github.com/argoproj-labs/argocd-operator@v0.10.0/deploy/olm-catalog/argocd-operator/0.7.0/argoproj.io_argocds.yaml (about) 1 apiVersion: apiextensions.k8s.io/v1 2 kind: CustomResourceDefinition 3 metadata: 4 annotations: 5 controller-gen.kubebuilder.io/version: v0.6.1 6 creationTimestamp: null 7 name: argocds.argoproj.io 8 spec: 9 group: argoproj.io 10 names: 11 kind: ArgoCD 12 listKind: ArgoCDList 13 plural: argocds 14 singular: argocd 15 scope: Namespaced 16 versions: 17 - name: v1alpha1 18 schema: 19 openAPIV3Schema: 20 description: ArgoCD is the Schema for the argocds API 21 properties: 22 apiVersion: 23 description: 'APIVersion defines the versioned schema of this representation 24 of an object. Servers should convert recognized schemas to the latest 25 internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' 26 type: string 27 kind: 28 description: 'Kind is a string value representing the REST resource this 29 object represents. Servers may infer this from the endpoint the client 30 submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' 31 type: string 32 metadata: 33 type: object 34 spec: 35 description: ArgoCDSpec defines the desired state of ArgoCD 36 properties: 37 applicationInstanceLabelKey: 38 description: ApplicationInstanceLabelKey is the key name where Argo 39 CD injects the app name as a tracking label. 40 type: string 41 applicationSet: 42 description: ArgoCDApplicationSet defines whether the Argo CD ApplicationSet 43 controller should be installed. 44 properties: 45 env: 46 description: Env lets you specify environment for applicationSet 47 controller pods 48 items: 49 description: EnvVar represents an environment variable present 50 in a Container. 51 properties: 52 name: 53 description: Name of the environment variable. Must be a 54 C_IDENTIFIER. 55 type: string 56 value: 57 description: 'Variable references $(VAR_NAME) are expanded 58 using the previously defined environment variables in 59 the container and any service environment variables. If 60 a variable cannot be resolved, the reference in the input 61 string will be unchanged. Double $$ are reduced to a single 62 $, which allows for escaping the $(VAR_NAME) syntax: i.e. 63 "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". 64 Escaped references will never be expanded, regardless 65 of whether the variable exists or not. Defaults to "".' 66 type: string 67 valueFrom: 68 description: Source for the environment variable's value. 69 Cannot be used if value is not empty. 70 properties: 71 configMapKeyRef: 72 description: Selects a key of a ConfigMap. 73 properties: 74 key: 75 description: The key to select. 76 type: string 77 name: 78 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 79 TODO: Add other useful fields. apiVersion, kind, 80 uid?' 81 type: string 82 optional: 83 description: Specify whether the ConfigMap or its 84 key must be defined 85 type: boolean 86 required: 87 - key 88 type: object 89 fieldRef: 90 description: 'Selects a field of the pod: supports metadata.name, 91 metadata.namespace, `metadata.labels[''<KEY>'']`, 92 `metadata.annotations[''<KEY>'']`, spec.nodeName, 93 spec.serviceAccountName, status.hostIP, status.podIP, 94 status.podIPs.' 95 properties: 96 apiVersion: 97 description: Version of the schema the FieldPath 98 is written in terms of, defaults to "v1". 99 type: string 100 fieldPath: 101 description: Path of the field to select in the 102 specified API version. 103 type: string 104 required: 105 - fieldPath 106 type: object 107 resourceFieldRef: 108 description: 'Selects a resource of the container: only 109 resources limits and requests (limits.cpu, limits.memory, 110 limits.ephemeral-storage, requests.cpu, requests.memory 111 and requests.ephemeral-storage) are currently supported.' 112 properties: 113 containerName: 114 description: 'Container name: required for volumes, 115 optional for env vars' 116 type: string 117 divisor: 118 anyOf: 119 - type: integer 120 - type: string 121 description: Specifies the output format of the 122 exposed resources, defaults to "1" 123 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 124 x-kubernetes-int-or-string: true 125 resource: 126 description: 'Required: resource to select' 127 type: string 128 required: 129 - resource 130 type: object 131 secretKeyRef: 132 description: Selects a key of a secret in the pod's 133 namespace 134 properties: 135 key: 136 description: The key of the secret to select from. Must 137 be a valid secret key. 138 type: string 139 name: 140 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 141 TODO: Add other useful fields. apiVersion, kind, 142 uid?' 143 type: string 144 optional: 145 description: Specify whether the Secret or its key 146 must be defined 147 type: boolean 148 required: 149 - key 150 type: object 151 type: object 152 required: 153 - name 154 type: object 155 type: array 156 extraCommandArgs: 157 description: ExtraCommandArgs allows users to pass command line 158 arguments to ApplicationSet controller. They get added to default 159 command line arguments provided by the operator. Please note 160 that the command line arguments provided as part of ExtraCommandArgs 161 will not overwrite the default command line arguments. 162 items: 163 type: string 164 type: array 165 image: 166 description: Image is the Argo CD ApplicationSet image (optional) 167 type: string 168 logLevel: 169 description: LogLevel describes the log level that should be used 170 by the ApplicationSet controller. Defaults to ArgoCDDefaultLogLevel 171 if not set. Valid options are debug,info, error, and warn. 172 type: string 173 resources: 174 description: Resources defines the Compute Resources required 175 by the container for ApplicationSet. 176 properties: 177 limits: 178 additionalProperties: 179 anyOf: 180 - type: integer 181 - type: string 182 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 183 x-kubernetes-int-or-string: true 184 description: 'Limits describes the maximum amount of compute 185 resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' 186 type: object 187 requests: 188 additionalProperties: 189 anyOf: 190 - type: integer 191 - type: string 192 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 193 x-kubernetes-int-or-string: true 194 description: 'Requests describes the minimum amount of compute 195 resources required. If Requests is omitted for a container, 196 it defaults to Limits if that is explicitly specified, otherwise 197 to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' 198 type: object 199 type: object 200 version: 201 description: Version is the Argo CD ApplicationSet image tag. 202 (optional) 203 type: string 204 webhookServer: 205 description: WebhookServerSpec defines the options for the ApplicationSet 206 Webhook Server component. 207 properties: 208 host: 209 description: Host is the hostname to use for Ingress/Route 210 resources. 211 type: string 212 ingress: 213 description: Ingress defines the desired state for an Ingress 214 for the Application set webhook component. 215 properties: 216 annotations: 217 additionalProperties: 218 type: string 219 description: Annotations is the map of annotations to 220 apply to the Ingress. 221 type: object 222 enabled: 223 description: Enabled will toggle the creation of the Ingress. 224 type: boolean 225 ingressClassName: 226 description: IngressClassName for the Ingress resource. 227 type: string 228 path: 229 description: Path used for the Ingress resource. 230 type: string 231 tls: 232 description: TLS configuration. Currently the Ingress 233 only supports a single TLS port, 443. If multiple members 234 of this list specify different hosts, they will be multiplexed 235 on the same port according to the hostname specified 236 through the SNI TLS extension, if the ingress controller 237 fulfilling the ingress supports SNI. 238 items: 239 description: IngressTLS describes the transport layer 240 security associated with an Ingress. 241 properties: 242 hosts: 243 description: Hosts are a list of hosts included 244 in the TLS certificate. The values in this list 245 must match the name/s used in the tlsSecret. Defaults 246 to the wildcard host setting for the loadbalancer 247 controller fulfilling this Ingress, if left unspecified. 248 items: 249 type: string 250 type: array 251 x-kubernetes-list-type: atomic 252 secretName: 253 description: SecretName is the name of the secret 254 used to terminate TLS traffic on port 443. Field 255 is left optional to allow TLS routing based on 256 SNI hostname alone. If the SNI host in a listener 257 conflicts with the "Host" header field used by 258 an IngressRule, the SNI host is used for termination 259 and value of the Host header is used for routing. 260 type: string 261 type: object 262 type: array 263 required: 264 - enabled 265 type: object 266 route: 267 description: Route defines the desired state for an OpenShift 268 Route for the Application set webhook component. 269 properties: 270 annotations: 271 additionalProperties: 272 type: string 273 description: Annotations is the map of annotations to 274 use for the Route resource. 275 type: object 276 enabled: 277 description: Enabled will toggle the creation of the OpenShift 278 Route. 279 type: boolean 280 labels: 281 additionalProperties: 282 type: string 283 description: Labels is the map of labels to use for the 284 Route resource 285 type: object 286 path: 287 description: Path the router watches for, to route traffic 288 for to the service. 289 type: string 290 tls: 291 description: TLS provides the ability to configure certificates 292 and termination for the Route. 293 properties: 294 caCertificate: 295 description: caCertificate provides the cert authority 296 certificate contents 297 type: string 298 certificate: 299 description: certificate provides certificate contents 300 type: string 301 destinationCACertificate: 302 description: destinationCACertificate provides the 303 contents of the ca certificate of the final destination. When 304 using reencrypt termination this file should be 305 provided in order to have routers use it for health 306 checks on the secure connection. If this field is 307 not specified, the router may provide its own destination 308 CA and perform hostname validation using the short 309 service name (service.namespace.svc), which allows 310 infrastructure generated certificates to automatically 311 verify. 312 type: string 313 insecureEdgeTerminationPolicy: 314 description: "insecureEdgeTerminationPolicy indicates 315 the desired behavior for insecure connections to 316 a route. While each router may make its own decisions 317 on which ports to expose, this is normally port 318 80. \n * Allow - traffic is sent to the server on 319 the insecure port (default) * Disable - no traffic 320 is allowed on the insecure port. * Redirect - clients 321 are redirected to the secure port." 322 type: string 323 key: 324 description: key provides key file contents 325 type: string 326 termination: 327 description: termination indicates termination type. 328 type: string 329 required: 330 - termination 331 type: object 332 wildcardPolicy: 333 description: WildcardPolicy if any for the route. Currently 334 only 'Subdomain' or 'None' is allowed. 335 type: string 336 required: 337 - enabled 338 type: object 339 type: object 340 type: object 341 banner: 342 description: Banner defines an additional banner to be displayed in 343 Argo CD UI 344 properties: 345 content: 346 description: Content defines the banner message content to display 347 type: string 348 url: 349 description: URL defines an optional URL to be used as banner 350 message link 351 type: string 352 required: 353 - content 354 type: object 355 configManagementPlugins: 356 description: ConfigManagementPlugins is used to specify additional 357 config management plugins. 358 type: string 359 controller: 360 description: Controller defines the Application Controller options 361 for ArgoCD. 362 properties: 363 appSync: 364 description: "AppSync is used to control the sync frequency, by 365 default the ArgoCD controller polls Git every 3m. \n Set this 366 to a duration, e.g. 10m or 600s to control the synchronisation 367 frequency." 368 type: string 369 env: 370 description: Env lets you specify environment for application 371 controller pods 372 items: 373 description: EnvVar represents an environment variable present 374 in a Container. 375 properties: 376 name: 377 description: Name of the environment variable. Must be a 378 C_IDENTIFIER. 379 type: string 380 value: 381 description: 'Variable references $(VAR_NAME) are expanded 382 using the previously defined environment variables in 383 the container and any service environment variables. If 384 a variable cannot be resolved, the reference in the input 385 string will be unchanged. Double $$ are reduced to a single 386 $, which allows for escaping the $(VAR_NAME) syntax: i.e. 387 "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". 388 Escaped references will never be expanded, regardless 389 of whether the variable exists or not. Defaults to "".' 390 type: string 391 valueFrom: 392 description: Source for the environment variable's value. 393 Cannot be used if value is not empty. 394 properties: 395 configMapKeyRef: 396 description: Selects a key of a ConfigMap. 397 properties: 398 key: 399 description: The key to select. 400 type: string 401 name: 402 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 403 TODO: Add other useful fields. apiVersion, kind, 404 uid?' 405 type: string 406 optional: 407 description: Specify whether the ConfigMap or its 408 key must be defined 409 type: boolean 410 required: 411 - key 412 type: object 413 fieldRef: 414 description: 'Selects a field of the pod: supports metadata.name, 415 metadata.namespace, `metadata.labels[''<KEY>'']`, 416 `metadata.annotations[''<KEY>'']`, spec.nodeName, 417 spec.serviceAccountName, status.hostIP, status.podIP, 418 status.podIPs.' 419 properties: 420 apiVersion: 421 description: Version of the schema the FieldPath 422 is written in terms of, defaults to "v1". 423 type: string 424 fieldPath: 425 description: Path of the field to select in the 426 specified API version. 427 type: string 428 required: 429 - fieldPath 430 type: object 431 resourceFieldRef: 432 description: 'Selects a resource of the container: only 433 resources limits and requests (limits.cpu, limits.memory, 434 limits.ephemeral-storage, requests.cpu, requests.memory 435 and requests.ephemeral-storage) are currently supported.' 436 properties: 437 containerName: 438 description: 'Container name: required for volumes, 439 optional for env vars' 440 type: string 441 divisor: 442 anyOf: 443 - type: integer 444 - type: string 445 description: Specifies the output format of the 446 exposed resources, defaults to "1" 447 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 448 x-kubernetes-int-or-string: true 449 resource: 450 description: 'Required: resource to select' 451 type: string 452 required: 453 - resource 454 type: object 455 secretKeyRef: 456 description: Selects a key of a secret in the pod's 457 namespace 458 properties: 459 key: 460 description: The key of the secret to select from. Must 461 be a valid secret key. 462 type: string 463 name: 464 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 465 TODO: Add other useful fields. apiVersion, kind, 466 uid?' 467 type: string 468 optional: 469 description: Specify whether the Secret or its key 470 must be defined 471 type: boolean 472 required: 473 - key 474 type: object 475 type: object 476 required: 477 - name 478 type: object 479 type: array 480 logFormat: 481 description: LogFormat refers to the log format used by the Application 482 Controller component. Defaults to ArgoCDDefaultLogFormat if 483 not configured. Valid options are text or json. 484 type: string 485 logLevel: 486 description: LogLevel refers to the log level used by the Application 487 Controller component. Defaults to ArgoCDDefaultLogLevel if not 488 configured. Valid options are debug, info, error, and warn. 489 type: string 490 parallelismLimit: 491 description: ParallelismLimit defines the limit for parallel kubectl 492 operations 493 format: int32 494 type: integer 495 processors: 496 description: Processors contains the options for the Application 497 Controller processors. 498 properties: 499 operation: 500 description: Operation is the number of application operation 501 processors. 502 format: int32 503 type: integer 504 status: 505 description: Status is the number of application status processors. 506 format: int32 507 type: integer 508 type: object 509 resources: 510 description: Resources defines the Compute Resources required 511 by the container for the Application Controller. 512 properties: 513 limits: 514 additionalProperties: 515 anyOf: 516 - type: integer 517 - type: string 518 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 519 x-kubernetes-int-or-string: true 520 description: 'Limits describes the maximum amount of compute 521 resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' 522 type: object 523 requests: 524 additionalProperties: 525 anyOf: 526 - type: integer 527 - type: string 528 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 529 x-kubernetes-int-or-string: true 530 description: 'Requests describes the minimum amount of compute 531 resources required. If Requests is omitted for a container, 532 it defaults to Limits if that is explicitly specified, otherwise 533 to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' 534 type: object 535 type: object 536 sharding: 537 description: Sharding contains the options for the Application 538 Controller sharding configuration. 539 properties: 540 enabled: 541 description: Enabled defines whether sharding should be enabled 542 on the Application Controller component. 543 type: boolean 544 replicas: 545 description: Replicas defines the number of replicas to run 546 in the Application controller shard. 547 format: int32 548 type: integer 549 type: object 550 type: object 551 dex: 552 description: Dex defines the Dex server options for ArgoCD. 553 properties: 554 config: 555 description: Config is the dex connector configuration. 556 type: string 557 groups: 558 description: Optional list of required groups a user must be a 559 member of 560 items: 561 type: string 562 type: array 563 image: 564 description: Image is the Dex container image. 565 type: string 566 openShiftOAuth: 567 description: OpenShiftOAuth enables OpenShift OAuth authentication 568 for the Dex server. 569 type: boolean 570 resources: 571 description: Resources defines the Compute Resources required 572 by the container for Dex. 573 properties: 574 limits: 575 additionalProperties: 576 anyOf: 577 - type: integer 578 - type: string 579 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 580 x-kubernetes-int-or-string: true 581 description: 'Limits describes the maximum amount of compute 582 resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' 583 type: object 584 requests: 585 additionalProperties: 586 anyOf: 587 - type: integer 588 - type: string 589 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 590 x-kubernetes-int-or-string: true 591 description: 'Requests describes the minimum amount of compute 592 resources required. If Requests is omitted for a container, 593 it defaults to Limits if that is explicitly specified, otherwise 594 to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' 595 type: object 596 type: object 597 version: 598 description: Version is the Dex container image tag. 599 type: string 600 type: object 601 disableAdmin: 602 description: DisableAdmin will disable the admin user. 603 type: boolean 604 extraConfig: 605 additionalProperties: 606 type: string 607 description: "ExtraConfig can be used to add fields to Argo CD configmap 608 that are not supported by Argo CD CRD. \n Note: ExtraConfig takes 609 precedence over Argo CD CRD. For example, A user sets `argocd.Spec.DisableAdmin` 610 = true and also `a.Spec.ExtraConfig[\"admin.enabled\"]` = true. 611 In this case, operator updates Argo CD Configmap as follows -> argocd-cm.Data[\"admin.enabled\"] 612 = true." 613 type: object 614 gaAnonymizeUsers: 615 description: GAAnonymizeUsers toggles user IDs being hashed before 616 sending to google analytics. 617 type: boolean 618 gaTrackingID: 619 description: GATrackingID is the google analytics tracking ID to use. 620 type: string 621 grafana: 622 description: Grafana defines the Grafana server options for ArgoCD. 623 properties: 624 enabled: 625 description: Enabled will toggle Grafana support globally for 626 ArgoCD. 627 type: boolean 628 host: 629 description: Host is the hostname to use for Ingress/Route resources. 630 type: string 631 image: 632 description: Image is the Grafana container image. 633 type: string 634 ingress: 635 description: Ingress defines the desired state for an Ingress 636 for the Grafana component. 637 properties: 638 annotations: 639 additionalProperties: 640 type: string 641 description: Annotations is the map of annotations to apply 642 to the Ingress. 643 type: object 644 enabled: 645 description: Enabled will toggle the creation of the Ingress. 646 type: boolean 647 ingressClassName: 648 description: IngressClassName for the Ingress resource. 649 type: string 650 path: 651 description: Path used for the Ingress resource. 652 type: string 653 tls: 654 description: TLS configuration. Currently the Ingress only 655 supports a single TLS port, 443. If multiple members of 656 this list specify different hosts, they will be multiplexed 657 on the same port according to the hostname specified through 658 the SNI TLS extension, if the ingress controller fulfilling 659 the ingress supports SNI. 660 items: 661 description: IngressTLS describes the transport layer security 662 associated with an Ingress. 663 properties: 664 hosts: 665 description: Hosts are a list of hosts included in the 666 TLS certificate. The values in this list must match 667 the name/s used in the tlsSecret. Defaults to the 668 wildcard host setting for the loadbalancer controller 669 fulfilling this Ingress, if left unspecified. 670 items: 671 type: string 672 type: array 673 x-kubernetes-list-type: atomic 674 secretName: 675 description: SecretName is the name of the secret used 676 to terminate TLS traffic on port 443. Field is left 677 optional to allow TLS routing based on SNI hostname 678 alone. If the SNI host in a listener conflicts with 679 the "Host" header field used by an IngressRule, the 680 SNI host is used for termination and value of the 681 Host header is used for routing. 682 type: string 683 type: object 684 type: array 685 required: 686 - enabled 687 type: object 688 resources: 689 description: Resources defines the Compute Resources required 690 by the container for Grafana. 691 properties: 692 limits: 693 additionalProperties: 694 anyOf: 695 - type: integer 696 - type: string 697 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 698 x-kubernetes-int-or-string: true 699 description: 'Limits describes the maximum amount of compute 700 resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' 701 type: object 702 requests: 703 additionalProperties: 704 anyOf: 705 - type: integer 706 - type: string 707 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 708 x-kubernetes-int-or-string: true 709 description: 'Requests describes the minimum amount of compute 710 resources required. If Requests is omitted for a container, 711 it defaults to Limits if that is explicitly specified, otherwise 712 to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' 713 type: object 714 type: object 715 route: 716 description: Route defines the desired state for an OpenShift 717 Route for the Grafana component. 718 properties: 719 annotations: 720 additionalProperties: 721 type: string 722 description: Annotations is the map of annotations to use 723 for the Route resource. 724 type: object 725 enabled: 726 description: Enabled will toggle the creation of the OpenShift 727 Route. 728 type: boolean 729 labels: 730 additionalProperties: 731 type: string 732 description: Labels is the map of labels to use for the Route 733 resource 734 type: object 735 path: 736 description: Path the router watches for, to route traffic 737 for to the service. 738 type: string 739 tls: 740 description: TLS provides the ability to configure certificates 741 and termination for the Route. 742 properties: 743 caCertificate: 744 description: caCertificate provides the cert authority 745 certificate contents 746 type: string 747 certificate: 748 description: certificate provides certificate contents 749 type: string 750 destinationCACertificate: 751 description: destinationCACertificate provides the contents 752 of the ca certificate of the final destination. When 753 using reencrypt termination this file should be provided 754 in order to have routers use it for health checks on 755 the secure connection. If this field is not specified, 756 the router may provide its own destination CA and perform 757 hostname validation using the short service name (service.namespace.svc), 758 which allows infrastructure generated certificates to 759 automatically verify. 760 type: string 761 insecureEdgeTerminationPolicy: 762 description: "insecureEdgeTerminationPolicy indicates 763 the desired behavior for insecure connections to a route. 764 While each router may make its own decisions on which 765 ports to expose, this is normally port 80. \n * Allow 766 - traffic is sent to the server on the insecure port 767 (default) * Disable - no traffic is allowed on the insecure 768 port. * Redirect - clients are redirected to the secure 769 port." 770 type: string 771 key: 772 description: key provides key file contents 773 type: string 774 termination: 775 description: termination indicates termination type. 776 type: string 777 required: 778 - termination 779 type: object 780 wildcardPolicy: 781 description: WildcardPolicy if any for the route. Currently 782 only 'Subdomain' or 'None' is allowed. 783 type: string 784 required: 785 - enabled 786 type: object 787 size: 788 description: Size is the replica count for the Grafana Deployment. 789 format: int32 790 type: integer 791 version: 792 description: Version is the Grafana container image tag. 793 type: string 794 required: 795 - enabled 796 type: object 797 ha: 798 description: HA options for High Availability support for the Redis 799 component. 800 properties: 801 enabled: 802 description: Enabled will toggle HA support globally for Argo 803 CD. 804 type: boolean 805 redisProxyImage: 806 description: RedisProxyImage is the Redis HAProxy container image. 807 type: string 808 redisProxyVersion: 809 description: RedisProxyVersion is the Redis HAProxy container 810 image tag. 811 type: string 812 resources: 813 description: Resources defines the Compute Resources required 814 by the container for HA. 815 properties: 816 limits: 817 additionalProperties: 818 anyOf: 819 - type: integer 820 - type: string 821 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 822 x-kubernetes-int-or-string: true 823 description: 'Limits describes the maximum amount of compute 824 resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' 825 type: object 826 requests: 827 additionalProperties: 828 anyOf: 829 - type: integer 830 - type: string 831 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 832 x-kubernetes-int-or-string: true 833 description: 'Requests describes the minimum amount of compute 834 resources required. If Requests is omitted for a container, 835 it defaults to Limits if that is explicitly specified, otherwise 836 to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' 837 type: object 838 type: object 839 required: 840 - enabled 841 type: object 842 helpChatText: 843 description: HelpChatText is the text for getting chat help, defaults 844 to "Chat now!" 845 type: string 846 helpChatURL: 847 description: HelpChatURL is the URL for getting chat help, this will 848 typically be your Slack channel for support. 849 type: string 850 image: 851 description: Image is the ArgoCD container image for all ArgoCD components. 852 type: string 853 import: 854 description: Import is the import/restore options for ArgoCD. 855 properties: 856 name: 857 description: Name of an ArgoCDExport from which to import data. 858 type: string 859 namespace: 860 description: Namespace for the ArgoCDExport, defaults to the same 861 namespace as the ArgoCD. 862 type: string 863 required: 864 - name 865 type: object 866 initialRepositories: 867 description: InitialRepositories to configure Argo CD with upon creation 868 of the cluster. 869 type: string 870 initialSSHKnownHosts: 871 description: InitialSSHKnownHosts defines the SSH known hosts data 872 upon creation of the cluster for connecting Git repositories via 873 SSH. 874 properties: 875 excludedefaulthosts: 876 description: ExcludeDefaultHosts describes whether you would like 877 to include the default list of SSH Known Hosts provided by ArgoCD. 878 type: boolean 879 keys: 880 description: Keys describes a custom set of SSH Known Hosts that 881 you would like to have included in your ArgoCD server. 882 type: string 883 type: object 884 kustomizeBuildOptions: 885 description: KustomizeBuildOptions is used to specify build options/parameters 886 to use with `kustomize build`. 887 type: string 888 kustomizeVersions: 889 description: KustomizeVersions is a listing of configured versions 890 of Kustomize to be made available within ArgoCD. 891 items: 892 description: KustomizeVersionSpec is used to specify information 893 about a kustomize version to be used within ArgoCD. 894 properties: 895 path: 896 description: Path is the path to a configured kustomize version 897 on the filesystem of your repo server. 898 type: string 899 version: 900 description: Version is a configured kustomize version in the 901 format of vX.Y.Z 902 type: string 903 type: object 904 type: array 905 monitoring: 906 description: Monitoring defines whether workload status monitoring 907 configuration for this instance. 908 properties: 909 enabled: 910 description: Enabled defines whether workload status monitoring 911 is enabled for this instance or not 912 type: boolean 913 required: 914 - enabled 915 type: object 916 nodePlacement: 917 description: NodePlacement defines NodeSelectors and Taints for Argo 918 CD workloads 919 properties: 920 nodeSelector: 921 additionalProperties: 922 type: string 923 description: NodeSelector is a field of PodSpec, it is a map of 924 key value pairs used for node selection 925 type: object 926 tolerations: 927 description: Tolerations allow the pods to schedule onto nodes 928 with matching taints 929 items: 930 description: The pod this Toleration is attached to tolerates 931 any taint that matches the triple <key,value,effect> using 932 the matching operator <operator>. 933 properties: 934 effect: 935 description: Effect indicates the taint effect to match. 936 Empty means match all taint effects. When specified, allowed 937 values are NoSchedule, PreferNoSchedule and NoExecute. 938 type: string 939 key: 940 description: Key is the taint key that the toleration applies 941 to. Empty means match all taint keys. If the key is empty, 942 operator must be Exists; this combination means to match 943 all values and all keys. 944 type: string 945 operator: 946 description: Operator represents a key's relationship to 947 the value. Valid operators are Exists and Equal. Defaults 948 to Equal. Exists is equivalent to wildcard for value, 949 so that a pod can tolerate all taints of a particular 950 category. 951 type: string 952 tolerationSeconds: 953 description: TolerationSeconds represents the period of 954 time the toleration (which must be of effect NoExecute, 955 otherwise this field is ignored) tolerates the taint. 956 By default, it is not set, which means tolerate the taint 957 forever (do not evict). Zero and negative values will 958 be treated as 0 (evict immediately) by the system. 959 format: int64 960 type: integer 961 value: 962 description: Value is the taint value the toleration matches 963 to. If the operator is Exists, the value should be empty, 964 otherwise just a regular string. 965 type: string 966 type: object 967 type: array 968 type: object 969 notifications: 970 description: Notifications defines whether the Argo CD Notifications 971 controller should be installed. 972 properties: 973 enabled: 974 description: Enabled defines whether argocd-notifications controller 975 should be deployed or not 976 type: boolean 977 env: 978 description: Env let you specify environment variables for Notifications 979 pods 980 items: 981 description: EnvVar represents an environment variable present 982 in a Container. 983 properties: 984 name: 985 description: Name of the environment variable. Must be a 986 C_IDENTIFIER. 987 type: string 988 value: 989 description: 'Variable references $(VAR_NAME) are expanded 990 using the previously defined environment variables in 991 the container and any service environment variables. If 992 a variable cannot be resolved, the reference in the input 993 string will be unchanged. Double $$ are reduced to a single 994 $, which allows for escaping the $(VAR_NAME) syntax: i.e. 995 "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". 996 Escaped references will never be expanded, regardless 997 of whether the variable exists or not. Defaults to "".' 998 type: string 999 valueFrom: 1000 description: Source for the environment variable's value. 1001 Cannot be used if value is not empty. 1002 properties: 1003 configMapKeyRef: 1004 description: Selects a key of a ConfigMap. 1005 properties: 1006 key: 1007 description: The key to select. 1008 type: string 1009 name: 1010 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 1011 TODO: Add other useful fields. apiVersion, kind, 1012 uid?' 1013 type: string 1014 optional: 1015 description: Specify whether the ConfigMap or its 1016 key must be defined 1017 type: boolean 1018 required: 1019 - key 1020 type: object 1021 fieldRef: 1022 description: 'Selects a field of the pod: supports metadata.name, 1023 metadata.namespace, `metadata.labels[''<KEY>'']`, 1024 `metadata.annotations[''<KEY>'']`, spec.nodeName, 1025 spec.serviceAccountName, status.hostIP, status.podIP, 1026 status.podIPs.' 1027 properties: 1028 apiVersion: 1029 description: Version of the schema the FieldPath 1030 is written in terms of, defaults to "v1". 1031 type: string 1032 fieldPath: 1033 description: Path of the field to select in the 1034 specified API version. 1035 type: string 1036 required: 1037 - fieldPath 1038 type: object 1039 resourceFieldRef: 1040 description: 'Selects a resource of the container: only 1041 resources limits and requests (limits.cpu, limits.memory, 1042 limits.ephemeral-storage, requests.cpu, requests.memory 1043 and requests.ephemeral-storage) are currently supported.' 1044 properties: 1045 containerName: 1046 description: 'Container name: required for volumes, 1047 optional for env vars' 1048 type: string 1049 divisor: 1050 anyOf: 1051 - type: integer 1052 - type: string 1053 description: Specifies the output format of the 1054 exposed resources, defaults to "1" 1055 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 1056 x-kubernetes-int-or-string: true 1057 resource: 1058 description: 'Required: resource to select' 1059 type: string 1060 required: 1061 - resource 1062 type: object 1063 secretKeyRef: 1064 description: Selects a key of a secret in the pod's 1065 namespace 1066 properties: 1067 key: 1068 description: The key of the secret to select from. Must 1069 be a valid secret key. 1070 type: string 1071 name: 1072 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 1073 TODO: Add other useful fields. apiVersion, kind, 1074 uid?' 1075 type: string 1076 optional: 1077 description: Specify whether the Secret or its key 1078 must be defined 1079 type: boolean 1080 required: 1081 - key 1082 type: object 1083 type: object 1084 required: 1085 - name 1086 type: object 1087 type: array 1088 image: 1089 description: Image is the Argo CD Notifications image (optional) 1090 type: string 1091 logLevel: 1092 description: LogLevel describes the log level that should be used 1093 by the argocd-notifications. Defaults to ArgoCDDefaultLogLevel 1094 if not set. Valid options are debug,info, error, and warn. 1095 type: string 1096 replicas: 1097 description: Replicas defines the number of replicas to run for 1098 notifications-controller 1099 format: int32 1100 type: integer 1101 resources: 1102 description: Resources defines the Compute Resources required 1103 by the container for Argo CD Notifications. 1104 properties: 1105 limits: 1106 additionalProperties: 1107 anyOf: 1108 - type: integer 1109 - type: string 1110 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 1111 x-kubernetes-int-or-string: true 1112 description: 'Limits describes the maximum amount of compute 1113 resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' 1114 type: object 1115 requests: 1116 additionalProperties: 1117 anyOf: 1118 - type: integer 1119 - type: string 1120 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 1121 x-kubernetes-int-or-string: true 1122 description: 'Requests describes the minimum amount of compute 1123 resources required. If Requests is omitted for a container, 1124 it defaults to Limits if that is explicitly specified, otherwise 1125 to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' 1126 type: object 1127 type: object 1128 version: 1129 description: Version is the Argo CD Notifications image tag. (optional) 1130 type: string 1131 required: 1132 - enabled 1133 type: object 1134 oidcConfig: 1135 description: OIDCConfig is the OIDC configuration as an alternative 1136 to dex. 1137 type: string 1138 prometheus: 1139 description: Prometheus defines the Prometheus server options for 1140 ArgoCD. 1141 properties: 1142 enabled: 1143 description: Enabled will toggle Prometheus support globally for 1144 ArgoCD. 1145 type: boolean 1146 host: 1147 description: Host is the hostname to use for Ingress/Route resources. 1148 type: string 1149 ingress: 1150 description: Ingress defines the desired state for an Ingress 1151 for the Prometheus component. 1152 properties: 1153 annotations: 1154 additionalProperties: 1155 type: string 1156 description: Annotations is the map of annotations to apply 1157 to the Ingress. 1158 type: object 1159 enabled: 1160 description: Enabled will toggle the creation of the Ingress. 1161 type: boolean 1162 ingressClassName: 1163 description: IngressClassName for the Ingress resource. 1164 type: string 1165 path: 1166 description: Path used for the Ingress resource. 1167 type: string 1168 tls: 1169 description: TLS configuration. Currently the Ingress only 1170 supports a single TLS port, 443. If multiple members of 1171 this list specify different hosts, they will be multiplexed 1172 on the same port according to the hostname specified through 1173 the SNI TLS extension, if the ingress controller fulfilling 1174 the ingress supports SNI. 1175 items: 1176 description: IngressTLS describes the transport layer security 1177 associated with an Ingress. 1178 properties: 1179 hosts: 1180 description: Hosts are a list of hosts included in the 1181 TLS certificate. The values in this list must match 1182 the name/s used in the tlsSecret. Defaults to the 1183 wildcard host setting for the loadbalancer controller 1184 fulfilling this Ingress, if left unspecified. 1185 items: 1186 type: string 1187 type: array 1188 x-kubernetes-list-type: atomic 1189 secretName: 1190 description: SecretName is the name of the secret used 1191 to terminate TLS traffic on port 443. Field is left 1192 optional to allow TLS routing based on SNI hostname 1193 alone. If the SNI host in a listener conflicts with 1194 the "Host" header field used by an IngressRule, the 1195 SNI host is used for termination and value of the 1196 Host header is used for routing. 1197 type: string 1198 type: object 1199 type: array 1200 required: 1201 - enabled 1202 type: object 1203 route: 1204 description: Route defines the desired state for an OpenShift 1205 Route for the Prometheus component. 1206 properties: 1207 annotations: 1208 additionalProperties: 1209 type: string 1210 description: Annotations is the map of annotations to use 1211 for the Route resource. 1212 type: object 1213 enabled: 1214 description: Enabled will toggle the creation of the OpenShift 1215 Route. 1216 type: boolean 1217 labels: 1218 additionalProperties: 1219 type: string 1220 description: Labels is the map of labels to use for the Route 1221 resource 1222 type: object 1223 path: 1224 description: Path the router watches for, to route traffic 1225 for to the service. 1226 type: string 1227 tls: 1228 description: TLS provides the ability to configure certificates 1229 and termination for the Route. 1230 properties: 1231 caCertificate: 1232 description: caCertificate provides the cert authority 1233 certificate contents 1234 type: string 1235 certificate: 1236 description: certificate provides certificate contents 1237 type: string 1238 destinationCACertificate: 1239 description: destinationCACertificate provides the contents 1240 of the ca certificate of the final destination. When 1241 using reencrypt termination this file should be provided 1242 in order to have routers use it for health checks on 1243 the secure connection. If this field is not specified, 1244 the router may provide its own destination CA and perform 1245 hostname validation using the short service name (service.namespace.svc), 1246 which allows infrastructure generated certificates to 1247 automatically verify. 1248 type: string 1249 insecureEdgeTerminationPolicy: 1250 description: "insecureEdgeTerminationPolicy indicates 1251 the desired behavior for insecure connections to a route. 1252 While each router may make its own decisions on which 1253 ports to expose, this is normally port 80. \n * Allow 1254 - traffic is sent to the server on the insecure port 1255 (default) * Disable - no traffic is allowed on the insecure 1256 port. * Redirect - clients are redirected to the secure 1257 port." 1258 type: string 1259 key: 1260 description: key provides key file contents 1261 type: string 1262 termination: 1263 description: termination indicates termination type. 1264 type: string 1265 required: 1266 - termination 1267 type: object 1268 wildcardPolicy: 1269 description: WildcardPolicy if any for the route. Currently 1270 only 'Subdomain' or 'None' is allowed. 1271 type: string 1272 required: 1273 - enabled 1274 type: object 1275 size: 1276 description: Size is the replica count for the Prometheus StatefulSet. 1277 format: int32 1278 type: integer 1279 required: 1280 - enabled 1281 type: object 1282 rbac: 1283 description: RBAC defines the RBAC configuration for Argo CD. 1284 properties: 1285 defaultPolicy: 1286 description: DefaultPolicy is the name of the default role which 1287 Argo CD will falls back to, when authorizing API requests (optional). 1288 If omitted or empty, users may be still be able to login, but 1289 will see no apps, projects, etc... 1290 type: string 1291 policy: 1292 description: 'Policy is CSV containing user-defined RBAC policies 1293 and role definitions. Policy rules are in the form: p, subject, 1294 resource, action, object, effect Role definitions and bindings 1295 are in the form: g, subject, inherited-subject See https://github.com/argoproj/argo-cd/blob/master/docs/operator-manual/rbac.md 1296 for additional information.' 1297 type: string 1298 policyMatcherMode: 1299 description: PolicyMatcherMode configures the matchers function 1300 mode for casbin. There are two options for this, 'glob' for 1301 glob matcher or 'regex' for regex matcher. 1302 type: string 1303 scopes: 1304 description: 'Scopes controls which OIDC scopes to examine during 1305 rbac enforcement (in addition to `sub` scope). If omitted, defaults 1306 to: ''[groups]''.' 1307 type: string 1308 type: object 1309 redis: 1310 description: Redis defines the Redis server options for ArgoCD. 1311 properties: 1312 autotls: 1313 description: 'AutoTLS specifies the method to use for automatic 1314 TLS configuration for the redis server The value specified here 1315 can currently be: - openshift - Use the OpenShift service CA 1316 to request TLS config' 1317 type: string 1318 disableTLSVerification: 1319 description: DisableTLSVerification defines whether redis server 1320 API should be accessed using strict TLS validation 1321 type: boolean 1322 image: 1323 description: Image is the Redis container image. 1324 type: string 1325 resources: 1326 description: Resources defines the Compute Resources required 1327 by the container for Redis. 1328 properties: 1329 limits: 1330 additionalProperties: 1331 anyOf: 1332 - type: integer 1333 - type: string 1334 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 1335 x-kubernetes-int-or-string: true 1336 description: 'Limits describes the maximum amount of compute 1337 resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' 1338 type: object 1339 requests: 1340 additionalProperties: 1341 anyOf: 1342 - type: integer 1343 - type: string 1344 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 1345 x-kubernetes-int-or-string: true 1346 description: 'Requests describes the minimum amount of compute 1347 resources required. If Requests is omitted for a container, 1348 it defaults to Limits if that is explicitly specified, otherwise 1349 to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' 1350 type: object 1351 type: object 1352 version: 1353 description: Version is the Redis container image tag. 1354 type: string 1355 type: object 1356 repo: 1357 description: Repo defines the repo server options for Argo CD. 1358 properties: 1359 autotls: 1360 description: 'AutoTLS specifies the method to use for automatic 1361 TLS configuration for the repo server The value specified here 1362 can currently be: - openshift - Use the OpenShift service CA 1363 to request TLS config' 1364 type: string 1365 env: 1366 description: Env lets you specify environment for repo server 1367 pods 1368 items: 1369 description: EnvVar represents an environment variable present 1370 in a Container. 1371 properties: 1372 name: 1373 description: Name of the environment variable. Must be a 1374 C_IDENTIFIER. 1375 type: string 1376 value: 1377 description: 'Variable references $(VAR_NAME) are expanded 1378 using the previously defined environment variables in 1379 the container and any service environment variables. If 1380 a variable cannot be resolved, the reference in the input 1381 string will be unchanged. Double $$ are reduced to a single 1382 $, which allows for escaping the $(VAR_NAME) syntax: i.e. 1383 "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". 1384 Escaped references will never be expanded, regardless 1385 of whether the variable exists or not. Defaults to "".' 1386 type: string 1387 valueFrom: 1388 description: Source for the environment variable's value. 1389 Cannot be used if value is not empty. 1390 properties: 1391 configMapKeyRef: 1392 description: Selects a key of a ConfigMap. 1393 properties: 1394 key: 1395 description: The key to select. 1396 type: string 1397 name: 1398 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 1399 TODO: Add other useful fields. apiVersion, kind, 1400 uid?' 1401 type: string 1402 optional: 1403 description: Specify whether the ConfigMap or its 1404 key must be defined 1405 type: boolean 1406 required: 1407 - key 1408 type: object 1409 fieldRef: 1410 description: 'Selects a field of the pod: supports metadata.name, 1411 metadata.namespace, `metadata.labels[''<KEY>'']`, 1412 `metadata.annotations[''<KEY>'']`, spec.nodeName, 1413 spec.serviceAccountName, status.hostIP, status.podIP, 1414 status.podIPs.' 1415 properties: 1416 apiVersion: 1417 description: Version of the schema the FieldPath 1418 is written in terms of, defaults to "v1". 1419 type: string 1420 fieldPath: 1421 description: Path of the field to select in the 1422 specified API version. 1423 type: string 1424 required: 1425 - fieldPath 1426 type: object 1427 resourceFieldRef: 1428 description: 'Selects a resource of the container: only 1429 resources limits and requests (limits.cpu, limits.memory, 1430 limits.ephemeral-storage, requests.cpu, requests.memory 1431 and requests.ephemeral-storage) are currently supported.' 1432 properties: 1433 containerName: 1434 description: 'Container name: required for volumes, 1435 optional for env vars' 1436 type: string 1437 divisor: 1438 anyOf: 1439 - type: integer 1440 - type: string 1441 description: Specifies the output format of the 1442 exposed resources, defaults to "1" 1443 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 1444 x-kubernetes-int-or-string: true 1445 resource: 1446 description: 'Required: resource to select' 1447 type: string 1448 required: 1449 - resource 1450 type: object 1451 secretKeyRef: 1452 description: Selects a key of a secret in the pod's 1453 namespace 1454 properties: 1455 key: 1456 description: The key of the secret to select from. Must 1457 be a valid secret key. 1458 type: string 1459 name: 1460 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 1461 TODO: Add other useful fields. apiVersion, kind, 1462 uid?' 1463 type: string 1464 optional: 1465 description: Specify whether the Secret or its key 1466 must be defined 1467 type: boolean 1468 required: 1469 - key 1470 type: object 1471 type: object 1472 required: 1473 - name 1474 type: object 1475 type: array 1476 execTimeout: 1477 description: ExecTimeout specifies the timeout in seconds for 1478 tool execution 1479 type: integer 1480 extraRepoCommandArgs: 1481 description: Extra Command arguments allows users to pass command 1482 line arguments to repo server workload. They get added to default 1483 command line arguments provided by the operator. Please note 1484 that the command line arguments provided as part of ExtraRepoCommandArgs 1485 will not overwrite the default command line arguments. 1486 items: 1487 type: string 1488 type: array 1489 image: 1490 description: Image is the ArgoCD Repo Server container image. 1491 type: string 1492 initContainers: 1493 description: InitContainers defines the list of initialization 1494 containers for the repo server deployment 1495 items: 1496 description: A single application container that you want to 1497 run within a pod. 1498 properties: 1499 args: 1500 description: 'Arguments to the entrypoint. The docker image''s 1501 CMD is used if this is not provided. Variable references 1502 $(VAR_NAME) are expanded using the container''s environment. 1503 If a variable cannot be resolved, the reference in the 1504 input string will be unchanged. Double $$ are reduced 1505 to a single $, which allows for escaping the $(VAR_NAME) 1506 syntax: i.e. "$$(VAR_NAME)" will produce the string literal 1507 "$(VAR_NAME)". Escaped references will never be expanded, 1508 regardless of whether the variable exists or not. Cannot 1509 be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell' 1510 items: 1511 type: string 1512 type: array 1513 command: 1514 description: 'Entrypoint array. Not executed within a shell. 1515 The docker image''s ENTRYPOINT is used if this is not 1516 provided. Variable references $(VAR_NAME) are expanded 1517 using the container''s environment. If a variable cannot 1518 be resolved, the reference in the input string will be 1519 unchanged. Double $$ are reduced to a single $, which 1520 allows for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" 1521 will produce the string literal "$(VAR_NAME)". Escaped 1522 references will never be expanded, regardless of whether 1523 the variable exists or not. Cannot be updated. More info: 1524 https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell' 1525 items: 1526 type: string 1527 type: array 1528 env: 1529 description: List of environment variables to set in the 1530 container. Cannot be updated. 1531 items: 1532 description: EnvVar represents an environment variable 1533 present in a Container. 1534 properties: 1535 name: 1536 description: Name of the environment variable. Must 1537 be a C_IDENTIFIER. 1538 type: string 1539 value: 1540 description: 'Variable references $(VAR_NAME) are 1541 expanded using the previously defined environment 1542 variables in the container and any service environment 1543 variables. If a variable cannot be resolved, the 1544 reference in the input string will be unchanged. 1545 Double $$ are reduced to a single $, which allows 1546 for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" 1547 will produce the string literal "$(VAR_NAME)". Escaped 1548 references will never be expanded, regardless of 1549 whether the variable exists or not. Defaults to 1550 "".' 1551 type: string 1552 valueFrom: 1553 description: Source for the environment variable's 1554 value. Cannot be used if value is not empty. 1555 properties: 1556 configMapKeyRef: 1557 description: Selects a key of a ConfigMap. 1558 properties: 1559 key: 1560 description: The key to select. 1561 type: string 1562 name: 1563 description: 'Name of the referent. More info: 1564 https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 1565 TODO: Add other useful fields. apiVersion, 1566 kind, uid?' 1567 type: string 1568 optional: 1569 description: Specify whether the ConfigMap 1570 or its key must be defined 1571 type: boolean 1572 required: 1573 - key 1574 type: object 1575 fieldRef: 1576 description: 'Selects a field of the pod: supports 1577 metadata.name, metadata.namespace, `metadata.labels[''<KEY>'']`, 1578 `metadata.annotations[''<KEY>'']`, spec.nodeName, 1579 spec.serviceAccountName, status.hostIP, status.podIP, 1580 status.podIPs.' 1581 properties: 1582 apiVersion: 1583 description: Version of the schema the FieldPath 1584 is written in terms of, defaults to "v1". 1585 type: string 1586 fieldPath: 1587 description: Path of the field to select in 1588 the specified API version. 1589 type: string 1590 required: 1591 - fieldPath 1592 type: object 1593 resourceFieldRef: 1594 description: 'Selects a resource of the container: 1595 only resources limits and requests (limits.cpu, 1596 limits.memory, limits.ephemeral-storage, requests.cpu, 1597 requests.memory and requests.ephemeral-storage) 1598 are currently supported.' 1599 properties: 1600 containerName: 1601 description: 'Container name: required for 1602 volumes, optional for env vars' 1603 type: string 1604 divisor: 1605 anyOf: 1606 - type: integer 1607 - type: string 1608 description: Specifies the output format of 1609 the exposed resources, defaults to "1" 1610 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 1611 x-kubernetes-int-or-string: true 1612 resource: 1613 description: 'Required: resource to select' 1614 type: string 1615 required: 1616 - resource 1617 type: object 1618 secretKeyRef: 1619 description: Selects a key of a secret in the 1620 pod's namespace 1621 properties: 1622 key: 1623 description: The key of the secret to select 1624 from. Must be a valid secret key. 1625 type: string 1626 name: 1627 description: 'Name of the referent. More info: 1628 https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 1629 TODO: Add other useful fields. apiVersion, 1630 kind, uid?' 1631 type: string 1632 optional: 1633 description: Specify whether the Secret or 1634 its key must be defined 1635 type: boolean 1636 required: 1637 - key 1638 type: object 1639 type: object 1640 required: 1641 - name 1642 type: object 1643 type: array 1644 envFrom: 1645 description: List of sources to populate environment variables 1646 in the container. The keys defined within a source must 1647 be a C_IDENTIFIER. All invalid keys will be reported as 1648 an event when the container is starting. When a key exists 1649 in multiple sources, the value associated with the last 1650 source will take precedence. Values defined by an Env 1651 with a duplicate key will take precedence. Cannot be updated. 1652 items: 1653 description: EnvFromSource represents the source of a 1654 set of ConfigMaps 1655 properties: 1656 configMapRef: 1657 description: The ConfigMap to select from 1658 properties: 1659 name: 1660 description: 'Name of the referent. More info: 1661 https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 1662 TODO: Add other useful fields. apiVersion, kind, 1663 uid?' 1664 type: string 1665 optional: 1666 description: Specify whether the ConfigMap must 1667 be defined 1668 type: boolean 1669 type: object 1670 prefix: 1671 description: An optional identifier to prepend to 1672 each key in the ConfigMap. Must be a C_IDENTIFIER. 1673 type: string 1674 secretRef: 1675 description: The Secret to select from 1676 properties: 1677 name: 1678 description: 'Name of the referent. More info: 1679 https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 1680 TODO: Add other useful fields. apiVersion, kind, 1681 uid?' 1682 type: string 1683 optional: 1684 description: Specify whether the Secret must be 1685 defined 1686 type: boolean 1687 type: object 1688 type: object 1689 type: array 1690 image: 1691 description: 'Docker image name. More info: https://kubernetes.io/docs/concepts/containers/images 1692 This field is optional to allow higher level config management 1693 to default or override container images in workload controllers 1694 like Deployments and StatefulSets.' 1695 type: string 1696 imagePullPolicy: 1697 description: 'Image pull policy. One of Always, Never, IfNotPresent. 1698 Defaults to Always if :latest tag is specified, or IfNotPresent 1699 otherwise. Cannot be updated. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images' 1700 type: string 1701 lifecycle: 1702 description: Actions that the management system should take 1703 in response to container lifecycle events. Cannot be updated. 1704 properties: 1705 postStart: 1706 description: 'PostStart is called immediately after 1707 a container is created. If the handler fails, the 1708 container is terminated and restarted according to 1709 its restart policy. Other management of the container 1710 blocks until the hook completes. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks' 1711 properties: 1712 exec: 1713 description: Exec specifies the action to take. 1714 properties: 1715 command: 1716 description: Command is the command line to 1717 execute inside the container, the working 1718 directory for the command is root ('/') in 1719 the container's filesystem. The command is 1720 simply exec'd, it is not run inside a shell, 1721 so traditional shell instructions ('|', etc) 1722 won't work. To use a shell, you need to explicitly 1723 call out to that shell. Exit status of 0 is 1724 treated as live/healthy and non-zero is unhealthy. 1725 items: 1726 type: string 1727 type: array 1728 type: object 1729 httpGet: 1730 description: HTTPGet specifies the http request 1731 to perform. 1732 properties: 1733 host: 1734 description: Host name to connect to, defaults 1735 to the pod IP. You probably want to set "Host" 1736 in httpHeaders instead. 1737 type: string 1738 httpHeaders: 1739 description: Custom headers to set in the request. 1740 HTTP allows repeated headers. 1741 items: 1742 description: HTTPHeader describes a custom 1743 header to be used in HTTP probes 1744 properties: 1745 name: 1746 description: The header field name 1747 type: string 1748 value: 1749 description: The header field value 1750 type: string 1751 required: 1752 - name 1753 - value 1754 type: object 1755 type: array 1756 path: 1757 description: Path to access on the HTTP server. 1758 type: string 1759 port: 1760 anyOf: 1761 - type: integer 1762 - type: string 1763 description: Name or number of the port to access 1764 on the container. Number must be in the range 1765 1 to 65535. Name must be an IANA_SVC_NAME. 1766 x-kubernetes-int-or-string: true 1767 scheme: 1768 description: Scheme to use for connecting to 1769 the host. Defaults to HTTP. 1770 type: string 1771 required: 1772 - port 1773 type: object 1774 tcpSocket: 1775 description: Deprecated. TCPSocket is NOT supported 1776 as a LifecycleHandler and kept for the backward 1777 compatibility. There are no validation of this 1778 field and lifecycle hooks will fail in runtime 1779 when tcp handler is specified. 1780 properties: 1781 host: 1782 description: 'Optional: Host name to connect 1783 to, defaults to the pod IP.' 1784 type: string 1785 port: 1786 anyOf: 1787 - type: integer 1788 - type: string 1789 description: Number or name of the port to access 1790 on the container. Number must be in the range 1791 1 to 65535. Name must be an IANA_SVC_NAME. 1792 x-kubernetes-int-or-string: true 1793 required: 1794 - port 1795 type: object 1796 type: object 1797 preStop: 1798 description: 'PreStop is called immediately before a 1799 container is terminated due to an API request or management 1800 event such as liveness/startup probe failure, preemption, 1801 resource contention, etc. The handler is not called 1802 if the container crashes or exits. The Pod''s termination 1803 grace period countdown begins before the PreStop hook 1804 is executed. Regardless of the outcome of the handler, 1805 the container will eventually terminate within the 1806 Pod''s termination grace period (unless delayed by 1807 finalizers). Other management of the container blocks 1808 until the hook completes or until the termination 1809 grace period is reached. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks' 1810 properties: 1811 exec: 1812 description: Exec specifies the action to take. 1813 properties: 1814 command: 1815 description: Command is the command line to 1816 execute inside the container, the working 1817 directory for the command is root ('/') in 1818 the container's filesystem. The command is 1819 simply exec'd, it is not run inside a shell, 1820 so traditional shell instructions ('|', etc) 1821 won't work. To use a shell, you need to explicitly 1822 call out to that shell. Exit status of 0 is 1823 treated as live/healthy and non-zero is unhealthy. 1824 items: 1825 type: string 1826 type: array 1827 type: object 1828 httpGet: 1829 description: HTTPGet specifies the http request 1830 to perform. 1831 properties: 1832 host: 1833 description: Host name to connect to, defaults 1834 to the pod IP. You probably want to set "Host" 1835 in httpHeaders instead. 1836 type: string 1837 httpHeaders: 1838 description: Custom headers to set in the request. 1839 HTTP allows repeated headers. 1840 items: 1841 description: HTTPHeader describes a custom 1842 header to be used in HTTP probes 1843 properties: 1844 name: 1845 description: The header field name 1846 type: string 1847 value: 1848 description: The header field value 1849 type: string 1850 required: 1851 - name 1852 - value 1853 type: object 1854 type: array 1855 path: 1856 description: Path to access on the HTTP server. 1857 type: string 1858 port: 1859 anyOf: 1860 - type: integer 1861 - type: string 1862 description: Name or number of the port to access 1863 on the container. Number must be in the range 1864 1 to 65535. Name must be an IANA_SVC_NAME. 1865 x-kubernetes-int-or-string: true 1866 scheme: 1867 description: Scheme to use for connecting to 1868 the host. Defaults to HTTP. 1869 type: string 1870 required: 1871 - port 1872 type: object 1873 tcpSocket: 1874 description: Deprecated. TCPSocket is NOT supported 1875 as a LifecycleHandler and kept for the backward 1876 compatibility. There are no validation of this 1877 field and lifecycle hooks will fail in runtime 1878 when tcp handler is specified. 1879 properties: 1880 host: 1881 description: 'Optional: Host name to connect 1882 to, defaults to the pod IP.' 1883 type: string 1884 port: 1885 anyOf: 1886 - type: integer 1887 - type: string 1888 description: Number or name of the port to access 1889 on the container. Number must be in the range 1890 1 to 65535. Name must be an IANA_SVC_NAME. 1891 x-kubernetes-int-or-string: true 1892 required: 1893 - port 1894 type: object 1895 type: object 1896 type: object 1897 livenessProbe: 1898 description: 'Periodic probe of container liveness. Container 1899 will be restarted if the probe fails. Cannot be updated. 1900 More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' 1901 properties: 1902 exec: 1903 description: Exec specifies the action to take. 1904 properties: 1905 command: 1906 description: Command is the command line to execute 1907 inside the container, the working directory for 1908 the command is root ('/') in the container's 1909 filesystem. The command is simply exec'd, it is 1910 not run inside a shell, so traditional shell instructions 1911 ('|', etc) won't work. To use a shell, you need 1912 to explicitly call out to that shell. Exit status 1913 of 0 is treated as live/healthy and non-zero is 1914 unhealthy. 1915 items: 1916 type: string 1917 type: array 1918 type: object 1919 failureThreshold: 1920 description: Minimum consecutive failures for the probe 1921 to be considered failed after having succeeded. Defaults 1922 to 3. Minimum value is 1. 1923 format: int32 1924 type: integer 1925 grpc: 1926 description: GRPC specifies an action involving a GRPC 1927 port. This is an alpha field and requires enabling 1928 GRPCContainerProbe feature gate. 1929 properties: 1930 port: 1931 description: Port number of the gRPC service. Number 1932 must be in the range 1 to 65535. 1933 format: int32 1934 type: integer 1935 service: 1936 description: "Service is the name of the service 1937 to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). 1938 \n If this is not specified, the default behavior 1939 is defined by gRPC." 1940 type: string 1941 required: 1942 - port 1943 type: object 1944 httpGet: 1945 description: HTTPGet specifies the http request to perform. 1946 properties: 1947 host: 1948 description: Host name to connect to, defaults to 1949 the pod IP. You probably want to set "Host" in 1950 httpHeaders instead. 1951 type: string 1952 httpHeaders: 1953 description: Custom headers to set in the request. 1954 HTTP allows repeated headers. 1955 items: 1956 description: HTTPHeader describes a custom header 1957 to be used in HTTP probes 1958 properties: 1959 name: 1960 description: The header field name 1961 type: string 1962 value: 1963 description: The header field value 1964 type: string 1965 required: 1966 - name 1967 - value 1968 type: object 1969 type: array 1970 path: 1971 description: Path to access on the HTTP server. 1972 type: string 1973 port: 1974 anyOf: 1975 - type: integer 1976 - type: string 1977 description: Name or number of the port to access 1978 on the container. Number must be in the range 1979 1 to 65535. Name must be an IANA_SVC_NAME. 1980 x-kubernetes-int-or-string: true 1981 scheme: 1982 description: Scheme to use for connecting to the 1983 host. Defaults to HTTP. 1984 type: string 1985 required: 1986 - port 1987 type: object 1988 initialDelaySeconds: 1989 description: 'Number of seconds after the container 1990 has started before liveness probes are initiated. 1991 More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' 1992 format: int32 1993 type: integer 1994 periodSeconds: 1995 description: How often (in seconds) to perform the probe. 1996 Default to 10 seconds. Minimum value is 1. 1997 format: int32 1998 type: integer 1999 successThreshold: 2000 description: Minimum consecutive successes for the probe 2001 to be considered successful after having failed. Defaults 2002 to 1. Must be 1 for liveness and startup. Minimum 2003 value is 1. 2004 format: int32 2005 type: integer 2006 tcpSocket: 2007 description: TCPSocket specifies an action involving 2008 a TCP port. 2009 properties: 2010 host: 2011 description: 'Optional: Host name to connect to, 2012 defaults to the pod IP.' 2013 type: string 2014 port: 2015 anyOf: 2016 - type: integer 2017 - type: string 2018 description: Number or name of the port to access 2019 on the container. Number must be in the range 2020 1 to 65535. Name must be an IANA_SVC_NAME. 2021 x-kubernetes-int-or-string: true 2022 required: 2023 - port 2024 type: object 2025 terminationGracePeriodSeconds: 2026 description: Optional duration in seconds the pod needs 2027 to terminate gracefully upon probe failure. The grace 2028 period is the duration in seconds after the processes 2029 running in the pod are sent a termination signal and 2030 the time when the processes are forcibly halted with 2031 a kill signal. Set this value longer than the expected 2032 cleanup time for your process. If this value is nil, 2033 the pod's terminationGracePeriodSeconds will be used. 2034 Otherwise, this value overrides the value provided 2035 by the pod spec. Value must be non-negative integer. 2036 The value zero indicates stop immediately via the 2037 kill signal (no opportunity to shut down). This is 2038 a beta field and requires enabling ProbeTerminationGracePeriod 2039 feature gate. Minimum value is 1. spec.terminationGracePeriodSeconds 2040 is used if unset. 2041 format: int64 2042 type: integer 2043 timeoutSeconds: 2044 description: 'Number of seconds after which the probe 2045 times out. Defaults to 1 second. Minimum value is 2046 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' 2047 format: int32 2048 type: integer 2049 type: object 2050 name: 2051 description: Name of the container specified as a DNS_LABEL. 2052 Each container in a pod must have a unique name (DNS_LABEL). 2053 Cannot be updated. 2054 type: string 2055 ports: 2056 description: List of ports to expose from the container. 2057 Exposing a port here gives the system additional information 2058 about the network connections a container uses, but is 2059 primarily informational. Not specifying a port here DOES 2060 NOT prevent that port from being exposed. Any port which 2061 is listening on the default "0.0.0.0" address inside a 2062 container will be accessible from the network. Cannot 2063 be updated. 2064 items: 2065 description: ContainerPort represents a network port in 2066 a single container. 2067 properties: 2068 containerPort: 2069 description: Number of port to expose on the pod's 2070 IP address. This must be a valid port number, 0 2071 < x < 65536. 2072 format: int32 2073 type: integer 2074 hostIP: 2075 description: What host IP to bind the external port 2076 to. 2077 type: string 2078 hostPort: 2079 description: Number of port to expose on the host. 2080 If specified, this must be a valid port number, 2081 0 < x < 65536. If HostNetwork is specified, this 2082 must match ContainerPort. Most containers do not 2083 need this. 2084 format: int32 2085 type: integer 2086 name: 2087 description: If specified, this must be an IANA_SVC_NAME 2088 and unique within the pod. Each named port in a 2089 pod must have a unique name. Name for the port that 2090 can be referred to by services. 2091 type: string 2092 protocol: 2093 default: TCP 2094 description: Protocol for port. Must be UDP, TCP, 2095 or SCTP. Defaults to "TCP". 2096 type: string 2097 required: 2098 - containerPort 2099 type: object 2100 type: array 2101 x-kubernetes-list-map-keys: 2102 - containerPort 2103 - protocol 2104 x-kubernetes-list-type: map 2105 readinessProbe: 2106 description: 'Periodic probe of container service readiness. 2107 Container will be removed from service endpoints if the 2108 probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' 2109 properties: 2110 exec: 2111 description: Exec specifies the action to take. 2112 properties: 2113 command: 2114 description: Command is the command line to execute 2115 inside the container, the working directory for 2116 the command is root ('/') in the container's 2117 filesystem. The command is simply exec'd, it is 2118 not run inside a shell, so traditional shell instructions 2119 ('|', etc) won't work. To use a shell, you need 2120 to explicitly call out to that shell. Exit status 2121 of 0 is treated as live/healthy and non-zero is 2122 unhealthy. 2123 items: 2124 type: string 2125 type: array 2126 type: object 2127 failureThreshold: 2128 description: Minimum consecutive failures for the probe 2129 to be considered failed after having succeeded. Defaults 2130 to 3. Minimum value is 1. 2131 format: int32 2132 type: integer 2133 grpc: 2134 description: GRPC specifies an action involving a GRPC 2135 port. This is an alpha field and requires enabling 2136 GRPCContainerProbe feature gate. 2137 properties: 2138 port: 2139 description: Port number of the gRPC service. Number 2140 must be in the range 1 to 65535. 2141 format: int32 2142 type: integer 2143 service: 2144 description: "Service is the name of the service 2145 to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). 2146 \n If this is not specified, the default behavior 2147 is defined by gRPC." 2148 type: string 2149 required: 2150 - port 2151 type: object 2152 httpGet: 2153 description: HTTPGet specifies the http request to perform. 2154 properties: 2155 host: 2156 description: Host name to connect to, defaults to 2157 the pod IP. You probably want to set "Host" in 2158 httpHeaders instead. 2159 type: string 2160 httpHeaders: 2161 description: Custom headers to set in the request. 2162 HTTP allows repeated headers. 2163 items: 2164 description: HTTPHeader describes a custom header 2165 to be used in HTTP probes 2166 properties: 2167 name: 2168 description: The header field name 2169 type: string 2170 value: 2171 description: The header field value 2172 type: string 2173 required: 2174 - name 2175 - value 2176 type: object 2177 type: array 2178 path: 2179 description: Path to access on the HTTP server. 2180 type: string 2181 port: 2182 anyOf: 2183 - type: integer 2184 - type: string 2185 description: Name or number of the port to access 2186 on the container. Number must be in the range 2187 1 to 65535. Name must be an IANA_SVC_NAME. 2188 x-kubernetes-int-or-string: true 2189 scheme: 2190 description: Scheme to use for connecting to the 2191 host. Defaults to HTTP. 2192 type: string 2193 required: 2194 - port 2195 type: object 2196 initialDelaySeconds: 2197 description: 'Number of seconds after the container 2198 has started before liveness probes are initiated. 2199 More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' 2200 format: int32 2201 type: integer 2202 periodSeconds: 2203 description: How often (in seconds) to perform the probe. 2204 Default to 10 seconds. Minimum value is 1. 2205 format: int32 2206 type: integer 2207 successThreshold: 2208 description: Minimum consecutive successes for the probe 2209 to be considered successful after having failed. Defaults 2210 to 1. Must be 1 for liveness and startup. Minimum 2211 value is 1. 2212 format: int32 2213 type: integer 2214 tcpSocket: 2215 description: TCPSocket specifies an action involving 2216 a TCP port. 2217 properties: 2218 host: 2219 description: 'Optional: Host name to connect to, 2220 defaults to the pod IP.' 2221 type: string 2222 port: 2223 anyOf: 2224 - type: integer 2225 - type: string 2226 description: Number or name of the port to access 2227 on the container. Number must be in the range 2228 1 to 65535. Name must be an IANA_SVC_NAME. 2229 x-kubernetes-int-or-string: true 2230 required: 2231 - port 2232 type: object 2233 terminationGracePeriodSeconds: 2234 description: Optional duration in seconds the pod needs 2235 to terminate gracefully upon probe failure. The grace 2236 period is the duration in seconds after the processes 2237 running in the pod are sent a termination signal and 2238 the time when the processes are forcibly halted with 2239 a kill signal. Set this value longer than the expected 2240 cleanup time for your process. If this value is nil, 2241 the pod's terminationGracePeriodSeconds will be used. 2242 Otherwise, this value overrides the value provided 2243 by the pod spec. Value must be non-negative integer. 2244 The value zero indicates stop immediately via the 2245 kill signal (no opportunity to shut down). This is 2246 a beta field and requires enabling ProbeTerminationGracePeriod 2247 feature gate. Minimum value is 1. spec.terminationGracePeriodSeconds 2248 is used if unset. 2249 format: int64 2250 type: integer 2251 timeoutSeconds: 2252 description: 'Number of seconds after which the probe 2253 times out. Defaults to 1 second. Minimum value is 2254 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' 2255 format: int32 2256 type: integer 2257 type: object 2258 resources: 2259 description: 'Compute Resources required by this container. 2260 Cannot be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' 2261 properties: 2262 limits: 2263 additionalProperties: 2264 anyOf: 2265 - type: integer 2266 - type: string 2267 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 2268 x-kubernetes-int-or-string: true 2269 description: 'Limits describes the maximum amount of 2270 compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' 2271 type: object 2272 requests: 2273 additionalProperties: 2274 anyOf: 2275 - type: integer 2276 - type: string 2277 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 2278 x-kubernetes-int-or-string: true 2279 description: 'Requests describes the minimum amount 2280 of compute resources required. If Requests is omitted 2281 for a container, it defaults to Limits if that is 2282 explicitly specified, otherwise to an implementation-defined 2283 value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' 2284 type: object 2285 type: object 2286 securityContext: 2287 description: 'SecurityContext defines the security options 2288 the container should be run with. If set, the fields of 2289 SecurityContext override the equivalent fields of PodSecurityContext. 2290 More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/' 2291 properties: 2292 allowPrivilegeEscalation: 2293 description: 'AllowPrivilegeEscalation controls whether 2294 a process can gain more privileges than its parent 2295 process. This bool directly controls if the no_new_privs 2296 flag will be set on the container process. AllowPrivilegeEscalation 2297 is true always when the container is: 1) run as Privileged 2298 2) has CAP_SYS_ADMIN Note that this field cannot be 2299 set when spec.os.name is windows.' 2300 type: boolean 2301 capabilities: 2302 description: The capabilities to add/drop when running 2303 containers. Defaults to the default set of capabilities 2304 granted by the container runtime. Note that this field 2305 cannot be set when spec.os.name is windows. 2306 properties: 2307 add: 2308 description: Added capabilities 2309 items: 2310 description: Capability represent POSIX capabilities 2311 type 2312 type: string 2313 type: array 2314 drop: 2315 description: Removed capabilities 2316 items: 2317 description: Capability represent POSIX capabilities 2318 type 2319 type: string 2320 type: array 2321 type: object 2322 privileged: 2323 description: Run container in privileged mode. Processes 2324 in privileged containers are essentially equivalent 2325 to root on the host. Defaults to false. Note that 2326 this field cannot be set when spec.os.name is windows. 2327 type: boolean 2328 procMount: 2329 description: procMount denotes the type of proc mount 2330 to use for the containers. The default is DefaultProcMount 2331 which uses the container runtime defaults for readonly 2332 paths and masked paths. This requires the ProcMountType 2333 feature flag to be enabled. Note that this field cannot 2334 be set when spec.os.name is windows. 2335 type: string 2336 readOnlyRootFilesystem: 2337 description: Whether this container has a read-only 2338 root filesystem. Default is false. Note that this 2339 field cannot be set when spec.os.name is windows. 2340 type: boolean 2341 runAsGroup: 2342 description: The GID to run the entrypoint of the container 2343 process. Uses runtime default if unset. May also be 2344 set in PodSecurityContext. If set in both SecurityContext 2345 and PodSecurityContext, the value specified in SecurityContext 2346 takes precedence. Note that this field cannot be set 2347 when spec.os.name is windows. 2348 format: int64 2349 type: integer 2350 runAsNonRoot: 2351 description: Indicates that the container must run as 2352 a non-root user. If true, the Kubelet will validate 2353 the image at runtime to ensure that it does not run 2354 as UID 0 (root) and fail to start the container if 2355 it does. If unset or false, no such validation will 2356 be performed. May also be set in PodSecurityContext. If 2357 set in both SecurityContext and PodSecurityContext, 2358 the value specified in SecurityContext takes precedence. 2359 type: boolean 2360 runAsUser: 2361 description: The UID to run the entrypoint of the container 2362 process. Defaults to user specified in image metadata 2363 if unspecified. May also be set in PodSecurityContext. If 2364 set in both SecurityContext and PodSecurityContext, 2365 the value specified in SecurityContext takes precedence. 2366 Note that this field cannot be set when spec.os.name 2367 is windows. 2368 format: int64 2369 type: integer 2370 seLinuxOptions: 2371 description: The SELinux context to be applied to the 2372 container. If unspecified, the container runtime will 2373 allocate a random SELinux context for each container. May 2374 also be set in PodSecurityContext. If set in both 2375 SecurityContext and PodSecurityContext, the value 2376 specified in SecurityContext takes precedence. Note 2377 that this field cannot be set when spec.os.name is 2378 windows. 2379 properties: 2380 level: 2381 description: Level is SELinux level label that applies 2382 to the container. 2383 type: string 2384 role: 2385 description: Role is a SELinux role label that applies 2386 to the container. 2387 type: string 2388 type: 2389 description: Type is a SELinux type label that applies 2390 to the container. 2391 type: string 2392 user: 2393 description: User is a SELinux user label that applies 2394 to the container. 2395 type: string 2396 type: object 2397 seccompProfile: 2398 description: The seccomp options to use by this container. 2399 If seccomp options are provided at both the pod & 2400 container level, the container options override the 2401 pod options. Note that this field cannot be set when 2402 spec.os.name is windows. 2403 properties: 2404 localhostProfile: 2405 description: localhostProfile indicates a profile 2406 defined in a file on the node should be used. 2407 The profile must be preconfigured on the node 2408 to work. Must be a descending path, relative to 2409 the kubelet's configured seccomp profile location. 2410 Must only be set if type is "Localhost". 2411 type: string 2412 type: 2413 description: "type indicates which kind of seccomp 2414 profile will be applied. Valid options are: \n 2415 Localhost - a profile defined in a file on the 2416 node should be used. RuntimeDefault - the container 2417 runtime default profile should be used. Unconfined 2418 - no profile should be applied." 2419 type: string 2420 required: 2421 - type 2422 type: object 2423 windowsOptions: 2424 description: The Windows specific settings applied to 2425 all containers. If unspecified, the options from the 2426 PodSecurityContext will be used. If set in both SecurityContext 2427 and PodSecurityContext, the value specified in SecurityContext 2428 takes precedence. Note that this field cannot be set 2429 when spec.os.name is linux. 2430 properties: 2431 gmsaCredentialSpec: 2432 description: GMSACredentialSpec is where the GMSA 2433 admission webhook (https://github.com/kubernetes-sigs/windows-gmsa) 2434 inlines the contents of the GMSA credential spec 2435 named by the GMSACredentialSpecName field. 2436 type: string 2437 gmsaCredentialSpecName: 2438 description: GMSACredentialSpecName is the name 2439 of the GMSA credential spec to use. 2440 type: string 2441 hostProcess: 2442 description: HostProcess determines if a container 2443 should be run as a 'Host Process' container. This 2444 field is alpha-level and will only be honored 2445 by components that enable the WindowsHostProcessContainers 2446 feature flag. Setting this field without the feature 2447 flag will result in errors when validating the 2448 Pod. All of a Pod's containers must have the same 2449 effective HostProcess value (it is not allowed 2450 to have a mix of HostProcess containers and non-HostProcess 2451 containers). In addition, if HostProcess is true 2452 then HostNetwork must also be set to true. 2453 type: boolean 2454 runAsUserName: 2455 description: The UserName in Windows to run the 2456 entrypoint of the container process. Defaults 2457 to the user specified in image metadata if unspecified. 2458 May also be set in PodSecurityContext. If set 2459 in both SecurityContext and PodSecurityContext, 2460 the value specified in SecurityContext takes precedence. 2461 type: string 2462 type: object 2463 type: object 2464 startupProbe: 2465 description: 'StartupProbe indicates that the Pod has successfully 2466 initialized. If specified, no other probes are executed 2467 until this completes successfully. If this probe fails, 2468 the Pod will be restarted, just as if the livenessProbe 2469 failed. This can be used to provide different probe parameters 2470 at the beginning of a Pod''s lifecycle, when it might 2471 take a long time to load data or warm a cache, than during 2472 steady-state operation. This cannot be updated. More info: 2473 https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' 2474 properties: 2475 exec: 2476 description: Exec specifies the action to take. 2477 properties: 2478 command: 2479 description: Command is the command line to execute 2480 inside the container, the working directory for 2481 the command is root ('/') in the container's 2482 filesystem. The command is simply exec'd, it is 2483 not run inside a shell, so traditional shell instructions 2484 ('|', etc) won't work. To use a shell, you need 2485 to explicitly call out to that shell. Exit status 2486 of 0 is treated as live/healthy and non-zero is 2487 unhealthy. 2488 items: 2489 type: string 2490 type: array 2491 type: object 2492 failureThreshold: 2493 description: Minimum consecutive failures for the probe 2494 to be considered failed after having succeeded. Defaults 2495 to 3. Minimum value is 1. 2496 format: int32 2497 type: integer 2498 grpc: 2499 description: GRPC specifies an action involving a GRPC 2500 port. This is an alpha field and requires enabling 2501 GRPCContainerProbe feature gate. 2502 properties: 2503 port: 2504 description: Port number of the gRPC service. Number 2505 must be in the range 1 to 65535. 2506 format: int32 2507 type: integer 2508 service: 2509 description: "Service is the name of the service 2510 to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). 2511 \n If this is not specified, the default behavior 2512 is defined by gRPC." 2513 type: string 2514 required: 2515 - port 2516 type: object 2517 httpGet: 2518 description: HTTPGet specifies the http request to perform. 2519 properties: 2520 host: 2521 description: Host name to connect to, defaults to 2522 the pod IP. You probably want to set "Host" in 2523 httpHeaders instead. 2524 type: string 2525 httpHeaders: 2526 description: Custom headers to set in the request. 2527 HTTP allows repeated headers. 2528 items: 2529 description: HTTPHeader describes a custom header 2530 to be used in HTTP probes 2531 properties: 2532 name: 2533 description: The header field name 2534 type: string 2535 value: 2536 description: The header field value 2537 type: string 2538 required: 2539 - name 2540 - value 2541 type: object 2542 type: array 2543 path: 2544 description: Path to access on the HTTP server. 2545 type: string 2546 port: 2547 anyOf: 2548 - type: integer 2549 - type: string 2550 description: Name or number of the port to access 2551 on the container. Number must be in the range 2552 1 to 65535. Name must be an IANA_SVC_NAME. 2553 x-kubernetes-int-or-string: true 2554 scheme: 2555 description: Scheme to use for connecting to the 2556 host. Defaults to HTTP. 2557 type: string 2558 required: 2559 - port 2560 type: object 2561 initialDelaySeconds: 2562 description: 'Number of seconds after the container 2563 has started before liveness probes are initiated. 2564 More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' 2565 format: int32 2566 type: integer 2567 periodSeconds: 2568 description: How often (in seconds) to perform the probe. 2569 Default to 10 seconds. Minimum value is 1. 2570 format: int32 2571 type: integer 2572 successThreshold: 2573 description: Minimum consecutive successes for the probe 2574 to be considered successful after having failed. Defaults 2575 to 1. Must be 1 for liveness and startup. Minimum 2576 value is 1. 2577 format: int32 2578 type: integer 2579 tcpSocket: 2580 description: TCPSocket specifies an action involving 2581 a TCP port. 2582 properties: 2583 host: 2584 description: 'Optional: Host name to connect to, 2585 defaults to the pod IP.' 2586 type: string 2587 port: 2588 anyOf: 2589 - type: integer 2590 - type: string 2591 description: Number or name of the port to access 2592 on the container. Number must be in the range 2593 1 to 65535. Name must be an IANA_SVC_NAME. 2594 x-kubernetes-int-or-string: true 2595 required: 2596 - port 2597 type: object 2598 terminationGracePeriodSeconds: 2599 description: Optional duration in seconds the pod needs 2600 to terminate gracefully upon probe failure. The grace 2601 period is the duration in seconds after the processes 2602 running in the pod are sent a termination signal and 2603 the time when the processes are forcibly halted with 2604 a kill signal. Set this value longer than the expected 2605 cleanup time for your process. If this value is nil, 2606 the pod's terminationGracePeriodSeconds will be used. 2607 Otherwise, this value overrides the value provided 2608 by the pod spec. Value must be non-negative integer. 2609 The value zero indicates stop immediately via the 2610 kill signal (no opportunity to shut down). This is 2611 a beta field and requires enabling ProbeTerminationGracePeriod 2612 feature gate. Minimum value is 1. spec.terminationGracePeriodSeconds 2613 is used if unset. 2614 format: int64 2615 type: integer 2616 timeoutSeconds: 2617 description: 'Number of seconds after which the probe 2618 times out. Defaults to 1 second. Minimum value is 2619 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' 2620 format: int32 2621 type: integer 2622 type: object 2623 stdin: 2624 description: Whether this container should allocate a buffer 2625 for stdin in the container runtime. If this is not set, 2626 reads from stdin in the container will always result in 2627 EOF. Default is false. 2628 type: boolean 2629 stdinOnce: 2630 description: Whether the container runtime should close 2631 the stdin channel after it has been opened by a single 2632 attach. When stdin is true the stdin stream will remain 2633 open across multiple attach sessions. If stdinOnce is 2634 set to true, stdin is opened on container start, is empty 2635 until the first client attaches to stdin, and then remains 2636 open and accepts data until the client disconnects, at 2637 which time stdin is closed and remains closed until the 2638 container is restarted. If this flag is false, a container 2639 processes that reads from stdin will never receive an 2640 EOF. Default is false 2641 type: boolean 2642 terminationMessagePath: 2643 description: 'Optional: Path at which the file to which 2644 the container''s termination message will be written is 2645 mounted into the container''s filesystem. Message written 2646 is intended to be brief final status, such as an assertion 2647 failure message. Will be truncated by the node if greater 2648 than 4096 bytes. The total message length across all containers 2649 will be limited to 12kb. Defaults to /dev/termination-log. 2650 Cannot be updated.' 2651 type: string 2652 terminationMessagePolicy: 2653 description: Indicate how the termination message should 2654 be populated. File will use the contents of terminationMessagePath 2655 to populate the container status message on both success 2656 and failure. FallbackToLogsOnError will use the last chunk 2657 of container log output if the termination message file 2658 is empty and the container exited with an error. The log 2659 output is limited to 2048 bytes or 80 lines, whichever 2660 is smaller. Defaults to File. Cannot be updated. 2661 type: string 2662 tty: 2663 description: Whether this container should allocate a TTY 2664 for itself, also requires 'stdin' to be true. Default 2665 is false. 2666 type: boolean 2667 volumeDevices: 2668 description: volumeDevices is the list of block devices 2669 to be used by the container. 2670 items: 2671 description: volumeDevice describes a mapping of a raw 2672 block device within a container. 2673 properties: 2674 devicePath: 2675 description: devicePath is the path inside of the 2676 container that the device will be mapped to. 2677 type: string 2678 name: 2679 description: name must match the name of a persistentVolumeClaim 2680 in the pod 2681 type: string 2682 required: 2683 - devicePath 2684 - name 2685 type: object 2686 type: array 2687 volumeMounts: 2688 description: Pod volumes to mount into the container's filesystem. 2689 Cannot be updated. 2690 items: 2691 description: VolumeMount describes a mounting of a Volume 2692 within a container. 2693 properties: 2694 mountPath: 2695 description: Path within the container at which the 2696 volume should be mounted. Must not contain ':'. 2697 type: string 2698 mountPropagation: 2699 description: mountPropagation determines how mounts 2700 are propagated from the host to container and the 2701 other way around. When not set, MountPropagationNone 2702 is used. This field is beta in 1.10. 2703 type: string 2704 name: 2705 description: This must match the Name of a Volume. 2706 type: string 2707 readOnly: 2708 description: Mounted read-only if true, read-write 2709 otherwise (false or unspecified). Defaults to false. 2710 type: boolean 2711 subPath: 2712 description: Path within the volume from which the 2713 container's volume should be mounted. Defaults to 2714 "" (volume's root). 2715 type: string 2716 subPathExpr: 2717 description: Expanded path within the volume from 2718 which the container's volume should be mounted. 2719 Behaves similarly to SubPath but environment variable 2720 references $(VAR_NAME) are expanded using the container's 2721 environment. Defaults to "" (volume's root). SubPathExpr 2722 and SubPath are mutually exclusive. 2723 type: string 2724 required: 2725 - mountPath 2726 - name 2727 type: object 2728 type: array 2729 workingDir: 2730 description: Container's working directory. If not specified, 2731 the container runtime's default will be used, which might 2732 be configured in the container image. Cannot be updated. 2733 type: string 2734 required: 2735 - name 2736 type: object 2737 type: array 2738 logFormat: 2739 description: LogFormat describes the log format that should be 2740 used by the Repo Server. Defaults to ArgoCDDefaultLogFormat 2741 if not configured. Valid options are text or json. 2742 type: string 2743 logLevel: 2744 description: LogLevel describes the log level that should be used 2745 by the Repo Server. Defaults to ArgoCDDefaultLogLevel if not 2746 set. Valid options are debug, info, error, and warn. 2747 type: string 2748 mountsatoken: 2749 description: MountSAToken describes whether you would like to 2750 have the Repo server mount the service account token 2751 type: boolean 2752 replicas: 2753 description: Replicas defines the number of replicas for argocd-repo-server. 2754 Value should be greater than or equal to 0. Default is nil. 2755 format: int32 2756 type: integer 2757 resources: 2758 description: Resources defines the Compute Resources required 2759 by the container for Redis. 2760 properties: 2761 limits: 2762 additionalProperties: 2763 anyOf: 2764 - type: integer 2765 - type: string 2766 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 2767 x-kubernetes-int-or-string: true 2768 description: 'Limits describes the maximum amount of compute 2769 resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' 2770 type: object 2771 requests: 2772 additionalProperties: 2773 anyOf: 2774 - type: integer 2775 - type: string 2776 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 2777 x-kubernetes-int-or-string: true 2778 description: 'Requests describes the minimum amount of compute 2779 resources required. If Requests is omitted for a container, 2780 it defaults to Limits if that is explicitly specified, otherwise 2781 to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' 2782 type: object 2783 type: object 2784 serviceaccount: 2785 description: ServiceAccount defines the ServiceAccount user that 2786 you would like the Repo server to use 2787 type: string 2788 sidecarContainers: 2789 description: SidecarContainers defines the list of sidecar containers 2790 for the repo server deployment 2791 items: 2792 description: A single application container that you want to 2793 run within a pod. 2794 properties: 2795 args: 2796 description: 'Arguments to the entrypoint. The docker image''s 2797 CMD is used if this is not provided. Variable references 2798 $(VAR_NAME) are expanded using the container''s environment. 2799 If a variable cannot be resolved, the reference in the 2800 input string will be unchanged. Double $$ are reduced 2801 to a single $, which allows for escaping the $(VAR_NAME) 2802 syntax: i.e. "$$(VAR_NAME)" will produce the string literal 2803 "$(VAR_NAME)". Escaped references will never be expanded, 2804 regardless of whether the variable exists or not. Cannot 2805 be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell' 2806 items: 2807 type: string 2808 type: array 2809 command: 2810 description: 'Entrypoint array. Not executed within a shell. 2811 The docker image''s ENTRYPOINT is used if this is not 2812 provided. Variable references $(VAR_NAME) are expanded 2813 using the container''s environment. If a variable cannot 2814 be resolved, the reference in the input string will be 2815 unchanged. Double $$ are reduced to a single $, which 2816 allows for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" 2817 will produce the string literal "$(VAR_NAME)". Escaped 2818 references will never be expanded, regardless of whether 2819 the variable exists or not. Cannot be updated. More info: 2820 https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell' 2821 items: 2822 type: string 2823 type: array 2824 env: 2825 description: List of environment variables to set in the 2826 container. Cannot be updated. 2827 items: 2828 description: EnvVar represents an environment variable 2829 present in a Container. 2830 properties: 2831 name: 2832 description: Name of the environment variable. Must 2833 be a C_IDENTIFIER. 2834 type: string 2835 value: 2836 description: 'Variable references $(VAR_NAME) are 2837 expanded using the previously defined environment 2838 variables in the container and any service environment 2839 variables. If a variable cannot be resolved, the 2840 reference in the input string will be unchanged. 2841 Double $$ are reduced to a single $, which allows 2842 for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" 2843 will produce the string literal "$(VAR_NAME)". Escaped 2844 references will never be expanded, regardless of 2845 whether the variable exists or not. Defaults to 2846 "".' 2847 type: string 2848 valueFrom: 2849 description: Source for the environment variable's 2850 value. Cannot be used if value is not empty. 2851 properties: 2852 configMapKeyRef: 2853 description: Selects a key of a ConfigMap. 2854 properties: 2855 key: 2856 description: The key to select. 2857 type: string 2858 name: 2859 description: 'Name of the referent. More info: 2860 https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 2861 TODO: Add other useful fields. apiVersion, 2862 kind, uid?' 2863 type: string 2864 optional: 2865 description: Specify whether the ConfigMap 2866 or its key must be defined 2867 type: boolean 2868 required: 2869 - key 2870 type: object 2871 fieldRef: 2872 description: 'Selects a field of the pod: supports 2873 metadata.name, metadata.namespace, `metadata.labels[''<KEY>'']`, 2874 `metadata.annotations[''<KEY>'']`, spec.nodeName, 2875 spec.serviceAccountName, status.hostIP, status.podIP, 2876 status.podIPs.' 2877 properties: 2878 apiVersion: 2879 description: Version of the schema the FieldPath 2880 is written in terms of, defaults to "v1". 2881 type: string 2882 fieldPath: 2883 description: Path of the field to select in 2884 the specified API version. 2885 type: string 2886 required: 2887 - fieldPath 2888 type: object 2889 resourceFieldRef: 2890 description: 'Selects a resource of the container: 2891 only resources limits and requests (limits.cpu, 2892 limits.memory, limits.ephemeral-storage, requests.cpu, 2893 requests.memory and requests.ephemeral-storage) 2894 are currently supported.' 2895 properties: 2896 containerName: 2897 description: 'Container name: required for 2898 volumes, optional for env vars' 2899 type: string 2900 divisor: 2901 anyOf: 2902 - type: integer 2903 - type: string 2904 description: Specifies the output format of 2905 the exposed resources, defaults to "1" 2906 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 2907 x-kubernetes-int-or-string: true 2908 resource: 2909 description: 'Required: resource to select' 2910 type: string 2911 required: 2912 - resource 2913 type: object 2914 secretKeyRef: 2915 description: Selects a key of a secret in the 2916 pod's namespace 2917 properties: 2918 key: 2919 description: The key of the secret to select 2920 from. Must be a valid secret key. 2921 type: string 2922 name: 2923 description: 'Name of the referent. More info: 2924 https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 2925 TODO: Add other useful fields. apiVersion, 2926 kind, uid?' 2927 type: string 2928 optional: 2929 description: Specify whether the Secret or 2930 its key must be defined 2931 type: boolean 2932 required: 2933 - key 2934 type: object 2935 type: object 2936 required: 2937 - name 2938 type: object 2939 type: array 2940 envFrom: 2941 description: List of sources to populate environment variables 2942 in the container. The keys defined within a source must 2943 be a C_IDENTIFIER. All invalid keys will be reported as 2944 an event when the container is starting. When a key exists 2945 in multiple sources, the value associated with the last 2946 source will take precedence. Values defined by an Env 2947 with a duplicate key will take precedence. Cannot be updated. 2948 items: 2949 description: EnvFromSource represents the source of a 2950 set of ConfigMaps 2951 properties: 2952 configMapRef: 2953 description: The ConfigMap to select from 2954 properties: 2955 name: 2956 description: 'Name of the referent. More info: 2957 https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 2958 TODO: Add other useful fields. apiVersion, kind, 2959 uid?' 2960 type: string 2961 optional: 2962 description: Specify whether the ConfigMap must 2963 be defined 2964 type: boolean 2965 type: object 2966 prefix: 2967 description: An optional identifier to prepend to 2968 each key in the ConfigMap. Must be a C_IDENTIFIER. 2969 type: string 2970 secretRef: 2971 description: The Secret to select from 2972 properties: 2973 name: 2974 description: 'Name of the referent. More info: 2975 https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 2976 TODO: Add other useful fields. apiVersion, kind, 2977 uid?' 2978 type: string 2979 optional: 2980 description: Specify whether the Secret must be 2981 defined 2982 type: boolean 2983 type: object 2984 type: object 2985 type: array 2986 image: 2987 description: 'Docker image name. More info: https://kubernetes.io/docs/concepts/containers/images 2988 This field is optional to allow higher level config management 2989 to default or override container images in workload controllers 2990 like Deployments and StatefulSets.' 2991 type: string 2992 imagePullPolicy: 2993 description: 'Image pull policy. One of Always, Never, IfNotPresent. 2994 Defaults to Always if :latest tag is specified, or IfNotPresent 2995 otherwise. Cannot be updated. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images' 2996 type: string 2997 lifecycle: 2998 description: Actions that the management system should take 2999 in response to container lifecycle events. Cannot be updated. 3000 properties: 3001 postStart: 3002 description: 'PostStart is called immediately after 3003 a container is created. If the handler fails, the 3004 container is terminated and restarted according to 3005 its restart policy. Other management of the container 3006 blocks until the hook completes. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks' 3007 properties: 3008 exec: 3009 description: Exec specifies the action to take. 3010 properties: 3011 command: 3012 description: Command is the command line to 3013 execute inside the container, the working 3014 directory for the command is root ('/') in 3015 the container's filesystem. The command is 3016 simply exec'd, it is not run inside a shell, 3017 so traditional shell instructions ('|', etc) 3018 won't work. To use a shell, you need to explicitly 3019 call out to that shell. Exit status of 0 is 3020 treated as live/healthy and non-zero is unhealthy. 3021 items: 3022 type: string 3023 type: array 3024 type: object 3025 httpGet: 3026 description: HTTPGet specifies the http request 3027 to perform. 3028 properties: 3029 host: 3030 description: Host name to connect to, defaults 3031 to the pod IP. You probably want to set "Host" 3032 in httpHeaders instead. 3033 type: string 3034 httpHeaders: 3035 description: Custom headers to set in the request. 3036 HTTP allows repeated headers. 3037 items: 3038 description: HTTPHeader describes a custom 3039 header to be used in HTTP probes 3040 properties: 3041 name: 3042 description: The header field name 3043 type: string 3044 value: 3045 description: The header field value 3046 type: string 3047 required: 3048 - name 3049 - value 3050 type: object 3051 type: array 3052 path: 3053 description: Path to access on the HTTP server. 3054 type: string 3055 port: 3056 anyOf: 3057 - type: integer 3058 - type: string 3059 description: Name or number of the port to access 3060 on the container. Number must be in the range 3061 1 to 65535. Name must be an IANA_SVC_NAME. 3062 x-kubernetes-int-or-string: true 3063 scheme: 3064 description: Scheme to use for connecting to 3065 the host. Defaults to HTTP. 3066 type: string 3067 required: 3068 - port 3069 type: object 3070 tcpSocket: 3071 description: Deprecated. TCPSocket is NOT supported 3072 as a LifecycleHandler and kept for the backward 3073 compatibility. There are no validation of this 3074 field and lifecycle hooks will fail in runtime 3075 when tcp handler is specified. 3076 properties: 3077 host: 3078 description: 'Optional: Host name to connect 3079 to, defaults to the pod IP.' 3080 type: string 3081 port: 3082 anyOf: 3083 - type: integer 3084 - type: string 3085 description: Number or name of the port to access 3086 on the container. Number must be in the range 3087 1 to 65535. Name must be an IANA_SVC_NAME. 3088 x-kubernetes-int-or-string: true 3089 required: 3090 - port 3091 type: object 3092 type: object 3093 preStop: 3094 description: 'PreStop is called immediately before a 3095 container is terminated due to an API request or management 3096 event such as liveness/startup probe failure, preemption, 3097 resource contention, etc. The handler is not called 3098 if the container crashes or exits. The Pod''s termination 3099 grace period countdown begins before the PreStop hook 3100 is executed. Regardless of the outcome of the handler, 3101 the container will eventually terminate within the 3102 Pod''s termination grace period (unless delayed by 3103 finalizers). Other management of the container blocks 3104 until the hook completes or until the termination 3105 grace period is reached. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks' 3106 properties: 3107 exec: 3108 description: Exec specifies the action to take. 3109 properties: 3110 command: 3111 description: Command is the command line to 3112 execute inside the container, the working 3113 directory for the command is root ('/') in 3114 the container's filesystem. The command is 3115 simply exec'd, it is not run inside a shell, 3116 so traditional shell instructions ('|', etc) 3117 won't work. To use a shell, you need to explicitly 3118 call out to that shell. Exit status of 0 is 3119 treated as live/healthy and non-zero is unhealthy. 3120 items: 3121 type: string 3122 type: array 3123 type: object 3124 httpGet: 3125 description: HTTPGet specifies the http request 3126 to perform. 3127 properties: 3128 host: 3129 description: Host name to connect to, defaults 3130 to the pod IP. You probably want to set "Host" 3131 in httpHeaders instead. 3132 type: string 3133 httpHeaders: 3134 description: Custom headers to set in the request. 3135 HTTP allows repeated headers. 3136 items: 3137 description: HTTPHeader describes a custom 3138 header to be used in HTTP probes 3139 properties: 3140 name: 3141 description: The header field name 3142 type: string 3143 value: 3144 description: The header field value 3145 type: string 3146 required: 3147 - name 3148 - value 3149 type: object 3150 type: array 3151 path: 3152 description: Path to access on the HTTP server. 3153 type: string 3154 port: 3155 anyOf: 3156 - type: integer 3157 - type: string 3158 description: Name or number of the port to access 3159 on the container. Number must be in the range 3160 1 to 65535. Name must be an IANA_SVC_NAME. 3161 x-kubernetes-int-or-string: true 3162 scheme: 3163 description: Scheme to use for connecting to 3164 the host. Defaults to HTTP. 3165 type: string 3166 required: 3167 - port 3168 type: object 3169 tcpSocket: 3170 description: Deprecated. TCPSocket is NOT supported 3171 as a LifecycleHandler and kept for the backward 3172 compatibility. There are no validation of this 3173 field and lifecycle hooks will fail in runtime 3174 when tcp handler is specified. 3175 properties: 3176 host: 3177 description: 'Optional: Host name to connect 3178 to, defaults to the pod IP.' 3179 type: string 3180 port: 3181 anyOf: 3182 - type: integer 3183 - type: string 3184 description: Number or name of the port to access 3185 on the container. Number must be in the range 3186 1 to 65535. Name must be an IANA_SVC_NAME. 3187 x-kubernetes-int-or-string: true 3188 required: 3189 - port 3190 type: object 3191 type: object 3192 type: object 3193 livenessProbe: 3194 description: 'Periodic probe of container liveness. Container 3195 will be restarted if the probe fails. Cannot be updated. 3196 More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' 3197 properties: 3198 exec: 3199 description: Exec specifies the action to take. 3200 properties: 3201 command: 3202 description: Command is the command line to execute 3203 inside the container, the working directory for 3204 the command is root ('/') in the container's 3205 filesystem. The command is simply exec'd, it is 3206 not run inside a shell, so traditional shell instructions 3207 ('|', etc) won't work. To use a shell, you need 3208 to explicitly call out to that shell. Exit status 3209 of 0 is treated as live/healthy and non-zero is 3210 unhealthy. 3211 items: 3212 type: string 3213 type: array 3214 type: object 3215 failureThreshold: 3216 description: Minimum consecutive failures for the probe 3217 to be considered failed after having succeeded. Defaults 3218 to 3. Minimum value is 1. 3219 format: int32 3220 type: integer 3221 grpc: 3222 description: GRPC specifies an action involving a GRPC 3223 port. This is an alpha field and requires enabling 3224 GRPCContainerProbe feature gate. 3225 properties: 3226 port: 3227 description: Port number of the gRPC service. Number 3228 must be in the range 1 to 65535. 3229 format: int32 3230 type: integer 3231 service: 3232 description: "Service is the name of the service 3233 to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). 3234 \n If this is not specified, the default behavior 3235 is defined by gRPC." 3236 type: string 3237 required: 3238 - port 3239 type: object 3240 httpGet: 3241 description: HTTPGet specifies the http request to perform. 3242 properties: 3243 host: 3244 description: Host name to connect to, defaults to 3245 the pod IP. You probably want to set "Host" in 3246 httpHeaders instead. 3247 type: string 3248 httpHeaders: 3249 description: Custom headers to set in the request. 3250 HTTP allows repeated headers. 3251 items: 3252 description: HTTPHeader describes a custom header 3253 to be used in HTTP probes 3254 properties: 3255 name: 3256 description: The header field name 3257 type: string 3258 value: 3259 description: The header field value 3260 type: string 3261 required: 3262 - name 3263 - value 3264 type: object 3265 type: array 3266 path: 3267 description: Path to access on the HTTP server. 3268 type: string 3269 port: 3270 anyOf: 3271 - type: integer 3272 - type: string 3273 description: Name or number of the port to access 3274 on the container. Number must be in the range 3275 1 to 65535. Name must be an IANA_SVC_NAME. 3276 x-kubernetes-int-or-string: true 3277 scheme: 3278 description: Scheme to use for connecting to the 3279 host. Defaults to HTTP. 3280 type: string 3281 required: 3282 - port 3283 type: object 3284 initialDelaySeconds: 3285 description: 'Number of seconds after the container 3286 has started before liveness probes are initiated. 3287 More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' 3288 format: int32 3289 type: integer 3290 periodSeconds: 3291 description: How often (in seconds) to perform the probe. 3292 Default to 10 seconds. Minimum value is 1. 3293 format: int32 3294 type: integer 3295 successThreshold: 3296 description: Minimum consecutive successes for the probe 3297 to be considered successful after having failed. Defaults 3298 to 1. Must be 1 for liveness and startup. Minimum 3299 value is 1. 3300 format: int32 3301 type: integer 3302 tcpSocket: 3303 description: TCPSocket specifies an action involving 3304 a TCP port. 3305 properties: 3306 host: 3307 description: 'Optional: Host name to connect to, 3308 defaults to the pod IP.' 3309 type: string 3310 port: 3311 anyOf: 3312 - type: integer 3313 - type: string 3314 description: Number or name of the port to access 3315 on the container. Number must be in the range 3316 1 to 65535. Name must be an IANA_SVC_NAME. 3317 x-kubernetes-int-or-string: true 3318 required: 3319 - port 3320 type: object 3321 terminationGracePeriodSeconds: 3322 description: Optional duration in seconds the pod needs 3323 to terminate gracefully upon probe failure. The grace 3324 period is the duration in seconds after the processes 3325 running in the pod are sent a termination signal and 3326 the time when the processes are forcibly halted with 3327 a kill signal. Set this value longer than the expected 3328 cleanup time for your process. If this value is nil, 3329 the pod's terminationGracePeriodSeconds will be used. 3330 Otherwise, this value overrides the value provided 3331 by the pod spec. Value must be non-negative integer. 3332 The value zero indicates stop immediately via the 3333 kill signal (no opportunity to shut down). This is 3334 a beta field and requires enabling ProbeTerminationGracePeriod 3335 feature gate. Minimum value is 1. spec.terminationGracePeriodSeconds 3336 is used if unset. 3337 format: int64 3338 type: integer 3339 timeoutSeconds: 3340 description: 'Number of seconds after which the probe 3341 times out. Defaults to 1 second. Minimum value is 3342 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' 3343 format: int32 3344 type: integer 3345 type: object 3346 name: 3347 description: Name of the container specified as a DNS_LABEL. 3348 Each container in a pod must have a unique name (DNS_LABEL). 3349 Cannot be updated. 3350 type: string 3351 ports: 3352 description: List of ports to expose from the container. 3353 Exposing a port here gives the system additional information 3354 about the network connections a container uses, but is 3355 primarily informational. Not specifying a port here DOES 3356 NOT prevent that port from being exposed. Any port which 3357 is listening on the default "0.0.0.0" address inside a 3358 container will be accessible from the network. Cannot 3359 be updated. 3360 items: 3361 description: ContainerPort represents a network port in 3362 a single container. 3363 properties: 3364 containerPort: 3365 description: Number of port to expose on the pod's 3366 IP address. This must be a valid port number, 0 3367 < x < 65536. 3368 format: int32 3369 type: integer 3370 hostIP: 3371 description: What host IP to bind the external port 3372 to. 3373 type: string 3374 hostPort: 3375 description: Number of port to expose on the host. 3376 If specified, this must be a valid port number, 3377 0 < x < 65536. If HostNetwork is specified, this 3378 must match ContainerPort. Most containers do not 3379 need this. 3380 format: int32 3381 type: integer 3382 name: 3383 description: If specified, this must be an IANA_SVC_NAME 3384 and unique within the pod. Each named port in a 3385 pod must have a unique name. Name for the port that 3386 can be referred to by services. 3387 type: string 3388 protocol: 3389 default: TCP 3390 description: Protocol for port. Must be UDP, TCP, 3391 or SCTP. Defaults to "TCP". 3392 type: string 3393 required: 3394 - containerPort 3395 type: object 3396 type: array 3397 x-kubernetes-list-map-keys: 3398 - containerPort 3399 - protocol 3400 x-kubernetes-list-type: map 3401 readinessProbe: 3402 description: 'Periodic probe of container service readiness. 3403 Container will be removed from service endpoints if the 3404 probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' 3405 properties: 3406 exec: 3407 description: Exec specifies the action to take. 3408 properties: 3409 command: 3410 description: Command is the command line to execute 3411 inside the container, the working directory for 3412 the command is root ('/') in the container's 3413 filesystem. The command is simply exec'd, it is 3414 not run inside a shell, so traditional shell instructions 3415 ('|', etc) won't work. To use a shell, you need 3416 to explicitly call out to that shell. Exit status 3417 of 0 is treated as live/healthy and non-zero is 3418 unhealthy. 3419 items: 3420 type: string 3421 type: array 3422 type: object 3423 failureThreshold: 3424 description: Minimum consecutive failures for the probe 3425 to be considered failed after having succeeded. Defaults 3426 to 3. Minimum value is 1. 3427 format: int32 3428 type: integer 3429 grpc: 3430 description: GRPC specifies an action involving a GRPC 3431 port. This is an alpha field and requires enabling 3432 GRPCContainerProbe feature gate. 3433 properties: 3434 port: 3435 description: Port number of the gRPC service. Number 3436 must be in the range 1 to 65535. 3437 format: int32 3438 type: integer 3439 service: 3440 description: "Service is the name of the service 3441 to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). 3442 \n If this is not specified, the default behavior 3443 is defined by gRPC." 3444 type: string 3445 required: 3446 - port 3447 type: object 3448 httpGet: 3449 description: HTTPGet specifies the http request to perform. 3450 properties: 3451 host: 3452 description: Host name to connect to, defaults to 3453 the pod IP. You probably want to set "Host" in 3454 httpHeaders instead. 3455 type: string 3456 httpHeaders: 3457 description: Custom headers to set in the request. 3458 HTTP allows repeated headers. 3459 items: 3460 description: HTTPHeader describes a custom header 3461 to be used in HTTP probes 3462 properties: 3463 name: 3464 description: The header field name 3465 type: string 3466 value: 3467 description: The header field value 3468 type: string 3469 required: 3470 - name 3471 - value 3472 type: object 3473 type: array 3474 path: 3475 description: Path to access on the HTTP server. 3476 type: string 3477 port: 3478 anyOf: 3479 - type: integer 3480 - type: string 3481 description: Name or number of the port to access 3482 on the container. Number must be in the range 3483 1 to 65535. Name must be an IANA_SVC_NAME. 3484 x-kubernetes-int-or-string: true 3485 scheme: 3486 description: Scheme to use for connecting to the 3487 host. Defaults to HTTP. 3488 type: string 3489 required: 3490 - port 3491 type: object 3492 initialDelaySeconds: 3493 description: 'Number of seconds after the container 3494 has started before liveness probes are initiated. 3495 More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' 3496 format: int32 3497 type: integer 3498 periodSeconds: 3499 description: How often (in seconds) to perform the probe. 3500 Default to 10 seconds. Minimum value is 1. 3501 format: int32 3502 type: integer 3503 successThreshold: 3504 description: Minimum consecutive successes for the probe 3505 to be considered successful after having failed. Defaults 3506 to 1. Must be 1 for liveness and startup. Minimum 3507 value is 1. 3508 format: int32 3509 type: integer 3510 tcpSocket: 3511 description: TCPSocket specifies an action involving 3512 a TCP port. 3513 properties: 3514 host: 3515 description: 'Optional: Host name to connect to, 3516 defaults to the pod IP.' 3517 type: string 3518 port: 3519 anyOf: 3520 - type: integer 3521 - type: string 3522 description: Number or name of the port to access 3523 on the container. Number must be in the range 3524 1 to 65535. Name must be an IANA_SVC_NAME. 3525 x-kubernetes-int-or-string: true 3526 required: 3527 - port 3528 type: object 3529 terminationGracePeriodSeconds: 3530 description: Optional duration in seconds the pod needs 3531 to terminate gracefully upon probe failure. The grace 3532 period is the duration in seconds after the processes 3533 running in the pod are sent a termination signal and 3534 the time when the processes are forcibly halted with 3535 a kill signal. Set this value longer than the expected 3536 cleanup time for your process. If this value is nil, 3537 the pod's terminationGracePeriodSeconds will be used. 3538 Otherwise, this value overrides the value provided 3539 by the pod spec. Value must be non-negative integer. 3540 The value zero indicates stop immediately via the 3541 kill signal (no opportunity to shut down). This is 3542 a beta field and requires enabling ProbeTerminationGracePeriod 3543 feature gate. Minimum value is 1. spec.terminationGracePeriodSeconds 3544 is used if unset. 3545 format: int64 3546 type: integer 3547 timeoutSeconds: 3548 description: 'Number of seconds after which the probe 3549 times out. Defaults to 1 second. Minimum value is 3550 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' 3551 format: int32 3552 type: integer 3553 type: object 3554 resources: 3555 description: 'Compute Resources required by this container. 3556 Cannot be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' 3557 properties: 3558 limits: 3559 additionalProperties: 3560 anyOf: 3561 - type: integer 3562 - type: string 3563 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 3564 x-kubernetes-int-or-string: true 3565 description: 'Limits describes the maximum amount of 3566 compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' 3567 type: object 3568 requests: 3569 additionalProperties: 3570 anyOf: 3571 - type: integer 3572 - type: string 3573 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 3574 x-kubernetes-int-or-string: true 3575 description: 'Requests describes the minimum amount 3576 of compute resources required. If Requests is omitted 3577 for a container, it defaults to Limits if that is 3578 explicitly specified, otherwise to an implementation-defined 3579 value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' 3580 type: object 3581 type: object 3582 securityContext: 3583 description: 'SecurityContext defines the security options 3584 the container should be run with. If set, the fields of 3585 SecurityContext override the equivalent fields of PodSecurityContext. 3586 More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/' 3587 properties: 3588 allowPrivilegeEscalation: 3589 description: 'AllowPrivilegeEscalation controls whether 3590 a process can gain more privileges than its parent 3591 process. This bool directly controls if the no_new_privs 3592 flag will be set on the container process. AllowPrivilegeEscalation 3593 is true always when the container is: 1) run as Privileged 3594 2) has CAP_SYS_ADMIN Note that this field cannot be 3595 set when spec.os.name is windows.' 3596 type: boolean 3597 capabilities: 3598 description: The capabilities to add/drop when running 3599 containers. Defaults to the default set of capabilities 3600 granted by the container runtime. Note that this field 3601 cannot be set when spec.os.name is windows. 3602 properties: 3603 add: 3604 description: Added capabilities 3605 items: 3606 description: Capability represent POSIX capabilities 3607 type 3608 type: string 3609 type: array 3610 drop: 3611 description: Removed capabilities 3612 items: 3613 description: Capability represent POSIX capabilities 3614 type 3615 type: string 3616 type: array 3617 type: object 3618 privileged: 3619 description: Run container in privileged mode. Processes 3620 in privileged containers are essentially equivalent 3621 to root on the host. Defaults to false. Note that 3622 this field cannot be set when spec.os.name is windows. 3623 type: boolean 3624 procMount: 3625 description: procMount denotes the type of proc mount 3626 to use for the containers. The default is DefaultProcMount 3627 which uses the container runtime defaults for readonly 3628 paths and masked paths. This requires the ProcMountType 3629 feature flag to be enabled. Note that this field cannot 3630 be set when spec.os.name is windows. 3631 type: string 3632 readOnlyRootFilesystem: 3633 description: Whether this container has a read-only 3634 root filesystem. Default is false. Note that this 3635 field cannot be set when spec.os.name is windows. 3636 type: boolean 3637 runAsGroup: 3638 description: The GID to run the entrypoint of the container 3639 process. Uses runtime default if unset. May also be 3640 set in PodSecurityContext. If set in both SecurityContext 3641 and PodSecurityContext, the value specified in SecurityContext 3642 takes precedence. Note that this field cannot be set 3643 when spec.os.name is windows. 3644 format: int64 3645 type: integer 3646 runAsNonRoot: 3647 description: Indicates that the container must run as 3648 a non-root user. If true, the Kubelet will validate 3649 the image at runtime to ensure that it does not run 3650 as UID 0 (root) and fail to start the container if 3651 it does. If unset or false, no such validation will 3652 be performed. May also be set in PodSecurityContext. If 3653 set in both SecurityContext and PodSecurityContext, 3654 the value specified in SecurityContext takes precedence. 3655 type: boolean 3656 runAsUser: 3657 description: The UID to run the entrypoint of the container 3658 process. Defaults to user specified in image metadata 3659 if unspecified. May also be set in PodSecurityContext. If 3660 set in both SecurityContext and PodSecurityContext, 3661 the value specified in SecurityContext takes precedence. 3662 Note that this field cannot be set when spec.os.name 3663 is windows. 3664 format: int64 3665 type: integer 3666 seLinuxOptions: 3667 description: The SELinux context to be applied to the 3668 container. If unspecified, the container runtime will 3669 allocate a random SELinux context for each container. May 3670 also be set in PodSecurityContext. If set in both 3671 SecurityContext and PodSecurityContext, the value 3672 specified in SecurityContext takes precedence. Note 3673 that this field cannot be set when spec.os.name is 3674 windows. 3675 properties: 3676 level: 3677 description: Level is SELinux level label that applies 3678 to the container. 3679 type: string 3680 role: 3681 description: Role is a SELinux role label that applies 3682 to the container. 3683 type: string 3684 type: 3685 description: Type is a SELinux type label that applies 3686 to the container. 3687 type: string 3688 user: 3689 description: User is a SELinux user label that applies 3690 to the container. 3691 type: string 3692 type: object 3693 seccompProfile: 3694 description: The seccomp options to use by this container. 3695 If seccomp options are provided at both the pod & 3696 container level, the container options override the 3697 pod options. Note that this field cannot be set when 3698 spec.os.name is windows. 3699 properties: 3700 localhostProfile: 3701 description: localhostProfile indicates a profile 3702 defined in a file on the node should be used. 3703 The profile must be preconfigured on the node 3704 to work. Must be a descending path, relative to 3705 the kubelet's configured seccomp profile location. 3706 Must only be set if type is "Localhost". 3707 type: string 3708 type: 3709 description: "type indicates which kind of seccomp 3710 profile will be applied. Valid options are: \n 3711 Localhost - a profile defined in a file on the 3712 node should be used. RuntimeDefault - the container 3713 runtime default profile should be used. Unconfined 3714 - no profile should be applied." 3715 type: string 3716 required: 3717 - type 3718 type: object 3719 windowsOptions: 3720 description: The Windows specific settings applied to 3721 all containers. If unspecified, the options from the 3722 PodSecurityContext will be used. If set in both SecurityContext 3723 and PodSecurityContext, the value specified in SecurityContext 3724 takes precedence. Note that this field cannot be set 3725 when spec.os.name is linux. 3726 properties: 3727 gmsaCredentialSpec: 3728 description: GMSACredentialSpec is where the GMSA 3729 admission webhook (https://github.com/kubernetes-sigs/windows-gmsa) 3730 inlines the contents of the GMSA credential spec 3731 named by the GMSACredentialSpecName field. 3732 type: string 3733 gmsaCredentialSpecName: 3734 description: GMSACredentialSpecName is the name 3735 of the GMSA credential spec to use. 3736 type: string 3737 hostProcess: 3738 description: HostProcess determines if a container 3739 should be run as a 'Host Process' container. This 3740 field is alpha-level and will only be honored 3741 by components that enable the WindowsHostProcessContainers 3742 feature flag. Setting this field without the feature 3743 flag will result in errors when validating the 3744 Pod. All of a Pod's containers must have the same 3745 effective HostProcess value (it is not allowed 3746 to have a mix of HostProcess containers and non-HostProcess 3747 containers). In addition, if HostProcess is true 3748 then HostNetwork must also be set to true. 3749 type: boolean 3750 runAsUserName: 3751 description: The UserName in Windows to run the 3752 entrypoint of the container process. Defaults 3753 to the user specified in image metadata if unspecified. 3754 May also be set in PodSecurityContext. If set 3755 in both SecurityContext and PodSecurityContext, 3756 the value specified in SecurityContext takes precedence. 3757 type: string 3758 type: object 3759 type: object 3760 startupProbe: 3761 description: 'StartupProbe indicates that the Pod has successfully 3762 initialized. If specified, no other probes are executed 3763 until this completes successfully. If this probe fails, 3764 the Pod will be restarted, just as if the livenessProbe 3765 failed. This can be used to provide different probe parameters 3766 at the beginning of a Pod''s lifecycle, when it might 3767 take a long time to load data or warm a cache, than during 3768 steady-state operation. This cannot be updated. More info: 3769 https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' 3770 properties: 3771 exec: 3772 description: Exec specifies the action to take. 3773 properties: 3774 command: 3775 description: Command is the command line to execute 3776 inside the container, the working directory for 3777 the command is root ('/') in the container's 3778 filesystem. The command is simply exec'd, it is 3779 not run inside a shell, so traditional shell instructions 3780 ('|', etc) won't work. To use a shell, you need 3781 to explicitly call out to that shell. Exit status 3782 of 0 is treated as live/healthy and non-zero is 3783 unhealthy. 3784 items: 3785 type: string 3786 type: array 3787 type: object 3788 failureThreshold: 3789 description: Minimum consecutive failures for the probe 3790 to be considered failed after having succeeded. Defaults 3791 to 3. Minimum value is 1. 3792 format: int32 3793 type: integer 3794 grpc: 3795 description: GRPC specifies an action involving a GRPC 3796 port. This is an alpha field and requires enabling 3797 GRPCContainerProbe feature gate. 3798 properties: 3799 port: 3800 description: Port number of the gRPC service. Number 3801 must be in the range 1 to 65535. 3802 format: int32 3803 type: integer 3804 service: 3805 description: "Service is the name of the service 3806 to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). 3807 \n If this is not specified, the default behavior 3808 is defined by gRPC." 3809 type: string 3810 required: 3811 - port 3812 type: object 3813 httpGet: 3814 description: HTTPGet specifies the http request to perform. 3815 properties: 3816 host: 3817 description: Host name to connect to, defaults to 3818 the pod IP. You probably want to set "Host" in 3819 httpHeaders instead. 3820 type: string 3821 httpHeaders: 3822 description: Custom headers to set in the request. 3823 HTTP allows repeated headers. 3824 items: 3825 description: HTTPHeader describes a custom header 3826 to be used in HTTP probes 3827 properties: 3828 name: 3829 description: The header field name 3830 type: string 3831 value: 3832 description: The header field value 3833 type: string 3834 required: 3835 - name 3836 - value 3837 type: object 3838 type: array 3839 path: 3840 description: Path to access on the HTTP server. 3841 type: string 3842 port: 3843 anyOf: 3844 - type: integer 3845 - type: string 3846 description: Name or number of the port to access 3847 on the container. Number must be in the range 3848 1 to 65535. Name must be an IANA_SVC_NAME. 3849 x-kubernetes-int-or-string: true 3850 scheme: 3851 description: Scheme to use for connecting to the 3852 host. Defaults to HTTP. 3853 type: string 3854 required: 3855 - port 3856 type: object 3857 initialDelaySeconds: 3858 description: 'Number of seconds after the container 3859 has started before liveness probes are initiated. 3860 More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' 3861 format: int32 3862 type: integer 3863 periodSeconds: 3864 description: How often (in seconds) to perform the probe. 3865 Default to 10 seconds. Minimum value is 1. 3866 format: int32 3867 type: integer 3868 successThreshold: 3869 description: Minimum consecutive successes for the probe 3870 to be considered successful after having failed. Defaults 3871 to 1. Must be 1 for liveness and startup. Minimum 3872 value is 1. 3873 format: int32 3874 type: integer 3875 tcpSocket: 3876 description: TCPSocket specifies an action involving 3877 a TCP port. 3878 properties: 3879 host: 3880 description: 'Optional: Host name to connect to, 3881 defaults to the pod IP.' 3882 type: string 3883 port: 3884 anyOf: 3885 - type: integer 3886 - type: string 3887 description: Number or name of the port to access 3888 on the container. Number must be in the range 3889 1 to 65535. Name must be an IANA_SVC_NAME. 3890 x-kubernetes-int-or-string: true 3891 required: 3892 - port 3893 type: object 3894 terminationGracePeriodSeconds: 3895 description: Optional duration in seconds the pod needs 3896 to terminate gracefully upon probe failure. The grace 3897 period is the duration in seconds after the processes 3898 running in the pod are sent a termination signal and 3899 the time when the processes are forcibly halted with 3900 a kill signal. Set this value longer than the expected 3901 cleanup time for your process. If this value is nil, 3902 the pod's terminationGracePeriodSeconds will be used. 3903 Otherwise, this value overrides the value provided 3904 by the pod spec. Value must be non-negative integer. 3905 The value zero indicates stop immediately via the 3906 kill signal (no opportunity to shut down). This is 3907 a beta field and requires enabling ProbeTerminationGracePeriod 3908 feature gate. Minimum value is 1. spec.terminationGracePeriodSeconds 3909 is used if unset. 3910 format: int64 3911 type: integer 3912 timeoutSeconds: 3913 description: 'Number of seconds after which the probe 3914 times out. Defaults to 1 second. Minimum value is 3915 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' 3916 format: int32 3917 type: integer 3918 type: object 3919 stdin: 3920 description: Whether this container should allocate a buffer 3921 for stdin in the container runtime. If this is not set, 3922 reads from stdin in the container will always result in 3923 EOF. Default is false. 3924 type: boolean 3925 stdinOnce: 3926 description: Whether the container runtime should close 3927 the stdin channel after it has been opened by a single 3928 attach. When stdin is true the stdin stream will remain 3929 open across multiple attach sessions. If stdinOnce is 3930 set to true, stdin is opened on container start, is empty 3931 until the first client attaches to stdin, and then remains 3932 open and accepts data until the client disconnects, at 3933 which time stdin is closed and remains closed until the 3934 container is restarted. If this flag is false, a container 3935 processes that reads from stdin will never receive an 3936 EOF. Default is false 3937 type: boolean 3938 terminationMessagePath: 3939 description: 'Optional: Path at which the file to which 3940 the container''s termination message will be written is 3941 mounted into the container''s filesystem. Message written 3942 is intended to be brief final status, such as an assertion 3943 failure message. Will be truncated by the node if greater 3944 than 4096 bytes. The total message length across all containers 3945 will be limited to 12kb. Defaults to /dev/termination-log. 3946 Cannot be updated.' 3947 type: string 3948 terminationMessagePolicy: 3949 description: Indicate how the termination message should 3950 be populated. File will use the contents of terminationMessagePath 3951 to populate the container status message on both success 3952 and failure. FallbackToLogsOnError will use the last chunk 3953 of container log output if the termination message file 3954 is empty and the container exited with an error. The log 3955 output is limited to 2048 bytes or 80 lines, whichever 3956 is smaller. Defaults to File. Cannot be updated. 3957 type: string 3958 tty: 3959 description: Whether this container should allocate a TTY 3960 for itself, also requires 'stdin' to be true. Default 3961 is false. 3962 type: boolean 3963 volumeDevices: 3964 description: volumeDevices is the list of block devices 3965 to be used by the container. 3966 items: 3967 description: volumeDevice describes a mapping of a raw 3968 block device within a container. 3969 properties: 3970 devicePath: 3971 description: devicePath is the path inside of the 3972 container that the device will be mapped to. 3973 type: string 3974 name: 3975 description: name must match the name of a persistentVolumeClaim 3976 in the pod 3977 type: string 3978 required: 3979 - devicePath 3980 - name 3981 type: object 3982 type: array 3983 volumeMounts: 3984 description: Pod volumes to mount into the container's filesystem. 3985 Cannot be updated. 3986 items: 3987 description: VolumeMount describes a mounting of a Volume 3988 within a container. 3989 properties: 3990 mountPath: 3991 description: Path within the container at which the 3992 volume should be mounted. Must not contain ':'. 3993 type: string 3994 mountPropagation: 3995 description: mountPropagation determines how mounts 3996 are propagated from the host to container and the 3997 other way around. When not set, MountPropagationNone 3998 is used. This field is beta in 1.10. 3999 type: string 4000 name: 4001 description: This must match the Name of a Volume. 4002 type: string 4003 readOnly: 4004 description: Mounted read-only if true, read-write 4005 otherwise (false or unspecified). Defaults to false. 4006 type: boolean 4007 subPath: 4008 description: Path within the volume from which the 4009 container's volume should be mounted. Defaults to 4010 "" (volume's root). 4011 type: string 4012 subPathExpr: 4013 description: Expanded path within the volume from 4014 which the container's volume should be mounted. 4015 Behaves similarly to SubPath but environment variable 4016 references $(VAR_NAME) are expanded using the container's 4017 environment. Defaults to "" (volume's root). SubPathExpr 4018 and SubPath are mutually exclusive. 4019 type: string 4020 required: 4021 - mountPath 4022 - name 4023 type: object 4024 type: array 4025 workingDir: 4026 description: Container's working directory. If not specified, 4027 the container runtime's default will be used, which might 4028 be configured in the container image. Cannot be updated. 4029 type: string 4030 required: 4031 - name 4032 type: object 4033 type: array 4034 verifytls: 4035 description: VerifyTLS defines whether repo server API should 4036 be accessed using strict TLS validation 4037 type: boolean 4038 version: 4039 description: Version is the ArgoCD Repo Server container image 4040 tag. 4041 type: string 4042 volumeMounts: 4043 description: VolumeMounts adds volumeMounts to the repo server 4044 container 4045 items: 4046 description: VolumeMount describes a mounting of a Volume within 4047 a container. 4048 properties: 4049 mountPath: 4050 description: Path within the container at which the volume 4051 should be mounted. Must not contain ':'. 4052 type: string 4053 mountPropagation: 4054 description: mountPropagation determines how mounts are 4055 propagated from the host to container and the other way 4056 around. When not set, MountPropagationNone is used. This 4057 field is beta in 1.10. 4058 type: string 4059 name: 4060 description: This must match the Name of a Volume. 4061 type: string 4062 readOnly: 4063 description: Mounted read-only if true, read-write otherwise 4064 (false or unspecified). Defaults to false. 4065 type: boolean 4066 subPath: 4067 description: Path within the volume from which the container's 4068 volume should be mounted. Defaults to "" (volume's root). 4069 type: string 4070 subPathExpr: 4071 description: Expanded path within the volume from which 4072 the container's volume should be mounted. Behaves similarly 4073 to SubPath but environment variable references $(VAR_NAME) 4074 are expanded using the container's environment. Defaults 4075 to "" (volume's root). SubPathExpr and SubPath are mutually 4076 exclusive. 4077 type: string 4078 required: 4079 - mountPath 4080 - name 4081 type: object 4082 type: array 4083 volumes: 4084 description: Volumes adds volumes to the repo server deployment 4085 items: 4086 description: Volume represents a named volume in a pod that 4087 may be accessed by any container in the pod. 4088 properties: 4089 awsElasticBlockStore: 4090 description: 'AWSElasticBlockStore represents an AWS Disk 4091 resource that is attached to a kubelet''s host machine 4092 and then exposed to the pod. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore' 4093 properties: 4094 fsType: 4095 description: 'Filesystem type of the volume that you 4096 want to mount. Tip: Ensure that the filesystem type 4097 is supported by the host operating system. Examples: 4098 "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" 4099 if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore 4100 TODO: how do we prevent errors in the filesystem from 4101 compromising the machine' 4102 type: string 4103 partition: 4104 description: 'The partition in the volume that you want 4105 to mount. If omitted, the default is to mount by volume 4106 name. Examples: For volume /dev/sda1, you specify 4107 the partition as "1". Similarly, the volume partition 4108 for /dev/sda is "0" (or you can leave the property 4109 empty).' 4110 format: int32 4111 type: integer 4112 readOnly: 4113 description: 'Specify "true" to force and set the ReadOnly 4114 property in VolumeMounts to "true". If omitted, the 4115 default is "false". More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore' 4116 type: boolean 4117 volumeID: 4118 description: 'Unique ID of the persistent disk resource 4119 in AWS (Amazon EBS volume). More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore' 4120 type: string 4121 required: 4122 - volumeID 4123 type: object 4124 azureDisk: 4125 description: AzureDisk represents an Azure Data Disk mount 4126 on the host and bind mount to the pod. 4127 properties: 4128 cachingMode: 4129 description: 'Host Caching mode: None, Read Only, Read 4130 Write.' 4131 type: string 4132 diskName: 4133 description: The Name of the data disk in the blob storage 4134 type: string 4135 diskURI: 4136 description: The URI the data disk in the blob storage 4137 type: string 4138 fsType: 4139 description: Filesystem type to mount. Must be a filesystem 4140 type supported by the host operating system. Ex. "ext4", 4141 "xfs", "ntfs". Implicitly inferred to be "ext4" if 4142 unspecified. 4143 type: string 4144 kind: 4145 description: 'Expected values Shared: multiple blob 4146 disks per storage account Dedicated: single blob 4147 disk per storage account Managed: azure managed data 4148 disk (only in managed availability set). defaults 4149 to shared' 4150 type: string 4151 readOnly: 4152 description: Defaults to false (read/write). ReadOnly 4153 here will force the ReadOnly setting in VolumeMounts. 4154 type: boolean 4155 required: 4156 - diskName 4157 - diskURI 4158 type: object 4159 azureFile: 4160 description: AzureFile represents an Azure File Service 4161 mount on the host and bind mount to the pod. 4162 properties: 4163 readOnly: 4164 description: Defaults to false (read/write). ReadOnly 4165 here will force the ReadOnly setting in VolumeMounts. 4166 type: boolean 4167 secretName: 4168 description: the name of secret that contains Azure 4169 Storage Account Name and Key 4170 type: string 4171 shareName: 4172 description: Share Name 4173 type: string 4174 required: 4175 - secretName 4176 - shareName 4177 type: object 4178 cephfs: 4179 description: CephFS represents a Ceph FS mount on the host 4180 that shares a pod's lifetime 4181 properties: 4182 monitors: 4183 description: 'Required: Monitors is a collection of 4184 Ceph monitors More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it' 4185 items: 4186 type: string 4187 type: array 4188 path: 4189 description: 'Optional: Used as the mounted root, rather 4190 than the full Ceph tree, default is /' 4191 type: string 4192 readOnly: 4193 description: 'Optional: Defaults to false (read/write). 4194 ReadOnly here will force the ReadOnly setting in VolumeMounts. 4195 More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it' 4196 type: boolean 4197 secretFile: 4198 description: 'Optional: SecretFile is the path to key 4199 ring for User, default is /etc/ceph/user.secret More 4200 info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it' 4201 type: string 4202 secretRef: 4203 description: 'Optional: SecretRef is reference to the 4204 authentication secret for User, default is empty. 4205 More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it' 4206 properties: 4207 name: 4208 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 4209 TODO: Add other useful fields. apiVersion, kind, 4210 uid?' 4211 type: string 4212 type: object 4213 user: 4214 description: 'Optional: User is the rados user name, 4215 default is admin More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it' 4216 type: string 4217 required: 4218 - monitors 4219 type: object 4220 cinder: 4221 description: 'Cinder represents a cinder volume attached 4222 and mounted on kubelets host machine. More info: https://examples.k8s.io/mysql-cinder-pd/README.md' 4223 properties: 4224 fsType: 4225 description: 'Filesystem type to mount. Must be a filesystem 4226 type supported by the host operating system. Examples: 4227 "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" 4228 if unspecified. More info: https://examples.k8s.io/mysql-cinder-pd/README.md' 4229 type: string 4230 readOnly: 4231 description: 'Optional: Defaults to false (read/write). 4232 ReadOnly here will force the ReadOnly setting in VolumeMounts. 4233 More info: https://examples.k8s.io/mysql-cinder-pd/README.md' 4234 type: boolean 4235 secretRef: 4236 description: 'Optional: points to a secret object containing 4237 parameters used to connect to OpenStack.' 4238 properties: 4239 name: 4240 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 4241 TODO: Add other useful fields. apiVersion, kind, 4242 uid?' 4243 type: string 4244 type: object 4245 volumeID: 4246 description: 'volume id used to identify the volume 4247 in cinder. More info: https://examples.k8s.io/mysql-cinder-pd/README.md' 4248 type: string 4249 required: 4250 - volumeID 4251 type: object 4252 configMap: 4253 description: ConfigMap represents a configMap that should 4254 populate this volume 4255 properties: 4256 defaultMode: 4257 description: 'Optional: mode bits used to set permissions 4258 on created files by default. Must be an octal value 4259 between 0000 and 0777 or a decimal value between 0 4260 and 511. YAML accepts both octal and decimal values, 4261 JSON requires decimal values for mode bits. Defaults 4262 to 0644. Directories within the path are not affected 4263 by this setting. This might be in conflict with other 4264 options that affect the file mode, like fsGroup, and 4265 the result can be other mode bits set.' 4266 format: int32 4267 type: integer 4268 items: 4269 description: If unspecified, each key-value pair in 4270 the Data field of the referenced ConfigMap will be 4271 projected into the volume as a file whose name is 4272 the key and content is the value. If specified, the 4273 listed keys will be projected into the specified paths, 4274 and unlisted keys will not be present. If a key is 4275 specified which is not present in the ConfigMap, the 4276 volume setup will error unless it is marked optional. 4277 Paths must be relative and may not contain the '..' 4278 path or start with '..'. 4279 items: 4280 description: Maps a string key to a path within a 4281 volume. 4282 properties: 4283 key: 4284 description: The key to project. 4285 type: string 4286 mode: 4287 description: 'Optional: mode bits used to set 4288 permissions on this file. Must be an octal value 4289 between 0000 and 0777 or a decimal value between 4290 0 and 511. YAML accepts both octal and decimal 4291 values, JSON requires decimal values for mode 4292 bits. If not specified, the volume defaultMode 4293 will be used. This might be in conflict with 4294 other options that affect the file mode, like 4295 fsGroup, and the result can be other mode bits 4296 set.' 4297 format: int32 4298 type: integer 4299 path: 4300 description: The relative path of the file to 4301 map the key to. May not be an absolute path. 4302 May not contain the path element '..'. May not 4303 start with the string '..'. 4304 type: string 4305 required: 4306 - key 4307 - path 4308 type: object 4309 type: array 4310 name: 4311 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 4312 TODO: Add other useful fields. apiVersion, kind, uid?' 4313 type: string 4314 optional: 4315 description: Specify whether the ConfigMap or its keys 4316 must be defined 4317 type: boolean 4318 type: object 4319 csi: 4320 description: CSI (Container Storage Interface) represents 4321 ephemeral storage that is handled by certain external 4322 CSI drivers (Beta feature). 4323 properties: 4324 driver: 4325 description: Driver is the name of the CSI driver that 4326 handles this volume. Consult with your admin for the 4327 correct name as registered in the cluster. 4328 type: string 4329 fsType: 4330 description: Filesystem type to mount. Ex. "ext4", "xfs", 4331 "ntfs". If not provided, the empty value is passed 4332 to the associated CSI driver which will determine 4333 the default filesystem to apply. 4334 type: string 4335 nodePublishSecretRef: 4336 description: NodePublishSecretRef is a reference to 4337 the secret object containing sensitive information 4338 to pass to the CSI driver to complete the CSI NodePublishVolume 4339 and NodeUnpublishVolume calls. This field is optional, 4340 and may be empty if no secret is required. If the 4341 secret object contains more than one secret, all secret 4342 references are passed. 4343 properties: 4344 name: 4345 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 4346 TODO: Add other useful fields. apiVersion, kind, 4347 uid?' 4348 type: string 4349 type: object 4350 readOnly: 4351 description: Specifies a read-only configuration for 4352 the volume. Defaults to false (read/write). 4353 type: boolean 4354 volumeAttributes: 4355 additionalProperties: 4356 type: string 4357 description: VolumeAttributes stores driver-specific 4358 properties that are passed to the CSI driver. Consult 4359 your driver's documentation for supported values. 4360 type: object 4361 required: 4362 - driver 4363 type: object 4364 downwardAPI: 4365 description: DownwardAPI represents downward API about the 4366 pod that should populate this volume 4367 properties: 4368 defaultMode: 4369 description: 'Optional: mode bits to use on created 4370 files by default. Must be a Optional: mode bits used 4371 to set permissions on created files by default. Must 4372 be an octal value between 0000 and 0777 or a decimal 4373 value between 0 and 511. YAML accepts both octal and 4374 decimal values, JSON requires decimal values for mode 4375 bits. Defaults to 0644. Directories within the path 4376 are not affected by this setting. This might be in 4377 conflict with other options that affect the file mode, 4378 like fsGroup, and the result can be other mode bits 4379 set.' 4380 format: int32 4381 type: integer 4382 items: 4383 description: Items is a list of downward API volume 4384 file 4385 items: 4386 description: DownwardAPIVolumeFile represents information 4387 to create the file containing the pod field 4388 properties: 4389 fieldRef: 4390 description: 'Required: Selects a field of the 4391 pod: only annotations, labels, name and namespace 4392 are supported.' 4393 properties: 4394 apiVersion: 4395 description: Version of the schema the FieldPath 4396 is written in terms of, defaults to "v1". 4397 type: string 4398 fieldPath: 4399 description: Path of the field to select in 4400 the specified API version. 4401 type: string 4402 required: 4403 - fieldPath 4404 type: object 4405 mode: 4406 description: 'Optional: mode bits used to set 4407 permissions on this file, must be an octal value 4408 between 0000 and 0777 or a decimal value between 4409 0 and 511. YAML accepts both octal and decimal 4410 values, JSON requires decimal values for mode 4411 bits. If not specified, the volume defaultMode 4412 will be used. This might be in conflict with 4413 other options that affect the file mode, like 4414 fsGroup, and the result can be other mode bits 4415 set.' 4416 format: int32 4417 type: integer 4418 path: 4419 description: 'Required: Path is the relative 4420 path name of the file to be created. Must not 4421 be absolute or contain the ''..'' path. Must 4422 be utf-8 encoded. The first item of the relative 4423 path must not start with ''..''' 4424 type: string 4425 resourceFieldRef: 4426 description: 'Selects a resource of the container: 4427 only resources limits and requests (limits.cpu, 4428 limits.memory, requests.cpu and requests.memory) 4429 are currently supported.' 4430 properties: 4431 containerName: 4432 description: 'Container name: required for 4433 volumes, optional for env vars' 4434 type: string 4435 divisor: 4436 anyOf: 4437 - type: integer 4438 - type: string 4439 description: Specifies the output format of 4440 the exposed resources, defaults to "1" 4441 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 4442 x-kubernetes-int-or-string: true 4443 resource: 4444 description: 'Required: resource to select' 4445 type: string 4446 required: 4447 - resource 4448 type: object 4449 required: 4450 - path 4451 type: object 4452 type: array 4453 type: object 4454 emptyDir: 4455 description: 'EmptyDir represents a temporary directory 4456 that shares a pod''s lifetime. More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir' 4457 properties: 4458 medium: 4459 description: 'What type of storage medium should back 4460 this directory. The default is "" which means to use 4461 the node''s default medium. Must be an empty string 4462 (default) or Memory. More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir' 4463 type: string 4464 sizeLimit: 4465 anyOf: 4466 - type: integer 4467 - type: string 4468 description: 'Total amount of local storage required 4469 for this EmptyDir volume. The size limit is also applicable 4470 for memory medium. The maximum usage on memory medium 4471 EmptyDir would be the minimum value between the SizeLimit 4472 specified here and the sum of memory limits of all 4473 containers in a pod. The default is nil which means 4474 that the limit is undefined. More info: http://kubernetes.io/docs/user-guide/volumes#emptydir' 4475 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 4476 x-kubernetes-int-or-string: true 4477 type: object 4478 ephemeral: 4479 description: "Ephemeral represents a volume that is handled 4480 by a cluster storage driver. The volume's lifecycle is 4481 tied to the pod that defines it - it will be created before 4482 the pod starts, and deleted when the pod is removed. \n 4483 Use this if: a) the volume is only needed while the pod 4484 runs, b) features of normal volumes like restoring from 4485 snapshot or capacity tracking are needed, c) the storage 4486 driver is specified through a storage class, and d) the 4487 storage driver supports dynamic volume provisioning through 4488 \ a PersistentVolumeClaim (see EphemeralVolumeSource 4489 for more information on the connection between this 4490 volume type and PersistentVolumeClaim). \n Use PersistentVolumeClaim 4491 or one of the vendor-specific APIs for volumes that persist 4492 for longer than the lifecycle of an individual pod. \n 4493 Use CSI for light-weight local ephemeral volumes if the 4494 CSI driver is meant to be used that way - see the documentation 4495 of the driver for more information. \n A pod can use both 4496 types of ephemeral volumes and persistent volumes at the 4497 same time." 4498 properties: 4499 volumeClaimTemplate: 4500 description: "Will be used to create a stand-alone PVC 4501 to provision the volume. The pod in which this EphemeralVolumeSource 4502 is embedded will be the owner of the PVC, i.e. the 4503 PVC will be deleted together with the pod. The name 4504 of the PVC will be `<pod name>-<volume name>` where 4505 `<volume name>` is the name from the `PodSpec.Volumes` 4506 array entry. Pod validation will reject the pod if 4507 the concatenated name is not valid for a PVC (for 4508 example, too long). \n An existing PVC with that name 4509 that is not owned by the pod will *not* be used for 4510 the pod to avoid using an unrelated volume by mistake. 4511 Starting the pod is then blocked until the unrelated 4512 PVC is removed. If such a pre-created PVC is meant 4513 to be used by the pod, the PVC has to updated with 4514 an owner reference to the pod once the pod exists. 4515 Normally this should not be necessary, but it may 4516 be useful when manually reconstructing a broken cluster. 4517 \n This field is read-only and no changes will be 4518 made by Kubernetes to the PVC after it has been created. 4519 \n Required, must not be nil." 4520 properties: 4521 metadata: 4522 description: May contain labels and annotations 4523 that will be copied into the PVC when creating 4524 it. No other fields are allowed and will be rejected 4525 during validation. 4526 type: object 4527 spec: 4528 description: The specification for the PersistentVolumeClaim. 4529 The entire content is copied unchanged into the 4530 PVC that gets created from this template. The 4531 same fields as in a PersistentVolumeClaim are 4532 also valid here. 4533 properties: 4534 accessModes: 4535 description: 'AccessModes contains the desired 4536 access modes the volume should have. More 4537 info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1' 4538 items: 4539 type: string 4540 type: array 4541 dataSource: 4542 description: 'This field can be used to specify 4543 either: * An existing VolumeSnapshot object 4544 (snapshot.storage.k8s.io/VolumeSnapshot) * 4545 An existing PVC (PersistentVolumeClaim) If 4546 the provisioner or an external controller 4547 can support the specified data source, it 4548 will create a new volume based on the contents 4549 of the specified data source. If the AnyVolumeDataSource 4550 feature gate is enabled, this field will always 4551 have the same contents as the DataSourceRef 4552 field.' 4553 properties: 4554 apiGroup: 4555 description: APIGroup is the group for the 4556 resource being referenced. If APIGroup 4557 is not specified, the specified Kind must 4558 be in the core API group. For any other 4559 third-party types, APIGroup is required. 4560 type: string 4561 kind: 4562 description: Kind is the type of resource 4563 being referenced 4564 type: string 4565 name: 4566 description: Name is the name of resource 4567 being referenced 4568 type: string 4569 required: 4570 - kind 4571 - name 4572 type: object 4573 dataSourceRef: 4574 description: 'Specifies the object from which 4575 to populate the volume with data, if a non-empty 4576 volume is desired. This may be any local object 4577 from a non-empty API group (non core object) 4578 or a PersistentVolumeClaim object. When this 4579 field is specified, volume binding will only 4580 succeed if the type of the specified object 4581 matches some installed volume populator or 4582 dynamic provisioner. This field will replace 4583 the functionality of the DataSource field 4584 and as such if both fields are non-empty, 4585 they must have the same value. For backwards 4586 compatibility, both fields (DataSource and 4587 DataSourceRef) will be set to the same value 4588 automatically if one of them is empty and 4589 the other is non-empty. There are two important 4590 differences between DataSource and DataSourceRef: 4591 * While DataSource only allows two specific 4592 types of objects, DataSourceRef allows any 4593 non-core object, as well as PersistentVolumeClaim 4594 objects. * While DataSource ignores disallowed 4595 values (dropping them), DataSourceRef preserves 4596 all values, and generates an error if a disallowed 4597 value is specified. (Alpha) Using this field 4598 requires the AnyVolumeDataSource feature gate 4599 to be enabled.' 4600 properties: 4601 apiGroup: 4602 description: APIGroup is the group for the 4603 resource being referenced. If APIGroup 4604 is not specified, the specified Kind must 4605 be in the core API group. For any other 4606 third-party types, APIGroup is required. 4607 type: string 4608 kind: 4609 description: Kind is the type of resource 4610 being referenced 4611 type: string 4612 name: 4613 description: Name is the name of resource 4614 being referenced 4615 type: string 4616 required: 4617 - kind 4618 - name 4619 type: object 4620 resources: 4621 description: 'Resources represents the minimum 4622 resources the volume should have. If RecoverVolumeExpansionFailure 4623 feature is enabled users are allowed to specify 4624 resource requirements that are lower than 4625 previous value but must still be higher than 4626 capacity recorded in the status field of the 4627 claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources' 4628 properties: 4629 limits: 4630 additionalProperties: 4631 anyOf: 4632 - type: integer 4633 - type: string 4634 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 4635 x-kubernetes-int-or-string: true 4636 description: 'Limits describes the maximum 4637 amount of compute resources allowed. More 4638 info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' 4639 type: object 4640 requests: 4641 additionalProperties: 4642 anyOf: 4643 - type: integer 4644 - type: string 4645 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 4646 x-kubernetes-int-or-string: true 4647 description: 'Requests describes the minimum 4648 amount of compute resources required. 4649 If Requests is omitted for a container, 4650 it defaults to Limits if that is explicitly 4651 specified, otherwise to an implementation-defined 4652 value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' 4653 type: object 4654 type: object 4655 selector: 4656 description: A label query over volumes to consider 4657 for binding. 4658 properties: 4659 matchExpressions: 4660 description: matchExpressions is a list 4661 of label selector requirements. The requirements 4662 are ANDed. 4663 items: 4664 description: A label selector requirement 4665 is a selector that contains values, 4666 a key, and an operator that relates 4667 the key and values. 4668 properties: 4669 key: 4670 description: key is the label key 4671 that the selector applies to. 4672 type: string 4673 operator: 4674 description: operator represents a 4675 key's relationship to a set of values. 4676 Valid operators are In, NotIn, Exists 4677 and DoesNotExist. 4678 type: string 4679 values: 4680 description: values is an array of 4681 string values. If the operator is 4682 In or NotIn, the values array must 4683 be non-empty. If the operator is 4684 Exists or DoesNotExist, the values 4685 array must be empty. This array 4686 is replaced during a strategic merge 4687 patch. 4688 items: 4689 type: string 4690 type: array 4691 required: 4692 - key 4693 - operator 4694 type: object 4695 type: array 4696 matchLabels: 4697 additionalProperties: 4698 type: string 4699 description: matchLabels is a map of {key,value} 4700 pairs. A single {key,value} in the matchLabels 4701 map is equivalent to an element of matchExpressions, 4702 whose key field is "key", the operator 4703 is "In", and the values array contains 4704 only "value". The requirements are ANDed. 4705 type: object 4706 type: object 4707 storageClassName: 4708 description: 'Name of the StorageClass required 4709 by the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1' 4710 type: string 4711 volumeMode: 4712 description: volumeMode defines what type of 4713 volume is required by the claim. Value of 4714 Filesystem is implied when not included in 4715 claim spec. 4716 type: string 4717 volumeName: 4718 description: VolumeName is the binding reference 4719 to the PersistentVolume backing this claim. 4720 type: string 4721 type: object 4722 required: 4723 - spec 4724 type: object 4725 type: object 4726 fc: 4727 description: FC represents a Fibre Channel resource that 4728 is attached to a kubelet's host machine and then exposed 4729 to the pod. 4730 properties: 4731 fsType: 4732 description: 'Filesystem type to mount. Must be a filesystem 4733 type supported by the host operating system. Ex. "ext4", 4734 "xfs", "ntfs". Implicitly inferred to be "ext4" if 4735 unspecified. TODO: how do we prevent errors in the 4736 filesystem from compromising the machine' 4737 type: string 4738 lun: 4739 description: 'Optional: FC target lun number' 4740 format: int32 4741 type: integer 4742 readOnly: 4743 description: 'Optional: Defaults to false (read/write). 4744 ReadOnly here will force the ReadOnly setting in VolumeMounts.' 4745 type: boolean 4746 targetWWNs: 4747 description: 'Optional: FC target worldwide names (WWNs)' 4748 items: 4749 type: string 4750 type: array 4751 wwids: 4752 description: 'Optional: FC volume world wide identifiers 4753 (wwids) Either wwids or combination of targetWWNs 4754 and lun must be set, but not both simultaneously.' 4755 items: 4756 type: string 4757 type: array 4758 type: object 4759 flexVolume: 4760 description: FlexVolume represents a generic volume resource 4761 that is provisioned/attached using an exec based plugin. 4762 properties: 4763 driver: 4764 description: Driver is the name of the driver to use 4765 for this volume. 4766 type: string 4767 fsType: 4768 description: Filesystem type to mount. Must be a filesystem 4769 type supported by the host operating system. Ex. "ext4", 4770 "xfs", "ntfs". The default filesystem depends on FlexVolume 4771 script. 4772 type: string 4773 options: 4774 additionalProperties: 4775 type: string 4776 description: 'Optional: Extra command options if any.' 4777 type: object 4778 readOnly: 4779 description: 'Optional: Defaults to false (read/write). 4780 ReadOnly here will force the ReadOnly setting in VolumeMounts.' 4781 type: boolean 4782 secretRef: 4783 description: 'Optional: SecretRef is reference to the 4784 secret object containing sensitive information to 4785 pass to the plugin scripts. This may be empty if no 4786 secret object is specified. If the secret object contains 4787 more than one secret, all secrets are passed to the 4788 plugin scripts.' 4789 properties: 4790 name: 4791 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 4792 TODO: Add other useful fields. apiVersion, kind, 4793 uid?' 4794 type: string 4795 type: object 4796 required: 4797 - driver 4798 type: object 4799 flocker: 4800 description: Flocker represents a Flocker volume attached 4801 to a kubelet's host machine. This depends on the Flocker 4802 control service being running 4803 properties: 4804 datasetName: 4805 description: Name of the dataset stored as metadata 4806 -> name on the dataset for Flocker should be considered 4807 as deprecated 4808 type: string 4809 datasetUUID: 4810 description: UUID of the dataset. This is unique identifier 4811 of a Flocker dataset 4812 type: string 4813 type: object 4814 gcePersistentDisk: 4815 description: 'GCEPersistentDisk represents a GCE Disk resource 4816 that is attached to a kubelet''s host machine and then 4817 exposed to the pod. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk' 4818 properties: 4819 fsType: 4820 description: 'Filesystem type of the volume that you 4821 want to mount. Tip: Ensure that the filesystem type 4822 is supported by the host operating system. Examples: 4823 "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" 4824 if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk 4825 TODO: how do we prevent errors in the filesystem from 4826 compromising the machine' 4827 type: string 4828 partition: 4829 description: 'The partition in the volume that you want 4830 to mount. If omitted, the default is to mount by volume 4831 name. Examples: For volume /dev/sda1, you specify 4832 the partition as "1". Similarly, the volume partition 4833 for /dev/sda is "0" (or you can leave the property 4834 empty). More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk' 4835 format: int32 4836 type: integer 4837 pdName: 4838 description: 'Unique name of the PD resource in GCE. 4839 Used to identify the disk in GCE. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk' 4840 type: string 4841 readOnly: 4842 description: 'ReadOnly here will force the ReadOnly 4843 setting in VolumeMounts. Defaults to false. More info: 4844 https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk' 4845 type: boolean 4846 required: 4847 - pdName 4848 type: object 4849 gitRepo: 4850 description: 'GitRepo represents a git repository at a particular 4851 revision. DEPRECATED: GitRepo is deprecated. To provision 4852 a container with a git repo, mount an EmptyDir into an 4853 InitContainer that clones the repo using git, then mount 4854 the EmptyDir into the Pod''s container.' 4855 properties: 4856 directory: 4857 description: Target directory name. Must not contain 4858 or start with '..'. If '.' is supplied, the volume 4859 directory will be the git repository. Otherwise, 4860 if specified, the volume will contain the git repository 4861 in the subdirectory with the given name. 4862 type: string 4863 repository: 4864 description: Repository URL 4865 type: string 4866 revision: 4867 description: Commit hash for the specified revision. 4868 type: string 4869 required: 4870 - repository 4871 type: object 4872 glusterfs: 4873 description: 'Glusterfs represents a Glusterfs mount on 4874 the host that shares a pod''s lifetime. More info: https://examples.k8s.io/volumes/glusterfs/README.md' 4875 properties: 4876 endpoints: 4877 description: 'EndpointsName is the endpoint name that 4878 details Glusterfs topology. More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod' 4879 type: string 4880 path: 4881 description: 'Path is the Glusterfs volume path. More 4882 info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod' 4883 type: string 4884 readOnly: 4885 description: 'ReadOnly here will force the Glusterfs 4886 volume to be mounted with read-only permissions. Defaults 4887 to false. More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod' 4888 type: boolean 4889 required: 4890 - endpoints 4891 - path 4892 type: object 4893 hostPath: 4894 description: 'HostPath represents a pre-existing file or 4895 directory on the host machine that is directly exposed 4896 to the container. This is generally used for system agents 4897 or other privileged things that are allowed to see the 4898 host machine. Most containers will NOT need this. More 4899 info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath 4900 --- TODO(jonesdl) We need to restrict who can use host 4901 directory mounts and who can/can not mount host directories 4902 as read/write.' 4903 properties: 4904 path: 4905 description: 'Path of the directory on the host. If 4906 the path is a symlink, it will follow the link to 4907 the real path. More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath' 4908 type: string 4909 type: 4910 description: 'Type for HostPath Volume Defaults to "" 4911 More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath' 4912 type: string 4913 required: 4914 - path 4915 type: object 4916 iscsi: 4917 description: 'ISCSI represents an ISCSI Disk resource that 4918 is attached to a kubelet''s host machine and then exposed 4919 to the pod. More info: https://examples.k8s.io/volumes/iscsi/README.md' 4920 properties: 4921 chapAuthDiscovery: 4922 description: whether support iSCSI Discovery CHAP authentication 4923 type: boolean 4924 chapAuthSession: 4925 description: whether support iSCSI Session CHAP authentication 4926 type: boolean 4927 fsType: 4928 description: 'Filesystem type of the volume that you 4929 want to mount. Tip: Ensure that the filesystem type 4930 is supported by the host operating system. Examples: 4931 "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" 4932 if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#iscsi 4933 TODO: how do we prevent errors in the filesystem from 4934 compromising the machine' 4935 type: string 4936 initiatorName: 4937 description: Custom iSCSI Initiator Name. If initiatorName 4938 is specified with iscsiInterface simultaneously, new 4939 iSCSI interface <target portal>:<volume name> will 4940 be created for the connection. 4941 type: string 4942 iqn: 4943 description: Target iSCSI Qualified Name. 4944 type: string 4945 iscsiInterface: 4946 description: iSCSI Interface Name that uses an iSCSI 4947 transport. Defaults to 'default' (tcp). 4948 type: string 4949 lun: 4950 description: iSCSI Target Lun number. 4951 format: int32 4952 type: integer 4953 portals: 4954 description: iSCSI Target Portal List. The portal is 4955 either an IP or ip_addr:port if the port is other 4956 than default (typically TCP ports 860 and 3260). 4957 items: 4958 type: string 4959 type: array 4960 readOnly: 4961 description: ReadOnly here will force the ReadOnly setting 4962 in VolumeMounts. Defaults to false. 4963 type: boolean 4964 secretRef: 4965 description: CHAP Secret for iSCSI target and initiator 4966 authentication 4967 properties: 4968 name: 4969 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 4970 TODO: Add other useful fields. apiVersion, kind, 4971 uid?' 4972 type: string 4973 type: object 4974 targetPortal: 4975 description: iSCSI Target Portal. The Portal is either 4976 an IP or ip_addr:port if the port is other than default 4977 (typically TCP ports 860 and 3260). 4978 type: string 4979 required: 4980 - iqn 4981 - lun 4982 - targetPortal 4983 type: object 4984 name: 4985 description: 'Volume''s name. Must be a DNS_LABEL and unique 4986 within the pod. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' 4987 type: string 4988 nfs: 4989 description: 'NFS represents an NFS mount on the host that 4990 shares a pod''s lifetime More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs' 4991 properties: 4992 path: 4993 description: 'Path that is exported by the NFS server. 4994 More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs' 4995 type: string 4996 readOnly: 4997 description: 'ReadOnly here will force the NFS export 4998 to be mounted with read-only permissions. Defaults 4999 to false. More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs' 5000 type: boolean 5001 server: 5002 description: 'Server is the hostname or IP address of 5003 the NFS server. More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs' 5004 type: string 5005 required: 5006 - path 5007 - server 5008 type: object 5009 persistentVolumeClaim: 5010 description: 'PersistentVolumeClaimVolumeSource represents 5011 a reference to a PersistentVolumeClaim in the same namespace. 5012 More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims' 5013 properties: 5014 claimName: 5015 description: 'ClaimName is the name of a PersistentVolumeClaim 5016 in the same namespace as the pod using this volume. 5017 More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims' 5018 type: string 5019 readOnly: 5020 description: Will force the ReadOnly setting in VolumeMounts. 5021 Default false. 5022 type: boolean 5023 required: 5024 - claimName 5025 type: object 5026 photonPersistentDisk: 5027 description: PhotonPersistentDisk represents a PhotonController 5028 persistent disk attached and mounted on kubelets host 5029 machine 5030 properties: 5031 fsType: 5032 description: Filesystem type to mount. Must be a filesystem 5033 type supported by the host operating system. Ex. "ext4", 5034 "xfs", "ntfs". Implicitly inferred to be "ext4" if 5035 unspecified. 5036 type: string 5037 pdID: 5038 description: ID that identifies Photon Controller persistent 5039 disk 5040 type: string 5041 required: 5042 - pdID 5043 type: object 5044 portworxVolume: 5045 description: PortworxVolume represents a portworx volume 5046 attached and mounted on kubelets host machine 5047 properties: 5048 fsType: 5049 description: FSType represents the filesystem type to 5050 mount Must be a filesystem type supported by the host 5051 operating system. Ex. "ext4", "xfs". Implicitly inferred 5052 to be "ext4" if unspecified. 5053 type: string 5054 readOnly: 5055 description: Defaults to false (read/write). ReadOnly 5056 here will force the ReadOnly setting in VolumeMounts. 5057 type: boolean 5058 volumeID: 5059 description: VolumeID uniquely identifies a Portworx 5060 volume 5061 type: string 5062 required: 5063 - volumeID 5064 type: object 5065 projected: 5066 description: Items for all in one resources secrets, configmaps, 5067 and downward API 5068 properties: 5069 defaultMode: 5070 description: Mode bits used to set permissions on created 5071 files by default. Must be an octal value between 0000 5072 and 0777 or a decimal value between 0 and 511. YAML 5073 accepts both octal and decimal values, JSON requires 5074 decimal values for mode bits. Directories within the 5075 path are not affected by this setting. This might 5076 be in conflict with other options that affect the 5077 file mode, like fsGroup, and the result can be other 5078 mode bits set. 5079 format: int32 5080 type: integer 5081 sources: 5082 description: list of volume projections 5083 items: 5084 description: Projection that may be projected along 5085 with other supported volume types 5086 properties: 5087 configMap: 5088 description: information about the configMap data 5089 to project 5090 properties: 5091 items: 5092 description: If unspecified, each key-value 5093 pair in the Data field of the referenced 5094 ConfigMap will be projected into the volume 5095 as a file whose name is the key and content 5096 is the value. If specified, the listed keys 5097 will be projected into the specified paths, 5098 and unlisted keys will not be present. If 5099 a key is specified which is not present 5100 in the ConfigMap, the volume setup will 5101 error unless it is marked optional. Paths 5102 must be relative and may not contain the 5103 '..' path or start with '..'. 5104 items: 5105 description: Maps a string key to a path 5106 within a volume. 5107 properties: 5108 key: 5109 description: The key to project. 5110 type: string 5111 mode: 5112 description: 'Optional: mode bits used 5113 to set permissions on this file. Must 5114 be an octal value between 0000 and 5115 0777 or a decimal value between 0 5116 and 511. YAML accepts both octal and 5117 decimal values, JSON requires decimal 5118 values for mode bits. If not specified, 5119 the volume defaultMode will be used. 5120 This might be in conflict with other 5121 options that affect the file mode, 5122 like fsGroup, and the result can be 5123 other mode bits set.' 5124 format: int32 5125 type: integer 5126 path: 5127 description: The relative path of the 5128 file to map the key to. May not be 5129 an absolute path. May not contain 5130 the path element '..'. May not start 5131 with the string '..'. 5132 type: string 5133 required: 5134 - key 5135 - path 5136 type: object 5137 type: array 5138 name: 5139 description: 'Name of the referent. More info: 5140 https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 5141 TODO: Add other useful fields. apiVersion, 5142 kind, uid?' 5143 type: string 5144 optional: 5145 description: Specify whether the ConfigMap 5146 or its keys must be defined 5147 type: boolean 5148 type: object 5149 downwardAPI: 5150 description: information about the downwardAPI 5151 data to project 5152 properties: 5153 items: 5154 description: Items is a list of DownwardAPIVolume 5155 file 5156 items: 5157 description: DownwardAPIVolumeFile represents 5158 information to create the file containing 5159 the pod field 5160 properties: 5161 fieldRef: 5162 description: 'Required: Selects a field 5163 of the pod: only annotations, labels, 5164 name and namespace are supported.' 5165 properties: 5166 apiVersion: 5167 description: Version of the schema 5168 the FieldPath is written in terms 5169 of, defaults to "v1". 5170 type: string 5171 fieldPath: 5172 description: Path of the field to 5173 select in the specified API version. 5174 type: string 5175 required: 5176 - fieldPath 5177 type: object 5178 mode: 5179 description: 'Optional: mode bits used 5180 to set permissions on this file, must 5181 be an octal value between 0000 and 5182 0777 or a decimal value between 0 5183 and 511. YAML accepts both octal and 5184 decimal values, JSON requires decimal 5185 values for mode bits. If not specified, 5186 the volume defaultMode will be used. 5187 This might be in conflict with other 5188 options that affect the file mode, 5189 like fsGroup, and the result can be 5190 other mode bits set.' 5191 format: int32 5192 type: integer 5193 path: 5194 description: 'Required: Path is the 5195 relative path name of the file to 5196 be created. Must not be absolute or 5197 contain the ''..'' path. Must be utf-8 5198 encoded. The first item of the relative 5199 path must not start with ''..''' 5200 type: string 5201 resourceFieldRef: 5202 description: 'Selects a resource of 5203 the container: only resources limits 5204 and requests (limits.cpu, limits.memory, 5205 requests.cpu and requests.memory) 5206 are currently supported.' 5207 properties: 5208 containerName: 5209 description: 'Container name: required 5210 for volumes, optional for env 5211 vars' 5212 type: string 5213 divisor: 5214 anyOf: 5215 - type: integer 5216 - type: string 5217 description: Specifies the output 5218 format of the exposed resources, 5219 defaults to "1" 5220 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 5221 x-kubernetes-int-or-string: true 5222 resource: 5223 description: 'Required: resource 5224 to select' 5225 type: string 5226 required: 5227 - resource 5228 type: object 5229 required: 5230 - path 5231 type: object 5232 type: array 5233 type: object 5234 secret: 5235 description: information about the secret data 5236 to project 5237 properties: 5238 items: 5239 description: If unspecified, each key-value 5240 pair in the Data field of the referenced 5241 Secret will be projected into the volume 5242 as a file whose name is the key and content 5243 is the value. If specified, the listed keys 5244 will be projected into the specified paths, 5245 and unlisted keys will not be present. If 5246 a key is specified which is not present 5247 in the Secret, the volume setup will error 5248 unless it is marked optional. Paths must 5249 be relative and may not contain the '..' 5250 path or start with '..'. 5251 items: 5252 description: Maps a string key to a path 5253 within a volume. 5254 properties: 5255 key: 5256 description: The key to project. 5257 type: string 5258 mode: 5259 description: 'Optional: mode bits used 5260 to set permissions on this file. Must 5261 be an octal value between 0000 and 5262 0777 or a decimal value between 0 5263 and 511. YAML accepts both octal and 5264 decimal values, JSON requires decimal 5265 values for mode bits. If not specified, 5266 the volume defaultMode will be used. 5267 This might be in conflict with other 5268 options that affect the file mode, 5269 like fsGroup, and the result can be 5270 other mode bits set.' 5271 format: int32 5272 type: integer 5273 path: 5274 description: The relative path of the 5275 file to map the key to. May not be 5276 an absolute path. May not contain 5277 the path element '..'. May not start 5278 with the string '..'. 5279 type: string 5280 required: 5281 - key 5282 - path 5283 type: object 5284 type: array 5285 name: 5286 description: 'Name of the referent. More info: 5287 https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 5288 TODO: Add other useful fields. apiVersion, 5289 kind, uid?' 5290 type: string 5291 optional: 5292 description: Specify whether the Secret or 5293 its key must be defined 5294 type: boolean 5295 type: object 5296 serviceAccountToken: 5297 description: information about the serviceAccountToken 5298 data to project 5299 properties: 5300 audience: 5301 description: Audience is the intended audience 5302 of the token. A recipient of a token must 5303 identify itself with an identifier specified 5304 in the audience of the token, and otherwise 5305 should reject the token. The audience defaults 5306 to the identifier of the apiserver. 5307 type: string 5308 expirationSeconds: 5309 description: ExpirationSeconds is the requested 5310 duration of validity of the service account 5311 token. As the token approaches expiration, 5312 the kubelet volume plugin will proactively 5313 rotate the service account token. The kubelet 5314 will start trying to rotate the token if 5315 the token is older than 80 percent of its 5316 time to live or if the token is older than 5317 24 hours.Defaults to 1 hour and must be 5318 at least 10 minutes. 5319 format: int64 5320 type: integer 5321 path: 5322 description: Path is the path relative to 5323 the mount point of the file to project the 5324 token into. 5325 type: string 5326 required: 5327 - path 5328 type: object 5329 type: object 5330 type: array 5331 type: object 5332 quobyte: 5333 description: Quobyte represents a Quobyte mount on the host 5334 that shares a pod's lifetime 5335 properties: 5336 group: 5337 description: Group to map volume access to Default is 5338 no group 5339 type: string 5340 readOnly: 5341 description: ReadOnly here will force the Quobyte volume 5342 to be mounted with read-only permissions. Defaults 5343 to false. 5344 type: boolean 5345 registry: 5346 description: Registry represents a single or multiple 5347 Quobyte Registry services specified as a string as 5348 host:port pair (multiple entries are separated with 5349 commas) which acts as the central registry for volumes 5350 type: string 5351 tenant: 5352 description: Tenant owning the given Quobyte volume 5353 in the Backend Used with dynamically provisioned Quobyte 5354 volumes, value is set by the plugin 5355 type: string 5356 user: 5357 description: User to map volume access to Defaults to 5358 serivceaccount user 5359 type: string 5360 volume: 5361 description: Volume is a string that references an already 5362 created Quobyte volume by name. 5363 type: string 5364 required: 5365 - registry 5366 - volume 5367 type: object 5368 rbd: 5369 description: 'RBD represents a Rados Block Device mount 5370 on the host that shares a pod''s lifetime. More info: 5371 https://examples.k8s.io/volumes/rbd/README.md' 5372 properties: 5373 fsType: 5374 description: 'Filesystem type of the volume that you 5375 want to mount. Tip: Ensure that the filesystem type 5376 is supported by the host operating system. Examples: 5377 "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" 5378 if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#rbd 5379 TODO: how do we prevent errors in the filesystem from 5380 compromising the machine' 5381 type: string 5382 image: 5383 description: 'The rados image name. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' 5384 type: string 5385 keyring: 5386 description: 'Keyring is the path to key ring for RBDUser. 5387 Default is /etc/ceph/keyring. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' 5388 type: string 5389 monitors: 5390 description: 'A collection of Ceph monitors. More info: 5391 https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' 5392 items: 5393 type: string 5394 type: array 5395 pool: 5396 description: 'The rados pool name. Default is rbd. More 5397 info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' 5398 type: string 5399 readOnly: 5400 description: 'ReadOnly here will force the ReadOnly 5401 setting in VolumeMounts. Defaults to false. More info: 5402 https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' 5403 type: boolean 5404 secretRef: 5405 description: 'SecretRef is name of the authentication 5406 secret for RBDUser. If provided overrides keyring. 5407 Default is nil. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' 5408 properties: 5409 name: 5410 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 5411 TODO: Add other useful fields. apiVersion, kind, 5412 uid?' 5413 type: string 5414 type: object 5415 user: 5416 description: 'The rados user name. Default is admin. 5417 More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' 5418 type: string 5419 required: 5420 - image 5421 - monitors 5422 type: object 5423 scaleIO: 5424 description: ScaleIO represents a ScaleIO persistent volume 5425 attached and mounted on Kubernetes nodes. 5426 properties: 5427 fsType: 5428 description: Filesystem type to mount. Must be a filesystem 5429 type supported by the host operating system. Ex. "ext4", 5430 "xfs", "ntfs". Default is "xfs". 5431 type: string 5432 gateway: 5433 description: The host address of the ScaleIO API Gateway. 5434 type: string 5435 protectionDomain: 5436 description: The name of the ScaleIO Protection Domain 5437 for the configured storage. 5438 type: string 5439 readOnly: 5440 description: Defaults to false (read/write). ReadOnly 5441 here will force the ReadOnly setting in VolumeMounts. 5442 type: boolean 5443 secretRef: 5444 description: SecretRef references to the secret for 5445 ScaleIO user and other sensitive information. If this 5446 is not provided, Login operation will fail. 5447 properties: 5448 name: 5449 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 5450 TODO: Add other useful fields. apiVersion, kind, 5451 uid?' 5452 type: string 5453 type: object 5454 sslEnabled: 5455 description: Flag to enable/disable SSL communication 5456 with Gateway, default false 5457 type: boolean 5458 storageMode: 5459 description: Indicates whether the storage for a volume 5460 should be ThickProvisioned or ThinProvisioned. Default 5461 is ThinProvisioned. 5462 type: string 5463 storagePool: 5464 description: The ScaleIO Storage Pool associated with 5465 the protection domain. 5466 type: string 5467 system: 5468 description: The name of the storage system as configured 5469 in ScaleIO. 5470 type: string 5471 volumeName: 5472 description: The name of a volume already created in 5473 the ScaleIO system that is associated with this volume 5474 source. 5475 type: string 5476 required: 5477 - gateway 5478 - secretRef 5479 - system 5480 type: object 5481 secret: 5482 description: 'Secret represents a secret that should populate 5483 this volume. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret' 5484 properties: 5485 defaultMode: 5486 description: 'Optional: mode bits used to set permissions 5487 on created files by default. Must be an octal value 5488 between 0000 and 0777 or a decimal value between 0 5489 and 511. YAML accepts both octal and decimal values, 5490 JSON requires decimal values for mode bits. Defaults 5491 to 0644. Directories within the path are not affected 5492 by this setting. This might be in conflict with other 5493 options that affect the file mode, like fsGroup, and 5494 the result can be other mode bits set.' 5495 format: int32 5496 type: integer 5497 items: 5498 description: If unspecified, each key-value pair in 5499 the Data field of the referenced Secret will be projected 5500 into the volume as a file whose name is the key and 5501 content is the value. If specified, the listed keys 5502 will be projected into the specified paths, and unlisted 5503 keys will not be present. If a key is specified which 5504 is not present in the Secret, the volume setup will 5505 error unless it is marked optional. Paths must be 5506 relative and may not contain the '..' path or start 5507 with '..'. 5508 items: 5509 description: Maps a string key to a path within a 5510 volume. 5511 properties: 5512 key: 5513 description: The key to project. 5514 type: string 5515 mode: 5516 description: 'Optional: mode bits used to set 5517 permissions on this file. Must be an octal value 5518 between 0000 and 0777 or a decimal value between 5519 0 and 511. YAML accepts both octal and decimal 5520 values, JSON requires decimal values for mode 5521 bits. If not specified, the volume defaultMode 5522 will be used. This might be in conflict with 5523 other options that affect the file mode, like 5524 fsGroup, and the result can be other mode bits 5525 set.' 5526 format: int32 5527 type: integer 5528 path: 5529 description: The relative path of the file to 5530 map the key to. May not be an absolute path. 5531 May not contain the path element '..'. May not 5532 start with the string '..'. 5533 type: string 5534 required: 5535 - key 5536 - path 5537 type: object 5538 type: array 5539 optional: 5540 description: Specify whether the Secret or its keys 5541 must be defined 5542 type: boolean 5543 secretName: 5544 description: 'Name of the secret in the pod''s namespace 5545 to use. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret' 5546 type: string 5547 type: object 5548 storageos: 5549 description: StorageOS represents a StorageOS volume attached 5550 and mounted on Kubernetes nodes. 5551 properties: 5552 fsType: 5553 description: Filesystem type to mount. Must be a filesystem 5554 type supported by the host operating system. Ex. "ext4", 5555 "xfs", "ntfs". Implicitly inferred to be "ext4" if 5556 unspecified. 5557 type: string 5558 readOnly: 5559 description: Defaults to false (read/write). ReadOnly 5560 here will force the ReadOnly setting in VolumeMounts. 5561 type: boolean 5562 secretRef: 5563 description: SecretRef specifies the secret to use for 5564 obtaining the StorageOS API credentials. If not specified, 5565 default values will be attempted. 5566 properties: 5567 name: 5568 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 5569 TODO: Add other useful fields. apiVersion, kind, 5570 uid?' 5571 type: string 5572 type: object 5573 volumeName: 5574 description: VolumeName is the human-readable name of 5575 the StorageOS volume. Volume names are only unique 5576 within a namespace. 5577 type: string 5578 volumeNamespace: 5579 description: VolumeNamespace specifies the scope of 5580 the volume within StorageOS. If no namespace is specified 5581 then the Pod's namespace will be used. This allows 5582 the Kubernetes name scoping to be mirrored within 5583 StorageOS for tighter integration. Set VolumeName 5584 to any name to override the default behaviour. Set 5585 to "default" if you are not using namespaces within 5586 StorageOS. Namespaces that do not pre-exist within 5587 StorageOS will be created. 5588 type: string 5589 type: object 5590 vsphereVolume: 5591 description: VsphereVolume represents a vSphere volume attached 5592 and mounted on kubelets host machine 5593 properties: 5594 fsType: 5595 description: Filesystem type to mount. Must be a filesystem 5596 type supported by the host operating system. Ex. "ext4", 5597 "xfs", "ntfs". Implicitly inferred to be "ext4" if 5598 unspecified. 5599 type: string 5600 storagePolicyID: 5601 description: Storage Policy Based Management (SPBM) 5602 profile ID associated with the StoragePolicyName. 5603 type: string 5604 storagePolicyName: 5605 description: Storage Policy Based Management (SPBM) 5606 profile name. 5607 type: string 5608 volumePath: 5609 description: Path that identifies vSphere volume vmdk 5610 type: string 5611 required: 5612 - volumePath 5613 type: object 5614 required: 5615 - name 5616 type: object 5617 type: array 5618 type: object 5619 repositoryCredentials: 5620 description: RepositoryCredentials are the Git pull credentials to 5621 configure Argo CD with upon creation of the cluster. 5622 type: string 5623 resourceActions: 5624 description: ResourceActions customizes resource action behavior. 5625 items: 5626 description: Resource Customization for custom action 5627 properties: 5628 action: 5629 type: string 5630 group: 5631 type: string 5632 kind: 5633 type: string 5634 type: object 5635 type: array 5636 resourceCustomizations: 5637 description: 'ResourceCustomizations customizes resource behavior. 5638 Keys are in the form: group/Kind. Please note that this is being 5639 deprecated in favor of ResourceHealthChecks, ResourceIgnoreDifferences, 5640 and ResourceActions.' 5641 type: string 5642 resourceExclusions: 5643 description: ResourceExclusions is used to completely ignore entire 5644 classes of resource group/kinds. 5645 type: string 5646 resourceHealthChecks: 5647 description: ResourceHealthChecks customizes resource health check 5648 behavior. 5649 items: 5650 description: Resource Customization for custom health check 5651 properties: 5652 check: 5653 type: string 5654 group: 5655 type: string 5656 kind: 5657 type: string 5658 type: object 5659 type: array 5660 resourceIgnoreDifferences: 5661 description: ResourceIgnoreDifferences customizes resource ignore 5662 difference behavior. 5663 properties: 5664 all: 5665 properties: 5666 jqPathExpressions: 5667 items: 5668 type: string 5669 type: array 5670 jsonPointers: 5671 items: 5672 type: string 5673 type: array 5674 managedFieldsManagers: 5675 items: 5676 type: string 5677 type: array 5678 type: object 5679 resourceIdentifiers: 5680 items: 5681 description: Resource Customization fields for ignore difference 5682 properties: 5683 customization: 5684 properties: 5685 jqPathExpressions: 5686 items: 5687 type: string 5688 type: array 5689 jsonPointers: 5690 items: 5691 type: string 5692 type: array 5693 managedFieldsManagers: 5694 items: 5695 type: string 5696 type: array 5697 type: object 5698 group: 5699 type: string 5700 kind: 5701 type: string 5702 type: object 5703 type: array 5704 type: object 5705 resourceInclusions: 5706 description: ResourceInclusions is used to only include specific group/kinds 5707 in the reconciliation process. 5708 type: string 5709 resourceTrackingMethod: 5710 description: ResourceTrackingMethod defines how Argo CD should track 5711 resources that it manages 5712 type: string 5713 server: 5714 description: Server defines the options for the ArgoCD Server component. 5715 properties: 5716 autoscale: 5717 description: Autoscale defines the autoscale options for the Argo 5718 CD Server component. 5719 properties: 5720 enabled: 5721 description: Enabled will toggle autoscaling support for the 5722 Argo CD Server component. 5723 type: boolean 5724 hpa: 5725 description: HPA defines the HorizontalPodAutoscaler options 5726 for the Argo CD Server component. 5727 properties: 5728 maxReplicas: 5729 description: upper limit for the number of pods that can 5730 be set by the autoscaler; cannot be smaller than MinReplicas. 5731 format: int32 5732 type: integer 5733 minReplicas: 5734 description: minReplicas is the lower limit for the number 5735 of replicas to which the autoscaler can scale down. It 5736 defaults to 1 pod. minReplicas is allowed to be 0 if 5737 the alpha feature gate HPAScaleToZero is enabled and 5738 at least one Object or External metric is configured. Scaling 5739 is active as long as at least one metric value is available. 5740 format: int32 5741 type: integer 5742 scaleTargetRef: 5743 description: reference to scaled resource; horizontal 5744 pod autoscaler will learn the current resource consumption 5745 and will set the desired number of pods by using its 5746 Scale subresource. 5747 properties: 5748 apiVersion: 5749 description: API version of the referent 5750 type: string 5751 kind: 5752 description: 'Kind of the referent; More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds"' 5753 type: string 5754 name: 5755 description: 'Name of the referent; More info: http://kubernetes.io/docs/user-guide/identifiers#names' 5756 type: string 5757 required: 5758 - kind 5759 - name 5760 type: object 5761 targetCPUUtilizationPercentage: 5762 description: target average CPU utilization (represented 5763 as a percentage of requested CPU) over all the pods; 5764 if not specified the default autoscaling policy will 5765 be used. 5766 format: int32 5767 type: integer 5768 required: 5769 - maxReplicas 5770 - scaleTargetRef 5771 type: object 5772 required: 5773 - enabled 5774 type: object 5775 env: 5776 description: Env lets you specify environment for API server pods 5777 items: 5778 description: EnvVar represents an environment variable present 5779 in a Container. 5780 properties: 5781 name: 5782 description: Name of the environment variable. Must be a 5783 C_IDENTIFIER. 5784 type: string 5785 value: 5786 description: 'Variable references $(VAR_NAME) are expanded 5787 using the previously defined environment variables in 5788 the container and any service environment variables. If 5789 a variable cannot be resolved, the reference in the input 5790 string will be unchanged. Double $$ are reduced to a single 5791 $, which allows for escaping the $(VAR_NAME) syntax: i.e. 5792 "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". 5793 Escaped references will never be expanded, regardless 5794 of whether the variable exists or not. Defaults to "".' 5795 type: string 5796 valueFrom: 5797 description: Source for the environment variable's value. 5798 Cannot be used if value is not empty. 5799 properties: 5800 configMapKeyRef: 5801 description: Selects a key of a ConfigMap. 5802 properties: 5803 key: 5804 description: The key to select. 5805 type: string 5806 name: 5807 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 5808 TODO: Add other useful fields. apiVersion, kind, 5809 uid?' 5810 type: string 5811 optional: 5812 description: Specify whether the ConfigMap or its 5813 key must be defined 5814 type: boolean 5815 required: 5816 - key 5817 type: object 5818 fieldRef: 5819 description: 'Selects a field of the pod: supports metadata.name, 5820 metadata.namespace, `metadata.labels[''<KEY>'']`, 5821 `metadata.annotations[''<KEY>'']`, spec.nodeName, 5822 spec.serviceAccountName, status.hostIP, status.podIP, 5823 status.podIPs.' 5824 properties: 5825 apiVersion: 5826 description: Version of the schema the FieldPath 5827 is written in terms of, defaults to "v1". 5828 type: string 5829 fieldPath: 5830 description: Path of the field to select in the 5831 specified API version. 5832 type: string 5833 required: 5834 - fieldPath 5835 type: object 5836 resourceFieldRef: 5837 description: 'Selects a resource of the container: only 5838 resources limits and requests (limits.cpu, limits.memory, 5839 limits.ephemeral-storage, requests.cpu, requests.memory 5840 and requests.ephemeral-storage) are currently supported.' 5841 properties: 5842 containerName: 5843 description: 'Container name: required for volumes, 5844 optional for env vars' 5845 type: string 5846 divisor: 5847 anyOf: 5848 - type: integer 5849 - type: string 5850 description: Specifies the output format of the 5851 exposed resources, defaults to "1" 5852 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 5853 x-kubernetes-int-or-string: true 5854 resource: 5855 description: 'Required: resource to select' 5856 type: string 5857 required: 5858 - resource 5859 type: object 5860 secretKeyRef: 5861 description: Selects a key of a secret in the pod's 5862 namespace 5863 properties: 5864 key: 5865 description: The key of the secret to select from. Must 5866 be a valid secret key. 5867 type: string 5868 name: 5869 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 5870 TODO: Add other useful fields. apiVersion, kind, 5871 uid?' 5872 type: string 5873 optional: 5874 description: Specify whether the Secret or its key 5875 must be defined 5876 type: boolean 5877 required: 5878 - key 5879 type: object 5880 type: object 5881 required: 5882 - name 5883 type: object 5884 type: array 5885 extraCommandArgs: 5886 description: Extra Command arguments that would append to the 5887 Argo CD server command. ExtraCommandArgs will not be added, 5888 if one of these commands is already part of the server command 5889 with same or different value. 5890 items: 5891 type: string 5892 type: array 5893 grpc: 5894 description: GRPC defines the state for the Argo CD Server GRPC 5895 options. 5896 properties: 5897 host: 5898 description: Host is the hostname to use for Ingress/Route 5899 resources. 5900 type: string 5901 ingress: 5902 description: Ingress defines the desired state for the Argo 5903 CD Server GRPC Ingress. 5904 properties: 5905 annotations: 5906 additionalProperties: 5907 type: string 5908 description: Annotations is the map of annotations to 5909 apply to the Ingress. 5910 type: object 5911 enabled: 5912 description: Enabled will toggle the creation of the Ingress. 5913 type: boolean 5914 ingressClassName: 5915 description: IngressClassName for the Ingress resource. 5916 type: string 5917 path: 5918 description: Path used for the Ingress resource. 5919 type: string 5920 tls: 5921 description: TLS configuration. Currently the Ingress 5922 only supports a single TLS port, 443. If multiple members 5923 of this list specify different hosts, they will be multiplexed 5924 on the same port according to the hostname specified 5925 through the SNI TLS extension, if the ingress controller 5926 fulfilling the ingress supports SNI. 5927 items: 5928 description: IngressTLS describes the transport layer 5929 security associated with an Ingress. 5930 properties: 5931 hosts: 5932 description: Hosts are a list of hosts included 5933 in the TLS certificate. The values in this list 5934 must match the name/s used in the tlsSecret. Defaults 5935 to the wildcard host setting for the loadbalancer 5936 controller fulfilling this Ingress, if left unspecified. 5937 items: 5938 type: string 5939 type: array 5940 x-kubernetes-list-type: atomic 5941 secretName: 5942 description: SecretName is the name of the secret 5943 used to terminate TLS traffic on port 443. Field 5944 is left optional to allow TLS routing based on 5945 SNI hostname alone. If the SNI host in a listener 5946 conflicts with the "Host" header field used by 5947 an IngressRule, the SNI host is used for termination 5948 and value of the Host header is used for routing. 5949 type: string 5950 type: object 5951 type: array 5952 required: 5953 - enabled 5954 type: object 5955 type: object 5956 host: 5957 description: Host is the hostname to use for Ingress/Route resources. 5958 type: string 5959 ingress: 5960 description: Ingress defines the desired state for an Ingress 5961 for the Argo CD Server component. 5962 properties: 5963 annotations: 5964 additionalProperties: 5965 type: string 5966 description: Annotations is the map of annotations to apply 5967 to the Ingress. 5968 type: object 5969 enabled: 5970 description: Enabled will toggle the creation of the Ingress. 5971 type: boolean 5972 ingressClassName: 5973 description: IngressClassName for the Ingress resource. 5974 type: string 5975 path: 5976 description: Path used for the Ingress resource. 5977 type: string 5978 tls: 5979 description: TLS configuration. Currently the Ingress only 5980 supports a single TLS port, 443. If multiple members of 5981 this list specify different hosts, they will be multiplexed 5982 on the same port according to the hostname specified through 5983 the SNI TLS extension, if the ingress controller fulfilling 5984 the ingress supports SNI. 5985 items: 5986 description: IngressTLS describes the transport layer security 5987 associated with an Ingress. 5988 properties: 5989 hosts: 5990 description: Hosts are a list of hosts included in the 5991 TLS certificate. The values in this list must match 5992 the name/s used in the tlsSecret. Defaults to the 5993 wildcard host setting for the loadbalancer controller 5994 fulfilling this Ingress, if left unspecified. 5995 items: 5996 type: string 5997 type: array 5998 x-kubernetes-list-type: atomic 5999 secretName: 6000 description: SecretName is the name of the secret used 6001 to terminate TLS traffic on port 443. Field is left 6002 optional to allow TLS routing based on SNI hostname 6003 alone. If the SNI host in a listener conflicts with 6004 the "Host" header field used by an IngressRule, the 6005 SNI host is used for termination and value of the 6006 Host header is used for routing. 6007 type: string 6008 type: object 6009 type: array 6010 required: 6011 - enabled 6012 type: object 6013 insecure: 6014 description: Insecure toggles the insecure flag. 6015 type: boolean 6016 logFormat: 6017 description: LogFormat refers to the log level to be used by the 6018 ArgoCD Server component. Defaults to ArgoCDDefaultLogFormat 6019 if not configured. Valid options are text or json. 6020 type: string 6021 logLevel: 6022 description: LogLevel refers to the log level to be used by the 6023 ArgoCD Server component. Defaults to ArgoCDDefaultLogLevel if 6024 not set. Valid options are debug, info, error, and warn. 6025 type: string 6026 replicas: 6027 description: Replicas defines the number of replicas for argocd-server. 6028 Default is nil. Value should be greater than or equal to 0. 6029 Value will be ignored if Autoscaler is enabled. 6030 format: int32 6031 type: integer 6032 resources: 6033 description: Resources defines the Compute Resources required 6034 by the container for the Argo CD server component. 6035 properties: 6036 limits: 6037 additionalProperties: 6038 anyOf: 6039 - type: integer 6040 - type: string 6041 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 6042 x-kubernetes-int-or-string: true 6043 description: 'Limits describes the maximum amount of compute 6044 resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' 6045 type: object 6046 requests: 6047 additionalProperties: 6048 anyOf: 6049 - type: integer 6050 - type: string 6051 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 6052 x-kubernetes-int-or-string: true 6053 description: 'Requests describes the minimum amount of compute 6054 resources required. If Requests is omitted for a container, 6055 it defaults to Limits if that is explicitly specified, otherwise 6056 to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' 6057 type: object 6058 type: object 6059 route: 6060 description: Route defines the desired state for an OpenShift 6061 Route for the Argo CD Server component. 6062 properties: 6063 annotations: 6064 additionalProperties: 6065 type: string 6066 description: Annotations is the map of annotations to use 6067 for the Route resource. 6068 type: object 6069 enabled: 6070 description: Enabled will toggle the creation of the OpenShift 6071 Route. 6072 type: boolean 6073 labels: 6074 additionalProperties: 6075 type: string 6076 description: Labels is the map of labels to use for the Route 6077 resource 6078 type: object 6079 path: 6080 description: Path the router watches for, to route traffic 6081 for to the service. 6082 type: string 6083 tls: 6084 description: TLS provides the ability to configure certificates 6085 and termination for the Route. 6086 properties: 6087 caCertificate: 6088 description: caCertificate provides the cert authority 6089 certificate contents 6090 type: string 6091 certificate: 6092 description: certificate provides certificate contents 6093 type: string 6094 destinationCACertificate: 6095 description: destinationCACertificate provides the contents 6096 of the ca certificate of the final destination. When 6097 using reencrypt termination this file should be provided 6098 in order to have routers use it for health checks on 6099 the secure connection. If this field is not specified, 6100 the router may provide its own destination CA and perform 6101 hostname validation using the short service name (service.namespace.svc), 6102 which allows infrastructure generated certificates to 6103 automatically verify. 6104 type: string 6105 insecureEdgeTerminationPolicy: 6106 description: "insecureEdgeTerminationPolicy indicates 6107 the desired behavior for insecure connections to a route. 6108 While each router may make its own decisions on which 6109 ports to expose, this is normally port 80. \n * Allow 6110 - traffic is sent to the server on the insecure port 6111 (default) * Disable - no traffic is allowed on the insecure 6112 port. * Redirect - clients are redirected to the secure 6113 port." 6114 type: string 6115 key: 6116 description: key provides key file contents 6117 type: string 6118 termination: 6119 description: termination indicates termination type. 6120 type: string 6121 required: 6122 - termination 6123 type: object 6124 wildcardPolicy: 6125 description: WildcardPolicy if any for the route. Currently 6126 only 'Subdomain' or 'None' is allowed. 6127 type: string 6128 required: 6129 - enabled 6130 type: object 6131 service: 6132 description: Service defines the options for the Service backing 6133 the ArgoCD Server component. 6134 properties: 6135 type: 6136 description: Type is the ServiceType to use for the Service 6137 resource. 6138 type: string 6139 required: 6140 - type 6141 type: object 6142 type: object 6143 sourceNamespaces: 6144 description: SourceNamespaces defines the namespaces application resources 6145 are allowed to be created in 6146 items: 6147 type: string 6148 type: array 6149 sso: 6150 description: SSO defines the Single Sign-on configuration for Argo 6151 CD 6152 properties: 6153 dex: 6154 description: Dex contains the configuration for Argo CD dex authentication 6155 properties: 6156 config: 6157 description: Config is the dex connector configuration. 6158 type: string 6159 groups: 6160 description: Optional list of required groups a user must 6161 be a member of 6162 items: 6163 type: string 6164 type: array 6165 image: 6166 description: Image is the Dex container image. 6167 type: string 6168 openShiftOAuth: 6169 description: OpenShiftOAuth enables OpenShift OAuth authentication 6170 for the Dex server. 6171 type: boolean 6172 resources: 6173 description: Resources defines the Compute Resources required 6174 by the container for Dex. 6175 properties: 6176 limits: 6177 additionalProperties: 6178 anyOf: 6179 - type: integer 6180 - type: string 6181 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 6182 x-kubernetes-int-or-string: true 6183 description: 'Limits describes the maximum amount of compute 6184 resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' 6185 type: object 6186 requests: 6187 additionalProperties: 6188 anyOf: 6189 - type: integer 6190 - type: string 6191 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 6192 x-kubernetes-int-or-string: true 6193 description: 'Requests describes the minimum amount of 6194 compute resources required. If Requests is omitted for 6195 a container, it defaults to Limits if that is explicitly 6196 specified, otherwise to an implementation-defined value. 6197 More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' 6198 type: object 6199 type: object 6200 version: 6201 description: Version is the Dex container image tag. 6202 type: string 6203 type: object 6204 image: 6205 description: Image is the SSO container image. 6206 type: string 6207 keycloak: 6208 description: Keycloak contains the configuration for Argo CD keycloak 6209 authentication 6210 properties: 6211 image: 6212 description: Image is the Keycloak container image. 6213 type: string 6214 resources: 6215 description: Resources defines the Compute Resources required 6216 by the container for Keycloak. 6217 properties: 6218 limits: 6219 additionalProperties: 6220 anyOf: 6221 - type: integer 6222 - type: string 6223 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 6224 x-kubernetes-int-or-string: true 6225 description: 'Limits describes the maximum amount of compute 6226 resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' 6227 type: object 6228 requests: 6229 additionalProperties: 6230 anyOf: 6231 - type: integer 6232 - type: string 6233 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 6234 x-kubernetes-int-or-string: true 6235 description: 'Requests describes the minimum amount of 6236 compute resources required. If Requests is omitted for 6237 a container, it defaults to Limits if that is explicitly 6238 specified, otherwise to an implementation-defined value. 6239 More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' 6240 type: object 6241 type: object 6242 rootCA: 6243 description: Custom root CA certificate for communicating 6244 with the Keycloak OIDC provider 6245 type: string 6246 verifyTLS: 6247 description: VerifyTLS set to false disables strict TLS validation. 6248 type: boolean 6249 version: 6250 description: Version is the Keycloak container image tag. 6251 type: string 6252 type: object 6253 provider: 6254 description: Provider installs and configures the given SSO Provider 6255 with Argo CD. 6256 type: string 6257 resources: 6258 description: Resources defines the Compute Resources required 6259 by the container for SSO. 6260 properties: 6261 limits: 6262 additionalProperties: 6263 anyOf: 6264 - type: integer 6265 - type: string 6266 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 6267 x-kubernetes-int-or-string: true 6268 description: 'Limits describes the maximum amount of compute 6269 resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' 6270 type: object 6271 requests: 6272 additionalProperties: 6273 anyOf: 6274 - type: integer 6275 - type: string 6276 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 6277 x-kubernetes-int-or-string: true 6278 description: 'Requests describes the minimum amount of compute 6279 resources required. If Requests is omitted for a container, 6280 it defaults to Limits if that is explicitly specified, otherwise 6281 to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' 6282 type: object 6283 type: object 6284 verifyTLS: 6285 description: VerifyTLS set to false disables strict TLS validation. 6286 type: boolean 6287 version: 6288 description: Version is the SSO container image tag. 6289 type: string 6290 type: object 6291 statusBadgeEnabled: 6292 description: StatusBadgeEnabled toggles application status badge feature. 6293 type: boolean 6294 tls: 6295 description: TLS defines the TLS options for ArgoCD. 6296 properties: 6297 ca: 6298 description: CA defines the CA options. 6299 properties: 6300 configMapName: 6301 description: ConfigMapName is the name of the ConfigMap containing 6302 the CA Certificate. 6303 type: string 6304 secretName: 6305 description: SecretName is the name of the Secret containing 6306 the CA Certificate and Key. 6307 type: string 6308 type: object 6309 initialCerts: 6310 additionalProperties: 6311 type: string 6312 description: InitialCerts defines custom TLS certificates upon 6313 creation of the cluster for connecting Git repositories via 6314 HTTPS. 6315 type: object 6316 type: object 6317 usersAnonymousEnabled: 6318 description: UsersAnonymousEnabled toggles anonymous user access. 6319 The anonymous users get default role permissions specified argocd-rbac-cm. 6320 type: boolean 6321 version: 6322 description: Version is the tag to use with the ArgoCD container image 6323 for all ArgoCD components. 6324 type: string 6325 type: object 6326 status: 6327 description: ArgoCDStatus defines the observed state of ArgoCD 6328 properties: 6329 applicationController: 6330 description: 'ApplicationController is a simple, high-level summary 6331 of where the Argo CD application controller component is in its 6332 lifecycle. There are four possible ApplicationController values: 6333 Pending: The Argo CD application controller component has been accepted 6334 by the Kubernetes system, but one or more of the required resources 6335 have not been created. Running: All of the required Pods for the 6336 Argo CD application controller component are in a Ready state. Failed: 6337 At least one of the Argo CD application controller component Pods 6338 had a failure. Unknown: The state of the Argo CD application controller 6339 component could not be obtained.' 6340 type: string 6341 applicationSetController: 6342 description: 'ApplicationSetController is a simple, high-level summary 6343 of where the Argo CD applicationSet controller component is in its 6344 lifecycle. There are four possible ApplicationSetController values: 6345 Pending: The Argo CD applicationSet controller component has been 6346 accepted by the Kubernetes system, but one or more of the required 6347 resources have not been created. Running: All of the required Pods 6348 for the Argo CD applicationSet controller component are in a Ready 6349 state. Failed: At least one of the Argo CD applicationSet controller 6350 component Pods had a failure. Unknown: The state of the Argo CD 6351 applicationSet controller component could not be obtained.' 6352 type: string 6353 dex: 6354 description: 'Dex is a simple, high-level summary of where the Argo 6355 CD Dex component is in its lifecycle. There are four possible dex 6356 values: Pending: The Argo CD Dex component has been accepted by 6357 the Kubernetes system, but one or more of the required resources 6358 have not been created. Running: All of the required Pods for the 6359 Argo CD Dex component are in a Ready state. Failed: At least one 6360 of the Argo CD Dex component Pods had a failure. Unknown: The state 6361 of the Argo CD Dex component could not be obtained.' 6362 type: string 6363 host: 6364 description: Host is the hostname of the Ingress. 6365 type: string 6366 notificationsController: 6367 description: 'NotificationsController is a simple, high-level summary 6368 of where the Argo CD notifications controller component is in its 6369 lifecycle. There are four possible NotificationsController values: 6370 Pending: The Argo CD notifications controller component has been 6371 accepted by the Kubernetes system, but one or more of the required 6372 resources have not been created. Running: All of the required Pods 6373 for the Argo CD notifications controller component are in a Ready 6374 state. Failed: At least one of the Argo CD notifications controller 6375 component Pods had a failure. Unknown: The state of the Argo CD 6376 notifications controller component could not be obtained.' 6377 type: string 6378 phase: 6379 description: 'Phase is a simple, high-level summary of where the ArgoCD 6380 is in its lifecycle. There are four possible phase values: Pending: 6381 The ArgoCD has been accepted by the Kubernetes system, but one or 6382 more of the required resources have not been created. Available: 6383 All of the resources for the ArgoCD are ready. Failed: At least 6384 one resource has experienced a failure. Unknown: The state of the 6385 ArgoCD phase could not be obtained.' 6386 type: string 6387 redis: 6388 description: 'Redis is a simple, high-level summary of where the Argo 6389 CD Redis component is in its lifecycle. There are four possible 6390 redis values: Pending: The Argo CD Redis component has been accepted 6391 by the Kubernetes system, but one or more of the required resources 6392 have not been created. Running: All of the required Pods for the 6393 Argo CD Redis component are in a Ready state. Failed: At least one 6394 of the Argo CD Redis component Pods had a failure. Unknown: The 6395 state of the Argo CD Redis component could not be obtained.' 6396 type: string 6397 redisTLSChecksum: 6398 description: RedisTLSChecksum contains the SHA256 checksum of the 6399 latest known state of tls.crt and tls.key in the argocd-operator-redis-tls 6400 secret. 6401 type: string 6402 repo: 6403 description: 'Repo is a simple, high-level summary of where the Argo 6404 CD Repo component is in its lifecycle. There are four possible repo 6405 values: Pending: The Argo CD Repo component has been accepted by 6406 the Kubernetes system, but one or more of the required resources 6407 have not been created. Running: All of the required Pods for the 6408 Argo CD Repo component are in a Ready state. Failed: At least one 6409 of the Argo CD Repo component Pods had a failure. Unknown: The 6410 state of the Argo CD Repo component could not be obtained.' 6411 type: string 6412 repoTLSChecksum: 6413 description: RepoTLSChecksum contains the SHA256 checksum of the latest 6414 known state of tls.crt and tls.key in the argocd-repo-server-tls 6415 secret. 6416 type: string 6417 server: 6418 description: 'Server is a simple, high-level summary of where the 6419 Argo CD server component is in its lifecycle. There are four possible 6420 server values: Pending: The Argo CD server component has been accepted 6421 by the Kubernetes system, but one or more of the required resources 6422 have not been created. Running: All of the required Pods for the 6423 Argo CD server component are in a Ready state. Failed: At least 6424 one of the Argo CD server component Pods had a failure. Unknown: 6425 The state of the Argo CD server component could not be obtained.' 6426 type: string 6427 ssoConfig: 6428 description: 'SSOConfig defines the status of SSO configuration. Success: 6429 Only one SSO provider is configured in CR. Failed: SSO configuration 6430 is illegal or more than one SSO providers are configured in CR. 6431 Unknown: The SSO configuration could not be obtained.' 6432 type: string 6433 type: object 6434 type: object 6435 served: true 6436 storage: true 6437 subresources: 6438 status: {} 6439 status: 6440 acceptedNames: 6441 kind: "" 6442 plural: "" 6443 conditions: [] 6444 storedVersions: []