github.com/argoproj-labs/argocd-operator@v0.10.0/deploy/olm-catalog/argocd-operator/0.9.0/argoproj.io_argocds.yaml (about) 1 apiVersion: apiextensions.k8s.io/v1 2 kind: CustomResourceDefinition 3 metadata: 4 annotations: 5 controller-gen.kubebuilder.io/version: v0.6.1 6 creationTimestamp: null 7 name: argocds.argoproj.io 8 spec: 9 conversion: 10 strategy: Webhook 11 webhook: 12 clientConfig: 13 service: 14 name: argocd-operator-webhook-service 15 namespace: argocd-operator-system 16 path: /convert 17 conversionReviewVersions: 18 - v1alpha1 19 - v1beta1 20 group: argoproj.io 21 names: 22 kind: ArgoCD 23 listKind: ArgoCDList 24 plural: argocds 25 singular: argocd 26 scope: Namespaced 27 versions: 28 - deprecated: true 29 deprecationWarning: ArgoCD v1alpha1 version is deprecated and will be converted 30 to v1beta1 automatically. Moving forward, please use v1beta1 as the ArgoCD API 31 version. 32 name: v1alpha1 33 schema: 34 openAPIV3Schema: 35 description: ArgoCD is the Schema for the argocds API 36 properties: 37 apiVersion: 38 description: 'APIVersion defines the versioned schema of this representation 39 of an object. Servers should convert recognized schemas to the latest 40 internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' 41 type: string 42 kind: 43 description: 'Kind is a string value representing the REST resource this 44 object represents. Servers may infer this from the endpoint the client 45 submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' 46 type: string 47 metadata: 48 type: object 49 spec: 50 description: ArgoCDSpec defines the desired state of ArgoCD 51 properties: 52 applicationInstanceLabelKey: 53 description: ApplicationInstanceLabelKey is the key name where Argo 54 CD injects the app name as a tracking label. 55 type: string 56 applicationSet: 57 description: ArgoCDApplicationSet defines whether the Argo CD ApplicationSet 58 controller should be installed. 59 properties: 60 env: 61 description: Env lets you specify environment for applicationSet 62 controller pods 63 items: 64 description: EnvVar represents an environment variable present 65 in a Container. 66 properties: 67 name: 68 description: Name of the environment variable. Must be a 69 C_IDENTIFIER. 70 type: string 71 value: 72 description: 'Variable references $(VAR_NAME) are expanded 73 using the previously defined environment variables in 74 the container and any service environment variables. If 75 a variable cannot be resolved, the reference in the input 76 string will be unchanged. Double $$ are reduced to a single 77 $, which allows for escaping the $(VAR_NAME) syntax: i.e. 78 "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". 79 Escaped references will never be expanded, regardless 80 of whether the variable exists or not. Defaults to "".' 81 type: string 82 valueFrom: 83 description: Source for the environment variable's value. 84 Cannot be used if value is not empty. 85 properties: 86 configMapKeyRef: 87 description: Selects a key of a ConfigMap. 88 properties: 89 key: 90 description: The key to select. 91 type: string 92 name: 93 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 94 TODO: Add other useful fields. apiVersion, kind, 95 uid?' 96 type: string 97 optional: 98 description: Specify whether the ConfigMap or its 99 key must be defined 100 type: boolean 101 required: 102 - key 103 type: object 104 fieldRef: 105 description: 'Selects a field of the pod: supports metadata.name, 106 metadata.namespace, `metadata.labels[''<KEY>'']`, 107 `metadata.annotations[''<KEY>'']`, spec.nodeName, 108 spec.serviceAccountName, status.hostIP, status.podIP, 109 status.podIPs.' 110 properties: 111 apiVersion: 112 description: Version of the schema the FieldPath 113 is written in terms of, defaults to "v1". 114 type: string 115 fieldPath: 116 description: Path of the field to select in the 117 specified API version. 118 type: string 119 required: 120 - fieldPath 121 type: object 122 resourceFieldRef: 123 description: 'Selects a resource of the container: only 124 resources limits and requests (limits.cpu, limits.memory, 125 limits.ephemeral-storage, requests.cpu, requests.memory 126 and requests.ephemeral-storage) are currently supported.' 127 properties: 128 containerName: 129 description: 'Container name: required for volumes, 130 optional for env vars' 131 type: string 132 divisor: 133 anyOf: 134 - type: integer 135 - type: string 136 description: Specifies the output format of the 137 exposed resources, defaults to "1" 138 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 139 x-kubernetes-int-or-string: true 140 resource: 141 description: 'Required: resource to select' 142 type: string 143 required: 144 - resource 145 type: object 146 secretKeyRef: 147 description: Selects a key of a secret in the pod's 148 namespace 149 properties: 150 key: 151 description: The key of the secret to select from. Must 152 be a valid secret key. 153 type: string 154 name: 155 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 156 TODO: Add other useful fields. apiVersion, kind, 157 uid?' 158 type: string 159 optional: 160 description: Specify whether the Secret or its key 161 must be defined 162 type: boolean 163 required: 164 - key 165 type: object 166 type: object 167 required: 168 - name 169 type: object 170 type: array 171 extraCommandArgs: 172 description: ExtraCommandArgs allows users to pass command line 173 arguments to ApplicationSet controller. They get added to default 174 command line arguments provided by the operator. Please note 175 that the command line arguments provided as part of ExtraCommandArgs 176 will not overwrite the default command line arguments. 177 items: 178 type: string 179 type: array 180 image: 181 description: Image is the Argo CD ApplicationSet image (optional) 182 type: string 183 logLevel: 184 description: LogLevel describes the log level that should be used 185 by the ApplicationSet controller. Defaults to ArgoCDDefaultLogLevel 186 if not set. Valid options are debug,info, error, and warn. 187 type: string 188 resources: 189 description: Resources defines the Compute Resources required 190 by the container for ApplicationSet. 191 properties: 192 claims: 193 description: "Claims lists the names of resources, defined 194 in spec.resourceClaims, that are used by this container. 195 \n This is an alpha field and requires enabling the DynamicResourceAllocation 196 feature gate. \n This field is immutable. It can only be 197 set for containers." 198 items: 199 description: ResourceClaim references one entry in PodSpec.ResourceClaims. 200 properties: 201 name: 202 description: Name must match the name of one entry in 203 pod.spec.resourceClaims of the Pod where this field 204 is used. It makes that resource available inside a 205 container. 206 type: string 207 required: 208 - name 209 type: object 210 type: array 211 x-kubernetes-list-map-keys: 212 - name 213 x-kubernetes-list-type: map 214 limits: 215 additionalProperties: 216 anyOf: 217 - type: integer 218 - type: string 219 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 220 x-kubernetes-int-or-string: true 221 description: 'Limits describes the maximum amount of compute 222 resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' 223 type: object 224 requests: 225 additionalProperties: 226 anyOf: 227 - type: integer 228 - type: string 229 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 230 x-kubernetes-int-or-string: true 231 description: 'Requests describes the minimum amount of compute 232 resources required. If Requests is omitted for a container, 233 it defaults to Limits if that is explicitly specified, otherwise 234 to an implementation-defined value. Requests cannot exceed 235 Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' 236 type: object 237 type: object 238 version: 239 description: Version is the Argo CD ApplicationSet image tag. 240 (optional) 241 type: string 242 webhookServer: 243 description: WebhookServerSpec defines the options for the ApplicationSet 244 Webhook Server component. 245 properties: 246 host: 247 description: Host is the hostname to use for Ingress/Route 248 resources. 249 type: string 250 ingress: 251 description: Ingress defines the desired state for an Ingress 252 for the Application set webhook component. 253 properties: 254 annotations: 255 additionalProperties: 256 type: string 257 description: Annotations is the map of annotations to 258 apply to the Ingress. 259 type: object 260 enabled: 261 description: Enabled will toggle the creation of the Ingress. 262 type: boolean 263 ingressClassName: 264 description: IngressClassName for the Ingress resource. 265 type: string 266 path: 267 description: Path used for the Ingress resource. 268 type: string 269 tls: 270 description: TLS configuration. Currently the Ingress 271 only supports a single TLS port, 443. If multiple members 272 of this list specify different hosts, they will be multiplexed 273 on the same port according to the hostname specified 274 through the SNI TLS extension, if the ingress controller 275 fulfilling the ingress supports SNI. 276 items: 277 description: IngressTLS describes the transport layer 278 security associated with an ingress. 279 properties: 280 hosts: 281 description: hosts is a list of hosts included in 282 the TLS certificate. The values in this list must 283 match the name/s used in the tlsSecret. Defaults 284 to the wildcard host setting for the loadbalancer 285 controller fulfilling this Ingress, if left unspecified. 286 items: 287 type: string 288 type: array 289 x-kubernetes-list-type: atomic 290 secretName: 291 description: secretName is the name of the secret 292 used to terminate TLS traffic on port 443. Field 293 is left optional to allow TLS routing based on 294 SNI hostname alone. If the SNI host in a listener 295 conflicts with the "Host" header field used by 296 an IngressRule, the SNI host is used for termination 297 and value of the "Host" header is used for routing. 298 type: string 299 type: object 300 type: array 301 required: 302 - enabled 303 type: object 304 route: 305 description: Route defines the desired state for an OpenShift 306 Route for the Application set webhook component. 307 properties: 308 annotations: 309 additionalProperties: 310 type: string 311 description: Annotations is the map of annotations to 312 use for the Route resource. 313 type: object 314 enabled: 315 description: Enabled will toggle the creation of the OpenShift 316 Route. 317 type: boolean 318 labels: 319 additionalProperties: 320 type: string 321 description: Labels is the map of labels to use for the 322 Route resource 323 type: object 324 path: 325 description: Path the router watches for, to route traffic 326 for to the service. 327 type: string 328 tls: 329 description: TLS provides the ability to configure certificates 330 and termination for the Route. 331 properties: 332 caCertificate: 333 description: caCertificate provides the cert authority 334 certificate contents 335 type: string 336 certificate: 337 description: certificate provides certificate contents 338 type: string 339 destinationCACertificate: 340 description: destinationCACertificate provides the 341 contents of the ca certificate of the final destination. When 342 using reencrypt termination this file should be 343 provided in order to have routers use it for health 344 checks on the secure connection. If this field is 345 not specified, the router may provide its own destination 346 CA and perform hostname validation using the short 347 service name (service.namespace.svc), which allows 348 infrastructure generated certificates to automatically 349 verify. 350 type: string 351 insecureEdgeTerminationPolicy: 352 description: "insecureEdgeTerminationPolicy indicates 353 the desired behavior for insecure connections to 354 a route. While each router may make its own decisions 355 on which ports to expose, this is normally port 356 80. \n * Allow - traffic is sent to the server on 357 the insecure port (default) * Disable - no traffic 358 is allowed on the insecure port. * Redirect - clients 359 are redirected to the secure port." 360 type: string 361 key: 362 description: key provides key file contents 363 type: string 364 termination: 365 description: termination indicates termination type. 366 type: string 367 required: 368 - termination 369 type: object 370 wildcardPolicy: 371 description: WildcardPolicy if any for the route. Currently 372 only 'Subdomain' or 'None' is allowed. 373 type: string 374 required: 375 - enabled 376 type: object 377 type: object 378 type: object 379 banner: 380 description: Banner defines an additional banner to be displayed in 381 Argo CD UI 382 properties: 383 content: 384 description: Content defines the banner message content to display 385 type: string 386 url: 387 description: URL defines an optional URL to be used as banner 388 message link 389 type: string 390 required: 391 - content 392 type: object 393 configManagementPlugins: 394 description: ConfigManagementPlugins is used to specify additional 395 config management plugins. 396 type: string 397 controller: 398 description: Controller defines the Application Controller options 399 for ArgoCD. 400 properties: 401 appSync: 402 description: "AppSync is used to control the sync frequency, by 403 default the ArgoCD controller polls Git every 3m. \n Set this 404 to a duration, e.g. 10m or 600s to control the synchronisation 405 frequency." 406 type: string 407 env: 408 description: Env lets you specify environment for application 409 controller pods 410 items: 411 description: EnvVar represents an environment variable present 412 in a Container. 413 properties: 414 name: 415 description: Name of the environment variable. Must be a 416 C_IDENTIFIER. 417 type: string 418 value: 419 description: 'Variable references $(VAR_NAME) are expanded 420 using the previously defined environment variables in 421 the container and any service environment variables. If 422 a variable cannot be resolved, the reference in the input 423 string will be unchanged. Double $$ are reduced to a single 424 $, which allows for escaping the $(VAR_NAME) syntax: i.e. 425 "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". 426 Escaped references will never be expanded, regardless 427 of whether the variable exists or not. Defaults to "".' 428 type: string 429 valueFrom: 430 description: Source for the environment variable's value. 431 Cannot be used if value is not empty. 432 properties: 433 configMapKeyRef: 434 description: Selects a key of a ConfigMap. 435 properties: 436 key: 437 description: The key to select. 438 type: string 439 name: 440 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 441 TODO: Add other useful fields. apiVersion, kind, 442 uid?' 443 type: string 444 optional: 445 description: Specify whether the ConfigMap or its 446 key must be defined 447 type: boolean 448 required: 449 - key 450 type: object 451 fieldRef: 452 description: 'Selects a field of the pod: supports metadata.name, 453 metadata.namespace, `metadata.labels[''<KEY>'']`, 454 `metadata.annotations[''<KEY>'']`, spec.nodeName, 455 spec.serviceAccountName, status.hostIP, status.podIP, 456 status.podIPs.' 457 properties: 458 apiVersion: 459 description: Version of the schema the FieldPath 460 is written in terms of, defaults to "v1". 461 type: string 462 fieldPath: 463 description: Path of the field to select in the 464 specified API version. 465 type: string 466 required: 467 - fieldPath 468 type: object 469 resourceFieldRef: 470 description: 'Selects a resource of the container: only 471 resources limits and requests (limits.cpu, limits.memory, 472 limits.ephemeral-storage, requests.cpu, requests.memory 473 and requests.ephemeral-storage) are currently supported.' 474 properties: 475 containerName: 476 description: 'Container name: required for volumes, 477 optional for env vars' 478 type: string 479 divisor: 480 anyOf: 481 - type: integer 482 - type: string 483 description: Specifies the output format of the 484 exposed resources, defaults to "1" 485 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 486 x-kubernetes-int-or-string: true 487 resource: 488 description: 'Required: resource to select' 489 type: string 490 required: 491 - resource 492 type: object 493 secretKeyRef: 494 description: Selects a key of a secret in the pod's 495 namespace 496 properties: 497 key: 498 description: The key of the secret to select from. Must 499 be a valid secret key. 500 type: string 501 name: 502 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 503 TODO: Add other useful fields. apiVersion, kind, 504 uid?' 505 type: string 506 optional: 507 description: Specify whether the Secret or its key 508 must be defined 509 type: boolean 510 required: 511 - key 512 type: object 513 type: object 514 required: 515 - name 516 type: object 517 type: array 518 logFormat: 519 description: LogFormat refers to the log format used by the Application 520 Controller component. Defaults to ArgoCDDefaultLogFormat if 521 not configured. Valid options are text or json. 522 type: string 523 logLevel: 524 description: LogLevel refers to the log level used by the Application 525 Controller component. Defaults to ArgoCDDefaultLogLevel if not 526 configured. Valid options are debug, info, error, and warn. 527 type: string 528 parallelismLimit: 529 description: ParallelismLimit defines the limit for parallel kubectl 530 operations 531 format: int32 532 type: integer 533 processors: 534 description: Processors contains the options for the Application 535 Controller processors. 536 properties: 537 operation: 538 description: Operation is the number of application operation 539 processors. 540 format: int32 541 type: integer 542 status: 543 description: Status is the number of application status processors. 544 format: int32 545 type: integer 546 type: object 547 resources: 548 description: Resources defines the Compute Resources required 549 by the container for the Application Controller. 550 properties: 551 claims: 552 description: "Claims lists the names of resources, defined 553 in spec.resourceClaims, that are used by this container. 554 \n This is an alpha field and requires enabling the DynamicResourceAllocation 555 feature gate. \n This field is immutable. It can only be 556 set for containers." 557 items: 558 description: ResourceClaim references one entry in PodSpec.ResourceClaims. 559 properties: 560 name: 561 description: Name must match the name of one entry in 562 pod.spec.resourceClaims of the Pod where this field 563 is used. It makes that resource available inside a 564 container. 565 type: string 566 required: 567 - name 568 type: object 569 type: array 570 x-kubernetes-list-map-keys: 571 - name 572 x-kubernetes-list-type: map 573 limits: 574 additionalProperties: 575 anyOf: 576 - type: integer 577 - type: string 578 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 579 x-kubernetes-int-or-string: true 580 description: 'Limits describes the maximum amount of compute 581 resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' 582 type: object 583 requests: 584 additionalProperties: 585 anyOf: 586 - type: integer 587 - type: string 588 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 589 x-kubernetes-int-or-string: true 590 description: 'Requests describes the minimum amount of compute 591 resources required. If Requests is omitted for a container, 592 it defaults to Limits if that is explicitly specified, otherwise 593 to an implementation-defined value. Requests cannot exceed 594 Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' 595 type: object 596 type: object 597 sharding: 598 description: Sharding contains the options for the Application 599 Controller sharding configuration. 600 properties: 601 clustersPerShard: 602 description: ClustersPerShard defines the maximum number of 603 clusters managed by each argocd shard 604 format: int32 605 minimum: 1 606 type: integer 607 dynamicScalingEnabled: 608 description: DynamicScalingEnabled defines whether dynamic 609 scaling should be enabled for Application Controller component 610 type: boolean 611 enabled: 612 description: Enabled defines whether sharding should be enabled 613 on the Application Controller component. 614 type: boolean 615 maxShards: 616 description: MaxShards defines the maximum number of shards 617 at any given point 618 format: int32 619 type: integer 620 minShards: 621 description: MinShards defines the minimum number of shards 622 at any given point 623 format: int32 624 minimum: 1 625 type: integer 626 replicas: 627 description: Replicas defines the number of replicas to run 628 in the Application controller shard. 629 format: int32 630 type: integer 631 type: object 632 type: object 633 dex: 634 description: Deprecated field. Support dropped in v1beta1 version. 635 Dex defines the Dex server options for ArgoCD. 636 properties: 637 config: 638 description: Config is the dex connector configuration. 639 type: string 640 groups: 641 description: Optional list of required groups a user must be a 642 member of 643 items: 644 type: string 645 type: array 646 image: 647 description: Image is the Dex container image. 648 type: string 649 openShiftOAuth: 650 description: OpenShiftOAuth enables OpenShift OAuth authentication 651 for the Dex server. 652 type: boolean 653 resources: 654 description: Resources defines the Compute Resources required 655 by the container for Dex. 656 properties: 657 claims: 658 description: "Claims lists the names of resources, defined 659 in spec.resourceClaims, that are used by this container. 660 \n This is an alpha field and requires enabling the DynamicResourceAllocation 661 feature gate. \n This field is immutable. It can only be 662 set for containers." 663 items: 664 description: ResourceClaim references one entry in PodSpec.ResourceClaims. 665 properties: 666 name: 667 description: Name must match the name of one entry in 668 pod.spec.resourceClaims of the Pod where this field 669 is used. It makes that resource available inside a 670 container. 671 type: string 672 required: 673 - name 674 type: object 675 type: array 676 x-kubernetes-list-map-keys: 677 - name 678 x-kubernetes-list-type: map 679 limits: 680 additionalProperties: 681 anyOf: 682 - type: integer 683 - type: string 684 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 685 x-kubernetes-int-or-string: true 686 description: 'Limits describes the maximum amount of compute 687 resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' 688 type: object 689 requests: 690 additionalProperties: 691 anyOf: 692 - type: integer 693 - type: string 694 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 695 x-kubernetes-int-or-string: true 696 description: 'Requests describes the minimum amount of compute 697 resources required. If Requests is omitted for a container, 698 it defaults to Limits if that is explicitly specified, otherwise 699 to an implementation-defined value. Requests cannot exceed 700 Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' 701 type: object 702 type: object 703 version: 704 description: Version is the Dex container image tag. 705 type: string 706 type: object 707 disableAdmin: 708 description: DisableAdmin will disable the admin user. 709 type: boolean 710 extraConfig: 711 additionalProperties: 712 type: string 713 description: "ExtraConfig can be used to add fields to Argo CD configmap 714 that are not supported by Argo CD CRD. \n Note: ExtraConfig takes 715 precedence over Argo CD CRD. For example, A user sets `argocd.Spec.DisableAdmin` 716 = true and also `a.Spec.ExtraConfig[\"admin.enabled\"]` = true. 717 In this case, operator updates Argo CD Configmap as follows -> argocd-cm.Data[\"admin.enabled\"] 718 = true." 719 type: object 720 gaAnonymizeUsers: 721 description: GAAnonymizeUsers toggles user IDs being hashed before 722 sending to google analytics. 723 type: boolean 724 gaTrackingID: 725 description: GATrackingID is the google analytics tracking ID to use. 726 type: string 727 grafana: 728 description: 'Deprecated: Grafana defines the Grafana server options 729 for ArgoCD.' 730 properties: 731 enabled: 732 description: Enabled will toggle Grafana support globally for 733 ArgoCD. 734 type: boolean 735 host: 736 description: Host is the hostname to use for Ingress/Route resources. 737 type: string 738 image: 739 description: Image is the Grafana container image. 740 type: string 741 ingress: 742 description: Ingress defines the desired state for an Ingress 743 for the Grafana component. 744 properties: 745 annotations: 746 additionalProperties: 747 type: string 748 description: Annotations is the map of annotations to apply 749 to the Ingress. 750 type: object 751 enabled: 752 description: Enabled will toggle the creation of the Ingress. 753 type: boolean 754 ingressClassName: 755 description: IngressClassName for the Ingress resource. 756 type: string 757 path: 758 description: Path used for the Ingress resource. 759 type: string 760 tls: 761 description: TLS configuration. Currently the Ingress only 762 supports a single TLS port, 443. If multiple members of 763 this list specify different hosts, they will be multiplexed 764 on the same port according to the hostname specified through 765 the SNI TLS extension, if the ingress controller fulfilling 766 the ingress supports SNI. 767 items: 768 description: IngressTLS describes the transport layer security 769 associated with an ingress. 770 properties: 771 hosts: 772 description: hosts is a list of hosts included in the 773 TLS certificate. The values in this list must match 774 the name/s used in the tlsSecret. Defaults to the 775 wildcard host setting for the loadbalancer controller 776 fulfilling this Ingress, if left unspecified. 777 items: 778 type: string 779 type: array 780 x-kubernetes-list-type: atomic 781 secretName: 782 description: secretName is the name of the secret used 783 to terminate TLS traffic on port 443. Field is left 784 optional to allow TLS routing based on SNI hostname 785 alone. If the SNI host in a listener conflicts with 786 the "Host" header field used by an IngressRule, the 787 SNI host is used for termination and value of the 788 "Host" header is used for routing. 789 type: string 790 type: object 791 type: array 792 required: 793 - enabled 794 type: object 795 resources: 796 description: Resources defines the Compute Resources required 797 by the container for Grafana. 798 properties: 799 claims: 800 description: "Claims lists the names of resources, defined 801 in spec.resourceClaims, that are used by this container. 802 \n This is an alpha field and requires enabling the DynamicResourceAllocation 803 feature gate. \n This field is immutable. It can only be 804 set for containers." 805 items: 806 description: ResourceClaim references one entry in PodSpec.ResourceClaims. 807 properties: 808 name: 809 description: Name must match the name of one entry in 810 pod.spec.resourceClaims of the Pod where this field 811 is used. It makes that resource available inside a 812 container. 813 type: string 814 required: 815 - name 816 type: object 817 type: array 818 x-kubernetes-list-map-keys: 819 - name 820 x-kubernetes-list-type: map 821 limits: 822 additionalProperties: 823 anyOf: 824 - type: integer 825 - type: string 826 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 827 x-kubernetes-int-or-string: true 828 description: 'Limits describes the maximum amount of compute 829 resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' 830 type: object 831 requests: 832 additionalProperties: 833 anyOf: 834 - type: integer 835 - type: string 836 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 837 x-kubernetes-int-or-string: true 838 description: 'Requests describes the minimum amount of compute 839 resources required. If Requests is omitted for a container, 840 it defaults to Limits if that is explicitly specified, otherwise 841 to an implementation-defined value. Requests cannot exceed 842 Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' 843 type: object 844 type: object 845 route: 846 description: Route defines the desired state for an OpenShift 847 Route for the Grafana component. 848 properties: 849 annotations: 850 additionalProperties: 851 type: string 852 description: Annotations is the map of annotations to use 853 for the Route resource. 854 type: object 855 enabled: 856 description: Enabled will toggle the creation of the OpenShift 857 Route. 858 type: boolean 859 labels: 860 additionalProperties: 861 type: string 862 description: Labels is the map of labels to use for the Route 863 resource 864 type: object 865 path: 866 description: Path the router watches for, to route traffic 867 for to the service. 868 type: string 869 tls: 870 description: TLS provides the ability to configure certificates 871 and termination for the Route. 872 properties: 873 caCertificate: 874 description: caCertificate provides the cert authority 875 certificate contents 876 type: string 877 certificate: 878 description: certificate provides certificate contents 879 type: string 880 destinationCACertificate: 881 description: destinationCACertificate provides the contents 882 of the ca certificate of the final destination. When 883 using reencrypt termination this file should be provided 884 in order to have routers use it for health checks on 885 the secure connection. If this field is not specified, 886 the router may provide its own destination CA and perform 887 hostname validation using the short service name (service.namespace.svc), 888 which allows infrastructure generated certificates to 889 automatically verify. 890 type: string 891 insecureEdgeTerminationPolicy: 892 description: "insecureEdgeTerminationPolicy indicates 893 the desired behavior for insecure connections to a route. 894 While each router may make its own decisions on which 895 ports to expose, this is normally port 80. \n * Allow 896 - traffic is sent to the server on the insecure port 897 (default) * Disable - no traffic is allowed on the insecure 898 port. * Redirect - clients are redirected to the secure 899 port." 900 type: string 901 key: 902 description: key provides key file contents 903 type: string 904 termination: 905 description: termination indicates termination type. 906 type: string 907 required: 908 - termination 909 type: object 910 wildcardPolicy: 911 description: WildcardPolicy if any for the route. Currently 912 only 'Subdomain' or 'None' is allowed. 913 type: string 914 required: 915 - enabled 916 type: object 917 size: 918 description: Size is the replica count for the Grafana Deployment. 919 format: int32 920 type: integer 921 version: 922 description: Version is the Grafana container image tag. 923 type: string 924 required: 925 - enabled 926 type: object 927 ha: 928 description: HA options for High Availability support for the Redis 929 component. 930 properties: 931 enabled: 932 description: Enabled will toggle HA support globally for Argo 933 CD. 934 type: boolean 935 redisProxyImage: 936 description: RedisProxyImage is the Redis HAProxy container image. 937 type: string 938 redisProxyVersion: 939 description: RedisProxyVersion is the Redis HAProxy container 940 image tag. 941 type: string 942 resources: 943 description: Resources defines the Compute Resources required 944 by the container for HA. 945 properties: 946 claims: 947 description: "Claims lists the names of resources, defined 948 in spec.resourceClaims, that are used by this container. 949 \n This is an alpha field and requires enabling the DynamicResourceAllocation 950 feature gate. \n This field is immutable. It can only be 951 set for containers." 952 items: 953 description: ResourceClaim references one entry in PodSpec.ResourceClaims. 954 properties: 955 name: 956 description: Name must match the name of one entry in 957 pod.spec.resourceClaims of the Pod where this field 958 is used. It makes that resource available inside a 959 container. 960 type: string 961 required: 962 - name 963 type: object 964 type: array 965 x-kubernetes-list-map-keys: 966 - name 967 x-kubernetes-list-type: map 968 limits: 969 additionalProperties: 970 anyOf: 971 - type: integer 972 - type: string 973 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 974 x-kubernetes-int-or-string: true 975 description: 'Limits describes the maximum amount of compute 976 resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' 977 type: object 978 requests: 979 additionalProperties: 980 anyOf: 981 - type: integer 982 - type: string 983 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 984 x-kubernetes-int-or-string: true 985 description: 'Requests describes the minimum amount of compute 986 resources required. If Requests is omitted for a container, 987 it defaults to Limits if that is explicitly specified, otherwise 988 to an implementation-defined value. Requests cannot exceed 989 Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' 990 type: object 991 type: object 992 required: 993 - enabled 994 type: object 995 helpChatText: 996 description: HelpChatText is the text for getting chat help, defaults 997 to "Chat now!" 998 type: string 999 helpChatURL: 1000 description: HelpChatURL is the URL for getting chat help, this will 1001 typically be your Slack channel for support. 1002 type: string 1003 image: 1004 description: Image is the ArgoCD container image for all ArgoCD components. 1005 type: string 1006 import: 1007 description: Import is the import/restore options for ArgoCD. 1008 properties: 1009 name: 1010 description: Name of an ArgoCDExport from which to import data. 1011 type: string 1012 namespace: 1013 description: Namespace for the ArgoCDExport, defaults to the same 1014 namespace as the ArgoCD. 1015 type: string 1016 required: 1017 - name 1018 type: object 1019 initialRepositories: 1020 description: InitialRepositories to configure Argo CD with upon creation 1021 of the cluster. 1022 type: string 1023 initialSSHKnownHosts: 1024 description: InitialSSHKnownHosts defines the SSH known hosts data 1025 upon creation of the cluster for connecting Git repositories via 1026 SSH. 1027 properties: 1028 excludedefaulthosts: 1029 description: ExcludeDefaultHosts describes whether you would like 1030 to include the default list of SSH Known Hosts provided by ArgoCD. 1031 type: boolean 1032 keys: 1033 description: Keys describes a custom set of SSH Known Hosts that 1034 you would like to have included in your ArgoCD server. 1035 type: string 1036 type: object 1037 kustomizeBuildOptions: 1038 description: KustomizeBuildOptions is used to specify build options/parameters 1039 to use with `kustomize build`. 1040 type: string 1041 kustomizeVersions: 1042 description: KustomizeVersions is a listing of configured versions 1043 of Kustomize to be made available within ArgoCD. 1044 items: 1045 description: KustomizeVersionSpec is used to specify information 1046 about a kustomize version to be used within ArgoCD. 1047 properties: 1048 path: 1049 description: Path is the path to a configured kustomize version 1050 on the filesystem of your repo server. 1051 type: string 1052 version: 1053 description: Version is a configured kustomize version in the 1054 format of vX.Y.Z 1055 type: string 1056 type: object 1057 type: array 1058 monitoring: 1059 description: Monitoring defines whether workload status monitoring 1060 configuration for this instance. 1061 properties: 1062 enabled: 1063 description: Enabled defines whether workload status monitoring 1064 is enabled for this instance or not 1065 type: boolean 1066 required: 1067 - enabled 1068 type: object 1069 nodePlacement: 1070 description: NodePlacement defines NodeSelectors and Taints for Argo 1071 CD workloads 1072 properties: 1073 nodeSelector: 1074 additionalProperties: 1075 type: string 1076 description: NodeSelector is a field of PodSpec, it is a map of 1077 key value pairs used for node selection 1078 type: object 1079 tolerations: 1080 description: Tolerations allow the pods to schedule onto nodes 1081 with matching taints 1082 items: 1083 description: The pod this Toleration is attached to tolerates 1084 any taint that matches the triple <key,value,effect> using 1085 the matching operator <operator>. 1086 properties: 1087 effect: 1088 description: Effect indicates the taint effect to match. 1089 Empty means match all taint effects. When specified, allowed 1090 values are NoSchedule, PreferNoSchedule and NoExecute. 1091 type: string 1092 key: 1093 description: Key is the taint key that the toleration applies 1094 to. Empty means match all taint keys. If the key is empty, 1095 operator must be Exists; this combination means to match 1096 all values and all keys. 1097 type: string 1098 operator: 1099 description: Operator represents a key's relationship to 1100 the value. Valid operators are Exists and Equal. Defaults 1101 to Equal. Exists is equivalent to wildcard for value, 1102 so that a pod can tolerate all taints of a particular 1103 category. 1104 type: string 1105 tolerationSeconds: 1106 description: TolerationSeconds represents the period of 1107 time the toleration (which must be of effect NoExecute, 1108 otherwise this field is ignored) tolerates the taint. 1109 By default, it is not set, which means tolerate the taint 1110 forever (do not evict). Zero and negative values will 1111 be treated as 0 (evict immediately) by the system. 1112 format: int64 1113 type: integer 1114 value: 1115 description: Value is the taint value the toleration matches 1116 to. If the operator is Exists, the value should be empty, 1117 otherwise just a regular string. 1118 type: string 1119 type: object 1120 type: array 1121 type: object 1122 notifications: 1123 description: Notifications defines whether the Argo CD Notifications 1124 controller should be installed. 1125 properties: 1126 enabled: 1127 description: Enabled defines whether argocd-notifications controller 1128 should be deployed or not 1129 type: boolean 1130 env: 1131 description: Env let you specify environment variables for Notifications 1132 pods 1133 items: 1134 description: EnvVar represents an environment variable present 1135 in a Container. 1136 properties: 1137 name: 1138 description: Name of the environment variable. Must be a 1139 C_IDENTIFIER. 1140 type: string 1141 value: 1142 description: 'Variable references $(VAR_NAME) are expanded 1143 using the previously defined environment variables in 1144 the container and any service environment variables. If 1145 a variable cannot be resolved, the reference in the input 1146 string will be unchanged. Double $$ are reduced to a single 1147 $, which allows for escaping the $(VAR_NAME) syntax: i.e. 1148 "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". 1149 Escaped references will never be expanded, regardless 1150 of whether the variable exists or not. Defaults to "".' 1151 type: string 1152 valueFrom: 1153 description: Source for the environment variable's value. 1154 Cannot be used if value is not empty. 1155 properties: 1156 configMapKeyRef: 1157 description: Selects a key of a ConfigMap. 1158 properties: 1159 key: 1160 description: The key to select. 1161 type: string 1162 name: 1163 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 1164 TODO: Add other useful fields. apiVersion, kind, 1165 uid?' 1166 type: string 1167 optional: 1168 description: Specify whether the ConfigMap or its 1169 key must be defined 1170 type: boolean 1171 required: 1172 - key 1173 type: object 1174 fieldRef: 1175 description: 'Selects a field of the pod: supports metadata.name, 1176 metadata.namespace, `metadata.labels[''<KEY>'']`, 1177 `metadata.annotations[''<KEY>'']`, spec.nodeName, 1178 spec.serviceAccountName, status.hostIP, status.podIP, 1179 status.podIPs.' 1180 properties: 1181 apiVersion: 1182 description: Version of the schema the FieldPath 1183 is written in terms of, defaults to "v1". 1184 type: string 1185 fieldPath: 1186 description: Path of the field to select in the 1187 specified API version. 1188 type: string 1189 required: 1190 - fieldPath 1191 type: object 1192 resourceFieldRef: 1193 description: 'Selects a resource of the container: only 1194 resources limits and requests (limits.cpu, limits.memory, 1195 limits.ephemeral-storage, requests.cpu, requests.memory 1196 and requests.ephemeral-storage) are currently supported.' 1197 properties: 1198 containerName: 1199 description: 'Container name: required for volumes, 1200 optional for env vars' 1201 type: string 1202 divisor: 1203 anyOf: 1204 - type: integer 1205 - type: string 1206 description: Specifies the output format of the 1207 exposed resources, defaults to "1" 1208 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 1209 x-kubernetes-int-or-string: true 1210 resource: 1211 description: 'Required: resource to select' 1212 type: string 1213 required: 1214 - resource 1215 type: object 1216 secretKeyRef: 1217 description: Selects a key of a secret in the pod's 1218 namespace 1219 properties: 1220 key: 1221 description: The key of the secret to select from. Must 1222 be a valid secret key. 1223 type: string 1224 name: 1225 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 1226 TODO: Add other useful fields. apiVersion, kind, 1227 uid?' 1228 type: string 1229 optional: 1230 description: Specify whether the Secret or its key 1231 must be defined 1232 type: boolean 1233 required: 1234 - key 1235 type: object 1236 type: object 1237 required: 1238 - name 1239 type: object 1240 type: array 1241 image: 1242 description: Image is the Argo CD Notifications image (optional) 1243 type: string 1244 logLevel: 1245 description: LogLevel describes the log level that should be used 1246 by the argocd-notifications. Defaults to ArgoCDDefaultLogLevel 1247 if not set. Valid options are debug,info, error, and warn. 1248 type: string 1249 replicas: 1250 description: Replicas defines the number of replicas to run for 1251 notifications-controller 1252 format: int32 1253 type: integer 1254 resources: 1255 description: Resources defines the Compute Resources required 1256 by the container for Argo CD Notifications. 1257 properties: 1258 claims: 1259 description: "Claims lists the names of resources, defined 1260 in spec.resourceClaims, that are used by this container. 1261 \n This is an alpha field and requires enabling the DynamicResourceAllocation 1262 feature gate. \n This field is immutable. It can only be 1263 set for containers." 1264 items: 1265 description: ResourceClaim references one entry in PodSpec.ResourceClaims. 1266 properties: 1267 name: 1268 description: Name must match the name of one entry in 1269 pod.spec.resourceClaims of the Pod where this field 1270 is used. It makes that resource available inside a 1271 container. 1272 type: string 1273 required: 1274 - name 1275 type: object 1276 type: array 1277 x-kubernetes-list-map-keys: 1278 - name 1279 x-kubernetes-list-type: map 1280 limits: 1281 additionalProperties: 1282 anyOf: 1283 - type: integer 1284 - type: string 1285 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 1286 x-kubernetes-int-or-string: true 1287 description: 'Limits describes the maximum amount of compute 1288 resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' 1289 type: object 1290 requests: 1291 additionalProperties: 1292 anyOf: 1293 - type: integer 1294 - type: string 1295 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 1296 x-kubernetes-int-or-string: true 1297 description: 'Requests describes the minimum amount of compute 1298 resources required. If Requests is omitted for a container, 1299 it defaults to Limits if that is explicitly specified, otherwise 1300 to an implementation-defined value. Requests cannot exceed 1301 Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' 1302 type: object 1303 type: object 1304 version: 1305 description: Version is the Argo CD Notifications image tag. (optional) 1306 type: string 1307 required: 1308 - enabled 1309 type: object 1310 oidcConfig: 1311 description: OIDCConfig is the OIDC configuration as an alternative 1312 to dex. 1313 type: string 1314 prometheus: 1315 description: Prometheus defines the Prometheus server options for 1316 ArgoCD. 1317 properties: 1318 enabled: 1319 description: Enabled will toggle Prometheus support globally for 1320 ArgoCD. 1321 type: boolean 1322 host: 1323 description: Host is the hostname to use for Ingress/Route resources. 1324 type: string 1325 ingress: 1326 description: Ingress defines the desired state for an Ingress 1327 for the Prometheus component. 1328 properties: 1329 annotations: 1330 additionalProperties: 1331 type: string 1332 description: Annotations is the map of annotations to apply 1333 to the Ingress. 1334 type: object 1335 enabled: 1336 description: Enabled will toggle the creation of the Ingress. 1337 type: boolean 1338 ingressClassName: 1339 description: IngressClassName for the Ingress resource. 1340 type: string 1341 path: 1342 description: Path used for the Ingress resource. 1343 type: string 1344 tls: 1345 description: TLS configuration. Currently the Ingress only 1346 supports a single TLS port, 443. If multiple members of 1347 this list specify different hosts, they will be multiplexed 1348 on the same port according to the hostname specified through 1349 the SNI TLS extension, if the ingress controller fulfilling 1350 the ingress supports SNI. 1351 items: 1352 description: IngressTLS describes the transport layer security 1353 associated with an ingress. 1354 properties: 1355 hosts: 1356 description: hosts is a list of hosts included in the 1357 TLS certificate. The values in this list must match 1358 the name/s used in the tlsSecret. Defaults to the 1359 wildcard host setting for the loadbalancer controller 1360 fulfilling this Ingress, if left unspecified. 1361 items: 1362 type: string 1363 type: array 1364 x-kubernetes-list-type: atomic 1365 secretName: 1366 description: secretName is the name of the secret used 1367 to terminate TLS traffic on port 443. Field is left 1368 optional to allow TLS routing based on SNI hostname 1369 alone. If the SNI host in a listener conflicts with 1370 the "Host" header field used by an IngressRule, the 1371 SNI host is used for termination and value of the 1372 "Host" header is used for routing. 1373 type: string 1374 type: object 1375 type: array 1376 required: 1377 - enabled 1378 type: object 1379 route: 1380 description: Route defines the desired state for an OpenShift 1381 Route for the Prometheus component. 1382 properties: 1383 annotations: 1384 additionalProperties: 1385 type: string 1386 description: Annotations is the map of annotations to use 1387 for the Route resource. 1388 type: object 1389 enabled: 1390 description: Enabled will toggle the creation of the OpenShift 1391 Route. 1392 type: boolean 1393 labels: 1394 additionalProperties: 1395 type: string 1396 description: Labels is the map of labels to use for the Route 1397 resource 1398 type: object 1399 path: 1400 description: Path the router watches for, to route traffic 1401 for to the service. 1402 type: string 1403 tls: 1404 description: TLS provides the ability to configure certificates 1405 and termination for the Route. 1406 properties: 1407 caCertificate: 1408 description: caCertificate provides the cert authority 1409 certificate contents 1410 type: string 1411 certificate: 1412 description: certificate provides certificate contents 1413 type: string 1414 destinationCACertificate: 1415 description: destinationCACertificate provides the contents 1416 of the ca certificate of the final destination. When 1417 using reencrypt termination this file should be provided 1418 in order to have routers use it for health checks on 1419 the secure connection. If this field is not specified, 1420 the router may provide its own destination CA and perform 1421 hostname validation using the short service name (service.namespace.svc), 1422 which allows infrastructure generated certificates to 1423 automatically verify. 1424 type: string 1425 insecureEdgeTerminationPolicy: 1426 description: "insecureEdgeTerminationPolicy indicates 1427 the desired behavior for insecure connections to a route. 1428 While each router may make its own decisions on which 1429 ports to expose, this is normally port 80. \n * Allow 1430 - traffic is sent to the server on the insecure port 1431 (default) * Disable - no traffic is allowed on the insecure 1432 port. * Redirect - clients are redirected to the secure 1433 port." 1434 type: string 1435 key: 1436 description: key provides key file contents 1437 type: string 1438 termination: 1439 description: termination indicates termination type. 1440 type: string 1441 required: 1442 - termination 1443 type: object 1444 wildcardPolicy: 1445 description: WildcardPolicy if any for the route. Currently 1446 only 'Subdomain' or 'None' is allowed. 1447 type: string 1448 required: 1449 - enabled 1450 type: object 1451 size: 1452 description: Size is the replica count for the Prometheus StatefulSet. 1453 format: int32 1454 type: integer 1455 required: 1456 - enabled 1457 type: object 1458 rbac: 1459 description: RBAC defines the RBAC configuration for Argo CD. 1460 properties: 1461 defaultPolicy: 1462 description: DefaultPolicy is the name of the default role which 1463 Argo CD will falls back to, when authorizing API requests (optional). 1464 If omitted or empty, users may be still be able to login, but 1465 will see no apps, projects, etc... 1466 type: string 1467 policy: 1468 description: 'Policy is CSV containing user-defined RBAC policies 1469 and role definitions. Policy rules are in the form: p, subject, 1470 resource, action, object, effect Role definitions and bindings 1471 are in the form: g, subject, inherited-subject See https://github.com/argoproj/argo-cd/blob/master/docs/operator-manual/rbac.md 1472 for additional information.' 1473 type: string 1474 policyMatcherMode: 1475 description: PolicyMatcherMode configures the matchers function 1476 mode for casbin. There are two options for this, 'glob' for 1477 glob matcher or 'regex' for regex matcher. 1478 type: string 1479 scopes: 1480 description: 'Scopes controls which OIDC scopes to examine during 1481 rbac enforcement (in addition to `sub` scope). If omitted, defaults 1482 to: ''[groups]''.' 1483 type: string 1484 type: object 1485 redis: 1486 description: Redis defines the Redis server options for ArgoCD. 1487 properties: 1488 autotls: 1489 description: 'AutoTLS specifies the method to use for automatic 1490 TLS configuration for the redis server The value specified here 1491 can currently be: - openshift - Use the OpenShift service CA 1492 to request TLS config' 1493 type: string 1494 disableTLSVerification: 1495 description: DisableTLSVerification defines whether redis server 1496 API should be accessed using strict TLS validation 1497 type: boolean 1498 image: 1499 description: Image is the Redis container image. 1500 type: string 1501 resources: 1502 description: Resources defines the Compute Resources required 1503 by the container for Redis. 1504 properties: 1505 claims: 1506 description: "Claims lists the names of resources, defined 1507 in spec.resourceClaims, that are used by this container. 1508 \n This is an alpha field and requires enabling the DynamicResourceAllocation 1509 feature gate. \n This field is immutable. It can only be 1510 set for containers." 1511 items: 1512 description: ResourceClaim references one entry in PodSpec.ResourceClaims. 1513 properties: 1514 name: 1515 description: Name must match the name of one entry in 1516 pod.spec.resourceClaims of the Pod where this field 1517 is used. It makes that resource available inside a 1518 container. 1519 type: string 1520 required: 1521 - name 1522 type: object 1523 type: array 1524 x-kubernetes-list-map-keys: 1525 - name 1526 x-kubernetes-list-type: map 1527 limits: 1528 additionalProperties: 1529 anyOf: 1530 - type: integer 1531 - type: string 1532 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 1533 x-kubernetes-int-or-string: true 1534 description: 'Limits describes the maximum amount of compute 1535 resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' 1536 type: object 1537 requests: 1538 additionalProperties: 1539 anyOf: 1540 - type: integer 1541 - type: string 1542 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 1543 x-kubernetes-int-or-string: true 1544 description: 'Requests describes the minimum amount of compute 1545 resources required. If Requests is omitted for a container, 1546 it defaults to Limits if that is explicitly specified, otherwise 1547 to an implementation-defined value. Requests cannot exceed 1548 Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' 1549 type: object 1550 type: object 1551 version: 1552 description: Version is the Redis container image tag. 1553 type: string 1554 type: object 1555 repo: 1556 description: Repo defines the repo server options for Argo CD. 1557 properties: 1558 autotls: 1559 description: 'AutoTLS specifies the method to use for automatic 1560 TLS configuration for the repo server The value specified here 1561 can currently be: - openshift - Use the OpenShift service CA 1562 to request TLS config' 1563 type: string 1564 env: 1565 description: Env lets you specify environment for repo server 1566 pods 1567 items: 1568 description: EnvVar represents an environment variable present 1569 in a Container. 1570 properties: 1571 name: 1572 description: Name of the environment variable. Must be a 1573 C_IDENTIFIER. 1574 type: string 1575 value: 1576 description: 'Variable references $(VAR_NAME) are expanded 1577 using the previously defined environment variables in 1578 the container and any service environment variables. If 1579 a variable cannot be resolved, the reference in the input 1580 string will be unchanged. Double $$ are reduced to a single 1581 $, which allows for escaping the $(VAR_NAME) syntax: i.e. 1582 "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". 1583 Escaped references will never be expanded, regardless 1584 of whether the variable exists or not. Defaults to "".' 1585 type: string 1586 valueFrom: 1587 description: Source for the environment variable's value. 1588 Cannot be used if value is not empty. 1589 properties: 1590 configMapKeyRef: 1591 description: Selects a key of a ConfigMap. 1592 properties: 1593 key: 1594 description: The key to select. 1595 type: string 1596 name: 1597 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 1598 TODO: Add other useful fields. apiVersion, kind, 1599 uid?' 1600 type: string 1601 optional: 1602 description: Specify whether the ConfigMap or its 1603 key must be defined 1604 type: boolean 1605 required: 1606 - key 1607 type: object 1608 fieldRef: 1609 description: 'Selects a field of the pod: supports metadata.name, 1610 metadata.namespace, `metadata.labels[''<KEY>'']`, 1611 `metadata.annotations[''<KEY>'']`, spec.nodeName, 1612 spec.serviceAccountName, status.hostIP, status.podIP, 1613 status.podIPs.' 1614 properties: 1615 apiVersion: 1616 description: Version of the schema the FieldPath 1617 is written in terms of, defaults to "v1". 1618 type: string 1619 fieldPath: 1620 description: Path of the field to select in the 1621 specified API version. 1622 type: string 1623 required: 1624 - fieldPath 1625 type: object 1626 resourceFieldRef: 1627 description: 'Selects a resource of the container: only 1628 resources limits and requests (limits.cpu, limits.memory, 1629 limits.ephemeral-storage, requests.cpu, requests.memory 1630 and requests.ephemeral-storage) are currently supported.' 1631 properties: 1632 containerName: 1633 description: 'Container name: required for volumes, 1634 optional for env vars' 1635 type: string 1636 divisor: 1637 anyOf: 1638 - type: integer 1639 - type: string 1640 description: Specifies the output format of the 1641 exposed resources, defaults to "1" 1642 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 1643 x-kubernetes-int-or-string: true 1644 resource: 1645 description: 'Required: resource to select' 1646 type: string 1647 required: 1648 - resource 1649 type: object 1650 secretKeyRef: 1651 description: Selects a key of a secret in the pod's 1652 namespace 1653 properties: 1654 key: 1655 description: The key of the secret to select from. Must 1656 be a valid secret key. 1657 type: string 1658 name: 1659 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 1660 TODO: Add other useful fields. apiVersion, kind, 1661 uid?' 1662 type: string 1663 optional: 1664 description: Specify whether the Secret or its key 1665 must be defined 1666 type: boolean 1667 required: 1668 - key 1669 type: object 1670 type: object 1671 required: 1672 - name 1673 type: object 1674 type: array 1675 execTimeout: 1676 description: ExecTimeout specifies the timeout in seconds for 1677 tool execution 1678 type: integer 1679 extraRepoCommandArgs: 1680 description: Extra Command arguments allows users to pass command 1681 line arguments to repo server workload. They get added to default 1682 command line arguments provided by the operator. Please note 1683 that the command line arguments provided as part of ExtraRepoCommandArgs 1684 will not overwrite the default command line arguments. 1685 items: 1686 type: string 1687 type: array 1688 image: 1689 description: Image is the ArgoCD Repo Server container image. 1690 type: string 1691 initContainers: 1692 description: InitContainers defines the list of initialization 1693 containers for the repo server deployment 1694 items: 1695 description: A single application container that you want to 1696 run within a pod. 1697 properties: 1698 args: 1699 description: 'Arguments to the entrypoint. The container 1700 image''s CMD is used if this is not provided. Variable 1701 references $(VAR_NAME) are expanded using the container''s 1702 environment. If a variable cannot be resolved, the reference 1703 in the input string will be unchanged. Double $$ are reduced 1704 to a single $, which allows for escaping the $(VAR_NAME) 1705 syntax: i.e. "$$(VAR_NAME)" will produce the string literal 1706 "$(VAR_NAME)". Escaped references will never be expanded, 1707 regardless of whether the variable exists or not. Cannot 1708 be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell' 1709 items: 1710 type: string 1711 type: array 1712 command: 1713 description: 'Entrypoint array. Not executed within a shell. 1714 The container image''s ENTRYPOINT is used if this is not 1715 provided. Variable references $(VAR_NAME) are expanded 1716 using the container''s environment. If a variable cannot 1717 be resolved, the reference in the input string will be 1718 unchanged. Double $$ are reduced to a single $, which 1719 allows for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" 1720 will produce the string literal "$(VAR_NAME)". Escaped 1721 references will never be expanded, regardless of whether 1722 the variable exists or not. Cannot be updated. More info: 1723 https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell' 1724 items: 1725 type: string 1726 type: array 1727 env: 1728 description: List of environment variables to set in the 1729 container. Cannot be updated. 1730 items: 1731 description: EnvVar represents an environment variable 1732 present in a Container. 1733 properties: 1734 name: 1735 description: Name of the environment variable. Must 1736 be a C_IDENTIFIER. 1737 type: string 1738 value: 1739 description: 'Variable references $(VAR_NAME) are 1740 expanded using the previously defined environment 1741 variables in the container and any service environment 1742 variables. If a variable cannot be resolved, the 1743 reference in the input string will be unchanged. 1744 Double $$ are reduced to a single $, which allows 1745 for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" 1746 will produce the string literal "$(VAR_NAME)". Escaped 1747 references will never be expanded, regardless of 1748 whether the variable exists or not. Defaults to 1749 "".' 1750 type: string 1751 valueFrom: 1752 description: Source for the environment variable's 1753 value. Cannot be used if value is not empty. 1754 properties: 1755 configMapKeyRef: 1756 description: Selects a key of a ConfigMap. 1757 properties: 1758 key: 1759 description: The key to select. 1760 type: string 1761 name: 1762 description: 'Name of the referent. More info: 1763 https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 1764 TODO: Add other useful fields. apiVersion, 1765 kind, uid?' 1766 type: string 1767 optional: 1768 description: Specify whether the ConfigMap 1769 or its key must be defined 1770 type: boolean 1771 required: 1772 - key 1773 type: object 1774 fieldRef: 1775 description: 'Selects a field of the pod: supports 1776 metadata.name, metadata.namespace, `metadata.labels[''<KEY>'']`, 1777 `metadata.annotations[''<KEY>'']`, spec.nodeName, 1778 spec.serviceAccountName, status.hostIP, status.podIP, 1779 status.podIPs.' 1780 properties: 1781 apiVersion: 1782 description: Version of the schema the FieldPath 1783 is written in terms of, defaults to "v1". 1784 type: string 1785 fieldPath: 1786 description: Path of the field to select in 1787 the specified API version. 1788 type: string 1789 required: 1790 - fieldPath 1791 type: object 1792 resourceFieldRef: 1793 description: 'Selects a resource of the container: 1794 only resources limits and requests (limits.cpu, 1795 limits.memory, limits.ephemeral-storage, requests.cpu, 1796 requests.memory and requests.ephemeral-storage) 1797 are currently supported.' 1798 properties: 1799 containerName: 1800 description: 'Container name: required for 1801 volumes, optional for env vars' 1802 type: string 1803 divisor: 1804 anyOf: 1805 - type: integer 1806 - type: string 1807 description: Specifies the output format of 1808 the exposed resources, defaults to "1" 1809 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 1810 x-kubernetes-int-or-string: true 1811 resource: 1812 description: 'Required: resource to select' 1813 type: string 1814 required: 1815 - resource 1816 type: object 1817 secretKeyRef: 1818 description: Selects a key of a secret in the 1819 pod's namespace 1820 properties: 1821 key: 1822 description: The key of the secret to select 1823 from. Must be a valid secret key. 1824 type: string 1825 name: 1826 description: 'Name of the referent. More info: 1827 https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 1828 TODO: Add other useful fields. apiVersion, 1829 kind, uid?' 1830 type: string 1831 optional: 1832 description: Specify whether the Secret or 1833 its key must be defined 1834 type: boolean 1835 required: 1836 - key 1837 type: object 1838 type: object 1839 required: 1840 - name 1841 type: object 1842 type: array 1843 envFrom: 1844 description: List of sources to populate environment variables 1845 in the container. The keys defined within a source must 1846 be a C_IDENTIFIER. All invalid keys will be reported as 1847 an event when the container is starting. When a key exists 1848 in multiple sources, the value associated with the last 1849 source will take precedence. Values defined by an Env 1850 with a duplicate key will take precedence. Cannot be updated. 1851 items: 1852 description: EnvFromSource represents the source of a 1853 set of ConfigMaps 1854 properties: 1855 configMapRef: 1856 description: The ConfigMap to select from 1857 properties: 1858 name: 1859 description: 'Name of the referent. More info: 1860 https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 1861 TODO: Add other useful fields. apiVersion, kind, 1862 uid?' 1863 type: string 1864 optional: 1865 description: Specify whether the ConfigMap must 1866 be defined 1867 type: boolean 1868 type: object 1869 prefix: 1870 description: An optional identifier to prepend to 1871 each key in the ConfigMap. Must be a C_IDENTIFIER. 1872 type: string 1873 secretRef: 1874 description: The Secret to select from 1875 properties: 1876 name: 1877 description: 'Name of the referent. More info: 1878 https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 1879 TODO: Add other useful fields. apiVersion, kind, 1880 uid?' 1881 type: string 1882 optional: 1883 description: Specify whether the Secret must be 1884 defined 1885 type: boolean 1886 type: object 1887 type: object 1888 type: array 1889 image: 1890 description: 'Container image name. More info: https://kubernetes.io/docs/concepts/containers/images 1891 This field is optional to allow higher level config management 1892 to default or override container images in workload controllers 1893 like Deployments and StatefulSets.' 1894 type: string 1895 imagePullPolicy: 1896 description: 'Image pull policy. One of Always, Never, IfNotPresent. 1897 Defaults to Always if :latest tag is specified, or IfNotPresent 1898 otherwise. Cannot be updated. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images' 1899 type: string 1900 lifecycle: 1901 description: Actions that the management system should take 1902 in response to container lifecycle events. Cannot be updated. 1903 properties: 1904 postStart: 1905 description: 'PostStart is called immediately after 1906 a container is created. If the handler fails, the 1907 container is terminated and restarted according to 1908 its restart policy. Other management of the container 1909 blocks until the hook completes. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks' 1910 properties: 1911 exec: 1912 description: Exec specifies the action to take. 1913 properties: 1914 command: 1915 description: Command is the command line to 1916 execute inside the container, the working 1917 directory for the command is root ('/') in 1918 the container's filesystem. The command is 1919 simply exec'd, it is not run inside a shell, 1920 so traditional shell instructions ('|', etc) 1921 won't work. To use a shell, you need to explicitly 1922 call out to that shell. Exit status of 0 is 1923 treated as live/healthy and non-zero is unhealthy. 1924 items: 1925 type: string 1926 type: array 1927 type: object 1928 httpGet: 1929 description: HTTPGet specifies the http request 1930 to perform. 1931 properties: 1932 host: 1933 description: Host name to connect to, defaults 1934 to the pod IP. You probably want to set "Host" 1935 in httpHeaders instead. 1936 type: string 1937 httpHeaders: 1938 description: Custom headers to set in the request. 1939 HTTP allows repeated headers. 1940 items: 1941 description: HTTPHeader describes a custom 1942 header to be used in HTTP probes 1943 properties: 1944 name: 1945 description: The header field name. This 1946 will be canonicalized upon output, so 1947 case-variant names will be understood 1948 as the same header. 1949 type: string 1950 value: 1951 description: The header field value 1952 type: string 1953 required: 1954 - name 1955 - value 1956 type: object 1957 type: array 1958 path: 1959 description: Path to access on the HTTP server. 1960 type: string 1961 port: 1962 anyOf: 1963 - type: integer 1964 - type: string 1965 description: Name or number of the port to access 1966 on the container. Number must be in the range 1967 1 to 65535. Name must be an IANA_SVC_NAME. 1968 x-kubernetes-int-or-string: true 1969 scheme: 1970 description: Scheme to use for connecting to 1971 the host. Defaults to HTTP. 1972 type: string 1973 required: 1974 - port 1975 type: object 1976 tcpSocket: 1977 description: Deprecated. TCPSocket is NOT supported 1978 as a LifecycleHandler and kept for the backward 1979 compatibility. There are no validation of this 1980 field and lifecycle hooks will fail in runtime 1981 when tcp handler is specified. 1982 properties: 1983 host: 1984 description: 'Optional: Host name to connect 1985 to, defaults to the pod IP.' 1986 type: string 1987 port: 1988 anyOf: 1989 - type: integer 1990 - type: string 1991 description: Number or name of the port to access 1992 on the container. Number must be in the range 1993 1 to 65535. Name must be an IANA_SVC_NAME. 1994 x-kubernetes-int-or-string: true 1995 required: 1996 - port 1997 type: object 1998 type: object 1999 preStop: 2000 description: 'PreStop is called immediately before a 2001 container is terminated due to an API request or management 2002 event such as liveness/startup probe failure, preemption, 2003 resource contention, etc. The handler is not called 2004 if the container crashes or exits. The Pod''s termination 2005 grace period countdown begins before the PreStop hook 2006 is executed. Regardless of the outcome of the handler, 2007 the container will eventually terminate within the 2008 Pod''s termination grace period (unless delayed by 2009 finalizers). Other management of the container blocks 2010 until the hook completes or until the termination 2011 grace period is reached. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks' 2012 properties: 2013 exec: 2014 description: Exec specifies the action to take. 2015 properties: 2016 command: 2017 description: Command is the command line to 2018 execute inside the container, the working 2019 directory for the command is root ('/') in 2020 the container's filesystem. The command is 2021 simply exec'd, it is not run inside a shell, 2022 so traditional shell instructions ('|', etc) 2023 won't work. To use a shell, you need to explicitly 2024 call out to that shell. Exit status of 0 is 2025 treated as live/healthy and non-zero is unhealthy. 2026 items: 2027 type: string 2028 type: array 2029 type: object 2030 httpGet: 2031 description: HTTPGet specifies the http request 2032 to perform. 2033 properties: 2034 host: 2035 description: Host name to connect to, defaults 2036 to the pod IP. You probably want to set "Host" 2037 in httpHeaders instead. 2038 type: string 2039 httpHeaders: 2040 description: Custom headers to set in the request. 2041 HTTP allows repeated headers. 2042 items: 2043 description: HTTPHeader describes a custom 2044 header to be used in HTTP probes 2045 properties: 2046 name: 2047 description: The header field name. This 2048 will be canonicalized upon output, so 2049 case-variant names will be understood 2050 as the same header. 2051 type: string 2052 value: 2053 description: The header field value 2054 type: string 2055 required: 2056 - name 2057 - value 2058 type: object 2059 type: array 2060 path: 2061 description: Path to access on the HTTP server. 2062 type: string 2063 port: 2064 anyOf: 2065 - type: integer 2066 - type: string 2067 description: Name or number of the port to access 2068 on the container. Number must be in the range 2069 1 to 65535. Name must be an IANA_SVC_NAME. 2070 x-kubernetes-int-or-string: true 2071 scheme: 2072 description: Scheme to use for connecting to 2073 the host. Defaults to HTTP. 2074 type: string 2075 required: 2076 - port 2077 type: object 2078 tcpSocket: 2079 description: Deprecated. TCPSocket is NOT supported 2080 as a LifecycleHandler and kept for the backward 2081 compatibility. There are no validation of this 2082 field and lifecycle hooks will fail in runtime 2083 when tcp handler is specified. 2084 properties: 2085 host: 2086 description: 'Optional: Host name to connect 2087 to, defaults to the pod IP.' 2088 type: string 2089 port: 2090 anyOf: 2091 - type: integer 2092 - type: string 2093 description: Number or name of the port to access 2094 on the container. Number must be in the range 2095 1 to 65535. Name must be an IANA_SVC_NAME. 2096 x-kubernetes-int-or-string: true 2097 required: 2098 - port 2099 type: object 2100 type: object 2101 type: object 2102 livenessProbe: 2103 description: 'Periodic probe of container liveness. Container 2104 will be restarted if the probe fails. Cannot be updated. 2105 More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' 2106 properties: 2107 exec: 2108 description: Exec specifies the action to take. 2109 properties: 2110 command: 2111 description: Command is the command line to execute 2112 inside the container, the working directory for 2113 the command is root ('/') in the container's 2114 filesystem. The command is simply exec'd, it is 2115 not run inside a shell, so traditional shell instructions 2116 ('|', etc) won't work. To use a shell, you need 2117 to explicitly call out to that shell. Exit status 2118 of 0 is treated as live/healthy and non-zero is 2119 unhealthy. 2120 items: 2121 type: string 2122 type: array 2123 type: object 2124 failureThreshold: 2125 description: Minimum consecutive failures for the probe 2126 to be considered failed after having succeeded. Defaults 2127 to 3. Minimum value is 1. 2128 format: int32 2129 type: integer 2130 grpc: 2131 description: GRPC specifies an action involving a GRPC 2132 port. 2133 properties: 2134 port: 2135 description: Port number of the gRPC service. Number 2136 must be in the range 1 to 65535. 2137 format: int32 2138 type: integer 2139 service: 2140 description: "Service is the name of the service 2141 to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). 2142 \n If this is not specified, the default behavior 2143 is defined by gRPC." 2144 type: string 2145 required: 2146 - port 2147 type: object 2148 httpGet: 2149 description: HTTPGet specifies the http request to perform. 2150 properties: 2151 host: 2152 description: Host name to connect to, defaults to 2153 the pod IP. You probably want to set "Host" in 2154 httpHeaders instead. 2155 type: string 2156 httpHeaders: 2157 description: Custom headers to set in the request. 2158 HTTP allows repeated headers. 2159 items: 2160 description: HTTPHeader describes a custom header 2161 to be used in HTTP probes 2162 properties: 2163 name: 2164 description: The header field name. This will 2165 be canonicalized upon output, so case-variant 2166 names will be understood as the same header. 2167 type: string 2168 value: 2169 description: The header field value 2170 type: string 2171 required: 2172 - name 2173 - value 2174 type: object 2175 type: array 2176 path: 2177 description: Path to access on the HTTP server. 2178 type: string 2179 port: 2180 anyOf: 2181 - type: integer 2182 - type: string 2183 description: Name or number of the port to access 2184 on the container. Number must be in the range 2185 1 to 65535. Name must be an IANA_SVC_NAME. 2186 x-kubernetes-int-or-string: true 2187 scheme: 2188 description: Scheme to use for connecting to the 2189 host. Defaults to HTTP. 2190 type: string 2191 required: 2192 - port 2193 type: object 2194 initialDelaySeconds: 2195 description: 'Number of seconds after the container 2196 has started before liveness probes are initiated. 2197 More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' 2198 format: int32 2199 type: integer 2200 periodSeconds: 2201 description: How often (in seconds) to perform the probe. 2202 Default to 10 seconds. Minimum value is 1. 2203 format: int32 2204 type: integer 2205 successThreshold: 2206 description: Minimum consecutive successes for the probe 2207 to be considered successful after having failed. Defaults 2208 to 1. Must be 1 for liveness and startup. Minimum 2209 value is 1. 2210 format: int32 2211 type: integer 2212 tcpSocket: 2213 description: TCPSocket specifies an action involving 2214 a TCP port. 2215 properties: 2216 host: 2217 description: 'Optional: Host name to connect to, 2218 defaults to the pod IP.' 2219 type: string 2220 port: 2221 anyOf: 2222 - type: integer 2223 - type: string 2224 description: Number or name of the port to access 2225 on the container. Number must be in the range 2226 1 to 65535. Name must be an IANA_SVC_NAME. 2227 x-kubernetes-int-or-string: true 2228 required: 2229 - port 2230 type: object 2231 terminationGracePeriodSeconds: 2232 description: Optional duration in seconds the pod needs 2233 to terminate gracefully upon probe failure. The grace 2234 period is the duration in seconds after the processes 2235 running in the pod are sent a termination signal and 2236 the time when the processes are forcibly halted with 2237 a kill signal. Set this value longer than the expected 2238 cleanup time for your process. If this value is nil, 2239 the pod's terminationGracePeriodSeconds will be used. 2240 Otherwise, this value overrides the value provided 2241 by the pod spec. Value must be non-negative integer. 2242 The value zero indicates stop immediately via the 2243 kill signal (no opportunity to shut down). This is 2244 a beta field and requires enabling ProbeTerminationGracePeriod 2245 feature gate. Minimum value is 1. spec.terminationGracePeriodSeconds 2246 is used if unset. 2247 format: int64 2248 type: integer 2249 timeoutSeconds: 2250 description: 'Number of seconds after which the probe 2251 times out. Defaults to 1 second. Minimum value is 2252 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' 2253 format: int32 2254 type: integer 2255 type: object 2256 name: 2257 description: Name of the container specified as a DNS_LABEL. 2258 Each container in a pod must have a unique name (DNS_LABEL). 2259 Cannot be updated. 2260 type: string 2261 ports: 2262 description: List of ports to expose from the container. 2263 Not specifying a port here DOES NOT prevent that port 2264 from being exposed. Any port which is listening on the 2265 default "0.0.0.0" address inside a container will be accessible 2266 from the network. Modifying this array with strategic 2267 merge patch may corrupt the data. For more information 2268 See https://github.com/kubernetes/kubernetes/issues/108255. 2269 Cannot be updated. 2270 items: 2271 description: ContainerPort represents a network port in 2272 a single container. 2273 properties: 2274 containerPort: 2275 description: Number of port to expose on the pod's 2276 IP address. This must be a valid port number, 0 2277 < x < 65536. 2278 format: int32 2279 type: integer 2280 hostIP: 2281 description: What host IP to bind the external port 2282 to. 2283 type: string 2284 hostPort: 2285 description: Number of port to expose on the host. 2286 If specified, this must be a valid port number, 2287 0 < x < 65536. If HostNetwork is specified, this 2288 must match ContainerPort. Most containers do not 2289 need this. 2290 format: int32 2291 type: integer 2292 name: 2293 description: If specified, this must be an IANA_SVC_NAME 2294 and unique within the pod. Each named port in a 2295 pod must have a unique name. Name for the port that 2296 can be referred to by services. 2297 type: string 2298 protocol: 2299 default: TCP 2300 description: Protocol for port. Must be UDP, TCP, 2301 or SCTP. Defaults to "TCP". 2302 type: string 2303 required: 2304 - containerPort 2305 type: object 2306 type: array 2307 x-kubernetes-list-map-keys: 2308 - containerPort 2309 - protocol 2310 x-kubernetes-list-type: map 2311 readinessProbe: 2312 description: 'Periodic probe of container service readiness. 2313 Container will be removed from service endpoints if the 2314 probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' 2315 properties: 2316 exec: 2317 description: Exec specifies the action to take. 2318 properties: 2319 command: 2320 description: Command is the command line to execute 2321 inside the container, the working directory for 2322 the command is root ('/') in the container's 2323 filesystem. The command is simply exec'd, it is 2324 not run inside a shell, so traditional shell instructions 2325 ('|', etc) won't work. To use a shell, you need 2326 to explicitly call out to that shell. Exit status 2327 of 0 is treated as live/healthy and non-zero is 2328 unhealthy. 2329 items: 2330 type: string 2331 type: array 2332 type: object 2333 failureThreshold: 2334 description: Minimum consecutive failures for the probe 2335 to be considered failed after having succeeded. Defaults 2336 to 3. Minimum value is 1. 2337 format: int32 2338 type: integer 2339 grpc: 2340 description: GRPC specifies an action involving a GRPC 2341 port. 2342 properties: 2343 port: 2344 description: Port number of the gRPC service. Number 2345 must be in the range 1 to 65535. 2346 format: int32 2347 type: integer 2348 service: 2349 description: "Service is the name of the service 2350 to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). 2351 \n If this is not specified, the default behavior 2352 is defined by gRPC." 2353 type: string 2354 required: 2355 - port 2356 type: object 2357 httpGet: 2358 description: HTTPGet specifies the http request to perform. 2359 properties: 2360 host: 2361 description: Host name to connect to, defaults to 2362 the pod IP. You probably want to set "Host" in 2363 httpHeaders instead. 2364 type: string 2365 httpHeaders: 2366 description: Custom headers to set in the request. 2367 HTTP allows repeated headers. 2368 items: 2369 description: HTTPHeader describes a custom header 2370 to be used in HTTP probes 2371 properties: 2372 name: 2373 description: The header field name. This will 2374 be canonicalized upon output, so case-variant 2375 names will be understood as the same header. 2376 type: string 2377 value: 2378 description: The header field value 2379 type: string 2380 required: 2381 - name 2382 - value 2383 type: object 2384 type: array 2385 path: 2386 description: Path to access on the HTTP server. 2387 type: string 2388 port: 2389 anyOf: 2390 - type: integer 2391 - type: string 2392 description: Name or number of the port to access 2393 on the container. Number must be in the range 2394 1 to 65535. Name must be an IANA_SVC_NAME. 2395 x-kubernetes-int-or-string: true 2396 scheme: 2397 description: Scheme to use for connecting to the 2398 host. Defaults to HTTP. 2399 type: string 2400 required: 2401 - port 2402 type: object 2403 initialDelaySeconds: 2404 description: 'Number of seconds after the container 2405 has started before liveness probes are initiated. 2406 More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' 2407 format: int32 2408 type: integer 2409 periodSeconds: 2410 description: How often (in seconds) to perform the probe. 2411 Default to 10 seconds. Minimum value is 1. 2412 format: int32 2413 type: integer 2414 successThreshold: 2415 description: Minimum consecutive successes for the probe 2416 to be considered successful after having failed. Defaults 2417 to 1. Must be 1 for liveness and startup. Minimum 2418 value is 1. 2419 format: int32 2420 type: integer 2421 tcpSocket: 2422 description: TCPSocket specifies an action involving 2423 a TCP port. 2424 properties: 2425 host: 2426 description: 'Optional: Host name to connect to, 2427 defaults to the pod IP.' 2428 type: string 2429 port: 2430 anyOf: 2431 - type: integer 2432 - type: string 2433 description: Number or name of the port to access 2434 on the container. Number must be in the range 2435 1 to 65535. Name must be an IANA_SVC_NAME. 2436 x-kubernetes-int-or-string: true 2437 required: 2438 - port 2439 type: object 2440 terminationGracePeriodSeconds: 2441 description: Optional duration in seconds the pod needs 2442 to terminate gracefully upon probe failure. The grace 2443 period is the duration in seconds after the processes 2444 running in the pod are sent a termination signal and 2445 the time when the processes are forcibly halted with 2446 a kill signal. Set this value longer than the expected 2447 cleanup time for your process. If this value is nil, 2448 the pod's terminationGracePeriodSeconds will be used. 2449 Otherwise, this value overrides the value provided 2450 by the pod spec. Value must be non-negative integer. 2451 The value zero indicates stop immediately via the 2452 kill signal (no opportunity to shut down). This is 2453 a beta field and requires enabling ProbeTerminationGracePeriod 2454 feature gate. Minimum value is 1. spec.terminationGracePeriodSeconds 2455 is used if unset. 2456 format: int64 2457 type: integer 2458 timeoutSeconds: 2459 description: 'Number of seconds after which the probe 2460 times out. Defaults to 1 second. Minimum value is 2461 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' 2462 format: int32 2463 type: integer 2464 type: object 2465 resizePolicy: 2466 description: Resources resize policy for the container. 2467 items: 2468 description: ContainerResizePolicy represents resource 2469 resize policy for the container. 2470 properties: 2471 resourceName: 2472 description: 'Name of the resource to which this resource 2473 resize policy applies. Supported values: cpu, memory.' 2474 type: string 2475 restartPolicy: 2476 description: Restart policy to apply when specified 2477 resource is resized. If not specified, it defaults 2478 to NotRequired. 2479 type: string 2480 required: 2481 - resourceName 2482 - restartPolicy 2483 type: object 2484 type: array 2485 x-kubernetes-list-type: atomic 2486 resources: 2487 description: 'Compute Resources required by this container. 2488 Cannot be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' 2489 properties: 2490 claims: 2491 description: "Claims lists the names of resources, defined 2492 in spec.resourceClaims, that are used by this container. 2493 \n This is an alpha field and requires enabling the 2494 DynamicResourceAllocation feature gate. \n This field 2495 is immutable. It can only be set for containers." 2496 items: 2497 description: ResourceClaim references one entry in 2498 PodSpec.ResourceClaims. 2499 properties: 2500 name: 2501 description: Name must match the name of one entry 2502 in pod.spec.resourceClaims of the Pod where 2503 this field is used. It makes that resource available 2504 inside a container. 2505 type: string 2506 required: 2507 - name 2508 type: object 2509 type: array 2510 x-kubernetes-list-map-keys: 2511 - name 2512 x-kubernetes-list-type: map 2513 limits: 2514 additionalProperties: 2515 anyOf: 2516 - type: integer 2517 - type: string 2518 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 2519 x-kubernetes-int-or-string: true 2520 description: 'Limits describes the maximum amount of 2521 compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' 2522 type: object 2523 requests: 2524 additionalProperties: 2525 anyOf: 2526 - type: integer 2527 - type: string 2528 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 2529 x-kubernetes-int-or-string: true 2530 description: 'Requests describes the minimum amount 2531 of compute resources required. If Requests is omitted 2532 for a container, it defaults to Limits if that is 2533 explicitly specified, otherwise to an implementation-defined 2534 value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' 2535 type: object 2536 type: object 2537 restartPolicy: 2538 description: 'RestartPolicy defines the restart behavior 2539 of individual containers in a pod. This field may only 2540 be set for init containers, and the only allowed value 2541 is "Always". For non-init containers or when this field 2542 is not specified, the restart behavior is defined by the 2543 Pod''s restart policy and the container type. Setting 2544 the RestartPolicy as "Always" for the init container will 2545 have the following effect: this init container will be 2546 continually restarted on exit until all regular containers 2547 have terminated. Once all regular containers have completed, 2548 all init containers with restartPolicy "Always" will be 2549 shut down. This lifecycle differs from normal init containers 2550 and is often referred to as a "sidecar" container. Although 2551 this init container still starts in the init container 2552 sequence, it does not wait for the container to complete 2553 before proceeding to the next init container. Instead, 2554 the next init container starts immediately after this 2555 init container is started, or after any startupProbe has 2556 successfully completed.' 2557 type: string 2558 securityContext: 2559 description: 'SecurityContext defines the security options 2560 the container should be run with. If set, the fields of 2561 SecurityContext override the equivalent fields of PodSecurityContext. 2562 More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/' 2563 properties: 2564 allowPrivilegeEscalation: 2565 description: 'AllowPrivilegeEscalation controls whether 2566 a process can gain more privileges than its parent 2567 process. This bool directly controls if the no_new_privs 2568 flag will be set on the container process. AllowPrivilegeEscalation 2569 is true always when the container is: 1) run as Privileged 2570 2) has CAP_SYS_ADMIN Note that this field cannot be 2571 set when spec.os.name is windows.' 2572 type: boolean 2573 capabilities: 2574 description: The capabilities to add/drop when running 2575 containers. Defaults to the default set of capabilities 2576 granted by the container runtime. Note that this field 2577 cannot be set when spec.os.name is windows. 2578 properties: 2579 add: 2580 description: Added capabilities 2581 items: 2582 description: Capability represent POSIX capabilities 2583 type 2584 type: string 2585 type: array 2586 drop: 2587 description: Removed capabilities 2588 items: 2589 description: Capability represent POSIX capabilities 2590 type 2591 type: string 2592 type: array 2593 type: object 2594 privileged: 2595 description: Run container in privileged mode. Processes 2596 in privileged containers are essentially equivalent 2597 to root on the host. Defaults to false. Note that 2598 this field cannot be set when spec.os.name is windows. 2599 type: boolean 2600 procMount: 2601 description: procMount denotes the type of proc mount 2602 to use for the containers. The default is DefaultProcMount 2603 which uses the container runtime defaults for readonly 2604 paths and masked paths. This requires the ProcMountType 2605 feature flag to be enabled. Note that this field cannot 2606 be set when spec.os.name is windows. 2607 type: string 2608 readOnlyRootFilesystem: 2609 description: Whether this container has a read-only 2610 root filesystem. Default is false. Note that this 2611 field cannot be set when spec.os.name is windows. 2612 type: boolean 2613 runAsGroup: 2614 description: The GID to run the entrypoint of the container 2615 process. Uses runtime default if unset. May also be 2616 set in PodSecurityContext. If set in both SecurityContext 2617 and PodSecurityContext, the value specified in SecurityContext 2618 takes precedence. Note that this field cannot be set 2619 when spec.os.name is windows. 2620 format: int64 2621 type: integer 2622 runAsNonRoot: 2623 description: Indicates that the container must run as 2624 a non-root user. If true, the Kubelet will validate 2625 the image at runtime to ensure that it does not run 2626 as UID 0 (root) and fail to start the container if 2627 it does. If unset or false, no such validation will 2628 be performed. May also be set in PodSecurityContext. If 2629 set in both SecurityContext and PodSecurityContext, 2630 the value specified in SecurityContext takes precedence. 2631 type: boolean 2632 runAsUser: 2633 description: The UID to run the entrypoint of the container 2634 process. Defaults to user specified in image metadata 2635 if unspecified. May also be set in PodSecurityContext. If 2636 set in both SecurityContext and PodSecurityContext, 2637 the value specified in SecurityContext takes precedence. 2638 Note that this field cannot be set when spec.os.name 2639 is windows. 2640 format: int64 2641 type: integer 2642 seLinuxOptions: 2643 description: The SELinux context to be applied to the 2644 container. If unspecified, the container runtime will 2645 allocate a random SELinux context for each container. May 2646 also be set in PodSecurityContext. If set in both 2647 SecurityContext and PodSecurityContext, the value 2648 specified in SecurityContext takes precedence. Note 2649 that this field cannot be set when spec.os.name is 2650 windows. 2651 properties: 2652 level: 2653 description: Level is SELinux level label that applies 2654 to the container. 2655 type: string 2656 role: 2657 description: Role is a SELinux role label that applies 2658 to the container. 2659 type: string 2660 type: 2661 description: Type is a SELinux type label that applies 2662 to the container. 2663 type: string 2664 user: 2665 description: User is a SELinux user label that applies 2666 to the container. 2667 type: string 2668 type: object 2669 seccompProfile: 2670 description: The seccomp options to use by this container. 2671 If seccomp options are provided at both the pod & 2672 container level, the container options override the 2673 pod options. Note that this field cannot be set when 2674 spec.os.name is windows. 2675 properties: 2676 localhostProfile: 2677 description: localhostProfile indicates a profile 2678 defined in a file on the node should be used. 2679 The profile must be preconfigured on the node 2680 to work. Must be a descending path, relative to 2681 the kubelet's configured seccomp profile location. 2682 Must be set if type is "Localhost". Must NOT be 2683 set for any other type. 2684 type: string 2685 type: 2686 description: "type indicates which kind of seccomp 2687 profile will be applied. Valid options are: \n 2688 Localhost - a profile defined in a file on the 2689 node should be used. RuntimeDefault - the container 2690 runtime default profile should be used. Unconfined 2691 - no profile should be applied." 2692 type: string 2693 required: 2694 - type 2695 type: object 2696 windowsOptions: 2697 description: The Windows specific settings applied to 2698 all containers. If unspecified, the options from the 2699 PodSecurityContext will be used. If set in both SecurityContext 2700 and PodSecurityContext, the value specified in SecurityContext 2701 takes precedence. Note that this field cannot be set 2702 when spec.os.name is linux. 2703 properties: 2704 gmsaCredentialSpec: 2705 description: GMSACredentialSpec is where the GMSA 2706 admission webhook (https://github.com/kubernetes-sigs/windows-gmsa) 2707 inlines the contents of the GMSA credential spec 2708 named by the GMSACredentialSpecName field. 2709 type: string 2710 gmsaCredentialSpecName: 2711 description: GMSACredentialSpecName is the name 2712 of the GMSA credential spec to use. 2713 type: string 2714 hostProcess: 2715 description: HostProcess determines if a container 2716 should be run as a 'Host Process' container. All 2717 of a Pod's containers must have the same effective 2718 HostProcess value (it is not allowed to have a 2719 mix of HostProcess containers and non-HostProcess 2720 containers). In addition, if HostProcess is true 2721 then HostNetwork must also be set to true. 2722 type: boolean 2723 runAsUserName: 2724 description: The UserName in Windows to run the 2725 entrypoint of the container process. Defaults 2726 to the user specified in image metadata if unspecified. 2727 May also be set in PodSecurityContext. If set 2728 in both SecurityContext and PodSecurityContext, 2729 the value specified in SecurityContext takes precedence. 2730 type: string 2731 type: object 2732 type: object 2733 startupProbe: 2734 description: 'StartupProbe indicates that the Pod has successfully 2735 initialized. If specified, no other probes are executed 2736 until this completes successfully. If this probe fails, 2737 the Pod will be restarted, just as if the livenessProbe 2738 failed. This can be used to provide different probe parameters 2739 at the beginning of a Pod''s lifecycle, when it might 2740 take a long time to load data or warm a cache, than during 2741 steady-state operation. This cannot be updated. More info: 2742 https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' 2743 properties: 2744 exec: 2745 description: Exec specifies the action to take. 2746 properties: 2747 command: 2748 description: Command is the command line to execute 2749 inside the container, the working directory for 2750 the command is root ('/') in the container's 2751 filesystem. The command is simply exec'd, it is 2752 not run inside a shell, so traditional shell instructions 2753 ('|', etc) won't work. To use a shell, you need 2754 to explicitly call out to that shell. Exit status 2755 of 0 is treated as live/healthy and non-zero is 2756 unhealthy. 2757 items: 2758 type: string 2759 type: array 2760 type: object 2761 failureThreshold: 2762 description: Minimum consecutive failures for the probe 2763 to be considered failed after having succeeded. Defaults 2764 to 3. Minimum value is 1. 2765 format: int32 2766 type: integer 2767 grpc: 2768 description: GRPC specifies an action involving a GRPC 2769 port. 2770 properties: 2771 port: 2772 description: Port number of the gRPC service. Number 2773 must be in the range 1 to 65535. 2774 format: int32 2775 type: integer 2776 service: 2777 description: "Service is the name of the service 2778 to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). 2779 \n If this is not specified, the default behavior 2780 is defined by gRPC." 2781 type: string 2782 required: 2783 - port 2784 type: object 2785 httpGet: 2786 description: HTTPGet specifies the http request to perform. 2787 properties: 2788 host: 2789 description: Host name to connect to, defaults to 2790 the pod IP. You probably want to set "Host" in 2791 httpHeaders instead. 2792 type: string 2793 httpHeaders: 2794 description: Custom headers to set in the request. 2795 HTTP allows repeated headers. 2796 items: 2797 description: HTTPHeader describes a custom header 2798 to be used in HTTP probes 2799 properties: 2800 name: 2801 description: The header field name. This will 2802 be canonicalized upon output, so case-variant 2803 names will be understood as the same header. 2804 type: string 2805 value: 2806 description: The header field value 2807 type: string 2808 required: 2809 - name 2810 - value 2811 type: object 2812 type: array 2813 path: 2814 description: Path to access on the HTTP server. 2815 type: string 2816 port: 2817 anyOf: 2818 - type: integer 2819 - type: string 2820 description: Name or number of the port to access 2821 on the container. Number must be in the range 2822 1 to 65535. Name must be an IANA_SVC_NAME. 2823 x-kubernetes-int-or-string: true 2824 scheme: 2825 description: Scheme to use for connecting to the 2826 host. Defaults to HTTP. 2827 type: string 2828 required: 2829 - port 2830 type: object 2831 initialDelaySeconds: 2832 description: 'Number of seconds after the container 2833 has started before liveness probes are initiated. 2834 More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' 2835 format: int32 2836 type: integer 2837 periodSeconds: 2838 description: How often (in seconds) to perform the probe. 2839 Default to 10 seconds. Minimum value is 1. 2840 format: int32 2841 type: integer 2842 successThreshold: 2843 description: Minimum consecutive successes for the probe 2844 to be considered successful after having failed. Defaults 2845 to 1. Must be 1 for liveness and startup. Minimum 2846 value is 1. 2847 format: int32 2848 type: integer 2849 tcpSocket: 2850 description: TCPSocket specifies an action involving 2851 a TCP port. 2852 properties: 2853 host: 2854 description: 'Optional: Host name to connect to, 2855 defaults to the pod IP.' 2856 type: string 2857 port: 2858 anyOf: 2859 - type: integer 2860 - type: string 2861 description: Number or name of the port to access 2862 on the container. Number must be in the range 2863 1 to 65535. Name must be an IANA_SVC_NAME. 2864 x-kubernetes-int-or-string: true 2865 required: 2866 - port 2867 type: object 2868 terminationGracePeriodSeconds: 2869 description: Optional duration in seconds the pod needs 2870 to terminate gracefully upon probe failure. The grace 2871 period is the duration in seconds after the processes 2872 running in the pod are sent a termination signal and 2873 the time when the processes are forcibly halted with 2874 a kill signal. Set this value longer than the expected 2875 cleanup time for your process. If this value is nil, 2876 the pod's terminationGracePeriodSeconds will be used. 2877 Otherwise, this value overrides the value provided 2878 by the pod spec. Value must be non-negative integer. 2879 The value zero indicates stop immediately via the 2880 kill signal (no opportunity to shut down). This is 2881 a beta field and requires enabling ProbeTerminationGracePeriod 2882 feature gate. Minimum value is 1. spec.terminationGracePeriodSeconds 2883 is used if unset. 2884 format: int64 2885 type: integer 2886 timeoutSeconds: 2887 description: 'Number of seconds after which the probe 2888 times out. Defaults to 1 second. Minimum value is 2889 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' 2890 format: int32 2891 type: integer 2892 type: object 2893 stdin: 2894 description: Whether this container should allocate a buffer 2895 for stdin in the container runtime. If this is not set, 2896 reads from stdin in the container will always result in 2897 EOF. Default is false. 2898 type: boolean 2899 stdinOnce: 2900 description: Whether the container runtime should close 2901 the stdin channel after it has been opened by a single 2902 attach. When stdin is true the stdin stream will remain 2903 open across multiple attach sessions. If stdinOnce is 2904 set to true, stdin is opened on container start, is empty 2905 until the first client attaches to stdin, and then remains 2906 open and accepts data until the client disconnects, at 2907 which time stdin is closed and remains closed until the 2908 container is restarted. If this flag is false, a container 2909 processes that reads from stdin will never receive an 2910 EOF. Default is false 2911 type: boolean 2912 terminationMessagePath: 2913 description: 'Optional: Path at which the file to which 2914 the container''s termination message will be written is 2915 mounted into the container''s filesystem. Message written 2916 is intended to be brief final status, such as an assertion 2917 failure message. Will be truncated by the node if greater 2918 than 4096 bytes. The total message length across all containers 2919 will be limited to 12kb. Defaults to /dev/termination-log. 2920 Cannot be updated.' 2921 type: string 2922 terminationMessagePolicy: 2923 description: Indicate how the termination message should 2924 be populated. File will use the contents of terminationMessagePath 2925 to populate the container status message on both success 2926 and failure. FallbackToLogsOnError will use the last chunk 2927 of container log output if the termination message file 2928 is empty and the container exited with an error. The log 2929 output is limited to 2048 bytes or 80 lines, whichever 2930 is smaller. Defaults to File. Cannot be updated. 2931 type: string 2932 tty: 2933 description: Whether this container should allocate a TTY 2934 for itself, also requires 'stdin' to be true. Default 2935 is false. 2936 type: boolean 2937 volumeDevices: 2938 description: volumeDevices is the list of block devices 2939 to be used by the container. 2940 items: 2941 description: volumeDevice describes a mapping of a raw 2942 block device within a container. 2943 properties: 2944 devicePath: 2945 description: devicePath is the path inside of the 2946 container that the device will be mapped to. 2947 type: string 2948 name: 2949 description: name must match the name of a persistentVolumeClaim 2950 in the pod 2951 type: string 2952 required: 2953 - devicePath 2954 - name 2955 type: object 2956 type: array 2957 volumeMounts: 2958 description: Pod volumes to mount into the container's filesystem. 2959 Cannot be updated. 2960 items: 2961 description: VolumeMount describes a mounting of a Volume 2962 within a container. 2963 properties: 2964 mountPath: 2965 description: Path within the container at which the 2966 volume should be mounted. Must not contain ':'. 2967 type: string 2968 mountPropagation: 2969 description: mountPropagation determines how mounts 2970 are propagated from the host to container and the 2971 other way around. When not set, MountPropagationNone 2972 is used. This field is beta in 1.10. 2973 type: string 2974 name: 2975 description: This must match the Name of a Volume. 2976 type: string 2977 readOnly: 2978 description: Mounted read-only if true, read-write 2979 otherwise (false or unspecified). Defaults to false. 2980 type: boolean 2981 subPath: 2982 description: Path within the volume from which the 2983 container's volume should be mounted. Defaults to 2984 "" (volume's root). 2985 type: string 2986 subPathExpr: 2987 description: Expanded path within the volume from 2988 which the container's volume should be mounted. 2989 Behaves similarly to SubPath but environment variable 2990 references $(VAR_NAME) are expanded using the container's 2991 environment. Defaults to "" (volume's root). SubPathExpr 2992 and SubPath are mutually exclusive. 2993 type: string 2994 required: 2995 - mountPath 2996 - name 2997 type: object 2998 type: array 2999 workingDir: 3000 description: Container's working directory. If not specified, 3001 the container runtime's default will be used, which might 3002 be configured in the container image. Cannot be updated. 3003 type: string 3004 required: 3005 - name 3006 type: object 3007 type: array 3008 logFormat: 3009 description: LogFormat describes the log format that should be 3010 used by the Repo Server. Defaults to ArgoCDDefaultLogFormat 3011 if not configured. Valid options are text or json. 3012 type: string 3013 logLevel: 3014 description: LogLevel describes the log level that should be used 3015 by the Repo Server. Defaults to ArgoCDDefaultLogLevel if not 3016 set. Valid options are debug, info, error, and warn. 3017 type: string 3018 mountsatoken: 3019 description: MountSAToken describes whether you would like to 3020 have the Repo server mount the service account token 3021 type: boolean 3022 replicas: 3023 description: Replicas defines the number of replicas for argocd-repo-server. 3024 Value should be greater than or equal to 0. Default is nil. 3025 format: int32 3026 type: integer 3027 resources: 3028 description: Resources defines the Compute Resources required 3029 by the container for Redis. 3030 properties: 3031 claims: 3032 description: "Claims lists the names of resources, defined 3033 in spec.resourceClaims, that are used by this container. 3034 \n This is an alpha field and requires enabling the DynamicResourceAllocation 3035 feature gate. \n This field is immutable. It can only be 3036 set for containers." 3037 items: 3038 description: ResourceClaim references one entry in PodSpec.ResourceClaims. 3039 properties: 3040 name: 3041 description: Name must match the name of one entry in 3042 pod.spec.resourceClaims of the Pod where this field 3043 is used. It makes that resource available inside a 3044 container. 3045 type: string 3046 required: 3047 - name 3048 type: object 3049 type: array 3050 x-kubernetes-list-map-keys: 3051 - name 3052 x-kubernetes-list-type: map 3053 limits: 3054 additionalProperties: 3055 anyOf: 3056 - type: integer 3057 - type: string 3058 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 3059 x-kubernetes-int-or-string: true 3060 description: 'Limits describes the maximum amount of compute 3061 resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' 3062 type: object 3063 requests: 3064 additionalProperties: 3065 anyOf: 3066 - type: integer 3067 - type: string 3068 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 3069 x-kubernetes-int-or-string: true 3070 description: 'Requests describes the minimum amount of compute 3071 resources required. If Requests is omitted for a container, 3072 it defaults to Limits if that is explicitly specified, otherwise 3073 to an implementation-defined value. Requests cannot exceed 3074 Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' 3075 type: object 3076 type: object 3077 serviceaccount: 3078 description: ServiceAccount defines the ServiceAccount user that 3079 you would like the Repo server to use 3080 type: string 3081 sidecarContainers: 3082 description: SidecarContainers defines the list of sidecar containers 3083 for the repo server deployment 3084 items: 3085 description: A single application container that you want to 3086 run within a pod. 3087 properties: 3088 args: 3089 description: 'Arguments to the entrypoint. The container 3090 image''s CMD is used if this is not provided. Variable 3091 references $(VAR_NAME) are expanded using the container''s 3092 environment. If a variable cannot be resolved, the reference 3093 in the input string will be unchanged. Double $$ are reduced 3094 to a single $, which allows for escaping the $(VAR_NAME) 3095 syntax: i.e. "$$(VAR_NAME)" will produce the string literal 3096 "$(VAR_NAME)". Escaped references will never be expanded, 3097 regardless of whether the variable exists or not. Cannot 3098 be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell' 3099 items: 3100 type: string 3101 type: array 3102 command: 3103 description: 'Entrypoint array. Not executed within a shell. 3104 The container image''s ENTRYPOINT is used if this is not 3105 provided. Variable references $(VAR_NAME) are expanded 3106 using the container''s environment. If a variable cannot 3107 be resolved, the reference in the input string will be 3108 unchanged. Double $$ are reduced to a single $, which 3109 allows for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" 3110 will produce the string literal "$(VAR_NAME)". Escaped 3111 references will never be expanded, regardless of whether 3112 the variable exists or not. Cannot be updated. More info: 3113 https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell' 3114 items: 3115 type: string 3116 type: array 3117 env: 3118 description: List of environment variables to set in the 3119 container. Cannot be updated. 3120 items: 3121 description: EnvVar represents an environment variable 3122 present in a Container. 3123 properties: 3124 name: 3125 description: Name of the environment variable. Must 3126 be a C_IDENTIFIER. 3127 type: string 3128 value: 3129 description: 'Variable references $(VAR_NAME) are 3130 expanded using the previously defined environment 3131 variables in the container and any service environment 3132 variables. If a variable cannot be resolved, the 3133 reference in the input string will be unchanged. 3134 Double $$ are reduced to a single $, which allows 3135 for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" 3136 will produce the string literal "$(VAR_NAME)". Escaped 3137 references will never be expanded, regardless of 3138 whether the variable exists or not. Defaults to 3139 "".' 3140 type: string 3141 valueFrom: 3142 description: Source for the environment variable's 3143 value. Cannot be used if value is not empty. 3144 properties: 3145 configMapKeyRef: 3146 description: Selects a key of a ConfigMap. 3147 properties: 3148 key: 3149 description: The key to select. 3150 type: string 3151 name: 3152 description: 'Name of the referent. More info: 3153 https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 3154 TODO: Add other useful fields. apiVersion, 3155 kind, uid?' 3156 type: string 3157 optional: 3158 description: Specify whether the ConfigMap 3159 or its key must be defined 3160 type: boolean 3161 required: 3162 - key 3163 type: object 3164 fieldRef: 3165 description: 'Selects a field of the pod: supports 3166 metadata.name, metadata.namespace, `metadata.labels[''<KEY>'']`, 3167 `metadata.annotations[''<KEY>'']`, spec.nodeName, 3168 spec.serviceAccountName, status.hostIP, status.podIP, 3169 status.podIPs.' 3170 properties: 3171 apiVersion: 3172 description: Version of the schema the FieldPath 3173 is written in terms of, defaults to "v1". 3174 type: string 3175 fieldPath: 3176 description: Path of the field to select in 3177 the specified API version. 3178 type: string 3179 required: 3180 - fieldPath 3181 type: object 3182 resourceFieldRef: 3183 description: 'Selects a resource of the container: 3184 only resources limits and requests (limits.cpu, 3185 limits.memory, limits.ephemeral-storage, requests.cpu, 3186 requests.memory and requests.ephemeral-storage) 3187 are currently supported.' 3188 properties: 3189 containerName: 3190 description: 'Container name: required for 3191 volumes, optional for env vars' 3192 type: string 3193 divisor: 3194 anyOf: 3195 - type: integer 3196 - type: string 3197 description: Specifies the output format of 3198 the exposed resources, defaults to "1" 3199 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 3200 x-kubernetes-int-or-string: true 3201 resource: 3202 description: 'Required: resource to select' 3203 type: string 3204 required: 3205 - resource 3206 type: object 3207 secretKeyRef: 3208 description: Selects a key of a secret in the 3209 pod's namespace 3210 properties: 3211 key: 3212 description: The key of the secret to select 3213 from. Must be a valid secret key. 3214 type: string 3215 name: 3216 description: 'Name of the referent. More info: 3217 https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 3218 TODO: Add other useful fields. apiVersion, 3219 kind, uid?' 3220 type: string 3221 optional: 3222 description: Specify whether the Secret or 3223 its key must be defined 3224 type: boolean 3225 required: 3226 - key 3227 type: object 3228 type: object 3229 required: 3230 - name 3231 type: object 3232 type: array 3233 envFrom: 3234 description: List of sources to populate environment variables 3235 in the container. The keys defined within a source must 3236 be a C_IDENTIFIER. All invalid keys will be reported as 3237 an event when the container is starting. When a key exists 3238 in multiple sources, the value associated with the last 3239 source will take precedence. Values defined by an Env 3240 with a duplicate key will take precedence. Cannot be updated. 3241 items: 3242 description: EnvFromSource represents the source of a 3243 set of ConfigMaps 3244 properties: 3245 configMapRef: 3246 description: The ConfigMap to select from 3247 properties: 3248 name: 3249 description: 'Name of the referent. More info: 3250 https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 3251 TODO: Add other useful fields. apiVersion, kind, 3252 uid?' 3253 type: string 3254 optional: 3255 description: Specify whether the ConfigMap must 3256 be defined 3257 type: boolean 3258 type: object 3259 prefix: 3260 description: An optional identifier to prepend to 3261 each key in the ConfigMap. Must be a C_IDENTIFIER. 3262 type: string 3263 secretRef: 3264 description: The Secret to select from 3265 properties: 3266 name: 3267 description: 'Name of the referent. More info: 3268 https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 3269 TODO: Add other useful fields. apiVersion, kind, 3270 uid?' 3271 type: string 3272 optional: 3273 description: Specify whether the Secret must be 3274 defined 3275 type: boolean 3276 type: object 3277 type: object 3278 type: array 3279 image: 3280 description: 'Container image name. More info: https://kubernetes.io/docs/concepts/containers/images 3281 This field is optional to allow higher level config management 3282 to default or override container images in workload controllers 3283 like Deployments and StatefulSets.' 3284 type: string 3285 imagePullPolicy: 3286 description: 'Image pull policy. One of Always, Never, IfNotPresent. 3287 Defaults to Always if :latest tag is specified, or IfNotPresent 3288 otherwise. Cannot be updated. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images' 3289 type: string 3290 lifecycle: 3291 description: Actions that the management system should take 3292 in response to container lifecycle events. Cannot be updated. 3293 properties: 3294 postStart: 3295 description: 'PostStart is called immediately after 3296 a container is created. If the handler fails, the 3297 container is terminated and restarted according to 3298 its restart policy. Other management of the container 3299 blocks until the hook completes. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks' 3300 properties: 3301 exec: 3302 description: Exec specifies the action to take. 3303 properties: 3304 command: 3305 description: Command is the command line to 3306 execute inside the container, the working 3307 directory for the command is root ('/') in 3308 the container's filesystem. The command is 3309 simply exec'd, it is not run inside a shell, 3310 so traditional shell instructions ('|', etc) 3311 won't work. To use a shell, you need to explicitly 3312 call out to that shell. Exit status of 0 is 3313 treated as live/healthy and non-zero is unhealthy. 3314 items: 3315 type: string 3316 type: array 3317 type: object 3318 httpGet: 3319 description: HTTPGet specifies the http request 3320 to perform. 3321 properties: 3322 host: 3323 description: Host name to connect to, defaults 3324 to the pod IP. You probably want to set "Host" 3325 in httpHeaders instead. 3326 type: string 3327 httpHeaders: 3328 description: Custom headers to set in the request. 3329 HTTP allows repeated headers. 3330 items: 3331 description: HTTPHeader describes a custom 3332 header to be used in HTTP probes 3333 properties: 3334 name: 3335 description: The header field name. This 3336 will be canonicalized upon output, so 3337 case-variant names will be understood 3338 as the same header. 3339 type: string 3340 value: 3341 description: The header field value 3342 type: string 3343 required: 3344 - name 3345 - value 3346 type: object 3347 type: array 3348 path: 3349 description: Path to access on the HTTP server. 3350 type: string 3351 port: 3352 anyOf: 3353 - type: integer 3354 - type: string 3355 description: Name or number of the port to access 3356 on the container. Number must be in the range 3357 1 to 65535. Name must be an IANA_SVC_NAME. 3358 x-kubernetes-int-or-string: true 3359 scheme: 3360 description: Scheme to use for connecting to 3361 the host. Defaults to HTTP. 3362 type: string 3363 required: 3364 - port 3365 type: object 3366 tcpSocket: 3367 description: Deprecated. TCPSocket is NOT supported 3368 as a LifecycleHandler and kept for the backward 3369 compatibility. There are no validation of this 3370 field and lifecycle hooks will fail in runtime 3371 when tcp handler is specified. 3372 properties: 3373 host: 3374 description: 'Optional: Host name to connect 3375 to, defaults to the pod IP.' 3376 type: string 3377 port: 3378 anyOf: 3379 - type: integer 3380 - type: string 3381 description: Number or name of the port to access 3382 on the container. Number must be in the range 3383 1 to 65535. Name must be an IANA_SVC_NAME. 3384 x-kubernetes-int-or-string: true 3385 required: 3386 - port 3387 type: object 3388 type: object 3389 preStop: 3390 description: 'PreStop is called immediately before a 3391 container is terminated due to an API request or management 3392 event such as liveness/startup probe failure, preemption, 3393 resource contention, etc. The handler is not called 3394 if the container crashes or exits. The Pod''s termination 3395 grace period countdown begins before the PreStop hook 3396 is executed. Regardless of the outcome of the handler, 3397 the container will eventually terminate within the 3398 Pod''s termination grace period (unless delayed by 3399 finalizers). Other management of the container blocks 3400 until the hook completes or until the termination 3401 grace period is reached. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks' 3402 properties: 3403 exec: 3404 description: Exec specifies the action to take. 3405 properties: 3406 command: 3407 description: Command is the command line to 3408 execute inside the container, the working 3409 directory for the command is root ('/') in 3410 the container's filesystem. The command is 3411 simply exec'd, it is not run inside a shell, 3412 so traditional shell instructions ('|', etc) 3413 won't work. To use a shell, you need to explicitly 3414 call out to that shell. Exit status of 0 is 3415 treated as live/healthy and non-zero is unhealthy. 3416 items: 3417 type: string 3418 type: array 3419 type: object 3420 httpGet: 3421 description: HTTPGet specifies the http request 3422 to perform. 3423 properties: 3424 host: 3425 description: Host name to connect to, defaults 3426 to the pod IP. You probably want to set "Host" 3427 in httpHeaders instead. 3428 type: string 3429 httpHeaders: 3430 description: Custom headers to set in the request. 3431 HTTP allows repeated headers. 3432 items: 3433 description: HTTPHeader describes a custom 3434 header to be used in HTTP probes 3435 properties: 3436 name: 3437 description: The header field name. This 3438 will be canonicalized upon output, so 3439 case-variant names will be understood 3440 as the same header. 3441 type: string 3442 value: 3443 description: The header field value 3444 type: string 3445 required: 3446 - name 3447 - value 3448 type: object 3449 type: array 3450 path: 3451 description: Path to access on the HTTP server. 3452 type: string 3453 port: 3454 anyOf: 3455 - type: integer 3456 - type: string 3457 description: Name or number of the port to access 3458 on the container. Number must be in the range 3459 1 to 65535. Name must be an IANA_SVC_NAME. 3460 x-kubernetes-int-or-string: true 3461 scheme: 3462 description: Scheme to use for connecting to 3463 the host. Defaults to HTTP. 3464 type: string 3465 required: 3466 - port 3467 type: object 3468 tcpSocket: 3469 description: Deprecated. TCPSocket is NOT supported 3470 as a LifecycleHandler and kept for the backward 3471 compatibility. There are no validation of this 3472 field and lifecycle hooks will fail in runtime 3473 when tcp handler is specified. 3474 properties: 3475 host: 3476 description: 'Optional: Host name to connect 3477 to, defaults to the pod IP.' 3478 type: string 3479 port: 3480 anyOf: 3481 - type: integer 3482 - type: string 3483 description: Number or name of the port to access 3484 on the container. Number must be in the range 3485 1 to 65535. Name must be an IANA_SVC_NAME. 3486 x-kubernetes-int-or-string: true 3487 required: 3488 - port 3489 type: object 3490 type: object 3491 type: object 3492 livenessProbe: 3493 description: 'Periodic probe of container liveness. Container 3494 will be restarted if the probe fails. Cannot be updated. 3495 More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' 3496 properties: 3497 exec: 3498 description: Exec specifies the action to take. 3499 properties: 3500 command: 3501 description: Command is the command line to execute 3502 inside the container, the working directory for 3503 the command is root ('/') in the container's 3504 filesystem. The command is simply exec'd, it is 3505 not run inside a shell, so traditional shell instructions 3506 ('|', etc) won't work. To use a shell, you need 3507 to explicitly call out to that shell. Exit status 3508 of 0 is treated as live/healthy and non-zero is 3509 unhealthy. 3510 items: 3511 type: string 3512 type: array 3513 type: object 3514 failureThreshold: 3515 description: Minimum consecutive failures for the probe 3516 to be considered failed after having succeeded. Defaults 3517 to 3. Minimum value is 1. 3518 format: int32 3519 type: integer 3520 grpc: 3521 description: GRPC specifies an action involving a GRPC 3522 port. 3523 properties: 3524 port: 3525 description: Port number of the gRPC service. Number 3526 must be in the range 1 to 65535. 3527 format: int32 3528 type: integer 3529 service: 3530 description: "Service is the name of the service 3531 to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). 3532 \n If this is not specified, the default behavior 3533 is defined by gRPC." 3534 type: string 3535 required: 3536 - port 3537 type: object 3538 httpGet: 3539 description: HTTPGet specifies the http request to perform. 3540 properties: 3541 host: 3542 description: Host name to connect to, defaults to 3543 the pod IP. You probably want to set "Host" in 3544 httpHeaders instead. 3545 type: string 3546 httpHeaders: 3547 description: Custom headers to set in the request. 3548 HTTP allows repeated headers. 3549 items: 3550 description: HTTPHeader describes a custom header 3551 to be used in HTTP probes 3552 properties: 3553 name: 3554 description: The header field name. This will 3555 be canonicalized upon output, so case-variant 3556 names will be understood as the same header. 3557 type: string 3558 value: 3559 description: The header field value 3560 type: string 3561 required: 3562 - name 3563 - value 3564 type: object 3565 type: array 3566 path: 3567 description: Path to access on the HTTP server. 3568 type: string 3569 port: 3570 anyOf: 3571 - type: integer 3572 - type: string 3573 description: Name or number of the port to access 3574 on the container. Number must be in the range 3575 1 to 65535. Name must be an IANA_SVC_NAME. 3576 x-kubernetes-int-or-string: true 3577 scheme: 3578 description: Scheme to use for connecting to the 3579 host. Defaults to HTTP. 3580 type: string 3581 required: 3582 - port 3583 type: object 3584 initialDelaySeconds: 3585 description: 'Number of seconds after the container 3586 has started before liveness probes are initiated. 3587 More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' 3588 format: int32 3589 type: integer 3590 periodSeconds: 3591 description: How often (in seconds) to perform the probe. 3592 Default to 10 seconds. Minimum value is 1. 3593 format: int32 3594 type: integer 3595 successThreshold: 3596 description: Minimum consecutive successes for the probe 3597 to be considered successful after having failed. Defaults 3598 to 1. Must be 1 for liveness and startup. Minimum 3599 value is 1. 3600 format: int32 3601 type: integer 3602 tcpSocket: 3603 description: TCPSocket specifies an action involving 3604 a TCP port. 3605 properties: 3606 host: 3607 description: 'Optional: Host name to connect to, 3608 defaults to the pod IP.' 3609 type: string 3610 port: 3611 anyOf: 3612 - type: integer 3613 - type: string 3614 description: Number or name of the port to access 3615 on the container. Number must be in the range 3616 1 to 65535. Name must be an IANA_SVC_NAME. 3617 x-kubernetes-int-or-string: true 3618 required: 3619 - port 3620 type: object 3621 terminationGracePeriodSeconds: 3622 description: Optional duration in seconds the pod needs 3623 to terminate gracefully upon probe failure. The grace 3624 period is the duration in seconds after the processes 3625 running in the pod are sent a termination signal and 3626 the time when the processes are forcibly halted with 3627 a kill signal. Set this value longer than the expected 3628 cleanup time for your process. If this value is nil, 3629 the pod's terminationGracePeriodSeconds will be used. 3630 Otherwise, this value overrides the value provided 3631 by the pod spec. Value must be non-negative integer. 3632 The value zero indicates stop immediately via the 3633 kill signal (no opportunity to shut down). This is 3634 a beta field and requires enabling ProbeTerminationGracePeriod 3635 feature gate. Minimum value is 1. spec.terminationGracePeriodSeconds 3636 is used if unset. 3637 format: int64 3638 type: integer 3639 timeoutSeconds: 3640 description: 'Number of seconds after which the probe 3641 times out. Defaults to 1 second. Minimum value is 3642 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' 3643 format: int32 3644 type: integer 3645 type: object 3646 name: 3647 description: Name of the container specified as a DNS_LABEL. 3648 Each container in a pod must have a unique name (DNS_LABEL). 3649 Cannot be updated. 3650 type: string 3651 ports: 3652 description: List of ports to expose from the container. 3653 Not specifying a port here DOES NOT prevent that port 3654 from being exposed. Any port which is listening on the 3655 default "0.0.0.0" address inside a container will be accessible 3656 from the network. Modifying this array with strategic 3657 merge patch may corrupt the data. For more information 3658 See https://github.com/kubernetes/kubernetes/issues/108255. 3659 Cannot be updated. 3660 items: 3661 description: ContainerPort represents a network port in 3662 a single container. 3663 properties: 3664 containerPort: 3665 description: Number of port to expose on the pod's 3666 IP address. This must be a valid port number, 0 3667 < x < 65536. 3668 format: int32 3669 type: integer 3670 hostIP: 3671 description: What host IP to bind the external port 3672 to. 3673 type: string 3674 hostPort: 3675 description: Number of port to expose on the host. 3676 If specified, this must be a valid port number, 3677 0 < x < 65536. If HostNetwork is specified, this 3678 must match ContainerPort. Most containers do not 3679 need this. 3680 format: int32 3681 type: integer 3682 name: 3683 description: If specified, this must be an IANA_SVC_NAME 3684 and unique within the pod. Each named port in a 3685 pod must have a unique name. Name for the port that 3686 can be referred to by services. 3687 type: string 3688 protocol: 3689 default: TCP 3690 description: Protocol for port. Must be UDP, TCP, 3691 or SCTP. Defaults to "TCP". 3692 type: string 3693 required: 3694 - containerPort 3695 type: object 3696 type: array 3697 x-kubernetes-list-map-keys: 3698 - containerPort 3699 - protocol 3700 x-kubernetes-list-type: map 3701 readinessProbe: 3702 description: 'Periodic probe of container service readiness. 3703 Container will be removed from service endpoints if the 3704 probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' 3705 properties: 3706 exec: 3707 description: Exec specifies the action to take. 3708 properties: 3709 command: 3710 description: Command is the command line to execute 3711 inside the container, the working directory for 3712 the command is root ('/') in the container's 3713 filesystem. The command is simply exec'd, it is 3714 not run inside a shell, so traditional shell instructions 3715 ('|', etc) won't work. To use a shell, you need 3716 to explicitly call out to that shell. Exit status 3717 of 0 is treated as live/healthy and non-zero is 3718 unhealthy. 3719 items: 3720 type: string 3721 type: array 3722 type: object 3723 failureThreshold: 3724 description: Minimum consecutive failures for the probe 3725 to be considered failed after having succeeded. Defaults 3726 to 3. Minimum value is 1. 3727 format: int32 3728 type: integer 3729 grpc: 3730 description: GRPC specifies an action involving a GRPC 3731 port. 3732 properties: 3733 port: 3734 description: Port number of the gRPC service. Number 3735 must be in the range 1 to 65535. 3736 format: int32 3737 type: integer 3738 service: 3739 description: "Service is the name of the service 3740 to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). 3741 \n If this is not specified, the default behavior 3742 is defined by gRPC." 3743 type: string 3744 required: 3745 - port 3746 type: object 3747 httpGet: 3748 description: HTTPGet specifies the http request to perform. 3749 properties: 3750 host: 3751 description: Host name to connect to, defaults to 3752 the pod IP. You probably want to set "Host" in 3753 httpHeaders instead. 3754 type: string 3755 httpHeaders: 3756 description: Custom headers to set in the request. 3757 HTTP allows repeated headers. 3758 items: 3759 description: HTTPHeader describes a custom header 3760 to be used in HTTP probes 3761 properties: 3762 name: 3763 description: The header field name. This will 3764 be canonicalized upon output, so case-variant 3765 names will be understood as the same header. 3766 type: string 3767 value: 3768 description: The header field value 3769 type: string 3770 required: 3771 - name 3772 - value 3773 type: object 3774 type: array 3775 path: 3776 description: Path to access on the HTTP server. 3777 type: string 3778 port: 3779 anyOf: 3780 - type: integer 3781 - type: string 3782 description: Name or number of the port to access 3783 on the container. Number must be in the range 3784 1 to 65535. Name must be an IANA_SVC_NAME. 3785 x-kubernetes-int-or-string: true 3786 scheme: 3787 description: Scheme to use for connecting to the 3788 host. Defaults to HTTP. 3789 type: string 3790 required: 3791 - port 3792 type: object 3793 initialDelaySeconds: 3794 description: 'Number of seconds after the container 3795 has started before liveness probes are initiated. 3796 More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' 3797 format: int32 3798 type: integer 3799 periodSeconds: 3800 description: How often (in seconds) to perform the probe. 3801 Default to 10 seconds. Minimum value is 1. 3802 format: int32 3803 type: integer 3804 successThreshold: 3805 description: Minimum consecutive successes for the probe 3806 to be considered successful after having failed. Defaults 3807 to 1. Must be 1 for liveness and startup. Minimum 3808 value is 1. 3809 format: int32 3810 type: integer 3811 tcpSocket: 3812 description: TCPSocket specifies an action involving 3813 a TCP port. 3814 properties: 3815 host: 3816 description: 'Optional: Host name to connect to, 3817 defaults to the pod IP.' 3818 type: string 3819 port: 3820 anyOf: 3821 - type: integer 3822 - type: string 3823 description: Number or name of the port to access 3824 on the container. Number must be in the range 3825 1 to 65535. Name must be an IANA_SVC_NAME. 3826 x-kubernetes-int-or-string: true 3827 required: 3828 - port 3829 type: object 3830 terminationGracePeriodSeconds: 3831 description: Optional duration in seconds the pod needs 3832 to terminate gracefully upon probe failure. The grace 3833 period is the duration in seconds after the processes 3834 running in the pod are sent a termination signal and 3835 the time when the processes are forcibly halted with 3836 a kill signal. Set this value longer than the expected 3837 cleanup time for your process. If this value is nil, 3838 the pod's terminationGracePeriodSeconds will be used. 3839 Otherwise, this value overrides the value provided 3840 by the pod spec. Value must be non-negative integer. 3841 The value zero indicates stop immediately via the 3842 kill signal (no opportunity to shut down). This is 3843 a beta field and requires enabling ProbeTerminationGracePeriod 3844 feature gate. Minimum value is 1. spec.terminationGracePeriodSeconds 3845 is used if unset. 3846 format: int64 3847 type: integer 3848 timeoutSeconds: 3849 description: 'Number of seconds after which the probe 3850 times out. Defaults to 1 second. Minimum value is 3851 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' 3852 format: int32 3853 type: integer 3854 type: object 3855 resizePolicy: 3856 description: Resources resize policy for the container. 3857 items: 3858 description: ContainerResizePolicy represents resource 3859 resize policy for the container. 3860 properties: 3861 resourceName: 3862 description: 'Name of the resource to which this resource 3863 resize policy applies. Supported values: cpu, memory.' 3864 type: string 3865 restartPolicy: 3866 description: Restart policy to apply when specified 3867 resource is resized. If not specified, it defaults 3868 to NotRequired. 3869 type: string 3870 required: 3871 - resourceName 3872 - restartPolicy 3873 type: object 3874 type: array 3875 x-kubernetes-list-type: atomic 3876 resources: 3877 description: 'Compute Resources required by this container. 3878 Cannot be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' 3879 properties: 3880 claims: 3881 description: "Claims lists the names of resources, defined 3882 in spec.resourceClaims, that are used by this container. 3883 \n This is an alpha field and requires enabling the 3884 DynamicResourceAllocation feature gate. \n This field 3885 is immutable. It can only be set for containers." 3886 items: 3887 description: ResourceClaim references one entry in 3888 PodSpec.ResourceClaims. 3889 properties: 3890 name: 3891 description: Name must match the name of one entry 3892 in pod.spec.resourceClaims of the Pod where 3893 this field is used. It makes that resource available 3894 inside a container. 3895 type: string 3896 required: 3897 - name 3898 type: object 3899 type: array 3900 x-kubernetes-list-map-keys: 3901 - name 3902 x-kubernetes-list-type: map 3903 limits: 3904 additionalProperties: 3905 anyOf: 3906 - type: integer 3907 - type: string 3908 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 3909 x-kubernetes-int-or-string: true 3910 description: 'Limits describes the maximum amount of 3911 compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' 3912 type: object 3913 requests: 3914 additionalProperties: 3915 anyOf: 3916 - type: integer 3917 - type: string 3918 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 3919 x-kubernetes-int-or-string: true 3920 description: 'Requests describes the minimum amount 3921 of compute resources required. If Requests is omitted 3922 for a container, it defaults to Limits if that is 3923 explicitly specified, otherwise to an implementation-defined 3924 value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' 3925 type: object 3926 type: object 3927 restartPolicy: 3928 description: 'RestartPolicy defines the restart behavior 3929 of individual containers in a pod. This field may only 3930 be set for init containers, and the only allowed value 3931 is "Always". For non-init containers or when this field 3932 is not specified, the restart behavior is defined by the 3933 Pod''s restart policy and the container type. Setting 3934 the RestartPolicy as "Always" for the init container will 3935 have the following effect: this init container will be 3936 continually restarted on exit until all regular containers 3937 have terminated. Once all regular containers have completed, 3938 all init containers with restartPolicy "Always" will be 3939 shut down. This lifecycle differs from normal init containers 3940 and is often referred to as a "sidecar" container. Although 3941 this init container still starts in the init container 3942 sequence, it does not wait for the container to complete 3943 before proceeding to the next init container. Instead, 3944 the next init container starts immediately after this 3945 init container is started, or after any startupProbe has 3946 successfully completed.' 3947 type: string 3948 securityContext: 3949 description: 'SecurityContext defines the security options 3950 the container should be run with. If set, the fields of 3951 SecurityContext override the equivalent fields of PodSecurityContext. 3952 More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/' 3953 properties: 3954 allowPrivilegeEscalation: 3955 description: 'AllowPrivilegeEscalation controls whether 3956 a process can gain more privileges than its parent 3957 process. This bool directly controls if the no_new_privs 3958 flag will be set on the container process. AllowPrivilegeEscalation 3959 is true always when the container is: 1) run as Privileged 3960 2) has CAP_SYS_ADMIN Note that this field cannot be 3961 set when spec.os.name is windows.' 3962 type: boolean 3963 capabilities: 3964 description: The capabilities to add/drop when running 3965 containers. Defaults to the default set of capabilities 3966 granted by the container runtime. Note that this field 3967 cannot be set when spec.os.name is windows. 3968 properties: 3969 add: 3970 description: Added capabilities 3971 items: 3972 description: Capability represent POSIX capabilities 3973 type 3974 type: string 3975 type: array 3976 drop: 3977 description: Removed capabilities 3978 items: 3979 description: Capability represent POSIX capabilities 3980 type 3981 type: string 3982 type: array 3983 type: object 3984 privileged: 3985 description: Run container in privileged mode. Processes 3986 in privileged containers are essentially equivalent 3987 to root on the host. Defaults to false. Note that 3988 this field cannot be set when spec.os.name is windows. 3989 type: boolean 3990 procMount: 3991 description: procMount denotes the type of proc mount 3992 to use for the containers. The default is DefaultProcMount 3993 which uses the container runtime defaults for readonly 3994 paths and masked paths. This requires the ProcMountType 3995 feature flag to be enabled. Note that this field cannot 3996 be set when spec.os.name is windows. 3997 type: string 3998 readOnlyRootFilesystem: 3999 description: Whether this container has a read-only 4000 root filesystem. Default is false. Note that this 4001 field cannot be set when spec.os.name is windows. 4002 type: boolean 4003 runAsGroup: 4004 description: The GID to run the entrypoint of the container 4005 process. Uses runtime default if unset. May also be 4006 set in PodSecurityContext. If set in both SecurityContext 4007 and PodSecurityContext, the value specified in SecurityContext 4008 takes precedence. Note that this field cannot be set 4009 when spec.os.name is windows. 4010 format: int64 4011 type: integer 4012 runAsNonRoot: 4013 description: Indicates that the container must run as 4014 a non-root user. If true, the Kubelet will validate 4015 the image at runtime to ensure that it does not run 4016 as UID 0 (root) and fail to start the container if 4017 it does. If unset or false, no such validation will 4018 be performed. May also be set in PodSecurityContext. If 4019 set in both SecurityContext and PodSecurityContext, 4020 the value specified in SecurityContext takes precedence. 4021 type: boolean 4022 runAsUser: 4023 description: The UID to run the entrypoint of the container 4024 process. Defaults to user specified in image metadata 4025 if unspecified. May also be set in PodSecurityContext. If 4026 set in both SecurityContext and PodSecurityContext, 4027 the value specified in SecurityContext takes precedence. 4028 Note that this field cannot be set when spec.os.name 4029 is windows. 4030 format: int64 4031 type: integer 4032 seLinuxOptions: 4033 description: The SELinux context to be applied to the 4034 container. If unspecified, the container runtime will 4035 allocate a random SELinux context for each container. May 4036 also be set in PodSecurityContext. If set in both 4037 SecurityContext and PodSecurityContext, the value 4038 specified in SecurityContext takes precedence. Note 4039 that this field cannot be set when spec.os.name is 4040 windows. 4041 properties: 4042 level: 4043 description: Level is SELinux level label that applies 4044 to the container. 4045 type: string 4046 role: 4047 description: Role is a SELinux role label that applies 4048 to the container. 4049 type: string 4050 type: 4051 description: Type is a SELinux type label that applies 4052 to the container. 4053 type: string 4054 user: 4055 description: User is a SELinux user label that applies 4056 to the container. 4057 type: string 4058 type: object 4059 seccompProfile: 4060 description: The seccomp options to use by this container. 4061 If seccomp options are provided at both the pod & 4062 container level, the container options override the 4063 pod options. Note that this field cannot be set when 4064 spec.os.name is windows. 4065 properties: 4066 localhostProfile: 4067 description: localhostProfile indicates a profile 4068 defined in a file on the node should be used. 4069 The profile must be preconfigured on the node 4070 to work. Must be a descending path, relative to 4071 the kubelet's configured seccomp profile location. 4072 Must be set if type is "Localhost". Must NOT be 4073 set for any other type. 4074 type: string 4075 type: 4076 description: "type indicates which kind of seccomp 4077 profile will be applied. Valid options are: \n 4078 Localhost - a profile defined in a file on the 4079 node should be used. RuntimeDefault - the container 4080 runtime default profile should be used. Unconfined 4081 - no profile should be applied." 4082 type: string 4083 required: 4084 - type 4085 type: object 4086 windowsOptions: 4087 description: The Windows specific settings applied to 4088 all containers. If unspecified, the options from the 4089 PodSecurityContext will be used. If set in both SecurityContext 4090 and PodSecurityContext, the value specified in SecurityContext 4091 takes precedence. Note that this field cannot be set 4092 when spec.os.name is linux. 4093 properties: 4094 gmsaCredentialSpec: 4095 description: GMSACredentialSpec is where the GMSA 4096 admission webhook (https://github.com/kubernetes-sigs/windows-gmsa) 4097 inlines the contents of the GMSA credential spec 4098 named by the GMSACredentialSpecName field. 4099 type: string 4100 gmsaCredentialSpecName: 4101 description: GMSACredentialSpecName is the name 4102 of the GMSA credential spec to use. 4103 type: string 4104 hostProcess: 4105 description: HostProcess determines if a container 4106 should be run as a 'Host Process' container. All 4107 of a Pod's containers must have the same effective 4108 HostProcess value (it is not allowed to have a 4109 mix of HostProcess containers and non-HostProcess 4110 containers). In addition, if HostProcess is true 4111 then HostNetwork must also be set to true. 4112 type: boolean 4113 runAsUserName: 4114 description: The UserName in Windows to run the 4115 entrypoint of the container process. Defaults 4116 to the user specified in image metadata if unspecified. 4117 May also be set in PodSecurityContext. If set 4118 in both SecurityContext and PodSecurityContext, 4119 the value specified in SecurityContext takes precedence. 4120 type: string 4121 type: object 4122 type: object 4123 startupProbe: 4124 description: 'StartupProbe indicates that the Pod has successfully 4125 initialized. If specified, no other probes are executed 4126 until this completes successfully. If this probe fails, 4127 the Pod will be restarted, just as if the livenessProbe 4128 failed. This can be used to provide different probe parameters 4129 at the beginning of a Pod''s lifecycle, when it might 4130 take a long time to load data or warm a cache, than during 4131 steady-state operation. This cannot be updated. More info: 4132 https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' 4133 properties: 4134 exec: 4135 description: Exec specifies the action to take. 4136 properties: 4137 command: 4138 description: Command is the command line to execute 4139 inside the container, the working directory for 4140 the command is root ('/') in the container's 4141 filesystem. The command is simply exec'd, it is 4142 not run inside a shell, so traditional shell instructions 4143 ('|', etc) won't work. To use a shell, you need 4144 to explicitly call out to that shell. Exit status 4145 of 0 is treated as live/healthy and non-zero is 4146 unhealthy. 4147 items: 4148 type: string 4149 type: array 4150 type: object 4151 failureThreshold: 4152 description: Minimum consecutive failures for the probe 4153 to be considered failed after having succeeded. Defaults 4154 to 3. Minimum value is 1. 4155 format: int32 4156 type: integer 4157 grpc: 4158 description: GRPC specifies an action involving a GRPC 4159 port. 4160 properties: 4161 port: 4162 description: Port number of the gRPC service. Number 4163 must be in the range 1 to 65535. 4164 format: int32 4165 type: integer 4166 service: 4167 description: "Service is the name of the service 4168 to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). 4169 \n If this is not specified, the default behavior 4170 is defined by gRPC." 4171 type: string 4172 required: 4173 - port 4174 type: object 4175 httpGet: 4176 description: HTTPGet specifies the http request to perform. 4177 properties: 4178 host: 4179 description: Host name to connect to, defaults to 4180 the pod IP. You probably want to set "Host" in 4181 httpHeaders instead. 4182 type: string 4183 httpHeaders: 4184 description: Custom headers to set in the request. 4185 HTTP allows repeated headers. 4186 items: 4187 description: HTTPHeader describes a custom header 4188 to be used in HTTP probes 4189 properties: 4190 name: 4191 description: The header field name. This will 4192 be canonicalized upon output, so case-variant 4193 names will be understood as the same header. 4194 type: string 4195 value: 4196 description: The header field value 4197 type: string 4198 required: 4199 - name 4200 - value 4201 type: object 4202 type: array 4203 path: 4204 description: Path to access on the HTTP server. 4205 type: string 4206 port: 4207 anyOf: 4208 - type: integer 4209 - type: string 4210 description: Name or number of the port to access 4211 on the container. Number must be in the range 4212 1 to 65535. Name must be an IANA_SVC_NAME. 4213 x-kubernetes-int-or-string: true 4214 scheme: 4215 description: Scheme to use for connecting to the 4216 host. Defaults to HTTP. 4217 type: string 4218 required: 4219 - port 4220 type: object 4221 initialDelaySeconds: 4222 description: 'Number of seconds after the container 4223 has started before liveness probes are initiated. 4224 More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' 4225 format: int32 4226 type: integer 4227 periodSeconds: 4228 description: How often (in seconds) to perform the probe. 4229 Default to 10 seconds. Minimum value is 1. 4230 format: int32 4231 type: integer 4232 successThreshold: 4233 description: Minimum consecutive successes for the probe 4234 to be considered successful after having failed. Defaults 4235 to 1. Must be 1 for liveness and startup. Minimum 4236 value is 1. 4237 format: int32 4238 type: integer 4239 tcpSocket: 4240 description: TCPSocket specifies an action involving 4241 a TCP port. 4242 properties: 4243 host: 4244 description: 'Optional: Host name to connect to, 4245 defaults to the pod IP.' 4246 type: string 4247 port: 4248 anyOf: 4249 - type: integer 4250 - type: string 4251 description: Number or name of the port to access 4252 on the container. Number must be in the range 4253 1 to 65535. Name must be an IANA_SVC_NAME. 4254 x-kubernetes-int-or-string: true 4255 required: 4256 - port 4257 type: object 4258 terminationGracePeriodSeconds: 4259 description: Optional duration in seconds the pod needs 4260 to terminate gracefully upon probe failure. The grace 4261 period is the duration in seconds after the processes 4262 running in the pod are sent a termination signal and 4263 the time when the processes are forcibly halted with 4264 a kill signal. Set this value longer than the expected 4265 cleanup time for your process. If this value is nil, 4266 the pod's terminationGracePeriodSeconds will be used. 4267 Otherwise, this value overrides the value provided 4268 by the pod spec. Value must be non-negative integer. 4269 The value zero indicates stop immediately via the 4270 kill signal (no opportunity to shut down). This is 4271 a beta field and requires enabling ProbeTerminationGracePeriod 4272 feature gate. Minimum value is 1. spec.terminationGracePeriodSeconds 4273 is used if unset. 4274 format: int64 4275 type: integer 4276 timeoutSeconds: 4277 description: 'Number of seconds after which the probe 4278 times out. Defaults to 1 second. Minimum value is 4279 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' 4280 format: int32 4281 type: integer 4282 type: object 4283 stdin: 4284 description: Whether this container should allocate a buffer 4285 for stdin in the container runtime. If this is not set, 4286 reads from stdin in the container will always result in 4287 EOF. Default is false. 4288 type: boolean 4289 stdinOnce: 4290 description: Whether the container runtime should close 4291 the stdin channel after it has been opened by a single 4292 attach. When stdin is true the stdin stream will remain 4293 open across multiple attach sessions. If stdinOnce is 4294 set to true, stdin is opened on container start, is empty 4295 until the first client attaches to stdin, and then remains 4296 open and accepts data until the client disconnects, at 4297 which time stdin is closed and remains closed until the 4298 container is restarted. If this flag is false, a container 4299 processes that reads from stdin will never receive an 4300 EOF. Default is false 4301 type: boolean 4302 terminationMessagePath: 4303 description: 'Optional: Path at which the file to which 4304 the container''s termination message will be written is 4305 mounted into the container''s filesystem. Message written 4306 is intended to be brief final status, such as an assertion 4307 failure message. Will be truncated by the node if greater 4308 than 4096 bytes. The total message length across all containers 4309 will be limited to 12kb. Defaults to /dev/termination-log. 4310 Cannot be updated.' 4311 type: string 4312 terminationMessagePolicy: 4313 description: Indicate how the termination message should 4314 be populated. File will use the contents of terminationMessagePath 4315 to populate the container status message on both success 4316 and failure. FallbackToLogsOnError will use the last chunk 4317 of container log output if the termination message file 4318 is empty and the container exited with an error. The log 4319 output is limited to 2048 bytes or 80 lines, whichever 4320 is smaller. Defaults to File. Cannot be updated. 4321 type: string 4322 tty: 4323 description: Whether this container should allocate a TTY 4324 for itself, also requires 'stdin' to be true. Default 4325 is false. 4326 type: boolean 4327 volumeDevices: 4328 description: volumeDevices is the list of block devices 4329 to be used by the container. 4330 items: 4331 description: volumeDevice describes a mapping of a raw 4332 block device within a container. 4333 properties: 4334 devicePath: 4335 description: devicePath is the path inside of the 4336 container that the device will be mapped to. 4337 type: string 4338 name: 4339 description: name must match the name of a persistentVolumeClaim 4340 in the pod 4341 type: string 4342 required: 4343 - devicePath 4344 - name 4345 type: object 4346 type: array 4347 volumeMounts: 4348 description: Pod volumes to mount into the container's filesystem. 4349 Cannot be updated. 4350 items: 4351 description: VolumeMount describes a mounting of a Volume 4352 within a container. 4353 properties: 4354 mountPath: 4355 description: Path within the container at which the 4356 volume should be mounted. Must not contain ':'. 4357 type: string 4358 mountPropagation: 4359 description: mountPropagation determines how mounts 4360 are propagated from the host to container and the 4361 other way around. When not set, MountPropagationNone 4362 is used. This field is beta in 1.10. 4363 type: string 4364 name: 4365 description: This must match the Name of a Volume. 4366 type: string 4367 readOnly: 4368 description: Mounted read-only if true, read-write 4369 otherwise (false or unspecified). Defaults to false. 4370 type: boolean 4371 subPath: 4372 description: Path within the volume from which the 4373 container's volume should be mounted. Defaults to 4374 "" (volume's root). 4375 type: string 4376 subPathExpr: 4377 description: Expanded path within the volume from 4378 which the container's volume should be mounted. 4379 Behaves similarly to SubPath but environment variable 4380 references $(VAR_NAME) are expanded using the container's 4381 environment. Defaults to "" (volume's root). SubPathExpr 4382 and SubPath are mutually exclusive. 4383 type: string 4384 required: 4385 - mountPath 4386 - name 4387 type: object 4388 type: array 4389 workingDir: 4390 description: Container's working directory. If not specified, 4391 the container runtime's default will be used, which might 4392 be configured in the container image. Cannot be updated. 4393 type: string 4394 required: 4395 - name 4396 type: object 4397 type: array 4398 verifytls: 4399 description: VerifyTLS defines whether repo server API should 4400 be accessed using strict TLS validation 4401 type: boolean 4402 version: 4403 description: Version is the ArgoCD Repo Server container image 4404 tag. 4405 type: string 4406 volumeMounts: 4407 description: VolumeMounts adds volumeMounts to the repo server 4408 container 4409 items: 4410 description: VolumeMount describes a mounting of a Volume within 4411 a container. 4412 properties: 4413 mountPath: 4414 description: Path within the container at which the volume 4415 should be mounted. Must not contain ':'. 4416 type: string 4417 mountPropagation: 4418 description: mountPropagation determines how mounts are 4419 propagated from the host to container and the other way 4420 around. When not set, MountPropagationNone is used. This 4421 field is beta in 1.10. 4422 type: string 4423 name: 4424 description: This must match the Name of a Volume. 4425 type: string 4426 readOnly: 4427 description: Mounted read-only if true, read-write otherwise 4428 (false or unspecified). Defaults to false. 4429 type: boolean 4430 subPath: 4431 description: Path within the volume from which the container's 4432 volume should be mounted. Defaults to "" (volume's root). 4433 type: string 4434 subPathExpr: 4435 description: Expanded path within the volume from which 4436 the container's volume should be mounted. Behaves similarly 4437 to SubPath but environment variable references $(VAR_NAME) 4438 are expanded using the container's environment. Defaults 4439 to "" (volume's root). SubPathExpr and SubPath are mutually 4440 exclusive. 4441 type: string 4442 required: 4443 - mountPath 4444 - name 4445 type: object 4446 type: array 4447 volumes: 4448 description: Volumes adds volumes to the repo server deployment 4449 items: 4450 description: Volume represents a named volume in a pod that 4451 may be accessed by any container in the pod. 4452 properties: 4453 awsElasticBlockStore: 4454 description: 'awsElasticBlockStore represents an AWS Disk 4455 resource that is attached to a kubelet''s host machine 4456 and then exposed to the pod. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore' 4457 properties: 4458 fsType: 4459 description: 'fsType is the filesystem type of the volume 4460 that you want to mount. Tip: Ensure that the filesystem 4461 type is supported by the host operating system. Examples: 4462 "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" 4463 if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore 4464 TODO: how do we prevent errors in the filesystem from 4465 compromising the machine' 4466 type: string 4467 partition: 4468 description: 'partition is the partition in the volume 4469 that you want to mount. If omitted, the default is 4470 to mount by volume name. Examples: For volume /dev/sda1, 4471 you specify the partition as "1". Similarly, the volume 4472 partition for /dev/sda is "0" (or you can leave the 4473 property empty).' 4474 format: int32 4475 type: integer 4476 readOnly: 4477 description: 'readOnly value true will force the readOnly 4478 setting in VolumeMounts. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore' 4479 type: boolean 4480 volumeID: 4481 description: 'volumeID is unique ID of the persistent 4482 disk resource in AWS (Amazon EBS volume). More info: 4483 https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore' 4484 type: string 4485 required: 4486 - volumeID 4487 type: object 4488 azureDisk: 4489 description: azureDisk represents an Azure Data Disk mount 4490 on the host and bind mount to the pod. 4491 properties: 4492 cachingMode: 4493 description: 'cachingMode is the Host Caching mode: 4494 None, Read Only, Read Write.' 4495 type: string 4496 diskName: 4497 description: diskName is the Name of the data disk in 4498 the blob storage 4499 type: string 4500 diskURI: 4501 description: diskURI is the URI of data disk in the 4502 blob storage 4503 type: string 4504 fsType: 4505 description: fsType is Filesystem type to mount. Must 4506 be a filesystem type supported by the host operating 4507 system. Ex. "ext4", "xfs", "ntfs". Implicitly inferred 4508 to be "ext4" if unspecified. 4509 type: string 4510 kind: 4511 description: 'kind expected values are Shared: multiple 4512 blob disks per storage account Dedicated: single 4513 blob disk per storage account Managed: azure managed 4514 data disk (only in managed availability set). defaults 4515 to shared' 4516 type: string 4517 readOnly: 4518 description: readOnly Defaults to false (read/write). 4519 ReadOnly here will force the ReadOnly setting in VolumeMounts. 4520 type: boolean 4521 required: 4522 - diskName 4523 - diskURI 4524 type: object 4525 azureFile: 4526 description: azureFile represents an Azure File Service 4527 mount on the host and bind mount to the pod. 4528 properties: 4529 readOnly: 4530 description: readOnly defaults to false (read/write). 4531 ReadOnly here will force the ReadOnly setting in VolumeMounts. 4532 type: boolean 4533 secretName: 4534 description: secretName is the name of secret that 4535 contains Azure Storage Account Name and Key 4536 type: string 4537 shareName: 4538 description: shareName is the azure share Name 4539 type: string 4540 required: 4541 - secretName 4542 - shareName 4543 type: object 4544 cephfs: 4545 description: cephFS represents a Ceph FS mount on the host 4546 that shares a pod's lifetime 4547 properties: 4548 monitors: 4549 description: 'monitors is Required: Monitors is a collection 4550 of Ceph monitors More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it' 4551 items: 4552 type: string 4553 type: array 4554 path: 4555 description: 'path is Optional: Used as the mounted 4556 root, rather than the full Ceph tree, default is /' 4557 type: string 4558 readOnly: 4559 description: 'readOnly is Optional: Defaults to false 4560 (read/write). ReadOnly here will force the ReadOnly 4561 setting in VolumeMounts. More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it' 4562 type: boolean 4563 secretFile: 4564 description: 'secretFile is Optional: SecretFile is 4565 the path to key ring for User, default is /etc/ceph/user.secret 4566 More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it' 4567 type: string 4568 secretRef: 4569 description: 'secretRef is Optional: SecretRef is reference 4570 to the authentication secret for User, default is 4571 empty. More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it' 4572 properties: 4573 name: 4574 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 4575 TODO: Add other useful fields. apiVersion, kind, 4576 uid?' 4577 type: string 4578 type: object 4579 user: 4580 description: 'user is optional: User is the rados user 4581 name, default is admin More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it' 4582 type: string 4583 required: 4584 - monitors 4585 type: object 4586 cinder: 4587 description: 'cinder represents a cinder volume attached 4588 and mounted on kubelets host machine. More info: https://examples.k8s.io/mysql-cinder-pd/README.md' 4589 properties: 4590 fsType: 4591 description: 'fsType is the filesystem type to mount. 4592 Must be a filesystem type supported by the host operating 4593 system. Examples: "ext4", "xfs", "ntfs". Implicitly 4594 inferred to be "ext4" if unspecified. More info: https://examples.k8s.io/mysql-cinder-pd/README.md' 4595 type: string 4596 readOnly: 4597 description: 'readOnly defaults to false (read/write). 4598 ReadOnly here will force the ReadOnly setting in VolumeMounts. 4599 More info: https://examples.k8s.io/mysql-cinder-pd/README.md' 4600 type: boolean 4601 secretRef: 4602 description: 'secretRef is optional: points to a secret 4603 object containing parameters used to connect to OpenStack.' 4604 properties: 4605 name: 4606 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 4607 TODO: Add other useful fields. apiVersion, kind, 4608 uid?' 4609 type: string 4610 type: object 4611 volumeID: 4612 description: 'volumeID used to identify the volume in 4613 cinder. More info: https://examples.k8s.io/mysql-cinder-pd/README.md' 4614 type: string 4615 required: 4616 - volumeID 4617 type: object 4618 configMap: 4619 description: configMap represents a configMap that should 4620 populate this volume 4621 properties: 4622 defaultMode: 4623 description: 'defaultMode is optional: mode bits used 4624 to set permissions on created files by default. Must 4625 be an octal value between 0000 and 0777 or a decimal 4626 value between 0 and 511. YAML accepts both octal and 4627 decimal values, JSON requires decimal values for mode 4628 bits. Defaults to 0644. Directories within the path 4629 are not affected by this setting. This might be in 4630 conflict with other options that affect the file mode, 4631 like fsGroup, and the result can be other mode bits 4632 set.' 4633 format: int32 4634 type: integer 4635 items: 4636 description: items if unspecified, each key-value pair 4637 in the Data field of the referenced ConfigMap will 4638 be projected into the volume as a file whose name 4639 is the key and content is the value. If specified, 4640 the listed keys will be projected into the specified 4641 paths, and unlisted keys will not be present. If a 4642 key is specified which is not present in the ConfigMap, 4643 the volume setup will error unless it is marked optional. 4644 Paths must be relative and may not contain the '..' 4645 path or start with '..'. 4646 items: 4647 description: Maps a string key to a path within a 4648 volume. 4649 properties: 4650 key: 4651 description: key is the key to project. 4652 type: string 4653 mode: 4654 description: 'mode is Optional: mode bits used 4655 to set permissions on this file. Must be an 4656 octal value between 0000 and 0777 or a decimal 4657 value between 0 and 511. YAML accepts both octal 4658 and decimal values, JSON requires decimal values 4659 for mode bits. If not specified, the volume 4660 defaultMode will be used. This might be in conflict 4661 with other options that affect the file mode, 4662 like fsGroup, and the result can be other mode 4663 bits set.' 4664 format: int32 4665 type: integer 4666 path: 4667 description: path is the relative path of the 4668 file to map the key to. May not be an absolute 4669 path. May not contain the path element '..'. 4670 May not start with the string '..'. 4671 type: string 4672 required: 4673 - key 4674 - path 4675 type: object 4676 type: array 4677 name: 4678 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 4679 TODO: Add other useful fields. apiVersion, kind, uid?' 4680 type: string 4681 optional: 4682 description: optional specify whether the ConfigMap 4683 or its keys must be defined 4684 type: boolean 4685 type: object 4686 csi: 4687 description: csi (Container Storage Interface) represents 4688 ephemeral storage that is handled by certain external 4689 CSI drivers (Beta feature). 4690 properties: 4691 driver: 4692 description: driver is the name of the CSI driver that 4693 handles this volume. Consult with your admin for the 4694 correct name as registered in the cluster. 4695 type: string 4696 fsType: 4697 description: fsType to mount. Ex. "ext4", "xfs", "ntfs". 4698 If not provided, the empty value is passed to the 4699 associated CSI driver which will determine the default 4700 filesystem to apply. 4701 type: string 4702 nodePublishSecretRef: 4703 description: nodePublishSecretRef is a reference to 4704 the secret object containing sensitive information 4705 to pass to the CSI driver to complete the CSI NodePublishVolume 4706 and NodeUnpublishVolume calls. This field is optional, 4707 and may be empty if no secret is required. If the 4708 secret object contains more than one secret, all secret 4709 references are passed. 4710 properties: 4711 name: 4712 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 4713 TODO: Add other useful fields. apiVersion, kind, 4714 uid?' 4715 type: string 4716 type: object 4717 readOnly: 4718 description: readOnly specifies a read-only configuration 4719 for the volume. Defaults to false (read/write). 4720 type: boolean 4721 volumeAttributes: 4722 additionalProperties: 4723 type: string 4724 description: volumeAttributes stores driver-specific 4725 properties that are passed to the CSI driver. Consult 4726 your driver's documentation for supported values. 4727 type: object 4728 required: 4729 - driver 4730 type: object 4731 downwardAPI: 4732 description: downwardAPI represents downward API about the 4733 pod that should populate this volume 4734 properties: 4735 defaultMode: 4736 description: 'Optional: mode bits to use on created 4737 files by default. Must be a Optional: mode bits used 4738 to set permissions on created files by default. Must 4739 be an octal value between 0000 and 0777 or a decimal 4740 value between 0 and 511. YAML accepts both octal and 4741 decimal values, JSON requires decimal values for mode 4742 bits. Defaults to 0644. Directories within the path 4743 are not affected by this setting. This might be in 4744 conflict with other options that affect the file mode, 4745 like fsGroup, and the result can be other mode bits 4746 set.' 4747 format: int32 4748 type: integer 4749 items: 4750 description: Items is a list of downward API volume 4751 file 4752 items: 4753 description: DownwardAPIVolumeFile represents information 4754 to create the file containing the pod field 4755 properties: 4756 fieldRef: 4757 description: 'Required: Selects a field of the 4758 pod: only annotations, labels, name and namespace 4759 are supported.' 4760 properties: 4761 apiVersion: 4762 description: Version of the schema the FieldPath 4763 is written in terms of, defaults to "v1". 4764 type: string 4765 fieldPath: 4766 description: Path of the field to select in 4767 the specified API version. 4768 type: string 4769 required: 4770 - fieldPath 4771 type: object 4772 mode: 4773 description: 'Optional: mode bits used to set 4774 permissions on this file, must be an octal value 4775 between 0000 and 0777 or a decimal value between 4776 0 and 511. YAML accepts both octal and decimal 4777 values, JSON requires decimal values for mode 4778 bits. If not specified, the volume defaultMode 4779 will be used. This might be in conflict with 4780 other options that affect the file mode, like 4781 fsGroup, and the result can be other mode bits 4782 set.' 4783 format: int32 4784 type: integer 4785 path: 4786 description: 'Required: Path is the relative 4787 path name of the file to be created. Must not 4788 be absolute or contain the ''..'' path. Must 4789 be utf-8 encoded. The first item of the relative 4790 path must not start with ''..''' 4791 type: string 4792 resourceFieldRef: 4793 description: 'Selects a resource of the container: 4794 only resources limits and requests (limits.cpu, 4795 limits.memory, requests.cpu and requests.memory) 4796 are currently supported.' 4797 properties: 4798 containerName: 4799 description: 'Container name: required for 4800 volumes, optional for env vars' 4801 type: string 4802 divisor: 4803 anyOf: 4804 - type: integer 4805 - type: string 4806 description: Specifies the output format of 4807 the exposed resources, defaults to "1" 4808 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 4809 x-kubernetes-int-or-string: true 4810 resource: 4811 description: 'Required: resource to select' 4812 type: string 4813 required: 4814 - resource 4815 type: object 4816 required: 4817 - path 4818 type: object 4819 type: array 4820 type: object 4821 emptyDir: 4822 description: 'emptyDir represents a temporary directory 4823 that shares a pod''s lifetime. More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir' 4824 properties: 4825 medium: 4826 description: 'medium represents what type of storage 4827 medium should back this directory. The default is 4828 "" which means to use the node''s default medium. 4829 Must be an empty string (default) or Memory. More 4830 info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir' 4831 type: string 4832 sizeLimit: 4833 anyOf: 4834 - type: integer 4835 - type: string 4836 description: 'sizeLimit is the total amount of local 4837 storage required for this EmptyDir volume. The size 4838 limit is also applicable for memory medium. The maximum 4839 usage on memory medium EmptyDir would be the minimum 4840 value between the SizeLimit specified here and the 4841 sum of memory limits of all containers in a pod. The 4842 default is nil which means that the limit is undefined. 4843 More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir' 4844 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 4845 x-kubernetes-int-or-string: true 4846 type: object 4847 ephemeral: 4848 description: "ephemeral represents a volume that is handled 4849 by a cluster storage driver. The volume's lifecycle is 4850 tied to the pod that defines it - it will be created before 4851 the pod starts, and deleted when the pod is removed. \n 4852 Use this if: a) the volume is only needed while the pod 4853 runs, b) features of normal volumes like restoring from 4854 snapshot or capacity tracking are needed, c) the storage 4855 driver is specified through a storage class, and d) the 4856 storage driver supports dynamic volume provisioning through 4857 \ a PersistentVolumeClaim (see EphemeralVolumeSource 4858 for more information on the connection between this 4859 volume type and PersistentVolumeClaim). \n Use PersistentVolumeClaim 4860 or one of the vendor-specific APIs for volumes that persist 4861 for longer than the lifecycle of an individual pod. \n 4862 Use CSI for light-weight local ephemeral volumes if the 4863 CSI driver is meant to be used that way - see the documentation 4864 of the driver for more information. \n A pod can use both 4865 types of ephemeral volumes and persistent volumes at the 4866 same time." 4867 properties: 4868 volumeClaimTemplate: 4869 description: "Will be used to create a stand-alone PVC 4870 to provision the volume. The pod in which this EphemeralVolumeSource 4871 is embedded will be the owner of the PVC, i.e. the 4872 PVC will be deleted together with the pod. The name 4873 of the PVC will be `<pod name>-<volume name>` where 4874 `<volume name>` is the name from the `PodSpec.Volumes` 4875 array entry. Pod validation will reject the pod if 4876 the concatenated name is not valid for a PVC (for 4877 example, too long). \n An existing PVC with that name 4878 that is not owned by the pod will *not* be used for 4879 the pod to avoid using an unrelated volume by mistake. 4880 Starting the pod is then blocked until the unrelated 4881 PVC is removed. If such a pre-created PVC is meant 4882 to be used by the pod, the PVC has to updated with 4883 an owner reference to the pod once the pod exists. 4884 Normally this should not be necessary, but it may 4885 be useful when manually reconstructing a broken cluster. 4886 \n This field is read-only and no changes will be 4887 made by Kubernetes to the PVC after it has been created. 4888 \n Required, must not be nil." 4889 properties: 4890 metadata: 4891 description: May contain labels and annotations 4892 that will be copied into the PVC when creating 4893 it. No other fields are allowed and will be rejected 4894 during validation. 4895 type: object 4896 spec: 4897 description: The specification for the PersistentVolumeClaim. 4898 The entire content is copied unchanged into the 4899 PVC that gets created from this template. The 4900 same fields as in a PersistentVolumeClaim are 4901 also valid here. 4902 properties: 4903 accessModes: 4904 description: 'accessModes contains the desired 4905 access modes the volume should have. More 4906 info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1' 4907 items: 4908 type: string 4909 type: array 4910 dataSource: 4911 description: 'dataSource field can be used to 4912 specify either: * An existing VolumeSnapshot 4913 object (snapshot.storage.k8s.io/VolumeSnapshot) 4914 * An existing PVC (PersistentVolumeClaim) 4915 If the provisioner or an external controller 4916 can support the specified data source, it 4917 will create a new volume based on the contents 4918 of the specified data source. When the AnyVolumeDataSource 4919 feature gate is enabled, dataSource contents 4920 will be copied to dataSourceRef, and dataSourceRef 4921 contents will be copied to dataSource when 4922 dataSourceRef.namespace is not specified. 4923 If the namespace is specified, then dataSourceRef 4924 will not be copied to dataSource.' 4925 properties: 4926 apiGroup: 4927 description: APIGroup is the group for the 4928 resource being referenced. If APIGroup 4929 is not specified, the specified Kind must 4930 be in the core API group. For any other 4931 third-party types, APIGroup is required. 4932 type: string 4933 kind: 4934 description: Kind is the type of resource 4935 being referenced 4936 type: string 4937 name: 4938 description: Name is the name of resource 4939 being referenced 4940 type: string 4941 required: 4942 - kind 4943 - name 4944 type: object 4945 dataSourceRef: 4946 description: 'dataSourceRef specifies the object 4947 from which to populate the volume with data, 4948 if a non-empty volume is desired. This may 4949 be any object from a non-empty API group (non 4950 core object) or a PersistentVolumeClaim object. 4951 When this field is specified, volume binding 4952 will only succeed if the type of the specified 4953 object matches some installed volume populator 4954 or dynamic provisioner. This field will replace 4955 the functionality of the dataSource field 4956 and as such if both fields are non-empty, 4957 they must have the same value. For backwards 4958 compatibility, when namespace isn''t specified 4959 in dataSourceRef, both fields (dataSource 4960 and dataSourceRef) will be set to the same 4961 value automatically if one of them is empty 4962 and the other is non-empty. When namespace 4963 is specified in dataSourceRef, dataSource 4964 isn''t set to the same value and must be empty. 4965 There are three important differences between 4966 dataSource and dataSourceRef: * While dataSource 4967 only allows two specific types of objects, 4968 dataSourceRef allows any non-core object, 4969 as well as PersistentVolumeClaim objects. 4970 * While dataSource ignores disallowed values 4971 (dropping them), dataSourceRef preserves 4972 all values, and generates an error if a disallowed 4973 value is specified. * While dataSource only 4974 allows local objects, dataSourceRef allows 4975 objects in any namespaces. (Beta) Using 4976 this field requires the AnyVolumeDataSource 4977 feature gate to be enabled. (Alpha) Using 4978 the namespace field of dataSourceRef requires 4979 the CrossNamespaceVolumeDataSource feature 4980 gate to be enabled.' 4981 properties: 4982 apiGroup: 4983 description: APIGroup is the group for the 4984 resource being referenced. If APIGroup 4985 is not specified, the specified Kind must 4986 be in the core API group. For any other 4987 third-party types, APIGroup is required. 4988 type: string 4989 kind: 4990 description: Kind is the type of resource 4991 being referenced 4992 type: string 4993 name: 4994 description: Name is the name of resource 4995 being referenced 4996 type: string 4997 namespace: 4998 description: Namespace is the namespace 4999 of resource being referenced Note that 5000 when a namespace is specified, a gateway.networking.k8s.io/ReferenceGrant 5001 object is required in the referent namespace 5002 to allow that namespace's owner to accept 5003 the reference. See the ReferenceGrant 5004 documentation for details. (Alpha) This 5005 field requires the CrossNamespaceVolumeDataSource 5006 feature gate to be enabled. 5007 type: string 5008 required: 5009 - kind 5010 - name 5011 type: object 5012 resources: 5013 description: 'resources represents the minimum 5014 resources the volume should have. If RecoverVolumeExpansionFailure 5015 feature is enabled users are allowed to specify 5016 resource requirements that are lower than 5017 previous value but must still be higher than 5018 capacity recorded in the status field of the 5019 claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources' 5020 properties: 5021 claims: 5022 description: "Claims lists the names of 5023 resources, defined in spec.resourceClaims, 5024 that are used by this container. \n This 5025 is an alpha field and requires enabling 5026 the DynamicResourceAllocation feature 5027 gate. \n This field is immutable. It can 5028 only be set for containers." 5029 items: 5030 description: ResourceClaim references 5031 one entry in PodSpec.ResourceClaims. 5032 properties: 5033 name: 5034 description: Name must match the name 5035 of one entry in pod.spec.resourceClaims 5036 of the Pod where this field is used. 5037 It makes that resource available 5038 inside a container. 5039 type: string 5040 required: 5041 - name 5042 type: object 5043 type: array 5044 x-kubernetes-list-map-keys: 5045 - name 5046 x-kubernetes-list-type: map 5047 limits: 5048 additionalProperties: 5049 anyOf: 5050 - type: integer 5051 - type: string 5052 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 5053 x-kubernetes-int-or-string: true 5054 description: 'Limits describes the maximum 5055 amount of compute resources allowed. More 5056 info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' 5057 type: object 5058 requests: 5059 additionalProperties: 5060 anyOf: 5061 - type: integer 5062 - type: string 5063 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 5064 x-kubernetes-int-or-string: true 5065 description: 'Requests describes the minimum 5066 amount of compute resources required. 5067 If Requests is omitted for a container, 5068 it defaults to Limits if that is explicitly 5069 specified, otherwise to an implementation-defined 5070 value. Requests cannot exceed Limits. 5071 More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' 5072 type: object 5073 type: object 5074 selector: 5075 description: selector is a label query over 5076 volumes to consider for binding. 5077 properties: 5078 matchExpressions: 5079 description: matchExpressions is a list 5080 of label selector requirements. The requirements 5081 are ANDed. 5082 items: 5083 description: A label selector requirement 5084 is a selector that contains values, 5085 a key, and an operator that relates 5086 the key and values. 5087 properties: 5088 key: 5089 description: key is the label key 5090 that the selector applies to. 5091 type: string 5092 operator: 5093 description: operator represents a 5094 key's relationship to a set of values. 5095 Valid operators are In, NotIn, Exists 5096 and DoesNotExist. 5097 type: string 5098 values: 5099 description: values is an array of 5100 string values. If the operator is 5101 In or NotIn, the values array must 5102 be non-empty. If the operator is 5103 Exists or DoesNotExist, the values 5104 array must be empty. This array 5105 is replaced during a strategic merge 5106 patch. 5107 items: 5108 type: string 5109 type: array 5110 required: 5111 - key 5112 - operator 5113 type: object 5114 type: array 5115 matchLabels: 5116 additionalProperties: 5117 type: string 5118 description: matchLabels is a map of {key,value} 5119 pairs. A single {key,value} in the matchLabels 5120 map is equivalent to an element of matchExpressions, 5121 whose key field is "key", the operator 5122 is "In", and the values array contains 5123 only "value". The requirements are ANDed. 5124 type: object 5125 type: object 5126 storageClassName: 5127 description: 'storageClassName is the name of 5128 the StorageClass required by the claim. More 5129 info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1' 5130 type: string 5131 volumeMode: 5132 description: volumeMode defines what type of 5133 volume is required by the claim. Value of 5134 Filesystem is implied when not included in 5135 claim spec. 5136 type: string 5137 volumeName: 5138 description: volumeName is the binding reference 5139 to the PersistentVolume backing this claim. 5140 type: string 5141 type: object 5142 required: 5143 - spec 5144 type: object 5145 type: object 5146 fc: 5147 description: fc represents a Fibre Channel resource that 5148 is attached to a kubelet's host machine and then exposed 5149 to the pod. 5150 properties: 5151 fsType: 5152 description: 'fsType is the filesystem type to mount. 5153 Must be a filesystem type supported by the host operating 5154 system. Ex. "ext4", "xfs", "ntfs". Implicitly inferred 5155 to be "ext4" if unspecified. TODO: how do we prevent 5156 errors in the filesystem from compromising the machine' 5157 type: string 5158 lun: 5159 description: 'lun is Optional: FC target lun number' 5160 format: int32 5161 type: integer 5162 readOnly: 5163 description: 'readOnly is Optional: Defaults to false 5164 (read/write). ReadOnly here will force the ReadOnly 5165 setting in VolumeMounts.' 5166 type: boolean 5167 targetWWNs: 5168 description: 'targetWWNs is Optional: FC target worldwide 5169 names (WWNs)' 5170 items: 5171 type: string 5172 type: array 5173 wwids: 5174 description: 'wwids Optional: FC volume world wide identifiers 5175 (wwids) Either wwids or combination of targetWWNs 5176 and lun must be set, but not both simultaneously.' 5177 items: 5178 type: string 5179 type: array 5180 type: object 5181 flexVolume: 5182 description: flexVolume represents a generic volume resource 5183 that is provisioned/attached using an exec based plugin. 5184 properties: 5185 driver: 5186 description: driver is the name of the driver to use 5187 for this volume. 5188 type: string 5189 fsType: 5190 description: fsType is the filesystem type to mount. 5191 Must be a filesystem type supported by the host operating 5192 system. Ex. "ext4", "xfs", "ntfs". The default filesystem 5193 depends on FlexVolume script. 5194 type: string 5195 options: 5196 additionalProperties: 5197 type: string 5198 description: 'options is Optional: this field holds 5199 extra command options if any.' 5200 type: object 5201 readOnly: 5202 description: 'readOnly is Optional: defaults to false 5203 (read/write). ReadOnly here will force the ReadOnly 5204 setting in VolumeMounts.' 5205 type: boolean 5206 secretRef: 5207 description: 'secretRef is Optional: secretRef is reference 5208 to the secret object containing sensitive information 5209 to pass to the plugin scripts. This may be empty if 5210 no secret object is specified. If the secret object 5211 contains more than one secret, all secrets are passed 5212 to the plugin scripts.' 5213 properties: 5214 name: 5215 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 5216 TODO: Add other useful fields. apiVersion, kind, 5217 uid?' 5218 type: string 5219 type: object 5220 required: 5221 - driver 5222 type: object 5223 flocker: 5224 description: flocker represents a Flocker volume attached 5225 to a kubelet's host machine. This depends on the Flocker 5226 control service being running 5227 properties: 5228 datasetName: 5229 description: datasetName is Name of the dataset stored 5230 as metadata -> name on the dataset for Flocker should 5231 be considered as deprecated 5232 type: string 5233 datasetUUID: 5234 description: datasetUUID is the UUID of the dataset. 5235 This is unique identifier of a Flocker dataset 5236 type: string 5237 type: object 5238 gcePersistentDisk: 5239 description: 'gcePersistentDisk represents a GCE Disk resource 5240 that is attached to a kubelet''s host machine and then 5241 exposed to the pod. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk' 5242 properties: 5243 fsType: 5244 description: 'fsType is filesystem type of the volume 5245 that you want to mount. Tip: Ensure that the filesystem 5246 type is supported by the host operating system. Examples: 5247 "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" 5248 if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk 5249 TODO: how do we prevent errors in the filesystem from 5250 compromising the machine' 5251 type: string 5252 partition: 5253 description: 'partition is the partition in the volume 5254 that you want to mount. If omitted, the default is 5255 to mount by volume name. Examples: For volume /dev/sda1, 5256 you specify the partition as "1". Similarly, the volume 5257 partition for /dev/sda is "0" (or you can leave the 5258 property empty). More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk' 5259 format: int32 5260 type: integer 5261 pdName: 5262 description: 'pdName is unique name of the PD resource 5263 in GCE. Used to identify the disk in GCE. More info: 5264 https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk' 5265 type: string 5266 readOnly: 5267 description: 'readOnly here will force the ReadOnly 5268 setting in VolumeMounts. Defaults to false. More info: 5269 https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk' 5270 type: boolean 5271 required: 5272 - pdName 5273 type: object 5274 gitRepo: 5275 description: 'gitRepo represents a git repository at a particular 5276 revision. DEPRECATED: GitRepo is deprecated. To provision 5277 a container with a git repo, mount an EmptyDir into an 5278 InitContainer that clones the repo using git, then mount 5279 the EmptyDir into the Pod''s container.' 5280 properties: 5281 directory: 5282 description: directory is the target directory name. 5283 Must not contain or start with '..'. If '.' is supplied, 5284 the volume directory will be the git repository. Otherwise, 5285 if specified, the volume will contain the git repository 5286 in the subdirectory with the given name. 5287 type: string 5288 repository: 5289 description: repository is the URL 5290 type: string 5291 revision: 5292 description: revision is the commit hash for the specified 5293 revision. 5294 type: string 5295 required: 5296 - repository 5297 type: object 5298 glusterfs: 5299 description: 'glusterfs represents a Glusterfs mount on 5300 the host that shares a pod''s lifetime. More info: https://examples.k8s.io/volumes/glusterfs/README.md' 5301 properties: 5302 endpoints: 5303 description: 'endpoints is the endpoint name that details 5304 Glusterfs topology. More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod' 5305 type: string 5306 path: 5307 description: 'path is the Glusterfs volume path. More 5308 info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod' 5309 type: string 5310 readOnly: 5311 description: 'readOnly here will force the Glusterfs 5312 volume to be mounted with read-only permissions. Defaults 5313 to false. More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod' 5314 type: boolean 5315 required: 5316 - endpoints 5317 - path 5318 type: object 5319 hostPath: 5320 description: 'hostPath represents a pre-existing file or 5321 directory on the host machine that is directly exposed 5322 to the container. This is generally used for system agents 5323 or other privileged things that are allowed to see the 5324 host machine. Most containers will NOT need this. More 5325 info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath 5326 --- TODO(jonesdl) We need to restrict who can use host 5327 directory mounts and who can/can not mount host directories 5328 as read/write.' 5329 properties: 5330 path: 5331 description: 'path of the directory on the host. If 5332 the path is a symlink, it will follow the link to 5333 the real path. More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath' 5334 type: string 5335 type: 5336 description: 'type for HostPath Volume Defaults to "" 5337 More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath' 5338 type: string 5339 required: 5340 - path 5341 type: object 5342 iscsi: 5343 description: 'iscsi represents an ISCSI Disk resource that 5344 is attached to a kubelet''s host machine and then exposed 5345 to the pod. More info: https://examples.k8s.io/volumes/iscsi/README.md' 5346 properties: 5347 chapAuthDiscovery: 5348 description: chapAuthDiscovery defines whether support 5349 iSCSI Discovery CHAP authentication 5350 type: boolean 5351 chapAuthSession: 5352 description: chapAuthSession defines whether support 5353 iSCSI Session CHAP authentication 5354 type: boolean 5355 fsType: 5356 description: 'fsType is the filesystem type of the volume 5357 that you want to mount. Tip: Ensure that the filesystem 5358 type is supported by the host operating system. Examples: 5359 "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" 5360 if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#iscsi 5361 TODO: how do we prevent errors in the filesystem from 5362 compromising the machine' 5363 type: string 5364 initiatorName: 5365 description: initiatorName is the custom iSCSI Initiator 5366 Name. If initiatorName is specified with iscsiInterface 5367 simultaneously, new iSCSI interface <target portal>:<volume 5368 name> will be created for the connection. 5369 type: string 5370 iqn: 5371 description: iqn is the target iSCSI Qualified Name. 5372 type: string 5373 iscsiInterface: 5374 description: iscsiInterface is the interface Name that 5375 uses an iSCSI transport. Defaults to 'default' (tcp). 5376 type: string 5377 lun: 5378 description: lun represents iSCSI Target Lun number. 5379 format: int32 5380 type: integer 5381 portals: 5382 description: portals is the iSCSI Target Portal List. 5383 The portal is either an IP or ip_addr:port if the 5384 port is other than default (typically TCP ports 860 5385 and 3260). 5386 items: 5387 type: string 5388 type: array 5389 readOnly: 5390 description: readOnly here will force the ReadOnly setting 5391 in VolumeMounts. Defaults to false. 5392 type: boolean 5393 secretRef: 5394 description: secretRef is the CHAP Secret for iSCSI 5395 target and initiator authentication 5396 properties: 5397 name: 5398 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 5399 TODO: Add other useful fields. apiVersion, kind, 5400 uid?' 5401 type: string 5402 type: object 5403 targetPortal: 5404 description: targetPortal is iSCSI Target Portal. The 5405 Portal is either an IP or ip_addr:port if the port 5406 is other than default (typically TCP ports 860 and 5407 3260). 5408 type: string 5409 required: 5410 - iqn 5411 - lun 5412 - targetPortal 5413 type: object 5414 name: 5415 description: 'name of the volume. Must be a DNS_LABEL and 5416 unique within the pod. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' 5417 type: string 5418 nfs: 5419 description: 'nfs represents an NFS mount on the host that 5420 shares a pod''s lifetime More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs' 5421 properties: 5422 path: 5423 description: 'path that is exported by the NFS server. 5424 More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs' 5425 type: string 5426 readOnly: 5427 description: 'readOnly here will force the NFS export 5428 to be mounted with read-only permissions. Defaults 5429 to false. More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs' 5430 type: boolean 5431 server: 5432 description: 'server is the hostname or IP address of 5433 the NFS server. More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs' 5434 type: string 5435 required: 5436 - path 5437 - server 5438 type: object 5439 persistentVolumeClaim: 5440 description: 'persistentVolumeClaimVolumeSource represents 5441 a reference to a PersistentVolumeClaim in the same namespace. 5442 More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims' 5443 properties: 5444 claimName: 5445 description: 'claimName is the name of a PersistentVolumeClaim 5446 in the same namespace as the pod using this volume. 5447 More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims' 5448 type: string 5449 readOnly: 5450 description: readOnly Will force the ReadOnly setting 5451 in VolumeMounts. Default false. 5452 type: boolean 5453 required: 5454 - claimName 5455 type: object 5456 photonPersistentDisk: 5457 description: photonPersistentDisk represents a PhotonController 5458 persistent disk attached and mounted on kubelets host 5459 machine 5460 properties: 5461 fsType: 5462 description: fsType is the filesystem type to mount. 5463 Must be a filesystem type supported by the host operating 5464 system. Ex. "ext4", "xfs", "ntfs". Implicitly inferred 5465 to be "ext4" if unspecified. 5466 type: string 5467 pdID: 5468 description: pdID is the ID that identifies Photon Controller 5469 persistent disk 5470 type: string 5471 required: 5472 - pdID 5473 type: object 5474 portworxVolume: 5475 description: portworxVolume represents a portworx volume 5476 attached and mounted on kubelets host machine 5477 properties: 5478 fsType: 5479 description: fSType represents the filesystem type to 5480 mount Must be a filesystem type supported by the host 5481 operating system. Ex. "ext4", "xfs". Implicitly inferred 5482 to be "ext4" if unspecified. 5483 type: string 5484 readOnly: 5485 description: readOnly defaults to false (read/write). 5486 ReadOnly here will force the ReadOnly setting in VolumeMounts. 5487 type: boolean 5488 volumeID: 5489 description: volumeID uniquely identifies a Portworx 5490 volume 5491 type: string 5492 required: 5493 - volumeID 5494 type: object 5495 projected: 5496 description: projected items for all in one resources secrets, 5497 configmaps, and downward API 5498 properties: 5499 defaultMode: 5500 description: defaultMode are the mode bits used to set 5501 permissions on created files by default. Must be an 5502 octal value between 0000 and 0777 or a decimal value 5503 between 0 and 511. YAML accepts both octal and decimal 5504 values, JSON requires decimal values for mode bits. 5505 Directories within the path are not affected by this 5506 setting. This might be in conflict with other options 5507 that affect the file mode, like fsGroup, and the result 5508 can be other mode bits set. 5509 format: int32 5510 type: integer 5511 sources: 5512 description: sources is the list of volume projections 5513 items: 5514 description: Projection that may be projected along 5515 with other supported volume types 5516 properties: 5517 configMap: 5518 description: configMap information about the configMap 5519 data to project 5520 properties: 5521 items: 5522 description: items if unspecified, each key-value 5523 pair in the Data field of the referenced 5524 ConfigMap will be projected into the volume 5525 as a file whose name is the key and content 5526 is the value. If specified, the listed keys 5527 will be projected into the specified paths, 5528 and unlisted keys will not be present. If 5529 a key is specified which is not present 5530 in the ConfigMap, the volume setup will 5531 error unless it is marked optional. Paths 5532 must be relative and may not contain the 5533 '..' path or start with '..'. 5534 items: 5535 description: Maps a string key to a path 5536 within a volume. 5537 properties: 5538 key: 5539 description: key is the key to project. 5540 type: string 5541 mode: 5542 description: 'mode is Optional: mode 5543 bits used to set permissions on this 5544 file. Must be an octal value between 5545 0000 and 0777 or a decimal value between 5546 0 and 511. YAML accepts both octal 5547 and decimal values, JSON requires 5548 decimal values for mode bits. If not 5549 specified, the volume defaultMode 5550 will be used. This might be in conflict 5551 with other options that affect the 5552 file mode, like fsGroup, and the result 5553 can be other mode bits set.' 5554 format: int32 5555 type: integer 5556 path: 5557 description: path is the relative path 5558 of the file to map the key to. May 5559 not be an absolute path. May not contain 5560 the path element '..'. May not start 5561 with the string '..'. 5562 type: string 5563 required: 5564 - key 5565 - path 5566 type: object 5567 type: array 5568 name: 5569 description: 'Name of the referent. More info: 5570 https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 5571 TODO: Add other useful fields. apiVersion, 5572 kind, uid?' 5573 type: string 5574 optional: 5575 description: optional specify whether the 5576 ConfigMap or its keys must be defined 5577 type: boolean 5578 type: object 5579 downwardAPI: 5580 description: downwardAPI information about the 5581 downwardAPI data to project 5582 properties: 5583 items: 5584 description: Items is a list of DownwardAPIVolume 5585 file 5586 items: 5587 description: DownwardAPIVolumeFile represents 5588 information to create the file containing 5589 the pod field 5590 properties: 5591 fieldRef: 5592 description: 'Required: Selects a field 5593 of the pod: only annotations, labels, 5594 name and namespace are supported.' 5595 properties: 5596 apiVersion: 5597 description: Version of the schema 5598 the FieldPath is written in terms 5599 of, defaults to "v1". 5600 type: string 5601 fieldPath: 5602 description: Path of the field to 5603 select in the specified API version. 5604 type: string 5605 required: 5606 - fieldPath 5607 type: object 5608 mode: 5609 description: 'Optional: mode bits used 5610 to set permissions on this file, must 5611 be an octal value between 0000 and 5612 0777 or a decimal value between 0 5613 and 511. YAML accepts both octal and 5614 decimal values, JSON requires decimal 5615 values for mode bits. If not specified, 5616 the volume defaultMode will be used. 5617 This might be in conflict with other 5618 options that affect the file mode, 5619 like fsGroup, and the result can be 5620 other mode bits set.' 5621 format: int32 5622 type: integer 5623 path: 5624 description: 'Required: Path is the 5625 relative path name of the file to 5626 be created. Must not be absolute or 5627 contain the ''..'' path. Must be utf-8 5628 encoded. The first item of the relative 5629 path must not start with ''..''' 5630 type: string 5631 resourceFieldRef: 5632 description: 'Selects a resource of 5633 the container: only resources limits 5634 and requests (limits.cpu, limits.memory, 5635 requests.cpu and requests.memory) 5636 are currently supported.' 5637 properties: 5638 containerName: 5639 description: 'Container name: required 5640 for volumes, optional for env 5641 vars' 5642 type: string 5643 divisor: 5644 anyOf: 5645 - type: integer 5646 - type: string 5647 description: Specifies the output 5648 format of the exposed resources, 5649 defaults to "1" 5650 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 5651 x-kubernetes-int-or-string: true 5652 resource: 5653 description: 'Required: resource 5654 to select' 5655 type: string 5656 required: 5657 - resource 5658 type: object 5659 required: 5660 - path 5661 type: object 5662 type: array 5663 type: object 5664 secret: 5665 description: secret information about the secret 5666 data to project 5667 properties: 5668 items: 5669 description: items if unspecified, each key-value 5670 pair in the Data field of the referenced 5671 Secret will be projected into the volume 5672 as a file whose name is the key and content 5673 is the value. If specified, the listed keys 5674 will be projected into the specified paths, 5675 and unlisted keys will not be present. If 5676 a key is specified which is not present 5677 in the Secret, the volume setup will error 5678 unless it is marked optional. Paths must 5679 be relative and may not contain the '..' 5680 path or start with '..'. 5681 items: 5682 description: Maps a string key to a path 5683 within a volume. 5684 properties: 5685 key: 5686 description: key is the key to project. 5687 type: string 5688 mode: 5689 description: 'mode is Optional: mode 5690 bits used to set permissions on this 5691 file. Must be an octal value between 5692 0000 and 0777 or a decimal value between 5693 0 and 511. YAML accepts both octal 5694 and decimal values, JSON requires 5695 decimal values for mode bits. If not 5696 specified, the volume defaultMode 5697 will be used. This might be in conflict 5698 with other options that affect the 5699 file mode, like fsGroup, and the result 5700 can be other mode bits set.' 5701 format: int32 5702 type: integer 5703 path: 5704 description: path is the relative path 5705 of the file to map the key to. May 5706 not be an absolute path. May not contain 5707 the path element '..'. May not start 5708 with the string '..'. 5709 type: string 5710 required: 5711 - key 5712 - path 5713 type: object 5714 type: array 5715 name: 5716 description: 'Name of the referent. More info: 5717 https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 5718 TODO: Add other useful fields. apiVersion, 5719 kind, uid?' 5720 type: string 5721 optional: 5722 description: optional field specify whether 5723 the Secret or its key must be defined 5724 type: boolean 5725 type: object 5726 serviceAccountToken: 5727 description: serviceAccountToken is information 5728 about the serviceAccountToken data to project 5729 properties: 5730 audience: 5731 description: audience is the intended audience 5732 of the token. A recipient of a token must 5733 identify itself with an identifier specified 5734 in the audience of the token, and otherwise 5735 should reject the token. The audience defaults 5736 to the identifier of the apiserver. 5737 type: string 5738 expirationSeconds: 5739 description: expirationSeconds is the requested 5740 duration of validity of the service account 5741 token. As the token approaches expiration, 5742 the kubelet volume plugin will proactively 5743 rotate the service account token. The kubelet 5744 will start trying to rotate the token if 5745 the token is older than 80 percent of its 5746 time to live or if the token is older than 5747 24 hours.Defaults to 1 hour and must be 5748 at least 10 minutes. 5749 format: int64 5750 type: integer 5751 path: 5752 description: path is the path relative to 5753 the mount point of the file to project the 5754 token into. 5755 type: string 5756 required: 5757 - path 5758 type: object 5759 type: object 5760 type: array 5761 type: object 5762 quobyte: 5763 description: quobyte represents a Quobyte mount on the host 5764 that shares a pod's lifetime 5765 properties: 5766 group: 5767 description: group to map volume access to Default is 5768 no group 5769 type: string 5770 readOnly: 5771 description: readOnly here will force the Quobyte volume 5772 to be mounted with read-only permissions. Defaults 5773 to false. 5774 type: boolean 5775 registry: 5776 description: registry represents a single or multiple 5777 Quobyte Registry services specified as a string as 5778 host:port pair (multiple entries are separated with 5779 commas) which acts as the central registry for volumes 5780 type: string 5781 tenant: 5782 description: tenant owning the given Quobyte volume 5783 in the Backend Used with dynamically provisioned Quobyte 5784 volumes, value is set by the plugin 5785 type: string 5786 user: 5787 description: user to map volume access to Defaults to 5788 serivceaccount user 5789 type: string 5790 volume: 5791 description: volume is a string that references an already 5792 created Quobyte volume by name. 5793 type: string 5794 required: 5795 - registry 5796 - volume 5797 type: object 5798 rbd: 5799 description: 'rbd represents a Rados Block Device mount 5800 on the host that shares a pod''s lifetime. More info: 5801 https://examples.k8s.io/volumes/rbd/README.md' 5802 properties: 5803 fsType: 5804 description: 'fsType is the filesystem type of the volume 5805 that you want to mount. Tip: Ensure that the filesystem 5806 type is supported by the host operating system. Examples: 5807 "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" 5808 if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#rbd 5809 TODO: how do we prevent errors in the filesystem from 5810 compromising the machine' 5811 type: string 5812 image: 5813 description: 'image is the rados image name. More info: 5814 https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' 5815 type: string 5816 keyring: 5817 description: 'keyring is the path to key ring for RBDUser. 5818 Default is /etc/ceph/keyring. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' 5819 type: string 5820 monitors: 5821 description: 'monitors is a collection of Ceph monitors. 5822 More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' 5823 items: 5824 type: string 5825 type: array 5826 pool: 5827 description: 'pool is the rados pool name. Default is 5828 rbd. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' 5829 type: string 5830 readOnly: 5831 description: 'readOnly here will force the ReadOnly 5832 setting in VolumeMounts. Defaults to false. More info: 5833 https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' 5834 type: boolean 5835 secretRef: 5836 description: 'secretRef is name of the authentication 5837 secret for RBDUser. If provided overrides keyring. 5838 Default is nil. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' 5839 properties: 5840 name: 5841 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 5842 TODO: Add other useful fields. apiVersion, kind, 5843 uid?' 5844 type: string 5845 type: object 5846 user: 5847 description: 'user is the rados user name. Default is 5848 admin. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' 5849 type: string 5850 required: 5851 - image 5852 - monitors 5853 type: object 5854 scaleIO: 5855 description: scaleIO represents a ScaleIO persistent volume 5856 attached and mounted on Kubernetes nodes. 5857 properties: 5858 fsType: 5859 description: fsType is the filesystem type to mount. 5860 Must be a filesystem type supported by the host operating 5861 system. Ex. "ext4", "xfs", "ntfs". Default is "xfs". 5862 type: string 5863 gateway: 5864 description: gateway is the host address of the ScaleIO 5865 API Gateway. 5866 type: string 5867 protectionDomain: 5868 description: protectionDomain is the name of the ScaleIO 5869 Protection Domain for the configured storage. 5870 type: string 5871 readOnly: 5872 description: readOnly Defaults to false (read/write). 5873 ReadOnly here will force the ReadOnly setting in VolumeMounts. 5874 type: boolean 5875 secretRef: 5876 description: secretRef references to the secret for 5877 ScaleIO user and other sensitive information. If this 5878 is not provided, Login operation will fail. 5879 properties: 5880 name: 5881 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 5882 TODO: Add other useful fields. apiVersion, kind, 5883 uid?' 5884 type: string 5885 type: object 5886 sslEnabled: 5887 description: sslEnabled Flag enable/disable SSL communication 5888 with Gateway, default false 5889 type: boolean 5890 storageMode: 5891 description: storageMode indicates whether the storage 5892 for a volume should be ThickProvisioned or ThinProvisioned. 5893 Default is ThinProvisioned. 5894 type: string 5895 storagePool: 5896 description: storagePool is the ScaleIO Storage Pool 5897 associated with the protection domain. 5898 type: string 5899 system: 5900 description: system is the name of the storage system 5901 as configured in ScaleIO. 5902 type: string 5903 volumeName: 5904 description: volumeName is the name of a volume already 5905 created in the ScaleIO system that is associated with 5906 this volume source. 5907 type: string 5908 required: 5909 - gateway 5910 - secretRef 5911 - system 5912 type: object 5913 secret: 5914 description: 'secret represents a secret that should populate 5915 this volume. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret' 5916 properties: 5917 defaultMode: 5918 description: 'defaultMode is Optional: mode bits used 5919 to set permissions on created files by default. Must 5920 be an octal value between 0000 and 0777 or a decimal 5921 value between 0 and 511. YAML accepts both octal and 5922 decimal values, JSON requires decimal values for mode 5923 bits. Defaults to 0644. Directories within the path 5924 are not affected by this setting. This might be in 5925 conflict with other options that affect the file mode, 5926 like fsGroup, and the result can be other mode bits 5927 set.' 5928 format: int32 5929 type: integer 5930 items: 5931 description: items If unspecified, each key-value pair 5932 in the Data field of the referenced Secret will be 5933 projected into the volume as a file whose name is 5934 the key and content is the value. If specified, the 5935 listed keys will be projected into the specified paths, 5936 and unlisted keys will not be present. If a key is 5937 specified which is not present in the Secret, the 5938 volume setup will error unless it is marked optional. 5939 Paths must be relative and may not contain the '..' 5940 path or start with '..'. 5941 items: 5942 description: Maps a string key to a path within a 5943 volume. 5944 properties: 5945 key: 5946 description: key is the key to project. 5947 type: string 5948 mode: 5949 description: 'mode is Optional: mode bits used 5950 to set permissions on this file. Must be an 5951 octal value between 0000 and 0777 or a decimal 5952 value between 0 and 511. YAML accepts both octal 5953 and decimal values, JSON requires decimal values 5954 for mode bits. If not specified, the volume 5955 defaultMode will be used. This might be in conflict 5956 with other options that affect the file mode, 5957 like fsGroup, and the result can be other mode 5958 bits set.' 5959 format: int32 5960 type: integer 5961 path: 5962 description: path is the relative path of the 5963 file to map the key to. May not be an absolute 5964 path. May not contain the path element '..'. 5965 May not start with the string '..'. 5966 type: string 5967 required: 5968 - key 5969 - path 5970 type: object 5971 type: array 5972 optional: 5973 description: optional field specify whether the Secret 5974 or its keys must be defined 5975 type: boolean 5976 secretName: 5977 description: 'secretName is the name of the secret in 5978 the pod''s namespace to use. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret' 5979 type: string 5980 type: object 5981 storageos: 5982 description: storageOS represents a StorageOS volume attached 5983 and mounted on Kubernetes nodes. 5984 properties: 5985 fsType: 5986 description: fsType is the filesystem type to mount. 5987 Must be a filesystem type supported by the host operating 5988 system. Ex. "ext4", "xfs", "ntfs". Implicitly inferred 5989 to be "ext4" if unspecified. 5990 type: string 5991 readOnly: 5992 description: readOnly defaults to false (read/write). 5993 ReadOnly here will force the ReadOnly setting in VolumeMounts. 5994 type: boolean 5995 secretRef: 5996 description: secretRef specifies the secret to use for 5997 obtaining the StorageOS API credentials. If not specified, 5998 default values will be attempted. 5999 properties: 6000 name: 6001 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 6002 TODO: Add other useful fields. apiVersion, kind, 6003 uid?' 6004 type: string 6005 type: object 6006 volumeName: 6007 description: volumeName is the human-readable name of 6008 the StorageOS volume. Volume names are only unique 6009 within a namespace. 6010 type: string 6011 volumeNamespace: 6012 description: volumeNamespace specifies the scope of 6013 the volume within StorageOS. If no namespace is specified 6014 then the Pod's namespace will be used. This allows 6015 the Kubernetes name scoping to be mirrored within 6016 StorageOS for tighter integration. Set VolumeName 6017 to any name to override the default behaviour. Set 6018 to "default" if you are not using namespaces within 6019 StorageOS. Namespaces that do not pre-exist within 6020 StorageOS will be created. 6021 type: string 6022 type: object 6023 vsphereVolume: 6024 description: vsphereVolume represents a vSphere volume attached 6025 and mounted on kubelets host machine 6026 properties: 6027 fsType: 6028 description: fsType is filesystem type to mount. Must 6029 be a filesystem type supported by the host operating 6030 system. Ex. "ext4", "xfs", "ntfs". Implicitly inferred 6031 to be "ext4" if unspecified. 6032 type: string 6033 storagePolicyID: 6034 description: storagePolicyID is the storage Policy Based 6035 Management (SPBM) profile ID associated with the StoragePolicyName. 6036 type: string 6037 storagePolicyName: 6038 description: storagePolicyName is the storage Policy 6039 Based Management (SPBM) profile name. 6040 type: string 6041 volumePath: 6042 description: volumePath is the path that identifies 6043 vSphere volume vmdk 6044 type: string 6045 required: 6046 - volumePath 6047 type: object 6048 required: 6049 - name 6050 type: object 6051 type: array 6052 type: object 6053 repositoryCredentials: 6054 description: RepositoryCredentials are the Git pull credentials to 6055 configure Argo CD with upon creation of the cluster. 6056 type: string 6057 resourceActions: 6058 description: ResourceActions customizes resource action behavior. 6059 items: 6060 description: Resource Customization for custom action 6061 properties: 6062 action: 6063 type: string 6064 group: 6065 type: string 6066 kind: 6067 type: string 6068 type: object 6069 type: array 6070 resourceCustomizations: 6071 description: 'Deprecated field. Support dropped in v1beta1 version. 6072 ResourceCustomizations customizes resource behavior. Keys are in 6073 the form: group/Kind. Please note that this is being deprecated 6074 in favor of ResourceHealthChecks, ResourceIgnoreDifferences, and 6075 ResourceActions.' 6076 type: string 6077 resourceExclusions: 6078 description: ResourceExclusions is used to completely ignore entire 6079 classes of resource group/kinds. 6080 type: string 6081 resourceHealthChecks: 6082 description: ResourceHealthChecks customizes resource health check 6083 behavior. 6084 items: 6085 description: Resource Customization for custom health check 6086 properties: 6087 check: 6088 type: string 6089 group: 6090 type: string 6091 kind: 6092 type: string 6093 type: object 6094 type: array 6095 resourceIgnoreDifferences: 6096 description: ResourceIgnoreDifferences customizes resource ignore 6097 difference behavior. 6098 properties: 6099 all: 6100 properties: 6101 jqPathExpressions: 6102 items: 6103 type: string 6104 type: array 6105 jsonPointers: 6106 items: 6107 type: string 6108 type: array 6109 managedFieldsManagers: 6110 items: 6111 type: string 6112 type: array 6113 type: object 6114 resourceIdentifiers: 6115 items: 6116 description: Resource Customization fields for ignore difference 6117 properties: 6118 customization: 6119 properties: 6120 jqPathExpressions: 6121 items: 6122 type: string 6123 type: array 6124 jsonPointers: 6125 items: 6126 type: string 6127 type: array 6128 managedFieldsManagers: 6129 items: 6130 type: string 6131 type: array 6132 type: object 6133 group: 6134 type: string 6135 kind: 6136 type: string 6137 type: object 6138 type: array 6139 type: object 6140 resourceInclusions: 6141 description: ResourceInclusions is used to only include specific group/kinds 6142 in the reconciliation process. 6143 type: string 6144 resourceTrackingMethod: 6145 description: ResourceTrackingMethod defines how Argo CD should track 6146 resources that it manages 6147 type: string 6148 server: 6149 description: Server defines the options for the ArgoCD Server component. 6150 properties: 6151 autoscale: 6152 description: Autoscale defines the autoscale options for the Argo 6153 CD Server component. 6154 properties: 6155 enabled: 6156 description: Enabled will toggle autoscaling support for the 6157 Argo CD Server component. 6158 type: boolean 6159 hpa: 6160 description: HPA defines the HorizontalPodAutoscaler options 6161 for the Argo CD Server component. 6162 properties: 6163 maxReplicas: 6164 description: maxReplicas is the upper limit for the number 6165 of pods that can be set by the autoscaler; cannot be 6166 smaller than MinReplicas. 6167 format: int32 6168 type: integer 6169 minReplicas: 6170 description: minReplicas is the lower limit for the number 6171 of replicas to which the autoscaler can scale down. It 6172 defaults to 1 pod. minReplicas is allowed to be 0 if 6173 the alpha feature gate HPAScaleToZero is enabled and 6174 at least one Object or External metric is configured. Scaling 6175 is active as long as at least one metric value is available. 6176 format: int32 6177 type: integer 6178 scaleTargetRef: 6179 description: reference to scaled resource; horizontal 6180 pod autoscaler will learn the current resource consumption 6181 and will set the desired number of pods by using its 6182 Scale subresource. 6183 properties: 6184 apiVersion: 6185 description: apiVersion is the API version of the 6186 referent 6187 type: string 6188 kind: 6189 description: 'kind is the kind of the referent; More 6190 info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' 6191 type: string 6192 name: 6193 description: 'name is the name of the referent; More 6194 info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' 6195 type: string 6196 required: 6197 - kind 6198 - name 6199 type: object 6200 targetCPUUtilizationPercentage: 6201 description: targetCPUUtilizationPercentage is the target 6202 average CPU utilization (represented as a percentage 6203 of requested CPU) over all the pods; if not specified 6204 the default autoscaling policy will be used. 6205 format: int32 6206 type: integer 6207 required: 6208 - maxReplicas 6209 - scaleTargetRef 6210 type: object 6211 required: 6212 - enabled 6213 type: object 6214 env: 6215 description: Env lets you specify environment for API server pods 6216 items: 6217 description: EnvVar represents an environment variable present 6218 in a Container. 6219 properties: 6220 name: 6221 description: Name of the environment variable. Must be a 6222 C_IDENTIFIER. 6223 type: string 6224 value: 6225 description: 'Variable references $(VAR_NAME) are expanded 6226 using the previously defined environment variables in 6227 the container and any service environment variables. If 6228 a variable cannot be resolved, the reference in the input 6229 string will be unchanged. Double $$ are reduced to a single 6230 $, which allows for escaping the $(VAR_NAME) syntax: i.e. 6231 "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". 6232 Escaped references will never be expanded, regardless 6233 of whether the variable exists or not. Defaults to "".' 6234 type: string 6235 valueFrom: 6236 description: Source for the environment variable's value. 6237 Cannot be used if value is not empty. 6238 properties: 6239 configMapKeyRef: 6240 description: Selects a key of a ConfigMap. 6241 properties: 6242 key: 6243 description: The key to select. 6244 type: string 6245 name: 6246 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 6247 TODO: Add other useful fields. apiVersion, kind, 6248 uid?' 6249 type: string 6250 optional: 6251 description: Specify whether the ConfigMap or its 6252 key must be defined 6253 type: boolean 6254 required: 6255 - key 6256 type: object 6257 fieldRef: 6258 description: 'Selects a field of the pod: supports metadata.name, 6259 metadata.namespace, `metadata.labels[''<KEY>'']`, 6260 `metadata.annotations[''<KEY>'']`, spec.nodeName, 6261 spec.serviceAccountName, status.hostIP, status.podIP, 6262 status.podIPs.' 6263 properties: 6264 apiVersion: 6265 description: Version of the schema the FieldPath 6266 is written in terms of, defaults to "v1". 6267 type: string 6268 fieldPath: 6269 description: Path of the field to select in the 6270 specified API version. 6271 type: string 6272 required: 6273 - fieldPath 6274 type: object 6275 resourceFieldRef: 6276 description: 'Selects a resource of the container: only 6277 resources limits and requests (limits.cpu, limits.memory, 6278 limits.ephemeral-storage, requests.cpu, requests.memory 6279 and requests.ephemeral-storage) are currently supported.' 6280 properties: 6281 containerName: 6282 description: 'Container name: required for volumes, 6283 optional for env vars' 6284 type: string 6285 divisor: 6286 anyOf: 6287 - type: integer 6288 - type: string 6289 description: Specifies the output format of the 6290 exposed resources, defaults to "1" 6291 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 6292 x-kubernetes-int-or-string: true 6293 resource: 6294 description: 'Required: resource to select' 6295 type: string 6296 required: 6297 - resource 6298 type: object 6299 secretKeyRef: 6300 description: Selects a key of a secret in the pod's 6301 namespace 6302 properties: 6303 key: 6304 description: The key of the secret to select from. Must 6305 be a valid secret key. 6306 type: string 6307 name: 6308 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 6309 TODO: Add other useful fields. apiVersion, kind, 6310 uid?' 6311 type: string 6312 optional: 6313 description: Specify whether the Secret or its key 6314 must be defined 6315 type: boolean 6316 required: 6317 - key 6318 type: object 6319 type: object 6320 required: 6321 - name 6322 type: object 6323 type: array 6324 extraCommandArgs: 6325 description: Extra Command arguments that would append to the 6326 Argo CD server command. ExtraCommandArgs will not be added, 6327 if one of these commands is already part of the server command 6328 with same or different value. 6329 items: 6330 type: string 6331 type: array 6332 grpc: 6333 description: GRPC defines the state for the Argo CD Server GRPC 6334 options. 6335 properties: 6336 host: 6337 description: Host is the hostname to use for Ingress/Route 6338 resources. 6339 type: string 6340 ingress: 6341 description: Ingress defines the desired state for the Argo 6342 CD Server GRPC Ingress. 6343 properties: 6344 annotations: 6345 additionalProperties: 6346 type: string 6347 description: Annotations is the map of annotations to 6348 apply to the Ingress. 6349 type: object 6350 enabled: 6351 description: Enabled will toggle the creation of the Ingress. 6352 type: boolean 6353 ingressClassName: 6354 description: IngressClassName for the Ingress resource. 6355 type: string 6356 path: 6357 description: Path used for the Ingress resource. 6358 type: string 6359 tls: 6360 description: TLS configuration. Currently the Ingress 6361 only supports a single TLS port, 443. If multiple members 6362 of this list specify different hosts, they will be multiplexed 6363 on the same port according to the hostname specified 6364 through the SNI TLS extension, if the ingress controller 6365 fulfilling the ingress supports SNI. 6366 items: 6367 description: IngressTLS describes the transport layer 6368 security associated with an ingress. 6369 properties: 6370 hosts: 6371 description: hosts is a list of hosts included in 6372 the TLS certificate. The values in this list must 6373 match the name/s used in the tlsSecret. Defaults 6374 to the wildcard host setting for the loadbalancer 6375 controller fulfilling this Ingress, if left unspecified. 6376 items: 6377 type: string 6378 type: array 6379 x-kubernetes-list-type: atomic 6380 secretName: 6381 description: secretName is the name of the secret 6382 used to terminate TLS traffic on port 443. Field 6383 is left optional to allow TLS routing based on 6384 SNI hostname alone. If the SNI host in a listener 6385 conflicts with the "Host" header field used by 6386 an IngressRule, the SNI host is used for termination 6387 and value of the "Host" header is used for routing. 6388 type: string 6389 type: object 6390 type: array 6391 required: 6392 - enabled 6393 type: object 6394 type: object 6395 host: 6396 description: Host is the hostname to use for Ingress/Route resources. 6397 type: string 6398 ingress: 6399 description: Ingress defines the desired state for an Ingress 6400 for the Argo CD Server component. 6401 properties: 6402 annotations: 6403 additionalProperties: 6404 type: string 6405 description: Annotations is the map of annotations to apply 6406 to the Ingress. 6407 type: object 6408 enabled: 6409 description: Enabled will toggle the creation of the Ingress. 6410 type: boolean 6411 ingressClassName: 6412 description: IngressClassName for the Ingress resource. 6413 type: string 6414 path: 6415 description: Path used for the Ingress resource. 6416 type: string 6417 tls: 6418 description: TLS configuration. Currently the Ingress only 6419 supports a single TLS port, 443. If multiple members of 6420 this list specify different hosts, they will be multiplexed 6421 on the same port according to the hostname specified through 6422 the SNI TLS extension, if the ingress controller fulfilling 6423 the ingress supports SNI. 6424 items: 6425 description: IngressTLS describes the transport layer security 6426 associated with an ingress. 6427 properties: 6428 hosts: 6429 description: hosts is a list of hosts included in the 6430 TLS certificate. The values in this list must match 6431 the name/s used in the tlsSecret. Defaults to the 6432 wildcard host setting for the loadbalancer controller 6433 fulfilling this Ingress, if left unspecified. 6434 items: 6435 type: string 6436 type: array 6437 x-kubernetes-list-type: atomic 6438 secretName: 6439 description: secretName is the name of the secret used 6440 to terminate TLS traffic on port 443. Field is left 6441 optional to allow TLS routing based on SNI hostname 6442 alone. If the SNI host in a listener conflicts with 6443 the "Host" header field used by an IngressRule, the 6444 SNI host is used for termination and value of the 6445 "Host" header is used for routing. 6446 type: string 6447 type: object 6448 type: array 6449 required: 6450 - enabled 6451 type: object 6452 insecure: 6453 description: Insecure toggles the insecure flag. 6454 type: boolean 6455 logFormat: 6456 description: LogFormat refers to the log level to be used by the 6457 ArgoCD Server component. Defaults to ArgoCDDefaultLogFormat 6458 if not configured. Valid options are text or json. 6459 type: string 6460 logLevel: 6461 description: LogLevel refers to the log level to be used by the 6462 ArgoCD Server component. Defaults to ArgoCDDefaultLogLevel if 6463 not set. Valid options are debug, info, error, and warn. 6464 type: string 6465 replicas: 6466 description: Replicas defines the number of replicas for argocd-server. 6467 Default is nil. Value should be greater than or equal to 0. 6468 Value will be ignored if Autoscaler is enabled. 6469 format: int32 6470 type: integer 6471 resources: 6472 description: Resources defines the Compute Resources required 6473 by the container for the Argo CD server component. 6474 properties: 6475 claims: 6476 description: "Claims lists the names of resources, defined 6477 in spec.resourceClaims, that are used by this container. 6478 \n This is an alpha field and requires enabling the DynamicResourceAllocation 6479 feature gate. \n This field is immutable. It can only be 6480 set for containers." 6481 items: 6482 description: ResourceClaim references one entry in PodSpec.ResourceClaims. 6483 properties: 6484 name: 6485 description: Name must match the name of one entry in 6486 pod.spec.resourceClaims of the Pod where this field 6487 is used. It makes that resource available inside a 6488 container. 6489 type: string 6490 required: 6491 - name 6492 type: object 6493 type: array 6494 x-kubernetes-list-map-keys: 6495 - name 6496 x-kubernetes-list-type: map 6497 limits: 6498 additionalProperties: 6499 anyOf: 6500 - type: integer 6501 - type: string 6502 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 6503 x-kubernetes-int-or-string: true 6504 description: 'Limits describes the maximum amount of compute 6505 resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' 6506 type: object 6507 requests: 6508 additionalProperties: 6509 anyOf: 6510 - type: integer 6511 - type: string 6512 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 6513 x-kubernetes-int-or-string: true 6514 description: 'Requests describes the minimum amount of compute 6515 resources required. If Requests is omitted for a container, 6516 it defaults to Limits if that is explicitly specified, otherwise 6517 to an implementation-defined value. Requests cannot exceed 6518 Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' 6519 type: object 6520 type: object 6521 route: 6522 description: Route defines the desired state for an OpenShift 6523 Route for the Argo CD Server component. 6524 properties: 6525 annotations: 6526 additionalProperties: 6527 type: string 6528 description: Annotations is the map of annotations to use 6529 for the Route resource. 6530 type: object 6531 enabled: 6532 description: Enabled will toggle the creation of the OpenShift 6533 Route. 6534 type: boolean 6535 labels: 6536 additionalProperties: 6537 type: string 6538 description: Labels is the map of labels to use for the Route 6539 resource 6540 type: object 6541 path: 6542 description: Path the router watches for, to route traffic 6543 for to the service. 6544 type: string 6545 tls: 6546 description: TLS provides the ability to configure certificates 6547 and termination for the Route. 6548 properties: 6549 caCertificate: 6550 description: caCertificate provides the cert authority 6551 certificate contents 6552 type: string 6553 certificate: 6554 description: certificate provides certificate contents 6555 type: string 6556 destinationCACertificate: 6557 description: destinationCACertificate provides the contents 6558 of the ca certificate of the final destination. When 6559 using reencrypt termination this file should be provided 6560 in order to have routers use it for health checks on 6561 the secure connection. If this field is not specified, 6562 the router may provide its own destination CA and perform 6563 hostname validation using the short service name (service.namespace.svc), 6564 which allows infrastructure generated certificates to 6565 automatically verify. 6566 type: string 6567 insecureEdgeTerminationPolicy: 6568 description: "insecureEdgeTerminationPolicy indicates 6569 the desired behavior for insecure connections to a route. 6570 While each router may make its own decisions on which 6571 ports to expose, this is normally port 80. \n * Allow 6572 - traffic is sent to the server on the insecure port 6573 (default) * Disable - no traffic is allowed on the insecure 6574 port. * Redirect - clients are redirected to the secure 6575 port." 6576 type: string 6577 key: 6578 description: key provides key file contents 6579 type: string 6580 termination: 6581 description: termination indicates termination type. 6582 type: string 6583 required: 6584 - termination 6585 type: object 6586 wildcardPolicy: 6587 description: WildcardPolicy if any for the route. Currently 6588 only 'Subdomain' or 'None' is allowed. 6589 type: string 6590 required: 6591 - enabled 6592 type: object 6593 service: 6594 description: Service defines the options for the Service backing 6595 the ArgoCD Server component. 6596 properties: 6597 type: 6598 description: Type is the ServiceType to use for the Service 6599 resource. 6600 type: string 6601 required: 6602 - type 6603 type: object 6604 type: object 6605 sourceNamespaces: 6606 description: SourceNamespaces defines the namespaces application resources 6607 are allowed to be created in 6608 items: 6609 type: string 6610 type: array 6611 sso: 6612 description: SSO defines the Single Sign-on configuration for Argo 6613 CD 6614 properties: 6615 dex: 6616 description: Dex contains the configuration for Argo CD dex authentication 6617 properties: 6618 config: 6619 description: Config is the dex connector configuration. 6620 type: string 6621 groups: 6622 description: Optional list of required groups a user must 6623 be a member of 6624 items: 6625 type: string 6626 type: array 6627 image: 6628 description: Image is the Dex container image. 6629 type: string 6630 openShiftOAuth: 6631 description: OpenShiftOAuth enables OpenShift OAuth authentication 6632 for the Dex server. 6633 type: boolean 6634 resources: 6635 description: Resources defines the Compute Resources required 6636 by the container for Dex. 6637 properties: 6638 claims: 6639 description: "Claims lists the names of resources, defined 6640 in spec.resourceClaims, that are used by this container. 6641 \n This is an alpha field and requires enabling the 6642 DynamicResourceAllocation feature gate. \n This field 6643 is immutable. It can only be set for containers." 6644 items: 6645 description: ResourceClaim references one entry in PodSpec.ResourceClaims. 6646 properties: 6647 name: 6648 description: Name must match the name of one entry 6649 in pod.spec.resourceClaims of the Pod where this 6650 field is used. It makes that resource available 6651 inside a container. 6652 type: string 6653 required: 6654 - name 6655 type: object 6656 type: array 6657 x-kubernetes-list-map-keys: 6658 - name 6659 x-kubernetes-list-type: map 6660 limits: 6661 additionalProperties: 6662 anyOf: 6663 - type: integer 6664 - type: string 6665 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 6666 x-kubernetes-int-or-string: true 6667 description: 'Limits describes the maximum amount of compute 6668 resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' 6669 type: object 6670 requests: 6671 additionalProperties: 6672 anyOf: 6673 - type: integer 6674 - type: string 6675 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 6676 x-kubernetes-int-or-string: true 6677 description: 'Requests describes the minimum amount of 6678 compute resources required. If Requests is omitted for 6679 a container, it defaults to Limits if that is explicitly 6680 specified, otherwise to an implementation-defined value. 6681 Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' 6682 type: object 6683 type: object 6684 version: 6685 description: Version is the Dex container image tag. 6686 type: string 6687 type: object 6688 image: 6689 description: Deprecated field. Support dropped in v1beta1 version. 6690 Image is the SSO container image. 6691 type: string 6692 keycloak: 6693 description: Keycloak contains the configuration for Argo CD keycloak 6694 authentication 6695 properties: 6696 image: 6697 description: Image is the Keycloak container image. 6698 type: string 6699 resources: 6700 description: Resources defines the Compute Resources required 6701 by the container for Keycloak. 6702 properties: 6703 claims: 6704 description: "Claims lists the names of resources, defined 6705 in spec.resourceClaims, that are used by this container. 6706 \n This is an alpha field and requires enabling the 6707 DynamicResourceAllocation feature gate. \n This field 6708 is immutable. It can only be set for containers." 6709 items: 6710 description: ResourceClaim references one entry in PodSpec.ResourceClaims. 6711 properties: 6712 name: 6713 description: Name must match the name of one entry 6714 in pod.spec.resourceClaims of the Pod where this 6715 field is used. It makes that resource available 6716 inside a container. 6717 type: string 6718 required: 6719 - name 6720 type: object 6721 type: array 6722 x-kubernetes-list-map-keys: 6723 - name 6724 x-kubernetes-list-type: map 6725 limits: 6726 additionalProperties: 6727 anyOf: 6728 - type: integer 6729 - type: string 6730 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 6731 x-kubernetes-int-or-string: true 6732 description: 'Limits describes the maximum amount of compute 6733 resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' 6734 type: object 6735 requests: 6736 additionalProperties: 6737 anyOf: 6738 - type: integer 6739 - type: string 6740 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 6741 x-kubernetes-int-or-string: true 6742 description: 'Requests describes the minimum amount of 6743 compute resources required. If Requests is omitted for 6744 a container, it defaults to Limits if that is explicitly 6745 specified, otherwise to an implementation-defined value. 6746 Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' 6747 type: object 6748 type: object 6749 rootCA: 6750 description: Custom root CA certificate for communicating 6751 with the Keycloak OIDC provider 6752 type: string 6753 verifyTLS: 6754 description: VerifyTLS set to false disables strict TLS validation. 6755 type: boolean 6756 version: 6757 description: Version is the Keycloak container image tag. 6758 type: string 6759 type: object 6760 provider: 6761 description: Provider installs and configures the given SSO Provider 6762 with Argo CD. 6763 type: string 6764 resources: 6765 description: Deprecated field. Support dropped in v1beta1 version. 6766 Resources defines the Compute Resources required by the container 6767 for SSO. 6768 properties: 6769 claims: 6770 description: "Claims lists the names of resources, defined 6771 in spec.resourceClaims, that are used by this container. 6772 \n This is an alpha field and requires enabling the DynamicResourceAllocation 6773 feature gate. \n This field is immutable. It can only be 6774 set for containers." 6775 items: 6776 description: ResourceClaim references one entry in PodSpec.ResourceClaims. 6777 properties: 6778 name: 6779 description: Name must match the name of one entry in 6780 pod.spec.resourceClaims of the Pod where this field 6781 is used. It makes that resource available inside a 6782 container. 6783 type: string 6784 required: 6785 - name 6786 type: object 6787 type: array 6788 x-kubernetes-list-map-keys: 6789 - name 6790 x-kubernetes-list-type: map 6791 limits: 6792 additionalProperties: 6793 anyOf: 6794 - type: integer 6795 - type: string 6796 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 6797 x-kubernetes-int-or-string: true 6798 description: 'Limits describes the maximum amount of compute 6799 resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' 6800 type: object 6801 requests: 6802 additionalProperties: 6803 anyOf: 6804 - type: integer 6805 - type: string 6806 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 6807 x-kubernetes-int-or-string: true 6808 description: 'Requests describes the minimum amount of compute 6809 resources required. If Requests is omitted for a container, 6810 it defaults to Limits if that is explicitly specified, otherwise 6811 to an implementation-defined value. Requests cannot exceed 6812 Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' 6813 type: object 6814 type: object 6815 verifyTLS: 6816 description: Deprecated field. Support dropped in v1beta1 version. 6817 VerifyTLS set to false disables strict TLS validation. 6818 type: boolean 6819 version: 6820 description: Deprecated field. Support dropped in v1beta1 version. 6821 Version is the SSO container image tag. 6822 type: string 6823 type: object 6824 statusBadgeEnabled: 6825 description: StatusBadgeEnabled toggles application status badge feature. 6826 type: boolean 6827 tls: 6828 description: TLS defines the TLS options for ArgoCD. 6829 properties: 6830 ca: 6831 description: CA defines the CA options. 6832 properties: 6833 configMapName: 6834 description: ConfigMapName is the name of the ConfigMap containing 6835 the CA Certificate. 6836 type: string 6837 secretName: 6838 description: SecretName is the name of the Secret containing 6839 the CA Certificate and Key. 6840 type: string 6841 type: object 6842 initialCerts: 6843 additionalProperties: 6844 type: string 6845 description: InitialCerts defines custom TLS certificates upon 6846 creation of the cluster for connecting Git repositories via 6847 HTTPS. 6848 type: object 6849 type: object 6850 usersAnonymousEnabled: 6851 description: UsersAnonymousEnabled toggles anonymous user access. 6852 The anonymous users get default role permissions specified argocd-rbac-cm. 6853 type: boolean 6854 version: 6855 description: Version is the tag to use with the ArgoCD container image 6856 for all ArgoCD components. 6857 type: string 6858 type: object 6859 status: 6860 description: ArgoCDStatus defines the observed state of ArgoCD 6861 properties: 6862 applicationController: 6863 description: 'ApplicationController is a simple, high-level summary 6864 of where the Argo CD application controller component is in its 6865 lifecycle. There are four possible ApplicationController values: 6866 Pending: The Argo CD application controller component has been accepted 6867 by the Kubernetes system, but one or more of the required resources 6868 have not been created. Running: All of the required Pods for the 6869 Argo CD application controller component are in a Ready state. Failed: 6870 At least one of the Argo CD application controller component Pods 6871 had a failure. Unknown: The state of the Argo CD application controller 6872 component could not be obtained.' 6873 type: string 6874 applicationSetController: 6875 description: 'ApplicationSetController is a simple, high-level summary 6876 of where the Argo CD applicationSet controller component is in its 6877 lifecycle. There are four possible ApplicationSetController values: 6878 Pending: The Argo CD applicationSet controller component has been 6879 accepted by the Kubernetes system, but one or more of the required 6880 resources have not been created. Running: All of the required Pods 6881 for the Argo CD applicationSet controller component are in a Ready 6882 state. Failed: At least one of the Argo CD applicationSet controller 6883 component Pods had a failure. Unknown: The state of the Argo CD 6884 applicationSet controller component could not be obtained.' 6885 type: string 6886 host: 6887 description: Host is the hostname of the Ingress. 6888 type: string 6889 notificationsController: 6890 description: 'NotificationsController is a simple, high-level summary 6891 of where the Argo CD notifications controller component is in its 6892 lifecycle. There are four possible NotificationsController values: 6893 Pending: The Argo CD notifications controller component has been 6894 accepted by the Kubernetes system, but one or more of the required 6895 resources have not been created. Running: All of the required Pods 6896 for the Argo CD notifications controller component are in a Ready 6897 state. Failed: At least one of the Argo CD notifications controller 6898 component Pods had a failure. Unknown: The state of the Argo CD 6899 notifications controller component could not be obtained.' 6900 type: string 6901 phase: 6902 description: 'Phase is a simple, high-level summary of where the ArgoCD 6903 is in its lifecycle. There are four possible phase values: Pending: 6904 The ArgoCD has been accepted by the Kubernetes system, but one or 6905 more of the required resources have not been created. Available: 6906 All of the resources for the ArgoCD are ready. Failed: At least 6907 one resource has experienced a failure. Unknown: The state of the 6908 ArgoCD phase could not be obtained.' 6909 type: string 6910 redis: 6911 description: 'Redis is a simple, high-level summary of where the Argo 6912 CD Redis component is in its lifecycle. There are four possible 6913 redis values: Pending: The Argo CD Redis component has been accepted 6914 by the Kubernetes system, but one or more of the required resources 6915 have not been created. Running: All of the required Pods for the 6916 Argo CD Redis component are in a Ready state. Failed: At least one 6917 of the Argo CD Redis component Pods had a failure. Unknown: The 6918 state of the Argo CD Redis component could not be obtained.' 6919 type: string 6920 redisTLSChecksum: 6921 description: RedisTLSChecksum contains the SHA256 checksum of the 6922 latest known state of tls.crt and tls.key in the argocd-operator-redis-tls 6923 secret. 6924 type: string 6925 repo: 6926 description: 'Repo is a simple, high-level summary of where the Argo 6927 CD Repo component is in its lifecycle. There are four possible repo 6928 values: Pending: The Argo CD Repo component has been accepted by 6929 the Kubernetes system, but one or more of the required resources 6930 have not been created. Running: All of the required Pods for the 6931 Argo CD Repo component are in a Ready state. Failed: At least one 6932 of the Argo CD Repo component Pods had a failure. Unknown: The 6933 state of the Argo CD Repo component could not be obtained.' 6934 type: string 6935 repoTLSChecksum: 6936 description: RepoTLSChecksum contains the SHA256 checksum of the latest 6937 known state of tls.crt and tls.key in the argocd-repo-server-tls 6938 secret. 6939 type: string 6940 server: 6941 description: 'Server is a simple, high-level summary of where the 6942 Argo CD server component is in its lifecycle. There are four possible 6943 server values: Pending: The Argo CD server component has been accepted 6944 by the Kubernetes system, but one or more of the required resources 6945 have not been created. Running: All of the required Pods for the 6946 Argo CD server component are in a Ready state. Failed: At least 6947 one of the Argo CD server component Pods had a failure. Unknown: 6948 The state of the Argo CD server component could not be obtained.' 6949 type: string 6950 sso: 6951 description: 'SSO is a simple, high-level summary of where the Argo 6952 CD SSO(Dex/Keycloak) component is in its lifecycle. There are four 6953 possible sso values: Pending: The Argo CD SSO component has been 6954 accepted by the Kubernetes system, but one or more of the required 6955 resources have not been created. Running: All of the required Pods 6956 for the Argo CD SSO component are in a Ready state. Failed: At least 6957 one of the Argo CD SSO component Pods had a failure. Unknown: The 6958 state of the Argo CD SSO component could not be obtained.' 6959 type: string 6960 type: object 6961 type: object 6962 served: true 6963 storage: false 6964 subresources: 6965 status: {} 6966 - name: v1beta1 6967 schema: 6968 openAPIV3Schema: 6969 description: ArgoCD is the Schema for the argocds API 6970 properties: 6971 apiVersion: 6972 description: 'APIVersion defines the versioned schema of this representation 6973 of an object. Servers should convert recognized schemas to the latest 6974 internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' 6975 type: string 6976 kind: 6977 description: 'Kind is a string value representing the REST resource this 6978 object represents. Servers may infer this from the endpoint the client 6979 submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' 6980 type: string 6981 metadata: 6982 type: object 6983 spec: 6984 description: ArgoCDSpec defines the desired state of ArgoCD 6985 properties: 6986 applicationInstanceLabelKey: 6987 description: ApplicationInstanceLabelKey is the key name where Argo 6988 CD injects the app name as a tracking label. 6989 type: string 6990 applicationSet: 6991 description: ArgoCDApplicationSet defines whether the Argo CD ApplicationSet 6992 controller should be installed. 6993 properties: 6994 enabled: 6995 description: Enabled is the flag to enable the Application Set 6996 Controller during ArgoCD installation. (optional, default `true`) 6997 type: boolean 6998 env: 6999 description: Env lets you specify environment for applicationSet 7000 controller pods 7001 items: 7002 description: EnvVar represents an environment variable present 7003 in a Container. 7004 properties: 7005 name: 7006 description: Name of the environment variable. Must be a 7007 C_IDENTIFIER. 7008 type: string 7009 value: 7010 description: 'Variable references $(VAR_NAME) are expanded 7011 using the previously defined environment variables in 7012 the container and any service environment variables. If 7013 a variable cannot be resolved, the reference in the input 7014 string will be unchanged. Double $$ are reduced to a single 7015 $, which allows for escaping the $(VAR_NAME) syntax: i.e. 7016 "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". 7017 Escaped references will never be expanded, regardless 7018 of whether the variable exists or not. Defaults to "".' 7019 type: string 7020 valueFrom: 7021 description: Source for the environment variable's value. 7022 Cannot be used if value is not empty. 7023 properties: 7024 configMapKeyRef: 7025 description: Selects a key of a ConfigMap. 7026 properties: 7027 key: 7028 description: The key to select. 7029 type: string 7030 name: 7031 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 7032 TODO: Add other useful fields. apiVersion, kind, 7033 uid?' 7034 type: string 7035 optional: 7036 description: Specify whether the ConfigMap or its 7037 key must be defined 7038 type: boolean 7039 required: 7040 - key 7041 type: object 7042 fieldRef: 7043 description: 'Selects a field of the pod: supports metadata.name, 7044 metadata.namespace, `metadata.labels[''<KEY>'']`, 7045 `metadata.annotations[''<KEY>'']`, spec.nodeName, 7046 spec.serviceAccountName, status.hostIP, status.podIP, 7047 status.podIPs.' 7048 properties: 7049 apiVersion: 7050 description: Version of the schema the FieldPath 7051 is written in terms of, defaults to "v1". 7052 type: string 7053 fieldPath: 7054 description: Path of the field to select in the 7055 specified API version. 7056 type: string 7057 required: 7058 - fieldPath 7059 type: object 7060 resourceFieldRef: 7061 description: 'Selects a resource of the container: only 7062 resources limits and requests (limits.cpu, limits.memory, 7063 limits.ephemeral-storage, requests.cpu, requests.memory 7064 and requests.ephemeral-storage) are currently supported.' 7065 properties: 7066 containerName: 7067 description: 'Container name: required for volumes, 7068 optional for env vars' 7069 type: string 7070 divisor: 7071 anyOf: 7072 - type: integer 7073 - type: string 7074 description: Specifies the output format of the 7075 exposed resources, defaults to "1" 7076 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 7077 x-kubernetes-int-or-string: true 7078 resource: 7079 description: 'Required: resource to select' 7080 type: string 7081 required: 7082 - resource 7083 type: object 7084 secretKeyRef: 7085 description: Selects a key of a secret in the pod's 7086 namespace 7087 properties: 7088 key: 7089 description: The key of the secret to select from. Must 7090 be a valid secret key. 7091 type: string 7092 name: 7093 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 7094 TODO: Add other useful fields. apiVersion, kind, 7095 uid?' 7096 type: string 7097 optional: 7098 description: Specify whether the Secret or its key 7099 must be defined 7100 type: boolean 7101 required: 7102 - key 7103 type: object 7104 type: object 7105 required: 7106 - name 7107 type: object 7108 type: array 7109 extraCommandArgs: 7110 description: ExtraCommandArgs allows users to pass command line 7111 arguments to ApplicationSet controller. They get added to default 7112 command line arguments provided by the operator. Please note 7113 that the command line arguments provided as part of ExtraCommandArgs 7114 will not overwrite the default command line arguments. 7115 items: 7116 type: string 7117 type: array 7118 image: 7119 description: Image is the Argo CD ApplicationSet image (optional) 7120 type: string 7121 logLevel: 7122 description: LogLevel describes the log level that should be used 7123 by the ApplicationSet controller. Defaults to ArgoCDDefaultLogLevel 7124 if not set. Valid options are debug,info, error, and warn. 7125 type: string 7126 resources: 7127 description: Resources defines the Compute Resources required 7128 by the container for ApplicationSet. 7129 properties: 7130 claims: 7131 description: "Claims lists the names of resources, defined 7132 in spec.resourceClaims, that are used by this container. 7133 \n This is an alpha field and requires enabling the DynamicResourceAllocation 7134 feature gate. \n This field is immutable. It can only be 7135 set for containers." 7136 items: 7137 description: ResourceClaim references one entry in PodSpec.ResourceClaims. 7138 properties: 7139 name: 7140 description: Name must match the name of one entry in 7141 pod.spec.resourceClaims of the Pod where this field 7142 is used. It makes that resource available inside a 7143 container. 7144 type: string 7145 required: 7146 - name 7147 type: object 7148 type: array 7149 x-kubernetes-list-map-keys: 7150 - name 7151 x-kubernetes-list-type: map 7152 limits: 7153 additionalProperties: 7154 anyOf: 7155 - type: integer 7156 - type: string 7157 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 7158 x-kubernetes-int-or-string: true 7159 description: 'Limits describes the maximum amount of compute 7160 resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' 7161 type: object 7162 requests: 7163 additionalProperties: 7164 anyOf: 7165 - type: integer 7166 - type: string 7167 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 7168 x-kubernetes-int-or-string: true 7169 description: 'Requests describes the minimum amount of compute 7170 resources required. If Requests is omitted for a container, 7171 it defaults to Limits if that is explicitly specified, otherwise 7172 to an implementation-defined value. Requests cannot exceed 7173 Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' 7174 type: object 7175 type: object 7176 scmProviders: 7177 description: SCMProviders defines the list of allowed custom SCM 7178 provider API URLs 7179 items: 7180 type: string 7181 type: array 7182 scmRootCAConfigMap: 7183 description: SCMRootCAConfigMap is the name of the config map 7184 that stores the Gitlab SCM Provider's TLS certificate which 7185 will be mounted on the ApplicationSet Controller (optional). 7186 type: string 7187 sourceNamespaces: 7188 description: SourceNamespaces defines the namespaces applicationset 7189 resources are allowed to be created in 7190 items: 7191 type: string 7192 type: array 7193 version: 7194 description: Version is the Argo CD ApplicationSet image tag. 7195 (optional) 7196 type: string 7197 webhookServer: 7198 description: WebhookServerSpec defines the options for the ApplicationSet 7199 Webhook Server component. 7200 properties: 7201 host: 7202 description: Host is the hostname to use for Ingress/Route 7203 resources. 7204 type: string 7205 ingress: 7206 description: Ingress defines the desired state for an Ingress 7207 for the Application set webhook component. 7208 properties: 7209 annotations: 7210 additionalProperties: 7211 type: string 7212 description: Annotations is the map of annotations to 7213 apply to the Ingress. 7214 type: object 7215 enabled: 7216 description: Enabled will toggle the creation of the Ingress. 7217 type: boolean 7218 ingressClassName: 7219 description: IngressClassName for the Ingress resource. 7220 type: string 7221 path: 7222 description: Path used for the Ingress resource. 7223 type: string 7224 tls: 7225 description: TLS configuration. Currently the Ingress 7226 only supports a single TLS port, 443. If multiple members 7227 of this list specify different hosts, they will be multiplexed 7228 on the same port according to the hostname specified 7229 through the SNI TLS extension, if the ingress controller 7230 fulfilling the ingress supports SNI. 7231 items: 7232 description: IngressTLS describes the transport layer 7233 security associated with an ingress. 7234 properties: 7235 hosts: 7236 description: hosts is a list of hosts included in 7237 the TLS certificate. The values in this list must 7238 match the name/s used in the tlsSecret. Defaults 7239 to the wildcard host setting for the loadbalancer 7240 controller fulfilling this Ingress, if left unspecified. 7241 items: 7242 type: string 7243 type: array 7244 x-kubernetes-list-type: atomic 7245 secretName: 7246 description: secretName is the name of the secret 7247 used to terminate TLS traffic on port 443. Field 7248 is left optional to allow TLS routing based on 7249 SNI hostname alone. If the SNI host in a listener 7250 conflicts with the "Host" header field used by 7251 an IngressRule, the SNI host is used for termination 7252 and value of the "Host" header is used for routing. 7253 type: string 7254 type: object 7255 type: array 7256 required: 7257 - enabled 7258 type: object 7259 route: 7260 description: Route defines the desired state for an OpenShift 7261 Route for the Application set webhook component. 7262 properties: 7263 annotations: 7264 additionalProperties: 7265 type: string 7266 description: Annotations is the map of annotations to 7267 use for the Route resource. 7268 type: object 7269 enabled: 7270 description: Enabled will toggle the creation of the OpenShift 7271 Route. 7272 type: boolean 7273 labels: 7274 additionalProperties: 7275 type: string 7276 description: Labels is the map of labels to use for the 7277 Route resource 7278 type: object 7279 path: 7280 description: Path the router watches for, to route traffic 7281 for to the service. 7282 type: string 7283 tls: 7284 description: TLS provides the ability to configure certificates 7285 and termination for the Route. 7286 properties: 7287 caCertificate: 7288 description: caCertificate provides the cert authority 7289 certificate contents 7290 type: string 7291 certificate: 7292 description: certificate provides certificate contents 7293 type: string 7294 destinationCACertificate: 7295 description: destinationCACertificate provides the 7296 contents of the ca certificate of the final destination. When 7297 using reencrypt termination this file should be 7298 provided in order to have routers use it for health 7299 checks on the secure connection. If this field is 7300 not specified, the router may provide its own destination 7301 CA and perform hostname validation using the short 7302 service name (service.namespace.svc), which allows 7303 infrastructure generated certificates to automatically 7304 verify. 7305 type: string 7306 insecureEdgeTerminationPolicy: 7307 description: "insecureEdgeTerminationPolicy indicates 7308 the desired behavior for insecure connections to 7309 a route. While each router may make its own decisions 7310 on which ports to expose, this is normally port 7311 80. \n * Allow - traffic is sent to the server on 7312 the insecure port (default) * Disable - no traffic 7313 is allowed on the insecure port. * Redirect - clients 7314 are redirected to the secure port." 7315 type: string 7316 key: 7317 description: key provides key file contents 7318 type: string 7319 termination: 7320 description: termination indicates termination type. 7321 type: string 7322 required: 7323 - termination 7324 type: object 7325 wildcardPolicy: 7326 description: WildcardPolicy if any for the route. Currently 7327 only 'Subdomain' or 'None' is allowed. 7328 type: string 7329 required: 7330 - enabled 7331 type: object 7332 type: object 7333 type: object 7334 banner: 7335 description: Banner defines an additional banner to be displayed in 7336 Argo CD UI 7337 properties: 7338 content: 7339 description: Content defines the banner message content to display 7340 type: string 7341 url: 7342 description: URL defines an optional URL to be used as banner 7343 message link 7344 type: string 7345 required: 7346 - content 7347 type: object 7348 configManagementPlugins: 7349 description: ConfigManagementPlugins is used to specify additional 7350 config management plugins. 7351 type: string 7352 controller: 7353 description: Controller defines the Application Controller options 7354 for ArgoCD. 7355 properties: 7356 appSync: 7357 description: "AppSync is used to control the sync frequency, by 7358 default the ArgoCD controller polls Git every 3m. \n Set this 7359 to a duration, e.g. 10m or 600s to control the synchronisation 7360 frequency." 7361 type: string 7362 enabled: 7363 description: Enabled is the flag to enable the Application Controller 7364 during ArgoCD installation. (optional, default `true`) 7365 type: boolean 7366 env: 7367 description: Env lets you specify environment for application 7368 controller pods 7369 items: 7370 description: EnvVar represents an environment variable present 7371 in a Container. 7372 properties: 7373 name: 7374 description: Name of the environment variable. Must be a 7375 C_IDENTIFIER. 7376 type: string 7377 value: 7378 description: 'Variable references $(VAR_NAME) are expanded 7379 using the previously defined environment variables in 7380 the container and any service environment variables. If 7381 a variable cannot be resolved, the reference in the input 7382 string will be unchanged. Double $$ are reduced to a single 7383 $, which allows for escaping the $(VAR_NAME) syntax: i.e. 7384 "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". 7385 Escaped references will never be expanded, regardless 7386 of whether the variable exists or not. Defaults to "".' 7387 type: string 7388 valueFrom: 7389 description: Source for the environment variable's value. 7390 Cannot be used if value is not empty. 7391 properties: 7392 configMapKeyRef: 7393 description: Selects a key of a ConfigMap. 7394 properties: 7395 key: 7396 description: The key to select. 7397 type: string 7398 name: 7399 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 7400 TODO: Add other useful fields. apiVersion, kind, 7401 uid?' 7402 type: string 7403 optional: 7404 description: Specify whether the ConfigMap or its 7405 key must be defined 7406 type: boolean 7407 required: 7408 - key 7409 type: object 7410 fieldRef: 7411 description: 'Selects a field of the pod: supports metadata.name, 7412 metadata.namespace, `metadata.labels[''<KEY>'']`, 7413 `metadata.annotations[''<KEY>'']`, spec.nodeName, 7414 spec.serviceAccountName, status.hostIP, status.podIP, 7415 status.podIPs.' 7416 properties: 7417 apiVersion: 7418 description: Version of the schema the FieldPath 7419 is written in terms of, defaults to "v1". 7420 type: string 7421 fieldPath: 7422 description: Path of the field to select in the 7423 specified API version. 7424 type: string 7425 required: 7426 - fieldPath 7427 type: object 7428 resourceFieldRef: 7429 description: 'Selects a resource of the container: only 7430 resources limits and requests (limits.cpu, limits.memory, 7431 limits.ephemeral-storage, requests.cpu, requests.memory 7432 and requests.ephemeral-storage) are currently supported.' 7433 properties: 7434 containerName: 7435 description: 'Container name: required for volumes, 7436 optional for env vars' 7437 type: string 7438 divisor: 7439 anyOf: 7440 - type: integer 7441 - type: string 7442 description: Specifies the output format of the 7443 exposed resources, defaults to "1" 7444 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 7445 x-kubernetes-int-or-string: true 7446 resource: 7447 description: 'Required: resource to select' 7448 type: string 7449 required: 7450 - resource 7451 type: object 7452 secretKeyRef: 7453 description: Selects a key of a secret in the pod's 7454 namespace 7455 properties: 7456 key: 7457 description: The key of the secret to select from. Must 7458 be a valid secret key. 7459 type: string 7460 name: 7461 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 7462 TODO: Add other useful fields. apiVersion, kind, 7463 uid?' 7464 type: string 7465 optional: 7466 description: Specify whether the Secret or its key 7467 must be defined 7468 type: boolean 7469 required: 7470 - key 7471 type: object 7472 type: object 7473 required: 7474 - name 7475 type: object 7476 type: array 7477 logFormat: 7478 description: LogFormat refers to the log format used by the Application 7479 Controller component. Defaults to ArgoCDDefaultLogFormat if 7480 not configured. Valid options are text or json. 7481 type: string 7482 logLevel: 7483 description: LogLevel refers to the log level used by the Application 7484 Controller component. Defaults to ArgoCDDefaultLogLevel if not 7485 configured. Valid options are debug, info, error, and warn. 7486 type: string 7487 parallelismLimit: 7488 description: ParallelismLimit defines the limit for parallel kubectl 7489 operations 7490 format: int32 7491 type: integer 7492 processors: 7493 description: Processors contains the options for the Application 7494 Controller processors. 7495 properties: 7496 operation: 7497 description: Operation is the number of application operation 7498 processors. 7499 format: int32 7500 type: integer 7501 status: 7502 description: Status is the number of application status processors. 7503 format: int32 7504 type: integer 7505 type: object 7506 resources: 7507 description: Resources defines the Compute Resources required 7508 by the container for the Application Controller. 7509 properties: 7510 claims: 7511 description: "Claims lists the names of resources, defined 7512 in spec.resourceClaims, that are used by this container. 7513 \n This is an alpha field and requires enabling the DynamicResourceAllocation 7514 feature gate. \n This field is immutable. It can only be 7515 set for containers." 7516 items: 7517 description: ResourceClaim references one entry in PodSpec.ResourceClaims. 7518 properties: 7519 name: 7520 description: Name must match the name of one entry in 7521 pod.spec.resourceClaims of the Pod where this field 7522 is used. It makes that resource available inside a 7523 container. 7524 type: string 7525 required: 7526 - name 7527 type: object 7528 type: array 7529 x-kubernetes-list-map-keys: 7530 - name 7531 x-kubernetes-list-type: map 7532 limits: 7533 additionalProperties: 7534 anyOf: 7535 - type: integer 7536 - type: string 7537 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 7538 x-kubernetes-int-or-string: true 7539 description: 'Limits describes the maximum amount of compute 7540 resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' 7541 type: object 7542 requests: 7543 additionalProperties: 7544 anyOf: 7545 - type: integer 7546 - type: string 7547 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 7548 x-kubernetes-int-or-string: true 7549 description: 'Requests describes the minimum amount of compute 7550 resources required. If Requests is omitted for a container, 7551 it defaults to Limits if that is explicitly specified, otherwise 7552 to an implementation-defined value. Requests cannot exceed 7553 Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' 7554 type: object 7555 type: object 7556 sharding: 7557 description: Sharding contains the options for the Application 7558 Controller sharding configuration. 7559 properties: 7560 clustersPerShard: 7561 description: ClustersPerShard defines the maximum number of 7562 clusters managed by each argocd shard 7563 format: int32 7564 minimum: 1 7565 type: integer 7566 dynamicScalingEnabled: 7567 description: DynamicScalingEnabled defines whether dynamic 7568 scaling should be enabled for Application Controller component 7569 type: boolean 7570 enabled: 7571 description: Enabled defines whether sharding should be enabled 7572 on the Application Controller component. 7573 type: boolean 7574 maxShards: 7575 description: MaxShards defines the maximum number of shards 7576 at any given point 7577 format: int32 7578 type: integer 7579 minShards: 7580 description: MinShards defines the minimum number of shards 7581 at any given point 7582 format: int32 7583 minimum: 1 7584 type: integer 7585 replicas: 7586 description: Replicas defines the number of replicas to run 7587 in the Application controller shard. 7588 format: int32 7589 type: integer 7590 type: object 7591 type: object 7592 disableAdmin: 7593 description: DisableAdmin will disable the admin user. 7594 type: boolean 7595 extraConfig: 7596 additionalProperties: 7597 type: string 7598 description: "ExtraConfig can be used to add fields to Argo CD configmap 7599 that are not supported by Argo CD CRD. \n Note: ExtraConfig takes 7600 precedence over Argo CD CRD. For example, A user sets `argocd.Spec.DisableAdmin` 7601 = true and also `a.Spec.ExtraConfig[\"admin.enabled\"]` = true. 7602 In this case, operator updates Argo CD Configmap as follows -> argocd-cm.Data[\"admin.enabled\"] 7603 = true." 7604 type: object 7605 gaAnonymizeUsers: 7606 description: GAAnonymizeUsers toggles user IDs being hashed before 7607 sending to google analytics. 7608 type: boolean 7609 gaTrackingID: 7610 description: GATrackingID is the google analytics tracking ID to use. 7611 type: string 7612 grafana: 7613 description: 'Deprecated: Grafana defines the Grafana server options 7614 for ArgoCD.' 7615 properties: 7616 enabled: 7617 description: Enabled will toggle Grafana support globally for 7618 ArgoCD. 7619 type: boolean 7620 host: 7621 description: Host is the hostname to use for Ingress/Route resources. 7622 type: string 7623 image: 7624 description: Image is the Grafana container image. 7625 type: string 7626 ingress: 7627 description: Ingress defines the desired state for an Ingress 7628 for the Grafana component. 7629 properties: 7630 annotations: 7631 additionalProperties: 7632 type: string 7633 description: Annotations is the map of annotations to apply 7634 to the Ingress. 7635 type: object 7636 enabled: 7637 description: Enabled will toggle the creation of the Ingress. 7638 type: boolean 7639 ingressClassName: 7640 description: IngressClassName for the Ingress resource. 7641 type: string 7642 path: 7643 description: Path used for the Ingress resource. 7644 type: string 7645 tls: 7646 description: TLS configuration. Currently the Ingress only 7647 supports a single TLS port, 443. If multiple members of 7648 this list specify different hosts, they will be multiplexed 7649 on the same port according to the hostname specified through 7650 the SNI TLS extension, if the ingress controller fulfilling 7651 the ingress supports SNI. 7652 items: 7653 description: IngressTLS describes the transport layer security 7654 associated with an ingress. 7655 properties: 7656 hosts: 7657 description: hosts is a list of hosts included in the 7658 TLS certificate. The values in this list must match 7659 the name/s used in the tlsSecret. Defaults to the 7660 wildcard host setting for the loadbalancer controller 7661 fulfilling this Ingress, if left unspecified. 7662 items: 7663 type: string 7664 type: array 7665 x-kubernetes-list-type: atomic 7666 secretName: 7667 description: secretName is the name of the secret used 7668 to terminate TLS traffic on port 443. Field is left 7669 optional to allow TLS routing based on SNI hostname 7670 alone. If the SNI host in a listener conflicts with 7671 the "Host" header field used by an IngressRule, the 7672 SNI host is used for termination and value of the 7673 "Host" header is used for routing. 7674 type: string 7675 type: object 7676 type: array 7677 required: 7678 - enabled 7679 type: object 7680 resources: 7681 description: Resources defines the Compute Resources required 7682 by the container for Grafana. 7683 properties: 7684 claims: 7685 description: "Claims lists the names of resources, defined 7686 in spec.resourceClaims, that are used by this container. 7687 \n This is an alpha field and requires enabling the DynamicResourceAllocation 7688 feature gate. \n This field is immutable. It can only be 7689 set for containers." 7690 items: 7691 description: ResourceClaim references one entry in PodSpec.ResourceClaims. 7692 properties: 7693 name: 7694 description: Name must match the name of one entry in 7695 pod.spec.resourceClaims of the Pod where this field 7696 is used. It makes that resource available inside a 7697 container. 7698 type: string 7699 required: 7700 - name 7701 type: object 7702 type: array 7703 x-kubernetes-list-map-keys: 7704 - name 7705 x-kubernetes-list-type: map 7706 limits: 7707 additionalProperties: 7708 anyOf: 7709 - type: integer 7710 - type: string 7711 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 7712 x-kubernetes-int-or-string: true 7713 description: 'Limits describes the maximum amount of compute 7714 resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' 7715 type: object 7716 requests: 7717 additionalProperties: 7718 anyOf: 7719 - type: integer 7720 - type: string 7721 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 7722 x-kubernetes-int-or-string: true 7723 description: 'Requests describes the minimum amount of compute 7724 resources required. If Requests is omitted for a container, 7725 it defaults to Limits if that is explicitly specified, otherwise 7726 to an implementation-defined value. Requests cannot exceed 7727 Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' 7728 type: object 7729 type: object 7730 route: 7731 description: Route defines the desired state for an OpenShift 7732 Route for the Grafana component. 7733 properties: 7734 annotations: 7735 additionalProperties: 7736 type: string 7737 description: Annotations is the map of annotations to use 7738 for the Route resource. 7739 type: object 7740 enabled: 7741 description: Enabled will toggle the creation of the OpenShift 7742 Route. 7743 type: boolean 7744 labels: 7745 additionalProperties: 7746 type: string 7747 description: Labels is the map of labels to use for the Route 7748 resource 7749 type: object 7750 path: 7751 description: Path the router watches for, to route traffic 7752 for to the service. 7753 type: string 7754 tls: 7755 description: TLS provides the ability to configure certificates 7756 and termination for the Route. 7757 properties: 7758 caCertificate: 7759 description: caCertificate provides the cert authority 7760 certificate contents 7761 type: string 7762 certificate: 7763 description: certificate provides certificate contents 7764 type: string 7765 destinationCACertificate: 7766 description: destinationCACertificate provides the contents 7767 of the ca certificate of the final destination. When 7768 using reencrypt termination this file should be provided 7769 in order to have routers use it for health checks on 7770 the secure connection. If this field is not specified, 7771 the router may provide its own destination CA and perform 7772 hostname validation using the short service name (service.namespace.svc), 7773 which allows infrastructure generated certificates to 7774 automatically verify. 7775 type: string 7776 insecureEdgeTerminationPolicy: 7777 description: "insecureEdgeTerminationPolicy indicates 7778 the desired behavior for insecure connections to a route. 7779 While each router may make its own decisions on which 7780 ports to expose, this is normally port 80. \n * Allow 7781 - traffic is sent to the server on the insecure port 7782 (default) * Disable - no traffic is allowed on the insecure 7783 port. * Redirect - clients are redirected to the secure 7784 port." 7785 type: string 7786 key: 7787 description: key provides key file contents 7788 type: string 7789 termination: 7790 description: termination indicates termination type. 7791 type: string 7792 required: 7793 - termination 7794 type: object 7795 wildcardPolicy: 7796 description: WildcardPolicy if any for the route. Currently 7797 only 'Subdomain' or 'None' is allowed. 7798 type: string 7799 required: 7800 - enabled 7801 type: object 7802 size: 7803 description: Size is the replica count for the Grafana Deployment. 7804 format: int32 7805 type: integer 7806 version: 7807 description: Version is the Grafana container image tag. 7808 type: string 7809 required: 7810 - enabled 7811 type: object 7812 ha: 7813 description: HA options for High Availability support for the Redis 7814 component. 7815 properties: 7816 enabled: 7817 description: Enabled will toggle HA support globally for Argo 7818 CD. 7819 type: boolean 7820 redisProxyImage: 7821 description: RedisProxyImage is the Redis HAProxy container image. 7822 type: string 7823 redisProxyVersion: 7824 description: RedisProxyVersion is the Redis HAProxy container 7825 image tag. 7826 type: string 7827 resources: 7828 description: Resources defines the Compute Resources required 7829 by the container for HA. 7830 properties: 7831 claims: 7832 description: "Claims lists the names of resources, defined 7833 in spec.resourceClaims, that are used by this container. 7834 \n This is an alpha field and requires enabling the DynamicResourceAllocation 7835 feature gate. \n This field is immutable. It can only be 7836 set for containers." 7837 items: 7838 description: ResourceClaim references one entry in PodSpec.ResourceClaims. 7839 properties: 7840 name: 7841 description: Name must match the name of one entry in 7842 pod.spec.resourceClaims of the Pod where this field 7843 is used. It makes that resource available inside a 7844 container. 7845 type: string 7846 required: 7847 - name 7848 type: object 7849 type: array 7850 x-kubernetes-list-map-keys: 7851 - name 7852 x-kubernetes-list-type: map 7853 limits: 7854 additionalProperties: 7855 anyOf: 7856 - type: integer 7857 - type: string 7858 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 7859 x-kubernetes-int-or-string: true 7860 description: 'Limits describes the maximum amount of compute 7861 resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' 7862 type: object 7863 requests: 7864 additionalProperties: 7865 anyOf: 7866 - type: integer 7867 - type: string 7868 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 7869 x-kubernetes-int-or-string: true 7870 description: 'Requests describes the minimum amount of compute 7871 resources required. If Requests is omitted for a container, 7872 it defaults to Limits if that is explicitly specified, otherwise 7873 to an implementation-defined value. Requests cannot exceed 7874 Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' 7875 type: object 7876 type: object 7877 required: 7878 - enabled 7879 type: object 7880 helpChatText: 7881 description: HelpChatText is the text for getting chat help, defaults 7882 to "Chat now!" 7883 type: string 7884 helpChatURL: 7885 description: HelpChatURL is the URL for getting chat help, this will 7886 typically be your Slack channel for support. 7887 type: string 7888 image: 7889 description: Image is the ArgoCD container image for all ArgoCD components. 7890 type: string 7891 import: 7892 description: Import is the import/restore options for ArgoCD. 7893 properties: 7894 name: 7895 description: Name of an ArgoCDExport from which to import data. 7896 type: string 7897 namespace: 7898 description: Namespace for the ArgoCDExport, defaults to the same 7899 namespace as the ArgoCD. 7900 type: string 7901 required: 7902 - name 7903 type: object 7904 initialRepositories: 7905 description: InitialRepositories to configure Argo CD with upon creation 7906 of the cluster. 7907 type: string 7908 initialSSHKnownHosts: 7909 description: InitialSSHKnownHosts defines the SSH known hosts data 7910 upon creation of the cluster for connecting Git repositories via 7911 SSH. 7912 properties: 7913 excludedefaulthosts: 7914 description: ExcludeDefaultHosts describes whether you would like 7915 to include the default list of SSH Known Hosts provided by ArgoCD. 7916 type: boolean 7917 keys: 7918 description: Keys describes a custom set of SSH Known Hosts that 7919 you would like to have included in your ArgoCD server. 7920 type: string 7921 type: object 7922 kustomizeBuildOptions: 7923 description: KustomizeBuildOptions is used to specify build options/parameters 7924 to use with `kustomize build`. 7925 type: string 7926 kustomizeVersions: 7927 description: KustomizeVersions is a listing of configured versions 7928 of Kustomize to be made available within ArgoCD. 7929 items: 7930 description: KustomizeVersionSpec is used to specify information 7931 about a kustomize version to be used within ArgoCD. 7932 properties: 7933 path: 7934 description: Path is the path to a configured kustomize version 7935 on the filesystem of your repo server. 7936 type: string 7937 version: 7938 description: Version is a configured kustomize version in the 7939 format of vX.Y.Z 7940 type: string 7941 type: object 7942 type: array 7943 monitoring: 7944 description: Monitoring defines whether workload status monitoring 7945 configuration for this instance. 7946 properties: 7947 enabled: 7948 description: Enabled defines whether workload status monitoring 7949 is enabled for this instance or not 7950 type: boolean 7951 required: 7952 - enabled 7953 type: object 7954 nodePlacement: 7955 description: NodePlacement defines NodeSelectors and Taints for Argo 7956 CD workloads 7957 properties: 7958 nodeSelector: 7959 additionalProperties: 7960 type: string 7961 description: NodeSelector is a field of PodSpec, it is a map of 7962 key value pairs used for node selection 7963 type: object 7964 tolerations: 7965 description: Tolerations allow the pods to schedule onto nodes 7966 with matching taints 7967 items: 7968 description: The pod this Toleration is attached to tolerates 7969 any taint that matches the triple <key,value,effect> using 7970 the matching operator <operator>. 7971 properties: 7972 effect: 7973 description: Effect indicates the taint effect to match. 7974 Empty means match all taint effects. When specified, allowed 7975 values are NoSchedule, PreferNoSchedule and NoExecute. 7976 type: string 7977 key: 7978 description: Key is the taint key that the toleration applies 7979 to. Empty means match all taint keys. If the key is empty, 7980 operator must be Exists; this combination means to match 7981 all values and all keys. 7982 type: string 7983 operator: 7984 description: Operator represents a key's relationship to 7985 the value. Valid operators are Exists and Equal. Defaults 7986 to Equal. Exists is equivalent to wildcard for value, 7987 so that a pod can tolerate all taints of a particular 7988 category. 7989 type: string 7990 tolerationSeconds: 7991 description: TolerationSeconds represents the period of 7992 time the toleration (which must be of effect NoExecute, 7993 otherwise this field is ignored) tolerates the taint. 7994 By default, it is not set, which means tolerate the taint 7995 forever (do not evict). Zero and negative values will 7996 be treated as 0 (evict immediately) by the system. 7997 format: int64 7998 type: integer 7999 value: 8000 description: Value is the taint value the toleration matches 8001 to. If the operator is Exists, the value should be empty, 8002 otherwise just a regular string. 8003 type: string 8004 type: object 8005 type: array 8006 type: object 8007 notifications: 8008 description: Notifications defines whether the Argo CD Notifications 8009 controller should be installed. 8010 properties: 8011 enabled: 8012 description: Enabled defines whether argocd-notifications controller 8013 should be deployed or not 8014 type: boolean 8015 env: 8016 description: Env let you specify environment variables for Notifications 8017 pods 8018 items: 8019 description: EnvVar represents an environment variable present 8020 in a Container. 8021 properties: 8022 name: 8023 description: Name of the environment variable. Must be a 8024 C_IDENTIFIER. 8025 type: string 8026 value: 8027 description: 'Variable references $(VAR_NAME) are expanded 8028 using the previously defined environment variables in 8029 the container and any service environment variables. If 8030 a variable cannot be resolved, the reference in the input 8031 string will be unchanged. Double $$ are reduced to a single 8032 $, which allows for escaping the $(VAR_NAME) syntax: i.e. 8033 "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". 8034 Escaped references will never be expanded, regardless 8035 of whether the variable exists or not. Defaults to "".' 8036 type: string 8037 valueFrom: 8038 description: Source for the environment variable's value. 8039 Cannot be used if value is not empty. 8040 properties: 8041 configMapKeyRef: 8042 description: Selects a key of a ConfigMap. 8043 properties: 8044 key: 8045 description: The key to select. 8046 type: string 8047 name: 8048 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 8049 TODO: Add other useful fields. apiVersion, kind, 8050 uid?' 8051 type: string 8052 optional: 8053 description: Specify whether the ConfigMap or its 8054 key must be defined 8055 type: boolean 8056 required: 8057 - key 8058 type: object 8059 fieldRef: 8060 description: 'Selects a field of the pod: supports metadata.name, 8061 metadata.namespace, `metadata.labels[''<KEY>'']`, 8062 `metadata.annotations[''<KEY>'']`, spec.nodeName, 8063 spec.serviceAccountName, status.hostIP, status.podIP, 8064 status.podIPs.' 8065 properties: 8066 apiVersion: 8067 description: Version of the schema the FieldPath 8068 is written in terms of, defaults to "v1". 8069 type: string 8070 fieldPath: 8071 description: Path of the field to select in the 8072 specified API version. 8073 type: string 8074 required: 8075 - fieldPath 8076 type: object 8077 resourceFieldRef: 8078 description: 'Selects a resource of the container: only 8079 resources limits and requests (limits.cpu, limits.memory, 8080 limits.ephemeral-storage, requests.cpu, requests.memory 8081 and requests.ephemeral-storage) are currently supported.' 8082 properties: 8083 containerName: 8084 description: 'Container name: required for volumes, 8085 optional for env vars' 8086 type: string 8087 divisor: 8088 anyOf: 8089 - type: integer 8090 - type: string 8091 description: Specifies the output format of the 8092 exposed resources, defaults to "1" 8093 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 8094 x-kubernetes-int-or-string: true 8095 resource: 8096 description: 'Required: resource to select' 8097 type: string 8098 required: 8099 - resource 8100 type: object 8101 secretKeyRef: 8102 description: Selects a key of a secret in the pod's 8103 namespace 8104 properties: 8105 key: 8106 description: The key of the secret to select from. Must 8107 be a valid secret key. 8108 type: string 8109 name: 8110 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 8111 TODO: Add other useful fields. apiVersion, kind, 8112 uid?' 8113 type: string 8114 optional: 8115 description: Specify whether the Secret or its key 8116 must be defined 8117 type: boolean 8118 required: 8119 - key 8120 type: object 8121 type: object 8122 required: 8123 - name 8124 type: object 8125 type: array 8126 image: 8127 description: Image is the Argo CD Notifications image (optional) 8128 type: string 8129 logLevel: 8130 description: LogLevel describes the log level that should be used 8131 by the argocd-notifications. Defaults to ArgoCDDefaultLogLevel 8132 if not set. Valid options are debug,info, error, and warn. 8133 type: string 8134 replicas: 8135 description: Replicas defines the number of replicas to run for 8136 notifications-controller 8137 format: int32 8138 type: integer 8139 resources: 8140 description: Resources defines the Compute Resources required 8141 by the container for Argo CD Notifications. 8142 properties: 8143 claims: 8144 description: "Claims lists the names of resources, defined 8145 in spec.resourceClaims, that are used by this container. 8146 \n This is an alpha field and requires enabling the DynamicResourceAllocation 8147 feature gate. \n This field is immutable. It can only be 8148 set for containers." 8149 items: 8150 description: ResourceClaim references one entry in PodSpec.ResourceClaims. 8151 properties: 8152 name: 8153 description: Name must match the name of one entry in 8154 pod.spec.resourceClaims of the Pod where this field 8155 is used. It makes that resource available inside a 8156 container. 8157 type: string 8158 required: 8159 - name 8160 type: object 8161 type: array 8162 x-kubernetes-list-map-keys: 8163 - name 8164 x-kubernetes-list-type: map 8165 limits: 8166 additionalProperties: 8167 anyOf: 8168 - type: integer 8169 - type: string 8170 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 8171 x-kubernetes-int-or-string: true 8172 description: 'Limits describes the maximum amount of compute 8173 resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' 8174 type: object 8175 requests: 8176 additionalProperties: 8177 anyOf: 8178 - type: integer 8179 - type: string 8180 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 8181 x-kubernetes-int-or-string: true 8182 description: 'Requests describes the minimum amount of compute 8183 resources required. If Requests is omitted for a container, 8184 it defaults to Limits if that is explicitly specified, otherwise 8185 to an implementation-defined value. Requests cannot exceed 8186 Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' 8187 type: object 8188 type: object 8189 version: 8190 description: Version is the Argo CD Notifications image tag. (optional) 8191 type: string 8192 required: 8193 - enabled 8194 type: object 8195 oidcConfig: 8196 description: OIDCConfig is the OIDC configuration as an alternative 8197 to dex. 8198 type: string 8199 prometheus: 8200 description: Prometheus defines the Prometheus server options for 8201 ArgoCD. 8202 properties: 8203 enabled: 8204 description: Enabled will toggle Prometheus support globally for 8205 ArgoCD. 8206 type: boolean 8207 host: 8208 description: Host is the hostname to use for Ingress/Route resources. 8209 type: string 8210 ingress: 8211 description: Ingress defines the desired state for an Ingress 8212 for the Prometheus component. 8213 properties: 8214 annotations: 8215 additionalProperties: 8216 type: string 8217 description: Annotations is the map of annotations to apply 8218 to the Ingress. 8219 type: object 8220 enabled: 8221 description: Enabled will toggle the creation of the Ingress. 8222 type: boolean 8223 ingressClassName: 8224 description: IngressClassName for the Ingress resource. 8225 type: string 8226 path: 8227 description: Path used for the Ingress resource. 8228 type: string 8229 tls: 8230 description: TLS configuration. Currently the Ingress only 8231 supports a single TLS port, 443. If multiple members of 8232 this list specify different hosts, they will be multiplexed 8233 on the same port according to the hostname specified through 8234 the SNI TLS extension, if the ingress controller fulfilling 8235 the ingress supports SNI. 8236 items: 8237 description: IngressTLS describes the transport layer security 8238 associated with an ingress. 8239 properties: 8240 hosts: 8241 description: hosts is a list of hosts included in the 8242 TLS certificate. The values in this list must match 8243 the name/s used in the tlsSecret. Defaults to the 8244 wildcard host setting for the loadbalancer controller 8245 fulfilling this Ingress, if left unspecified. 8246 items: 8247 type: string 8248 type: array 8249 x-kubernetes-list-type: atomic 8250 secretName: 8251 description: secretName is the name of the secret used 8252 to terminate TLS traffic on port 443. Field is left 8253 optional to allow TLS routing based on SNI hostname 8254 alone. If the SNI host in a listener conflicts with 8255 the "Host" header field used by an IngressRule, the 8256 SNI host is used for termination and value of the 8257 "Host" header is used for routing. 8258 type: string 8259 type: object 8260 type: array 8261 required: 8262 - enabled 8263 type: object 8264 route: 8265 description: Route defines the desired state for an OpenShift 8266 Route for the Prometheus component. 8267 properties: 8268 annotations: 8269 additionalProperties: 8270 type: string 8271 description: Annotations is the map of annotations to use 8272 for the Route resource. 8273 type: object 8274 enabled: 8275 description: Enabled will toggle the creation of the OpenShift 8276 Route. 8277 type: boolean 8278 labels: 8279 additionalProperties: 8280 type: string 8281 description: Labels is the map of labels to use for the Route 8282 resource 8283 type: object 8284 path: 8285 description: Path the router watches for, to route traffic 8286 for to the service. 8287 type: string 8288 tls: 8289 description: TLS provides the ability to configure certificates 8290 and termination for the Route. 8291 properties: 8292 caCertificate: 8293 description: caCertificate provides the cert authority 8294 certificate contents 8295 type: string 8296 certificate: 8297 description: certificate provides certificate contents 8298 type: string 8299 destinationCACertificate: 8300 description: destinationCACertificate provides the contents 8301 of the ca certificate of the final destination. When 8302 using reencrypt termination this file should be provided 8303 in order to have routers use it for health checks on 8304 the secure connection. If this field is not specified, 8305 the router may provide its own destination CA and perform 8306 hostname validation using the short service name (service.namespace.svc), 8307 which allows infrastructure generated certificates to 8308 automatically verify. 8309 type: string 8310 insecureEdgeTerminationPolicy: 8311 description: "insecureEdgeTerminationPolicy indicates 8312 the desired behavior for insecure connections to a route. 8313 While each router may make its own decisions on which 8314 ports to expose, this is normally port 80. \n * Allow 8315 - traffic is sent to the server on the insecure port 8316 (default) * Disable - no traffic is allowed on the insecure 8317 port. * Redirect - clients are redirected to the secure 8318 port." 8319 type: string 8320 key: 8321 description: key provides key file contents 8322 type: string 8323 termination: 8324 description: termination indicates termination type. 8325 type: string 8326 required: 8327 - termination 8328 type: object 8329 wildcardPolicy: 8330 description: WildcardPolicy if any for the route. Currently 8331 only 'Subdomain' or 'None' is allowed. 8332 type: string 8333 required: 8334 - enabled 8335 type: object 8336 size: 8337 description: Size is the replica count for the Prometheus StatefulSet. 8338 format: int32 8339 type: integer 8340 required: 8341 - enabled 8342 type: object 8343 rbac: 8344 description: RBAC defines the RBAC configuration for Argo CD. 8345 properties: 8346 defaultPolicy: 8347 description: DefaultPolicy is the name of the default role which 8348 Argo CD will falls back to, when authorizing API requests (optional). 8349 If omitted or empty, users may be still be able to login, but 8350 will see no apps, projects, etc... 8351 type: string 8352 policy: 8353 description: 'Policy is CSV containing user-defined RBAC policies 8354 and role definitions. Policy rules are in the form: p, subject, 8355 resource, action, object, effect Role definitions and bindings 8356 are in the form: g, subject, inherited-subject See https://github.com/argoproj/argo-cd/blob/master/docs/operator-manual/rbac.md 8357 for additional information.' 8358 type: string 8359 policyMatcherMode: 8360 description: PolicyMatcherMode configures the matchers function 8361 mode for casbin. There are two options for this, 'glob' for 8362 glob matcher or 'regex' for regex matcher. 8363 type: string 8364 scopes: 8365 description: 'Scopes controls which OIDC scopes to examine during 8366 rbac enforcement (in addition to `sub` scope). If omitted, defaults 8367 to: ''[groups]''.' 8368 type: string 8369 type: object 8370 redis: 8371 description: Redis defines the Redis server options for ArgoCD. 8372 properties: 8373 autotls: 8374 description: 'AutoTLS specifies the method to use for automatic 8375 TLS configuration for the redis server The value specified here 8376 can currently be: - openshift - Use the OpenShift service CA 8377 to request TLS config' 8378 type: string 8379 disableTLSVerification: 8380 description: DisableTLSVerification defines whether redis server 8381 API should be accessed using strict TLS validation 8382 type: boolean 8383 enabled: 8384 description: Enabled is the flag to enable Redis during ArgoCD 8385 installation. (optional, default `true`) 8386 type: boolean 8387 image: 8388 description: Image is the Redis container image. 8389 type: string 8390 remote: 8391 description: Remote specifies the remote URL of the Redis container. 8392 (optional, by default, a local instance managed by the operator 8393 is used.) 8394 type: string 8395 resources: 8396 description: Resources defines the Compute Resources required 8397 by the container for Redis. 8398 properties: 8399 claims: 8400 description: "Claims lists the names of resources, defined 8401 in spec.resourceClaims, that are used by this container. 8402 \n This is an alpha field and requires enabling the DynamicResourceAllocation 8403 feature gate. \n This field is immutable. It can only be 8404 set for containers." 8405 items: 8406 description: ResourceClaim references one entry in PodSpec.ResourceClaims. 8407 properties: 8408 name: 8409 description: Name must match the name of one entry in 8410 pod.spec.resourceClaims of the Pod where this field 8411 is used. It makes that resource available inside a 8412 container. 8413 type: string 8414 required: 8415 - name 8416 type: object 8417 type: array 8418 x-kubernetes-list-map-keys: 8419 - name 8420 x-kubernetes-list-type: map 8421 limits: 8422 additionalProperties: 8423 anyOf: 8424 - type: integer 8425 - type: string 8426 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 8427 x-kubernetes-int-or-string: true 8428 description: 'Limits describes the maximum amount of compute 8429 resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' 8430 type: object 8431 requests: 8432 additionalProperties: 8433 anyOf: 8434 - type: integer 8435 - type: string 8436 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 8437 x-kubernetes-int-or-string: true 8438 description: 'Requests describes the minimum amount of compute 8439 resources required. If Requests is omitted for a container, 8440 it defaults to Limits if that is explicitly specified, otherwise 8441 to an implementation-defined value. Requests cannot exceed 8442 Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' 8443 type: object 8444 type: object 8445 version: 8446 description: Version is the Redis container image tag. 8447 type: string 8448 type: object 8449 repo: 8450 description: Repo defines the repo server options for Argo CD. 8451 properties: 8452 autotls: 8453 description: 'AutoTLS specifies the method to use for automatic 8454 TLS configuration for the repo server The value specified here 8455 can currently be: - openshift - Use the OpenShift service CA 8456 to request TLS config' 8457 type: string 8458 enabled: 8459 description: Enabled is the flag to enable Repo Server during 8460 ArgoCD installation. (optional, default `true`) 8461 type: boolean 8462 env: 8463 description: Env lets you specify environment for repo server 8464 pods 8465 items: 8466 description: EnvVar represents an environment variable present 8467 in a Container. 8468 properties: 8469 name: 8470 description: Name of the environment variable. Must be a 8471 C_IDENTIFIER. 8472 type: string 8473 value: 8474 description: 'Variable references $(VAR_NAME) are expanded 8475 using the previously defined environment variables in 8476 the container and any service environment variables. If 8477 a variable cannot be resolved, the reference in the input 8478 string will be unchanged. Double $$ are reduced to a single 8479 $, which allows for escaping the $(VAR_NAME) syntax: i.e. 8480 "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". 8481 Escaped references will never be expanded, regardless 8482 of whether the variable exists or not. Defaults to "".' 8483 type: string 8484 valueFrom: 8485 description: Source for the environment variable's value. 8486 Cannot be used if value is not empty. 8487 properties: 8488 configMapKeyRef: 8489 description: Selects a key of a ConfigMap. 8490 properties: 8491 key: 8492 description: The key to select. 8493 type: string 8494 name: 8495 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 8496 TODO: Add other useful fields. apiVersion, kind, 8497 uid?' 8498 type: string 8499 optional: 8500 description: Specify whether the ConfigMap or its 8501 key must be defined 8502 type: boolean 8503 required: 8504 - key 8505 type: object 8506 fieldRef: 8507 description: 'Selects a field of the pod: supports metadata.name, 8508 metadata.namespace, `metadata.labels[''<KEY>'']`, 8509 `metadata.annotations[''<KEY>'']`, spec.nodeName, 8510 spec.serviceAccountName, status.hostIP, status.podIP, 8511 status.podIPs.' 8512 properties: 8513 apiVersion: 8514 description: Version of the schema the FieldPath 8515 is written in terms of, defaults to "v1". 8516 type: string 8517 fieldPath: 8518 description: Path of the field to select in the 8519 specified API version. 8520 type: string 8521 required: 8522 - fieldPath 8523 type: object 8524 resourceFieldRef: 8525 description: 'Selects a resource of the container: only 8526 resources limits and requests (limits.cpu, limits.memory, 8527 limits.ephemeral-storage, requests.cpu, requests.memory 8528 and requests.ephemeral-storage) are currently supported.' 8529 properties: 8530 containerName: 8531 description: 'Container name: required for volumes, 8532 optional for env vars' 8533 type: string 8534 divisor: 8535 anyOf: 8536 - type: integer 8537 - type: string 8538 description: Specifies the output format of the 8539 exposed resources, defaults to "1" 8540 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 8541 x-kubernetes-int-or-string: true 8542 resource: 8543 description: 'Required: resource to select' 8544 type: string 8545 required: 8546 - resource 8547 type: object 8548 secretKeyRef: 8549 description: Selects a key of a secret in the pod's 8550 namespace 8551 properties: 8552 key: 8553 description: The key of the secret to select from. Must 8554 be a valid secret key. 8555 type: string 8556 name: 8557 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 8558 TODO: Add other useful fields. apiVersion, kind, 8559 uid?' 8560 type: string 8561 optional: 8562 description: Specify whether the Secret or its key 8563 must be defined 8564 type: boolean 8565 required: 8566 - key 8567 type: object 8568 type: object 8569 required: 8570 - name 8571 type: object 8572 type: array 8573 execTimeout: 8574 description: ExecTimeout specifies the timeout in seconds for 8575 tool execution 8576 type: integer 8577 extraRepoCommandArgs: 8578 description: Extra Command arguments allows users to pass command 8579 line arguments to repo server workload. They get added to default 8580 command line arguments provided by the operator. Please note 8581 that the command line arguments provided as part of ExtraRepoCommandArgs 8582 will not overwrite the default command line arguments. 8583 items: 8584 type: string 8585 type: array 8586 image: 8587 description: Image is the ArgoCD Repo Server container image. 8588 type: string 8589 initContainers: 8590 description: InitContainers defines the list of initialization 8591 containers for the repo server deployment 8592 items: 8593 description: A single application container that you want to 8594 run within a pod. 8595 properties: 8596 args: 8597 description: 'Arguments to the entrypoint. The container 8598 image''s CMD is used if this is not provided. Variable 8599 references $(VAR_NAME) are expanded using the container''s 8600 environment. If a variable cannot be resolved, the reference 8601 in the input string will be unchanged. Double $$ are reduced 8602 to a single $, which allows for escaping the $(VAR_NAME) 8603 syntax: i.e. "$$(VAR_NAME)" will produce the string literal 8604 "$(VAR_NAME)". Escaped references will never be expanded, 8605 regardless of whether the variable exists or not. Cannot 8606 be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell' 8607 items: 8608 type: string 8609 type: array 8610 command: 8611 description: 'Entrypoint array. Not executed within a shell. 8612 The container image''s ENTRYPOINT is used if this is not 8613 provided. Variable references $(VAR_NAME) are expanded 8614 using the container''s environment. If a variable cannot 8615 be resolved, the reference in the input string will be 8616 unchanged. Double $$ are reduced to a single $, which 8617 allows for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" 8618 will produce the string literal "$(VAR_NAME)". Escaped 8619 references will never be expanded, regardless of whether 8620 the variable exists or not. Cannot be updated. More info: 8621 https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell' 8622 items: 8623 type: string 8624 type: array 8625 env: 8626 description: List of environment variables to set in the 8627 container. Cannot be updated. 8628 items: 8629 description: EnvVar represents an environment variable 8630 present in a Container. 8631 properties: 8632 name: 8633 description: Name of the environment variable. Must 8634 be a C_IDENTIFIER. 8635 type: string 8636 value: 8637 description: 'Variable references $(VAR_NAME) are 8638 expanded using the previously defined environment 8639 variables in the container and any service environment 8640 variables. If a variable cannot be resolved, the 8641 reference in the input string will be unchanged. 8642 Double $$ are reduced to a single $, which allows 8643 for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" 8644 will produce the string literal "$(VAR_NAME)". Escaped 8645 references will never be expanded, regardless of 8646 whether the variable exists or not. Defaults to 8647 "".' 8648 type: string 8649 valueFrom: 8650 description: Source for the environment variable's 8651 value. Cannot be used if value is not empty. 8652 properties: 8653 configMapKeyRef: 8654 description: Selects a key of a ConfigMap. 8655 properties: 8656 key: 8657 description: The key to select. 8658 type: string 8659 name: 8660 description: 'Name of the referent. More info: 8661 https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 8662 TODO: Add other useful fields. apiVersion, 8663 kind, uid?' 8664 type: string 8665 optional: 8666 description: Specify whether the ConfigMap 8667 or its key must be defined 8668 type: boolean 8669 required: 8670 - key 8671 type: object 8672 fieldRef: 8673 description: 'Selects a field of the pod: supports 8674 metadata.name, metadata.namespace, `metadata.labels[''<KEY>'']`, 8675 `metadata.annotations[''<KEY>'']`, spec.nodeName, 8676 spec.serviceAccountName, status.hostIP, status.podIP, 8677 status.podIPs.' 8678 properties: 8679 apiVersion: 8680 description: Version of the schema the FieldPath 8681 is written in terms of, defaults to "v1". 8682 type: string 8683 fieldPath: 8684 description: Path of the field to select in 8685 the specified API version. 8686 type: string 8687 required: 8688 - fieldPath 8689 type: object 8690 resourceFieldRef: 8691 description: 'Selects a resource of the container: 8692 only resources limits and requests (limits.cpu, 8693 limits.memory, limits.ephemeral-storage, requests.cpu, 8694 requests.memory and requests.ephemeral-storage) 8695 are currently supported.' 8696 properties: 8697 containerName: 8698 description: 'Container name: required for 8699 volumes, optional for env vars' 8700 type: string 8701 divisor: 8702 anyOf: 8703 - type: integer 8704 - type: string 8705 description: Specifies the output format of 8706 the exposed resources, defaults to "1" 8707 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 8708 x-kubernetes-int-or-string: true 8709 resource: 8710 description: 'Required: resource to select' 8711 type: string 8712 required: 8713 - resource 8714 type: object 8715 secretKeyRef: 8716 description: Selects a key of a secret in the 8717 pod's namespace 8718 properties: 8719 key: 8720 description: The key of the secret to select 8721 from. Must be a valid secret key. 8722 type: string 8723 name: 8724 description: 'Name of the referent. More info: 8725 https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 8726 TODO: Add other useful fields. apiVersion, 8727 kind, uid?' 8728 type: string 8729 optional: 8730 description: Specify whether the Secret or 8731 its key must be defined 8732 type: boolean 8733 required: 8734 - key 8735 type: object 8736 type: object 8737 required: 8738 - name 8739 type: object 8740 type: array 8741 envFrom: 8742 description: List of sources to populate environment variables 8743 in the container. The keys defined within a source must 8744 be a C_IDENTIFIER. All invalid keys will be reported as 8745 an event when the container is starting. When a key exists 8746 in multiple sources, the value associated with the last 8747 source will take precedence. Values defined by an Env 8748 with a duplicate key will take precedence. Cannot be updated. 8749 items: 8750 description: EnvFromSource represents the source of a 8751 set of ConfigMaps 8752 properties: 8753 configMapRef: 8754 description: The ConfigMap to select from 8755 properties: 8756 name: 8757 description: 'Name of the referent. More info: 8758 https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 8759 TODO: Add other useful fields. apiVersion, kind, 8760 uid?' 8761 type: string 8762 optional: 8763 description: Specify whether the ConfigMap must 8764 be defined 8765 type: boolean 8766 type: object 8767 prefix: 8768 description: An optional identifier to prepend to 8769 each key in the ConfigMap. Must be a C_IDENTIFIER. 8770 type: string 8771 secretRef: 8772 description: The Secret to select from 8773 properties: 8774 name: 8775 description: 'Name of the referent. More info: 8776 https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 8777 TODO: Add other useful fields. apiVersion, kind, 8778 uid?' 8779 type: string 8780 optional: 8781 description: Specify whether the Secret must be 8782 defined 8783 type: boolean 8784 type: object 8785 type: object 8786 type: array 8787 image: 8788 description: 'Container image name. More info: https://kubernetes.io/docs/concepts/containers/images 8789 This field is optional to allow higher level config management 8790 to default or override container images in workload controllers 8791 like Deployments and StatefulSets.' 8792 type: string 8793 imagePullPolicy: 8794 description: 'Image pull policy. One of Always, Never, IfNotPresent. 8795 Defaults to Always if :latest tag is specified, or IfNotPresent 8796 otherwise. Cannot be updated. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images' 8797 type: string 8798 lifecycle: 8799 description: Actions that the management system should take 8800 in response to container lifecycle events. Cannot be updated. 8801 properties: 8802 postStart: 8803 description: 'PostStart is called immediately after 8804 a container is created. If the handler fails, the 8805 container is terminated and restarted according to 8806 its restart policy. Other management of the container 8807 blocks until the hook completes. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks' 8808 properties: 8809 exec: 8810 description: Exec specifies the action to take. 8811 properties: 8812 command: 8813 description: Command is the command line to 8814 execute inside the container, the working 8815 directory for the command is root ('/') in 8816 the container's filesystem. The command is 8817 simply exec'd, it is not run inside a shell, 8818 so traditional shell instructions ('|', etc) 8819 won't work. To use a shell, you need to explicitly 8820 call out to that shell. Exit status of 0 is 8821 treated as live/healthy and non-zero is unhealthy. 8822 items: 8823 type: string 8824 type: array 8825 type: object 8826 httpGet: 8827 description: HTTPGet specifies the http request 8828 to perform. 8829 properties: 8830 host: 8831 description: Host name to connect to, defaults 8832 to the pod IP. You probably want to set "Host" 8833 in httpHeaders instead. 8834 type: string 8835 httpHeaders: 8836 description: Custom headers to set in the request. 8837 HTTP allows repeated headers. 8838 items: 8839 description: HTTPHeader describes a custom 8840 header to be used in HTTP probes 8841 properties: 8842 name: 8843 description: The header field name. This 8844 will be canonicalized upon output, so 8845 case-variant names will be understood 8846 as the same header. 8847 type: string 8848 value: 8849 description: The header field value 8850 type: string 8851 required: 8852 - name 8853 - value 8854 type: object 8855 type: array 8856 path: 8857 description: Path to access on the HTTP server. 8858 type: string 8859 port: 8860 anyOf: 8861 - type: integer 8862 - type: string 8863 description: Name or number of the port to access 8864 on the container. Number must be in the range 8865 1 to 65535. Name must be an IANA_SVC_NAME. 8866 x-kubernetes-int-or-string: true 8867 scheme: 8868 description: Scheme to use for connecting to 8869 the host. Defaults to HTTP. 8870 type: string 8871 required: 8872 - port 8873 type: object 8874 tcpSocket: 8875 description: Deprecated. TCPSocket is NOT supported 8876 as a LifecycleHandler and kept for the backward 8877 compatibility. There are no validation of this 8878 field and lifecycle hooks will fail in runtime 8879 when tcp handler is specified. 8880 properties: 8881 host: 8882 description: 'Optional: Host name to connect 8883 to, defaults to the pod IP.' 8884 type: string 8885 port: 8886 anyOf: 8887 - type: integer 8888 - type: string 8889 description: Number or name of the port to access 8890 on the container. Number must be in the range 8891 1 to 65535. Name must be an IANA_SVC_NAME. 8892 x-kubernetes-int-or-string: true 8893 required: 8894 - port 8895 type: object 8896 type: object 8897 preStop: 8898 description: 'PreStop is called immediately before a 8899 container is terminated due to an API request or management 8900 event such as liveness/startup probe failure, preemption, 8901 resource contention, etc. The handler is not called 8902 if the container crashes or exits. The Pod''s termination 8903 grace period countdown begins before the PreStop hook 8904 is executed. Regardless of the outcome of the handler, 8905 the container will eventually terminate within the 8906 Pod''s termination grace period (unless delayed by 8907 finalizers). Other management of the container blocks 8908 until the hook completes or until the termination 8909 grace period is reached. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks' 8910 properties: 8911 exec: 8912 description: Exec specifies the action to take. 8913 properties: 8914 command: 8915 description: Command is the command line to 8916 execute inside the container, the working 8917 directory for the command is root ('/') in 8918 the container's filesystem. The command is 8919 simply exec'd, it is not run inside a shell, 8920 so traditional shell instructions ('|', etc) 8921 won't work. To use a shell, you need to explicitly 8922 call out to that shell. Exit status of 0 is 8923 treated as live/healthy and non-zero is unhealthy. 8924 items: 8925 type: string 8926 type: array 8927 type: object 8928 httpGet: 8929 description: HTTPGet specifies the http request 8930 to perform. 8931 properties: 8932 host: 8933 description: Host name to connect to, defaults 8934 to the pod IP. You probably want to set "Host" 8935 in httpHeaders instead. 8936 type: string 8937 httpHeaders: 8938 description: Custom headers to set in the request. 8939 HTTP allows repeated headers. 8940 items: 8941 description: HTTPHeader describes a custom 8942 header to be used in HTTP probes 8943 properties: 8944 name: 8945 description: The header field name. This 8946 will be canonicalized upon output, so 8947 case-variant names will be understood 8948 as the same header. 8949 type: string 8950 value: 8951 description: The header field value 8952 type: string 8953 required: 8954 - name 8955 - value 8956 type: object 8957 type: array 8958 path: 8959 description: Path to access on the HTTP server. 8960 type: string 8961 port: 8962 anyOf: 8963 - type: integer 8964 - type: string 8965 description: Name or number of the port to access 8966 on the container. Number must be in the range 8967 1 to 65535. Name must be an IANA_SVC_NAME. 8968 x-kubernetes-int-or-string: true 8969 scheme: 8970 description: Scheme to use for connecting to 8971 the host. Defaults to HTTP. 8972 type: string 8973 required: 8974 - port 8975 type: object 8976 tcpSocket: 8977 description: Deprecated. TCPSocket is NOT supported 8978 as a LifecycleHandler and kept for the backward 8979 compatibility. There are no validation of this 8980 field and lifecycle hooks will fail in runtime 8981 when tcp handler is specified. 8982 properties: 8983 host: 8984 description: 'Optional: Host name to connect 8985 to, defaults to the pod IP.' 8986 type: string 8987 port: 8988 anyOf: 8989 - type: integer 8990 - type: string 8991 description: Number or name of the port to access 8992 on the container. Number must be in the range 8993 1 to 65535. Name must be an IANA_SVC_NAME. 8994 x-kubernetes-int-or-string: true 8995 required: 8996 - port 8997 type: object 8998 type: object 8999 type: object 9000 livenessProbe: 9001 description: 'Periodic probe of container liveness. Container 9002 will be restarted if the probe fails. Cannot be updated. 9003 More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' 9004 properties: 9005 exec: 9006 description: Exec specifies the action to take. 9007 properties: 9008 command: 9009 description: Command is the command line to execute 9010 inside the container, the working directory for 9011 the command is root ('/') in the container's 9012 filesystem. The command is simply exec'd, it is 9013 not run inside a shell, so traditional shell instructions 9014 ('|', etc) won't work. To use a shell, you need 9015 to explicitly call out to that shell. Exit status 9016 of 0 is treated as live/healthy and non-zero is 9017 unhealthy. 9018 items: 9019 type: string 9020 type: array 9021 type: object 9022 failureThreshold: 9023 description: Minimum consecutive failures for the probe 9024 to be considered failed after having succeeded. Defaults 9025 to 3. Minimum value is 1. 9026 format: int32 9027 type: integer 9028 grpc: 9029 description: GRPC specifies an action involving a GRPC 9030 port. 9031 properties: 9032 port: 9033 description: Port number of the gRPC service. Number 9034 must be in the range 1 to 65535. 9035 format: int32 9036 type: integer 9037 service: 9038 description: "Service is the name of the service 9039 to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). 9040 \n If this is not specified, the default behavior 9041 is defined by gRPC." 9042 type: string 9043 required: 9044 - port 9045 type: object 9046 httpGet: 9047 description: HTTPGet specifies the http request to perform. 9048 properties: 9049 host: 9050 description: Host name to connect to, defaults to 9051 the pod IP. You probably want to set "Host" in 9052 httpHeaders instead. 9053 type: string 9054 httpHeaders: 9055 description: Custom headers to set in the request. 9056 HTTP allows repeated headers. 9057 items: 9058 description: HTTPHeader describes a custom header 9059 to be used in HTTP probes 9060 properties: 9061 name: 9062 description: The header field name. This will 9063 be canonicalized upon output, so case-variant 9064 names will be understood as the same header. 9065 type: string 9066 value: 9067 description: The header field value 9068 type: string 9069 required: 9070 - name 9071 - value 9072 type: object 9073 type: array 9074 path: 9075 description: Path to access on the HTTP server. 9076 type: string 9077 port: 9078 anyOf: 9079 - type: integer 9080 - type: string 9081 description: Name or number of the port to access 9082 on the container. Number must be in the range 9083 1 to 65535. Name must be an IANA_SVC_NAME. 9084 x-kubernetes-int-or-string: true 9085 scheme: 9086 description: Scheme to use for connecting to the 9087 host. Defaults to HTTP. 9088 type: string 9089 required: 9090 - port 9091 type: object 9092 initialDelaySeconds: 9093 description: 'Number of seconds after the container 9094 has started before liveness probes are initiated. 9095 More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' 9096 format: int32 9097 type: integer 9098 periodSeconds: 9099 description: How often (in seconds) to perform the probe. 9100 Default to 10 seconds. Minimum value is 1. 9101 format: int32 9102 type: integer 9103 successThreshold: 9104 description: Minimum consecutive successes for the probe 9105 to be considered successful after having failed. Defaults 9106 to 1. Must be 1 for liveness and startup. Minimum 9107 value is 1. 9108 format: int32 9109 type: integer 9110 tcpSocket: 9111 description: TCPSocket specifies an action involving 9112 a TCP port. 9113 properties: 9114 host: 9115 description: 'Optional: Host name to connect to, 9116 defaults to the pod IP.' 9117 type: string 9118 port: 9119 anyOf: 9120 - type: integer 9121 - type: string 9122 description: Number or name of the port to access 9123 on the container. Number must be in the range 9124 1 to 65535. Name must be an IANA_SVC_NAME. 9125 x-kubernetes-int-or-string: true 9126 required: 9127 - port 9128 type: object 9129 terminationGracePeriodSeconds: 9130 description: Optional duration in seconds the pod needs 9131 to terminate gracefully upon probe failure. The grace 9132 period is the duration in seconds after the processes 9133 running in the pod are sent a termination signal and 9134 the time when the processes are forcibly halted with 9135 a kill signal. Set this value longer than the expected 9136 cleanup time for your process. If this value is nil, 9137 the pod's terminationGracePeriodSeconds will be used. 9138 Otherwise, this value overrides the value provided 9139 by the pod spec. Value must be non-negative integer. 9140 The value zero indicates stop immediately via the 9141 kill signal (no opportunity to shut down). This is 9142 a beta field and requires enabling ProbeTerminationGracePeriod 9143 feature gate. Minimum value is 1. spec.terminationGracePeriodSeconds 9144 is used if unset. 9145 format: int64 9146 type: integer 9147 timeoutSeconds: 9148 description: 'Number of seconds after which the probe 9149 times out. Defaults to 1 second. Minimum value is 9150 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' 9151 format: int32 9152 type: integer 9153 type: object 9154 name: 9155 description: Name of the container specified as a DNS_LABEL. 9156 Each container in a pod must have a unique name (DNS_LABEL). 9157 Cannot be updated. 9158 type: string 9159 ports: 9160 description: List of ports to expose from the container. 9161 Not specifying a port here DOES NOT prevent that port 9162 from being exposed. Any port which is listening on the 9163 default "0.0.0.0" address inside a container will be accessible 9164 from the network. Modifying this array with strategic 9165 merge patch may corrupt the data. For more information 9166 See https://github.com/kubernetes/kubernetes/issues/108255. 9167 Cannot be updated. 9168 items: 9169 description: ContainerPort represents a network port in 9170 a single container. 9171 properties: 9172 containerPort: 9173 description: Number of port to expose on the pod's 9174 IP address. This must be a valid port number, 0 9175 < x < 65536. 9176 format: int32 9177 type: integer 9178 hostIP: 9179 description: What host IP to bind the external port 9180 to. 9181 type: string 9182 hostPort: 9183 description: Number of port to expose on the host. 9184 If specified, this must be a valid port number, 9185 0 < x < 65536. If HostNetwork is specified, this 9186 must match ContainerPort. Most containers do not 9187 need this. 9188 format: int32 9189 type: integer 9190 name: 9191 description: If specified, this must be an IANA_SVC_NAME 9192 and unique within the pod. Each named port in a 9193 pod must have a unique name. Name for the port that 9194 can be referred to by services. 9195 type: string 9196 protocol: 9197 default: TCP 9198 description: Protocol for port. Must be UDP, TCP, 9199 or SCTP. Defaults to "TCP". 9200 type: string 9201 required: 9202 - containerPort 9203 type: object 9204 type: array 9205 x-kubernetes-list-map-keys: 9206 - containerPort 9207 - protocol 9208 x-kubernetes-list-type: map 9209 readinessProbe: 9210 description: 'Periodic probe of container service readiness. 9211 Container will be removed from service endpoints if the 9212 probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' 9213 properties: 9214 exec: 9215 description: Exec specifies the action to take. 9216 properties: 9217 command: 9218 description: Command is the command line to execute 9219 inside the container, the working directory for 9220 the command is root ('/') in the container's 9221 filesystem. The command is simply exec'd, it is 9222 not run inside a shell, so traditional shell instructions 9223 ('|', etc) won't work. To use a shell, you need 9224 to explicitly call out to that shell. Exit status 9225 of 0 is treated as live/healthy and non-zero is 9226 unhealthy. 9227 items: 9228 type: string 9229 type: array 9230 type: object 9231 failureThreshold: 9232 description: Minimum consecutive failures for the probe 9233 to be considered failed after having succeeded. Defaults 9234 to 3. Minimum value is 1. 9235 format: int32 9236 type: integer 9237 grpc: 9238 description: GRPC specifies an action involving a GRPC 9239 port. 9240 properties: 9241 port: 9242 description: Port number of the gRPC service. Number 9243 must be in the range 1 to 65535. 9244 format: int32 9245 type: integer 9246 service: 9247 description: "Service is the name of the service 9248 to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). 9249 \n If this is not specified, the default behavior 9250 is defined by gRPC." 9251 type: string 9252 required: 9253 - port 9254 type: object 9255 httpGet: 9256 description: HTTPGet specifies the http request to perform. 9257 properties: 9258 host: 9259 description: Host name to connect to, defaults to 9260 the pod IP. You probably want to set "Host" in 9261 httpHeaders instead. 9262 type: string 9263 httpHeaders: 9264 description: Custom headers to set in the request. 9265 HTTP allows repeated headers. 9266 items: 9267 description: HTTPHeader describes a custom header 9268 to be used in HTTP probes 9269 properties: 9270 name: 9271 description: The header field name. This will 9272 be canonicalized upon output, so case-variant 9273 names will be understood as the same header. 9274 type: string 9275 value: 9276 description: The header field value 9277 type: string 9278 required: 9279 - name 9280 - value 9281 type: object 9282 type: array 9283 path: 9284 description: Path to access on the HTTP server. 9285 type: string 9286 port: 9287 anyOf: 9288 - type: integer 9289 - type: string 9290 description: Name or number of the port to access 9291 on the container. Number must be in the range 9292 1 to 65535. Name must be an IANA_SVC_NAME. 9293 x-kubernetes-int-or-string: true 9294 scheme: 9295 description: Scheme to use for connecting to the 9296 host. Defaults to HTTP. 9297 type: string 9298 required: 9299 - port 9300 type: object 9301 initialDelaySeconds: 9302 description: 'Number of seconds after the container 9303 has started before liveness probes are initiated. 9304 More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' 9305 format: int32 9306 type: integer 9307 periodSeconds: 9308 description: How often (in seconds) to perform the probe. 9309 Default to 10 seconds. Minimum value is 1. 9310 format: int32 9311 type: integer 9312 successThreshold: 9313 description: Minimum consecutive successes for the probe 9314 to be considered successful after having failed. Defaults 9315 to 1. Must be 1 for liveness and startup. Minimum 9316 value is 1. 9317 format: int32 9318 type: integer 9319 tcpSocket: 9320 description: TCPSocket specifies an action involving 9321 a TCP port. 9322 properties: 9323 host: 9324 description: 'Optional: Host name to connect to, 9325 defaults to the pod IP.' 9326 type: string 9327 port: 9328 anyOf: 9329 - type: integer 9330 - type: string 9331 description: Number or name of the port to access 9332 on the container. Number must be in the range 9333 1 to 65535. Name must be an IANA_SVC_NAME. 9334 x-kubernetes-int-or-string: true 9335 required: 9336 - port 9337 type: object 9338 terminationGracePeriodSeconds: 9339 description: Optional duration in seconds the pod needs 9340 to terminate gracefully upon probe failure. The grace 9341 period is the duration in seconds after the processes 9342 running in the pod are sent a termination signal and 9343 the time when the processes are forcibly halted with 9344 a kill signal. Set this value longer than the expected 9345 cleanup time for your process. If this value is nil, 9346 the pod's terminationGracePeriodSeconds will be used. 9347 Otherwise, this value overrides the value provided 9348 by the pod spec. Value must be non-negative integer. 9349 The value zero indicates stop immediately via the 9350 kill signal (no opportunity to shut down). This is 9351 a beta field and requires enabling ProbeTerminationGracePeriod 9352 feature gate. Minimum value is 1. spec.terminationGracePeriodSeconds 9353 is used if unset. 9354 format: int64 9355 type: integer 9356 timeoutSeconds: 9357 description: 'Number of seconds after which the probe 9358 times out. Defaults to 1 second. Minimum value is 9359 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' 9360 format: int32 9361 type: integer 9362 type: object 9363 resizePolicy: 9364 description: Resources resize policy for the container. 9365 items: 9366 description: ContainerResizePolicy represents resource 9367 resize policy for the container. 9368 properties: 9369 resourceName: 9370 description: 'Name of the resource to which this resource 9371 resize policy applies. Supported values: cpu, memory.' 9372 type: string 9373 restartPolicy: 9374 description: Restart policy to apply when specified 9375 resource is resized. If not specified, it defaults 9376 to NotRequired. 9377 type: string 9378 required: 9379 - resourceName 9380 - restartPolicy 9381 type: object 9382 type: array 9383 x-kubernetes-list-type: atomic 9384 resources: 9385 description: 'Compute Resources required by this container. 9386 Cannot be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' 9387 properties: 9388 claims: 9389 description: "Claims lists the names of resources, defined 9390 in spec.resourceClaims, that are used by this container. 9391 \n This is an alpha field and requires enabling the 9392 DynamicResourceAllocation feature gate. \n This field 9393 is immutable. It can only be set for containers." 9394 items: 9395 description: ResourceClaim references one entry in 9396 PodSpec.ResourceClaims. 9397 properties: 9398 name: 9399 description: Name must match the name of one entry 9400 in pod.spec.resourceClaims of the Pod where 9401 this field is used. It makes that resource available 9402 inside a container. 9403 type: string 9404 required: 9405 - name 9406 type: object 9407 type: array 9408 x-kubernetes-list-map-keys: 9409 - name 9410 x-kubernetes-list-type: map 9411 limits: 9412 additionalProperties: 9413 anyOf: 9414 - type: integer 9415 - type: string 9416 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 9417 x-kubernetes-int-or-string: true 9418 description: 'Limits describes the maximum amount of 9419 compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' 9420 type: object 9421 requests: 9422 additionalProperties: 9423 anyOf: 9424 - type: integer 9425 - type: string 9426 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 9427 x-kubernetes-int-or-string: true 9428 description: 'Requests describes the minimum amount 9429 of compute resources required. If Requests is omitted 9430 for a container, it defaults to Limits if that is 9431 explicitly specified, otherwise to an implementation-defined 9432 value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' 9433 type: object 9434 type: object 9435 restartPolicy: 9436 description: 'RestartPolicy defines the restart behavior 9437 of individual containers in a pod. This field may only 9438 be set for init containers, and the only allowed value 9439 is "Always". For non-init containers or when this field 9440 is not specified, the restart behavior is defined by the 9441 Pod''s restart policy and the container type. Setting 9442 the RestartPolicy as "Always" for the init container will 9443 have the following effect: this init container will be 9444 continually restarted on exit until all regular containers 9445 have terminated. Once all regular containers have completed, 9446 all init containers with restartPolicy "Always" will be 9447 shut down. This lifecycle differs from normal init containers 9448 and is often referred to as a "sidecar" container. Although 9449 this init container still starts in the init container 9450 sequence, it does not wait for the container to complete 9451 before proceeding to the next init container. Instead, 9452 the next init container starts immediately after this 9453 init container is started, or after any startupProbe has 9454 successfully completed.' 9455 type: string 9456 securityContext: 9457 description: 'SecurityContext defines the security options 9458 the container should be run with. If set, the fields of 9459 SecurityContext override the equivalent fields of PodSecurityContext. 9460 More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/' 9461 properties: 9462 allowPrivilegeEscalation: 9463 description: 'AllowPrivilegeEscalation controls whether 9464 a process can gain more privileges than its parent 9465 process. This bool directly controls if the no_new_privs 9466 flag will be set on the container process. AllowPrivilegeEscalation 9467 is true always when the container is: 1) run as Privileged 9468 2) has CAP_SYS_ADMIN Note that this field cannot be 9469 set when spec.os.name is windows.' 9470 type: boolean 9471 capabilities: 9472 description: The capabilities to add/drop when running 9473 containers. Defaults to the default set of capabilities 9474 granted by the container runtime. Note that this field 9475 cannot be set when spec.os.name is windows. 9476 properties: 9477 add: 9478 description: Added capabilities 9479 items: 9480 description: Capability represent POSIX capabilities 9481 type 9482 type: string 9483 type: array 9484 drop: 9485 description: Removed capabilities 9486 items: 9487 description: Capability represent POSIX capabilities 9488 type 9489 type: string 9490 type: array 9491 type: object 9492 privileged: 9493 description: Run container in privileged mode. Processes 9494 in privileged containers are essentially equivalent 9495 to root on the host. Defaults to false. Note that 9496 this field cannot be set when spec.os.name is windows. 9497 type: boolean 9498 procMount: 9499 description: procMount denotes the type of proc mount 9500 to use for the containers. The default is DefaultProcMount 9501 which uses the container runtime defaults for readonly 9502 paths and masked paths. This requires the ProcMountType 9503 feature flag to be enabled. Note that this field cannot 9504 be set when spec.os.name is windows. 9505 type: string 9506 readOnlyRootFilesystem: 9507 description: Whether this container has a read-only 9508 root filesystem. Default is false. Note that this 9509 field cannot be set when spec.os.name is windows. 9510 type: boolean 9511 runAsGroup: 9512 description: The GID to run the entrypoint of the container 9513 process. Uses runtime default if unset. May also be 9514 set in PodSecurityContext. If set in both SecurityContext 9515 and PodSecurityContext, the value specified in SecurityContext 9516 takes precedence. Note that this field cannot be set 9517 when spec.os.name is windows. 9518 format: int64 9519 type: integer 9520 runAsNonRoot: 9521 description: Indicates that the container must run as 9522 a non-root user. If true, the Kubelet will validate 9523 the image at runtime to ensure that it does not run 9524 as UID 0 (root) and fail to start the container if 9525 it does. If unset or false, no such validation will 9526 be performed. May also be set in PodSecurityContext. If 9527 set in both SecurityContext and PodSecurityContext, 9528 the value specified in SecurityContext takes precedence. 9529 type: boolean 9530 runAsUser: 9531 description: The UID to run the entrypoint of the container 9532 process. Defaults to user specified in image metadata 9533 if unspecified. May also be set in PodSecurityContext. If 9534 set in both SecurityContext and PodSecurityContext, 9535 the value specified in SecurityContext takes precedence. 9536 Note that this field cannot be set when spec.os.name 9537 is windows. 9538 format: int64 9539 type: integer 9540 seLinuxOptions: 9541 description: The SELinux context to be applied to the 9542 container. If unspecified, the container runtime will 9543 allocate a random SELinux context for each container. May 9544 also be set in PodSecurityContext. If set in both 9545 SecurityContext and PodSecurityContext, the value 9546 specified in SecurityContext takes precedence. Note 9547 that this field cannot be set when spec.os.name is 9548 windows. 9549 properties: 9550 level: 9551 description: Level is SELinux level label that applies 9552 to the container. 9553 type: string 9554 role: 9555 description: Role is a SELinux role label that applies 9556 to the container. 9557 type: string 9558 type: 9559 description: Type is a SELinux type label that applies 9560 to the container. 9561 type: string 9562 user: 9563 description: User is a SELinux user label that applies 9564 to the container. 9565 type: string 9566 type: object 9567 seccompProfile: 9568 description: The seccomp options to use by this container. 9569 If seccomp options are provided at both the pod & 9570 container level, the container options override the 9571 pod options. Note that this field cannot be set when 9572 spec.os.name is windows. 9573 properties: 9574 localhostProfile: 9575 description: localhostProfile indicates a profile 9576 defined in a file on the node should be used. 9577 The profile must be preconfigured on the node 9578 to work. Must be a descending path, relative to 9579 the kubelet's configured seccomp profile location. 9580 Must be set if type is "Localhost". Must NOT be 9581 set for any other type. 9582 type: string 9583 type: 9584 description: "type indicates which kind of seccomp 9585 profile will be applied. Valid options are: \n 9586 Localhost - a profile defined in a file on the 9587 node should be used. RuntimeDefault - the container 9588 runtime default profile should be used. Unconfined 9589 - no profile should be applied." 9590 type: string 9591 required: 9592 - type 9593 type: object 9594 windowsOptions: 9595 description: The Windows specific settings applied to 9596 all containers. If unspecified, the options from the 9597 PodSecurityContext will be used. If set in both SecurityContext 9598 and PodSecurityContext, the value specified in SecurityContext 9599 takes precedence. Note that this field cannot be set 9600 when spec.os.name is linux. 9601 properties: 9602 gmsaCredentialSpec: 9603 description: GMSACredentialSpec is where the GMSA 9604 admission webhook (https://github.com/kubernetes-sigs/windows-gmsa) 9605 inlines the contents of the GMSA credential spec 9606 named by the GMSACredentialSpecName field. 9607 type: string 9608 gmsaCredentialSpecName: 9609 description: GMSACredentialSpecName is the name 9610 of the GMSA credential spec to use. 9611 type: string 9612 hostProcess: 9613 description: HostProcess determines if a container 9614 should be run as a 'Host Process' container. All 9615 of a Pod's containers must have the same effective 9616 HostProcess value (it is not allowed to have a 9617 mix of HostProcess containers and non-HostProcess 9618 containers). In addition, if HostProcess is true 9619 then HostNetwork must also be set to true. 9620 type: boolean 9621 runAsUserName: 9622 description: The UserName in Windows to run the 9623 entrypoint of the container process. Defaults 9624 to the user specified in image metadata if unspecified. 9625 May also be set in PodSecurityContext. If set 9626 in both SecurityContext and PodSecurityContext, 9627 the value specified in SecurityContext takes precedence. 9628 type: string 9629 type: object 9630 type: object 9631 startupProbe: 9632 description: 'StartupProbe indicates that the Pod has successfully 9633 initialized. If specified, no other probes are executed 9634 until this completes successfully. If this probe fails, 9635 the Pod will be restarted, just as if the livenessProbe 9636 failed. This can be used to provide different probe parameters 9637 at the beginning of a Pod''s lifecycle, when it might 9638 take a long time to load data or warm a cache, than during 9639 steady-state operation. This cannot be updated. More info: 9640 https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' 9641 properties: 9642 exec: 9643 description: Exec specifies the action to take. 9644 properties: 9645 command: 9646 description: Command is the command line to execute 9647 inside the container, the working directory for 9648 the command is root ('/') in the container's 9649 filesystem. The command is simply exec'd, it is 9650 not run inside a shell, so traditional shell instructions 9651 ('|', etc) won't work. To use a shell, you need 9652 to explicitly call out to that shell. Exit status 9653 of 0 is treated as live/healthy and non-zero is 9654 unhealthy. 9655 items: 9656 type: string 9657 type: array 9658 type: object 9659 failureThreshold: 9660 description: Minimum consecutive failures for the probe 9661 to be considered failed after having succeeded. Defaults 9662 to 3. Minimum value is 1. 9663 format: int32 9664 type: integer 9665 grpc: 9666 description: GRPC specifies an action involving a GRPC 9667 port. 9668 properties: 9669 port: 9670 description: Port number of the gRPC service. Number 9671 must be in the range 1 to 65535. 9672 format: int32 9673 type: integer 9674 service: 9675 description: "Service is the name of the service 9676 to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). 9677 \n If this is not specified, the default behavior 9678 is defined by gRPC." 9679 type: string 9680 required: 9681 - port 9682 type: object 9683 httpGet: 9684 description: HTTPGet specifies the http request to perform. 9685 properties: 9686 host: 9687 description: Host name to connect to, defaults to 9688 the pod IP. You probably want to set "Host" in 9689 httpHeaders instead. 9690 type: string 9691 httpHeaders: 9692 description: Custom headers to set in the request. 9693 HTTP allows repeated headers. 9694 items: 9695 description: HTTPHeader describes a custom header 9696 to be used in HTTP probes 9697 properties: 9698 name: 9699 description: The header field name. This will 9700 be canonicalized upon output, so case-variant 9701 names will be understood as the same header. 9702 type: string 9703 value: 9704 description: The header field value 9705 type: string 9706 required: 9707 - name 9708 - value 9709 type: object 9710 type: array 9711 path: 9712 description: Path to access on the HTTP server. 9713 type: string 9714 port: 9715 anyOf: 9716 - type: integer 9717 - type: string 9718 description: Name or number of the port to access 9719 on the container. Number must be in the range 9720 1 to 65535. Name must be an IANA_SVC_NAME. 9721 x-kubernetes-int-or-string: true 9722 scheme: 9723 description: Scheme to use for connecting to the 9724 host. Defaults to HTTP. 9725 type: string 9726 required: 9727 - port 9728 type: object 9729 initialDelaySeconds: 9730 description: 'Number of seconds after the container 9731 has started before liveness probes are initiated. 9732 More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' 9733 format: int32 9734 type: integer 9735 periodSeconds: 9736 description: How often (in seconds) to perform the probe. 9737 Default to 10 seconds. Minimum value is 1. 9738 format: int32 9739 type: integer 9740 successThreshold: 9741 description: Minimum consecutive successes for the probe 9742 to be considered successful after having failed. Defaults 9743 to 1. Must be 1 for liveness and startup. Minimum 9744 value is 1. 9745 format: int32 9746 type: integer 9747 tcpSocket: 9748 description: TCPSocket specifies an action involving 9749 a TCP port. 9750 properties: 9751 host: 9752 description: 'Optional: Host name to connect to, 9753 defaults to the pod IP.' 9754 type: string 9755 port: 9756 anyOf: 9757 - type: integer 9758 - type: string 9759 description: Number or name of the port to access 9760 on the container. Number must be in the range 9761 1 to 65535. Name must be an IANA_SVC_NAME. 9762 x-kubernetes-int-or-string: true 9763 required: 9764 - port 9765 type: object 9766 terminationGracePeriodSeconds: 9767 description: Optional duration in seconds the pod needs 9768 to terminate gracefully upon probe failure. The grace 9769 period is the duration in seconds after the processes 9770 running in the pod are sent a termination signal and 9771 the time when the processes are forcibly halted with 9772 a kill signal. Set this value longer than the expected 9773 cleanup time for your process. If this value is nil, 9774 the pod's terminationGracePeriodSeconds will be used. 9775 Otherwise, this value overrides the value provided 9776 by the pod spec. Value must be non-negative integer. 9777 The value zero indicates stop immediately via the 9778 kill signal (no opportunity to shut down). This is 9779 a beta field and requires enabling ProbeTerminationGracePeriod 9780 feature gate. Minimum value is 1. spec.terminationGracePeriodSeconds 9781 is used if unset. 9782 format: int64 9783 type: integer 9784 timeoutSeconds: 9785 description: 'Number of seconds after which the probe 9786 times out. Defaults to 1 second. Minimum value is 9787 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' 9788 format: int32 9789 type: integer 9790 type: object 9791 stdin: 9792 description: Whether this container should allocate a buffer 9793 for stdin in the container runtime. If this is not set, 9794 reads from stdin in the container will always result in 9795 EOF. Default is false. 9796 type: boolean 9797 stdinOnce: 9798 description: Whether the container runtime should close 9799 the stdin channel after it has been opened by a single 9800 attach. When stdin is true the stdin stream will remain 9801 open across multiple attach sessions. If stdinOnce is 9802 set to true, stdin is opened on container start, is empty 9803 until the first client attaches to stdin, and then remains 9804 open and accepts data until the client disconnects, at 9805 which time stdin is closed and remains closed until the 9806 container is restarted. If this flag is false, a container 9807 processes that reads from stdin will never receive an 9808 EOF. Default is false 9809 type: boolean 9810 terminationMessagePath: 9811 description: 'Optional: Path at which the file to which 9812 the container''s termination message will be written is 9813 mounted into the container''s filesystem. Message written 9814 is intended to be brief final status, such as an assertion 9815 failure message. Will be truncated by the node if greater 9816 than 4096 bytes. The total message length across all containers 9817 will be limited to 12kb. Defaults to /dev/termination-log. 9818 Cannot be updated.' 9819 type: string 9820 terminationMessagePolicy: 9821 description: Indicate how the termination message should 9822 be populated. File will use the contents of terminationMessagePath 9823 to populate the container status message on both success 9824 and failure. FallbackToLogsOnError will use the last chunk 9825 of container log output if the termination message file 9826 is empty and the container exited with an error. The log 9827 output is limited to 2048 bytes or 80 lines, whichever 9828 is smaller. Defaults to File. Cannot be updated. 9829 type: string 9830 tty: 9831 description: Whether this container should allocate a TTY 9832 for itself, also requires 'stdin' to be true. Default 9833 is false. 9834 type: boolean 9835 volumeDevices: 9836 description: volumeDevices is the list of block devices 9837 to be used by the container. 9838 items: 9839 description: volumeDevice describes a mapping of a raw 9840 block device within a container. 9841 properties: 9842 devicePath: 9843 description: devicePath is the path inside of the 9844 container that the device will be mapped to. 9845 type: string 9846 name: 9847 description: name must match the name of a persistentVolumeClaim 9848 in the pod 9849 type: string 9850 required: 9851 - devicePath 9852 - name 9853 type: object 9854 type: array 9855 volumeMounts: 9856 description: Pod volumes to mount into the container's filesystem. 9857 Cannot be updated. 9858 items: 9859 description: VolumeMount describes a mounting of a Volume 9860 within a container. 9861 properties: 9862 mountPath: 9863 description: Path within the container at which the 9864 volume should be mounted. Must not contain ':'. 9865 type: string 9866 mountPropagation: 9867 description: mountPropagation determines how mounts 9868 are propagated from the host to container and the 9869 other way around. When not set, MountPropagationNone 9870 is used. This field is beta in 1.10. 9871 type: string 9872 name: 9873 description: This must match the Name of a Volume. 9874 type: string 9875 readOnly: 9876 description: Mounted read-only if true, read-write 9877 otherwise (false or unspecified). Defaults to false. 9878 type: boolean 9879 subPath: 9880 description: Path within the volume from which the 9881 container's volume should be mounted. Defaults to 9882 "" (volume's root). 9883 type: string 9884 subPathExpr: 9885 description: Expanded path within the volume from 9886 which the container's volume should be mounted. 9887 Behaves similarly to SubPath but environment variable 9888 references $(VAR_NAME) are expanded using the container's 9889 environment. Defaults to "" (volume's root). SubPathExpr 9890 and SubPath are mutually exclusive. 9891 type: string 9892 required: 9893 - mountPath 9894 - name 9895 type: object 9896 type: array 9897 workingDir: 9898 description: Container's working directory. If not specified, 9899 the container runtime's default will be used, which might 9900 be configured in the container image. Cannot be updated. 9901 type: string 9902 required: 9903 - name 9904 type: object 9905 type: array 9906 logFormat: 9907 description: LogFormat describes the log format that should be 9908 used by the Repo Server. Defaults to ArgoCDDefaultLogFormat 9909 if not configured. Valid options are text or json. 9910 type: string 9911 logLevel: 9912 description: LogLevel describes the log level that should be used 9913 by the Repo Server. Defaults to ArgoCDDefaultLogLevel if not 9914 set. Valid options are debug, info, error, and warn. 9915 type: string 9916 mountsatoken: 9917 description: MountSAToken describes whether you would like to 9918 have the Repo server mount the service account token 9919 type: boolean 9920 remote: 9921 description: Remote specifies the remote URL of the Repo Server 9922 container. (optional, by default, a local instance managed by 9923 the operator is used.) 9924 type: string 9925 replicas: 9926 description: Replicas defines the number of replicas for argocd-repo-server. 9927 Value should be greater than or equal to 0. Default is nil. 9928 format: int32 9929 type: integer 9930 resources: 9931 description: Resources defines the Compute Resources required 9932 by the container for Redis. 9933 properties: 9934 claims: 9935 description: "Claims lists the names of resources, defined 9936 in spec.resourceClaims, that are used by this container. 9937 \n This is an alpha field and requires enabling the DynamicResourceAllocation 9938 feature gate. \n This field is immutable. It can only be 9939 set for containers." 9940 items: 9941 description: ResourceClaim references one entry in PodSpec.ResourceClaims. 9942 properties: 9943 name: 9944 description: Name must match the name of one entry in 9945 pod.spec.resourceClaims of the Pod where this field 9946 is used. It makes that resource available inside a 9947 container. 9948 type: string 9949 required: 9950 - name 9951 type: object 9952 type: array 9953 x-kubernetes-list-map-keys: 9954 - name 9955 x-kubernetes-list-type: map 9956 limits: 9957 additionalProperties: 9958 anyOf: 9959 - type: integer 9960 - type: string 9961 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 9962 x-kubernetes-int-or-string: true 9963 description: 'Limits describes the maximum amount of compute 9964 resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' 9965 type: object 9966 requests: 9967 additionalProperties: 9968 anyOf: 9969 - type: integer 9970 - type: string 9971 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 9972 x-kubernetes-int-or-string: true 9973 description: 'Requests describes the minimum amount of compute 9974 resources required. If Requests is omitted for a container, 9975 it defaults to Limits if that is explicitly specified, otherwise 9976 to an implementation-defined value. Requests cannot exceed 9977 Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' 9978 type: object 9979 type: object 9980 serviceaccount: 9981 description: ServiceAccount defines the ServiceAccount user that 9982 you would like the Repo server to use 9983 type: string 9984 sidecarContainers: 9985 description: SidecarContainers defines the list of sidecar containers 9986 for the repo server deployment 9987 items: 9988 description: A single application container that you want to 9989 run within a pod. 9990 properties: 9991 args: 9992 description: 'Arguments to the entrypoint. The container 9993 image''s CMD is used if this is not provided. Variable 9994 references $(VAR_NAME) are expanded using the container''s 9995 environment. If a variable cannot be resolved, the reference 9996 in the input string will be unchanged. Double $$ are reduced 9997 to a single $, which allows for escaping the $(VAR_NAME) 9998 syntax: i.e. "$$(VAR_NAME)" will produce the string literal 9999 "$(VAR_NAME)". Escaped references will never be expanded, 10000 regardless of whether the variable exists or not. Cannot 10001 be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell' 10002 items: 10003 type: string 10004 type: array 10005 command: 10006 description: 'Entrypoint array. Not executed within a shell. 10007 The container image''s ENTRYPOINT is used if this is not 10008 provided. Variable references $(VAR_NAME) are expanded 10009 using the container''s environment. If a variable cannot 10010 be resolved, the reference in the input string will be 10011 unchanged. Double $$ are reduced to a single $, which 10012 allows for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" 10013 will produce the string literal "$(VAR_NAME)". Escaped 10014 references will never be expanded, regardless of whether 10015 the variable exists or not. Cannot be updated. More info: 10016 https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell' 10017 items: 10018 type: string 10019 type: array 10020 env: 10021 description: List of environment variables to set in the 10022 container. Cannot be updated. 10023 items: 10024 description: EnvVar represents an environment variable 10025 present in a Container. 10026 properties: 10027 name: 10028 description: Name of the environment variable. Must 10029 be a C_IDENTIFIER. 10030 type: string 10031 value: 10032 description: 'Variable references $(VAR_NAME) are 10033 expanded using the previously defined environment 10034 variables in the container and any service environment 10035 variables. If a variable cannot be resolved, the 10036 reference in the input string will be unchanged. 10037 Double $$ are reduced to a single $, which allows 10038 for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" 10039 will produce the string literal "$(VAR_NAME)". Escaped 10040 references will never be expanded, regardless of 10041 whether the variable exists or not. Defaults to 10042 "".' 10043 type: string 10044 valueFrom: 10045 description: Source for the environment variable's 10046 value. Cannot be used if value is not empty. 10047 properties: 10048 configMapKeyRef: 10049 description: Selects a key of a ConfigMap. 10050 properties: 10051 key: 10052 description: The key to select. 10053 type: string 10054 name: 10055 description: 'Name of the referent. More info: 10056 https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 10057 TODO: Add other useful fields. apiVersion, 10058 kind, uid?' 10059 type: string 10060 optional: 10061 description: Specify whether the ConfigMap 10062 or its key must be defined 10063 type: boolean 10064 required: 10065 - key 10066 type: object 10067 fieldRef: 10068 description: 'Selects a field of the pod: supports 10069 metadata.name, metadata.namespace, `metadata.labels[''<KEY>'']`, 10070 `metadata.annotations[''<KEY>'']`, spec.nodeName, 10071 spec.serviceAccountName, status.hostIP, status.podIP, 10072 status.podIPs.' 10073 properties: 10074 apiVersion: 10075 description: Version of the schema the FieldPath 10076 is written in terms of, defaults to "v1". 10077 type: string 10078 fieldPath: 10079 description: Path of the field to select in 10080 the specified API version. 10081 type: string 10082 required: 10083 - fieldPath 10084 type: object 10085 resourceFieldRef: 10086 description: 'Selects a resource of the container: 10087 only resources limits and requests (limits.cpu, 10088 limits.memory, limits.ephemeral-storage, requests.cpu, 10089 requests.memory and requests.ephemeral-storage) 10090 are currently supported.' 10091 properties: 10092 containerName: 10093 description: 'Container name: required for 10094 volumes, optional for env vars' 10095 type: string 10096 divisor: 10097 anyOf: 10098 - type: integer 10099 - type: string 10100 description: Specifies the output format of 10101 the exposed resources, defaults to "1" 10102 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 10103 x-kubernetes-int-or-string: true 10104 resource: 10105 description: 'Required: resource to select' 10106 type: string 10107 required: 10108 - resource 10109 type: object 10110 secretKeyRef: 10111 description: Selects a key of a secret in the 10112 pod's namespace 10113 properties: 10114 key: 10115 description: The key of the secret to select 10116 from. Must be a valid secret key. 10117 type: string 10118 name: 10119 description: 'Name of the referent. More info: 10120 https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 10121 TODO: Add other useful fields. apiVersion, 10122 kind, uid?' 10123 type: string 10124 optional: 10125 description: Specify whether the Secret or 10126 its key must be defined 10127 type: boolean 10128 required: 10129 - key 10130 type: object 10131 type: object 10132 required: 10133 - name 10134 type: object 10135 type: array 10136 envFrom: 10137 description: List of sources to populate environment variables 10138 in the container. The keys defined within a source must 10139 be a C_IDENTIFIER. All invalid keys will be reported as 10140 an event when the container is starting. When a key exists 10141 in multiple sources, the value associated with the last 10142 source will take precedence. Values defined by an Env 10143 with a duplicate key will take precedence. Cannot be updated. 10144 items: 10145 description: EnvFromSource represents the source of a 10146 set of ConfigMaps 10147 properties: 10148 configMapRef: 10149 description: The ConfigMap to select from 10150 properties: 10151 name: 10152 description: 'Name of the referent. More info: 10153 https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 10154 TODO: Add other useful fields. apiVersion, kind, 10155 uid?' 10156 type: string 10157 optional: 10158 description: Specify whether the ConfigMap must 10159 be defined 10160 type: boolean 10161 type: object 10162 prefix: 10163 description: An optional identifier to prepend to 10164 each key in the ConfigMap. Must be a C_IDENTIFIER. 10165 type: string 10166 secretRef: 10167 description: The Secret to select from 10168 properties: 10169 name: 10170 description: 'Name of the referent. More info: 10171 https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 10172 TODO: Add other useful fields. apiVersion, kind, 10173 uid?' 10174 type: string 10175 optional: 10176 description: Specify whether the Secret must be 10177 defined 10178 type: boolean 10179 type: object 10180 type: object 10181 type: array 10182 image: 10183 description: 'Container image name. More info: https://kubernetes.io/docs/concepts/containers/images 10184 This field is optional to allow higher level config management 10185 to default or override container images in workload controllers 10186 like Deployments and StatefulSets.' 10187 type: string 10188 imagePullPolicy: 10189 description: 'Image pull policy. One of Always, Never, IfNotPresent. 10190 Defaults to Always if :latest tag is specified, or IfNotPresent 10191 otherwise. Cannot be updated. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images' 10192 type: string 10193 lifecycle: 10194 description: Actions that the management system should take 10195 in response to container lifecycle events. Cannot be updated. 10196 properties: 10197 postStart: 10198 description: 'PostStart is called immediately after 10199 a container is created. If the handler fails, the 10200 container is terminated and restarted according to 10201 its restart policy. Other management of the container 10202 blocks until the hook completes. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks' 10203 properties: 10204 exec: 10205 description: Exec specifies the action to take. 10206 properties: 10207 command: 10208 description: Command is the command line to 10209 execute inside the container, the working 10210 directory for the command is root ('/') in 10211 the container's filesystem. The command is 10212 simply exec'd, it is not run inside a shell, 10213 so traditional shell instructions ('|', etc) 10214 won't work. To use a shell, you need to explicitly 10215 call out to that shell. Exit status of 0 is 10216 treated as live/healthy and non-zero is unhealthy. 10217 items: 10218 type: string 10219 type: array 10220 type: object 10221 httpGet: 10222 description: HTTPGet specifies the http request 10223 to perform. 10224 properties: 10225 host: 10226 description: Host name to connect to, defaults 10227 to the pod IP. You probably want to set "Host" 10228 in httpHeaders instead. 10229 type: string 10230 httpHeaders: 10231 description: Custom headers to set in the request. 10232 HTTP allows repeated headers. 10233 items: 10234 description: HTTPHeader describes a custom 10235 header to be used in HTTP probes 10236 properties: 10237 name: 10238 description: The header field name. This 10239 will be canonicalized upon output, so 10240 case-variant names will be understood 10241 as the same header. 10242 type: string 10243 value: 10244 description: The header field value 10245 type: string 10246 required: 10247 - name 10248 - value 10249 type: object 10250 type: array 10251 path: 10252 description: Path to access on the HTTP server. 10253 type: string 10254 port: 10255 anyOf: 10256 - type: integer 10257 - type: string 10258 description: Name or number of the port to access 10259 on the container. Number must be in the range 10260 1 to 65535. Name must be an IANA_SVC_NAME. 10261 x-kubernetes-int-or-string: true 10262 scheme: 10263 description: Scheme to use for connecting to 10264 the host. Defaults to HTTP. 10265 type: string 10266 required: 10267 - port 10268 type: object 10269 tcpSocket: 10270 description: Deprecated. TCPSocket is NOT supported 10271 as a LifecycleHandler and kept for the backward 10272 compatibility. There are no validation of this 10273 field and lifecycle hooks will fail in runtime 10274 when tcp handler is specified. 10275 properties: 10276 host: 10277 description: 'Optional: Host name to connect 10278 to, defaults to the pod IP.' 10279 type: string 10280 port: 10281 anyOf: 10282 - type: integer 10283 - type: string 10284 description: Number or name of the port to access 10285 on the container. Number must be in the range 10286 1 to 65535. Name must be an IANA_SVC_NAME. 10287 x-kubernetes-int-or-string: true 10288 required: 10289 - port 10290 type: object 10291 type: object 10292 preStop: 10293 description: 'PreStop is called immediately before a 10294 container is terminated due to an API request or management 10295 event such as liveness/startup probe failure, preemption, 10296 resource contention, etc. The handler is not called 10297 if the container crashes or exits. The Pod''s termination 10298 grace period countdown begins before the PreStop hook 10299 is executed. Regardless of the outcome of the handler, 10300 the container will eventually terminate within the 10301 Pod''s termination grace period (unless delayed by 10302 finalizers). Other management of the container blocks 10303 until the hook completes or until the termination 10304 grace period is reached. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks' 10305 properties: 10306 exec: 10307 description: Exec specifies the action to take. 10308 properties: 10309 command: 10310 description: Command is the command line to 10311 execute inside the container, the working 10312 directory for the command is root ('/') in 10313 the container's filesystem. The command is 10314 simply exec'd, it is not run inside a shell, 10315 so traditional shell instructions ('|', etc) 10316 won't work. To use a shell, you need to explicitly 10317 call out to that shell. Exit status of 0 is 10318 treated as live/healthy and non-zero is unhealthy. 10319 items: 10320 type: string 10321 type: array 10322 type: object 10323 httpGet: 10324 description: HTTPGet specifies the http request 10325 to perform. 10326 properties: 10327 host: 10328 description: Host name to connect to, defaults 10329 to the pod IP. You probably want to set "Host" 10330 in httpHeaders instead. 10331 type: string 10332 httpHeaders: 10333 description: Custom headers to set in the request. 10334 HTTP allows repeated headers. 10335 items: 10336 description: HTTPHeader describes a custom 10337 header to be used in HTTP probes 10338 properties: 10339 name: 10340 description: The header field name. This 10341 will be canonicalized upon output, so 10342 case-variant names will be understood 10343 as the same header. 10344 type: string 10345 value: 10346 description: The header field value 10347 type: string 10348 required: 10349 - name 10350 - value 10351 type: object 10352 type: array 10353 path: 10354 description: Path to access on the HTTP server. 10355 type: string 10356 port: 10357 anyOf: 10358 - type: integer 10359 - type: string 10360 description: Name or number of the port to access 10361 on the container. Number must be in the range 10362 1 to 65535. Name must be an IANA_SVC_NAME. 10363 x-kubernetes-int-or-string: true 10364 scheme: 10365 description: Scheme to use for connecting to 10366 the host. Defaults to HTTP. 10367 type: string 10368 required: 10369 - port 10370 type: object 10371 tcpSocket: 10372 description: Deprecated. TCPSocket is NOT supported 10373 as a LifecycleHandler and kept for the backward 10374 compatibility. There are no validation of this 10375 field and lifecycle hooks will fail in runtime 10376 when tcp handler is specified. 10377 properties: 10378 host: 10379 description: 'Optional: Host name to connect 10380 to, defaults to the pod IP.' 10381 type: string 10382 port: 10383 anyOf: 10384 - type: integer 10385 - type: string 10386 description: Number or name of the port to access 10387 on the container. Number must be in the range 10388 1 to 65535. Name must be an IANA_SVC_NAME. 10389 x-kubernetes-int-or-string: true 10390 required: 10391 - port 10392 type: object 10393 type: object 10394 type: object 10395 livenessProbe: 10396 description: 'Periodic probe of container liveness. Container 10397 will be restarted if the probe fails. Cannot be updated. 10398 More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' 10399 properties: 10400 exec: 10401 description: Exec specifies the action to take. 10402 properties: 10403 command: 10404 description: Command is the command line to execute 10405 inside the container, the working directory for 10406 the command is root ('/') in the container's 10407 filesystem. The command is simply exec'd, it is 10408 not run inside a shell, so traditional shell instructions 10409 ('|', etc) won't work. To use a shell, you need 10410 to explicitly call out to that shell. Exit status 10411 of 0 is treated as live/healthy and non-zero is 10412 unhealthy. 10413 items: 10414 type: string 10415 type: array 10416 type: object 10417 failureThreshold: 10418 description: Minimum consecutive failures for the probe 10419 to be considered failed after having succeeded. Defaults 10420 to 3. Minimum value is 1. 10421 format: int32 10422 type: integer 10423 grpc: 10424 description: GRPC specifies an action involving a GRPC 10425 port. 10426 properties: 10427 port: 10428 description: Port number of the gRPC service. Number 10429 must be in the range 1 to 65535. 10430 format: int32 10431 type: integer 10432 service: 10433 description: "Service is the name of the service 10434 to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). 10435 \n If this is not specified, the default behavior 10436 is defined by gRPC." 10437 type: string 10438 required: 10439 - port 10440 type: object 10441 httpGet: 10442 description: HTTPGet specifies the http request to perform. 10443 properties: 10444 host: 10445 description: Host name to connect to, defaults to 10446 the pod IP. You probably want to set "Host" in 10447 httpHeaders instead. 10448 type: string 10449 httpHeaders: 10450 description: Custom headers to set in the request. 10451 HTTP allows repeated headers. 10452 items: 10453 description: HTTPHeader describes a custom header 10454 to be used in HTTP probes 10455 properties: 10456 name: 10457 description: The header field name. This will 10458 be canonicalized upon output, so case-variant 10459 names will be understood as the same header. 10460 type: string 10461 value: 10462 description: The header field value 10463 type: string 10464 required: 10465 - name 10466 - value 10467 type: object 10468 type: array 10469 path: 10470 description: Path to access on the HTTP server. 10471 type: string 10472 port: 10473 anyOf: 10474 - type: integer 10475 - type: string 10476 description: Name or number of the port to access 10477 on the container. Number must be in the range 10478 1 to 65535. Name must be an IANA_SVC_NAME. 10479 x-kubernetes-int-or-string: true 10480 scheme: 10481 description: Scheme to use for connecting to the 10482 host. Defaults to HTTP. 10483 type: string 10484 required: 10485 - port 10486 type: object 10487 initialDelaySeconds: 10488 description: 'Number of seconds after the container 10489 has started before liveness probes are initiated. 10490 More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' 10491 format: int32 10492 type: integer 10493 periodSeconds: 10494 description: How often (in seconds) to perform the probe. 10495 Default to 10 seconds. Minimum value is 1. 10496 format: int32 10497 type: integer 10498 successThreshold: 10499 description: Minimum consecutive successes for the probe 10500 to be considered successful after having failed. Defaults 10501 to 1. Must be 1 for liveness and startup. Minimum 10502 value is 1. 10503 format: int32 10504 type: integer 10505 tcpSocket: 10506 description: TCPSocket specifies an action involving 10507 a TCP port. 10508 properties: 10509 host: 10510 description: 'Optional: Host name to connect to, 10511 defaults to the pod IP.' 10512 type: string 10513 port: 10514 anyOf: 10515 - type: integer 10516 - type: string 10517 description: Number or name of the port to access 10518 on the container. Number must be in the range 10519 1 to 65535. Name must be an IANA_SVC_NAME. 10520 x-kubernetes-int-or-string: true 10521 required: 10522 - port 10523 type: object 10524 terminationGracePeriodSeconds: 10525 description: Optional duration in seconds the pod needs 10526 to terminate gracefully upon probe failure. The grace 10527 period is the duration in seconds after the processes 10528 running in the pod are sent a termination signal and 10529 the time when the processes are forcibly halted with 10530 a kill signal. Set this value longer than the expected 10531 cleanup time for your process. If this value is nil, 10532 the pod's terminationGracePeriodSeconds will be used. 10533 Otherwise, this value overrides the value provided 10534 by the pod spec. Value must be non-negative integer. 10535 The value zero indicates stop immediately via the 10536 kill signal (no opportunity to shut down). This is 10537 a beta field and requires enabling ProbeTerminationGracePeriod 10538 feature gate. Minimum value is 1. spec.terminationGracePeriodSeconds 10539 is used if unset. 10540 format: int64 10541 type: integer 10542 timeoutSeconds: 10543 description: 'Number of seconds after which the probe 10544 times out. Defaults to 1 second. Minimum value is 10545 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' 10546 format: int32 10547 type: integer 10548 type: object 10549 name: 10550 description: Name of the container specified as a DNS_LABEL. 10551 Each container in a pod must have a unique name (DNS_LABEL). 10552 Cannot be updated. 10553 type: string 10554 ports: 10555 description: List of ports to expose from the container. 10556 Not specifying a port here DOES NOT prevent that port 10557 from being exposed. Any port which is listening on the 10558 default "0.0.0.0" address inside a container will be accessible 10559 from the network. Modifying this array with strategic 10560 merge patch may corrupt the data. For more information 10561 See https://github.com/kubernetes/kubernetes/issues/108255. 10562 Cannot be updated. 10563 items: 10564 description: ContainerPort represents a network port in 10565 a single container. 10566 properties: 10567 containerPort: 10568 description: Number of port to expose on the pod's 10569 IP address. This must be a valid port number, 0 10570 < x < 65536. 10571 format: int32 10572 type: integer 10573 hostIP: 10574 description: What host IP to bind the external port 10575 to. 10576 type: string 10577 hostPort: 10578 description: Number of port to expose on the host. 10579 If specified, this must be a valid port number, 10580 0 < x < 65536. If HostNetwork is specified, this 10581 must match ContainerPort. Most containers do not 10582 need this. 10583 format: int32 10584 type: integer 10585 name: 10586 description: If specified, this must be an IANA_SVC_NAME 10587 and unique within the pod. Each named port in a 10588 pod must have a unique name. Name for the port that 10589 can be referred to by services. 10590 type: string 10591 protocol: 10592 default: TCP 10593 description: Protocol for port. Must be UDP, TCP, 10594 or SCTP. Defaults to "TCP". 10595 type: string 10596 required: 10597 - containerPort 10598 type: object 10599 type: array 10600 x-kubernetes-list-map-keys: 10601 - containerPort 10602 - protocol 10603 x-kubernetes-list-type: map 10604 readinessProbe: 10605 description: 'Periodic probe of container service readiness. 10606 Container will be removed from service endpoints if the 10607 probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' 10608 properties: 10609 exec: 10610 description: Exec specifies the action to take. 10611 properties: 10612 command: 10613 description: Command is the command line to execute 10614 inside the container, the working directory for 10615 the command is root ('/') in the container's 10616 filesystem. The command is simply exec'd, it is 10617 not run inside a shell, so traditional shell instructions 10618 ('|', etc) won't work. To use a shell, you need 10619 to explicitly call out to that shell. Exit status 10620 of 0 is treated as live/healthy and non-zero is 10621 unhealthy. 10622 items: 10623 type: string 10624 type: array 10625 type: object 10626 failureThreshold: 10627 description: Minimum consecutive failures for the probe 10628 to be considered failed after having succeeded. Defaults 10629 to 3. Minimum value is 1. 10630 format: int32 10631 type: integer 10632 grpc: 10633 description: GRPC specifies an action involving a GRPC 10634 port. 10635 properties: 10636 port: 10637 description: Port number of the gRPC service. Number 10638 must be in the range 1 to 65535. 10639 format: int32 10640 type: integer 10641 service: 10642 description: "Service is the name of the service 10643 to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). 10644 \n If this is not specified, the default behavior 10645 is defined by gRPC." 10646 type: string 10647 required: 10648 - port 10649 type: object 10650 httpGet: 10651 description: HTTPGet specifies the http request to perform. 10652 properties: 10653 host: 10654 description: Host name to connect to, defaults to 10655 the pod IP. You probably want to set "Host" in 10656 httpHeaders instead. 10657 type: string 10658 httpHeaders: 10659 description: Custom headers to set in the request. 10660 HTTP allows repeated headers. 10661 items: 10662 description: HTTPHeader describes a custom header 10663 to be used in HTTP probes 10664 properties: 10665 name: 10666 description: The header field name. This will 10667 be canonicalized upon output, so case-variant 10668 names will be understood as the same header. 10669 type: string 10670 value: 10671 description: The header field value 10672 type: string 10673 required: 10674 - name 10675 - value 10676 type: object 10677 type: array 10678 path: 10679 description: Path to access on the HTTP server. 10680 type: string 10681 port: 10682 anyOf: 10683 - type: integer 10684 - type: string 10685 description: Name or number of the port to access 10686 on the container. Number must be in the range 10687 1 to 65535. Name must be an IANA_SVC_NAME. 10688 x-kubernetes-int-or-string: true 10689 scheme: 10690 description: Scheme to use for connecting to the 10691 host. Defaults to HTTP. 10692 type: string 10693 required: 10694 - port 10695 type: object 10696 initialDelaySeconds: 10697 description: 'Number of seconds after the container 10698 has started before liveness probes are initiated. 10699 More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' 10700 format: int32 10701 type: integer 10702 periodSeconds: 10703 description: How often (in seconds) to perform the probe. 10704 Default to 10 seconds. Minimum value is 1. 10705 format: int32 10706 type: integer 10707 successThreshold: 10708 description: Minimum consecutive successes for the probe 10709 to be considered successful after having failed. Defaults 10710 to 1. Must be 1 for liveness and startup. Minimum 10711 value is 1. 10712 format: int32 10713 type: integer 10714 tcpSocket: 10715 description: TCPSocket specifies an action involving 10716 a TCP port. 10717 properties: 10718 host: 10719 description: 'Optional: Host name to connect to, 10720 defaults to the pod IP.' 10721 type: string 10722 port: 10723 anyOf: 10724 - type: integer 10725 - type: string 10726 description: Number or name of the port to access 10727 on the container. Number must be in the range 10728 1 to 65535. Name must be an IANA_SVC_NAME. 10729 x-kubernetes-int-or-string: true 10730 required: 10731 - port 10732 type: object 10733 terminationGracePeriodSeconds: 10734 description: Optional duration in seconds the pod needs 10735 to terminate gracefully upon probe failure. The grace 10736 period is the duration in seconds after the processes 10737 running in the pod are sent a termination signal and 10738 the time when the processes are forcibly halted with 10739 a kill signal. Set this value longer than the expected 10740 cleanup time for your process. If this value is nil, 10741 the pod's terminationGracePeriodSeconds will be used. 10742 Otherwise, this value overrides the value provided 10743 by the pod spec. Value must be non-negative integer. 10744 The value zero indicates stop immediately via the 10745 kill signal (no opportunity to shut down). This is 10746 a beta field and requires enabling ProbeTerminationGracePeriod 10747 feature gate. Minimum value is 1. spec.terminationGracePeriodSeconds 10748 is used if unset. 10749 format: int64 10750 type: integer 10751 timeoutSeconds: 10752 description: 'Number of seconds after which the probe 10753 times out. Defaults to 1 second. Minimum value is 10754 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' 10755 format: int32 10756 type: integer 10757 type: object 10758 resizePolicy: 10759 description: Resources resize policy for the container. 10760 items: 10761 description: ContainerResizePolicy represents resource 10762 resize policy for the container. 10763 properties: 10764 resourceName: 10765 description: 'Name of the resource to which this resource 10766 resize policy applies. Supported values: cpu, memory.' 10767 type: string 10768 restartPolicy: 10769 description: Restart policy to apply when specified 10770 resource is resized. If not specified, it defaults 10771 to NotRequired. 10772 type: string 10773 required: 10774 - resourceName 10775 - restartPolicy 10776 type: object 10777 type: array 10778 x-kubernetes-list-type: atomic 10779 resources: 10780 description: 'Compute Resources required by this container. 10781 Cannot be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' 10782 properties: 10783 claims: 10784 description: "Claims lists the names of resources, defined 10785 in spec.resourceClaims, that are used by this container. 10786 \n This is an alpha field and requires enabling the 10787 DynamicResourceAllocation feature gate. \n This field 10788 is immutable. It can only be set for containers." 10789 items: 10790 description: ResourceClaim references one entry in 10791 PodSpec.ResourceClaims. 10792 properties: 10793 name: 10794 description: Name must match the name of one entry 10795 in pod.spec.resourceClaims of the Pod where 10796 this field is used. It makes that resource available 10797 inside a container. 10798 type: string 10799 required: 10800 - name 10801 type: object 10802 type: array 10803 x-kubernetes-list-map-keys: 10804 - name 10805 x-kubernetes-list-type: map 10806 limits: 10807 additionalProperties: 10808 anyOf: 10809 - type: integer 10810 - type: string 10811 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 10812 x-kubernetes-int-or-string: true 10813 description: 'Limits describes the maximum amount of 10814 compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' 10815 type: object 10816 requests: 10817 additionalProperties: 10818 anyOf: 10819 - type: integer 10820 - type: string 10821 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 10822 x-kubernetes-int-or-string: true 10823 description: 'Requests describes the minimum amount 10824 of compute resources required. If Requests is omitted 10825 for a container, it defaults to Limits if that is 10826 explicitly specified, otherwise to an implementation-defined 10827 value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' 10828 type: object 10829 type: object 10830 restartPolicy: 10831 description: 'RestartPolicy defines the restart behavior 10832 of individual containers in a pod. This field may only 10833 be set for init containers, and the only allowed value 10834 is "Always". For non-init containers or when this field 10835 is not specified, the restart behavior is defined by the 10836 Pod''s restart policy and the container type. Setting 10837 the RestartPolicy as "Always" for the init container will 10838 have the following effect: this init container will be 10839 continually restarted on exit until all regular containers 10840 have terminated. Once all regular containers have completed, 10841 all init containers with restartPolicy "Always" will be 10842 shut down. This lifecycle differs from normal init containers 10843 and is often referred to as a "sidecar" container. Although 10844 this init container still starts in the init container 10845 sequence, it does not wait for the container to complete 10846 before proceeding to the next init container. Instead, 10847 the next init container starts immediately after this 10848 init container is started, or after any startupProbe has 10849 successfully completed.' 10850 type: string 10851 securityContext: 10852 description: 'SecurityContext defines the security options 10853 the container should be run with. If set, the fields of 10854 SecurityContext override the equivalent fields of PodSecurityContext. 10855 More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/' 10856 properties: 10857 allowPrivilegeEscalation: 10858 description: 'AllowPrivilegeEscalation controls whether 10859 a process can gain more privileges than its parent 10860 process. This bool directly controls if the no_new_privs 10861 flag will be set on the container process. AllowPrivilegeEscalation 10862 is true always when the container is: 1) run as Privileged 10863 2) has CAP_SYS_ADMIN Note that this field cannot be 10864 set when spec.os.name is windows.' 10865 type: boolean 10866 capabilities: 10867 description: The capabilities to add/drop when running 10868 containers. Defaults to the default set of capabilities 10869 granted by the container runtime. Note that this field 10870 cannot be set when spec.os.name is windows. 10871 properties: 10872 add: 10873 description: Added capabilities 10874 items: 10875 description: Capability represent POSIX capabilities 10876 type 10877 type: string 10878 type: array 10879 drop: 10880 description: Removed capabilities 10881 items: 10882 description: Capability represent POSIX capabilities 10883 type 10884 type: string 10885 type: array 10886 type: object 10887 privileged: 10888 description: Run container in privileged mode. Processes 10889 in privileged containers are essentially equivalent 10890 to root on the host. Defaults to false. Note that 10891 this field cannot be set when spec.os.name is windows. 10892 type: boolean 10893 procMount: 10894 description: procMount denotes the type of proc mount 10895 to use for the containers. The default is DefaultProcMount 10896 which uses the container runtime defaults for readonly 10897 paths and masked paths. This requires the ProcMountType 10898 feature flag to be enabled. Note that this field cannot 10899 be set when spec.os.name is windows. 10900 type: string 10901 readOnlyRootFilesystem: 10902 description: Whether this container has a read-only 10903 root filesystem. Default is false. Note that this 10904 field cannot be set when spec.os.name is windows. 10905 type: boolean 10906 runAsGroup: 10907 description: The GID to run the entrypoint of the container 10908 process. Uses runtime default if unset. May also be 10909 set in PodSecurityContext. If set in both SecurityContext 10910 and PodSecurityContext, the value specified in SecurityContext 10911 takes precedence. Note that this field cannot be set 10912 when spec.os.name is windows. 10913 format: int64 10914 type: integer 10915 runAsNonRoot: 10916 description: Indicates that the container must run as 10917 a non-root user. If true, the Kubelet will validate 10918 the image at runtime to ensure that it does not run 10919 as UID 0 (root) and fail to start the container if 10920 it does. If unset or false, no such validation will 10921 be performed. May also be set in PodSecurityContext. If 10922 set in both SecurityContext and PodSecurityContext, 10923 the value specified in SecurityContext takes precedence. 10924 type: boolean 10925 runAsUser: 10926 description: The UID to run the entrypoint of the container 10927 process. Defaults to user specified in image metadata 10928 if unspecified. May also be set in PodSecurityContext. If 10929 set in both SecurityContext and PodSecurityContext, 10930 the value specified in SecurityContext takes precedence. 10931 Note that this field cannot be set when spec.os.name 10932 is windows. 10933 format: int64 10934 type: integer 10935 seLinuxOptions: 10936 description: The SELinux context to be applied to the 10937 container. If unspecified, the container runtime will 10938 allocate a random SELinux context for each container. May 10939 also be set in PodSecurityContext. If set in both 10940 SecurityContext and PodSecurityContext, the value 10941 specified in SecurityContext takes precedence. Note 10942 that this field cannot be set when spec.os.name is 10943 windows. 10944 properties: 10945 level: 10946 description: Level is SELinux level label that applies 10947 to the container. 10948 type: string 10949 role: 10950 description: Role is a SELinux role label that applies 10951 to the container. 10952 type: string 10953 type: 10954 description: Type is a SELinux type label that applies 10955 to the container. 10956 type: string 10957 user: 10958 description: User is a SELinux user label that applies 10959 to the container. 10960 type: string 10961 type: object 10962 seccompProfile: 10963 description: The seccomp options to use by this container. 10964 If seccomp options are provided at both the pod & 10965 container level, the container options override the 10966 pod options. Note that this field cannot be set when 10967 spec.os.name is windows. 10968 properties: 10969 localhostProfile: 10970 description: localhostProfile indicates a profile 10971 defined in a file on the node should be used. 10972 The profile must be preconfigured on the node 10973 to work. Must be a descending path, relative to 10974 the kubelet's configured seccomp profile location. 10975 Must be set if type is "Localhost". Must NOT be 10976 set for any other type. 10977 type: string 10978 type: 10979 description: "type indicates which kind of seccomp 10980 profile will be applied. Valid options are: \n 10981 Localhost - a profile defined in a file on the 10982 node should be used. RuntimeDefault - the container 10983 runtime default profile should be used. Unconfined 10984 - no profile should be applied." 10985 type: string 10986 required: 10987 - type 10988 type: object 10989 windowsOptions: 10990 description: The Windows specific settings applied to 10991 all containers. If unspecified, the options from the 10992 PodSecurityContext will be used. If set in both SecurityContext 10993 and PodSecurityContext, the value specified in SecurityContext 10994 takes precedence. Note that this field cannot be set 10995 when spec.os.name is linux. 10996 properties: 10997 gmsaCredentialSpec: 10998 description: GMSACredentialSpec is where the GMSA 10999 admission webhook (https://github.com/kubernetes-sigs/windows-gmsa) 11000 inlines the contents of the GMSA credential spec 11001 named by the GMSACredentialSpecName field. 11002 type: string 11003 gmsaCredentialSpecName: 11004 description: GMSACredentialSpecName is the name 11005 of the GMSA credential spec to use. 11006 type: string 11007 hostProcess: 11008 description: HostProcess determines if a container 11009 should be run as a 'Host Process' container. All 11010 of a Pod's containers must have the same effective 11011 HostProcess value (it is not allowed to have a 11012 mix of HostProcess containers and non-HostProcess 11013 containers). In addition, if HostProcess is true 11014 then HostNetwork must also be set to true. 11015 type: boolean 11016 runAsUserName: 11017 description: The UserName in Windows to run the 11018 entrypoint of the container process. Defaults 11019 to the user specified in image metadata if unspecified. 11020 May also be set in PodSecurityContext. If set 11021 in both SecurityContext and PodSecurityContext, 11022 the value specified in SecurityContext takes precedence. 11023 type: string 11024 type: object 11025 type: object 11026 startupProbe: 11027 description: 'StartupProbe indicates that the Pod has successfully 11028 initialized. If specified, no other probes are executed 11029 until this completes successfully. If this probe fails, 11030 the Pod will be restarted, just as if the livenessProbe 11031 failed. This can be used to provide different probe parameters 11032 at the beginning of a Pod''s lifecycle, when it might 11033 take a long time to load data or warm a cache, than during 11034 steady-state operation. This cannot be updated. More info: 11035 https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' 11036 properties: 11037 exec: 11038 description: Exec specifies the action to take. 11039 properties: 11040 command: 11041 description: Command is the command line to execute 11042 inside the container, the working directory for 11043 the command is root ('/') in the container's 11044 filesystem. The command is simply exec'd, it is 11045 not run inside a shell, so traditional shell instructions 11046 ('|', etc) won't work. To use a shell, you need 11047 to explicitly call out to that shell. Exit status 11048 of 0 is treated as live/healthy and non-zero is 11049 unhealthy. 11050 items: 11051 type: string 11052 type: array 11053 type: object 11054 failureThreshold: 11055 description: Minimum consecutive failures for the probe 11056 to be considered failed after having succeeded. Defaults 11057 to 3. Minimum value is 1. 11058 format: int32 11059 type: integer 11060 grpc: 11061 description: GRPC specifies an action involving a GRPC 11062 port. 11063 properties: 11064 port: 11065 description: Port number of the gRPC service. Number 11066 must be in the range 1 to 65535. 11067 format: int32 11068 type: integer 11069 service: 11070 description: "Service is the name of the service 11071 to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). 11072 \n If this is not specified, the default behavior 11073 is defined by gRPC." 11074 type: string 11075 required: 11076 - port 11077 type: object 11078 httpGet: 11079 description: HTTPGet specifies the http request to perform. 11080 properties: 11081 host: 11082 description: Host name to connect to, defaults to 11083 the pod IP. You probably want to set "Host" in 11084 httpHeaders instead. 11085 type: string 11086 httpHeaders: 11087 description: Custom headers to set in the request. 11088 HTTP allows repeated headers. 11089 items: 11090 description: HTTPHeader describes a custom header 11091 to be used in HTTP probes 11092 properties: 11093 name: 11094 description: The header field name. This will 11095 be canonicalized upon output, so case-variant 11096 names will be understood as the same header. 11097 type: string 11098 value: 11099 description: The header field value 11100 type: string 11101 required: 11102 - name 11103 - value 11104 type: object 11105 type: array 11106 path: 11107 description: Path to access on the HTTP server. 11108 type: string 11109 port: 11110 anyOf: 11111 - type: integer 11112 - type: string 11113 description: Name or number of the port to access 11114 on the container. Number must be in the range 11115 1 to 65535. Name must be an IANA_SVC_NAME. 11116 x-kubernetes-int-or-string: true 11117 scheme: 11118 description: Scheme to use for connecting to the 11119 host. Defaults to HTTP. 11120 type: string 11121 required: 11122 - port 11123 type: object 11124 initialDelaySeconds: 11125 description: 'Number of seconds after the container 11126 has started before liveness probes are initiated. 11127 More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' 11128 format: int32 11129 type: integer 11130 periodSeconds: 11131 description: How often (in seconds) to perform the probe. 11132 Default to 10 seconds. Minimum value is 1. 11133 format: int32 11134 type: integer 11135 successThreshold: 11136 description: Minimum consecutive successes for the probe 11137 to be considered successful after having failed. Defaults 11138 to 1. Must be 1 for liveness and startup. Minimum 11139 value is 1. 11140 format: int32 11141 type: integer 11142 tcpSocket: 11143 description: TCPSocket specifies an action involving 11144 a TCP port. 11145 properties: 11146 host: 11147 description: 'Optional: Host name to connect to, 11148 defaults to the pod IP.' 11149 type: string 11150 port: 11151 anyOf: 11152 - type: integer 11153 - type: string 11154 description: Number or name of the port to access 11155 on the container. Number must be in the range 11156 1 to 65535. Name must be an IANA_SVC_NAME. 11157 x-kubernetes-int-or-string: true 11158 required: 11159 - port 11160 type: object 11161 terminationGracePeriodSeconds: 11162 description: Optional duration in seconds the pod needs 11163 to terminate gracefully upon probe failure. The grace 11164 period is the duration in seconds after the processes 11165 running in the pod are sent a termination signal and 11166 the time when the processes are forcibly halted with 11167 a kill signal. Set this value longer than the expected 11168 cleanup time for your process. If this value is nil, 11169 the pod's terminationGracePeriodSeconds will be used. 11170 Otherwise, this value overrides the value provided 11171 by the pod spec. Value must be non-negative integer. 11172 The value zero indicates stop immediately via the 11173 kill signal (no opportunity to shut down). This is 11174 a beta field and requires enabling ProbeTerminationGracePeriod 11175 feature gate. Minimum value is 1. spec.terminationGracePeriodSeconds 11176 is used if unset. 11177 format: int64 11178 type: integer 11179 timeoutSeconds: 11180 description: 'Number of seconds after which the probe 11181 times out. Defaults to 1 second. Minimum value is 11182 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' 11183 format: int32 11184 type: integer 11185 type: object 11186 stdin: 11187 description: Whether this container should allocate a buffer 11188 for stdin in the container runtime. If this is not set, 11189 reads from stdin in the container will always result in 11190 EOF. Default is false. 11191 type: boolean 11192 stdinOnce: 11193 description: Whether the container runtime should close 11194 the stdin channel after it has been opened by a single 11195 attach. When stdin is true the stdin stream will remain 11196 open across multiple attach sessions. If stdinOnce is 11197 set to true, stdin is opened on container start, is empty 11198 until the first client attaches to stdin, and then remains 11199 open and accepts data until the client disconnects, at 11200 which time stdin is closed and remains closed until the 11201 container is restarted. If this flag is false, a container 11202 processes that reads from stdin will never receive an 11203 EOF. Default is false 11204 type: boolean 11205 terminationMessagePath: 11206 description: 'Optional: Path at which the file to which 11207 the container''s termination message will be written is 11208 mounted into the container''s filesystem. Message written 11209 is intended to be brief final status, such as an assertion 11210 failure message. Will be truncated by the node if greater 11211 than 4096 bytes. The total message length across all containers 11212 will be limited to 12kb. Defaults to /dev/termination-log. 11213 Cannot be updated.' 11214 type: string 11215 terminationMessagePolicy: 11216 description: Indicate how the termination message should 11217 be populated. File will use the contents of terminationMessagePath 11218 to populate the container status message on both success 11219 and failure. FallbackToLogsOnError will use the last chunk 11220 of container log output if the termination message file 11221 is empty and the container exited with an error. The log 11222 output is limited to 2048 bytes or 80 lines, whichever 11223 is smaller. Defaults to File. Cannot be updated. 11224 type: string 11225 tty: 11226 description: Whether this container should allocate a TTY 11227 for itself, also requires 'stdin' to be true. Default 11228 is false. 11229 type: boolean 11230 volumeDevices: 11231 description: volumeDevices is the list of block devices 11232 to be used by the container. 11233 items: 11234 description: volumeDevice describes a mapping of a raw 11235 block device within a container. 11236 properties: 11237 devicePath: 11238 description: devicePath is the path inside of the 11239 container that the device will be mapped to. 11240 type: string 11241 name: 11242 description: name must match the name of a persistentVolumeClaim 11243 in the pod 11244 type: string 11245 required: 11246 - devicePath 11247 - name 11248 type: object 11249 type: array 11250 volumeMounts: 11251 description: Pod volumes to mount into the container's filesystem. 11252 Cannot be updated. 11253 items: 11254 description: VolumeMount describes a mounting of a Volume 11255 within a container. 11256 properties: 11257 mountPath: 11258 description: Path within the container at which the 11259 volume should be mounted. Must not contain ':'. 11260 type: string 11261 mountPropagation: 11262 description: mountPropagation determines how mounts 11263 are propagated from the host to container and the 11264 other way around. When not set, MountPropagationNone 11265 is used. This field is beta in 1.10. 11266 type: string 11267 name: 11268 description: This must match the Name of a Volume. 11269 type: string 11270 readOnly: 11271 description: Mounted read-only if true, read-write 11272 otherwise (false or unspecified). Defaults to false. 11273 type: boolean 11274 subPath: 11275 description: Path within the volume from which the 11276 container's volume should be mounted. Defaults to 11277 "" (volume's root). 11278 type: string 11279 subPathExpr: 11280 description: Expanded path within the volume from 11281 which the container's volume should be mounted. 11282 Behaves similarly to SubPath but environment variable 11283 references $(VAR_NAME) are expanded using the container's 11284 environment. Defaults to "" (volume's root). SubPathExpr 11285 and SubPath are mutually exclusive. 11286 type: string 11287 required: 11288 - mountPath 11289 - name 11290 type: object 11291 type: array 11292 workingDir: 11293 description: Container's working directory. If not specified, 11294 the container runtime's default will be used, which might 11295 be configured in the container image. Cannot be updated. 11296 type: string 11297 required: 11298 - name 11299 type: object 11300 type: array 11301 verifytls: 11302 description: VerifyTLS defines whether repo server API should 11303 be accessed using strict TLS validation 11304 type: boolean 11305 version: 11306 description: Version is the ArgoCD Repo Server container image 11307 tag. 11308 type: string 11309 volumeMounts: 11310 description: VolumeMounts adds volumeMounts to the repo server 11311 container 11312 items: 11313 description: VolumeMount describes a mounting of a Volume within 11314 a container. 11315 properties: 11316 mountPath: 11317 description: Path within the container at which the volume 11318 should be mounted. Must not contain ':'. 11319 type: string 11320 mountPropagation: 11321 description: mountPropagation determines how mounts are 11322 propagated from the host to container and the other way 11323 around. When not set, MountPropagationNone is used. This 11324 field is beta in 1.10. 11325 type: string 11326 name: 11327 description: This must match the Name of a Volume. 11328 type: string 11329 readOnly: 11330 description: Mounted read-only if true, read-write otherwise 11331 (false or unspecified). Defaults to false. 11332 type: boolean 11333 subPath: 11334 description: Path within the volume from which the container's 11335 volume should be mounted. Defaults to "" (volume's root). 11336 type: string 11337 subPathExpr: 11338 description: Expanded path within the volume from which 11339 the container's volume should be mounted. Behaves similarly 11340 to SubPath but environment variable references $(VAR_NAME) 11341 are expanded using the container's environment. Defaults 11342 to "" (volume's root). SubPathExpr and SubPath are mutually 11343 exclusive. 11344 type: string 11345 required: 11346 - mountPath 11347 - name 11348 type: object 11349 type: array 11350 volumes: 11351 description: Volumes adds volumes to the repo server deployment 11352 items: 11353 description: Volume represents a named volume in a pod that 11354 may be accessed by any container in the pod. 11355 properties: 11356 awsElasticBlockStore: 11357 description: 'awsElasticBlockStore represents an AWS Disk 11358 resource that is attached to a kubelet''s host machine 11359 and then exposed to the pod. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore' 11360 properties: 11361 fsType: 11362 description: 'fsType is the filesystem type of the volume 11363 that you want to mount. Tip: Ensure that the filesystem 11364 type is supported by the host operating system. Examples: 11365 "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" 11366 if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore 11367 TODO: how do we prevent errors in the filesystem from 11368 compromising the machine' 11369 type: string 11370 partition: 11371 description: 'partition is the partition in the volume 11372 that you want to mount. If omitted, the default is 11373 to mount by volume name. Examples: For volume /dev/sda1, 11374 you specify the partition as "1". Similarly, the volume 11375 partition for /dev/sda is "0" (or you can leave the 11376 property empty).' 11377 format: int32 11378 type: integer 11379 readOnly: 11380 description: 'readOnly value true will force the readOnly 11381 setting in VolumeMounts. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore' 11382 type: boolean 11383 volumeID: 11384 description: 'volumeID is unique ID of the persistent 11385 disk resource in AWS (Amazon EBS volume). More info: 11386 https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore' 11387 type: string 11388 required: 11389 - volumeID 11390 type: object 11391 azureDisk: 11392 description: azureDisk represents an Azure Data Disk mount 11393 on the host and bind mount to the pod. 11394 properties: 11395 cachingMode: 11396 description: 'cachingMode is the Host Caching mode: 11397 None, Read Only, Read Write.' 11398 type: string 11399 diskName: 11400 description: diskName is the Name of the data disk in 11401 the blob storage 11402 type: string 11403 diskURI: 11404 description: diskURI is the URI of data disk in the 11405 blob storage 11406 type: string 11407 fsType: 11408 description: fsType is Filesystem type to mount. Must 11409 be a filesystem type supported by the host operating 11410 system. Ex. "ext4", "xfs", "ntfs". Implicitly inferred 11411 to be "ext4" if unspecified. 11412 type: string 11413 kind: 11414 description: 'kind expected values are Shared: multiple 11415 blob disks per storage account Dedicated: single 11416 blob disk per storage account Managed: azure managed 11417 data disk (only in managed availability set). defaults 11418 to shared' 11419 type: string 11420 readOnly: 11421 description: readOnly Defaults to false (read/write). 11422 ReadOnly here will force the ReadOnly setting in VolumeMounts. 11423 type: boolean 11424 required: 11425 - diskName 11426 - diskURI 11427 type: object 11428 azureFile: 11429 description: azureFile represents an Azure File Service 11430 mount on the host and bind mount to the pod. 11431 properties: 11432 readOnly: 11433 description: readOnly defaults to false (read/write). 11434 ReadOnly here will force the ReadOnly setting in VolumeMounts. 11435 type: boolean 11436 secretName: 11437 description: secretName is the name of secret that 11438 contains Azure Storage Account Name and Key 11439 type: string 11440 shareName: 11441 description: shareName is the azure share Name 11442 type: string 11443 required: 11444 - secretName 11445 - shareName 11446 type: object 11447 cephfs: 11448 description: cephFS represents a Ceph FS mount on the host 11449 that shares a pod's lifetime 11450 properties: 11451 monitors: 11452 description: 'monitors is Required: Monitors is a collection 11453 of Ceph monitors More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it' 11454 items: 11455 type: string 11456 type: array 11457 path: 11458 description: 'path is Optional: Used as the mounted 11459 root, rather than the full Ceph tree, default is /' 11460 type: string 11461 readOnly: 11462 description: 'readOnly is Optional: Defaults to false 11463 (read/write). ReadOnly here will force the ReadOnly 11464 setting in VolumeMounts. More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it' 11465 type: boolean 11466 secretFile: 11467 description: 'secretFile is Optional: SecretFile is 11468 the path to key ring for User, default is /etc/ceph/user.secret 11469 More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it' 11470 type: string 11471 secretRef: 11472 description: 'secretRef is Optional: SecretRef is reference 11473 to the authentication secret for User, default is 11474 empty. More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it' 11475 properties: 11476 name: 11477 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 11478 TODO: Add other useful fields. apiVersion, kind, 11479 uid?' 11480 type: string 11481 type: object 11482 user: 11483 description: 'user is optional: User is the rados user 11484 name, default is admin More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it' 11485 type: string 11486 required: 11487 - monitors 11488 type: object 11489 cinder: 11490 description: 'cinder represents a cinder volume attached 11491 and mounted on kubelets host machine. More info: https://examples.k8s.io/mysql-cinder-pd/README.md' 11492 properties: 11493 fsType: 11494 description: 'fsType is the filesystem type to mount. 11495 Must be a filesystem type supported by the host operating 11496 system. Examples: "ext4", "xfs", "ntfs". Implicitly 11497 inferred to be "ext4" if unspecified. More info: https://examples.k8s.io/mysql-cinder-pd/README.md' 11498 type: string 11499 readOnly: 11500 description: 'readOnly defaults to false (read/write). 11501 ReadOnly here will force the ReadOnly setting in VolumeMounts. 11502 More info: https://examples.k8s.io/mysql-cinder-pd/README.md' 11503 type: boolean 11504 secretRef: 11505 description: 'secretRef is optional: points to a secret 11506 object containing parameters used to connect to OpenStack.' 11507 properties: 11508 name: 11509 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 11510 TODO: Add other useful fields. apiVersion, kind, 11511 uid?' 11512 type: string 11513 type: object 11514 volumeID: 11515 description: 'volumeID used to identify the volume in 11516 cinder. More info: https://examples.k8s.io/mysql-cinder-pd/README.md' 11517 type: string 11518 required: 11519 - volumeID 11520 type: object 11521 configMap: 11522 description: configMap represents a configMap that should 11523 populate this volume 11524 properties: 11525 defaultMode: 11526 description: 'defaultMode is optional: mode bits used 11527 to set permissions on created files by default. Must 11528 be an octal value between 0000 and 0777 or a decimal 11529 value between 0 and 511. YAML accepts both octal and 11530 decimal values, JSON requires decimal values for mode 11531 bits. Defaults to 0644. Directories within the path 11532 are not affected by this setting. This might be in 11533 conflict with other options that affect the file mode, 11534 like fsGroup, and the result can be other mode bits 11535 set.' 11536 format: int32 11537 type: integer 11538 items: 11539 description: items if unspecified, each key-value pair 11540 in the Data field of the referenced ConfigMap will 11541 be projected into the volume as a file whose name 11542 is the key and content is the value. If specified, 11543 the listed keys will be projected into the specified 11544 paths, and unlisted keys will not be present. If a 11545 key is specified which is not present in the ConfigMap, 11546 the volume setup will error unless it is marked optional. 11547 Paths must be relative and may not contain the '..' 11548 path or start with '..'. 11549 items: 11550 description: Maps a string key to a path within a 11551 volume. 11552 properties: 11553 key: 11554 description: key is the key to project. 11555 type: string 11556 mode: 11557 description: 'mode is Optional: mode bits used 11558 to set permissions on this file. Must be an 11559 octal value between 0000 and 0777 or a decimal 11560 value between 0 and 511. YAML accepts both octal 11561 and decimal values, JSON requires decimal values 11562 for mode bits. If not specified, the volume 11563 defaultMode will be used. This might be in conflict 11564 with other options that affect the file mode, 11565 like fsGroup, and the result can be other mode 11566 bits set.' 11567 format: int32 11568 type: integer 11569 path: 11570 description: path is the relative path of the 11571 file to map the key to. May not be an absolute 11572 path. May not contain the path element '..'. 11573 May not start with the string '..'. 11574 type: string 11575 required: 11576 - key 11577 - path 11578 type: object 11579 type: array 11580 name: 11581 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 11582 TODO: Add other useful fields. apiVersion, kind, uid?' 11583 type: string 11584 optional: 11585 description: optional specify whether the ConfigMap 11586 or its keys must be defined 11587 type: boolean 11588 type: object 11589 csi: 11590 description: csi (Container Storage Interface) represents 11591 ephemeral storage that is handled by certain external 11592 CSI drivers (Beta feature). 11593 properties: 11594 driver: 11595 description: driver is the name of the CSI driver that 11596 handles this volume. Consult with your admin for the 11597 correct name as registered in the cluster. 11598 type: string 11599 fsType: 11600 description: fsType to mount. Ex. "ext4", "xfs", "ntfs". 11601 If not provided, the empty value is passed to the 11602 associated CSI driver which will determine the default 11603 filesystem to apply. 11604 type: string 11605 nodePublishSecretRef: 11606 description: nodePublishSecretRef is a reference to 11607 the secret object containing sensitive information 11608 to pass to the CSI driver to complete the CSI NodePublishVolume 11609 and NodeUnpublishVolume calls. This field is optional, 11610 and may be empty if no secret is required. If the 11611 secret object contains more than one secret, all secret 11612 references are passed. 11613 properties: 11614 name: 11615 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 11616 TODO: Add other useful fields. apiVersion, kind, 11617 uid?' 11618 type: string 11619 type: object 11620 readOnly: 11621 description: readOnly specifies a read-only configuration 11622 for the volume. Defaults to false (read/write). 11623 type: boolean 11624 volumeAttributes: 11625 additionalProperties: 11626 type: string 11627 description: volumeAttributes stores driver-specific 11628 properties that are passed to the CSI driver. Consult 11629 your driver's documentation for supported values. 11630 type: object 11631 required: 11632 - driver 11633 type: object 11634 downwardAPI: 11635 description: downwardAPI represents downward API about the 11636 pod that should populate this volume 11637 properties: 11638 defaultMode: 11639 description: 'Optional: mode bits to use on created 11640 files by default. Must be a Optional: mode bits used 11641 to set permissions on created files by default. Must 11642 be an octal value between 0000 and 0777 or a decimal 11643 value between 0 and 511. YAML accepts both octal and 11644 decimal values, JSON requires decimal values for mode 11645 bits. Defaults to 0644. Directories within the path 11646 are not affected by this setting. This might be in 11647 conflict with other options that affect the file mode, 11648 like fsGroup, and the result can be other mode bits 11649 set.' 11650 format: int32 11651 type: integer 11652 items: 11653 description: Items is a list of downward API volume 11654 file 11655 items: 11656 description: DownwardAPIVolumeFile represents information 11657 to create the file containing the pod field 11658 properties: 11659 fieldRef: 11660 description: 'Required: Selects a field of the 11661 pod: only annotations, labels, name and namespace 11662 are supported.' 11663 properties: 11664 apiVersion: 11665 description: Version of the schema the FieldPath 11666 is written in terms of, defaults to "v1". 11667 type: string 11668 fieldPath: 11669 description: Path of the field to select in 11670 the specified API version. 11671 type: string 11672 required: 11673 - fieldPath 11674 type: object 11675 mode: 11676 description: 'Optional: mode bits used to set 11677 permissions on this file, must be an octal value 11678 between 0000 and 0777 or a decimal value between 11679 0 and 511. YAML accepts both octal and decimal 11680 values, JSON requires decimal values for mode 11681 bits. If not specified, the volume defaultMode 11682 will be used. This might be in conflict with 11683 other options that affect the file mode, like 11684 fsGroup, and the result can be other mode bits 11685 set.' 11686 format: int32 11687 type: integer 11688 path: 11689 description: 'Required: Path is the relative 11690 path name of the file to be created. Must not 11691 be absolute or contain the ''..'' path. Must 11692 be utf-8 encoded. The first item of the relative 11693 path must not start with ''..''' 11694 type: string 11695 resourceFieldRef: 11696 description: 'Selects a resource of the container: 11697 only resources limits and requests (limits.cpu, 11698 limits.memory, requests.cpu and requests.memory) 11699 are currently supported.' 11700 properties: 11701 containerName: 11702 description: 'Container name: required for 11703 volumes, optional for env vars' 11704 type: string 11705 divisor: 11706 anyOf: 11707 - type: integer 11708 - type: string 11709 description: Specifies the output format of 11710 the exposed resources, defaults to "1" 11711 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 11712 x-kubernetes-int-or-string: true 11713 resource: 11714 description: 'Required: resource to select' 11715 type: string 11716 required: 11717 - resource 11718 type: object 11719 required: 11720 - path 11721 type: object 11722 type: array 11723 type: object 11724 emptyDir: 11725 description: 'emptyDir represents a temporary directory 11726 that shares a pod''s lifetime. More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir' 11727 properties: 11728 medium: 11729 description: 'medium represents what type of storage 11730 medium should back this directory. The default is 11731 "" which means to use the node''s default medium. 11732 Must be an empty string (default) or Memory. More 11733 info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir' 11734 type: string 11735 sizeLimit: 11736 anyOf: 11737 - type: integer 11738 - type: string 11739 description: 'sizeLimit is the total amount of local 11740 storage required for this EmptyDir volume. The size 11741 limit is also applicable for memory medium. The maximum 11742 usage on memory medium EmptyDir would be the minimum 11743 value between the SizeLimit specified here and the 11744 sum of memory limits of all containers in a pod. The 11745 default is nil which means that the limit is undefined. 11746 More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir' 11747 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 11748 x-kubernetes-int-or-string: true 11749 type: object 11750 ephemeral: 11751 description: "ephemeral represents a volume that is handled 11752 by a cluster storage driver. The volume's lifecycle is 11753 tied to the pod that defines it - it will be created before 11754 the pod starts, and deleted when the pod is removed. \n 11755 Use this if: a) the volume is only needed while the pod 11756 runs, b) features of normal volumes like restoring from 11757 snapshot or capacity tracking are needed, c) the storage 11758 driver is specified through a storage class, and d) the 11759 storage driver supports dynamic volume provisioning through 11760 \ a PersistentVolumeClaim (see EphemeralVolumeSource 11761 for more information on the connection between this 11762 volume type and PersistentVolumeClaim). \n Use PersistentVolumeClaim 11763 or one of the vendor-specific APIs for volumes that persist 11764 for longer than the lifecycle of an individual pod. \n 11765 Use CSI for light-weight local ephemeral volumes if the 11766 CSI driver is meant to be used that way - see the documentation 11767 of the driver for more information. \n A pod can use both 11768 types of ephemeral volumes and persistent volumes at the 11769 same time." 11770 properties: 11771 volumeClaimTemplate: 11772 description: "Will be used to create a stand-alone PVC 11773 to provision the volume. The pod in which this EphemeralVolumeSource 11774 is embedded will be the owner of the PVC, i.e. the 11775 PVC will be deleted together with the pod. The name 11776 of the PVC will be `<pod name>-<volume name>` where 11777 `<volume name>` is the name from the `PodSpec.Volumes` 11778 array entry. Pod validation will reject the pod if 11779 the concatenated name is not valid for a PVC (for 11780 example, too long). \n An existing PVC with that name 11781 that is not owned by the pod will *not* be used for 11782 the pod to avoid using an unrelated volume by mistake. 11783 Starting the pod is then blocked until the unrelated 11784 PVC is removed. If such a pre-created PVC is meant 11785 to be used by the pod, the PVC has to updated with 11786 an owner reference to the pod once the pod exists. 11787 Normally this should not be necessary, but it may 11788 be useful when manually reconstructing a broken cluster. 11789 \n This field is read-only and no changes will be 11790 made by Kubernetes to the PVC after it has been created. 11791 \n Required, must not be nil." 11792 properties: 11793 metadata: 11794 description: May contain labels and annotations 11795 that will be copied into the PVC when creating 11796 it. No other fields are allowed and will be rejected 11797 during validation. 11798 type: object 11799 spec: 11800 description: The specification for the PersistentVolumeClaim. 11801 The entire content is copied unchanged into the 11802 PVC that gets created from this template. The 11803 same fields as in a PersistentVolumeClaim are 11804 also valid here. 11805 properties: 11806 accessModes: 11807 description: 'accessModes contains the desired 11808 access modes the volume should have. More 11809 info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1' 11810 items: 11811 type: string 11812 type: array 11813 dataSource: 11814 description: 'dataSource field can be used to 11815 specify either: * An existing VolumeSnapshot 11816 object (snapshot.storage.k8s.io/VolumeSnapshot) 11817 * An existing PVC (PersistentVolumeClaim) 11818 If the provisioner or an external controller 11819 can support the specified data source, it 11820 will create a new volume based on the contents 11821 of the specified data source. When the AnyVolumeDataSource 11822 feature gate is enabled, dataSource contents 11823 will be copied to dataSourceRef, and dataSourceRef 11824 contents will be copied to dataSource when 11825 dataSourceRef.namespace is not specified. 11826 If the namespace is specified, then dataSourceRef 11827 will not be copied to dataSource.' 11828 properties: 11829 apiGroup: 11830 description: APIGroup is the group for the 11831 resource being referenced. If APIGroup 11832 is not specified, the specified Kind must 11833 be in the core API group. For any other 11834 third-party types, APIGroup is required. 11835 type: string 11836 kind: 11837 description: Kind is the type of resource 11838 being referenced 11839 type: string 11840 name: 11841 description: Name is the name of resource 11842 being referenced 11843 type: string 11844 required: 11845 - kind 11846 - name 11847 type: object 11848 dataSourceRef: 11849 description: 'dataSourceRef specifies the object 11850 from which to populate the volume with data, 11851 if a non-empty volume is desired. This may 11852 be any object from a non-empty API group (non 11853 core object) or a PersistentVolumeClaim object. 11854 When this field is specified, volume binding 11855 will only succeed if the type of the specified 11856 object matches some installed volume populator 11857 or dynamic provisioner. This field will replace 11858 the functionality of the dataSource field 11859 and as such if both fields are non-empty, 11860 they must have the same value. For backwards 11861 compatibility, when namespace isn''t specified 11862 in dataSourceRef, both fields (dataSource 11863 and dataSourceRef) will be set to the same 11864 value automatically if one of them is empty 11865 and the other is non-empty. When namespace 11866 is specified in dataSourceRef, dataSource 11867 isn''t set to the same value and must be empty. 11868 There are three important differences between 11869 dataSource and dataSourceRef: * While dataSource 11870 only allows two specific types of objects, 11871 dataSourceRef allows any non-core object, 11872 as well as PersistentVolumeClaim objects. 11873 * While dataSource ignores disallowed values 11874 (dropping them), dataSourceRef preserves 11875 all values, and generates an error if a disallowed 11876 value is specified. * While dataSource only 11877 allows local objects, dataSourceRef allows 11878 objects in any namespaces. (Beta) Using 11879 this field requires the AnyVolumeDataSource 11880 feature gate to be enabled. (Alpha) Using 11881 the namespace field of dataSourceRef requires 11882 the CrossNamespaceVolumeDataSource feature 11883 gate to be enabled.' 11884 properties: 11885 apiGroup: 11886 description: APIGroup is the group for the 11887 resource being referenced. If APIGroup 11888 is not specified, the specified Kind must 11889 be in the core API group. For any other 11890 third-party types, APIGroup is required. 11891 type: string 11892 kind: 11893 description: Kind is the type of resource 11894 being referenced 11895 type: string 11896 name: 11897 description: Name is the name of resource 11898 being referenced 11899 type: string 11900 namespace: 11901 description: Namespace is the namespace 11902 of resource being referenced Note that 11903 when a namespace is specified, a gateway.networking.k8s.io/ReferenceGrant 11904 object is required in the referent namespace 11905 to allow that namespace's owner to accept 11906 the reference. See the ReferenceGrant 11907 documentation for details. (Alpha) This 11908 field requires the CrossNamespaceVolumeDataSource 11909 feature gate to be enabled. 11910 type: string 11911 required: 11912 - kind 11913 - name 11914 type: object 11915 resources: 11916 description: 'resources represents the minimum 11917 resources the volume should have. If RecoverVolumeExpansionFailure 11918 feature is enabled users are allowed to specify 11919 resource requirements that are lower than 11920 previous value but must still be higher than 11921 capacity recorded in the status field of the 11922 claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources' 11923 properties: 11924 claims: 11925 description: "Claims lists the names of 11926 resources, defined in spec.resourceClaims, 11927 that are used by this container. \n This 11928 is an alpha field and requires enabling 11929 the DynamicResourceAllocation feature 11930 gate. \n This field is immutable. It can 11931 only be set for containers." 11932 items: 11933 description: ResourceClaim references 11934 one entry in PodSpec.ResourceClaims. 11935 properties: 11936 name: 11937 description: Name must match the name 11938 of one entry in pod.spec.resourceClaims 11939 of the Pod where this field is used. 11940 It makes that resource available 11941 inside a container. 11942 type: string 11943 required: 11944 - name 11945 type: object 11946 type: array 11947 x-kubernetes-list-map-keys: 11948 - name 11949 x-kubernetes-list-type: map 11950 limits: 11951 additionalProperties: 11952 anyOf: 11953 - type: integer 11954 - type: string 11955 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 11956 x-kubernetes-int-or-string: true 11957 description: 'Limits describes the maximum 11958 amount of compute resources allowed. More 11959 info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' 11960 type: object 11961 requests: 11962 additionalProperties: 11963 anyOf: 11964 - type: integer 11965 - type: string 11966 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 11967 x-kubernetes-int-or-string: true 11968 description: 'Requests describes the minimum 11969 amount of compute resources required. 11970 If Requests is omitted for a container, 11971 it defaults to Limits if that is explicitly 11972 specified, otherwise to an implementation-defined 11973 value. Requests cannot exceed Limits. 11974 More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' 11975 type: object 11976 type: object 11977 selector: 11978 description: selector is a label query over 11979 volumes to consider for binding. 11980 properties: 11981 matchExpressions: 11982 description: matchExpressions is a list 11983 of label selector requirements. The requirements 11984 are ANDed. 11985 items: 11986 description: A label selector requirement 11987 is a selector that contains values, 11988 a key, and an operator that relates 11989 the key and values. 11990 properties: 11991 key: 11992 description: key is the label key 11993 that the selector applies to. 11994 type: string 11995 operator: 11996 description: operator represents a 11997 key's relationship to a set of values. 11998 Valid operators are In, NotIn, Exists 11999 and DoesNotExist. 12000 type: string 12001 values: 12002 description: values is an array of 12003 string values. If the operator is 12004 In or NotIn, the values array must 12005 be non-empty. If the operator is 12006 Exists or DoesNotExist, the values 12007 array must be empty. This array 12008 is replaced during a strategic merge 12009 patch. 12010 items: 12011 type: string 12012 type: array 12013 required: 12014 - key 12015 - operator 12016 type: object 12017 type: array 12018 matchLabels: 12019 additionalProperties: 12020 type: string 12021 description: matchLabels is a map of {key,value} 12022 pairs. A single {key,value} in the matchLabels 12023 map is equivalent to an element of matchExpressions, 12024 whose key field is "key", the operator 12025 is "In", and the values array contains 12026 only "value". The requirements are ANDed. 12027 type: object 12028 type: object 12029 storageClassName: 12030 description: 'storageClassName is the name of 12031 the StorageClass required by the claim. More 12032 info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1' 12033 type: string 12034 volumeMode: 12035 description: volumeMode defines what type of 12036 volume is required by the claim. Value of 12037 Filesystem is implied when not included in 12038 claim spec. 12039 type: string 12040 volumeName: 12041 description: volumeName is the binding reference 12042 to the PersistentVolume backing this claim. 12043 type: string 12044 type: object 12045 required: 12046 - spec 12047 type: object 12048 type: object 12049 fc: 12050 description: fc represents a Fibre Channel resource that 12051 is attached to a kubelet's host machine and then exposed 12052 to the pod. 12053 properties: 12054 fsType: 12055 description: 'fsType is the filesystem type to mount. 12056 Must be a filesystem type supported by the host operating 12057 system. Ex. "ext4", "xfs", "ntfs". Implicitly inferred 12058 to be "ext4" if unspecified. TODO: how do we prevent 12059 errors in the filesystem from compromising the machine' 12060 type: string 12061 lun: 12062 description: 'lun is Optional: FC target lun number' 12063 format: int32 12064 type: integer 12065 readOnly: 12066 description: 'readOnly is Optional: Defaults to false 12067 (read/write). ReadOnly here will force the ReadOnly 12068 setting in VolumeMounts.' 12069 type: boolean 12070 targetWWNs: 12071 description: 'targetWWNs is Optional: FC target worldwide 12072 names (WWNs)' 12073 items: 12074 type: string 12075 type: array 12076 wwids: 12077 description: 'wwids Optional: FC volume world wide identifiers 12078 (wwids) Either wwids or combination of targetWWNs 12079 and lun must be set, but not both simultaneously.' 12080 items: 12081 type: string 12082 type: array 12083 type: object 12084 flexVolume: 12085 description: flexVolume represents a generic volume resource 12086 that is provisioned/attached using an exec based plugin. 12087 properties: 12088 driver: 12089 description: driver is the name of the driver to use 12090 for this volume. 12091 type: string 12092 fsType: 12093 description: fsType is the filesystem type to mount. 12094 Must be a filesystem type supported by the host operating 12095 system. Ex. "ext4", "xfs", "ntfs". The default filesystem 12096 depends on FlexVolume script. 12097 type: string 12098 options: 12099 additionalProperties: 12100 type: string 12101 description: 'options is Optional: this field holds 12102 extra command options if any.' 12103 type: object 12104 readOnly: 12105 description: 'readOnly is Optional: defaults to false 12106 (read/write). ReadOnly here will force the ReadOnly 12107 setting in VolumeMounts.' 12108 type: boolean 12109 secretRef: 12110 description: 'secretRef is Optional: secretRef is reference 12111 to the secret object containing sensitive information 12112 to pass to the plugin scripts. This may be empty if 12113 no secret object is specified. If the secret object 12114 contains more than one secret, all secrets are passed 12115 to the plugin scripts.' 12116 properties: 12117 name: 12118 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 12119 TODO: Add other useful fields. apiVersion, kind, 12120 uid?' 12121 type: string 12122 type: object 12123 required: 12124 - driver 12125 type: object 12126 flocker: 12127 description: flocker represents a Flocker volume attached 12128 to a kubelet's host machine. This depends on the Flocker 12129 control service being running 12130 properties: 12131 datasetName: 12132 description: datasetName is Name of the dataset stored 12133 as metadata -> name on the dataset for Flocker should 12134 be considered as deprecated 12135 type: string 12136 datasetUUID: 12137 description: datasetUUID is the UUID of the dataset. 12138 This is unique identifier of a Flocker dataset 12139 type: string 12140 type: object 12141 gcePersistentDisk: 12142 description: 'gcePersistentDisk represents a GCE Disk resource 12143 that is attached to a kubelet''s host machine and then 12144 exposed to the pod. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk' 12145 properties: 12146 fsType: 12147 description: 'fsType is filesystem type of the volume 12148 that you want to mount. Tip: Ensure that the filesystem 12149 type is supported by the host operating system. Examples: 12150 "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" 12151 if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk 12152 TODO: how do we prevent errors in the filesystem from 12153 compromising the machine' 12154 type: string 12155 partition: 12156 description: 'partition is the partition in the volume 12157 that you want to mount. If omitted, the default is 12158 to mount by volume name. Examples: For volume /dev/sda1, 12159 you specify the partition as "1". Similarly, the volume 12160 partition for /dev/sda is "0" (or you can leave the 12161 property empty). More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk' 12162 format: int32 12163 type: integer 12164 pdName: 12165 description: 'pdName is unique name of the PD resource 12166 in GCE. Used to identify the disk in GCE. More info: 12167 https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk' 12168 type: string 12169 readOnly: 12170 description: 'readOnly here will force the ReadOnly 12171 setting in VolumeMounts. Defaults to false. More info: 12172 https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk' 12173 type: boolean 12174 required: 12175 - pdName 12176 type: object 12177 gitRepo: 12178 description: 'gitRepo represents a git repository at a particular 12179 revision. DEPRECATED: GitRepo is deprecated. To provision 12180 a container with a git repo, mount an EmptyDir into an 12181 InitContainer that clones the repo using git, then mount 12182 the EmptyDir into the Pod''s container.' 12183 properties: 12184 directory: 12185 description: directory is the target directory name. 12186 Must not contain or start with '..'. If '.' is supplied, 12187 the volume directory will be the git repository. Otherwise, 12188 if specified, the volume will contain the git repository 12189 in the subdirectory with the given name. 12190 type: string 12191 repository: 12192 description: repository is the URL 12193 type: string 12194 revision: 12195 description: revision is the commit hash for the specified 12196 revision. 12197 type: string 12198 required: 12199 - repository 12200 type: object 12201 glusterfs: 12202 description: 'glusterfs represents a Glusterfs mount on 12203 the host that shares a pod''s lifetime. More info: https://examples.k8s.io/volumes/glusterfs/README.md' 12204 properties: 12205 endpoints: 12206 description: 'endpoints is the endpoint name that details 12207 Glusterfs topology. More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod' 12208 type: string 12209 path: 12210 description: 'path is the Glusterfs volume path. More 12211 info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod' 12212 type: string 12213 readOnly: 12214 description: 'readOnly here will force the Glusterfs 12215 volume to be mounted with read-only permissions. Defaults 12216 to false. More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod' 12217 type: boolean 12218 required: 12219 - endpoints 12220 - path 12221 type: object 12222 hostPath: 12223 description: 'hostPath represents a pre-existing file or 12224 directory on the host machine that is directly exposed 12225 to the container. This is generally used for system agents 12226 or other privileged things that are allowed to see the 12227 host machine. Most containers will NOT need this. More 12228 info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath 12229 --- TODO(jonesdl) We need to restrict who can use host 12230 directory mounts and who can/can not mount host directories 12231 as read/write.' 12232 properties: 12233 path: 12234 description: 'path of the directory on the host. If 12235 the path is a symlink, it will follow the link to 12236 the real path. More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath' 12237 type: string 12238 type: 12239 description: 'type for HostPath Volume Defaults to "" 12240 More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath' 12241 type: string 12242 required: 12243 - path 12244 type: object 12245 iscsi: 12246 description: 'iscsi represents an ISCSI Disk resource that 12247 is attached to a kubelet''s host machine and then exposed 12248 to the pod. More info: https://examples.k8s.io/volumes/iscsi/README.md' 12249 properties: 12250 chapAuthDiscovery: 12251 description: chapAuthDiscovery defines whether support 12252 iSCSI Discovery CHAP authentication 12253 type: boolean 12254 chapAuthSession: 12255 description: chapAuthSession defines whether support 12256 iSCSI Session CHAP authentication 12257 type: boolean 12258 fsType: 12259 description: 'fsType is the filesystem type of the volume 12260 that you want to mount. Tip: Ensure that the filesystem 12261 type is supported by the host operating system. Examples: 12262 "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" 12263 if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#iscsi 12264 TODO: how do we prevent errors in the filesystem from 12265 compromising the machine' 12266 type: string 12267 initiatorName: 12268 description: initiatorName is the custom iSCSI Initiator 12269 Name. If initiatorName is specified with iscsiInterface 12270 simultaneously, new iSCSI interface <target portal>:<volume 12271 name> will be created for the connection. 12272 type: string 12273 iqn: 12274 description: iqn is the target iSCSI Qualified Name. 12275 type: string 12276 iscsiInterface: 12277 description: iscsiInterface is the interface Name that 12278 uses an iSCSI transport. Defaults to 'default' (tcp). 12279 type: string 12280 lun: 12281 description: lun represents iSCSI Target Lun number. 12282 format: int32 12283 type: integer 12284 portals: 12285 description: portals is the iSCSI Target Portal List. 12286 The portal is either an IP or ip_addr:port if the 12287 port is other than default (typically TCP ports 860 12288 and 3260). 12289 items: 12290 type: string 12291 type: array 12292 readOnly: 12293 description: readOnly here will force the ReadOnly setting 12294 in VolumeMounts. Defaults to false. 12295 type: boolean 12296 secretRef: 12297 description: secretRef is the CHAP Secret for iSCSI 12298 target and initiator authentication 12299 properties: 12300 name: 12301 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 12302 TODO: Add other useful fields. apiVersion, kind, 12303 uid?' 12304 type: string 12305 type: object 12306 targetPortal: 12307 description: targetPortal is iSCSI Target Portal. The 12308 Portal is either an IP or ip_addr:port if the port 12309 is other than default (typically TCP ports 860 and 12310 3260). 12311 type: string 12312 required: 12313 - iqn 12314 - lun 12315 - targetPortal 12316 type: object 12317 name: 12318 description: 'name of the volume. Must be a DNS_LABEL and 12319 unique within the pod. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' 12320 type: string 12321 nfs: 12322 description: 'nfs represents an NFS mount on the host that 12323 shares a pod''s lifetime More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs' 12324 properties: 12325 path: 12326 description: 'path that is exported by the NFS server. 12327 More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs' 12328 type: string 12329 readOnly: 12330 description: 'readOnly here will force the NFS export 12331 to be mounted with read-only permissions. Defaults 12332 to false. More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs' 12333 type: boolean 12334 server: 12335 description: 'server is the hostname or IP address of 12336 the NFS server. More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs' 12337 type: string 12338 required: 12339 - path 12340 - server 12341 type: object 12342 persistentVolumeClaim: 12343 description: 'persistentVolumeClaimVolumeSource represents 12344 a reference to a PersistentVolumeClaim in the same namespace. 12345 More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims' 12346 properties: 12347 claimName: 12348 description: 'claimName is the name of a PersistentVolumeClaim 12349 in the same namespace as the pod using this volume. 12350 More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims' 12351 type: string 12352 readOnly: 12353 description: readOnly Will force the ReadOnly setting 12354 in VolumeMounts. Default false. 12355 type: boolean 12356 required: 12357 - claimName 12358 type: object 12359 photonPersistentDisk: 12360 description: photonPersistentDisk represents a PhotonController 12361 persistent disk attached and mounted on kubelets host 12362 machine 12363 properties: 12364 fsType: 12365 description: fsType is the filesystem type to mount. 12366 Must be a filesystem type supported by the host operating 12367 system. Ex. "ext4", "xfs", "ntfs". Implicitly inferred 12368 to be "ext4" if unspecified. 12369 type: string 12370 pdID: 12371 description: pdID is the ID that identifies Photon Controller 12372 persistent disk 12373 type: string 12374 required: 12375 - pdID 12376 type: object 12377 portworxVolume: 12378 description: portworxVolume represents a portworx volume 12379 attached and mounted on kubelets host machine 12380 properties: 12381 fsType: 12382 description: fSType represents the filesystem type to 12383 mount Must be a filesystem type supported by the host 12384 operating system. Ex. "ext4", "xfs". Implicitly inferred 12385 to be "ext4" if unspecified. 12386 type: string 12387 readOnly: 12388 description: readOnly defaults to false (read/write). 12389 ReadOnly here will force the ReadOnly setting in VolumeMounts. 12390 type: boolean 12391 volumeID: 12392 description: volumeID uniquely identifies a Portworx 12393 volume 12394 type: string 12395 required: 12396 - volumeID 12397 type: object 12398 projected: 12399 description: projected items for all in one resources secrets, 12400 configmaps, and downward API 12401 properties: 12402 defaultMode: 12403 description: defaultMode are the mode bits used to set 12404 permissions on created files by default. Must be an 12405 octal value between 0000 and 0777 or a decimal value 12406 between 0 and 511. YAML accepts both octal and decimal 12407 values, JSON requires decimal values for mode bits. 12408 Directories within the path are not affected by this 12409 setting. This might be in conflict with other options 12410 that affect the file mode, like fsGroup, and the result 12411 can be other mode bits set. 12412 format: int32 12413 type: integer 12414 sources: 12415 description: sources is the list of volume projections 12416 items: 12417 description: Projection that may be projected along 12418 with other supported volume types 12419 properties: 12420 configMap: 12421 description: configMap information about the configMap 12422 data to project 12423 properties: 12424 items: 12425 description: items if unspecified, each key-value 12426 pair in the Data field of the referenced 12427 ConfigMap will be projected into the volume 12428 as a file whose name is the key and content 12429 is the value. If specified, the listed keys 12430 will be projected into the specified paths, 12431 and unlisted keys will not be present. If 12432 a key is specified which is not present 12433 in the ConfigMap, the volume setup will 12434 error unless it is marked optional. Paths 12435 must be relative and may not contain the 12436 '..' path or start with '..'. 12437 items: 12438 description: Maps a string key to a path 12439 within a volume. 12440 properties: 12441 key: 12442 description: key is the key to project. 12443 type: string 12444 mode: 12445 description: 'mode is Optional: mode 12446 bits used to set permissions on this 12447 file. Must be an octal value between 12448 0000 and 0777 or a decimal value between 12449 0 and 511. YAML accepts both octal 12450 and decimal values, JSON requires 12451 decimal values for mode bits. If not 12452 specified, the volume defaultMode 12453 will be used. This might be in conflict 12454 with other options that affect the 12455 file mode, like fsGroup, and the result 12456 can be other mode bits set.' 12457 format: int32 12458 type: integer 12459 path: 12460 description: path is the relative path 12461 of the file to map the key to. May 12462 not be an absolute path. May not contain 12463 the path element '..'. May not start 12464 with the string '..'. 12465 type: string 12466 required: 12467 - key 12468 - path 12469 type: object 12470 type: array 12471 name: 12472 description: 'Name of the referent. More info: 12473 https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 12474 TODO: Add other useful fields. apiVersion, 12475 kind, uid?' 12476 type: string 12477 optional: 12478 description: optional specify whether the 12479 ConfigMap or its keys must be defined 12480 type: boolean 12481 type: object 12482 downwardAPI: 12483 description: downwardAPI information about the 12484 downwardAPI data to project 12485 properties: 12486 items: 12487 description: Items is a list of DownwardAPIVolume 12488 file 12489 items: 12490 description: DownwardAPIVolumeFile represents 12491 information to create the file containing 12492 the pod field 12493 properties: 12494 fieldRef: 12495 description: 'Required: Selects a field 12496 of the pod: only annotations, labels, 12497 name and namespace are supported.' 12498 properties: 12499 apiVersion: 12500 description: Version of the schema 12501 the FieldPath is written in terms 12502 of, defaults to "v1". 12503 type: string 12504 fieldPath: 12505 description: Path of the field to 12506 select in the specified API version. 12507 type: string 12508 required: 12509 - fieldPath 12510 type: object 12511 mode: 12512 description: 'Optional: mode bits used 12513 to set permissions on this file, must 12514 be an octal value between 0000 and 12515 0777 or a decimal value between 0 12516 and 511. YAML accepts both octal and 12517 decimal values, JSON requires decimal 12518 values for mode bits. If not specified, 12519 the volume defaultMode will be used. 12520 This might be in conflict with other 12521 options that affect the file mode, 12522 like fsGroup, and the result can be 12523 other mode bits set.' 12524 format: int32 12525 type: integer 12526 path: 12527 description: 'Required: Path is the 12528 relative path name of the file to 12529 be created. Must not be absolute or 12530 contain the ''..'' path. Must be utf-8 12531 encoded. The first item of the relative 12532 path must not start with ''..''' 12533 type: string 12534 resourceFieldRef: 12535 description: 'Selects a resource of 12536 the container: only resources limits 12537 and requests (limits.cpu, limits.memory, 12538 requests.cpu and requests.memory) 12539 are currently supported.' 12540 properties: 12541 containerName: 12542 description: 'Container name: required 12543 for volumes, optional for env 12544 vars' 12545 type: string 12546 divisor: 12547 anyOf: 12548 - type: integer 12549 - type: string 12550 description: Specifies the output 12551 format of the exposed resources, 12552 defaults to "1" 12553 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 12554 x-kubernetes-int-or-string: true 12555 resource: 12556 description: 'Required: resource 12557 to select' 12558 type: string 12559 required: 12560 - resource 12561 type: object 12562 required: 12563 - path 12564 type: object 12565 type: array 12566 type: object 12567 secret: 12568 description: secret information about the secret 12569 data to project 12570 properties: 12571 items: 12572 description: items if unspecified, each key-value 12573 pair in the Data field of the referenced 12574 Secret will be projected into the volume 12575 as a file whose name is the key and content 12576 is the value. If specified, the listed keys 12577 will be projected into the specified paths, 12578 and unlisted keys will not be present. If 12579 a key is specified which is not present 12580 in the Secret, the volume setup will error 12581 unless it is marked optional. Paths must 12582 be relative and may not contain the '..' 12583 path or start with '..'. 12584 items: 12585 description: Maps a string key to a path 12586 within a volume. 12587 properties: 12588 key: 12589 description: key is the key to project. 12590 type: string 12591 mode: 12592 description: 'mode is Optional: mode 12593 bits used to set permissions on this 12594 file. Must be an octal value between 12595 0000 and 0777 or a decimal value between 12596 0 and 511. YAML accepts both octal 12597 and decimal values, JSON requires 12598 decimal values for mode bits. If not 12599 specified, the volume defaultMode 12600 will be used. This might be in conflict 12601 with other options that affect the 12602 file mode, like fsGroup, and the result 12603 can be other mode bits set.' 12604 format: int32 12605 type: integer 12606 path: 12607 description: path is the relative path 12608 of the file to map the key to. May 12609 not be an absolute path. May not contain 12610 the path element '..'. May not start 12611 with the string '..'. 12612 type: string 12613 required: 12614 - key 12615 - path 12616 type: object 12617 type: array 12618 name: 12619 description: 'Name of the referent. More info: 12620 https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 12621 TODO: Add other useful fields. apiVersion, 12622 kind, uid?' 12623 type: string 12624 optional: 12625 description: optional field specify whether 12626 the Secret or its key must be defined 12627 type: boolean 12628 type: object 12629 serviceAccountToken: 12630 description: serviceAccountToken is information 12631 about the serviceAccountToken data to project 12632 properties: 12633 audience: 12634 description: audience is the intended audience 12635 of the token. A recipient of a token must 12636 identify itself with an identifier specified 12637 in the audience of the token, and otherwise 12638 should reject the token. The audience defaults 12639 to the identifier of the apiserver. 12640 type: string 12641 expirationSeconds: 12642 description: expirationSeconds is the requested 12643 duration of validity of the service account 12644 token. As the token approaches expiration, 12645 the kubelet volume plugin will proactively 12646 rotate the service account token. The kubelet 12647 will start trying to rotate the token if 12648 the token is older than 80 percent of its 12649 time to live or if the token is older than 12650 24 hours.Defaults to 1 hour and must be 12651 at least 10 minutes. 12652 format: int64 12653 type: integer 12654 path: 12655 description: path is the path relative to 12656 the mount point of the file to project the 12657 token into. 12658 type: string 12659 required: 12660 - path 12661 type: object 12662 type: object 12663 type: array 12664 type: object 12665 quobyte: 12666 description: quobyte represents a Quobyte mount on the host 12667 that shares a pod's lifetime 12668 properties: 12669 group: 12670 description: group to map volume access to Default is 12671 no group 12672 type: string 12673 readOnly: 12674 description: readOnly here will force the Quobyte volume 12675 to be mounted with read-only permissions. Defaults 12676 to false. 12677 type: boolean 12678 registry: 12679 description: registry represents a single or multiple 12680 Quobyte Registry services specified as a string as 12681 host:port pair (multiple entries are separated with 12682 commas) which acts as the central registry for volumes 12683 type: string 12684 tenant: 12685 description: tenant owning the given Quobyte volume 12686 in the Backend Used with dynamically provisioned Quobyte 12687 volumes, value is set by the plugin 12688 type: string 12689 user: 12690 description: user to map volume access to Defaults to 12691 serivceaccount user 12692 type: string 12693 volume: 12694 description: volume is a string that references an already 12695 created Quobyte volume by name. 12696 type: string 12697 required: 12698 - registry 12699 - volume 12700 type: object 12701 rbd: 12702 description: 'rbd represents a Rados Block Device mount 12703 on the host that shares a pod''s lifetime. More info: 12704 https://examples.k8s.io/volumes/rbd/README.md' 12705 properties: 12706 fsType: 12707 description: 'fsType is the filesystem type of the volume 12708 that you want to mount. Tip: Ensure that the filesystem 12709 type is supported by the host operating system. Examples: 12710 "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" 12711 if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#rbd 12712 TODO: how do we prevent errors in the filesystem from 12713 compromising the machine' 12714 type: string 12715 image: 12716 description: 'image is the rados image name. More info: 12717 https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' 12718 type: string 12719 keyring: 12720 description: 'keyring is the path to key ring for RBDUser. 12721 Default is /etc/ceph/keyring. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' 12722 type: string 12723 monitors: 12724 description: 'monitors is a collection of Ceph monitors. 12725 More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' 12726 items: 12727 type: string 12728 type: array 12729 pool: 12730 description: 'pool is the rados pool name. Default is 12731 rbd. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' 12732 type: string 12733 readOnly: 12734 description: 'readOnly here will force the ReadOnly 12735 setting in VolumeMounts. Defaults to false. More info: 12736 https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' 12737 type: boolean 12738 secretRef: 12739 description: 'secretRef is name of the authentication 12740 secret for RBDUser. If provided overrides keyring. 12741 Default is nil. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' 12742 properties: 12743 name: 12744 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 12745 TODO: Add other useful fields. apiVersion, kind, 12746 uid?' 12747 type: string 12748 type: object 12749 user: 12750 description: 'user is the rados user name. Default is 12751 admin. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' 12752 type: string 12753 required: 12754 - image 12755 - monitors 12756 type: object 12757 scaleIO: 12758 description: scaleIO represents a ScaleIO persistent volume 12759 attached and mounted on Kubernetes nodes. 12760 properties: 12761 fsType: 12762 description: fsType is the filesystem type to mount. 12763 Must be a filesystem type supported by the host operating 12764 system. Ex. "ext4", "xfs", "ntfs". Default is "xfs". 12765 type: string 12766 gateway: 12767 description: gateway is the host address of the ScaleIO 12768 API Gateway. 12769 type: string 12770 protectionDomain: 12771 description: protectionDomain is the name of the ScaleIO 12772 Protection Domain for the configured storage. 12773 type: string 12774 readOnly: 12775 description: readOnly Defaults to false (read/write). 12776 ReadOnly here will force the ReadOnly setting in VolumeMounts. 12777 type: boolean 12778 secretRef: 12779 description: secretRef references to the secret for 12780 ScaleIO user and other sensitive information. If this 12781 is not provided, Login operation will fail. 12782 properties: 12783 name: 12784 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 12785 TODO: Add other useful fields. apiVersion, kind, 12786 uid?' 12787 type: string 12788 type: object 12789 sslEnabled: 12790 description: sslEnabled Flag enable/disable SSL communication 12791 with Gateway, default false 12792 type: boolean 12793 storageMode: 12794 description: storageMode indicates whether the storage 12795 for a volume should be ThickProvisioned or ThinProvisioned. 12796 Default is ThinProvisioned. 12797 type: string 12798 storagePool: 12799 description: storagePool is the ScaleIO Storage Pool 12800 associated with the protection domain. 12801 type: string 12802 system: 12803 description: system is the name of the storage system 12804 as configured in ScaleIO. 12805 type: string 12806 volumeName: 12807 description: volumeName is the name of a volume already 12808 created in the ScaleIO system that is associated with 12809 this volume source. 12810 type: string 12811 required: 12812 - gateway 12813 - secretRef 12814 - system 12815 type: object 12816 secret: 12817 description: 'secret represents a secret that should populate 12818 this volume. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret' 12819 properties: 12820 defaultMode: 12821 description: 'defaultMode is Optional: mode bits used 12822 to set permissions on created files by default. Must 12823 be an octal value between 0000 and 0777 or a decimal 12824 value between 0 and 511. YAML accepts both octal and 12825 decimal values, JSON requires decimal values for mode 12826 bits. Defaults to 0644. Directories within the path 12827 are not affected by this setting. This might be in 12828 conflict with other options that affect the file mode, 12829 like fsGroup, and the result can be other mode bits 12830 set.' 12831 format: int32 12832 type: integer 12833 items: 12834 description: items If unspecified, each key-value pair 12835 in the Data field of the referenced Secret will be 12836 projected into the volume as a file whose name is 12837 the key and content is the value. If specified, the 12838 listed keys will be projected into the specified paths, 12839 and unlisted keys will not be present. If a key is 12840 specified which is not present in the Secret, the 12841 volume setup will error unless it is marked optional. 12842 Paths must be relative and may not contain the '..' 12843 path or start with '..'. 12844 items: 12845 description: Maps a string key to a path within a 12846 volume. 12847 properties: 12848 key: 12849 description: key is the key to project. 12850 type: string 12851 mode: 12852 description: 'mode is Optional: mode bits used 12853 to set permissions on this file. Must be an 12854 octal value between 0000 and 0777 or a decimal 12855 value between 0 and 511. YAML accepts both octal 12856 and decimal values, JSON requires decimal values 12857 for mode bits. If not specified, the volume 12858 defaultMode will be used. This might be in conflict 12859 with other options that affect the file mode, 12860 like fsGroup, and the result can be other mode 12861 bits set.' 12862 format: int32 12863 type: integer 12864 path: 12865 description: path is the relative path of the 12866 file to map the key to. May not be an absolute 12867 path. May not contain the path element '..'. 12868 May not start with the string '..'. 12869 type: string 12870 required: 12871 - key 12872 - path 12873 type: object 12874 type: array 12875 optional: 12876 description: optional field specify whether the Secret 12877 or its keys must be defined 12878 type: boolean 12879 secretName: 12880 description: 'secretName is the name of the secret in 12881 the pod''s namespace to use. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret' 12882 type: string 12883 type: object 12884 storageos: 12885 description: storageOS represents a StorageOS volume attached 12886 and mounted on Kubernetes nodes. 12887 properties: 12888 fsType: 12889 description: fsType is the filesystem type to mount. 12890 Must be a filesystem type supported by the host operating 12891 system. Ex. "ext4", "xfs", "ntfs". Implicitly inferred 12892 to be "ext4" if unspecified. 12893 type: string 12894 readOnly: 12895 description: readOnly defaults to false (read/write). 12896 ReadOnly here will force the ReadOnly setting in VolumeMounts. 12897 type: boolean 12898 secretRef: 12899 description: secretRef specifies the secret to use for 12900 obtaining the StorageOS API credentials. If not specified, 12901 default values will be attempted. 12902 properties: 12903 name: 12904 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 12905 TODO: Add other useful fields. apiVersion, kind, 12906 uid?' 12907 type: string 12908 type: object 12909 volumeName: 12910 description: volumeName is the human-readable name of 12911 the StorageOS volume. Volume names are only unique 12912 within a namespace. 12913 type: string 12914 volumeNamespace: 12915 description: volumeNamespace specifies the scope of 12916 the volume within StorageOS. If no namespace is specified 12917 then the Pod's namespace will be used. This allows 12918 the Kubernetes name scoping to be mirrored within 12919 StorageOS for tighter integration. Set VolumeName 12920 to any name to override the default behaviour. Set 12921 to "default" if you are not using namespaces within 12922 StorageOS. Namespaces that do not pre-exist within 12923 StorageOS will be created. 12924 type: string 12925 type: object 12926 vsphereVolume: 12927 description: vsphereVolume represents a vSphere volume attached 12928 and mounted on kubelets host machine 12929 properties: 12930 fsType: 12931 description: fsType is filesystem type to mount. Must 12932 be a filesystem type supported by the host operating 12933 system. Ex. "ext4", "xfs", "ntfs". Implicitly inferred 12934 to be "ext4" if unspecified. 12935 type: string 12936 storagePolicyID: 12937 description: storagePolicyID is the storage Policy Based 12938 Management (SPBM) profile ID associated with the StoragePolicyName. 12939 type: string 12940 storagePolicyName: 12941 description: storagePolicyName is the storage Policy 12942 Based Management (SPBM) profile name. 12943 type: string 12944 volumePath: 12945 description: volumePath is the path that identifies 12946 vSphere volume vmdk 12947 type: string 12948 required: 12949 - volumePath 12950 type: object 12951 required: 12952 - name 12953 type: object 12954 type: array 12955 type: object 12956 repositoryCredentials: 12957 description: RepositoryCredentials are the Git pull credentials to 12958 configure Argo CD with upon creation of the cluster. 12959 type: string 12960 resourceActions: 12961 description: ResourceActions customizes resource action behavior. 12962 items: 12963 description: Resource Customization for custom action 12964 properties: 12965 action: 12966 type: string 12967 group: 12968 type: string 12969 kind: 12970 type: string 12971 type: object 12972 type: array 12973 resourceExclusions: 12974 description: ResourceExclusions is used to completely ignore entire 12975 classes of resource group/kinds. 12976 type: string 12977 resourceHealthChecks: 12978 description: ResourceHealthChecks customizes resource health check 12979 behavior. 12980 items: 12981 description: Resource Customization for custom health check 12982 properties: 12983 check: 12984 type: string 12985 group: 12986 type: string 12987 kind: 12988 type: string 12989 type: object 12990 type: array 12991 resourceIgnoreDifferences: 12992 description: ResourceIgnoreDifferences customizes resource ignore 12993 difference behavior. 12994 properties: 12995 all: 12996 properties: 12997 jqPathExpressions: 12998 items: 12999 type: string 13000 type: array 13001 jsonPointers: 13002 items: 13003 type: string 13004 type: array 13005 managedFieldsManagers: 13006 items: 13007 type: string 13008 type: array 13009 type: object 13010 resourceIdentifiers: 13011 items: 13012 description: Resource Customization fields for ignore difference 13013 properties: 13014 customization: 13015 properties: 13016 jqPathExpressions: 13017 items: 13018 type: string 13019 type: array 13020 jsonPointers: 13021 items: 13022 type: string 13023 type: array 13024 managedFieldsManagers: 13025 items: 13026 type: string 13027 type: array 13028 type: object 13029 group: 13030 type: string 13031 kind: 13032 type: string 13033 type: object 13034 type: array 13035 type: object 13036 resourceInclusions: 13037 description: ResourceInclusions is used to only include specific group/kinds 13038 in the reconciliation process. 13039 type: string 13040 resourceTrackingMethod: 13041 description: ResourceTrackingMethod defines how Argo CD should track 13042 resources that it manages 13043 type: string 13044 server: 13045 description: Server defines the options for the ArgoCD Server component. 13046 properties: 13047 autoscale: 13048 description: Autoscale defines the autoscale options for the Argo 13049 CD Server component. 13050 properties: 13051 enabled: 13052 description: Enabled will toggle autoscaling support for the 13053 Argo CD Server component. 13054 type: boolean 13055 hpa: 13056 description: HPA defines the HorizontalPodAutoscaler options 13057 for the Argo CD Server component. 13058 properties: 13059 maxReplicas: 13060 description: maxReplicas is the upper limit for the number 13061 of pods that can be set by the autoscaler; cannot be 13062 smaller than MinReplicas. 13063 format: int32 13064 type: integer 13065 minReplicas: 13066 description: minReplicas is the lower limit for the number 13067 of replicas to which the autoscaler can scale down. It 13068 defaults to 1 pod. minReplicas is allowed to be 0 if 13069 the alpha feature gate HPAScaleToZero is enabled and 13070 at least one Object or External metric is configured. Scaling 13071 is active as long as at least one metric value is available. 13072 format: int32 13073 type: integer 13074 scaleTargetRef: 13075 description: reference to scaled resource; horizontal 13076 pod autoscaler will learn the current resource consumption 13077 and will set the desired number of pods by using its 13078 Scale subresource. 13079 properties: 13080 apiVersion: 13081 description: apiVersion is the API version of the 13082 referent 13083 type: string 13084 kind: 13085 description: 'kind is the kind of the referent; More 13086 info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' 13087 type: string 13088 name: 13089 description: 'name is the name of the referent; More 13090 info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' 13091 type: string 13092 required: 13093 - kind 13094 - name 13095 type: object 13096 targetCPUUtilizationPercentage: 13097 description: targetCPUUtilizationPercentage is the target 13098 average CPU utilization (represented as a percentage 13099 of requested CPU) over all the pods; if not specified 13100 the default autoscaling policy will be used. 13101 format: int32 13102 type: integer 13103 required: 13104 - maxReplicas 13105 - scaleTargetRef 13106 type: object 13107 required: 13108 - enabled 13109 type: object 13110 enabled: 13111 description: Enabled is the flag to enable ArgoCD Server during 13112 ArgoCD installation. (optional, default `true`) 13113 type: boolean 13114 env: 13115 description: Env lets you specify environment for API server pods 13116 items: 13117 description: EnvVar represents an environment variable present 13118 in a Container. 13119 properties: 13120 name: 13121 description: Name of the environment variable. Must be a 13122 C_IDENTIFIER. 13123 type: string 13124 value: 13125 description: 'Variable references $(VAR_NAME) are expanded 13126 using the previously defined environment variables in 13127 the container and any service environment variables. If 13128 a variable cannot be resolved, the reference in the input 13129 string will be unchanged. Double $$ are reduced to a single 13130 $, which allows for escaping the $(VAR_NAME) syntax: i.e. 13131 "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". 13132 Escaped references will never be expanded, regardless 13133 of whether the variable exists or not. Defaults to "".' 13134 type: string 13135 valueFrom: 13136 description: Source for the environment variable's value. 13137 Cannot be used if value is not empty. 13138 properties: 13139 configMapKeyRef: 13140 description: Selects a key of a ConfigMap. 13141 properties: 13142 key: 13143 description: The key to select. 13144 type: string 13145 name: 13146 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 13147 TODO: Add other useful fields. apiVersion, kind, 13148 uid?' 13149 type: string 13150 optional: 13151 description: Specify whether the ConfigMap or its 13152 key must be defined 13153 type: boolean 13154 required: 13155 - key 13156 type: object 13157 fieldRef: 13158 description: 'Selects a field of the pod: supports metadata.name, 13159 metadata.namespace, `metadata.labels[''<KEY>'']`, 13160 `metadata.annotations[''<KEY>'']`, spec.nodeName, 13161 spec.serviceAccountName, status.hostIP, status.podIP, 13162 status.podIPs.' 13163 properties: 13164 apiVersion: 13165 description: Version of the schema the FieldPath 13166 is written in terms of, defaults to "v1". 13167 type: string 13168 fieldPath: 13169 description: Path of the field to select in the 13170 specified API version. 13171 type: string 13172 required: 13173 - fieldPath 13174 type: object 13175 resourceFieldRef: 13176 description: 'Selects a resource of the container: only 13177 resources limits and requests (limits.cpu, limits.memory, 13178 limits.ephemeral-storage, requests.cpu, requests.memory 13179 and requests.ephemeral-storage) are currently supported.' 13180 properties: 13181 containerName: 13182 description: 'Container name: required for volumes, 13183 optional for env vars' 13184 type: string 13185 divisor: 13186 anyOf: 13187 - type: integer 13188 - type: string 13189 description: Specifies the output format of the 13190 exposed resources, defaults to "1" 13191 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 13192 x-kubernetes-int-or-string: true 13193 resource: 13194 description: 'Required: resource to select' 13195 type: string 13196 required: 13197 - resource 13198 type: object 13199 secretKeyRef: 13200 description: Selects a key of a secret in the pod's 13201 namespace 13202 properties: 13203 key: 13204 description: The key of the secret to select from. Must 13205 be a valid secret key. 13206 type: string 13207 name: 13208 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 13209 TODO: Add other useful fields. apiVersion, kind, 13210 uid?' 13211 type: string 13212 optional: 13213 description: Specify whether the Secret or its key 13214 must be defined 13215 type: boolean 13216 required: 13217 - key 13218 type: object 13219 type: object 13220 required: 13221 - name 13222 type: object 13223 type: array 13224 extraCommandArgs: 13225 description: Extra Command arguments that would append to the 13226 Argo CD server command. ExtraCommandArgs will not be added, 13227 if one of these commands is already part of the server command 13228 with same or different value. 13229 items: 13230 type: string 13231 type: array 13232 grpc: 13233 description: GRPC defines the state for the Argo CD Server GRPC 13234 options. 13235 properties: 13236 host: 13237 description: Host is the hostname to use for Ingress/Route 13238 resources. 13239 type: string 13240 ingress: 13241 description: Ingress defines the desired state for the Argo 13242 CD Server GRPC Ingress. 13243 properties: 13244 annotations: 13245 additionalProperties: 13246 type: string 13247 description: Annotations is the map of annotations to 13248 apply to the Ingress. 13249 type: object 13250 enabled: 13251 description: Enabled will toggle the creation of the Ingress. 13252 type: boolean 13253 ingressClassName: 13254 description: IngressClassName for the Ingress resource. 13255 type: string 13256 path: 13257 description: Path used for the Ingress resource. 13258 type: string 13259 tls: 13260 description: TLS configuration. Currently the Ingress 13261 only supports a single TLS port, 443. If multiple members 13262 of this list specify different hosts, they will be multiplexed 13263 on the same port according to the hostname specified 13264 through the SNI TLS extension, if the ingress controller 13265 fulfilling the ingress supports SNI. 13266 items: 13267 description: IngressTLS describes the transport layer 13268 security associated with an ingress. 13269 properties: 13270 hosts: 13271 description: hosts is a list of hosts included in 13272 the TLS certificate. The values in this list must 13273 match the name/s used in the tlsSecret. Defaults 13274 to the wildcard host setting for the loadbalancer 13275 controller fulfilling this Ingress, if left unspecified. 13276 items: 13277 type: string 13278 type: array 13279 x-kubernetes-list-type: atomic 13280 secretName: 13281 description: secretName is the name of the secret 13282 used to terminate TLS traffic on port 443. Field 13283 is left optional to allow TLS routing based on 13284 SNI hostname alone. If the SNI host in a listener 13285 conflicts with the "Host" header field used by 13286 an IngressRule, the SNI host is used for termination 13287 and value of the "Host" header is used for routing. 13288 type: string 13289 type: object 13290 type: array 13291 required: 13292 - enabled 13293 type: object 13294 type: object 13295 host: 13296 description: Host is the hostname to use for Ingress/Route resources. 13297 type: string 13298 ingress: 13299 description: Ingress defines the desired state for an Ingress 13300 for the Argo CD Server component. 13301 properties: 13302 annotations: 13303 additionalProperties: 13304 type: string 13305 description: Annotations is the map of annotations to apply 13306 to the Ingress. 13307 type: object 13308 enabled: 13309 description: Enabled will toggle the creation of the Ingress. 13310 type: boolean 13311 ingressClassName: 13312 description: IngressClassName for the Ingress resource. 13313 type: string 13314 path: 13315 description: Path used for the Ingress resource. 13316 type: string 13317 tls: 13318 description: TLS configuration. Currently the Ingress only 13319 supports a single TLS port, 443. If multiple members of 13320 this list specify different hosts, they will be multiplexed 13321 on the same port according to the hostname specified through 13322 the SNI TLS extension, if the ingress controller fulfilling 13323 the ingress supports SNI. 13324 items: 13325 description: IngressTLS describes the transport layer security 13326 associated with an ingress. 13327 properties: 13328 hosts: 13329 description: hosts is a list of hosts included in the 13330 TLS certificate. The values in this list must match 13331 the name/s used in the tlsSecret. Defaults to the 13332 wildcard host setting for the loadbalancer controller 13333 fulfilling this Ingress, if left unspecified. 13334 items: 13335 type: string 13336 type: array 13337 x-kubernetes-list-type: atomic 13338 secretName: 13339 description: secretName is the name of the secret used 13340 to terminate TLS traffic on port 443. Field is left 13341 optional to allow TLS routing based on SNI hostname 13342 alone. If the SNI host in a listener conflicts with 13343 the "Host" header field used by an IngressRule, the 13344 SNI host is used for termination and value of the 13345 "Host" header is used for routing. 13346 type: string 13347 type: object 13348 type: array 13349 required: 13350 - enabled 13351 type: object 13352 insecure: 13353 description: Insecure toggles the insecure flag. 13354 type: boolean 13355 logFormat: 13356 description: LogFormat refers to the log level to be used by the 13357 ArgoCD Server component. Defaults to ArgoCDDefaultLogFormat 13358 if not configured. Valid options are text or json. 13359 type: string 13360 logLevel: 13361 description: LogLevel refers to the log level to be used by the 13362 ArgoCD Server component. Defaults to ArgoCDDefaultLogLevel if 13363 not set. Valid options are debug, info, error, and warn. 13364 type: string 13365 replicas: 13366 description: Replicas defines the number of replicas for argocd-server. 13367 Default is nil. Value should be greater than or equal to 0. 13368 Value will be ignored if Autoscaler is enabled. 13369 format: int32 13370 type: integer 13371 resources: 13372 description: Resources defines the Compute Resources required 13373 by the container for the Argo CD server component. 13374 properties: 13375 claims: 13376 description: "Claims lists the names of resources, defined 13377 in spec.resourceClaims, that are used by this container. 13378 \n This is an alpha field and requires enabling the DynamicResourceAllocation 13379 feature gate. \n This field is immutable. It can only be 13380 set for containers." 13381 items: 13382 description: ResourceClaim references one entry in PodSpec.ResourceClaims. 13383 properties: 13384 name: 13385 description: Name must match the name of one entry in 13386 pod.spec.resourceClaims of the Pod where this field 13387 is used. It makes that resource available inside a 13388 container. 13389 type: string 13390 required: 13391 - name 13392 type: object 13393 type: array 13394 x-kubernetes-list-map-keys: 13395 - name 13396 x-kubernetes-list-type: map 13397 limits: 13398 additionalProperties: 13399 anyOf: 13400 - type: integer 13401 - type: string 13402 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 13403 x-kubernetes-int-or-string: true 13404 description: 'Limits describes the maximum amount of compute 13405 resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' 13406 type: object 13407 requests: 13408 additionalProperties: 13409 anyOf: 13410 - type: integer 13411 - type: string 13412 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 13413 x-kubernetes-int-or-string: true 13414 description: 'Requests describes the minimum amount of compute 13415 resources required. If Requests is omitted for a container, 13416 it defaults to Limits if that is explicitly specified, otherwise 13417 to an implementation-defined value. Requests cannot exceed 13418 Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' 13419 type: object 13420 type: object 13421 route: 13422 description: Route defines the desired state for an OpenShift 13423 Route for the Argo CD Server component. 13424 properties: 13425 annotations: 13426 additionalProperties: 13427 type: string 13428 description: Annotations is the map of annotations to use 13429 for the Route resource. 13430 type: object 13431 enabled: 13432 description: Enabled will toggle the creation of the OpenShift 13433 Route. 13434 type: boolean 13435 labels: 13436 additionalProperties: 13437 type: string 13438 description: Labels is the map of labels to use for the Route 13439 resource 13440 type: object 13441 path: 13442 description: Path the router watches for, to route traffic 13443 for to the service. 13444 type: string 13445 tls: 13446 description: TLS provides the ability to configure certificates 13447 and termination for the Route. 13448 properties: 13449 caCertificate: 13450 description: caCertificate provides the cert authority 13451 certificate contents 13452 type: string 13453 certificate: 13454 description: certificate provides certificate contents 13455 type: string 13456 destinationCACertificate: 13457 description: destinationCACertificate provides the contents 13458 of the ca certificate of the final destination. When 13459 using reencrypt termination this file should be provided 13460 in order to have routers use it for health checks on 13461 the secure connection. If this field is not specified, 13462 the router may provide its own destination CA and perform 13463 hostname validation using the short service name (service.namespace.svc), 13464 which allows infrastructure generated certificates to 13465 automatically verify. 13466 type: string 13467 insecureEdgeTerminationPolicy: 13468 description: "insecureEdgeTerminationPolicy indicates 13469 the desired behavior for insecure connections to a route. 13470 While each router may make its own decisions on which 13471 ports to expose, this is normally port 80. \n * Allow 13472 - traffic is sent to the server on the insecure port 13473 (default) * Disable - no traffic is allowed on the insecure 13474 port. * Redirect - clients are redirected to the secure 13475 port." 13476 type: string 13477 key: 13478 description: key provides key file contents 13479 type: string 13480 termination: 13481 description: termination indicates termination type. 13482 type: string 13483 required: 13484 - termination 13485 type: object 13486 wildcardPolicy: 13487 description: WildcardPolicy if any for the route. Currently 13488 only 'Subdomain' or 'None' is allowed. 13489 type: string 13490 required: 13491 - enabled 13492 type: object 13493 service: 13494 description: Service defines the options for the Service backing 13495 the ArgoCD Server component. 13496 properties: 13497 type: 13498 description: Type is the ServiceType to use for the Service 13499 resource. 13500 type: string 13501 required: 13502 - type 13503 type: object 13504 type: object 13505 sourceNamespaces: 13506 description: SourceNamespaces defines the namespaces application resources 13507 are allowed to be created in 13508 items: 13509 type: string 13510 type: array 13511 sso: 13512 description: SSO defines the Single Sign-on configuration for Argo 13513 CD 13514 properties: 13515 dex: 13516 description: Dex contains the configuration for Argo CD dex authentication 13517 properties: 13518 config: 13519 description: Config is the dex connector configuration. 13520 type: string 13521 env: 13522 description: Env lets you specify environment variables for 13523 Dex. 13524 items: 13525 description: EnvVar represents an environment variable present 13526 in a Container. 13527 properties: 13528 name: 13529 description: Name of the environment variable. Must 13530 be a C_IDENTIFIER. 13531 type: string 13532 value: 13533 description: 'Variable references $(VAR_NAME) are expanded 13534 using the previously defined environment variables 13535 in the container and any service environment variables. 13536 If a variable cannot be resolved, the reference in 13537 the input string will be unchanged. Double $$ are 13538 reduced to a single $, which allows for escaping the 13539 $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" will produce 13540 the string literal "$(VAR_NAME)". Escaped references 13541 will never be expanded, regardless of whether the 13542 variable exists or not. Defaults to "".' 13543 type: string 13544 valueFrom: 13545 description: Source for the environment variable's value. 13546 Cannot be used if value is not empty. 13547 properties: 13548 configMapKeyRef: 13549 description: Selects a key of a ConfigMap. 13550 properties: 13551 key: 13552 description: The key to select. 13553 type: string 13554 name: 13555 description: 'Name of the referent. More info: 13556 https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 13557 TODO: Add other useful fields. apiVersion, 13558 kind, uid?' 13559 type: string 13560 optional: 13561 description: Specify whether the ConfigMap or 13562 its key must be defined 13563 type: boolean 13564 required: 13565 - key 13566 type: object 13567 fieldRef: 13568 description: 'Selects a field of the pod: supports 13569 metadata.name, metadata.namespace, `metadata.labels[''<KEY>'']`, 13570 `metadata.annotations[''<KEY>'']`, spec.nodeName, 13571 spec.serviceAccountName, status.hostIP, status.podIP, 13572 status.podIPs.' 13573 properties: 13574 apiVersion: 13575 description: Version of the schema the FieldPath 13576 is written in terms of, defaults to "v1". 13577 type: string 13578 fieldPath: 13579 description: Path of the field to select in 13580 the specified API version. 13581 type: string 13582 required: 13583 - fieldPath 13584 type: object 13585 resourceFieldRef: 13586 description: 'Selects a resource of the container: 13587 only resources limits and requests (limits.cpu, 13588 limits.memory, limits.ephemeral-storage, requests.cpu, 13589 requests.memory and requests.ephemeral-storage) 13590 are currently supported.' 13591 properties: 13592 containerName: 13593 description: 'Container name: required for volumes, 13594 optional for env vars' 13595 type: string 13596 divisor: 13597 anyOf: 13598 - type: integer 13599 - type: string 13600 description: Specifies the output format of 13601 the exposed resources, defaults to "1" 13602 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 13603 x-kubernetes-int-or-string: true 13604 resource: 13605 description: 'Required: resource to select' 13606 type: string 13607 required: 13608 - resource 13609 type: object 13610 secretKeyRef: 13611 description: Selects a key of a secret in the pod's 13612 namespace 13613 properties: 13614 key: 13615 description: The key of the secret to select 13616 from. Must be a valid secret key. 13617 type: string 13618 name: 13619 description: 'Name of the referent. More info: 13620 https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 13621 TODO: Add other useful fields. apiVersion, 13622 kind, uid?' 13623 type: string 13624 optional: 13625 description: Specify whether the Secret or its 13626 key must be defined 13627 type: boolean 13628 required: 13629 - key 13630 type: object 13631 type: object 13632 required: 13633 - name 13634 type: object 13635 type: array 13636 groups: 13637 description: Optional list of required groups a user must 13638 be a member of 13639 items: 13640 type: string 13641 type: array 13642 image: 13643 description: Image is the Dex container image. 13644 type: string 13645 openShiftOAuth: 13646 description: OpenShiftOAuth enables OpenShift OAuth authentication 13647 for the Dex server. 13648 type: boolean 13649 resources: 13650 description: Resources defines the Compute Resources required 13651 by the container for Dex. 13652 properties: 13653 claims: 13654 description: "Claims lists the names of resources, defined 13655 in spec.resourceClaims, that are used by this container. 13656 \n This is an alpha field and requires enabling the 13657 DynamicResourceAllocation feature gate. \n This field 13658 is immutable. It can only be set for containers." 13659 items: 13660 description: ResourceClaim references one entry in PodSpec.ResourceClaims. 13661 properties: 13662 name: 13663 description: Name must match the name of one entry 13664 in pod.spec.resourceClaims of the Pod where this 13665 field is used. It makes that resource available 13666 inside a container. 13667 type: string 13668 required: 13669 - name 13670 type: object 13671 type: array 13672 x-kubernetes-list-map-keys: 13673 - name 13674 x-kubernetes-list-type: map 13675 limits: 13676 additionalProperties: 13677 anyOf: 13678 - type: integer 13679 - type: string 13680 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 13681 x-kubernetes-int-or-string: true 13682 description: 'Limits describes the maximum amount of compute 13683 resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' 13684 type: object 13685 requests: 13686 additionalProperties: 13687 anyOf: 13688 - type: integer 13689 - type: string 13690 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 13691 x-kubernetes-int-or-string: true 13692 description: 'Requests describes the minimum amount of 13693 compute resources required. If Requests is omitted for 13694 a container, it defaults to Limits if that is explicitly 13695 specified, otherwise to an implementation-defined value. 13696 Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' 13697 type: object 13698 type: object 13699 version: 13700 description: Version is the Dex container image tag. 13701 type: string 13702 type: object 13703 keycloak: 13704 description: Keycloak contains the configuration for Argo CD keycloak 13705 authentication 13706 properties: 13707 image: 13708 description: Image is the Keycloak container image. 13709 type: string 13710 resources: 13711 description: Resources defines the Compute Resources required 13712 by the container for Keycloak. 13713 properties: 13714 claims: 13715 description: "Claims lists the names of resources, defined 13716 in spec.resourceClaims, that are used by this container. 13717 \n This is an alpha field and requires enabling the 13718 DynamicResourceAllocation feature gate. \n This field 13719 is immutable. It can only be set for containers." 13720 items: 13721 description: ResourceClaim references one entry in PodSpec.ResourceClaims. 13722 properties: 13723 name: 13724 description: Name must match the name of one entry 13725 in pod.spec.resourceClaims of the Pod where this 13726 field is used. It makes that resource available 13727 inside a container. 13728 type: string 13729 required: 13730 - name 13731 type: object 13732 type: array 13733 x-kubernetes-list-map-keys: 13734 - name 13735 x-kubernetes-list-type: map 13736 limits: 13737 additionalProperties: 13738 anyOf: 13739 - type: integer 13740 - type: string 13741 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 13742 x-kubernetes-int-or-string: true 13743 description: 'Limits describes the maximum amount of compute 13744 resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' 13745 type: object 13746 requests: 13747 additionalProperties: 13748 anyOf: 13749 - type: integer 13750 - type: string 13751 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 13752 x-kubernetes-int-or-string: true 13753 description: 'Requests describes the minimum amount of 13754 compute resources required. If Requests is omitted for 13755 a container, it defaults to Limits if that is explicitly 13756 specified, otherwise to an implementation-defined value. 13757 Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' 13758 type: object 13759 type: object 13760 rootCA: 13761 description: Custom root CA certificate for communicating 13762 with the Keycloak OIDC provider 13763 type: string 13764 verifyTLS: 13765 description: VerifyTLS set to false disables strict TLS validation. 13766 type: boolean 13767 version: 13768 description: Version is the Keycloak container image tag. 13769 type: string 13770 type: object 13771 provider: 13772 description: Provider installs and configures the given SSO Provider 13773 with Argo CD. 13774 type: string 13775 type: object 13776 statusBadgeEnabled: 13777 description: StatusBadgeEnabled toggles application status badge feature. 13778 type: boolean 13779 tls: 13780 description: TLS defines the TLS options for ArgoCD. 13781 properties: 13782 ca: 13783 description: CA defines the CA options. 13784 properties: 13785 configMapName: 13786 description: ConfigMapName is the name of the ConfigMap containing 13787 the CA Certificate. 13788 type: string 13789 secretName: 13790 description: SecretName is the name of the Secret containing 13791 the CA Certificate and Key. 13792 type: string 13793 type: object 13794 initialCerts: 13795 additionalProperties: 13796 type: string 13797 description: InitialCerts defines custom TLS certificates upon 13798 creation of the cluster for connecting Git repositories via 13799 HTTPS. 13800 type: object 13801 type: object 13802 usersAnonymousEnabled: 13803 description: UsersAnonymousEnabled toggles anonymous user access. 13804 The anonymous users get default role permissions specified argocd-rbac-cm. 13805 type: boolean 13806 version: 13807 description: Version is the tag to use with the ArgoCD container image 13808 for all ArgoCD components. 13809 type: string 13810 type: object 13811 status: 13812 description: ArgoCDStatus defines the observed state of ArgoCD 13813 properties: 13814 applicationController: 13815 description: 'ApplicationController is a simple, high-level summary 13816 of where the Argo CD application controller component is in its 13817 lifecycle. There are four possible ApplicationController values: 13818 Pending: The Argo CD application controller component has been accepted 13819 by the Kubernetes system, but one or more of the required resources 13820 have not been created. Running: All of the required Pods for the 13821 Argo CD application controller component are in a Ready state. Failed: 13822 At least one of the Argo CD application controller component Pods 13823 had a failure. Unknown: The state of the Argo CD application controller 13824 component could not be obtained.' 13825 type: string 13826 applicationSetController: 13827 description: 'ApplicationSetController is a simple, high-level summary 13828 of where the Argo CD applicationSet controller component is in its 13829 lifecycle. There are four possible ApplicationSetController values: 13830 Pending: The Argo CD applicationSet controller component has been 13831 accepted by the Kubernetes system, but one or more of the required 13832 resources have not been created. Running: All of the required Pods 13833 for the Argo CD applicationSet controller component are in a Ready 13834 state. Failed: At least one of the Argo CD applicationSet controller 13835 component Pods had a failure. Unknown: The state of the Argo CD 13836 applicationSet controller component could not be obtained.' 13837 type: string 13838 host: 13839 description: Host is the hostname of the Ingress. 13840 type: string 13841 notificationsController: 13842 description: 'NotificationsController is a simple, high-level summary 13843 of where the Argo CD notifications controller component is in its 13844 lifecycle. There are four possible NotificationsController values: 13845 Pending: The Argo CD notifications controller component has been 13846 accepted by the Kubernetes system, but one or more of the required 13847 resources have not been created. Running: All of the required Pods 13848 for the Argo CD notifications controller component are in a Ready 13849 state. Failed: At least one of the Argo CD notifications controller 13850 component Pods had a failure. Unknown: The state of the Argo CD 13851 notifications controller component could not be obtained.' 13852 type: string 13853 phase: 13854 description: 'Phase is a simple, high-level summary of where the ArgoCD 13855 is in its lifecycle. There are four possible phase values: Pending: 13856 The ArgoCD has been accepted by the Kubernetes system, but one or 13857 more of the required resources have not been created. Available: 13858 All of the resources for the ArgoCD are ready. Failed: At least 13859 one resource has experienced a failure. Unknown: The state of the 13860 ArgoCD phase could not be obtained.' 13861 type: string 13862 redis: 13863 description: 'Redis is a simple, high-level summary of where the Argo 13864 CD Redis component is in its lifecycle. There are four possible 13865 redis values: Pending: The Argo CD Redis component has been accepted 13866 by the Kubernetes system, but one or more of the required resources 13867 have not been created. Running: All of the required Pods for the 13868 Argo CD Redis component are in a Ready state. Failed: At least one 13869 of the Argo CD Redis component Pods had a failure. Unknown: The 13870 state of the Argo CD Redis component could not be obtained.' 13871 type: string 13872 redisTLSChecksum: 13873 description: RedisTLSChecksum contains the SHA256 checksum of the 13874 latest known state of tls.crt and tls.key in the argocd-operator-redis-tls 13875 secret. 13876 type: string 13877 repo: 13878 description: 'Repo is a simple, high-level summary of where the Argo 13879 CD Repo component is in its lifecycle. There are four possible repo 13880 values: Pending: The Argo CD Repo component has been accepted by 13881 the Kubernetes system, but one or more of the required resources 13882 have not been created. Running: All of the required Pods for the 13883 Argo CD Repo component are in a Ready state. Failed: At least one 13884 of the Argo CD Repo component Pods had a failure. Unknown: The 13885 state of the Argo CD Repo component could not be obtained.' 13886 type: string 13887 repoTLSChecksum: 13888 description: RepoTLSChecksum contains the SHA256 checksum of the latest 13889 known state of tls.crt and tls.key in the argocd-repo-server-tls 13890 secret. 13891 type: string 13892 server: 13893 description: 'Server is a simple, high-level summary of where the 13894 Argo CD server component is in its lifecycle. There are four possible 13895 server values: Pending: The Argo CD server component has been accepted 13896 by the Kubernetes system, but one or more of the required resources 13897 have not been created. Running: All of the required Pods for the 13898 Argo CD server component are in a Ready state. Failed: At least 13899 one of the Argo CD server component Pods had a failure. Unknown: 13900 The state of the Argo CD server component could not be obtained.' 13901 type: string 13902 sso: 13903 description: 'SSO is a simple, high-level summary of where the Argo 13904 CD SSO(Dex/Keycloak) component is in its lifecycle. There are four 13905 possible sso values: Pending: The Argo CD SSO component has been 13906 accepted by the Kubernetes system, but one or more of the required 13907 resources have not been created. Running: All of the required Pods 13908 for the Argo CD SSO component are in a Ready state. Failed: At least 13909 one of the Argo CD SSO component Pods had a failure. Unknown: The 13910 state of the Argo CD SSO component could not be obtained.' 13911 type: string 13912 type: object 13913 type: object 13914 served: true 13915 storage: true 13916 subresources: 13917 status: {} 13918 status: 13919 acceptedNames: 13920 kind: "" 13921 plural: "" 13922 conditions: [] 13923 storedVersions: []