github.com/argoproj-labs/argocd-operator@v0.10.0/deploy/olm-catalog/argocd-operator/0.2.1/argoproj.io_argocds.yaml (about) 1 apiVersion: apiextensions.k8s.io/v1 2 kind: CustomResourceDefinition 3 metadata: 4 annotations: 5 controller-gen.kubebuilder.io/version: v0.6.1 6 creationTimestamp: null 7 name: argocds.argoproj.io 8 spec: 9 group: argoproj.io 10 names: 11 kind: ArgoCD 12 listKind: ArgoCDList 13 plural: argocds 14 singular: argocd 15 scope: Namespaced 16 versions: 17 - name: v1alpha1 18 schema: 19 openAPIV3Schema: 20 description: ArgoCD is the Schema for the argocds API 21 properties: 22 apiVersion: 23 description: 'APIVersion defines the versioned schema of this representation 24 of an object. Servers should convert recognized schemas to the latest 25 internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' 26 type: string 27 kind: 28 description: 'Kind is a string value representing the REST resource this 29 object represents. Servers may infer this from the endpoint the client 30 submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' 31 type: string 32 metadata: 33 type: object 34 spec: 35 description: ArgoCDSpec defines the desired state of ArgoCD 36 properties: 37 applicationInstanceLabelKey: 38 description: ApplicationInstanceLabelKey is the key name where Argo 39 CD injects the app name as a tracking label. 40 type: string 41 applicationSet: 42 description: ArgoCDApplicationSet defines whether the Argo CD ApplicationSet 43 controller should be installed. 44 properties: 45 image: 46 description: Image is the Argo CD ApplicationSet image (optional) 47 type: string 48 logLevel: 49 description: LogLevel describes the log level that should be used 50 by the ApplicationSet controller. Defaults to ArgoCDDefaultLogLevel 51 if not set. Valid options are debug,info, error, and warn. 52 type: string 53 resources: 54 description: Resources defines the Compute Resources required 55 by the container for ApplicationSet. 56 properties: 57 limits: 58 additionalProperties: 59 anyOf: 60 - type: integer 61 - type: string 62 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 63 x-kubernetes-int-or-string: true 64 description: 'Limits describes the maximum amount of compute 65 resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' 66 type: object 67 requests: 68 additionalProperties: 69 anyOf: 70 - type: integer 71 - type: string 72 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 73 x-kubernetes-int-or-string: true 74 description: 'Requests describes the minimum amount of compute 75 resources required. If Requests is omitted for a container, 76 it defaults to Limits if that is explicitly specified, otherwise 77 to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' 78 type: object 79 type: object 80 version: 81 description: Version is the Argo CD ApplicationSet image tag. 82 (optional) 83 type: string 84 type: object 85 configManagementPlugins: 86 description: ConfigManagementPlugins is used to specify additional 87 config management plugins. 88 type: string 89 controller: 90 description: Controller defines the Application Controller options 91 for ArgoCD. 92 properties: 93 appSync: 94 description: "AppSync is used to control the sync frequency, by 95 default the ArgoCD controller polls Git every 3m by default. 96 \n Set this to a duration, e.g. 10m or 600s to control the synchronisation 97 frequency." 98 type: string 99 env: 100 description: Env lets you specify environment for application 101 controller pods 102 items: 103 description: EnvVar represents an environment variable present 104 in a Container. 105 properties: 106 name: 107 description: Name of the environment variable. Must be a 108 C_IDENTIFIER. 109 type: string 110 value: 111 description: 'Variable references $(VAR_NAME) are expanded 112 using the previously defined environment variables in 113 the container and any service environment variables. If 114 a variable cannot be resolved, the reference in the input 115 string will be unchanged. Double $$ are reduced to a single 116 $, which allows for escaping the $(VAR_NAME) syntax: i.e. 117 "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". 118 Escaped references will never be expanded, regardless 119 of whether the variable exists or not. Defaults to "".' 120 type: string 121 valueFrom: 122 description: Source for the environment variable's value. 123 Cannot be used if value is not empty. 124 properties: 125 configMapKeyRef: 126 description: Selects a key of a ConfigMap. 127 properties: 128 key: 129 description: The key to select. 130 type: string 131 name: 132 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 133 TODO: Add other useful fields. apiVersion, kind, 134 uid?' 135 type: string 136 optional: 137 description: Specify whether the ConfigMap or its 138 key must be defined 139 type: boolean 140 required: 141 - key 142 type: object 143 fieldRef: 144 description: 'Selects a field of the pod: supports metadata.name, 145 metadata.namespace, `metadata.labels[''<KEY>'']`, 146 `metadata.annotations[''<KEY>'']`, spec.nodeName, 147 spec.serviceAccountName, status.hostIP, status.podIP, 148 status.podIPs.' 149 properties: 150 apiVersion: 151 description: Version of the schema the FieldPath 152 is written in terms of, defaults to "v1". 153 type: string 154 fieldPath: 155 description: Path of the field to select in the 156 specified API version. 157 type: string 158 required: 159 - fieldPath 160 type: object 161 resourceFieldRef: 162 description: 'Selects a resource of the container: only 163 resources limits and requests (limits.cpu, limits.memory, 164 limits.ephemeral-storage, requests.cpu, requests.memory 165 and requests.ephemeral-storage) are currently supported.' 166 properties: 167 containerName: 168 description: 'Container name: required for volumes, 169 optional for env vars' 170 type: string 171 divisor: 172 anyOf: 173 - type: integer 174 - type: string 175 description: Specifies the output format of the 176 exposed resources, defaults to "1" 177 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 178 x-kubernetes-int-or-string: true 179 resource: 180 description: 'Required: resource to select' 181 type: string 182 required: 183 - resource 184 type: object 185 secretKeyRef: 186 description: Selects a key of a secret in the pod's 187 namespace 188 properties: 189 key: 190 description: The key of the secret to select from. Must 191 be a valid secret key. 192 type: string 193 name: 194 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 195 TODO: Add other useful fields. apiVersion, kind, 196 uid?' 197 type: string 198 optional: 199 description: Specify whether the Secret or its key 200 must be defined 201 type: boolean 202 required: 203 - key 204 type: object 205 type: object 206 required: 207 - name 208 type: object 209 type: array 210 logFormat: 211 description: LogFormat refers to the log format used by the Application 212 Controller component. Defaults to ArgoCDDefaultLogFormat if 213 not configured. Valid options are text or json. 214 type: string 215 logLevel: 216 description: LogLevel refers to the log level used by the Application 217 Controller component. Defaults to ArgoCDDefaultLogLevel if not 218 configured. Valid options are debug, info, error, and warn. 219 type: string 220 parallelismLimit: 221 description: ParallelismLimit defines the limit for parallel kubectl 222 operations 223 format: int32 224 type: integer 225 processors: 226 description: Processors contains the options for the Application 227 Controller processors. 228 properties: 229 operation: 230 description: Operation is the number of application operation 231 processors. 232 format: int32 233 type: integer 234 status: 235 description: Status is the number of application status processors. 236 format: int32 237 type: integer 238 type: object 239 resources: 240 description: Resources defines the Compute Resources required 241 by the container for the Application Controller. 242 properties: 243 limits: 244 additionalProperties: 245 anyOf: 246 - type: integer 247 - type: string 248 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 249 x-kubernetes-int-or-string: true 250 description: 'Limits describes the maximum amount of compute 251 resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' 252 type: object 253 requests: 254 additionalProperties: 255 anyOf: 256 - type: integer 257 - type: string 258 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 259 x-kubernetes-int-or-string: true 260 description: 'Requests describes the minimum amount of compute 261 resources required. If Requests is omitted for a container, 262 it defaults to Limits if that is explicitly specified, otherwise 263 to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' 264 type: object 265 type: object 266 sharding: 267 description: Sharding contains the options for the Application 268 Controller sharding configuration. 269 properties: 270 enabled: 271 description: Enabled defines whether sharding should be enabled 272 on the Application Controller component. 273 type: boolean 274 replicas: 275 description: Replicas defines the number of replicas to run 276 in the Application controller shard. 277 format: int32 278 type: integer 279 type: object 280 type: object 281 dex: 282 description: Dex defines the Dex server options for ArgoCD. 283 properties: 284 config: 285 description: Config is the dex connector configuration. 286 type: string 287 groups: 288 description: Optional list of required groups a user must be a 289 member of 290 items: 291 type: string 292 type: array 293 image: 294 description: Image is the Dex container image. 295 type: string 296 openShiftOAuth: 297 description: OpenShiftOAuth enables OpenShift OAuth authentication 298 for the Dex server. 299 type: boolean 300 resources: 301 description: Resources defines the Compute Resources required 302 by the container for Dex. 303 properties: 304 limits: 305 additionalProperties: 306 anyOf: 307 - type: integer 308 - type: string 309 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 310 x-kubernetes-int-or-string: true 311 description: 'Limits describes the maximum amount of compute 312 resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' 313 type: object 314 requests: 315 additionalProperties: 316 anyOf: 317 - type: integer 318 - type: string 319 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 320 x-kubernetes-int-or-string: true 321 description: 'Requests describes the minimum amount of compute 322 resources required. If Requests is omitted for a container, 323 it defaults to Limits if that is explicitly specified, otherwise 324 to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' 325 type: object 326 type: object 327 version: 328 description: Version is the Dex container image tag. 329 type: string 330 type: object 331 disableAdmin: 332 description: DisableAdmin will disable the admin user. 333 type: boolean 334 gaAnonymizeUsers: 335 description: GAAnonymizeUsers toggles user IDs being hashed before 336 sending to google analytics. 337 type: boolean 338 gaTrackingID: 339 description: GATrackingID is the google analytics tracking ID to use. 340 type: string 341 grafana: 342 description: Grafana defines the Grafana server options for ArgoCD. 343 properties: 344 enabled: 345 description: Enabled will toggle Grafana support globally for 346 ArgoCD. 347 type: boolean 348 host: 349 description: Host is the hostname to use for Ingress/Route resources. 350 type: string 351 image: 352 description: Image is the Grafana container image. 353 type: string 354 ingress: 355 description: Ingress defines the desired state for an Ingress 356 for the Grafana component. 357 properties: 358 annotations: 359 additionalProperties: 360 type: string 361 description: Annotations is the map of annotations to apply 362 to the Ingress. 363 type: object 364 enabled: 365 description: Enabled will toggle the creation of the Ingress. 366 type: boolean 367 path: 368 description: Path used for the Ingress resource. 369 type: string 370 tls: 371 description: TLS configuration. Currently the Ingress only 372 supports a single TLS port, 443. If multiple members of 373 this list specify different hosts, they will be multiplexed 374 on the same port according to the hostname specified through 375 the SNI TLS extension, if the ingress controller fulfilling 376 the ingress supports SNI. 377 items: 378 description: IngressTLS describes the transport layer security 379 associated with an Ingress. 380 properties: 381 hosts: 382 description: Hosts are a list of hosts included in the 383 TLS certificate. The values in this list must match 384 the name/s used in the tlsSecret. Defaults to the 385 wildcard host setting for the loadbalancer controller 386 fulfilling this Ingress, if left unspecified. 387 items: 388 type: string 389 type: array 390 x-kubernetes-list-type: atomic 391 secretName: 392 description: SecretName is the name of the secret used 393 to terminate TLS traffic on port 443. Field is left 394 optional to allow TLS routing based on SNI hostname 395 alone. If the SNI host in a listener conflicts with 396 the "Host" header field used by an IngressRule, the 397 SNI host is used for termination and value of the 398 Host header is used for routing. 399 type: string 400 type: object 401 type: array 402 required: 403 - enabled 404 type: object 405 resources: 406 description: Resources defines the Compute Resources required 407 by the container for Grafana. 408 properties: 409 limits: 410 additionalProperties: 411 anyOf: 412 - type: integer 413 - type: string 414 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 415 x-kubernetes-int-or-string: true 416 description: 'Limits describes the maximum amount of compute 417 resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' 418 type: object 419 requests: 420 additionalProperties: 421 anyOf: 422 - type: integer 423 - type: string 424 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 425 x-kubernetes-int-or-string: true 426 description: 'Requests describes the minimum amount of compute 427 resources required. If Requests is omitted for a container, 428 it defaults to Limits if that is explicitly specified, otherwise 429 to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' 430 type: object 431 type: object 432 route: 433 description: Route defines the desired state for an OpenShift 434 Route for the Grafana component. 435 properties: 436 annotations: 437 additionalProperties: 438 type: string 439 description: Annotations is the map of annotations to use 440 for the Route resource. 441 type: object 442 enabled: 443 description: Enabled will toggle the creation of the OpenShift 444 Route. 445 type: boolean 446 labels: 447 additionalProperties: 448 type: string 449 description: Labels is the map of labels to use for the Route 450 resource 451 type: object 452 path: 453 description: Path the router watches for, to route traffic 454 for to the service. 455 type: string 456 tls: 457 description: TLS provides the ability to configure certificates 458 and termination for the Route. 459 properties: 460 caCertificate: 461 description: caCertificate provides the cert authority 462 certificate contents 463 type: string 464 certificate: 465 description: certificate provides certificate contents 466 type: string 467 destinationCACertificate: 468 description: destinationCACertificate provides the contents 469 of the ca certificate of the final destination. When 470 using reencrypt termination this file should be provided 471 in order to have routers use it for health checks on 472 the secure connection. If this field is not specified, 473 the router may provide its own destination CA and perform 474 hostname validation using the short service name (service.namespace.svc), 475 which allows infrastructure generated certificates to 476 automatically verify. 477 type: string 478 insecureEdgeTerminationPolicy: 479 description: "insecureEdgeTerminationPolicy indicates 480 the desired behavior for insecure connections to a route. 481 While each router may make its own decisions on which 482 ports to expose, this is normally port 80. \n * Allow 483 - traffic is sent to the server on the insecure port 484 (default) * Disable - no traffic is allowed on the insecure 485 port. * Redirect - clients are redirected to the secure 486 port." 487 type: string 488 key: 489 description: key provides key file contents 490 type: string 491 termination: 492 description: termination indicates termination type. 493 type: string 494 required: 495 - termination 496 type: object 497 wildcardPolicy: 498 description: WildcardPolicy if any for the route. Currently 499 only 'Subdomain' or 'None' is allowed. 500 type: string 501 required: 502 - enabled 503 type: object 504 size: 505 description: Size is the replica count for the Grafana Deployment. 506 format: int32 507 type: integer 508 version: 509 description: Version is the Grafana container image tag. 510 type: string 511 required: 512 - enabled 513 type: object 514 ha: 515 description: HA options for High Availability support for the Redis 516 component. 517 properties: 518 enabled: 519 description: Enabled will toggle HA support globally for Argo 520 CD. 521 type: boolean 522 redisProxyImage: 523 description: RedisProxyImage is the Redis HAProxy container image. 524 type: string 525 redisProxyVersion: 526 description: RedisProxyVersion is the Redis HAProxy container 527 image tag. 528 type: string 529 resources: 530 description: Resources defines the Compute Resources required 531 by the container for HA. 532 properties: 533 limits: 534 additionalProperties: 535 anyOf: 536 - type: integer 537 - type: string 538 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 539 x-kubernetes-int-or-string: true 540 description: 'Limits describes the maximum amount of compute 541 resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' 542 type: object 543 requests: 544 additionalProperties: 545 anyOf: 546 - type: integer 547 - type: string 548 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 549 x-kubernetes-int-or-string: true 550 description: 'Requests describes the minimum amount of compute 551 resources required. If Requests is omitted for a container, 552 it defaults to Limits if that is explicitly specified, otherwise 553 to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' 554 type: object 555 type: object 556 required: 557 - enabled 558 type: object 559 helpChatText: 560 description: HelpChatText is the text for getting chat help, defaults 561 to "Chat now!" 562 type: string 563 helpChatURL: 564 description: HelpChatURL is the URL for getting chat help, this will 565 typically be your Slack channel for support. 566 type: string 567 image: 568 description: Image is the ArgoCD container image for all ArgoCD components. 569 type: string 570 import: 571 description: Import is the import/restore options for ArgoCD. 572 properties: 573 name: 574 description: Name of an ArgoCDExport from which to import data. 575 type: string 576 namespace: 577 description: Namespace for the ArgoCDExport, defaults to the same 578 namespace as the ArgoCD. 579 type: string 580 required: 581 - name 582 type: object 583 initialRepositories: 584 description: InitialRepositories to configure Argo CD with upon creation 585 of the cluster. 586 type: string 587 initialSSHKnownHosts: 588 description: InitialSSHKnownHosts defines the SSH known hosts data 589 upon creation of the cluster for connecting Git repositories via 590 SSH. 591 properties: 592 excludedefaulthosts: 593 description: ExcludeDefaultHosts describes whether you would like 594 to include the default list of SSH Known Hosts provided by ArgoCD. 595 type: boolean 596 keys: 597 description: Keys describes a custom set of SSH Known Hosts that 598 you would like to have included in your ArgoCD server. 599 type: string 600 type: object 601 kustomizeBuildOptions: 602 description: KustomizeBuildOptions is used to specify build options/parameters 603 to use with `kustomize build`. 604 type: string 605 kustomizeVersions: 606 description: KustomizeVersions is a listing of configured versions 607 of Kustomize to be made available within ArgoCD. 608 items: 609 description: KustomizeVersionSpec is used to specify information 610 about a kustomize version to be used within ArgoCD. 611 properties: 612 path: 613 description: Path is the path to a configured kustomize version 614 on the filesystem of your repo server. 615 type: string 616 version: 617 description: Version is a configured kustomize version in the 618 format of vX.Y.Z 619 type: string 620 type: object 621 type: array 622 nodePlacement: 623 description: NodePlacement defines NodeSelectors and Taints for Argo 624 CD workloads 625 properties: 626 nodeSelector: 627 additionalProperties: 628 type: string 629 description: NodeSelector is a field of PodSpec, it is a map of 630 key value pairs used for node selection 631 type: object 632 tolerations: 633 description: Tolerations allow the pods to schedule onto nodes 634 with matching taints 635 items: 636 description: The pod this Toleration is attached to tolerates 637 any taint that matches the triple <key,value,effect> using 638 the matching operator <operator>. 639 properties: 640 effect: 641 description: Effect indicates the taint effect to match. 642 Empty means match all taint effects. When specified, allowed 643 values are NoSchedule, PreferNoSchedule and NoExecute. 644 type: string 645 key: 646 description: Key is the taint key that the toleration applies 647 to. Empty means match all taint keys. If the key is empty, 648 operator must be Exists; this combination means to match 649 all values and all keys. 650 type: string 651 operator: 652 description: Operator represents a key's relationship to 653 the value. Valid operators are Exists and Equal. Defaults 654 to Equal. Exists is equivalent to wildcard for value, 655 so that a pod can tolerate all taints of a particular 656 category. 657 type: string 658 tolerationSeconds: 659 description: TolerationSeconds represents the period of 660 time the toleration (which must be of effect NoExecute, 661 otherwise this field is ignored) tolerates the taint. 662 By default, it is not set, which means tolerate the taint 663 forever (do not evict). Zero and negative values will 664 be treated as 0 (evict immediately) by the system. 665 format: int64 666 type: integer 667 value: 668 description: Value is the taint value the toleration matches 669 to. If the operator is Exists, the value should be empty, 670 otherwise just a regular string. 671 type: string 672 type: object 673 type: array 674 type: object 675 oidcConfig: 676 description: OIDCConfig is the OIDC configuration as an alternative 677 to dex. 678 type: string 679 prometheus: 680 description: Prometheus defines the Prometheus server options for 681 ArgoCD. 682 properties: 683 enabled: 684 description: Enabled will toggle Prometheus support globally for 685 ArgoCD. 686 type: boolean 687 host: 688 description: Host is the hostname to use for Ingress/Route resources. 689 type: string 690 ingress: 691 description: Ingress defines the desired state for an Ingress 692 for the Prometheus component. 693 properties: 694 annotations: 695 additionalProperties: 696 type: string 697 description: Annotations is the map of annotations to apply 698 to the Ingress. 699 type: object 700 enabled: 701 description: Enabled will toggle the creation of the Ingress. 702 type: boolean 703 path: 704 description: Path used for the Ingress resource. 705 type: string 706 tls: 707 description: TLS configuration. Currently the Ingress only 708 supports a single TLS port, 443. If multiple members of 709 this list specify different hosts, they will be multiplexed 710 on the same port according to the hostname specified through 711 the SNI TLS extension, if the ingress controller fulfilling 712 the ingress supports SNI. 713 items: 714 description: IngressTLS describes the transport layer security 715 associated with an Ingress. 716 properties: 717 hosts: 718 description: Hosts are a list of hosts included in the 719 TLS certificate. The values in this list must match 720 the name/s used in the tlsSecret. Defaults to the 721 wildcard host setting for the loadbalancer controller 722 fulfilling this Ingress, if left unspecified. 723 items: 724 type: string 725 type: array 726 x-kubernetes-list-type: atomic 727 secretName: 728 description: SecretName is the name of the secret used 729 to terminate TLS traffic on port 443. Field is left 730 optional to allow TLS routing based on SNI hostname 731 alone. If the SNI host in a listener conflicts with 732 the "Host" header field used by an IngressRule, the 733 SNI host is used for termination and value of the 734 Host header is used for routing. 735 type: string 736 type: object 737 type: array 738 required: 739 - enabled 740 type: object 741 route: 742 description: Route defines the desired state for an OpenShift 743 Route for the Prometheus component. 744 properties: 745 annotations: 746 additionalProperties: 747 type: string 748 description: Annotations is the map of annotations to use 749 for the Route resource. 750 type: object 751 enabled: 752 description: Enabled will toggle the creation of the OpenShift 753 Route. 754 type: boolean 755 labels: 756 additionalProperties: 757 type: string 758 description: Labels is the map of labels to use for the Route 759 resource 760 type: object 761 path: 762 description: Path the router watches for, to route traffic 763 for to the service. 764 type: string 765 tls: 766 description: TLS provides the ability to configure certificates 767 and termination for the Route. 768 properties: 769 caCertificate: 770 description: caCertificate provides the cert authority 771 certificate contents 772 type: string 773 certificate: 774 description: certificate provides certificate contents 775 type: string 776 destinationCACertificate: 777 description: destinationCACertificate provides the contents 778 of the ca certificate of the final destination. When 779 using reencrypt termination this file should be provided 780 in order to have routers use it for health checks on 781 the secure connection. If this field is not specified, 782 the router may provide its own destination CA and perform 783 hostname validation using the short service name (service.namespace.svc), 784 which allows infrastructure generated certificates to 785 automatically verify. 786 type: string 787 insecureEdgeTerminationPolicy: 788 description: "insecureEdgeTerminationPolicy indicates 789 the desired behavior for insecure connections to a route. 790 While each router may make its own decisions on which 791 ports to expose, this is normally port 80. \n * Allow 792 - traffic is sent to the server on the insecure port 793 (default) * Disable - no traffic is allowed on the insecure 794 port. * Redirect - clients are redirected to the secure 795 port." 796 type: string 797 key: 798 description: key provides key file contents 799 type: string 800 termination: 801 description: termination indicates termination type. 802 type: string 803 required: 804 - termination 805 type: object 806 wildcardPolicy: 807 description: WildcardPolicy if any for the route. Currently 808 only 'Subdomain' or 'None' is allowed. 809 type: string 810 required: 811 - enabled 812 type: object 813 size: 814 description: Size is the replica count for the Prometheus StatefulSet. 815 format: int32 816 type: integer 817 required: 818 - enabled 819 type: object 820 rbac: 821 description: RBAC defines the RBAC configuration for Argo CD. 822 properties: 823 defaultPolicy: 824 description: DefaultPolicy is the name of the default role which 825 Argo CD will falls back to, when authorizing API requests (optional). 826 If omitted or empty, users may be still be able to login, but 827 will see no apps, projects, etc... 828 type: string 829 policy: 830 description: 'Policy is CSV containing user-defined RBAC policies 831 and role definitions. Policy rules are in the form: p, subject, 832 resource, action, object, effect Role definitions and bindings 833 are in the form: g, subject, inherited-subject See https://github.com/argoproj/argo-cd/blob/master/docs/operator-manual/rbac.md 834 for additional information.' 835 type: string 836 scopes: 837 description: 'Scopes controls which OIDC scopes to examine during 838 rbac enforcement (in addition to `sub` scope). If omitted, defaults 839 to: ''[groups]''.' 840 type: string 841 type: object 842 redis: 843 description: Redis defines the Redis server options for ArgoCD. 844 properties: 845 image: 846 description: Image is the Redis container image. 847 type: string 848 resources: 849 description: Resources defines the Compute Resources required 850 by the container for Redis. 851 properties: 852 limits: 853 additionalProperties: 854 anyOf: 855 - type: integer 856 - type: string 857 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 858 x-kubernetes-int-or-string: true 859 description: 'Limits describes the maximum amount of compute 860 resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' 861 type: object 862 requests: 863 additionalProperties: 864 anyOf: 865 - type: integer 866 - type: string 867 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 868 x-kubernetes-int-or-string: true 869 description: 'Requests describes the minimum amount of compute 870 resources required. If Requests is omitted for a container, 871 it defaults to Limits if that is explicitly specified, otherwise 872 to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' 873 type: object 874 type: object 875 version: 876 description: Version is the Redis container image tag. 877 type: string 878 type: object 879 repo: 880 description: Repo defines the repo server options for Argo CD. 881 properties: 882 autotls: 883 description: 'AutoTLS specifies the method to use for automatic 884 TLS configuration for the repo server The value specified here 885 can currently be: - openshift - Use the OpenShift service CA 886 to request TLS config' 887 type: string 888 env: 889 description: Env lets you specify environment for repo server 890 pods 891 items: 892 description: EnvVar represents an environment variable present 893 in a Container. 894 properties: 895 name: 896 description: Name of the environment variable. Must be a 897 C_IDENTIFIER. 898 type: string 899 value: 900 description: 'Variable references $(VAR_NAME) are expanded 901 using the previously defined environment variables in 902 the container and any service environment variables. If 903 a variable cannot be resolved, the reference in the input 904 string will be unchanged. Double $$ are reduced to a single 905 $, which allows for escaping the $(VAR_NAME) syntax: i.e. 906 "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". 907 Escaped references will never be expanded, regardless 908 of whether the variable exists or not. Defaults to "".' 909 type: string 910 valueFrom: 911 description: Source for the environment variable's value. 912 Cannot be used if value is not empty. 913 properties: 914 configMapKeyRef: 915 description: Selects a key of a ConfigMap. 916 properties: 917 key: 918 description: The key to select. 919 type: string 920 name: 921 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 922 TODO: Add other useful fields. apiVersion, kind, 923 uid?' 924 type: string 925 optional: 926 description: Specify whether the ConfigMap or its 927 key must be defined 928 type: boolean 929 required: 930 - key 931 type: object 932 fieldRef: 933 description: 'Selects a field of the pod: supports metadata.name, 934 metadata.namespace, `metadata.labels[''<KEY>'']`, 935 `metadata.annotations[''<KEY>'']`, spec.nodeName, 936 spec.serviceAccountName, status.hostIP, status.podIP, 937 status.podIPs.' 938 properties: 939 apiVersion: 940 description: Version of the schema the FieldPath 941 is written in terms of, defaults to "v1". 942 type: string 943 fieldPath: 944 description: Path of the field to select in the 945 specified API version. 946 type: string 947 required: 948 - fieldPath 949 type: object 950 resourceFieldRef: 951 description: 'Selects a resource of the container: only 952 resources limits and requests (limits.cpu, limits.memory, 953 limits.ephemeral-storage, requests.cpu, requests.memory 954 and requests.ephemeral-storage) are currently supported.' 955 properties: 956 containerName: 957 description: 'Container name: required for volumes, 958 optional for env vars' 959 type: string 960 divisor: 961 anyOf: 962 - type: integer 963 - type: string 964 description: Specifies the output format of the 965 exposed resources, defaults to "1" 966 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 967 x-kubernetes-int-or-string: true 968 resource: 969 description: 'Required: resource to select' 970 type: string 971 required: 972 - resource 973 type: object 974 secretKeyRef: 975 description: Selects a key of a secret in the pod's 976 namespace 977 properties: 978 key: 979 description: The key of the secret to select from. Must 980 be a valid secret key. 981 type: string 982 name: 983 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 984 TODO: Add other useful fields. apiVersion, kind, 985 uid?' 986 type: string 987 optional: 988 description: Specify whether the Secret or its key 989 must be defined 990 type: boolean 991 required: 992 - key 993 type: object 994 type: object 995 required: 996 - name 997 type: object 998 type: array 999 execTimeout: 1000 description: ExecTimeout specifies the timeout in seconds for 1001 tool execution 1002 type: integer 1003 image: 1004 description: Image is the ArgoCD Repo Server container image. 1005 type: string 1006 initContainers: 1007 description: InitContainers defines the list of initialization 1008 containers for the repo server deployment 1009 items: 1010 description: A single application container that you want to 1011 run within a pod. 1012 properties: 1013 args: 1014 description: 'Arguments to the entrypoint. The docker image''s 1015 CMD is used if this is not provided. Variable references 1016 $(VAR_NAME) are expanded using the container''s environment. 1017 If a variable cannot be resolved, the reference in the 1018 input string will be unchanged. Double $$ are reduced 1019 to a single $, which allows for escaping the $(VAR_NAME) 1020 syntax: i.e. "$$(VAR_NAME)" will produce the string literal 1021 "$(VAR_NAME)". Escaped references will never be expanded, 1022 regardless of whether the variable exists or not. Cannot 1023 be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell' 1024 items: 1025 type: string 1026 type: array 1027 command: 1028 description: 'Entrypoint array. Not executed within a shell. 1029 The docker image''s ENTRYPOINT is used if this is not 1030 provided. Variable references $(VAR_NAME) are expanded 1031 using the container''s environment. If a variable cannot 1032 be resolved, the reference in the input string will be 1033 unchanged. Double $$ are reduced to a single $, which 1034 allows for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" 1035 will produce the string literal "$(VAR_NAME)". Escaped 1036 references will never be expanded, regardless of whether 1037 the variable exists or not. Cannot be updated. More info: 1038 https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell' 1039 items: 1040 type: string 1041 type: array 1042 env: 1043 description: List of environment variables to set in the 1044 container. Cannot be updated. 1045 items: 1046 description: EnvVar represents an environment variable 1047 present in a Container. 1048 properties: 1049 name: 1050 description: Name of the environment variable. Must 1051 be a C_IDENTIFIER. 1052 type: string 1053 value: 1054 description: 'Variable references $(VAR_NAME) are 1055 expanded using the previously defined environment 1056 variables in the container and any service environment 1057 variables. If a variable cannot be resolved, the 1058 reference in the input string will be unchanged. 1059 Double $$ are reduced to a single $, which allows 1060 for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" 1061 will produce the string literal "$(VAR_NAME)". Escaped 1062 references will never be expanded, regardless of 1063 whether the variable exists or not. Defaults to 1064 "".' 1065 type: string 1066 valueFrom: 1067 description: Source for the environment variable's 1068 value. Cannot be used if value is not empty. 1069 properties: 1070 configMapKeyRef: 1071 description: Selects a key of a ConfigMap. 1072 properties: 1073 key: 1074 description: The key to select. 1075 type: string 1076 name: 1077 description: 'Name of the referent. More info: 1078 https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 1079 TODO: Add other useful fields. apiVersion, 1080 kind, uid?' 1081 type: string 1082 optional: 1083 description: Specify whether the ConfigMap 1084 or its key must be defined 1085 type: boolean 1086 required: 1087 - key 1088 type: object 1089 fieldRef: 1090 description: 'Selects a field of the pod: supports 1091 metadata.name, metadata.namespace, `metadata.labels[''<KEY>'']`, 1092 `metadata.annotations[''<KEY>'']`, spec.nodeName, 1093 spec.serviceAccountName, status.hostIP, status.podIP, 1094 status.podIPs.' 1095 properties: 1096 apiVersion: 1097 description: Version of the schema the FieldPath 1098 is written in terms of, defaults to "v1". 1099 type: string 1100 fieldPath: 1101 description: Path of the field to select in 1102 the specified API version. 1103 type: string 1104 required: 1105 - fieldPath 1106 type: object 1107 resourceFieldRef: 1108 description: 'Selects a resource of the container: 1109 only resources limits and requests (limits.cpu, 1110 limits.memory, limits.ephemeral-storage, requests.cpu, 1111 requests.memory and requests.ephemeral-storage) 1112 are currently supported.' 1113 properties: 1114 containerName: 1115 description: 'Container name: required for 1116 volumes, optional for env vars' 1117 type: string 1118 divisor: 1119 anyOf: 1120 - type: integer 1121 - type: string 1122 description: Specifies the output format of 1123 the exposed resources, defaults to "1" 1124 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 1125 x-kubernetes-int-or-string: true 1126 resource: 1127 description: 'Required: resource to select' 1128 type: string 1129 required: 1130 - resource 1131 type: object 1132 secretKeyRef: 1133 description: Selects a key of a secret in the 1134 pod's namespace 1135 properties: 1136 key: 1137 description: The key of the secret to select 1138 from. Must be a valid secret key. 1139 type: string 1140 name: 1141 description: 'Name of the referent. More info: 1142 https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 1143 TODO: Add other useful fields. apiVersion, 1144 kind, uid?' 1145 type: string 1146 optional: 1147 description: Specify whether the Secret or 1148 its key must be defined 1149 type: boolean 1150 required: 1151 - key 1152 type: object 1153 type: object 1154 required: 1155 - name 1156 type: object 1157 type: array 1158 envFrom: 1159 description: List of sources to populate environment variables 1160 in the container. The keys defined within a source must 1161 be a C_IDENTIFIER. All invalid keys will be reported as 1162 an event when the container is starting. When a key exists 1163 in multiple sources, the value associated with the last 1164 source will take precedence. Values defined by an Env 1165 with a duplicate key will take precedence. Cannot be updated. 1166 items: 1167 description: EnvFromSource represents the source of a 1168 set of ConfigMaps 1169 properties: 1170 configMapRef: 1171 description: The ConfigMap to select from 1172 properties: 1173 name: 1174 description: 'Name of the referent. More info: 1175 https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 1176 TODO: Add other useful fields. apiVersion, kind, 1177 uid?' 1178 type: string 1179 optional: 1180 description: Specify whether the ConfigMap must 1181 be defined 1182 type: boolean 1183 type: object 1184 prefix: 1185 description: An optional identifier to prepend to 1186 each key in the ConfigMap. Must be a C_IDENTIFIER. 1187 type: string 1188 secretRef: 1189 description: The Secret to select from 1190 properties: 1191 name: 1192 description: 'Name of the referent. More info: 1193 https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 1194 TODO: Add other useful fields. apiVersion, kind, 1195 uid?' 1196 type: string 1197 optional: 1198 description: Specify whether the Secret must be 1199 defined 1200 type: boolean 1201 type: object 1202 type: object 1203 type: array 1204 image: 1205 description: 'Docker image name. More info: https://kubernetes.io/docs/concepts/containers/images 1206 This field is optional to allow higher level config management 1207 to default or override container images in workload controllers 1208 like Deployments and StatefulSets.' 1209 type: string 1210 imagePullPolicy: 1211 description: 'Image pull policy. One of Always, Never, IfNotPresent. 1212 Defaults to Always if :latest tag is specified, or IfNotPresent 1213 otherwise. Cannot be updated. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images' 1214 type: string 1215 lifecycle: 1216 description: Actions that the management system should take 1217 in response to container lifecycle events. Cannot be updated. 1218 properties: 1219 postStart: 1220 description: 'PostStart is called immediately after 1221 a container is created. If the handler fails, the 1222 container is terminated and restarted according to 1223 its restart policy. Other management of the container 1224 blocks until the hook completes. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks' 1225 properties: 1226 exec: 1227 description: One and only one of the following should 1228 be specified. Exec specifies the action to take. 1229 properties: 1230 command: 1231 description: Command is the command line to 1232 execute inside the container, the working 1233 directory for the command is root ('/') in 1234 the container's filesystem. The command is 1235 simply exec'd, it is not run inside a shell, 1236 so traditional shell instructions ('|', etc) 1237 won't work. To use a shell, you need to explicitly 1238 call out to that shell. Exit status of 0 is 1239 treated as live/healthy and non-zero is unhealthy. 1240 items: 1241 type: string 1242 type: array 1243 type: object 1244 httpGet: 1245 description: HTTPGet specifies the http request 1246 to perform. 1247 properties: 1248 host: 1249 description: Host name to connect to, defaults 1250 to the pod IP. You probably want to set "Host" 1251 in httpHeaders instead. 1252 type: string 1253 httpHeaders: 1254 description: Custom headers to set in the request. 1255 HTTP allows repeated headers. 1256 items: 1257 description: HTTPHeader describes a custom 1258 header to be used in HTTP probes 1259 properties: 1260 name: 1261 description: The header field name 1262 type: string 1263 value: 1264 description: The header field value 1265 type: string 1266 required: 1267 - name 1268 - value 1269 type: object 1270 type: array 1271 path: 1272 description: Path to access on the HTTP server. 1273 type: string 1274 port: 1275 anyOf: 1276 - type: integer 1277 - type: string 1278 description: Name or number of the port to access 1279 on the container. Number must be in the range 1280 1 to 65535. Name must be an IANA_SVC_NAME. 1281 x-kubernetes-int-or-string: true 1282 scheme: 1283 description: Scheme to use for connecting to 1284 the host. Defaults to HTTP. 1285 type: string 1286 required: 1287 - port 1288 type: object 1289 tcpSocket: 1290 description: 'TCPSocket specifies an action involving 1291 a TCP port. TCP hooks not yet supported TODO: 1292 implement a realistic TCP lifecycle hook' 1293 properties: 1294 host: 1295 description: 'Optional: Host name to connect 1296 to, defaults to the pod IP.' 1297 type: string 1298 port: 1299 anyOf: 1300 - type: integer 1301 - type: string 1302 description: Number or name of the port to access 1303 on the container. Number must be in the range 1304 1 to 65535. Name must be an IANA_SVC_NAME. 1305 x-kubernetes-int-or-string: true 1306 required: 1307 - port 1308 type: object 1309 type: object 1310 preStop: 1311 description: 'PreStop is called immediately before a 1312 container is terminated due to an API request or management 1313 event such as liveness/startup probe failure, preemption, 1314 resource contention, etc. The handler is not called 1315 if the container crashes or exits. The reason for 1316 termination is passed to the handler. The Pod''s termination 1317 grace period countdown begins before the PreStop hooked 1318 is executed. Regardless of the outcome of the handler, 1319 the container will eventually terminate within the 1320 Pod''s termination grace period. Other management 1321 of the container blocks until the hook completes or 1322 until the termination grace period is reached. More 1323 info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks' 1324 properties: 1325 exec: 1326 description: One and only one of the following should 1327 be specified. Exec specifies the action to take. 1328 properties: 1329 command: 1330 description: Command is the command line to 1331 execute inside the container, the working 1332 directory for the command is root ('/') in 1333 the container's filesystem. The command is 1334 simply exec'd, it is not run inside a shell, 1335 so traditional shell instructions ('|', etc) 1336 won't work. To use a shell, you need to explicitly 1337 call out to that shell. Exit status of 0 is 1338 treated as live/healthy and non-zero is unhealthy. 1339 items: 1340 type: string 1341 type: array 1342 type: object 1343 httpGet: 1344 description: HTTPGet specifies the http request 1345 to perform. 1346 properties: 1347 host: 1348 description: Host name to connect to, defaults 1349 to the pod IP. You probably want to set "Host" 1350 in httpHeaders instead. 1351 type: string 1352 httpHeaders: 1353 description: Custom headers to set in the request. 1354 HTTP allows repeated headers. 1355 items: 1356 description: HTTPHeader describes a custom 1357 header to be used in HTTP probes 1358 properties: 1359 name: 1360 description: The header field name 1361 type: string 1362 value: 1363 description: The header field value 1364 type: string 1365 required: 1366 - name 1367 - value 1368 type: object 1369 type: array 1370 path: 1371 description: Path to access on the HTTP server. 1372 type: string 1373 port: 1374 anyOf: 1375 - type: integer 1376 - type: string 1377 description: Name or number of the port to access 1378 on the container. Number must be in the range 1379 1 to 65535. Name must be an IANA_SVC_NAME. 1380 x-kubernetes-int-or-string: true 1381 scheme: 1382 description: Scheme to use for connecting to 1383 the host. Defaults to HTTP. 1384 type: string 1385 required: 1386 - port 1387 type: object 1388 tcpSocket: 1389 description: 'TCPSocket specifies an action involving 1390 a TCP port. TCP hooks not yet supported TODO: 1391 implement a realistic TCP lifecycle hook' 1392 properties: 1393 host: 1394 description: 'Optional: Host name to connect 1395 to, defaults to the pod IP.' 1396 type: string 1397 port: 1398 anyOf: 1399 - type: integer 1400 - type: string 1401 description: Number or name of the port to access 1402 on the container. Number must be in the range 1403 1 to 65535. Name must be an IANA_SVC_NAME. 1404 x-kubernetes-int-or-string: true 1405 required: 1406 - port 1407 type: object 1408 type: object 1409 type: object 1410 livenessProbe: 1411 description: 'Periodic probe of container liveness. Container 1412 will be restarted if the probe fails. Cannot be updated. 1413 More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' 1414 properties: 1415 exec: 1416 description: One and only one of the following should 1417 be specified. Exec specifies the action to take. 1418 properties: 1419 command: 1420 description: Command is the command line to execute 1421 inside the container, the working directory for 1422 the command is root ('/') in the container's 1423 filesystem. The command is simply exec'd, it is 1424 not run inside a shell, so traditional shell instructions 1425 ('|', etc) won't work. To use a shell, you need 1426 to explicitly call out to that shell. Exit status 1427 of 0 is treated as live/healthy and non-zero is 1428 unhealthy. 1429 items: 1430 type: string 1431 type: array 1432 type: object 1433 failureThreshold: 1434 description: Minimum consecutive failures for the probe 1435 to be considered failed after having succeeded. Defaults 1436 to 3. Minimum value is 1. 1437 format: int32 1438 type: integer 1439 httpGet: 1440 description: HTTPGet specifies the http request to perform. 1441 properties: 1442 host: 1443 description: Host name to connect to, defaults to 1444 the pod IP. You probably want to set "Host" in 1445 httpHeaders instead. 1446 type: string 1447 httpHeaders: 1448 description: Custom headers to set in the request. 1449 HTTP allows repeated headers. 1450 items: 1451 description: HTTPHeader describes a custom header 1452 to be used in HTTP probes 1453 properties: 1454 name: 1455 description: The header field name 1456 type: string 1457 value: 1458 description: The header field value 1459 type: string 1460 required: 1461 - name 1462 - value 1463 type: object 1464 type: array 1465 path: 1466 description: Path to access on the HTTP server. 1467 type: string 1468 port: 1469 anyOf: 1470 - type: integer 1471 - type: string 1472 description: Name or number of the port to access 1473 on the container. Number must be in the range 1474 1 to 65535. Name must be an IANA_SVC_NAME. 1475 x-kubernetes-int-or-string: true 1476 scheme: 1477 description: Scheme to use for connecting to the 1478 host. Defaults to HTTP. 1479 type: string 1480 required: 1481 - port 1482 type: object 1483 initialDelaySeconds: 1484 description: 'Number of seconds after the container 1485 has started before liveness probes are initiated. 1486 More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' 1487 format: int32 1488 type: integer 1489 periodSeconds: 1490 description: How often (in seconds) to perform the probe. 1491 Default to 10 seconds. Minimum value is 1. 1492 format: int32 1493 type: integer 1494 successThreshold: 1495 description: Minimum consecutive successes for the probe 1496 to be considered successful after having failed. Defaults 1497 to 1. Must be 1 for liveness and startup. Minimum 1498 value is 1. 1499 format: int32 1500 type: integer 1501 tcpSocket: 1502 description: 'TCPSocket specifies an action involving 1503 a TCP port. TCP hooks not yet supported TODO: implement 1504 a realistic TCP lifecycle hook' 1505 properties: 1506 host: 1507 description: 'Optional: Host name to connect to, 1508 defaults to the pod IP.' 1509 type: string 1510 port: 1511 anyOf: 1512 - type: integer 1513 - type: string 1514 description: Number or name of the port to access 1515 on the container. Number must be in the range 1516 1 to 65535. Name must be an IANA_SVC_NAME. 1517 x-kubernetes-int-or-string: true 1518 required: 1519 - port 1520 type: object 1521 terminationGracePeriodSeconds: 1522 description: Optional duration in seconds the pod needs 1523 to terminate gracefully upon probe failure. The grace 1524 period is the duration in seconds after the processes 1525 running in the pod are sent a termination signal and 1526 the time when the processes are forcibly halted with 1527 a kill signal. Set this value longer than the expected 1528 cleanup time for your process. If this value is nil, 1529 the pod's terminationGracePeriodSeconds will be used. 1530 Otherwise, this value overrides the value provided 1531 by the pod spec. Value must be non-negative integer. 1532 The value zero indicates stop immediately via the 1533 kill signal (no opportunity to shut down). This is 1534 a beta field and requires enabling ProbeTerminationGracePeriod 1535 feature gate. Minimum value is 1. spec.terminationGracePeriodSeconds 1536 is used if unset. 1537 format: int64 1538 type: integer 1539 timeoutSeconds: 1540 description: 'Number of seconds after which the probe 1541 times out. Defaults to 1 second. Minimum value is 1542 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' 1543 format: int32 1544 type: integer 1545 type: object 1546 name: 1547 description: Name of the container specified as a DNS_LABEL. 1548 Each container in a pod must have a unique name (DNS_LABEL). 1549 Cannot be updated. 1550 type: string 1551 ports: 1552 description: List of ports to expose from the container. 1553 Exposing a port here gives the system additional information 1554 about the network connections a container uses, but is 1555 primarily informational. Not specifying a port here DOES 1556 NOT prevent that port from being exposed. Any port which 1557 is listening on the default "0.0.0.0" address inside a 1558 container will be accessible from the network. Cannot 1559 be updated. 1560 items: 1561 description: ContainerPort represents a network port in 1562 a single container. 1563 properties: 1564 containerPort: 1565 description: Number of port to expose on the pod's 1566 IP address. This must be a valid port number, 0 1567 < x < 65536. 1568 format: int32 1569 type: integer 1570 hostIP: 1571 description: What host IP to bind the external port 1572 to. 1573 type: string 1574 hostPort: 1575 description: Number of port to expose on the host. 1576 If specified, this must be a valid port number, 1577 0 < x < 65536. If HostNetwork is specified, this 1578 must match ContainerPort. Most containers do not 1579 need this. 1580 format: int32 1581 type: integer 1582 name: 1583 description: If specified, this must be an IANA_SVC_NAME 1584 and unique within the pod. Each named port in a 1585 pod must have a unique name. Name for the port that 1586 can be referred to by services. 1587 type: string 1588 protocol: 1589 default: TCP 1590 description: Protocol for port. Must be UDP, TCP, 1591 or SCTP. Defaults to "TCP". 1592 type: string 1593 required: 1594 - containerPort 1595 type: object 1596 type: array 1597 x-kubernetes-list-map-keys: 1598 - containerPort 1599 - protocol 1600 x-kubernetes-list-type: map 1601 readinessProbe: 1602 description: 'Periodic probe of container service readiness. 1603 Container will be removed from service endpoints if the 1604 probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' 1605 properties: 1606 exec: 1607 description: One and only one of the following should 1608 be specified. Exec specifies the action to take. 1609 properties: 1610 command: 1611 description: Command is the command line to execute 1612 inside the container, the working directory for 1613 the command is root ('/') in the container's 1614 filesystem. The command is simply exec'd, it is 1615 not run inside a shell, so traditional shell instructions 1616 ('|', etc) won't work. To use a shell, you need 1617 to explicitly call out to that shell. Exit status 1618 of 0 is treated as live/healthy and non-zero is 1619 unhealthy. 1620 items: 1621 type: string 1622 type: array 1623 type: object 1624 failureThreshold: 1625 description: Minimum consecutive failures for the probe 1626 to be considered failed after having succeeded. Defaults 1627 to 3. Minimum value is 1. 1628 format: int32 1629 type: integer 1630 httpGet: 1631 description: HTTPGet specifies the http request to perform. 1632 properties: 1633 host: 1634 description: Host name to connect to, defaults to 1635 the pod IP. You probably want to set "Host" in 1636 httpHeaders instead. 1637 type: string 1638 httpHeaders: 1639 description: Custom headers to set in the request. 1640 HTTP allows repeated headers. 1641 items: 1642 description: HTTPHeader describes a custom header 1643 to be used in HTTP probes 1644 properties: 1645 name: 1646 description: The header field name 1647 type: string 1648 value: 1649 description: The header field value 1650 type: string 1651 required: 1652 - name 1653 - value 1654 type: object 1655 type: array 1656 path: 1657 description: Path to access on the HTTP server. 1658 type: string 1659 port: 1660 anyOf: 1661 - type: integer 1662 - type: string 1663 description: Name or number of the port to access 1664 on the container. Number must be in the range 1665 1 to 65535. Name must be an IANA_SVC_NAME. 1666 x-kubernetes-int-or-string: true 1667 scheme: 1668 description: Scheme to use for connecting to the 1669 host. Defaults to HTTP. 1670 type: string 1671 required: 1672 - port 1673 type: object 1674 initialDelaySeconds: 1675 description: 'Number of seconds after the container 1676 has started before liveness probes are initiated. 1677 More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' 1678 format: int32 1679 type: integer 1680 periodSeconds: 1681 description: How often (in seconds) to perform the probe. 1682 Default to 10 seconds. Minimum value is 1. 1683 format: int32 1684 type: integer 1685 successThreshold: 1686 description: Minimum consecutive successes for the probe 1687 to be considered successful after having failed. Defaults 1688 to 1. Must be 1 for liveness and startup. Minimum 1689 value is 1. 1690 format: int32 1691 type: integer 1692 tcpSocket: 1693 description: 'TCPSocket specifies an action involving 1694 a TCP port. TCP hooks not yet supported TODO: implement 1695 a realistic TCP lifecycle hook' 1696 properties: 1697 host: 1698 description: 'Optional: Host name to connect to, 1699 defaults to the pod IP.' 1700 type: string 1701 port: 1702 anyOf: 1703 - type: integer 1704 - type: string 1705 description: Number or name of the port to access 1706 on the container. Number must be in the range 1707 1 to 65535. Name must be an IANA_SVC_NAME. 1708 x-kubernetes-int-or-string: true 1709 required: 1710 - port 1711 type: object 1712 terminationGracePeriodSeconds: 1713 description: Optional duration in seconds the pod needs 1714 to terminate gracefully upon probe failure. The grace 1715 period is the duration in seconds after the processes 1716 running in the pod are sent a termination signal and 1717 the time when the processes are forcibly halted with 1718 a kill signal. Set this value longer than the expected 1719 cleanup time for your process. If this value is nil, 1720 the pod's terminationGracePeriodSeconds will be used. 1721 Otherwise, this value overrides the value provided 1722 by the pod spec. Value must be non-negative integer. 1723 The value zero indicates stop immediately via the 1724 kill signal (no opportunity to shut down). This is 1725 a beta field and requires enabling ProbeTerminationGracePeriod 1726 feature gate. Minimum value is 1. spec.terminationGracePeriodSeconds 1727 is used if unset. 1728 format: int64 1729 type: integer 1730 timeoutSeconds: 1731 description: 'Number of seconds after which the probe 1732 times out. Defaults to 1 second. Minimum value is 1733 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' 1734 format: int32 1735 type: integer 1736 type: object 1737 resources: 1738 description: 'Compute Resources required by this container. 1739 Cannot be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' 1740 properties: 1741 limits: 1742 additionalProperties: 1743 anyOf: 1744 - type: integer 1745 - type: string 1746 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 1747 x-kubernetes-int-or-string: true 1748 description: 'Limits describes the maximum amount of 1749 compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' 1750 type: object 1751 requests: 1752 additionalProperties: 1753 anyOf: 1754 - type: integer 1755 - type: string 1756 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 1757 x-kubernetes-int-or-string: true 1758 description: 'Requests describes the minimum amount 1759 of compute resources required. If Requests is omitted 1760 for a container, it defaults to Limits if that is 1761 explicitly specified, otherwise to an implementation-defined 1762 value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' 1763 type: object 1764 type: object 1765 securityContext: 1766 description: 'SecurityContext defines the security options 1767 the container should be run with. If set, the fields of 1768 SecurityContext override the equivalent fields of PodSecurityContext. 1769 More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/' 1770 properties: 1771 allowPrivilegeEscalation: 1772 description: 'AllowPrivilegeEscalation controls whether 1773 a process can gain more privileges than its parent 1774 process. This bool directly controls if the no_new_privs 1775 flag will be set on the container process. AllowPrivilegeEscalation 1776 is true always when the container is: 1) run as Privileged 1777 2) has CAP_SYS_ADMIN' 1778 type: boolean 1779 capabilities: 1780 description: The capabilities to add/drop when running 1781 containers. Defaults to the default set of capabilities 1782 granted by the container runtime. 1783 properties: 1784 add: 1785 description: Added capabilities 1786 items: 1787 description: Capability represent POSIX capabilities 1788 type 1789 type: string 1790 type: array 1791 drop: 1792 description: Removed capabilities 1793 items: 1794 description: Capability represent POSIX capabilities 1795 type 1796 type: string 1797 type: array 1798 type: object 1799 privileged: 1800 description: Run container in privileged mode. Processes 1801 in privileged containers are essentially equivalent 1802 to root on the host. Defaults to false. 1803 type: boolean 1804 procMount: 1805 description: procMount denotes the type of proc mount 1806 to use for the containers. The default is DefaultProcMount 1807 which uses the container runtime defaults for readonly 1808 paths and masked paths. This requires the ProcMountType 1809 feature flag to be enabled. 1810 type: string 1811 readOnlyRootFilesystem: 1812 description: Whether this container has a read-only 1813 root filesystem. Default is false. 1814 type: boolean 1815 runAsGroup: 1816 description: The GID to run the entrypoint of the container 1817 process. Uses runtime default if unset. May also be 1818 set in PodSecurityContext. If set in both SecurityContext 1819 and PodSecurityContext, the value specified in SecurityContext 1820 takes precedence. 1821 format: int64 1822 type: integer 1823 runAsNonRoot: 1824 description: Indicates that the container must run as 1825 a non-root user. If true, the Kubelet will validate 1826 the image at runtime to ensure that it does not run 1827 as UID 0 (root) and fail to start the container if 1828 it does. If unset or false, no such validation will 1829 be performed. May also be set in PodSecurityContext. If 1830 set in both SecurityContext and PodSecurityContext, 1831 the value specified in SecurityContext takes precedence. 1832 type: boolean 1833 runAsUser: 1834 description: The UID to run the entrypoint of the container 1835 process. Defaults to user specified in image metadata 1836 if unspecified. May also be set in PodSecurityContext. If 1837 set in both SecurityContext and PodSecurityContext, 1838 the value specified in SecurityContext takes precedence. 1839 format: int64 1840 type: integer 1841 seLinuxOptions: 1842 description: The SELinux context to be applied to the 1843 container. If unspecified, the container runtime will 1844 allocate a random SELinux context for each container. May 1845 also be set in PodSecurityContext. If set in both 1846 SecurityContext and PodSecurityContext, the value 1847 specified in SecurityContext takes precedence. 1848 properties: 1849 level: 1850 description: Level is SELinux level label that applies 1851 to the container. 1852 type: string 1853 role: 1854 description: Role is a SELinux role label that applies 1855 to the container. 1856 type: string 1857 type: 1858 description: Type is a SELinux type label that applies 1859 to the container. 1860 type: string 1861 user: 1862 description: User is a SELinux user label that applies 1863 to the container. 1864 type: string 1865 type: object 1866 seccompProfile: 1867 description: The seccomp options to use by this container. 1868 If seccomp options are provided at both the pod & 1869 container level, the container options override the 1870 pod options. 1871 properties: 1872 localhostProfile: 1873 description: localhostProfile indicates a profile 1874 defined in a file on the node should be used. 1875 The profile must be preconfigured on the node 1876 to work. Must be a descending path, relative to 1877 the kubelet's configured seccomp profile location. 1878 Must only be set if type is "Localhost". 1879 type: string 1880 type: 1881 description: "type indicates which kind of seccomp 1882 profile will be applied. Valid options are: \n 1883 Localhost - a profile defined in a file on the 1884 node should be used. RuntimeDefault - the container 1885 runtime default profile should be used. Unconfined 1886 - no profile should be applied." 1887 type: string 1888 required: 1889 - type 1890 type: object 1891 windowsOptions: 1892 description: The Windows specific settings applied to 1893 all containers. If unspecified, the options from the 1894 PodSecurityContext will be used. If set in both SecurityContext 1895 and PodSecurityContext, the value specified in SecurityContext 1896 takes precedence. 1897 properties: 1898 gmsaCredentialSpec: 1899 description: GMSACredentialSpec is where the GMSA 1900 admission webhook (https://github.com/kubernetes-sigs/windows-gmsa) 1901 inlines the contents of the GMSA credential spec 1902 named by the GMSACredentialSpecName field. 1903 type: string 1904 gmsaCredentialSpecName: 1905 description: GMSACredentialSpecName is the name 1906 of the GMSA credential spec to use. 1907 type: string 1908 hostProcess: 1909 description: HostProcess determines if a container 1910 should be run as a 'Host Process' container. This 1911 field is alpha-level and will only be honored 1912 by components that enable the WindowsHostProcessContainers 1913 feature flag. Setting this field without the feature 1914 flag will result in errors when validating the 1915 Pod. All of a Pod's containers must have the same 1916 effective HostProcess value (it is not allowed 1917 to have a mix of HostProcess containers and non-HostProcess 1918 containers). In addition, if HostProcess is true 1919 then HostNetwork must also be set to true. 1920 type: boolean 1921 runAsUserName: 1922 description: The UserName in Windows to run the 1923 entrypoint of the container process. Defaults 1924 to the user specified in image metadata if unspecified. 1925 May also be set in PodSecurityContext. If set 1926 in both SecurityContext and PodSecurityContext, 1927 the value specified in SecurityContext takes precedence. 1928 type: string 1929 type: object 1930 type: object 1931 startupProbe: 1932 description: 'StartupProbe indicates that the Pod has successfully 1933 initialized. If specified, no other probes are executed 1934 until this completes successfully. If this probe fails, 1935 the Pod will be restarted, just as if the livenessProbe 1936 failed. This can be used to provide different probe parameters 1937 at the beginning of a Pod''s lifecycle, when it might 1938 take a long time to load data or warm a cache, than during 1939 steady-state operation. This cannot be updated. More info: 1940 https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' 1941 properties: 1942 exec: 1943 description: One and only one of the following should 1944 be specified. Exec specifies the action to take. 1945 properties: 1946 command: 1947 description: Command is the command line to execute 1948 inside the container, the working directory for 1949 the command is root ('/') in the container's 1950 filesystem. The command is simply exec'd, it is 1951 not run inside a shell, so traditional shell instructions 1952 ('|', etc) won't work. To use a shell, you need 1953 to explicitly call out to that shell. Exit status 1954 of 0 is treated as live/healthy and non-zero is 1955 unhealthy. 1956 items: 1957 type: string 1958 type: array 1959 type: object 1960 failureThreshold: 1961 description: Minimum consecutive failures for the probe 1962 to be considered failed after having succeeded. Defaults 1963 to 3. Minimum value is 1. 1964 format: int32 1965 type: integer 1966 httpGet: 1967 description: HTTPGet specifies the http request to perform. 1968 properties: 1969 host: 1970 description: Host name to connect to, defaults to 1971 the pod IP. You probably want to set "Host" in 1972 httpHeaders instead. 1973 type: string 1974 httpHeaders: 1975 description: Custom headers to set in the request. 1976 HTTP allows repeated headers. 1977 items: 1978 description: HTTPHeader describes a custom header 1979 to be used in HTTP probes 1980 properties: 1981 name: 1982 description: The header field name 1983 type: string 1984 value: 1985 description: The header field value 1986 type: string 1987 required: 1988 - name 1989 - value 1990 type: object 1991 type: array 1992 path: 1993 description: Path to access on the HTTP server. 1994 type: string 1995 port: 1996 anyOf: 1997 - type: integer 1998 - type: string 1999 description: Name or number of the port to access 2000 on the container. Number must be in the range 2001 1 to 65535. Name must be an IANA_SVC_NAME. 2002 x-kubernetes-int-or-string: true 2003 scheme: 2004 description: Scheme to use for connecting to the 2005 host. Defaults to HTTP. 2006 type: string 2007 required: 2008 - port 2009 type: object 2010 initialDelaySeconds: 2011 description: 'Number of seconds after the container 2012 has started before liveness probes are initiated. 2013 More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' 2014 format: int32 2015 type: integer 2016 periodSeconds: 2017 description: How often (in seconds) to perform the probe. 2018 Default to 10 seconds. Minimum value is 1. 2019 format: int32 2020 type: integer 2021 successThreshold: 2022 description: Minimum consecutive successes for the probe 2023 to be considered successful after having failed. Defaults 2024 to 1. Must be 1 for liveness and startup. Minimum 2025 value is 1. 2026 format: int32 2027 type: integer 2028 tcpSocket: 2029 description: 'TCPSocket specifies an action involving 2030 a TCP port. TCP hooks not yet supported TODO: implement 2031 a realistic TCP lifecycle hook' 2032 properties: 2033 host: 2034 description: 'Optional: Host name to connect to, 2035 defaults to the pod IP.' 2036 type: string 2037 port: 2038 anyOf: 2039 - type: integer 2040 - type: string 2041 description: Number or name of the port to access 2042 on the container. Number must be in the range 2043 1 to 65535. Name must be an IANA_SVC_NAME. 2044 x-kubernetes-int-or-string: true 2045 required: 2046 - port 2047 type: object 2048 terminationGracePeriodSeconds: 2049 description: Optional duration in seconds the pod needs 2050 to terminate gracefully upon probe failure. The grace 2051 period is the duration in seconds after the processes 2052 running in the pod are sent a termination signal and 2053 the time when the processes are forcibly halted with 2054 a kill signal. Set this value longer than the expected 2055 cleanup time for your process. If this value is nil, 2056 the pod's terminationGracePeriodSeconds will be used. 2057 Otherwise, this value overrides the value provided 2058 by the pod spec. Value must be non-negative integer. 2059 The value zero indicates stop immediately via the 2060 kill signal (no opportunity to shut down). This is 2061 a beta field and requires enabling ProbeTerminationGracePeriod 2062 feature gate. Minimum value is 1. spec.terminationGracePeriodSeconds 2063 is used if unset. 2064 format: int64 2065 type: integer 2066 timeoutSeconds: 2067 description: 'Number of seconds after which the probe 2068 times out. Defaults to 1 second. Minimum value is 2069 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' 2070 format: int32 2071 type: integer 2072 type: object 2073 stdin: 2074 description: Whether this container should allocate a buffer 2075 for stdin in the container runtime. If this is not set, 2076 reads from stdin in the container will always result in 2077 EOF. Default is false. 2078 type: boolean 2079 stdinOnce: 2080 description: Whether the container runtime should close 2081 the stdin channel after it has been opened by a single 2082 attach. When stdin is true the stdin stream will remain 2083 open across multiple attach sessions. If stdinOnce is 2084 set to true, stdin is opened on container start, is empty 2085 until the first client attaches to stdin, and then remains 2086 open and accepts data until the client disconnects, at 2087 which time stdin is closed and remains closed until the 2088 container is restarted. If this flag is false, a container 2089 processes that reads from stdin will never receive an 2090 EOF. Default is false 2091 type: boolean 2092 terminationMessagePath: 2093 description: 'Optional: Path at which the file to which 2094 the container''s termination message will be written is 2095 mounted into the container''s filesystem. Message written 2096 is intended to be brief final status, such as an assertion 2097 failure message. Will be truncated by the node if greater 2098 than 4096 bytes. The total message length across all containers 2099 will be limited to 12kb. Defaults to /dev/termination-log. 2100 Cannot be updated.' 2101 type: string 2102 terminationMessagePolicy: 2103 description: Indicate how the termination message should 2104 be populated. File will use the contents of terminationMessagePath 2105 to populate the container status message on both success 2106 and failure. FallbackToLogsOnError will use the last chunk 2107 of container log output if the termination message file 2108 is empty and the container exited with an error. The log 2109 output is limited to 2048 bytes or 80 lines, whichever 2110 is smaller. Defaults to File. Cannot be updated. 2111 type: string 2112 tty: 2113 description: Whether this container should allocate a TTY 2114 for itself, also requires 'stdin' to be true. Default 2115 is false. 2116 type: boolean 2117 volumeDevices: 2118 description: volumeDevices is the list of block devices 2119 to be used by the container. 2120 items: 2121 description: volumeDevice describes a mapping of a raw 2122 block device within a container. 2123 properties: 2124 devicePath: 2125 description: devicePath is the path inside of the 2126 container that the device will be mapped to. 2127 type: string 2128 name: 2129 description: name must match the name of a persistentVolumeClaim 2130 in the pod 2131 type: string 2132 required: 2133 - devicePath 2134 - name 2135 type: object 2136 type: array 2137 volumeMounts: 2138 description: Pod volumes to mount into the container's filesystem. 2139 Cannot be updated. 2140 items: 2141 description: VolumeMount describes a mounting of a Volume 2142 within a container. 2143 properties: 2144 mountPath: 2145 description: Path within the container at which the 2146 volume should be mounted. Must not contain ':'. 2147 type: string 2148 mountPropagation: 2149 description: mountPropagation determines how mounts 2150 are propagated from the host to container and the 2151 other way around. When not set, MountPropagationNone 2152 is used. This field is beta in 1.10. 2153 type: string 2154 name: 2155 description: This must match the Name of a Volume. 2156 type: string 2157 readOnly: 2158 description: Mounted read-only if true, read-write 2159 otherwise (false or unspecified). Defaults to false. 2160 type: boolean 2161 subPath: 2162 description: Path within the volume from which the 2163 container's volume should be mounted. Defaults to 2164 "" (volume's root). 2165 type: string 2166 subPathExpr: 2167 description: Expanded path within the volume from 2168 which the container's volume should be mounted. 2169 Behaves similarly to SubPath but environment variable 2170 references $(VAR_NAME) are expanded using the container's 2171 environment. Defaults to "" (volume's root). SubPathExpr 2172 and SubPath are mutually exclusive. 2173 type: string 2174 required: 2175 - mountPath 2176 - name 2177 type: object 2178 type: array 2179 workingDir: 2180 description: Container's working directory. If not specified, 2181 the container runtime's default will be used, which might 2182 be configured in the container image. Cannot be updated. 2183 type: string 2184 required: 2185 - name 2186 type: object 2187 type: array 2188 logFormat: 2189 description: LogFormat describes the log format that should be 2190 used by the Repo Server. Defaults to ArgoCDDefaultLogFormat 2191 if not configured. Valid options are text or json. 2192 type: string 2193 logLevel: 2194 description: LogLevel describes the log level that should be used 2195 by the Repo Server. Defaults to ArgoCDDefaultLogLevel if not 2196 set. Valid options are debug, info, error, and warn. 2197 type: string 2198 mountsatoken: 2199 description: MountSAToken describes whether you would like to 2200 have the Repo server mount the service account token 2201 type: boolean 2202 replicas: 2203 description: Replicas defines the number of replicas for argocd-repo-server. 2204 Value should be greater than or equal to 0. Default is nil. 2205 format: int32 2206 type: integer 2207 resources: 2208 description: Resources defines the Compute Resources required 2209 by the container for Redis. 2210 properties: 2211 limits: 2212 additionalProperties: 2213 anyOf: 2214 - type: integer 2215 - type: string 2216 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 2217 x-kubernetes-int-or-string: true 2218 description: 'Limits describes the maximum amount of compute 2219 resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' 2220 type: object 2221 requests: 2222 additionalProperties: 2223 anyOf: 2224 - type: integer 2225 - type: string 2226 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 2227 x-kubernetes-int-or-string: true 2228 description: 'Requests describes the minimum amount of compute 2229 resources required. If Requests is omitted for a container, 2230 it defaults to Limits if that is explicitly specified, otherwise 2231 to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' 2232 type: object 2233 type: object 2234 serviceaccount: 2235 description: ServiceAccount defines the ServiceAccount user that 2236 you would like the Repo server to use 2237 type: string 2238 verifytls: 2239 description: VerifyTLS defines whether repo server API should 2240 be accessed using strict TLS validation 2241 type: boolean 2242 version: 2243 description: Version is the ArgoCD Repo Server container image 2244 tag. 2245 type: string 2246 volumeMounts: 2247 description: VolumeMounts adds volumeMounts to the repo server 2248 container 2249 items: 2250 description: VolumeMount describes a mounting of a Volume within 2251 a container. 2252 properties: 2253 mountPath: 2254 description: Path within the container at which the volume 2255 should be mounted. Must not contain ':'. 2256 type: string 2257 mountPropagation: 2258 description: mountPropagation determines how mounts are 2259 propagated from the host to container and the other way 2260 around. When not set, MountPropagationNone is used. This 2261 field is beta in 1.10. 2262 type: string 2263 name: 2264 description: This must match the Name of a Volume. 2265 type: string 2266 readOnly: 2267 description: Mounted read-only if true, read-write otherwise 2268 (false or unspecified). Defaults to false. 2269 type: boolean 2270 subPath: 2271 description: Path within the volume from which the container's 2272 volume should be mounted. Defaults to "" (volume's root). 2273 type: string 2274 subPathExpr: 2275 description: Expanded path within the volume from which 2276 the container's volume should be mounted. Behaves similarly 2277 to SubPath but environment variable references $(VAR_NAME) 2278 are expanded using the container's environment. Defaults 2279 to "" (volume's root). SubPathExpr and SubPath are mutually 2280 exclusive. 2281 type: string 2282 required: 2283 - mountPath 2284 - name 2285 type: object 2286 type: array 2287 volumes: 2288 description: Volumes adds volumes to the repo server deployment 2289 items: 2290 description: Volume represents a named volume in a pod that 2291 may be accessed by any container in the pod. 2292 properties: 2293 awsElasticBlockStore: 2294 description: 'AWSElasticBlockStore represents an AWS Disk 2295 resource that is attached to a kubelet''s host machine 2296 and then exposed to the pod. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore' 2297 properties: 2298 fsType: 2299 description: 'Filesystem type of the volume that you 2300 want to mount. Tip: Ensure that the filesystem type 2301 is supported by the host operating system. Examples: 2302 "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" 2303 if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore 2304 TODO: how do we prevent errors in the filesystem from 2305 compromising the machine' 2306 type: string 2307 partition: 2308 description: 'The partition in the volume that you want 2309 to mount. If omitted, the default is to mount by volume 2310 name. Examples: For volume /dev/sda1, you specify 2311 the partition as "1". Similarly, the volume partition 2312 for /dev/sda is "0" (or you can leave the property 2313 empty).' 2314 format: int32 2315 type: integer 2316 readOnly: 2317 description: 'Specify "true" to force and set the ReadOnly 2318 property in VolumeMounts to "true". If omitted, the 2319 default is "false". More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore' 2320 type: boolean 2321 volumeID: 2322 description: 'Unique ID of the persistent disk resource 2323 in AWS (Amazon EBS volume). More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore' 2324 type: string 2325 required: 2326 - volumeID 2327 type: object 2328 azureDisk: 2329 description: AzureDisk represents an Azure Data Disk mount 2330 on the host and bind mount to the pod. 2331 properties: 2332 cachingMode: 2333 description: 'Host Caching mode: None, Read Only, Read 2334 Write.' 2335 type: string 2336 diskName: 2337 description: The Name of the data disk in the blob storage 2338 type: string 2339 diskURI: 2340 description: The URI the data disk in the blob storage 2341 type: string 2342 fsType: 2343 description: Filesystem type to mount. Must be a filesystem 2344 type supported by the host operating system. Ex. "ext4", 2345 "xfs", "ntfs". Implicitly inferred to be "ext4" if 2346 unspecified. 2347 type: string 2348 kind: 2349 description: 'Expected values Shared: multiple blob 2350 disks per storage account Dedicated: single blob 2351 disk per storage account Managed: azure managed data 2352 disk (only in managed availability set). defaults 2353 to shared' 2354 type: string 2355 readOnly: 2356 description: Defaults to false (read/write). ReadOnly 2357 here will force the ReadOnly setting in VolumeMounts. 2358 type: boolean 2359 required: 2360 - diskName 2361 - diskURI 2362 type: object 2363 azureFile: 2364 description: AzureFile represents an Azure File Service 2365 mount on the host and bind mount to the pod. 2366 properties: 2367 readOnly: 2368 description: Defaults to false (read/write). ReadOnly 2369 here will force the ReadOnly setting in VolumeMounts. 2370 type: boolean 2371 secretName: 2372 description: the name of secret that contains Azure 2373 Storage Account Name and Key 2374 type: string 2375 shareName: 2376 description: Share Name 2377 type: string 2378 required: 2379 - secretName 2380 - shareName 2381 type: object 2382 cephfs: 2383 description: CephFS represents a Ceph FS mount on the host 2384 that shares a pod's lifetime 2385 properties: 2386 monitors: 2387 description: 'Required: Monitors is a collection of 2388 Ceph monitors More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it' 2389 items: 2390 type: string 2391 type: array 2392 path: 2393 description: 'Optional: Used as the mounted root, rather 2394 than the full Ceph tree, default is /' 2395 type: string 2396 readOnly: 2397 description: 'Optional: Defaults to false (read/write). 2398 ReadOnly here will force the ReadOnly setting in VolumeMounts. 2399 More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it' 2400 type: boolean 2401 secretFile: 2402 description: 'Optional: SecretFile is the path to key 2403 ring for User, default is /etc/ceph/user.secret More 2404 info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it' 2405 type: string 2406 secretRef: 2407 description: 'Optional: SecretRef is reference to the 2408 authentication secret for User, default is empty. 2409 More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it' 2410 properties: 2411 name: 2412 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 2413 TODO: Add other useful fields. apiVersion, kind, 2414 uid?' 2415 type: string 2416 type: object 2417 user: 2418 description: 'Optional: User is the rados user name, 2419 default is admin More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it' 2420 type: string 2421 required: 2422 - monitors 2423 type: object 2424 cinder: 2425 description: 'Cinder represents a cinder volume attached 2426 and mounted on kubelets host machine. More info: https://examples.k8s.io/mysql-cinder-pd/README.md' 2427 properties: 2428 fsType: 2429 description: 'Filesystem type to mount. Must be a filesystem 2430 type supported by the host operating system. Examples: 2431 "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" 2432 if unspecified. More info: https://examples.k8s.io/mysql-cinder-pd/README.md' 2433 type: string 2434 readOnly: 2435 description: 'Optional: Defaults to false (read/write). 2436 ReadOnly here will force the ReadOnly setting in VolumeMounts. 2437 More info: https://examples.k8s.io/mysql-cinder-pd/README.md' 2438 type: boolean 2439 secretRef: 2440 description: 'Optional: points to a secret object containing 2441 parameters used to connect to OpenStack.' 2442 properties: 2443 name: 2444 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 2445 TODO: Add other useful fields. apiVersion, kind, 2446 uid?' 2447 type: string 2448 type: object 2449 volumeID: 2450 description: 'volume id used to identify the volume 2451 in cinder. More info: https://examples.k8s.io/mysql-cinder-pd/README.md' 2452 type: string 2453 required: 2454 - volumeID 2455 type: object 2456 configMap: 2457 description: ConfigMap represents a configMap that should 2458 populate this volume 2459 properties: 2460 defaultMode: 2461 description: 'Optional: mode bits used to set permissions 2462 on created files by default. Must be an octal value 2463 between 0000 and 0777 or a decimal value between 0 2464 and 511. YAML accepts both octal and decimal values, 2465 JSON requires decimal values for mode bits. Defaults 2466 to 0644. Directories within the path are not affected 2467 by this setting. This might be in conflict with other 2468 options that affect the file mode, like fsGroup, and 2469 the result can be other mode bits set.' 2470 format: int32 2471 type: integer 2472 items: 2473 description: If unspecified, each key-value pair in 2474 the Data field of the referenced ConfigMap will be 2475 projected into the volume as a file whose name is 2476 the key and content is the value. If specified, the 2477 listed keys will be projected into the specified paths, 2478 and unlisted keys will not be present. If a key is 2479 specified which is not present in the ConfigMap, the 2480 volume setup will error unless it is marked optional. 2481 Paths must be relative and may not contain the '..' 2482 path or start with '..'. 2483 items: 2484 description: Maps a string key to a path within a 2485 volume. 2486 properties: 2487 key: 2488 description: The key to project. 2489 type: string 2490 mode: 2491 description: 'Optional: mode bits used to set 2492 permissions on this file. Must be an octal value 2493 between 0000 and 0777 or a decimal value between 2494 0 and 511. YAML accepts both octal and decimal 2495 values, JSON requires decimal values for mode 2496 bits. If not specified, the volume defaultMode 2497 will be used. This might be in conflict with 2498 other options that affect the file mode, like 2499 fsGroup, and the result can be other mode bits 2500 set.' 2501 format: int32 2502 type: integer 2503 path: 2504 description: The relative path of the file to 2505 map the key to. May not be an absolute path. 2506 May not contain the path element '..'. May not 2507 start with the string '..'. 2508 type: string 2509 required: 2510 - key 2511 - path 2512 type: object 2513 type: array 2514 name: 2515 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 2516 TODO: Add other useful fields. apiVersion, kind, uid?' 2517 type: string 2518 optional: 2519 description: Specify whether the ConfigMap or its keys 2520 must be defined 2521 type: boolean 2522 type: object 2523 csi: 2524 description: CSI (Container Storage Interface) represents 2525 ephemeral storage that is handled by certain external 2526 CSI drivers (Beta feature). 2527 properties: 2528 driver: 2529 description: Driver is the name of the CSI driver that 2530 handles this volume. Consult with your admin for the 2531 correct name as registered in the cluster. 2532 type: string 2533 fsType: 2534 description: Filesystem type to mount. Ex. "ext4", "xfs", 2535 "ntfs". If not provided, the empty value is passed 2536 to the associated CSI driver which will determine 2537 the default filesystem to apply. 2538 type: string 2539 nodePublishSecretRef: 2540 description: NodePublishSecretRef is a reference to 2541 the secret object containing sensitive information 2542 to pass to the CSI driver to complete the CSI NodePublishVolume 2543 and NodeUnpublishVolume calls. This field is optional, 2544 and may be empty if no secret is required. If the 2545 secret object contains more than one secret, all secret 2546 references are passed. 2547 properties: 2548 name: 2549 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 2550 TODO: Add other useful fields. apiVersion, kind, 2551 uid?' 2552 type: string 2553 type: object 2554 readOnly: 2555 description: Specifies a read-only configuration for 2556 the volume. Defaults to false (read/write). 2557 type: boolean 2558 volumeAttributes: 2559 additionalProperties: 2560 type: string 2561 description: VolumeAttributes stores driver-specific 2562 properties that are passed to the CSI driver. Consult 2563 your driver's documentation for supported values. 2564 type: object 2565 required: 2566 - driver 2567 type: object 2568 downwardAPI: 2569 description: DownwardAPI represents downward API about the 2570 pod that should populate this volume 2571 properties: 2572 defaultMode: 2573 description: 'Optional: mode bits to use on created 2574 files by default. Must be a Optional: mode bits used 2575 to set permissions on created files by default. Must 2576 be an octal value between 0000 and 0777 or a decimal 2577 value between 0 and 511. YAML accepts both octal and 2578 decimal values, JSON requires decimal values for mode 2579 bits. Defaults to 0644. Directories within the path 2580 are not affected by this setting. This might be in 2581 conflict with other options that affect the file mode, 2582 like fsGroup, and the result can be other mode bits 2583 set.' 2584 format: int32 2585 type: integer 2586 items: 2587 description: Items is a list of downward API volume 2588 file 2589 items: 2590 description: DownwardAPIVolumeFile represents information 2591 to create the file containing the pod field 2592 properties: 2593 fieldRef: 2594 description: 'Required: Selects a field of the 2595 pod: only annotations, labels, name and namespace 2596 are supported.' 2597 properties: 2598 apiVersion: 2599 description: Version of the schema the FieldPath 2600 is written in terms of, defaults to "v1". 2601 type: string 2602 fieldPath: 2603 description: Path of the field to select in 2604 the specified API version. 2605 type: string 2606 required: 2607 - fieldPath 2608 type: object 2609 mode: 2610 description: 'Optional: mode bits used to set 2611 permissions on this file, must be an octal value 2612 between 0000 and 0777 or a decimal value between 2613 0 and 511. YAML accepts both octal and decimal 2614 values, JSON requires decimal values for mode 2615 bits. If not specified, the volume defaultMode 2616 will be used. This might be in conflict with 2617 other options that affect the file mode, like 2618 fsGroup, and the result can be other mode bits 2619 set.' 2620 format: int32 2621 type: integer 2622 path: 2623 description: 'Required: Path is the relative 2624 path name of the file to be created. Must not 2625 be absolute or contain the ''..'' path. Must 2626 be utf-8 encoded. The first item of the relative 2627 path must not start with ''..''' 2628 type: string 2629 resourceFieldRef: 2630 description: 'Selects a resource of the container: 2631 only resources limits and requests (limits.cpu, 2632 limits.memory, requests.cpu and requests.memory) 2633 are currently supported.' 2634 properties: 2635 containerName: 2636 description: 'Container name: required for 2637 volumes, optional for env vars' 2638 type: string 2639 divisor: 2640 anyOf: 2641 - type: integer 2642 - type: string 2643 description: Specifies the output format of 2644 the exposed resources, defaults to "1" 2645 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 2646 x-kubernetes-int-or-string: true 2647 resource: 2648 description: 'Required: resource to select' 2649 type: string 2650 required: 2651 - resource 2652 type: object 2653 required: 2654 - path 2655 type: object 2656 type: array 2657 type: object 2658 emptyDir: 2659 description: 'EmptyDir represents a temporary directory 2660 that shares a pod''s lifetime. More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir' 2661 properties: 2662 medium: 2663 description: 'What type of storage medium should back 2664 this directory. The default is "" which means to use 2665 the node''s default medium. Must be an empty string 2666 (default) or Memory. More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir' 2667 type: string 2668 sizeLimit: 2669 anyOf: 2670 - type: integer 2671 - type: string 2672 description: 'Total amount of local storage required 2673 for this EmptyDir volume. The size limit is also applicable 2674 for memory medium. The maximum usage on memory medium 2675 EmptyDir would be the minimum value between the SizeLimit 2676 specified here and the sum of memory limits of all 2677 containers in a pod. The default is nil which means 2678 that the limit is undefined. More info: http://kubernetes.io/docs/user-guide/volumes#emptydir' 2679 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 2680 x-kubernetes-int-or-string: true 2681 type: object 2682 ephemeral: 2683 description: "Ephemeral represents a volume that is handled 2684 by a cluster storage driver. The volume's lifecycle is 2685 tied to the pod that defines it - it will be created before 2686 the pod starts, and deleted when the pod is removed. \n 2687 Use this if: a) the volume is only needed while the pod 2688 runs, b) features of normal volumes like restoring from 2689 snapshot or capacity tracking are needed, c) the storage 2690 driver is specified through a storage class, and d) the 2691 storage driver supports dynamic volume provisioning through 2692 \ a PersistentVolumeClaim (see EphemeralVolumeSource 2693 for more information on the connection between this 2694 volume type and PersistentVolumeClaim). \n Use PersistentVolumeClaim 2695 or one of the vendor-specific APIs for volumes that persist 2696 for longer than the lifecycle of an individual pod. \n 2697 Use CSI for light-weight local ephemeral volumes if the 2698 CSI driver is meant to be used that way - see the documentation 2699 of the driver for more information. \n A pod can use both 2700 types of ephemeral volumes and persistent volumes at the 2701 same time. \n This is a beta feature and only available 2702 when the GenericEphemeralVolume feature gate is enabled." 2703 properties: 2704 volumeClaimTemplate: 2705 description: "Will be used to create a stand-alone PVC 2706 to provision the volume. The pod in which this EphemeralVolumeSource 2707 is embedded will be the owner of the PVC, i.e. the 2708 PVC will be deleted together with the pod. The name 2709 of the PVC will be `<pod name>-<volume name>` where 2710 `<volume name>` is the name from the `PodSpec.Volumes` 2711 array entry. Pod validation will reject the pod if 2712 the concatenated name is not valid for a PVC (for 2713 example, too long). \n An existing PVC with that name 2714 that is not owned by the pod will *not* be used for 2715 the pod to avoid using an unrelated volume by mistake. 2716 Starting the pod is then blocked until the unrelated 2717 PVC is removed. If such a pre-created PVC is meant 2718 to be used by the pod, the PVC has to updated with 2719 an owner reference to the pod once the pod exists. 2720 Normally this should not be necessary, but it may 2721 be useful when manually reconstructing a broken cluster. 2722 \n This field is read-only and no changes will be 2723 made by Kubernetes to the PVC after it has been created. 2724 \n Required, must not be nil." 2725 properties: 2726 metadata: 2727 description: May contain labels and annotations 2728 that will be copied into the PVC when creating 2729 it. No other fields are allowed and will be rejected 2730 during validation. 2731 type: object 2732 spec: 2733 description: The specification for the PersistentVolumeClaim. 2734 The entire content is copied unchanged into the 2735 PVC that gets created from this template. The 2736 same fields as in a PersistentVolumeClaim are 2737 also valid here. 2738 properties: 2739 accessModes: 2740 description: 'AccessModes contains the desired 2741 access modes the volume should have. More 2742 info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1' 2743 items: 2744 type: string 2745 type: array 2746 dataSource: 2747 description: 'This field can be used to specify 2748 either: * An existing VolumeSnapshot object 2749 (snapshot.storage.k8s.io/VolumeSnapshot) * 2750 An existing PVC (PersistentVolumeClaim) If 2751 the provisioner or an external controller 2752 can support the specified data source, it 2753 will create a new volume based on the contents 2754 of the specified data source. If the AnyVolumeDataSource 2755 feature gate is enabled, this field will always 2756 have the same contents as the DataSourceRef 2757 field.' 2758 properties: 2759 apiGroup: 2760 description: APIGroup is the group for the 2761 resource being referenced. If APIGroup 2762 is not specified, the specified Kind must 2763 be in the core API group. For any other 2764 third-party types, APIGroup is required. 2765 type: string 2766 kind: 2767 description: Kind is the type of resource 2768 being referenced 2769 type: string 2770 name: 2771 description: Name is the name of resource 2772 being referenced 2773 type: string 2774 required: 2775 - kind 2776 - name 2777 type: object 2778 dataSourceRef: 2779 description: 'Specifies the object from which 2780 to populate the volume with data, if a non-empty 2781 volume is desired. This may be any local object 2782 from a non-empty API group (non core object) 2783 or a PersistentVolumeClaim object. When this 2784 field is specified, volume binding will only 2785 succeed if the type of the specified object 2786 matches some installed volume populator or 2787 dynamic provisioner. This field will replace 2788 the functionality of the DataSource field 2789 and as such if both fields are non-empty, 2790 they must have the same value. For backwards 2791 compatibility, both fields (DataSource and 2792 DataSourceRef) will be set to the same value 2793 automatically if one of them is empty and 2794 the other is non-empty. There are two important 2795 differences between DataSource and DataSourceRef: 2796 * While DataSource only allows two specific 2797 types of objects, DataSourceRef allows any 2798 non-core object, as well as PersistentVolumeClaim 2799 objects. * While DataSource ignores disallowed 2800 values (dropping them), DataSourceRef preserves 2801 all values, and generates an error if a disallowed 2802 value is specified. (Alpha) Using this field 2803 requires the AnyVolumeDataSource feature gate 2804 to be enabled.' 2805 properties: 2806 apiGroup: 2807 description: APIGroup is the group for the 2808 resource being referenced. If APIGroup 2809 is not specified, the specified Kind must 2810 be in the core API group. For any other 2811 third-party types, APIGroup is required. 2812 type: string 2813 kind: 2814 description: Kind is the type of resource 2815 being referenced 2816 type: string 2817 name: 2818 description: Name is the name of resource 2819 being referenced 2820 type: string 2821 required: 2822 - kind 2823 - name 2824 type: object 2825 resources: 2826 description: 'Resources represents the minimum 2827 resources the volume should have. More info: 2828 https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources' 2829 properties: 2830 limits: 2831 additionalProperties: 2832 anyOf: 2833 - type: integer 2834 - type: string 2835 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 2836 x-kubernetes-int-or-string: true 2837 description: 'Limits describes the maximum 2838 amount of compute resources allowed. More 2839 info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' 2840 type: object 2841 requests: 2842 additionalProperties: 2843 anyOf: 2844 - type: integer 2845 - type: string 2846 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 2847 x-kubernetes-int-or-string: true 2848 description: 'Requests describes the minimum 2849 amount of compute resources required. 2850 If Requests is omitted for a container, 2851 it defaults to Limits if that is explicitly 2852 specified, otherwise to an implementation-defined 2853 value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' 2854 type: object 2855 type: object 2856 selector: 2857 description: A label query over volumes to consider 2858 for binding. 2859 properties: 2860 matchExpressions: 2861 description: matchExpressions is a list 2862 of label selector requirements. The requirements 2863 are ANDed. 2864 items: 2865 description: A label selector requirement 2866 is a selector that contains values, 2867 a key, and an operator that relates 2868 the key and values. 2869 properties: 2870 key: 2871 description: key is the label key 2872 that the selector applies to. 2873 type: string 2874 operator: 2875 description: operator represents a 2876 key's relationship to a set of values. 2877 Valid operators are In, NotIn, Exists 2878 and DoesNotExist. 2879 type: string 2880 values: 2881 description: values is an array of 2882 string values. If the operator is 2883 In or NotIn, the values array must 2884 be non-empty. If the operator is 2885 Exists or DoesNotExist, the values 2886 array must be empty. This array 2887 is replaced during a strategic merge 2888 patch. 2889 items: 2890 type: string 2891 type: array 2892 required: 2893 - key 2894 - operator 2895 type: object 2896 type: array 2897 matchLabels: 2898 additionalProperties: 2899 type: string 2900 description: matchLabels is a map of {key,value} 2901 pairs. A single {key,value} in the matchLabels 2902 map is equivalent to an element of matchExpressions, 2903 whose key field is "key", the operator 2904 is "In", and the values array contains 2905 only "value". The requirements are ANDed. 2906 type: object 2907 type: object 2908 storageClassName: 2909 description: 'Name of the StorageClass required 2910 by the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1' 2911 type: string 2912 volumeMode: 2913 description: volumeMode defines what type of 2914 volume is required by the claim. Value of 2915 Filesystem is implied when not included in 2916 claim spec. 2917 type: string 2918 volumeName: 2919 description: VolumeName is the binding reference 2920 to the PersistentVolume backing this claim. 2921 type: string 2922 type: object 2923 required: 2924 - spec 2925 type: object 2926 type: object 2927 fc: 2928 description: FC represents a Fibre Channel resource that 2929 is attached to a kubelet's host machine and then exposed 2930 to the pod. 2931 properties: 2932 fsType: 2933 description: 'Filesystem type to mount. Must be a filesystem 2934 type supported by the host operating system. Ex. "ext4", 2935 "xfs", "ntfs". Implicitly inferred to be "ext4" if 2936 unspecified. TODO: how do we prevent errors in the 2937 filesystem from compromising the machine' 2938 type: string 2939 lun: 2940 description: 'Optional: FC target lun number' 2941 format: int32 2942 type: integer 2943 readOnly: 2944 description: 'Optional: Defaults to false (read/write). 2945 ReadOnly here will force the ReadOnly setting in VolumeMounts.' 2946 type: boolean 2947 targetWWNs: 2948 description: 'Optional: FC target worldwide names (WWNs)' 2949 items: 2950 type: string 2951 type: array 2952 wwids: 2953 description: 'Optional: FC volume world wide identifiers 2954 (wwids) Either wwids or combination of targetWWNs 2955 and lun must be set, but not both simultaneously.' 2956 items: 2957 type: string 2958 type: array 2959 type: object 2960 flexVolume: 2961 description: FlexVolume represents a generic volume resource 2962 that is provisioned/attached using an exec based plugin. 2963 properties: 2964 driver: 2965 description: Driver is the name of the driver to use 2966 for this volume. 2967 type: string 2968 fsType: 2969 description: Filesystem type to mount. Must be a filesystem 2970 type supported by the host operating system. Ex. "ext4", 2971 "xfs", "ntfs". The default filesystem depends on FlexVolume 2972 script. 2973 type: string 2974 options: 2975 additionalProperties: 2976 type: string 2977 description: 'Optional: Extra command options if any.' 2978 type: object 2979 readOnly: 2980 description: 'Optional: Defaults to false (read/write). 2981 ReadOnly here will force the ReadOnly setting in VolumeMounts.' 2982 type: boolean 2983 secretRef: 2984 description: 'Optional: SecretRef is reference to the 2985 secret object containing sensitive information to 2986 pass to the plugin scripts. This may be empty if no 2987 secret object is specified. If the secret object contains 2988 more than one secret, all secrets are passed to the 2989 plugin scripts.' 2990 properties: 2991 name: 2992 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 2993 TODO: Add other useful fields. apiVersion, kind, 2994 uid?' 2995 type: string 2996 type: object 2997 required: 2998 - driver 2999 type: object 3000 flocker: 3001 description: Flocker represents a Flocker volume attached 3002 to a kubelet's host machine. This depends on the Flocker 3003 control service being running 3004 properties: 3005 datasetName: 3006 description: Name of the dataset stored as metadata 3007 -> name on the dataset for Flocker should be considered 3008 as deprecated 3009 type: string 3010 datasetUUID: 3011 description: UUID of the dataset. This is unique identifier 3012 of a Flocker dataset 3013 type: string 3014 type: object 3015 gcePersistentDisk: 3016 description: 'GCEPersistentDisk represents a GCE Disk resource 3017 that is attached to a kubelet''s host machine and then 3018 exposed to the pod. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk' 3019 properties: 3020 fsType: 3021 description: 'Filesystem type of the volume that you 3022 want to mount. Tip: Ensure that the filesystem type 3023 is supported by the host operating system. Examples: 3024 "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" 3025 if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk 3026 TODO: how do we prevent errors in the filesystem from 3027 compromising the machine' 3028 type: string 3029 partition: 3030 description: 'The partition in the volume that you want 3031 to mount. If omitted, the default is to mount by volume 3032 name. Examples: For volume /dev/sda1, you specify 3033 the partition as "1". Similarly, the volume partition 3034 for /dev/sda is "0" (or you can leave the property 3035 empty). More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk' 3036 format: int32 3037 type: integer 3038 pdName: 3039 description: 'Unique name of the PD resource in GCE. 3040 Used to identify the disk in GCE. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk' 3041 type: string 3042 readOnly: 3043 description: 'ReadOnly here will force the ReadOnly 3044 setting in VolumeMounts. Defaults to false. More info: 3045 https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk' 3046 type: boolean 3047 required: 3048 - pdName 3049 type: object 3050 gitRepo: 3051 description: 'GitRepo represents a git repository at a particular 3052 revision. DEPRECATED: GitRepo is deprecated. To provision 3053 a container with a git repo, mount an EmptyDir into an 3054 InitContainer that clones the repo using git, then mount 3055 the EmptyDir into the Pod''s container.' 3056 properties: 3057 directory: 3058 description: Target directory name. Must not contain 3059 or start with '..'. If '.' is supplied, the volume 3060 directory will be the git repository. Otherwise, 3061 if specified, the volume will contain the git repository 3062 in the subdirectory with the given name. 3063 type: string 3064 repository: 3065 description: Repository URL 3066 type: string 3067 revision: 3068 description: Commit hash for the specified revision. 3069 type: string 3070 required: 3071 - repository 3072 type: object 3073 glusterfs: 3074 description: 'Glusterfs represents a Glusterfs mount on 3075 the host that shares a pod''s lifetime. More info: https://examples.k8s.io/volumes/glusterfs/README.md' 3076 properties: 3077 endpoints: 3078 description: 'EndpointsName is the endpoint name that 3079 details Glusterfs topology. More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod' 3080 type: string 3081 path: 3082 description: 'Path is the Glusterfs volume path. More 3083 info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod' 3084 type: string 3085 readOnly: 3086 description: 'ReadOnly here will force the Glusterfs 3087 volume to be mounted with read-only permissions. Defaults 3088 to false. More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod' 3089 type: boolean 3090 required: 3091 - endpoints 3092 - path 3093 type: object 3094 hostPath: 3095 description: 'HostPath represents a pre-existing file or 3096 directory on the host machine that is directly exposed 3097 to the container. This is generally used for system agents 3098 or other privileged things that are allowed to see the 3099 host machine. Most containers will NOT need this. More 3100 info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath 3101 --- TODO(jonesdl) We need to restrict who can use host 3102 directory mounts and who can/can not mount host directories 3103 as read/write.' 3104 properties: 3105 path: 3106 description: 'Path of the directory on the host. If 3107 the path is a symlink, it will follow the link to 3108 the real path. More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath' 3109 type: string 3110 type: 3111 description: 'Type for HostPath Volume Defaults to "" 3112 More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath' 3113 type: string 3114 required: 3115 - path 3116 type: object 3117 iscsi: 3118 description: 'ISCSI represents an ISCSI Disk resource that 3119 is attached to a kubelet''s host machine and then exposed 3120 to the pod. More info: https://examples.k8s.io/volumes/iscsi/README.md' 3121 properties: 3122 chapAuthDiscovery: 3123 description: whether support iSCSI Discovery CHAP authentication 3124 type: boolean 3125 chapAuthSession: 3126 description: whether support iSCSI Session CHAP authentication 3127 type: boolean 3128 fsType: 3129 description: 'Filesystem type of the volume that you 3130 want to mount. Tip: Ensure that the filesystem type 3131 is supported by the host operating system. Examples: 3132 "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" 3133 if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#iscsi 3134 TODO: how do we prevent errors in the filesystem from 3135 compromising the machine' 3136 type: string 3137 initiatorName: 3138 description: Custom iSCSI Initiator Name. If initiatorName 3139 is specified with iscsiInterface simultaneously, new 3140 iSCSI interface <target portal>:<volume name> will 3141 be created for the connection. 3142 type: string 3143 iqn: 3144 description: Target iSCSI Qualified Name. 3145 type: string 3146 iscsiInterface: 3147 description: iSCSI Interface Name that uses an iSCSI 3148 transport. Defaults to 'default' (tcp). 3149 type: string 3150 lun: 3151 description: iSCSI Target Lun number. 3152 format: int32 3153 type: integer 3154 portals: 3155 description: iSCSI Target Portal List. The portal is 3156 either an IP or ip_addr:port if the port is other 3157 than default (typically TCP ports 860 and 3260). 3158 items: 3159 type: string 3160 type: array 3161 readOnly: 3162 description: ReadOnly here will force the ReadOnly setting 3163 in VolumeMounts. Defaults to false. 3164 type: boolean 3165 secretRef: 3166 description: CHAP Secret for iSCSI target and initiator 3167 authentication 3168 properties: 3169 name: 3170 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 3171 TODO: Add other useful fields. apiVersion, kind, 3172 uid?' 3173 type: string 3174 type: object 3175 targetPortal: 3176 description: iSCSI Target Portal. The Portal is either 3177 an IP or ip_addr:port if the port is other than default 3178 (typically TCP ports 860 and 3260). 3179 type: string 3180 required: 3181 - iqn 3182 - lun 3183 - targetPortal 3184 type: object 3185 name: 3186 description: 'Volume''s name. Must be a DNS_LABEL and unique 3187 within the pod. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' 3188 type: string 3189 nfs: 3190 description: 'NFS represents an NFS mount on the host that 3191 shares a pod''s lifetime More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs' 3192 properties: 3193 path: 3194 description: 'Path that is exported by the NFS server. 3195 More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs' 3196 type: string 3197 readOnly: 3198 description: 'ReadOnly here will force the NFS export 3199 to be mounted with read-only permissions. Defaults 3200 to false. More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs' 3201 type: boolean 3202 server: 3203 description: 'Server is the hostname or IP address of 3204 the NFS server. More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs' 3205 type: string 3206 required: 3207 - path 3208 - server 3209 type: object 3210 persistentVolumeClaim: 3211 description: 'PersistentVolumeClaimVolumeSource represents 3212 a reference to a PersistentVolumeClaim in the same namespace. 3213 More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims' 3214 properties: 3215 claimName: 3216 description: 'ClaimName is the name of a PersistentVolumeClaim 3217 in the same namespace as the pod using this volume. 3218 More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims' 3219 type: string 3220 readOnly: 3221 description: Will force the ReadOnly setting in VolumeMounts. 3222 Default false. 3223 type: boolean 3224 required: 3225 - claimName 3226 type: object 3227 photonPersistentDisk: 3228 description: PhotonPersistentDisk represents a PhotonController 3229 persistent disk attached and mounted on kubelets host 3230 machine 3231 properties: 3232 fsType: 3233 description: Filesystem type to mount. Must be a filesystem 3234 type supported by the host operating system. Ex. "ext4", 3235 "xfs", "ntfs". Implicitly inferred to be "ext4" if 3236 unspecified. 3237 type: string 3238 pdID: 3239 description: ID that identifies Photon Controller persistent 3240 disk 3241 type: string 3242 required: 3243 - pdID 3244 type: object 3245 portworxVolume: 3246 description: PortworxVolume represents a portworx volume 3247 attached and mounted on kubelets host machine 3248 properties: 3249 fsType: 3250 description: FSType represents the filesystem type to 3251 mount Must be a filesystem type supported by the host 3252 operating system. Ex. "ext4", "xfs". Implicitly inferred 3253 to be "ext4" if unspecified. 3254 type: string 3255 readOnly: 3256 description: Defaults to false (read/write). ReadOnly 3257 here will force the ReadOnly setting in VolumeMounts. 3258 type: boolean 3259 volumeID: 3260 description: VolumeID uniquely identifies a Portworx 3261 volume 3262 type: string 3263 required: 3264 - volumeID 3265 type: object 3266 projected: 3267 description: Items for all in one resources secrets, configmaps, 3268 and downward API 3269 properties: 3270 defaultMode: 3271 description: Mode bits used to set permissions on created 3272 files by default. Must be an octal value between 0000 3273 and 0777 or a decimal value between 0 and 511. YAML 3274 accepts both octal and decimal values, JSON requires 3275 decimal values for mode bits. Directories within the 3276 path are not affected by this setting. This might 3277 be in conflict with other options that affect the 3278 file mode, like fsGroup, and the result can be other 3279 mode bits set. 3280 format: int32 3281 type: integer 3282 sources: 3283 description: list of volume projections 3284 items: 3285 description: Projection that may be projected along 3286 with other supported volume types 3287 properties: 3288 configMap: 3289 description: information about the configMap data 3290 to project 3291 properties: 3292 items: 3293 description: If unspecified, each key-value 3294 pair in the Data field of the referenced 3295 ConfigMap will be projected into the volume 3296 as a file whose name is the key and content 3297 is the value. If specified, the listed keys 3298 will be projected into the specified paths, 3299 and unlisted keys will not be present. If 3300 a key is specified which is not present 3301 in the ConfigMap, the volume setup will 3302 error unless it is marked optional. Paths 3303 must be relative and may not contain the 3304 '..' path or start with '..'. 3305 items: 3306 description: Maps a string key to a path 3307 within a volume. 3308 properties: 3309 key: 3310 description: The key to project. 3311 type: string 3312 mode: 3313 description: 'Optional: mode bits used 3314 to set permissions on this file. Must 3315 be an octal value between 0000 and 3316 0777 or a decimal value between 0 3317 and 511. YAML accepts both octal and 3318 decimal values, JSON requires decimal 3319 values for mode bits. If not specified, 3320 the volume defaultMode will be used. 3321 This might be in conflict with other 3322 options that affect the file mode, 3323 like fsGroup, and the result can be 3324 other mode bits set.' 3325 format: int32 3326 type: integer 3327 path: 3328 description: The relative path of the 3329 file to map the key to. May not be 3330 an absolute path. May not contain 3331 the path element '..'. May not start 3332 with the string '..'. 3333 type: string 3334 required: 3335 - key 3336 - path 3337 type: object 3338 type: array 3339 name: 3340 description: 'Name of the referent. More info: 3341 https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 3342 TODO: Add other useful fields. apiVersion, 3343 kind, uid?' 3344 type: string 3345 optional: 3346 description: Specify whether the ConfigMap 3347 or its keys must be defined 3348 type: boolean 3349 type: object 3350 downwardAPI: 3351 description: information about the downwardAPI 3352 data to project 3353 properties: 3354 items: 3355 description: Items is a list of DownwardAPIVolume 3356 file 3357 items: 3358 description: DownwardAPIVolumeFile represents 3359 information to create the file containing 3360 the pod field 3361 properties: 3362 fieldRef: 3363 description: 'Required: Selects a field 3364 of the pod: only annotations, labels, 3365 name and namespace are supported.' 3366 properties: 3367 apiVersion: 3368 description: Version of the schema 3369 the FieldPath is written in terms 3370 of, defaults to "v1". 3371 type: string 3372 fieldPath: 3373 description: Path of the field to 3374 select in the specified API version. 3375 type: string 3376 required: 3377 - fieldPath 3378 type: object 3379 mode: 3380 description: 'Optional: mode bits used 3381 to set permissions on this file, must 3382 be an octal value between 0000 and 3383 0777 or a decimal value between 0 3384 and 511. YAML accepts both octal and 3385 decimal values, JSON requires decimal 3386 values for mode bits. If not specified, 3387 the volume defaultMode will be used. 3388 This might be in conflict with other 3389 options that affect the file mode, 3390 like fsGroup, and the result can be 3391 other mode bits set.' 3392 format: int32 3393 type: integer 3394 path: 3395 description: 'Required: Path is the 3396 relative path name of the file to 3397 be created. Must not be absolute or 3398 contain the ''..'' path. Must be utf-8 3399 encoded. The first item of the relative 3400 path must not start with ''..''' 3401 type: string 3402 resourceFieldRef: 3403 description: 'Selects a resource of 3404 the container: only resources limits 3405 and requests (limits.cpu, limits.memory, 3406 requests.cpu and requests.memory) 3407 are currently supported.' 3408 properties: 3409 containerName: 3410 description: 'Container name: required 3411 for volumes, optional for env 3412 vars' 3413 type: string 3414 divisor: 3415 anyOf: 3416 - type: integer 3417 - type: string 3418 description: Specifies the output 3419 format of the exposed resources, 3420 defaults to "1" 3421 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 3422 x-kubernetes-int-or-string: true 3423 resource: 3424 description: 'Required: resource 3425 to select' 3426 type: string 3427 required: 3428 - resource 3429 type: object 3430 required: 3431 - path 3432 type: object 3433 type: array 3434 type: object 3435 secret: 3436 description: information about the secret data 3437 to project 3438 properties: 3439 items: 3440 description: If unspecified, each key-value 3441 pair in the Data field of the referenced 3442 Secret will be projected into the volume 3443 as a file whose name is the key and content 3444 is the value. If specified, the listed keys 3445 will be projected into the specified paths, 3446 and unlisted keys will not be present. If 3447 a key is specified which is not present 3448 in the Secret, the volume setup will error 3449 unless it is marked optional. Paths must 3450 be relative and may not contain the '..' 3451 path or start with '..'. 3452 items: 3453 description: Maps a string key to a path 3454 within a volume. 3455 properties: 3456 key: 3457 description: The key to project. 3458 type: string 3459 mode: 3460 description: 'Optional: mode bits used 3461 to set permissions on this file. Must 3462 be an octal value between 0000 and 3463 0777 or a decimal value between 0 3464 and 511. YAML accepts both octal and 3465 decimal values, JSON requires decimal 3466 values for mode bits. If not specified, 3467 the volume defaultMode will be used. 3468 This might be in conflict with other 3469 options that affect the file mode, 3470 like fsGroup, and the result can be 3471 other mode bits set.' 3472 format: int32 3473 type: integer 3474 path: 3475 description: The relative path of the 3476 file to map the key to. May not be 3477 an absolute path. May not contain 3478 the path element '..'. May not start 3479 with the string '..'. 3480 type: string 3481 required: 3482 - key 3483 - path 3484 type: object 3485 type: array 3486 name: 3487 description: 'Name of the referent. More info: 3488 https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 3489 TODO: Add other useful fields. apiVersion, 3490 kind, uid?' 3491 type: string 3492 optional: 3493 description: Specify whether the Secret or 3494 its key must be defined 3495 type: boolean 3496 type: object 3497 serviceAccountToken: 3498 description: information about the serviceAccountToken 3499 data to project 3500 properties: 3501 audience: 3502 description: Audience is the intended audience 3503 of the token. A recipient of a token must 3504 identify itself with an identifier specified 3505 in the audience of the token, and otherwise 3506 should reject the token. The audience defaults 3507 to the identifier of the apiserver. 3508 type: string 3509 expirationSeconds: 3510 description: ExpirationSeconds is the requested 3511 duration of validity of the service account 3512 token. As the token approaches expiration, 3513 the kubelet volume plugin will proactively 3514 rotate the service account token. The kubelet 3515 will start trying to rotate the token if 3516 the token is older than 80 percent of its 3517 time to live or if the token is older than 3518 24 hours.Defaults to 1 hour and must be 3519 at least 10 minutes. 3520 format: int64 3521 type: integer 3522 path: 3523 description: Path is the path relative to 3524 the mount point of the file to project the 3525 token into. 3526 type: string 3527 required: 3528 - path 3529 type: object 3530 type: object 3531 type: array 3532 type: object 3533 quobyte: 3534 description: Quobyte represents a Quobyte mount on the host 3535 that shares a pod's lifetime 3536 properties: 3537 group: 3538 description: Group to map volume access to Default is 3539 no group 3540 type: string 3541 readOnly: 3542 description: ReadOnly here will force the Quobyte volume 3543 to be mounted with read-only permissions. Defaults 3544 to false. 3545 type: boolean 3546 registry: 3547 description: Registry represents a single or multiple 3548 Quobyte Registry services specified as a string as 3549 host:port pair (multiple entries are separated with 3550 commas) which acts as the central registry for volumes 3551 type: string 3552 tenant: 3553 description: Tenant owning the given Quobyte volume 3554 in the Backend Used with dynamically provisioned Quobyte 3555 volumes, value is set by the plugin 3556 type: string 3557 user: 3558 description: User to map volume access to Defaults to 3559 serivceaccount user 3560 type: string 3561 volume: 3562 description: Volume is a string that references an already 3563 created Quobyte volume by name. 3564 type: string 3565 required: 3566 - registry 3567 - volume 3568 type: object 3569 rbd: 3570 description: 'RBD represents a Rados Block Device mount 3571 on the host that shares a pod''s lifetime. More info: 3572 https://examples.k8s.io/volumes/rbd/README.md' 3573 properties: 3574 fsType: 3575 description: 'Filesystem type of the volume that you 3576 want to mount. Tip: Ensure that the filesystem type 3577 is supported by the host operating system. Examples: 3578 "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" 3579 if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#rbd 3580 TODO: how do we prevent errors in the filesystem from 3581 compromising the machine' 3582 type: string 3583 image: 3584 description: 'The rados image name. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' 3585 type: string 3586 keyring: 3587 description: 'Keyring is the path to key ring for RBDUser. 3588 Default is /etc/ceph/keyring. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' 3589 type: string 3590 monitors: 3591 description: 'A collection of Ceph monitors. More info: 3592 https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' 3593 items: 3594 type: string 3595 type: array 3596 pool: 3597 description: 'The rados pool name. Default is rbd. More 3598 info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' 3599 type: string 3600 readOnly: 3601 description: 'ReadOnly here will force the ReadOnly 3602 setting in VolumeMounts. Defaults to false. More info: 3603 https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' 3604 type: boolean 3605 secretRef: 3606 description: 'SecretRef is name of the authentication 3607 secret for RBDUser. If provided overrides keyring. 3608 Default is nil. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' 3609 properties: 3610 name: 3611 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 3612 TODO: Add other useful fields. apiVersion, kind, 3613 uid?' 3614 type: string 3615 type: object 3616 user: 3617 description: 'The rados user name. Default is admin. 3618 More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' 3619 type: string 3620 required: 3621 - image 3622 - monitors 3623 type: object 3624 scaleIO: 3625 description: ScaleIO represents a ScaleIO persistent volume 3626 attached and mounted on Kubernetes nodes. 3627 properties: 3628 fsType: 3629 description: Filesystem type to mount. Must be a filesystem 3630 type supported by the host operating system. Ex. "ext4", 3631 "xfs", "ntfs". Default is "xfs". 3632 type: string 3633 gateway: 3634 description: The host address of the ScaleIO API Gateway. 3635 type: string 3636 protectionDomain: 3637 description: The name of the ScaleIO Protection Domain 3638 for the configured storage. 3639 type: string 3640 readOnly: 3641 description: Defaults to false (read/write). ReadOnly 3642 here will force the ReadOnly setting in VolumeMounts. 3643 type: boolean 3644 secretRef: 3645 description: SecretRef references to the secret for 3646 ScaleIO user and other sensitive information. If this 3647 is not provided, Login operation will fail. 3648 properties: 3649 name: 3650 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 3651 TODO: Add other useful fields. apiVersion, kind, 3652 uid?' 3653 type: string 3654 type: object 3655 sslEnabled: 3656 description: Flag to enable/disable SSL communication 3657 with Gateway, default false 3658 type: boolean 3659 storageMode: 3660 description: Indicates whether the storage for a volume 3661 should be ThickProvisioned or ThinProvisioned. Default 3662 is ThinProvisioned. 3663 type: string 3664 storagePool: 3665 description: The ScaleIO Storage Pool associated with 3666 the protection domain. 3667 type: string 3668 system: 3669 description: The name of the storage system as configured 3670 in ScaleIO. 3671 type: string 3672 volumeName: 3673 description: The name of a volume already created in 3674 the ScaleIO system that is associated with this volume 3675 source. 3676 type: string 3677 required: 3678 - gateway 3679 - secretRef 3680 - system 3681 type: object 3682 secret: 3683 description: 'Secret represents a secret that should populate 3684 this volume. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret' 3685 properties: 3686 defaultMode: 3687 description: 'Optional: mode bits used to set permissions 3688 on created files by default. Must be an octal value 3689 between 0000 and 0777 or a decimal value between 0 3690 and 511. YAML accepts both octal and decimal values, 3691 JSON requires decimal values for mode bits. Defaults 3692 to 0644. Directories within the path are not affected 3693 by this setting. This might be in conflict with other 3694 options that affect the file mode, like fsGroup, and 3695 the result can be other mode bits set.' 3696 format: int32 3697 type: integer 3698 items: 3699 description: If unspecified, each key-value pair in 3700 the Data field of the referenced Secret will be projected 3701 into the volume as a file whose name is the key and 3702 content is the value. If specified, the listed keys 3703 will be projected into the specified paths, and unlisted 3704 keys will not be present. If a key is specified which 3705 is not present in the Secret, the volume setup will 3706 error unless it is marked optional. Paths must be 3707 relative and may not contain the '..' path or start 3708 with '..'. 3709 items: 3710 description: Maps a string key to a path within a 3711 volume. 3712 properties: 3713 key: 3714 description: The key to project. 3715 type: string 3716 mode: 3717 description: 'Optional: mode bits used to set 3718 permissions on this file. Must be an octal value 3719 between 0000 and 0777 or a decimal value between 3720 0 and 511. YAML accepts both octal and decimal 3721 values, JSON requires decimal values for mode 3722 bits. If not specified, the volume defaultMode 3723 will be used. This might be in conflict with 3724 other options that affect the file mode, like 3725 fsGroup, and the result can be other mode bits 3726 set.' 3727 format: int32 3728 type: integer 3729 path: 3730 description: The relative path of the file to 3731 map the key to. May not be an absolute path. 3732 May not contain the path element '..'. May not 3733 start with the string '..'. 3734 type: string 3735 required: 3736 - key 3737 - path 3738 type: object 3739 type: array 3740 optional: 3741 description: Specify whether the Secret or its keys 3742 must be defined 3743 type: boolean 3744 secretName: 3745 description: 'Name of the secret in the pod''s namespace 3746 to use. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret' 3747 type: string 3748 type: object 3749 storageos: 3750 description: StorageOS represents a StorageOS volume attached 3751 and mounted on Kubernetes nodes. 3752 properties: 3753 fsType: 3754 description: Filesystem type to mount. Must be a filesystem 3755 type supported by the host operating system. Ex. "ext4", 3756 "xfs", "ntfs". Implicitly inferred to be "ext4" if 3757 unspecified. 3758 type: string 3759 readOnly: 3760 description: Defaults to false (read/write). ReadOnly 3761 here will force the ReadOnly setting in VolumeMounts. 3762 type: boolean 3763 secretRef: 3764 description: SecretRef specifies the secret to use for 3765 obtaining the StorageOS API credentials. If not specified, 3766 default values will be attempted. 3767 properties: 3768 name: 3769 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 3770 TODO: Add other useful fields. apiVersion, kind, 3771 uid?' 3772 type: string 3773 type: object 3774 volumeName: 3775 description: VolumeName is the human-readable name of 3776 the StorageOS volume. Volume names are only unique 3777 within a namespace. 3778 type: string 3779 volumeNamespace: 3780 description: VolumeNamespace specifies the scope of 3781 the volume within StorageOS. If no namespace is specified 3782 then the Pod's namespace will be used. This allows 3783 the Kubernetes name scoping to be mirrored within 3784 StorageOS for tighter integration. Set VolumeName 3785 to any name to override the default behaviour. Set 3786 to "default" if you are not using namespaces within 3787 StorageOS. Namespaces that do not pre-exist within 3788 StorageOS will be created. 3789 type: string 3790 type: object 3791 vsphereVolume: 3792 description: VsphereVolume represents a vSphere volume attached 3793 and mounted on kubelets host machine 3794 properties: 3795 fsType: 3796 description: Filesystem type to mount. Must be a filesystem 3797 type supported by the host operating system. Ex. "ext4", 3798 "xfs", "ntfs". Implicitly inferred to be "ext4" if 3799 unspecified. 3800 type: string 3801 storagePolicyID: 3802 description: Storage Policy Based Management (SPBM) 3803 profile ID associated with the StoragePolicyName. 3804 type: string 3805 storagePolicyName: 3806 description: Storage Policy Based Management (SPBM) 3807 profile name. 3808 type: string 3809 volumePath: 3810 description: Path that identifies vSphere volume vmdk 3811 type: string 3812 required: 3813 - volumePath 3814 type: object 3815 required: 3816 - name 3817 type: object 3818 type: array 3819 type: object 3820 repositoryCredentials: 3821 description: RepositoryCredentials are the Git pull credentials to 3822 configure Argo CD with upon creation of the cluster. 3823 type: string 3824 resourceCustomizations: 3825 description: 'ResourceCustomizations customizes resource behavior. 3826 Keys are in the form: group/Kind.' 3827 type: string 3828 resourceExclusions: 3829 description: ResourceExclusions is used to completely ignore entire 3830 classes of resource group/kinds. 3831 type: string 3832 resourceInclusions: 3833 description: ResourceInclusions is used to only include specific group/kinds 3834 in the reconciliation process. 3835 type: string 3836 server: 3837 description: Server defines the options for the ArgoCD Server component. 3838 properties: 3839 autoscale: 3840 description: Autoscale defines the autoscale options for the Argo 3841 CD Server component. 3842 properties: 3843 enabled: 3844 description: Enabled will toggle autoscaling support for the 3845 Argo CD Server component. 3846 type: boolean 3847 hpa: 3848 description: HPA defines the HorizontalPodAutoscaler options 3849 for the Argo CD Server component. 3850 properties: 3851 maxReplicas: 3852 description: upper limit for the number of pods that can 3853 be set by the autoscaler; cannot be smaller than MinReplicas. 3854 format: int32 3855 type: integer 3856 minReplicas: 3857 description: minReplicas is the lower limit for the number 3858 of replicas to which the autoscaler can scale down. It 3859 defaults to 1 pod. minReplicas is allowed to be 0 if 3860 the alpha feature gate HPAScaleToZero is enabled and 3861 at least one Object or External metric is configured. Scaling 3862 is active as long as at least one metric value is available. 3863 format: int32 3864 type: integer 3865 scaleTargetRef: 3866 description: reference to scaled resource; horizontal 3867 pod autoscaler will learn the current resource consumption 3868 and will set the desired number of pods by using its 3869 Scale subresource. 3870 properties: 3871 apiVersion: 3872 description: API version of the referent 3873 type: string 3874 kind: 3875 description: 'Kind of the referent; More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds"' 3876 type: string 3877 name: 3878 description: 'Name of the referent; More info: http://kubernetes.io/docs/user-guide/identifiers#names' 3879 type: string 3880 required: 3881 - kind 3882 - name 3883 type: object 3884 targetCPUUtilizationPercentage: 3885 description: target average CPU utilization (represented 3886 as a percentage of requested CPU) over all the pods; 3887 if not specified the default autoscaling policy will 3888 be used. 3889 format: int32 3890 type: integer 3891 required: 3892 - maxReplicas 3893 - scaleTargetRef 3894 type: object 3895 required: 3896 - enabled 3897 type: object 3898 env: 3899 description: Env lets you specify environment for API server pods 3900 items: 3901 description: EnvVar represents an environment variable present 3902 in a Container. 3903 properties: 3904 name: 3905 description: Name of the environment variable. Must be a 3906 C_IDENTIFIER. 3907 type: string 3908 value: 3909 description: 'Variable references $(VAR_NAME) are expanded 3910 using the previously defined environment variables in 3911 the container and any service environment variables. If 3912 a variable cannot be resolved, the reference in the input 3913 string will be unchanged. Double $$ are reduced to a single 3914 $, which allows for escaping the $(VAR_NAME) syntax: i.e. 3915 "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". 3916 Escaped references will never be expanded, regardless 3917 of whether the variable exists or not. Defaults to "".' 3918 type: string 3919 valueFrom: 3920 description: Source for the environment variable's value. 3921 Cannot be used if value is not empty. 3922 properties: 3923 configMapKeyRef: 3924 description: Selects a key of a ConfigMap. 3925 properties: 3926 key: 3927 description: The key to select. 3928 type: string 3929 name: 3930 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 3931 TODO: Add other useful fields. apiVersion, kind, 3932 uid?' 3933 type: string 3934 optional: 3935 description: Specify whether the ConfigMap or its 3936 key must be defined 3937 type: boolean 3938 required: 3939 - key 3940 type: object 3941 fieldRef: 3942 description: 'Selects a field of the pod: supports metadata.name, 3943 metadata.namespace, `metadata.labels[''<KEY>'']`, 3944 `metadata.annotations[''<KEY>'']`, spec.nodeName, 3945 spec.serviceAccountName, status.hostIP, status.podIP, 3946 status.podIPs.' 3947 properties: 3948 apiVersion: 3949 description: Version of the schema the FieldPath 3950 is written in terms of, defaults to "v1". 3951 type: string 3952 fieldPath: 3953 description: Path of the field to select in the 3954 specified API version. 3955 type: string 3956 required: 3957 - fieldPath 3958 type: object 3959 resourceFieldRef: 3960 description: 'Selects a resource of the container: only 3961 resources limits and requests (limits.cpu, limits.memory, 3962 limits.ephemeral-storage, requests.cpu, requests.memory 3963 and requests.ephemeral-storage) are currently supported.' 3964 properties: 3965 containerName: 3966 description: 'Container name: required for volumes, 3967 optional for env vars' 3968 type: string 3969 divisor: 3970 anyOf: 3971 - type: integer 3972 - type: string 3973 description: Specifies the output format of the 3974 exposed resources, defaults to "1" 3975 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 3976 x-kubernetes-int-or-string: true 3977 resource: 3978 description: 'Required: resource to select' 3979 type: string 3980 required: 3981 - resource 3982 type: object 3983 secretKeyRef: 3984 description: Selects a key of a secret in the pod's 3985 namespace 3986 properties: 3987 key: 3988 description: The key of the secret to select from. Must 3989 be a valid secret key. 3990 type: string 3991 name: 3992 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 3993 TODO: Add other useful fields. apiVersion, kind, 3994 uid?' 3995 type: string 3996 optional: 3997 description: Specify whether the Secret or its key 3998 must be defined 3999 type: boolean 4000 required: 4001 - key 4002 type: object 4003 type: object 4004 required: 4005 - name 4006 type: object 4007 type: array 4008 grpc: 4009 description: GRPC defines the state for the Argo CD Server GRPC 4010 options. 4011 properties: 4012 host: 4013 description: Host is the hostname to use for Ingress/Route 4014 resources. 4015 type: string 4016 ingress: 4017 description: Ingress defines the desired state for the Argo 4018 CD Server GRPC Ingress. 4019 properties: 4020 annotations: 4021 additionalProperties: 4022 type: string 4023 description: Annotations is the map of annotations to 4024 apply to the Ingress. 4025 type: object 4026 enabled: 4027 description: Enabled will toggle the creation of the Ingress. 4028 type: boolean 4029 path: 4030 description: Path used for the Ingress resource. 4031 type: string 4032 tls: 4033 description: TLS configuration. Currently the Ingress 4034 only supports a single TLS port, 443. If multiple members 4035 of this list specify different hosts, they will be multiplexed 4036 on the same port according to the hostname specified 4037 through the SNI TLS extension, if the ingress controller 4038 fulfilling the ingress supports SNI. 4039 items: 4040 description: IngressTLS describes the transport layer 4041 security associated with an Ingress. 4042 properties: 4043 hosts: 4044 description: Hosts are a list of hosts included 4045 in the TLS certificate. The values in this list 4046 must match the name/s used in the tlsSecret. Defaults 4047 to the wildcard host setting for the loadbalancer 4048 controller fulfilling this Ingress, if left unspecified. 4049 items: 4050 type: string 4051 type: array 4052 x-kubernetes-list-type: atomic 4053 secretName: 4054 description: SecretName is the name of the secret 4055 used to terminate TLS traffic on port 443. Field 4056 is left optional to allow TLS routing based on 4057 SNI hostname alone. If the SNI host in a listener 4058 conflicts with the "Host" header field used by 4059 an IngressRule, the SNI host is used for termination 4060 and value of the Host header is used for routing. 4061 type: string 4062 type: object 4063 type: array 4064 required: 4065 - enabled 4066 type: object 4067 type: object 4068 host: 4069 description: Host is the hostname to use for Ingress/Route resources. 4070 type: string 4071 ingress: 4072 description: Ingress defines the desired state for an Ingress 4073 for the Argo CD Server component. 4074 properties: 4075 annotations: 4076 additionalProperties: 4077 type: string 4078 description: Annotations is the map of annotations to apply 4079 to the Ingress. 4080 type: object 4081 enabled: 4082 description: Enabled will toggle the creation of the Ingress. 4083 type: boolean 4084 path: 4085 description: Path used for the Ingress resource. 4086 type: string 4087 tls: 4088 description: TLS configuration. Currently the Ingress only 4089 supports a single TLS port, 443. If multiple members of 4090 this list specify different hosts, they will be multiplexed 4091 on the same port according to the hostname specified through 4092 the SNI TLS extension, if the ingress controller fulfilling 4093 the ingress supports SNI. 4094 items: 4095 description: IngressTLS describes the transport layer security 4096 associated with an Ingress. 4097 properties: 4098 hosts: 4099 description: Hosts are a list of hosts included in the 4100 TLS certificate. The values in this list must match 4101 the name/s used in the tlsSecret. Defaults to the 4102 wildcard host setting for the loadbalancer controller 4103 fulfilling this Ingress, if left unspecified. 4104 items: 4105 type: string 4106 type: array 4107 x-kubernetes-list-type: atomic 4108 secretName: 4109 description: SecretName is the name of the secret used 4110 to terminate TLS traffic on port 443. Field is left 4111 optional to allow TLS routing based on SNI hostname 4112 alone. If the SNI host in a listener conflicts with 4113 the "Host" header field used by an IngressRule, the 4114 SNI host is used for termination and value of the 4115 Host header is used for routing. 4116 type: string 4117 type: object 4118 type: array 4119 required: 4120 - enabled 4121 type: object 4122 insecure: 4123 description: Insecure toggles the insecure flag. 4124 type: boolean 4125 logFormat: 4126 description: LogFormat refers to the log level to be used by the 4127 ArgoCD Server component. Defaults to ArgoCDDefaultLogFormat 4128 if not configured. Valid options are text or json. 4129 type: string 4130 logLevel: 4131 description: LogLevel refers to the log level to be used by the 4132 ArgoCD Server component. Defaults to ArgoCDDefaultLogLevel if 4133 not set. Valid options are debug, info, error, and warn. 4134 type: string 4135 replicas: 4136 description: Replicas defines the number of replicas for argocd-server. 4137 Default is nil. Value should be greater than or equal to 0. 4138 Value will be ignored if Autoscaler is enabled. 4139 format: int32 4140 type: integer 4141 resources: 4142 description: Resources defines the Compute Resources required 4143 by the container for the Argo CD server component. 4144 properties: 4145 limits: 4146 additionalProperties: 4147 anyOf: 4148 - type: integer 4149 - type: string 4150 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 4151 x-kubernetes-int-or-string: true 4152 description: 'Limits describes the maximum amount of compute 4153 resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' 4154 type: object 4155 requests: 4156 additionalProperties: 4157 anyOf: 4158 - type: integer 4159 - type: string 4160 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 4161 x-kubernetes-int-or-string: true 4162 description: 'Requests describes the minimum amount of compute 4163 resources required. If Requests is omitted for a container, 4164 it defaults to Limits if that is explicitly specified, otherwise 4165 to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' 4166 type: object 4167 type: object 4168 route: 4169 description: Route defines the desired state for an OpenShift 4170 Route for the Argo CD Server component. 4171 properties: 4172 annotations: 4173 additionalProperties: 4174 type: string 4175 description: Annotations is the map of annotations to use 4176 for the Route resource. 4177 type: object 4178 enabled: 4179 description: Enabled will toggle the creation of the OpenShift 4180 Route. 4181 type: boolean 4182 labels: 4183 additionalProperties: 4184 type: string 4185 description: Labels is the map of labels to use for the Route 4186 resource 4187 type: object 4188 path: 4189 description: Path the router watches for, to route traffic 4190 for to the service. 4191 type: string 4192 tls: 4193 description: TLS provides the ability to configure certificates 4194 and termination for the Route. 4195 properties: 4196 caCertificate: 4197 description: caCertificate provides the cert authority 4198 certificate contents 4199 type: string 4200 certificate: 4201 description: certificate provides certificate contents 4202 type: string 4203 destinationCACertificate: 4204 description: destinationCACertificate provides the contents 4205 of the ca certificate of the final destination. When 4206 using reencrypt termination this file should be provided 4207 in order to have routers use it for health checks on 4208 the secure connection. If this field is not specified, 4209 the router may provide its own destination CA and perform 4210 hostname validation using the short service name (service.namespace.svc), 4211 which allows infrastructure generated certificates to 4212 automatically verify. 4213 type: string 4214 insecureEdgeTerminationPolicy: 4215 description: "insecureEdgeTerminationPolicy indicates 4216 the desired behavior for insecure connections to a route. 4217 While each router may make its own decisions on which 4218 ports to expose, this is normally port 80. \n * Allow 4219 - traffic is sent to the server on the insecure port 4220 (default) * Disable - no traffic is allowed on the insecure 4221 port. * Redirect - clients are redirected to the secure 4222 port." 4223 type: string 4224 key: 4225 description: key provides key file contents 4226 type: string 4227 termination: 4228 description: termination indicates termination type. 4229 type: string 4230 required: 4231 - termination 4232 type: object 4233 wildcardPolicy: 4234 description: WildcardPolicy if any for the route. Currently 4235 only 'Subdomain' or 'None' is allowed. 4236 type: string 4237 required: 4238 - enabled 4239 type: object 4240 service: 4241 description: Service defines the options for the Service backing 4242 the ArgoCD Server component. 4243 properties: 4244 type: 4245 description: Type is the ServiceType to use for the Service 4246 resource. 4247 type: string 4248 required: 4249 - type 4250 type: object 4251 type: object 4252 sso: 4253 description: SSO defines the Single Sign-on configuration for Argo 4254 CD 4255 properties: 4256 image: 4257 description: Image is the SSO container image. 4258 type: string 4259 provider: 4260 description: Provider installs and configures the given SSO Provider 4261 with Argo CD. 4262 type: string 4263 resources: 4264 description: Resources defines the Compute Resources required 4265 by the container for SSO. 4266 properties: 4267 limits: 4268 additionalProperties: 4269 anyOf: 4270 - type: integer 4271 - type: string 4272 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 4273 x-kubernetes-int-or-string: true 4274 description: 'Limits describes the maximum amount of compute 4275 resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' 4276 type: object 4277 requests: 4278 additionalProperties: 4279 anyOf: 4280 - type: integer 4281 - type: string 4282 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 4283 x-kubernetes-int-or-string: true 4284 description: 'Requests describes the minimum amount of compute 4285 resources required. If Requests is omitted for a container, 4286 it defaults to Limits if that is explicitly specified, otherwise 4287 to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' 4288 type: object 4289 type: object 4290 verifyTLS: 4291 description: VerifyTLS set to false disables strict TLS validation. 4292 type: boolean 4293 version: 4294 description: Version is the SSO container image tag. 4295 type: string 4296 type: object 4297 statusBadgeEnabled: 4298 description: StatusBadgeEnabled toggles application status badge feature. 4299 type: boolean 4300 tls: 4301 description: TLS defines the TLS options for ArgoCD. 4302 properties: 4303 ca: 4304 description: CA defines the CA options. 4305 properties: 4306 configMapName: 4307 description: ConfigMapName is the name of the ConfigMap containing 4308 the CA Certificate. 4309 type: string 4310 secretName: 4311 description: SecretName is the name of the Secret containing 4312 the CA Certificate and Key. 4313 type: string 4314 type: object 4315 initialCerts: 4316 additionalProperties: 4317 type: string 4318 description: InitialCerts defines custom TLS certificates upon 4319 creation of the cluster for connecting Git repositories via 4320 HTTPS. 4321 type: object 4322 type: object 4323 usersAnonymousEnabled: 4324 description: UsersAnonymousEnabled toggles anonymous user access. 4325 The anonymous users get default role permissions specified argocd-rbac-cm. 4326 type: boolean 4327 version: 4328 description: Version is the tag to use with the ArgoCD container image 4329 for all ArgoCD components. 4330 type: string 4331 type: object 4332 status: 4333 description: ArgoCDStatus defines the observed state of ArgoCD 4334 properties: 4335 applicationController: 4336 description: 'ApplicationController is a simple, high-level summary 4337 of where the Argo CD application controller component is in its 4338 lifecycle. There are five possible ApplicationController values: 4339 Pending: The Argo CD application controller component has been accepted 4340 by the Kubernetes system, but one or more of the required resources 4341 have not been created. Running: All of the required Pods for the 4342 Argo CD application controller component are in a Ready state. Failed: 4343 At least one of the Argo CD application controller component Pods 4344 had a failure. Unknown: For some reason the state of the Argo CD 4345 application controller component could not be obtained.' 4346 type: string 4347 dex: 4348 description: 'Dex is a simple, high-level summary of where the Argo 4349 CD Dex component is in its lifecycle. There are five possible dex 4350 values: Pending: The Argo CD Dex component has been accepted by 4351 the Kubernetes system, but one or more of the required resources 4352 have not been created. Running: All of the required Pods for the 4353 Argo CD Dex component are in a Ready state. Failed: At least one 4354 of the Argo CD Dex component Pods had a failure. Unknown: For some 4355 reason the state of the Argo CD Dex component could not be obtained.' 4356 type: string 4357 phase: 4358 description: 'Phase is a simple, high-level summary of where the ArgoCD 4359 is in its lifecycle. There are five possible phase values: Pending: 4360 The ArgoCD has been accepted by the Kubernetes system, but one or 4361 more of the required resources have not been created. Available: 4362 All of the resources for the ArgoCD are ready. Failed: At least 4363 one resource has experienced a failure. Unknown: For some reason 4364 the state of the ArgoCD phase could not be obtained.' 4365 type: string 4366 redis: 4367 description: 'Redis is a simple, high-level summary of where the Argo 4368 CD Redis component is in its lifecycle. There are five possible 4369 redis values: Pending: The Argo CD Redis component has been accepted 4370 by the Kubernetes system, but one or more of the required resources 4371 have not been created. Running: All of the required Pods for the 4372 Argo CD Redis component are in a Ready state. Failed: At least one 4373 of the Argo CD Redis component Pods had a failure. Unknown: For 4374 some reason the state of the Argo CD Redis component could not be 4375 obtained.' 4376 type: string 4377 repo: 4378 description: 'Repo is a simple, high-level summary of where the Argo 4379 CD Repo component is in its lifecycle. There are five possible repo 4380 values: Pending: The Argo CD Repo component has been accepted by 4381 the Kubernetes system, but one or more of the required resources 4382 have not been created. Running: All of the required Pods for the 4383 Argo CD Repo component are in a Ready state. Failed: At least one 4384 of the Argo CD Repo component Pods had a failure. Unknown: For 4385 some reason the state of the Argo CD Repo component could not be 4386 obtained.' 4387 type: string 4388 repoTLSChecksum: 4389 description: RepoTLSChecksum contains the SHA256 checksum of the latest 4390 known state of tls.crt and tls.key in the argocd-repo-server-tls 4391 secret. 4392 type: string 4393 server: 4394 description: 'Server is a simple, high-level summary of where the 4395 Argo CD server component is in its lifecycle. There are five possible 4396 server values: Pending: The Argo CD server component has been accepted 4397 by the Kubernetes system, but one or more of the required resources 4398 have not been created. Running: All of the required Pods for the 4399 Argo CD server component are in a Ready state. Failed: At least 4400 one of the Argo CD server component Pods had a failure. Unknown: 4401 For some reason the state of the Argo CD server component could 4402 not be obtained.' 4403 type: string 4404 ssoConfig: 4405 description: 'SSOConfig defines the status of SSO configuration. Success: 4406 Only one SSO provider is configured in CR. Failed: More than one 4407 SSO providers are configure in CR. Unknown: For some reason the 4408 SSO configuration could not be obtained.' 4409 type: string 4410 type: object 4411 type: object 4412 served: true 4413 storage: true 4414 subresources: 4415 status: {} 4416 status: 4417 acceptedNames: 4418 kind: "" 4419 plural: "" 4420 conditions: [] 4421 storedVersions: []