secretRef: 2454 description: 'Optional: points to a secret object containing 2455 parameters used to connect to OpenStack.' 2456 properties: 2457 name: 2458 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 2459 TODO: Add other useful fields. apiVersion, kind, 2460 uid?' 2461 type: string 2462 type: object 2463 volumeID: 2464 description: 'volume id used to identify the volume 2465 in cinder. More info: https://examples.k8s.io/mysql-cinder-pd/README.md' 2466 type: string 2467 required: 2468 - volumeID 2469 type: object 2470 configMap: 2471 description: ConfigMap represents a configMap that should 2472 populate this volume 2473 properties: 2474 defaultMode: 2475 description: 'Optional: mode bits used to set permissions 2476 on created files by default. Must be an octal value 2477 between 0000 and 0777 or a decimal value between 0 2478 and 511. YAML accepts both octal and decimal values, 2479 JSON requires decimal values for mode bits. Defaults 2480 to 0644. Directories within the path are not affected 2481 by this setting. This might be in conflict with other 2482 options that affect the file mode, like fsGroup, and 2483 the result can be other mode bits set.' 2484 format: int32 2485 type: integer 2486 items: 2487 description: If unspecified, each key-value pair in 2488 the Data field of the referenced ConfigMap will be 2489 projected into the volume as a file whose name is 2490 the key and content is the value. If specified, the 2491 listed keys will be projected into the specified paths, 2492 and unlisted keys will not be present. If a key is 2493 specified which is not present in the ConfigMap, the 2494 volume setup will error unless it is marked optional. 2495 Paths must be relative and may not contain the '..' 2496 path or start with '..'. 2497 items: 2498 description: Maps a string key to a path within a 2499 volume. 2500 properties: 2501 key: 2502 description: The key to project. 2503 type: string 2504 mode: 2505 description: 'Optional: mode bits used to set 2506 permissions on this file. Must be an octal value 2507 between 0000 and 0777 or a decimal value between 2508 0 and 511. YAML accepts both octal and decimal 2509 values, JSON requires decimal values for mode 2510 bits. If not specified, the volume defaultMode 2511 will be used. This might be in conflict with 2512 other options that affect the file mode, like 2513 fsGroup, and the result can be other mode bits 2514 set.' 2515 format: int32 2516 type: integer 2517 path: 2518 description: The relative path of the file to 2519 map the key to. May not be an absolute path. 2520 May not contain the path element '..'. May not 2521 start with the string '..'. 2522 type: string 2523 required: 2524 - key 2525 - path 2526 type: object 2527 type: array 2528 name: 2529 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 2530 TODO: Add other useful fields. apiVersion, kind, uid?' 2531 type: string 2532 optional: 2533 description: Specify whether the ConfigMap or its keys 2534 must be defined 2535 type: boolean 2536 type: object 2537 csi: 2538 description: CSI (Container Storage Interface) represents 2539 ephemeral storage that is handled by certain external 2540 CSI drivers (Beta feature). 2541 properties: 2542 driver: 2543 description: Driver is the name of the CSI driver that 2544 handles this volume. Consult with your admin for the 2545 correct name as registered in the cluster. 2546 type: string 2547 fsType: 2548 description: Filesystem type to mount. Ex. "ext4", "xfs", 2549 "ntfs". If not provided, the empty value is passed 2550 to the associated CSI driver which will determine 2551 the default filesystem to apply. 2552 type: string 2553 nodePublishSecretRef: 2554 description: NodePublishSecretRef is a reference to 2555 the secret object containing sensitive information 2556 to pass to the CSI driver to complete the CSI NodePublishVolume 2557 and NodeUnpublishVolume calls. This field is optional, 2558 and may be empty if no secret is required. If the 2559 secret object contains more than one secret, all secret 2560 references are passed. 2561 properties: 2562 name: 2563 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 2564 TODO: Add other useful fields. apiVersion, kind, 2565 uid?' 2566 type: string 2567 type: object 2568 readOnly: 2569 description: Specifies a read-only configuration for 2570 the volume. Defaults to false (read/write). 2571 type: boolean 2572 volumeAttributes: 2573 additionalProperties: 2574 type: string 2575 description: VolumeAttributes stores driver-specific 2576 properties that are passed to the CSI driver. Consult 2577 your driver's documentation for supported values. 2578 type: object 2579 required: 2580 - driver 2581 type: object 2582 downwardAPI: 2583 description: DownwardAPI represents downward API about the 2584 pod that should populate this volume 2585 properties: 2586 defaultMode: 2587 description: 'Optional: mode bits to use on created 2588 files by default. Must be a Optional: mode bits used 2589 to set permissions on created files by default. Must 2590 be an octal value between 0000 and 0777 or a decimal 2591 value between 0 and 511. YAML accepts both octal and 2592 decimal values, JSON requires decimal values for mode 2593 bits. Defaults to 0644. Directories within the path 2594 are not affected by this setting. This might be in 2595 conflict with other options that affect the file mode, 2596 like fsGroup, and the result can be other mode bits 2597 set.' 2598 format: int32 2599 type: integer 2600 items: 2601 description: Items is a list of downward API volume 2602 file 2603 items: 2604 description: DownwardAPIVolumeFile represents information 2605 to create the file containing the pod field 2606 properties: 2607 fieldRef: 2608 description: 'Required: Selects a field of the 2609 pod: only annotations, labels, name and namespace 2610 are supported.' 2611 properties: 2612 apiVersion: 2613 description: Version of the schema the FieldPath 2614 is written in terms of, defaults to "v1". 2615 type: string 2616 fieldPath: 2617 description: Path of the field to select in 2618 the specified API version. 2619 type: string 2620 required: 2621 - fieldPath 2622 type: object 2623 mode: 2624 description: 'Optional: mode bits used to set 2625 permissions on this file, must be an octal value 2626 between 0000 and 0777 or a decimal value between 2627 0 and 511. YAML accepts both octal and decimal 2628 values, JSON requires decimal values for mode 2629 bits. If not specified, the volume defaultMode 2630 will be used. This might be in conflict with 2631 other options that affect the file mode, like 2632 fsGroup, and the result can be other mode bits 2633 set.' 2634 format: int32 2635 type: integer 2636 path: 2637 description: 'Required: Path is the relative 2638 path name of the file to be created. Must not 2639 be absolute or contain the ''..'' path. Must 2640 be utf-8 encoded. The first item of the relative 2641 path must not start with ''..''' 2642 type: string 2643 resourceFieldRef: 2644 description: 'Selects a resource of the container: 2645 only resources limits and requests (limits.cpu, 2646 limits.memory, requests.cpu and requests.memory) 2647 are currently supported.' 2648 properties: 2649 containerName: 2650 description: 'Container name: required for 2651 volumes, optional for env vars' 2652 type: string 2653 divisor: 2654 anyOf: 2655 - type: integer 2656 - type: string 2657 description: Specifies the output format of 2658 the exposed resources, defaults to "1" 2659 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 2660 x-kubernetes-int-or-string: true 2661 resource: 2662 description: 'Required: resource to select' 2663 type: string 2664 required: 2665 - resource 2666 type: object 2667 required: 2668 - path 2669 type: object 2670 type: array 2671 type: object 2672 emptyDir: 2673 description: 'EmptyDir represents a temporary directory 2674 that shares a pod''s lifetime. More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir' 2675 properties: 2676 medium: 2677 description: 'What type of storage medium should back 2678 this directory. The default is "" which means to use 2679 the node''s default medium. Must be an empty string 2680 (default) or Memory. More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir' 2681 type: string 2682 sizeLimit: 2683 anyOf: 2684 - type: integer 2685 - type: string 2686 description: 'Total amount of local storage required 2687 for this EmptyDir volume. The size limit is also applicable 2688 for memory medium. The maximum usage on memory medium 2689 EmptyDir would be the minimum value between the SizeLimit 2690 specified here and the sum of memory limits of all 2691 containers in a pod. The default is nil which means 2692 that the limit is undefined. More info: http://kubernetes.io/docs/user-guide/volumes#emptydir' 2693 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 2694 x-kubernetes-int-or-string: true 2695 type: object 2696 ephemeral: 2697 description: "Ephemeral represents a volume that is handled 2698 by a cluster storage driver. The volume's lifecycle is 2699 tied to the pod that defines it - it will be created before 2700 the pod starts, and deleted when the pod is removed. \n 2701 Use this if: a) the volume is only needed while the pod 2702 runs, b) features of normal volumes like restoring from 2703 snapshot or capacity tracking are needed, c) the storage 2704 driver is specified through a storage class, and d) the 2705 storage driver supports dynamic volume provisioning through 2706 \ a PersistentVolumeClaim (see EphemeralVolumeSource 2707 for more information on the connection between this 2708 volume type and PersistentVolumeClaim). \n Use PersistentVolumeClaim 2709 or one of the vendor-specific APIs for volumes that persist 2710 for longer than the lifecycle of an individual pod. \n 2711 Use CSI for light-weight local ephemeral volumes if the 2712 CSI driver is meant to be used that way - see the documentation 2713 of the driver for more information. \n A pod can use both 2714 types of ephemeral volumes and persistent volumes at the 2715 same time. \n This is a beta feature and only available 2716 when the GenericEphemeralVolume feature gate is enabled." 2717 properties: 2718 volumeClaimTemplate: 2719 description: "Will be used to create a stand-alone PVC 2720 to provision the volume. The pod in which this EphemeralVolumeSource 2721 is embedded will be the owner of the PVC, i.e. the 2722 PVC will be deleted together with the pod. The name 2723 of the PVC will be `<pod name>-<volume name>` where 2724 `<volume name>` is the name from the `PodSpec.Volumes` 2725 array entry. Pod validation will reject the pod if 2726 the concatenated name is not valid for a PVC (for 2727 example, too long). \n An existing PVC with that name 2728 that is not owned by the pod will *not* be used for 2729 the pod to avoid using an unrelated volume by mistake. 2730 Starting the pod is then blocked until the unrelated 2731 PVC is removed. If such a pre-created PVC is meant 2732 to be used by the pod, the PVC has to updated with 2733 an owner reference to the pod once the pod exists. 2734 Normally this should not be necessary, but it may 2735 be useful when manually reconstructing a broken cluster. 2736 \n This field is read-only and no changes will be 2737 made by Kubernetes to the PVC after it has been created. 2738 \n Required, must not be nil." 2739 properties: 2740 metadata: 2741 description: May contain labels and annotations 2742 that will be copied into the PVC when creating 2743 it. No other fields are allowed and will be rejected 2744 during validation. 2745 type: object 2746 spec: 2747 description: The specification for the PersistentVolumeClaim. 2748 The entire content is copied unchanged into the 2749 PVC that gets created from this template. The 2750 same fields as in a PersistentVolumeClaim are 2751 also valid here. 2752 properties: 2753 accessModes: 2754 description: 'AccessModes contains the desired 2755 access modes the volume should have. More 2756 info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1' 2757 items: 2758 type: string 2759 type: array 2760 dataSource: 2761 description: 'This field can be used to specify 2762 either: * An existing VolumeSnapshot object 2763 (snapshot.storage.k8s.io/VolumeSnapshot) * 2764 An existing PVC (PersistentVolumeClaim) If 2765 the provisioner or an external controller 2766 can support the specified data source, it 2767 will create a new volume based on the contents 2768 of the specified data source. If the AnyVolumeDataSource 2769 feature gate is enabled, this field will always 2770 have the same contents as the DataSourceRef 2771 field.' 2772 properties: 2773 apiGroup: 2774 description: APIGroup is the group for the 2775 resource being referenced. If APIGroup 2776 is not specified, the specified Kind must 2777 be in the core API group. For any other 2778 third-party types, APIGroup is required. 2779 type: string 2780 kind: 2781 description: Kind is the type of resource 2782 being referenced 2783 type: string 2784 name: 2785 description: Name is the name of resource 2786 being referenced 2787 type: string 2788 required: 2789 - kind 2790 - name 2791 type: object 2792 dataSourceRef: 2793 description: 'Specifies the object from which 2794 to populate the volume with data, if a non-empty 2795 volume is desired. This may be any local object 2796 from a non-empty API group (non core object) 2797 or a PersistentVolumeClaim object. When this 2798 field is specified, volume binding will only 2799 succeed if the type of the specified object 2800 matches some installed volume populator or 2801 dynamic provisioner. This field will replace 2802 the functionality of the DataSource field 2803 and as such if both fields are non-empty, 2804 they must have the same value. For backwards 2805 compatibility, both fields (DataSource and 2806 DataSourceRef) will be set to the same value 2807 automatically if one of them is empty and 2808 the other is non-empty. There are two important 2809 differences between DataSource and DataSourceRef: 2810 * While DataSource only allows two specific 2811 types of objects, DataSourceRef allows any 2812 non-core object, as well as PersistentVolumeClaim 2813 objects. * While DataSource ignores disallowed 2814 values (dropping them), DataSourceRef preserves 2815 all values, and generates an error if a disallowed 2816 value is specified. (Alpha) Using this field 2817 requires the AnyVolumeDataSource feature gate 2818 to be enabled.' 2819 properties: 2820 apiGroup: 2821 description: APIGroup is the group for the 2822 resource being referenced. If APIGroup 2823 is not specified, the specified Kind must 2824 be in the core API group. For any other 2825 third-party types, APIGroup is required. 2826 type: string 2827 kind: 2828 description: Kind is the type of resource 2829 being referenced 2830 type: string 2831 name: 2832 description: Name is the name of resource 2833 being referenced 2834 type: string 2835 required: 2836 - kind 2837 - name 2838 type: object 2839 resources: 2840 description: 'Resources represents the minimum 2841 resources the volume should have. More info: 2842 https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources' 2843 properties: 2844 limits: 2845 additionalProperties: 2846 anyOf: 2847 - type: integer 2848 - type: string 2849 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 2850 x-kubernetes-int-or-string: true 2851 description: 'Limits describes the maximum 2852 amount of compute resources allowed. More 2853 info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' 2854 type: object 2855 requests: 2856 additionalProperties: 2857 anyOf: 2858 - type: integer 2859 - type: string 2860 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 2861 x-kubernetes-int-or-string: true 2862 description: 'Requests describes the minimum 2863 amount of compute resources required. 2864 If Requests is omitted for a container, 2865 it defaults to Limits if that is explicitly 2866 specified, otherwise to an implementation-defined 2867 value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' 2868 type: object 2869 type: object 2870 selector: 2871 description: A label query over volumes to consider 2872 for binding. 2873 properties: 2874 matchExpressions: 2875 description: matchExpressions is a list 2876 of label selector requirements. The requirements 2877 are ANDed. 2878 items: 2879 description: A label selector requirement 2880 is a selector that contains values, 2881 a key, and an operator that relates 2882 the key and values. 2883 properties: 2884 key: 2885 description: key is the label key 2886 that the selector applies to. 2887 type: string 2888 operator: 2889 description: operator represents a 2890 key's relationship to a set of values. 2891 Valid operators are In, NotIn, Exists 2892 and DoesNotExist. 2893 type: string 2894 values: 2895 description: values is an array of 2896 string values. If the operator is 2897 In or NotIn, the values array must 2898 be non-empty. If the operator is 2899 Exists or DoesNotExist, the values 2900 array must be empty. This array 2901 is replaced during a strategic merge 2902 patch. 2903 items: 2904 type: string 2905 type: array 2906 required: 2907 - key 2908 - operator 2909 type: object 2910 type: array 2911 matchLabels: 2912 additionalProperties: 2913 type: string 2914 description: matchLabels is a map of {key,value} 2915 pairs. A single {key,value} in the matchLabels 2916 map is equivalent to an element of matchExpressions, 2917 whose key field is "key", the operator 2918 is "In", and the values array contains 2919 only "value". The requirements are ANDed. 2920 type: object 2921 type: object 2922 storageClassName: 2923 description: 'Name of the StorageClass required 2924 by the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1' 2925 type: string 2926 volumeMode: 2927 description: volumeMode defines what type of 2928 volume is required by the claim. Value of 2929 Filesystem is implied when not included in 2930 claim spec. 2931 type: string 2932 volumeName: 2933 description: VolumeName is the binding reference 2934 to the PersistentVolume backing this claim. 2935 type: string 2936 type: object 2937 required: 2938 - spec 2939 type: object 2940 type: object 2941 fc: 2942 description: FC represents a Fibre Channel resource that 2943 is attached to a kubelet's host machine and then exposed 2944 to the pod. 2945 properties: 2946 fsType: 2947 description: 'Filesystem type to mount. Must be a filesystem 2948 type supported by the host operating system. Ex. "ext4", 2949 "xfs", "ntfs". Implicitly inferred to be "ext4" if 2950 unspecified. TODO: how do we prevent errors in the 2951 filesystem from compromising the machine' 2952 type: string 2953 lun: 2954 description: 'Optional: FC target lun number' 2955 format: int32 2956 type: integer 2957 readOnly: 2958 description: 'Optional: Defaults to false (read/write). 2959 ReadOnly here will force the ReadOnly setting in VolumeMounts.' 2960 type: boolean 2961 targetWWNs: 2962 description: 'Optional: FC target worldwide names (WWNs)' 2963 items: 2964 type: string 2965 type: array 2966 wwids: 2967 description: 'Optional: FC volume world wide identifiers 2968 (wwids) Either wwids or combination of targetWWNs 2969 and lun must be set, but not both simultaneously.' 2970 items: 2971 type: string 2972 type: array 2973 type: object 2974 flexVolume: 2975 description: FlexVolume represents a generic volume resource 2976 that is provisioned/attached using an exec based plugin. 2977 properties: 2978 driver: 2979 description: Driver is the name of the driver to use 2980 for this volume. 2981 type: string 2982 fsType: 2983 description: Filesystem type to mount. Must be a filesystem 2984 type supported by the host operating system. Ex. "ext4", 2985 "xfs", "ntfs". The default filesystem depends on FlexVolume 2986 script. 2987 type: string 2988 options: 2989 additionalProperties: 2990 type: string 2991 description: 'Optional: Extra command options if any.' 2992 type: object 2993 readOnly: 2994 description: 'Optional: Defaults to false (read/write). 2995 ReadOnly here will force the ReadOnly setting in VolumeMounts.' 2996 type: boolean 2997 secretRef: 2998 description: 'Optional: SecretRef is reference to the 2999 secret object containing sensitive information to 3000 pass to the plugin scripts. This may be empty if no 3001 secret object is specified. If the secret object contains 3002 more than one secret, all secrets are passed to the 3003 plugin scripts.' 3004 properties: 3005 name: 3006 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 3007 TODO: Add other useful fields. apiVersion, kind, 3008 uid?' 3009 type: string 3010 type: object 3011 required: 3012 - driver 3013 type: object 3014 flocker: 3015 description: Flocker represents a Flocker volume attached 3016 to a kubelet's host machine. This depends on the Flocker 3017 control service being running 3018 properties: 3019 datasetName: 3020 description: Name of the dataset stored as metadata 3021 -> name on the dataset for Flocker should be considered 3022 as deprecated 3023 type: string 3024 datasetUUID: 3025 description: UUID of the dataset. This is unique identifier 3026 of a Flocker dataset 3027 type: string 3028 type: object 3029 gcePersistentDisk: 3030 description: 'GCEPersistentDisk represents a GCE Disk resource 3031 that is attached to a kubelet''s host machine and then 3032 exposed to the pod. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk' 3033 properties: 3034 fsType: 3035 description: 'Filesystem type of the volume that you 3036 want to mount. Tip: Ensure that the filesystem type 3037 is supported by the host operating system. Examples: 3038 "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" 3039 if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk 3040 TODO: how do we prevent errors in the filesystem from 3041 compromising the machine' 3042 type: string 3043 partition: 3044 description: 'The partition in the volume that you want 3045 to mount. If omitted, the default is to mount by volume 3046 name. Examples: For volume /dev/sda1, you specify 3047 the partition as "1". Similarly, the volume partition 3048 for /dev/sda is "0" (or you can leave the property 3049 empty). More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk' 3050 format: int32 3051 type: integer 3052 pdName: 3053 description: 'Unique name of the PD resource in GCE. 3054 Used to identify the disk in GCE. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk' 3055 type: string 3056 readOnly: 3057 description: 'ReadOnly here will force the ReadOnly 3058 setting in VolumeMounts. Defaults to false. More info: 3059 https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk' 3060 type: boolean 3061 required: 3062 - pdName 3063 type: object 3064 gitRepo: 3065 description: 'GitRepo represents a git repository at a particular 3066 revision. DEPRECATED: GitRepo is deprecated. To provision 3067 a container with a git repo, mount an EmptyDir into an 3068 InitContainer that clones the repo using git, then mount 3069 the EmptyDir into the Pod''s container.' 3070 properties: 3071 directory: 3072 description: Target directory name. Must not contain 3073 or start with '..'. If '.' is supplied, the volume 3074 directory will be the git repository. Otherwise, 3075 if specified, the volume will contain the git repository 3076 in the subdirectory with the given name. 3077 type: string 3078 repository: 3079 description: Repository URL 3080 type: string 3081 revision: 3082 description: Commit hash for the specified revision. 3083 type: string 3084 required: 3085 - repository 3086 type: object 3087 glusterfs: 3088 description: 'Glusterfs represents a Glusterfs mount on 3089 the host that shares a pod''s lifetime. More info: https://examples.k8s.io/volumes/glusterfs/README.md' 3090 properties: 3091 endpoints: 3092 description: 'EndpointsName is the endpoint name that 3093 details Glusterfs topology. More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod' 3094 type: string 3095 path: 3096 description: 'Path is the Glusterfs volume path. More 3097 info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod' 3098 type: string 3099 readOnly: 3100 description: 'ReadOnly here will force the Glusterfs 3101 volume to be mounted with read-only permissions. Defaults 3102 to false. More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod' 3103 type: boolean 3104 required: 3105 - endpoints 3106 - path 3107 type: object 3108 hostPath: 3109 description: 'HostPath represents a pre-existing file or 3110 directory on the host machine that is directly exposed 3111 to the container. This is generally used for system agents 3112 or other privileged things that are allowed to see the 3113 host machine. Most containers will NOT need this. More 3114 info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath 3115 --- TODO(jonesdl) We need to restrict who can use host 3116 directory mounts and who can/can not mount host directories 3117 as read/write.' 3118 properties: 3119 path: 3120 description: 'Path of the directory on the host. If 3121 the path is a symlink, it will follow the link to 3122 the real path. More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath' 3123 type: string 3124 type: 3125 description: 'Type for HostPath Volume Defaults to "" 3126 More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath' 3127 type: string 3128 required: 3129 - path 3130 type: object 3131 iscsi: 3132 description: 'ISCSI represents an ISCSI Disk resource that 3133 is attached to a kubelet''s host machine and then exposed 3134 to the pod. More info: https://examples.k8s.io/volumes/iscsi/README.md' 3135 properties: 3136 chapAuthDiscovery: 3137 description: whether support iSCSI Discovery CHAP authentication 3138 type: boolean 3139 chapAuthSession: 3140 description: whether support iSCSI Session CHAP authentication 3141 type: boolean 3142 fsType: 3143 description: 'Filesystem type of the volume that you 3144 want to mount. Tip: Ensure that the filesystem type 3145 is supported by the host operating system. Examples: 3146 "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" 3147 if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#iscsi 3148 TODO: how do we prevent errors in the filesystem from 3149 compromising the machine' 3150 type: string 3151 initiatorName: 3152 description: Custom iSCSI Initiator Name. If initiatorName 3153 is specified with iscsiInterface simultaneously, new 3154 iSCSI interface <target portal>:<volume name> will 3155 be created for the connection. 3156 type: string 3157 iqn: 3158 description: Target iSCSI Qualified Name. 3159 type: string 3160 iscsiInterface: 3161 description: iSCSI Interface Name that uses an iSCSI 3162 transport. Defaults to 'default' (tcp). 3163 type: string 3164 lun: 3165 description: iSCSI Target Lun number. 3166 format: int32 3167 type: integer 3168 portals: 3169 description: iSCSI Target Portal List. The portal is 3170 either an IP or ip_addr:port if the port is other 3171 than default (typically TCP ports 860 and 3260). 3172 items: 3173 type: string 3174 type: array 3175 readOnly: 3176 description: ReadOnly here will force the ReadOnly setting 3177 in VolumeMounts. Defaults to false. 3178 type: boolean 3179 secretRef: 3180 description: CHAP Secret for iSCSI target and initiator 3181 authentication 3182 properties: 3183 name: 3184 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 3185 TODO: Add other useful fields. apiVersion, kind, 3186 uid?' 3187 type: string 3188 type: object 3189 targetPortal: 3190 description: iSCSI Target Portal. The Portal is either 3191 an IP or ip_addr:port if the port is other than default 3192 (typically TCP ports 860 and 3260). 3193 type: string 3194 required: 3195 - iqn 3196 - lun 3197 - targetPortal 3198 type: object 3199 name: 3200 description: 'Volume''s name. Must be a DNS_LABEL and unique 3201 within the pod. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' 3202 type: string 3203 nfs: 3204 description: 'NFS represents an NFS mount on the host that 3205 shares a pod''s lifetime More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs' 3206 properties: 3207 path: 3208 description: 'Path that is exported by the NFS server. 3209 More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs' 3210 type: string 3211 readOnly: 3212 description: 'ReadOnly here will force the NFS export 3213 to be mounted with read-only permissions. Defaults 3214 to false. More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs' 3215 type: boolean 3216 server: 3217 description: 'Server is the hostname or IP address of 3218 the NFS server. More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs' 3219 type: string 3220 required: 3221 - path 3222 - server 3223 type: object 3224 persistentVolumeClaim: 3225 description: 'PersistentVolumeClaimVolumeSource represents 3226 a reference to a PersistentVolumeClaim in the same namespace. 3227 More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims' 3228 properties: 3229 claimName: 3230 description: 'ClaimName is the name of a PersistentVolumeClaim 3231 in the same namespace as the pod using this volume. 3232 More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims' 3233 type: string 3234 readOnly: 3235 description: Will force the ReadOnly setting in VolumeMounts. 3236 Default false. 3237 type: boolean 3238 required: 3239 - claimName 3240 type: object 3241 photonPersistentDisk: 3242 description: PhotonPersistentDisk represents a PhotonController 3243 persistent disk attached and mounted on kubelets host 3244 machine 3245 properties: 3246 fsType: 3247 description: Filesystem type to mount. Must be a filesystem 3248 type supported by the host operating system. Ex. "ext4", 3249 "xfs", "ntfs". Implicitly inferred to be "ext4" if 3250 unspecified. 3251 type: string 3252 pdID: 3253 description: ID that identifies Photon Controller persistent 3254 disk 3255 type: string 3256 required: 3257 - pdID 3258 type: object 3259 portworxVolume: 3260 description: PortworxVolume represents a portworx volume 3261 attached and mounted on kubelets host machine 3262 properties: 3263 fsType: 3264 description: FSType represents the filesystem type to 3265 mount Must be a filesystem type supported by the host 3266 operating system. Ex. "ext4", "xfs". Implicitly inferred 3267 to be "ext4" if unspecified. 3268 type: string 3269 readOnly: 3270 description: Defaults to false (read/write). ReadOnly 3271 here will force the ReadOnly setting in VolumeMounts. 3272 type: boolean 3273 volumeID: 3274 description: VolumeID uniquely identifies a Portworx 3275 volume 3276 type: string 3277 required: 3278 - volumeID 3279 type: object 3280 projected: 3281 description: Items for all in one resources secrets, configmaps, 3282 and downward API 3283 properties: 3284 defaultMode: 3285 description: Mode bits used to set permissions on created 3286 files by default. Must be an octal value between 0000 3287 and 0777 or a decimal value between 0 and 511. YAML 3288 accepts both octal and decimal values, JSON requires 3289 decimal values for mode bits. Directories within the 3290 path are not affected by this setting. This might 3291 be in conflict with other options that affect the 3292 file mode, like fsGroup, and the result can be other 3293 mode bits set. 3294 format: int32 3295 type: integer 3296 sources: 3297 description: list of volume projections 3298 items: 3299 description: Projection that may be projected along 3300 with other supported volume types 3301 properties: 3302 configMap: 3303 description: information about the configMap data 3304 to project 3305 properties: 3306 items: 3307 description: If unspecified, each key-value 3308 pair in the Data field of the referenced 3309 ConfigMap will be projected into the volume 3310 as a file whose name is the key and content 3311 is the value. If specified, the listed keys 3312 will be projected into the specified paths, 3313 and unlisted keys will not be present. If 3314 a key is specified which is not present 3315 in the ConfigMap, the volume setup will 3316 error unless it is marked optional. Paths 3317 must be relative and may not contain the 3318 '..' path or start with '..'. 3319 items: 3320 description: Maps a string key to a path 3321 within a volume. 3322 properties: 3323 key: 3324 description: The key to project. 3325 type: string 3326 mode: 3327 description: 'Optional: mode bits used 3328 to set permissions on this file. Must 3329 be an octal value between 0000 and 3330 0777 or a decimal value between 0 3331 and 511. YAML accepts both octal and 3332 decimal values, JSON requires decimal 3333 values for mode bits. If not specified, 3334 the volume defaultMode will be used. 3335 This might be in conflict with other 3336 options that affect the file mode, 3337 like fsGroup, and the result can be 3338 other mode bits set.' 3339 format: int32 3340 type: integer 3341 path: 3342 description: The relative path of the 3343 file to map the key to. May not be 3344 an absolute path. May not contain 3345 the path element '..'. May not start 3346 with the string '..'. 3347 type: string 3348 required: 3349 - key 3350 - path 3351 type: object 3352 type: array 3353 name: 3354 description: 'Name of the referent. More info: 3355 https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 3356 TODO: Add other useful fields. apiVersion, 3357 kind, uid?' 3358 type: string 3359 optional: 3360 description: Specify whether the ConfigMap 3361 or its keys must be defined 3362 type: boolean 3363 type: object 3364 downwardAPI: 3365 description: information about the downwardAPI 3366 data to project 3367 properties: 3368 items: 3369 description: Items is a list of DownwardAPIVolume 3370 file 3371 items: 3372 description: DownwardAPIVolumeFile represents 3373 information to create the file containing 3374 the pod field 3375 properties: 3376 fieldRef: 3377 description: 'Required: Selects a field 3378 of the pod: only annotations, labels, 3379 name and namespace are supported.' 3380 properties: 3381 apiVersion: 3382 description: Version of the schema 3383 the FieldPath is written in terms 3384 of, defaults to "v1". 3385 type: string 3386 fieldPath: 3387 description: Path of the field to 3388 select in the specified API version. 3389 type: string 3390 required: 3391 - fieldPath 3392 type: object 3393 mode: 3394 description: 'Optional: mode bits used 3395 to set permissions on this file, must 3396 be an octal value between 0000 and 3397 0777 or a decimal value between 0 3398 and 511. YAML accepts both octal and 3399 decimal values, JSON requires decimal 3400 values for mode bits. If not specified, 3401 the volume defaultMode will be used. 3402 This might be in conflict with other 3403 options that affect the file mode, 3404 like fsGroup, and the result can be 3405 other mode bits set.' 3406 format: int32 3407 type: integer 3408 path: 3409 description: 'Required: Path is the 3410 relative path name of the file to 3411 be created. Must not be absolute or 3412 contain the ''..'' path. Must be utf-8 3413 encoded. The first item of the relative 3414 path must not start with ''..''' 3415 type: string 3416 resourceFieldRef: 3417 description: 'Selects a resource of 3418 the container: only resources limits 3419 and requests (limits.cpu, limits.memory, 3420 requests.cpu and requests.memory) 3421 are currently supported.' 3422 properties: 3423 containerName: 3424 description: 'Container name: required 3425 for volumes, optional for env 3426 vars' 3427 type: string 3428 divisor: 3429 anyOf: 3430 - type: integer 3431 - type: string 3432 description: Specifies the output 3433 format of the exposed resources, 3434 defaults to "1" 3435 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 3436 x-kubernetes-int-or-string: true 3437 resource: 3438 description: 'Required: resource 3439 to select' 3440 type: string 3441 required: 3442 - resource 3443 type: object 3444 required: 3445 - path 3446 type: object 3447 type: array 3448 type: object 3449 secret: 3450 description: information about the secret data 3451 to project 3452 properties: 3453 items: 3454 description: If unspecified, each key-value 3455 pair in the Data field of the referenced 3456 Secret will be projected into the volume 3457 as a file whose name is the key and content 3458 is the value. If specified, the listed keys 3459 will be projected into the specified paths, 3460 and unlisted keys will not be present. If 3461 a key is specified which is not present 3462 in the Secret, the volume setup will error 3463 unless it is marked optional. Paths must 3464 be relative and may not contain the '..' 3465 path or start with '..'. 3466 items: 3467 description: Maps a string key to a path 3468 within a volume. 3469 properties: 3470 key: 3471 description: The key to project. 3472 type: string 3473 mode: 3474 description: 'Optional: mode bits used 3475 to set permissions on this file. Must 3476 be an octal value between 0000 and 3477 0777 or a decimal value between 0 3478 and 511. YAML accepts both octal and 3479 decimal values, JSON requires decimal 3480 values for mode bits. If not specified, 3481 the volume defaultMode will be used. 3482 This might be in conflict with other 3483 options that affect the file mode, 3484 like fsGroup, and the result can be 3485 other mode bits set.' 3486 format: int32 3487 type: integer 3488 path: 3489 description: The relative path of the 3490 file to map the key to. May not be 3491 an absolute path. May not contain 3492 the path element '..'. May not start 3493 with the string '..'. 3494 type: string 3495 required: 3496 - key 3497 - path 3498 type: object 3499 type: array 3500 name: 3501 description: 'Name of the referent. More info: 3502 https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 3503 TODO: Add other useful fields. apiVersion, 3504 kind, uid?' 3505 type: string 3506 optional: 3507 description: Specify whether the Secret or 3508 its key must be defined 3509 type: boolean 3510 type: object 3511 serviceAccountToken: 3512 description: information about the serviceAccountToken 3513 data to project 3514 properties: 3515 audience: 3516 description: Audience is the intended audience 3517 of the token. A recipient of a token must 3518 identify itself with an identifier specified 3519 in the audience of the token, and otherwise 3520 should reject the token. The audience defaults 3521 to the identifier of the apiserver. 3522 type: string 3523 expirationSeconds: 3524 description: ExpirationSeconds is the requested 3525 duration of validity of the service account 3526 token. As the token approaches expiration, 3527 the kubelet volume plugin will proactively 3528 rotate the service account token. The kubelet 3529 will start trying to rotate the token if 3530 the token is older than 80 percent of its 3531 time to live or if the token is older than 3532 24 hours.Defaults to 1 hour and must be 3533 at least 10 minutes. 3534 format: int64 3535 type: integer 3536 path: 3537 description: Path is the path relative to 3538 the mount point of the file to project the 3539 token into. 3540 type: string 3541 required: 3542 - path 3543 type: object 3544 type: object 3545 type: array 3546 type: object 3547 quobyte: 3548 description: Quobyte represents a Quobyte mount on the host 3549 that shares a pod's lifetime 3550 properties: 3551 group: 3552 description: Group to map volume access to Default is 3553 no group 3554 type: string 3555 readOnly: 3556 description: ReadOnly here will force the Quobyte volume 3557 to be mounted with read-only permissions. Defaults 3558 to false. 3559 type: boolean 3560 registry: 3561 description: Registry represents a single or multiple 3562 Quobyte Registry services specified as a string as 3563 host:port pair (multiple entries are separated with 3564 commas) which acts as the central registry for volumes 3565 type: string 3566 tenant: 3567 description: Tenant owning the given Quobyte volume 3568 in the Backend Used with dynamically provisioned Quobyte 3569 volumes, value is set by the plugin 3570 type: string 3571 user: 3572 description: User to map volume access to Defaults to 3573 serivceaccount user 3574 type: string 3575 volume: 3576 description: Volume is a string that references an already 3577 created Quobyte volume by name. 3578 type: string 3579 required: 3580 - registry 3581 - volume 3582 type: object 3583 rbd: 3584 description: 'RBD represents a Rados Block Device mount 3585 on the host that shares a pod''s lifetime. More info: 3586 https://examples.k8s.io/volumes/rbd/README.md' 3587 properties: 3588 fsType: 3589 description: 'Filesystem type of the volume that you 3590 want to mount. Tip: Ensure that the filesystem type 3591 is supported by the host operating system. Examples: 3592 "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" 3593 if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#rbd 3594 TODO: how do we prevent errors in the filesystem from 3595 compromising the machine' 3596 type: string 3597 image: 3598 description: 'The rados image name. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' 3599 type: string 3600 keyring: 3601 description: 'Keyring is the path to key ring for RBDUser. 3602 Default is /etc/ceph/keyring. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' 3603 type: string 3604 monitors: 3605 description: 'A collection of Ceph monitors. More info: 3606 https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' 3607 items: 3608 type: string 3609 type: array 3610 pool: 3611 description: 'The rados pool name. Default is rbd. More 3612 info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' 3613 type: string 3614 readOnly: 3615 description: 'ReadOnly here will force the ReadOnly 3616 setting in VolumeMounts. Defaults to false. More info: 3617 https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' 3618 type: boolean 3619 secretRef: 3620 description: 'SecretRef is name of the authentication 3621 secret for RBDUser. If provided overrides keyring. 3622 Default is nil. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' 3623 properties: 3624 name: 3625 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 3626 TODO: Add other useful fields. apiVersion, kind, 3627 uid?' 3628 type: string 3629 type: object 3630 user: 3631 description: 'The rados user name. Default is admin. 3632 More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' 3633 type: string 3634 required: 3635 - image 3636 - monitors 3637 type: object 3638 scaleIO: 3639 description: ScaleIO represents a ScaleIO persistent volume 3640 attached and mounted on Kubernetes nodes. 3641 properties: 3642 fsType: 3643 description: Filesystem type to mount. Must be a filesystem 3644 type supported by the host operating system. Ex. "ext4", 3645 "xfs", "ntfs". Default is "xfs". 3646 type: string 3647 gateway: 3648 description: The host address of the ScaleIO API Gateway. 3649 type: string 3650 protectionDomain: 3651 description: The name of the ScaleIO Protection Domain 3652 for the configured storage. 3653 type: string 3654 readOnly: 3655 description: Defaults to false (read/write). ReadOnly 3656 here will force the ReadOnly setting in VolumeMounts. 3657 type: boolean 3658 secretRef: 3659 description: SecretRef references to the secret for 3660 ScaleIO user and other sensitive information. If this 3661 is not provided, Login operation will fail. 3662 properties: 3663 name: 3664 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 3665 TODO: Add other useful fields. apiVersion, kind, 3666 uid?' 3667 type: string 3668 type: object 3669 sslEnabled: 3670 description: Flag to enable/disable SSL communication 3671 with Gateway, default false 3672 type: boolean 3673 storageMode: 3674 description: Indicates whether the storage for a volume 3675 should be ThickProvisioned or ThinProvisioned. Default 3676 is ThinProvisioned. 3677 type: string 3678 storagePool: 3679 description: The ScaleIO Storage Pool associated with 3680 the protection domain. 3681 type: string 3682 system: 3683 description: The name of the storage system as configured 3684 in ScaleIO. 3685 type: string 3686 volumeName: 3687 description: The name of a volume already created in 3688 the ScaleIO system that is associated with this volume 3689 source. 3690 type: string 3691 required: 3692 - gateway 3693 - secretRef 3694 - system 3695 type: object 3696 secret: 3697 description: 'Secret represents a secret that should populate 3698 this volume. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret' 3699 properties: 3700 defaultMode: 3701 description: 'Optional: mode bits used to set permissions 3702 on created files by default. Must be an octal value 3703 between 0000 and 0777 or a decimal value between 0 3704 and 511. YAML accepts both octal and decimal values, 3705 JSON requires decimal values for mode bits. Defaults 3706 to 0644. Directories within the path are not affected 3707 by this setting. This might be in conflict with other 3708 options that affect the file mode, like fsGroup, and 3709 the result can be other mode bits set.' 3710 format: int32 3711 type: integer 3712 items: 3713 description: If unspecified, each key-value pair in 3714 the Data field of the referenced Secret will be projected 3715 into the volume as a file whose name is the key and 3716 content is the value. If specified, the listed keys 3717 will be projected into the specified paths, and unlisted 3718 keys will not be present. If a key is specified which 3719 is not present in the Secret, the volume setup will 3720 error unless it is marked optional. Paths must be 3721 relative and may not contain the '..' path or start 3722 with '..'. 3723 items: 3724 description: Maps a string key to a path within a 3725 volume. 3726 properties: 3727 key: 3728 description: The key to project. 3729 type: string 3730 mode: 3731 description: 'Optional: mode bits used to set 3732 permissions on this file. Must be an octal value 3733 between 0000 and 0777 or a decimal value between 3734 0 and 511. YAML accepts both octal and decimal 3735 values, JSON requires decimal values for mode 3736 bits. If not specified, the volume defaultMode 3737 will be used. This might be in conflict with 3738 other options that affect the file mode, like 3739 fsGroup, and the result can be other mode bits 3740 set.' 3741 format: int32 3742 type: integer 3743 path: 3744 description: The relative path of the file to 3745 map the key to. May not be an absolute path. 3746 May not contain the path element '..'. May not 3747 start with the string '..'. 3748 type: string 3749 required: 3750 - key 3751 - path 3752 type: object 3753 type: array 3754 optional: 3755 description: Specify whether the Secret or its keys 3756 must be defined 3757 type: boolean 3758 secretName: 3759 description: 'Name of the secret in the pod''s namespace 3760 to use. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret' 3761 type: string 3762 type: object 3763 storageos: 3764 description: StorageOS represents a StorageOS volume attached 3765 and mounted on Kubernetes nodes. 3766 properties: 3767 fsType: 3768 description: Filesystem type to mount. Must be a filesystem 3769 type supported by the host operating system. Ex. "ext4", 3770 "xfs", "ntfs". Implicitly inferred to be "ext4" if 3771 unspecified. 3772 type: string 3773 readOnly: 3774 description: Defaults to false (read/write). ReadOnly 3775 here will force the ReadOnly setting in VolumeMounts. 3776 type: boolean 3777 secretRef: 3778 description: SecretRef specifies the secret to use for 3779 obtaining the StorageOS API credentials. If not specified, 3780 default values will be attempted. 3781 properties: 3782 name: 3783 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 3784 TODO: Add other useful fields. apiVersion, kind, 3785 uid?' 3786 type: string 3787 type: object 3788 volumeName: 3789 description: VolumeName is the human-readable name of 3790 the StorageOS volume. Volume names are only unique 3791 within a namespace. 3792 type: string 3793 volumeNamespace: 3794 description: VolumeNamespace specifies the scope of 3795 the volume within StorageOS. If no namespace is specified 3796 then the Pod's namespace will be used. This allows 3797 the Kubernetes name scoping to be mirrored within 3798 StorageOS for tighter integration. Set VolumeName 3799 to any name to override the default behaviour. Set 3800 to "default" if you are not using namespaces within 3801 StorageOS. Namespaces that do not pre-exist within 3802 StorageOS will be created. 3803 type: string 3804 type: object 3805 vsphereVolume: 3806 description: VsphereVolume represents a vSphere volume attached 3807 and mounted on kubelets host machine 3808 properties: 3809 fsType: 3810 description: Filesystem type to mount. Must be a filesystem 3811 type supported by the host operating system. Ex. "ext4", 3812 "xfs", "ntfs". Implicitly inferred to be "ext4" if 3813 unspecified. 3814 type: string 3815 storagePolicyID: 3816 description: Storage Policy Based Management (SPBM) 3817 profile ID associated with the StoragePolicyName. 3818 type: string 3819 storagePolicyName: 3820 description: Storage Policy Based Management (SPBM) 3821 profile name. 3822 type: string 3823 volumePath: 3824 description: Path that identifies vSphere volume vmdk 3825 type: string 3826 required: 3827 - volumePath 3828 type: object 3829 required: 3830 - name 3831 type: object 3832 type: array 3833 type: object 3834 repositoryCredentials: 3835 description: RepositoryCredentials are the Git pull credentials to 3836 configure Argo CD with upon creation of the cluster. 3837 type: string 3838 resourceCustomizations: 3839 description: 'ResourceCustomizations customizes resource behavior. 3840 Keys are in the form: group/Kind.' 3841 type: string 3842 resourceExclusions: 3843 description: ResourceExclusions is used to completely ignore entire 3844 classes of resource group/kinds. 3845 type: string 3846 resourceInclusions: 3847 description: ResourceInclusions is used to only include specific group/kinds 3848 in the reconciliation process. 3849 type: string 3850 server: 3851 description: Server defines the options for the ArgoCD Server component. 3852 properties: 3853 autoscale: 3854 description: Autoscale defines the autoscale options for the Argo 3855 CD Server component. 3856 properties: 3857 enabled: 3858 description: Enabled will toggle autoscaling support for the 3859 Argo CD Server component. 3860 type: boolean 3861 hpa: 3862 description: HPA defines the HorizontalPodAutoscaler options 3863 for the Argo CD Server component. 3864 properties: 3865 maxReplicas: 3866 description: upper limit for the number of pods that can 3867 be set by the autoscaler; cannot be smaller than MinReplicas. 3868 format: int32 3869 type: integer 3870 minReplicas: 3871 description: minReplicas is the lower limit for the number 3872 of replicas to which the autoscaler can scale down. It 3873 defaults to 1 pod. minReplicas is allowed to be 0 if 3874 the alpha feature gate HPAScaleToZero is enabled and 3875 at least one Object or External metric is configured. Scaling 3876 is active as long as at least one metric value is available. 3877 format: int32 3878 type: integer 3879 scaleTargetRef: 3880 description: reference to scaled resource; horizontal 3881 pod autoscaler will learn the current resource consumption 3882 and will set the desired number of pods by using its 3883 Scale subresource. 3884 properties: 3885 apiVersion: 3886 description: API version of the referent 3887 type: string 3888 kind: 3889 description: 'Kind of the referent; More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds"' 3890 type: string 3891 name: 3892 description: 'Name of the referent; More info: http://kubernetes.io/docs/user-guide/identifiers#names' 3893 type: string 3894 required: 3895 - kind 3896 - name 3897 type: object 3898 targetCPUUtilizationPercentage: 3899 description: target average CPU utilization (represented 3900 as a percentage of requested CPU) over all the pods; 3901 if not specified the default autoscaling policy will 3902 be used. 3903 format: int32 3904 type: integer 3905 required: 3906 - maxReplicas 3907 - scaleTargetRef 3908 type: object 3909 required: 3910 - enabled 3911 type: object 3912 env: 3913 description: Env lets you specify environment for API server pods 3914 items: 3915 description: EnvVar represents an environment variable present 3916 in a Container. 3917 properties: 3918 name: 3919 description: Name of the environment variable. Must be a 3920 C_IDENTIFIER. 3921 type: string 3922 value: 3923 description: 'Variable references $(VAR_NAME) are expanded 3924 using the previously defined environment variables in 3925 the container and any service environment variables. If 3926 a variable cannot be resolved, the reference in the input 3927 string will be unchanged. Double $$ are reduced to a single 3928 $, which allows for escaping the $(VAR_NAME) syntax: i.e. 3929 "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". 3930 Escaped references will never be expanded, regardless 3931 of whether the variable exists or not. Defaults to "".' 3932 type: string 3933 valueFrom: 3934 description: Source for the environment variable's value. 3935 Cannot be used if value is not empty. 3936 properties: 3937 configMapKeyRef: 3938 description: Selects a key of a ConfigMap. 3939 properties: 3940 key: 3941 description: The key to select. 3942 type: string 3943 name: 3944 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 3945 TODO: Add other useful fields. apiVersion, kind, 3946 uid?' 3947 type: string 3948 optional: 3949 description: Specify whether the ConfigMap or its 3950 key must be defined 3951 type: boolean 3952 required: 3953 - key 3954 type: object 3955 fieldRef: 3956 description: 'Selects a field of the pod: supports metadata.name, 3957 metadata.namespace, `metadata.labels[''<KEY>'']`, 3958 `metadata.annotations[''<KEY>'']`, spec.nodeName, 3959 spec.serviceAccountName, status.hostIP, status.podIP, 3960 status.podIPs.' 3961 properties: 3962 apiVersion: 3963 description: Version of the schema the FieldPath 3964 is written in terms of, defaults to "v1". 3965 type: string 3966 fieldPath: 3967 description: Path of the field to select in the 3968 specified API version. 3969 type: string 3970 required: 3971 - fieldPath 3972 type: object 3973 resourceFieldRef: 3974 description: 'Selects a resource of the container: only 3975 resources limits and requests (limits.cpu, limits.memory, 3976 limits.ephemeral-storage, requests.cpu, requests.memory 3977 and requests.ephemeral-storage) are currently supported.' 3978 properties: 3979 containerName: 3980 description: 'Container name: required for volumes, 3981 optional for env vars' 3982 type: string 3983 divisor: 3984 anyOf: 3985 - type: integer 3986 - type: string 3987 description: Specifies the output format of the 3988 exposed resources, defaults to "1" 3989 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 3990 x-kubernetes-int-or-string: true 3991 resource: 3992 description: 'Required: resource to select' 3993 type: string 3994 required: 3995 - resource 3996 type: object 3997 secretKeyRef: 3998 description: Selects a key of a secret in the pod's 3999 namespace 4000 properties: 4001 key: 4002 description: The key of the secret to select from. Must 4003 be a valid secret key. 4004 type: string 4005 name: 4006 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 4007 TODO: Add other useful fields. apiVersion, kind, 4008 uid?' 4009 type: string 4010 optional: 4011 description: Specify whether the Secret or its key 4012 must be defined 4013 type: boolean 4014 required: 4015 - key 4016 type: object 4017 type: object 4018 required: 4019 - name 4020 type: object 4021 type: array 4022 grpc: 4023 description: GRPC defines the state for the Argo CD Server GRPC 4024 options. 4025 properties: 4026 host: 4027 description: Host is the hostname to use for Ingress/Route 4028 resources. 4029 type: string 4030 ingress: 4031 description: Ingress defines the desired state for the Argo 4032 CD Server GRPC Ingress. 4033 properties: 4034 annotations: 4035 additionalProperties: 4036 type: string 4037 description: Annotations is the map of annotations to 4038 apply to the Ingress. 4039 type: object 4040 enabled: 4041 description: Enabled will toggle the creation of the Ingress. 4042 type: boolean 4043 path: 4044 description: Path used for the Ingress resource. 4045 type: string 4046 tls: 4047 description: TLS configuration. Currently the Ingress 4048 only supports a single TLS port, 443. If multiple members 4049 of this list specify different hosts, they will be multiplexed 4050 on the same port according to the hostname specified 4051 through the SNI TLS extension, if the ingress controller 4052 fulfilling the ingress supports SNI. 4053 items: 4054 description: IngressTLS describes the transport layer 4055 security associated with an Ingress. 4056 properties: 4057 hosts: 4058 description: Hosts are a list of hosts included 4059 in the TLS certificate. The values in this list 4060 must match the name/s used in the tlsSecret. Defaults 4061 to the wildcard host setting for the loadbalancer 4062 controller fulfilling this Ingress, if left unspecified. 4063 items: 4064 type: string 4065 type: array 4066 x-kubernetes-list-type: atomic 4067 secretName: 4068 description: SecretName is the name of the secret 4069 used to terminate TLS traffic on port 443. Field 4070 is left optional to allow TLS routing based on 4071 SNI hostname alone. If the SNI host in a listener 4072 conflicts with the "Host" header field used by 4073 an IngressRule, the SNI host is used for termination 4074 and value of the Host header is used for routing. 4075 type: string 4076 type: object 4077 type: array 4078 required: 4079 - enabled 4080 type: object 4081 type: object 4082 host: 4083 description: Host is the hostname to use for Ingress/Route resources. 4084 type: string 4085 ingress: 4086 description: Ingress defines the desired state for an Ingress 4087 for the Argo CD Server component. 4088 properties: 4089 annotations: 4090 additionalProperties: 4091 type: string 4092 description: Annotations is the map of annotations to apply 4093 to the Ingress. 4094 type: object 4095 enabled: 4096 description: Enabled will toggle the creation of the Ingress. 4097 type: boolean 4098 path: 4099 description: Path used for the Ingress resource. 4100 type: string 4101 tls: 4102 description: TLS configuration. Currently the Ingress only 4103 supports a single TLS port, 443. If multiple members of 4104 this list specify different hosts, they will be multiplexed 4105 on the same port according to the hostname specified through 4106 the SNI TLS extension, if the ingress controller fulfilling 4107 the ingress supports SNI. 4108 items: 4109 description: IngressTLS describes the transport layer security 4110 associated with an Ingress. 4111 properties: 4112 hosts: 4113 description: Hosts are a list of hosts included in the 4114 TLS certificate. The values in this list must match 4115 the name/s used in the tlsSecret. Defaults to the 4116 wildcard host setting for the loadbalancer controller 4117 fulfilling this Ingress, if left unspecified. 4118 items: 4119 type: string 4120 type: array 4121 x-kubernetes-list-type: atomic 4122 secretName: 4123 description: SecretName is the name of the secret used 4124 to terminate TLS traffic on port 443. Field is left 4125 optional to allow TLS routing based on SNI hostname 4126 alone. If the SNI host in a listener conflicts with 4127 the "Host" header field used by an IngressRule, the 4128 SNI host is used for termination and value of the 4129 Host header is used for routing. 4130 type: string 4131 type: object 4132 type: array 4133 required: 4134 - enabled 4135 type: object 4136 insecure: 4137 description: Insecure toggles the insecure flag. 4138 type: boolean 4139 logFormat: 4140 description: LogFormat refers to the log level to be used by the 4141 ArgoCD Server component. Defaults to ArgoCDDefaultLogFormat 4142 if not configured. Valid options are text or json. 4143 type: string 4144 logLevel: 4145 description: LogLevel refers to the log level to be used by the 4146 ArgoCD Server component. Defaults to ArgoCDDefaultLogLevel if 4147 not set. Valid options are debug, info, error, and warn. 4148 type: string 4149 replicas: 4150 description: Replicas defines the number of replicas for argocd-server. 4151 Default is nil. Value should be greater than or equal to 0. 4152 Value will be ignored if Autoscaler is enabled. 4153 format: int32 4154 type: integer 4155 resources: 4156 description: Resources defines the Compute Resources required 4157 by the container for the Argo CD server component. 4158 properties: 4159 limits: 4160 additionalProperties: 4161 anyOf: 4162 - type: integer 4163 - type: string 4164 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 4165 x-kubernetes-int-or-string: true 4166 description: 'Limits describes the maximum amount of compute 4167 resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' 4168 type: object 4169 requests: 4170 additionalProperties: 4171 anyOf: 4172 - type: integer 4173 - type: string 4174 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 4175 x-kubernetes-int-or-string: true 4176 description: 'Requests describes the minimum amount of compute 4177 resources required. If Requests is omitted for a container, 4178 it defaults to Limits if that is explicitly specified, otherwise 4179 to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' 4180 type: object 4181 type: object 4182 route: 4183 description: Route defines the desired state for an OpenShift 4184 Route for the Argo CD Server component. 4185 properties: 4186 annotations: 4187 additionalProperties: 4188 type: string 4189 description: Annotations is the map of annotations to use 4190 for the Route resource. 4191 type: object 4192 enabled: 4193 description: Enabled will toggle the creation of the OpenShift 4194 Route. 4195 type: boolean 4196 labels: 4197 additionalProperties: 4198 type: string 4199 description: Labels is the map of labels to use for the Route 4200 resource 4201 type: object 4202 path: 4203 description: Path the router watches for, to route traffic 4204 for to the service. 4205 type: string 4206 tls: 4207 description: TLS provides the ability to configure certificates 4208 and termination for the Route. 4209 properties: 4210 caCertificate: 4211 description: caCertificate provides the cert authority 4212 certificate contents 4213 type: string 4214 certificate: 4215 description: certificate provides certificate contents 4216 type: string 4217 destinationCACertificate: 4218 description: destinationCACertificate provides the contents 4219 of the ca certificate of the final destination. When 4220 using reencrypt termination this file should be provided 4221 in order to have routers use it for health checks on 4222 the secure connection. If this field is not specified, 4223 the router may provide its own destination CA and perform 4224 hostname validation using the short service name (service.namespace.svc), 4225 which allows infrastructure generated certificates to 4226 automatically verify. 4227 type: string 4228 insecureEdgeTerminationPolicy: 4229 description: "insecureEdgeTerminationPolicy indicates 4230 the desired behavior for insecure connections to a route. 4231 While each router may make its own decisions on which 4232 ports to expose, this is normally port 80. \n * Allow 4233 - traffic is sent to the server on the insecure port 4234 (default) * Disable - no traffic is allowed on the insecure 4235 port. * Redirect - clients are redirected to the secure 4236 port." 4237 type: string 4238 key: 4239 description: key provides key file contents 4240 type: string 4241 termination: 4242 description: termination indicates termination type. 4243 type: string 4244 required: 4245 - termination 4246 type: object 4247 wildcardPolicy: 4248 description: WildcardPolicy if any for the route. Currently 4249 only 'Subdomain' or 'None' is allowed. 4250 type: string 4251 required: 4252 - enabled 4253 type: object 4254 service: 4255 description: Service defines the options for the Service backing 4256 the ArgoCD Server component. 4257 properties: 4258 type: 4259 description: Type is the ServiceType to use for the Service 4260 resource. 4261 type: string 4262 required: 4263 - type 4264 type: object 4265 type: object 4266 sso: 4267 description: SSO defines the Single Sign-on configuration for Argo 4268 CD 4269 properties: 4270 image: 4271 description: Image is the SSO container image. 4272 type: string 4273 provider: 4274 description: Provider installs and configures the given SSO Provider 4275 with Argo CD. 4276 type: string 4277 resources: 4278 description: Resources defines the Compute Resources required 4279 by the container for SSO. 4280 properties: 4281 limits: 4282 additionalProperties: 4283 anyOf: 4284 - type: integer 4285 - type: string 4286 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 4287 x-kubernetes-int-or-string: true 4288 description: 'Limits describes the maximum amount of compute 4289 resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' 4290 type: object 4291 requests: 4292 additionalProperties: 4293 anyOf: 4294 - type: integer 4295 - type: string 4296 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 4297 x-kubernetes-int-or-string: true 4298 description: 'Requests describes the minimum amount of compute 4299 resources required. If Requests is omitted for a container, 4300 it defaults to Limits if that is explicitly specified, otherwise 4301 to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' 4302 type: object 4303 type: object 4304 verifyTLS: 4305 description: VerifyTLS set to false disables strict TLS validation. 4306 type: boolean 4307 version: 4308 description: Version is the SSO container image tag. 4309 type: string 4310 type: object 4311 statusBadgeEnabled: 4312 description: StatusBadgeEnabled toggles application status badge feature. 4313 type: boolean 4314 tls: 4315 description: TLS defines the TLS options for ArgoCD. 4316 properties: 4317 ca: 4318 description: CA defines the CA options. 4319 properties: 4320 configMapName: 4321 description: ConfigMapName is the name of the ConfigMap containing 4322 the CA Certificate. 4323 type: string 4324 secretName: 4325 description: SecretName is the name of the Secret containing 4326 the CA Certificate and Key. 4327 type: string 4328 type: object 4329 initialCerts: 4330 additionalProperties: 4331 type: string 4332 description: InitialCerts defines custom TLS certificates upon 4333 creation of the cluster for connecting Git repositories via 4334 HTTPS. 4335 type: object 4336 type: object 4337 usersAnonymousEnabled: 4338 description: UsersAnonymousEnabled toggles anonymous user access. 4339 The anonymous users get default role permissions specified argocd-rbac-cm. 4340 type: boolean 4341 version: 4342 description: Version is the tag to use with the ArgoCD container image 4343 for all ArgoCD components. 4344 type: string 4345 type: object 4346 status: 4347 description: ArgoCDStatus defines the observed state of ArgoCD 4348 properties: 4349 applicationController: 4350 description: 'ApplicationController is a simple, high-level summary 4351 of where the Argo CD application controller component is in its 4352 lifecycle. There are five possible ApplicationController values: 4353 Pending: The Argo CD application controller component has been accepted 4354 by the Kubernetes system, but one or more of the required resources 4355 have not been created. Running: All of the required Pods for the 4356 Argo CD application controller component are in a Ready state. Failed: 4357 At least one of the Argo CD application controller component Pods 4358 had a failure. Unknown: For some reason the state of the Argo CD 4359 application controller component could not be obtained.' 4360 type: string 4361 dex: 4362 description: 'Dex is a simple, high-level summary of where the Argo 4363 CD Dex component is in its lifecycle. There are five possible dex 4364 values: Pending: The Argo CD Dex component has been accepted by 4365 the Kubernetes system, but one or more of the required resources 4366 have not been created. Running: All of the required Pods for the 4367 Argo CD Dex component are in a Ready state. Failed: At least one 4368 of the Argo CD Dex component Pods had a failure. Unknown: For some 4369 reason the state of the Argo CD Dex component could not be obtained.' 4370 type: string 4371 phase: 4372 description: 'Phase is a simple, high-level summary of where the ArgoCD 4373 is in its lifecycle. There are five possible phase values: Pending: 4374 The ArgoCD has been accepted by the Kubernetes system, but one or 4375 more of the required resources have not been created. Available: 4376 All of the resources for the ArgoCD are ready. Failed: At least 4377 one resource has experienced a failure. Unknown: For some reason 4378 the state of the ArgoCD phase could not be obtained.' 4379 type: string 4380 redis: 4381 description: 'Redis is a simple, high-level summary of where the Argo 4382 CD Redis component is in its lifecycle. There are five possible 4383 redis values: Pending: The Argo CD Redis component has been accepted 4384 by the Kubernetes system, but one or more of the required resources 4385 have not been created. Running: All of the required Pods for the 4386 Argo CD Redis component are in a Ready state. Failed: At least one 4387 of the Argo CD Redis component Pods had a failure. Unknown: For 4388 some reason the state of the Argo CD Redis component could not be 4389 obtained.' 4390 type: string 4391 repo: 4392 description: 'Repo is a simple, high-level summary of where the Argo 4393 CD Repo component is in its lifecycle. There are five possible repo 4394 values: Pending: The Argo CD Repo component has been accepted by 4395 the Kubernetes system, but one or more of the required resources 4396 have not been created. Running: All of the required Pods for the 4397 Argo CD Repo component are in a Ready state. Failed: At least one 4398 of the Argo CD Repo component Pods had a failure. Unknown: For 4399 some reason the state of the Argo CD Repo component could not be 4400 obtained.' 4401 type: string 4402 repoTLSChecksum: 4403 description: RepoTLSChecksum contains the SHA256 checksum of the latest 4404 known state of tls.crt and tls.key in the argocd-repo-server-tls 4405 secret. 4406 type: string 4407 server: 4408 description: 'Server is a simple, high-level summary of where the 4409 Argo CD server component is in its lifecycle. There are five possible 4410 server values: Pending: The Argo CD server component has been accepted 4411 by the Kubernetes system, but one or more of the required resources 4412 have not been created. Running: All of the required Pods for the 4413 Argo CD server component are in a Ready state. Failed: At least 4414 one of the Argo CD server component Pods had a failure. Unknown: 4415 For some reason the state of the Argo CD server component could 4416 not be obtained.' 4417 type: string 4418 ssoConfig: 4419 description: 'SSOConfig defines the status of SSO configuration. Success: 4420 Only one SSO provider is configured in CR. Failed: More than one 4421 SSO providers are configure in CR. Unknown: For some reason the 4422 SSO configuration could not be obtained.' 4423 type: string 4424 type: object 4425 type: object 4426 served: true 4427 storage: true 4428 subresources: 4429 status: {} 4430 status: 4431 acceptedNames: 4432 kind: "" 4433 plural: "" 4434 conditions: [] 4435 storedVersions: []