github.com/argoproj-labs/argocd-operator@v0.10.0/deploy/olm-catalog/argocd-operator/0.6.0/argoproj.io_argocds.yaml (about) 1 apiVersion: apiextensions.k8s.io/v1 2 kind: CustomResourceDefinition 3 metadata: 4 annotations: 5 controller-gen.kubebuilder.io/version: v0.6.1 6 creationTimestamp: null 7 name: argocds.argoproj.io 8 spec: 9 group: argoproj.io 10 names: 11 kind: ArgoCD 12 listKind: ArgoCDList 13 plural: argocds 14 singular: argocd 15 scope: Namespaced 16 versions: 17 - name: v1alpha1 18 schema: 19 openAPIV3Schema: 20 description: ArgoCD is the Schema for the argocds API 21 properties: 22 apiVersion: 23 description: 'APIVersion defines the versioned schema of this representation 24 of an object. Servers should convert recognized schemas to the latest 25 internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' 26 type: string 27 kind: 28 description: 'Kind is a string value representing the REST resource this 29 object represents. Servers may infer this from the endpoint the client 30 submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' 31 type: string 32 metadata: 33 type: object 34 spec: 35 description: ArgoCDSpec defines the desired state of ArgoCD 36 properties: 37 applicationInstanceLabelKey: 38 description: ApplicationInstanceLabelKey is the key name where Argo 39 CD injects the app name as a tracking label. 40 type: string 41 applicationSet: 42 description: ArgoCDApplicationSet defines whether the Argo CD ApplicationSet 43 controller should be installed. 44 properties: 45 env: 46 description: Env lets you specify environment for applicationSet 47 controller pods 48 items: 49 description: EnvVar represents an environment variable present 50 in a Container. 51 properties: 52 name: 53 description: Name of the environment variable. Must be a 54 C_IDENTIFIER. 55 type: string 56 value: 57 description: 'Variable references $(VAR_NAME) are expanded 58 using the previously defined environment variables in 59 the container and any service environment variables. If 60 a variable cannot be resolved, the reference in the input 61 string will be unchanged. Double $$ are reduced to a single 62 $, which allows for escaping the $(VAR_NAME) syntax: i.e. 63 "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". 64 Escaped references will never be expanded, regardless 65 of whether the variable exists or not. Defaults to "".' 66 type: string 67 valueFrom: 68 description: Source for the environment variable's value. 69 Cannot be used if value is not empty. 70 properties: 71 configMapKeyRef: 72 description: Selects a key of a ConfigMap. 73 properties: 74 key: 75 description: The key to select. 76 type: string 77 name: 78 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 79 TODO: Add other useful fields. apiVersion, kind, 80 uid?' 81 type: string 82 optional: 83 description: Specify whether the ConfigMap or its 84 key must be defined 85 type: boolean 86 required: 87 - key 88 type: object 89 fieldRef: 90 description: 'Selects a field of the pod: supports metadata.name, 91 metadata.namespace, `metadata.labels[''<KEY>'']`, 92 `metadata.annotations[''<KEY>'']`, spec.nodeName, 93 spec.serviceAccountName, status.hostIP, status.podIP, 94 status.podIPs.' 95 properties: 96 apiVersion: 97 description: Version of the schema the FieldPath 98 is written in terms of, defaults to "v1". 99 type: string 100 fieldPath: 101 description: Path of the field to select in the 102 specified API version. 103 type: string 104 required: 105 - fieldPath 106 type: object 107 resourceFieldRef: 108 description: 'Selects a resource of the container: only 109 resources limits and requests (limits.cpu, limits.memory, 110 limits.ephemeral-storage, requests.cpu, requests.memory 111 and requests.ephemeral-storage) are currently supported.' 112 properties: 113 containerName: 114 description: 'Container name: required for volumes, 115 optional for env vars' 116 type: string 117 divisor: 118 anyOf: 119 - type: integer 120 - type: string 121 description: Specifies the output format of the 122 exposed resources, defaults to "1" 123 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 124 x-kubernetes-int-or-string: true 125 resource: 126 description: 'Required: resource to select' 127 type: string 128 required: 129 - resource 130 type: object 131 secretKeyRef: 132 description: Selects a key of a secret in the pod's 133 namespace 134 properties: 135 key: 136 description: The key of the secret to select from. Must 137 be a valid secret key. 138 type: string 139 name: 140 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 141 TODO: Add other useful fields. apiVersion, kind, 142 uid?' 143 type: string 144 optional: 145 description: Specify whether the Secret or its key 146 must be defined 147 type: boolean 148 required: 149 - key 150 type: object 151 type: object 152 required: 153 - name 154 type: object 155 type: array 156 extraCommandArgs: 157 description: ExtraCommandArgs allows users to pass command line 158 arguments to ApplicationSet controller. They get added to default 159 command line arguments provided by the operator. Please note 160 that the command line arguments provided as part of ExtraCommandArgs 161 will not overwrite the default command line arguments. 162 items: 163 type: string 164 type: array 165 image: 166 description: Image is the Argo CD ApplicationSet image (optional) 167 type: string 168 logLevel: 169 description: LogLevel describes the log level that should be used 170 by the ApplicationSet controller. Defaults to ArgoCDDefaultLogLevel 171 if not set. Valid options are debug,info, error, and warn. 172 type: string 173 resources: 174 description: Resources defines the Compute Resources required 175 by the container for ApplicationSet. 176 properties: 177 limits: 178 additionalProperties: 179 anyOf: 180 - type: integer 181 - type: string 182 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 183 x-kubernetes-int-or-string: true 184 description: 'Limits describes the maximum amount of compute 185 resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' 186 type: object 187 requests: 188 additionalProperties: 189 anyOf: 190 - type: integer 191 - type: string 192 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 193 x-kubernetes-int-or-string: true 194 description: 'Requests describes the minimum amount of compute 195 resources required. If Requests is omitted for a container, 196 it defaults to Limits if that is explicitly specified, otherwise 197 to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' 198 type: object 199 type: object 200 version: 201 description: Version is the Argo CD ApplicationSet image tag. 202 (optional) 203 type: string 204 webhookServer: 205 description: WebhookServerSpec defines the options for the ApplicationSet 206 Webhook Server component. 207 properties: 208 host: 209 description: Host is the hostname to use for Ingress/Route 210 resources. 211 type: string 212 ingress: 213 description: Ingress defines the desired state for an Ingress 214 for the Application set webhook component. 215 properties: 216 annotations: 217 additionalProperties: 218 type: string 219 description: Annotations is the map of annotations to 220 apply to the Ingress. 221 type: object 222 enabled: 223 description: Enabled will toggle the creation of the Ingress. 224 type: boolean 225 ingressClassName: 226 description: IngressClassName for the Ingress resource. 227 type: string 228 path: 229 description: Path used for the Ingress resource. 230 type: string 231 tls: 232 description: TLS configuration. Currently the Ingress 233 only supports a single TLS port, 443. If multiple members 234 of this list specify different hosts, they will be multiplexed 235 on the same port according to the hostname specified 236 through the SNI TLS extension, if the ingress controller 237 fulfilling the ingress supports SNI. 238 items: 239 description: IngressTLS describes the transport layer 240 security associated with an Ingress. 241 properties: 242 hosts: 243 description: Hosts are a list of hosts included 244 in the TLS certificate. The values in this list 245 must match the name/s used in the tlsSecret. Defaults 246 to the wildcard host setting for the loadbalancer 247 controller fulfilling this Ingress, if left unspecified. 248 items: 249 type: string 250 type: array 251 x-kubernetes-list-type: atomic 252 secretName: 253 description: SecretName is the name of the secret 254 used to terminate TLS traffic on port 443. Field 255 is left optional to allow TLS routing based on 256 SNI hostname alone. If the SNI host in a listener 257 conflicts with the "Host" header field used by 258 an IngressRule, the SNI host is used for termination 259 and value of the Host header is used for routing. 260 type: string 261 type: object 262 type: array 263 required: 264 - enabled 265 type: object 266 route: 267 description: Route defines the desired state for an OpenShift 268 Route for the Application set webhook component. 269 properties: 270 annotations: 271 additionalProperties: 272 type: string 273 description: Annotations is the map of annotations to 274 use for the Route resource. 275 type: object 276 enabled: 277 description: Enabled will toggle the creation of the OpenShift 278 Route. 279 type: boolean 280 labels: 281 additionalProperties: 282 type: string 283 description: Labels is the map of labels to use for the 284 Route resource 285 type: object 286 path: 287 description: Path the router watches for, to route traffic 288 for to the service. 289 type: string 290 tls: 291 description: TLS provides the ability to configure certificates 292 and termination for the Route. 293 properties: 294 caCertificate: 295 description: caCertificate provides the cert authority 296 certificate contents 297 type: string 298 certificate: 299 description: certificate provides certificate contents 300 type: string 301 destinationCACertificate: 302 description: destinationCACertificate provides the 303 contents of the ca certificate of the final destination. When 304 using reencrypt termination this file should be 305 provided in order to have routers use it for health 306 checks on the secure connection. If this field is 307 not specified, the router may provide its own destination 308 CA and perform hostname validation using the short 309 service name (service.namespace.svc), which allows 310 infrastructure generated certificates to automatically 311 verify. 312 type: string 313 insecureEdgeTerminationPolicy: 314 description: "insecureEdgeTerminationPolicy indicates 315 the desired behavior for insecure connections to 316 a route. While each router may make its own decisions 317 on which ports to expose, this is normally port 318 80. \n * Allow - traffic is sent to the server on 319 the insecure port (default) * Disable - no traffic 320 is allowed on the insecure port. * Redirect - clients 321 are redirected to the secure port." 322 type: string 323 key: 324 description: key provides key file contents 325 type: string 326 termination: 327 description: termination indicates termination type. 328 type: string 329 required: 330 - termination 331 type: object 332 wildcardPolicy: 333 description: WildcardPolicy if any for the route. Currently 334 only 'Subdomain' or 'None' is allowed. 335 type: string 336 required: 337 - enabled 338 type: object 339 type: object 340 type: object 341 banner: 342 description: Banner defines an additional banner to be displayed in 343 Argo CD UI 344 properties: 345 content: 346 description: Content defines the banner message content to display 347 type: string 348 url: 349 description: URL defines an optional URL to be used as banner 350 message link 351 type: string 352 required: 353 - content 354 type: object 355 configManagementPlugins: 356 description: ConfigManagementPlugins is used to specify additional 357 config management plugins. 358 type: string 359 controller: 360 description: Controller defines the Application Controller options 361 for ArgoCD. 362 properties: 363 appSync: 364 description: "AppSync is used to control the sync frequency, by 365 default the ArgoCD controller polls Git every 3m. \n Set this 366 to a duration, e.g. 10m or 600s to control the synchronisation 367 frequency." 368 type: string 369 env: 370 description: Env lets you specify environment for application 371 controller pods 372 items: 373 description: EnvVar represents an environment variable present 374 in a Container. 375 properties: 376 name: 377 description: Name of the environment variable. Must be a 378 C_IDENTIFIER. 379 type: string 380 value: 381 description: 'Variable references $(VAR_NAME) are expanded 382 using the previously defined environment variables in 383 the container and any service environment variables. If 384 a variable cannot be resolved, the reference in the input 385 string will be unchanged. Double $$ are reduced to a single 386 $, which allows for escaping the $(VAR_NAME) syntax: i.e. 387 "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". 388 Escaped references will never be expanded, regardless 389 of whether the variable exists or not. Defaults to "".' 390 type: string 391 valueFrom: 392 description: Source for the environment variable's value. 393 Cannot be used if value is not empty. 394 properties: 395 configMapKeyRef: 396 description: Selects a key of a ConfigMap. 397 properties: 398 key: 399 description: The key to select. 400 type: string 401 name: 402 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 403 TODO: Add other useful fields. apiVersion, kind, 404 uid?' 405 type: string 406 optional: 407 description: Specify whether the ConfigMap or its 408 key must be defined 409 type: boolean 410 required: 411 - key 412 type: object 413 fieldRef: 414 description: 'Selects a field of the pod: supports metadata.name, 415 metadata.namespace, `metadata.labels[''<KEY>'']`, 416 `metadata.annotations[''<KEY>'']`, spec.nodeName, 417 spec.serviceAccountName, status.hostIP, status.podIP, 418 status.podIPs.' 419 properties: 420 apiVersion: 421 description: Version of the schema the FieldPath 422 is written in terms of, defaults to "v1". 423 type: string 424 fieldPath: 425 description: Path of the field to select in the 426 specified API version. 427 type: string 428 required: 429 - fieldPath 430 type: object 431 resourceFieldRef: 432 description: 'Selects a resource of the container: only 433 resources limits and requests (limits.cpu, limits.memory, 434 limits.ephemeral-storage, requests.cpu, requests.memory 435 and requests.ephemeral-storage) are currently supported.' 436 properties: 437 containerName: 438 description: 'Container name: required for volumes, 439 optional for env vars' 440 type: string 441 divisor: 442 anyOf: 443 - type: integer 444 - type: string 445 description: Specifies the output format of the 446 exposed resources, defaults to "1" 447 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 448 x-kubernetes-int-or-string: true 449 resource: 450 description: 'Required: resource to select' 451 type: string 452 required: 453 - resource 454 type: object 455 secretKeyRef: 456 description: Selects a key of a secret in the pod's 457 namespace 458 properties: 459 key: 460 description: The key of the secret to select from. Must 461 be a valid secret key. 462 type: string 463 name: 464 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 465 TODO: Add other useful fields. apiVersion, kind, 466 uid?' 467 type: string 468 optional: 469 description: Specify whether the Secret or its key 470 must be defined 471 type: boolean 472 required: 473 - key 474 type: object 475 type: object 476 required: 477 - name 478 type: object 479 type: array 480 logFormat: 481 description: LogFormat refers to the log format used by the Application 482 Controller component. Defaults to ArgoCDDefaultLogFormat if 483 not configured. Valid options are text or json. 484 type: string 485 logLevel: 486 description: LogLevel refers to the log level used by the Application 487 Controller component. Defaults to ArgoCDDefaultLogLevel if not 488 configured. Valid options are debug, info, error, and warn. 489 type: string 490 parallelismLimit: 491 description: ParallelismLimit defines the limit for parallel kubectl 492 operations 493 format: int32 494 type: integer 495 processors: 496 description: Processors contains the options for the Application 497 Controller processors. 498 properties: 499 operation: 500 description: Operation is the number of application operation 501 processors. 502 format: int32 503 type: integer 504 status: 505 description: Status is the number of application status processors. 506 format: int32 507 type: integer 508 type: object 509 resources: 510 description: Resources defines the Compute Resources required 511 by the container for the Application Controller. 512 properties: 513 limits: 514 additionalProperties: 515 anyOf: 516 - type: integer 517 - type: string 518 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 519 x-kubernetes-int-or-string: true 520 description: 'Limits describes the maximum amount of compute 521 resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' 522 type: object 523 requests: 524 additionalProperties: 525 anyOf: 526 - type: integer 527 - type: string 528 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 529 x-kubernetes-int-or-string: true 530 description: 'Requests describes the minimum amount of compute 531 resources required. If Requests is omitted for a container, 532 it defaults to Limits if that is explicitly specified, otherwise 533 to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' 534 type: object 535 type: object 536 sharding: 537 description: Sharding contains the options for the Application 538 Controller sharding configuration. 539 properties: 540 enabled: 541 description: Enabled defines whether sharding should be enabled 542 on the Application Controller component. 543 type: boolean 544 replicas: 545 description: Replicas defines the number of replicas to run 546 in the Application controller shard. 547 format: int32 548 type: integer 549 type: object 550 type: object 551 disableAdmin: 552 description: DisableAdmin will disable the admin user. 553 type: boolean 554 extraConfig: 555 additionalProperties: 556 type: string 557 description: "ExtraConfig can be used to add fields to Argo CD configmap 558 that are not supported by Argo CD CRD. \n Note: ExtraConfig takes 559 precedence over Argo CD CRD. For example, A user sets `argocd.Spec.DisableAdmin` 560 = true and also `a.Spec.ExtraConfig[\"admin.enabled\"]` = true. 561 In this case, operator updates Argo CD Configmap as follows -> argocd-cm.Data[\"admin.enabled\"] 562 = true." 563 type: object 564 gaAnonymizeUsers: 565 description: GAAnonymizeUsers toggles user IDs being hashed before 566 sending to google analytics. 567 type: boolean 568 gaTrackingID: 569 description: GATrackingID is the google analytics tracking ID to use. 570 type: string 571 grafana: 572 description: Grafana defines the Grafana server options for ArgoCD. 573 properties: 574 enabled: 575 description: Enabled will toggle Grafana support globally for 576 ArgoCD. 577 type: boolean 578 host: 579 description: Host is the hostname to use for Ingress/Route resources. 580 type: string 581 image: 582 description: Image is the Grafana container image. 583 type: string 584 ingress: 585 description: Ingress defines the desired state for an Ingress 586 for the Grafana component. 587 properties: 588 annotations: 589 additionalProperties: 590 type: string 591 description: Annotations is the map of annotations to apply 592 to the Ingress. 593 type: object 594 enabled: 595 description: Enabled will toggle the creation of the Ingress. 596 type: boolean 597 ingressClassName: 598 description: IngressClassName for the Ingress resource. 599 type: string 600 path: 601 description: Path used for the Ingress resource. 602 type: string 603 tls: 604 description: TLS configuration. Currently the Ingress only 605 supports a single TLS port, 443. If multiple members of 606 this list specify different hosts, they will be multiplexed 607 on the same port according to the hostname specified through 608 the SNI TLS extension, if the ingress controller fulfilling 609 the ingress supports SNI. 610 items: 611 description: IngressTLS describes the transport layer security 612 associated with an Ingress. 613 properties: 614 hosts: 615 description: Hosts are a list of hosts included in the 616 TLS certificate. The values in this list must match 617 the name/s used in the tlsSecret. Defaults to the 618 wildcard host setting for the loadbalancer controller 619 fulfilling this Ingress, if left unspecified. 620 items: 621 type: string 622 type: array 623 x-kubernetes-list-type: atomic 624 secretName: 625 description: SecretName is the name of the secret used 626 to terminate TLS traffic on port 443. Field is left 627 optional to allow TLS routing based on SNI hostname 628 alone. If the SNI host in a listener conflicts with 629 the "Host" header field used by an IngressRule, the 630 SNI host is used for termination and value of the 631 Host header is used for routing. 632 type: string 633 type: object 634 type: array 635 required: 636 - enabled 637 type: object 638 resources: 639 description: Resources defines the Compute Resources required 640 by the container for Grafana. 641 properties: 642 limits: 643 additionalProperties: 644 anyOf: 645 - type: integer 646 - type: string 647 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 648 x-kubernetes-int-or-string: true 649 description: 'Limits describes the maximum amount of compute 650 resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' 651 type: object 652 requests: 653 additionalProperties: 654 anyOf: 655 - type: integer 656 - type: string 657 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 658 x-kubernetes-int-or-string: true 659 description: 'Requests describes the minimum amount of compute 660 resources required. If Requests is omitted for a container, 661 it defaults to Limits if that is explicitly specified, otherwise 662 to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' 663 type: object 664 type: object 665 route: 666 description: Route defines the desired state for an OpenShift 667 Route for the Grafana component. 668 properties: 669 annotations: 670 additionalProperties: 671 type: string 672 description: Annotations is the map of annotations to use 673 for the Route resource. 674 type: object 675 enabled: 676 description: Enabled will toggle the creation of the OpenShift 677 Route. 678 type: boolean 679 labels: 680 additionalProperties: 681 type: string 682 description: Labels is the map of labels to use for the Route 683 resource 684 type: object 685 path: 686 description: Path the router watches for, to route traffic 687 for to the service. 688 type: string 689 tls: 690 description: TLS provides the ability to configure certificates 691 and termination for the Route. 692 properties: 693 caCertificate: 694 description: caCertificate provides the cert authority 695 certificate contents 696 type: string 697 certificate: 698 description: certificate provides certificate contents 699 type: string 700 destinationCACertificate: 701 description: destinationCACertificate provides the contents 702 of the ca certificate of the final destination. When 703 using reencrypt termination this file should be provided 704 in order to have routers use it for health checks on 705 the secure connection. If this field is not specified, 706 the router may provide its own destination CA and perform 707 hostname validation using the short service name (service.namespace.svc), 708 which allows infrastructure generated certificates to 709 automatically verify. 710 type: string 711 insecureEdgeTerminationPolicy: 712 description: "insecureEdgeTerminationPolicy indicates 713 the desired behavior for insecure connections to a route. 714 While each router may make its own decisions on which 715 ports to expose, this is normally port 80. \n * Allow 716 - traffic is sent to the server on the insecure port 717 (default) * Disable - no traffic is allowed on the insecure 718 port. * Redirect - clients are redirected to the secure 719 port." 720 type: string 721 key: 722 description: key provides key file contents 723 type: string 724 termination: 725 description: termination indicates termination type. 726 type: string 727 required: 728 - termination 729 type: object 730 wildcardPolicy: 731 description: WildcardPolicy if any for the route. Currently 732 only 'Subdomain' or 'None' is allowed. 733 type: string 734 required: 735 - enabled 736 type: object 737 size: 738 description: Size is the replica count for the Grafana Deployment. 739 format: int32 740 type: integer 741 version: 742 description: Version is the Grafana container image tag. 743 type: string 744 required: 745 - enabled 746 type: object 747 ha: 748 description: HA options for High Availability support for the Redis 749 component. 750 properties: 751 enabled: 752 description: Enabled will toggle HA support globally for Argo 753 CD. 754 type: boolean 755 redisProxyImage: 756 description: RedisProxyImage is the Redis HAProxy container image. 757 type: string 758 redisProxyVersion: 759 description: RedisProxyVersion is the Redis HAProxy container 760 image tag. 761 type: string 762 resources: 763 description: Resources defines the Compute Resources required 764 by the container for HA. 765 properties: 766 limits: 767 additionalProperties: 768 anyOf: 769 - type: integer 770 - type: string 771 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 772 x-kubernetes-int-or-string: true 773 description: 'Limits describes the maximum amount of compute 774 resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' 775 type: object 776 requests: 777 additionalProperties: 778 anyOf: 779 - type: integer 780 - type: string 781 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 782 x-kubernetes-int-or-string: true 783 description: 'Requests describes the minimum amount of compute 784 resources required. If Requests is omitted for a container, 785 it defaults to Limits if that is explicitly specified, otherwise 786 to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' 787 type: object 788 type: object 789 required: 790 - enabled 791 type: object 792 helpChatText: 793 description: HelpChatText is the text for getting chat help, defaults 794 to "Chat now!" 795 type: string 796 helpChatURL: 797 description: HelpChatURL is the URL for getting chat help, this will 798 typically be your Slack channel for support. 799 type: string 800 image: 801 description: Image is the ArgoCD container image for all ArgoCD components. 802 type: string 803 import: 804 description: Import is the import/restore options for ArgoCD. 805 properties: 806 name: 807 description: Name of an ArgoCDExport from which to import data. 808 type: string 809 namespace: 810 description: Namespace for the ArgoCDExport, defaults to the same 811 namespace as the ArgoCD. 812 type: string 813 required: 814 - name 815 type: object 816 initialRepositories: 817 description: InitialRepositories to configure Argo CD with upon creation 818 of the cluster. 819 type: string 820 initialSSHKnownHosts: 821 description: InitialSSHKnownHosts defines the SSH known hosts data 822 upon creation of the cluster for connecting Git repositories via 823 SSH. 824 properties: 825 excludedefaulthosts: 826 description: ExcludeDefaultHosts describes whether you would like 827 to include the default list of SSH Known Hosts provided by ArgoCD. 828 type: boolean 829 keys: 830 description: Keys describes a custom set of SSH Known Hosts that 831 you would like to have included in your ArgoCD server. 832 type: string 833 type: object 834 kustomizeBuildOptions: 835 description: KustomizeBuildOptions is used to specify build options/parameters 836 to use with `kustomize build`. 837 type: string 838 kustomizeVersions: 839 description: KustomizeVersions is a listing of configured versions 840 of Kustomize to be made available within ArgoCD. 841 items: 842 description: KustomizeVersionSpec is used to specify information 843 about a kustomize version to be used within ArgoCD. 844 properties: 845 path: 846 description: Path is the path to a configured kustomize version 847 on the filesystem of your repo server. 848 type: string 849 version: 850 description: Version is a configured kustomize version in the 851 format of vX.Y.Z 852 type: string 853 type: object 854 type: array 855 monitoring: 856 description: Monitoring defines whether workload status monitoring 857 configuration for this instance. 858 properties: 859 enabled: 860 description: Enabled defines whether workload status monitoring 861 is enabled for this instance or not 862 type: boolean 863 required: 864 - enabled 865 type: object 866 nodePlacement: 867 description: NodePlacement defines NodeSelectors and Taints for Argo 868 CD workloads 869 properties: 870 nodeSelector: 871 additionalProperties: 872 type: string 873 description: NodeSelector is a field of PodSpec, it is a map of 874 key value pairs used for node selection 875 type: object 876 tolerations: 877 description: Tolerations allow the pods to schedule onto nodes 878 with matching taints 879 items: 880 description: The pod this Toleration is attached to tolerates 881 any taint that matches the triple <key,value,effect> using 882 the matching operator <operator>. 883 properties: 884 effect: 885 description: Effect indicates the taint effect to match. 886 Empty means match all taint effects. When specified, allowed 887 values are NoSchedule, PreferNoSchedule and NoExecute. 888 type: string 889 key: 890 description: Key is the taint key that the toleration applies 891 to. Empty means match all taint keys. If the key is empty, 892 operator must be Exists; this combination means to match 893 all values and all keys. 894 type: string 895 operator: 896 description: Operator represents a key's relationship to 897 the value. Valid operators are Exists and Equal. Defaults 898 to Equal. Exists is equivalent to wildcard for value, 899 so that a pod can tolerate all taints of a particular 900 category. 901 type: string 902 tolerationSeconds: 903 description: TolerationSeconds represents the period of 904 time the toleration (which must be of effect NoExecute, 905 otherwise this field is ignored) tolerates the taint. 906 By default, it is not set, which means tolerate the taint 907 forever (do not evict). Zero and negative values will 908 be treated as 0 (evict immediately) by the system. 909 format: int64 910 type: integer 911 value: 912 description: Value is the taint value the toleration matches 913 to. If the operator is Exists, the value should be empty, 914 otherwise just a regular string. 915 type: string 916 type: object 917 type: array 918 type: object 919 notifications: 920 description: Notifications defines whether the Argo CD Notifications 921 controller should be installed. 922 properties: 923 enabled: 924 description: Enabled defines whether argocd-notifications controller 925 should be deployed or not 926 type: boolean 927 env: 928 description: Env let you specify environment variables for Notifications 929 pods 930 items: 931 description: EnvVar represents an environment variable present 932 in a Container. 933 properties: 934 name: 935 description: Name of the environment variable. Must be a 936 C_IDENTIFIER. 937 type: string 938 value: 939 description: 'Variable references $(VAR_NAME) are expanded 940 using the previously defined environment variables in 941 the container and any service environment variables. If 942 a variable cannot be resolved, the reference in the input 943 string will be unchanged. Double $$ are reduced to a single 944 $, which allows for escaping the $(VAR_NAME) syntax: i.e. 945 "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". 946 Escaped references will never be expanded, regardless 947 of whether the variable exists or not. Defaults to "".' 948 type: string 949 valueFrom: 950 description: Source for the environment variable's value. 951 Cannot be used if value is not empty. 952 properties: 953 configMapKeyRef: 954 description: Selects a key of a ConfigMap. 955 properties: 956 key: 957 description: The key to select. 958 type: string 959 name: 960 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 961 TODO: Add other useful fields. apiVersion, kind, 962 uid?' 963 type: string 964 optional: 965 description: Specify whether the ConfigMap or its 966 key must be defined 967 type: boolean 968 required: 969 - key 970 type: object 971 fieldRef: 972 description: 'Selects a field of the pod: supports metadata.name, 973 metadata.namespace, `metadata.labels[''<KEY>'']`, 974 `metadata.annotations[''<KEY>'']`, spec.nodeName, 975 spec.serviceAccountName, status.hostIP, status.podIP, 976 status.podIPs.' 977 properties: 978 apiVersion: 979 description: Version of the schema the FieldPath 980 is written in terms of, defaults to "v1". 981 type: string 982 fieldPath: 983 description: Path of the field to select in the 984 specified API version. 985 type: string 986 required: 987 - fieldPath 988 type: object 989 resourceFieldRef: 990 description: 'Selects a resource of the container: only 991 resources limits and requests (limits.cpu, limits.memory, 992 limits.ephemeral-storage, requests.cpu, requests.memory 993 and requests.ephemeral-storage) are currently supported.' 994 properties: 995 containerName: 996 description: 'Container name: required for volumes, 997 optional for env vars' 998 type: string 999 divisor: 1000 anyOf: 1001 - type: integer 1002 - type: string 1003 description: Specifies the output format of the 1004 exposed resources, defaults to "1" 1005 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 1006 x-kubernetes-int-or-string: true 1007 resource: 1008 description: 'Required: resource to select' 1009 type: string 1010 required: 1011 - resource 1012 type: object 1013 secretKeyRef: 1014 description: Selects a key of a secret in the pod's 1015 namespace 1016 properties: 1017 key: 1018 description: The key of the secret to select from. Must 1019 be a valid secret key. 1020 type: string 1021 name: 1022 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 1023 TODO: Add other useful fields. apiVersion, kind, 1024 uid?' 1025 type: string 1026 optional: 1027 description: Specify whether the Secret or its key 1028 must be defined 1029 type: boolean 1030 required: 1031 - key 1032 type: object 1033 type: object 1034 required: 1035 - name 1036 type: object 1037 type: array 1038 image: 1039 description: Image is the Argo CD Notifications image (optional) 1040 type: string 1041 logLevel: 1042 description: LogLevel describes the log level that should be used 1043 by the argocd-notifications. Defaults to ArgoCDDefaultLogLevel 1044 if not set. Valid options are debug,info, error, and warn. 1045 type: string 1046 replicas: 1047 description: Replicas defines the number of replicas to run for 1048 notifications-controller 1049 format: int32 1050 type: integer 1051 resources: 1052 description: Resources defines the Compute Resources required 1053 by the container for Argo CD Notifications. 1054 properties: 1055 limits: 1056 additionalProperties: 1057 anyOf: 1058 - type: integer 1059 - type: string 1060 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 1061 x-kubernetes-int-or-string: true 1062 description: 'Limits describes the maximum amount of compute 1063 resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' 1064 type: object 1065 requests: 1066 additionalProperties: 1067 anyOf: 1068 - type: integer 1069 - type: string 1070 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 1071 x-kubernetes-int-or-string: true 1072 description: 'Requests describes the minimum amount of compute 1073 resources required. If Requests is omitted for a container, 1074 it defaults to Limits if that is explicitly specified, otherwise 1075 to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' 1076 type: object 1077 type: object 1078 version: 1079 description: Version is the Argo CD Notifications image tag. (optional) 1080 type: string 1081 required: 1082 - enabled 1083 type: object 1084 oidcConfig: 1085 description: OIDCConfig is the OIDC configuration as an alternative 1086 to dex. 1087 type: string 1088 prometheus: 1089 description: Prometheus defines the Prometheus server options for 1090 ArgoCD. 1091 properties: 1092 enabled: 1093 description: Enabled will toggle Prometheus support globally for 1094 ArgoCD. 1095 type: boolean 1096 host: 1097 description: Host is the hostname to use for Ingress/Route resources. 1098 type: string 1099 ingress: 1100 description: Ingress defines the desired state for an Ingress 1101 for the Prometheus component. 1102 properties: 1103 annotations: 1104 additionalProperties: 1105 type: string 1106 description: Annotations is the map of annotations to apply 1107 to the Ingress. 1108 type: object 1109 enabled: 1110 description: Enabled will toggle the creation of the Ingress. 1111 type: boolean 1112 ingressClassName: 1113 description: IngressClassName for the Ingress resource. 1114 type: string 1115 path: 1116 description: Path used for the Ingress resource. 1117 type: string 1118 tls: 1119 description: TLS configuration. Currently the Ingress only 1120 supports a single TLS port, 443. If multiple members of 1121 this list specify different hosts, they will be multiplexed 1122 on the same port according to the hostname specified through 1123 the SNI TLS extension, if the ingress controller fulfilling 1124 the ingress supports SNI. 1125 items: 1126 description: IngressTLS describes the transport layer security 1127 associated with an Ingress. 1128 properties: 1129 hosts: 1130 description: Hosts are a list of hosts included in the 1131 TLS certificate. The values in this list must match 1132 the name/s used in the tlsSecret. Defaults to the 1133 wildcard host setting for the loadbalancer controller 1134 fulfilling this Ingress, if left unspecified. 1135 items: 1136 type: string 1137 type: array 1138 x-kubernetes-list-type: atomic 1139 secretName: 1140 description: SecretName is the name of the secret used 1141 to terminate TLS traffic on port 443. Field is left 1142 optional to allow TLS routing based on SNI hostname 1143 alone. If the SNI host in a listener conflicts with 1144 the "Host" header field used by an IngressRule, the 1145 SNI host is used for termination and value of the 1146 Host header is used for routing. 1147 type: string 1148 type: object 1149 type: array 1150 required: 1151 - enabled 1152 type: object 1153 route: 1154 description: Route defines the desired state for an OpenShift 1155 Route for the Prometheus component. 1156 properties: 1157 annotations: 1158 additionalProperties: 1159 type: string 1160 description: Annotations is the map of annotations to use 1161 for the Route resource. 1162 type: object 1163 enabled: 1164 description: Enabled will toggle the creation of the OpenShift 1165 Route. 1166 type: boolean 1167 labels: 1168 additionalProperties: 1169 type: string 1170 description: Labels is the map of labels to use for the Route 1171 resource 1172 type: object 1173 path: 1174 description: Path the router watches for, to route traffic 1175 for to the service. 1176 type: string 1177 tls: 1178 description: TLS provides the ability to configure certificates 1179 and termination for the Route. 1180 properties: 1181 caCertificate: 1182 description: caCertificate provides the cert authority 1183 certificate contents 1184 type: string 1185 certificate: 1186 description: certificate provides certificate contents 1187 type: string 1188 destinationCACertificate: 1189 description: destinationCACertificate provides the contents 1190 of the ca certificate of the final destination. When 1191 using reencrypt termination this file should be provided 1192 in order to have routers use it for health checks on 1193 the secure connection. If this field is not specified, 1194 the router may provide its own destination CA and perform 1195 hostname validation using the short service name (service.namespace.svc), 1196 which allows infrastructure generated certificates to 1197 automatically verify. 1198 type: string 1199 insecureEdgeTerminationPolicy: 1200 description: "insecureEdgeTerminationPolicy indicates 1201 the desired behavior for insecure connections to a route. 1202 While each router may make its own decisions on which 1203 ports to expose, this is normally port 80. \n * Allow 1204 - traffic is sent to the server on the insecure port 1205 (default) * Disable - no traffic is allowed on the insecure 1206 port. * Redirect - clients are redirected to the secure 1207 port." 1208 type: string 1209 key: 1210 description: key provides key file contents 1211 type: string 1212 termination: 1213 description: termination indicates termination type. 1214 type: string 1215 required: 1216 - termination 1217 type: object 1218 wildcardPolicy: 1219 description: WildcardPolicy if any for the route. Currently 1220 only 'Subdomain' or 'None' is allowed. 1221 type: string 1222 required: 1223 - enabled 1224 type: object 1225 size: 1226 description: Size is the replica count for the Prometheus StatefulSet. 1227 format: int32 1228 type: integer 1229 required: 1230 - enabled 1231 type: object 1232 rbac: 1233 description: RBAC defines the RBAC configuration for Argo CD. 1234 properties: 1235 defaultPolicy: 1236 description: DefaultPolicy is the name of the default role which 1237 Argo CD will falls back to, when authorizing API requests (optional). 1238 If omitted or empty, users may be still be able to login, but 1239 will see no apps, projects, etc... 1240 type: string 1241 policy: 1242 description: 'Policy is CSV containing user-defined RBAC policies 1243 and role definitions. Policy rules are in the form: p, subject, 1244 resource, action, object, effect Role definitions and bindings 1245 are in the form: g, subject, inherited-subject See https://github.com/argoproj/argo-cd/blob/master/docs/operator-manual/rbac.md 1246 for additional information.' 1247 type: string 1248 policyMatcherMode: 1249 description: PolicyMatcherMode configures the matchers function 1250 mode for casbin. There are two options for this, 'glob' for 1251 glob matcher or 'regex' for regex matcher. 1252 type: string 1253 scopes: 1254 description: 'Scopes controls which OIDC scopes to examine during 1255 rbac enforcement (in addition to `sub` scope). If omitted, defaults 1256 to: ''[groups]''.' 1257 type: string 1258 type: object 1259 redis: 1260 description: Redis defines the Redis server options for ArgoCD. 1261 properties: 1262 autotls: 1263 description: 'AutoTLS specifies the method to use for automatic 1264 TLS configuration for the redis server The value specified here 1265 can currently be: - openshift - Use the OpenShift service CA 1266 to request TLS config' 1267 type: string 1268 disableTLSVerification: 1269 description: DisableTLSVerification defines whether redis server 1270 API should be accessed using strict TLS validation 1271 type: boolean 1272 image: 1273 description: Image is the Redis container image. 1274 type: string 1275 resources: 1276 description: Resources defines the Compute Resources required 1277 by the container for Redis. 1278 properties: 1279 limits: 1280 additionalProperties: 1281 anyOf: 1282 - type: integer 1283 - type: string 1284 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 1285 x-kubernetes-int-or-string: true 1286 description: 'Limits describes the maximum amount of compute 1287 resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' 1288 type: object 1289 requests: 1290 additionalProperties: 1291 anyOf: 1292 - type: integer 1293 - type: string 1294 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 1295 x-kubernetes-int-or-string: true 1296 description: 'Requests describes the minimum amount of compute 1297 resources required. If Requests is omitted for a container, 1298 it defaults to Limits if that is explicitly specified, otherwise 1299 to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' 1300 type: object 1301 type: object 1302 version: 1303 description: Version is the Redis container image tag. 1304 type: string 1305 type: object 1306 repo: 1307 description: Repo defines the repo server options for Argo CD. 1308 properties: 1309 autotls: 1310 description: 'AutoTLS specifies the method to use for automatic 1311 TLS configuration for the repo server The value specified here 1312 can currently be: - openshift - Use the OpenShift service CA 1313 to request TLS config' 1314 type: string 1315 env: 1316 description: Env lets you specify environment for repo server 1317 pods 1318 items: 1319 description: EnvVar represents an environment variable present 1320 in a Container. 1321 properties: 1322 name: 1323 description: Name of the environment variable. Must be a 1324 C_IDENTIFIER. 1325 type: string 1326 value: 1327 description: 'Variable references $(VAR_NAME) are expanded 1328 using the previously defined environment variables in 1329 the container and any service environment variables. If 1330 a variable cannot be resolved, the reference in the input 1331 string will be unchanged. Double $$ are reduced to a single 1332 $, which allows for escaping the $(VAR_NAME) syntax: i.e. 1333 "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". 1334 Escaped references will never be expanded, regardless 1335 of whether the variable exists or not. Defaults to "".' 1336 type: string 1337 valueFrom: 1338 description: Source for the environment variable's value. 1339 Cannot be used if value is not empty. 1340 properties: 1341 configMapKeyRef: 1342 description: Selects a key of a ConfigMap. 1343 properties: 1344 key: 1345 description: The key to select. 1346 type: string 1347 name: 1348 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 1349 TODO: Add other useful fields. apiVersion, kind, 1350 uid?' 1351 type: string 1352 optional: 1353 description: Specify whether the ConfigMap or its 1354 key must be defined 1355 type: boolean 1356 required: 1357 - key 1358 type: object 1359 fieldRef: 1360 description: 'Selects a field of the pod: supports metadata.name, 1361 metadata.namespace, `metadata.labels[''<KEY>'']`, 1362 `metadata.annotations[''<KEY>'']`, spec.nodeName, 1363 spec.serviceAccountName, status.hostIP, status.podIP, 1364 status.podIPs.' 1365 properties: 1366 apiVersion: 1367 description: Version of the schema the FieldPath 1368 is written in terms of, defaults to "v1". 1369 type: string 1370 fieldPath: 1371 description: Path of the field to select in the 1372 specified API version. 1373 type: string 1374 required: 1375 - fieldPath 1376 type: object 1377 resourceFieldRef: 1378 description: 'Selects a resource of the container: only 1379 resources limits and requests (limits.cpu, limits.memory, 1380 limits.ephemeral-storage, requests.cpu, requests.memory 1381 and requests.ephemeral-storage) are currently supported.' 1382 properties: 1383 containerName: 1384 description: 'Container name: required for volumes, 1385 optional for env vars' 1386 type: string 1387 divisor: 1388 anyOf: 1389 - type: integer 1390 - type: string 1391 description: Specifies the output format of the 1392 exposed resources, defaults to "1" 1393 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 1394 x-kubernetes-int-or-string: true 1395 resource: 1396 description: 'Required: resource to select' 1397 type: string 1398 required: 1399 - resource 1400 type: object 1401 secretKeyRef: 1402 description: Selects a key of a secret in the pod's 1403 namespace 1404 properties: 1405 key: 1406 description: The key of the secret to select from. Must 1407 be a valid secret key. 1408 type: string 1409 name: 1410 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 1411 TODO: Add other useful fields. apiVersion, kind, 1412 uid?' 1413 type: string 1414 optional: 1415 description: Specify whether the Secret or its key 1416 must be defined 1417 type: boolean 1418 required: 1419 - key 1420 type: object 1421 type: object 1422 required: 1423 - name 1424 type: object 1425 type: array 1426 execTimeout: 1427 description: ExecTimeout specifies the timeout in seconds for 1428 tool execution 1429 type: integer 1430 extraRepoCommandArgs: 1431 description: Extra Command arguments allows users to pass command 1432 line arguments to repo server workload. They get added to default 1433 command line arguments provided by the operator. Please note 1434 that the command line arguments provided as part of ExtraRepoCommandArgs 1435 will not overwrite the default command line arguments. 1436 items: 1437 type: string 1438 type: array 1439 image: 1440 description: Image is the ArgoCD Repo Server container image. 1441 type: string 1442 initContainers: 1443 description: InitContainers defines the list of initialization 1444 containers for the repo server deployment 1445 items: 1446 description: A single application container that you want to 1447 run within a pod. 1448 properties: 1449 args: 1450 description: 'Arguments to the entrypoint. The docker image''s 1451 CMD is used if this is not provided. Variable references 1452 $(VAR_NAME) are expanded using the container''s environment. 1453 If a variable cannot be resolved, the reference in the 1454 input string will be unchanged. Double $$ are reduced 1455 to a single $, which allows for escaping the $(VAR_NAME) 1456 syntax: i.e. "$$(VAR_NAME)" will produce the string literal 1457 "$(VAR_NAME)". Escaped references will never be expanded, 1458 regardless of whether the variable exists or not. Cannot 1459 be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell' 1460 items: 1461 type: string 1462 type: array 1463 command: 1464 description: 'Entrypoint array. Not executed within a shell. 1465 The docker image''s ENTRYPOINT is used if this is not 1466 provided. Variable references $(VAR_NAME) are expanded 1467 using the container''s environment. If a variable cannot 1468 be resolved, the reference in the input string will be 1469 unchanged. Double $$ are reduced to a single $, which 1470 allows for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" 1471 will produce the string literal "$(VAR_NAME)". Escaped 1472 references will never be expanded, regardless of whether 1473 the variable exists or not. Cannot be updated. More info: 1474 https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell' 1475 items: 1476 type: string 1477 type: array 1478 env: 1479 description: List of environment variables to set in the 1480 container. Cannot be updated. 1481 items: 1482 description: EnvVar represents an environment variable 1483 present in a Container. 1484 properties: 1485 name: 1486 description: Name of the environment variable. Must 1487 be a C_IDENTIFIER. 1488 type: string 1489 value: 1490 description: 'Variable references $(VAR_NAME) are 1491 expanded using the previously defined environment 1492 variables in the container and any service environment 1493 variables. If a variable cannot be resolved, the 1494 reference in the input string will be unchanged. 1495 Double $$ are reduced to a single $, which allows 1496 for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" 1497 will produce the string literal "$(VAR_NAME)". Escaped 1498 references will never be expanded, regardless of 1499 whether the variable exists or not. Defaults to 1500 "".' 1501 type: string 1502 valueFrom: 1503 description: Source for the environment variable's 1504 value. Cannot be used if value is not empty. 1505 properties: 1506 configMapKeyRef: 1507 description: Selects a key of a ConfigMap. 1508 properties: 1509 key: 1510 description: The key to select. 1511 type: string 1512 name: 1513 description: 'Name of the referent. More info: 1514 https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 1515 TODO: Add other useful fields. apiVersion, 1516 kind, uid?' 1517 type: string 1518 optional: 1519 description: Specify whether the ConfigMap 1520 or its key must be defined 1521 type: boolean 1522 required: 1523 - key 1524 type: object 1525 fieldRef: 1526 description: 'Selects a field of the pod: supports 1527 metadata.name, metadata.namespace, `metadata.labels[''<KEY>'']`, 1528 `metadata.annotations[''<KEY>'']`, spec.nodeName, 1529 spec.serviceAccountName, status.hostIP, status.podIP, 1530 status.podIPs.' 1531 properties: 1532 apiVersion: 1533 description: Version of the schema the FieldPath 1534 is written in terms of, defaults to "v1". 1535 type: string 1536 fieldPath: 1537 description: Path of the field to select in 1538 the specified API version. 1539 type: string 1540 required: 1541 - fieldPath 1542 type: object 1543 resourceFieldRef: 1544 description: 'Selects a resource of the container: 1545 only resources limits and requests (limits.cpu, 1546 limits.memory, limits.ephemeral-storage, requests.cpu, 1547 requests.memory and requests.ephemeral-storage) 1548 are currently supported.' 1549 properties: 1550 containerName: 1551 description: 'Container name: required for 1552 volumes, optional for env vars' 1553 type: string 1554 divisor: 1555 anyOf: 1556 - type: integer 1557 - type: string 1558 description: Specifies the output format of 1559 the exposed resources, defaults to "1" 1560 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 1561 x-kubernetes-int-or-string: true 1562 resource: 1563 description: 'Required: resource to select' 1564 type: string 1565 required: 1566 - resource 1567 type: object 1568 secretKeyRef: 1569 description: Selects a key of a secret in the 1570 pod's namespace 1571 properties: 1572 key: 1573 description: The key of the secret to select 1574 from. Must be a valid secret key. 1575 type: string 1576 name: 1577 description: 'Name of the referent. More info: 1578 https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 1579 TODO: Add other useful fields. apiVersion, 1580 kind, uid?' 1581 type: string 1582 optional: 1583 description: Specify whether the Secret or 1584 its key must be defined 1585 type: boolean 1586 required: 1587 - key 1588 type: object 1589 type: object 1590 required: 1591 - name 1592 type: object 1593 type: array 1594 envFrom: 1595 description: List of sources to populate environment variables 1596 in the container. The keys defined within a source must 1597 be a C_IDENTIFIER. All invalid keys will be reported as 1598 an event when the container is starting. When a key exists 1599 in multiple sources, the value associated with the last 1600 source will take precedence. Values defined by an Env 1601 with a duplicate key will take precedence. Cannot be updated. 1602 items: 1603 description: EnvFromSource represents the source of a 1604 set of ConfigMaps 1605 properties: 1606 configMapRef: 1607 description: The ConfigMap to select from 1608 properties: 1609 name: 1610 description: 'Name of the referent. More info: 1611 https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 1612 TODO: Add other useful fields. apiVersion, kind, 1613 uid?' 1614 type: string 1615 optional: 1616 description: Specify whether the ConfigMap must 1617 be defined 1618 type: boolean 1619 type: object 1620 prefix: 1621 description: An optional identifier to prepend to 1622 each key in the ConfigMap. Must be a C_IDENTIFIER. 1623 type: string 1624 secretRef: 1625 description: The Secret to select from 1626 properties: 1627 name: 1628 description: 'Name of the referent. More info: 1629 https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 1630 TODO: Add other useful fields. apiVersion, kind, 1631 uid?' 1632 type: string 1633 optional: 1634 description: Specify whether the Secret must be 1635 defined 1636 type: boolean 1637 type: object 1638 type: object 1639 type: array 1640 image: 1641 description: 'Docker image name. More info: https://kubernetes.io/docs/concepts/containers/images 1642 This field is optional to allow higher level config management 1643 to default or override container images in workload controllers 1644 like Deployments and StatefulSets.' 1645 type: string 1646 imagePullPolicy: 1647 description: 'Image pull policy. One of Always, Never, IfNotPresent. 1648 Defaults to Always if :latest tag is specified, or IfNotPresent 1649 otherwise. Cannot be updated. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images' 1650 type: string 1651 lifecycle: 1652 description: Actions that the management system should take 1653 in response to container lifecycle events. Cannot be updated. 1654 properties: 1655 postStart: 1656 description: 'PostStart is called immediately after 1657 a container is created. If the handler fails, the 1658 container is terminated and restarted according to 1659 its restart policy. Other management of the container 1660 blocks until the hook completes. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks' 1661 properties: 1662 exec: 1663 description: Exec specifies the action to take. 1664 properties: 1665 command: 1666 description: Command is the command line to 1667 execute inside the container, the working 1668 directory for the command is root ('/') in 1669 the container's filesystem. The command is 1670 simply exec'd, it is not run inside a shell, 1671 so traditional shell instructions ('|', etc) 1672 won't work. To use a shell, you need to explicitly 1673 call out to that shell. Exit status of 0 is 1674 treated as live/healthy and non-zero is unhealthy. 1675 items: 1676 type: string 1677 type: array 1678 type: object 1679 httpGet: 1680 description: HTTPGet specifies the http request 1681 to perform. 1682 properties: 1683 host: 1684 description: Host name to connect to, defaults 1685 to the pod IP. You probably want to set "Host" 1686 in httpHeaders instead. 1687 type: string 1688 httpHeaders: 1689 description: Custom headers to set in the request. 1690 HTTP allows repeated headers. 1691 items: 1692 description: HTTPHeader describes a custom 1693 header to be used in HTTP probes 1694 properties: 1695 name: 1696 description: The header field name 1697 type: string 1698 value: 1699 description: The header field value 1700 type: string 1701 required: 1702 - name 1703 - value 1704 type: object 1705 type: array 1706 path: 1707 description: Path to access on the HTTP server. 1708 type: string 1709 port: 1710 anyOf: 1711 - type: integer 1712 - type: string 1713 description: Name or number of the port to access 1714 on the container. Number must be in the range 1715 1 to 65535. Name must be an IANA_SVC_NAME. 1716 x-kubernetes-int-or-string: true 1717 scheme: 1718 description: Scheme to use for connecting to 1719 the host. Defaults to HTTP. 1720 type: string 1721 required: 1722 - port 1723 type: object 1724 tcpSocket: 1725 description: Deprecated. TCPSocket is NOT supported 1726 as a LifecycleHandler and kept for the backward 1727 compatibility. There are no validation of this 1728 field and lifecycle hooks will fail in runtime 1729 when tcp handler is specified. 1730 properties: 1731 host: 1732 description: 'Optional: Host name to connect 1733 to, defaults to the pod IP.' 1734 type: string 1735 port: 1736 anyOf: 1737 - type: integer 1738 - type: string 1739 description: Number or name of the port to access 1740 on the container. Number must be in the range 1741 1 to 65535. Name must be an IANA_SVC_NAME. 1742 x-kubernetes-int-or-string: true 1743 required: 1744 - port 1745 type: object 1746 type: object 1747 preStop: 1748 description: 'PreStop is called immediately before a 1749 container is terminated due to an API request or management 1750 event such as liveness/startup probe failure, preemption, 1751 resource contention, etc. The handler is not called 1752 if the container crashes or exits. The Pod''s termination 1753 grace period countdown begins before the PreStop hook 1754 is executed. Regardless of the outcome of the handler, 1755 the container will eventually terminate within the 1756 Pod''s termination grace period (unless delayed by 1757 finalizers). Other management of the container blocks 1758 until the hook completes or until the termination 1759 grace period is reached. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks' 1760 properties: 1761 exec: 1762 description: Exec specifies the action to take. 1763 properties: 1764 command: 1765 description: Command is the command line to 1766 execute inside the container, the working 1767 directory for the command is root ('/') in 1768 the container's filesystem. The command is 1769 simply exec'd, it is not run inside a shell, 1770 so traditional shell instructions ('|', etc) 1771 won't work. To use a shell, you need to explicitly 1772 call out to that shell. Exit status of 0 is 1773 treated as live/healthy and non-zero is unhealthy. 1774 items: 1775 type: string 1776 type: array 1777 type: object 1778 httpGet: 1779 description: HTTPGet specifies the http request 1780 to perform. 1781 properties: 1782 host: 1783 description: Host name to connect to, defaults 1784 to the pod IP. You probably want to set "Host" 1785 in httpHeaders instead. 1786 type: string 1787 httpHeaders: 1788 description: Custom headers to set in the request. 1789 HTTP allows repeated headers. 1790 items: 1791 description: HTTPHeader describes a custom 1792 header to be used in HTTP probes 1793 properties: 1794 name: 1795 description: The header field name 1796 type: string 1797 value: 1798 description: The header field value 1799 type: string 1800 required: 1801 - name 1802 - value 1803 type: object 1804 type: array 1805 path: 1806 description: Path to access on the HTTP server. 1807 type: string 1808 port: 1809 anyOf: 1810 - type: integer 1811 - type: string 1812 description: Name or number of the port to access 1813 on the container. Number must be in the range 1814 1 to 65535. Name must be an IANA_SVC_NAME. 1815 x-kubernetes-int-or-string: true 1816 scheme: 1817 description: Scheme to use for connecting to 1818 the host. Defaults to HTTP. 1819 type: string 1820 required: 1821 - port 1822 type: object 1823 tcpSocket: 1824 description: Deprecated. TCPSocket is NOT supported 1825 as a LifecycleHandler and kept for the backward 1826 compatibility. There are no validation of this 1827 field and lifecycle hooks will fail in runtime 1828 when tcp handler is specified. 1829 properties: 1830 host: 1831 description: 'Optional: Host name to connect 1832 to, defaults to the pod IP.' 1833 type: string 1834 port: 1835 anyOf: 1836 - type: integer 1837 - type: string 1838 description: Number or name of the port to access 1839 on the container. Number must be in the range 1840 1 to 65535. Name must be an IANA_SVC_NAME. 1841 x-kubernetes-int-or-string: true 1842 required: 1843 - port 1844 type: object 1845 type: object 1846 type: object 1847 livenessProbe: 1848 description: 'Periodic probe of container liveness. Container 1849 will be restarted if the probe fails. Cannot be updated. 1850 More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' 1851 properties: 1852 exec: 1853 description: Exec specifies the action to take. 1854 properties: 1855 command: 1856 description: Command is the command line to execute 1857 inside the container, the working directory for 1858 the command is root ('/') in the container's 1859 filesystem. The command is simply exec'd, it is 1860 not run inside a shell, so traditional shell instructions 1861 ('|', etc) won't work. To use a shell, you need 1862 to explicitly call out to that shell. Exit status 1863 of 0 is treated as live/healthy and non-zero is 1864 unhealthy. 1865 items: 1866 type: string 1867 type: array 1868 type: object 1869 failureThreshold: 1870 description: Minimum consecutive failures for the probe 1871 to be considered failed after having succeeded. Defaults 1872 to 3. Minimum value is 1. 1873 format: int32 1874 type: integer 1875 grpc: 1876 description: GRPC specifies an action involving a GRPC 1877 port. This is an alpha field and requires enabling 1878 GRPCContainerProbe feature gate. 1879 properties: 1880 port: 1881 description: Port number of the gRPC service. Number 1882 must be in the range 1 to 65535. 1883 format: int32 1884 type: integer 1885 service: 1886 description: "Service is the name of the service 1887 to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). 1888 \n If this is not specified, the default behavior 1889 is defined by gRPC." 1890 type: string 1891 required: 1892 - port 1893 type: object 1894 httpGet: 1895 description: HTTPGet specifies the http request to perform. 1896 properties: 1897 host: 1898 description: Host name to connect to, defaults to 1899 the pod IP. You probably want to set "Host" in 1900 httpHeaders instead. 1901 type: string 1902 httpHeaders: 1903 description: Custom headers to set in the request. 1904 HTTP allows repeated headers. 1905 items: 1906 description: HTTPHeader describes a custom header 1907 to be used in HTTP probes 1908 properties: 1909 name: 1910 description: The header field name 1911 type: string 1912 value: 1913 description: The header field value 1914 type: string 1915 required: 1916 - name 1917 - value 1918 type: object 1919 type: array 1920 path: 1921 description: Path to access on the HTTP server. 1922 type: string 1923 port: 1924 anyOf: 1925 - type: integer 1926 - type: string 1927 description: Name or number of the port to access 1928 on the container. Number must be in the range 1929 1 to 65535. Name must be an IANA_SVC_NAME. 1930 x-kubernetes-int-or-string: true 1931 scheme: 1932 description: Scheme to use for connecting to the 1933 host. Defaults to HTTP. 1934 type: string 1935 required: 1936 - port 1937 type: object 1938 initialDelaySeconds: 1939 description: 'Number of seconds after the container 1940 has started before liveness probes are initiated. 1941 More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' 1942 format: int32 1943 type: integer 1944 periodSeconds: 1945 description: How often (in seconds) to perform the probe. 1946 Default to 10 seconds. Minimum value is 1. 1947 format: int32 1948 type: integer 1949 successThreshold: 1950 description: Minimum consecutive successes for the probe 1951 to be considered successful after having failed. Defaults 1952 to 1. Must be 1 for liveness and startup. Minimum 1953 value is 1. 1954 format: int32 1955 type: integer 1956 tcpSocket: 1957 description: TCPSocket specifies an action involving 1958 a TCP port. 1959 properties: 1960 host: 1961 description: 'Optional: Host name to connect to, 1962 defaults to the pod IP.' 1963 type: string 1964 port: 1965 anyOf: 1966 - type: integer 1967 - type: string 1968 description: Number or name of the port to access 1969 on the container. Number must be in the range 1970 1 to 65535. Name must be an IANA_SVC_NAME. 1971 x-kubernetes-int-or-string: true 1972 required: 1973 - port 1974 type: object 1975 terminationGracePeriodSeconds: 1976 description: Optional duration in seconds the pod needs 1977 to terminate gracefully upon probe failure. The grace 1978 period is the duration in seconds after the processes 1979 running in the pod are sent a termination signal and 1980 the time when the processes are forcibly halted with 1981 a kill signal. Set this value longer than the expected 1982 cleanup time for your process. If this value is nil, 1983 the pod's terminationGracePeriodSeconds will be used. 1984 Otherwise, this value overrides the value provided 1985 by the pod spec. Value must be non-negative integer. 1986 The value zero indicates stop immediately via the 1987 kill signal (no opportunity to shut down). This is 1988 a beta field and requires enabling ProbeTerminationGracePeriod 1989 feature gate. Minimum value is 1. spec.terminationGracePeriodSeconds 1990 is used if unset. 1991 format: int64 1992 type: integer 1993 timeoutSeconds: 1994 description: 'Number of seconds after which the probe 1995 times out. Defaults to 1 second. Minimum value is 1996 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' 1997 format: int32 1998 type: integer 1999 type: object 2000 name: 2001 description: Name of the container specified as a DNS_LABEL. 2002 Each container in a pod must have a unique name (DNS_LABEL). 2003 Cannot be updated. 2004 type: string 2005 ports: 2006 description: List of ports to expose from the container. 2007 Exposing a port here gives the system additional information 2008 about the network connections a container uses, but is 2009 primarily informational. Not specifying a port here DOES 2010 NOT prevent that port from being exposed. Any port which 2011 is listening on the default "0.0.0.0" address inside a 2012 container will be accessible from the network. Cannot 2013 be updated. 2014 items: 2015 description: ContainerPort represents a network port in 2016 a single container. 2017 properties: 2018 containerPort: 2019 description: Number of port to expose on the pod's 2020 IP address. This must be a valid port number, 0 2021 < x < 65536. 2022 format: int32 2023 type: integer 2024 hostIP: 2025 description: What host IP to bind the external port 2026 to. 2027 type: string 2028 hostPort: 2029 description: Number of port to expose on the host. 2030 If specified, this must be a valid port number, 2031 0 < x < 65536. If HostNetwork is specified, this 2032 must match ContainerPort. Most containers do not 2033 need this. 2034 format: int32 2035 type: integer 2036 name: 2037 description: If specified, this must be an IANA_SVC_NAME 2038 and unique within the pod. Each named port in a 2039 pod must have a unique name. Name for the port that 2040 can be referred to by services. 2041 type: string 2042 protocol: 2043 default: TCP 2044 description: Protocol for port. Must be UDP, TCP, 2045 or SCTP. Defaults to "TCP". 2046 type: string 2047 required: 2048 - containerPort 2049 type: object 2050 type: array 2051 x-kubernetes-list-map-keys: 2052 - containerPort 2053 - protocol 2054 x-kubernetes-list-type: map 2055 readinessProbe: 2056 description: 'Periodic probe of container service readiness. 2057 Container will be removed from service endpoints if the 2058 probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' 2059 properties: 2060 exec: 2061 description: Exec specifies the action to take. 2062 properties: 2063 command: 2064 description: Command is the command line to execute 2065 inside the container, the working directory for 2066 the command is root ('/') in the container's 2067 filesystem. The command is simply exec'd, it is 2068 not run inside a shell, so traditional shell instructions 2069 ('|', etc) won't work. To use a shell, you need 2070 to explicitly call out to that shell. Exit status 2071 of 0 is treated as live/healthy and non-zero is 2072 unhealthy. 2073 items: 2074 type: string 2075 type: array 2076 type: object 2077 failureThreshold: 2078 description: Minimum consecutive failures for the probe 2079 to be considered failed after having succeeded. Defaults 2080 to 3. Minimum value is 1. 2081 format: int32 2082 type: integer 2083 grpc: 2084 description: GRPC specifies an action involving a GRPC 2085 port. This is an alpha field and requires enabling 2086 GRPCContainerProbe feature gate. 2087 properties: 2088 port: 2089 description: Port number of the gRPC service. Number 2090 must be in the range 1 to 65535. 2091 format: int32 2092 type: integer 2093 service: 2094 description: "Service is the name of the service 2095 to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). 2096 \n If this is not specified, the default behavior 2097 is defined by gRPC." 2098 type: string 2099 required: 2100 - port 2101 type: object 2102 httpGet: 2103 description: HTTPGet specifies the http request to perform. 2104 properties: 2105 host: 2106 description: Host name to connect to, defaults to 2107 the pod IP. You probably want to set "Host" in 2108 httpHeaders instead. 2109 type: string 2110 httpHeaders: 2111 description: Custom headers to set in the request. 2112 HTTP allows repeated headers. 2113 items: 2114 description: HTTPHeader describes a custom header 2115 to be used in HTTP probes 2116 properties: 2117 name: 2118 description: The header field name 2119 type: string 2120 value: 2121 description: The header field value 2122 type: string 2123 required: 2124 - name 2125 - value 2126 type: object 2127 type: array 2128 path: 2129 description: Path to access on the HTTP server. 2130 type: string 2131 port: 2132 anyOf: 2133 - type: integer 2134 - type: string 2135 description: Name or number of the port to access 2136 on the container. Number must be in the range 2137 1 to 65535. Name must be an IANA_SVC_NAME. 2138 x-kubernetes-int-or-string: true 2139 scheme: 2140 description: Scheme to use for connecting to the 2141 host. Defaults to HTTP. 2142 type: string 2143 required: 2144 - port 2145 type: object 2146 initialDelaySeconds: 2147 description: 'Number of seconds after the container 2148 has started before liveness probes are initiated. 2149 More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' 2150 format: int32 2151 type: integer 2152 periodSeconds: 2153 description: How often (in seconds) to perform the probe. 2154 Default to 10 seconds. Minimum value is 1. 2155 format: int32 2156 type: integer 2157 successThreshold: 2158 description: Minimum consecutive successes for the probe 2159 to be considered successful after having failed. Defaults 2160 to 1. Must be 1 for liveness and startup. Minimum 2161 value is 1. 2162 format: int32 2163 type: integer 2164 tcpSocket: 2165 description: TCPSocket specifies an action involving 2166 a TCP port. 2167 properties: 2168 host: 2169 description: 'Optional: Host name to connect to, 2170 defaults to the pod IP.' 2171 type: string 2172 port: 2173 anyOf: 2174 - type: integer 2175 - type: string 2176 description: Number or name of the port to access 2177 on the container. Number must be in the range 2178 1 to 65535. Name must be an IANA_SVC_NAME. 2179 x-kubernetes-int-or-string: true 2180 required: 2181 - port 2182 type: object 2183 terminationGracePeriodSeconds: 2184 description: Optional duration in seconds the pod needs 2185 to terminate gracefully upon probe failure. The grace 2186 period is the duration in seconds after the processes 2187 running in the pod are sent a termination signal and 2188 the time when the processes are forcibly halted with 2189 a kill signal. Set this value longer than the expected 2190 cleanup time for your process. If this value is nil, 2191 the pod's terminationGracePeriodSeconds will be used. 2192 Otherwise, this value overrides the value provided 2193 by the pod spec. Value must be non-negative integer. 2194 The value zero indicates stop immediately via the 2195 kill signal (no opportunity to shut down). This is 2196 a beta field and requires enabling ProbeTerminationGracePeriod 2197 feature gate. Minimum value is 1. spec.terminationGracePeriodSeconds 2198 is used if unset. 2199 format: int64 2200 type: integer 2201 timeoutSeconds: 2202 description: 'Number of seconds after which the probe 2203 times out. Defaults to 1 second. Minimum value is 2204 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' 2205 format: int32 2206 type: integer 2207 type: object 2208 resources: 2209 description: 'Compute Resources required by this container. 2210 Cannot be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' 2211 properties: 2212 limits: 2213 additionalProperties: 2214 anyOf: 2215 - type: integer 2216 - type: string 2217 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 2218 x-kubernetes-int-or-string: true 2219 description: 'Limits describes the maximum amount of 2220 compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' 2221 type: object 2222 requests: 2223 additionalProperties: 2224 anyOf: 2225 - type: integer 2226 - type: string 2227 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 2228 x-kubernetes-int-or-string: true 2229 description: 'Requests describes the minimum amount 2230 of compute resources required. If Requests is omitted 2231 for a container, it defaults to Limits if that is 2232 explicitly specified, otherwise to an implementation-defined 2233 value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' 2234 type: object 2235 type: object 2236 securityContext: 2237 description: 'SecurityContext defines the security options 2238 the container should be run with. If set, the fields of 2239 SecurityContext override the equivalent fields of PodSecurityContext. 2240 More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/' 2241 properties: 2242 allowPrivilegeEscalation: 2243 description: 'AllowPrivilegeEscalation controls whether 2244 a process can gain more privileges than its parent 2245 process. This bool directly controls if the no_new_privs 2246 flag will be set on the container process. AllowPrivilegeEscalation 2247 is true always when the container is: 1) run as Privileged 2248 2) has CAP_SYS_ADMIN Note that this field cannot be 2249 set when spec.os.name is windows.' 2250 type: boolean 2251 capabilities: 2252 description: The capabilities to add/drop when running 2253 containers. Defaults to the default set of capabilities 2254 granted by the container runtime. Note that this field 2255 cannot be set when spec.os.name is windows. 2256 properties: 2257 add: 2258 description: Added capabilities 2259 items: 2260 description: Capability represent POSIX capabilities 2261 type 2262 type: string 2263 type: array 2264 drop: 2265 description: Removed capabilities 2266 items: 2267 description: Capability represent POSIX capabilities 2268 type 2269 type: string 2270 type: array 2271 type: object 2272 privileged: 2273 description: Run container in privileged mode. Processes 2274 in privileged containers are essentially equivalent 2275 to root on the host. Defaults to false. Note that 2276 this field cannot be set when spec.os.name is windows. 2277 type: boolean 2278 procMount: 2279 description: procMount denotes the type of proc mount 2280 to use for the containers. The default is DefaultProcMount 2281 which uses the container runtime defaults for readonly 2282 paths and masked paths. This requires the ProcMountType 2283 feature flag to be enabled. Note that this field cannot 2284 be set when spec.os.name is windows. 2285 type: string 2286 readOnlyRootFilesystem: 2287 description: Whether this container has a read-only 2288 root filesystem. Default is false. Note that this 2289 field cannot be set when spec.os.name is windows. 2290 type: boolean 2291 runAsGroup: 2292 description: The GID to run the entrypoint of the container 2293 process. Uses runtime default if unset. May also be 2294 set in PodSecurityContext. If set in both SecurityContext 2295 and PodSecurityContext, the value specified in SecurityContext 2296 takes precedence. Note that this field cannot be set 2297 when spec.os.name is windows. 2298 format: int64 2299 type: integer 2300 runAsNonRoot: 2301 description: Indicates that the container must run as 2302 a non-root user. If true, the Kubelet will validate 2303 the image at runtime to ensure that it does not run 2304 as UID 0 (root) and fail to start the container if 2305 it does. If unset or false, no such validation will 2306 be performed. May also be set in PodSecurityContext. If 2307 set in both SecurityContext and PodSecurityContext, 2308 the value specified in SecurityContext takes precedence. 2309 type: boolean 2310 runAsUser: 2311 description: The UID to run the entrypoint of the container 2312 process. Defaults to user specified in image metadata 2313 if unspecified. May also be set in PodSecurityContext. If 2314 set in both SecurityContext and PodSecurityContext, 2315 the value specified in SecurityContext takes precedence. 2316 Note that this field cannot be set when spec.os.name 2317 is windows. 2318 format: int64 2319 type: integer 2320 seLinuxOptions: 2321 description: The SELinux context to be applied to the 2322 container. If unspecified, the container runtime will 2323 allocate a random SELinux context for each container. May 2324 also be set in PodSecurityContext. If set in both 2325 SecurityContext and PodSecurityContext, the value 2326 specified in SecurityContext takes precedence. Note 2327 that this field cannot be set when spec.os.name is 2328 windows. 2329 properties: 2330 level: 2331 description: Level is SELinux level label that applies 2332 to the container. 2333 type: string 2334 role: 2335 description: Role is a SELinux role label that applies 2336 to the container. 2337 type: string 2338 type: 2339 description: Type is a SELinux type label that applies 2340 to the container. 2341 type: string 2342 user: 2343 description: User is a SELinux user label that applies 2344 to the container. 2345 type: string 2346 type: object 2347 seccompProfile: 2348 description: The seccomp options to use by this container. 2349 If seccomp options are provided at both the pod & 2350 container level, the container options override the 2351 pod options. Note that this field cannot be set when 2352 spec.os.name is windows. 2353 properties: 2354 localhostProfile: 2355 description: localhostProfile indicates a profile 2356 defined in a file on the node should be used. 2357 The profile must be preconfigured on the node 2358 to work. Must be a descending path, relative to 2359 the kubelet's configured seccomp profile location. 2360 Must only be set if type is "Localhost". 2361 type: string 2362 type: 2363 description: "type indicates which kind of seccomp 2364 profile will be applied. Valid options are: \n 2365 Localhost - a profile defined in a file on the 2366 node should be used. RuntimeDefault - the container 2367 runtime default profile should be used. Unconfined 2368 - no profile should be applied." 2369 type: string 2370 required: 2371 - type 2372 type: object 2373 windowsOptions: 2374 description: The Windows specific settings applied to 2375 all containers. If unspecified, the options from the 2376 PodSecurityContext will be used. If set in both SecurityContext 2377 and PodSecurityContext, the value specified in SecurityContext 2378 takes precedence. Note that this field cannot be set 2379 when spec.os.name is linux. 2380 properties: 2381 gmsaCredentialSpec: 2382 description: GMSACredentialSpec is where the GMSA 2383 admission webhook (https://github.com/kubernetes-sigs/windows-gmsa) 2384 inlines the contents of the GMSA credential spec 2385 named by the GMSACredentialSpecName field. 2386 type: string 2387 gmsaCredentialSpecName: 2388 description: GMSACredentialSpecName is the name 2389 of the GMSA credential spec to use. 2390 type: string 2391 hostProcess: 2392 description: HostProcess determines if a container 2393 should be run as a 'Host Process' container. This 2394 field is alpha-level and will only be honored 2395 by components that enable the WindowsHostProcessContainers 2396 feature flag. Setting this field without the feature 2397 flag will result in errors when validating the 2398 Pod. All of a Pod's containers must have the same 2399 effective HostProcess value (it is not allowed 2400 to have a mix of HostProcess containers and non-HostProcess 2401 containers). In addition, if HostProcess is true 2402 then HostNetwork must also be set to true. 2403 type: boolean 2404 runAsUserName: 2405 description: The UserName in Windows to run the 2406 entrypoint of the container process. Defaults 2407 to the user specified in image metadata if unspecified. 2408 May also be set in PodSecurityContext. If set 2409 in both SecurityContext and PodSecurityContext, 2410 the value specified in SecurityContext takes precedence. 2411 type: string 2412 type: object 2413 type: object 2414 startupProbe: 2415 description: 'StartupProbe indicates that the Pod has successfully 2416 initialized. If specified, no other probes are executed 2417 until this completes successfully. If this probe fails, 2418 the Pod will be restarted, just as if the livenessProbe 2419 failed. This can be used to provide different probe parameters 2420 at the beginning of a Pod''s lifecycle, when it might 2421 take a long time to load data or warm a cache, than during 2422 steady-state operation. This cannot be updated. More info: 2423 https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' 2424 properties: 2425 exec: 2426 description: Exec specifies the action to take. 2427 properties: 2428 command: 2429 description: Command is the command line to execute 2430 inside the container, the working directory for 2431 the command is root ('/') in the container's 2432 filesystem. The command is simply exec'd, it is 2433 not run inside a shell, so traditional shell instructions 2434 ('|', etc) won't work. To use a shell, you need 2435 to explicitly call out to that shell. Exit status 2436 of 0 is treated as live/healthy and non-zero is 2437 unhealthy. 2438 items: 2439 type: string 2440 type: array 2441 type: object 2442 failureThreshold: 2443 description: Minimum consecutive failures for the probe 2444 to be considered failed after having succeeded. Defaults 2445 to 3. Minimum value is 1. 2446 format: int32 2447 type: integer 2448 grpc: 2449 description: GRPC specifies an action involving a GRPC 2450 port. This is an alpha field and requires enabling 2451 GRPCContainerProbe feature gate. 2452 properties: 2453 port: 2454 description: Port number of the gRPC service. Number 2455 must be in the range 1 to 65535. 2456 format: int32 2457 type: integer 2458 service: 2459 description: "Service is the name of the service 2460 to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). 2461 \n If this is not specified, the default behavior 2462 is defined by gRPC." 2463 type: string 2464 required: 2465 - port 2466 type: object 2467 httpGet: 2468 description: HTTPGet specifies the http request to perform. 2469 properties: 2470 host: 2471 description: Host name to connect to, defaults to 2472 the pod IP. You probably want to set "Host" in 2473 httpHeaders instead. 2474 type: string 2475 httpHeaders: 2476 description: Custom headers to set in the request. 2477 HTTP allows repeated headers. 2478 items: 2479 description: HTTPHeader describes a custom header 2480 to be used in HTTP probes 2481 properties: 2482 name: 2483 description: The header field name 2484 type: string 2485 value: 2486 description: The header field value 2487 type: string 2488 required: 2489 - name 2490 - value 2491 type: object 2492 type: array 2493 path: 2494 description: Path to access on the HTTP server. 2495 type: string 2496 port: 2497 anyOf: 2498 - type: integer 2499 - type: string 2500 description: Name or number of the port to access 2501 on the container. Number must be in the range 2502 1 to 65535. Name must be an IANA_SVC_NAME. 2503 x-kubernetes-int-or-string: true 2504 scheme: 2505 description: Scheme to use for connecting to the 2506 host. Defaults to HTTP. 2507 type: string 2508 required: 2509 - port 2510 type: object 2511 initialDelaySeconds: 2512 description: 'Number of seconds after the container 2513 has started before liveness probes are initiated. 2514 More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' 2515 format: int32 2516 type: integer 2517 periodSeconds: 2518 description: How often (in seconds) to perform the probe. 2519 Default to 10 seconds. Minimum value is 1. 2520 format: int32 2521 type: integer 2522 successThreshold: 2523 description: Minimum consecutive successes for the probe 2524 to be considered successful after having failed. Defaults 2525 to 1. Must be 1 for liveness and startup. Minimum 2526 value is 1. 2527 format: int32 2528 type: integer 2529 tcpSocket: 2530 description: TCPSocket specifies an action involving 2531 a TCP port. 2532 properties: 2533 host: 2534 description: 'Optional: Host name to connect to, 2535 defaults to the pod IP.' 2536 type: string 2537 port: 2538 anyOf: 2539 - type: integer 2540 - type: string 2541 description: Number or name of the port to access 2542 on the container. Number must be in the range 2543 1 to 65535. Name must be an IANA_SVC_NAME. 2544 x-kubernetes-int-or-string: true 2545 required: 2546 - port 2547 type: object 2548 terminationGracePeriodSeconds: 2549 description: Optional duration in seconds the pod needs 2550 to terminate gracefully upon probe failure. The grace 2551 period is the duration in seconds after the processes 2552 running in the pod are sent a termination signal and 2553 the time when the processes are forcibly halted with 2554 a kill signal. Set this value longer than the expected 2555 cleanup time for your process. If this value is nil, 2556 the pod's terminationGracePeriodSeconds will be used. 2557 Otherwise, this value overrides the value provided 2558 by the pod spec. Value must be non-negative integer. 2559 The value zero indicates stop immediately via the 2560 kill signal (no opportunity to shut down). This is 2561 a beta field and requires enabling ProbeTerminationGracePeriod 2562 feature gate. Minimum value is 1. spec.terminationGracePeriodSeconds 2563 is used if unset. 2564 format: int64 2565 type: integer 2566 timeoutSeconds: 2567 description: 'Number of seconds after which the probe 2568 times out. Defaults to 1 second. Minimum value is 2569 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' 2570 format: int32 2571 type: integer 2572 type: object 2573 stdin: 2574 description: Whether this container should allocate a buffer 2575 for stdin in the container runtime. If this is not set, 2576 reads from stdin in the container will always result in 2577 EOF. Default is false. 2578 type: boolean 2579 stdinOnce: 2580 description: Whether the container runtime should close 2581 the stdin channel after it has been opened by a single 2582 attach. When stdin is true the stdin stream will remain 2583 open across multiple attach sessions. If stdinOnce is 2584 set to true, stdin is opened on container start, is empty 2585 until the first client attaches to stdin, and then remains 2586 open and accepts data until the client disconnects, at 2587 which time stdin is closed and remains closed until the 2588 container is restarted. If this flag is false, a container 2589 processes that reads from stdin will never receive an 2590 EOF. Default is false 2591 type: boolean 2592 terminationMessagePath: 2593 description: 'Optional: Path at which the file to which 2594 the container''s termination message will be written is 2595 mounted into the container''s filesystem. Message written 2596 is intended to be brief final status, such as an assertion 2597 failure message. Will be truncated by the node if greater 2598 than 4096 bytes. The total message length across all containers 2599 will be limited to 12kb. Defaults to /dev/termination-log. 2600 Cannot be updated.' 2601 type: string 2602 terminationMessagePolicy: 2603 description: Indicate how the termination message should 2604 be populated. File will use the contents of terminationMessagePath 2605 to populate the container status message on both success 2606 and failure. FallbackToLogsOnError will use the last chunk 2607 of container log output if the termination message file 2608 is empty and the container exited with an error. The log 2609 output is limited to 2048 bytes or 80 lines, whichever 2610 is smaller. Defaults to File. Cannot be updated. 2611 type: string 2612 tty: 2613 description: Whether this container should allocate a TTY 2614 for itself, also requires 'stdin' to be true. Default 2615 is false. 2616 type: boolean 2617 volumeDevices: 2618 description: volumeDevices is the list of block devices 2619 to be used by the container. 2620 items: 2621 description: volumeDevice describes a mapping of a raw 2622 block device within a container. 2623 properties: 2624 devicePath: 2625 description: devicePath is the path inside of the 2626 container that the device will be mapped to. 2627 type: string 2628 name: 2629 description: name must match the name of a persistentVolumeClaim 2630 in the pod 2631 type: string 2632 required: 2633 - devicePath 2634 - name 2635 type: object 2636 type: array 2637 volumeMounts: 2638 description: Pod volumes to mount into the container's filesystem. 2639 Cannot be updated. 2640 items: 2641 description: VolumeMount describes a mounting of a Volume 2642 within a container. 2643 properties: 2644 mountPath: 2645 description: Path within the container at which the 2646 volume should be mounted. Must not contain ':'. 2647 type: string 2648 mountPropagation: 2649 description: mountPropagation determines how mounts 2650 are propagated from the host to container and the 2651 other way around. When not set, MountPropagationNone 2652 is used. This field is beta in 1.10. 2653 type: string 2654 name: 2655 description: This must match the Name of a Volume. 2656 type: string 2657 readOnly: 2658 description: Mounted read-only if true, read-write 2659 otherwise (false or unspecified). Defaults to false. 2660 type: boolean 2661 subPath: 2662 description: Path within the volume from which the 2663 container's volume should be mounted. Defaults to 2664 "" (volume's root). 2665 type: string 2666 subPathExpr: 2667 description: Expanded path within the volume from 2668 which the container's volume should be mounted. 2669 Behaves similarly to SubPath but environment variable 2670 references $(VAR_NAME) are expanded using the container's 2671 environment. Defaults to "" (volume's root). SubPathExpr 2672 and SubPath are mutually exclusive. 2673 type: string 2674 required: 2675 - mountPath 2676 - name 2677 type: object 2678 type: array 2679 workingDir: 2680 description: Container's working directory. If not specified, 2681 the container runtime's default will be used, which might 2682 be configured in the container image. Cannot be updated. 2683 type: string 2684 required: 2685 - name 2686 type: object 2687 type: array 2688 logFormat: 2689 description: LogFormat describes the log format that should be 2690 used by the Repo Server. Defaults to ArgoCDDefaultLogFormat 2691 if not configured. Valid options are text or json. 2692 type: string 2693 logLevel: 2694 description: LogLevel describes the log level that should be used 2695 by the Repo Server. Defaults to ArgoCDDefaultLogLevel if not 2696 set. Valid options are debug, info, error, and warn. 2697 type: string 2698 mountsatoken: 2699 description: MountSAToken describes whether you would like to 2700 have the Repo server mount the service account token 2701 type: boolean 2702 replicas: 2703 description: Replicas defines the number of replicas for argocd-repo-server. 2704 Value should be greater than or equal to 0. Default is nil. 2705 format: int32 2706 type: integer 2707 resources: 2708 description: Resources defines the Compute Resources required 2709 by the container for Redis. 2710 properties: 2711 limits: 2712 additionalProperties: 2713 anyOf: 2714 - type: integer 2715 - type: string 2716 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 2717 x-kubernetes-int-or-string: true 2718 description: 'Limits describes the maximum amount of compute 2719 resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' 2720 type: object 2721 requests: 2722 additionalProperties: 2723 anyOf: 2724 - type: integer 2725 - type: string 2726 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 2727 x-kubernetes-int-or-string: true 2728 description: 'Requests describes the minimum amount of compute 2729 resources required. If Requests is omitted for a container, 2730 it defaults to Limits if that is explicitly specified, otherwise 2731 to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' 2732 type: object 2733 type: object 2734 serviceaccount: 2735 description: ServiceAccount defines the ServiceAccount user that 2736 you would like the Repo server to use 2737 type: string 2738 sidecarContainers: 2739 description: SidecarContainers defines the list of sidecar containers 2740 for the repo server deployment 2741 items: 2742 description: A single application container that you want to 2743 run within a pod. 2744 properties: 2745 args: 2746 description: 'Arguments to the entrypoint. The docker image''s 2747 CMD is used if this is not provided. Variable references 2748 $(VAR_NAME) are expanded using the container''s environment. 2749 If a variable cannot be resolved, the reference in the 2750 input string will be unchanged. Double $$ are reduced 2751 to a single $, which allows for escaping the $(VAR_NAME) 2752 syntax: i.e. "$$(VAR_NAME)" will produce the string literal 2753 "$(VAR_NAME)". Escaped references will never be expanded, 2754 regardless of whether the variable exists or not. Cannot 2755 be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell' 2756 items: 2757 type: string 2758 type: array 2759 command: 2760 description: 'Entrypoint array. Not executed within a shell. 2761 The docker image''s ENTRYPOINT is used if this is not 2762 provided. Variable references $(VAR_NAME) are expanded 2763 using the container''s environment. If a variable cannot 2764 be resolved, the reference in the input string will be 2765 unchanged. Double $$ are reduced to a single $, which 2766 allows for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" 2767 will produce the string literal "$(VAR_NAME)". Escaped 2768 references will never be expanded, regardless of whether 2769 the variable exists or not. Cannot be updated. More info: 2770 https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell' 2771 items: 2772 type: string 2773 type: array 2774 env: 2775 description: List of environment variables to set in the 2776 container. Cannot be updated. 2777 items: 2778 description: EnvVar represents an environment variable 2779 present in a Container. 2780 properties: 2781 name: 2782 description: Name of the environment variable. Must 2783 be a C_IDENTIFIER. 2784 type: string 2785 value: 2786 description: 'Variable references $(VAR_NAME) are 2787 expanded using the previously defined environment 2788 variables in the container and any service environment 2789 variables. If a variable cannot be resolved, the 2790 reference in the input string will be unchanged. 2791 Double $$ are reduced to a single $, which allows 2792 for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" 2793 will produce the string literal "$(VAR_NAME)". Escaped 2794 references will never be expanded, regardless of 2795 whether the variable exists or not. Defaults to 2796 "".' 2797 type: string 2798 valueFrom: 2799 description: Source for the environment variable's 2800 value. Cannot be used if value is not empty. 2801 properties: 2802 configMapKeyRef: 2803 description: Selects a key of a ConfigMap. 2804 properties: 2805 key: 2806 description: The key to select. 2807 type: string 2808 name: 2809 description: 'Name of the referent. More info: 2810 https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 2811 TODO: Add other useful fields. apiVersion, 2812 kind, uid?' 2813 type: string 2814 optional: 2815 description: Specify whether the ConfigMap 2816 or its key must be defined 2817 type: boolean 2818 required: 2819 - key 2820 type: object 2821 fieldRef: 2822 description: 'Selects a field of the pod: supports 2823 metadata.name, metadata.namespace, `metadata.labels[''<KEY>'']`, 2824 `metadata.annotations[''<KEY>'']`, spec.nodeName, 2825 spec.serviceAccountName, status.hostIP, status.podIP, 2826 status.podIPs.' 2827 properties: 2828 apiVersion: 2829 description: Version of the schema the FieldPath 2830 is written in terms of, defaults to "v1". 2831 type: string 2832 fieldPath: 2833 description: Path of the field to select in 2834 the specified API version. 2835 type: string 2836 required: 2837 - fieldPath 2838 type: object 2839 resourceFieldRef: 2840 description: 'Selects a resource of the container: 2841 only resources limits and requests (limits.cpu, 2842 limits.memory, limits.ephemeral-storage, requests.cpu, 2843 requests.memory and requests.ephemeral-storage) 2844 are currently supported.' 2845 properties: 2846 containerName: 2847 description: 'Container name: required for 2848 volumes, optional for env vars' 2849 type: string 2850 divisor: 2851 anyOf: 2852 - type: integer 2853 - type: string 2854 description: Specifies the output format of 2855 the exposed resources, defaults to "1" 2856 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 2857 x-kubernetes-int-or-string: true 2858 resource: 2859 description: 'Required: resource to select' 2860 type: string 2861 required: 2862 - resource 2863 type: object 2864 secretKeyRef: 2865 description: Selects a key of a secret in the 2866 pod's namespace 2867 properties: 2868 key: 2869 description: The key of the secret to select 2870 from. Must be a valid secret key. 2871 type: string 2872 name: 2873 description: 'Name of the referent. More info: 2874 https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 2875 TODO: Add other useful fields. apiVersion, 2876 kind, uid?' 2877 type: string 2878 optional: 2879 description: Specify whether the Secret or 2880 its key must be defined 2881 type: boolean 2882 required: 2883 - key 2884 type: object 2885 type: object 2886 required: 2887 - name 2888 type: object 2889 type: array 2890 envFrom: 2891 description: List of sources to populate environment variables 2892 in the container. The keys defined within a source must 2893 be a C_IDENTIFIER. All invalid keys will be reported as 2894 an event when the container is starting. When a key exists 2895 in multiple sources, the value associated with the last 2896 source will take precedence. Values defined by an Env 2897 with a duplicate key will take precedence. Cannot be updated. 2898 items: 2899 description: EnvFromSource represents the source of a 2900 set of ConfigMaps 2901 properties: 2902 configMapRef: 2903 description: The ConfigMap to select from 2904 properties: 2905 name: 2906 description: 'Name of the referent. More info: 2907 https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 2908 TODO: Add other useful fields. apiVersion, kind, 2909 uid?' 2910 type: string 2911 optional: 2912 description: Specify whether the ConfigMap must 2913 be defined 2914 type: boolean 2915 type: object 2916 prefix: 2917 description: An optional identifier to prepend to 2918 each key in the ConfigMap. Must be a C_IDENTIFIER. 2919 type: string 2920 secretRef: 2921 description: The Secret to select from 2922 properties: 2923 name: 2924 description: 'Name of the referent. More info: 2925 https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 2926 TODO: Add other useful fields. apiVersion, kind, 2927 uid?' 2928 type: string 2929 optional: 2930 description: Specify whether the Secret must be 2931 defined 2932 type: boolean 2933 type: object 2934 type: object 2935 type: array 2936 image: 2937 description: 'Docker image name. More info: https://kubernetes.io/docs/concepts/containers/images 2938 This field is optional to allow higher level config management 2939 to default or override container images in workload controllers 2940 like Deployments and StatefulSets.' 2941 type: string 2942 imagePullPolicy: 2943 description: 'Image pull policy. One of Always, Never, IfNotPresent. 2944 Defaults to Always if :latest tag is specified, or IfNotPresent 2945 otherwise. Cannot be updated. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images' 2946 type: string 2947 lifecycle: 2948 description: Actions that the management system should take 2949 in response to container lifecycle events. Cannot be updated. 2950 properties: 2951 postStart: 2952 description: 'PostStart is called immediately after 2953 a container is created. If the handler fails, the 2954 container is terminated and restarted according to 2955 its restart policy. Other management of the container 2956 blocks until the hook completes. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks' 2957 properties: 2958 exec: 2959 description: Exec specifies the action to take. 2960 properties: 2961 command: 2962 description: Command is the command line to 2963 execute inside the container, the working 2964 directory for the command is root ('/') in 2965 the container's filesystem. The command is 2966 simply exec'd, it is not run inside a shell, 2967 so traditional shell instructions ('|', etc) 2968 won't work. To use a shell, you need to explicitly 2969 call out to that shell. Exit status of 0 is 2970 treated as live/healthy and non-zero is unhealthy. 2971 items: 2972 type: string 2973 type: array 2974 type: object 2975 httpGet: 2976 description: HTTPGet specifies the http request 2977 to perform. 2978 properties: 2979 host: 2980 description: Host name to connect to, defaults 2981 to the pod IP. You probably want to set "Host" 2982 in httpHeaders instead. 2983 type: string 2984 httpHeaders: 2985 description: Custom headers to set in the request. 2986 HTTP allows repeated headers. 2987 items: 2988 description: HTTPHeader describes a custom 2989 header to be used in HTTP probes 2990 properties: 2991 name: 2992 description: The header field name 2993 type: string 2994 value: 2995 description: The header field value 2996 type: string 2997 required: 2998 - name 2999 - value 3000 type: object 3001 type: array 3002 path: 3003 description: Path to access on the HTTP server. 3004 type: string 3005 port: 3006 anyOf: 3007 - type: integer 3008 - type: string 3009 description: Name or number of the port to access 3010 on the container. Number must be in the range 3011 1 to 65535. Name must be an IANA_SVC_NAME. 3012 x-kubernetes-int-or-string: true 3013 scheme: 3014 description: Scheme to use for connecting to 3015 the host. Defaults to HTTP. 3016 type: string 3017 required: 3018 - port 3019 type: object 3020 tcpSocket: 3021 description: Deprecated. TCPSocket is NOT supported 3022 as a LifecycleHandler and kept for the backward 3023 compatibility. There are no validation of this 3024 field and lifecycle hooks will fail in runtime 3025 when tcp handler is specified. 3026 properties: 3027 host: 3028 description: 'Optional: Host name to connect 3029 to, defaults to the pod IP.' 3030 type: string 3031 port: 3032 anyOf: 3033 - type: integer 3034 - type: string 3035 description: Number or name of the port to access 3036 on the container. Number must be in the range 3037 1 to 65535. Name must be an IANA_SVC_NAME. 3038 x-kubernetes-int-or-string: true 3039 required: 3040 - port 3041 type: object 3042 type: object 3043 preStop: 3044 description: 'PreStop is called immediately before a 3045 container is terminated due to an API request or management 3046 event such as liveness/startup probe failure, preemption, 3047 resource contention, etc. The handler is not called 3048 if the container crashes or exits. The Pod''s termination 3049 grace period countdown begins before the PreStop hook 3050 is executed. Regardless of the outcome of the handler, 3051 the container will eventually terminate within the 3052 Pod''s termination grace period (unless delayed by 3053 finalizers). Other management of the container blocks 3054 until the hook completes or until the termination 3055 grace period is reached. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks' 3056 properties: 3057 exec: 3058 description: Exec specifies the action to take. 3059 properties: 3060 command: 3061 description: Command is the command line to 3062 execute inside the container, the working 3063 directory for the command is root ('/') in 3064 the container's filesystem. The command is 3065 simply exec'd, it is not run inside a shell, 3066 so traditional shell instructions ('|', etc) 3067 won't work. To use a shell, you need to explicitly 3068 call out to that shell. Exit status of 0 is 3069 treated as live/healthy and non-zero is unhealthy. 3070 items: 3071 type: string 3072 type: array 3073 type: object 3074 httpGet: 3075 description: HTTPGet specifies the http request 3076 to perform. 3077 properties: 3078 host: 3079 description: Host name to connect to, defaults 3080 to the pod IP. You probably want to set "Host" 3081 in httpHeaders instead. 3082 type: string 3083 httpHeaders: 3084 description: Custom headers to set in the request. 3085 HTTP allows repeated headers. 3086 items: 3087 description: HTTPHeader describes a custom 3088 header to be used in HTTP probes 3089 properties: 3090 name: 3091 description: The header field name 3092 type: string 3093 value: 3094 description: The header field value 3095 type: string 3096 required: 3097 - name 3098 - value 3099 type: object 3100 type: array 3101 path: 3102 description: Path to access on the HTTP server. 3103 type: string 3104 port: 3105 anyOf: 3106 - type: integer 3107 - type: string 3108 description: Name or number of the port to access 3109 on the container. Number must be in the range 3110 1 to 65535. Name must be an IANA_SVC_NAME. 3111 x-kubernetes-int-or-string: true 3112 scheme: 3113 description: Scheme to use for connecting to 3114 the host. Defaults to HTTP. 3115 type: string 3116 required: 3117 - port 3118 type: object 3119 tcpSocket: 3120 description: Deprecated. TCPSocket is NOT supported 3121 as a LifecycleHandler and kept for the backward 3122 compatibility. There are no validation of this 3123 field and lifecycle hooks will fail in runtime 3124 when tcp handler is specified. 3125 properties: 3126 host: 3127 description: 'Optional: Host name to connect 3128 to, defaults to the pod IP.' 3129 type: string 3130 port: 3131 anyOf: 3132 - type: integer 3133 - type: string 3134 description: Number or name of the port to access 3135 on the container. Number must be in the range 3136 1 to 65535. Name must be an IANA_SVC_NAME. 3137 x-kubernetes-int-or-string: true 3138 required: 3139 - port 3140 type: object 3141 type: object 3142 type: object 3143 livenessProbe: 3144 description: 'Periodic probe of container liveness. Container 3145 will be restarted if the probe fails. Cannot be updated. 3146 More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' 3147 properties: 3148 exec: 3149 description: Exec specifies the action to take. 3150 properties: 3151 command: 3152 description: Command is the command line to execute 3153 inside the container, the working directory for 3154 the command is root ('/') in the container's 3155 filesystem. The command is simply exec'd, it is 3156 not run inside a shell, so traditional shell instructions 3157 ('|', etc) won't work. To use a shell, you need 3158 to explicitly call out to that shell. Exit status 3159 of 0 is treated as live/healthy and non-zero is 3160 unhealthy. 3161 items: 3162 type: string 3163 type: array 3164 type: object 3165 failureThreshold: 3166 description: Minimum consecutive failures for the probe 3167 to be considered failed after having succeeded. Defaults 3168 to 3. Minimum value is 1. 3169 format: int32 3170 type: integer 3171 grpc: 3172 description: GRPC specifies an action involving a GRPC 3173 port. This is an alpha field and requires enabling 3174 GRPCContainerProbe feature gate. 3175 properties: 3176 port: 3177 description: Port number of the gRPC service. Number 3178 must be in the range 1 to 65535. 3179 format: int32 3180 type: integer 3181 service: 3182 description: "Service is the name of the service 3183 to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). 3184 \n If this is not specified, the default behavior 3185 is defined by gRPC." 3186 type: string 3187 required: 3188 - port 3189 type: object 3190 httpGet: 3191 description: HTTPGet specifies the http request to perform. 3192 properties: 3193 host: 3194 description: Host name to connect to, defaults to 3195 the pod IP. You probably want to set "Host" in 3196 httpHeaders instead. 3197 type: string 3198 httpHeaders: 3199 description: Custom headers to set in the request. 3200 HTTP allows repeated headers. 3201 items: 3202 description: HTTPHeader describes a custom header 3203 to be used in HTTP probes 3204 properties: 3205 name: 3206 description: The header field name 3207 type: string 3208 value: 3209 description: The header field value 3210 type: string 3211 required: 3212 - name 3213 - value 3214 type: object 3215 type: array 3216 path: 3217 description: Path to access on the HTTP server. 3218 type: string 3219 port: 3220 anyOf: 3221 - type: integer 3222 - type: string 3223 description: Name or number of the port to access 3224 on the container. Number must be in the range 3225 1 to 65535. Name must be an IANA_SVC_NAME. 3226 x-kubernetes-int-or-string: true 3227 scheme: 3228 description: Scheme to use for connecting to the 3229 host. Defaults to HTTP. 3230 type: string 3231 required: 3232 - port 3233 type: object 3234 initialDelaySeconds: 3235 description: 'Number of seconds after the container 3236 has started before liveness probes are initiated. 3237 More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' 3238 format: int32 3239 type: integer 3240 periodSeconds: 3241 description: How often (in seconds) to perform the probe. 3242 Default to 10 seconds. Minimum value is 1. 3243 format: int32 3244 type: integer 3245 successThreshold: 3246 description: Minimum consecutive successes for the probe 3247 to be considered successful after having failed. Defaults 3248 to 1. Must be 1 for liveness and startup. Minimum 3249 value is 1. 3250 format: int32 3251 type: integer 3252 tcpSocket: 3253 description: TCPSocket specifies an action involving 3254 a TCP port. 3255 properties: 3256 host: 3257 description: 'Optional: Host name to connect to, 3258 defaults to the pod IP.' 3259 type: string 3260 port: 3261 anyOf: 3262 - type: integer 3263 - type: string 3264 description: Number or name of the port to access 3265 on the container. Number must be in the range 3266 1 to 65535. Name must be an IANA_SVC_NAME. 3267 x-kubernetes-int-or-string: true 3268 required: 3269 - port 3270 type: object 3271 terminationGracePeriodSeconds: 3272 description: Optional duration in seconds the pod needs 3273 to terminate gracefully upon probe failure. The grace 3274 period is the duration in seconds after the processes 3275 running in the pod are sent a termination signal and 3276 the time when the processes are forcibly halted with 3277 a kill signal. Set this value longer than the expected 3278 cleanup time for your process. If this value is nil, 3279 the pod's terminationGracePeriodSeconds will be used. 3280 Otherwise, this value overrides the value provided 3281 by the pod spec. Value must be non-negative integer. 3282 The value zero indicates stop immediately via the 3283 kill signal (no opportunity to shut down). This is 3284 a beta field and requires enabling ProbeTerminationGracePeriod 3285 feature gate. Minimum value is 1. spec.terminationGracePeriodSeconds 3286 is used if unset. 3287 format: int64 3288 type: integer 3289 timeoutSeconds: 3290 description: 'Number of seconds after which the probe 3291 times out. Defaults to 1 second. Minimum value is 3292 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' 3293 format: int32 3294 type: integer 3295 type: object 3296 name: 3297 description: Name of the container specified as a DNS_LABEL. 3298 Each container in a pod must have a unique name (DNS_LABEL). 3299 Cannot be updated. 3300 type: string 3301 ports: 3302 description: List of ports to expose from the container. 3303 Exposing a port here gives the system additional information 3304 about the network connections a container uses, but is 3305 primarily informational. Not specifying a port here DOES 3306 NOT prevent that port from being exposed. Any port which 3307 is listening on the default "0.0.0.0" address inside a 3308 container will be accessible from the network. Cannot 3309 be updated. 3310 items: 3311 description: ContainerPort represents a network port in 3312 a single container. 3313 properties: 3314 containerPort: 3315 description: Number of port to expose on the pod's 3316 IP address. This must be a valid port number, 0 3317 < x < 65536. 3318 format: int32 3319 type: integer 3320 hostIP: 3321 description: What host IP to bind the external port 3322 to. 3323 type: string 3324 hostPort: 3325 description: Number of port to expose on the host. 3326 If specified, this must be a valid port number, 3327 0 < x < 65536. If HostNetwork is specified, this 3328 must match ContainerPort. Most containers do not 3329 need this. 3330 format: int32 3331 type: integer 3332 name: 3333 description: If specified, this must be an IANA_SVC_NAME 3334 and unique within the pod. Each named port in a 3335 pod must have a unique name. Name for the port that 3336 can be referred to by services. 3337 type: string 3338 protocol: 3339 default: TCP 3340 description: Protocol for port. Must be UDP, TCP, 3341 or SCTP. Defaults to "TCP". 3342 type: string 3343 required: 3344 - containerPort 3345 type: object 3346 type: array 3347 x-kubernetes-list-map-keys: 3348 - containerPort 3349 - protocol 3350 x-kubernetes-list-type: map 3351 readinessProbe: 3352 description: 'Periodic probe of container service readiness. 3353 Container will be removed from service endpoints if the 3354 probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' 3355 properties: 3356 exec: 3357 description: Exec specifies the action to take. 3358 properties: 3359 command: 3360 description: Command is the command line to execute 3361 inside the container, the working directory for 3362 the command is root ('/') in the container's 3363 filesystem. The command is simply exec'd, it is 3364 not run inside a shell, so traditional shell instructions 3365 ('|', etc) won't work. To use a shell, you need 3366 to explicitly call out to that shell. Exit status 3367 of 0 is treated as live/healthy and non-zero is 3368 unhealthy. 3369 items: 3370 type: string 3371 type: array 3372 type: object 3373 failureThreshold: 3374 description: Minimum consecutive failures for the probe 3375 to be considered failed after having succeeded. Defaults 3376 to 3. Minimum value is 1. 3377 format: int32 3378 type: integer 3379 grpc: 3380 description: GRPC specifies an action involving a GRPC 3381 port. This is an alpha field and requires enabling 3382 GRPCContainerProbe feature gate. 3383 properties: 3384 port: 3385 description: Port number of the gRPC service. Number 3386 must be in the range 1 to 65535. 3387 format: int32 3388 type: integer 3389 service: 3390 description: "Service is the name of the service 3391 to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). 3392 \n If this is not specified, the default behavior 3393 is defined by gRPC." 3394 type: string 3395 required: 3396 - port 3397 type: object 3398 httpGet: 3399 description: HTTPGet specifies the http request to perform. 3400 properties: 3401 host: 3402 description: Host name to connect to, defaults to 3403 the pod IP. You probably want to set "Host" in 3404 httpHeaders instead. 3405 type: string 3406 httpHeaders: 3407 description: Custom headers to set in the request. 3408 HTTP allows repeated headers. 3409 items: 3410 description: HTTPHeader describes a custom header 3411 to be used in HTTP probes 3412 properties: 3413 name: 3414 description: The header field name 3415 type: string 3416 value: 3417 description: The header field value 3418 type: string 3419 required: 3420 - name 3421 - value 3422 type: object 3423 type: array 3424 path: 3425 description: Path to access on the HTTP server. 3426 type: string 3427 port: 3428 anyOf: 3429 - type: integer 3430 - type: string 3431 description: Name or number of the port to access 3432 on the container. Number must be in the range 3433 1 to 65535. Name must be an IANA_SVC_NAME. 3434 x-kubernetes-int-or-string: true 3435 scheme: 3436 description: Scheme to use for connecting to the 3437 host. Defaults to HTTP. 3438 type: string 3439 required: 3440 - port 3441 type: object 3442 initialDelaySeconds: 3443 description: 'Number of seconds after the container 3444 has started before liveness probes are initiated. 3445 More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' 3446 format: int32 3447 type: integer 3448 periodSeconds: 3449 description: How often (in seconds) to perform the probe. 3450 Default to 10 seconds. Minimum value is 1. 3451 format: int32 3452 type: integer 3453 successThreshold: 3454 description: Minimum consecutive successes for the probe 3455 to be considered successful after having failed. Defaults 3456 to 1. Must be 1 for liveness and startup. Minimum 3457 value is 1. 3458 format: int32 3459 type: integer 3460 tcpSocket: 3461 description: TCPSocket specifies an action involving 3462 a TCP port. 3463 properties: 3464 host: 3465 description: 'Optional: Host name to connect to, 3466 defaults to the pod IP.' 3467 type: string 3468 port: 3469 anyOf: 3470 - type: integer 3471 - type: string 3472 description: Number or name of the port to access 3473 on the container. Number must be in the range 3474 1 to 65535. Name must be an IANA_SVC_NAME. 3475 x-kubernetes-int-or-string: true 3476 required: 3477 - port 3478 type: object 3479 terminationGracePeriodSeconds: 3480 description: Optional duration in seconds the pod needs 3481 to terminate gracefully upon probe failure. The grace 3482 period is the duration in seconds after the processes 3483 running in the pod are sent a termination signal and 3484 the time when the processes are forcibly halted with 3485 a kill signal. Set this value longer than the expected 3486 cleanup time for your process. If this value is nil, 3487 the pod's terminationGracePeriodSeconds will be used. 3488 Otherwise, this value overrides the value provided 3489 by the pod spec. Value must be non-negative integer. 3490 The value zero indicates stop immediately via the 3491 kill signal (no opportunity to shut down). This is 3492 a beta field and requires enabling ProbeTerminationGracePeriod 3493 feature gate. Minimum value is 1. spec.terminationGracePeriodSeconds 3494 is used if unset. 3495 format: int64 3496 type: integer 3497 timeoutSeconds: 3498 description: 'Number of seconds after which the probe 3499 times out. Defaults to 1 second. Minimum value is 3500 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' 3501 format: int32 3502 type: integer 3503 type: object 3504 resources: 3505 description: 'Compute Resources required by this container. 3506 Cannot be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' 3507 properties: 3508 limits: 3509 additionalProperties: 3510 anyOf: 3511 - type: integer 3512 - type: string 3513 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 3514 x-kubernetes-int-or-string: true 3515 description: 'Limits describes the maximum amount of 3516 compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' 3517 type: object 3518 requests: 3519 additionalProperties: 3520 anyOf: 3521 - type: integer 3522 - type: string 3523 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 3524 x-kubernetes-int-or-string: true 3525 description: 'Requests describes the minimum amount 3526 of compute resources required. If Requests is omitted 3527 for a container, it defaults to Limits if that is 3528 explicitly specified, otherwise to an implementation-defined 3529 value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' 3530 type: object 3531 type: object 3532 securityContext: 3533 description: 'SecurityContext defines the security options 3534 the container should be run with. If set, the fields of 3535 SecurityContext override the equivalent fields of PodSecurityContext. 3536 More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/' 3537 properties: 3538 allowPrivilegeEscalation: 3539 description: 'AllowPrivilegeEscalation controls whether 3540 a process can gain more privileges than its parent 3541 process. This bool directly controls if the no_new_privs 3542 flag will be set on the container process. AllowPrivilegeEscalation 3543 is true always when the container is: 1) run as Privileged 3544 2) has CAP_SYS_ADMIN Note that this field cannot be 3545 set when spec.os.name is windows.' 3546 type: boolean 3547 capabilities: 3548 description: The capabilities to add/drop when running 3549 containers. Defaults to the default set of capabilities 3550 granted by the container runtime. Note that this field 3551 cannot be set when spec.os.name is windows. 3552 properties: 3553 add: 3554 description: Added capabilities 3555 items: 3556 description: Capability represent POSIX capabilities 3557 type 3558 type: string 3559 type: array 3560 drop: 3561 description: Removed capabilities 3562 items: 3563 description: Capability represent POSIX capabilities 3564 type 3565 type: string 3566 type: array 3567 type: object 3568 privileged: 3569 description: Run container in privileged mode. Processes 3570 in privileged containers are essentially equivalent 3571 to root on the host. Defaults to false. Note that 3572 this field cannot be set when spec.os.name is windows. 3573 type: boolean 3574 procMount: 3575 description: procMount denotes the type of proc mount 3576 to use for the containers. The default is DefaultProcMount 3577 which uses the container runtime defaults for readonly 3578 paths and masked paths. This requires the ProcMountType 3579 feature flag to be enabled. Note that this field cannot 3580 be set when spec.os.name is windows. 3581 type: string 3582 readOnlyRootFilesystem: 3583 description: Whether this container has a read-only 3584 root filesystem. Default is false. Note that this 3585 field cannot be set when spec.os.name is windows. 3586 type: boolean 3587 runAsGroup: 3588 description: The GID to run the entrypoint of the container 3589 process. Uses runtime default if unset. May also be 3590 set in PodSecurityContext. If set in both SecurityContext 3591 and PodSecurityContext, the value specified in SecurityContext 3592 takes precedence. Note that this field cannot be set 3593 when spec.os.name is windows. 3594 format: int64 3595 type: integer 3596 runAsNonRoot: 3597 description: Indicates that the container must run as 3598 a non-root user. If true, the Kubelet will validate 3599 the image at runtime to ensure that it does not run 3600 as UID 0 (root) and fail to start the container if 3601 it does. If unset or false, no such validation will 3602 be performed. May also be set in PodSecurityContext. If 3603 set in both SecurityContext and PodSecurityContext, 3604 the value specified in SecurityContext takes precedence. 3605 type: boolean 3606 runAsUser: 3607 description: The UID to run the entrypoint of the container 3608 process. Defaults to user specified in image metadata 3609 if unspecified. May also be set in PodSecurityContext. If 3610 set in both SecurityContext and PodSecurityContext, 3611 the value specified in SecurityContext takes precedence. 3612 Note that this field cannot be set when spec.os.name 3613 is windows. 3614 format: int64 3615 type: integer 3616 seLinuxOptions: 3617 description: The SELinux context to be applied to the 3618 container. If unspecified, the container runtime will 3619 allocate a random SELinux context for each container. May 3620 also be set in PodSecurityContext. If set in both 3621 SecurityContext and PodSecurityContext, the value 3622 specified in SecurityContext takes precedence. Note 3623 that this field cannot be set when spec.os.name is 3624 windows. 3625 properties: 3626 level: 3627 description: Level is SELinux level label that applies 3628 to the container. 3629 type: string 3630 role: 3631 description: Role is a SELinux role label that applies 3632 to the container. 3633 type: string 3634 type: 3635 description: Type is a SELinux type label that applies 3636 to the container. 3637 type: string 3638 user: 3639 description: User is a SELinux user label that applies 3640 to the container. 3641 type: string 3642 type: object 3643 seccompProfile: 3644 description: The seccomp options to use by this container. 3645 If seccomp options are provided at both the pod & 3646 container level, the container options override the 3647 pod options. Note that this field cannot be set when 3648 spec.os.name is windows. 3649 properties: 3650 localhostProfile: 3651 description: localhostProfile indicates a profile 3652 defined in a file on the node should be used. 3653 The profile must be preconfigured on the node 3654 to work. Must be a descending path, relative to 3655 the kubelet's configured seccomp profile location. 3656 Must only be set if type is "Localhost". 3657 type: string 3658 type: 3659 description: "type indicates which kind of seccomp 3660 profile will be applied. Valid options are: \n 3661 Localhost - a profile defined in a file on the 3662 node should be used. RuntimeDefault - the container 3663 runtime default profile should be used. Unconfined 3664 - no profile should be applied." 3665 type: string 3666 required: 3667 - type 3668 type: object 3669 windowsOptions: 3670 description: The Windows specific settings applied to 3671 all containers. If unspecified, the options from the 3672 PodSecurityContext will be used. If set in both SecurityContext 3673 and PodSecurityContext, the value specified in SecurityContext 3674 takes precedence. Note that this field cannot be set 3675 when spec.os.name is linux. 3676 properties: 3677 gmsaCredentialSpec: 3678 description: GMSACredentialSpec is where the GMSA 3679 admission webhook (https://github.com/kubernetes-sigs/windows-gmsa) 3680 inlines the contents of the GMSA credential spec 3681 named by the GMSACredentialSpecName field. 3682 type: string 3683 gmsaCredentialSpecName: 3684 description: GMSACredentialSpecName is the name 3685 of the GMSA credential spec to use. 3686 type: string 3687 hostProcess: 3688 description: HostProcess determines if a container 3689 should be run as a 'Host Process' container. This 3690 field is alpha-level and will only be honored 3691 by components that enable the WindowsHostProcessContainers 3692 feature flag. Setting this field without the feature 3693 flag will result in errors when validating the 3694 Pod. All of a Pod's containers must have the same 3695 effective HostProcess value (it is not allowed 3696 to have a mix of HostProcess containers and non-HostProcess 3697 containers). In addition, if HostProcess is true 3698 then HostNetwork must also be set to true. 3699 type: boolean 3700 runAsUserName: 3701 description: The UserName in Windows to run the 3702 entrypoint of the container process. Defaults 3703 to the user specified in image metadata if unspecified. 3704 May also be set in PodSecurityContext. If set 3705 in both SecurityContext and PodSecurityContext, 3706 the value specified in SecurityContext takes precedence. 3707 type: string 3708 type: object 3709 type: object 3710 startupProbe: 3711 description: 'StartupProbe indicates that the Pod has successfully 3712 initialized. If specified, no other probes are executed 3713 until this completes successfully. If this probe fails, 3714 the Pod will be restarted, just as if the livenessProbe 3715 failed. This can be used to provide different probe parameters 3716 at the beginning of a Pod''s lifecycle, when it might 3717 take a long time to load data or warm a cache, than during 3718 steady-state operation. This cannot be updated. More info: 3719 https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' 3720 properties: 3721 exec: 3722 description: Exec specifies the action to take. 3723 properties: 3724 command: 3725 description: Command is the command line to execute 3726 inside the container, the working directory for 3727 the command is root ('/') in the container's 3728 filesystem. The command is simply exec'd, it is 3729 not run inside a shell, so traditional shell instructions 3730 ('|', etc) won't work. To use a shell, you need 3731 to explicitly call out to that shell. Exit status 3732 of 0 is treated as live/healthy and non-zero is 3733 unhealthy. 3734 items: 3735 type: string 3736 type: array 3737 type: object 3738 failureThreshold: 3739 description: Minimum consecutive failures for the probe 3740 to be considered failed after having succeeded. Defaults 3741 to 3. Minimum value is 1. 3742 format: int32 3743 type: integer 3744 grpc: 3745 description: GRPC specifies an action involving a GRPC 3746 port. This is an alpha field and requires enabling 3747 GRPCContainerProbe feature gate. 3748 properties: 3749 port: 3750 description: Port number of the gRPC service. Number 3751 must be in the range 1 to 65535. 3752 format: int32 3753 type: integer 3754 service: 3755 description: "Service is the name of the service 3756 to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). 3757 \n If this is not specified, the default behavior 3758 is defined by gRPC." 3759 type: string 3760 required: 3761 - port 3762 type: object 3763 httpGet: 3764 description: HTTPGet specifies the http request to perform. 3765 properties: 3766 host: 3767 description: Host name to connect to, defaults to 3768 the pod IP. You probably want to set "Host" in 3769 httpHeaders instead. 3770 type: string 3771 httpHeaders: 3772 description: Custom headers to set in the request. 3773 HTTP allows repeated headers. 3774 items: 3775 description: HTTPHeader describes a custom header 3776 to be used in HTTP probes 3777 properties: 3778 name: 3779 description: The header field name 3780 type: string 3781 value: 3782 description: The header field value 3783 type: string 3784 required: 3785 - name 3786 - value 3787 type: object 3788 type: array 3789 path: 3790 description: Path to access on the HTTP server. 3791 type: string 3792 port: 3793 anyOf: 3794 - type: integer 3795 - type: string 3796 description: Name or number of the port to access 3797 on the container. Number must be in the range 3798 1 to 65535. Name must be an IANA_SVC_NAME. 3799 x-kubernetes-int-or-string: true 3800 scheme: 3801 description: Scheme to use for connecting to the 3802 host. Defaults to HTTP. 3803 type: string 3804 required: 3805 - port 3806 type: object 3807 initialDelaySeconds: 3808 description: 'Number of seconds after the container 3809 has started before liveness probes are initiated. 3810 More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' 3811 format: int32 3812 type: integer 3813 periodSeconds: 3814 description: How often (in seconds) to perform the probe. 3815 Default to 10 seconds. Minimum value is 1. 3816 format: int32 3817 type: integer 3818 successThreshold: 3819 description: Minimum consecutive successes for the probe 3820 to be considered successful after having failed. Defaults 3821 to 1. Must be 1 for liveness and startup. Minimum 3822 value is 1. 3823 format: int32 3824 type: integer 3825 tcpSocket: 3826 description: TCPSocket specifies an action involving 3827 a TCP port. 3828 properties: 3829 host: 3830 description: 'Optional: Host name to connect to, 3831 defaults to the pod IP.' 3832 type: string 3833 port: 3834 anyOf: 3835 - type: integer 3836 - type: string 3837 description: Number or name of the port to access 3838 on the container. Number must be in the range 3839 1 to 65535. Name must be an IANA_SVC_NAME. 3840 x-kubernetes-int-or-string: true 3841 required: 3842 - port 3843 type: object 3844 terminationGracePeriodSeconds: 3845 description: Optional duration in seconds the pod needs 3846 to terminate gracefully upon probe failure. The grace 3847 period is the duration in seconds after the processes 3848 running in the pod are sent a termination signal and 3849 the time when the processes are forcibly halted with 3850 a kill signal. Set this value longer than the expected 3851 cleanup time for your process. If this value is nil, 3852 the pod's terminationGracePeriodSeconds will be used. 3853 Otherwise, this value overrides the value provided 3854 by the pod spec. Value must be non-negative integer. 3855 The value zero indicates stop immediately via the 3856 kill signal (no opportunity to shut down). This is 3857 a beta field and requires enabling ProbeTerminationGracePeriod 3858 feature gate. Minimum value is 1. spec.terminationGracePeriodSeconds 3859 is used if unset. 3860 format: int64 3861 type: integer 3862 timeoutSeconds: 3863 description: 'Number of seconds after which the probe 3864 times out. Defaults to 1 second. Minimum value is 3865 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' 3866 format: int32 3867 type: integer 3868 type: object 3869 stdin: 3870 description: Whether this container should allocate a buffer 3871 for stdin in the container runtime. If this is not set, 3872 reads from stdin in the container will always result in 3873 EOF. Default is false. 3874 type: boolean 3875 stdinOnce: 3876 description: Whether the container runtime should close 3877 the stdin channel after it has been opened by a single 3878 attach. When stdin is true the stdin stream will remain 3879 open across multiple attach sessions. If stdinOnce is 3880 set to true, stdin is opened on container start, is empty 3881 until the first client attaches to stdin, and then remains 3882 open and accepts data until the client disconnects, at 3883 which time stdin is closed and remains closed until the 3884 container is restarted. If this flag is false, a container 3885 processes that reads from stdin will never receive an 3886 EOF. Default is false 3887 type: boolean 3888 terminationMessagePath: 3889 description: 'Optional: Path at which the file to which 3890 the container''s termination message will be written is 3891 mounted into the container''s filesystem. Message written 3892 is intended to be brief final status, such as an assertion 3893 failure message. Will be truncated by the node if greater 3894 than 4096 bytes. The total message length across all containers 3895 will be limited to 12kb. Defaults to /dev/termination-log. 3896 Cannot be updated.' 3897 type: string 3898 terminationMessagePolicy: 3899 description: Indicate how the termination message should 3900 be populated. File will use the contents of terminationMessagePath 3901 to populate the container status message on both success 3902 and failure. FallbackToLogsOnError will use the last chunk 3903 of container log output if the termination message file 3904 is empty and the container exited with an error. The log 3905 output is limited to 2048 bytes or 80 lines, whichever 3906 is smaller. Defaults to File. Cannot be updated. 3907 type: string 3908 tty: 3909 description: Whether this container should allocate a TTY 3910 for itself, also requires 'stdin' to be true. Default 3911 is false. 3912 type: boolean 3913 volumeDevices: 3914 description: volumeDevices is the list of block devices 3915 to be used by the container. 3916 items: 3917 description: volumeDevice describes a mapping of a raw 3918 block device within a container. 3919 properties: 3920 devicePath: 3921 description: devicePath is the path inside of the 3922 container that the device will be mapped to. 3923 type: string 3924 name: 3925 description: name must match the name of a persistentVolumeClaim 3926 in the pod 3927 type: string 3928 required: 3929 - devicePath 3930 - name 3931 type: object 3932 type: array 3933 volumeMounts: 3934 description: Pod volumes to mount into the container's filesystem. 3935 Cannot be updated. 3936 items: 3937 description: VolumeMount describes a mounting of a Volume 3938 within a container. 3939 properties: 3940 mountPath: 3941 description: Path within the container at which the 3942 volume should be mounted. Must not contain ':'. 3943 type: string 3944 mountPropagation: 3945 description: mountPropagation determines how mounts 3946 are propagated from the host to container and the 3947 other way around. When not set, MountPropagationNone 3948 is used. This field is beta in 1.10. 3949 type: string 3950 name: 3951 description: This must match the Name of a Volume. 3952 type: string 3953 readOnly: 3954 description: Mounted read-only if true, read-write 3955 otherwise (false or unspecified). Defaults to false. 3956 type: boolean 3957 subPath: 3958 description: Path within the volume from which the 3959 container's volume should be mounted. Defaults to 3960 "" (volume's root). 3961 type: string 3962 subPathExpr: 3963 description: Expanded path within the volume from 3964 which the container's volume should be mounted. 3965 Behaves similarly to SubPath but environment variable 3966 references $(VAR_NAME) are expanded using the container's 3967 environment. Defaults to "" (volume's root). SubPathExpr 3968 and SubPath are mutually exclusive. 3969 type: string 3970 required: 3971 - mountPath 3972 - name 3973 type: object 3974 type: array 3975 workingDir: 3976 description: Container's working directory. If not specified, 3977 the container runtime's default will be used, which might 3978 be configured in the container image. Cannot be updated. 3979 type: string 3980 required: 3981 - name 3982 type: object 3983 type: array 3984 verifytls: 3985 description: VerifyTLS defines whether repo server API should 3986 be accessed using strict TLS validation 3987 type: boolean 3988 version: 3989 description: Version is the ArgoCD Repo Server container image 3990 tag. 3991 type: string 3992 volumeMounts: 3993 description: VolumeMounts adds volumeMounts to the repo server 3994 container 3995 items: 3996 description: VolumeMount describes a mounting of a Volume within 3997 a container. 3998 properties: 3999 mountPath: 4000 description: Path within the container at which the volume 4001 should be mounted. Must not contain ':'. 4002 type: string 4003 mountPropagation: 4004 description: mountPropagation determines how mounts are 4005 propagated from the host to container and the other way 4006 around. When not set, MountPropagationNone is used. This 4007 field is beta in 1.10. 4008 type: string 4009 name: 4010 description: This must match the Name of a Volume. 4011 type: string 4012 readOnly: 4013 description: Mounted read-only if true, read-write otherwise 4014 (false or unspecified). Defaults to false. 4015 type: boolean 4016 subPath: 4017 description: Path within the volume from which the container's 4018 volume should be mounted. Defaults to "" (volume's root). 4019 type: string 4020 subPathExpr: 4021 description: Expanded path within the volume from which 4022 the container's volume should be mounted. Behaves similarly 4023 to SubPath but environment variable references $(VAR_NAME) 4024 are expanded using the container's environment. Defaults 4025 to "" (volume's root). SubPathExpr and SubPath are mutually 4026 exclusive. 4027 type: string 4028 required: 4029 - mountPath 4030 - name 4031 type: object 4032 type: array 4033 volumes: 4034 description: Volumes adds volumes to the repo server deployment 4035 items: 4036 description: Volume represents a named volume in a pod that 4037 may be accessed by any container in the pod. 4038 properties: 4039 awsElasticBlockStore: 4040 description: 'AWSElasticBlockStore represents an AWS Disk 4041 resource that is attached to a kubelet''s host machine 4042 and then exposed to the pod. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore' 4043 properties: 4044 fsType: 4045 description: 'Filesystem type of the volume that you 4046 want to mount. Tip: Ensure that the filesystem type 4047 is supported by the host operating system. Examples: 4048 "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" 4049 if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore 4050 TODO: how do we prevent errors in the filesystem from 4051 compromising the machine' 4052 type: string 4053 partition: 4054 description: 'The partition in the volume that you want 4055 to mount. If omitted, the default is to mount by volume 4056 name. Examples: For volume /dev/sda1, you specify 4057 the partition as "1". Similarly, the volume partition 4058 for /dev/sda is "0" (or you can leave the property 4059 empty).' 4060 format: int32 4061 type: integer 4062 readOnly: 4063 description: 'Specify "true" to force and set the ReadOnly 4064 property in VolumeMounts to "true". If omitted, the 4065 default is "false". More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore' 4066 type: boolean 4067 volumeID: 4068 description: 'Unique ID of the persistent disk resource 4069 in AWS (Amazon EBS volume). More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore' 4070 type: string 4071 required: 4072 - volumeID 4073 type: object 4074 azureDisk: 4075 description: AzureDisk represents an Azure Data Disk mount 4076 on the host and bind mount to the pod. 4077 properties: 4078 cachingMode: 4079 description: 'Host Caching mode: None, Read Only, Read 4080 Write.' 4081 type: string 4082 diskName: 4083 description: The Name of the data disk in the blob storage 4084 type: string 4085 diskURI: 4086 description: The URI the data disk in the blob storage 4087 type: string 4088 fsType: 4089 description: Filesystem type to mount. Must be a filesystem 4090 type supported by the host operating system. Ex. "ext4", 4091 "xfs", "ntfs". Implicitly inferred to be "ext4" if 4092 unspecified. 4093 type: string 4094 kind: 4095 description: 'Expected values Shared: multiple blob 4096 disks per storage account Dedicated: single blob 4097 disk per storage account Managed: azure managed data 4098 disk (only in managed availability set). defaults 4099 to shared' 4100 type: string 4101 readOnly: 4102 description: Defaults to false (read/write). ReadOnly 4103 here will force the ReadOnly setting in VolumeMounts. 4104 type: boolean 4105 required: 4106 - diskName 4107 - diskURI 4108 type: object 4109 azureFile: 4110 description: AzureFile represents an Azure File Service 4111 mount on the host and bind mount to the pod. 4112 properties: 4113 readOnly: 4114 description: Defaults to false (read/write). ReadOnly 4115 here will force the ReadOnly setting in VolumeMounts. 4116 type: boolean 4117 secretName: 4118 description: the name of secret that contains Azure 4119 Storage Account Name and Key 4120 type: string 4121 shareName: 4122 description: Share Name 4123 type: string 4124 required: 4125 - secretName 4126 - shareName 4127 type: object 4128 cephfs: 4129 description: CephFS represents a Ceph FS mount on the host 4130 that shares a pod's lifetime 4131 properties: 4132 monitors: 4133 description: 'Required: Monitors is a collection of 4134 Ceph monitors More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it' 4135 items: 4136 type: string 4137 type: array 4138 path: 4139 description: 'Optional: Used as the mounted root, rather 4140 than the full Ceph tree, default is /' 4141 type: string 4142 readOnly: 4143 description: 'Optional: Defaults to false (read/write). 4144 ReadOnly here will force the ReadOnly setting in VolumeMounts. 4145 More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it' 4146 type: boolean 4147 secretFile: 4148 description: 'Optional: SecretFile is the path to key 4149 ring for User, default is /etc/ceph/user.secret More 4150 info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it' 4151 type: string 4152 secretRef: 4153 description: 'Optional: SecretRef is reference to the 4154 authentication secret for User, default is empty. 4155 More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it' 4156 properties: 4157 name: 4158 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 4159 TODO: Add other useful fields. apiVersion, kind, 4160 uid?' 4161 type: string 4162 type: object 4163 user: 4164 description: 'Optional: User is the rados user name, 4165 default is admin More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it' 4166 type: string 4167 required: 4168 - monitors 4169 type: object 4170 cinder: 4171 description: 'Cinder represents a cinder volume attached 4172 and mounted on kubelets host machine. More info: https://examples.k8s.io/mysql-cinder-pd/README.md' 4173 properties: 4174 fsType: 4175 description: 'Filesystem type to mount. Must be a filesystem 4176 type supported by the host operating system. Examples: 4177 "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" 4178 if unspecified. More info: https://examples.k8s.io/mysql-cinder-pd/README.md' 4179 type: string 4180 readOnly: 4181 description: 'Optional: Defaults to false (read/write). 4182 ReadOnly here will force the ReadOnly setting in VolumeMounts. 4183 More info: https://examples.k8s.io/mysql-cinder-pd/README.md' 4184 type: boolean 4185 secretRef: 4186 description: 'Optional: points to a secret object containing 4187 parameters used to connect to OpenStack.' 4188 properties: 4189 name: 4190 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 4191 TODO: Add other useful fields. apiVersion, kind, 4192 uid?' 4193 type: string 4194 type: object 4195 volumeID: 4196 description: 'volume id used to identify the volume 4197 in cinder. More info: https://examples.k8s.io/mysql-cinder-pd/README.md' 4198 type: string 4199 required: 4200 - volumeID 4201 type: object 4202 configMap: 4203 description: ConfigMap represents a configMap that should 4204 populate this volume 4205 properties: 4206 defaultMode: 4207 description: 'Optional: mode bits used to set permissions 4208 on created files by default. Must be an octal value 4209 between 0000 and 0777 or a decimal value between 0 4210 and 511. YAML accepts both octal and decimal values, 4211 JSON requires decimal values for mode bits. Defaults 4212 to 0644. Directories within the path are not affected 4213 by this setting. This might be in conflict with other 4214 options that affect the file mode, like fsGroup, and 4215 the result can be other mode bits set.' 4216 format: int32 4217 type: integer 4218 items: 4219 description: If unspecified, each key-value pair in 4220 the Data field of the referenced ConfigMap will be 4221 projected into the volume as a file whose name is 4222 the key and content is the value. If specified, the 4223 listed keys will be projected into the specified paths, 4224 and unlisted keys will not be present. If a key is 4225 specified which is not present in the ConfigMap, the 4226 volume setup will error unless it is marked optional. 4227 Paths must be relative and may not contain the '..' 4228 path or start with '..'. 4229 items: 4230 description: Maps a string key to a path within a 4231 volume. 4232 properties: 4233 key: 4234 description: The key to project. 4235 type: string 4236 mode: 4237 description: 'Optional: mode bits used to set 4238 permissions on this file. Must be an octal value 4239 between 0000 and 0777 or a decimal value between 4240 0 and 511. YAML accepts both octal and decimal 4241 values, JSON requires decimal values for mode 4242 bits. If not specified, the volume defaultMode 4243 will be used. This might be in conflict with 4244 other options that affect the file mode, like 4245 fsGroup, and the result can be other mode bits 4246 set.' 4247 format: int32 4248 type: integer 4249 path: 4250 description: The relative path of the file to 4251 map the key to. May not be an absolute path. 4252 May not contain the path element '..'. May not 4253 start with the string '..'. 4254 type: string 4255 required: 4256 - key 4257 - path 4258 type: object 4259 type: array 4260 name: 4261 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 4262 TODO: Add other useful fields. apiVersion, kind, uid?' 4263 type: string 4264 optional: 4265 description: Specify whether the ConfigMap or its keys 4266 must be defined 4267 type: boolean 4268 type: object 4269 csi: 4270 description: CSI (Container Storage Interface) represents 4271 ephemeral storage that is handled by certain external 4272 CSI drivers (Beta feature). 4273 properties: 4274 driver: 4275 description: Driver is the name of the CSI driver that 4276 handles this volume. Consult with your admin for the 4277 correct name as registered in the cluster. 4278 type: string 4279 fsType: 4280 description: Filesystem type to mount. Ex. "ext4", "xfs", 4281 "ntfs". If not provided, the empty value is passed 4282 to the associated CSI driver which will determine 4283 the default filesystem to apply. 4284 type: string 4285 nodePublishSecretRef: 4286 description: NodePublishSecretRef is a reference to 4287 the secret object containing sensitive information 4288 to pass to the CSI driver to complete the CSI NodePublishVolume 4289 and NodeUnpublishVolume calls. This field is optional, 4290 and may be empty if no secret is required. If the 4291 secret object contains more than one secret, all secret 4292 references are passed. 4293 properties: 4294 name: 4295 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 4296 TODO: Add other useful fields. apiVersion, kind, 4297 uid?' 4298 type: string 4299 type: object 4300 readOnly: 4301 description: Specifies a read-only configuration for 4302 the volume. Defaults to false (read/write). 4303 type: boolean 4304 volumeAttributes: 4305 additionalProperties: 4306 type: string 4307 description: VolumeAttributes stores driver-specific 4308 properties that are passed to the CSI driver. Consult 4309 your driver's documentation for supported values. 4310 type: object 4311 required: 4312 - driver 4313 type: object 4314 downwardAPI: 4315 description: DownwardAPI represents downward API about the 4316 pod that should populate this volume 4317 properties: 4318 defaultMode: 4319 description: 'Optional: mode bits to use on created 4320 files by default. Must be a Optional: mode bits used 4321 to set permissions on created files by default. Must 4322 be an octal value between 0000 and 0777 or a decimal 4323 value between 0 and 511. YAML accepts both octal and 4324 decimal values, JSON requires decimal values for mode 4325 bits. Defaults to 0644. Directories within the path 4326 are not affected by this setting. This might be in 4327 conflict with other options that affect the file mode, 4328 like fsGroup, and the result can be other mode bits 4329 set.' 4330 format: int32 4331 type: integer 4332 items: 4333 description: Items is a list of downward API volume 4334 file 4335 items: 4336 description: DownwardAPIVolumeFile represents information 4337 to create the file containing the pod field 4338 properties: 4339 fieldRef: 4340 description: 'Required: Selects a field of the 4341 pod: only annotations, labels, name and namespace 4342 are supported.' 4343 properties: 4344 apiVersion: 4345 description: Version of the schema the FieldPath 4346 is written in terms of, defaults to "v1". 4347 type: string 4348 fieldPath: 4349 description: Path of the field to select in 4350 the specified API version. 4351 type: string 4352 required: 4353 - fieldPath 4354 type: object 4355 mode: 4356 description: 'Optional: mode bits used to set 4357 permissions on this file, must be an octal value 4358 between 0000 and 0777 or a decimal value between 4359 0 and 511. YAML accepts both octal and decimal 4360 values, JSON requires decimal values for mode 4361 bits. If not specified, the volume defaultMode 4362 will be used. This might be in conflict with 4363 other options that affect the file mode, like 4364 fsGroup, and the result can be other mode bits 4365 set.' 4366 format: int32 4367 type: integer 4368 path: 4369 description: 'Required: Path is the relative 4370 path name of the file to be created. Must not 4371 be absolute or contain the ''..'' path. Must 4372 be utf-8 encoded. The first item of the relative 4373 path must not start with ''..''' 4374 type: string 4375 resourceFieldRef: 4376 description: 'Selects a resource of the container: 4377 only resources limits and requests (limits.cpu, 4378 limits.memory, requests.cpu and requests.memory) 4379 are currently supported.' 4380 properties: 4381 containerName: 4382 description: 'Container name: required for 4383 volumes, optional for env vars' 4384 type: string 4385 divisor: 4386 anyOf: 4387 - type: integer 4388 - type: string 4389 description: Specifies the output format of 4390 the exposed resources, defaults to "1" 4391 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 4392 x-kubernetes-int-or-string: true 4393 resource: 4394 description: 'Required: resource to select' 4395 type: string 4396 required: 4397 - resource 4398 type: object 4399 required: 4400 - path 4401 type: object 4402 type: array 4403 type: object 4404 emptyDir: 4405 description: 'EmptyDir represents a temporary directory 4406 that shares a pod''s lifetime. More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir' 4407 properties: 4408 medium: 4409 description: 'What type of storage medium should back 4410 this directory. The default is "" which means to use 4411 the node''s default medium. Must be an empty string 4412 (default) or Memory. More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir' 4413 type: string 4414 sizeLimit: 4415 anyOf: 4416 - type: integer 4417 - type: string 4418 description: 'Total amount of local storage required 4419 for this EmptyDir volume. The size limit is also applicable 4420 for memory medium. The maximum usage on memory medium 4421 EmptyDir would be the minimum value between the SizeLimit 4422 specified here and the sum of memory limits of all 4423 containers in a pod. The default is nil which means 4424 that the limit is undefined. More info: http://kubernetes.io/docs/user-guide/volumes#emptydir' 4425 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 4426 x-kubernetes-int-or-string: true 4427 type: object 4428 ephemeral: 4429 description: "Ephemeral represents a volume that is handled 4430 by a cluster storage driver. The volume's lifecycle is 4431 tied to the pod that defines it - it will be created before 4432 the pod starts, and deleted when the pod is removed. \n 4433 Use this if: a) the volume is only needed while the pod 4434 runs, b) features of normal volumes like restoring from 4435 snapshot or capacity tracking are needed, c) the storage 4436 driver is specified through a storage class, and d) the 4437 storage driver supports dynamic volume provisioning through 4438 \ a PersistentVolumeClaim (see EphemeralVolumeSource 4439 for more information on the connection between this 4440 volume type and PersistentVolumeClaim). \n Use PersistentVolumeClaim 4441 or one of the vendor-specific APIs for volumes that persist 4442 for longer than the lifecycle of an individual pod. \n 4443 Use CSI for light-weight local ephemeral volumes if the 4444 CSI driver is meant to be used that way - see the documentation 4445 of the driver for more information. \n A pod can use both 4446 types of ephemeral volumes and persistent volumes at the 4447 same time." 4448 properties: 4449 volumeClaimTemplate: 4450 description: "Will be used to create a stand-alone PVC 4451 to provision the volume. The pod in which this EphemeralVolumeSource 4452 is embedded will be the owner of the PVC, i.e. the 4453 PVC will be deleted together with the pod. The name 4454 of the PVC will be `<pod name>-<volume name>` where 4455 `<volume name>` is the name from the `PodSpec.Volumes` 4456 array entry. Pod validation will reject the pod if 4457 the concatenated name is not valid for a PVC (for 4458 example, too long). \n An existing PVC with that name 4459 that is not owned by the pod will *not* be used for 4460 the pod to avoid using an unrelated volume by mistake. 4461 Starting the pod is then blocked until the unrelated 4462 PVC is removed. If such a pre-created PVC is meant 4463 to be used by the pod, the PVC has to updated with 4464 an owner reference to the pod once the pod exists. 4465 Normally this should not be necessary, but it may 4466 be useful when manually reconstructing a broken cluster. 4467 \n This field is read-only and no changes will be 4468 made by Kubernetes to the PVC after it has been created. 4469 \n Required, must not be nil." 4470 properties: 4471 metadata: 4472 description: May contain labels and annotations 4473 that will be copied into the PVC when creating 4474 it. No other fields are allowed and will be rejected 4475 during validation. 4476 type: object 4477 spec: 4478 description: The specification for the PersistentVolumeClaim. 4479 The entire content is copied unchanged into the 4480 PVC that gets created from this template. The 4481 same fields as in a PersistentVolumeClaim are 4482 also valid here. 4483 properties: 4484 accessModes: 4485 description: 'AccessModes contains the desired 4486 access modes the volume should have. More 4487 info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1' 4488 items: 4489 type: string 4490 type: array 4491 dataSource: 4492 description: 'This field can be used to specify 4493 either: * An existing VolumeSnapshot object 4494 (snapshot.storage.k8s.io/VolumeSnapshot) * 4495 An existing PVC (PersistentVolumeClaim) If 4496 the provisioner or an external controller 4497 can support the specified data source, it 4498 will create a new volume based on the contents 4499 of the specified data source. If the AnyVolumeDataSource 4500 feature gate is enabled, this field will always 4501 have the same contents as the DataSourceRef 4502 field.' 4503 properties: 4504 apiGroup: 4505 description: APIGroup is the group for the 4506 resource being referenced. If APIGroup 4507 is not specified, the specified Kind must 4508 be in the core API group. For any other 4509 third-party types, APIGroup is required. 4510 type: string 4511 kind: 4512 description: Kind is the type of resource 4513 being referenced 4514 type: string 4515 name: 4516 description: Name is the name of resource 4517 being referenced 4518 type: string 4519 required: 4520 - kind 4521 - name 4522 type: object 4523 dataSourceRef: 4524 description: 'Specifies the object from which 4525 to populate the volume with data, if a non-empty 4526 volume is desired. This may be any local object 4527 from a non-empty API group (non core object) 4528 or a PersistentVolumeClaim object. When this 4529 field is specified, volume binding will only 4530 succeed if the type of the specified object 4531 matches some installed volume populator or 4532 dynamic provisioner. This field will replace 4533 the functionality of the DataSource field 4534 and as such if both fields are non-empty, 4535 they must have the same value. For backwards 4536 compatibility, both fields (DataSource and 4537 DataSourceRef) will be set to the same value 4538 automatically if one of them is empty and 4539 the other is non-empty. There are two important 4540 differences between DataSource and DataSourceRef: 4541 * While DataSource only allows two specific 4542 types of objects, DataSourceRef allows any 4543 non-core object, as well as PersistentVolumeClaim 4544 objects. * While DataSource ignores disallowed 4545 values (dropping them), DataSourceRef preserves 4546 all values, and generates an error if a disallowed 4547 value is specified. (Alpha) Using this field 4548 requires the AnyVolumeDataSource feature gate 4549 to be enabled.' 4550 properties: 4551 apiGroup: 4552 description: APIGroup is the group for the 4553 resource being referenced. If APIGroup 4554 is not specified, the specified Kind must 4555 be in the core API group. For any other 4556 third-party types, APIGroup is required. 4557 type: string 4558 kind: 4559 description: Kind is the type of resource 4560 being referenced 4561 type: string 4562 name: 4563 description: Name is the name of resource 4564 being referenced 4565 type: string 4566 required: 4567 - kind 4568 - name 4569 type: object 4570 resources: 4571 description: 'Resources represents the minimum 4572 resources the volume should have. If RecoverVolumeExpansionFailure 4573 feature is enabled users are allowed to specify 4574 resource requirements that are lower than 4575 previous value but must still be higher than 4576 capacity recorded in the status field of the 4577 claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources' 4578 properties: 4579 limits: 4580 additionalProperties: 4581 anyOf: 4582 - type: integer 4583 - type: string 4584 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 4585 x-kubernetes-int-or-string: true 4586 description: 'Limits describes the maximum 4587 amount of compute resources allowed. More 4588 info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' 4589 type: object 4590 requests: 4591 additionalProperties: 4592 anyOf: 4593 - type: integer 4594 - type: string 4595 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 4596 x-kubernetes-int-or-string: true 4597 description: 'Requests describes the minimum 4598 amount of compute resources required. 4599 If Requests is omitted for a container, 4600 it defaults to Limits if that is explicitly 4601 specified, otherwise to an implementation-defined 4602 value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' 4603 type: object 4604 type: object 4605 selector: 4606 description: A label query over volumes to consider 4607 for binding. 4608 properties: 4609 matchExpressions: 4610 description: matchExpressions is a list 4611 of label selector requirements. The requirements 4612 are ANDed. 4613 items: 4614 description: A label selector requirement 4615 is a selector that contains values, 4616 a key, and an operator that relates 4617 the key and values. 4618 properties: 4619 key: 4620 description: key is the label key 4621 that the selector applies to. 4622 type: string 4623 operator: 4624 description: operator represents a 4625 key's relationship to a set of values. 4626 Valid operators are In, NotIn, Exists 4627 and DoesNotExist. 4628 type: string 4629 values: 4630 description: values is an array of 4631 string values. If the operator is 4632 In or NotIn, the values array must 4633 be non-empty. If the operator is 4634 Exists or DoesNotExist, the values 4635 array must be empty. This array 4636 is replaced during a strategic merge 4637 patch. 4638 items: 4639 type: string 4640 type: array 4641 required: 4642 - key 4643 - operator 4644 type: object 4645 type: array 4646 matchLabels: 4647 additionalProperties: 4648 type: string 4649 description: matchLabels is a map of {key,value} 4650 pairs. A single {key,value} in the matchLabels 4651 map is equivalent to an element of matchExpressions, 4652 whose key field is "key", the operator 4653 is "In", and the values array contains 4654 only "value". The requirements are ANDed. 4655 type: object 4656 type: object 4657 storageClassName: 4658 description: 'Name of the StorageClass required 4659 by the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1' 4660 type: string 4661 volumeMode: 4662 description: volumeMode defines what type of 4663 volume is required by the claim. Value of 4664 Filesystem is implied when not included in 4665 claim spec. 4666 type: string 4667 volumeName: 4668 description: VolumeName is the binding reference 4669 to the PersistentVolume backing this claim. 4670 type: string 4671 type: object 4672 required: 4673 - spec 4674 type: object 4675 type: object 4676 fc: 4677 description: FC represents a Fibre Channel resource that 4678 is attached to a kubelet's host machine and then exposed 4679 to the pod. 4680 properties: 4681 fsType: 4682 description: 'Filesystem type to mount. Must be a filesystem 4683 type supported by the host operating system. Ex. "ext4", 4684 "xfs", "ntfs". Implicitly inferred to be "ext4" if 4685 unspecified. TODO: how do we prevent errors in the 4686 filesystem from compromising the machine' 4687 type: string 4688 lun: 4689 description: 'Optional: FC target lun number' 4690 format: int32 4691 type: integer 4692 readOnly: 4693 description: 'Optional: Defaults to false (read/write). 4694 ReadOnly here will force the ReadOnly setting in VolumeMounts.' 4695 type: boolean 4696 targetWWNs: 4697 description: 'Optional: FC target worldwide names (WWNs)' 4698 items: 4699 type: string 4700 type: array 4701 wwids: 4702 description: 'Optional: FC volume world wide identifiers 4703 (wwids) Either wwids or combination of targetWWNs 4704 and lun must be set, but not both simultaneously.' 4705 items: 4706 type: string 4707 type: array 4708 type: object 4709 flexVolume: 4710 description: FlexVolume represents a generic volume resource 4711 that is provisioned/attached using an exec based plugin. 4712 properties: 4713 driver: 4714 description: Driver is the name of the driver to use 4715 for this volume. 4716 type: string 4717 fsType: 4718 description: Filesystem type to mount. Must be a filesystem 4719 type supported by the host operating system. Ex. "ext4", 4720 "xfs", "ntfs". The default filesystem depends on FlexVolume 4721 script. 4722 type: string 4723 options: 4724 additionalProperties: 4725 type: string 4726 description: 'Optional: Extra command options if any.' 4727 type: object 4728 readOnly: 4729 description: 'Optional: Defaults to false (read/write). 4730 ReadOnly here will force the ReadOnly setting in VolumeMounts.' 4731 type: boolean 4732 secretRef: 4733 description: 'Optional: SecretRef is reference to the 4734 secret object containing sensitive information to 4735 pass to the plugin scripts. This may be empty if no 4736 secret object is specified. If the secret object contains 4737 more than one secret, all secrets are passed to the 4738 plugin scripts.' 4739 properties: 4740 name: 4741 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 4742 TODO: Add other useful fields. apiVersion, kind, 4743 uid?' 4744 type: string 4745 type: object 4746 required: 4747 - driver 4748 type: object 4749 flocker: 4750 description: Flocker represents a Flocker volume attached 4751 to a kubelet's host machine. This depends on the Flocker 4752 control service being running 4753 properties: 4754 datasetName: 4755 description: Name of the dataset stored as metadata 4756 -> name on the dataset for Flocker should be considered 4757 as deprecated 4758 type: string 4759 datasetUUID: 4760 description: UUID of the dataset. This is unique identifier 4761 of a Flocker dataset 4762 type: string 4763 type: object 4764 gcePersistentDisk: 4765 description: 'GCEPersistentDisk represents a GCE Disk resource 4766 that is attached to a kubelet''s host machine and then 4767 exposed to the pod. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk' 4768 properties: 4769 fsType: 4770 description: 'Filesystem type of the volume that you 4771 want to mount. Tip: Ensure that the filesystem type 4772 is supported by the host operating system. Examples: 4773 "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" 4774 if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk 4775 TODO: how do we prevent errors in the filesystem from 4776 compromising the machine' 4777 type: string 4778 partition: 4779 description: 'The partition in the volume that you want 4780 to mount. If omitted, the default is to mount by volume 4781 name. Examples: For volume /dev/sda1, you specify 4782 the partition as "1". Similarly, the volume partition 4783 for /dev/sda is "0" (or you can leave the property 4784 empty). More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk' 4785 format: int32 4786 type: integer 4787 pdName: 4788 description: 'Unique name of the PD resource in GCE. 4789 Used to identify the disk in GCE. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk' 4790 type: string 4791 readOnly: 4792 description: 'ReadOnly here will force the ReadOnly 4793 setting in VolumeMounts. Defaults to false. More info: 4794 https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk' 4795 type: boolean 4796 required: 4797 - pdName 4798 type: object 4799 gitRepo: 4800 description: 'GitRepo represents a git repository at a particular 4801 revision. DEPRECATED: GitRepo is deprecated. To provision 4802 a container with a git repo, mount an EmptyDir into an 4803 InitContainer that clones the repo using git, then mount 4804 the EmptyDir into the Pod''s container.' 4805 properties: 4806 directory: 4807 description: Target directory name. Must not contain 4808 or start with '..'. If '.' is supplied, the volume 4809 directory will be the git repository. Otherwise, 4810 if specified, the volume will contain the git repository 4811 in the subdirectory with the given name. 4812 type: string 4813 repository: 4814 description: Repository URL 4815 type: string 4816 revision: 4817 description: Commit hash for the specified revision. 4818 type: string 4819 required: 4820 - repository 4821 type: object 4822 glusterfs: 4823 description: 'Glusterfs represents a Glusterfs mount on 4824 the host that shares a pod''s lifetime. More info: https://examples.k8s.io/volumes/glusterfs/README.md' 4825 properties: 4826 endpoints: 4827 description: 'EndpointsName is the endpoint name that 4828 details Glusterfs topology. More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod' 4829 type: string 4830 path: 4831 description: 'Path is the Glusterfs volume path. More 4832 info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod' 4833 type: string 4834 readOnly: 4835 description: 'ReadOnly here will force the Glusterfs 4836 volume to be mounted with read-only permissions. Defaults 4837 to false. More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod' 4838 type: boolean 4839 required: 4840 - endpoints 4841 - path 4842 type: object 4843 hostPath: 4844 description: 'HostPath represents a pre-existing file or 4845 directory on the host machine that is directly exposed 4846 to the container. This is generally used for system agents 4847 or other privileged things that are allowed to see the 4848 host machine. Most containers will NOT need this. More 4849 info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath 4850 --- TODO(jonesdl) We need to restrict who can use host 4851 directory mounts and who can/can not mount host directories 4852 as read/write.' 4853 properties: 4854 path: 4855 description: 'Path of the directory on the host. If 4856 the path is a symlink, it will follow the link to 4857 the real path. More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath' 4858 type: string 4859 type: 4860 description: 'Type for HostPath Volume Defaults to "" 4861 More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath' 4862 type: string 4863 required: 4864 - path 4865 type: object 4866 iscsi: 4867 description: 'ISCSI represents an ISCSI Disk resource that 4868 is attached to a kubelet''s host machine and then exposed 4869 to the pod. More info: https://examples.k8s.io/volumes/iscsi/README.md' 4870 properties: 4871 chapAuthDiscovery: 4872 description: whether support iSCSI Discovery CHAP authentication 4873 type: boolean 4874 chapAuthSession: 4875 description: whether support iSCSI Session CHAP authentication 4876 type: boolean 4877 fsType: 4878 description: 'Filesystem type of the volume that you 4879 want to mount. Tip: Ensure that the filesystem type 4880 is supported by the host operating system. Examples: 4881 "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" 4882 if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#iscsi 4883 TODO: how do we prevent errors in the filesystem from 4884 compromising the machine' 4885 type: string 4886 initiatorName: 4887 description: Custom iSCSI Initiator Name. If initiatorName 4888 is specified with iscsiInterface simultaneously, new 4889 iSCSI interface <target portal>:<volume name> will 4890 be created for the connection. 4891 type: string 4892 iqn: 4893 description: Target iSCSI Qualified Name. 4894 type: string 4895 iscsiInterface: 4896 description: iSCSI Interface Name that uses an iSCSI 4897 transport. Defaults to 'default' (tcp). 4898 type: string 4899 lun: 4900 description: iSCSI Target Lun number. 4901 format: int32 4902 type: integer 4903 portals: 4904 description: iSCSI Target Portal List. The portal is 4905 either an IP or ip_addr:port if the port is other 4906 than default (typically TCP ports 860 and 3260). 4907 items: 4908 type: string 4909 type: array 4910 readOnly: 4911 description: ReadOnly here will force the ReadOnly setting 4912 in VolumeMounts. Defaults to false. 4913 type: boolean 4914 secretRef: 4915 description: CHAP Secret for iSCSI target and initiator 4916 authentication 4917 properties: 4918 name: 4919 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 4920 TODO: Add other useful fields. apiVersion, kind, 4921 uid?' 4922 type: string 4923 type: object 4924 targetPortal: 4925 description: iSCSI Target Portal. The Portal is either 4926 an IP or ip_addr:port if the port is other than default 4927 (typically TCP ports 860 and 3260). 4928 type: string 4929 required: 4930 - iqn 4931 - lun 4932 - targetPortal 4933 type: object 4934 name: 4935 description: 'Volume''s name. Must be a DNS_LABEL and unique 4936 within the pod. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' 4937 type: string 4938 nfs: 4939 description: 'NFS represents an NFS mount on the host that 4940 shares a pod''s lifetime More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs' 4941 properties: 4942 path: 4943 description: 'Path that is exported by the NFS server. 4944 More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs' 4945 type: string 4946 readOnly: 4947 description: 'ReadOnly here will force the NFS export 4948 to be mounted with read-only permissions. Defaults 4949 to false. More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs' 4950 type: boolean 4951 server: 4952 description: 'Server is the hostname or IP address of 4953 the NFS server. More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs' 4954 type: string 4955 required: 4956 - path 4957 - server 4958 type: object 4959 persistentVolumeClaim: 4960 description: 'PersistentVolumeClaimVolumeSource represents 4961 a reference to a PersistentVolumeClaim in the same namespace. 4962 More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims' 4963 properties: 4964 claimName: 4965 description: 'ClaimName is the name of a PersistentVolumeClaim 4966 in the same namespace as the pod using this volume. 4967 More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims' 4968 type: string 4969 readOnly: 4970 description: Will force the ReadOnly setting in VolumeMounts. 4971 Default false. 4972 type: boolean 4973 required: 4974 - claimName 4975 type: object 4976 photonPersistentDisk: 4977 description: PhotonPersistentDisk represents a PhotonController 4978 persistent disk attached and mounted on kubelets host 4979 machine 4980 properties: 4981 fsType: 4982 description: Filesystem type to mount. Must be a filesystem 4983 type supported by the host operating system. Ex. "ext4", 4984 "xfs", "ntfs". Implicitly inferred to be "ext4" if 4985 unspecified. 4986 type: string 4987 pdID: 4988 description: ID that identifies Photon Controller persistent 4989 disk 4990 type: string 4991 required: 4992 - pdID 4993 type: object 4994 portworxVolume: 4995 description: PortworxVolume represents a portworx volume 4996 attached and mounted on kubelets host machine 4997 properties: 4998 fsType: 4999 description: FSType represents the filesystem type to 5000 mount Must be a filesystem type supported by the host 5001 operating system. Ex. "ext4", "xfs". Implicitly inferred 5002 to be "ext4" if unspecified. 5003 type: string 5004 readOnly: 5005 description: Defaults to false (read/write). ReadOnly 5006 here will force the ReadOnly setting in VolumeMounts. 5007 type: boolean 5008 volumeID: 5009 description: VolumeID uniquely identifies a Portworx 5010 volume 5011 type: string 5012 required: 5013 - volumeID 5014 type: object 5015 projected: 5016 description: Items for all in one resources secrets, configmaps, 5017 and downward API 5018 properties: 5019 defaultMode: 5020 description: Mode bits used to set permissions on created 5021 files by default. Must be an octal value between 0000 5022 and 0777 or a decimal value between 0 and 511. YAML 5023 accepts both octal and decimal values, JSON requires 5024 decimal values for mode bits. Directories within the 5025 path are not affected by this setting. This might 5026 be in conflict with other options that affect the 5027 file mode, like fsGroup, and the result can be other 5028 mode bits set. 5029 format: int32 5030 type: integer 5031 sources: 5032 description: list of volume projections 5033 items: 5034 description: Projection that may be projected along 5035 with other supported volume types 5036 properties: 5037 configMap: 5038 description: information about the configMap data 5039 to project 5040 properties: 5041 items: 5042 description: If unspecified, each key-value 5043 pair in the Data field of the referenced 5044 ConfigMap will be projected into the volume 5045 as a file whose name is the key and content 5046 is the value. If specified, the listed keys 5047 will be projected into the specified paths, 5048 and unlisted keys will not be present. If 5049 a key is specified which is not present 5050 in the ConfigMap, the volume setup will 5051 error unless it is marked optional. Paths 5052 must be relative and may not contain the 5053 '..' path or start with '..'. 5054 items: 5055 description: Maps a string key to a path 5056 within a volume. 5057 properties: 5058 key: 5059 description: The key to project. 5060 type: string 5061 mode: 5062 description: 'Optional: mode bits used 5063 to set permissions on this file. Must 5064 be an octal value between 0000 and 5065 0777 or a decimal value between 0 5066 and 511. YAML accepts both octal and 5067 decimal values, JSON requires decimal 5068 values for mode bits. If not specified, 5069 the volume defaultMode will be used. 5070 This might be in conflict with other 5071 options that affect the file mode, 5072 like fsGroup, and the result can be 5073 other mode bits set.' 5074 format: int32 5075 type: integer 5076 path: 5077 description: The relative path of the 5078 file to map the key to. May not be 5079 an absolute path. May not contain 5080 the path element '..'. May not start 5081 with the string '..'. 5082 type: string 5083 required: 5084 - key 5085 - path 5086 type: object 5087 type: array 5088 name: 5089 description: 'Name of the referent. More info: 5090 https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 5091 TODO: Add other useful fields. apiVersion, 5092 kind, uid?' 5093 type: string 5094 optional: 5095 description: Specify whether the ConfigMap 5096 or its keys must be defined 5097 type: boolean 5098 type: object 5099 downwardAPI: 5100 description: information about the downwardAPI 5101 data to project 5102 properties: 5103 items: 5104 description: Items is a list of DownwardAPIVolume 5105 file 5106 items: 5107 description: DownwardAPIVolumeFile represents 5108 information to create the file containing 5109 the pod field 5110 properties: 5111 fieldRef: 5112 description: 'Required: Selects a field 5113 of the pod: only annotations, labels, 5114 name and namespace are supported.' 5115 properties: 5116 apiVersion: 5117 description: Version of the schema 5118 the FieldPath is written in terms 5119 of, defaults to "v1". 5120 type: string 5121 fieldPath: 5122 description: Path of the field to 5123 select in the specified API version. 5124 type: string 5125 required: 5126 - fieldPath 5127 type: object 5128 mode: 5129 description: 'Optional: mode bits used 5130 to set permissions on this file, must 5131 be an octal value between 0000 and 5132 0777 or a decimal value between 0 5133 and 511. YAML accepts both octal and 5134 decimal values, JSON requires decimal 5135 values for mode bits. If not specified, 5136 the volume defaultMode will be used. 5137 This might be in conflict with other 5138 options that affect the file mode, 5139 like fsGroup, and the result can be 5140 other mode bits set.' 5141 format: int32 5142 type: integer 5143 path: 5144 description: 'Required: Path is the 5145 relative path name of the file to 5146 be created. Must not be absolute or 5147 contain the ''..'' path. Must be utf-8 5148 encoded. The first item of the relative 5149 path must not start with ''..''' 5150 type: string 5151 resourceFieldRef: 5152 description: 'Selects a resource of 5153 the container: only resources limits 5154 and requests (limits.cpu, limits.memory, 5155 requests.cpu and requests.memory) 5156 are currently supported.' 5157 properties: 5158 containerName: 5159 description: 'Container name: required 5160 for volumes, optional for env 5161 vars' 5162 type: string 5163 divisor: 5164 anyOf: 5165 - type: integer 5166 - type: string 5167 description: Specifies the output 5168 format of the exposed resources, 5169 defaults to "1" 5170 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 5171 x-kubernetes-int-or-string: true 5172 resource: 5173 description: 'Required: resource 5174 to select' 5175 type: string 5176 required: 5177 - resource 5178 type: object 5179 required: 5180 - path 5181 type: object 5182 type: array 5183 type: object 5184 secret: 5185 description: information about the secret data 5186 to project 5187 properties: 5188 items: 5189 description: If unspecified, each key-value 5190 pair in the Data field of the referenced 5191 Secret will be projected into the volume 5192 as a file whose name is the key and content 5193 is the value. If specified, the listed keys 5194 will be projected into the specified paths, 5195 and unlisted keys will not be present. If 5196 a key is specified which is not present 5197 in the Secret, the volume setup will error 5198 unless it is marked optional. Paths must 5199 be relative and may not contain the '..' 5200 path or start with '..'. 5201 items: 5202 description: Maps a string key to a path 5203 within a volume. 5204 properties: 5205 key: 5206 description: The key to project. 5207 type: string 5208 mode: 5209 description: 'Optional: mode bits used 5210 to set permissions on this file. Must 5211 be an octal value between 0000 and 5212 0777 or a decimal value between 0 5213 and 511. YAML accepts both octal and 5214 decimal values, JSON requires decimal 5215 values for mode bits. If not specified, 5216 the volume defaultMode will be used. 5217 This might be in conflict with other 5218 options that affect the file mode, 5219 like fsGroup, and the result can be 5220 other mode bits set.' 5221 format: int32 5222 type: integer 5223 path: 5224 description: The relative path of the 5225 file to map the key to. May not be 5226 an absolute path. May not contain 5227 the path element '..'. May not start 5228 with the string '..'. 5229 type: string 5230 required: 5231 - key 5232 - path 5233 type: object 5234 type: array 5235 name: 5236 description: 'Name of the referent. More info: 5237 https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 5238 TODO: Add other useful fields. apiVersion, 5239 kind, uid?' 5240 type: string 5241 optional: 5242 description: Specify whether the Secret or 5243 its key must be defined 5244 type: boolean 5245 type: object 5246 serviceAccountToken: 5247 description: information about the serviceAccountToken 5248 data to project 5249 properties: 5250 audience: 5251 description: Audience is the intended audience 5252 of the token. A recipient of a token must 5253 identify itself with an identifier specified 5254 in the audience of the token, and otherwise 5255 should reject the token. The audience defaults 5256 to the identifier of the apiserver. 5257 type: string 5258 expirationSeconds: 5259 description: ExpirationSeconds is the requested 5260 duration of validity of the service account 5261 token. As the token approaches expiration, 5262 the kubelet volume plugin will proactively 5263 rotate the service account token. The kubelet 5264 will start trying to rotate the token if 5265 the token is older than 80 percent of its 5266 time to live or if the token is older than 5267 24 hours.Defaults to 1 hour and must be 5268 at least 10 minutes. 5269 format: int64 5270 type: integer 5271 path: 5272 description: Path is the path relative to 5273 the mount point of the file to project the 5274 token into. 5275 type: string 5276 required: 5277 - path 5278 type: object 5279 type: object 5280 type: array 5281 type: object 5282 quobyte: 5283 description: Quobyte represents a Quobyte mount on the host 5284 that shares a pod's lifetime 5285 properties: 5286 group: 5287 description: Group to map volume access to Default is 5288 no group 5289 type: string 5290 readOnly: 5291 description: ReadOnly here will force the Quobyte volume 5292 to be mounted with read-only permissions. Defaults 5293 to false. 5294 type: boolean 5295 registry: 5296 description: Registry represents a single or multiple 5297 Quobyte Registry services specified as a string as 5298 host:port pair (multiple entries are separated with 5299 commas) which acts as the central registry for volumes 5300 type: string 5301 tenant: 5302 description: Tenant owning the given Quobyte volume 5303 in the Backend Used with dynamically provisioned Quobyte 5304 volumes, value is set by the plugin 5305 type: string 5306 user: 5307 description: User to map volume access to Defaults to 5308 serivceaccount user 5309 type: string 5310 volume: 5311 description: Volume is a string that references an already 5312 created Quobyte volume by name. 5313 type: string 5314 required: 5315 - registry 5316 - volume 5317 type: object 5318 rbd: 5319 description: 'RBD represents a Rados Block Device mount 5320 on the host that shares a pod''s lifetime. More info: 5321 https://examples.k8s.io/volumes/rbd/README.md' 5322 properties: 5323 fsType: 5324 description: 'Filesystem type of the volume that you 5325 want to mount. Tip: Ensure that the filesystem type 5326 is supported by the host operating system. Examples: 5327 "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" 5328 if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#rbd 5329 TODO: how do we prevent errors in the filesystem from 5330 compromising the machine' 5331 type: string 5332 image: 5333 description: 'The rados image name. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' 5334 type: string 5335 keyring: 5336 description: 'Keyring is the path to key ring for RBDUser. 5337 Default is /etc/ceph/keyring. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' 5338 type: string 5339 monitors: 5340 description: 'A collection of Ceph monitors. More info: 5341 https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' 5342 items: 5343 type: string 5344 type: array 5345 pool: 5346 description: 'The rados pool name. Default is rbd. More 5347 info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' 5348 type: string 5349 readOnly: 5350 description: 'ReadOnly here will force the ReadOnly 5351 setting in VolumeMounts. Defaults to false. More info: 5352 https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' 5353 type: boolean 5354 secretRef: 5355 description: 'SecretRef is name of the authentication 5356 secret for RBDUser. If provided overrides keyring. 5357 Default is nil. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' 5358 properties: 5359 name: 5360 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 5361 TODO: Add other useful fields. apiVersion, kind, 5362 uid?' 5363 type: string 5364 type: object 5365 user: 5366 description: 'The rados user name. Default is admin. 5367 More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' 5368 type: string 5369 required: 5370 - image 5371 - monitors 5372 type: object 5373 scaleIO: 5374 description: ScaleIO represents a ScaleIO persistent volume 5375 attached and mounted on Kubernetes nodes. 5376 properties: 5377 fsType: 5378 description: Filesystem type to mount. Must be a filesystem 5379 type supported by the host operating system. Ex. "ext4", 5380 "xfs", "ntfs". Default is "xfs". 5381 type: string 5382 gateway: 5383 description: The host address of the ScaleIO API Gateway. 5384 type: string 5385 protectionDomain: 5386 description: The name of the ScaleIO Protection Domain 5387 for the configured storage. 5388 type: string 5389 readOnly: 5390 description: Defaults to false (read/write). ReadOnly 5391 here will force the ReadOnly setting in VolumeMounts. 5392 type: boolean 5393 secretRef: 5394 description: SecretRef references to the secret for 5395 ScaleIO user and other sensitive information. If this 5396 is not provided, Login operation will fail. 5397 properties: 5398 name: 5399 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 5400 TODO: Add other useful fields. apiVersion, kind, 5401 uid?' 5402 type: string 5403 type: object 5404 sslEnabled: 5405 description: Flag to enable/disable SSL communication 5406 with Gateway, default false 5407 type: boolean 5408 storageMode: 5409 description: Indicates whether the storage for a volume 5410 should be ThickProvisioned or ThinProvisioned. Default 5411 is ThinProvisioned. 5412 type: string 5413 storagePool: 5414 description: The ScaleIO Storage Pool associated with 5415 the protection domain. 5416 type: string 5417 system: 5418 description: The name of the storage system as configured 5419 in ScaleIO. 5420 type: string 5421 volumeName: 5422 description: The name of a volume already created in 5423 the ScaleIO system that is associated with this volume 5424 source. 5425 type: string 5426 required: 5427 - gateway 5428 - secretRef 5429 - system 5430 type: object 5431 secret: 5432 description: 'Secret represents a secret that should populate 5433 this volume. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret' 5434 properties: 5435 defaultMode: 5436 description: 'Optional: mode bits used to set permissions 5437 on created files by default. Must be an octal value 5438 between 0000 and 0777 or a decimal value between 0 5439 and 511. YAML accepts both octal and decimal values, 5440 JSON requires decimal values for mode bits. Defaults 5441 to 0644. Directories within the path are not affected 5442 by this setting. This might be in conflict with other 5443 options that affect the file mode, like fsGroup, and 5444 the result can be other mode bits set.' 5445 format: int32 5446 type: integer 5447 items: 5448 description: If unspecified, each key-value pair in 5449 the Data field of the referenced Secret will be projected 5450 into the volume as a file whose name is the key and 5451 content is the value. If specified, the listed keys 5452 will be projected into the specified paths, and unlisted 5453 keys will not be present. If a key is specified which 5454 is not present in the Secret, the volume setup will 5455 error unless it is marked optional. Paths must be 5456 relative and may not contain the '..' path or start 5457 with '..'. 5458 items: 5459 description: Maps a string key to a path within a 5460 volume. 5461 properties: 5462 key: 5463 description: The key to project. 5464 type: string 5465 mode: 5466 description: 'Optional: mode bits used to set 5467 permissions on this file. Must be an octal value 5468 between 0000 and 0777 or a decimal value between 5469 0 and 511. YAML accepts both octal and decimal 5470 values, JSON requires decimal values for mode 5471 bits. If not specified, the volume defaultMode 5472 will be used. This might be in conflict with 5473 other options that affect the file mode, like 5474 fsGroup, and the result can be other mode bits 5475 set.' 5476 format: int32 5477 type: integer 5478 path: 5479 description: The relative path of the file to 5480 map the key to. May not be an absolute path. 5481 May not contain the path element '..'. May not 5482 start with the string '..'. 5483 type: string 5484 required: 5485 - key 5486 - path 5487 type: object 5488 type: array 5489 optional: 5490 description: Specify whether the Secret or its keys 5491 must be defined 5492 type: boolean 5493 secretName: 5494 description: 'Name of the secret in the pod''s namespace 5495 to use. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret' 5496 type: string 5497 type: object 5498 storageos: 5499 description: StorageOS represents a StorageOS volume attached 5500 and mounted on Kubernetes nodes. 5501 properties: 5502 fsType: 5503 description: Filesystem type to mount. Must be a filesystem 5504 type supported by the host operating system. Ex. "ext4", 5505 "xfs", "ntfs". Implicitly inferred to be "ext4" if 5506 unspecified. 5507 type: string 5508 readOnly: 5509 description: Defaults to false (read/write). ReadOnly 5510 here will force the ReadOnly setting in VolumeMounts. 5511 type: boolean 5512 secretRef: 5513 description: SecretRef specifies the secret to use for 5514 obtaining the StorageOS API credentials. If not specified, 5515 default values will be attempted. 5516 properties: 5517 name: 5518 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 5519 TODO: Add other useful fields. apiVersion, kind, 5520 uid?' 5521 type: string 5522 type: object 5523 volumeName: 5524 description: VolumeName is the human-readable name of 5525 the StorageOS volume. Volume names are only unique 5526 within a namespace. 5527 type: string 5528 volumeNamespace: 5529 description: VolumeNamespace specifies the scope of 5530 the volume within StorageOS. If no namespace is specified 5531 then the Pod's namespace will be used. This allows 5532 the Kubernetes name scoping to be mirrored within 5533 StorageOS for tighter integration. Set VolumeName 5534 to any name to override the default behaviour. Set 5535 to "default" if you are not using namespaces within 5536 StorageOS. Namespaces that do not pre-exist within 5537 StorageOS will be created. 5538 type: string 5539 type: object 5540 vsphereVolume: 5541 description: VsphereVolume represents a vSphere volume attached 5542 and mounted on kubelets host machine 5543 properties: 5544 fsType: 5545 description: Filesystem type to mount. Must be a filesystem 5546 type supported by the host operating system. Ex. "ext4", 5547 "xfs", "ntfs". Implicitly inferred to be "ext4" if 5548 unspecified. 5549 type: string 5550 storagePolicyID: 5551 description: Storage Policy Based Management (SPBM) 5552 profile ID associated with the StoragePolicyName. 5553 type: string 5554 storagePolicyName: 5555 description: Storage Policy Based Management (SPBM) 5556 profile name. 5557 type: string 5558 volumePath: 5559 description: Path that identifies vSphere volume vmdk 5560 type: string 5561 required: 5562 - volumePath 5563 type: object 5564 required: 5565 - name 5566 type: object 5567 type: array 5568 type: object 5569 repositoryCredentials: 5570 description: RepositoryCredentials are the Git pull credentials to 5571 configure Argo CD with upon creation of the cluster. 5572 type: string 5573 resourceActions: 5574 description: ResourceActions customizes resource action behavior. 5575 items: 5576 description: Resource Customization for custom action 5577 properties: 5578 action: 5579 type: string 5580 group: 5581 type: string 5582 kind: 5583 type: string 5584 type: object 5585 type: array 5586 resourceCustomizations: 5587 description: 'ResourceCustomizations customizes resource behavior. 5588 Keys are in the form: group/Kind. Please note that this is being 5589 deprecated in favor of ResourceHealthChecks, ResourceIgnoreDifferences, 5590 and ResourceActions.' 5591 type: string 5592 resourceExclusions: 5593 description: ResourceExclusions is used to completely ignore entire 5594 classes of resource group/kinds. 5595 type: string 5596 resourceHealthChecks: 5597 description: ResourceHealthChecks customizes resource health check 5598 behavior. 5599 items: 5600 description: Resource Customization for custom health check 5601 properties: 5602 check: 5603 type: string 5604 group: 5605 type: string 5606 kind: 5607 type: string 5608 type: object 5609 type: array 5610 resourceIgnoreDifferences: 5611 description: ResourceIgnoreDifferences customizes resource ignore 5612 difference behavior. 5613 properties: 5614 all: 5615 properties: 5616 jqPathExpressions: 5617 items: 5618 type: string 5619 type: array 5620 jsonPointers: 5621 items: 5622 type: string 5623 type: array 5624 managedFieldsManagers: 5625 items: 5626 type: string 5627 type: array 5628 type: object 5629 resourceIdentifiers: 5630 items: 5631 description: Resource Customization fields for ignore difference 5632 properties: 5633 customization: 5634 properties: 5635 jqPathExpressions: 5636 items: 5637 type: string 5638 type: array 5639 jsonPointers: 5640 items: 5641 type: string 5642 type: array 5643 managedFieldsManagers: 5644 items: 5645 type: string 5646 type: array 5647 type: object 5648 group: 5649 type: string 5650 kind: 5651 type: string 5652 type: object 5653 type: array 5654 type: object 5655 resourceInclusions: 5656 description: ResourceInclusions is used to only include specific group/kinds 5657 in the reconciliation process. 5658 type: string 5659 resourceTrackingMethod: 5660 description: ResourceTrackingMethod defines how Argo CD should track 5661 resources that it manages 5662 type: string 5663 server: 5664 description: Server defines the options for the ArgoCD Server component. 5665 properties: 5666 autoscale: 5667 description: Autoscale defines the autoscale options for the Argo 5668 CD Server component. 5669 properties: 5670 enabled: 5671 description: Enabled will toggle autoscaling support for the 5672 Argo CD Server component. 5673 type: boolean 5674 hpa: 5675 description: HPA defines the HorizontalPodAutoscaler options 5676 for the Argo CD Server component. 5677 properties: 5678 maxReplicas: 5679 description: upper limit for the number of pods that can 5680 be set by the autoscaler; cannot be smaller than MinReplicas. 5681 format: int32 5682 type: integer 5683 minReplicas: 5684 description: minReplicas is the lower limit for the number 5685 of replicas to which the autoscaler can scale down. It 5686 defaults to 1 pod. minReplicas is allowed to be 0 if 5687 the alpha feature gate HPAScaleToZero is enabled and 5688 at least one Object or External metric is configured. Scaling 5689 is active as long as at least one metric value is available. 5690 format: int32 5691 type: integer 5692 scaleTargetRef: 5693 description: reference to scaled resource; horizontal 5694 pod autoscaler will learn the current resource consumption 5695 and will set the desired number of pods by using its 5696 Scale subresource. 5697 properties: 5698 apiVersion: 5699 description: API version of the referent 5700 type: string 5701 kind: 5702 description: 'Kind of the referent; More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds"' 5703 type: string 5704 name: 5705 description: 'Name of the referent; More info: http://kubernetes.io/docs/user-guide/identifiers#names' 5706 type: string 5707 required: 5708 - kind 5709 - name 5710 type: object 5711 targetCPUUtilizationPercentage: 5712 description: target average CPU utilization (represented 5713 as a percentage of requested CPU) over all the pods; 5714 if not specified the default autoscaling policy will 5715 be used. 5716 format: int32 5717 type: integer 5718 required: 5719 - maxReplicas 5720 - scaleTargetRef 5721 type: object 5722 required: 5723 - enabled 5724 type: object 5725 env: 5726 description: Env lets you specify environment for API server pods 5727 items: 5728 description: EnvVar represents an environment variable present 5729 in a Container. 5730 properties: 5731 name: 5732 description: Name of the environment variable. Must be a 5733 C_IDENTIFIER. 5734 type: string 5735 value: 5736 description: 'Variable references $(VAR_NAME) are expanded 5737 using the previously defined environment variables in 5738 the container and any service environment variables. If 5739 a variable cannot be resolved, the reference in the input 5740 string will be unchanged. Double $$ are reduced to a single 5741 $, which allows for escaping the $(VAR_NAME) syntax: i.e. 5742 "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". 5743 Escaped references will never be expanded, regardless 5744 of whether the variable exists or not. Defaults to "".' 5745 type: string 5746 valueFrom: 5747 description: Source for the environment variable's value. 5748 Cannot be used if value is not empty. 5749 properties: 5750 configMapKeyRef: 5751 description: Selects a key of a ConfigMap. 5752 properties: 5753 key: 5754 description: The key to select. 5755 type: string 5756 name: 5757 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 5758 TODO: Add other useful fields. apiVersion, kind, 5759 uid?' 5760 type: string 5761 optional: 5762 description: Specify whether the ConfigMap or its 5763 key must be defined 5764 type: boolean 5765 required: 5766 - key 5767 type: object 5768 fieldRef: 5769 description: 'Selects a field of the pod: supports metadata.name, 5770 metadata.namespace, `metadata.labels[''<KEY>'']`, 5771 `metadata.annotations[''<KEY>'']`, spec.nodeName, 5772 spec.serviceAccountName, status.hostIP, status.podIP, 5773 status.podIPs.' 5774 properties: 5775 apiVersion: 5776 description: Version of the schema the FieldPath 5777 is written in terms of, defaults to "v1". 5778 type: string 5779 fieldPath: 5780 description: Path of the field to select in the 5781 specified API version. 5782 type: string 5783 required: 5784 - fieldPath 5785 type: object 5786 resourceFieldRef: 5787 description: 'Selects a resource of the container: only 5788 resources limits and requests (limits.cpu, limits.memory, 5789 limits.ephemeral-storage, requests.cpu, requests.memory 5790 and requests.ephemeral-storage) are currently supported.' 5791 properties: 5792 containerName: 5793 description: 'Container name: required for volumes, 5794 optional for env vars' 5795 type: string 5796 divisor: 5797 anyOf: 5798 - type: integer 5799 - type: string 5800 description: Specifies the output format of the 5801 exposed resources, defaults to "1" 5802 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 5803 x-kubernetes-int-or-string: true 5804 resource: 5805 description: 'Required: resource to select' 5806 type: string 5807 required: 5808 - resource 5809 type: object 5810 secretKeyRef: 5811 description: Selects a key of a secret in the pod's 5812 namespace 5813 properties: 5814 key: 5815 description: The key of the secret to select from. Must 5816 be a valid secret key. 5817 type: string 5818 name: 5819 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 5820 TODO: Add other useful fields. apiVersion, kind, 5821 uid?' 5822 type: string 5823 optional: 5824 description: Specify whether the Secret or its key 5825 must be defined 5826 type: boolean 5827 required: 5828 - key 5829 type: object 5830 type: object 5831 required: 5832 - name 5833 type: object 5834 type: array 5835 extraCommandArgs: 5836 description: Extra Command arguments that would append to the 5837 Argo CD server command. ExtraCommandArgs will not be added, 5838 if one of these commands is already part of the server command 5839 with same or different value. 5840 items: 5841 type: string 5842 type: array 5843 grpc: 5844 description: GRPC defines the state for the Argo CD Server GRPC 5845 options. 5846 properties: 5847 host: 5848 description: Host is the hostname to use for Ingress/Route 5849 resources. 5850 type: string 5851 ingress: 5852 description: Ingress defines the desired state for the Argo 5853 CD Server GRPC Ingress. 5854 properties: 5855 annotations: 5856 additionalProperties: 5857 type: string 5858 description: Annotations is the map of annotations to 5859 apply to the Ingress. 5860 type: object 5861 enabled: 5862 description: Enabled will toggle the creation of the Ingress. 5863 type: boolean 5864 ingressClassName: 5865 description: IngressClassName for the Ingress resource. 5866 type: string 5867 path: 5868 description: Path used for the Ingress resource. 5869 type: string 5870 tls: 5871 description: TLS configuration. Currently the Ingress 5872 only supports a single TLS port, 443. If multiple members 5873 of this list specify different hosts, they will be multiplexed 5874 on the same port according to the hostname specified 5875 through the SNI TLS extension, if the ingress controller 5876 fulfilling the ingress supports SNI. 5877 items: 5878 description: IngressTLS describes the transport layer 5879 security associated with an Ingress. 5880 properties: 5881 hosts: 5882 description: Hosts are a list of hosts included 5883 in the TLS certificate. The values in this list 5884 must match the name/s used in the tlsSecret. Defaults 5885 to the wildcard host setting for the loadbalancer 5886 controller fulfilling this Ingress, if left unspecified. 5887 items: 5888 type: string 5889 type: array 5890 x-kubernetes-list-type: atomic 5891 secretName: 5892 description: SecretName is the name of the secret 5893 used to terminate TLS traffic on port 443. Field 5894 is left optional to allow TLS routing based on 5895 SNI hostname alone. If the SNI host in a listener 5896 conflicts with the "Host" header field used by 5897 an IngressRule, the SNI host is used for termination 5898 and value of the Host header is used for routing. 5899 type: string 5900 type: object 5901 type: array 5902 required: 5903 - enabled 5904 type: object 5905 type: object 5906 host: 5907 description: Host is the hostname to use for Ingress/Route resources. 5908 type: string 5909 ingress: 5910 description: Ingress defines the desired state for an Ingress 5911 for the Argo CD Server component. 5912 properties: 5913 annotations: 5914 additionalProperties: 5915 type: string 5916 description: Annotations is the map of annotations to apply 5917 to the Ingress. 5918 type: object 5919 enabled: 5920 description: Enabled will toggle the creation of the Ingress. 5921 type: boolean 5922 ingressClassName: 5923 description: IngressClassName for the Ingress resource. 5924 type: string 5925 path: 5926 description: Path used for the Ingress resource. 5927 type: string 5928 tls: 5929 description: TLS configuration. Currently the Ingress only 5930 supports a single TLS port, 443. If multiple members of 5931 this list specify different hosts, they will be multiplexed 5932 on the same port according to the hostname specified through 5933 the SNI TLS extension, if the ingress controller fulfilling 5934 the ingress supports SNI. 5935 items: 5936 description: IngressTLS describes the transport layer security 5937 associated with an Ingress. 5938 properties: 5939 hosts: 5940 description: Hosts are a list of hosts included in the 5941 TLS certificate. The values in this list must match 5942 the name/s used in the tlsSecret. Defaults to the 5943 wildcard host setting for the loadbalancer controller 5944 fulfilling this Ingress, if left unspecified. 5945 items: 5946 type: string 5947 type: array 5948 x-kubernetes-list-type: atomic 5949 secretName: 5950 description: SecretName is the name of the secret used 5951 to terminate TLS traffic on port 443. Field is left 5952 optional to allow TLS routing based on SNI hostname 5953 alone. If the SNI host in a listener conflicts with 5954 the "Host" header field used by an IngressRule, the 5955 SNI host is used for termination and value of the 5956 Host header is used for routing. 5957 type: string 5958 type: object 5959 type: array 5960 required: 5961 - enabled 5962 type: object 5963 insecure: 5964 description: Insecure toggles the insecure flag. 5965 type: boolean 5966 logFormat: 5967 description: LogFormat refers to the log level to be used by the 5968 ArgoCD Server component. Defaults to ArgoCDDefaultLogFormat 5969 if not configured. Valid options are text or json. 5970 type: string 5971 logLevel: 5972 description: LogLevel refers to the log level to be used by the 5973 ArgoCD Server component. Defaults to ArgoCDDefaultLogLevel if 5974 not set. Valid options are debug, info, error, and warn. 5975 type: string 5976 replicas: 5977 description: Replicas defines the number of replicas for argocd-server. 5978 Default is nil. Value should be greater than or equal to 0. 5979 Value will be ignored if Autoscaler is enabled. 5980 format: int32 5981 type: integer 5982 resources: 5983 description: Resources defines the Compute Resources required 5984 by the container for the Argo CD server component. 5985 properties: 5986 limits: 5987 additionalProperties: 5988 anyOf: 5989 - type: integer 5990 - type: string 5991 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 5992 x-kubernetes-int-or-string: true 5993 description: 'Limits describes the maximum amount of compute 5994 resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' 5995 type: object 5996 requests: 5997 additionalProperties: 5998 anyOf: 5999 - type: integer 6000 - type: string 6001 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 6002 x-kubernetes-int-or-string: true 6003 description: 'Requests describes the minimum amount of compute 6004 resources required. If Requests is omitted for a container, 6005 it defaults to Limits if that is explicitly specified, otherwise 6006 to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' 6007 type: object 6008 type: object 6009 route: 6010 description: Route defines the desired state for an OpenShift 6011 Route for the Argo CD Server component. 6012 properties: 6013 annotations: 6014 additionalProperties: 6015 type: string 6016 description: Annotations is the map of annotations to use 6017 for the Route resource. 6018 type: object 6019 enabled: 6020 description: Enabled will toggle the creation of the OpenShift 6021 Route. 6022 type: boolean 6023 labels: 6024 additionalProperties: 6025 type: string 6026 description: Labels is the map of labels to use for the Route 6027 resource 6028 type: object 6029 path: 6030 description: Path the router watches for, to route traffic 6031 for to the service. 6032 type: string 6033 tls: 6034 description: TLS provides the ability to configure certificates 6035 and termination for the Route. 6036 properties: 6037 caCertificate: 6038 description: caCertificate provides the cert authority 6039 certificate contents 6040 type: string 6041 certificate: 6042 description: certificate provides certificate contents 6043 type: string 6044 destinationCACertificate: 6045 description: destinationCACertificate provides the contents 6046 of the ca certificate of the final destination. When 6047 using reencrypt termination this file should be provided 6048 in order to have routers use it for health checks on 6049 the secure connection. If this field is not specified, 6050 the router may provide its own destination CA and perform 6051 hostname validation using the short service name (service.namespace.svc), 6052 which allows infrastructure generated certificates to 6053 automatically verify. 6054 type: string 6055 insecureEdgeTerminationPolicy: 6056 description: "insecureEdgeTerminationPolicy indicates 6057 the desired behavior for insecure connections to a route. 6058 While each router may make its own decisions on which 6059 ports to expose, this is normally port 80. \n * Allow 6060 - traffic is sent to the server on the insecure port 6061 (default) * Disable - no traffic is allowed on the insecure 6062 port. * Redirect - clients are redirected to the secure 6063 port." 6064 type: string 6065 key: 6066 description: key provides key file contents 6067 type: string 6068 termination: 6069 description: termination indicates termination type. 6070 type: string 6071 required: 6072 - termination 6073 type: object 6074 wildcardPolicy: 6075 description: WildcardPolicy if any for the route. Currently 6076 only 'Subdomain' or 'None' is allowed. 6077 type: string 6078 required: 6079 - enabled 6080 type: object 6081 service: 6082 description: Service defines the options for the Service backing 6083 the ArgoCD Server component. 6084 properties: 6085 type: 6086 description: Type is the ServiceType to use for the Service 6087 resource. 6088 type: string 6089 required: 6090 - type 6091 type: object 6092 type: object 6093 sourceNamespaces: 6094 description: SourceNamespaces defines the namespaces application resources 6095 are allowed to be created in 6096 items: 6097 type: string 6098 type: array 6099 sso: 6100 description: SSO defines the Single Sign-on configuration for Argo 6101 CD 6102 properties: 6103 dex: 6104 description: Dex contains the configuration for Argo CD dex authentication 6105 properties: 6106 config: 6107 description: Config is the dex connector configuration. 6108 type: string 6109 groups: 6110 description: Optional list of required groups a user must 6111 be a member of 6112 items: 6113 type: string 6114 type: array 6115 image: 6116 description: Image is the Dex container image. 6117 type: string 6118 openShiftOAuth: 6119 description: OpenShiftOAuth enables OpenShift OAuth authentication 6120 for the Dex server. 6121 type: boolean 6122 resources: 6123 description: Resources defines the Compute Resources required 6124 by the container for Dex. 6125 properties: 6126 limits: 6127 additionalProperties: 6128 anyOf: 6129 - type: integer 6130 - type: string 6131 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 6132 x-kubernetes-int-or-string: true 6133 description: 'Limits describes the maximum amount of compute 6134 resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' 6135 type: object 6136 requests: 6137 additionalProperties: 6138 anyOf: 6139 - type: integer 6140 - type: string 6141 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 6142 x-kubernetes-int-or-string: true 6143 description: 'Requests describes the minimum amount of 6144 compute resources required. If Requests is omitted for 6145 a container, it defaults to Limits if that is explicitly 6146 specified, otherwise to an implementation-defined value. 6147 More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' 6148 type: object 6149 type: object 6150 version: 6151 description: Version is the Dex container image tag. 6152 type: string 6153 type: object 6154 keycloak: 6155 description: Keycloak contains the configuration for Argo CD keycloak 6156 authentication 6157 properties: 6158 image: 6159 description: Image is the Keycloak container image. 6160 type: string 6161 resources: 6162 description: Resources defines the Compute Resources required 6163 by the container for Keycloak. 6164 properties: 6165 limits: 6166 additionalProperties: 6167 anyOf: 6168 - type: integer 6169 - type: string 6170 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 6171 x-kubernetes-int-or-string: true 6172 description: 'Limits describes the maximum amount of compute 6173 resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' 6174 type: object 6175 requests: 6176 additionalProperties: 6177 anyOf: 6178 - type: integer 6179 - type: string 6180 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 6181 x-kubernetes-int-or-string: true 6182 description: 'Requests describes the minimum amount of 6183 compute resources required. If Requests is omitted for 6184 a container, it defaults to Limits if that is explicitly 6185 specified, otherwise to an implementation-defined value. 6186 More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' 6187 type: object 6188 type: object 6189 rootCA: 6190 description: Custom root CA certificate for communicating 6191 with the Keycloak OIDC provider 6192 type: string 6193 verifyTLS: 6194 description: VerifyTLS set to false disables strict TLS validation. 6195 type: boolean 6196 version: 6197 description: Version is the Keycloak container image tag. 6198 type: string 6199 type: object 6200 provider: 6201 description: Provider installs and configures the given SSO Provider 6202 with Argo CD. 6203 type: string 6204 type: object 6205 statusBadgeEnabled: 6206 description: StatusBadgeEnabled toggles application status badge feature. 6207 type: boolean 6208 tls: 6209 description: TLS defines the TLS options for ArgoCD. 6210 properties: 6211 ca: 6212 description: CA defines the CA options. 6213 properties: 6214 configMapName: 6215 description: ConfigMapName is the name of the ConfigMap containing 6216 the CA Certificate. 6217 type: string 6218 secretName: 6219 description: SecretName is the name of the Secret containing 6220 the CA Certificate and Key. 6221 type: string 6222 type: object 6223 initialCerts: 6224 additionalProperties: 6225 type: string 6226 description: InitialCerts defines custom TLS certificates upon 6227 creation of the cluster for connecting Git repositories via 6228 HTTPS. 6229 type: object 6230 type: object 6231 usersAnonymousEnabled: 6232 description: UsersAnonymousEnabled toggles anonymous user access. 6233 The anonymous users get default role permissions specified argocd-rbac-cm. 6234 type: boolean 6235 version: 6236 description: Version is the tag to use with the ArgoCD container image 6237 for all ArgoCD components. 6238 type: string 6239 type: object 6240 status: 6241 description: ArgoCDStatus defines the observed state of ArgoCD 6242 properties: 6243 applicationController: 6244 description: 'ApplicationController is a simple, high-level summary 6245 of where the Argo CD application controller component is in its 6246 lifecycle. There are four possible ApplicationController values: 6247 Pending: The Argo CD application controller component has been accepted 6248 by the Kubernetes system, but one or more of the required resources 6249 have not been created. Running: All of the required Pods for the 6250 Argo CD application controller component are in a Ready state. Failed: 6251 At least one of the Argo CD application controller component Pods 6252 had a failure. Unknown: The state of the Argo CD application controller 6253 component could not be obtained.' 6254 type: string 6255 applicationSetController: 6256 description: 'ApplicationSetController is a simple, high-level summary 6257 of where the Argo CD applicationSet controller component is in its 6258 lifecycle. There are four possible ApplicationSetController values: 6259 Pending: The Argo CD applicationSet controller component has been 6260 accepted by the Kubernetes system, but one or more of the required 6261 resources have not been created. Running: All of the required Pods 6262 for the Argo CD applicationSet controller component are in a Ready 6263 state. Failed: At least one of the Argo CD applicationSet controller 6264 component Pods had a failure. Unknown: The state of the Argo CD 6265 applicationSet controller component could not be obtained.' 6266 type: string 6267 host: 6268 description: Host is the hostname of the Ingress. 6269 type: string 6270 notificationsController: 6271 description: 'NotificationsController is a simple, high-level summary 6272 of where the Argo CD notifications controller component is in its 6273 lifecycle. There are four possible NotificationsController values: 6274 Pending: The Argo CD notifications controller component has been 6275 accepted by the Kubernetes system, but one or more of the required 6276 resources have not been created. Running: All of the required Pods 6277 for the Argo CD notifications controller component are in a Ready 6278 state. Failed: At least one of the Argo CD notifications controller 6279 component Pods had a failure. Unknown: The state of the Argo CD 6280 notifications controller component could not be obtained.' 6281 type: string 6282 phase: 6283 description: 'Phase is a simple, high-level summary of where the ArgoCD 6284 is in its lifecycle. There are four possible phase values: Pending: 6285 The ArgoCD has been accepted by the Kubernetes system, but one or 6286 more of the required resources have not been created. Available: 6287 All of the resources for the ArgoCD are ready. Failed: At least 6288 one resource has experienced a failure. Unknown: The state of the 6289 ArgoCD phase could not be obtained.' 6290 type: string 6291 redis: 6292 description: 'Redis is a simple, high-level summary of where the Argo 6293 CD Redis component is in its lifecycle. There are four possible 6294 redis values: Pending: The Argo CD Redis component has been accepted 6295 by the Kubernetes system, but one or more of the required resources 6296 have not been created. Running: All of the required Pods for the 6297 Argo CD Redis component are in a Ready state. Failed: At least one 6298 of the Argo CD Redis component Pods had a failure. Unknown: The 6299 state of the Argo CD Redis component could not be obtained.' 6300 type: string 6301 redisTLSChecksum: 6302 description: RedisTLSChecksum contains the SHA256 checksum of the 6303 latest known state of tls.crt and tls.key in the argocd-operator-redis-tls 6304 secret. 6305 type: string 6306 repo: 6307 description: 'Repo is a simple, high-level summary of where the Argo 6308 CD Repo component is in its lifecycle. There are four possible repo 6309 values: Pending: The Argo CD Repo component has been accepted by 6310 the Kubernetes system, but one or more of the required resources 6311 have not been created. Running: All of the required Pods for the 6312 Argo CD Repo component are in a Ready state. Failed: At least one 6313 of the Argo CD Repo component Pods had a failure. Unknown: The 6314 state of the Argo CD Repo component could not be obtained.' 6315 type: string 6316 repoTLSChecksum: 6317 description: RepoTLSChecksum contains the SHA256 checksum of the latest 6318 known state of tls.crt and tls.key in the argocd-repo-server-tls 6319 secret. 6320 type: string 6321 server: 6322 description: 'Server is a simple, high-level summary of where the 6323 Argo CD server component is in its lifecycle. There are four possible 6324 server values: Pending: The Argo CD server component has been accepted 6325 by the Kubernetes system, but one or more of the required resources 6326 have not been created. Running: All of the required Pods for the 6327 Argo CD server component are in a Ready state. Failed: At least 6328 one of the Argo CD server component Pods had a failure. Unknown: 6329 The state of the Argo CD server component could not be obtained.' 6330 type: string 6331 sso: 6332 description: 'SSO is a simple, high-level summary of where the Argo 6333 CD SSO(Dex/Keycloak) component is in its lifecycle. There are four 6334 possible sso values: Pending: The Argo CD SSO component has been 6335 accepted by the Kubernetes system, but one or more of the required 6336 resources have not been created. Running: All of the required Pods 6337 for the Argo CD SSO component are in a Ready state. Failed: At least 6338 one of the Argo CD SSO component Pods had a failure. Unknown: The 6339 state of the Argo CD SSO component could not be obtained.' 6340 type: string 6341 type: object 6342 type: object 6343 served: true 6344 storage: true 6345 subresources: 6346 status: {} 6347 status: 6348 acceptedNames: 6349 kind: "" 6350 plural: "" 6351 conditions: [] 6352 storedVersions: []