github.com/argoproj-labs/argocd-operator@v0.10.0/deploy/olm-catalog/argocd-operator/0.8.0/argoproj.io_argocds.yaml (about) 1 apiVersion: apiextensions.k8s.io/v1 2 kind: CustomResourceDefinition 3 metadata: 4 annotations: 5 controller-gen.kubebuilder.io/version: v0.6.1 6 creationTimestamp: null 7 name: argocds.argoproj.io 8 spec: 9 conversion: 10 strategy: Webhook 11 webhook: 12 clientConfig: 13 service: 14 name: argocd-operator-webhook-service 15 namespace: argocd-operator-system 16 path: /convert 17 conversionReviewVersions: 18 - v1alpha1 19 - v1beta1 20 group: argoproj.io 21 names: 22 kind: ArgoCD 23 listKind: ArgoCDList 24 plural: argocds 25 singular: argocd 26 scope: Namespaced 27 versions: 28 - deprecated: true 29 deprecationWarning: ArgoCD v1alpha1 version is deprecated and will be converted 30 to v1beta1 automatically. Moving forward, please use v1beta1 as the ArgoCD API 31 version. 32 name: v1alpha1 33 schema: 34 openAPIV3Schema: 35 description: ArgoCD is the Schema for the argocds API 36 properties: 37 apiVersion: 38 description: 'APIVersion defines the versioned schema of this representation 39 of an object. Servers should convert recognized schemas to the latest 40 internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' 41 type: string 42 kind: 43 description: 'Kind is a string value representing the REST resource this 44 object represents. Servers may infer this from the endpoint the client 45 submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' 46 type: string 47 metadata: 48 type: object 49 spec: 50 description: ArgoCDSpec defines the desired state of ArgoCD 51 properties: 52 applicationInstanceLabelKey: 53 description: ApplicationInstanceLabelKey is the key name where Argo 54 CD injects the app name as a tracking label. 55 type: string 56 applicationSet: 57 description: ArgoCDApplicationSet defines whether the Argo CD ApplicationSet 58 controller should be installed. 59 properties: 60 env: 61 description: Env lets you specify environment for applicationSet 62 controller pods 63 items: 64 description: EnvVar represents an environment variable present 65 in a Container. 66 properties: 67 name: 68 description: Name of the environment variable. Must be a 69 C_IDENTIFIER. 70 type: string 71 value: 72 description: 'Variable references $(VAR_NAME) are expanded 73 using the previously defined environment variables in 74 the container and any service environment variables. If 75 a variable cannot be resolved, the reference in the input 76 string will be unchanged. Double $$ are reduced to a single 77 $, which allows for escaping the $(VAR_NAME) syntax: i.e. 78 "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". 79 Escaped references will never be expanded, regardless 80 of whether the variable exists or not. Defaults to "".' 81 type: string 82 valueFrom: 83 description: Source for the environment variable's value. 84 Cannot be used if value is not empty. 85 properties: 86 configMapKeyRef: 87 description: Selects a key of a ConfigMap. 88 properties: 89 key: 90 description: The key to select. 91 type: string 92 name: 93 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 94 TODO: Add other useful fields. apiVersion, kind, 95 uid?' 96 type: string 97 optional: 98 description: Specify whether the ConfigMap or its 99 key must be defined 100 type: boolean 101 required: 102 - key 103 type: object 104 fieldRef: 105 description: 'Selects a field of the pod: supports metadata.name, 106 metadata.namespace, `metadata.labels[''<KEY>'']`, 107 `metadata.annotations[''<KEY>'']`, spec.nodeName, 108 spec.serviceAccountName, status.hostIP, status.podIP, 109 status.podIPs.' 110 properties: 111 apiVersion: 112 description: Version of the schema the FieldPath 113 is written in terms of, defaults to "v1". 114 type: string 115 fieldPath: 116 description: Path of the field to select in the 117 specified API version. 118 type: string 119 required: 120 - fieldPath 121 type: object 122 resourceFieldRef: 123 description: 'Selects a resource of the container: only 124 resources limits and requests (limits.cpu, limits.memory, 125 limits.ephemeral-storage, requests.cpu, requests.memory 126 and requests.ephemeral-storage) are currently supported.' 127 properties: 128 containerName: 129 description: 'Container name: required for volumes, 130 optional for env vars' 131 type: string 132 divisor: 133 anyOf: 134 - type: integer 135 - type: string 136 description: Specifies the output format of the 137 exposed resources, defaults to "1" 138 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 139 x-kubernetes-int-or-string: true 140 resource: 141 description: 'Required: resource to select' 142 type: string 143 required: 144 - resource 145 type: object 146 secretKeyRef: 147 description: Selects a key of a secret in the pod's 148 namespace 149 properties: 150 key: 151 description: The key of the secret to select from. Must 152 be a valid secret key. 153 type: string 154 name: 155 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 156 TODO: Add other useful fields. apiVersion, kind, 157 uid?' 158 type: string 159 optional: 160 description: Specify whether the Secret or its key 161 must be defined 162 type: boolean 163 required: 164 - key 165 type: object 166 type: object 167 required: 168 - name 169 type: object 170 type: array 171 extraCommandArgs: 172 description: ExtraCommandArgs allows users to pass command line 173 arguments to ApplicationSet controller. They get added to default 174 command line arguments provided by the operator. Please note 175 that the command line arguments provided as part of ExtraCommandArgs 176 will not overwrite the default command line arguments. 177 items: 178 type: string 179 type: array 180 image: 181 description: Image is the Argo CD ApplicationSet image (optional) 182 type: string 183 logLevel: 184 description: LogLevel describes the log level that should be used 185 by the ApplicationSet controller. Defaults to ArgoCDDefaultLogLevel 186 if not set. Valid options are debug,info, error, and warn. 187 type: string 188 resources: 189 description: Resources defines the Compute Resources required 190 by the container for ApplicationSet. 191 properties: 192 claims: 193 description: "Claims lists the names of resources, defined 194 in spec.resourceClaims, that are used by this container. 195 \n This is an alpha field and requires enabling the DynamicResourceAllocation 196 feature gate. \n This field is immutable. It can only be 197 set for containers." 198 items: 199 description: ResourceClaim references one entry in PodSpec.ResourceClaims. 200 properties: 201 name: 202 description: Name must match the name of one entry in 203 pod.spec.resourceClaims of the Pod where this field 204 is used. It makes that resource available inside a 205 container. 206 type: string 207 required: 208 - name 209 type: object 210 type: array 211 x-kubernetes-list-map-keys: 212 - name 213 x-kubernetes-list-type: map 214 limits: 215 additionalProperties: 216 anyOf: 217 - type: integer 218 - type: string 219 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 220 x-kubernetes-int-or-string: true 221 description: 'Limits describes the maximum amount of compute 222 resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' 223 type: object 224 requests: 225 additionalProperties: 226 anyOf: 227 - type: integer 228 - type: string 229 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 230 x-kubernetes-int-or-string: true 231 description: 'Requests describes the minimum amount of compute 232 resources required. If Requests is omitted for a container, 233 it defaults to Limits if that is explicitly specified, otherwise 234 to an implementation-defined value. Requests cannot exceed 235 Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' 236 type: object 237 type: object 238 version: 239 description: Version is the Argo CD ApplicationSet image tag. 240 (optional) 241 type: string 242 webhookServer: 243 description: WebhookServerSpec defines the options for the ApplicationSet 244 Webhook Server component. 245 properties: 246 host: 247 description: Host is the hostname to use for Ingress/Route 248 resources. 249 type: string 250 ingress: 251 description: Ingress defines the desired state for an Ingress 252 for the Application set webhook component. 253 properties: 254 annotations: 255 additionalProperties: 256 type: string 257 description: Annotations is the map of annotations to 258 apply to the Ingress. 259 type: object 260 enabled: 261 description: Enabled will toggle the creation of the Ingress. 262 type: boolean 263 ingressClassName: 264 description: IngressClassName for the Ingress resource. 265 type: string 266 path: 267 description: Path used for the Ingress resource. 268 type: string 269 tls: 270 description: TLS configuration. Currently the Ingress 271 only supports a single TLS port, 443. If multiple members 272 of this list specify different hosts, they will be multiplexed 273 on the same port according to the hostname specified 274 through the SNI TLS extension, if the ingress controller 275 fulfilling the ingress supports SNI. 276 items: 277 description: IngressTLS describes the transport layer 278 security associated with an ingress. 279 properties: 280 hosts: 281 description: hosts is a list of hosts included in 282 the TLS certificate. The values in this list must 283 match the name/s used in the tlsSecret. Defaults 284 to the wildcard host setting for the loadbalancer 285 controller fulfilling this Ingress, if left unspecified. 286 items: 287 type: string 288 type: array 289 x-kubernetes-list-type: atomic 290 secretName: 291 description: secretName is the name of the secret 292 used to terminate TLS traffic on port 443. Field 293 is left optional to allow TLS routing based on 294 SNI hostname alone. If the SNI host in a listener 295 conflicts with the "Host" header field used by 296 an IngressRule, the SNI host is used for termination 297 and value of the "Host" header is used for routing. 298 type: string 299 type: object 300 type: array 301 required: 302 - enabled 303 type: object 304 route: 305 description: Route defines the desired state for an OpenShift 306 Route for the Application set webhook component. 307 properties: 308 annotations: 309 additionalProperties: 310 type: string 311 description: Annotations is the map of annotations to 312 use for the Route resource. 313 type: object 314 enabled: 315 description: Enabled will toggle the creation of the OpenShift 316 Route. 317 type: boolean 318 labels: 319 additionalProperties: 320 type: string 321 description: Labels is the map of labels to use for the 322 Route resource 323 type: object 324 path: 325 description: Path the router watches for, to route traffic 326 for to the service. 327 type: string 328 tls: 329 description: TLS provides the ability to configure certificates 330 and termination for the Route. 331 properties: 332 caCertificate: 333 description: caCertificate provides the cert authority 334 certificate contents 335 type: string 336 certificate: 337 description: certificate provides certificate contents 338 type: string 339 destinationCACertificate: 340 description: destinationCACertificate provides the 341 contents of the ca certificate of the final destination. When 342 using reencrypt termination this file should be 343 provided in order to have routers use it for health 344 checks on the secure connection. If this field is 345 not specified, the router may provide its own destination 346 CA and perform hostname validation using the short 347 service name (service.namespace.svc), which allows 348 infrastructure generated certificates to automatically 349 verify. 350 type: string 351 insecureEdgeTerminationPolicy: 352 description: "insecureEdgeTerminationPolicy indicates 353 the desired behavior for insecure connections to 354 a route. While each router may make its own decisions 355 on which ports to expose, this is normally port 356 80. \n * Allow - traffic is sent to the server on 357 the insecure port (default) * Disable - no traffic 358 is allowed on the insecure port. * Redirect - clients 359 are redirected to the secure port." 360 type: string 361 key: 362 description: key provides key file contents 363 type: string 364 termination: 365 description: termination indicates termination type. 366 type: string 367 required: 368 - termination 369 type: object 370 wildcardPolicy: 371 description: WildcardPolicy if any for the route. Currently 372 only 'Subdomain' or 'None' is allowed. 373 type: string 374 required: 375 - enabled 376 type: object 377 type: object 378 type: object 379 banner: 380 description: Banner defines an additional banner to be displayed in 381 Argo CD UI 382 properties: 383 content: 384 description: Content defines the banner message content to display 385 type: string 386 url: 387 description: URL defines an optional URL to be used as banner 388 message link 389 type: string 390 required: 391 - content 392 type: object 393 configManagementPlugins: 394 description: ConfigManagementPlugins is used to specify additional 395 config management plugins. 396 type: string 397 controller: 398 description: Controller defines the Application Controller options 399 for ArgoCD. 400 properties: 401 appSync: 402 description: "AppSync is used to control the sync frequency, by 403 default the ArgoCD controller polls Git every 3m. \n Set this 404 to a duration, e.g. 10m or 600s to control the synchronisation 405 frequency." 406 type: string 407 env: 408 description: Env lets you specify environment for application 409 controller pods 410 items: 411 description: EnvVar represents an environment variable present 412 in a Container. 413 properties: 414 name: 415 description: Name of the environment variable. Must be a 416 C_IDENTIFIER. 417 type: string 418 value: 419 description: 'Variable references $(VAR_NAME) are expanded 420 using the previously defined environment variables in 421 the container and any service environment variables. If 422 a variable cannot be resolved, the reference in the input 423 string will be unchanged. Double $$ are reduced to a single 424 $, which allows for escaping the $(VAR_NAME) syntax: i.e. 425 "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". 426 Escaped references will never be expanded, regardless 427 of whether the variable exists or not. Defaults to "".' 428 type: string 429 valueFrom: 430 description: Source for the environment variable's value. 431 Cannot be used if value is not empty. 432 properties: 433 configMapKeyRef: 434 description: Selects a key of a ConfigMap. 435 properties: 436 key: 437 description: The key to select. 438 type: string 439 name: 440 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 441 TODO: Add other useful fields. apiVersion, kind, 442 uid?' 443 type: string 444 optional: 445 description: Specify whether the ConfigMap or its 446 key must be defined 447 type: boolean 448 required: 449 - key 450 type: object 451 fieldRef: 452 description: 'Selects a field of the pod: supports metadata.name, 453 metadata.namespace, `metadata.labels[''<KEY>'']`, 454 `metadata.annotations[''<KEY>'']`, spec.nodeName, 455 spec.serviceAccountName, status.hostIP, status.podIP, 456 status.podIPs.' 457 properties: 458 apiVersion: 459 description: Version of the schema the FieldPath 460 is written in terms of, defaults to "v1". 461 type: string 462 fieldPath: 463 description: Path of the field to select in the 464 specified API version. 465 type: string 466 required: 467 - fieldPath 468 type: object 469 resourceFieldRef: 470 description: 'Selects a resource of the container: only 471 resources limits and requests (limits.cpu, limits.memory, 472 limits.ephemeral-storage, requests.cpu, requests.memory 473 and requests.ephemeral-storage) are currently supported.' 474 properties: 475 containerName: 476 description: 'Container name: required for volumes, 477 optional for env vars' 478 type: string 479 divisor: 480 anyOf: 481 - type: integer 482 - type: string 483 description: Specifies the output format of the 484 exposed resources, defaults to "1" 485 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 486 x-kubernetes-int-or-string: true 487 resource: 488 description: 'Required: resource to select' 489 type: string 490 required: 491 - resource 492 type: object 493 secretKeyRef: 494 description: Selects a key of a secret in the pod's 495 namespace 496 properties: 497 key: 498 description: The key of the secret to select from. Must 499 be a valid secret key. 500 type: string 501 name: 502 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 503 TODO: Add other useful fields. apiVersion, kind, 504 uid?' 505 type: string 506 optional: 507 description: Specify whether the Secret or its key 508 must be defined 509 type: boolean 510 required: 511 - key 512 type: object 513 type: object 514 required: 515 - name 516 type: object 517 type: array 518 logFormat: 519 description: LogFormat refers to the log format used by the Application 520 Controller component. Defaults to ArgoCDDefaultLogFormat if 521 not configured. Valid options are text or json. 522 type: string 523 logLevel: 524 description: LogLevel refers to the log level used by the Application 525 Controller component. Defaults to ArgoCDDefaultLogLevel if not 526 configured. Valid options are debug, info, error, and warn. 527 type: string 528 parallelismLimit: 529 description: ParallelismLimit defines the limit for parallel kubectl 530 operations 531 format: int32 532 type: integer 533 processors: 534 description: Processors contains the options for the Application 535 Controller processors. 536 properties: 537 operation: 538 description: Operation is the number of application operation 539 processors. 540 format: int32 541 type: integer 542 status: 543 description: Status is the number of application status processors. 544 format: int32 545 type: integer 546 type: object 547 resources: 548 description: Resources defines the Compute Resources required 549 by the container for the Application Controller. 550 properties: 551 claims: 552 description: "Claims lists the names of resources, defined 553 in spec.resourceClaims, that are used by this container. 554 \n This is an alpha field and requires enabling the DynamicResourceAllocation 555 feature gate. \n This field is immutable. It can only be 556 set for containers." 557 items: 558 description: ResourceClaim references one entry in PodSpec.ResourceClaims. 559 properties: 560 name: 561 description: Name must match the name of one entry in 562 pod.spec.resourceClaims of the Pod where this field 563 is used. It makes that resource available inside a 564 container. 565 type: string 566 required: 567 - name 568 type: object 569 type: array 570 x-kubernetes-list-map-keys: 571 - name 572 x-kubernetes-list-type: map 573 limits: 574 additionalProperties: 575 anyOf: 576 - type: integer 577 - type: string 578 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 579 x-kubernetes-int-or-string: true 580 description: 'Limits describes the maximum amount of compute 581 resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' 582 type: object 583 requests: 584 additionalProperties: 585 anyOf: 586 - type: integer 587 - type: string 588 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 589 x-kubernetes-int-or-string: true 590 description: 'Requests describes the minimum amount of compute 591 resources required. If Requests is omitted for a container, 592 it defaults to Limits if that is explicitly specified, otherwise 593 to an implementation-defined value. Requests cannot exceed 594 Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' 595 type: object 596 type: object 597 sharding: 598 description: Sharding contains the options for the Application 599 Controller sharding configuration. 600 properties: 601 clustersPerShard: 602 description: ClustersPerShard defines the maximum number of 603 clusters managed by each argocd shard 604 format: int32 605 minimum: 1 606 type: integer 607 dynamicScalingEnabled: 608 description: DynamicScalingEnabled defines whether dynamic 609 scaling should be enabled for Application Controller component 610 type: boolean 611 enabled: 612 description: Enabled defines whether sharding should be enabled 613 on the Application Controller component. 614 type: boolean 615 maxShards: 616 description: MaxShards defines the maximum number of shards 617 at any given point 618 format: int32 619 type: integer 620 minShards: 621 description: MinShards defines the minimum number of shards 622 at any given point 623 format: int32 624 minimum: 1 625 type: integer 626 replicas: 627 description: Replicas defines the number of replicas to run 628 in the Application controller shard. 629 format: int32 630 type: integer 631 type: object 632 type: object 633 dex: 634 description: Deprecated field. Support dropped in v1beta1 version. 635 Dex defines the Dex server options for ArgoCD. 636 properties: 637 config: 638 description: Config is the dex connector configuration. 639 type: string 640 groups: 641 description: Optional list of required groups a user must be a 642 member of 643 items: 644 type: string 645 type: array 646 image: 647 description: Image is the Dex container image. 648 type: string 649 openShiftOAuth: 650 description: OpenShiftOAuth enables OpenShift OAuth authentication 651 for the Dex server. 652 type: boolean 653 resources: 654 description: Resources defines the Compute Resources required 655 by the container for Dex. 656 properties: 657 claims: 658 description: "Claims lists the names of resources, defined 659 in spec.resourceClaims, that are used by this container. 660 \n This is an alpha field and requires enabling the DynamicResourceAllocation 661 feature gate. \n This field is immutable. It can only be 662 set for containers." 663 items: 664 description: ResourceClaim references one entry in PodSpec.ResourceClaims. 665 properties: 666 name: 667 description: Name must match the name of one entry in 668 pod.spec.resourceClaims of the Pod where this field 669 is used. It makes that resource available inside a 670 container. 671 type: string 672 required: 673 - name 674 type: object 675 type: array 676 x-kubernetes-list-map-keys: 677 - name 678 x-kubernetes-list-type: map 679 limits: 680 additionalProperties: 681 anyOf: 682 - type: integer 683 - type: string 684 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 685 x-kubernetes-int-or-string: true 686 description: 'Limits describes the maximum amount of compute 687 resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' 688 type: object 689 requests: 690 additionalProperties: 691 anyOf: 692 - type: integer 693 - type: string 694 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 695 x-kubernetes-int-or-string: true 696 description: 'Requests describes the minimum amount of compute 697 resources required. If Requests is omitted for a container, 698 it defaults to Limits if that is explicitly specified, otherwise 699 to an implementation-defined value. Requests cannot exceed 700 Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' 701 type: object 702 type: object 703 version: 704 description: Version is the Dex container image tag. 705 type: string 706 type: object 707 disableAdmin: 708 description: DisableAdmin will disable the admin user. 709 type: boolean 710 extraConfig: 711 additionalProperties: 712 type: string 713 description: "ExtraConfig can be used to add fields to Argo CD configmap 714 that are not supported by Argo CD CRD. \n Note: ExtraConfig takes 715 precedence over Argo CD CRD. For example, A user sets `argocd.Spec.DisableAdmin` 716 = true and also `a.Spec.ExtraConfig[\"admin.enabled\"]` = true. 717 In this case, operator updates Argo CD Configmap as follows -> argocd-cm.Data[\"admin.enabled\"] 718 = true." 719 type: object 720 gaAnonymizeUsers: 721 description: GAAnonymizeUsers toggles user IDs being hashed before 722 sending to google analytics. 723 type: boolean 724 gaTrackingID: 725 description: GATrackingID is the google analytics tracking ID to use. 726 type: string 727 grafana: 728 description: Grafana defines the Grafana server options for ArgoCD. 729 properties: 730 enabled: 731 description: Enabled will toggle Grafana support globally for 732 ArgoCD. 733 type: boolean 734 host: 735 description: Host is the hostname to use for Ingress/Route resources. 736 type: string 737 image: 738 description: Image is the Grafana container image. 739 type: string 740 ingress: 741 description: Ingress defines the desired state for an Ingress 742 for the Grafana component. 743 properties: 744 annotations: 745 additionalProperties: 746 type: string 747 description: Annotations is the map of annotations to apply 748 to the Ingress. 749 type: object 750 enabled: 751 description: Enabled will toggle the creation of the Ingress. 752 type: boolean 753 ingressClassName: 754 description: IngressClassName for the Ingress resource. 755 type: string 756 path: 757 description: Path used for the Ingress resource. 758 type: string 759 tls: 760 description: TLS configuration. Currently the Ingress only 761 supports a single TLS port, 443. If multiple members of 762 this list specify different hosts, they will be multiplexed 763 on the same port according to the hostname specified through 764 the SNI TLS extension, if the ingress controller fulfilling 765 the ingress supports SNI. 766 items: 767 description: IngressTLS describes the transport layer security 768 associated with an ingress. 769 properties: 770 hosts: 771 description: hosts is a list of hosts included in the 772 TLS certificate. The values in this list must match 773 the name/s used in the tlsSecret. Defaults to the 774 wildcard host setting for the loadbalancer controller 775 fulfilling this Ingress, if left unspecified. 776 items: 777 type: string 778 type: array 779 x-kubernetes-list-type: atomic 780 secretName: 781 description: secretName is the name of the secret used 782 to terminate TLS traffic on port 443. Field is left 783 optional to allow TLS routing based on SNI hostname 784 alone. If the SNI host in a listener conflicts with 785 the "Host" header field used by an IngressRule, the 786 SNI host is used for termination and value of the 787 "Host" header is used for routing. 788 type: string 789 type: object 790 type: array 791 required: 792 - enabled 793 type: object 794 resources: 795 description: Resources defines the Compute Resources required 796 by the container for Grafana. 797 properties: 798 claims: 799 description: "Claims lists the names of resources, defined 800 in spec.resourceClaims, that are used by this container. 801 \n This is an alpha field and requires enabling the DynamicResourceAllocation 802 feature gate. \n This field is immutable. It can only be 803 set for containers." 804 items: 805 description: ResourceClaim references one entry in PodSpec.ResourceClaims. 806 properties: 807 name: 808 description: Name must match the name of one entry in 809 pod.spec.resourceClaims of the Pod where this field 810 is used. It makes that resource available inside a 811 container. 812 type: string 813 required: 814 - name 815 type: object 816 type: array 817 x-kubernetes-list-map-keys: 818 - name 819 x-kubernetes-list-type: map 820 limits: 821 additionalProperties: 822 anyOf: 823 - type: integer 824 - type: string 825 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 826 x-kubernetes-int-or-string: true 827 description: 'Limits describes the maximum amount of compute 828 resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' 829 type: object 830 requests: 831 additionalProperties: 832 anyOf: 833 - type: integer 834 - type: string 835 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 836 x-kubernetes-int-or-string: true 837 description: 'Requests describes the minimum amount of compute 838 resources required. If Requests is omitted for a container, 839 it defaults to Limits if that is explicitly specified, otherwise 840 to an implementation-defined value. Requests cannot exceed 841 Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' 842 type: object 843 type: object 844 route: 845 description: Route defines the desired state for an OpenShift 846 Route for the Grafana component. 847 properties: 848 annotations: 849 additionalProperties: 850 type: string 851 description: Annotations is the map of annotations to use 852 for the Route resource. 853 type: object 854 enabled: 855 description: Enabled will toggle the creation of the OpenShift 856 Route. 857 type: boolean 858 labels: 859 additionalProperties: 860 type: string 861 description: Labels is the map of labels to use for the Route 862 resource 863 type: object 864 path: 865 description: Path the router watches for, to route traffic 866 for to the service. 867 type: string 868 tls: 869 description: TLS provides the ability to configure certificates 870 and termination for the Route. 871 properties: 872 caCertificate: 873 description: caCertificate provides the cert authority 874 certificate contents 875 type: string 876 certificate: 877 description: certificate provides certificate contents 878 type: string 879 destinationCACertificate: 880 description: destinationCACertificate provides the contents 881 of the ca certificate of the final destination. When 882 using reencrypt termination this file should be provided 883 in order to have routers use it for health checks on 884 the secure connection. If this field is not specified, 885 the router may provide its own destination CA and perform 886 hostname validation using the short service name (service.namespace.svc), 887 which allows infrastructure generated certificates to 888 automatically verify. 889 type: string 890 insecureEdgeTerminationPolicy: 891 description: "insecureEdgeTerminationPolicy indicates 892 the desired behavior for insecure connections to a route. 893 While each router may make its own decisions on which 894 ports to expose, this is normally port 80. \n * Allow 895 - traffic is sent to the server on the insecure port 896 (default) * Disable - no traffic is allowed on the insecure 897 port. * Redirect - clients are redirected to the secure 898 port." 899 type: string 900 key: 901 description: key provides key file contents 902 type: string 903 termination: 904 description: termination indicates termination type. 905 type: string 906 required: 907 - termination 908 type: object 909 wildcardPolicy: 910 description: WildcardPolicy if any for the route. Currently 911 only 'Subdomain' or 'None' is allowed. 912 type: string 913 required: 914 - enabled 915 type: object 916 size: 917 description: Size is the replica count for the Grafana Deployment. 918 format: int32 919 type: integer 920 version: 921 description: Version is the Grafana container image tag. 922 type: string 923 required: 924 - enabled 925 type: object 926 ha: 927 description: HA options for High Availability support for the Redis 928 component. 929 properties: 930 enabled: 931 description: Enabled will toggle HA support globally for Argo 932 CD. 933 type: boolean 934 redisProxyImage: 935 description: RedisProxyImage is the Redis HAProxy container image. 936 type: string 937 redisProxyVersion: 938 description: RedisProxyVersion is the Redis HAProxy container 939 image tag. 940 type: string 941 resources: 942 description: Resources defines the Compute Resources required 943 by the container for HA. 944 properties: 945 claims: 946 description: "Claims lists the names of resources, defined 947 in spec.resourceClaims, that are used by this container. 948 \n This is an alpha field and requires enabling the DynamicResourceAllocation 949 feature gate. \n This field is immutable. It can only be 950 set for containers." 951 items: 952 description: ResourceClaim references one entry in PodSpec.ResourceClaims. 953 properties: 954 name: 955 description: Name must match the name of one entry in 956 pod.spec.resourceClaims of the Pod where this field 957 is used. It makes that resource available inside a 958 container. 959 type: string 960 required: 961 - name 962 type: object 963 type: array 964 x-kubernetes-list-map-keys: 965 - name 966 x-kubernetes-list-type: map 967 limits: 968 additionalProperties: 969 anyOf: 970 - type: integer 971 - type: string 972 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 973 x-kubernetes-int-or-string: true 974 description: 'Limits describes the maximum amount of compute 975 resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' 976 type: object 977 requests: 978 additionalProperties: 979 anyOf: 980 - type: integer 981 - type: string 982 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 983 x-kubernetes-int-or-string: true 984 description: 'Requests describes the minimum amount of compute 985 resources required. If Requests is omitted for a container, 986 it defaults to Limits if that is explicitly specified, otherwise 987 to an implementation-defined value. Requests cannot exceed 988 Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' 989 type: object 990 type: object 991 required: 992 - enabled 993 type: object 994 helpChatText: 995 description: HelpChatText is the text for getting chat help, defaults 996 to "Chat now!" 997 type: string 998 helpChatURL: 999 description: HelpChatURL is the URL for getting chat help, this will 1000 typically be your Slack channel for support. 1001 type: string 1002 image: 1003 description: Image is the ArgoCD container image for all ArgoCD components. 1004 type: string 1005 import: 1006 description: Import is the import/restore options for ArgoCD. 1007 properties: 1008 name: 1009 description: Name of an ArgoCDExport from which to import data. 1010 type: string 1011 namespace: 1012 description: Namespace for the ArgoCDExport, defaults to the same 1013 namespace as the ArgoCD. 1014 type: string 1015 required: 1016 - name 1017 type: object 1018 initialRepositories: 1019 description: InitialRepositories to configure Argo CD with upon creation 1020 of the cluster. 1021 type: string 1022 initialSSHKnownHosts: 1023 description: InitialSSHKnownHosts defines the SSH known hosts data 1024 upon creation of the cluster for connecting Git repositories via 1025 SSH. 1026 properties: 1027 excludedefaulthosts: 1028 description: ExcludeDefaultHosts describes whether you would like 1029 to include the default list of SSH Known Hosts provided by ArgoCD. 1030 type: boolean 1031 keys: 1032 description: Keys describes a custom set of SSH Known Hosts that 1033 you would like to have included in your ArgoCD server. 1034 type: string 1035 type: object 1036 kustomizeBuildOptions: 1037 description: KustomizeBuildOptions is used to specify build options/parameters 1038 to use with `kustomize build`. 1039 type: string 1040 kustomizeVersions: 1041 description: KustomizeVersions is a listing of configured versions 1042 of Kustomize to be made available within ArgoCD. 1043 items: 1044 description: KustomizeVersionSpec is used to specify information 1045 about a kustomize version to be used within ArgoCD. 1046 properties: 1047 path: 1048 description: Path is the path to a configured kustomize version 1049 on the filesystem of your repo server. 1050 type: string 1051 version: 1052 description: Version is a configured kustomize version in the 1053 format of vX.Y.Z 1054 type: string 1055 type: object 1056 type: array 1057 monitoring: 1058 description: Monitoring defines whether workload status monitoring 1059 configuration for this instance. 1060 properties: 1061 enabled: 1062 description: Enabled defines whether workload status monitoring 1063 is enabled for this instance or not 1064 type: boolean 1065 required: 1066 - enabled 1067 type: object 1068 nodePlacement: 1069 description: NodePlacement defines NodeSelectors and Taints for Argo 1070 CD workloads 1071 properties: 1072 nodeSelector: 1073 additionalProperties: 1074 type: string 1075 description: NodeSelector is a field of PodSpec, it is a map of 1076 key value pairs used for node selection 1077 type: object 1078 tolerations: 1079 description: Tolerations allow the pods to schedule onto nodes 1080 with matching taints 1081 items: 1082 description: The pod this Toleration is attached to tolerates 1083 any taint that matches the triple <key,value,effect> using 1084 the matching operator <operator>. 1085 properties: 1086 effect: 1087 description: Effect indicates the taint effect to match. 1088 Empty means match all taint effects. When specified, allowed 1089 values are NoSchedule, PreferNoSchedule and NoExecute. 1090 type: string 1091 key: 1092 description: Key is the taint key that the toleration applies 1093 to. Empty means match all taint keys. If the key is empty, 1094 operator must be Exists; this combination means to match 1095 all values and all keys. 1096 type: string 1097 operator: 1098 description: Operator represents a key's relationship to 1099 the value. Valid operators are Exists and Equal. Defaults 1100 to Equal. Exists is equivalent to wildcard for value, 1101 so that a pod can tolerate all taints of a particular 1102 category. 1103 type: string 1104 tolerationSeconds: 1105 description: TolerationSeconds represents the period of 1106 time the toleration (which must be of effect NoExecute, 1107 otherwise this field is ignored) tolerates the taint. 1108 By default, it is not set, which means tolerate the taint 1109 forever (do not evict). Zero and negative values will 1110 be treated as 0 (evict immediately) by the system. 1111 format: int64 1112 type: integer 1113 value: 1114 description: Value is the taint value the toleration matches 1115 to. If the operator is Exists, the value should be empty, 1116 otherwise just a regular string. 1117 type: string 1118 type: object 1119 type: array 1120 type: object 1121 notifications: 1122 description: Notifications defines whether the Argo CD Notifications 1123 controller should be installed. 1124 properties: 1125 enabled: 1126 description: Enabled defines whether argocd-notifications controller 1127 should be deployed or not 1128 type: boolean 1129 env: 1130 description: Env let you specify environment variables for Notifications 1131 pods 1132 items: 1133 description: EnvVar represents an environment variable present 1134 in a Container. 1135 properties: 1136 name: 1137 description: Name of the environment variable. Must be a 1138 C_IDENTIFIER. 1139 type: string 1140 value: 1141 description: 'Variable references $(VAR_NAME) are expanded 1142 using the previously defined environment variables in 1143 the container and any service environment variables. If 1144 a variable cannot be resolved, the reference in the input 1145 string will be unchanged. Double $$ are reduced to a single 1146 $, which allows for escaping the $(VAR_NAME) syntax: i.e. 1147 "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". 1148 Escaped references will never be expanded, regardless 1149 of whether the variable exists or not. Defaults to "".' 1150 type: string 1151 valueFrom: 1152 description: Source for the environment variable's value. 1153 Cannot be used if value is not empty. 1154 properties: 1155 configMapKeyRef: 1156 description: Selects a key of a ConfigMap. 1157 properties: 1158 key: 1159 description: The key to select. 1160 type: string 1161 name: 1162 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 1163 TODO: Add other useful fields. apiVersion, kind, 1164 uid?' 1165 type: string 1166 optional: 1167 description: Specify whether the ConfigMap or its 1168 key must be defined 1169 type: boolean 1170 required: 1171 - key 1172 type: object 1173 fieldRef: 1174 description: 'Selects a field of the pod: supports metadata.name, 1175 metadata.namespace, `metadata.labels[''<KEY>'']`, 1176 `metadata.annotations[''<KEY>'']`, spec.nodeName, 1177 spec.serviceAccountName, status.hostIP, status.podIP, 1178 status.podIPs.' 1179 properties: 1180 apiVersion: 1181 description: Version of the schema the FieldPath 1182 is written in terms of, defaults to "v1". 1183 type: string 1184 fieldPath: 1185 description: Path of the field to select in the 1186 specified API version. 1187 type: string 1188 required: 1189 - fieldPath 1190 type: object 1191 resourceFieldRef: 1192 description: 'Selects a resource of the container: only 1193 resources limits and requests (limits.cpu, limits.memory, 1194 limits.ephemeral-storage, requests.cpu, requests.memory 1195 and requests.ephemeral-storage) are currently supported.' 1196 properties: 1197 containerName: 1198 description: 'Container name: required for volumes, 1199 optional for env vars' 1200 type: string 1201 divisor: 1202 anyOf: 1203 - type: integer 1204 - type: string 1205 description: Specifies the output format of the 1206 exposed resources, defaults to "1" 1207 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 1208 x-kubernetes-int-or-string: true 1209 resource: 1210 description: 'Required: resource to select' 1211 type: string 1212 required: 1213 - resource 1214 type: object 1215 secretKeyRef: 1216 description: Selects a key of a secret in the pod's 1217 namespace 1218 properties: 1219 key: 1220 description: The key of the secret to select from. Must 1221 be a valid secret key. 1222 type: string 1223 name: 1224 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 1225 TODO: Add other useful fields. apiVersion, kind, 1226 uid?' 1227 type: string 1228 optional: 1229 description: Specify whether the Secret or its key 1230 must be defined 1231 type: boolean 1232 required: 1233 - key 1234 type: object 1235 type: object 1236 required: 1237 - name 1238 type: object 1239 type: array 1240 image: 1241 description: Image is the Argo CD Notifications image (optional) 1242 type: string 1243 logLevel: 1244 description: LogLevel describes the log level that should be used 1245 by the argocd-notifications. Defaults to ArgoCDDefaultLogLevel 1246 if not set. Valid options are debug,info, error, and warn. 1247 type: string 1248 replicas: 1249 description: Replicas defines the number of replicas to run for 1250 notifications-controller 1251 format: int32 1252 type: integer 1253 resources: 1254 description: Resources defines the Compute Resources required 1255 by the container for Argo CD Notifications. 1256 properties: 1257 claims: 1258 description: "Claims lists the names of resources, defined 1259 in spec.resourceClaims, that are used by this container. 1260 \n This is an alpha field and requires enabling the DynamicResourceAllocation 1261 feature gate. \n This field is immutable. It can only be 1262 set for containers." 1263 items: 1264 description: ResourceClaim references one entry in PodSpec.ResourceClaims. 1265 properties: 1266 name: 1267 description: Name must match the name of one entry in 1268 pod.spec.resourceClaims of the Pod where this field 1269 is used. It makes that resource available inside a 1270 container. 1271 type: string 1272 required: 1273 - name 1274 type: object 1275 type: array 1276 x-kubernetes-list-map-keys: 1277 - name 1278 x-kubernetes-list-type: map 1279 limits: 1280 additionalProperties: 1281 anyOf: 1282 - type: integer 1283 - type: string 1284 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 1285 x-kubernetes-int-or-string: true 1286 description: 'Limits describes the maximum amount of compute 1287 resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' 1288 type: object 1289 requests: 1290 additionalProperties: 1291 anyOf: 1292 - type: integer 1293 - type: string 1294 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 1295 x-kubernetes-int-or-string: true 1296 description: 'Requests describes the minimum amount of compute 1297 resources required. If Requests is omitted for a container, 1298 it defaults to Limits if that is explicitly specified, otherwise 1299 to an implementation-defined value. Requests cannot exceed 1300 Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' 1301 type: object 1302 type: object 1303 version: 1304 description: Version is the Argo CD Notifications image tag. (optional) 1305 type: string 1306 required: 1307 - enabled 1308 type: object 1309 oidcConfig: 1310 description: OIDCConfig is the OIDC configuration as an alternative 1311 to dex. 1312 type: string 1313 prometheus: 1314 description: Prometheus defines the Prometheus server options for 1315 ArgoCD. 1316 properties: 1317 enabled: 1318 description: Enabled will toggle Prometheus support globally for 1319 ArgoCD. 1320 type: boolean 1321 host: 1322 description: Host is the hostname to use for Ingress/Route resources. 1323 type: string 1324 ingress: 1325 description: Ingress defines the desired state for an Ingress 1326 for the Prometheus component. 1327 properties: 1328 annotations: 1329 additionalProperties: 1330 type: string 1331 description: Annotations is the map of annotations to apply 1332 to the Ingress. 1333 type: object 1334 enabled: 1335 description: Enabled will toggle the creation of the Ingress. 1336 type: boolean 1337 ingressClassName: 1338 description: IngressClassName for the Ingress resource. 1339 type: string 1340 path: 1341 description: Path used for the Ingress resource. 1342 type: string 1343 tls: 1344 description: TLS configuration. Currently the Ingress only 1345 supports a single TLS port, 443. If multiple members of 1346 this list specify different hosts, they will be multiplexed 1347 on the same port according to the hostname specified through 1348 the SNI TLS extension, if the ingress controller fulfilling 1349 the ingress supports SNI. 1350 items: 1351 description: IngressTLS describes the transport layer security 1352 associated with an ingress. 1353 properties: 1354 hosts: 1355 description: hosts is a list of hosts included in the 1356 TLS certificate. The values in this list must match 1357 the name/s used in the tlsSecret. Defaults to the 1358 wildcard host setting for the loadbalancer controller 1359 fulfilling this Ingress, if left unspecified. 1360 items: 1361 type: string 1362 type: array 1363 x-kubernetes-list-type: atomic 1364 secretName: 1365 description: secretName is the name of the secret used 1366 to terminate TLS traffic on port 443. Field is left 1367 optional to allow TLS routing based on SNI hostname 1368 alone. If the SNI host in a listener conflicts with 1369 the "Host" header field used by an IngressRule, the 1370 SNI host is used for termination and value of the 1371 "Host" header is used for routing. 1372 type: string 1373 type: object 1374 type: array 1375 required: 1376 - enabled 1377 type: object 1378 route: 1379 description: Route defines the desired state for an OpenShift 1380 Route for the Prometheus component. 1381 properties: 1382 annotations: 1383 additionalProperties: 1384 type: string 1385 description: Annotations is the map of annotations to use 1386 for the Route resource. 1387 type: object 1388 enabled: 1389 description: Enabled will toggle the creation of the OpenShift 1390 Route. 1391 type: boolean 1392 labels: 1393 additionalProperties: 1394 type: string 1395 description: Labels is the map of labels to use for the Route 1396 resource 1397 type: object 1398 path: 1399 description: Path the router watches for, to route traffic 1400 for to the service. 1401 type: string 1402 tls: 1403 description: TLS provides the ability to configure certificates 1404 and termination for the Route. 1405 properties: 1406 caCertificate: 1407 description: caCertificate provides the cert authority 1408 certificate contents 1409 type: string 1410 certificate: 1411 description: certificate provides certificate contents 1412 type: string 1413 destinationCACertificate: 1414 description: destinationCACertificate provides the contents 1415 of the ca certificate of the final destination. When 1416 using reencrypt termination this file should be provided 1417 in order to have routers use it for health checks on 1418 the secure connection. If this field is not specified, 1419 the router may provide its own destination CA and perform 1420 hostname validation using the short service name (service.namespace.svc), 1421 which allows infrastructure generated certificates to 1422 automatically verify. 1423 type: string 1424 insecureEdgeTerminationPolicy: 1425 description: "insecureEdgeTerminationPolicy indicates 1426 the desired behavior for insecure connections to a route. 1427 While each router may make its own decisions on which 1428 ports to expose, this is normally port 80. \n * Allow 1429 - traffic is sent to the server on the insecure port 1430 (default) * Disable - no traffic is allowed on the insecure 1431 port. * Redirect - clients are redirected to the secure 1432 port." 1433 type: string 1434 key: 1435 description: key provides key file contents 1436 type: string 1437 termination: 1438 description: termination indicates termination type. 1439 type: string 1440 required: 1441 - termination 1442 type: object 1443 wildcardPolicy: 1444 description: WildcardPolicy if any for the route. Currently 1445 only 'Subdomain' or 'None' is allowed. 1446 type: string 1447 required: 1448 - enabled 1449 type: object 1450 size: 1451 description: Size is the replica count for the Prometheus StatefulSet. 1452 format: int32 1453 type: integer 1454 required: 1455 - enabled 1456 type: object 1457 rbac: 1458 description: RBAC defines the RBAC configuration for Argo CD. 1459 properties: 1460 defaultPolicy: 1461 description: DefaultPolicy is the name of the default role which 1462 Argo CD will falls back to, when authorizing API requests (optional). 1463 If omitted or empty, users may be still be able to login, but 1464 will see no apps, projects, etc... 1465 type: string 1466 policy: 1467 description: 'Policy is CSV containing user-defined RBAC policies 1468 and role definitions. Policy rules are in the form: p, subject, 1469 resource, action, object, effect Role definitions and bindings 1470 are in the form: g, subject, inherited-subject See https://github.com/argoproj/argo-cd/blob/master/docs/operator-manual/rbac.md 1471 for additional information.' 1472 type: string 1473 policyMatcherMode: 1474 description: PolicyMatcherMode configures the matchers function 1475 mode for casbin. There are two options for this, 'glob' for 1476 glob matcher or 'regex' for regex matcher. 1477 type: string 1478 scopes: 1479 description: 'Scopes controls which OIDC scopes to examine during 1480 rbac enforcement (in addition to `sub` scope). If omitted, defaults 1481 to: ''[groups]''.' 1482 type: string 1483 type: object 1484 redis: 1485 description: Redis defines the Redis server options for ArgoCD. 1486 properties: 1487 autotls: 1488 description: 'AutoTLS specifies the method to use for automatic 1489 TLS configuration for the redis server The value specified here 1490 can currently be: - openshift - Use the OpenShift service CA 1491 to request TLS config' 1492 type: string 1493 disableTLSVerification: 1494 description: DisableTLSVerification defines whether redis server 1495 API should be accessed using strict TLS validation 1496 type: boolean 1497 image: 1498 description: Image is the Redis container image. 1499 type: string 1500 resources: 1501 description: Resources defines the Compute Resources required 1502 by the container for Redis. 1503 properties: 1504 claims: 1505 description: "Claims lists the names of resources, defined 1506 in spec.resourceClaims, that are used by this container. 1507 \n This is an alpha field and requires enabling the DynamicResourceAllocation 1508 feature gate. \n This field is immutable. It can only be 1509 set for containers." 1510 items: 1511 description: ResourceClaim references one entry in PodSpec.ResourceClaims. 1512 properties: 1513 name: 1514 description: Name must match the name of one entry in 1515 pod.spec.resourceClaims of the Pod where this field 1516 is used. It makes that resource available inside a 1517 container. 1518 type: string 1519 required: 1520 - name 1521 type: object 1522 type: array 1523 x-kubernetes-list-map-keys: 1524 - name 1525 x-kubernetes-list-type: map 1526 limits: 1527 additionalProperties: 1528 anyOf: 1529 - type: integer 1530 - type: string 1531 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 1532 x-kubernetes-int-or-string: true 1533 description: 'Limits describes the maximum amount of compute 1534 resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' 1535 type: object 1536 requests: 1537 additionalProperties: 1538 anyOf: 1539 - type: integer 1540 - type: string 1541 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 1542 x-kubernetes-int-or-string: true 1543 description: 'Requests describes the minimum amount of compute 1544 resources required. If Requests is omitted for a container, 1545 it defaults to Limits if that is explicitly specified, otherwise 1546 to an implementation-defined value. Requests cannot exceed 1547 Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' 1548 type: object 1549 type: object 1550 version: 1551 description: Version is the Redis container image tag. 1552 type: string 1553 type: object 1554 repo: 1555 description: Repo defines the repo server options for Argo CD. 1556 properties: 1557 autotls: 1558 description: 'AutoTLS specifies the method to use for automatic 1559 TLS configuration for the repo server The value specified here 1560 can currently be: - openshift - Use the OpenShift service CA 1561 to request TLS config' 1562 type: string 1563 env: 1564 description: Env lets you specify environment for repo server 1565 pods 1566 items: 1567 description: EnvVar represents an environment variable present 1568 in a Container. 1569 properties: 1570 name: 1571 description: Name of the environment variable. Must be a 1572 C_IDENTIFIER. 1573 type: string 1574 value: 1575 description: 'Variable references $(VAR_NAME) are expanded 1576 using the previously defined environment variables in 1577 the container and any service environment variables. If 1578 a variable cannot be resolved, the reference in the input 1579 string will be unchanged. Double $$ are reduced to a single 1580 $, which allows for escaping the $(VAR_NAME) syntax: i.e. 1581 "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". 1582 Escaped references will never be expanded, regardless 1583 of whether the variable exists or not. Defaults to "".' 1584 type: string 1585 valueFrom: 1586 description: Source for the environment variable's value. 1587 Cannot be used if value is not empty. 1588 properties: 1589 configMapKeyRef: 1590 description: Selects a key of a ConfigMap. 1591 properties: 1592 key: 1593 description: The key to select. 1594 type: string 1595 name: 1596 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 1597 TODO: Add other useful fields. apiVersion, kind, 1598 uid?' 1599 type: string 1600 optional: 1601 description: Specify whether the ConfigMap or its 1602 key must be defined 1603 type: boolean 1604 required: 1605 - key 1606 type: object 1607 fieldRef: 1608 description: 'Selects a field of the pod: supports metadata.name, 1609 metadata.namespace, `metadata.labels[''<KEY>'']`, 1610 `metadata.annotations[''<KEY>'']`, spec.nodeName, 1611 spec.serviceAccountName, status.hostIP, status.podIP, 1612 status.podIPs.' 1613 properties: 1614 apiVersion: 1615 description: Version of the schema the FieldPath 1616 is written in terms of, defaults to "v1". 1617 type: string 1618 fieldPath: 1619 description: Path of the field to select in the 1620 specified API version. 1621 type: string 1622 required: 1623 - fieldPath 1624 type: object 1625 resourceFieldRef: 1626 description: 'Selects a resource of the container: only 1627 resources limits and requests (limits.cpu, limits.memory, 1628 limits.ephemeral-storage, requests.cpu, requests.memory 1629 and requests.ephemeral-storage) are currently supported.' 1630 properties: 1631 containerName: 1632 description: 'Container name: required for volumes, 1633 optional for env vars' 1634 type: string 1635 divisor: 1636 anyOf: 1637 - type: integer 1638 - type: string 1639 description: Specifies the output format of the 1640 exposed resources, defaults to "1" 1641 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 1642 x-kubernetes-int-or-string: true 1643 resource: 1644 description: 'Required: resource to select' 1645 type: string 1646 required: 1647 - resource 1648 type: object 1649 secretKeyRef: 1650 description: Selects a key of a secret in the pod's 1651 namespace 1652 properties: 1653 key: 1654 description: The key of the secret to select from. Must 1655 be a valid secret key. 1656 type: string 1657 name: 1658 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 1659 TODO: Add other useful fields. apiVersion, kind, 1660 uid?' 1661 type: string 1662 optional: 1663 description: Specify whether the Secret or its key 1664 must be defined 1665 type: boolean 1666 required: 1667 - key 1668 type: object 1669 type: object 1670 required: 1671 - name 1672 type: object 1673 type: array 1674 execTimeout: 1675 description: ExecTimeout specifies the timeout in seconds for 1676 tool execution 1677 type: integer 1678 extraRepoCommandArgs: 1679 description: Extra Command arguments allows users to pass command 1680 line arguments to repo server workload. They get added to default 1681 command line arguments provided by the operator. Please note 1682 that the command line arguments provided as part of ExtraRepoCommandArgs 1683 will not overwrite the default command line arguments. 1684 items: 1685 type: string 1686 type: array 1687 image: 1688 description: Image is the ArgoCD Repo Server container image. 1689 type: string 1690 initContainers: 1691 description: InitContainers defines the list of initialization 1692 containers for the repo server deployment 1693 items: 1694 description: A single application container that you want to 1695 run within a pod. 1696 properties: 1697 args: 1698 description: 'Arguments to the entrypoint. The container 1699 image''s CMD is used if this is not provided. Variable 1700 references $(VAR_NAME) are expanded using the container''s 1701 environment. If a variable cannot be resolved, the reference 1702 in the input string will be unchanged. Double $$ are reduced 1703 to a single $, which allows for escaping the $(VAR_NAME) 1704 syntax: i.e. "$$(VAR_NAME)" will produce the string literal 1705 "$(VAR_NAME)". Escaped references will never be expanded, 1706 regardless of whether the variable exists or not. Cannot 1707 be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell' 1708 items: 1709 type: string 1710 type: array 1711 command: 1712 description: 'Entrypoint array. Not executed within a shell. 1713 The container image''s ENTRYPOINT is used if this is not 1714 provided. Variable references $(VAR_NAME) are expanded 1715 using the container''s environment. If a variable cannot 1716 be resolved, the reference in the input string will be 1717 unchanged. Double $$ are reduced to a single $, which 1718 allows for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" 1719 will produce the string literal "$(VAR_NAME)". Escaped 1720 references will never be expanded, regardless of whether 1721 the variable exists or not. Cannot be updated. More info: 1722 https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell' 1723 items: 1724 type: string 1725 type: array 1726 env: 1727 description: List of environment variables to set in the 1728 container. Cannot be updated. 1729 items: 1730 description: EnvVar represents an environment variable 1731 present in a Container. 1732 properties: 1733 name: 1734 description: Name of the environment variable. Must 1735 be a C_IDENTIFIER. 1736 type: string 1737 value: 1738 description: 'Variable references $(VAR_NAME) are 1739 expanded using the previously defined environment 1740 variables in the container and any service environment 1741 variables. If a variable cannot be resolved, the 1742 reference in the input string will be unchanged. 1743 Double $$ are reduced to a single $, which allows 1744 for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" 1745 will produce the string literal "$(VAR_NAME)". Escaped 1746 references will never be expanded, regardless of 1747 whether the variable exists or not. Defaults to 1748 "".' 1749 type: string 1750 valueFrom: 1751 description: Source for the environment variable's 1752 value. Cannot be used if value is not empty. 1753 properties: 1754 configMapKeyRef: 1755 description: Selects a key of a ConfigMap. 1756 properties: 1757 key: 1758 description: The key to select. 1759 type: string 1760 name: 1761 description: 'Name of the referent. More info: 1762 https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 1763 TODO: Add other useful fields. apiVersion, 1764 kind, uid?' 1765 type: string 1766 optional: 1767 description: Specify whether the ConfigMap 1768 or its key must be defined 1769 type: boolean 1770 required: 1771 - key 1772 type: object 1773 fieldRef: 1774 description: 'Selects a field of the pod: supports 1775 metadata.name, metadata.namespace, `metadata.labels[''<KEY>'']`, 1776 `metadata.annotations[''<KEY>'']`, spec.nodeName, 1777 spec.serviceAccountName, status.hostIP, status.podIP, 1778 status.podIPs.' 1779 properties: 1780 apiVersion: 1781 description: Version of the schema the FieldPath 1782 is written in terms of, defaults to "v1". 1783 type: string 1784 fieldPath: 1785 description: Path of the field to select in 1786 the specified API version. 1787 type: string 1788 required: 1789 - fieldPath 1790 type: object 1791 resourceFieldRef: 1792 description: 'Selects a resource of the container: 1793 only resources limits and requests (limits.cpu, 1794 limits.memory, limits.ephemeral-storage, requests.cpu, 1795 requests.memory and requests.ephemeral-storage) 1796 are currently supported.' 1797 properties: 1798 containerName: 1799 description: 'Container name: required for 1800 volumes, optional for env vars' 1801 type: string 1802 divisor: 1803 anyOf: 1804 - type: integer 1805 - type: string 1806 description: Specifies the output format of 1807 the exposed resources, defaults to "1" 1808 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 1809 x-kubernetes-int-or-string: true 1810 resource: 1811 description: 'Required: resource to select' 1812 type: string 1813 required: 1814 - resource 1815 type: object 1816 secretKeyRef: 1817 description: Selects a key of a secret in the 1818 pod's namespace 1819 properties: 1820 key: 1821 description: The key of the secret to select 1822 from. Must be a valid secret key. 1823 type: string 1824 name: 1825 description: 'Name of the referent. More info: 1826 https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 1827 TODO: Add other useful fields. apiVersion, 1828 kind, uid?' 1829 type: string 1830 optional: 1831 description: Specify whether the Secret or 1832 its key must be defined 1833 type: boolean 1834 required: 1835 - key 1836 type: object 1837 type: object 1838 required: 1839 - name 1840 type: object 1841 type: array 1842 envFrom: 1843 description: List of sources to populate environment variables 1844 in the container. The keys defined within a source must 1845 be a C_IDENTIFIER. All invalid keys will be reported as 1846 an event when the container is starting. When a key exists 1847 in multiple sources, the value associated with the last 1848 source will take precedence. Values defined by an Env 1849 with a duplicate key will take precedence. Cannot be updated. 1850 items: 1851 description: EnvFromSource represents the source of a 1852 set of ConfigMaps 1853 properties: 1854 configMapRef: 1855 description: The ConfigMap to select from 1856 properties: 1857 name: 1858 description: 'Name of the referent. More info: 1859 https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 1860 TODO: Add other useful fields. apiVersion, kind, 1861 uid?' 1862 type: string 1863 optional: 1864 description: Specify whether the ConfigMap must 1865 be defined 1866 type: boolean 1867 type: object 1868 prefix: 1869 description: An optional identifier to prepend to 1870 each key in the ConfigMap. Must be a C_IDENTIFIER. 1871 type: string 1872 secretRef: 1873 description: The Secret to select from 1874 properties: 1875 name: 1876 description: 'Name of the referent. More info: 1877 https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 1878 TODO: Add other useful fields. apiVersion, kind, 1879 uid?' 1880 type: string 1881 optional: 1882 description: Specify whether the Secret must be 1883 defined 1884 type: boolean 1885 type: object 1886 type: object 1887 type: array 1888 image: 1889 description: 'Container image name. More info: https://kubernetes.io/docs/concepts/containers/images 1890 This field is optional to allow higher level config management 1891 to default or override container images in workload controllers 1892 like Deployments and StatefulSets.' 1893 type: string 1894 imagePullPolicy: 1895 description: 'Image pull policy. One of Always, Never, IfNotPresent. 1896 Defaults to Always if :latest tag is specified, or IfNotPresent 1897 otherwise. Cannot be updated. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images' 1898 type: string 1899 lifecycle: 1900 description: Actions that the management system should take 1901 in response to container lifecycle events. Cannot be updated. 1902 properties: 1903 postStart: 1904 description: 'PostStart is called immediately after 1905 a container is created. If the handler fails, the 1906 container is terminated and restarted according to 1907 its restart policy. Other management of the container 1908 blocks until the hook completes. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks' 1909 properties: 1910 exec: 1911 description: Exec specifies the action to take. 1912 properties: 1913 command: 1914 description: Command is the command line to 1915 execute inside the container, the working 1916 directory for the command is root ('/') in 1917 the container's filesystem. The command is 1918 simply exec'd, it is not run inside a shell, 1919 so traditional shell instructions ('|', etc) 1920 won't work. To use a shell, you need to explicitly 1921 call out to that shell. Exit status of 0 is 1922 treated as live/healthy and non-zero is unhealthy. 1923 items: 1924 type: string 1925 type: array 1926 type: object 1927 httpGet: 1928 description: HTTPGet specifies the http request 1929 to perform. 1930 properties: 1931 host: 1932 description: Host name to connect to, defaults 1933 to the pod IP. You probably want to set "Host" 1934 in httpHeaders instead. 1935 type: string 1936 httpHeaders: 1937 description: Custom headers to set in the request. 1938 HTTP allows repeated headers. 1939 items: 1940 description: HTTPHeader describes a custom 1941 header to be used in HTTP probes 1942 properties: 1943 name: 1944 description: The header field name. This 1945 will be canonicalized upon output, so 1946 case-variant names will be understood 1947 as the same header. 1948 type: string 1949 value: 1950 description: The header field value 1951 type: string 1952 required: 1953 - name 1954 - value 1955 type: object 1956 type: array 1957 path: 1958 description: Path to access on the HTTP server. 1959 type: string 1960 port: 1961 anyOf: 1962 - type: integer 1963 - type: string 1964 description: Name or number of the port to access 1965 on the container. Number must be in the range 1966 1 to 65535. Name must be an IANA_SVC_NAME. 1967 x-kubernetes-int-or-string: true 1968 scheme: 1969 description: Scheme to use for connecting to 1970 the host. Defaults to HTTP. 1971 type: string 1972 required: 1973 - port 1974 type: object 1975 tcpSocket: 1976 description: Deprecated. TCPSocket is NOT supported 1977 as a LifecycleHandler and kept for the backward 1978 compatibility. There are no validation of this 1979 field and lifecycle hooks will fail in runtime 1980 when tcp handler is specified. 1981 properties: 1982 host: 1983 description: 'Optional: Host name to connect 1984 to, defaults to the pod IP.' 1985 type: string 1986 port: 1987 anyOf: 1988 - type: integer 1989 - type: string 1990 description: Number or name of the port to access 1991 on the container. Number must be in the range 1992 1 to 65535. Name must be an IANA_SVC_NAME. 1993 x-kubernetes-int-or-string: true 1994 required: 1995 - port 1996 type: object 1997 type: object 1998 preStop: 1999 description: 'PreStop is called immediately before a 2000 container is terminated due to an API request or management 2001 event such as liveness/startup probe failure, preemption, 2002 resource contention, etc. The handler is not called 2003 if the container crashes or exits. The Pod''s termination 2004 grace period countdown begins before the PreStop hook 2005 is executed. Regardless of the outcome of the handler, 2006 the container will eventually terminate within the 2007 Pod''s termination grace period (unless delayed by 2008 finalizers). Other management of the container blocks 2009 until the hook completes or until the termination 2010 grace period is reached. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks' 2011 properties: 2012 exec: 2013 description: Exec specifies the action to take. 2014 properties: 2015 command: 2016 description: Command is the command line to 2017 execute inside the container, the working 2018 directory for the command is root ('/') in 2019 the container's filesystem. The command is 2020 simply exec'd, it is not run inside a shell, 2021 so traditional shell instructions ('|', etc) 2022 won't work. To use a shell, you need to explicitly 2023 call out to that shell. Exit status of 0 is 2024 treated as live/healthy and non-zero is unhealthy. 2025 items: 2026 type: string 2027 type: array 2028 type: object 2029 httpGet: 2030 description: HTTPGet specifies the http request 2031 to perform. 2032 properties: 2033 host: 2034 description: Host name to connect to, defaults 2035 to the pod IP. You probably want to set "Host" 2036 in httpHeaders instead. 2037 type: string 2038 httpHeaders: 2039 description: Custom headers to set in the request. 2040 HTTP allows repeated headers. 2041 items: 2042 description: HTTPHeader describes a custom 2043 header to be used in HTTP probes 2044 properties: 2045 name: 2046 description: The header field name. This 2047 will be canonicalized upon output, so 2048 case-variant names will be understood 2049 as the same header. 2050 type: string 2051 value: 2052 description: The header field value 2053 type: string 2054 required: 2055 - name 2056 - value 2057 type: object 2058 type: array 2059 path: 2060 description: Path to access on the HTTP server. 2061 type: string 2062 port: 2063 anyOf: 2064 - type: integer 2065 - type: string 2066 description: Name or number of the port to access 2067 on the container. Number must be in the range 2068 1 to 65535. Name must be an IANA_SVC_NAME. 2069 x-kubernetes-int-or-string: true 2070 scheme: 2071 description: Scheme to use for connecting to 2072 the host. Defaults to HTTP. 2073 type: string 2074 required: 2075 - port 2076 type: object 2077 tcpSocket: 2078 description: Deprecated. TCPSocket is NOT supported 2079 as a LifecycleHandler and kept for the backward 2080 compatibility. There are no validation of this 2081 field and lifecycle hooks will fail in runtime 2082 when tcp handler is specified. 2083 properties: 2084 host: 2085 description: 'Optional: Host name to connect 2086 to, defaults to the pod IP.' 2087 type: string 2088 port: 2089 anyOf: 2090 - type: integer 2091 - type: string 2092 description: Number or name of the port to access 2093 on the container. Number must be in the range 2094 1 to 65535. Name must be an IANA_SVC_NAME. 2095 x-kubernetes-int-or-string: true 2096 required: 2097 - port 2098 type: object 2099 type: object 2100 type: object 2101 livenessProbe: 2102 description: 'Periodic probe of container liveness. Container 2103 will be restarted if the probe fails. Cannot be updated. 2104 More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' 2105 properties: 2106 exec: 2107 description: Exec specifies the action to take. 2108 properties: 2109 command: 2110 description: Command is the command line to execute 2111 inside the container, the working directory for 2112 the command is root ('/') in the container's 2113 filesystem. The command is simply exec'd, it is 2114 not run inside a shell, so traditional shell instructions 2115 ('|', etc) won't work. To use a shell, you need 2116 to explicitly call out to that shell. Exit status 2117 of 0 is treated as live/healthy and non-zero is 2118 unhealthy. 2119 items: 2120 type: string 2121 type: array 2122 type: object 2123 failureThreshold: 2124 description: Minimum consecutive failures for the probe 2125 to be considered failed after having succeeded. Defaults 2126 to 3. Minimum value is 1. 2127 format: int32 2128 type: integer 2129 grpc: 2130 description: GRPC specifies an action involving a GRPC 2131 port. 2132 properties: 2133 port: 2134 description: Port number of the gRPC service. Number 2135 must be in the range 1 to 65535. 2136 format: int32 2137 type: integer 2138 service: 2139 description: "Service is the name of the service 2140 to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). 2141 \n If this is not specified, the default behavior 2142 is defined by gRPC." 2143 type: string 2144 required: 2145 - port 2146 type: object 2147 httpGet: 2148 description: HTTPGet specifies the http request to perform. 2149 properties: 2150 host: 2151 description: Host name to connect to, defaults to 2152 the pod IP. You probably want to set "Host" in 2153 httpHeaders instead. 2154 type: string 2155 httpHeaders: 2156 description: Custom headers to set in the request. 2157 HTTP allows repeated headers. 2158 items: 2159 description: HTTPHeader describes a custom header 2160 to be used in HTTP probes 2161 properties: 2162 name: 2163 description: The header field name. This will 2164 be canonicalized upon output, so case-variant 2165 names will be understood as the same header. 2166 type: string 2167 value: 2168 description: The header field value 2169 type: string 2170 required: 2171 - name 2172 - value 2173 type: object 2174 type: array 2175 path: 2176 description: Path to access on the HTTP server. 2177 type: string 2178 port: 2179 anyOf: 2180 - type: integer 2181 - type: string 2182 description: Name or number of the port to access 2183 on the container. Number must be in the range 2184 1 to 65535. Name must be an IANA_SVC_NAME. 2185 x-kubernetes-int-or-string: true 2186 scheme: 2187 description: Scheme to use for connecting to the 2188 host. Defaults to HTTP. 2189 type: string 2190 required: 2191 - port 2192 type: object 2193 initialDelaySeconds: 2194 description: 'Number of seconds after the container 2195 has started before liveness probes are initiated. 2196 More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' 2197 format: int32 2198 type: integer 2199 periodSeconds: 2200 description: How often (in seconds) to perform the probe. 2201 Default to 10 seconds. Minimum value is 1. 2202 format: int32 2203 type: integer 2204 successThreshold: 2205 description: Minimum consecutive successes for the probe 2206 to be considered successful after having failed. Defaults 2207 to 1. Must be 1 for liveness and startup. Minimum 2208 value is 1. 2209 format: int32 2210 type: integer 2211 tcpSocket: 2212 description: TCPSocket specifies an action involving 2213 a TCP port. 2214 properties: 2215 host: 2216 description: 'Optional: Host name to connect to, 2217 defaults to the pod IP.' 2218 type: string 2219 port: 2220 anyOf: 2221 - type: integer 2222 - type: string 2223 description: Number or name of the port to access 2224 on the container. Number must be in the range 2225 1 to 65535. Name must be an IANA_SVC_NAME. 2226 x-kubernetes-int-or-string: true 2227 required: 2228 - port 2229 type: object 2230 terminationGracePeriodSeconds: 2231 description: Optional duration in seconds the pod needs 2232 to terminate gracefully upon probe failure. The grace 2233 period is the duration in seconds after the processes 2234 running in the pod are sent a termination signal and 2235 the time when the processes are forcibly halted with 2236 a kill signal. Set this value longer than the expected 2237 cleanup time for your process. If this value is nil, 2238 the pod's terminationGracePeriodSeconds will be used. 2239 Otherwise, this value overrides the value provided 2240 by the pod spec. Value must be non-negative integer. 2241 The value zero indicates stop immediately via the 2242 kill signal (no opportunity to shut down). This is 2243 a beta field and requires enabling ProbeTerminationGracePeriod 2244 feature gate. Minimum value is 1. spec.terminationGracePeriodSeconds 2245 is used if unset. 2246 format: int64 2247 type: integer 2248 timeoutSeconds: 2249 description: 'Number of seconds after which the probe 2250 times out. Defaults to 1 second. Minimum value is 2251 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' 2252 format: int32 2253 type: integer 2254 type: object 2255 name: 2256 description: Name of the container specified as a DNS_LABEL. 2257 Each container in a pod must have a unique name (DNS_LABEL). 2258 Cannot be updated. 2259 type: string 2260 ports: 2261 description: List of ports to expose from the container. 2262 Not specifying a port here DOES NOT prevent that port 2263 from being exposed. Any port which is listening on the 2264 default "0.0.0.0" address inside a container will be accessible 2265 from the network. Modifying this array with strategic 2266 merge patch may corrupt the data. For more information 2267 See https://github.com/kubernetes/kubernetes/issues/108255. 2268 Cannot be updated. 2269 items: 2270 description: ContainerPort represents a network port in 2271 a single container. 2272 properties: 2273 containerPort: 2274 description: Number of port to expose on the pod's 2275 IP address. This must be a valid port number, 0 2276 < x < 65536. 2277 format: int32 2278 type: integer 2279 hostIP: 2280 description: What host IP to bind the external port 2281 to. 2282 type: string 2283 hostPort: 2284 description: Number of port to expose on the host. 2285 If specified, this must be a valid port number, 2286 0 < x < 65536. If HostNetwork is specified, this 2287 must match ContainerPort. Most containers do not 2288 need this. 2289 format: int32 2290 type: integer 2291 name: 2292 description: If specified, this must be an IANA_SVC_NAME 2293 and unique within the pod. Each named port in a 2294 pod must have a unique name. Name for the port that 2295 can be referred to by services. 2296 type: string 2297 protocol: 2298 default: TCP 2299 description: Protocol for port. Must be UDP, TCP, 2300 or SCTP. Defaults to "TCP". 2301 type: string 2302 required: 2303 - containerPort 2304 type: object 2305 type: array 2306 x-kubernetes-list-map-keys: 2307 - containerPort 2308 - protocol 2309 x-kubernetes-list-type: map 2310 readinessProbe: 2311 description: 'Periodic probe of container service readiness. 2312 Container will be removed from service endpoints if the 2313 probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' 2314 properties: 2315 exec: 2316 description: Exec specifies the action to take. 2317 properties: 2318 command: 2319 description: Command is the command line to execute 2320 inside the container, the working directory for 2321 the command is root ('/') in the container's 2322 filesystem. The command is simply exec'd, it is 2323 not run inside a shell, so traditional shell instructions 2324 ('|', etc) won't work. To use a shell, you need 2325 to explicitly call out to that shell. Exit status 2326 of 0 is treated as live/healthy and non-zero is 2327 unhealthy. 2328 items: 2329 type: string 2330 type: array 2331 type: object 2332 failureThreshold: 2333 description: Minimum consecutive failures for the probe 2334 to be considered failed after having succeeded. Defaults 2335 to 3. Minimum value is 1. 2336 format: int32 2337 type: integer 2338 grpc: 2339 description: GRPC specifies an action involving a GRPC 2340 port. 2341 properties: 2342 port: 2343 description: Port number of the gRPC service. Number 2344 must be in the range 1 to 65535. 2345 format: int32 2346 type: integer 2347 service: 2348 description: "Service is the name of the service 2349 to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). 2350 \n If this is not specified, the default behavior 2351 is defined by gRPC." 2352 type: string 2353 required: 2354 - port 2355 type: object 2356 httpGet: 2357 description: HTTPGet specifies the http request to perform. 2358 properties: 2359 host: 2360 description: Host name to connect to, defaults to 2361 the pod IP. You probably want to set "Host" in 2362 httpHeaders instead. 2363 type: string 2364 httpHeaders: 2365 description: Custom headers to set in the request. 2366 HTTP allows repeated headers. 2367 items: 2368 description: HTTPHeader describes a custom header 2369 to be used in HTTP probes 2370 properties: 2371 name: 2372 description: The header field name. This will 2373 be canonicalized upon output, so case-variant 2374 names will be understood as the same header. 2375 type: string 2376 value: 2377 description: The header field value 2378 type: string 2379 required: 2380 - name 2381 - value 2382 type: object 2383 type: array 2384 path: 2385 description: Path to access on the HTTP server. 2386 type: string 2387 port: 2388 anyOf: 2389 - type: integer 2390 - type: string 2391 description: Name or number of the port to access 2392 on the container. Number must be in the range 2393 1 to 65535. Name must be an IANA_SVC_NAME. 2394 x-kubernetes-int-or-string: true 2395 scheme: 2396 description: Scheme to use for connecting to the 2397 host. Defaults to HTTP. 2398 type: string 2399 required: 2400 - port 2401 type: object 2402 initialDelaySeconds: 2403 description: 'Number of seconds after the container 2404 has started before liveness probes are initiated. 2405 More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' 2406 format: int32 2407 type: integer 2408 periodSeconds: 2409 description: How often (in seconds) to perform the probe. 2410 Default to 10 seconds. Minimum value is 1. 2411 format: int32 2412 type: integer 2413 successThreshold: 2414 description: Minimum consecutive successes for the probe 2415 to be considered successful after having failed. Defaults 2416 to 1. Must be 1 for liveness and startup. Minimum 2417 value is 1. 2418 format: int32 2419 type: integer 2420 tcpSocket: 2421 description: TCPSocket specifies an action involving 2422 a TCP port. 2423 properties: 2424 host: 2425 description: 'Optional: Host name to connect to, 2426 defaults to the pod IP.' 2427 type: string 2428 port: 2429 anyOf: 2430 - type: integer 2431 - type: string 2432 description: Number or name of the port to access 2433 on the container. Number must be in the range 2434 1 to 65535. Name must be an IANA_SVC_NAME. 2435 x-kubernetes-int-or-string: true 2436 required: 2437 - port 2438 type: object 2439 terminationGracePeriodSeconds: 2440 description: Optional duration in seconds the pod needs 2441 to terminate gracefully upon probe failure. The grace 2442 period is the duration in seconds after the processes 2443 running in the pod are sent a termination signal and 2444 the time when the processes are forcibly halted with 2445 a kill signal. Set this value longer than the expected 2446 cleanup time for your process. If this value is nil, 2447 the pod's terminationGracePeriodSeconds will be used. 2448 Otherwise, this value overrides the value provided 2449 by the pod spec. Value must be non-negative integer. 2450 The value zero indicates stop immediately via the 2451 kill signal (no opportunity to shut down). This is 2452 a beta field and requires enabling ProbeTerminationGracePeriod 2453 feature gate. Minimum value is 1. spec.terminationGracePeriodSeconds 2454 is used if unset. 2455 format: int64 2456 type: integer 2457 timeoutSeconds: 2458 description: 'Number of seconds after which the probe 2459 times out. Defaults to 1 second. Minimum value is 2460 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' 2461 format: int32 2462 type: integer 2463 type: object 2464 resizePolicy: 2465 description: Resources resize policy for the container. 2466 items: 2467 description: ContainerResizePolicy represents resource 2468 resize policy for the container. 2469 properties: 2470 resourceName: 2471 description: 'Name of the resource to which this resource 2472 resize policy applies. Supported values: cpu, memory.' 2473 type: string 2474 restartPolicy: 2475 description: Restart policy to apply when specified 2476 resource is resized. If not specified, it defaults 2477 to NotRequired. 2478 type: string 2479 required: 2480 - resourceName 2481 - restartPolicy 2482 type: object 2483 type: array 2484 x-kubernetes-list-type: atomic 2485 resources: 2486 description: 'Compute Resources required by this container. 2487 Cannot be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' 2488 properties: 2489 claims: 2490 description: "Claims lists the names of resources, defined 2491 in spec.resourceClaims, that are used by this container. 2492 \n This is an alpha field and requires enabling the 2493 DynamicResourceAllocation feature gate. \n This field 2494 is immutable. It can only be set for containers." 2495 items: 2496 description: ResourceClaim references one entry in 2497 PodSpec.ResourceClaims. 2498 properties: 2499 name: 2500 description: Name must match the name of one entry 2501 in pod.spec.resourceClaims of the Pod where 2502 this field is used. It makes that resource available 2503 inside a container. 2504 type: string 2505 required: 2506 - name 2507 type: object 2508 type: array 2509 x-kubernetes-list-map-keys: 2510 - name 2511 x-kubernetes-list-type: map 2512 limits: 2513 additionalProperties: 2514 anyOf: 2515 - type: integer 2516 - type: string 2517 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 2518 x-kubernetes-int-or-string: true 2519 description: 'Limits describes the maximum amount of 2520 compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' 2521 type: object 2522 requests: 2523 additionalProperties: 2524 anyOf: 2525 - type: integer 2526 - type: string 2527 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 2528 x-kubernetes-int-or-string: true 2529 description: 'Requests describes the minimum amount 2530 of compute resources required. If Requests is omitted 2531 for a container, it defaults to Limits if that is 2532 explicitly specified, otherwise to an implementation-defined 2533 value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' 2534 type: object 2535 type: object 2536 restartPolicy: 2537 description: 'RestartPolicy defines the restart behavior 2538 of individual containers in a pod. This field may only 2539 be set for init containers, and the only allowed value 2540 is "Always". For non-init containers or when this field 2541 is not specified, the restart behavior is defined by the 2542 Pod''s restart policy and the container type. Setting 2543 the RestartPolicy as "Always" for the init container will 2544 have the following effect: this init container will be 2545 continually restarted on exit until all regular containers 2546 have terminated. Once all regular containers have completed, 2547 all init containers with restartPolicy "Always" will be 2548 shut down. This lifecycle differs from normal init containers 2549 and is often referred to as a "sidecar" container. Although 2550 this init container still starts in the init container 2551 sequence, it does not wait for the container to complete 2552 before proceeding to the next init container. Instead, 2553 the next init container starts immediately after this 2554 init container is started, or after any startupProbe has 2555 successfully completed.' 2556 type: string 2557 securityContext: 2558 description: 'SecurityContext defines the security options 2559 the container should be run with. If set, the fields of 2560 SecurityContext override the equivalent fields of PodSecurityContext. 2561 More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/' 2562 properties: 2563 allowPrivilegeEscalation: 2564 description: 'AllowPrivilegeEscalation controls whether 2565 a process can gain more privileges than its parent 2566 process. This bool directly controls if the no_new_privs 2567 flag will be set on the container process. AllowPrivilegeEscalation 2568 is true always when the container is: 1) run as Privileged 2569 2) has CAP_SYS_ADMIN Note that this field cannot be 2570 set when spec.os.name is windows.' 2571 type: boolean 2572 capabilities: 2573 description: The capabilities to add/drop when running 2574 containers. Defaults to the default set of capabilities 2575 granted by the container runtime. Note that this field 2576 cannot be set when spec.os.name is windows. 2577 properties: 2578 add: 2579 description: Added capabilities 2580 items: 2581 description: Capability represent POSIX capabilities 2582 type 2583 type: string 2584 type: array 2585 drop: 2586 description: Removed capabilities 2587 items: 2588 description: Capability represent POSIX capabilities 2589 type 2590 type: string 2591 type: array 2592 type: object 2593 privileged: 2594 description: Run container in privileged mode. Processes 2595 in privileged containers are essentially equivalent 2596 to root on the host. Defaults to false. Note that 2597 this field cannot be set when spec.os.name is windows. 2598 type: boolean 2599 procMount: 2600 description: procMount denotes the type of proc mount 2601 to use for the containers. The default is DefaultProcMount 2602 which uses the container runtime defaults for readonly 2603 paths and masked paths. This requires the ProcMountType 2604 feature flag to be enabled. Note that this field cannot 2605 be set when spec.os.name is windows. 2606 type: string 2607 readOnlyRootFilesystem: 2608 description: Whether this container has a read-only 2609 root filesystem. Default is false. Note that this 2610 field cannot be set when spec.os.name is windows. 2611 type: boolean 2612 runAsGroup: 2613 description: The GID to run the entrypoint of the container 2614 process. Uses runtime default if unset. May also be 2615 set in PodSecurityContext. If set in both SecurityContext 2616 and PodSecurityContext, the value specified in SecurityContext 2617 takes precedence. Note that this field cannot be set 2618 when spec.os.name is windows. 2619 format: int64 2620 type: integer 2621 runAsNonRoot: 2622 description: Indicates that the container must run as 2623 a non-root user. If true, the Kubelet will validate 2624 the image at runtime to ensure that it does not run 2625 as UID 0 (root) and fail to start the container if 2626 it does. If unset or false, no such validation will 2627 be performed. May also be set in PodSecurityContext. If 2628 set in both SecurityContext and PodSecurityContext, 2629 the value specified in SecurityContext takes precedence. 2630 type: boolean 2631 runAsUser: 2632 description: The UID to run the entrypoint of the container 2633 process. Defaults to user specified in image metadata 2634 if unspecified. May also be set in PodSecurityContext. If 2635 set in both SecurityContext and PodSecurityContext, 2636 the value specified in SecurityContext takes precedence. 2637 Note that this field cannot be set when spec.os.name 2638 is windows. 2639 format: int64 2640 type: integer 2641 seLinuxOptions: 2642 description: The SELinux context to be applied to the 2643 container. If unspecified, the container runtime will 2644 allocate a random SELinux context for each container. May 2645 also be set in PodSecurityContext. If set in both 2646 SecurityContext and PodSecurityContext, the value 2647 specified in SecurityContext takes precedence. Note 2648 that this field cannot be set when spec.os.name is 2649 windows. 2650 properties: 2651 level: 2652 description: Level is SELinux level label that applies 2653 to the container. 2654 type: string 2655 role: 2656 description: Role is a SELinux role label that applies 2657 to the container. 2658 type: string 2659 type: 2660 description: Type is a SELinux type label that applies 2661 to the container. 2662 type: string 2663 user: 2664 description: User is a SELinux user label that applies 2665 to the container. 2666 type: string 2667 type: object 2668 seccompProfile: 2669 description: The seccomp options to use by this container. 2670 If seccomp options are provided at both the pod & 2671 container level, the container options override the 2672 pod options. Note that this field cannot be set when 2673 spec.os.name is windows. 2674 properties: 2675 localhostProfile: 2676 description: localhostProfile indicates a profile 2677 defined in a file on the node should be used. 2678 The profile must be preconfigured on the node 2679 to work. Must be a descending path, relative to 2680 the kubelet's configured seccomp profile location. 2681 Must be set if type is "Localhost". Must NOT be 2682 set for any other type. 2683 type: string 2684 type: 2685 description: "type indicates which kind of seccomp 2686 profile will be applied. Valid options are: \n 2687 Localhost - a profile defined in a file on the 2688 node should be used. RuntimeDefault - the container 2689 runtime default profile should be used. Unconfined 2690 - no profile should be applied." 2691 type: string 2692 required: 2693 - type 2694 type: object 2695 windowsOptions: 2696 description: The Windows specific settings applied to 2697 all containers. If unspecified, the options from the 2698 PodSecurityContext will be used. If set in both SecurityContext 2699 and PodSecurityContext, the value specified in SecurityContext 2700 takes precedence. Note that this field cannot be set 2701 when spec.os.name is linux. 2702 properties: 2703 gmsaCredentialSpec: 2704 description: GMSACredentialSpec is where the GMSA 2705 admission webhook (https://github.com/kubernetes-sigs/windows-gmsa) 2706 inlines the contents of the GMSA credential spec 2707 named by the GMSACredentialSpecName field. 2708 type: string 2709 gmsaCredentialSpecName: 2710 description: GMSACredentialSpecName is the name 2711 of the GMSA credential spec to use. 2712 type: string 2713 hostProcess: 2714 description: HostProcess determines if a container 2715 should be run as a 'Host Process' container. All 2716 of a Pod's containers must have the same effective 2717 HostProcess value (it is not allowed to have a 2718 mix of HostProcess containers and non-HostProcess 2719 containers). In addition, if HostProcess is true 2720 then HostNetwork must also be set to true. 2721 type: boolean 2722 runAsUserName: 2723 description: The UserName in Windows to run the 2724 entrypoint of the container process. Defaults 2725 to the user specified in image metadata if unspecified. 2726 May also be set in PodSecurityContext. If set 2727 in both SecurityContext and PodSecurityContext, 2728 the value specified in SecurityContext takes precedence. 2729 type: string 2730 type: object 2731 type: object 2732 startupProbe: 2733 description: 'StartupProbe indicates that the Pod has successfully 2734 initialized. If specified, no other probes are executed 2735 until this completes successfully. If this probe fails, 2736 the Pod will be restarted, just as if the livenessProbe 2737 failed. This can be used to provide different probe parameters 2738 at the beginning of a Pod''s lifecycle, when it might 2739 take a long time to load data or warm a cache, than during 2740 steady-state operation. This cannot be updated. More info: 2741 https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' 2742 properties: 2743 exec: 2744 description: Exec specifies the action to take. 2745 properties: 2746 command: 2747 description: Command is the command line to execute 2748 inside the container, the working directory for 2749 the command is root ('/') in the container's 2750 filesystem. The command is simply exec'd, it is 2751 not run inside a shell, so traditional shell instructions 2752 ('|', etc) won't work. To use a shell, you need 2753 to explicitly call out to that shell. Exit status 2754 of 0 is treated as live/healthy and non-zero is 2755 unhealthy. 2756 items: 2757 type: string 2758 type: array 2759 type: object 2760 failureThreshold: 2761 description: Minimum consecutive failures for the probe 2762 to be considered failed after having succeeded. Defaults 2763 to 3. Minimum value is 1. 2764 format: int32 2765 type: integer 2766 grpc: 2767 description: GRPC specifies an action involving a GRPC 2768 port. 2769 properties: 2770 port: 2771 description: Port number of the gRPC service. Number 2772 must be in the range 1 to 65535. 2773 format: int32 2774 type: integer 2775 service: 2776 description: "Service is the name of the service 2777 to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). 2778 \n If this is not specified, the default behavior 2779 is defined by gRPC." 2780 type: string 2781 required: 2782 - port 2783 type: object 2784 httpGet: 2785 description: HTTPGet specifies the http request to perform. 2786 properties: 2787 host: 2788 description: Host name to connect to, defaults to 2789 the pod IP. You probably want to set "Host" in 2790 httpHeaders instead. 2791 type: string 2792 httpHeaders: 2793 description: Custom headers to set in the request. 2794 HTTP allows repeated headers. 2795 items: 2796 description: HTTPHeader describes a custom header 2797 to be used in HTTP probes 2798 properties: 2799 name: 2800 description: The header field name. This will 2801 be canonicalized upon output, so case-variant 2802 names will be understood as the same header. 2803 type: string 2804 value: 2805 description: The header field value 2806 type: string 2807 required: 2808 - name 2809 - value 2810 type: object 2811 type: array 2812 path: 2813 description: Path to access on the HTTP server. 2814 type: string 2815 port: 2816 anyOf: 2817 - type: integer 2818 - type: string 2819 description: Name or number of the port to access 2820 on the container. Number must be in the range 2821 1 to 65535. Name must be an IANA_SVC_NAME. 2822 x-kubernetes-int-or-string: true 2823 scheme: 2824 description: Scheme to use for connecting to the 2825 host. Defaults to HTTP. 2826 type: string 2827 required: 2828 - port 2829 type: object 2830 initialDelaySeconds: 2831 description: 'Number of seconds after the container 2832 has started before liveness probes are initiated. 2833 More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' 2834 format: int32 2835 type: integer 2836 periodSeconds: 2837 description: How often (in seconds) to perform the probe. 2838 Default to 10 seconds. Minimum value is 1. 2839 format: int32 2840 type: integer 2841 successThreshold: 2842 description: Minimum consecutive successes for the probe 2843 to be considered successful after having failed. Defaults 2844 to 1. Must be 1 for liveness and startup. Minimum 2845 value is 1. 2846 format: int32 2847 type: integer 2848 tcpSocket: 2849 description: TCPSocket specifies an action involving 2850 a TCP port. 2851 properties: 2852 host: 2853 description: 'Optional: Host name to connect to, 2854 defaults to the pod IP.' 2855 type: string 2856 port: 2857 anyOf: 2858 - type: integer 2859 - type: string 2860 description: Number or name of the port to access 2861 on the container. Number must be in the range 2862 1 to 65535. Name must be an IANA_SVC_NAME. 2863 x-kubernetes-int-or-string: true 2864 required: 2865 - port 2866 type: object 2867 terminationGracePeriodSeconds: 2868 description: Optional duration in seconds the pod needs 2869 to terminate gracefully upon probe failure. The grace 2870 period is the duration in seconds after the processes 2871 running in the pod are sent a termination signal and 2872 the time when the processes are forcibly halted with 2873 a kill signal. Set this value longer than the expected 2874 cleanup time for your process. If this value is nil, 2875 the pod's terminationGracePeriodSeconds will be used. 2876 Otherwise, this value overrides the value provided 2877 by the pod spec. Value must be non-negative integer. 2878 The value zero indicates stop immediately via the 2879 kill signal (no opportunity to shut down). This is 2880 a beta field and requires enabling ProbeTerminationGracePeriod 2881 feature gate. Minimum value is 1. spec.terminationGracePeriodSeconds 2882 is used if unset. 2883 format: int64 2884 type: integer 2885 timeoutSeconds: 2886 description: 'Number of seconds after which the probe 2887 times out. Defaults to 1 second. Minimum value is 2888 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' 2889 format: int32 2890 type: integer 2891 type: object 2892 stdin: 2893 description: Whether this container should allocate a buffer 2894 for stdin in the container runtime. If this is not set, 2895 reads from stdin in the container will always result in 2896 EOF. Default is false. 2897 type: boolean 2898 stdinOnce: 2899 description: Whether the container runtime should close 2900 the stdin channel after it has been opened by a single 2901 attach. When stdin is true the stdin stream will remain 2902 open across multiple attach sessions. If stdinOnce is 2903 set to true, stdin is opened on container start, is empty 2904 until the first client attaches to stdin, and then remains 2905 open and accepts data until the client disconnects, at 2906 which time stdin is closed and remains closed until the 2907 container is restarted. If this flag is false, a container 2908 processes that reads from stdin will never receive an 2909 EOF. Default is false 2910 type: boolean 2911 terminationMessagePath: 2912 description: 'Optional: Path at which the file to which 2913 the container''s termination message will be written is 2914 mounted into the container''s filesystem. Message written 2915 is intended to be brief final status, such as an assertion 2916 failure message. Will be truncated by the node if greater 2917 than 4096 bytes. The total message length across all containers 2918 will be limited to 12kb. Defaults to /dev/termination-log. 2919 Cannot be updated.' 2920 type: string 2921 terminationMessagePolicy: 2922 description: Indicate how the termination message should 2923 be populated. File will use the contents of terminationMessagePath 2924 to populate the container status message on both success 2925 and failure. FallbackToLogsOnError will use the last chunk 2926 of container log output if the termination message file 2927 is empty and the container exited with an error. The log 2928 output is limited to 2048 bytes or 80 lines, whichever 2929 is smaller. Defaults to File. Cannot be updated. 2930 type: string 2931 tty: 2932 description: Whether this container should allocate a TTY 2933 for itself, also requires 'stdin' to be true. Default 2934 is false. 2935 type: boolean 2936 volumeDevices: 2937 description: volumeDevices is the list of block devices 2938 to be used by the container. 2939 items: 2940 description: volumeDevice describes a mapping of a raw 2941 block device within a container. 2942 properties: 2943 devicePath: 2944 description: devicePath is the path inside of the 2945 container that the device will be mapped to. 2946 type: string 2947 name: 2948 description: name must match the name of a persistentVolumeClaim 2949 in the pod 2950 type: string 2951 required: 2952 - devicePath 2953 - name 2954 type: object 2955 type: array 2956 volumeMounts: 2957 description: Pod volumes to mount into the container's filesystem. 2958 Cannot be updated. 2959 items: 2960 description: VolumeMount describes a mounting of a Volume 2961 within a container. 2962 properties: 2963 mountPath: 2964 description: Path within the container at which the 2965 volume should be mounted. Must not contain ':'. 2966 type: string 2967 mountPropagation: 2968 description: mountPropagation determines how mounts 2969 are propagated from the host to container and the 2970 other way around. When not set, MountPropagationNone 2971 is used. This field is beta in 1.10. 2972 type: string 2973 name: 2974 description: This must match the Name of a Volume. 2975 type: string 2976 readOnly: 2977 description: Mounted read-only if true, read-write 2978 otherwise (false or unspecified). Defaults to false. 2979 type: boolean 2980 subPath: 2981 description: Path within the volume from which the 2982 container's volume should be mounted. Defaults to 2983 "" (volume's root). 2984 type: string 2985 subPathExpr: 2986 description: Expanded path within the volume from 2987 which the container's volume should be mounted. 2988 Behaves similarly to SubPath but environment variable 2989 references $(VAR_NAME) are expanded using the container's 2990 environment. Defaults to "" (volume's root). SubPathExpr 2991 and SubPath are mutually exclusive. 2992 type: string 2993 required: 2994 - mountPath 2995 - name 2996 type: object 2997 type: array 2998 workingDir: 2999 description: Container's working directory. If not specified, 3000 the container runtime's default will be used, which might 3001 be configured in the container image. Cannot be updated. 3002 type: string 3003 required: 3004 - name 3005 type: object 3006 type: array 3007 logFormat: 3008 description: LogFormat describes the log format that should be 3009 used by the Repo Server. Defaults to ArgoCDDefaultLogFormat 3010 if not configured. Valid options are text or json. 3011 type: string 3012 logLevel: 3013 description: LogLevel describes the log level that should be used 3014 by the Repo Server. Defaults to ArgoCDDefaultLogLevel if not 3015 set. Valid options are debug, info, error, and warn. 3016 type: string 3017 mountsatoken: 3018 description: MountSAToken describes whether you would like to 3019 have the Repo server mount the service account token 3020 type: boolean 3021 replicas: 3022 description: Replicas defines the number of replicas for argocd-repo-server. 3023 Value should be greater than or equal to 0. Default is nil. 3024 format: int32 3025 type: integer 3026 resources: 3027 description: Resources defines the Compute Resources required 3028 by the container for Redis. 3029 properties: 3030 claims: 3031 description: "Claims lists the names of resources, defined 3032 in spec.resourceClaims, that are used by this container. 3033 \n This is an alpha field and requires enabling the DynamicResourceAllocation 3034 feature gate. \n This field is immutable. It can only be 3035 set for containers." 3036 items: 3037 description: ResourceClaim references one entry in PodSpec.ResourceClaims. 3038 properties: 3039 name: 3040 description: Name must match the name of one entry in 3041 pod.spec.resourceClaims of the Pod where this field 3042 is used. It makes that resource available inside a 3043 container. 3044 type: string 3045 required: 3046 - name 3047 type: object 3048 type: array 3049 x-kubernetes-list-map-keys: 3050 - name 3051 x-kubernetes-list-type: map 3052 limits: 3053 additionalProperties: 3054 anyOf: 3055 - type: integer 3056 - type: string 3057 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 3058 x-kubernetes-int-or-string: true 3059 description: 'Limits describes the maximum amount of compute 3060 resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' 3061 type: object 3062 requests: 3063 additionalProperties: 3064 anyOf: 3065 - type: integer 3066 - type: string 3067 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 3068 x-kubernetes-int-or-string: true 3069 description: 'Requests describes the minimum amount of compute 3070 resources required. If Requests is omitted for a container, 3071 it defaults to Limits if that is explicitly specified, otherwise 3072 to an implementation-defined value. Requests cannot exceed 3073 Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' 3074 type: object 3075 type: object 3076 serviceaccount: 3077 description: ServiceAccount defines the ServiceAccount user that 3078 you would like the Repo server to use 3079 type: string 3080 sidecarContainers: 3081 description: SidecarContainers defines the list of sidecar containers 3082 for the repo server deployment 3083 items: 3084 description: A single application container that you want to 3085 run within a pod. 3086 properties: 3087 args: 3088 description: 'Arguments to the entrypoint. The container 3089 image''s CMD is used if this is not provided. Variable 3090 references $(VAR_NAME) are expanded using the container''s 3091 environment. If a variable cannot be resolved, the reference 3092 in the input string will be unchanged. Double $$ are reduced 3093 to a single $, which allows for escaping the $(VAR_NAME) 3094 syntax: i.e. "$$(VAR_NAME)" will produce the string literal 3095 "$(VAR_NAME)". Escaped references will never be expanded, 3096 regardless of whether the variable exists or not. Cannot 3097 be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell' 3098 items: 3099 type: string 3100 type: array 3101 command: 3102 description: 'Entrypoint array. Not executed within a shell. 3103 The container image''s ENTRYPOINT is used if this is not 3104 provided. Variable references $(VAR_NAME) are expanded 3105 using the container''s environment. If a variable cannot 3106 be resolved, the reference in the input string will be 3107 unchanged. Double $$ are reduced to a single $, which 3108 allows for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" 3109 will produce the string literal "$(VAR_NAME)". Escaped 3110 references will never be expanded, regardless of whether 3111 the variable exists or not. Cannot be updated. More info: 3112 https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell' 3113 items: 3114 type: string 3115 type: array 3116 env: 3117 description: List of environment variables to set in the 3118 container. Cannot be updated. 3119 items: 3120 description: EnvVar represents an environment variable 3121 present in a Container. 3122 properties: 3123 name: 3124 description: Name of the environment variable. Must 3125 be a C_IDENTIFIER. 3126 type: string 3127 value: 3128 description: 'Variable references $(VAR_NAME) are 3129 expanded using the previously defined environment 3130 variables in the container and any service environment 3131 variables. If a variable cannot be resolved, the 3132 reference in the input string will be unchanged. 3133 Double $$ are reduced to a single $, which allows 3134 for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" 3135 will produce the string literal "$(VAR_NAME)". Escaped 3136 references will never be expanded, regardless of 3137 whether the variable exists or not. Defaults to 3138 "".' 3139 type: string 3140 valueFrom: 3141 description: Source for the environment variable's 3142 value. Cannot be used if value is not empty. 3143 properties: 3144 configMapKeyRef: 3145 description: Selects a key of a ConfigMap. 3146 properties: 3147 key: 3148 description: The key to select. 3149 type: string 3150 name: 3151 description: 'Name of the referent. More info: 3152 https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 3153 TODO: Add other useful fields. apiVersion, 3154 kind, uid?' 3155 type: string 3156 optional: 3157 description: Specify whether the ConfigMap 3158 or its key must be defined 3159 type: boolean 3160 required: 3161 - key 3162 type: object 3163 fieldRef: 3164 description: 'Selects a field of the pod: supports 3165 metadata.name, metadata.namespace, `metadata.labels[''<KEY>'']`, 3166 `metadata.annotations[''<KEY>'']`, spec.nodeName, 3167 spec.serviceAccountName, status.hostIP, status.podIP, 3168 status.podIPs.' 3169 properties: 3170 apiVersion: 3171 description: Version of the schema the FieldPath 3172 is written in terms of, defaults to "v1". 3173 type: string 3174 fieldPath: 3175 description: Path of the field to select in 3176 the specified API version. 3177 type: string 3178 required: 3179 - fieldPath 3180 type: object 3181 resourceFieldRef: 3182 description: 'Selects a resource of the container: 3183 only resources limits and requests (limits.cpu, 3184 limits.memory, limits.ephemeral-storage, requests.cpu, 3185 requests.memory and requests.ephemeral-storage) 3186 are currently supported.' 3187 properties: 3188 containerName: 3189 description: 'Container name: required for 3190 volumes, optional for env vars' 3191 type: string 3192 divisor: 3193 anyOf: 3194 - type: integer 3195 - type: string 3196 description: Specifies the output format of 3197 the exposed resources, defaults to "1" 3198 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 3199 x-kubernetes-int-or-string: true 3200 resource: 3201 description: 'Required: resource to select' 3202 type: string 3203 required: 3204 - resource 3205 type: object 3206 secretKeyRef: 3207 description: Selects a key of a secret in the 3208 pod's namespace 3209 properties: 3210 key: 3211 description: The key of the secret to select 3212 from. Must be a valid secret key. 3213 type: string 3214 name: 3215 description: 'Name of the referent. More info: 3216 https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 3217 TODO: Add other useful fields. apiVersion, 3218 kind, uid?' 3219 type: string 3220 optional: 3221 description: Specify whether the Secret or 3222 its key must be defined 3223 type: boolean 3224 required: 3225 - key 3226 type: object 3227 type: object 3228 required: 3229 - name 3230 type: object 3231 type: array 3232 envFrom: 3233 description: List of sources to populate environment variables 3234 in the container. The keys defined within a source must 3235 be a C_IDENTIFIER. All invalid keys will be reported as 3236 an event when the container is starting. When a key exists 3237 in multiple sources, the value associated with the last 3238 source will take precedence. Values defined by an Env 3239 with a duplicate key will take precedence. Cannot be updated. 3240 items: 3241 description: EnvFromSource represents the source of a 3242 set of ConfigMaps 3243 properties: 3244 configMapRef: 3245 description: The ConfigMap to select from 3246 properties: 3247 name: 3248 description: 'Name of the referent. More info: 3249 https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 3250 TODO: Add other useful fields. apiVersion, kind, 3251 uid?' 3252 type: string 3253 optional: 3254 description: Specify whether the ConfigMap must 3255 be defined 3256 type: boolean 3257 type: object 3258 prefix: 3259 description: An optional identifier to prepend to 3260 each key in the ConfigMap. Must be a C_IDENTIFIER. 3261 type: string 3262 secretRef: 3263 description: The Secret to select from 3264 properties: 3265 name: 3266 description: 'Name of the referent. More info: 3267 https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 3268 TODO: Add other useful fields. apiVersion, kind, 3269 uid?' 3270 type: string 3271 optional: 3272 description: Specify whether the Secret must be 3273 defined 3274 type: boolean 3275 type: object 3276 type: object 3277 type: array 3278 image: 3279 description: 'Container image name. More info: https://kubernetes.io/docs/concepts/containers/images 3280 This field is optional to allow higher level config management 3281 to default or override container images in workload controllers 3282 like Deployments and StatefulSets.' 3283 type: string 3284 imagePullPolicy: 3285 description: 'Image pull policy. One of Always, Never, IfNotPresent. 3286 Defaults to Always if :latest tag is specified, or IfNotPresent 3287 otherwise. Cannot be updated. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images' 3288 type: string 3289 lifecycle: 3290 description: Actions that the management system should take 3291 in response to container lifecycle events. Cannot be updated. 3292 properties: 3293 postStart: 3294 description: 'PostStart is called immediately after 3295 a container is created. If the handler fails, the 3296 container is terminated and restarted according to 3297 its restart policy. Other management of the container 3298 blocks until the hook completes. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks' 3299 properties: 3300 exec: 3301 description: Exec specifies the action to take. 3302 properties: 3303 command: 3304 description: Command is the command line to 3305 execute inside the container, the working 3306 directory for the command is root ('/') in 3307 the container's filesystem. The command is 3308 simply exec'd, it is not run inside a shell, 3309 so traditional shell instructions ('|', etc) 3310 won't work. To use a shell, you need to explicitly 3311 call out to that shell. Exit status of 0 is 3312 treated as live/healthy and non-zero is unhealthy. 3313 items: 3314 type: string 3315 type: array 3316 type: object 3317 httpGet: 3318 description: HTTPGet specifies the http request 3319 to perform. 3320 properties: 3321 host: 3322 description: Host name to connect to, defaults 3323 to the pod IP. You probably want to set "Host" 3324 in httpHeaders instead. 3325 type: string 3326 httpHeaders: 3327 description: Custom headers to set in the request. 3328 HTTP allows repeated headers. 3329 items: 3330 description: HTTPHeader describes a custom 3331 header to be used in HTTP probes 3332 properties: 3333 name: 3334 description: The header field name. This 3335 will be canonicalized upon output, so 3336 case-variant names will be understood 3337 as the same header. 3338 type: string 3339 value: 3340 description: The header field value 3341 type: string 3342 required: 3343 - name 3344 - value 3345 type: object 3346 type: array 3347 path: 3348 description: Path to access on the HTTP server. 3349 type: string 3350 port: 3351 anyOf: 3352 - type: integer 3353 - type: string 3354 description: Name or number of the port to access 3355 on the container. Number must be in the range 3356 1 to 65535. Name must be an IANA_SVC_NAME. 3357 x-kubernetes-int-or-string: true 3358 scheme: 3359 description: Scheme to use for connecting to 3360 the host. Defaults to HTTP. 3361 type: string 3362 required: 3363 - port 3364 type: object 3365 tcpSocket: 3366 description: Deprecated. TCPSocket is NOT supported 3367 as a LifecycleHandler and kept for the backward 3368 compatibility. There are no validation of this 3369 field and lifecycle hooks will fail in runtime 3370 when tcp handler is specified. 3371 properties: 3372 host: 3373 description: 'Optional: Host name to connect 3374 to, defaults to the pod IP.' 3375 type: string 3376 port: 3377 anyOf: 3378 - type: integer 3379 - type: string 3380 description: Number or name of the port to access 3381 on the container. Number must be in the range 3382 1 to 65535. Name must be an IANA_SVC_NAME. 3383 x-kubernetes-int-or-string: true 3384 required: 3385 - port 3386 type: object 3387 type: object 3388 preStop: 3389 description: 'PreStop is called immediately before a 3390 container is terminated due to an API request or management 3391 event such as liveness/startup probe failure, preemption, 3392 resource contention, etc. The handler is not called 3393 if the container crashes or exits. The Pod''s termination 3394 grace period countdown begins before the PreStop hook 3395 is executed. Regardless of the outcome of the handler, 3396 the container will eventually terminate within the 3397 Pod''s termination grace period (unless delayed by 3398 finalizers). Other management of the container blocks 3399 until the hook completes or until the termination 3400 grace period is reached. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks' 3401 properties: 3402 exec: 3403 description: Exec specifies the action to take. 3404 properties: 3405 command: 3406 description: Command is the command line to 3407 execute inside the container, the working 3408 directory for the command is root ('/') in 3409 the container's filesystem. The command is 3410 simply exec'd, it is not run inside a shell, 3411 so traditional shell instructions ('|', etc) 3412 won't work. To use a shell, you need to explicitly 3413 call out to that shell. Exit status of 0 is 3414 treated as live/healthy and non-zero is unhealthy. 3415 items: 3416 type: string 3417 type: array 3418 type: object 3419 httpGet: 3420 description: HTTPGet specifies the http request 3421 to perform. 3422 properties: 3423 host: 3424 description: Host name to connect to, defaults 3425 to the pod IP. You probably want to set "Host" 3426 in httpHeaders instead. 3427 type: string 3428 httpHeaders: 3429 description: Custom headers to set in the request. 3430 HTTP allows repeated headers. 3431 items: 3432 description: HTTPHeader describes a custom 3433 header to be used in HTTP probes 3434 properties: 3435 name: 3436 description: The header field name. This 3437 will be canonicalized upon output, so 3438 case-variant names will be understood 3439 as the same header. 3440 type: string 3441 value: 3442 description: The header field value 3443 type: string 3444 required: 3445 - name 3446 - value 3447 type: object 3448 type: array 3449 path: 3450 description: Path to access on the HTTP server. 3451 type: string 3452 port: 3453 anyOf: 3454 - type: integer 3455 - type: string 3456 description: Name or number of the port to access 3457 on the container. Number must be in the range 3458 1 to 65535. Name must be an IANA_SVC_NAME. 3459 x-kubernetes-int-or-string: true 3460 scheme: 3461 description: Scheme to use for connecting to 3462 the host. Defaults to HTTP. 3463 type: string 3464 required: 3465 - port 3466 type: object 3467 tcpSocket: 3468 description: Deprecated. TCPSocket is NOT supported 3469 as a LifecycleHandler and kept for the backward 3470 compatibility. There are no validation of this 3471 field and lifecycle hooks will fail in runtime 3472 when tcp handler is specified. 3473 properties: 3474 host: 3475 description: 'Optional: Host name to connect 3476 to, defaults to the pod IP.' 3477 type: string 3478 port: 3479 anyOf: 3480 - type: integer 3481 - type: string 3482 description: Number or name of the port to access 3483 on the container. Number must be in the range 3484 1 to 65535. Name must be an IANA_SVC_NAME. 3485 x-kubernetes-int-or-string: true 3486 required: 3487 - port 3488 type: object 3489 type: object 3490 type: object 3491 livenessProbe: 3492 description: 'Periodic probe of container liveness. Container 3493 will be restarted if the probe fails. Cannot be updated. 3494 More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' 3495 properties: 3496 exec: 3497 description: Exec specifies the action to take. 3498 properties: 3499 command: 3500 description: Command is the command line to execute 3501 inside the container, the working directory for 3502 the command is root ('/') in the container's 3503 filesystem. The command is simply exec'd, it is 3504 not run inside a shell, so traditional shell instructions 3505 ('|', etc) won't work. To use a shell, you need 3506 to explicitly call out to that shell. Exit status 3507 of 0 is treated as live/healthy and non-zero is 3508 unhealthy. 3509 items: 3510 type: string 3511 type: array 3512 type: object 3513 failureThreshold: 3514 description: Minimum consecutive failures for the probe 3515 to be considered failed after having succeeded. Defaults 3516 to 3. Minimum value is 1. 3517 format: int32 3518 type: integer 3519 grpc: 3520 description: GRPC specifies an action involving a GRPC 3521 port. 3522 properties: 3523 port: 3524 description: Port number of the gRPC service. Number 3525 must be in the range 1 to 65535. 3526 format: int32 3527 type: integer 3528 service: 3529 description: "Service is the name of the service 3530 to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). 3531 \n If this is not specified, the default behavior 3532 is defined by gRPC." 3533 type: string 3534 required: 3535 - port 3536 type: object 3537 httpGet: 3538 description: HTTPGet specifies the http request to perform. 3539 properties: 3540 host: 3541 description: Host name to connect to, defaults to 3542 the pod IP. You probably want to set "Host" in 3543 httpHeaders instead. 3544 type: string 3545 httpHeaders: 3546 description: Custom headers to set in the request. 3547 HTTP allows repeated headers. 3548 items: 3549 description: HTTPHeader describes a custom header 3550 to be used in HTTP probes 3551 properties: 3552 name: 3553 description: The header field name. This will 3554 be canonicalized upon output, so case-variant 3555 names will be understood as the same header. 3556 type: string 3557 value: 3558 description: The header field value 3559 type: string 3560 required: 3561 - name 3562 - value 3563 type: object 3564 type: array 3565 path: 3566 description: Path to access on the HTTP server. 3567 type: string 3568 port: 3569 anyOf: 3570 - type: integer 3571 - type: string 3572 description: Name or number of the port to access 3573 on the container. Number must be in the range 3574 1 to 65535. Name must be an IANA_SVC_NAME. 3575 x-kubernetes-int-or-string: true 3576 scheme: 3577 description: Scheme to use for connecting to the 3578 host. Defaults to HTTP. 3579 type: string 3580 required: 3581 - port 3582 type: object 3583 initialDelaySeconds: 3584 description: 'Number of seconds after the container 3585 has started before liveness probes are initiated. 3586 More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' 3587 format: int32 3588 type: integer 3589 periodSeconds: 3590 description: How often (in seconds) to perform the probe. 3591 Default to 10 seconds. Minimum value is 1. 3592 format: int32 3593 type: integer 3594 successThreshold: 3595 description: Minimum consecutive successes for the probe 3596 to be considered successful after having failed. Defaults 3597 to 1. Must be 1 for liveness and startup. Minimum 3598 value is 1. 3599 format: int32 3600 type: integer 3601 tcpSocket: 3602 description: TCPSocket specifies an action involving 3603 a TCP port. 3604 properties: 3605 host: 3606 description: 'Optional: Host name to connect to, 3607 defaults to the pod IP.' 3608 type: string 3609 port: 3610 anyOf: 3611 - type: integer 3612 - type: string 3613 description: Number or name of the port to access 3614 on the container. Number must be in the range 3615 1 to 65535. Name must be an IANA_SVC_NAME. 3616 x-kubernetes-int-or-string: true 3617 required: 3618 - port 3619 type: object 3620 terminationGracePeriodSeconds: 3621 description: Optional duration in seconds the pod needs 3622 to terminate gracefully upon probe failure. The grace 3623 period is the duration in seconds after the processes 3624 running in the pod are sent a termination signal and 3625 the time when the processes are forcibly halted with 3626 a kill signal. Set this value longer than the expected 3627 cleanup time for your process. If this value is nil, 3628 the pod's terminationGracePeriodSeconds will be used. 3629 Otherwise, this value overrides the value provided 3630 by the pod spec. Value must be non-negative integer. 3631 The value zero indicates stop immediately via the 3632 kill signal (no opportunity to shut down). This is 3633 a beta field and requires enabling ProbeTerminationGracePeriod 3634 feature gate. Minimum value is 1. spec.terminationGracePeriodSeconds 3635 is used if unset. 3636 format: int64 3637 type: integer 3638 timeoutSeconds: 3639 description: 'Number of seconds after which the probe 3640 times out. Defaults to 1 second. Minimum value is 3641 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' 3642 format: int32 3643 type: integer 3644 type: object 3645 name: 3646 description: Name of the container specified as a DNS_LABEL. 3647 Each container in a pod must have a unique name (DNS_LABEL). 3648 Cannot be updated. 3649 type: string 3650 ports: 3651 description: List of ports to expose from the container. 3652 Not specifying a port here DOES NOT prevent that port 3653 from being exposed. Any port which is listening on the 3654 default "0.0.0.0" address inside a container will be accessible 3655 from the network. Modifying this array with strategic 3656 merge patch may corrupt the data. For more information 3657 See https://github.com/kubernetes/kubernetes/issues/108255. 3658 Cannot be updated. 3659 items: 3660 description: ContainerPort represents a network port in 3661 a single container. 3662 properties: 3663 containerPort: 3664 description: Number of port to expose on the pod's 3665 IP address. This must be a valid port number, 0 3666 < x < 65536. 3667 format: int32 3668 type: integer 3669 hostIP: 3670 description: What host IP to bind the external port 3671 to. 3672 type: string 3673 hostPort: 3674 description: Number of port to expose on the host. 3675 If specified, this must be a valid port number, 3676 0 < x < 65536. If HostNetwork is specified, this 3677 must match ContainerPort. Most containers do not 3678 need this. 3679 format: int32 3680 type: integer 3681 name: 3682 description: If specified, this must be an IANA_SVC_NAME 3683 and unique within the pod. Each named port in a 3684 pod must have a unique name. Name for the port that 3685 can be referred to by services. 3686 type: string 3687 protocol: 3688 default: TCP 3689 description: Protocol for port. Must be UDP, TCP, 3690 or SCTP. Defaults to "TCP". 3691 type: string 3692 required: 3693 - containerPort 3694 type: object 3695 type: array 3696 x-kubernetes-list-map-keys: 3697 - containerPort 3698 - protocol 3699 x-kubernetes-list-type: map 3700 readinessProbe: 3701 description: 'Periodic probe of container service readiness. 3702 Container will be removed from service endpoints if the 3703 probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' 3704 properties: 3705 exec: 3706 description: Exec specifies the action to take. 3707 properties: 3708 command: 3709 description: Command is the command line to execute 3710 inside the container, the working directory for 3711 the command is root ('/') in the container's 3712 filesystem. The command is simply exec'd, it is 3713 not run inside a shell, so traditional shell instructions 3714 ('|', etc) won't work. To use a shell, you need 3715 to explicitly call out to that shell. Exit status 3716 of 0 is treated as live/healthy and non-zero is 3717 unhealthy. 3718 items: 3719 type: string 3720 type: array 3721 type: object 3722 failureThreshold: 3723 description: Minimum consecutive failures for the probe 3724 to be considered failed after having succeeded. Defaults 3725 to 3. Minimum value is 1. 3726 format: int32 3727 type: integer 3728 grpc: 3729 description: GRPC specifies an action involving a GRPC 3730 port. 3731 properties: 3732 port: 3733 description: Port number of the gRPC service. Number 3734 must be in the range 1 to 65535. 3735 format: int32 3736 type: integer 3737 service: 3738 description: "Service is the name of the service 3739 to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). 3740 \n If this is not specified, the default behavior 3741 is defined by gRPC." 3742 type: string 3743 required: 3744 - port 3745 type: object 3746 httpGet: 3747 description: HTTPGet specifies the http request to perform. 3748 properties: 3749 host: 3750 description: Host name to connect to, defaults to 3751 the pod IP. You probably want to set "Host" in 3752 httpHeaders instead. 3753 type: string 3754 httpHeaders: 3755 description: Custom headers to set in the request. 3756 HTTP allows repeated headers. 3757 items: 3758 description: HTTPHeader describes a custom header 3759 to be used in HTTP probes 3760 properties: 3761 name: 3762 description: The header field name. This will 3763 be canonicalized upon output, so case-variant 3764 names will be understood as the same header. 3765 type: string 3766 value: 3767 description: The header field value 3768 type: string 3769 required: 3770 - name 3771 - value 3772 type: object 3773 type: array 3774 path: 3775 description: Path to access on the HTTP server. 3776 type: string 3777 port: 3778 anyOf: 3779 - type: integer 3780 - type: string 3781 description: Name or number of the port to access 3782 on the container. Number must be in the range 3783 1 to 65535. Name must be an IANA_SVC_NAME. 3784 x-kubernetes-int-or-string: true 3785 scheme: 3786 description: Scheme to use for connecting to the 3787 host. Defaults to HTTP. 3788 type: string 3789 required: 3790 - port 3791 type: object 3792 initialDelaySeconds: 3793 description: 'Number of seconds after the container 3794 has started before liveness probes are initiated. 3795 More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' 3796 format: int32 3797 type: integer 3798 periodSeconds: 3799 description: How often (in seconds) to perform the probe. 3800 Default to 10 seconds. Minimum value is 1. 3801 format: int32 3802 type: integer 3803 successThreshold: 3804 description: Minimum consecutive successes for the probe 3805 to be considered successful after having failed. Defaults 3806 to 1. Must be 1 for liveness and startup. Minimum 3807 value is 1. 3808 format: int32 3809 type: integer 3810 tcpSocket: 3811 description: TCPSocket specifies an action involving 3812 a TCP port. 3813 properties: 3814 host: 3815 description: 'Optional: Host name to connect to, 3816 defaults to the pod IP.' 3817 type: string 3818 port: 3819 anyOf: 3820 - type: integer 3821 - type: string 3822 description: Number or name of the port to access 3823 on the container. Number must be in the range 3824 1 to 65535. Name must be an IANA_SVC_NAME. 3825 x-kubernetes-int-or-string: true 3826 required: 3827 - port 3828 type: object 3829 terminationGracePeriodSeconds: 3830 description: Optional duration in seconds the pod needs 3831 to terminate gracefully upon probe failure. The grace 3832 period is the duration in seconds after the processes 3833 running in the pod are sent a termination signal and 3834 the time when the processes are forcibly halted with 3835 a kill signal. Set this value longer than the expected 3836 cleanup time for your process. If this value is nil, 3837 the pod's terminationGracePeriodSeconds will be used. 3838 Otherwise, this value overrides the value provided 3839 by the pod spec. Value must be non-negative integer. 3840 The value zero indicates stop immediately via the 3841 kill signal (no opportunity to shut down). This is 3842 a beta field and requires enabling ProbeTerminationGracePeriod 3843 feature gate. Minimum value is 1. spec.terminationGracePeriodSeconds 3844 is used if unset. 3845 format: int64 3846 type: integer 3847 timeoutSeconds: 3848 description: 'Number of seconds after which the probe 3849 times out. Defaults to 1 second. Minimum value is 3850 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' 3851 format: int32 3852 type: integer 3853 type: object 3854 resizePolicy: 3855 description: Resources resize policy for the container. 3856 items: 3857 description: ContainerResizePolicy represents resource 3858 resize policy for the container. 3859 properties: 3860 resourceName: 3861 description: 'Name of the resource to which this resource 3862 resize policy applies. Supported values: cpu, memory.' 3863 type: string 3864 restartPolicy: 3865 description: Restart policy to apply when specified 3866 resource is resized. If not specified, it defaults 3867 to NotRequired. 3868 type: string 3869 required: 3870 - resourceName 3871 - restartPolicy 3872 type: object 3873 type: array 3874 x-kubernetes-list-type: atomic 3875 resources: 3876 description: 'Compute Resources required by this container. 3877 Cannot be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' 3878 properties: 3879 claims: 3880 description: "Claims lists the names of resources, defined 3881 in spec.resourceClaims, that are used by this container. 3882 \n This is an alpha field and requires enabling the 3883 DynamicResourceAllocation feature gate. \n This field 3884 is immutable. It can only be set for containers." 3885 items: 3886 description: ResourceClaim references one entry in 3887 PodSpec.ResourceClaims. 3888 properties: 3889 name: 3890 description: Name must match the name of one entry 3891 in pod.spec.resourceClaims of the Pod where 3892 this field is used. It makes that resource available 3893 inside a container. 3894 type: string 3895 required: 3896 - name 3897 type: object 3898 type: array 3899 x-kubernetes-list-map-keys: 3900 - name 3901 x-kubernetes-list-type: map 3902 limits: 3903 additionalProperties: 3904 anyOf: 3905 - type: integer 3906 - type: string 3907 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 3908 x-kubernetes-int-or-string: true 3909 description: 'Limits describes the maximum amount of 3910 compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' 3911 type: object 3912 requests: 3913 additionalProperties: 3914 anyOf: 3915 - type: integer 3916 - type: string 3917 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 3918 x-kubernetes-int-or-string: true 3919 description: 'Requests describes the minimum amount 3920 of compute resources required. If Requests is omitted 3921 for a container, it defaults to Limits if that is 3922 explicitly specified, otherwise to an implementation-defined 3923 value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' 3924 type: object 3925 type: object 3926 restartPolicy: 3927 description: 'RestartPolicy defines the restart behavior 3928 of individual containers in a pod. This field may only 3929 be set for init containers, and the only allowed value 3930 is "Always". For non-init containers or when this field 3931 is not specified, the restart behavior is defined by the 3932 Pod''s restart policy and the container type. Setting 3933 the RestartPolicy as "Always" for the init container will 3934 have the following effect: this init container will be 3935 continually restarted on exit until all regular containers 3936 have terminated. Once all regular containers have completed, 3937 all init containers with restartPolicy "Always" will be 3938 shut down. This lifecycle differs from normal init containers 3939 and is often referred to as a "sidecar" container. Although 3940 this init container still starts in the init container 3941 sequence, it does not wait for the container to complete 3942 before proceeding to the next init container. Instead, 3943 the next init container starts immediately after this 3944 init container is started, or after any startupProbe has 3945 successfully completed.' 3946 type: string 3947 securityContext: 3948 description: 'SecurityContext defines the security options 3949 the container should be run with. If set, the fields of 3950 SecurityContext override the equivalent fields of PodSecurityContext. 3951 More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/' 3952 properties: 3953 allowPrivilegeEscalation: 3954 description: 'AllowPrivilegeEscalation controls whether 3955 a process can gain more privileges than its parent 3956 process. This bool directly controls if the no_new_privs 3957 flag will be set on the container process. AllowPrivilegeEscalation 3958 is true always when the container is: 1) run as Privileged 3959 2) has CAP_SYS_ADMIN Note that this field cannot be 3960 set when spec.os.name is windows.' 3961 type: boolean 3962 capabilities: 3963 description: The capabilities to add/drop when running 3964 containers. Defaults to the default set of capabilities 3965 granted by the container runtime. Note that this field 3966 cannot be set when spec.os.name is windows. 3967 properties: 3968 add: 3969 description: Added capabilities 3970 items: 3971 description: Capability represent POSIX capabilities 3972 type 3973 type: string 3974 type: array 3975 drop: 3976 description: Removed capabilities 3977 items: 3978 description: Capability represent POSIX capabilities 3979 type 3980 type: string 3981 type: array 3982 type: object 3983 privileged: 3984 description: Run container in privileged mode. Processes 3985 in privileged containers are essentially equivalent 3986 to root on the host. Defaults to false. Note that 3987 this field cannot be set when spec.os.name is windows. 3988 type: boolean 3989 procMount: 3990 description: procMount denotes the type of proc mount 3991 to use for the containers. The default is DefaultProcMount 3992 which uses the container runtime defaults for readonly 3993 paths and masked paths. This requires the ProcMountType 3994 feature flag to be enabled. Note that this field cannot 3995 be set when spec.os.name is windows. 3996 type: string 3997 readOnlyRootFilesystem: 3998 description: Whether this container has a read-only 3999 root filesystem. Default is false. Note that this 4000 field cannot be set when spec.os.name is windows. 4001 type: boolean 4002 runAsGroup: 4003 description: The GID to run the entrypoint of the container 4004 process. Uses runtime default if unset. May also be 4005 set in PodSecurityContext. If set in both SecurityContext 4006 and PodSecurityContext, the value specified in SecurityContext 4007 takes precedence. Note that this field cannot be set 4008 when spec.os.name is windows. 4009 format: int64 4010 type: integer 4011 runAsNonRoot: 4012 description: Indicates that the container must run as 4013 a non-root user. If true, the Kubelet will validate 4014 the image at runtime to ensure that it does not run 4015 as UID 0 (root) and fail to start the container if 4016 it does. If unset or false, no such validation will 4017 be performed. May also be set in PodSecurityContext. If 4018 set in both SecurityContext and PodSecurityContext, 4019 the value specified in SecurityContext takes precedence. 4020 type: boolean 4021 runAsUser: 4022 description: The UID to run the entrypoint of the container 4023 process. Defaults to user specified in image metadata 4024 if unspecified. May also be set in PodSecurityContext. If 4025 set in both SecurityContext and PodSecurityContext, 4026 the value specified in SecurityContext takes precedence. 4027 Note that this field cannot be set when spec.os.name 4028 is windows. 4029 format: int64 4030 type: integer 4031 seLinuxOptions: 4032 description: The SELinux context to be applied to the 4033 container. If unspecified, the container runtime will 4034 allocate a random SELinux context for each container. May 4035 also be set in PodSecurityContext. If set in both 4036 SecurityContext and PodSecurityContext, the value 4037 specified in SecurityContext takes precedence. Note 4038 that this field cannot be set when spec.os.name is 4039 windows. 4040 properties: 4041 level: 4042 description: Level is SELinux level label that applies 4043 to the container. 4044 type: string 4045 role: 4046 description: Role is a SELinux role label that applies 4047 to the container. 4048 type: string 4049 type: 4050 description: Type is a SELinux type label that applies 4051 to the container. 4052 type: string 4053 user: 4054 description: User is a SELinux user label that applies 4055 to the container. 4056 type: string 4057 type: object 4058 seccompProfile: 4059 description: The seccomp options to use by this container. 4060 If seccomp options are provided at both the pod & 4061 container level, the container options override the 4062 pod options. Note that this field cannot be set when 4063 spec.os.name is windows. 4064 properties: 4065 localhostProfile: 4066 description: localhostProfile indicates a profile 4067 defined in a file on the node should be used. 4068 The profile must be preconfigured on the node 4069 to work. Must be a descending path, relative to 4070 the kubelet's configured seccomp profile location. 4071 Must be set if type is "Localhost". Must NOT be 4072 set for any other type. 4073 type: string 4074 type: 4075 description: "type indicates which kind of seccomp 4076 profile will be applied. Valid options are: \n 4077 Localhost - a profile defined in a file on the 4078 node should be used. RuntimeDefault - the container 4079 runtime default profile should be used. Unconfined 4080 - no profile should be applied." 4081 type: string 4082 required: 4083 - type 4084 type: object 4085 windowsOptions: 4086 description: The Windows specific settings applied to 4087 all containers. If unspecified, the options from the 4088 PodSecurityContext will be used. If set in both SecurityContext 4089 and PodSecurityContext, the value specified in SecurityContext 4090 takes precedence. Note that this field cannot be set 4091 when spec.os.name is linux. 4092 properties: 4093 gmsaCredentialSpec: 4094 description: GMSACredentialSpec is where the GMSA 4095 admission webhook (https://github.com/kubernetes-sigs/windows-gmsa) 4096 inlines the contents of the GMSA credential spec 4097 named by the GMSACredentialSpecName field. 4098 type: string 4099 gmsaCredentialSpecName: 4100 description: GMSACredentialSpecName is the name 4101 of the GMSA credential spec to use. 4102 type: string 4103 hostProcess: 4104 description: HostProcess determines if a container 4105 should be run as a 'Host Process' container. All 4106 of a Pod's containers must have the same effective 4107 HostProcess value (it is not allowed to have a 4108 mix of HostProcess containers and non-HostProcess 4109 containers). In addition, if HostProcess is true 4110 then HostNetwork must also be set to true. 4111 type: boolean 4112 runAsUserName: 4113 description: The UserName in Windows to run the 4114 entrypoint of the container process. Defaults 4115 to the user specified in image metadata if unspecified. 4116 May also be set in PodSecurityContext. If set 4117 in both SecurityContext and PodSecurityContext, 4118 the value specified in SecurityContext takes precedence. 4119 type: string 4120 type: object 4121 type: object 4122 startupProbe: 4123 description: 'StartupProbe indicates that the Pod has successfully 4124 initialized. If specified, no other probes are executed 4125 until this completes successfully. If this probe fails, 4126 the Pod will be restarted, just as if the livenessProbe 4127 failed. This can be used to provide different probe parameters 4128 at the beginning of a Pod''s lifecycle, when it might 4129 take a long time to load data or warm a cache, than during 4130 steady-state operation. This cannot be updated. More info: 4131 https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' 4132 properties: 4133 exec: 4134 description: Exec specifies the action to take. 4135 properties: 4136 command: 4137 description: Command is the command line to execute 4138 inside the container, the working directory for 4139 the command is root ('/') in the container's 4140 filesystem. The command is simply exec'd, it is 4141 not run inside a shell, so traditional shell instructions 4142 ('|', etc) won't work. To use a shell, you need 4143 to explicitly call out to that shell. Exit status 4144 of 0 is treated as live/healthy and non-zero is 4145 unhealthy. 4146 items: 4147 type: string 4148 type: array 4149 type: object 4150 failureThreshold: 4151 description: Minimum consecutive failures for the probe 4152 to be considered failed after having succeeded. Defaults 4153 to 3. Minimum value is 1. 4154 format: int32 4155 type: integer 4156 grpc: 4157 description: GRPC specifies an action involving a GRPC 4158 port. 4159 properties: 4160 port: 4161 description: Port number of the gRPC service. Number 4162 must be in the range 1 to 65535. 4163 format: int32 4164 type: integer 4165 service: 4166 description: "Service is the name of the service 4167 to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). 4168 \n If this is not specified, the default behavior 4169 is defined by gRPC." 4170 type: string 4171 required: 4172 - port 4173 type: object 4174 httpGet: 4175 description: HTTPGet specifies the http request to perform. 4176 properties: 4177 host: 4178 description: Host name to connect to, defaults to 4179 the pod IP. You probably want to set "Host" in 4180 httpHeaders instead. 4181 type: string 4182 httpHeaders: 4183 description: Custom headers to set in the request. 4184 HTTP allows repeated headers. 4185 items: 4186 description: HTTPHeader describes a custom header 4187 to be used in HTTP probes 4188 properties: 4189 name: 4190 description: The header field name. This will 4191 be canonicalized upon output, so case-variant 4192 names will be understood as the same header. 4193 type: string 4194 value: 4195 description: The header field value 4196 type: string 4197 required: 4198 - name 4199 - value 4200 type: object 4201 type: array 4202 path: 4203 description: Path to access on the HTTP server. 4204 type: string 4205 port: 4206 anyOf: 4207 - type: integer 4208 - type: string 4209 description: Name or number of the port to access 4210 on the container. Number must be in the range 4211 1 to 65535. Name must be an IANA_SVC_NAME. 4212 x-kubernetes-int-or-string: true 4213 scheme: 4214 description: Scheme to use for connecting to the 4215 host. Defaults to HTTP. 4216 type: string 4217 required: 4218 - port 4219 type: object 4220 initialDelaySeconds: 4221 description: 'Number of seconds after the container 4222 has started before liveness probes are initiated. 4223 More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' 4224 format: int32 4225 type: integer 4226 periodSeconds: 4227 description: How often (in seconds) to perform the probe. 4228 Default to 10 seconds. Minimum value is 1. 4229 format: int32 4230 type: integer 4231 successThreshold: 4232 description: Minimum consecutive successes for the probe 4233 to be considered successful after having failed. Defaults 4234 to 1. Must be 1 for liveness and startup. Minimum 4235 value is 1. 4236 format: int32 4237 type: integer 4238 tcpSocket: 4239 description: TCPSocket specifies an action involving 4240 a TCP port. 4241 properties: 4242 host: 4243 description: 'Optional: Host name to connect to, 4244 defaults to the pod IP.' 4245 type: string 4246 port: 4247 anyOf: 4248 - type: integer 4249 - type: string 4250 description: Number or name of the port to access 4251 on the container. Number must be in the range 4252 1 to 65535. Name must be an IANA_SVC_NAME. 4253 x-kubernetes-int-or-string: true 4254 required: 4255 - port 4256 type: object 4257 terminationGracePeriodSeconds: 4258 description: Optional duration in seconds the pod needs 4259 to terminate gracefully upon probe failure. The grace 4260 period is the duration in seconds after the processes 4261 running in the pod are sent a termination signal and 4262 the time when the processes are forcibly halted with 4263 a kill signal. Set this value longer than the expected 4264 cleanup time for your process. If this value is nil, 4265 the pod's terminationGracePeriodSeconds will be used. 4266 Otherwise, this value overrides the value provided 4267 by the pod spec. Value must be non-negative integer. 4268 The value zero indicates stop immediately via the 4269 kill signal (no opportunity to shut down). This is 4270 a beta field and requires enabling ProbeTerminationGracePeriod 4271 feature gate. Minimum value is 1. spec.terminationGracePeriodSeconds 4272 is used if unset. 4273 format: int64 4274 type: integer 4275 timeoutSeconds: 4276 description: 'Number of seconds after which the probe 4277 times out. Defaults to 1 second. Minimum value is 4278 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' 4279 format: int32 4280 type: integer 4281 type: object 4282 stdin: 4283 description: Whether this container should allocate a buffer 4284 for stdin in the container runtime. If this is not set, 4285 reads from stdin in the container will always result in 4286 EOF. Default is false. 4287 type: boolean 4288 stdinOnce: 4289 description: Whether the container runtime should close 4290 the stdin channel after it has been opened by a single 4291 attach. When stdin is true the stdin stream will remain 4292 open across multiple attach sessions. If stdinOnce is 4293 set to true, stdin is opened on container start, is empty 4294 until the first client attaches to stdin, and then remains 4295 open and accepts data until the client disconnects, at 4296 which time stdin is closed and remains closed until the 4297 container is restarted. If this flag is false, a container 4298 processes that reads from stdin will never receive an 4299 EOF. Default is false 4300 type: boolean 4301 terminationMessagePath: 4302 description: 'Optional: Path at which the file to which 4303 the container''s termination message will be written is 4304 mounted into the container''s filesystem. Message written 4305 is intended to be brief final status, such as an assertion 4306 failure message. Will be truncated by the node if greater 4307 than 4096 bytes. The total message length across all containers 4308 will be limited to 12kb. Defaults to /dev/termination-log. 4309 Cannot be updated.' 4310 type: string 4311 terminationMessagePolicy: 4312 description: Indicate how the termination message should 4313 be populated. File will use the contents of terminationMessagePath 4314 to populate the container status message on both success 4315 and failure. FallbackToLogsOnError will use the last chunk 4316 of container log output if the termination message file 4317 is empty and the container exited with an error. The log 4318 output is limited to 2048 bytes or 80 lines, whichever 4319 is smaller. Defaults to File. Cannot be updated. 4320 type: string 4321 tty: 4322 description: Whether this container should allocate a TTY 4323 for itself, also requires 'stdin' to be true. Default 4324 is false. 4325 type: boolean 4326 volumeDevices: 4327 description: volumeDevices is the list of block devices 4328 to be used by the container. 4329 items: 4330 description: volumeDevice describes a mapping of a raw 4331 block device within a container. 4332 properties: 4333 devicePath: 4334 description: devicePath is the path inside of the 4335 container that the device will be mapped to. 4336 type: string 4337 name: 4338 description: name must match the name of a persistentVolumeClaim 4339 in the pod 4340 type: string 4341 required: 4342 - devicePath 4343 - name 4344 type: object 4345 type: array 4346 volumeMounts: 4347 description: Pod volumes to mount into the container's filesystem. 4348 Cannot be updated. 4349 items: 4350 description: VolumeMount describes a mounting of a Volume 4351 within a container. 4352 properties: 4353 mountPath: 4354 description: Path within the container at which the 4355 volume should be mounted. Must not contain ':'. 4356 type: string 4357 mountPropagation: 4358 description: mountPropagation determines how mounts 4359 are propagated from the host to container and the 4360 other way around. When not set, MountPropagationNone 4361 is used. This field is beta in 1.10. 4362 type: string 4363 name: 4364 description: This must match the Name of a Volume. 4365 type: string 4366 readOnly: 4367 description: Mounted read-only if true, read-write 4368 otherwise (false or unspecified). Defaults to false. 4369 type: boolean 4370 subPath: 4371 description: Path within the volume from which the 4372 container's volume should be mounted. Defaults to 4373 "" (volume's root). 4374 type: string 4375 subPathExpr: 4376 description: Expanded path within the volume from 4377 which the container's volume should be mounted. 4378 Behaves similarly to SubPath but environment variable 4379 references $(VAR_NAME) are expanded using the container's 4380 environment. Defaults to "" (volume's root). SubPathExpr 4381 and SubPath are mutually exclusive. 4382 type: string 4383 required: 4384 - mountPath 4385 - name 4386 type: object 4387 type: array 4388 workingDir: 4389 description: Container's working directory. If not specified, 4390 the container runtime's default will be used, which might 4391 be configured in the container image. Cannot be updated. 4392 type: string 4393 required: 4394 - name 4395 type: object 4396 type: array 4397 verifytls: 4398 description: VerifyTLS defines whether repo server API should 4399 be accessed using strict TLS validation 4400 type: boolean 4401 version: 4402 description: Version is the ArgoCD Repo Server container image 4403 tag. 4404 type: string 4405 volumeMounts: 4406 description: VolumeMounts adds volumeMounts to the repo server 4407 container 4408 items: 4409 description: VolumeMount describes a mounting of a Volume within 4410 a container. 4411 properties: 4412 mountPath: 4413 description: Path within the container at which the volume 4414 should be mounted. Must not contain ':'. 4415 type: string 4416 mountPropagation: 4417 description: mountPropagation determines how mounts are 4418 propagated from the host to container and the other way 4419 around. When not set, MountPropagationNone is used. This 4420 field is beta in 1.10. 4421 type: string 4422 name: 4423 description: This must match the Name of a Volume. 4424 type: string 4425 readOnly: 4426 description: Mounted read-only if true, read-write otherwise 4427 (false or unspecified). Defaults to false. 4428 type: boolean 4429 subPath: 4430 description: Path within the volume from which the container's 4431 volume should be mounted. Defaults to "" (volume's root). 4432 type: string 4433 subPathExpr: 4434 description: Expanded path within the volume from which 4435 the container's volume should be mounted. Behaves similarly 4436 to SubPath but environment variable references $(VAR_NAME) 4437 are expanded using the container's environment. Defaults 4438 to "" (volume's root). SubPathExpr and SubPath are mutually 4439 exclusive. 4440 type: string 4441 required: 4442 - mountPath 4443 - name 4444 type: object 4445 type: array 4446 volumes: 4447 description: Volumes adds volumes to the repo server deployment 4448 items: 4449 description: Volume represents a named volume in a pod that 4450 may be accessed by any container in the pod. 4451 properties: 4452 awsElasticBlockStore: 4453 description: 'awsElasticBlockStore represents an AWS Disk 4454 resource that is attached to a kubelet''s host machine 4455 and then exposed to the pod. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore' 4456 properties: 4457 fsType: 4458 description: 'fsType is the filesystem type of the volume 4459 that you want to mount. Tip: Ensure that the filesystem 4460 type is supported by the host operating system. Examples: 4461 "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" 4462 if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore 4463 TODO: how do we prevent errors in the filesystem from 4464 compromising the machine' 4465 type: string 4466 partition: 4467 description: 'partition is the partition in the volume 4468 that you want to mount. If omitted, the default is 4469 to mount by volume name. Examples: For volume /dev/sda1, 4470 you specify the partition as "1". Similarly, the volume 4471 partition for /dev/sda is "0" (or you can leave the 4472 property empty).' 4473 format: int32 4474 type: integer 4475 readOnly: 4476 description: 'readOnly value true will force the readOnly 4477 setting in VolumeMounts. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore' 4478 type: boolean 4479 volumeID: 4480 description: 'volumeID is unique ID of the persistent 4481 disk resource in AWS (Amazon EBS volume). More info: 4482 https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore' 4483 type: string 4484 required: 4485 - volumeID 4486 type: object 4487 azureDisk: 4488 description: azureDisk represents an Azure Data Disk mount 4489 on the host and bind mount to the pod. 4490 properties: 4491 cachingMode: 4492 description: 'cachingMode is the Host Caching mode: 4493 None, Read Only, Read Write.' 4494 type: string 4495 diskName: 4496 description: diskName is the Name of the data disk in 4497 the blob storage 4498 type: string 4499 diskURI: 4500 description: diskURI is the URI of data disk in the 4501 blob storage 4502 type: string 4503 fsType: 4504 description: fsType is Filesystem type to mount. Must 4505 be a filesystem type supported by the host operating 4506 system. Ex. "ext4", "xfs", "ntfs". Implicitly inferred 4507 to be "ext4" if unspecified. 4508 type: string 4509 kind: 4510 description: 'kind expected values are Shared: multiple 4511 blob disks per storage account Dedicated: single 4512 blob disk per storage account Managed: azure managed 4513 data disk (only in managed availability set). defaults 4514 to shared' 4515 type: string 4516 readOnly: 4517 description: readOnly Defaults to false (read/write). 4518 ReadOnly here will force the ReadOnly setting in VolumeMounts. 4519 type: boolean 4520 required: 4521 - diskName 4522 - diskURI 4523 type: object 4524 azureFile: 4525 description: azureFile represents an Azure File Service 4526 mount on the host and bind mount to the pod. 4527 properties: 4528 readOnly: 4529 description: readOnly defaults to false (read/write). 4530 ReadOnly here will force the ReadOnly setting in VolumeMounts. 4531 type: boolean 4532 secretName: 4533 description: secretName is the name of secret that 4534 contains Azure Storage Account Name and Key 4535 type: string 4536 shareName: 4537 description: shareName is the azure share Name 4538 type: string 4539 required: 4540 - secretName 4541 - shareName 4542 type: object 4543 cephfs: 4544 description: cephFS represents a Ceph FS mount on the host 4545 that shares a pod's lifetime 4546 properties: 4547 monitors: 4548 description: 'monitors is Required: Monitors is a collection 4549 of Ceph monitors More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it' 4550 items: 4551 type: string 4552 type: array 4553 path: 4554 description: 'path is Optional: Used as the mounted 4555 root, rather than the full Ceph tree, default is /' 4556 type: string 4557 readOnly: 4558 description: 'readOnly is Optional: Defaults to false 4559 (read/write). ReadOnly here will force the ReadOnly 4560 setting in VolumeMounts. More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it' 4561 type: boolean 4562 secretFile: 4563 description: 'secretFile is Optional: SecretFile is 4564 the path to key ring for User, default is /etc/ceph/user.secret 4565 More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it' 4566 type: string 4567 secretRef: 4568 description: 'secretRef is Optional: SecretRef is reference 4569 to the authentication secret for User, default is 4570 empty. More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it' 4571 properties: 4572 name: 4573 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 4574 TODO: Add other useful fields. apiVersion, kind, 4575 uid?' 4576 type: string 4577 type: object 4578 user: 4579 description: 'user is optional: User is the rados user 4580 name, default is admin More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it' 4581 type: string 4582 required: 4583 - monitors 4584 type: object 4585 cinder: 4586 description: 'cinder represents a cinder volume attached 4587 and mounted on kubelets host machine. More info: https://examples.k8s.io/mysql-cinder-pd/README.md' 4588 properties: 4589 fsType: 4590 description: 'fsType is the filesystem type to mount. 4591 Must be a filesystem type supported by the host operating 4592 system. Examples: "ext4", "xfs", "ntfs". Implicitly 4593 inferred to be "ext4" if unspecified. More info: https://examples.k8s.io/mysql-cinder-pd/README.md' 4594 type: string 4595 readOnly: 4596 description: 'readOnly defaults to false (read/write). 4597 ReadOnly here will force the ReadOnly setting in VolumeMounts. 4598 More info: https://examples.k8s.io/mysql-cinder-pd/README.md' 4599 type: boolean 4600 secretRef: 4601 description: 'secretRef is optional: points to a secret 4602 object containing parameters used to connect to OpenStack.' 4603 properties: 4604 name: 4605 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 4606 TODO: Add other useful fields. apiVersion, kind, 4607 uid?' 4608 type: string 4609 type: object 4610 volumeID: 4611 description: 'volumeID used to identify the volume in 4612 cinder. More info: https://examples.k8s.io/mysql-cinder-pd/README.md' 4613 type: string 4614 required: 4615 - volumeID 4616 type: object 4617 configMap: 4618 description: configMap represents a configMap that should 4619 populate this volume 4620 properties: 4621 defaultMode: 4622 description: 'defaultMode is optional: mode bits used 4623 to set permissions on created files by default. Must 4624 be an octal value between 0000 and 0777 or a decimal 4625 value between 0 and 511. YAML accepts both octal and 4626 decimal values, JSON requires decimal values for mode 4627 bits. Defaults to 0644. Directories within the path 4628 are not affected by this setting. This might be in 4629 conflict with other options that affect the file mode, 4630 like fsGroup, and the result can be other mode bits 4631 set.' 4632 format: int32 4633 type: integer 4634 items: 4635 description: items if unspecified, each key-value pair 4636 in the Data field of the referenced ConfigMap will 4637 be projected into the volume as a file whose name 4638 is the key and content is the value. If specified, 4639 the listed keys will be projected into the specified 4640 paths, and unlisted keys will not be present. If a 4641 key is specified which is not present in the ConfigMap, 4642 the volume setup will error unless it is marked optional. 4643 Paths must be relative and may not contain the '..' 4644 path or start with '..'. 4645 items: 4646 description: Maps a string key to a path within a 4647 volume. 4648 properties: 4649 key: 4650 description: key is the key to project. 4651 type: string 4652 mode: 4653 description: 'mode is Optional: mode bits used 4654 to set permissions on this file. Must be an 4655 octal value between 0000 and 0777 or a decimal 4656 value between 0 and 511. YAML accepts both octal 4657 and decimal values, JSON requires decimal values 4658 for mode bits. If not specified, the volume 4659 defaultMode will be used. This might be in conflict 4660 with other options that affect the file mode, 4661 like fsGroup, and the result can be other mode 4662 bits set.' 4663 format: int32 4664 type: integer 4665 path: 4666 description: path is the relative path of the 4667 file to map the key to. May not be an absolute 4668 path. May not contain the path element '..'. 4669 May not start with the string '..'. 4670 type: string 4671 required: 4672 - key 4673 - path 4674 type: object 4675 type: array 4676 name: 4677 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 4678 TODO: Add other useful fields. apiVersion, kind, uid?' 4679 type: string 4680 optional: 4681 description: optional specify whether the ConfigMap 4682 or its keys must be defined 4683 type: boolean 4684 type: object 4685 csi: 4686 description: csi (Container Storage Interface) represents 4687 ephemeral storage that is handled by certain external 4688 CSI drivers (Beta feature). 4689 properties: 4690 driver: 4691 description: driver is the name of the CSI driver that 4692 handles this volume. Consult with your admin for the 4693 correct name as registered in the cluster. 4694 type: string 4695 fsType: 4696 description: fsType to mount. Ex. "ext4", "xfs", "ntfs". 4697 If not provided, the empty value is passed to the 4698 associated CSI driver which will determine the default 4699 filesystem to apply. 4700 type: string 4701 nodePublishSecretRef: 4702 description: nodePublishSecretRef is a reference to 4703 the secret object containing sensitive information 4704 to pass to the CSI driver to complete the CSI NodePublishVolume 4705 and NodeUnpublishVolume calls. This field is optional, 4706 and may be empty if no secret is required. If the 4707 secret object contains more than one secret, all secret 4708 references are passed. 4709 properties: 4710 name: 4711 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 4712 TODO: Add other useful fields. apiVersion, kind, 4713 uid?' 4714 type: string 4715 type: object 4716 readOnly: 4717 description: readOnly specifies a read-only configuration 4718 for the volume. Defaults to false (read/write). 4719 type: boolean 4720 volumeAttributes: 4721 additionalProperties: 4722 type: string 4723 description: volumeAttributes stores driver-specific 4724 properties that are passed to the CSI driver. Consult 4725 your driver's documentation for supported values. 4726 type: object 4727 required: 4728 - driver 4729 type: object 4730 downwardAPI: 4731 description: downwardAPI represents downward API about the 4732 pod that should populate this volume 4733 properties: 4734 defaultMode: 4735 description: 'Optional: mode bits to use on created 4736 files by default. Must be a Optional: mode bits used 4737 to set permissions on created files by default. Must 4738 be an octal value between 0000 and 0777 or a decimal 4739 value between 0 and 511. YAML accepts both octal and 4740 decimal values, JSON requires decimal values for mode 4741 bits. Defaults to 0644. Directories within the path 4742 are not affected by this setting. This might be in 4743 conflict with other options that affect the file mode, 4744 like fsGroup, and the result can be other mode bits 4745 set.' 4746 format: int32 4747 type: integer 4748 items: 4749 description: Items is a list of downward API volume 4750 file 4751 items: 4752 description: DownwardAPIVolumeFile represents information 4753 to create the file containing the pod field 4754 properties: 4755 fieldRef: 4756 description: 'Required: Selects a field of the 4757 pod: only annotations, labels, name and namespace 4758 are supported.' 4759 properties: 4760 apiVersion: 4761 description: Version of the schema the FieldPath 4762 is written in terms of, defaults to "v1". 4763 type: string 4764 fieldPath: 4765 description: Path of the field to select in 4766 the specified API version. 4767 type: string 4768 required: 4769 - fieldPath 4770 type: object 4771 mode: 4772 description: 'Optional: mode bits used to set 4773 permissions on this file, must be an octal value 4774 between 0000 and 0777 or a decimal value between 4775 0 and 511. YAML accepts both octal and decimal 4776 values, JSON requires decimal values for mode 4777 bits. If not specified, the volume defaultMode 4778 will be used. This might be in conflict with 4779 other options that affect the file mode, like 4780 fsGroup, and the result can be other mode bits 4781 set.' 4782 format: int32 4783 type: integer 4784 path: 4785 description: 'Required: Path is the relative 4786 path name of the file to be created. Must not 4787 be absolute or contain the ''..'' path. Must 4788 be utf-8 encoded. The first item of the relative 4789 path must not start with ''..''' 4790 type: string 4791 resourceFieldRef: 4792 description: 'Selects a resource of the container: 4793 only resources limits and requests (limits.cpu, 4794 limits.memory, requests.cpu and requests.memory) 4795 are currently supported.' 4796 properties: 4797 containerName: 4798 description: 'Container name: required for 4799 volumes, optional for env vars' 4800 type: string 4801 divisor: 4802 anyOf: 4803 - type: integer 4804 - type: string 4805 description: Specifies the output format of 4806 the exposed resources, defaults to "1" 4807 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 4808 x-kubernetes-int-or-string: true 4809 resource: 4810 description: 'Required: resource to select' 4811 type: string 4812 required: 4813 - resource 4814 type: object 4815 required: 4816 - path 4817 type: object 4818 type: array 4819 type: object 4820 emptyDir: 4821 description: 'emptyDir represents a temporary directory 4822 that shares a pod''s lifetime. More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir' 4823 properties: 4824 medium: 4825 description: 'medium represents what type of storage 4826 medium should back this directory. The default is 4827 "" which means to use the node''s default medium. 4828 Must be an empty string (default) or Memory. More 4829 info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir' 4830 type: string 4831 sizeLimit: 4832 anyOf: 4833 - type: integer 4834 - type: string 4835 description: 'sizeLimit is the total amount of local 4836 storage required for this EmptyDir volume. The size 4837 limit is also applicable for memory medium. The maximum 4838 usage on memory medium EmptyDir would be the minimum 4839 value between the SizeLimit specified here and the 4840 sum of memory limits of all containers in a pod. The 4841 default is nil which means that the limit is undefined. 4842 More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir' 4843 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 4844 x-kubernetes-int-or-string: true 4845 type: object 4846 ephemeral: 4847 description: "ephemeral represents a volume that is handled 4848 by a cluster storage driver. The volume's lifecycle is 4849 tied to the pod that defines it - it will be created before 4850 the pod starts, and deleted when the pod is removed. \n 4851 Use this if: a) the volume is only needed while the pod 4852 runs, b) features of normal volumes like restoring from 4853 snapshot or capacity tracking are needed, c) the storage 4854 driver is specified through a storage class, and d) the 4855 storage driver supports dynamic volume provisioning through 4856 \ a PersistentVolumeClaim (see EphemeralVolumeSource 4857 for more information on the connection between this 4858 volume type and PersistentVolumeClaim). \n Use PersistentVolumeClaim 4859 or one of the vendor-specific APIs for volumes that persist 4860 for longer than the lifecycle of an individual pod. \n 4861 Use CSI for light-weight local ephemeral volumes if the 4862 CSI driver is meant to be used that way - see the documentation 4863 of the driver for more information. \n A pod can use both 4864 types of ephemeral volumes and persistent volumes at the 4865 same time." 4866 properties: 4867 volumeClaimTemplate: 4868 description: "Will be used to create a stand-alone PVC 4869 to provision the volume. The pod in which this EphemeralVolumeSource 4870 is embedded will be the owner of the PVC, i.e. the 4871 PVC will be deleted together with the pod. The name 4872 of the PVC will be `<pod name>-<volume name>` where 4873 `<volume name>` is the name from the `PodSpec.Volumes` 4874 array entry. Pod validation will reject the pod if 4875 the concatenated name is not valid for a PVC (for 4876 example, too long). \n An existing PVC with that name 4877 that is not owned by the pod will *not* be used for 4878 the pod to avoid using an unrelated volume by mistake. 4879 Starting the pod is then blocked until the unrelated 4880 PVC is removed. If such a pre-created PVC is meant 4881 to be used by the pod, the PVC has to updated with 4882 an owner reference to the pod once the pod exists. 4883 Normally this should not be necessary, but it may 4884 be useful when manually reconstructing a broken cluster. 4885 \n This field is read-only and no changes will be 4886 made by Kubernetes to the PVC after it has been created. 4887 \n Required, must not be nil." 4888 properties: 4889 metadata: 4890 description: May contain labels and annotations 4891 that will be copied into the PVC when creating 4892 it. No other fields are allowed and will be rejected 4893 during validation. 4894 type: object 4895 spec: 4896 description: The specification for the PersistentVolumeClaim. 4897 The entire content is copied unchanged into the 4898 PVC that gets created from this template. The 4899 same fields as in a PersistentVolumeClaim are 4900 also valid here. 4901 properties: 4902 accessModes: 4903 description: 'accessModes contains the desired 4904 access modes the volume should have. More 4905 info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1' 4906 items: 4907 type: string 4908 type: array 4909 dataSource: 4910 description: 'dataSource field can be used to 4911 specify either: * An existing VolumeSnapshot 4912 object (snapshot.storage.k8s.io/VolumeSnapshot) 4913 * An existing PVC (PersistentVolumeClaim) 4914 If the provisioner or an external controller 4915 can support the specified data source, it 4916 will create a new volume based on the contents 4917 of the specified data source. When the AnyVolumeDataSource 4918 feature gate is enabled, dataSource contents 4919 will be copied to dataSourceRef, and dataSourceRef 4920 contents will be copied to dataSource when 4921 dataSourceRef.namespace is not specified. 4922 If the namespace is specified, then dataSourceRef 4923 will not be copied to dataSource.' 4924 properties: 4925 apiGroup: 4926 description: APIGroup is the group for the 4927 resource being referenced. If APIGroup 4928 is not specified, the specified Kind must 4929 be in the core API group. For any other 4930 third-party types, APIGroup is required. 4931 type: string 4932 kind: 4933 description: Kind is the type of resource 4934 being referenced 4935 type: string 4936 name: 4937 description: Name is the name of resource 4938 being referenced 4939 type: string 4940 required: 4941 - kind 4942 - name 4943 type: object 4944 dataSourceRef: 4945 description: 'dataSourceRef specifies the object 4946 from which to populate the volume with data, 4947 if a non-empty volume is desired. This may 4948 be any object from a non-empty API group (non 4949 core object) or a PersistentVolumeClaim object. 4950 When this field is specified, volume binding 4951 will only succeed if the type of the specified 4952 object matches some installed volume populator 4953 or dynamic provisioner. This field will replace 4954 the functionality of the dataSource field 4955 and as such if both fields are non-empty, 4956 they must have the same value. For backwards 4957 compatibility, when namespace isn''t specified 4958 in dataSourceRef, both fields (dataSource 4959 and dataSourceRef) will be set to the same 4960 value automatically if one of them is empty 4961 and the other is non-empty. When namespace 4962 is specified in dataSourceRef, dataSource 4963 isn''t set to the same value and must be empty. 4964 There are three important differences between 4965 dataSource and dataSourceRef: * While dataSource 4966 only allows two specific types of objects, 4967 dataSourceRef allows any non-core object, 4968 as well as PersistentVolumeClaim objects. 4969 * While dataSource ignores disallowed values 4970 (dropping them), dataSourceRef preserves 4971 all values, and generates an error if a disallowed 4972 value is specified. * While dataSource only 4973 allows local objects, dataSourceRef allows 4974 objects in any namespaces. (Beta) Using 4975 this field requires the AnyVolumeDataSource 4976 feature gate to be enabled. (Alpha) Using 4977 the namespace field of dataSourceRef requires 4978 the CrossNamespaceVolumeDataSource feature 4979 gate to be enabled.' 4980 properties: 4981 apiGroup: 4982 description: APIGroup is the group for the 4983 resource being referenced. If APIGroup 4984 is not specified, the specified Kind must 4985 be in the core API group. For any other 4986 third-party types, APIGroup is required. 4987 type: string 4988 kind: 4989 description: Kind is the type of resource 4990 being referenced 4991 type: string 4992 name: 4993 description: Name is the name of resource 4994 being referenced 4995 type: string 4996 namespace: 4997 description: Namespace is the namespace 4998 of resource being referenced Note that 4999 when a namespace is specified, a gateway.networking.k8s.io/ReferenceGrant 5000 object is required in the referent namespace 5001 to allow that namespace's owner to accept 5002 the reference. See the ReferenceGrant 5003 documentation for details. (Alpha) This 5004 field requires the CrossNamespaceVolumeDataSource 5005 feature gate to be enabled. 5006 type: string 5007 required: 5008 - kind 5009 - name 5010 type: object 5011 resources: 5012 description: 'resources represents the minimum 5013 resources the volume should have. If RecoverVolumeExpansionFailure 5014 feature is enabled users are allowed to specify 5015 resource requirements that are lower than 5016 previous value but must still be higher than 5017 capacity recorded in the status field of the 5018 claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources' 5019 properties: 5020 claims: 5021 description: "Claims lists the names of 5022 resources, defined in spec.resourceClaims, 5023 that are used by this container. \n This 5024 is an alpha field and requires enabling 5025 the DynamicResourceAllocation feature 5026 gate. \n This field is immutable. It can 5027 only be set for containers." 5028 items: 5029 description: ResourceClaim references 5030 one entry in PodSpec.ResourceClaims. 5031 properties: 5032 name: 5033 description: Name must match the name 5034 of one entry in pod.spec.resourceClaims 5035 of the Pod where this field is used. 5036 It makes that resource available 5037 inside a container. 5038 type: string 5039 required: 5040 - name 5041 type: object 5042 type: array 5043 x-kubernetes-list-map-keys: 5044 - name 5045 x-kubernetes-list-type: map 5046 limits: 5047 additionalProperties: 5048 anyOf: 5049 - type: integer 5050 - type: string 5051 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 5052 x-kubernetes-int-or-string: true 5053 description: 'Limits describes the maximum 5054 amount of compute resources allowed. More 5055 info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' 5056 type: object 5057 requests: 5058 additionalProperties: 5059 anyOf: 5060 - type: integer 5061 - type: string 5062 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 5063 x-kubernetes-int-or-string: true 5064 description: 'Requests describes the minimum 5065 amount of compute resources required. 5066 If Requests is omitted for a container, 5067 it defaults to Limits if that is explicitly 5068 specified, otherwise to an implementation-defined 5069 value. Requests cannot exceed Limits. 5070 More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' 5071 type: object 5072 type: object 5073 selector: 5074 description: selector is a label query over 5075 volumes to consider for binding. 5076 properties: 5077 matchExpressions: 5078 description: matchExpressions is a list 5079 of label selector requirements. The requirements 5080 are ANDed. 5081 items: 5082 description: A label selector requirement 5083 is a selector that contains values, 5084 a key, and an operator that relates 5085 the key and values. 5086 properties: 5087 key: 5088 description: key is the label key 5089 that the selector applies to. 5090 type: string 5091 operator: 5092 description: operator represents a 5093 key's relationship to a set of values. 5094 Valid operators are In, NotIn, Exists 5095 and DoesNotExist. 5096 type: string 5097 values: 5098 description: values is an array of 5099 string values. If the operator is 5100 In or NotIn, the values array must 5101 be non-empty. If the operator is 5102 Exists or DoesNotExist, the values 5103 array must be empty. This array 5104 is replaced during a strategic merge 5105 patch. 5106 items: 5107 type: string 5108 type: array 5109 required: 5110 - key 5111 - operator 5112 type: object 5113 type: array 5114 matchLabels: 5115 additionalProperties: 5116 type: string 5117 description: matchLabels is a map of {key,value} 5118 pairs. A single {key,value} in the matchLabels 5119 map is equivalent to an element of matchExpressions, 5120 whose key field is "key", the operator 5121 is "In", and the values array contains 5122 only "value". The requirements are ANDed. 5123 type: object 5124 type: object 5125 storageClassName: 5126 description: 'storageClassName is the name of 5127 the StorageClass required by the claim. More 5128 info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1' 5129 type: string 5130 volumeMode: 5131 description: volumeMode defines what type of 5132 volume is required by the claim. Value of 5133 Filesystem is implied when not included in 5134 claim spec. 5135 type: string 5136 volumeName: 5137 description: volumeName is the binding reference 5138 to the PersistentVolume backing this claim. 5139 type: string 5140 type: object 5141 required: 5142 - spec 5143 type: object 5144 type: object 5145 fc: 5146 description: fc represents a Fibre Channel resource that 5147 is attached to a kubelet's host machine and then exposed 5148 to the pod. 5149 properties: 5150 fsType: 5151 description: 'fsType is the filesystem type to mount. 5152 Must be a filesystem type supported by the host operating 5153 system. Ex. "ext4", "xfs", "ntfs". Implicitly inferred 5154 to be "ext4" if unspecified. TODO: how do we prevent 5155 errors in the filesystem from compromising the machine' 5156 type: string 5157 lun: 5158 description: 'lun is Optional: FC target lun number' 5159 format: int32 5160 type: integer 5161 readOnly: 5162 description: 'readOnly is Optional: Defaults to false 5163 (read/write). ReadOnly here will force the ReadOnly 5164 setting in VolumeMounts.' 5165 type: boolean 5166 targetWWNs: 5167 description: 'targetWWNs is Optional: FC target worldwide 5168 names (WWNs)' 5169 items: 5170 type: string 5171 type: array 5172 wwids: 5173 description: 'wwids Optional: FC volume world wide identifiers 5174 (wwids) Either wwids or combination of targetWWNs 5175 and lun must be set, but not both simultaneously.' 5176 items: 5177 type: string 5178 type: array 5179 type: object 5180 flexVolume: 5181 description: flexVolume represents a generic volume resource 5182 that is provisioned/attached using an exec based plugin. 5183 properties: 5184 driver: 5185 description: driver is the name of the driver to use 5186 for this volume. 5187 type: string 5188 fsType: 5189 description: fsType is the filesystem type to mount. 5190 Must be a filesystem type supported by the host operating 5191 system. Ex. "ext4", "xfs", "ntfs". The default filesystem 5192 depends on FlexVolume script. 5193 type: string 5194 options: 5195 additionalProperties: 5196 type: string 5197 description: 'options is Optional: this field holds 5198 extra command options if any.' 5199 type: object 5200 readOnly: 5201 description: 'readOnly is Optional: defaults to false 5202 (read/write). ReadOnly here will force the ReadOnly 5203 setting in VolumeMounts.' 5204 type: boolean 5205 secretRef: 5206 description: 'secretRef is Optional: secretRef is reference 5207 to the secret object containing sensitive information 5208 to pass to the plugin scripts. This may be empty if 5209 no secret object is specified. If the secret object 5210 contains more than one secret, all secrets are passed 5211 to the plugin scripts.' 5212 properties: 5213 name: 5214 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 5215 TODO: Add other useful fields. apiVersion, kind, 5216 uid?' 5217 type: string 5218 type: object 5219 required: 5220 - driver 5221 type: object 5222 flocker: 5223 description: flocker represents a Flocker volume attached 5224 to a kubelet's host machine. This depends on the Flocker 5225 control service being running 5226 properties: 5227 datasetName: 5228 description: datasetName is Name of the dataset stored 5229 as metadata -> name on the dataset for Flocker should 5230 be considered as deprecated 5231 type: string 5232 datasetUUID: 5233 description: datasetUUID is the UUID of the dataset. 5234 This is unique identifier of a Flocker dataset 5235 type: string 5236 type: object 5237 gcePersistentDisk: 5238 description: 'gcePersistentDisk represents a GCE Disk resource 5239 that is attached to a kubelet''s host machine and then 5240 exposed to the pod. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk' 5241 properties: 5242 fsType: 5243 description: 'fsType is filesystem type of the volume 5244 that you want to mount. Tip: Ensure that the filesystem 5245 type is supported by the host operating system. Examples: 5246 "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" 5247 if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk 5248 TODO: how do we prevent errors in the filesystem from 5249 compromising the machine' 5250 type: string 5251 partition: 5252 description: 'partition is the partition in the volume 5253 that you want to mount. If omitted, the default is 5254 to mount by volume name. Examples: For volume /dev/sda1, 5255 you specify the partition as "1". Similarly, the volume 5256 partition for /dev/sda is "0" (or you can leave the 5257 property empty). More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk' 5258 format: int32 5259 type: integer 5260 pdName: 5261 description: 'pdName is unique name of the PD resource 5262 in GCE. Used to identify the disk in GCE. More info: 5263 https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk' 5264 type: string 5265 readOnly: 5266 description: 'readOnly here will force the ReadOnly 5267 setting in VolumeMounts. Defaults to false. More info: 5268 https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk' 5269 type: boolean 5270 required: 5271 - pdName 5272 type: object 5273 gitRepo: 5274 description: 'gitRepo represents a git repository at a particular 5275 revision. DEPRECATED: GitRepo is deprecated. To provision 5276 a container with a git repo, mount an EmptyDir into an 5277 InitContainer that clones the repo using git, then mount 5278 the EmptyDir into the Pod''s container.' 5279 properties: 5280 directory: 5281 description: directory is the target directory name. 5282 Must not contain or start with '..'. If '.' is supplied, 5283 the volume directory will be the git repository. Otherwise, 5284 if specified, the volume will contain the git repository 5285 in the subdirectory with the given name. 5286 type: string 5287 repository: 5288 description: repository is the URL 5289 type: string 5290 revision: 5291 description: revision is the commit hash for the specified 5292 revision. 5293 type: string 5294 required: 5295 - repository 5296 type: object 5297 glusterfs: 5298 description: 'glusterfs represents a Glusterfs mount on 5299 the host that shares a pod''s lifetime. More info: https://examples.k8s.io/volumes/glusterfs/README.md' 5300 properties: 5301 endpoints: 5302 description: 'endpoints is the endpoint name that details 5303 Glusterfs topology. More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod' 5304 type: string 5305 path: 5306 description: 'path is the Glusterfs volume path. More 5307 info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod' 5308 type: string 5309 readOnly: 5310 description: 'readOnly here will force the Glusterfs 5311 volume to be mounted with read-only permissions. Defaults 5312 to false. More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod' 5313 type: boolean 5314 required: 5315 - endpoints 5316 - path 5317 type: object 5318 hostPath: 5319 description: 'hostPath represents a pre-existing file or 5320 directory on the host machine that is directly exposed 5321 to the container. This is generally used for system agents 5322 or other privileged things that are allowed to see the 5323 host machine. Most containers will NOT need this. More 5324 info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath 5325 --- TODO(jonesdl) We need to restrict who can use host 5326 directory mounts and who can/can not mount host directories 5327 as read/write.' 5328 properties: 5329 path: 5330 description: 'path of the directory on the host. If 5331 the path is a symlink, it will follow the link to 5332 the real path. More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath' 5333 type: string 5334 type: 5335 description: 'type for HostPath Volume Defaults to "" 5336 More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath' 5337 type: string 5338 required: 5339 - path 5340 type: object 5341 iscsi: 5342 description: 'iscsi represents an ISCSI Disk resource that 5343 is attached to a kubelet''s host machine and then exposed 5344 to the pod. More info: https://examples.k8s.io/volumes/iscsi/README.md' 5345 properties: 5346 chapAuthDiscovery: 5347 description: chapAuthDiscovery defines whether support 5348 iSCSI Discovery CHAP authentication 5349 type: boolean 5350 chapAuthSession: 5351 description: chapAuthSession defines whether support 5352 iSCSI Session CHAP authentication 5353 type: boolean 5354 fsType: 5355 description: 'fsType is the filesystem type of the volume 5356 that you want to mount. Tip: Ensure that the filesystem 5357 type is supported by the host operating system. Examples: 5358 "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" 5359 if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#iscsi 5360 TODO: how do we prevent errors in the filesystem from 5361 compromising the machine' 5362 type: string 5363 initiatorName: 5364 description: initiatorName is the custom iSCSI Initiator 5365 Name. If initiatorName is specified with iscsiInterface 5366 simultaneously, new iSCSI interface <target portal>:<volume 5367 name> will be created for the connection. 5368 type: string 5369 iqn: 5370 description: iqn is the target iSCSI Qualified Name. 5371 type: string 5372 iscsiInterface: 5373 description: iscsiInterface is the interface Name that 5374 uses an iSCSI transport. Defaults to 'default' (tcp). 5375 type: string 5376 lun: 5377 description: lun represents iSCSI Target Lun number. 5378 format: int32 5379 type: integer 5380 portals: 5381 description: portals is the iSCSI Target Portal List. 5382 The portal is either an IP or ip_addr:port if the 5383 port is other than default (typically TCP ports 860 5384 and 3260). 5385 items: 5386 type: string 5387 type: array 5388 readOnly: 5389 description: readOnly here will force the ReadOnly setting 5390 in VolumeMounts. Defaults to false. 5391 type: boolean 5392 secretRef: 5393 description: secretRef is the CHAP Secret for iSCSI 5394 target and initiator authentication 5395 properties: 5396 name: 5397 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 5398 TODO: Add other useful fields. apiVersion, kind, 5399 uid?' 5400 type: string 5401 type: object 5402 targetPortal: 5403 description: targetPortal is iSCSI Target Portal. The 5404 Portal is either an IP or ip_addr:port if the port 5405 is other than default (typically TCP ports 860 and 5406 3260). 5407 type: string 5408 required: 5409 - iqn 5410 - lun 5411 - targetPortal 5412 type: object 5413 name: 5414 description: 'name of the volume. Must be a DNS_LABEL and 5415 unique within the pod. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' 5416 type: string 5417 nfs: 5418 description: 'nfs represents an NFS mount on the host that 5419 shares a pod''s lifetime More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs' 5420 properties: 5421 path: 5422 description: 'path that is exported by the NFS server. 5423 More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs' 5424 type: string 5425 readOnly: 5426 description: 'readOnly here will force the NFS export 5427 to be mounted with read-only permissions. Defaults 5428 to false. More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs' 5429 type: boolean 5430 server: 5431 description: 'server is the hostname or IP address of 5432 the NFS server. More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs' 5433 type: string 5434 required: 5435 - path 5436 - server 5437 type: object 5438 persistentVolumeClaim: 5439 description: 'persistentVolumeClaimVolumeSource represents 5440 a reference to a PersistentVolumeClaim in the same namespace. 5441 More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims' 5442 properties: 5443 claimName: 5444 description: 'claimName is the name of a PersistentVolumeClaim 5445 in the same namespace as the pod using this volume. 5446 More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims' 5447 type: string 5448 readOnly: 5449 description: readOnly Will force the ReadOnly setting 5450 in VolumeMounts. Default false. 5451 type: boolean 5452 required: 5453 - claimName 5454 type: object 5455 photonPersistentDisk: 5456 description: photonPersistentDisk represents a PhotonController 5457 persistent disk attached and mounted on kubelets host 5458 machine 5459 properties: 5460 fsType: 5461 description: fsType is the filesystem type to mount. 5462 Must be a filesystem type supported by the host operating 5463 system. Ex. "ext4", "xfs", "ntfs". Implicitly inferred 5464 to be "ext4" if unspecified. 5465 type: string 5466 pdID: 5467 description: pdID is the ID that identifies Photon Controller 5468 persistent disk 5469 type: string 5470 required: 5471 - pdID 5472 type: object 5473 portworxVolume: 5474 description: portworxVolume represents a portworx volume 5475 attached and mounted on kubelets host machine 5476 properties: 5477 fsType: 5478 description: fSType represents the filesystem type to 5479 mount Must be a filesystem type supported by the host 5480 operating system. Ex. "ext4", "xfs". Implicitly inferred 5481 to be "ext4" if unspecified. 5482 type: string 5483 readOnly: 5484 description: readOnly defaults to false (read/write). 5485 ReadOnly here will force the ReadOnly setting in VolumeMounts. 5486 type: boolean 5487 volumeID: 5488 description: volumeID uniquely identifies a Portworx 5489 volume 5490 type: string 5491 required: 5492 - volumeID 5493 type: object 5494 projected: 5495 description: projected items for all in one resources secrets, 5496 configmaps, and downward API 5497 properties: 5498 defaultMode: 5499 description: defaultMode are the mode bits used to set 5500 permissions on created files by default. Must be an 5501 octal value between 0000 and 0777 or a decimal value 5502 between 0 and 511. YAML accepts both octal and decimal 5503 values, JSON requires decimal values for mode bits. 5504 Directories within the path are not affected by this 5505 setting. This might be in conflict with other options 5506 that affect the file mode, like fsGroup, and the result 5507 can be other mode bits set. 5508 format: int32 5509 type: integer 5510 sources: 5511 description: sources is the list of volume projections 5512 items: 5513 description: Projection that may be projected along 5514 with other supported volume types 5515 properties: 5516 configMap: 5517 description: configMap information about the configMap 5518 data to project 5519 properties: 5520 items: 5521 description: items if unspecified, each key-value 5522 pair in the Data field of the referenced 5523 ConfigMap will be projected into the volume 5524 as a file whose name is the key and content 5525 is the value. If specified, the listed keys 5526 will be projected into the specified paths, 5527 and unlisted keys will not be present. If 5528 a key is specified which is not present 5529 in the ConfigMap, the volume setup will 5530 error unless it is marked optional. Paths 5531 must be relative and may not contain the 5532 '..' path or start with '..'. 5533 items: 5534 description: Maps a string key to a path 5535 within a volume. 5536 properties: 5537 key: 5538 description: key is the key to project. 5539 type: string 5540 mode: 5541 description: 'mode is Optional: mode 5542 bits used to set permissions on this 5543 file. Must be an octal value between 5544 0000 and 0777 or a decimal value between 5545 0 and 511. YAML accepts both octal 5546 and decimal values, JSON requires 5547 decimal values for mode bits. If not 5548 specified, the volume defaultMode 5549 will be used. This might be in conflict 5550 with other options that affect the 5551 file mode, like fsGroup, and the result 5552 can be other mode bits set.' 5553 format: int32 5554 type: integer 5555 path: 5556 description: path is the relative path 5557 of the file to map the key to. May 5558 not be an absolute path. May not contain 5559 the path element '..'. May not start 5560 with the string '..'. 5561 type: string 5562 required: 5563 - key 5564 - path 5565 type: object 5566 type: array 5567 name: 5568 description: 'Name of the referent. More info: 5569 https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 5570 TODO: Add other useful fields. apiVersion, 5571 kind, uid?' 5572 type: string 5573 optional: 5574 description: optional specify whether the 5575 ConfigMap or its keys must be defined 5576 type: boolean 5577 type: object 5578 downwardAPI: 5579 description: downwardAPI information about the 5580 downwardAPI data to project 5581 properties: 5582 items: 5583 description: Items is a list of DownwardAPIVolume 5584 file 5585 items: 5586 description: DownwardAPIVolumeFile represents 5587 information to create the file containing 5588 the pod field 5589 properties: 5590 fieldRef: 5591 description: 'Required: Selects a field 5592 of the pod: only annotations, labels, 5593 name and namespace are supported.' 5594 properties: 5595 apiVersion: 5596 description: Version of the schema 5597 the FieldPath is written in terms 5598 of, defaults to "v1". 5599 type: string 5600 fieldPath: 5601 description: Path of the field to 5602 select in the specified API version. 5603 type: string 5604 required: 5605 - fieldPath 5606 type: object 5607 mode: 5608 description: 'Optional: mode bits used 5609 to set permissions on this file, must 5610 be an octal value between 0000 and 5611 0777 or a decimal value between 0 5612 and 511. YAML accepts both octal and 5613 decimal values, JSON requires decimal 5614 values for mode bits. If not specified, 5615 the volume defaultMode will be used. 5616 This might be in conflict with other 5617 options that affect the file mode, 5618 like fsGroup, and the result can be 5619 other mode bits set.' 5620 format: int32 5621 type: integer 5622 path: 5623 description: 'Required: Path is the 5624 relative path name of the file to 5625 be created. Must not be absolute or 5626 contain the ''..'' path. Must be utf-8 5627 encoded. The first item of the relative 5628 path must not start with ''..''' 5629 type: string 5630 resourceFieldRef: 5631 description: 'Selects a resource of 5632 the container: only resources limits 5633 and requests (limits.cpu, limits.memory, 5634 requests.cpu and requests.memory) 5635 are currently supported.' 5636 properties: 5637 containerName: 5638 description: 'Container name: required 5639 for volumes, optional for env 5640 vars' 5641 type: string 5642 divisor: 5643 anyOf: 5644 - type: integer 5645 - type: string 5646 description: Specifies the output 5647 format of the exposed resources, 5648 defaults to "1" 5649 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 5650 x-kubernetes-int-or-string: true 5651 resource: 5652 description: 'Required: resource 5653 to select' 5654 type: string 5655 required: 5656 - resource 5657 type: object 5658 required: 5659 - path 5660 type: object 5661 type: array 5662 type: object 5663 secret: 5664 description: secret information about the secret 5665 data to project 5666 properties: 5667 items: 5668 description: items if unspecified, each key-value 5669 pair in the Data field of the referenced 5670 Secret will be projected into the volume 5671 as a file whose name is the key and content 5672 is the value. If specified, the listed keys 5673 will be projected into the specified paths, 5674 and unlisted keys will not be present. If 5675 a key is specified which is not present 5676 in the Secret, the volume setup will error 5677 unless it is marked optional. Paths must 5678 be relative and may not contain the '..' 5679 path or start with '..'. 5680 items: 5681 description: Maps a string key to a path 5682 within a volume. 5683 properties: 5684 key: 5685 description: key is the key to project. 5686 type: string 5687 mode: 5688 description: 'mode is Optional: mode 5689 bits used to set permissions on this 5690 file. Must be an octal value between 5691 0000 and 0777 or a decimal value between 5692 0 and 511. YAML accepts both octal 5693 and decimal values, JSON requires 5694 decimal values for mode bits. If not 5695 specified, the volume defaultMode 5696 will be used. This might be in conflict 5697 with other options that affect the 5698 file mode, like fsGroup, and the result 5699 can be other mode bits set.' 5700 format: int32 5701 type: integer 5702 path: 5703 description: path is the relative path 5704 of the file to map the key to. May 5705 not be an absolute path. May not contain 5706 the path element '..'. May not start 5707 with the string '..'. 5708 type: string 5709 required: 5710 - key 5711 - path 5712 type: object 5713 type: array 5714 name: 5715 description: 'Name of the referent. More info: 5716 https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 5717 TODO: Add other useful fields. apiVersion, 5718 kind, uid?' 5719 type: string 5720 optional: 5721 description: optional field specify whether 5722 the Secret or its key must be defined 5723 type: boolean 5724 type: object 5725 serviceAccountToken: 5726 description: serviceAccountToken is information 5727 about the serviceAccountToken data to project 5728 properties: 5729 audience: 5730 description: audience is the intended audience 5731 of the token. A recipient of a token must 5732 identify itself with an identifier specified 5733 in the audience of the token, and otherwise 5734 should reject the token. The audience defaults 5735 to the identifier of the apiserver. 5736 type: string 5737 expirationSeconds: 5738 description: expirationSeconds is the requested 5739 duration of validity of the service account 5740 token. As the token approaches expiration, 5741 the kubelet volume plugin will proactively 5742 rotate the service account token. The kubelet 5743 will start trying to rotate the token if 5744 the token is older than 80 percent of its 5745 time to live or if the token is older than 5746 24 hours.Defaults to 1 hour and must be 5747 at least 10 minutes. 5748 format: int64 5749 type: integer 5750 path: 5751 description: path is the path relative to 5752 the mount point of the file to project the 5753 token into. 5754 type: string 5755 required: 5756 - path 5757 type: object 5758 type: object 5759 type: array 5760 type: object 5761 quobyte: 5762 description: quobyte represents a Quobyte mount on the host 5763 that shares a pod's lifetime 5764 properties: 5765 group: 5766 description: group to map volume access to Default is 5767 no group 5768 type: string 5769 readOnly: 5770 description: readOnly here will force the Quobyte volume 5771 to be mounted with read-only permissions. Defaults 5772 to false. 5773 type: boolean 5774 registry: 5775 description: registry represents a single or multiple 5776 Quobyte Registry services specified as a string as 5777 host:port pair (multiple entries are separated with 5778 commas) which acts as the central registry for volumes 5779 type: string 5780 tenant: 5781 description: tenant owning the given Quobyte volume 5782 in the Backend Used with dynamically provisioned Quobyte 5783 volumes, value is set by the plugin 5784 type: string 5785 user: 5786 description: user to map volume access to Defaults to 5787 serivceaccount user 5788 type: string 5789 volume: 5790 description: volume is a string that references an already 5791 created Quobyte volume by name. 5792 type: string 5793 required: 5794 - registry 5795 - volume 5796 type: object 5797 rbd: 5798 description: 'rbd represents a Rados Block Device mount 5799 on the host that shares a pod''s lifetime. More info: 5800 https://examples.k8s.io/volumes/rbd/README.md' 5801 properties: 5802 fsType: 5803 description: 'fsType is the filesystem type of the volume 5804 that you want to mount. Tip: Ensure that the filesystem 5805 type is supported by the host operating system. Examples: 5806 "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" 5807 if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#rbd 5808 TODO: how do we prevent errors in the filesystem from 5809 compromising the machine' 5810 type: string 5811 image: 5812 description: 'image is the rados image name. More info: 5813 https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' 5814 type: string 5815 keyring: 5816 description: 'keyring is the path to key ring for RBDUser. 5817 Default is /etc/ceph/keyring. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' 5818 type: string 5819 monitors: 5820 description: 'monitors is a collection of Ceph monitors. 5821 More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' 5822 items: 5823 type: string 5824 type: array 5825 pool: 5826 description: 'pool is the rados pool name. Default is 5827 rbd. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' 5828 type: string 5829 readOnly: 5830 description: 'readOnly here will force the ReadOnly 5831 setting in VolumeMounts. Defaults to false. More info: 5832 https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' 5833 type: boolean 5834 secretRef: 5835 description: 'secretRef is name of the authentication 5836 secret for RBDUser. If provided overrides keyring. 5837 Default is nil. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' 5838 properties: 5839 name: 5840 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 5841 TODO: Add other useful fields. apiVersion, kind, 5842 uid?' 5843 type: string 5844 type: object 5845 user: 5846 description: 'user is the rados user name. Default is 5847 admin. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' 5848 type: string 5849 required: 5850 - image 5851 - monitors 5852 type: object 5853 scaleIO: 5854 description: scaleIO represents a ScaleIO persistent volume 5855 attached and mounted on Kubernetes nodes. 5856 properties: 5857 fsType: 5858 description: fsType is the filesystem type to mount. 5859 Must be a filesystem type supported by the host operating 5860 system. Ex. "ext4", "xfs", "ntfs". Default is "xfs". 5861 type: string 5862 gateway: 5863 description: gateway is the host address of the ScaleIO 5864 API Gateway. 5865 type: string 5866 protectionDomain: 5867 description: protectionDomain is the name of the ScaleIO 5868 Protection Domain for the configured storage. 5869 type: string 5870 readOnly: 5871 description: readOnly Defaults to false (read/write). 5872 ReadOnly here will force the ReadOnly setting in VolumeMounts. 5873 type: boolean 5874 secretRef: 5875 description: secretRef references to the secret for 5876 ScaleIO user and other sensitive information. If this 5877 is not provided, Login operation will fail. 5878 properties: 5879 name: 5880 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 5881 TODO: Add other useful fields. apiVersion, kind, 5882 uid?' 5883 type: string 5884 type: object 5885 sslEnabled: 5886 description: sslEnabled Flag enable/disable SSL communication 5887 with Gateway, default false 5888 type: boolean 5889 storageMode: 5890 description: storageMode indicates whether the storage 5891 for a volume should be ThickProvisioned or ThinProvisioned. 5892 Default is ThinProvisioned. 5893 type: string 5894 storagePool: 5895 description: storagePool is the ScaleIO Storage Pool 5896 associated with the protection domain. 5897 type: string 5898 system: 5899 description: system is the name of the storage system 5900 as configured in ScaleIO. 5901 type: string 5902 volumeName: 5903 description: volumeName is the name of a volume already 5904 created in the ScaleIO system that is associated with 5905 this volume source. 5906 type: string 5907 required: 5908 - gateway 5909 - secretRef 5910 - system 5911 type: object 5912 secret: 5913 description: 'secret represents a secret that should populate 5914 this volume. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret' 5915 properties: 5916 defaultMode: 5917 description: 'defaultMode is Optional: mode bits used 5918 to set permissions on created files by default. Must 5919 be an octal value between 0000 and 0777 or a decimal 5920 value between 0 and 511. YAML accepts both octal and 5921 decimal values, JSON requires decimal values for mode 5922 bits. Defaults to 0644. Directories within the path 5923 are not affected by this setting. This might be in 5924 conflict with other options that affect the file mode, 5925 like fsGroup, and the result can be other mode bits 5926 set.' 5927 format: int32 5928 type: integer 5929 items: 5930 description: items If unspecified, each key-value pair 5931 in the Data field of the referenced Secret will be 5932 projected into the volume as a file whose name is 5933 the key and content is the value. If specified, the 5934 listed keys will be projected into the specified paths, 5935 and unlisted keys will not be present. If a key is 5936 specified which is not present in the Secret, the 5937 volume setup will error unless it is marked optional. 5938 Paths must be relative and may not contain the '..' 5939 path or start with '..'. 5940 items: 5941 description: Maps a string key to a path within a 5942 volume. 5943 properties: 5944 key: 5945 description: key is the key to project. 5946 type: string 5947 mode: 5948 description: 'mode is Optional: mode bits used 5949 to set permissions on this file. Must be an 5950 octal value between 0000 and 0777 or a decimal 5951 value between 0 and 511. YAML accepts both octal 5952 and decimal values, JSON requires decimal values 5953 for mode bits. If not specified, the volume 5954 defaultMode will be used. This might be in conflict 5955 with other options that affect the file mode, 5956 like fsGroup, and the result can be other mode 5957 bits set.' 5958 format: int32 5959 type: integer 5960 path: 5961 description: path is the relative path of the 5962 file to map the key to. May not be an absolute 5963 path. May not contain the path element '..'. 5964 May not start with the string '..'. 5965 type: string 5966 required: 5967 - key 5968 - path 5969 type: object 5970 type: array 5971 optional: 5972 description: optional field specify whether the Secret 5973 or its keys must be defined 5974 type: boolean 5975 secretName: 5976 description: 'secretName is the name of the secret in 5977 the pod''s namespace to use. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret' 5978 type: string 5979 type: object 5980 storageos: 5981 description: storageOS represents a StorageOS volume attached 5982 and mounted on Kubernetes nodes. 5983 properties: 5984 fsType: 5985 description: fsType is the filesystem type to mount. 5986 Must be a filesystem type supported by the host operating 5987 system. Ex. "ext4", "xfs", "ntfs". Implicitly inferred 5988 to be "ext4" if unspecified. 5989 type: string 5990 readOnly: 5991 description: readOnly defaults to false (read/write). 5992 ReadOnly here will force the ReadOnly setting in VolumeMounts. 5993 type: boolean 5994 secretRef: 5995 description: secretRef specifies the secret to use for 5996 obtaining the StorageOS API credentials. If not specified, 5997 default values will be attempted. 5998 properties: 5999 name: 6000 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 6001 TODO: Add other useful fields. apiVersion, kind, 6002 uid?' 6003 type: string 6004 type: object 6005 volumeName: 6006 description: volumeName is the human-readable name of 6007 the StorageOS volume. Volume names are only unique 6008 within a namespace. 6009 type: string 6010 volumeNamespace: 6011 description: volumeNamespace specifies the scope of 6012 the volume within StorageOS. If no namespace is specified 6013 then the Pod's namespace will be used. This allows 6014 the Kubernetes name scoping to be mirrored within 6015 StorageOS for tighter integration. Set VolumeName 6016 to any name to override the default behaviour. Set 6017 to "default" if you are not using namespaces within 6018 StorageOS. Namespaces that do not pre-exist within 6019 StorageOS will be created. 6020 type: string 6021 type: object 6022 vsphereVolume: 6023 description: vsphereVolume represents a vSphere volume attached 6024 and mounted on kubelets host machine 6025 properties: 6026 fsType: 6027 description: fsType is filesystem type to mount. Must 6028 be a filesystem type supported by the host operating 6029 system. Ex. "ext4", "xfs", "ntfs". Implicitly inferred 6030 to be "ext4" if unspecified. 6031 type: string 6032 storagePolicyID: 6033 description: storagePolicyID is the storage Policy Based 6034 Management (SPBM) profile ID associated with the StoragePolicyName. 6035 type: string 6036 storagePolicyName: 6037 description: storagePolicyName is the storage Policy 6038 Based Management (SPBM) profile name. 6039 type: string 6040 volumePath: 6041 description: volumePath is the path that identifies 6042 vSphere volume vmdk 6043 type: string 6044 required: 6045 - volumePath 6046 type: object 6047 required: 6048 - name 6049 type: object 6050 type: array 6051 type: object 6052 repositoryCredentials: 6053 description: RepositoryCredentials are the Git pull credentials to 6054 configure Argo CD with upon creation of the cluster. 6055 type: string 6056 resourceActions: 6057 description: ResourceActions customizes resource action behavior. 6058 items: 6059 description: Resource Customization for custom action 6060 properties: 6061 action: 6062 type: string 6063 group: 6064 type: string 6065 kind: 6066 type: string 6067 type: object 6068 type: array 6069 resourceCustomizations: 6070 description: 'Deprecated field. Support dropped in v1beta1 version. 6071 ResourceCustomizations customizes resource behavior. Keys are in 6072 the form: group/Kind. Please note that this is being deprecated 6073 in favor of ResourceHealthChecks, ResourceIgnoreDifferences, and 6074 ResourceActions.' 6075 type: string 6076 resourceExclusions: 6077 description: ResourceExclusions is used to completely ignore entire 6078 classes of resource group/kinds. 6079 type: string 6080 resourceHealthChecks: 6081 description: ResourceHealthChecks customizes resource health check 6082 behavior. 6083 items: 6084 description: Resource Customization for custom health check 6085 properties: 6086 check: 6087 type: string 6088 group: 6089 type: string 6090 kind: 6091 type: string 6092 type: object 6093 type: array 6094 resourceIgnoreDifferences: 6095 description: ResourceIgnoreDifferences customizes resource ignore 6096 difference behavior. 6097 properties: 6098 all: 6099 properties: 6100 jqPathExpressions: 6101 items: 6102 type: string 6103 type: array 6104 jsonPointers: 6105 items: 6106 type: string 6107 type: array 6108 managedFieldsManagers: 6109 items: 6110 type: string 6111 type: array 6112 type: object 6113 resourceIdentifiers: 6114 items: 6115 description: Resource Customization fields for ignore difference 6116 properties: 6117 customization: 6118 properties: 6119 jqPathExpressions: 6120 items: 6121 type: string 6122 type: array 6123 jsonPointers: 6124 items: 6125 type: string 6126 type: array 6127 managedFieldsManagers: 6128 items: 6129 type: string 6130 type: array 6131 type: object 6132 group: 6133 type: string 6134 kind: 6135 type: string 6136 type: object 6137 type: array 6138 type: object 6139 resourceInclusions: 6140 description: ResourceInclusions is used to only include specific group/kinds 6141 in the reconciliation process. 6142 type: string 6143 resourceTrackingMethod: 6144 description: ResourceTrackingMethod defines how Argo CD should track 6145 resources that it manages 6146 type: string 6147 server: 6148 description: Server defines the options for the ArgoCD Server component. 6149 properties: 6150 autoscale: 6151 description: Autoscale defines the autoscale options for the Argo 6152 CD Server component. 6153 properties: 6154 enabled: 6155 description: Enabled will toggle autoscaling support for the 6156 Argo CD Server component. 6157 type: boolean 6158 hpa: 6159 description: HPA defines the HorizontalPodAutoscaler options 6160 for the Argo CD Server component. 6161 properties: 6162 maxReplicas: 6163 description: maxReplicas is the upper limit for the number 6164 of pods that can be set by the autoscaler; cannot be 6165 smaller than MinReplicas. 6166 format: int32 6167 type: integer 6168 minReplicas: 6169 description: minReplicas is the lower limit for the number 6170 of replicas to which the autoscaler can scale down. It 6171 defaults to 1 pod. minReplicas is allowed to be 0 if 6172 the alpha feature gate HPAScaleToZero is enabled and 6173 at least one Object or External metric is configured. Scaling 6174 is active as long as at least one metric value is available. 6175 format: int32 6176 type: integer 6177 scaleTargetRef: 6178 description: reference to scaled resource; horizontal 6179 pod autoscaler will learn the current resource consumption 6180 and will set the desired number of pods by using its 6181 Scale subresource. 6182 properties: 6183 apiVersion: 6184 description: apiVersion is the API version of the 6185 referent 6186 type: string 6187 kind: 6188 description: 'kind is the kind of the referent; More 6189 info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' 6190 type: string 6191 name: 6192 description: 'name is the name of the referent; More 6193 info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' 6194 type: string 6195 required: 6196 - kind 6197 - name 6198 type: object 6199 targetCPUUtilizationPercentage: 6200 description: targetCPUUtilizationPercentage is the target 6201 average CPU utilization (represented as a percentage 6202 of requested CPU) over all the pods; if not specified 6203 the default autoscaling policy will be used. 6204 format: int32 6205 type: integer 6206 required: 6207 - maxReplicas 6208 - scaleTargetRef 6209 type: object 6210 required: 6211 - enabled 6212 type: object 6213 env: 6214 description: Env lets you specify environment for API server pods 6215 items: 6216 description: EnvVar represents an environment variable present 6217 in a Container. 6218 properties: 6219 name: 6220 description: Name of the environment variable. Must be a 6221 C_IDENTIFIER. 6222 type: string 6223 value: 6224 description: 'Variable references $(VAR_NAME) are expanded 6225 using the previously defined environment variables in 6226 the container and any service environment variables. If 6227 a variable cannot be resolved, the reference in the input 6228 string will be unchanged. Double $$ are reduced to a single 6229 $, which allows for escaping the $(VAR_NAME) syntax: i.e. 6230 "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". 6231 Escaped references will never be expanded, regardless 6232 of whether the variable exists or not. Defaults to "".' 6233 type: string 6234 valueFrom: 6235 description: Source for the environment variable's value. 6236 Cannot be used if value is not empty. 6237 properties: 6238 configMapKeyRef: 6239 description: Selects a key of a ConfigMap. 6240 properties: 6241 key: 6242 description: The key to select. 6243 type: string 6244 name: 6245 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 6246 TODO: Add other useful fields. apiVersion, kind, 6247 uid?' 6248 type: string 6249 optional: 6250 description: Specify whether the ConfigMap or its 6251 key must be defined 6252 type: boolean 6253 required: 6254 - key 6255 type: object 6256 fieldRef: 6257 description: 'Selects a field of the pod: supports metadata.name, 6258 metadata.namespace, `metadata.labels[''<KEY>'']`, 6259 `metadata.annotations[''<KEY>'']`, spec.nodeName, 6260 spec.serviceAccountName, status.hostIP, status.podIP, 6261 status.podIPs.' 6262 properties: 6263 apiVersion: 6264 description: Version of the schema the FieldPath 6265 is written in terms of, defaults to "v1". 6266 type: string 6267 fieldPath: 6268 description: Path of the field to select in the 6269 specified API version. 6270 type: string 6271 required: 6272 - fieldPath 6273 type: object 6274 resourceFieldRef: 6275 description: 'Selects a resource of the container: only 6276 resources limits and requests (limits.cpu, limits.memory, 6277 limits.ephemeral-storage, requests.cpu, requests.memory 6278 and requests.ephemeral-storage) are currently supported.' 6279 properties: 6280 containerName: 6281 description: 'Container name: required for volumes, 6282 optional for env vars' 6283 type: string 6284 divisor: 6285 anyOf: 6286 - type: integer 6287 - type: string 6288 description: Specifies the output format of the 6289 exposed resources, defaults to "1" 6290 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 6291 x-kubernetes-int-or-string: true 6292 resource: 6293 description: 'Required: resource to select' 6294 type: string 6295 required: 6296 - resource 6297 type: object 6298 secretKeyRef: 6299 description: Selects a key of a secret in the pod's 6300 namespace 6301 properties: 6302 key: 6303 description: The key of the secret to select from. Must 6304 be a valid secret key. 6305 type: string 6306 name: 6307 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 6308 TODO: Add other useful fields. apiVersion, kind, 6309 uid?' 6310 type: string 6311 optional: 6312 description: Specify whether the Secret or its key 6313 must be defined 6314 type: boolean 6315 required: 6316 - key 6317 type: object 6318 type: object 6319 required: 6320 - name 6321 type: object 6322 type: array 6323 extraCommandArgs: 6324 description: Extra Command arguments that would append to the 6325 Argo CD server command. ExtraCommandArgs will not be added, 6326 if one of these commands is already part of the server command 6327 with same or different value. 6328 items: 6329 type: string 6330 type: array 6331 grpc: 6332 description: GRPC defines the state for the Argo CD Server GRPC 6333 options. 6334 properties: 6335 host: 6336 description: Host is the hostname to use for Ingress/Route 6337 resources. 6338 type: string 6339 ingress: 6340 description: Ingress defines the desired state for the Argo 6341 CD Server GRPC Ingress. 6342 properties: 6343 annotations: 6344 additionalProperties: 6345 type: string 6346 description: Annotations is the map of annotations to 6347 apply to the Ingress. 6348 type: object 6349 enabled: 6350 description: Enabled will toggle the creation of the Ingress. 6351 type: boolean 6352 ingressClassName: 6353 description: IngressClassName for the Ingress resource. 6354 type: string 6355 path: 6356 description: Path used for the Ingress resource. 6357 type: string 6358 tls: 6359 description: TLS configuration. Currently the Ingress 6360 only supports a single TLS port, 443. If multiple members 6361 of this list specify different hosts, they will be multiplexed 6362 on the same port according to the hostname specified 6363 through the SNI TLS extension, if the ingress controller 6364 fulfilling the ingress supports SNI. 6365 items: 6366 description: IngressTLS describes the transport layer 6367 security associated with an ingress. 6368 properties: 6369 hosts: 6370 description: hosts is a list of hosts included in 6371 the TLS certificate. The values in this list must 6372 match the name/s used in the tlsSecret. Defaults 6373 to the wildcard host setting for the loadbalancer 6374 controller fulfilling this Ingress, if left unspecified. 6375 items: 6376 type: string 6377 type: array 6378 x-kubernetes-list-type: atomic 6379 secretName: 6380 description: secretName is the name of the secret 6381 used to terminate TLS traffic on port 443. Field 6382 is left optional to allow TLS routing based on 6383 SNI hostname alone. If the SNI host in a listener 6384 conflicts with the "Host" header field used by 6385 an IngressRule, the SNI host is used for termination 6386 and value of the "Host" header is used for routing. 6387 type: string 6388 type: object 6389 type: array 6390 required: 6391 - enabled 6392 type: object 6393 type: object 6394 host: 6395 description: Host is the hostname to use for Ingress/Route resources. 6396 type: string 6397 ingress: 6398 description: Ingress defines the desired state for an Ingress 6399 for the Argo CD Server component. 6400 properties: 6401 annotations: 6402 additionalProperties: 6403 type: string 6404 description: Annotations is the map of annotations to apply 6405 to the Ingress. 6406 type: object 6407 enabled: 6408 description: Enabled will toggle the creation of the Ingress. 6409 type: boolean 6410 ingressClassName: 6411 description: IngressClassName for the Ingress resource. 6412 type: string 6413 path: 6414 description: Path used for the Ingress resource. 6415 type: string 6416 tls: 6417 description: TLS configuration. Currently the Ingress only 6418 supports a single TLS port, 443. If multiple members of 6419 this list specify different hosts, they will be multiplexed 6420 on the same port according to the hostname specified through 6421 the SNI TLS extension, if the ingress controller fulfilling 6422 the ingress supports SNI. 6423 items: 6424 description: IngressTLS describes the transport layer security 6425 associated with an ingress. 6426 properties: 6427 hosts: 6428 description: hosts is a list of hosts included in the 6429 TLS certificate. The values in this list must match 6430 the name/s used in the tlsSecret. Defaults to the 6431 wildcard host setting for the loadbalancer controller 6432 fulfilling this Ingress, if left unspecified. 6433 items: 6434 type: string 6435 type: array 6436 x-kubernetes-list-type: atomic 6437 secretName: 6438 description: secretName is the name of the secret used 6439 to terminate TLS traffic on port 443. Field is left 6440 optional to allow TLS routing based on SNI hostname 6441 alone. If the SNI host in a listener conflicts with 6442 the "Host" header field used by an IngressRule, the 6443 SNI host is used for termination and value of the 6444 "Host" header is used for routing. 6445 type: string 6446 type: object 6447 type: array 6448 required: 6449 - enabled 6450 type: object 6451 insecure: 6452 description: Insecure toggles the insecure flag. 6453 type: boolean 6454 logFormat: 6455 description: LogFormat refers to the log level to be used by the 6456 ArgoCD Server component. Defaults to ArgoCDDefaultLogFormat 6457 if not configured. Valid options are text or json. 6458 type: string 6459 logLevel: 6460 description: LogLevel refers to the log level to be used by the 6461 ArgoCD Server component. Defaults to ArgoCDDefaultLogLevel if 6462 not set. Valid options are debug, info, error, and warn. 6463 type: string 6464 replicas: 6465 description: Replicas defines the number of replicas for argocd-server. 6466 Default is nil. Value should be greater than or equal to 0. 6467 Value will be ignored if Autoscaler is enabled. 6468 format: int32 6469 type: integer 6470 resources: 6471 description: Resources defines the Compute Resources required 6472 by the container for the Argo CD server component. 6473 properties: 6474 claims: 6475 description: "Claims lists the names of resources, defined 6476 in spec.resourceClaims, that are used by this container. 6477 \n This is an alpha field and requires enabling the DynamicResourceAllocation 6478 feature gate. \n This field is immutable. It can only be 6479 set for containers." 6480 items: 6481 description: ResourceClaim references one entry in PodSpec.ResourceClaims. 6482 properties: 6483 name: 6484 description: Name must match the name of one entry in 6485 pod.spec.resourceClaims of the Pod where this field 6486 is used. It makes that resource available inside a 6487 container. 6488 type: string 6489 required: 6490 - name 6491 type: object 6492 type: array 6493 x-kubernetes-list-map-keys: 6494 - name 6495 x-kubernetes-list-type: map 6496 limits: 6497 additionalProperties: 6498 anyOf: 6499 - type: integer 6500 - type: string 6501 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 6502 x-kubernetes-int-or-string: true 6503 description: 'Limits describes the maximum amount of compute 6504 resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' 6505 type: object 6506 requests: 6507 additionalProperties: 6508 anyOf: 6509 - type: integer 6510 - type: string 6511 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 6512 x-kubernetes-int-or-string: true 6513 description: 'Requests describes the minimum amount of compute 6514 resources required. If Requests is omitted for a container, 6515 it defaults to Limits if that is explicitly specified, otherwise 6516 to an implementation-defined value. Requests cannot exceed 6517 Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' 6518 type: object 6519 type: object 6520 route: 6521 description: Route defines the desired state for an OpenShift 6522 Route for the Argo CD Server component. 6523 properties: 6524 annotations: 6525 additionalProperties: 6526 type: string 6527 description: Annotations is the map of annotations to use 6528 for the Route resource. 6529 type: object 6530 enabled: 6531 description: Enabled will toggle the creation of the OpenShift 6532 Route. 6533 type: boolean 6534 labels: 6535 additionalProperties: 6536 type: string 6537 description: Labels is the map of labels to use for the Route 6538 resource 6539 type: object 6540 path: 6541 description: Path the router watches for, to route traffic 6542 for to the service. 6543 type: string 6544 tls: 6545 description: TLS provides the ability to configure certificates 6546 and termination for the Route. 6547 properties: 6548 caCertificate: 6549 description: caCertificate provides the cert authority 6550 certificate contents 6551 type: string 6552 certificate: 6553 description: certificate provides certificate contents 6554 type: string 6555 destinationCACertificate: 6556 description: destinationCACertificate provides the contents 6557 of the ca certificate of the final destination. When 6558 using reencrypt termination this file should be provided 6559 in order to have routers use it for health checks on 6560 the secure connection. If this field is not specified, 6561 the router may provide its own destination CA and perform 6562 hostname validation using the short service name (service.namespace.svc), 6563 which allows infrastructure generated certificates to 6564 automatically verify. 6565 type: string 6566 insecureEdgeTerminationPolicy: 6567 description: "insecureEdgeTerminationPolicy indicates 6568 the desired behavior for insecure connections to a route. 6569 While each router may make its own decisions on which 6570 ports to expose, this is normally port 80. \n * Allow 6571 - traffic is sent to the server on the insecure port 6572 (default) * Disable - no traffic is allowed on the insecure 6573 port. * Redirect - clients are redirected to the secure 6574 port." 6575 type: string 6576 key: 6577 description: key provides key file contents 6578 type: string 6579 termination: 6580 description: termination indicates termination type. 6581 type: string 6582 required: 6583 - termination 6584 type: object 6585 wildcardPolicy: 6586 description: WildcardPolicy if any for the route. Currently 6587 only 'Subdomain' or 'None' is allowed. 6588 type: string 6589 required: 6590 - enabled 6591 type: object 6592 service: 6593 description: Service defines the options for the Service backing 6594 the ArgoCD Server component. 6595 properties: 6596 type: 6597 description: Type is the ServiceType to use for the Service 6598 resource. 6599 type: string 6600 required: 6601 - type 6602 type: object 6603 type: object 6604 sourceNamespaces: 6605 description: SourceNamespaces defines the namespaces application resources 6606 are allowed to be created in 6607 items: 6608 type: string 6609 type: array 6610 sso: 6611 description: SSO defines the Single Sign-on configuration for Argo 6612 CD 6613 properties: 6614 dex: 6615 description: Dex contains the configuration for Argo CD dex authentication 6616 properties: 6617 config: 6618 description: Config is the dex connector configuration. 6619 type: string 6620 groups: 6621 description: Optional list of required groups a user must 6622 be a member of 6623 items: 6624 type: string 6625 type: array 6626 image: 6627 description: Image is the Dex container image. 6628 type: string 6629 openShiftOAuth: 6630 description: OpenShiftOAuth enables OpenShift OAuth authentication 6631 for the Dex server. 6632 type: boolean 6633 resources: 6634 description: Resources defines the Compute Resources required 6635 by the container for Dex. 6636 properties: 6637 claims: 6638 description: "Claims lists the names of resources, defined 6639 in spec.resourceClaims, that are used by this container. 6640 \n This is an alpha field and requires enabling the 6641 DynamicResourceAllocation feature gate. \n This field 6642 is immutable. It can only be set for containers." 6643 items: 6644 description: ResourceClaim references one entry in PodSpec.ResourceClaims. 6645 properties: 6646 name: 6647 description: Name must match the name of one entry 6648 in pod.spec.resourceClaims of the Pod where this 6649 field is used. It makes that resource available 6650 inside a container. 6651 type: string 6652 required: 6653 - name 6654 type: object 6655 type: array 6656 x-kubernetes-list-map-keys: 6657 - name 6658 x-kubernetes-list-type: map 6659 limits: 6660 additionalProperties: 6661 anyOf: 6662 - type: integer 6663 - type: string 6664 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 6665 x-kubernetes-int-or-string: true 6666 description: 'Limits describes the maximum amount of compute 6667 resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' 6668 type: object 6669 requests: 6670 additionalProperties: 6671 anyOf: 6672 - type: integer 6673 - type: string 6674 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 6675 x-kubernetes-int-or-string: true 6676 description: 'Requests describes the minimum amount of 6677 compute resources required. If Requests is omitted for 6678 a container, it defaults to Limits if that is explicitly 6679 specified, otherwise to an implementation-defined value. 6680 Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' 6681 type: object 6682 type: object 6683 version: 6684 description: Version is the Dex container image tag. 6685 type: string 6686 type: object 6687 image: 6688 description: Deprecated field. Support dropped in v1beta1 version. 6689 Image is the SSO container image. 6690 type: string 6691 keycloak: 6692 description: Keycloak contains the configuration for Argo CD keycloak 6693 authentication 6694 properties: 6695 image: 6696 description: Image is the Keycloak container image. 6697 type: string 6698 resources: 6699 description: Resources defines the Compute Resources required 6700 by the container for Keycloak. 6701 properties: 6702 claims: 6703 description: "Claims lists the names of resources, defined 6704 in spec.resourceClaims, that are used by this container. 6705 \n This is an alpha field and requires enabling the 6706 DynamicResourceAllocation feature gate. \n This field 6707 is immutable. It can only be set for containers." 6708 items: 6709 description: ResourceClaim references one entry in PodSpec.ResourceClaims. 6710 properties: 6711 name: 6712 description: Name must match the name of one entry 6713 in pod.spec.resourceClaims of the Pod where this 6714 field is used. It makes that resource available 6715 inside a container. 6716 type: string 6717 required: 6718 - name 6719 type: object 6720 type: array 6721 x-kubernetes-list-map-keys: 6722 - name 6723 x-kubernetes-list-type: map 6724 limits: 6725 additionalProperties: 6726 anyOf: 6727 - type: integer 6728 - type: string 6729 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 6730 x-kubernetes-int-or-string: true 6731 description: 'Limits describes the maximum amount of compute 6732 resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' 6733 type: object 6734 requests: 6735 additionalProperties: 6736 anyOf: 6737 - type: integer 6738 - type: string 6739 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 6740 x-kubernetes-int-or-string: true 6741 description: 'Requests describes the minimum amount of 6742 compute resources required. If Requests is omitted for 6743 a container, it defaults to Limits if that is explicitly 6744 specified, otherwise to an implementation-defined value. 6745 Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' 6746 type: object 6747 type: object 6748 rootCA: 6749 description: Custom root CA certificate for communicating 6750 with the Keycloak OIDC provider 6751 type: string 6752 verifyTLS: 6753 description: VerifyTLS set to false disables strict TLS validation. 6754 type: boolean 6755 version: 6756 description: Version is the Keycloak container image tag. 6757 type: string 6758 type: object 6759 provider: 6760 description: Provider installs and configures the given SSO Provider 6761 with Argo CD. 6762 type: string 6763 resources: 6764 description: Deprecated field. Support dropped in v1beta1 version. 6765 Resources defines the Compute Resources required by the container 6766 for SSO. 6767 properties: 6768 claims: 6769 description: "Claims lists the names of resources, defined 6770 in spec.resourceClaims, that are used by this container. 6771 \n This is an alpha field and requires enabling the DynamicResourceAllocation 6772 feature gate. \n This field is immutable. It can only be 6773 set for containers." 6774 items: 6775 description: ResourceClaim references one entry in PodSpec.ResourceClaims. 6776 properties: 6777 name: 6778 description: Name must match the name of one entry in 6779 pod.spec.resourceClaims of the Pod where this field 6780 is used. It makes that resource available inside a 6781 container. 6782 type: string 6783 required: 6784 - name 6785 type: object 6786 type: array 6787 x-kubernetes-list-map-keys: 6788 - name 6789 x-kubernetes-list-type: map 6790 limits: 6791 additionalProperties: 6792 anyOf: 6793 - type: integer 6794 - type: string 6795 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 6796 x-kubernetes-int-or-string: true 6797 description: 'Limits describes the maximum amount of compute 6798 resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' 6799 type: object 6800 requests: 6801 additionalProperties: 6802 anyOf: 6803 - type: integer 6804 - type: string 6805 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 6806 x-kubernetes-int-or-string: true 6807 description: 'Requests describes the minimum amount of compute 6808 resources required. If Requests is omitted for a container, 6809 it defaults to Limits if that is explicitly specified, otherwise 6810 to an implementation-defined value. Requests cannot exceed 6811 Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' 6812 type: object 6813 type: object 6814 verifyTLS: 6815 description: Deprecated field. Support dropped in v1beta1 version. 6816 VerifyTLS set to false disables strict TLS validation. 6817 type: boolean 6818 version: 6819 description: Deprecated field. Support dropped in v1beta1 version. 6820 Version is the SSO container image tag. 6821 type: string 6822 type: object 6823 statusBadgeEnabled: 6824 description: StatusBadgeEnabled toggles application status badge feature. 6825 type: boolean 6826 tls: 6827 description: TLS defines the TLS options for ArgoCD. 6828 properties: 6829 ca: 6830 description: CA defines the CA options. 6831 properties: 6832 configMapName: 6833 description: ConfigMapName is the name of the ConfigMap containing 6834 the CA Certificate. 6835 type: string 6836 secretName: 6837 description: SecretName is the name of the Secret containing 6838 the CA Certificate and Key. 6839 type: string 6840 type: object 6841 initialCerts: 6842 additionalProperties: 6843 type: string 6844 description: InitialCerts defines custom TLS certificates upon 6845 creation of the cluster for connecting Git repositories via 6846 HTTPS. 6847 type: object 6848 type: object 6849 usersAnonymousEnabled: 6850 description: UsersAnonymousEnabled toggles anonymous user access. 6851 The anonymous users get default role permissions specified argocd-rbac-cm. 6852 type: boolean 6853 version: 6854 description: Version is the tag to use with the ArgoCD container image 6855 for all ArgoCD components. 6856 type: string 6857 type: object 6858 status: 6859 description: ArgoCDStatus defines the observed state of ArgoCD 6860 properties: 6861 applicationController: 6862 description: 'ApplicationController is a simple, high-level summary 6863 of where the Argo CD application controller component is in its 6864 lifecycle. There are four possible ApplicationController values: 6865 Pending: The Argo CD application controller component has been accepted 6866 by the Kubernetes system, but one or more of the required resources 6867 have not been created. Running: All of the required Pods for the 6868 Argo CD application controller component are in a Ready state. Failed: 6869 At least one of the Argo CD application controller component Pods 6870 had a failure. Unknown: The state of the Argo CD application controller 6871 component could not be obtained.' 6872 type: string 6873 applicationSetController: 6874 description: 'ApplicationSetController is a simple, high-level summary 6875 of where the Argo CD applicationSet controller component is in its 6876 lifecycle. There are four possible ApplicationSetController values: 6877 Pending: The Argo CD applicationSet controller component has been 6878 accepted by the Kubernetes system, but one or more of the required 6879 resources have not been created. Running: All of the required Pods 6880 for the Argo CD applicationSet controller component are in a Ready 6881 state. Failed: At least one of the Argo CD applicationSet controller 6882 component Pods had a failure. Unknown: The state of the Argo CD 6883 applicationSet controller component could not be obtained.' 6884 type: string 6885 host: 6886 description: Host is the hostname of the Ingress. 6887 type: string 6888 notificationsController: 6889 description: 'NotificationsController is a simple, high-level summary 6890 of where the Argo CD notifications controller component is in its 6891 lifecycle. There are four possible NotificationsController values: 6892 Pending: The Argo CD notifications controller component has been 6893 accepted by the Kubernetes system, but one or more of the required 6894 resources have not been created. Running: All of the required Pods 6895 for the Argo CD notifications controller component are in a Ready 6896 state. Failed: At least one of the Argo CD notifications controller 6897 component Pods had a failure. Unknown: The state of the Argo CD 6898 notifications controller component could not be obtained.' 6899 type: string 6900 phase: 6901 description: 'Phase is a simple, high-level summary of where the ArgoCD 6902 is in its lifecycle. There are four possible phase values: Pending: 6903 The ArgoCD has been accepted by the Kubernetes system, but one or 6904 more of the required resources have not been created. Available: 6905 All of the resources for the ArgoCD are ready. Failed: At least 6906 one resource has experienced a failure. Unknown: The state of the 6907 ArgoCD phase could not be obtained.' 6908 type: string 6909 redis: 6910 description: 'Redis is a simple, high-level summary of where the Argo 6911 CD Redis component is in its lifecycle. There are four possible 6912 redis values: Pending: The Argo CD Redis component has been accepted 6913 by the Kubernetes system, but one or more of the required resources 6914 have not been created. Running: All of the required Pods for the 6915 Argo CD Redis component are in a Ready state. Failed: At least one 6916 of the Argo CD Redis component Pods had a failure. Unknown: The 6917 state of the Argo CD Redis component could not be obtained.' 6918 type: string 6919 redisTLSChecksum: 6920 description: RedisTLSChecksum contains the SHA256 checksum of the 6921 latest known state of tls.crt and tls.key in the argocd-operator-redis-tls 6922 secret. 6923 type: string 6924 repo: 6925 description: 'Repo is a simple, high-level summary of where the Argo 6926 CD Repo component is in its lifecycle. There are four possible repo 6927 values: Pending: The Argo CD Repo component has been accepted by 6928 the Kubernetes system, but one or more of the required resources 6929 have not been created. Running: All of the required Pods for the 6930 Argo CD Repo component are in a Ready state. Failed: At least one 6931 of the Argo CD Repo component Pods had a failure. Unknown: The 6932 state of the Argo CD Repo component could not be obtained.' 6933 type: string 6934 repoTLSChecksum: 6935 description: RepoTLSChecksum contains the SHA256 checksum of the latest 6936 known state of tls.crt and tls.key in the argocd-repo-server-tls 6937 secret. 6938 type: string 6939 server: 6940 description: 'Server is a simple, high-level summary of where the 6941 Argo CD server component is in its lifecycle. There are four possible 6942 server values: Pending: The Argo CD server component has been accepted 6943 by the Kubernetes system, but one or more of the required resources 6944 have not been created. Running: All of the required Pods for the 6945 Argo CD server component are in a Ready state. Failed: At least 6946 one of the Argo CD server component Pods had a failure. Unknown: 6947 The state of the Argo CD server component could not be obtained.' 6948 type: string 6949 sso: 6950 description: 'SSO is a simple, high-level summary of where the Argo 6951 CD SSO(Dex/Keycloak) component is in its lifecycle. There are four 6952 possible sso values: Pending: The Argo CD SSO component has been 6953 accepted by the Kubernetes system, but one or more of the required 6954 resources have not been created. Running: All of the required Pods 6955 for the Argo CD SSO component are in a Ready state. Failed: At least 6956 one of the Argo CD SSO component Pods had a failure. Unknown: The 6957 state of the Argo CD SSO component could not be obtained.' 6958 type: string 6959 type: object 6960 type: object 6961 served: true 6962 storage: false 6963 subresources: 6964 status: {} 6965 - name: v1beta1 6966 schema: 6967 openAPIV3Schema: 6968 description: ArgoCD is the Schema for the argocds API 6969 properties: 6970 apiVersion: 6971 description: 'APIVersion defines the versioned schema of this representation 6972 of an object. Servers should convert recognized schemas to the latest 6973 internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' 6974 type: string 6975 kind: 6976 description: 'Kind is a string value representing the REST resource this 6977 object represents. Servers may infer this from the endpoint the client 6978 submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' 6979 type: string 6980 metadata: 6981 type: object 6982 spec: 6983 description: ArgoCDSpec defines the desired state of ArgoCD 6984 properties: 6985 applicationInstanceLabelKey: 6986 description: ApplicationInstanceLabelKey is the key name where Argo 6987 CD injects the app name as a tracking label. 6988 type: string 6989 applicationSet: 6990 description: ArgoCDApplicationSet defines whether the Argo CD ApplicationSet 6991 controller should be installed. 6992 properties: 6993 enabled: 6994 description: Enabled is the flag to enable the Application Set 6995 Controller during ArgoCD installation. (optional, default `true`) 6996 type: boolean 6997 env: 6998 description: Env lets you specify environment for applicationSet 6999 controller pods 7000 items: 7001 description: EnvVar represents an environment variable present 7002 in a Container. 7003 properties: 7004 name: 7005 description: Name of the environment variable. Must be a 7006 C_IDENTIFIER. 7007 type: string 7008 value: 7009 description: 'Variable references $(VAR_NAME) are expanded 7010 using the previously defined environment variables in 7011 the container and any service environment variables. If 7012 a variable cannot be resolved, the reference in the input 7013 string will be unchanged. Double $$ are reduced to a single 7014 $, which allows for escaping the $(VAR_NAME) syntax: i.e. 7015 "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". 7016 Escaped references will never be expanded, regardless 7017 of whether the variable exists or not. Defaults to "".' 7018 type: string 7019 valueFrom: 7020 description: Source for the environment variable's value. 7021 Cannot be used if value is not empty. 7022 properties: 7023 configMapKeyRef: 7024 description: Selects a key of a ConfigMap. 7025 properties: 7026 key: 7027 description: The key to select. 7028 type: string 7029 name: 7030 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 7031 TODO: Add other useful fields. apiVersion, kind, 7032 uid?' 7033 type: string 7034 optional: 7035 description: Specify whether the ConfigMap or its 7036 key must be defined 7037 type: boolean 7038 required: 7039 - key 7040 type: object 7041 fieldRef: 7042 description: 'Selects a field of the pod: supports metadata.name, 7043 metadata.namespace, `metadata.labels[''<KEY>'']`, 7044 `metadata.annotations[''<KEY>'']`, spec.nodeName, 7045 spec.serviceAccountName, status.hostIP, status.podIP, 7046 status.podIPs.' 7047 properties: 7048 apiVersion: 7049 description: Version of the schema the FieldPath 7050 is written in terms of, defaults to "v1". 7051 type: string 7052 fieldPath: 7053 description: Path of the field to select in the 7054 specified API version. 7055 type: string 7056 required: 7057 - fieldPath 7058 type: object 7059 resourceFieldRef: 7060 description: 'Selects a resource of the container: only 7061 resources limits and requests (limits.cpu, limits.memory, 7062 limits.ephemeral-storage, requests.cpu, requests.memory 7063 and requests.ephemeral-storage) are currently supported.' 7064 properties: 7065 containerName: 7066 description: 'Container name: required for volumes, 7067 optional for env vars' 7068 type: string 7069 divisor: 7070 anyOf: 7071 - type: integer 7072 - type: string 7073 description: Specifies the output format of the 7074 exposed resources, defaults to "1" 7075 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 7076 x-kubernetes-int-or-string: true 7077 resource: 7078 description: 'Required: resource to select' 7079 type: string 7080 required: 7081 - resource 7082 type: object 7083 secretKeyRef: 7084 description: Selects a key of a secret in the pod's 7085 namespace 7086 properties: 7087 key: 7088 description: The key of the secret to select from. Must 7089 be a valid secret key. 7090 type: string 7091 name: 7092 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 7093 TODO: Add other useful fields. apiVersion, kind, 7094 uid?' 7095 type: string 7096 optional: 7097 description: Specify whether the Secret or its key 7098 must be defined 7099 type: boolean 7100 required: 7101 - key 7102 type: object 7103 type: object 7104 required: 7105 - name 7106 type: object 7107 type: array 7108 extraCommandArgs: 7109 description: ExtraCommandArgs allows users to pass command line 7110 arguments to ApplicationSet controller. They get added to default 7111 command line arguments provided by the operator. Please note 7112 that the command line arguments provided as part of ExtraCommandArgs 7113 will not overwrite the default command line arguments. 7114 items: 7115 type: string 7116 type: array 7117 image: 7118 description: Image is the Argo CD ApplicationSet image (optional) 7119 type: string 7120 logLevel: 7121 description: LogLevel describes the log level that should be used 7122 by the ApplicationSet controller. Defaults to ArgoCDDefaultLogLevel 7123 if not set. Valid options are debug,info, error, and warn. 7124 type: string 7125 resources: 7126 description: Resources defines the Compute Resources required 7127 by the container for ApplicationSet. 7128 properties: 7129 claims: 7130 description: "Claims lists the names of resources, defined 7131 in spec.resourceClaims, that are used by this container. 7132 \n This is an alpha field and requires enabling the DynamicResourceAllocation 7133 feature gate. \n This field is immutable. It can only be 7134 set for containers." 7135 items: 7136 description: ResourceClaim references one entry in PodSpec.ResourceClaims. 7137 properties: 7138 name: 7139 description: Name must match the name of one entry in 7140 pod.spec.resourceClaims of the Pod where this field 7141 is used. It makes that resource available inside a 7142 container. 7143 type: string 7144 required: 7145 - name 7146 type: object 7147 type: array 7148 x-kubernetes-list-map-keys: 7149 - name 7150 x-kubernetes-list-type: map 7151 limits: 7152 additionalProperties: 7153 anyOf: 7154 - type: integer 7155 - type: string 7156 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 7157 x-kubernetes-int-or-string: true 7158 description: 'Limits describes the maximum amount of compute 7159 resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' 7160 type: object 7161 requests: 7162 additionalProperties: 7163 anyOf: 7164 - type: integer 7165 - type: string 7166 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 7167 x-kubernetes-int-or-string: true 7168 description: 'Requests describes the minimum amount of compute 7169 resources required. If Requests is omitted for a container, 7170 it defaults to Limits if that is explicitly specified, otherwise 7171 to an implementation-defined value. Requests cannot exceed 7172 Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' 7173 type: object 7174 type: object 7175 scmRootCAConfigMap: 7176 description: SCMRootCAConfigMap is the name of the config map 7177 that stores the Gitlab SCM Provider's TLS certificate which 7178 will be mounted on the ApplicationSet Controller (optional). 7179 type: string 7180 version: 7181 description: Version is the Argo CD ApplicationSet image tag. 7182 (optional) 7183 type: string 7184 webhookServer: 7185 description: WebhookServerSpec defines the options for the ApplicationSet 7186 Webhook Server component. 7187 properties: 7188 host: 7189 description: Host is the hostname to use for Ingress/Route 7190 resources. 7191 type: string 7192 ingress: 7193 description: Ingress defines the desired state for an Ingress 7194 for the Application set webhook component. 7195 properties: 7196 annotations: 7197 additionalProperties: 7198 type: string 7199 description: Annotations is the map of annotations to 7200 apply to the Ingress. 7201 type: object 7202 enabled: 7203 description: Enabled will toggle the creation of the Ingress. 7204 type: boolean 7205 ingressClassName: 7206 description: IngressClassName for the Ingress resource. 7207 type: string 7208 path: 7209 description: Path used for the Ingress resource. 7210 type: string 7211 tls: 7212 description: TLS configuration. Currently the Ingress 7213 only supports a single TLS port, 443. If multiple members 7214 of this list specify different hosts, they will be multiplexed 7215 on the same port according to the hostname specified 7216 through the SNI TLS extension, if the ingress controller 7217 fulfilling the ingress supports SNI. 7218 items: 7219 description: IngressTLS describes the transport layer 7220 security associated with an ingress. 7221 properties: 7222 hosts: 7223 description: hosts is a list of hosts included in 7224 the TLS certificate. The values in this list must 7225 match the name/s used in the tlsSecret. Defaults 7226 to the wildcard host setting for the loadbalancer 7227 controller fulfilling this Ingress, if left unspecified. 7228 items: 7229 type: string 7230 type: array 7231 x-kubernetes-list-type: atomic 7232 secretName: 7233 description: secretName is the name of the secret 7234 used to terminate TLS traffic on port 443. Field 7235 is left optional to allow TLS routing based on 7236 SNI hostname alone. If the SNI host in a listener 7237 conflicts with the "Host" header field used by 7238 an IngressRule, the SNI host is used for termination 7239 and value of the "Host" header is used for routing. 7240 type: string 7241 type: object 7242 type: array 7243 required: 7244 - enabled 7245 type: object 7246 route: 7247 description: Route defines the desired state for an OpenShift 7248 Route for the Application set webhook component. 7249 properties: 7250 annotations: 7251 additionalProperties: 7252 type: string 7253 description: Annotations is the map of annotations to 7254 use for the Route resource. 7255 type: object 7256 enabled: 7257 description: Enabled will toggle the creation of the OpenShift 7258 Route. 7259 type: boolean 7260 labels: 7261 additionalProperties: 7262 type: string 7263 description: Labels is the map of labels to use for the 7264 Route resource 7265 type: object 7266 path: 7267 description: Path the router watches for, to route traffic 7268 for to the service. 7269 type: string 7270 tls: 7271 description: TLS provides the ability to configure certificates 7272 and termination for the Route. 7273 properties: 7274 caCertificate: 7275 description: caCertificate provides the cert authority 7276 certificate contents 7277 type: string 7278 certificate: 7279 description: certificate provides certificate contents 7280 type: string 7281 destinationCACertificate: 7282 description: destinationCACertificate provides the 7283 contents of the ca certificate of the final destination. When 7284 using reencrypt termination this file should be 7285 provided in order to have routers use it for health 7286 checks on the secure connection. If this field is 7287 not specified, the router may provide its own destination 7288 CA and perform hostname validation using the short 7289 service name (service.namespace.svc), which allows 7290 infrastructure generated certificates to automatically 7291 verify. 7292 type: string 7293 insecureEdgeTerminationPolicy: 7294 description: "insecureEdgeTerminationPolicy indicates 7295 the desired behavior for insecure connections to 7296 a route. While each router may make its own decisions 7297 on which ports to expose, this is normally port 7298 80. \n * Allow - traffic is sent to the server on 7299 the insecure port (default) * Disable - no traffic 7300 is allowed on the insecure port. * Redirect - clients 7301 are redirected to the secure port." 7302 type: string 7303 key: 7304 description: key provides key file contents 7305 type: string 7306 termination: 7307 description: termination indicates termination type. 7308 type: string 7309 required: 7310 - termination 7311 type: object 7312 wildcardPolicy: 7313 description: WildcardPolicy if any for the route. Currently 7314 only 'Subdomain' or 'None' is allowed. 7315 type: string 7316 required: 7317 - enabled 7318 type: object 7319 type: object 7320 type: object 7321 banner: 7322 description: Banner defines an additional banner to be displayed in 7323 Argo CD UI 7324 properties: 7325 content: 7326 description: Content defines the banner message content to display 7327 type: string 7328 url: 7329 description: URL defines an optional URL to be used as banner 7330 message link 7331 type: string 7332 required: 7333 - content 7334 type: object 7335 configManagementPlugins: 7336 description: ConfigManagementPlugins is used to specify additional 7337 config management plugins. 7338 type: string 7339 controller: 7340 description: Controller defines the Application Controller options 7341 for ArgoCD. 7342 properties: 7343 appSync: 7344 description: "AppSync is used to control the sync frequency, by 7345 default the ArgoCD controller polls Git every 3m. \n Set this 7346 to a duration, e.g. 10m or 600s to control the synchronisation 7347 frequency." 7348 type: string 7349 enabled: 7350 description: Enabled is the flag to enable the Application Controller 7351 during ArgoCD installation. (optional, default `true`) 7352 type: boolean 7353 env: 7354 description: Env lets you specify environment for application 7355 controller pods 7356 items: 7357 description: EnvVar represents an environment variable present 7358 in a Container. 7359 properties: 7360 name: 7361 description: Name of the environment variable. Must be a 7362 C_IDENTIFIER. 7363 type: string 7364 value: 7365 description: 'Variable references $(VAR_NAME) are expanded 7366 using the previously defined environment variables in 7367 the container and any service environment variables. If 7368 a variable cannot be resolved, the reference in the input 7369 string will be unchanged. Double $$ are reduced to a single 7370 $, which allows for escaping the $(VAR_NAME) syntax: i.e. 7371 "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". 7372 Escaped references will never be expanded, regardless 7373 of whether the variable exists or not. Defaults to "".' 7374 type: string 7375 valueFrom: 7376 description: Source for the environment variable's value. 7377 Cannot be used if value is not empty. 7378 properties: 7379 configMapKeyRef: 7380 description: Selects a key of a ConfigMap. 7381 properties: 7382 key: 7383 description: The key to select. 7384 type: string 7385 name: 7386 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 7387 TODO: Add other useful fields. apiVersion, kind, 7388 uid?' 7389 type: string 7390 optional: 7391 description: Specify whether the ConfigMap or its 7392 key must be defined 7393 type: boolean 7394 required: 7395 - key 7396 type: object 7397 fieldRef: 7398 description: 'Selects a field of the pod: supports metadata.name, 7399 metadata.namespace, `metadata.labels[''<KEY>'']`, 7400 `metadata.annotations[''<KEY>'']`, spec.nodeName, 7401 spec.serviceAccountName, status.hostIP, status.podIP, 7402 status.podIPs.' 7403 properties: 7404 apiVersion: 7405 description: Version of the schema the FieldPath 7406 is written in terms of, defaults to "v1". 7407 type: string 7408 fieldPath: 7409 description: Path of the field to select in the 7410 specified API version. 7411 type: string 7412 required: 7413 - fieldPath 7414 type: object 7415 resourceFieldRef: 7416 description: 'Selects a resource of the container: only 7417 resources limits and requests (limits.cpu, limits.memory, 7418 limits.ephemeral-storage, requests.cpu, requests.memory 7419 and requests.ephemeral-storage) are currently supported.' 7420 properties: 7421 containerName: 7422 description: 'Container name: required for volumes, 7423 optional for env vars' 7424 type: string 7425 divisor: 7426 anyOf: 7427 - type: integer 7428 - type: string 7429 description: Specifies the output format of the 7430 exposed resources, defaults to "1" 7431 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 7432 x-kubernetes-int-or-string: true 7433 resource: 7434 description: 'Required: resource to select' 7435 type: string 7436 required: 7437 - resource 7438 type: object 7439 secretKeyRef: 7440 description: Selects a key of a secret in the pod's 7441 namespace 7442 properties: 7443 key: 7444 description: The key of the secret to select from. Must 7445 be a valid secret key. 7446 type: string 7447 name: 7448 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 7449 TODO: Add other useful fields. apiVersion, kind, 7450 uid?' 7451 type: string 7452 optional: 7453 description: Specify whether the Secret or its key 7454 must be defined 7455 type: boolean 7456 required: 7457 - key 7458 type: object 7459 type: object 7460 required: 7461 - name 7462 type: object 7463 type: array 7464 logFormat: 7465 description: LogFormat refers to the log format used by the Application 7466 Controller component. Defaults to ArgoCDDefaultLogFormat if 7467 not configured. Valid options are text or json. 7468 type: string 7469 logLevel: 7470 description: LogLevel refers to the log level used by the Application 7471 Controller component. Defaults to ArgoCDDefaultLogLevel if not 7472 configured. Valid options are debug, info, error, and warn. 7473 type: string 7474 parallelismLimit: 7475 description: ParallelismLimit defines the limit for parallel kubectl 7476 operations 7477 format: int32 7478 type: integer 7479 processors: 7480 description: Processors contains the options for the Application 7481 Controller processors. 7482 properties: 7483 operation: 7484 description: Operation is the number of application operation 7485 processors. 7486 format: int32 7487 type: integer 7488 status: 7489 description: Status is the number of application status processors. 7490 format: int32 7491 type: integer 7492 type: object 7493 resources: 7494 description: Resources defines the Compute Resources required 7495 by the container for the Application Controller. 7496 properties: 7497 claims: 7498 description: "Claims lists the names of resources, defined 7499 in spec.resourceClaims, that are used by this container. 7500 \n This is an alpha field and requires enabling the DynamicResourceAllocation 7501 feature gate. \n This field is immutable. It can only be 7502 set for containers." 7503 items: 7504 description: ResourceClaim references one entry in PodSpec.ResourceClaims. 7505 properties: 7506 name: 7507 description: Name must match the name of one entry in 7508 pod.spec.resourceClaims of the Pod where this field 7509 is used. It makes that resource available inside a 7510 container. 7511 type: string 7512 required: 7513 - name 7514 type: object 7515 type: array 7516 x-kubernetes-list-map-keys: 7517 - name 7518 x-kubernetes-list-type: map 7519 limits: 7520 additionalProperties: 7521 anyOf: 7522 - type: integer 7523 - type: string 7524 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 7525 x-kubernetes-int-or-string: true 7526 description: 'Limits describes the maximum amount of compute 7527 resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' 7528 type: object 7529 requests: 7530 additionalProperties: 7531 anyOf: 7532 - type: integer 7533 - type: string 7534 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 7535 x-kubernetes-int-or-string: true 7536 description: 'Requests describes the minimum amount of compute 7537 resources required. If Requests is omitted for a container, 7538 it defaults to Limits if that is explicitly specified, otherwise 7539 to an implementation-defined value. Requests cannot exceed 7540 Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' 7541 type: object 7542 type: object 7543 sharding: 7544 description: Sharding contains the options for the Application 7545 Controller sharding configuration. 7546 properties: 7547 clustersPerShard: 7548 description: ClustersPerShard defines the maximum number of 7549 clusters managed by each argocd shard 7550 format: int32 7551 minimum: 1 7552 type: integer 7553 dynamicScalingEnabled: 7554 description: DynamicScalingEnabled defines whether dynamic 7555 scaling should be enabled for Application Controller component 7556 type: boolean 7557 enabled: 7558 description: Enabled defines whether sharding should be enabled 7559 on the Application Controller component. 7560 type: boolean 7561 maxShards: 7562 description: MaxShards defines the maximum number of shards 7563 at any given point 7564 format: int32 7565 type: integer 7566 minShards: 7567 description: MinShards defines the minimum number of shards 7568 at any given point 7569 format: int32 7570 minimum: 1 7571 type: integer 7572 replicas: 7573 description: Replicas defines the number of replicas to run 7574 in the Application controller shard. 7575 format: int32 7576 type: integer 7577 type: object 7578 type: object 7579 disableAdmin: 7580 description: DisableAdmin will disable the admin user. 7581 type: boolean 7582 extraConfig: 7583 additionalProperties: 7584 type: string 7585 description: "ExtraConfig can be used to add fields to Argo CD configmap 7586 that are not supported by Argo CD CRD. \n Note: ExtraConfig takes 7587 precedence over Argo CD CRD. For example, A user sets `argocd.Spec.DisableAdmin` 7588 = true and also `a.Spec.ExtraConfig[\"admin.enabled\"]` = true. 7589 In this case, operator updates Argo CD Configmap as follows -> argocd-cm.Data[\"admin.enabled\"] 7590 = true." 7591 type: object 7592 gaAnonymizeUsers: 7593 description: GAAnonymizeUsers toggles user IDs being hashed before 7594 sending to google analytics. 7595 type: boolean 7596 gaTrackingID: 7597 description: GATrackingID is the google analytics tracking ID to use. 7598 type: string 7599 grafana: 7600 description: Grafana defines the Grafana server options for ArgoCD. 7601 properties: 7602 enabled: 7603 description: Enabled will toggle Grafana support globally for 7604 ArgoCD. 7605 type: boolean 7606 host: 7607 description: Host is the hostname to use for Ingress/Route resources. 7608 type: string 7609 image: 7610 description: Image is the Grafana container image. 7611 type: string 7612 ingress: 7613 description: Ingress defines the desired state for an Ingress 7614 for the Grafana component. 7615 properties: 7616 annotations: 7617 additionalProperties: 7618 type: string 7619 description: Annotations is the map of annotations to apply 7620 to the Ingress. 7621 type: object 7622 enabled: 7623 description: Enabled will toggle the creation of the Ingress. 7624 type: boolean 7625 ingressClassName: 7626 description: IngressClassName for the Ingress resource. 7627 type: string 7628 path: 7629 description: Path used for the Ingress resource. 7630 type: string 7631 tls: 7632 description: TLS configuration. Currently the Ingress only 7633 supports a single TLS port, 443. If multiple members of 7634 this list specify different hosts, they will be multiplexed 7635 on the same port according to the hostname specified through 7636 the SNI TLS extension, if the ingress controller fulfilling 7637 the ingress supports SNI. 7638 items: 7639 description: IngressTLS describes the transport layer security 7640 associated with an ingress. 7641 properties: 7642 hosts: 7643 description: hosts is a list of hosts included in the 7644 TLS certificate. The values in this list must match 7645 the name/s used in the tlsSecret. Defaults to the 7646 wildcard host setting for the loadbalancer controller 7647 fulfilling this Ingress, if left unspecified. 7648 items: 7649 type: string 7650 type: array 7651 x-kubernetes-list-type: atomic 7652 secretName: 7653 description: secretName is the name of the secret used 7654 to terminate TLS traffic on port 443. Field is left 7655 optional to allow TLS routing based on SNI hostname 7656 alone. If the SNI host in a listener conflicts with 7657 the "Host" header field used by an IngressRule, the 7658 SNI host is used for termination and value of the 7659 "Host" header is used for routing. 7660 type: string 7661 type: object 7662 type: array 7663 required: 7664 - enabled 7665 type: object 7666 resources: 7667 description: Resources defines the Compute Resources required 7668 by the container for Grafana. 7669 properties: 7670 claims: 7671 description: "Claims lists the names of resources, defined 7672 in spec.resourceClaims, that are used by this container. 7673 \n This is an alpha field and requires enabling the DynamicResourceAllocation 7674 feature gate. \n This field is immutable. It can only be 7675 set for containers." 7676 items: 7677 description: ResourceClaim references one entry in PodSpec.ResourceClaims. 7678 properties: 7679 name: 7680 description: Name must match the name of one entry in 7681 pod.spec.resourceClaims of the Pod where this field 7682 is used. It makes that resource available inside a 7683 container. 7684 type: string 7685 required: 7686 - name 7687 type: object 7688 type: array 7689 x-kubernetes-list-map-keys: 7690 - name 7691 x-kubernetes-list-type: map 7692 limits: 7693 additionalProperties: 7694 anyOf: 7695 - type: integer 7696 - type: string 7697 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 7698 x-kubernetes-int-or-string: true 7699 description: 'Limits describes the maximum amount of compute 7700 resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' 7701 type: object 7702 requests: 7703 additionalProperties: 7704 anyOf: 7705 - type: integer 7706 - type: string 7707 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 7708 x-kubernetes-int-or-string: true 7709 description: 'Requests describes the minimum amount of compute 7710 resources required. If Requests is omitted for a container, 7711 it defaults to Limits if that is explicitly specified, otherwise 7712 to an implementation-defined value. Requests cannot exceed 7713 Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' 7714 type: object 7715 type: object 7716 route: 7717 description: Route defines the desired state for an OpenShift 7718 Route for the Grafana component. 7719 properties: 7720 annotations: 7721 additionalProperties: 7722 type: string 7723 description: Annotations is the map of annotations to use 7724 for the Route resource. 7725 type: object 7726 enabled: 7727 description: Enabled will toggle the creation of the OpenShift 7728 Route. 7729 type: boolean 7730 labels: 7731 additionalProperties: 7732 type: string 7733 description: Labels is the map of labels to use for the Route 7734 resource 7735 type: object 7736 path: 7737 description: Path the router watches for, to route traffic 7738 for to the service. 7739 type: string 7740 tls: 7741 description: TLS provides the ability to configure certificates 7742 and termination for the Route. 7743 properties: 7744 caCertificate: 7745 description: caCertificate provides the cert authority 7746 certificate contents 7747 type: string 7748 certificate: 7749 description: certificate provides certificate contents 7750 type: string 7751 destinationCACertificate: 7752 description: destinationCACertificate provides the contents 7753 of the ca certificate of the final destination. When 7754 using reencrypt termination this file should be provided 7755 in order to have routers use it for health checks on 7756 the secure connection. If this field is not specified, 7757 the router may provide its own destination CA and perform 7758 hostname validation using the short service name (service.namespace.svc), 7759 which allows infrastructure generated certificates to 7760 automatically verify. 7761 type: string 7762 insecureEdgeTerminationPolicy: 7763 description: "insecureEdgeTerminationPolicy indicates 7764 the desired behavior for insecure connections to a route. 7765 While each router may make its own decisions on which 7766 ports to expose, this is normally port 80. \n * Allow 7767 - traffic is sent to the server on the insecure port 7768 (default) * Disable - no traffic is allowed on the insecure 7769 port. * Redirect - clients are redirected to the secure 7770 port." 7771 type: string 7772 key: 7773 description: key provides key file contents 7774 type: string 7775 termination: 7776 description: termination indicates termination type. 7777 type: string 7778 required: 7779 - termination 7780 type: object 7781 wildcardPolicy: 7782 description: WildcardPolicy if any for the route. Currently 7783 only 'Subdomain' or 'None' is allowed. 7784 type: string 7785 required: 7786 - enabled 7787 type: object 7788 size: 7789 description: Size is the replica count for the Grafana Deployment. 7790 format: int32 7791 type: integer 7792 version: 7793 description: Version is the Grafana container image tag. 7794 type: string 7795 required: 7796 - enabled 7797 type: object 7798 ha: 7799 description: HA options for High Availability support for the Redis 7800 component. 7801 properties: 7802 enabled: 7803 description: Enabled will toggle HA support globally for Argo 7804 CD. 7805 type: boolean 7806 redisProxyImage: 7807 description: RedisProxyImage is the Redis HAProxy container image. 7808 type: string 7809 redisProxyVersion: 7810 description: RedisProxyVersion is the Redis HAProxy container 7811 image tag. 7812 type: string 7813 resources: 7814 description: Resources defines the Compute Resources required 7815 by the container for HA. 7816 properties: 7817 claims: 7818 description: "Claims lists the names of resources, defined 7819 in spec.resourceClaims, that are used by this container. 7820 \n This is an alpha field and requires enabling the DynamicResourceAllocation 7821 feature gate. \n This field is immutable. It can only be 7822 set for containers." 7823 items: 7824 description: ResourceClaim references one entry in PodSpec.ResourceClaims. 7825 properties: 7826 name: 7827 description: Name must match the name of one entry in 7828 pod.spec.resourceClaims of the Pod where this field 7829 is used. It makes that resource available inside a 7830 container. 7831 type: string 7832 required: 7833 - name 7834 type: object 7835 type: array 7836 x-kubernetes-list-map-keys: 7837 - name 7838 x-kubernetes-list-type: map 7839 limits: 7840 additionalProperties: 7841 anyOf: 7842 - type: integer 7843 - type: string 7844 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 7845 x-kubernetes-int-or-string: true 7846 description: 'Limits describes the maximum amount of compute 7847 resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' 7848 type: object 7849 requests: 7850 additionalProperties: 7851 anyOf: 7852 - type: integer 7853 - type: string 7854 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 7855 x-kubernetes-int-or-string: true 7856 description: 'Requests describes the minimum amount of compute 7857 resources required. If Requests is omitted for a container, 7858 it defaults to Limits if that is explicitly specified, otherwise 7859 to an implementation-defined value. Requests cannot exceed 7860 Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' 7861 type: object 7862 type: object 7863 required: 7864 - enabled 7865 type: object 7866 helpChatText: 7867 description: HelpChatText is the text for getting chat help, defaults 7868 to "Chat now!" 7869 type: string 7870 helpChatURL: 7871 description: HelpChatURL is the URL for getting chat help, this will 7872 typically be your Slack channel for support. 7873 type: string 7874 image: 7875 description: Image is the ArgoCD container image for all ArgoCD components. 7876 type: string 7877 import: 7878 description: Import is the import/restore options for ArgoCD. 7879 properties: 7880 name: 7881 description: Name of an ArgoCDExport from which to import data. 7882 type: string 7883 namespace: 7884 description: Namespace for the ArgoCDExport, defaults to the same 7885 namespace as the ArgoCD. 7886 type: string 7887 required: 7888 - name 7889 type: object 7890 initialRepositories: 7891 description: InitialRepositories to configure Argo CD with upon creation 7892 of the cluster. 7893 type: string 7894 initialSSHKnownHosts: 7895 description: InitialSSHKnownHosts defines the SSH known hosts data 7896 upon creation of the cluster for connecting Git repositories via 7897 SSH. 7898 properties: 7899 excludedefaulthosts: 7900 description: ExcludeDefaultHosts describes whether you would like 7901 to include the default list of SSH Known Hosts provided by ArgoCD. 7902 type: boolean 7903 keys: 7904 description: Keys describes a custom set of SSH Known Hosts that 7905 you would like to have included in your ArgoCD server. 7906 type: string 7907 type: object 7908 kustomizeBuildOptions: 7909 description: KustomizeBuildOptions is used to specify build options/parameters 7910 to use with `kustomize build`. 7911 type: string 7912 kustomizeVersions: 7913 description: KustomizeVersions is a listing of configured versions 7914 of Kustomize to be made available within ArgoCD. 7915 items: 7916 description: KustomizeVersionSpec is used to specify information 7917 about a kustomize version to be used within ArgoCD. 7918 properties: 7919 path: 7920 description: Path is the path to a configured kustomize version 7921 on the filesystem of your repo server. 7922 type: string 7923 version: 7924 description: Version is a configured kustomize version in the 7925 format of vX.Y.Z 7926 type: string 7927 type: object 7928 type: array 7929 monitoring: 7930 description: Monitoring defines whether workload status monitoring 7931 configuration for this instance. 7932 properties: 7933 enabled: 7934 description: Enabled defines whether workload status monitoring 7935 is enabled for this instance or not 7936 type: boolean 7937 required: 7938 - enabled 7939 type: object 7940 nodePlacement: 7941 description: NodePlacement defines NodeSelectors and Taints for Argo 7942 CD workloads 7943 properties: 7944 nodeSelector: 7945 additionalProperties: 7946 type: string 7947 description: NodeSelector is a field of PodSpec, it is a map of 7948 key value pairs used for node selection 7949 type: object 7950 tolerations: 7951 description: Tolerations allow the pods to schedule onto nodes 7952 with matching taints 7953 items: 7954 description: The pod this Toleration is attached to tolerates 7955 any taint that matches the triple <key,value,effect> using 7956 the matching operator <operator>. 7957 properties: 7958 effect: 7959 description: Effect indicates the taint effect to match. 7960 Empty means match all taint effects. When specified, allowed 7961 values are NoSchedule, PreferNoSchedule and NoExecute. 7962 type: string 7963 key: 7964 description: Key is the taint key that the toleration applies 7965 to. Empty means match all taint keys. If the key is empty, 7966 operator must be Exists; this combination means to match 7967 all values and all keys. 7968 type: string 7969 operator: 7970 description: Operator represents a key's relationship to 7971 the value. Valid operators are Exists and Equal. Defaults 7972 to Equal. Exists is equivalent to wildcard for value, 7973 so that a pod can tolerate all taints of a particular 7974 category. 7975 type: string 7976 tolerationSeconds: 7977 description: TolerationSeconds represents the period of 7978 time the toleration (which must be of effect NoExecute, 7979 otherwise this field is ignored) tolerates the taint. 7980 By default, it is not set, which means tolerate the taint 7981 forever (do not evict). Zero and negative values will 7982 be treated as 0 (evict immediately) by the system. 7983 format: int64 7984 type: integer 7985 value: 7986 description: Value is the taint value the toleration matches 7987 to. If the operator is Exists, the value should be empty, 7988 otherwise just a regular string. 7989 type: string 7990 type: object 7991 type: array 7992 type: object 7993 notifications: 7994 description: Notifications defines whether the Argo CD Notifications 7995 controller should be installed. 7996 properties: 7997 enabled: 7998 description: Enabled defines whether argocd-notifications controller 7999 should be deployed or not 8000 type: boolean 8001 env: 8002 description: Env let you specify environment variables for Notifications 8003 pods 8004 items: 8005 description: EnvVar represents an environment variable present 8006 in a Container. 8007 properties: 8008 name: 8009 description: Name of the environment variable. Must be a 8010 C_IDENTIFIER. 8011 type: string 8012 value: 8013 description: 'Variable references $(VAR_NAME) are expanded 8014 using the previously defined environment variables in 8015 the container and any service environment variables. If 8016 a variable cannot be resolved, the reference in the input 8017 string will be unchanged. Double $$ are reduced to a single 8018 $, which allows for escaping the $(VAR_NAME) syntax: i.e. 8019 "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". 8020 Escaped references will never be expanded, regardless 8021 of whether the variable exists or not. Defaults to "".' 8022 type: string 8023 valueFrom: 8024 description: Source for the environment variable's value. 8025 Cannot be used if value is not empty. 8026 properties: 8027 configMapKeyRef: 8028 description: Selects a key of a ConfigMap. 8029 properties: 8030 key: 8031 description: The key to select. 8032 type: string 8033 name: 8034 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 8035 TODO: Add other useful fields. apiVersion, kind, 8036 uid?' 8037 type: string 8038 optional: 8039 description: Specify whether the ConfigMap or its 8040 key must be defined 8041 type: boolean 8042 required: 8043 - key 8044 type: object 8045 fieldRef: 8046 description: 'Selects a field of the pod: supports metadata.name, 8047 metadata.namespace, `metadata.labels[''<KEY>'']`, 8048 `metadata.annotations[''<KEY>'']`, spec.nodeName, 8049 spec.serviceAccountName, status.hostIP, status.podIP, 8050 status.podIPs.' 8051 properties: 8052 apiVersion: 8053 description: Version of the schema the FieldPath 8054 is written in terms of, defaults to "v1". 8055 type: string 8056 fieldPath: 8057 description: Path of the field to select in the 8058 specified API version. 8059 type: string 8060 required: 8061 - fieldPath 8062 type: object 8063 resourceFieldRef: 8064 description: 'Selects a resource of the container: only 8065 resources limits and requests (limits.cpu, limits.memory, 8066 limits.ephemeral-storage, requests.cpu, requests.memory 8067 and requests.ephemeral-storage) are currently supported.' 8068 properties: 8069 containerName: 8070 description: 'Container name: required for volumes, 8071 optional for env vars' 8072 type: string 8073 divisor: 8074 anyOf: 8075 - type: integer 8076 - type: string 8077 description: Specifies the output format of the 8078 exposed resources, defaults to "1" 8079 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 8080 x-kubernetes-int-or-string: true 8081 resource: 8082 description: 'Required: resource to select' 8083 type: string 8084 required: 8085 - resource 8086 type: object 8087 secretKeyRef: 8088 description: Selects a key of a secret in the pod's 8089 namespace 8090 properties: 8091 key: 8092 description: The key of the secret to select from. Must 8093 be a valid secret key. 8094 type: string 8095 name: 8096 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 8097 TODO: Add other useful fields. apiVersion, kind, 8098 uid?' 8099 type: string 8100 optional: 8101 description: Specify whether the Secret or its key 8102 must be defined 8103 type: boolean 8104 required: 8105 - key 8106 type: object 8107 type: object 8108 required: 8109 - name 8110 type: object 8111 type: array 8112 image: 8113 description: Image is the Argo CD Notifications image (optional) 8114 type: string 8115 logLevel: 8116 description: LogLevel describes the log level that should be used 8117 by the argocd-notifications. Defaults to ArgoCDDefaultLogLevel 8118 if not set. Valid options are debug,info, error, and warn. 8119 type: string 8120 replicas: 8121 description: Replicas defines the number of replicas to run for 8122 notifications-controller 8123 format: int32 8124 type: integer 8125 resources: 8126 description: Resources defines the Compute Resources required 8127 by the container for Argo CD Notifications. 8128 properties: 8129 claims: 8130 description: "Claims lists the names of resources, defined 8131 in spec.resourceClaims, that are used by this container. 8132 \n This is an alpha field and requires enabling the DynamicResourceAllocation 8133 feature gate. \n This field is immutable. It can only be 8134 set for containers." 8135 items: 8136 description: ResourceClaim references one entry in PodSpec.ResourceClaims. 8137 properties: 8138 name: 8139 description: Name must match the name of one entry in 8140 pod.spec.resourceClaims of the Pod where this field 8141 is used. It makes that resource available inside a 8142 container. 8143 type: string 8144 required: 8145 - name 8146 type: object 8147 type: array 8148 x-kubernetes-list-map-keys: 8149 - name 8150 x-kubernetes-list-type: map 8151 limits: 8152 additionalProperties: 8153 anyOf: 8154 - type: integer 8155 - type: string 8156 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 8157 x-kubernetes-int-or-string: true 8158 description: 'Limits describes the maximum amount of compute 8159 resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' 8160 type: object 8161 requests: 8162 additionalProperties: 8163 anyOf: 8164 - type: integer 8165 - type: string 8166 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 8167 x-kubernetes-int-or-string: true 8168 description: 'Requests describes the minimum amount of compute 8169 resources required. If Requests is omitted for a container, 8170 it defaults to Limits if that is explicitly specified, otherwise 8171 to an implementation-defined value. Requests cannot exceed 8172 Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' 8173 type: object 8174 type: object 8175 version: 8176 description: Version is the Argo CD Notifications image tag. (optional) 8177 type: string 8178 required: 8179 - enabled 8180 type: object 8181 oidcConfig: 8182 description: OIDCConfig is the OIDC configuration as an alternative 8183 to dex. 8184 type: string 8185 prometheus: 8186 description: Prometheus defines the Prometheus server options for 8187 ArgoCD. 8188 properties: 8189 enabled: 8190 description: Enabled will toggle Prometheus support globally for 8191 ArgoCD. 8192 type: boolean 8193 host: 8194 description: Host is the hostname to use for Ingress/Route resources. 8195 type: string 8196 ingress: 8197 description: Ingress defines the desired state for an Ingress 8198 for the Prometheus component. 8199 properties: 8200 annotations: 8201 additionalProperties: 8202 type: string 8203 description: Annotations is the map of annotations to apply 8204 to the Ingress. 8205 type: object 8206 enabled: 8207 description: Enabled will toggle the creation of the Ingress. 8208 type: boolean 8209 ingressClassName: 8210 description: IngressClassName for the Ingress resource. 8211 type: string 8212 path: 8213 description: Path used for the Ingress resource. 8214 type: string 8215 tls: 8216 description: TLS configuration. Currently the Ingress only 8217 supports a single TLS port, 443. If multiple members of 8218 this list specify different hosts, they will be multiplexed 8219 on the same port according to the hostname specified through 8220 the SNI TLS extension, if the ingress controller fulfilling 8221 the ingress supports SNI. 8222 items: 8223 description: IngressTLS describes the transport layer security 8224 associated with an ingress. 8225 properties: 8226 hosts: 8227 description: hosts is a list of hosts included in the 8228 TLS certificate. The values in this list must match 8229 the name/s used in the tlsSecret. Defaults to the 8230 wildcard host setting for the loadbalancer controller 8231 fulfilling this Ingress, if left unspecified. 8232 items: 8233 type: string 8234 type: array 8235 x-kubernetes-list-type: atomic 8236 secretName: 8237 description: secretName is the name of the secret used 8238 to terminate TLS traffic on port 443. Field is left 8239 optional to allow TLS routing based on SNI hostname 8240 alone. If the SNI host in a listener conflicts with 8241 the "Host" header field used by an IngressRule, the 8242 SNI host is used for termination and value of the 8243 "Host" header is used for routing. 8244 type: string 8245 type: object 8246 type: array 8247 required: 8248 - enabled 8249 type: object 8250 route: 8251 description: Route defines the desired state for an OpenShift 8252 Route for the Prometheus component. 8253 properties: 8254 annotations: 8255 additionalProperties: 8256 type: string 8257 description: Annotations is the map of annotations to use 8258 for the Route resource. 8259 type: object 8260 enabled: 8261 description: Enabled will toggle the creation of the OpenShift 8262 Route. 8263 type: boolean 8264 labels: 8265 additionalProperties: 8266 type: string 8267 description: Labels is the map of labels to use for the Route 8268 resource 8269 type: object 8270 path: 8271 description: Path the router watches for, to route traffic 8272 for to the service. 8273 type: string 8274 tls: 8275 description: TLS provides the ability to configure certificates 8276 and termination for the Route. 8277 properties: 8278 caCertificate: 8279 description: caCertificate provides the cert authority 8280 certificate contents 8281 type: string 8282 certificate: 8283 description: certificate provides certificate contents 8284 type: string 8285 destinationCACertificate: 8286 description: destinationCACertificate provides the contents 8287 of the ca certificate of the final destination. When 8288 using reencrypt termination this file should be provided 8289 in order to have routers use it for health checks on 8290 the secure connection. If this field is not specified, 8291 the router may provide its own destination CA and perform 8292 hostname validation using the short service name (service.namespace.svc), 8293 which allows infrastructure generated certificates to 8294 automatically verify. 8295 type: string 8296 insecureEdgeTerminationPolicy: 8297 description: "insecureEdgeTerminationPolicy indicates 8298 the desired behavior for insecure connections to a route. 8299 While each router may make its own decisions on which 8300 ports to expose, this is normally port 80. \n * Allow 8301 - traffic is sent to the server on the insecure port 8302 (default) * Disable - no traffic is allowed on the insecure 8303 port. * Redirect - clients are redirected to the secure 8304 port." 8305 type: string 8306 key: 8307 description: key provides key file contents 8308 type: string 8309 termination: 8310 description: termination indicates termination type. 8311 type: string 8312 required: 8313 - termination 8314 type: object 8315 wildcardPolicy: 8316 description: WildcardPolicy if any for the route. Currently 8317 only 'Subdomain' or 'None' is allowed. 8318 type: string 8319 required: 8320 - enabled 8321 type: object 8322 size: 8323 description: Size is the replica count for the Prometheus StatefulSet. 8324 format: int32 8325 type: integer 8326 required: 8327 - enabled 8328 type: object 8329 rbac: 8330 description: RBAC defines the RBAC configuration for Argo CD. 8331 properties: 8332 defaultPolicy: 8333 description: DefaultPolicy is the name of the default role which 8334 Argo CD will falls back to, when authorizing API requests (optional). 8335 If omitted or empty, users may be still be able to login, but 8336 will see no apps, projects, etc... 8337 type: string 8338 policy: 8339 description: 'Policy is CSV containing user-defined RBAC policies 8340 and role definitions. Policy rules are in the form: p, subject, 8341 resource, action, object, effect Role definitions and bindings 8342 are in the form: g, subject, inherited-subject See https://github.com/argoproj/argo-cd/blob/master/docs/operator-manual/rbac.md 8343 for additional information.' 8344 type: string 8345 policyMatcherMode: 8346 description: PolicyMatcherMode configures the matchers function 8347 mode for casbin. There are two options for this, 'glob' for 8348 glob matcher or 'regex' for regex matcher. 8349 type: string 8350 scopes: 8351 description: 'Scopes controls which OIDC scopes to examine during 8352 rbac enforcement (in addition to `sub` scope). If omitted, defaults 8353 to: ''[groups]''.' 8354 type: string 8355 type: object 8356 redis: 8357 description: Redis defines the Redis server options for ArgoCD. 8358 properties: 8359 autotls: 8360 description: 'AutoTLS specifies the method to use for automatic 8361 TLS configuration for the redis server The value specified here 8362 can currently be: - openshift - Use the OpenShift service CA 8363 to request TLS config' 8364 type: string 8365 disableTLSVerification: 8366 description: DisableTLSVerification defines whether redis server 8367 API should be accessed using strict TLS validation 8368 type: boolean 8369 enabled: 8370 description: Enabled is the flag to enable Redis during ArgoCD 8371 installation. (optional, default `true`) 8372 type: boolean 8373 image: 8374 description: Image is the Redis container image. 8375 type: string 8376 remote: 8377 description: Remote specifies the remote URL of the Redis container. 8378 (optional, by default, a local instance managed by the operator 8379 is used.) 8380 type: string 8381 resources: 8382 description: Resources defines the Compute Resources required 8383 by the container for Redis. 8384 properties: 8385 claims: 8386 description: "Claims lists the names of resources, defined 8387 in spec.resourceClaims, that are used by this container. 8388 \n This is an alpha field and requires enabling the DynamicResourceAllocation 8389 feature gate. \n This field is immutable. It can only be 8390 set for containers." 8391 items: 8392 description: ResourceClaim references one entry in PodSpec.ResourceClaims. 8393 properties: 8394 name: 8395 description: Name must match the name of one entry in 8396 pod.spec.resourceClaims of the Pod where this field 8397 is used. It makes that resource available inside a 8398 container. 8399 type: string 8400 required: 8401 - name 8402 type: object 8403 type: array 8404 x-kubernetes-list-map-keys: 8405 - name 8406 x-kubernetes-list-type: map 8407 limits: 8408 additionalProperties: 8409 anyOf: 8410 - type: integer 8411 - type: string 8412 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 8413 x-kubernetes-int-or-string: true 8414 description: 'Limits describes the maximum amount of compute 8415 resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' 8416 type: object 8417 requests: 8418 additionalProperties: 8419 anyOf: 8420 - type: integer 8421 - type: string 8422 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 8423 x-kubernetes-int-or-string: true 8424 description: 'Requests describes the minimum amount of compute 8425 resources required. If Requests is omitted for a container, 8426 it defaults to Limits if that is explicitly specified, otherwise 8427 to an implementation-defined value. Requests cannot exceed 8428 Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' 8429 type: object 8430 type: object 8431 version: 8432 description: Version is the Redis container image tag. 8433 type: string 8434 type: object 8435 repo: 8436 description: Repo defines the repo server options for Argo CD. 8437 properties: 8438 autotls: 8439 description: 'AutoTLS specifies the method to use for automatic 8440 TLS configuration for the repo server The value specified here 8441 can currently be: - openshift - Use the OpenShift service CA 8442 to request TLS config' 8443 type: string 8444 enabled: 8445 description: Enabled is the flag to enable Repo Server during 8446 ArgoCD installation. (optional, default `true`) 8447 type: boolean 8448 env: 8449 description: Env lets you specify environment for repo server 8450 pods 8451 items: 8452 description: EnvVar represents an environment variable present 8453 in a Container. 8454 properties: 8455 name: 8456 description: Name of the environment variable. Must be a 8457 C_IDENTIFIER. 8458 type: string 8459 value: 8460 description: 'Variable references $(VAR_NAME) are expanded 8461 using the previously defined environment variables in 8462 the container and any service environment variables. If 8463 a variable cannot be resolved, the reference in the input 8464 string will be unchanged. Double $$ are reduced to a single 8465 $, which allows for escaping the $(VAR_NAME) syntax: i.e. 8466 "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". 8467 Escaped references will never be expanded, regardless 8468 of whether the variable exists or not. Defaults to "".' 8469 type: string 8470 valueFrom: 8471 description: Source for the environment variable's value. 8472 Cannot be used if value is not empty. 8473 properties: 8474 configMapKeyRef: 8475 description: Selects a key of a ConfigMap. 8476 properties: 8477 key: 8478 description: The key to select. 8479 type: string 8480 name: 8481 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 8482 TODO: Add other useful fields. apiVersion, kind, 8483 uid?' 8484 type: string 8485 optional: 8486 description: Specify whether the ConfigMap or its 8487 key must be defined 8488 type: boolean 8489 required: 8490 - key 8491 type: object 8492 fieldRef: 8493 description: 'Selects a field of the pod: supports metadata.name, 8494 metadata.namespace, `metadata.labels[''<KEY>'']`, 8495 `metadata.annotations[''<KEY>'']`, spec.nodeName, 8496 spec.serviceAccountName, status.hostIP, status.podIP, 8497 status.podIPs.' 8498 properties: 8499 apiVersion: 8500 description: Version of the schema the FieldPath 8501 is written in terms of, defaults to "v1". 8502 type: string 8503 fieldPath: 8504 description: Path of the field to select in the 8505 specified API version. 8506 type: string 8507 required: 8508 - fieldPath 8509 type: object 8510 resourceFieldRef: 8511 description: 'Selects a resource of the container: only 8512 resources limits and requests (limits.cpu, limits.memory, 8513 limits.ephemeral-storage, requests.cpu, requests.memory 8514 and requests.ephemeral-storage) are currently supported.' 8515 properties: 8516 containerName: 8517 description: 'Container name: required for volumes, 8518 optional for env vars' 8519 type: string 8520 divisor: 8521 anyOf: 8522 - type: integer 8523 - type: string 8524 description: Specifies the output format of the 8525 exposed resources, defaults to "1" 8526 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 8527 x-kubernetes-int-or-string: true 8528 resource: 8529 description: 'Required: resource to select' 8530 type: string 8531 required: 8532 - resource 8533 type: object 8534 secretKeyRef: 8535 description: Selects a key of a secret in the pod's 8536 namespace 8537 properties: 8538 key: 8539 description: The key of the secret to select from. Must 8540 be a valid secret key. 8541 type: string 8542 name: 8543 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 8544 TODO: Add other useful fields. apiVersion, kind, 8545 uid?' 8546 type: string 8547 optional: 8548 description: Specify whether the Secret or its key 8549 must be defined 8550 type: boolean 8551 required: 8552 - key 8553 type: object 8554 type: object 8555 required: 8556 - name 8557 type: object 8558 type: array 8559 execTimeout: 8560 description: ExecTimeout specifies the timeout in seconds for 8561 tool execution 8562 type: integer 8563 extraRepoCommandArgs: 8564 description: Extra Command arguments allows users to pass command 8565 line arguments to repo server workload. They get added to default 8566 command line arguments provided by the operator. Please note 8567 that the command line arguments provided as part of ExtraRepoCommandArgs 8568 will not overwrite the default command line arguments. 8569 items: 8570 type: string 8571 type: array 8572 image: 8573 description: Image is the ArgoCD Repo Server container image. 8574 type: string 8575 initContainers: 8576 description: InitContainers defines the list of initialization 8577 containers for the repo server deployment 8578 items: 8579 description: A single application container that you want to 8580 run within a pod. 8581 properties: 8582 args: 8583 description: 'Arguments to the entrypoint. The container 8584 image''s CMD is used if this is not provided. Variable 8585 references $(VAR_NAME) are expanded using the container''s 8586 environment. If a variable cannot be resolved, the reference 8587 in the input string will be unchanged. Double $$ are reduced 8588 to a single $, which allows for escaping the $(VAR_NAME) 8589 syntax: i.e. "$$(VAR_NAME)" will produce the string literal 8590 "$(VAR_NAME)". Escaped references will never be expanded, 8591 regardless of whether the variable exists or not. Cannot 8592 be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell' 8593 items: 8594 type: string 8595 type: array 8596 command: 8597 description: 'Entrypoint array. Not executed within a shell. 8598 The container image''s ENTRYPOINT is used if this is not 8599 provided. Variable references $(VAR_NAME) are expanded 8600 using the container''s environment. If a variable cannot 8601 be resolved, the reference in the input string will be 8602 unchanged. Double $$ are reduced to a single $, which 8603 allows for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" 8604 will produce the string literal "$(VAR_NAME)". Escaped 8605 references will never be expanded, regardless of whether 8606 the variable exists or not. Cannot be updated. More info: 8607 https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell' 8608 items: 8609 type: string 8610 type: array 8611 env: 8612 description: List of environment variables to set in the 8613 container. Cannot be updated. 8614 items: 8615 description: EnvVar represents an environment variable 8616 present in a Container. 8617 properties: 8618 name: 8619 description: Name of the environment variable. Must 8620 be a C_IDENTIFIER. 8621 type: string 8622 value: 8623 description: 'Variable references $(VAR_NAME) are 8624 expanded using the previously defined environment 8625 variables in the container and any service environment 8626 variables. If a variable cannot be resolved, the 8627 reference in the input string will be unchanged. 8628 Double $$ are reduced to a single $, which allows 8629 for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" 8630 will produce the string literal "$(VAR_NAME)". Escaped 8631 references will never be expanded, regardless of 8632 whether the variable exists or not. Defaults to 8633 "".' 8634 type: string 8635 valueFrom: 8636 description: Source for the environment variable's 8637 value. Cannot be used if value is not empty. 8638 properties: 8639 configMapKeyRef: 8640 description: Selects a key of a ConfigMap. 8641 properties: 8642 key: 8643 description: The key to select. 8644 type: string 8645 name: 8646 description: 'Name of the referent. More info: 8647 https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 8648 TODO: Add other useful fields. apiVersion, 8649 kind, uid?' 8650 type: string 8651 optional: 8652 description: Specify whether the ConfigMap 8653 or its key must be defined 8654 type: boolean 8655 required: 8656 - key 8657 type: object 8658 fieldRef: 8659 description: 'Selects a field of the pod: supports 8660 metadata.name, metadata.namespace, `metadata.labels[''<KEY>'']`, 8661 `metadata.annotations[''<KEY>'']`, spec.nodeName, 8662 spec.serviceAccountName, status.hostIP, status.podIP, 8663 status.podIPs.' 8664 properties: 8665 apiVersion: 8666 description: Version of the schema the FieldPath 8667 is written in terms of, defaults to "v1". 8668 type: string 8669 fieldPath: 8670 description: Path of the field to select in 8671 the specified API version. 8672 type: string 8673 required: 8674 - fieldPath 8675 type: object 8676 resourceFieldRef: 8677 description: 'Selects a resource of the container: 8678 only resources limits and requests (limits.cpu, 8679 limits.memory, limits.ephemeral-storage, requests.cpu, 8680 requests.memory and requests.ephemeral-storage) 8681 are currently supported.' 8682 properties: 8683 containerName: 8684 description: 'Container name: required for 8685 volumes, optional for env vars' 8686 type: string 8687 divisor: 8688 anyOf: 8689 - type: integer 8690 - type: string 8691 description: Specifies the output format of 8692 the exposed resources, defaults to "1" 8693 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 8694 x-kubernetes-int-or-string: true 8695 resource: 8696 description: 'Required: resource to select' 8697 type: string 8698 required: 8699 - resource 8700 type: object 8701 secretKeyRef: 8702 description: Selects a key of a secret in the 8703 pod's namespace 8704 properties: 8705 key: 8706 description: The key of the secret to select 8707 from. Must be a valid secret key. 8708 type: string 8709 name: 8710 description: 'Name of the referent. More info: 8711 https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 8712 TODO: Add other useful fields. apiVersion, 8713 kind, uid?' 8714 type: string 8715 optional: 8716 description: Specify whether the Secret or 8717 its key must be defined 8718 type: boolean 8719 required: 8720 - key 8721 type: object 8722 type: object 8723 required: 8724 - name 8725 type: object 8726 type: array 8727 envFrom: 8728 description: List of sources to populate environment variables 8729 in the container. The keys defined within a source must 8730 be a C_IDENTIFIER. All invalid keys will be reported as 8731 an event when the container is starting. When a key exists 8732 in multiple sources, the value associated with the last 8733 source will take precedence. Values defined by an Env 8734 with a duplicate key will take precedence. Cannot be updated. 8735 items: 8736 description: EnvFromSource represents the source of a 8737 set of ConfigMaps 8738 properties: 8739 configMapRef: 8740 description: The ConfigMap to select from 8741 properties: 8742 name: 8743 description: 'Name of the referent. More info: 8744 https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 8745 TODO: Add other useful fields. apiVersion, kind, 8746 uid?' 8747 type: string 8748 optional: 8749 description: Specify whether the ConfigMap must 8750 be defined 8751 type: boolean 8752 type: object 8753 prefix: 8754 description: An optional identifier to prepend to 8755 each key in the ConfigMap. Must be a C_IDENTIFIER. 8756 type: string 8757 secretRef: 8758 description: The Secret to select from 8759 properties: 8760 name: 8761 description: 'Name of the referent. More info: 8762 https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 8763 TODO: Add other useful fields. apiVersion, kind, 8764 uid?' 8765 type: string 8766 optional: 8767 description: Specify whether the Secret must be 8768 defined 8769 type: boolean 8770 type: object 8771 type: object 8772 type: array 8773 image: 8774 description: 'Container image name. More info: https://kubernetes.io/docs/concepts/containers/images 8775 This field is optional to allow higher level config management 8776 to default or override container images in workload controllers 8777 like Deployments and StatefulSets.' 8778 type: string 8779 imagePullPolicy: 8780 description: 'Image pull policy. One of Always, Never, IfNotPresent. 8781 Defaults to Always if :latest tag is specified, or IfNotPresent 8782 otherwise. Cannot be updated. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images' 8783 type: string 8784 lifecycle: 8785 description: Actions that the management system should take 8786 in response to container lifecycle events. Cannot be updated. 8787 properties: 8788 postStart: 8789 description: 'PostStart is called immediately after 8790 a container is created. If the handler fails, the 8791 container is terminated and restarted according to 8792 its restart policy. Other management of the container 8793 blocks until the hook completes. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks' 8794 properties: 8795 exec: 8796 description: Exec specifies the action to take. 8797 properties: 8798 command: 8799 description: Command is the command line to 8800 execute inside the container, the working 8801 directory for the command is root ('/') in 8802 the container's filesystem. The command is 8803 simply exec'd, it is not run inside a shell, 8804 so traditional shell instructions ('|', etc) 8805 won't work. To use a shell, you need to explicitly 8806 call out to that shell. Exit status of 0 is 8807 treated as live/healthy and non-zero is unhealthy. 8808 items: 8809 type: string 8810 type: array 8811 type: object 8812 httpGet: 8813 description: HTTPGet specifies the http request 8814 to perform. 8815 properties: 8816 host: 8817 description: Host name to connect to, defaults 8818 to the pod IP. You probably want to set "Host" 8819 in httpHeaders instead. 8820 type: string 8821 httpHeaders: 8822 description: Custom headers to set in the request. 8823 HTTP allows repeated headers. 8824 items: 8825 description: HTTPHeader describes a custom 8826 header to be used in HTTP probes 8827 properties: 8828 name: 8829 description: The header field name. This 8830 will be canonicalized upon output, so 8831 case-variant names will be understood 8832 as the same header. 8833 type: string 8834 value: 8835 description: The header field value 8836 type: string 8837 required: 8838 - name 8839 - value 8840 type: object 8841 type: array 8842 path: 8843 description: Path to access on the HTTP server. 8844 type: string 8845 port: 8846 anyOf: 8847 - type: integer 8848 - type: string 8849 description: Name or number of the port to access 8850 on the container. Number must be in the range 8851 1 to 65535. Name must be an IANA_SVC_NAME. 8852 x-kubernetes-int-or-string: true 8853 scheme: 8854 description: Scheme to use for connecting to 8855 the host. Defaults to HTTP. 8856 type: string 8857 required: 8858 - port 8859 type: object 8860 tcpSocket: 8861 description: Deprecated. TCPSocket is NOT supported 8862 as a LifecycleHandler and kept for the backward 8863 compatibility. There are no validation of this 8864 field and lifecycle hooks will fail in runtime 8865 when tcp handler is specified. 8866 properties: 8867 host: 8868 description: 'Optional: Host name to connect 8869 to, defaults to the pod IP.' 8870 type: string 8871 port: 8872 anyOf: 8873 - type: integer 8874 - type: string 8875 description: Number or name of the port to access 8876 on the container. Number must be in the range 8877 1 to 65535. Name must be an IANA_SVC_NAME. 8878 x-kubernetes-int-or-string: true 8879 required: 8880 - port 8881 type: object 8882 type: object 8883 preStop: 8884 description: 'PreStop is called immediately before a 8885 container is terminated due to an API request or management 8886 event such as liveness/startup probe failure, preemption, 8887 resource contention, etc. The handler is not called 8888 if the container crashes or exits. The Pod''s termination 8889 grace period countdown begins before the PreStop hook 8890 is executed. Regardless of the outcome of the handler, 8891 the container will eventually terminate within the 8892 Pod''s termination grace period (unless delayed by 8893 finalizers). Other management of the container blocks 8894 until the hook completes or until the termination 8895 grace period is reached. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks' 8896 properties: 8897 exec: 8898 description: Exec specifies the action to take. 8899 properties: 8900 command: 8901 description: Command is the command line to 8902 execute inside the container, the working 8903 directory for the command is root ('/') in 8904 the container's filesystem. The command is 8905 simply exec'd, it is not run inside a shell, 8906 so traditional shell instructions ('|', etc) 8907 won't work. To use a shell, you need to explicitly 8908 call out to that shell. Exit status of 0 is 8909 treated as live/healthy and non-zero is unhealthy. 8910 items: 8911 type: string 8912 type: array 8913 type: object 8914 httpGet: 8915 description: HTTPGet specifies the http request 8916 to perform. 8917 properties: 8918 host: 8919 description: Host name to connect to, defaults 8920 to the pod IP. You probably want to set "Host" 8921 in httpHeaders instead. 8922 type: string 8923 httpHeaders: 8924 description: Custom headers to set in the request. 8925 HTTP allows repeated headers. 8926 items: 8927 description: HTTPHeader describes a custom 8928 header to be used in HTTP probes 8929 properties: 8930 name: 8931 description: The header field name. This 8932 will be canonicalized upon output, so 8933 case-variant names will be understood 8934 as the same header. 8935 type: string 8936 value: 8937 description: The header field value 8938 type: string 8939 required: 8940 - name 8941 - value 8942 type: object 8943 type: array 8944 path: 8945 description: Path to access on the HTTP server. 8946 type: string 8947 port: 8948 anyOf: 8949 - type: integer 8950 - type: string 8951 description: Name or number of the port to access 8952 on the container. Number must be in the range 8953 1 to 65535. Name must be an IANA_SVC_NAME. 8954 x-kubernetes-int-or-string: true 8955 scheme: 8956 description: Scheme to use for connecting to 8957 the host. Defaults to HTTP. 8958 type: string 8959 required: 8960 - port 8961 type: object 8962 tcpSocket: 8963 description: Deprecated. TCPSocket is NOT supported 8964 as a LifecycleHandler and kept for the backward 8965 compatibility. There are no validation of this 8966 field and lifecycle hooks will fail in runtime 8967 when tcp handler is specified. 8968 properties: 8969 host: 8970 description: 'Optional: Host name to connect 8971 to, defaults to the pod IP.' 8972 type: string 8973 port: 8974 anyOf: 8975 - type: integer 8976 - type: string 8977 description: Number or name of the port to access 8978 on the container. Number must be in the range 8979 1 to 65535. Name must be an IANA_SVC_NAME. 8980 x-kubernetes-int-or-string: true 8981 required: 8982 - port 8983 type: object 8984 type: object 8985 type: object 8986 livenessProbe: 8987 description: 'Periodic probe of container liveness. Container 8988 will be restarted if the probe fails. Cannot be updated. 8989 More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' 8990 properties: 8991 exec: 8992 description: Exec specifies the action to take. 8993 properties: 8994 command: 8995 description: Command is the command line to execute 8996 inside the container, the working directory for 8997 the command is root ('/') in the container's 8998 filesystem. The command is simply exec'd, it is 8999 not run inside a shell, so traditional shell instructions 9000 ('|', etc) won't work. To use a shell, you need 9001 to explicitly call out to that shell. Exit status 9002 of 0 is treated as live/healthy and non-zero is 9003 unhealthy. 9004 items: 9005 type: string 9006 type: array 9007 type: object 9008 failureThreshold: 9009 description: Minimum consecutive failures for the probe 9010 to be considered failed after having succeeded. Defaults 9011 to 3. Minimum value is 1. 9012 format: int32 9013 type: integer 9014 grpc: 9015 description: GRPC specifies an action involving a GRPC 9016 port. 9017 properties: 9018 port: 9019 description: Port number of the gRPC service. Number 9020 must be in the range 1 to 65535. 9021 format: int32 9022 type: integer 9023 service: 9024 description: "Service is the name of the service 9025 to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). 9026 \n If this is not specified, the default behavior 9027 is defined by gRPC." 9028 type: string 9029 required: 9030 - port 9031 type: object 9032 httpGet: 9033 description: HTTPGet specifies the http request to perform. 9034 properties: 9035 host: 9036 description: Host name to connect to, defaults to 9037 the pod IP. You probably want to set "Host" in 9038 httpHeaders instead. 9039 type: string 9040 httpHeaders: 9041 description: Custom headers to set in the request. 9042 HTTP allows repeated headers. 9043 items: 9044 description: HTTPHeader describes a custom header 9045 to be used in HTTP probes 9046 properties: 9047 name: 9048 description: The header field name. This will 9049 be canonicalized upon output, so case-variant 9050 names will be understood as the same header. 9051 type: string 9052 value: 9053 description: The header field value 9054 type: string 9055 required: 9056 - name 9057 - value 9058 type: object 9059 type: array 9060 path: 9061 description: Path to access on the HTTP server. 9062 type: string 9063 port: 9064 anyOf: 9065 - type: integer 9066 - type: string 9067 description: Name or number of the port to access 9068 on the container. Number must be in the range 9069 1 to 65535. Name must be an IANA_SVC_NAME. 9070 x-kubernetes-int-or-string: true 9071 scheme: 9072 description: Scheme to use for connecting to the 9073 host. Defaults to HTTP. 9074 type: string 9075 required: 9076 - port 9077 type: object 9078 initialDelaySeconds: 9079 description: 'Number of seconds after the container 9080 has started before liveness probes are initiated. 9081 More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' 9082 format: int32 9083 type: integer 9084 periodSeconds: 9085 description: How often (in seconds) to perform the probe. 9086 Default to 10 seconds. Minimum value is 1. 9087 format: int32 9088 type: integer 9089 successThreshold: 9090 description: Minimum consecutive successes for the probe 9091 to be considered successful after having failed. Defaults 9092 to 1. Must be 1 for liveness and startup. Minimum 9093 value is 1. 9094 format: int32 9095 type: integer 9096 tcpSocket: 9097 description: TCPSocket specifies an action involving 9098 a TCP port. 9099 properties: 9100 host: 9101 description: 'Optional: Host name to connect to, 9102 defaults to the pod IP.' 9103 type: string 9104 port: 9105 anyOf: 9106 - type: integer 9107 - type: string 9108 description: Number or name of the port to access 9109 on the container. Number must be in the range 9110 1 to 65535. Name must be an IANA_SVC_NAME. 9111 x-kubernetes-int-or-string: true 9112 required: 9113 - port 9114 type: object 9115 terminationGracePeriodSeconds: 9116 description: Optional duration in seconds the pod needs 9117 to terminate gracefully upon probe failure. The grace 9118 period is the duration in seconds after the processes 9119 running in the pod are sent a termination signal and 9120 the time when the processes are forcibly halted with 9121 a kill signal. Set this value longer than the expected 9122 cleanup time for your process. If this value is nil, 9123 the pod's terminationGracePeriodSeconds will be used. 9124 Otherwise, this value overrides the value provided 9125 by the pod spec. Value must be non-negative integer. 9126 The value zero indicates stop immediately via the 9127 kill signal (no opportunity to shut down). This is 9128 a beta field and requires enabling ProbeTerminationGracePeriod 9129 feature gate. Minimum value is 1. spec.terminationGracePeriodSeconds 9130 is used if unset. 9131 format: int64 9132 type: integer 9133 timeoutSeconds: 9134 description: 'Number of seconds after which the probe 9135 times out. Defaults to 1 second. Minimum value is 9136 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' 9137 format: int32 9138 type: integer 9139 type: object 9140 name: 9141 description: Name of the container specified as a DNS_LABEL. 9142 Each container in a pod must have a unique name (DNS_LABEL). 9143 Cannot be updated. 9144 type: string 9145 ports: 9146 description: List of ports to expose from the container. 9147 Not specifying a port here DOES NOT prevent that port 9148 from being exposed. Any port which is listening on the 9149 default "0.0.0.0" address inside a container will be accessible 9150 from the network. Modifying this array with strategic 9151 merge patch may corrupt the data. For more information 9152 See https://github.com/kubernetes/kubernetes/issues/108255. 9153 Cannot be updated. 9154 items: 9155 description: ContainerPort represents a network port in 9156 a single container. 9157 properties: 9158 containerPort: 9159 description: Number of port to expose on the pod's 9160 IP address. This must be a valid port number, 0 9161 < x < 65536. 9162 format: int32 9163 type: integer 9164 hostIP: 9165 description: What host IP to bind the external port 9166 to. 9167 type: string 9168 hostPort: 9169 description: Number of port to expose on the host. 9170 If specified, this must be a valid port number, 9171 0 < x < 65536. If HostNetwork is specified, this 9172 must match ContainerPort. Most containers do not 9173 need this. 9174 format: int32 9175 type: integer 9176 name: 9177 description: If specified, this must be an IANA_SVC_NAME 9178 and unique within the pod. Each named port in a 9179 pod must have a unique name. Name for the port that 9180 can be referred to by services. 9181 type: string 9182 protocol: 9183 default: TCP 9184 description: Protocol for port. Must be UDP, TCP, 9185 or SCTP. Defaults to "TCP". 9186 type: string 9187 required: 9188 - containerPort 9189 type: object 9190 type: array 9191 x-kubernetes-list-map-keys: 9192 - containerPort 9193 - protocol 9194 x-kubernetes-list-type: map 9195 readinessProbe: 9196 description: 'Periodic probe of container service readiness. 9197 Container will be removed from service endpoints if the 9198 probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' 9199 properties: 9200 exec: 9201 description: Exec specifies the action to take. 9202 properties: 9203 command: 9204 description: Command is the command line to execute 9205 inside the container, the working directory for 9206 the command is root ('/') in the container's 9207 filesystem. The command is simply exec'd, it is 9208 not run inside a shell, so traditional shell instructions 9209 ('|', etc) won't work. To use a shell, you need 9210 to explicitly call out to that shell. Exit status 9211 of 0 is treated as live/healthy and non-zero is 9212 unhealthy. 9213 items: 9214 type: string 9215 type: array 9216 type: object 9217 failureThreshold: 9218 description: Minimum consecutive failures for the probe 9219 to be considered failed after having succeeded. Defaults 9220 to 3. Minimum value is 1. 9221 format: int32 9222 type: integer 9223 grpc: 9224 description: GRPC specifies an action involving a GRPC 9225 port. 9226 properties: 9227 port: 9228 description: Port number of the gRPC service. Number 9229 must be in the range 1 to 65535. 9230 format: int32 9231 type: integer 9232 service: 9233 description: "Service is the name of the service 9234 to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). 9235 \n If this is not specified, the default behavior 9236 is defined by gRPC." 9237 type: string 9238 required: 9239 - port 9240 type: object 9241 httpGet: 9242 description: HTTPGet specifies the http request to perform. 9243 properties: 9244 host: 9245 description: Host name to connect to, defaults to 9246 the pod IP. You probably want to set "Host" in 9247 httpHeaders instead. 9248 type: string 9249 httpHeaders: 9250 description: Custom headers to set in the request. 9251 HTTP allows repeated headers. 9252 items: 9253 description: HTTPHeader describes a custom header 9254 to be used in HTTP probes 9255 properties: 9256 name: 9257 description: The header field name. This will 9258 be canonicalized upon output, so case-variant 9259 names will be understood as the same header. 9260 type: string 9261 value: 9262 description: The header field value 9263 type: string 9264 required: 9265 - name 9266 - value 9267 type: object 9268 type: array 9269 path: 9270 description: Path to access on the HTTP server. 9271 type: string 9272 port: 9273 anyOf: 9274 - type: integer 9275 - type: string 9276 description: Name or number of the port to access 9277 on the container. Number must be in the range 9278 1 to 65535. Name must be an IANA_SVC_NAME. 9279 x-kubernetes-int-or-string: true 9280 scheme: 9281 description: Scheme to use for connecting to the 9282 host. Defaults to HTTP. 9283 type: string 9284 required: 9285 - port 9286 type: object 9287 initialDelaySeconds: 9288 description: 'Number of seconds after the container 9289 has started before liveness probes are initiated. 9290 More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' 9291 format: int32 9292 type: integer 9293 periodSeconds: 9294 description: How often (in seconds) to perform the probe. 9295 Default to 10 seconds. Minimum value is 1. 9296 format: int32 9297 type: integer 9298 successThreshold: 9299 description: Minimum consecutive successes for the probe 9300 to be considered successful after having failed. Defaults 9301 to 1. Must be 1 for liveness and startup. Minimum 9302 value is 1. 9303 format: int32 9304 type: integer 9305 tcpSocket: 9306 description: TCPSocket specifies an action involving 9307 a TCP port. 9308 properties: 9309 host: 9310 description: 'Optional: Host name to connect to, 9311 defaults to the pod IP.' 9312 type: string 9313 port: 9314 anyOf: 9315 - type: integer 9316 - type: string 9317 description: Number or name of the port to access 9318 on the container. Number must be in the range 9319 1 to 65535. Name must be an IANA_SVC_NAME. 9320 x-kubernetes-int-or-string: true 9321 required: 9322 - port 9323 type: object 9324 terminationGracePeriodSeconds: 9325 description: Optional duration in seconds the pod needs 9326 to terminate gracefully upon probe failure. The grace 9327 period is the duration in seconds after the processes 9328 running in the pod are sent a termination signal and 9329 the time when the processes are forcibly halted with 9330 a kill signal. Set this value longer than the expected 9331 cleanup time for your process. If this value is nil, 9332 the pod's terminationGracePeriodSeconds will be used. 9333 Otherwise, this value overrides the value provided 9334 by the pod spec. Value must be non-negative integer. 9335 The value zero indicates stop immediately via the 9336 kill signal (no opportunity to shut down). This is 9337 a beta field and requires enabling ProbeTerminationGracePeriod 9338 feature gate. Minimum value is 1. spec.terminationGracePeriodSeconds 9339 is used if unset. 9340 format: int64 9341 type: integer 9342 timeoutSeconds: 9343 description: 'Number of seconds after which the probe 9344 times out. Defaults to 1 second. Minimum value is 9345 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' 9346 format: int32 9347 type: integer 9348 type: object 9349 resizePolicy: 9350 description: Resources resize policy for the container. 9351 items: 9352 description: ContainerResizePolicy represents resource 9353 resize policy for the container. 9354 properties: 9355 resourceName: 9356 description: 'Name of the resource to which this resource 9357 resize policy applies. Supported values: cpu, memory.' 9358 type: string 9359 restartPolicy: 9360 description: Restart policy to apply when specified 9361 resource is resized. If not specified, it defaults 9362 to NotRequired. 9363 type: string 9364 required: 9365 - resourceName 9366 - restartPolicy 9367 type: object 9368 type: array 9369 x-kubernetes-list-type: atomic 9370 resources: 9371 description: 'Compute Resources required by this container. 9372 Cannot be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' 9373 properties: 9374 claims: 9375 description: "Claims lists the names of resources, defined 9376 in spec.resourceClaims, that are used by this container. 9377 \n This is an alpha field and requires enabling the 9378 DynamicResourceAllocation feature gate. \n This field 9379 is immutable. It can only be set for containers." 9380 items: 9381 description: ResourceClaim references one entry in 9382 PodSpec.ResourceClaims. 9383 properties: 9384 name: 9385 description: Name must match the name of one entry 9386 in pod.spec.resourceClaims of the Pod where 9387 this field is used. It makes that resource available 9388 inside a container. 9389 type: string 9390 required: 9391 - name 9392 type: object 9393 type: array 9394 x-kubernetes-list-map-keys: 9395 - name 9396 x-kubernetes-list-type: map 9397 limits: 9398 additionalProperties: 9399 anyOf: 9400 - type: integer 9401 - type: string 9402 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 9403 x-kubernetes-int-or-string: true 9404 description: 'Limits describes the maximum amount of 9405 compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' 9406 type: object 9407 requests: 9408 additionalProperties: 9409 anyOf: 9410 - type: integer 9411 - type: string 9412 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 9413 x-kubernetes-int-or-string: true 9414 description: 'Requests describes the minimum amount 9415 of compute resources required. If Requests is omitted 9416 for a container, it defaults to Limits if that is 9417 explicitly specified, otherwise to an implementation-defined 9418 value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' 9419 type: object 9420 type: object 9421 restartPolicy: 9422 description: 'RestartPolicy defines the restart behavior 9423 of individual containers in a pod. This field may only 9424 be set for init containers, and the only allowed value 9425 is "Always". For non-init containers or when this field 9426 is not specified, the restart behavior is defined by the 9427 Pod''s restart policy and the container type. Setting 9428 the RestartPolicy as "Always" for the init container will 9429 have the following effect: this init container will be 9430 continually restarted on exit until all regular containers 9431 have terminated. Once all regular containers have completed, 9432 all init containers with restartPolicy "Always" will be 9433 shut down. This lifecycle differs from normal init containers 9434 and is often referred to as a "sidecar" container. Although 9435 this init container still starts in the init container 9436 sequence, it does not wait for the container to complete 9437 before proceeding to the next init container. Instead, 9438 the next init container starts immediately after this 9439 init container is started, or after any startupProbe has 9440 successfully completed.' 9441 type: string 9442 securityContext: 9443 description: 'SecurityContext defines the security options 9444 the container should be run with. If set, the fields of 9445 SecurityContext override the equivalent fields of PodSecurityContext. 9446 More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/' 9447 properties: 9448 allowPrivilegeEscalation: 9449 description: 'AllowPrivilegeEscalation controls whether 9450 a process can gain more privileges than its parent 9451 process. This bool directly controls if the no_new_privs 9452 flag will be set on the container process. AllowPrivilegeEscalation 9453 is true always when the container is: 1) run as Privileged 9454 2) has CAP_SYS_ADMIN Note that this field cannot be 9455 set when spec.os.name is windows.' 9456 type: boolean 9457 capabilities: 9458 description: The capabilities to add/drop when running 9459 containers. Defaults to the default set of capabilities 9460 granted by the container runtime. Note that this field 9461 cannot be set when spec.os.name is windows. 9462 properties: 9463 add: 9464 description: Added capabilities 9465 items: 9466 description: Capability represent POSIX capabilities 9467 type 9468 type: string 9469 type: array 9470 drop: 9471 description: Removed capabilities 9472 items: 9473 description: Capability represent POSIX capabilities 9474 type 9475 type: string 9476 type: array 9477 type: object 9478 privileged: 9479 description: Run container in privileged mode. Processes 9480 in privileged containers are essentially equivalent 9481 to root on the host. Defaults to false. Note that 9482 this field cannot be set when spec.os.name is windows. 9483 type: boolean 9484 procMount: 9485 description: procMount denotes the type of proc mount 9486 to use for the containers. The default is DefaultProcMount 9487 which uses the container runtime defaults for readonly 9488 paths and masked paths. This requires the ProcMountType 9489 feature flag to be enabled. Note that this field cannot 9490 be set when spec.os.name is windows. 9491 type: string 9492 readOnlyRootFilesystem: 9493 description: Whether this container has a read-only 9494 root filesystem. Default is false. Note that this 9495 field cannot be set when spec.os.name is windows. 9496 type: boolean 9497 runAsGroup: 9498 description: The GID to run the entrypoint of the container 9499 process. Uses runtime default if unset. May also be 9500 set in PodSecurityContext. If set in both SecurityContext 9501 and PodSecurityContext, the value specified in SecurityContext 9502 takes precedence. Note that this field cannot be set 9503 when spec.os.name is windows. 9504 format: int64 9505 type: integer 9506 runAsNonRoot: 9507 description: Indicates that the container must run as 9508 a non-root user. If true, the Kubelet will validate 9509 the image at runtime to ensure that it does not run 9510 as UID 0 (root) and fail to start the container if 9511 it does. If unset or false, no such validation will 9512 be performed. May also be set in PodSecurityContext. If 9513 set in both SecurityContext and PodSecurityContext, 9514 the value specified in SecurityContext takes precedence. 9515 type: boolean 9516 runAsUser: 9517 description: The UID to run the entrypoint of the container 9518 process. Defaults to user specified in image metadata 9519 if unspecified. May also be set in PodSecurityContext. If 9520 set in both SecurityContext and PodSecurityContext, 9521 the value specified in SecurityContext takes precedence. 9522 Note that this field cannot be set when spec.os.name 9523 is windows. 9524 format: int64 9525 type: integer 9526 seLinuxOptions: 9527 description: The SELinux context to be applied to the 9528 container. If unspecified, the container runtime will 9529 allocate a random SELinux context for each container. May 9530 also be set in PodSecurityContext. If set in both 9531 SecurityContext and PodSecurityContext, the value 9532 specified in SecurityContext takes precedence. Note 9533 that this field cannot be set when spec.os.name is 9534 windows. 9535 properties: 9536 level: 9537 description: Level is SELinux level label that applies 9538 to the container. 9539 type: string 9540 role: 9541 description: Role is a SELinux role label that applies 9542 to the container. 9543 type: string 9544 type: 9545 description: Type is a SELinux type label that applies 9546 to the container. 9547 type: string 9548 user: 9549 description: User is a SELinux user label that applies 9550 to the container. 9551 type: string 9552 type: object 9553 seccompProfile: 9554 description: The seccomp options to use by this container. 9555 If seccomp options are provided at both the pod & 9556 container level, the container options override the 9557 pod options. Note that this field cannot be set when 9558 spec.os.name is windows. 9559 properties: 9560 localhostProfile: 9561 description: localhostProfile indicates a profile 9562 defined in a file on the node should be used. 9563 The profile must be preconfigured on the node 9564 to work. Must be a descending path, relative to 9565 the kubelet's configured seccomp profile location. 9566 Must be set if type is "Localhost". Must NOT be 9567 set for any other type. 9568 type: string 9569 type: 9570 description: "type indicates which kind of seccomp 9571 profile will be applied. Valid options are: \n 9572 Localhost - a profile defined in a file on the 9573 node should be used. RuntimeDefault - the container 9574 runtime default profile should be used. Unconfined 9575 - no profile should be applied." 9576 type: string 9577 required: 9578 - type 9579 type: object 9580 windowsOptions: 9581 description: The Windows specific settings applied to 9582 all containers. If unspecified, the options from the 9583 PodSecurityContext will be used. If set in both SecurityContext 9584 and PodSecurityContext, the value specified in SecurityContext 9585 takes precedence. Note that this field cannot be set 9586 when spec.os.name is linux. 9587 properties: 9588 gmsaCredentialSpec: 9589 description: GMSACredentialSpec is where the GMSA 9590 admission webhook (https://github.com/kubernetes-sigs/windows-gmsa) 9591 inlines the contents of the GMSA credential spec 9592 named by the GMSACredentialSpecName field. 9593 type: string 9594 gmsaCredentialSpecName: 9595 description: GMSACredentialSpecName is the name 9596 of the GMSA credential spec to use. 9597 type: string 9598 hostProcess: 9599 description: HostProcess determines if a container 9600 should be run as a 'Host Process' container. All 9601 of a Pod's containers must have the same effective 9602 HostProcess value (it is not allowed to have a 9603 mix of HostProcess containers and non-HostProcess 9604 containers). In addition, if HostProcess is true 9605 then HostNetwork must also be set to true. 9606 type: boolean 9607 runAsUserName: 9608 description: The UserName in Windows to run the 9609 entrypoint of the container process. Defaults 9610 to the user specified in image metadata if unspecified. 9611 May also be set in PodSecurityContext. If set 9612 in both SecurityContext and PodSecurityContext, 9613 the value specified in SecurityContext takes precedence. 9614 type: string 9615 type: object 9616 type: object 9617 startupProbe: 9618 description: 'StartupProbe indicates that the Pod has successfully 9619 initialized. If specified, no other probes are executed 9620 until this completes successfully. If this probe fails, 9621 the Pod will be restarted, just as if the livenessProbe 9622 failed. This can be used to provide different probe parameters 9623 at the beginning of a Pod''s lifecycle, when it might 9624 take a long time to load data or warm a cache, than during 9625 steady-state operation. This cannot be updated. More info: 9626 https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' 9627 properties: 9628 exec: 9629 description: Exec specifies the action to take. 9630 properties: 9631 command: 9632 description: Command is the command line to execute 9633 inside the container, the working directory for 9634 the command is root ('/') in the container's 9635 filesystem. The command is simply exec'd, it is 9636 not run inside a shell, so traditional shell instructions 9637 ('|', etc) won't work. To use a shell, you need 9638 to explicitly call out to that shell. Exit status 9639 of 0 is treated as live/healthy and non-zero is 9640 unhealthy. 9641 items: 9642 type: string 9643 type: array 9644 type: object 9645 failureThreshold: 9646 description: Minimum consecutive failures for the probe 9647 to be considered failed after having succeeded. Defaults 9648 to 3. Minimum value is 1. 9649 format: int32 9650 type: integer 9651 grpc: 9652 description: GRPC specifies an action involving a GRPC 9653 port. 9654 properties: 9655 port: 9656 description: Port number of the gRPC service. Number 9657 must be in the range 1 to 65535. 9658 format: int32 9659 type: integer 9660 service: 9661 description: "Service is the name of the service 9662 to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). 9663 \n If this is not specified, the default behavior 9664 is defined by gRPC." 9665 type: string 9666 required: 9667 - port 9668 type: object 9669 httpGet: 9670 description: HTTPGet specifies the http request to perform. 9671 properties: 9672 host: 9673 description: Host name to connect to, defaults to 9674 the pod IP. You probably want to set "Host" in 9675 httpHeaders instead. 9676 type: string 9677 httpHeaders: 9678 description: Custom headers to set in the request. 9679 HTTP allows repeated headers. 9680 items: 9681 description: HTTPHeader describes a custom header 9682 to be used in HTTP probes 9683 properties: 9684 name: 9685 description: The header field name. This will 9686 be canonicalized upon output, so case-variant 9687 names will be understood as the same header. 9688 type: string 9689 value: 9690 description: The header field value 9691 type: string 9692 required: 9693 - name 9694 - value 9695 type: object 9696 type: array 9697 path: 9698 description: Path to access on the HTTP server. 9699 type: string 9700 port: 9701 anyOf: 9702 - type: integer 9703 - type: string 9704 description: Name or number of the port to access 9705 on the container. Number must be in the range 9706 1 to 65535. Name must be an IANA_SVC_NAME. 9707 x-kubernetes-int-or-string: true 9708 scheme: 9709 description: Scheme to use for connecting to the 9710 host. Defaults to HTTP. 9711 type: string 9712 required: 9713 - port 9714 type: object 9715 initialDelaySeconds: 9716 description: 'Number of seconds after the container 9717 has started before liveness probes are initiated. 9718 More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' 9719 format: int32 9720 type: integer 9721 periodSeconds: 9722 description: How often (in seconds) to perform the probe. 9723 Default to 10 seconds. Minimum value is 1. 9724 format: int32 9725 type: integer 9726 successThreshold: 9727 description: Minimum consecutive successes for the probe 9728 to be considered successful after having failed. Defaults 9729 to 1. Must be 1 for liveness and startup. Minimum 9730 value is 1. 9731 format: int32 9732 type: integer 9733 tcpSocket: 9734 description: TCPSocket specifies an action involving 9735 a TCP port. 9736 properties: 9737 host: 9738 description: 'Optional: Host name to connect to, 9739 defaults to the pod IP.' 9740 type: string 9741 port: 9742 anyOf: 9743 - type: integer 9744 - type: string 9745 description: Number or name of the port to access 9746 on the container. Number must be in the range 9747 1 to 65535. Name must be an IANA_SVC_NAME. 9748 x-kubernetes-int-or-string: true 9749 required: 9750 - port 9751 type: object 9752 terminationGracePeriodSeconds: 9753 description: Optional duration in seconds the pod needs 9754 to terminate gracefully upon probe failure. The grace 9755 period is the duration in seconds after the processes 9756 running in the pod are sent a termination signal and 9757 the time when the processes are forcibly halted with 9758 a kill signal. Set this value longer than the expected 9759 cleanup time for your process. If this value is nil, 9760 the pod's terminationGracePeriodSeconds will be used. 9761 Otherwise, this value overrides the value provided 9762 by the pod spec. Value must be non-negative integer. 9763 The value zero indicates stop immediately via the 9764 kill signal (no opportunity to shut down). This is 9765 a beta field and requires enabling ProbeTerminationGracePeriod 9766 feature gate. Minimum value is 1. spec.terminationGracePeriodSeconds 9767 is used if unset. 9768 format: int64 9769 type: integer 9770 timeoutSeconds: 9771 description: 'Number of seconds after which the probe 9772 times out. Defaults to 1 second. Minimum value is 9773 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' 9774 format: int32 9775 type: integer 9776 type: object 9777 stdin: 9778 description: Whether this container should allocate a buffer 9779 for stdin in the container runtime. If this is not set, 9780 reads from stdin in the container will always result in 9781 EOF. Default is false. 9782 type: boolean 9783 stdinOnce: 9784 description: Whether the container runtime should close 9785 the stdin channel after it has been opened by a single 9786 attach. When stdin is true the stdin stream will remain 9787 open across multiple attach sessions. If stdinOnce is 9788 set to true, stdin is opened on container start, is empty 9789 until the first client attaches to stdin, and then remains 9790 open and accepts data until the client disconnects, at 9791 which time stdin is closed and remains closed until the 9792 container is restarted. If this flag is false, a container 9793 processes that reads from stdin will never receive an 9794 EOF. Default is false 9795 type: boolean 9796 terminationMessagePath: 9797 description: 'Optional: Path at which the file to which 9798 the container''s termination message will be written is 9799 mounted into the container''s filesystem. Message written 9800 is intended to be brief final status, such as an assertion 9801 failure message. Will be truncated by the node if greater 9802 than 4096 bytes. The total message length across all containers 9803 will be limited to 12kb. Defaults to /dev/termination-log. 9804 Cannot be updated.' 9805 type: string 9806 terminationMessagePolicy: 9807 description: Indicate how the termination message should 9808 be populated. File will use the contents of terminationMessagePath 9809 to populate the container status message on both success 9810 and failure. FallbackToLogsOnError will use the last chunk 9811 of container log output if the termination message file 9812 is empty and the container exited with an error. The log 9813 output is limited to 2048 bytes or 80 lines, whichever 9814 is smaller. Defaults to File. Cannot be updated. 9815 type: string 9816 tty: 9817 description: Whether this container should allocate a TTY 9818 for itself, also requires 'stdin' to be true. Default 9819 is false. 9820 type: boolean 9821 volumeDevices: 9822 description: volumeDevices is the list of block devices 9823 to be used by the container. 9824 items: 9825 description: volumeDevice describes a mapping of a raw 9826 block device within a container. 9827 properties: 9828 devicePath: 9829 description: devicePath is the path inside of the 9830 container that the device will be mapped to. 9831 type: string 9832 name: 9833 description: name must match the name of a persistentVolumeClaim 9834 in the pod 9835 type: string 9836 required: 9837 - devicePath 9838 - name 9839 type: object 9840 type: array 9841 volumeMounts: 9842 description: Pod volumes to mount into the container's filesystem. 9843 Cannot be updated. 9844 items: 9845 description: VolumeMount describes a mounting of a Volume 9846 within a container. 9847 properties: 9848 mountPath: 9849 description: Path within the container at which the 9850 volume should be mounted. Must not contain ':'. 9851 type: string 9852 mountPropagation: 9853 description: mountPropagation determines how mounts 9854 are propagated from the host to container and the 9855 other way around. When not set, MountPropagationNone 9856 is used. This field is beta in 1.10. 9857 type: string 9858 name: 9859 description: This must match the Name of a Volume. 9860 type: string 9861 readOnly: 9862 description: Mounted read-only if true, read-write 9863 otherwise (false or unspecified). Defaults to false. 9864 type: boolean 9865 subPath: 9866 description: Path within the volume from which the 9867 container's volume should be mounted. Defaults to 9868 "" (volume's root). 9869 type: string 9870 subPathExpr: 9871 description: Expanded path within the volume from 9872 which the container's volume should be mounted. 9873 Behaves similarly to SubPath but environment variable 9874 references $(VAR_NAME) are expanded using the container's 9875 environment. Defaults to "" (volume's root). SubPathExpr 9876 and SubPath are mutually exclusive. 9877 type: string 9878 required: 9879 - mountPath 9880 - name 9881 type: object 9882 type: array 9883 workingDir: 9884 description: Container's working directory. If not specified, 9885 the container runtime's default will be used, which might 9886 be configured in the container image. Cannot be updated. 9887 type: string 9888 required: 9889 - name 9890 type: object 9891 type: array 9892 logFormat: 9893 description: LogFormat describes the log format that should be 9894 used by the Repo Server. Defaults to ArgoCDDefaultLogFormat 9895 if not configured. Valid options are text or json. 9896 type: string 9897 logLevel: 9898 description: LogLevel describes the log level that should be used 9899 by the Repo Server. Defaults to ArgoCDDefaultLogLevel if not 9900 set. Valid options are debug, info, error, and warn. 9901 type: string 9902 mountsatoken: 9903 description: MountSAToken describes whether you would like to 9904 have the Repo server mount the service account token 9905 type: boolean 9906 remote: 9907 description: Remote specifies the remote URL of the Repo Server 9908 container. (optional, by default, a local instance managed by 9909 the operator is used.) 9910 type: string 9911 replicas: 9912 description: Replicas defines the number of replicas for argocd-repo-server. 9913 Value should be greater than or equal to 0. Default is nil. 9914 format: int32 9915 type: integer 9916 resources: 9917 description: Resources defines the Compute Resources required 9918 by the container for Redis. 9919 properties: 9920 claims: 9921 description: "Claims lists the names of resources, defined 9922 in spec.resourceClaims, that are used by this container. 9923 \n This is an alpha field and requires enabling the DynamicResourceAllocation 9924 feature gate. \n This field is immutable. It can only be 9925 set for containers." 9926 items: 9927 description: ResourceClaim references one entry in PodSpec.ResourceClaims. 9928 properties: 9929 name: 9930 description: Name must match the name of one entry in 9931 pod.spec.resourceClaims of the Pod where this field 9932 is used. It makes that resource available inside a 9933 container. 9934 type: string 9935 required: 9936 - name 9937 type: object 9938 type: array 9939 x-kubernetes-list-map-keys: 9940 - name 9941 x-kubernetes-list-type: map 9942 limits: 9943 additionalProperties: 9944 anyOf: 9945 - type: integer 9946 - type: string 9947 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 9948 x-kubernetes-int-or-string: true 9949 description: 'Limits describes the maximum amount of compute 9950 resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' 9951 type: object 9952 requests: 9953 additionalProperties: 9954 anyOf: 9955 - type: integer 9956 - type: string 9957 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 9958 x-kubernetes-int-or-string: true 9959 description: 'Requests describes the minimum amount of compute 9960 resources required. If Requests is omitted for a container, 9961 it defaults to Limits if that is explicitly specified, otherwise 9962 to an implementation-defined value. Requests cannot exceed 9963 Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' 9964 type: object 9965 type: object 9966 serviceaccount: 9967 description: ServiceAccount defines the ServiceAccount user that 9968 you would like the Repo server to use 9969 type: string 9970 sidecarContainers: 9971 description: SidecarContainers defines the list of sidecar containers 9972 for the repo server deployment 9973 items: 9974 description: A single application container that you want to 9975 run within a pod. 9976 properties: 9977 args: 9978 description: 'Arguments to the entrypoint. The container 9979 image''s CMD is used if this is not provided. Variable 9980 references $(VAR_NAME) are expanded using the container''s 9981 environment. If a variable cannot be resolved, the reference 9982 in the input string will be unchanged. Double $$ are reduced 9983 to a single $, which allows for escaping the $(VAR_NAME) 9984 syntax: i.e. "$$(VAR_NAME)" will produce the string literal 9985 "$(VAR_NAME)". Escaped references will never be expanded, 9986 regardless of whether the variable exists or not. Cannot 9987 be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell' 9988 items: 9989 type: string 9990 type: array 9991 command: 9992 description: 'Entrypoint array. Not executed within a shell. 9993 The container image''s ENTRYPOINT is used if this is not 9994 provided. Variable references $(VAR_NAME) are expanded 9995 using the container''s environment. If a variable cannot 9996 be resolved, the reference in the input string will be 9997 unchanged. Double $$ are reduced to a single $, which 9998 allows for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" 9999 will produce the string literal "$(VAR_NAME)". Escaped 10000 references will never be expanded, regardless of whether 10001 the variable exists or not. Cannot be updated. More info: 10002 https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell' 10003 items: 10004 type: string 10005 type: array 10006 env: 10007 description: List of environment variables to set in the 10008 container. Cannot be updated. 10009 items: 10010 description: EnvVar represents an environment variable 10011 present in a Container. 10012 properties: 10013 name: 10014 description: Name of the environment variable. Must 10015 be a C_IDENTIFIER. 10016 type: string 10017 value: 10018 description: 'Variable references $(VAR_NAME) are 10019 expanded using the previously defined environment 10020 variables in the container and any service environment 10021 variables. If a variable cannot be resolved, the 10022 reference in the input string will be unchanged. 10023 Double $$ are reduced to a single $, which allows 10024 for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" 10025 will produce the string literal "$(VAR_NAME)". Escaped 10026 references will never be expanded, regardless of 10027 whether the variable exists or not. Defaults to 10028 "".' 10029 type: string 10030 valueFrom: 10031 description: Source for the environment variable's 10032 value. Cannot be used if value is not empty. 10033 properties: 10034 configMapKeyRef: 10035 description: Selects a key of a ConfigMap. 10036 properties: 10037 key: 10038 description: The key to select. 10039 type: string 10040 name: 10041 description: 'Name of the referent. More info: 10042 https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 10043 TODO: Add other useful fields. apiVersion, 10044 kind, uid?' 10045 type: string 10046 optional: 10047 description: Specify whether the ConfigMap 10048 or its key must be defined 10049 type: boolean 10050 required: 10051 - key 10052 type: object 10053 fieldRef: 10054 description: 'Selects a field of the pod: supports 10055 metadata.name, metadata.namespace, `metadata.labels[''<KEY>'']`, 10056 `metadata.annotations[''<KEY>'']`, spec.nodeName, 10057 spec.serviceAccountName, status.hostIP, status.podIP, 10058 status.podIPs.' 10059 properties: 10060 apiVersion: 10061 description: Version of the schema the FieldPath 10062 is written in terms of, defaults to "v1". 10063 type: string 10064 fieldPath: 10065 description: Path of the field to select in 10066 the specified API version. 10067 type: string 10068 required: 10069 - fieldPath 10070 type: object 10071 resourceFieldRef: 10072 description: 'Selects a resource of the container: 10073 only resources limits and requests (limits.cpu, 10074 limits.memory, limits.ephemeral-storage, requests.cpu, 10075 requests.memory and requests.ephemeral-storage) 10076 are currently supported.' 10077 properties: 10078 containerName: 10079 description: 'Container name: required for 10080 volumes, optional for env vars' 10081 type: string 10082 divisor: 10083 anyOf: 10084 - type: integer 10085 - type: string 10086 description: Specifies the output format of 10087 the exposed resources, defaults to "1" 10088 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 10089 x-kubernetes-int-or-string: true 10090 resource: 10091 description: 'Required: resource to select' 10092 type: string 10093 required: 10094 - resource 10095 type: object 10096 secretKeyRef: 10097 description: Selects a key of a secret in the 10098 pod's namespace 10099 properties: 10100 key: 10101 description: The key of the secret to select 10102 from. Must be a valid secret key. 10103 type: string 10104 name: 10105 description: 'Name of the referent. More info: 10106 https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 10107 TODO: Add other useful fields. apiVersion, 10108 kind, uid?' 10109 type: string 10110 optional: 10111 description: Specify whether the Secret or 10112 its key must be defined 10113 type: boolean 10114 required: 10115 - key 10116 type: object 10117 type: object 10118 required: 10119 - name 10120 type: object 10121 type: array 10122 envFrom: 10123 description: List of sources to populate environment variables 10124 in the container. The keys defined within a source must 10125 be a C_IDENTIFIER. All invalid keys will be reported as 10126 an event when the container is starting. When a key exists 10127 in multiple sources, the value associated with the last 10128 source will take precedence. Values defined by an Env 10129 with a duplicate key will take precedence. Cannot be updated. 10130 items: 10131 description: EnvFromSource represents the source of a 10132 set of ConfigMaps 10133 properties: 10134 configMapRef: 10135 description: The ConfigMap to select from 10136 properties: 10137 name: 10138 description: 'Name of the referent. More info: 10139 https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 10140 TODO: Add other useful fields. apiVersion, kind, 10141 uid?' 10142 type: string 10143 optional: 10144 description: Specify whether the ConfigMap must 10145 be defined 10146 type: boolean 10147 type: object 10148 prefix: 10149 description: An optional identifier to prepend to 10150 each key in the ConfigMap. Must be a C_IDENTIFIER. 10151 type: string 10152 secretRef: 10153 description: The Secret to select from 10154 properties: 10155 name: 10156 description: 'Name of the referent. More info: 10157 https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 10158 TODO: Add other useful fields. apiVersion, kind, 10159 uid?' 10160 type: string 10161 optional: 10162 description: Specify whether the Secret must be 10163 defined 10164 type: boolean 10165 type: object 10166 type: object 10167 type: array 10168 image: 10169 description: 'Container image name. More info: https://kubernetes.io/docs/concepts/containers/images 10170 This field is optional to allow higher level config management 10171 to default or override container images in workload controllers 10172 like Deployments and StatefulSets.' 10173 type: string 10174 imagePullPolicy: 10175 description: 'Image pull policy. One of Always, Never, IfNotPresent. 10176 Defaults to Always if :latest tag is specified, or IfNotPresent 10177 otherwise. Cannot be updated. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images' 10178 type: string 10179 lifecycle: 10180 description: Actions that the management system should take 10181 in response to container lifecycle events. Cannot be updated. 10182 properties: 10183 postStart: 10184 description: 'PostStart is called immediately after 10185 a container is created. If the handler fails, the 10186 container is terminated and restarted according to 10187 its restart policy. Other management of the container 10188 blocks until the hook completes. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks' 10189 properties: 10190 exec: 10191 description: Exec specifies the action to take. 10192 properties: 10193 command: 10194 description: Command is the command line to 10195 execute inside the container, the working 10196 directory for the command is root ('/') in 10197 the container's filesystem. The command is 10198 simply exec'd, it is not run inside a shell, 10199 so traditional shell instructions ('|', etc) 10200 won't work. To use a shell, you need to explicitly 10201 call out to that shell. Exit status of 0 is 10202 treated as live/healthy and non-zero is unhealthy. 10203 items: 10204 type: string 10205 type: array 10206 type: object 10207 httpGet: 10208 description: HTTPGet specifies the http request 10209 to perform. 10210 properties: 10211 host: 10212 description: Host name to connect to, defaults 10213 to the pod IP. You probably want to set "Host" 10214 in httpHeaders instead. 10215 type: string 10216 httpHeaders: 10217 description: Custom headers to set in the request. 10218 HTTP allows repeated headers. 10219 items: 10220 description: HTTPHeader describes a custom 10221 header to be used in HTTP probes 10222 properties: 10223 name: 10224 description: The header field name. This 10225 will be canonicalized upon output, so 10226 case-variant names will be understood 10227 as the same header. 10228 type: string 10229 value: 10230 description: The header field value 10231 type: string 10232 required: 10233 - name 10234 - value 10235 type: object 10236 type: array 10237 path: 10238 description: Path to access on the HTTP server. 10239 type: string 10240 port: 10241 anyOf: 10242 - type: integer 10243 - type: string 10244 description: Name or number of the port to access 10245 on the container. Number must be in the range 10246 1 to 65535. Name must be an IANA_SVC_NAME. 10247 x-kubernetes-int-or-string: true 10248 scheme: 10249 description: Scheme to use for connecting to 10250 the host. Defaults to HTTP. 10251 type: string 10252 required: 10253 - port 10254 type: object 10255 tcpSocket: 10256 description: Deprecated. TCPSocket is NOT supported 10257 as a LifecycleHandler and kept for the backward 10258 compatibility. There are no validation of this 10259 field and lifecycle hooks will fail in runtime 10260 when tcp handler is specified. 10261 properties: 10262 host: 10263 description: 'Optional: Host name to connect 10264 to, defaults to the pod IP.' 10265 type: string 10266 port: 10267 anyOf: 10268 - type: integer 10269 - type: string 10270 description: Number or name of the port to access 10271 on the container. Number must be in the range 10272 1 to 65535. Name must be an IANA_SVC_NAME. 10273 x-kubernetes-int-or-string: true 10274 required: 10275 - port 10276 type: object 10277 type: object 10278 preStop: 10279 description: 'PreStop is called immediately before a 10280 container is terminated due to an API request or management 10281 event such as liveness/startup probe failure, preemption, 10282 resource contention, etc. The handler is not called 10283 if the container crashes or exits. The Pod''s termination 10284 grace period countdown begins before the PreStop hook 10285 is executed. Regardless of the outcome of the handler, 10286 the container will eventually terminate within the 10287 Pod''s termination grace period (unless delayed by 10288 finalizers). Other management of the container blocks 10289 until the hook completes or until the termination 10290 grace period is reached. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks' 10291 properties: 10292 exec: 10293 description: Exec specifies the action to take. 10294 properties: 10295 command: 10296 description: Command is the command line to 10297 execute inside the container, the working 10298 directory for the command is root ('/') in 10299 the container's filesystem. The command is 10300 simply exec'd, it is not run inside a shell, 10301 so traditional shell instructions ('|', etc) 10302 won't work. To use a shell, you need to explicitly 10303 call out to that shell. Exit status of 0 is 10304 treated as live/healthy and non-zero is unhealthy. 10305 items: 10306 type: string 10307 type: array 10308 type: object 10309 httpGet: 10310 description: HTTPGet specifies the http request 10311 to perform. 10312 properties: 10313 host: 10314 description: Host name to connect to, defaults 10315 to the pod IP. You probably want to set "Host" 10316 in httpHeaders instead. 10317 type: string 10318 httpHeaders: 10319 description: Custom headers to set in the request. 10320 HTTP allows repeated headers. 10321 items: 10322 description: HTTPHeader describes a custom 10323 header to be used in HTTP probes 10324 properties: 10325 name: 10326 description: The header field name. This 10327 will be canonicalized upon output, so 10328 case-variant names will be understood 10329 as the same header. 10330 type: string 10331 value: 10332 description: The header field value 10333 type: string 10334 required: 10335 - name 10336 - value 10337 type: object 10338 type: array 10339 path: 10340 description: Path to access on the HTTP server. 10341 type: string 10342 port: 10343 anyOf: 10344 - type: integer 10345 - type: string 10346 description: Name or number of the port to access 10347 on the container. Number must be in the range 10348 1 to 65535. Name must be an IANA_SVC_NAME. 10349 x-kubernetes-int-or-string: true 10350 scheme: 10351 description: Scheme to use for connecting to 10352 the host. Defaults to HTTP. 10353 type: string 10354 required: 10355 - port 10356 type: object 10357 tcpSocket: 10358 description: Deprecated. TCPSocket is NOT supported 10359 as a LifecycleHandler and kept for the backward 10360 compatibility. There are no validation of this 10361 field and lifecycle hooks will fail in runtime 10362 when tcp handler is specified. 10363 properties: 10364 host: 10365 description: 'Optional: Host name to connect 10366 to, defaults to the pod IP.' 10367 type: string 10368 port: 10369 anyOf: 10370 - type: integer 10371 - type: string 10372 description: Number or name of the port to access 10373 on the container. Number must be in the range 10374 1 to 65535. Name must be an IANA_SVC_NAME. 10375 x-kubernetes-int-or-string: true 10376 required: 10377 - port 10378 type: object 10379 type: object 10380 type: object 10381 livenessProbe: 10382 description: 'Periodic probe of container liveness. Container 10383 will be restarted if the probe fails. Cannot be updated. 10384 More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' 10385 properties: 10386 exec: 10387 description: Exec specifies the action to take. 10388 properties: 10389 command: 10390 description: Command is the command line to execute 10391 inside the container, the working directory for 10392 the command is root ('/') in the container's 10393 filesystem. The command is simply exec'd, it is 10394 not run inside a shell, so traditional shell instructions 10395 ('|', etc) won't work. To use a shell, you need 10396 to explicitly call out to that shell. Exit status 10397 of 0 is treated as live/healthy and non-zero is 10398 unhealthy. 10399 items: 10400 type: string 10401 type: array 10402 type: object 10403 failureThreshold: 10404 description: Minimum consecutive failures for the probe 10405 to be considered failed after having succeeded. Defaults 10406 to 3. Minimum value is 1. 10407 format: int32 10408 type: integer 10409 grpc: 10410 description: GRPC specifies an action involving a GRPC 10411 port. 10412 properties: 10413 port: 10414 description: Port number of the gRPC service. Number 10415 must be in the range 1 to 65535. 10416 format: int32 10417 type: integer 10418 service: 10419 description: "Service is the name of the service 10420 to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). 10421 \n If this is not specified, the default behavior 10422 is defined by gRPC." 10423 type: string 10424 required: 10425 - port 10426 type: object 10427 httpGet: 10428 description: HTTPGet specifies the http request to perform. 10429 properties: 10430 host: 10431 description: Host name to connect to, defaults to 10432 the pod IP. You probably want to set "Host" in 10433 httpHeaders instead. 10434 type: string 10435 httpHeaders: 10436 description: Custom headers to set in the request. 10437 HTTP allows repeated headers. 10438 items: 10439 description: HTTPHeader describes a custom header 10440 to be used in HTTP probes 10441 properties: 10442 name: 10443 description: The header field name. This will 10444 be canonicalized upon output, so case-variant 10445 names will be understood as the same header. 10446 type: string 10447 value: 10448 description: The header field value 10449 type: string 10450 required: 10451 - name 10452 - value 10453 type: object 10454 type: array 10455 path: 10456 description: Path to access on the HTTP server. 10457 type: string 10458 port: 10459 anyOf: 10460 - type: integer 10461 - type: string 10462 description: Name or number of the port to access 10463 on the container. Number must be in the range 10464 1 to 65535. Name must be an IANA_SVC_NAME. 10465 x-kubernetes-int-or-string: true 10466 scheme: 10467 description: Scheme to use for connecting to the 10468 host. Defaults to HTTP. 10469 type: string 10470 required: 10471 - port 10472 type: object 10473 initialDelaySeconds: 10474 description: 'Number of seconds after the container 10475 has started before liveness probes are initiated. 10476 More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' 10477 format: int32 10478 type: integer 10479 periodSeconds: 10480 description: How often (in seconds) to perform the probe. 10481 Default to 10 seconds. Minimum value is 1. 10482 format: int32 10483 type: integer 10484 successThreshold: 10485 description: Minimum consecutive successes for the probe 10486 to be considered successful after having failed. Defaults 10487 to 1. Must be 1 for liveness and startup. Minimum 10488 value is 1. 10489 format: int32 10490 type: integer 10491 tcpSocket: 10492 description: TCPSocket specifies an action involving 10493 a TCP port. 10494 properties: 10495 host: 10496 description: 'Optional: Host name to connect to, 10497 defaults to the pod IP.' 10498 type: string 10499 port: 10500 anyOf: 10501 - type: integer 10502 - type: string 10503 description: Number or name of the port to access 10504 on the container. Number must be in the range 10505 1 to 65535. Name must be an IANA_SVC_NAME. 10506 x-kubernetes-int-or-string: true 10507 required: 10508 - port 10509 type: object 10510 terminationGracePeriodSeconds: 10511 description: Optional duration in seconds the pod needs 10512 to terminate gracefully upon probe failure. The grace 10513 period is the duration in seconds after the processes 10514 running in the pod are sent a termination signal and 10515 the time when the processes are forcibly halted with 10516 a kill signal. Set this value longer than the expected 10517 cleanup time for your process. If this value is nil, 10518 the pod's terminationGracePeriodSeconds will be used. 10519 Otherwise, this value overrides the value provided 10520 by the pod spec. Value must be non-negative integer. 10521 The value zero indicates stop immediately via the 10522 kill signal (no opportunity to shut down). This is 10523 a beta field and requires enabling ProbeTerminationGracePeriod 10524 feature gate. Minimum value is 1. spec.terminationGracePeriodSeconds 10525 is used if unset. 10526 format: int64 10527 type: integer 10528 timeoutSeconds: 10529 description: 'Number of seconds after which the probe 10530 times out. Defaults to 1 second. Minimum value is 10531 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' 10532 format: int32 10533 type: integer 10534 type: object 10535 name: 10536 description: Name of the container specified as a DNS_LABEL. 10537 Each container in a pod must have a unique name (DNS_LABEL). 10538 Cannot be updated. 10539 type: string 10540 ports: 10541 description: List of ports to expose from the container. 10542 Not specifying a port here DOES NOT prevent that port 10543 from being exposed. Any port which is listening on the 10544 default "0.0.0.0" address inside a container will be accessible 10545 from the network. Modifying this array with strategic 10546 merge patch may corrupt the data. For more information 10547 See https://github.com/kubernetes/kubernetes/issues/108255. 10548 Cannot be updated. 10549 items: 10550 description: ContainerPort represents a network port in 10551 a single container. 10552 properties: 10553 containerPort: 10554 description: Number of port to expose on the pod's 10555 IP address. This must be a valid port number, 0 10556 < x < 65536. 10557 format: int32 10558 type: integer 10559 hostIP: 10560 description: What host IP to bind the external port 10561 to. 10562 type: string 10563 hostPort: 10564 description: Number of port to expose on the host. 10565 If specified, this must be a valid port number, 10566 0 < x < 65536. If HostNetwork is specified, this 10567 must match ContainerPort. Most containers do not 10568 need this. 10569 format: int32 10570 type: integer 10571 name: 10572 description: If specified, this must be an IANA_SVC_NAME 10573 and unique within the pod. Each named port in a 10574 pod must have a unique name. Name for the port that 10575 can be referred to by services. 10576 type: string 10577 protocol: 10578 default: TCP 10579 description: Protocol for port. Must be UDP, TCP, 10580 or SCTP. Defaults to "TCP". 10581 type: string 10582 required: 10583 - containerPort 10584 type: object 10585 type: array 10586 x-kubernetes-list-map-keys: 10587 - containerPort 10588 - protocol 10589 x-kubernetes-list-type: map 10590 readinessProbe: 10591 description: 'Periodic probe of container service readiness. 10592 Container will be removed from service endpoints if the 10593 probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' 10594 properties: 10595 exec: 10596 description: Exec specifies the action to take. 10597 properties: 10598 command: 10599 description: Command is the command line to execute 10600 inside the container, the working directory for 10601 the command is root ('/') in the container's 10602 filesystem. The command is simply exec'd, it is 10603 not run inside a shell, so traditional shell instructions 10604 ('|', etc) won't work. To use a shell, you need 10605 to explicitly call out to that shell. Exit status 10606 of 0 is treated as live/healthy and non-zero is 10607 unhealthy. 10608 items: 10609 type: string 10610 type: array 10611 type: object 10612 failureThreshold: 10613 description: Minimum consecutive failures for the probe 10614 to be considered failed after having succeeded. Defaults 10615 to 3. Minimum value is 1. 10616 format: int32 10617 type: integer 10618 grpc: 10619 description: GRPC specifies an action involving a GRPC 10620 port. 10621 properties: 10622 port: 10623 description: Port number of the gRPC service. Number 10624 must be in the range 1 to 65535. 10625 format: int32 10626 type: integer 10627 service: 10628 description: "Service is the name of the service 10629 to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). 10630 \n If this is not specified, the default behavior 10631 is defined by gRPC." 10632 type: string 10633 required: 10634 - port 10635 type: object 10636 httpGet: 10637 description: HTTPGet specifies the http request to perform. 10638 properties: 10639 host: 10640 description: Host name to connect to, defaults to 10641 the pod IP. You probably want to set "Host" in 10642 httpHeaders instead. 10643 type: string 10644 httpHeaders: 10645 description: Custom headers to set in the request. 10646 HTTP allows repeated headers. 10647 items: 10648 description: HTTPHeader describes a custom header 10649 to be used in HTTP probes 10650 properties: 10651 name: 10652 description: The header field name. This will 10653 be canonicalized upon output, so case-variant 10654 names will be understood as the same header. 10655 type: string 10656 value: 10657 description: The header field value 10658 type: string 10659 required: 10660 - name 10661 - value 10662 type: object 10663 type: array 10664 path: 10665 description: Path to access on the HTTP server. 10666 type: string 10667 port: 10668 anyOf: 10669 - type: integer 10670 - type: string 10671 description: Name or number of the port to access 10672 on the container. Number must be in the range 10673 1 to 65535. Name must be an IANA_SVC_NAME. 10674 x-kubernetes-int-or-string: true 10675 scheme: 10676 description: Scheme to use for connecting to the 10677 host. Defaults to HTTP. 10678 type: string 10679 required: 10680 - port 10681 type: object 10682 initialDelaySeconds: 10683 description: 'Number of seconds after the container 10684 has started before liveness probes are initiated. 10685 More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' 10686 format: int32 10687 type: integer 10688 periodSeconds: 10689 description: How often (in seconds) to perform the probe. 10690 Default to 10 seconds. Minimum value is 1. 10691 format: int32 10692 type: integer 10693 successThreshold: 10694 description: Minimum consecutive successes for the probe 10695 to be considered successful after having failed. Defaults 10696 to 1. Must be 1 for liveness and startup. Minimum 10697 value is 1. 10698 format: int32 10699 type: integer 10700 tcpSocket: 10701 description: TCPSocket specifies an action involving 10702 a TCP port. 10703 properties: 10704 host: 10705 description: 'Optional: Host name to connect to, 10706 defaults to the pod IP.' 10707 type: string 10708 port: 10709 anyOf: 10710 - type: integer 10711 - type: string 10712 description: Number or name of the port to access 10713 on the container. Number must be in the range 10714 1 to 65535. Name must be an IANA_SVC_NAME. 10715 x-kubernetes-int-or-string: true 10716 required: 10717 - port 10718 type: object 10719 terminationGracePeriodSeconds: 10720 description: Optional duration in seconds the pod needs 10721 to terminate gracefully upon probe failure. The grace 10722 period is the duration in seconds after the processes 10723 running in the pod are sent a termination signal and 10724 the time when the processes are forcibly halted with 10725 a kill signal. Set this value longer than the expected 10726 cleanup time for your process. If this value is nil, 10727 the pod's terminationGracePeriodSeconds will be used. 10728 Otherwise, this value overrides the value provided 10729 by the pod spec. Value must be non-negative integer. 10730 The value zero indicates stop immediately via the 10731 kill signal (no opportunity to shut down). This is 10732 a beta field and requires enabling ProbeTerminationGracePeriod 10733 feature gate. Minimum value is 1. spec.terminationGracePeriodSeconds 10734 is used if unset. 10735 format: int64 10736 type: integer 10737 timeoutSeconds: 10738 description: 'Number of seconds after which the probe 10739 times out. Defaults to 1 second. Minimum value is 10740 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' 10741 format: int32 10742 type: integer 10743 type: object 10744 resizePolicy: 10745 description: Resources resize policy for the container. 10746 items: 10747 description: ContainerResizePolicy represents resource 10748 resize policy for the container. 10749 properties: 10750 resourceName: 10751 description: 'Name of the resource to which this resource 10752 resize policy applies. Supported values: cpu, memory.' 10753 type: string 10754 restartPolicy: 10755 description: Restart policy to apply when specified 10756 resource is resized. If not specified, it defaults 10757 to NotRequired. 10758 type: string 10759 required: 10760 - resourceName 10761 - restartPolicy 10762 type: object 10763 type: array 10764 x-kubernetes-list-type: atomic 10765 resources: 10766 description: 'Compute Resources required by this container. 10767 Cannot be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' 10768 properties: 10769 claims: 10770 description: "Claims lists the names of resources, defined 10771 in spec.resourceClaims, that are used by this container. 10772 \n This is an alpha field and requires enabling the 10773 DynamicResourceAllocation feature gate. \n This field 10774 is immutable. It can only be set for containers." 10775 items: 10776 description: ResourceClaim references one entry in 10777 PodSpec.ResourceClaims. 10778 properties: 10779 name: 10780 description: Name must match the name of one entry 10781 in pod.spec.resourceClaims of the Pod where 10782 this field is used. It makes that resource available 10783 inside a container. 10784 type: string 10785 required: 10786 - name 10787 type: object 10788 type: array 10789 x-kubernetes-list-map-keys: 10790 - name 10791 x-kubernetes-list-type: map 10792 limits: 10793 additionalProperties: 10794 anyOf: 10795 - type: integer 10796 - type: string 10797 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 10798 x-kubernetes-int-or-string: true 10799 description: 'Limits describes the maximum amount of 10800 compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' 10801 type: object 10802 requests: 10803 additionalProperties: 10804 anyOf: 10805 - type: integer 10806 - type: string 10807 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 10808 x-kubernetes-int-or-string: true 10809 description: 'Requests describes the minimum amount 10810 of compute resources required. If Requests is omitted 10811 for a container, it defaults to Limits if that is 10812 explicitly specified, otherwise to an implementation-defined 10813 value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' 10814 type: object 10815 type: object 10816 restartPolicy: 10817 description: 'RestartPolicy defines the restart behavior 10818 of individual containers in a pod. This field may only 10819 be set for init containers, and the only allowed value 10820 is "Always". For non-init containers or when this field 10821 is not specified, the restart behavior is defined by the 10822 Pod''s restart policy and the container type. Setting 10823 the RestartPolicy as "Always" for the init container will 10824 have the following effect: this init container will be 10825 continually restarted on exit until all regular containers 10826 have terminated. Once all regular containers have completed, 10827 all init containers with restartPolicy "Always" will be 10828 shut down. This lifecycle differs from normal init containers 10829 and is often referred to as a "sidecar" container. Although 10830 this init container still starts in the init container 10831 sequence, it does not wait for the container to complete 10832 before proceeding to the next init container. Instead, 10833 the next init container starts immediately after this 10834 init container is started, or after any startupProbe has 10835 successfully completed.' 10836 type: string 10837 securityContext: 10838 description: 'SecurityContext defines the security options 10839 the container should be run with. If set, the fields of 10840 SecurityContext override the equivalent fields of PodSecurityContext. 10841 More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/' 10842 properties: 10843 allowPrivilegeEscalation: 10844 description: 'AllowPrivilegeEscalation controls whether 10845 a process can gain more privileges than its parent 10846 process. This bool directly controls if the no_new_privs 10847 flag will be set on the container process. AllowPrivilegeEscalation 10848 is true always when the container is: 1) run as Privileged 10849 2) has CAP_SYS_ADMIN Note that this field cannot be 10850 set when spec.os.name is windows.' 10851 type: boolean 10852 capabilities: 10853 description: The capabilities to add/drop when running 10854 containers. Defaults to the default set of capabilities 10855 granted by the container runtime. Note that this field 10856 cannot be set when spec.os.name is windows. 10857 properties: 10858 add: 10859 description: Added capabilities 10860 items: 10861 description: Capability represent POSIX capabilities 10862 type 10863 type: string 10864 type: array 10865 drop: 10866 description: Removed capabilities 10867 items: 10868 description: Capability represent POSIX capabilities 10869 type 10870 type: string 10871 type: array 10872 type: object 10873 privileged: 10874 description: Run container in privileged mode. Processes 10875 in privileged containers are essentially equivalent 10876 to root on the host. Defaults to false. Note that 10877 this field cannot be set when spec.os.name is windows. 10878 type: boolean 10879 procMount: 10880 description: procMount denotes the type of proc mount 10881 to use for the containers. The default is DefaultProcMount 10882 which uses the container runtime defaults for readonly 10883 paths and masked paths. This requires the ProcMountType 10884 feature flag to be enabled. Note that this field cannot 10885 be set when spec.os.name is windows. 10886 type: string 10887 readOnlyRootFilesystem: 10888 description: Whether this container has a read-only 10889 root filesystem. Default is false. Note that this 10890 field cannot be set when spec.os.name is windows. 10891 type: boolean 10892 runAsGroup: 10893 description: The GID to run the entrypoint of the container 10894 process. Uses runtime default if unset. May also be 10895 set in PodSecurityContext. If set in both SecurityContext 10896 and PodSecurityContext, the value specified in SecurityContext 10897 takes precedence. Note that this field cannot be set 10898 when spec.os.name is windows. 10899 format: int64 10900 type: integer 10901 runAsNonRoot: 10902 description: Indicates that the container must run as 10903 a non-root user. If true, the Kubelet will validate 10904 the image at runtime to ensure that it does not run 10905 as UID 0 (root) and fail to start the container if 10906 it does. If unset or false, no such validation will 10907 be performed. May also be set in PodSecurityContext. If 10908 set in both SecurityContext and PodSecurityContext, 10909 the value specified in SecurityContext takes precedence. 10910 type: boolean 10911 runAsUser: 10912 description: The UID to run the entrypoint of the container 10913 process. Defaults to user specified in image metadata 10914 if unspecified. May also be set in PodSecurityContext. If 10915 set in both SecurityContext and PodSecurityContext, 10916 the value specified in SecurityContext takes precedence. 10917 Note that this field cannot be set when spec.os.name 10918 is windows. 10919 format: int64 10920 type: integer 10921 seLinuxOptions: 10922 description: The SELinux context to be applied to the 10923 container. If unspecified, the container runtime will 10924 allocate a random SELinux context for each container. May 10925 also be set in PodSecurityContext. If set in both 10926 SecurityContext and PodSecurityContext, the value 10927 specified in SecurityContext takes precedence. Note 10928 that this field cannot be set when spec.os.name is 10929 windows. 10930 properties: 10931 level: 10932 description: Level is SELinux level label that applies 10933 to the container. 10934 type: string 10935 role: 10936 description: Role is a SELinux role label that applies 10937 to the container. 10938 type: string 10939 type: 10940 description: Type is a SELinux type label that applies 10941 to the container. 10942 type: string 10943 user: 10944 description: User is a SELinux user label that applies 10945 to the container. 10946 type: string 10947 type: object 10948 seccompProfile: 10949 description: The seccomp options to use by this container. 10950 If seccomp options are provided at both the pod & 10951 container level, the container options override the 10952 pod options. Note that this field cannot be set when 10953 spec.os.name is windows. 10954 properties: 10955 localhostProfile: 10956 description: localhostProfile indicates a profile 10957 defined in a file on the node should be used. 10958 The profile must be preconfigured on the node 10959 to work. Must be a descending path, relative to 10960 the kubelet's configured seccomp profile location. 10961 Must be set if type is "Localhost". Must NOT be 10962 set for any other type. 10963 type: string 10964 type: 10965 description: "type indicates which kind of seccomp 10966 profile will be applied. Valid options are: \n 10967 Localhost - a profile defined in a file on the 10968 node should be used. RuntimeDefault - the container 10969 runtime default profile should be used. Unconfined 10970 - no profile should be applied." 10971 type: string 10972 required: 10973 - type 10974 type: object 10975 windowsOptions: 10976 description: The Windows specific settings applied to 10977 all containers. If unspecified, the options from the 10978 PodSecurityContext will be used. If set in both SecurityContext 10979 and PodSecurityContext, the value specified in SecurityContext 10980 takes precedence. Note that this field cannot be set 10981 when spec.os.name is linux. 10982 properties: 10983 gmsaCredentialSpec: 10984 description: GMSACredentialSpec is where the GMSA 10985 admission webhook (https://github.com/kubernetes-sigs/windows-gmsa) 10986 inlines the contents of the GMSA credential spec 10987 named by the GMSACredentialSpecName field. 10988 type: string 10989 gmsaCredentialSpecName: 10990 description: GMSACredentialSpecName is the name 10991 of the GMSA credential spec to use. 10992 type: string 10993 hostProcess: 10994 description: HostProcess determines if a container 10995 should be run as a 'Host Process' container. All 10996 of a Pod's containers must have the same effective 10997 HostProcess value (it is not allowed to have a 10998 mix of HostProcess containers and non-HostProcess 10999 containers). In addition, if HostProcess is true 11000 then HostNetwork must also be set to true. 11001 type: boolean 11002 runAsUserName: 11003 description: The UserName in Windows to run the 11004 entrypoint of the container process. Defaults 11005 to the user specified in image metadata if unspecified. 11006 May also be set in PodSecurityContext. If set 11007 in both SecurityContext and PodSecurityContext, 11008 the value specified in SecurityContext takes precedence. 11009 type: string 11010 type: object 11011 type: object 11012 startupProbe: 11013 description: 'StartupProbe indicates that the Pod has successfully 11014 initialized. If specified, no other probes are executed 11015 until this completes successfully. If this probe fails, 11016 the Pod will be restarted, just as if the livenessProbe 11017 failed. This can be used to provide different probe parameters 11018 at the beginning of a Pod''s lifecycle, when it might 11019 take a long time to load data or warm a cache, than during 11020 steady-state operation. This cannot be updated. More info: 11021 https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' 11022 properties: 11023 exec: 11024 description: Exec specifies the action to take. 11025 properties: 11026 command: 11027 description: Command is the command line to execute 11028 inside the container, the working directory for 11029 the command is root ('/') in the container's 11030 filesystem. The command is simply exec'd, it is 11031 not run inside a shell, so traditional shell instructions 11032 ('|', etc) won't work. To use a shell, you need 11033 to explicitly call out to that shell. Exit status 11034 of 0 is treated as live/healthy and non-zero is 11035 unhealthy. 11036 items: 11037 type: string 11038 type: array 11039 type: object 11040 failureThreshold: 11041 description: Minimum consecutive failures for the probe 11042 to be considered failed after having succeeded. Defaults 11043 to 3. Minimum value is 1. 11044 format: int32 11045 type: integer 11046 grpc: 11047 description: GRPC specifies an action involving a GRPC 11048 port. 11049 properties: 11050 port: 11051 description: Port number of the gRPC service. Number 11052 must be in the range 1 to 65535. 11053 format: int32 11054 type: integer 11055 service: 11056 description: "Service is the name of the service 11057 to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). 11058 \n If this is not specified, the default behavior 11059 is defined by gRPC." 11060 type: string 11061 required: 11062 - port 11063 type: object 11064 httpGet: 11065 description: HTTPGet specifies the http request to perform. 11066 properties: 11067 host: 11068 description: Host name to connect to, defaults to 11069 the pod IP. You probably want to set "Host" in 11070 httpHeaders instead. 11071 type: string 11072 httpHeaders: 11073 description: Custom headers to set in the request. 11074 HTTP allows repeated headers. 11075 items: 11076 description: HTTPHeader describes a custom header 11077 to be used in HTTP probes 11078 properties: 11079 name: 11080 description: The header field name. This will 11081 be canonicalized upon output, so case-variant 11082 names will be understood as the same header. 11083 type: string 11084 value: 11085 description: The header field value 11086 type: string 11087 required: 11088 - name 11089 - value 11090 type: object 11091 type: array 11092 path: 11093 description: Path to access on the HTTP server. 11094 type: string 11095 port: 11096 anyOf: 11097 - type: integer 11098 - type: string 11099 description: Name or number of the port to access 11100 on the container. Number must be in the range 11101 1 to 65535. Name must be an IANA_SVC_NAME. 11102 x-kubernetes-int-or-string: true 11103 scheme: 11104 description: Scheme to use for connecting to the 11105 host. Defaults to HTTP. 11106 type: string 11107 required: 11108 - port 11109 type: object 11110 initialDelaySeconds: 11111 description: 'Number of seconds after the container 11112 has started before liveness probes are initiated. 11113 More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' 11114 format: int32 11115 type: integer 11116 periodSeconds: 11117 description: How often (in seconds) to perform the probe. 11118 Default to 10 seconds. Minimum value is 1. 11119 format: int32 11120 type: integer 11121 successThreshold: 11122 description: Minimum consecutive successes for the probe 11123 to be considered successful after having failed. Defaults 11124 to 1. Must be 1 for liveness and startup. Minimum 11125 value is 1. 11126 format: int32 11127 type: integer 11128 tcpSocket: 11129 description: TCPSocket specifies an action involving 11130 a TCP port. 11131 properties: 11132 host: 11133 description: 'Optional: Host name to connect to, 11134 defaults to the pod IP.' 11135 type: string 11136 port: 11137 anyOf: 11138 - type: integer 11139 - type: string 11140 description: Number or name of the port to access 11141 on the container. Number must be in the range 11142 1 to 65535. Name must be an IANA_SVC_NAME. 11143 x-kubernetes-int-or-string: true 11144 required: 11145 - port 11146 type: object 11147 terminationGracePeriodSeconds: 11148 description: Optional duration in seconds the pod needs 11149 to terminate gracefully upon probe failure. The grace 11150 period is the duration in seconds after the processes 11151 running in the pod are sent a termination signal and 11152 the time when the processes are forcibly halted with 11153 a kill signal. Set this value longer than the expected 11154 cleanup time for your process. If this value is nil, 11155 the pod's terminationGracePeriodSeconds will be used. 11156 Otherwise, this value overrides the value provided 11157 by the pod spec. Value must be non-negative integer. 11158 The value zero indicates stop immediately via the 11159 kill signal (no opportunity to shut down). This is 11160 a beta field and requires enabling ProbeTerminationGracePeriod 11161 feature gate. Minimum value is 1. spec.terminationGracePeriodSeconds 11162 is used if unset. 11163 format: int64 11164 type: integer 11165 timeoutSeconds: 11166 description: 'Number of seconds after which the probe 11167 times out. Defaults to 1 second. Minimum value is 11168 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' 11169 format: int32 11170 type: integer 11171 type: object 11172 stdin: 11173 description: Whether this container should allocate a buffer 11174 for stdin in the container runtime. If this is not set, 11175 reads from stdin in the container will always result in 11176 EOF. Default is false. 11177 type: boolean 11178 stdinOnce: 11179 description: Whether the container runtime should close 11180 the stdin channel after it has been opened by a single 11181 attach. When stdin is true the stdin stream will remain 11182 open across multiple attach sessions. If stdinOnce is 11183 set to true, stdin is opened on container start, is empty 11184 until the first client attaches to stdin, and then remains 11185 open and accepts data until the client disconnects, at 11186 which time stdin is closed and remains closed until the 11187 container is restarted. If this flag is false, a container 11188 processes that reads from stdin will never receive an 11189 EOF. Default is false 11190 type: boolean 11191 terminationMessagePath: 11192 description: 'Optional: Path at which the file to which 11193 the container''s termination message will be written is 11194 mounted into the container''s filesystem. Message written 11195 is intended to be brief final status, such as an assertion 11196 failure message. Will be truncated by the node if greater 11197 than 4096 bytes. The total message length across all containers 11198 will be limited to 12kb. Defaults to /dev/termination-log. 11199 Cannot be updated.' 11200 type: string 11201 terminationMessagePolicy: 11202 description: Indicate how the termination message should 11203 be populated. File will use the contents of terminationMessagePath 11204 to populate the container status message on both success 11205 and failure. FallbackToLogsOnError will use the last chunk 11206 of container log output if the termination message file 11207 is empty and the container exited with an error. The log 11208 output is limited to 2048 bytes or 80 lines, whichever 11209 is smaller. Defaults to File. Cannot be updated. 11210 type: string 11211 tty: 11212 description: Whether this container should allocate a TTY 11213 for itself, also requires 'stdin' to be true. Default 11214 is false. 11215 type: boolean 11216 volumeDevices: 11217 description: volumeDevices is the list of block devices 11218 to be used by the container. 11219 items: 11220 description: volumeDevice describes a mapping of a raw 11221 block device within a container. 11222 properties: 11223 devicePath: 11224 description: devicePath is the path inside of the 11225 container that the device will be mapped to. 11226 type: string 11227 name: 11228 description: name must match the name of a persistentVolumeClaim 11229 in the pod 11230 type: string 11231 required: 11232 - devicePath 11233 - name 11234 type: object 11235 type: array 11236 volumeMounts: 11237 description: Pod volumes to mount into the container's filesystem. 11238 Cannot be updated. 11239 items: 11240 description: VolumeMount describes a mounting of a Volume 11241 within a container. 11242 properties: 11243 mountPath: 11244 description: Path within the container at which the 11245 volume should be mounted. Must not contain ':'. 11246 type: string 11247 mountPropagation: 11248 description: mountPropagation determines how mounts 11249 are propagated from the host to container and the 11250 other way around. When not set, MountPropagationNone 11251 is used. This field is beta in 1.10. 11252 type: string 11253 name: 11254 description: This must match the Name of a Volume. 11255 type: string 11256 readOnly: 11257 description: Mounted read-only if true, read-write 11258 otherwise (false or unspecified). Defaults to false. 11259 type: boolean 11260 subPath: 11261 description: Path within the volume from which the 11262 container's volume should be mounted. Defaults to 11263 "" (volume's root). 11264 type: string 11265 subPathExpr: 11266 description: Expanded path within the volume from 11267 which the container's volume should be mounted. 11268 Behaves similarly to SubPath but environment variable 11269 references $(VAR_NAME) are expanded using the container's 11270 environment. Defaults to "" (volume's root). SubPathExpr 11271 and SubPath are mutually exclusive. 11272 type: string 11273 required: 11274 - mountPath 11275 - name 11276 type: object 11277 type: array 11278 workingDir: 11279 description: Container's working directory. If not specified, 11280 the container runtime's default will be used, which might 11281 be configured in the container image. Cannot be updated. 11282 type: string 11283 required: 11284 - name 11285 type: object 11286 type: array 11287 verifytls: 11288 description: VerifyTLS defines whether repo server API should 11289 be accessed using strict TLS validation 11290 type: boolean 11291 version: 11292 description: Version is the ArgoCD Repo Server container image 11293 tag. 11294 type: string 11295 volumeMounts: 11296 description: VolumeMounts adds volumeMounts to the repo server 11297 container 11298 items: 11299 description: VolumeMount describes a mounting of a Volume within 11300 a container. 11301 properties: 11302 mountPath: 11303 description: Path within the container at which the volume 11304 should be mounted. Must not contain ':'. 11305 type: string 11306 mountPropagation: 11307 description: mountPropagation determines how mounts are 11308 propagated from the host to container and the other way 11309 around. When not set, MountPropagationNone is used. This 11310 field is beta in 1.10. 11311 type: string 11312 name: 11313 description: This must match the Name of a Volume. 11314 type: string 11315 readOnly: 11316 description: Mounted read-only if true, read-write otherwise 11317 (false or unspecified). Defaults to false. 11318 type: boolean 11319 subPath: 11320 description: Path within the volume from which the container's 11321 volume should be mounted. Defaults to "" (volume's root). 11322 type: string 11323 subPathExpr: 11324 description: Expanded path within the volume from which 11325 the container's volume should be mounted. Behaves similarly 11326 to SubPath but environment variable references $(VAR_NAME) 11327 are expanded using the container's environment. Defaults 11328 to "" (volume's root). SubPathExpr and SubPath are mutually 11329 exclusive. 11330 type: string 11331 required: 11332 - mountPath 11333 - name 11334 type: object 11335 type: array 11336 volumes: 11337 description: Volumes adds volumes to the repo server deployment 11338 items: 11339 description: Volume represents a named volume in a pod that 11340 may be accessed by any container in the pod. 11341 properties: 11342 awsElasticBlockStore: 11343 description: 'awsElasticBlockStore represents an AWS Disk 11344 resource that is attached to a kubelet''s host machine 11345 and then exposed to the pod. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore' 11346 properties: 11347 fsType: 11348 description: 'fsType is the filesystem type of the volume 11349 that you want to mount. Tip: Ensure that the filesystem 11350 type is supported by the host operating system. Examples: 11351 "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" 11352 if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore 11353 TODO: how do we prevent errors in the filesystem from 11354 compromising the machine' 11355 type: string 11356 partition: 11357 description: 'partition is the partition in the volume 11358 that you want to mount. If omitted, the default is 11359 to mount by volume name. Examples: For volume /dev/sda1, 11360 you specify the partition as "1". Similarly, the volume 11361 partition for /dev/sda is "0" (or you can leave the 11362 property empty).' 11363 format: int32 11364 type: integer 11365 readOnly: 11366 description: 'readOnly value true will force the readOnly 11367 setting in VolumeMounts. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore' 11368 type: boolean 11369 volumeID: 11370 description: 'volumeID is unique ID of the persistent 11371 disk resource in AWS (Amazon EBS volume). More info: 11372 https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore' 11373 type: string 11374 required: 11375 - volumeID 11376 type: object 11377 azureDisk: 11378 description: azureDisk represents an Azure Data Disk mount 11379 on the host and bind mount to the pod. 11380 properties: 11381 cachingMode: 11382 description: 'cachingMode is the Host Caching mode: 11383 None, Read Only, Read Write.' 11384 type: string 11385 diskName: 11386 description: diskName is the Name of the data disk in 11387 the blob storage 11388 type: string 11389 diskURI: 11390 description: diskURI is the URI of data disk in the 11391 blob storage 11392 type: string 11393 fsType: 11394 description: fsType is Filesystem type to mount. Must 11395 be a filesystem type supported by the host operating 11396 system. Ex. "ext4", "xfs", "ntfs". Implicitly inferred 11397 to be "ext4" if unspecified. 11398 type: string 11399 kind: 11400 description: 'kind expected values are Shared: multiple 11401 blob disks per storage account Dedicated: single 11402 blob disk per storage account Managed: azure managed 11403 data disk (only in managed availability set). defaults 11404 to shared' 11405 type: string 11406 readOnly: 11407 description: readOnly Defaults to false (read/write). 11408 ReadOnly here will force the ReadOnly setting in VolumeMounts. 11409 type: boolean 11410 required: 11411 - diskName 11412 - diskURI 11413 type: object 11414 azureFile: 11415 description: azureFile represents an Azure File Service 11416 mount on the host and bind mount to the pod. 11417 properties: 11418 readOnly: 11419 description: readOnly defaults to false (read/write). 11420 ReadOnly here will force the ReadOnly setting in VolumeMounts. 11421 type: boolean 11422 secretName: 11423 description: secretName is the name of secret that 11424 contains Azure Storage Account Name and Key 11425 type: string 11426 shareName: 11427 description: shareName is the azure share Name 11428 type: string 11429 required: 11430 - secretName 11431 - shareName 11432 type: object 11433 cephfs: 11434 description: cephFS represents a Ceph FS mount on the host 11435 that shares a pod's lifetime 11436 properties: 11437 monitors: 11438 description: 'monitors is Required: Monitors is a collection 11439 of Ceph monitors More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it' 11440 items: 11441 type: string 11442 type: array 11443 path: 11444 description: 'path is Optional: Used as the mounted 11445 root, rather than the full Ceph tree, default is /' 11446 type: string 11447 readOnly: 11448 description: 'readOnly is Optional: Defaults to false 11449 (read/write). ReadOnly here will force the ReadOnly 11450 setting in VolumeMounts. More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it' 11451 type: boolean 11452 secretFile: 11453 description: 'secretFile is Optional: SecretFile is 11454 the path to key ring for User, default is /etc/ceph/user.secret 11455 More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it' 11456 type: string 11457 secretRef: 11458 description: 'secretRef is Optional: SecretRef is reference 11459 to the authentication secret for User, default is 11460 empty. More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it' 11461 properties: 11462 name: 11463 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 11464 TODO: Add other useful fields. apiVersion, kind, 11465 uid?' 11466 type: string 11467 type: object 11468 user: 11469 description: 'user is optional: User is the rados user 11470 name, default is admin More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it' 11471 type: string 11472 required: 11473 - monitors 11474 type: object 11475 cinder: 11476 description: 'cinder represents a cinder volume attached 11477 and mounted on kubelets host machine. More info: https://examples.k8s.io/mysql-cinder-pd/README.md' 11478 properties: 11479 fsType: 11480 description: 'fsType is the filesystem type to mount. 11481 Must be a filesystem type supported by the host operating 11482 system. Examples: "ext4", "xfs", "ntfs". Implicitly 11483 inferred to be "ext4" if unspecified. More info: https://examples.k8s.io/mysql-cinder-pd/README.md' 11484 type: string 11485 readOnly: 11486 description: 'readOnly defaults to false (read/write). 11487 ReadOnly here will force the ReadOnly setting in VolumeMounts. 11488 More info: https://examples.k8s.io/mysql-cinder-pd/README.md' 11489 type: boolean 11490 secretRef: 11491 description: 'secretRef is optional: points to a secret 11492 object containing parameters used to connect to OpenStack.' 11493 properties: 11494 name: 11495 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 11496 TODO: Add other useful fields. apiVersion, kind, 11497 uid?' 11498 type: string 11499 type: object 11500 volumeID: 11501 description: 'volumeID used to identify the volume in 11502 cinder. More info: https://examples.k8s.io/mysql-cinder-pd/README.md' 11503 type: string 11504 required: 11505 - volumeID 11506 type: object 11507 configMap: 11508 description: configMap represents a configMap that should 11509 populate this volume 11510 properties: 11511 defaultMode: 11512 description: 'defaultMode is optional: mode bits used 11513 to set permissions on created files by default. Must 11514 be an octal value between 0000 and 0777 or a decimal 11515 value between 0 and 511. YAML accepts both octal and 11516 decimal values, JSON requires decimal values for mode 11517 bits. Defaults to 0644. Directories within the path 11518 are not affected by this setting. This might be in 11519 conflict with other options that affect the file mode, 11520 like fsGroup, and the result can be other mode bits 11521 set.' 11522 format: int32 11523 type: integer 11524 items: 11525 description: items if unspecified, each key-value pair 11526 in the Data field of the referenced ConfigMap will 11527 be projected into the volume as a file whose name 11528 is the key and content is the value. If specified, 11529 the listed keys will be projected into the specified 11530 paths, and unlisted keys will not be present. If a 11531 key is specified which is not present in the ConfigMap, 11532 the volume setup will error unless it is marked optional. 11533 Paths must be relative and may not contain the '..' 11534 path or start with '..'. 11535 items: 11536 description: Maps a string key to a path within a 11537 volume. 11538 properties: 11539 key: 11540 description: key is the key to project. 11541 type: string 11542 mode: 11543 description: 'mode is Optional: mode bits used 11544 to set permissions on this file. Must be an 11545 octal value between 0000 and 0777 or a decimal 11546 value between 0 and 511. YAML accepts both octal 11547 and decimal values, JSON requires decimal values 11548 for mode bits. If not specified, the volume 11549 defaultMode will be used. This might be in conflict 11550 with other options that affect the file mode, 11551 like fsGroup, and the result can be other mode 11552 bits set.' 11553 format: int32 11554 type: integer 11555 path: 11556 description: path is the relative path of the 11557 file to map the key to. May not be an absolute 11558 path. May not contain the path element '..'. 11559 May not start with the string '..'. 11560 type: string 11561 required: 11562 - key 11563 - path 11564 type: object 11565 type: array 11566 name: 11567 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 11568 TODO: Add other useful fields. apiVersion, kind, uid?' 11569 type: string 11570 optional: 11571 description: optional specify whether the ConfigMap 11572 or its keys must be defined 11573 type: boolean 11574 type: object 11575 csi: 11576 description: csi (Container Storage Interface) represents 11577 ephemeral storage that is handled by certain external 11578 CSI drivers (Beta feature). 11579 properties: 11580 driver: 11581 description: driver is the name of the CSI driver that 11582 handles this volume. Consult with your admin for the 11583 correct name as registered in the cluster. 11584 type: string 11585 fsType: 11586 description: fsType to mount. Ex. "ext4", "xfs", "ntfs". 11587 If not provided, the empty value is passed to the 11588 associated CSI driver which will determine the default 11589 filesystem to apply. 11590 type: string 11591 nodePublishSecretRef: 11592 description: nodePublishSecretRef is a reference to 11593 the secret object containing sensitive information 11594 to pass to the CSI driver to complete the CSI NodePublishVolume 11595 and NodeUnpublishVolume calls. This field is optional, 11596 and may be empty if no secret is required. If the 11597 secret object contains more than one secret, all secret 11598 references are passed. 11599 properties: 11600 name: 11601 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 11602 TODO: Add other useful fields. apiVersion, kind, 11603 uid?' 11604 type: string 11605 type: object 11606 readOnly: 11607 description: readOnly specifies a read-only configuration 11608 for the volume. Defaults to false (read/write). 11609 type: boolean 11610 volumeAttributes: 11611 additionalProperties: 11612 type: string 11613 description: volumeAttributes stores driver-specific 11614 properties that are passed to the CSI driver. Consult 11615 your driver's documentation for supported values. 11616 type: object 11617 required: 11618 - driver 11619 type: object 11620 downwardAPI: 11621 description: downwardAPI represents downward API about the 11622 pod that should populate this volume 11623 properties: 11624 defaultMode: 11625 description: 'Optional: mode bits to use on created 11626 files by default. Must be a Optional: mode bits used 11627 to set permissions on created files by default. Must 11628 be an octal value between 0000 and 0777 or a decimal 11629 value between 0 and 511. YAML accepts both octal and 11630 decimal values, JSON requires decimal values for mode 11631 bits. Defaults to 0644. Directories within the path 11632 are not affected by this setting. This might be in 11633 conflict with other options that affect the file mode, 11634 like fsGroup, and the result can be other mode bits 11635 set.' 11636 format: int32 11637 type: integer 11638 items: 11639 description: Items is a list of downward API volume 11640 file 11641 items: 11642 description: DownwardAPIVolumeFile represents information 11643 to create the file containing the pod field 11644 properties: 11645 fieldRef: 11646 description: 'Required: Selects a field of the 11647 pod: only annotations, labels, name and namespace 11648 are supported.' 11649 properties: 11650 apiVersion: 11651 description: Version of the schema the FieldPath 11652 is written in terms of, defaults to "v1". 11653 type: string 11654 fieldPath: 11655 description: Path of the field to select in 11656 the specified API version. 11657 type: string 11658 required: 11659 - fieldPath 11660 type: object 11661 mode: 11662 description: 'Optional: mode bits used to set 11663 permissions on this file, must be an octal value 11664 between 0000 and 0777 or a decimal value between 11665 0 and 511. YAML accepts both octal and decimal 11666 values, JSON requires decimal values for mode 11667 bits. If not specified, the volume defaultMode 11668 will be used. This might be in conflict with 11669 other options that affect the file mode, like 11670 fsGroup, and the result can be other mode bits 11671 set.' 11672 format: int32 11673 type: integer 11674 path: 11675 description: 'Required: Path is the relative 11676 path name of the file to be created. Must not 11677 be absolute or contain the ''..'' path. Must 11678 be utf-8 encoded. The first item of the relative 11679 path must not start with ''..''' 11680 type: string 11681 resourceFieldRef: 11682 description: 'Selects a resource of the container: 11683 only resources limits and requests (limits.cpu, 11684 limits.memory, requests.cpu and requests.memory) 11685 are currently supported.' 11686 properties: 11687 containerName: 11688 description: 'Container name: required for 11689 volumes, optional for env vars' 11690 type: string 11691 divisor: 11692 anyOf: 11693 - type: integer 11694 - type: string 11695 description: Specifies the output format of 11696 the exposed resources, defaults to "1" 11697 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 11698 x-kubernetes-int-or-string: true 11699 resource: 11700 description: 'Required: resource to select' 11701 type: string 11702 required: 11703 - resource 11704 type: object 11705 required: 11706 - path 11707 type: object 11708 type: array 11709 type: object 11710 emptyDir: 11711 description: 'emptyDir represents a temporary directory 11712 that shares a pod''s lifetime. More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir' 11713 properties: 11714 medium: 11715 description: 'medium represents what type of storage 11716 medium should back this directory. The default is 11717 "" which means to use the node''s default medium. 11718 Must be an empty string (default) or Memory. More 11719 info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir' 11720 type: string 11721 sizeLimit: 11722 anyOf: 11723 - type: integer 11724 - type: string 11725 description: 'sizeLimit is the total amount of local 11726 storage required for this EmptyDir volume. The size 11727 limit is also applicable for memory medium. The maximum 11728 usage on memory medium EmptyDir would be the minimum 11729 value between the SizeLimit specified here and the 11730 sum of memory limits of all containers in a pod. The 11731 default is nil which means that the limit is undefined. 11732 More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir' 11733 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 11734 x-kubernetes-int-or-string: true 11735 type: object 11736 ephemeral: 11737 description: "ephemeral represents a volume that is handled 11738 by a cluster storage driver. The volume's lifecycle is 11739 tied to the pod that defines it - it will be created before 11740 the pod starts, and deleted when the pod is removed. \n 11741 Use this if: a) the volume is only needed while the pod 11742 runs, b) features of normal volumes like restoring from 11743 snapshot or capacity tracking are needed, c) the storage 11744 driver is specified through a storage class, and d) the 11745 storage driver supports dynamic volume provisioning through 11746 \ a PersistentVolumeClaim (see EphemeralVolumeSource 11747 for more information on the connection between this 11748 volume type and PersistentVolumeClaim). \n Use PersistentVolumeClaim 11749 or one of the vendor-specific APIs for volumes that persist 11750 for longer than the lifecycle of an individual pod. \n 11751 Use CSI for light-weight local ephemeral volumes if the 11752 CSI driver is meant to be used that way - see the documentation 11753 of the driver for more information. \n A pod can use both 11754 types of ephemeral volumes and persistent volumes at the 11755 same time." 11756 properties: 11757 volumeClaimTemplate: 11758 description: "Will be used to create a stand-alone PVC 11759 to provision the volume. The pod in which this EphemeralVolumeSource 11760 is embedded will be the owner of the PVC, i.e. the 11761 PVC will be deleted together with the pod. The name 11762 of the PVC will be `<pod name>-<volume name>` where 11763 `<volume name>` is the name from the `PodSpec.Volumes` 11764 array entry. Pod validation will reject the pod if 11765 the concatenated name is not valid for a PVC (for 11766 example, too long). \n An existing PVC with that name 11767 that is not owned by the pod will *not* be used for 11768 the pod to avoid using an unrelated volume by mistake. 11769 Starting the pod is then blocked until the unrelated 11770 PVC is removed. If such a pre-created PVC is meant 11771 to be used by the pod, the PVC has to updated with 11772 an owner reference to the pod once the pod exists. 11773 Normally this should not be necessary, but it may 11774 be useful when manually reconstructing a broken cluster. 11775 \n This field is read-only and no changes will be 11776 made by Kubernetes to the PVC after it has been created. 11777 \n Required, must not be nil." 11778 properties: 11779 metadata: 11780 description: May contain labels and annotations 11781 that will be copied into the PVC when creating 11782 it. No other fields are allowed and will be rejected 11783 during validation. 11784 type: object 11785 spec: 11786 description: The specification for the PersistentVolumeClaim. 11787 The entire content is copied unchanged into the 11788 PVC that gets created from this template. The 11789 same fields as in a PersistentVolumeClaim are 11790 also valid here. 11791 properties: 11792 accessModes: 11793 description: 'accessModes contains the desired 11794 access modes the volume should have. More 11795 info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1' 11796 items: 11797 type: string 11798 type: array 11799 dataSource: 11800 description: 'dataSource field can be used to 11801 specify either: * An existing VolumeSnapshot 11802 object (snapshot.storage.k8s.io/VolumeSnapshot) 11803 * An existing PVC (PersistentVolumeClaim) 11804 If the provisioner or an external controller 11805 can support the specified data source, it 11806 will create a new volume based on the contents 11807 of the specified data source. When the AnyVolumeDataSource 11808 feature gate is enabled, dataSource contents 11809 will be copied to dataSourceRef, and dataSourceRef 11810 contents will be copied to dataSource when 11811 dataSourceRef.namespace is not specified. 11812 If the namespace is specified, then dataSourceRef 11813 will not be copied to dataSource.' 11814 properties: 11815 apiGroup: 11816 description: APIGroup is the group for the 11817 resource being referenced. If APIGroup 11818 is not specified, the specified Kind must 11819 be in the core API group. For any other 11820 third-party types, APIGroup is required. 11821 type: string 11822 kind: 11823 description: Kind is the type of resource 11824 being referenced 11825 type: string 11826 name: 11827 description: Name is the name of resource 11828 being referenced 11829 type: string 11830 required: 11831 - kind 11832 - name 11833 type: object 11834 dataSourceRef: 11835 description: 'dataSourceRef specifies the object 11836 from which to populate the volume with data, 11837 if a non-empty volume is desired. This may 11838 be any object from a non-empty API group (non 11839 core object) or a PersistentVolumeClaim object. 11840 When this field is specified, volume binding 11841 will only succeed if the type of the specified 11842 object matches some installed volume populator 11843 or dynamic provisioner. This field will replace 11844 the functionality of the dataSource field 11845 and as such if both fields are non-empty, 11846 they must have the same value. For backwards 11847 compatibility, when namespace isn''t specified 11848 in dataSourceRef, both fields (dataSource 11849 and dataSourceRef) will be set to the same 11850 value automatically if one of them is empty 11851 and the other is non-empty. When namespace 11852 is specified in dataSourceRef, dataSource 11853 isn''t set to the same value and must be empty. 11854 There are three important differences between 11855 dataSource and dataSourceRef: * While dataSource 11856 only allows two specific types of objects, 11857 dataSourceRef allows any non-core object, 11858 as well as PersistentVolumeClaim objects. 11859 * While dataSource ignores disallowed values 11860 (dropping them), dataSourceRef preserves 11861 all values, and generates an error if a disallowed 11862 value is specified. * While dataSource only 11863 allows local objects, dataSourceRef allows 11864 objects in any namespaces. (Beta) Using 11865 this field requires the AnyVolumeDataSource 11866 feature gate to be enabled. (Alpha) Using 11867 the namespace field of dataSourceRef requires 11868 the CrossNamespaceVolumeDataSource feature 11869 gate to be enabled.' 11870 properties: 11871 apiGroup: 11872 description: APIGroup is the group for the 11873 resource being referenced. If APIGroup 11874 is not specified, the specified Kind must 11875 be in the core API group. For any other 11876 third-party types, APIGroup is required. 11877 type: string 11878 kind: 11879 description: Kind is the type of resource 11880 being referenced 11881 type: string 11882 name: 11883 description: Name is the name of resource 11884 being referenced 11885 type: string 11886 namespace: 11887 description: Namespace is the namespace 11888 of resource being referenced Note that 11889 when a namespace is specified, a gateway.networking.k8s.io/ReferenceGrant 11890 object is required in the referent namespace 11891 to allow that namespace's owner to accept 11892 the reference. See the ReferenceGrant 11893 documentation for details. (Alpha) This 11894 field requires the CrossNamespaceVolumeDataSource 11895 feature gate to be enabled. 11896 type: string 11897 required: 11898 - kind 11899 - name 11900 type: object 11901 resources: 11902 description: 'resources represents the minimum 11903 resources the volume should have. If RecoverVolumeExpansionFailure 11904 feature is enabled users are allowed to specify 11905 resource requirements that are lower than 11906 previous value but must still be higher than 11907 capacity recorded in the status field of the 11908 claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources' 11909 properties: 11910 claims: 11911 description: "Claims lists the names of 11912 resources, defined in spec.resourceClaims, 11913 that are used by this container. \n This 11914 is an alpha field and requires enabling 11915 the DynamicResourceAllocation feature 11916 gate. \n This field is immutable. It can 11917 only be set for containers." 11918 items: 11919 description: ResourceClaim references 11920 one entry in PodSpec.ResourceClaims. 11921 properties: 11922 name: 11923 description: Name must match the name 11924 of one entry in pod.spec.resourceClaims 11925 of the Pod where this field is used. 11926 It makes that resource available 11927 inside a container. 11928 type: string 11929 required: 11930 - name 11931 type: object 11932 type: array 11933 x-kubernetes-list-map-keys: 11934 - name 11935 x-kubernetes-list-type: map 11936 limits: 11937 additionalProperties: 11938 anyOf: 11939 - type: integer 11940 - type: string 11941 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 11942 x-kubernetes-int-or-string: true 11943 description: 'Limits describes the maximum 11944 amount of compute resources allowed. More 11945 info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' 11946 type: object 11947 requests: 11948 additionalProperties: 11949 anyOf: 11950 - type: integer 11951 - type: string 11952 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 11953 x-kubernetes-int-or-string: true 11954 description: 'Requests describes the minimum 11955 amount of compute resources required. 11956 If Requests is omitted for a container, 11957 it defaults to Limits if that is explicitly 11958 specified, otherwise to an implementation-defined 11959 value. Requests cannot exceed Limits. 11960 More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' 11961 type: object 11962 type: object 11963 selector: 11964 description: selector is a label query over 11965 volumes to consider for binding. 11966 properties: 11967 matchExpressions: 11968 description: matchExpressions is a list 11969 of label selector requirements. The requirements 11970 are ANDed. 11971 items: 11972 description: A label selector requirement 11973 is a selector that contains values, 11974 a key, and an operator that relates 11975 the key and values. 11976 properties: 11977 key: 11978 description: key is the label key 11979 that the selector applies to. 11980 type: string 11981 operator: 11982 description: operator represents a 11983 key's relationship to a set of values. 11984 Valid operators are In, NotIn, Exists 11985 and DoesNotExist. 11986 type: string 11987 values: 11988 description: values is an array of 11989 string values. If the operator is 11990 In or NotIn, the values array must 11991 be non-empty. If the operator is 11992 Exists or DoesNotExist, the values 11993 array must be empty. This array 11994 is replaced during a strategic merge 11995 patch. 11996 items: 11997 type: string 11998 type: array 11999 required: 12000 - key 12001 - operator 12002 type: object 12003 type: array 12004 matchLabels: 12005 additionalProperties: 12006 type: string 12007 description: matchLabels is a map of {key,value} 12008 pairs. A single {key,value} in the matchLabels 12009 map is equivalent to an element of matchExpressions, 12010 whose key field is "key", the operator 12011 is "In", and the values array contains 12012 only "value". The requirements are ANDed. 12013 type: object 12014 type: object 12015 storageClassName: 12016 description: 'storageClassName is the name of 12017 the StorageClass required by the claim. More 12018 info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1' 12019 type: string 12020 volumeMode: 12021 description: volumeMode defines what type of 12022 volume is required by the claim. Value of 12023 Filesystem is implied when not included in 12024 claim spec. 12025 type: string 12026 volumeName: 12027 description: volumeName is the binding reference 12028 to the PersistentVolume backing this claim. 12029 type: string 12030 type: object 12031 required: 12032 - spec 12033 type: object 12034 type: object 12035 fc: 12036 description: fc represents a Fibre Channel resource that 12037 is attached to a kubelet's host machine and then exposed 12038 to the pod. 12039 properties: 12040 fsType: 12041 description: 'fsType is the filesystem type to mount. 12042 Must be a filesystem type supported by the host operating 12043 system. Ex. "ext4", "xfs", "ntfs". Implicitly inferred 12044 to be "ext4" if unspecified. TODO: how do we prevent 12045 errors in the filesystem from compromising the machine' 12046 type: string 12047 lun: 12048 description: 'lun is Optional: FC target lun number' 12049 format: int32 12050 type: integer 12051 readOnly: 12052 description: 'readOnly is Optional: Defaults to false 12053 (read/write). ReadOnly here will force the ReadOnly 12054 setting in VolumeMounts.' 12055 type: boolean 12056 targetWWNs: 12057 description: 'targetWWNs is Optional: FC target worldwide 12058 names (WWNs)' 12059 items: 12060 type: string 12061 type: array 12062 wwids: 12063 description: 'wwids Optional: FC volume world wide identifiers 12064 (wwids) Either wwids or combination of targetWWNs 12065 and lun must be set, but not both simultaneously.' 12066 items: 12067 type: string 12068 type: array 12069 type: object 12070 flexVolume: 12071 description: flexVolume represents a generic volume resource 12072 that is provisioned/attached using an exec based plugin. 12073 properties: 12074 driver: 12075 description: driver is the name of the driver to use 12076 for this volume. 12077 type: string 12078 fsType: 12079 description: fsType is the filesystem type to mount. 12080 Must be a filesystem type supported by the host operating 12081 system. Ex. "ext4", "xfs", "ntfs". The default filesystem 12082 depends on FlexVolume script. 12083 type: string 12084 options: 12085 additionalProperties: 12086 type: string 12087 description: 'options is Optional: this field holds 12088 extra command options if any.' 12089 type: object 12090 readOnly: 12091 description: 'readOnly is Optional: defaults to false 12092 (read/write). ReadOnly here will force the ReadOnly 12093 setting in VolumeMounts.' 12094 type: boolean 12095 secretRef: 12096 description: 'secretRef is Optional: secretRef is reference 12097 to the secret object containing sensitive information 12098 to pass to the plugin scripts. This may be empty if 12099 no secret object is specified. If the secret object 12100 contains more than one secret, all secrets are passed 12101 to the plugin scripts.' 12102 properties: 12103 name: 12104 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 12105 TODO: Add other useful fields. apiVersion, kind, 12106 uid?' 12107 type: string 12108 type: object 12109 required: 12110 - driver 12111 type: object 12112 flocker: 12113 description: flocker represents a Flocker volume attached 12114 to a kubelet's host machine. This depends on the Flocker 12115 control service being running 12116 properties: 12117 datasetName: 12118 description: datasetName is Name of the dataset stored 12119 as metadata -> name on the dataset for Flocker should 12120 be considered as deprecated 12121 type: string 12122 datasetUUID: 12123 description: datasetUUID is the UUID of the dataset. 12124 This is unique identifier of a Flocker dataset 12125 type: string 12126 type: object 12127 gcePersistentDisk: 12128 description: 'gcePersistentDisk represents a GCE Disk resource 12129 that is attached to a kubelet''s host machine and then 12130 exposed to the pod. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk' 12131 properties: 12132 fsType: 12133 description: 'fsType is filesystem type of the volume 12134 that you want to mount. Tip: Ensure that the filesystem 12135 type is supported by the host operating system. Examples: 12136 "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" 12137 if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk 12138 TODO: how do we prevent errors in the filesystem from 12139 compromising the machine' 12140 type: string 12141 partition: 12142 description: 'partition is the partition in the volume 12143 that you want to mount. If omitted, the default is 12144 to mount by volume name. Examples: For volume /dev/sda1, 12145 you specify the partition as "1". Similarly, the volume 12146 partition for /dev/sda is "0" (or you can leave the 12147 property empty). More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk' 12148 format: int32 12149 type: integer 12150 pdName: 12151 description: 'pdName is unique name of the PD resource 12152 in GCE. Used to identify the disk in GCE. More info: 12153 https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk' 12154 type: string 12155 readOnly: 12156 description: 'readOnly here will force the ReadOnly 12157 setting in VolumeMounts. Defaults to false. More info: 12158 https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk' 12159 type: boolean 12160 required: 12161 - pdName 12162 type: object 12163 gitRepo: 12164 description: 'gitRepo represents a git repository at a particular 12165 revision. DEPRECATED: GitRepo is deprecated. To provision 12166 a container with a git repo, mount an EmptyDir into an 12167 InitContainer that clones the repo using git, then mount 12168 the EmptyDir into the Pod''s container.' 12169 properties: 12170 directory: 12171 description: directory is the target directory name. 12172 Must not contain or start with '..'. If '.' is supplied, 12173 the volume directory will be the git repository. Otherwise, 12174 if specified, the volume will contain the git repository 12175 in the subdirectory with the given name. 12176 type: string 12177 repository: 12178 description: repository is the URL 12179 type: string 12180 revision: 12181 description: revision is the commit hash for the specified 12182 revision. 12183 type: string 12184 required: 12185 - repository 12186 type: object 12187 glusterfs: 12188 description: 'glusterfs represents a Glusterfs mount on 12189 the host that shares a pod''s lifetime. More info: https://examples.k8s.io/volumes/glusterfs/README.md' 12190 properties: 12191 endpoints: 12192 description: 'endpoints is the endpoint name that details 12193 Glusterfs topology. More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod' 12194 type: string 12195 path: 12196 description: 'path is the Glusterfs volume path. More 12197 info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod' 12198 type: string 12199 readOnly: 12200 description: 'readOnly here will force the Glusterfs 12201 volume to be mounted with read-only permissions. Defaults 12202 to false. More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod' 12203 type: boolean 12204 required: 12205 - endpoints 12206 - path 12207 type: object 12208 hostPath: 12209 description: 'hostPath represents a pre-existing file or 12210 directory on the host machine that is directly exposed 12211 to the container. This is generally used for system agents 12212 or other privileged things that are allowed to see the 12213 host machine. Most containers will NOT need this. More 12214 info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath 12215 --- TODO(jonesdl) We need to restrict who can use host 12216 directory mounts and who can/can not mount host directories 12217 as read/write.' 12218 properties: 12219 path: 12220 description: 'path of the directory on the host. If 12221 the path is a symlink, it will follow the link to 12222 the real path. More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath' 12223 type: string 12224 type: 12225 description: 'type for HostPath Volume Defaults to "" 12226 More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath' 12227 type: string 12228 required: 12229 - path 12230 type: object 12231 iscsi: 12232 description: 'iscsi represents an ISCSI Disk resource that 12233 is attached to a kubelet''s host machine and then exposed 12234 to the pod. More info: https://examples.k8s.io/volumes/iscsi/README.md' 12235 properties: 12236 chapAuthDiscovery: 12237 description: chapAuthDiscovery defines whether support 12238 iSCSI Discovery CHAP authentication 12239 type: boolean 12240 chapAuthSession: 12241 description: chapAuthSession defines whether support 12242 iSCSI Session CHAP authentication 12243 type: boolean 12244 fsType: 12245 description: 'fsType is the filesystem type of the volume 12246 that you want to mount. Tip: Ensure that the filesystem 12247 type is supported by the host operating system. Examples: 12248 "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" 12249 if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#iscsi 12250 TODO: how do we prevent errors in the filesystem from 12251 compromising the machine' 12252 type: string 12253 initiatorName: 12254 description: initiatorName is the custom iSCSI Initiator 12255 Name. If initiatorName is specified with iscsiInterface 12256 simultaneously, new iSCSI interface <target portal>:<volume 12257 name> will be created for the connection. 12258 type: string 12259 iqn: 12260 description: iqn is the target iSCSI Qualified Name. 12261 type: string 12262 iscsiInterface: 12263 description: iscsiInterface is the interface Name that 12264 uses an iSCSI transport. Defaults to 'default' (tcp). 12265 type: string 12266 lun: 12267 description: lun represents iSCSI Target Lun number. 12268 format: int32 12269 type: integer 12270 portals: 12271 description: portals is the iSCSI Target Portal List. 12272 The portal is either an IP or ip_addr:port if the 12273 port is other than default (typically TCP ports 860 12274 and 3260). 12275 items: 12276 type: string 12277 type: array 12278 readOnly: 12279 description: readOnly here will force the ReadOnly setting 12280 in VolumeMounts. Defaults to false. 12281 type: boolean 12282 secretRef: 12283 description: secretRef is the CHAP Secret for iSCSI 12284 target and initiator authentication 12285 properties: 12286 name: 12287 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 12288 TODO: Add other useful fields. apiVersion, kind, 12289 uid?' 12290 type: string 12291 type: object 12292 targetPortal: 12293 description: targetPortal is iSCSI Target Portal. The 12294 Portal is either an IP or ip_addr:port if the port 12295 is other than default (typically TCP ports 860 and 12296 3260). 12297 type: string 12298 required: 12299 - iqn 12300 - lun 12301 - targetPortal 12302 type: object 12303 name: 12304 description: 'name of the volume. Must be a DNS_LABEL and 12305 unique within the pod. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' 12306 type: string 12307 nfs: 12308 description: 'nfs represents an NFS mount on the host that 12309 shares a pod''s lifetime More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs' 12310 properties: 12311 path: 12312 description: 'path that is exported by the NFS server. 12313 More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs' 12314 type: string 12315 readOnly: 12316 description: 'readOnly here will force the NFS export 12317 to be mounted with read-only permissions. Defaults 12318 to false. More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs' 12319 type: boolean 12320 server: 12321 description: 'server is the hostname or IP address of 12322 the NFS server. More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs' 12323 type: string 12324 required: 12325 - path 12326 - server 12327 type: object 12328 persistentVolumeClaim: 12329 description: 'persistentVolumeClaimVolumeSource represents 12330 a reference to a PersistentVolumeClaim in the same namespace. 12331 More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims' 12332 properties: 12333 claimName: 12334 description: 'claimName is the name of a PersistentVolumeClaim 12335 in the same namespace as the pod using this volume. 12336 More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims' 12337 type: string 12338 readOnly: 12339 description: readOnly Will force the ReadOnly setting 12340 in VolumeMounts. Default false. 12341 type: boolean 12342 required: 12343 - claimName 12344 type: object 12345 photonPersistentDisk: 12346 description: photonPersistentDisk represents a PhotonController 12347 persistent disk attached and mounted on kubelets host 12348 machine 12349 properties: 12350 fsType: 12351 description: fsType is the filesystem type to mount. 12352 Must be a filesystem type supported by the host operating 12353 system. Ex. "ext4", "xfs", "ntfs". Implicitly inferred 12354 to be "ext4" if unspecified. 12355 type: string 12356 pdID: 12357 description: pdID is the ID that identifies Photon Controller 12358 persistent disk 12359 type: string 12360 required: 12361 - pdID 12362 type: object 12363 portworxVolume: 12364 description: portworxVolume represents a portworx volume 12365 attached and mounted on kubelets host machine 12366 properties: 12367 fsType: 12368 description: fSType represents the filesystem type to 12369 mount Must be a filesystem type supported by the host 12370 operating system. Ex. "ext4", "xfs". Implicitly inferred 12371 to be "ext4" if unspecified. 12372 type: string 12373 readOnly: 12374 description: readOnly defaults to false (read/write). 12375 ReadOnly here will force the ReadOnly setting in VolumeMounts. 12376 type: boolean 12377 volumeID: 12378 description: volumeID uniquely identifies a Portworx 12379 volume 12380 type: string 12381 required: 12382 - volumeID 12383 type: object 12384 projected: 12385 description: projected items for all in one resources secrets, 12386 configmaps, and downward API 12387 properties: 12388 defaultMode: 12389 description: defaultMode are the mode bits used to set 12390 permissions on created files by default. Must be an 12391 octal value between 0000 and 0777 or a decimal value 12392 between 0 and 511. YAML accepts both octal and decimal 12393 values, JSON requires decimal values for mode bits. 12394 Directories within the path are not affected by this 12395 setting. This might be in conflict with other options 12396 that affect the file mode, like fsGroup, and the result 12397 can be other mode bits set. 12398 format: int32 12399 type: integer 12400 sources: 12401 description: sources is the list of volume projections 12402 items: 12403 description: Projection that may be projected along 12404 with other supported volume types 12405 properties: 12406 configMap: 12407 description: configMap information about the configMap 12408 data to project 12409 properties: 12410 items: 12411 description: items if unspecified, each key-value 12412 pair in the Data field of the referenced 12413 ConfigMap will be projected into the volume 12414 as a file whose name is the key and content 12415 is the value. If specified, the listed keys 12416 will be projected into the specified paths, 12417 and unlisted keys will not be present. If 12418 a key is specified which is not present 12419 in the ConfigMap, the volume setup will 12420 error unless it is marked optional. Paths 12421 must be relative and may not contain the 12422 '..' path or start with '..'. 12423 items: 12424 description: Maps a string key to a path 12425 within a volume. 12426 properties: 12427 key: 12428 description: key is the key to project. 12429 type: string 12430 mode: 12431 description: 'mode is Optional: mode 12432 bits used to set permissions on this 12433 file. Must be an octal value between 12434 0000 and 0777 or a decimal value between 12435 0 and 511. YAML accepts both octal 12436 and decimal values, JSON requires 12437 decimal values for mode bits. If not 12438 specified, the volume defaultMode 12439 will be used. This might be in conflict 12440 with other options that affect the 12441 file mode, like fsGroup, and the result 12442 can be other mode bits set.' 12443 format: int32 12444 type: integer 12445 path: 12446 description: path is the relative path 12447 of the file to map the key to. May 12448 not be an absolute path. May not contain 12449 the path element '..'. May not start 12450 with the string '..'. 12451 type: string 12452 required: 12453 - key 12454 - path 12455 type: object 12456 type: array 12457 name: 12458 description: 'Name of the referent. More info: 12459 https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 12460 TODO: Add other useful fields. apiVersion, 12461 kind, uid?' 12462 type: string 12463 optional: 12464 description: optional specify whether the 12465 ConfigMap or its keys must be defined 12466 type: boolean 12467 type: object 12468 downwardAPI: 12469 description: downwardAPI information about the 12470 downwardAPI data to project 12471 properties: 12472 items: 12473 description: Items is a list of DownwardAPIVolume 12474 file 12475 items: 12476 description: DownwardAPIVolumeFile represents 12477 information to create the file containing 12478 the pod field 12479 properties: 12480 fieldRef: 12481 description: 'Required: Selects a field 12482 of the pod: only annotations, labels, 12483 name and namespace are supported.' 12484 properties: 12485 apiVersion: 12486 description: Version of the schema 12487 the FieldPath is written in terms 12488 of, defaults to "v1". 12489 type: string 12490 fieldPath: 12491 description: Path of the field to 12492 select in the specified API version. 12493 type: string 12494 required: 12495 - fieldPath 12496 type: object 12497 mode: 12498 description: 'Optional: mode bits used 12499 to set permissions on this file, must 12500 be an octal value between 0000 and 12501 0777 or a decimal value between 0 12502 and 511. YAML accepts both octal and 12503 decimal values, JSON requires decimal 12504 values for mode bits. If not specified, 12505 the volume defaultMode will be used. 12506 This might be in conflict with other 12507 options that affect the file mode, 12508 like fsGroup, and the result can be 12509 other mode bits set.' 12510 format: int32 12511 type: integer 12512 path: 12513 description: 'Required: Path is the 12514 relative path name of the file to 12515 be created. Must not be absolute or 12516 contain the ''..'' path. Must be utf-8 12517 encoded. The first item of the relative 12518 path must not start with ''..''' 12519 type: string 12520 resourceFieldRef: 12521 description: 'Selects a resource of 12522 the container: only resources limits 12523 and requests (limits.cpu, limits.memory, 12524 requests.cpu and requests.memory) 12525 are currently supported.' 12526 properties: 12527 containerName: 12528 description: 'Container name: required 12529 for volumes, optional for env 12530 vars' 12531 type: string 12532 divisor: 12533 anyOf: 12534 - type: integer 12535 - type: string 12536 description: Specifies the output 12537 format of the exposed resources, 12538 defaults to "1" 12539 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 12540 x-kubernetes-int-or-string: true 12541 resource: 12542 description: 'Required: resource 12543 to select' 12544 type: string 12545 required: 12546 - resource 12547 type: object 12548 required: 12549 - path 12550 type: object 12551 type: array 12552 type: object 12553 secret: 12554 description: secret information about the secret 12555 data to project 12556 properties: 12557 items: 12558 description: items if unspecified, each key-value 12559 pair in the Data field of the referenced 12560 Secret will be projected into the volume 12561 as a file whose name is the key and content 12562 is the value. If specified, the listed keys 12563 will be projected into the specified paths, 12564 and unlisted keys will not be present. If 12565 a key is specified which is not present 12566 in the Secret, the volume setup will error 12567 unless it is marked optional. Paths must 12568 be relative and may not contain the '..' 12569 path or start with '..'. 12570 items: 12571 description: Maps a string key to a path 12572 within a volume. 12573 properties: 12574 key: 12575 description: key is the key to project. 12576 type: string 12577 mode: 12578 description: 'mode is Optional: mode 12579 bits used to set permissions on this 12580 file. Must be an octal value between 12581 0000 and 0777 or a decimal value between 12582 0 and 511. YAML accepts both octal 12583 and decimal values, JSON requires 12584 decimal values for mode bits. If not 12585 specified, the volume defaultMode 12586 will be used. This might be in conflict 12587 with other options that affect the 12588 file mode, like fsGroup, and the result 12589 can be other mode bits set.' 12590 format: int32 12591 type: integer 12592 path: 12593 description: path is the relative path 12594 of the file to map the key to. May 12595 not be an absolute path. May not contain 12596 the path element '..'. May not start 12597 with the string '..'. 12598 type: string 12599 required: 12600 - key 12601 - path 12602 type: object 12603 type: array 12604 name: 12605 description: 'Name of the referent. More info: 12606 https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 12607 TODO: Add other useful fields. apiVersion, 12608 kind, uid?' 12609 type: string 12610 optional: 12611 description: optional field specify whether 12612 the Secret or its key must be defined 12613 type: boolean 12614 type: object 12615 serviceAccountToken: 12616 description: serviceAccountToken is information 12617 about the serviceAccountToken data to project 12618 properties: 12619 audience: 12620 description: audience is the intended audience 12621 of the token. A recipient of a token must 12622 identify itself with an identifier specified 12623 in the audience of the token, and otherwise 12624 should reject the token. The audience defaults 12625 to the identifier of the apiserver. 12626 type: string 12627 expirationSeconds: 12628 description: expirationSeconds is the requested 12629 duration of validity of the service account 12630 token. As the token approaches expiration, 12631 the kubelet volume plugin will proactively 12632 rotate the service account token. The kubelet 12633 will start trying to rotate the token if 12634 the token is older than 80 percent of its 12635 time to live or if the token is older than 12636 24 hours.Defaults to 1 hour and must be 12637 at least 10 minutes. 12638 format: int64 12639 type: integer 12640 path: 12641 description: path is the path relative to 12642 the mount point of the file to project the 12643 token into. 12644 type: string 12645 required: 12646 - path 12647 type: object 12648 type: object 12649 type: array 12650 type: object 12651 quobyte: 12652 description: quobyte represents a Quobyte mount on the host 12653 that shares a pod's lifetime 12654 properties: 12655 group: 12656 description: group to map volume access to Default is 12657 no group 12658 type: string 12659 readOnly: 12660 description: readOnly here will force the Quobyte volume 12661 to be mounted with read-only permissions. Defaults 12662 to false. 12663 type: boolean 12664 registry: 12665 description: registry represents a single or multiple 12666 Quobyte Registry services specified as a string as 12667 host:port pair (multiple entries are separated with 12668 commas) which acts as the central registry for volumes 12669 type: string 12670 tenant: 12671 description: tenant owning the given Quobyte volume 12672 in the Backend Used with dynamically provisioned Quobyte 12673 volumes, value is set by the plugin 12674 type: string 12675 user: 12676 description: user to map volume access to Defaults to 12677 serivceaccount user 12678 type: string 12679 volume: 12680 description: volume is a string that references an already 12681 created Quobyte volume by name. 12682 type: string 12683 required: 12684 - registry 12685 - volume 12686 type: object 12687 rbd: 12688 description: 'rbd represents a Rados Block Device mount 12689 on the host that shares a pod''s lifetime. More info: 12690 https://examples.k8s.io/volumes/rbd/README.md' 12691 properties: 12692 fsType: 12693 description: 'fsType is the filesystem type of the volume 12694 that you want to mount. Tip: Ensure that the filesystem 12695 type is supported by the host operating system. Examples: 12696 "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" 12697 if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#rbd 12698 TODO: how do we prevent errors in the filesystem from 12699 compromising the machine' 12700 type: string 12701 image: 12702 description: 'image is the rados image name. More info: 12703 https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' 12704 type: string 12705 keyring: 12706 description: 'keyring is the path to key ring for RBDUser. 12707 Default is /etc/ceph/keyring. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' 12708 type: string 12709 monitors: 12710 description: 'monitors is a collection of Ceph monitors. 12711 More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' 12712 items: 12713 type: string 12714 type: array 12715 pool: 12716 description: 'pool is the rados pool name. Default is 12717 rbd. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' 12718 type: string 12719 readOnly: 12720 description: 'readOnly here will force the ReadOnly 12721 setting in VolumeMounts. Defaults to false. More info: 12722 https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' 12723 type: boolean 12724 secretRef: 12725 description: 'secretRef is name of the authentication 12726 secret for RBDUser. If provided overrides keyring. 12727 Default is nil. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' 12728 properties: 12729 name: 12730 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 12731 TODO: Add other useful fields. apiVersion, kind, 12732 uid?' 12733 type: string 12734 type: object 12735 user: 12736 description: 'user is the rados user name. Default is 12737 admin. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' 12738 type: string 12739 required: 12740 - image 12741 - monitors 12742 type: object 12743 scaleIO: 12744 description: scaleIO represents a ScaleIO persistent volume 12745 attached and mounted on Kubernetes nodes. 12746 properties: 12747 fsType: 12748 description: fsType is the filesystem type to mount. 12749 Must be a filesystem type supported by the host operating 12750 system. Ex. "ext4", "xfs", "ntfs". Default is "xfs". 12751 type: string 12752 gateway: 12753 description: gateway is the host address of the ScaleIO 12754 API Gateway. 12755 type: string 12756 protectionDomain: 12757 description: protectionDomain is the name of the ScaleIO 12758 Protection Domain for the configured storage. 12759 type: string 12760 readOnly: 12761 description: readOnly Defaults to false (read/write). 12762 ReadOnly here will force the ReadOnly setting in VolumeMounts. 12763 type: boolean 12764 secretRef: 12765 description: secretRef references to the secret for 12766 ScaleIO user and other sensitive information. If this 12767 is not provided, Login operation will fail. 12768 properties: 12769 name: 12770 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 12771 TODO: Add other useful fields. apiVersion, kind, 12772 uid?' 12773 type: string 12774 type: object 12775 sslEnabled: 12776 description: sslEnabled Flag enable/disable SSL communication 12777 with Gateway, default false 12778 type: boolean 12779 storageMode: 12780 description: storageMode indicates whether the storage 12781 for a volume should be ThickProvisioned or ThinProvisioned. 12782 Default is ThinProvisioned. 12783 type: string 12784 storagePool: 12785 description: storagePool is the ScaleIO Storage Pool 12786 associated with the protection domain. 12787 type: string 12788 system: 12789 description: system is the name of the storage system 12790 as configured in ScaleIO. 12791 type: string 12792 volumeName: 12793 description: volumeName is the name of a volume already 12794 created in the ScaleIO system that is associated with 12795 this volume source. 12796 type: string 12797 required: 12798 - gateway 12799 - secretRef 12800 - system 12801 type: object 12802 secret: 12803 description: 'secret represents a secret that should populate 12804 this volume. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret' 12805 properties: 12806 defaultMode: 12807 description: 'defaultMode is Optional: mode bits used 12808 to set permissions on created files by default. Must 12809 be an octal value between 0000 and 0777 or a decimal 12810 value between 0 and 511. YAML accepts both octal and 12811 decimal values, JSON requires decimal values for mode 12812 bits. Defaults to 0644. Directories within the path 12813 are not affected by this setting. This might be in 12814 conflict with other options that affect the file mode, 12815 like fsGroup, and the result can be other mode bits 12816 set.' 12817 format: int32 12818 type: integer 12819 items: 12820 description: items If unspecified, each key-value pair 12821 in the Data field of the referenced Secret will be 12822 projected into the volume as a file whose name is 12823 the key and content is the value. If specified, the 12824 listed keys will be projected into the specified paths, 12825 and unlisted keys will not be present. If a key is 12826 specified which is not present in the Secret, the 12827 volume setup will error unless it is marked optional. 12828 Paths must be relative and may not contain the '..' 12829 path or start with '..'. 12830 items: 12831 description: Maps a string key to a path within a 12832 volume. 12833 properties: 12834 key: 12835 description: key is the key to project. 12836 type: string 12837 mode: 12838 description: 'mode is Optional: mode bits used 12839 to set permissions on this file. Must be an 12840 octal value between 0000 and 0777 or a decimal 12841 value between 0 and 511. YAML accepts both octal 12842 and decimal values, JSON requires decimal values 12843 for mode bits. If not specified, the volume 12844 defaultMode will be used. This might be in conflict 12845 with other options that affect the file mode, 12846 like fsGroup, and the result can be other mode 12847 bits set.' 12848 format: int32 12849 type: integer 12850 path: 12851 description: path is the relative path of the 12852 file to map the key to. May not be an absolute 12853 path. May not contain the path element '..'. 12854 May not start with the string '..'. 12855 type: string 12856 required: 12857 - key 12858 - path 12859 type: object 12860 type: array 12861 optional: 12862 description: optional field specify whether the Secret 12863 or its keys must be defined 12864 type: boolean 12865 secretName: 12866 description: 'secretName is the name of the secret in 12867 the pod''s namespace to use. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret' 12868 type: string 12869 type: object 12870 storageos: 12871 description: storageOS represents a StorageOS volume attached 12872 and mounted on Kubernetes nodes. 12873 properties: 12874 fsType: 12875 description: fsType is the filesystem type to mount. 12876 Must be a filesystem type supported by the host operating 12877 system. Ex. "ext4", "xfs", "ntfs". Implicitly inferred 12878 to be "ext4" if unspecified. 12879 type: string 12880 readOnly: 12881 description: readOnly defaults to false (read/write). 12882 ReadOnly here will force the ReadOnly setting in VolumeMounts. 12883 type: boolean 12884 secretRef: 12885 description: secretRef specifies the secret to use for 12886 obtaining the StorageOS API credentials. If not specified, 12887 default values will be attempted. 12888 properties: 12889 name: 12890 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 12891 TODO: Add other useful fields. apiVersion, kind, 12892 uid?' 12893 type: string 12894 type: object 12895 volumeName: 12896 description: volumeName is the human-readable name of 12897 the StorageOS volume. Volume names are only unique 12898 within a namespace. 12899 type: string 12900 volumeNamespace: 12901 description: volumeNamespace specifies the scope of 12902 the volume within StorageOS. If no namespace is specified 12903 then the Pod's namespace will be used. This allows 12904 the Kubernetes name scoping to be mirrored within 12905 StorageOS for tighter integration. Set VolumeName 12906 to any name to override the default behaviour. Set 12907 to "default" if you are not using namespaces within 12908 StorageOS. Namespaces that do not pre-exist within 12909 StorageOS will be created. 12910 type: string 12911 type: object 12912 vsphereVolume: 12913 description: vsphereVolume represents a vSphere volume attached 12914 and mounted on kubelets host machine 12915 properties: 12916 fsType: 12917 description: fsType is filesystem type to mount. Must 12918 be a filesystem type supported by the host operating 12919 system. Ex. "ext4", "xfs", "ntfs". Implicitly inferred 12920 to be "ext4" if unspecified. 12921 type: string 12922 storagePolicyID: 12923 description: storagePolicyID is the storage Policy Based 12924 Management (SPBM) profile ID associated with the StoragePolicyName. 12925 type: string 12926 storagePolicyName: 12927 description: storagePolicyName is the storage Policy 12928 Based Management (SPBM) profile name. 12929 type: string 12930 volumePath: 12931 description: volumePath is the path that identifies 12932 vSphere volume vmdk 12933 type: string 12934 required: 12935 - volumePath 12936 type: object 12937 required: 12938 - name 12939 type: object 12940 type: array 12941 type: object 12942 repositoryCredentials: 12943 description: RepositoryCredentials are the Git pull credentials to 12944 configure Argo CD with upon creation of the cluster. 12945 type: string 12946 resourceActions: 12947 description: ResourceActions customizes resource action behavior. 12948 items: 12949 description: Resource Customization for custom action 12950 properties: 12951 action: 12952 type: string 12953 group: 12954 type: string 12955 kind: 12956 type: string 12957 type: object 12958 type: array 12959 resourceExclusions: 12960 description: ResourceExclusions is used to completely ignore entire 12961 classes of resource group/kinds. 12962 type: string 12963 resourceHealthChecks: 12964 description: ResourceHealthChecks customizes resource health check 12965 behavior. 12966 items: 12967 description: Resource Customization for custom health check 12968 properties: 12969 check: 12970 type: string 12971 group: 12972 type: string 12973 kind: 12974 type: string 12975 type: object 12976 type: array 12977 resourceIgnoreDifferences: 12978 description: ResourceIgnoreDifferences customizes resource ignore 12979 difference behavior. 12980 properties: 12981 all: 12982 properties: 12983 jqPathExpressions: 12984 items: 12985 type: string 12986 type: array 12987 jsonPointers: 12988 items: 12989 type: string 12990 type: array 12991 managedFieldsManagers: 12992 items: 12993 type: string 12994 type: array 12995 type: object 12996 resourceIdentifiers: 12997 items: 12998 description: Resource Customization fields for ignore difference 12999 properties: 13000 customization: 13001 properties: 13002 jqPathExpressions: 13003 items: 13004 type: string 13005 type: array 13006 jsonPointers: 13007 items: 13008 type: string 13009 type: array 13010 managedFieldsManagers: 13011 items: 13012 type: string 13013 type: array 13014 type: object 13015 group: 13016 type: string 13017 kind: 13018 type: string 13019 type: object 13020 type: array 13021 type: object 13022 resourceInclusions: 13023 description: ResourceInclusions is used to only include specific group/kinds 13024 in the reconciliation process. 13025 type: string 13026 resourceTrackingMethod: 13027 description: ResourceTrackingMethod defines how Argo CD should track 13028 resources that it manages 13029 type: string 13030 server: 13031 description: Server defines the options for the ArgoCD Server component. 13032 properties: 13033 autoscale: 13034 description: Autoscale defines the autoscale options for the Argo 13035 CD Server component. 13036 properties: 13037 enabled: 13038 description: Enabled will toggle autoscaling support for the 13039 Argo CD Server component. 13040 type: boolean 13041 hpa: 13042 description: HPA defines the HorizontalPodAutoscaler options 13043 for the Argo CD Server component. 13044 properties: 13045 maxReplicas: 13046 description: maxReplicas is the upper limit for the number 13047 of pods that can be set by the autoscaler; cannot be 13048 smaller than MinReplicas. 13049 format: int32 13050 type: integer 13051 minReplicas: 13052 description: minReplicas is the lower limit for the number 13053 of replicas to which the autoscaler can scale down. It 13054 defaults to 1 pod. minReplicas is allowed to be 0 if 13055 the alpha feature gate HPAScaleToZero is enabled and 13056 at least one Object or External metric is configured. Scaling 13057 is active as long as at least one metric value is available. 13058 format: int32 13059 type: integer 13060 scaleTargetRef: 13061 description: reference to scaled resource; horizontal 13062 pod autoscaler will learn the current resource consumption 13063 and will set the desired number of pods by using its 13064 Scale subresource. 13065 properties: 13066 apiVersion: 13067 description: apiVersion is the API version of the 13068 referent 13069 type: string 13070 kind: 13071 description: 'kind is the kind of the referent; More 13072 info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' 13073 type: string 13074 name: 13075 description: 'name is the name of the referent; More 13076 info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' 13077 type: string 13078 required: 13079 - kind 13080 - name 13081 type: object 13082 targetCPUUtilizationPercentage: 13083 description: targetCPUUtilizationPercentage is the target 13084 average CPU utilization (represented as a percentage 13085 of requested CPU) over all the pods; if not specified 13086 the default autoscaling policy will be used. 13087 format: int32 13088 type: integer 13089 required: 13090 - maxReplicas 13091 - scaleTargetRef 13092 type: object 13093 required: 13094 - enabled 13095 type: object 13096 enabled: 13097 description: Enabled is the flag to enable ArgoCD Server during 13098 ArgoCD installation. (optional, default `true`) 13099 type: boolean 13100 env: 13101 description: Env lets you specify environment for API server pods 13102 items: 13103 description: EnvVar represents an environment variable present 13104 in a Container. 13105 properties: 13106 name: 13107 description: Name of the environment variable. Must be a 13108 C_IDENTIFIER. 13109 type: string 13110 value: 13111 description: 'Variable references $(VAR_NAME) are expanded 13112 using the previously defined environment variables in 13113 the container and any service environment variables. If 13114 a variable cannot be resolved, the reference in the input 13115 string will be unchanged. Double $$ are reduced to a single 13116 $, which allows for escaping the $(VAR_NAME) syntax: i.e. 13117 "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". 13118 Escaped references will never be expanded, regardless 13119 of whether the variable exists or not. Defaults to "".' 13120 type: string 13121 valueFrom: 13122 description: Source for the environment variable's value. 13123 Cannot be used if value is not empty. 13124 properties: 13125 configMapKeyRef: 13126 description: Selects a key of a ConfigMap. 13127 properties: 13128 key: 13129 description: The key to select. 13130 type: string 13131 name: 13132 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 13133 TODO: Add other useful fields. apiVersion, kind, 13134 uid?' 13135 type: string 13136 optional: 13137 description: Specify whether the ConfigMap or its 13138 key must be defined 13139 type: boolean 13140 required: 13141 - key 13142 type: object 13143 fieldRef: 13144 description: 'Selects a field of the pod: supports metadata.name, 13145 metadata.namespace, `metadata.labels[''<KEY>'']`, 13146 `metadata.annotations[''<KEY>'']`, spec.nodeName, 13147 spec.serviceAccountName, status.hostIP, status.podIP, 13148 status.podIPs.' 13149 properties: 13150 apiVersion: 13151 description: Version of the schema the FieldPath 13152 is written in terms of, defaults to "v1". 13153 type: string 13154 fieldPath: 13155 description: Path of the field to select in the 13156 specified API version. 13157 type: string 13158 required: 13159 - fieldPath 13160 type: object 13161 resourceFieldRef: 13162 description: 'Selects a resource of the container: only 13163 resources limits and requests (limits.cpu, limits.memory, 13164 limits.ephemeral-storage, requests.cpu, requests.memory 13165 and requests.ephemeral-storage) are currently supported.' 13166 properties: 13167 containerName: 13168 description: 'Container name: required for volumes, 13169 optional for env vars' 13170 type: string 13171 divisor: 13172 anyOf: 13173 - type: integer 13174 - type: string 13175 description: Specifies the output format of the 13176 exposed resources, defaults to "1" 13177 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 13178 x-kubernetes-int-or-string: true 13179 resource: 13180 description: 'Required: resource to select' 13181 type: string 13182 required: 13183 - resource 13184 type: object 13185 secretKeyRef: 13186 description: Selects a key of a secret in the pod's 13187 namespace 13188 properties: 13189 key: 13190 description: The key of the secret to select from. Must 13191 be a valid secret key. 13192 type: string 13193 name: 13194 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 13195 TODO: Add other useful fields. apiVersion, kind, 13196 uid?' 13197 type: string 13198 optional: 13199 description: Specify whether the Secret or its key 13200 must be defined 13201 type: boolean 13202 required: 13203 - key 13204 type: object 13205 type: object 13206 required: 13207 - name 13208 type: object 13209 type: array 13210 extraCommandArgs: 13211 description: Extra Command arguments that would append to the 13212 Argo CD server command. ExtraCommandArgs will not be added, 13213 if one of these commands is already part of the server command 13214 with same or different value. 13215 items: 13216 type: string 13217 type: array 13218 grpc: 13219 description: GRPC defines the state for the Argo CD Server GRPC 13220 options. 13221 properties: 13222 host: 13223 description: Host is the hostname to use for Ingress/Route 13224 resources. 13225 type: string 13226 ingress: 13227 description: Ingress defines the desired state for the Argo 13228 CD Server GRPC Ingress. 13229 properties: 13230 annotations: 13231 additionalProperties: 13232 type: string 13233 description: Annotations is the map of annotations to 13234 apply to the Ingress. 13235 type: object 13236 enabled: 13237 description: Enabled will toggle the creation of the Ingress. 13238 type: boolean 13239 ingressClassName: 13240 description: IngressClassName for the Ingress resource. 13241 type: string 13242 path: 13243 description: Path used for the Ingress resource. 13244 type: string 13245 tls: 13246 description: TLS configuration. Currently the Ingress 13247 only supports a single TLS port, 443. If multiple members 13248 of this list specify different hosts, they will be multiplexed 13249 on the same port according to the hostname specified 13250 through the SNI TLS extension, if the ingress controller 13251 fulfilling the ingress supports SNI. 13252 items: 13253 description: IngressTLS describes the transport layer 13254 security associated with an ingress. 13255 properties: 13256 hosts: 13257 description: hosts is a list of hosts included in 13258 the TLS certificate. The values in this list must 13259 match the name/s used in the tlsSecret. Defaults 13260 to the wildcard host setting for the loadbalancer 13261 controller fulfilling this Ingress, if left unspecified. 13262 items: 13263 type: string 13264 type: array 13265 x-kubernetes-list-type: atomic 13266 secretName: 13267 description: secretName is the name of the secret 13268 used to terminate TLS traffic on port 443. Field 13269 is left optional to allow TLS routing based on 13270 SNI hostname alone. If the SNI host in a listener 13271 conflicts with the "Host" header field used by 13272 an IngressRule, the SNI host is used for termination 13273 and value of the "Host" header is used for routing. 13274 type: string 13275 type: object 13276 type: array 13277 required: 13278 - enabled 13279 type: object 13280 type: object 13281 host: 13282 description: Host is the hostname to use for Ingress/Route resources. 13283 type: string 13284 ingress: 13285 description: Ingress defines the desired state for an Ingress 13286 for the Argo CD Server component. 13287 properties: 13288 annotations: 13289 additionalProperties: 13290 type: string 13291 description: Annotations is the map of annotations to apply 13292 to the Ingress. 13293 type: object 13294 enabled: 13295 description: Enabled will toggle the creation of the Ingress. 13296 type: boolean 13297 ingressClassName: 13298 description: IngressClassName for the Ingress resource. 13299 type: string 13300 path: 13301 description: Path used for the Ingress resource. 13302 type: string 13303 tls: 13304 description: TLS configuration. Currently the Ingress only 13305 supports a single TLS port, 443. If multiple members of 13306 this list specify different hosts, they will be multiplexed 13307 on the same port according to the hostname specified through 13308 the SNI TLS extension, if the ingress controller fulfilling 13309 the ingress supports SNI. 13310 items: 13311 description: IngressTLS describes the transport layer security 13312 associated with an ingress. 13313 properties: 13314 hosts: 13315 description: hosts is a list of hosts included in the 13316 TLS certificate. The values in this list must match 13317 the name/s used in the tlsSecret. Defaults to the 13318 wildcard host setting for the loadbalancer controller 13319 fulfilling this Ingress, if left unspecified. 13320 items: 13321 type: string 13322 type: array 13323 x-kubernetes-list-type: atomic 13324 secretName: 13325 description: secretName is the name of the secret used 13326 to terminate TLS traffic on port 443. Field is left 13327 optional to allow TLS routing based on SNI hostname 13328 alone. If the SNI host in a listener conflicts with 13329 the "Host" header field used by an IngressRule, the 13330 SNI host is used for termination and value of the 13331 "Host" header is used for routing. 13332 type: string 13333 type: object 13334 type: array 13335 required: 13336 - enabled 13337 type: object 13338 insecure: 13339 description: Insecure toggles the insecure flag. 13340 type: boolean 13341 logFormat: 13342 description: LogFormat refers to the log level to be used by the 13343 ArgoCD Server component. Defaults to ArgoCDDefaultLogFormat 13344 if not configured. Valid options are text or json. 13345 type: string 13346 logLevel: 13347 description: LogLevel refers to the log level to be used by the 13348 ArgoCD Server component. Defaults to ArgoCDDefaultLogLevel if 13349 not set. Valid options are debug, info, error, and warn. 13350 type: string 13351 replicas: 13352 description: Replicas defines the number of replicas for argocd-server. 13353 Default is nil. Value should be greater than or equal to 0. 13354 Value will be ignored if Autoscaler is enabled. 13355 format: int32 13356 type: integer 13357 resources: 13358 description: Resources defines the Compute Resources required 13359 by the container for the Argo CD server component. 13360 properties: 13361 claims: 13362 description: "Claims lists the names of resources, defined 13363 in spec.resourceClaims, that are used by this container. 13364 \n This is an alpha field and requires enabling the DynamicResourceAllocation 13365 feature gate. \n This field is immutable. It can only be 13366 set for containers." 13367 items: 13368 description: ResourceClaim references one entry in PodSpec.ResourceClaims. 13369 properties: 13370 name: 13371 description: Name must match the name of one entry in 13372 pod.spec.resourceClaims of the Pod where this field 13373 is used. It makes that resource available inside a 13374 container. 13375 type: string 13376 required: 13377 - name 13378 type: object 13379 type: array 13380 x-kubernetes-list-map-keys: 13381 - name 13382 x-kubernetes-list-type: map 13383 limits: 13384 additionalProperties: 13385 anyOf: 13386 - type: integer 13387 - type: string 13388 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 13389 x-kubernetes-int-or-string: true 13390 description: 'Limits describes the maximum amount of compute 13391 resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' 13392 type: object 13393 requests: 13394 additionalProperties: 13395 anyOf: 13396 - type: integer 13397 - type: string 13398 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 13399 x-kubernetes-int-or-string: true 13400 description: 'Requests describes the minimum amount of compute 13401 resources required. If Requests is omitted for a container, 13402 it defaults to Limits if that is explicitly specified, otherwise 13403 to an implementation-defined value. Requests cannot exceed 13404 Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' 13405 type: object 13406 type: object 13407 route: 13408 description: Route defines the desired state for an OpenShift 13409 Route for the Argo CD Server component. 13410 properties: 13411 annotations: 13412 additionalProperties: 13413 type: string 13414 description: Annotations is the map of annotations to use 13415 for the Route resource. 13416 type: object 13417 enabled: 13418 description: Enabled will toggle the creation of the OpenShift 13419 Route. 13420 type: boolean 13421 labels: 13422 additionalProperties: 13423 type: string 13424 description: Labels is the map of labels to use for the Route 13425 resource 13426 type: object 13427 path: 13428 description: Path the router watches for, to route traffic 13429 for to the service. 13430 type: string 13431 tls: 13432 description: TLS provides the ability to configure certificates 13433 and termination for the Route. 13434 properties: 13435 caCertificate: 13436 description: caCertificate provides the cert authority 13437 certificate contents 13438 type: string 13439 certificate: 13440 description: certificate provides certificate contents 13441 type: string 13442 destinationCACertificate: 13443 description: destinationCACertificate provides the contents 13444 of the ca certificate of the final destination. When 13445 using reencrypt termination this file should be provided 13446 in order to have routers use it for health checks on 13447 the secure connection. If this field is not specified, 13448 the router may provide its own destination CA and perform 13449 hostname validation using the short service name (service.namespace.svc), 13450 which allows infrastructure generated certificates to 13451 automatically verify. 13452 type: string 13453 insecureEdgeTerminationPolicy: 13454 description: "insecureEdgeTerminationPolicy indicates 13455 the desired behavior for insecure connections to a route. 13456 While each router may make its own decisions on which 13457 ports to expose, this is normally port 80. \n * Allow 13458 - traffic is sent to the server on the insecure port 13459 (default) * Disable - no traffic is allowed on the insecure 13460 port. * Redirect - clients are redirected to the secure 13461 port." 13462 type: string 13463 key: 13464 description: key provides key file contents 13465 type: string 13466 termination: 13467 description: termination indicates termination type. 13468 type: string 13469 required: 13470 - termination 13471 type: object 13472 wildcardPolicy: 13473 description: WildcardPolicy if any for the route. Currently 13474 only 'Subdomain' or 'None' is allowed. 13475 type: string 13476 required: 13477 - enabled 13478 type: object 13479 service: 13480 description: Service defines the options for the Service backing 13481 the ArgoCD Server component. 13482 properties: 13483 type: 13484 description: Type is the ServiceType to use for the Service 13485 resource. 13486 type: string 13487 required: 13488 - type 13489 type: object 13490 type: object 13491 sourceNamespaces: 13492 description: SourceNamespaces defines the namespaces application resources 13493 are allowed to be created in 13494 items: 13495 type: string 13496 type: array 13497 sso: 13498 description: SSO defines the Single Sign-on configuration for Argo 13499 CD 13500 properties: 13501 dex: 13502 description: Dex contains the configuration for Argo CD dex authentication 13503 properties: 13504 config: 13505 description: Config is the dex connector configuration. 13506 type: string 13507 env: 13508 description: Env lets you specify environment variables for 13509 Dex. 13510 items: 13511 description: EnvVar represents an environment variable present 13512 in a Container. 13513 properties: 13514 name: 13515 description: Name of the environment variable. Must 13516 be a C_IDENTIFIER. 13517 type: string 13518 value: 13519 description: 'Variable references $(VAR_NAME) are expanded 13520 using the previously defined environment variables 13521 in the container and any service environment variables. 13522 If a variable cannot be resolved, the reference in 13523 the input string will be unchanged. Double $$ are 13524 reduced to a single $, which allows for escaping the 13525 $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" will produce 13526 the string literal "$(VAR_NAME)". Escaped references 13527 will never be expanded, regardless of whether the 13528 variable exists or not. Defaults to "".' 13529 type: string 13530 valueFrom: 13531 description: Source for the environment variable's value. 13532 Cannot be used if value is not empty. 13533 properties: 13534 configMapKeyRef: 13535 description: Selects a key of a ConfigMap. 13536 properties: 13537 key: 13538 description: The key to select. 13539 type: string 13540 name: 13541 description: 'Name of the referent. More info: 13542 https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 13543 TODO: Add other useful fields. apiVersion, 13544 kind, uid?' 13545 type: string 13546 optional: 13547 description: Specify whether the ConfigMap or 13548 its key must be defined 13549 type: boolean 13550 required: 13551 - key 13552 type: object 13553 fieldRef: 13554 description: 'Selects a field of the pod: supports 13555 metadata.name, metadata.namespace, `metadata.labels[''<KEY>'']`, 13556 `metadata.annotations[''<KEY>'']`, spec.nodeName, 13557 spec.serviceAccountName, status.hostIP, status.podIP, 13558 status.podIPs.' 13559 properties: 13560 apiVersion: 13561 description: Version of the schema the FieldPath 13562 is written in terms of, defaults to "v1". 13563 type: string 13564 fieldPath: 13565 description: Path of the field to select in 13566 the specified API version. 13567 type: string 13568 required: 13569 - fieldPath 13570 type: object 13571 resourceFieldRef: 13572 description: 'Selects a resource of the container: 13573 only resources limits and requests (limits.cpu, 13574 limits.memory, limits.ephemeral-storage, requests.cpu, 13575 requests.memory and requests.ephemeral-storage) 13576 are currently supported.' 13577 properties: 13578 containerName: 13579 description: 'Container name: required for volumes, 13580 optional for env vars' 13581 type: string 13582 divisor: 13583 anyOf: 13584 - type: integer 13585 - type: string 13586 description: Specifies the output format of 13587 the exposed resources, defaults to "1" 13588 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 13589 x-kubernetes-int-or-string: true 13590 resource: 13591 description: 'Required: resource to select' 13592 type: string 13593 required: 13594 - resource 13595 type: object 13596 secretKeyRef: 13597 description: Selects a key of a secret in the pod's 13598 namespace 13599 properties: 13600 key: 13601 description: The key of the secret to select 13602 from. Must be a valid secret key. 13603 type: string 13604 name: 13605 description: 'Name of the referent. More info: 13606 https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 13607 TODO: Add other useful fields. apiVersion, 13608 kind, uid?' 13609 type: string 13610 optional: 13611 description: Specify whether the Secret or its 13612 key must be defined 13613 type: boolean 13614 required: 13615 - key 13616 type: object 13617 type: object 13618 required: 13619 - name 13620 type: object 13621 type: array 13622 groups: 13623 description: Optional list of required groups a user must 13624 be a member of 13625 items: 13626 type: string 13627 type: array 13628 image: 13629 description: Image is the Dex container image. 13630 type: string 13631 openShiftOAuth: 13632 description: OpenShiftOAuth enables OpenShift OAuth authentication 13633 for the Dex server. 13634 type: boolean 13635 resources: 13636 description: Resources defines the Compute Resources required 13637 by the container for Dex. 13638 properties: 13639 claims: 13640 description: "Claims lists the names of resources, defined 13641 in spec.resourceClaims, that are used by this container. 13642 \n This is an alpha field and requires enabling the 13643 DynamicResourceAllocation feature gate. \n This field 13644 is immutable. It can only be set for containers." 13645 items: 13646 description: ResourceClaim references one entry in PodSpec.ResourceClaims. 13647 properties: 13648 name: 13649 description: Name must match the name of one entry 13650 in pod.spec.resourceClaims of the Pod where this 13651 field is used. It makes that resource available 13652 inside a container. 13653 type: string 13654 required: 13655 - name 13656 type: object 13657 type: array 13658 x-kubernetes-list-map-keys: 13659 - name 13660 x-kubernetes-list-type: map 13661 limits: 13662 additionalProperties: 13663 anyOf: 13664 - type: integer 13665 - type: string 13666 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 13667 x-kubernetes-int-or-string: true 13668 description: 'Limits describes the maximum amount of compute 13669 resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' 13670 type: object 13671 requests: 13672 additionalProperties: 13673 anyOf: 13674 - type: integer 13675 - type: string 13676 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 13677 x-kubernetes-int-or-string: true 13678 description: 'Requests describes the minimum amount of 13679 compute resources required. If Requests is omitted for 13680 a container, it defaults to Limits if that is explicitly 13681 specified, otherwise to an implementation-defined value. 13682 Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' 13683 type: object 13684 type: object 13685 version: 13686 description: Version is the Dex container image tag. 13687 type: string 13688 type: object 13689 keycloak: 13690 description: Keycloak contains the configuration for Argo CD keycloak 13691 authentication 13692 properties: 13693 image: 13694 description: Image is the Keycloak container image. 13695 type: string 13696 resources: 13697 description: Resources defines the Compute Resources required 13698 by the container for Keycloak. 13699 properties: 13700 claims: 13701 description: "Claims lists the names of resources, defined 13702 in spec.resourceClaims, that are used by this container. 13703 \n This is an alpha field and requires enabling the 13704 DynamicResourceAllocation feature gate. \n This field 13705 is immutable. It can only be set for containers." 13706 items: 13707 description: ResourceClaim references one entry in PodSpec.ResourceClaims. 13708 properties: 13709 name: 13710 description: Name must match the name of one entry 13711 in pod.spec.resourceClaims of the Pod where this 13712 field is used. It makes that resource available 13713 inside a container. 13714 type: string 13715 required: 13716 - name 13717 type: object 13718 type: array 13719 x-kubernetes-list-map-keys: 13720 - name 13721 x-kubernetes-list-type: map 13722 limits: 13723 additionalProperties: 13724 anyOf: 13725 - type: integer 13726 - type: string 13727 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 13728 x-kubernetes-int-or-string: true 13729 description: 'Limits describes the maximum amount of compute 13730 resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' 13731 type: object 13732 requests: 13733 additionalProperties: 13734 anyOf: 13735 - type: integer 13736 - type: string 13737 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 13738 x-kubernetes-int-or-string: true 13739 description: 'Requests describes the minimum amount of 13740 compute resources required. If Requests is omitted for 13741 a container, it defaults to Limits if that is explicitly 13742 specified, otherwise to an implementation-defined value. 13743 Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' 13744 type: object 13745 type: object 13746 rootCA: 13747 description: Custom root CA certificate for communicating 13748 with the Keycloak OIDC provider 13749 type: string 13750 verifyTLS: 13751 description: VerifyTLS set to false disables strict TLS validation. 13752 type: boolean 13753 version: 13754 description: Version is the Keycloak container image tag. 13755 type: string 13756 type: object 13757 provider: 13758 description: Provider installs and configures the given SSO Provider 13759 with Argo CD. 13760 type: string 13761 type: object 13762 statusBadgeEnabled: 13763 description: StatusBadgeEnabled toggles application status badge feature. 13764 type: boolean 13765 tls: 13766 description: TLS defines the TLS options for ArgoCD. 13767 properties: 13768 ca: 13769 description: CA defines the CA options. 13770 properties: 13771 configMapName: 13772 description: ConfigMapName is the name of the ConfigMap containing 13773 the CA Certificate. 13774 type: string 13775 secretName: 13776 description: SecretName is the name of the Secret containing 13777 the CA Certificate and Key. 13778 type: string 13779 type: object 13780 initialCerts: 13781 additionalProperties: 13782 type: string 13783 description: InitialCerts defines custom TLS certificates upon 13784 creation of the cluster for connecting Git repositories via 13785 HTTPS. 13786 type: object 13787 type: object 13788 usersAnonymousEnabled: 13789 description: UsersAnonymousEnabled toggles anonymous user access. 13790 The anonymous users get default role permissions specified argocd-rbac-cm. 13791 type: boolean 13792 version: 13793 description: Version is the tag to use with the ArgoCD container image 13794 for all ArgoCD components. 13795 type: string 13796 type: object 13797 status: 13798 description: ArgoCDStatus defines the observed state of ArgoCD 13799 properties: 13800 applicationController: 13801 description: 'ApplicationController is a simple, high-level summary 13802 of where the Argo CD application controller component is in its 13803 lifecycle. There are four possible ApplicationController values: 13804 Pending: The Argo CD application controller component has been accepted 13805 by the Kubernetes system, but one or more of the required resources 13806 have not been created. Running: All of the required Pods for the 13807 Argo CD application controller component are in a Ready state. Failed: 13808 At least one of the Argo CD application controller component Pods 13809 had a failure. Unknown: The state of the Argo CD application controller 13810 component could not be obtained.' 13811 type: string 13812 applicationSetController: 13813 description: 'ApplicationSetController is a simple, high-level summary 13814 of where the Argo CD applicationSet controller component is in its 13815 lifecycle. There are four possible ApplicationSetController values: 13816 Pending: The Argo CD applicationSet controller component has been 13817 accepted by the Kubernetes system, but one or more of the required 13818 resources have not been created. Running: All of the required Pods 13819 for the Argo CD applicationSet controller component are in a Ready 13820 state. Failed: At least one of the Argo CD applicationSet controller 13821 component Pods had a failure. Unknown: The state of the Argo CD 13822 applicationSet controller component could not be obtained.' 13823 type: string 13824 host: 13825 description: Host is the hostname of the Ingress. 13826 type: string 13827 notificationsController: 13828 description: 'NotificationsController is a simple, high-level summary 13829 of where the Argo CD notifications controller component is in its 13830 lifecycle. There are four possible NotificationsController values: 13831 Pending: The Argo CD notifications controller component has been 13832 accepted by the Kubernetes system, but one or more of the required 13833 resources have not been created. Running: All of the required Pods 13834 for the Argo CD notifications controller component are in a Ready 13835 state. Failed: At least one of the Argo CD notifications controller 13836 component Pods had a failure. Unknown: The state of the Argo CD 13837 notifications controller component could not be obtained.' 13838 type: string 13839 phase: 13840 description: 'Phase is a simple, high-level summary of where the ArgoCD 13841 is in its lifecycle. There are four possible phase values: Pending: 13842 The ArgoCD has been accepted by the Kubernetes system, but one or 13843 more of the required resources have not been created. Available: 13844 All of the resources for the ArgoCD are ready. Failed: At least 13845 one resource has experienced a failure. Unknown: The state of the 13846 ArgoCD phase could not be obtained.' 13847 type: string 13848 redis: 13849 description: 'Redis is a simple, high-level summary of where the Argo 13850 CD Redis component is in its lifecycle. There are four possible 13851 redis values: Pending: The Argo CD Redis component has been accepted 13852 by the Kubernetes system, but one or more of the required resources 13853 have not been created. Running: All of the required Pods for the 13854 Argo CD Redis component are in a Ready state. Failed: At least one 13855 of the Argo CD Redis component Pods had a failure. Unknown: The 13856 state of the Argo CD Redis component could not be obtained.' 13857 type: string 13858 redisTLSChecksum: 13859 description: RedisTLSChecksum contains the SHA256 checksum of the 13860 latest known state of tls.crt and tls.key in the argocd-operator-redis-tls 13861 secret. 13862 type: string 13863 repo: 13864 description: 'Repo is a simple, high-level summary of where the Argo 13865 CD Repo component is in its lifecycle. There are four possible repo 13866 values: Pending: The Argo CD Repo component has been accepted by 13867 the Kubernetes system, but one or more of the required resources 13868 have not been created. Running: All of the required Pods for the 13869 Argo CD Repo component are in a Ready state. Failed: At least one 13870 of the Argo CD Repo component Pods had a failure. Unknown: The 13871 state of the Argo CD Repo component could not be obtained.' 13872 type: string 13873 repoTLSChecksum: 13874 description: RepoTLSChecksum contains the SHA256 checksum of the latest 13875 known state of tls.crt and tls.key in the argocd-repo-server-tls 13876 secret. 13877 type: string 13878 server: 13879 description: 'Server is a simple, high-level summary of where the 13880 Argo CD server component is in its lifecycle. There are four possible 13881 server values: Pending: The Argo CD server component has been accepted 13882 by the Kubernetes system, but one or more of the required resources 13883 have not been created. Running: All of the required Pods for the 13884 Argo CD server component are in a Ready state. Failed: At least 13885 one of the Argo CD server component Pods had a failure. Unknown: 13886 The state of the Argo CD server component could not be obtained.' 13887 type: string 13888 sso: 13889 description: 'SSO is a simple, high-level summary of where the Argo 13890 CD SSO(Dex/Keycloak) component is in its lifecycle. There are four 13891 possible sso values: Pending: The Argo CD SSO component has been 13892 accepted by the Kubernetes system, but one or more of the required 13893 resources have not been created. Running: All of the required Pods 13894 for the Argo CD SSO component are in a Ready state. Failed: At least 13895 one of the Argo CD SSO component Pods had a failure. Unknown: The 13896 state of the Argo CD SSO component could not be obtained.' 13897 type: string 13898 type: object 13899 type: object 13900 served: true 13901 storage: true 13902 subresources: 13903 status: {} 13904 status: 13905 acceptedNames: 13906 kind: "" 13907 plural: "" 13908 conditions: [] 13909 storedVersions: []