github.com/argoproj/argo-cd@v1.8.7/pkg/apis/application/v1alpha1/generated.proto (about) 1 2 // This file was autogenerated by go-to-protobuf. Do not edit it manually! 3 4 syntax = 'proto2'; 5 6 package github.com.argoproj.argo_cd.pkg.apis.application.v1alpha1; 7 8 import "k8s.io/api/core/v1/generated.proto"; 9 import "k8s.io/apimachinery/pkg/apis/meta/v1/generated.proto"; 10 import "k8s.io/apimachinery/pkg/runtime/generated.proto"; 11 import "k8s.io/apimachinery/pkg/runtime/schema/generated.proto"; 12 13 // Package-wide variables from generator "generated". 14 option go_package = "v1alpha1"; 15 16 // AWSAuthConfig is an AWS IAM authentication configuration 17 message AWSAuthConfig { 18 // ClusterName contains AWS cluster name 19 optional string clusterName = 1; 20 21 // RoleARN contains optional role ARN. If set then AWS IAM Authenticator assume a role to perform cluster operations instead of the default AWS credential provider chain. 22 optional string roleARN = 2; 23 } 24 25 // AppProject provides a logical grouping of applications, providing controls for: 26 // * where the apps may deploy to (cluster whitelist) 27 // * what may be deployed (repository whitelist, resource whitelist/blacklist) 28 // * who can access these applications (roles, OIDC group claims bindings) 29 // * and what they can do (RBAC policies) 30 // * automation access to these roles (JWT tokens) 31 // +genclient 32 // +genclient:noStatus 33 // +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object 34 // +kubebuilder:resource:path=appprojects,shortName=appproj;appprojs 35 message AppProject { 36 optional k8s.io.apimachinery.pkg.apis.meta.v1.ObjectMeta metadata = 1; 37 38 optional AppProjectSpec spec = 2; 39 40 optional AppProjectStatus status = 3; 41 } 42 43 // AppProjectList is list of AppProject resources 44 // +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object 45 message AppProjectList { 46 optional k8s.io.apimachinery.pkg.apis.meta.v1.ListMeta metadata = 1; 47 48 repeated AppProject items = 2; 49 } 50 51 // AppProjectSpec is the specification of an AppProject 52 message AppProjectSpec { 53 // SourceRepos contains list of repository URLs which can be used for deployment 54 repeated string sourceRepos = 1; 55 56 // Destinations contains list of destinations available for deployment 57 repeated ApplicationDestination destinations = 2; 58 59 // Description contains optional project description 60 optional string description = 3; 61 62 // Roles are user defined RBAC roles associated with this project 63 repeated ProjectRole roles = 4; 64 65 // ClusterResourceWhitelist contains list of whitelisted cluster level resources 66 repeated k8s.io.apimachinery.pkg.apis.meta.v1.GroupKind clusterResourceWhitelist = 5; 67 68 // NamespaceResourceBlacklist contains list of blacklisted namespace level resources 69 repeated k8s.io.apimachinery.pkg.apis.meta.v1.GroupKind namespaceResourceBlacklist = 6; 70 71 // OrphanedResources specifies if controller should monitor orphaned resources of apps in this project 72 optional OrphanedResourcesMonitorSettings orphanedResources = 7; 73 74 // SyncWindows controls when syncs can be run for apps in this project 75 repeated SyncWindow syncWindows = 8; 76 77 // NamespaceResourceWhitelist contains list of whitelisted namespace level resources 78 repeated k8s.io.apimachinery.pkg.apis.meta.v1.GroupKind namespaceResourceWhitelist = 9; 79 80 // List of PGP key IDs that commits to be synced to must be signed with 81 repeated SignatureKey signatureKeys = 10; 82 83 // ClusterResourceBlacklist contains list of blacklisted cluster level resources 84 repeated k8s.io.apimachinery.pkg.apis.meta.v1.GroupKind clusterResourceBlacklist = 11; 85 } 86 87 // AppProjectStatus contains information about appproj 88 message AppProjectStatus { 89 map<string, JWTTokens> jwtTokensByRole = 1; 90 } 91 92 // Application is a definition of Application resource. 93 // +genclient 94 // +genclient:noStatus 95 // +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object 96 // +kubebuilder:resource:path=applications,shortName=app;apps 97 // +kubebuilder:printcolumn:name="Sync Status",type=string,JSONPath=`.status.sync.status` 98 // +kubebuilder:printcolumn:name="Health Status",type=string,JSONPath=`.status.health.status` 99 // +kubebuilder:printcolumn:name="Revision",type=string,JSONPath=`.status.sync.revision`,priority=10 100 message Application { 101 optional k8s.io.apimachinery.pkg.apis.meta.v1.ObjectMeta metadata = 1; 102 103 optional ApplicationSpec spec = 2; 104 105 optional ApplicationStatus status = 3; 106 107 optional Operation operation = 4; 108 } 109 110 // ApplicationCondition contains details about current application condition 111 message ApplicationCondition { 112 // Type is an application condition type 113 optional string type = 1; 114 115 // Message contains human-readable message indicating details about condition 116 optional string message = 2; 117 118 // LastTransitionTime is the time the condition was first observed. 119 optional k8s.io.apimachinery.pkg.apis.meta.v1.Time lastTransitionTime = 3; 120 } 121 122 // ApplicationDestination contains deployment destination information 123 message ApplicationDestination { 124 // Server overrides the environment server value in the ksonnet app.yaml 125 optional string server = 1; 126 127 // Namespace overrides the environment namespace value in the ksonnet app.yaml 128 optional string namespace = 2; 129 130 // Name of the destination cluster which can be used instead of server (url) field 131 optional string name = 3; 132 } 133 134 // ApplicationList is list of Application resources 135 // +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object 136 message ApplicationList { 137 optional k8s.io.apimachinery.pkg.apis.meta.v1.ListMeta metadata = 1; 138 139 repeated Application items = 2; 140 } 141 142 // ApplicationSource contains information about github repository, path within repository and target application environment. 143 message ApplicationSource { 144 // RepoURL is the repository URL of the application manifests 145 optional string repoURL = 1; 146 147 // Path is a directory path within the Git repository 148 optional string path = 2; 149 150 // TargetRevision defines the commit, tag, or branch in which to sync the application to. 151 // If omitted, will sync to HEAD 152 optional string targetRevision = 4; 153 154 // Helm holds helm specific options 155 optional ApplicationSourceHelm helm = 7; 156 157 // Kustomize holds kustomize specific options 158 optional ApplicationSourceKustomize kustomize = 8; 159 160 // Ksonnet holds ksonnet specific options 161 optional ApplicationSourceKsonnet ksonnet = 9; 162 163 // Directory holds path/directory specific options 164 optional ApplicationSourceDirectory directory = 10; 165 166 // ConfigManagementPlugin holds config management plugin specific options 167 optional ApplicationSourcePlugin plugin = 11; 168 169 // Chart is a Helm chart name 170 optional string chart = 12; 171 } 172 173 message ApplicationSourceDirectory { 174 optional bool recurse = 1; 175 176 optional ApplicationSourceJsonnet jsonnet = 2; 177 178 optional string exclude = 3; 179 } 180 181 // ApplicationSourceHelm holds helm specific options 182 message ApplicationSourceHelm { 183 // ValuesFiles is a list of Helm value files to use when generating a template 184 repeated string valueFiles = 1; 185 186 // Parameters are parameters to the helm template 187 repeated HelmParameter parameters = 2; 188 189 // The Helm release name. If omitted it will use the application name 190 optional string releaseName = 3; 191 192 // Values is Helm values, typically defined as a block 193 optional string values = 4; 194 195 // FileParameters are file parameters to the helm template 196 repeated HelmFileParameter fileParameters = 5; 197 198 // Version is the Helm version to use for templating with 199 optional string version = 6; 200 } 201 202 // ApplicationSourceJsonnet holds jsonnet specific options 203 message ApplicationSourceJsonnet { 204 // ExtVars is a list of Jsonnet External Variables 205 repeated JsonnetVar extVars = 1; 206 207 // TLAS is a list of Jsonnet Top-level Arguments 208 repeated JsonnetVar tlas = 2; 209 210 // Additional library search dirs 211 repeated string libs = 3; 212 } 213 214 // ApplicationSourceKsonnet holds ksonnet specific options 215 message ApplicationSourceKsonnet { 216 // Environment is a ksonnet application environment name 217 optional string environment = 1; 218 219 // Parameters are a list of ksonnet component parameter override values 220 repeated KsonnetParameter parameters = 2; 221 } 222 223 // ApplicationSourceKustomize holds kustomize specific options 224 message ApplicationSourceKustomize { 225 // NamePrefix is a prefix appended to resources for kustomize apps 226 optional string namePrefix = 1; 227 228 // NameSuffix is a suffix appended to resources for kustomize apps 229 optional string nameSuffix = 2; 230 231 // Images are kustomize image overrides 232 repeated string images = 3; 233 234 // CommonLabels adds additional kustomize commonLabels 235 map<string, string> commonLabels = 4; 236 237 // Version contains optional Kustomize version 238 optional string version = 5; 239 240 // CommonAnnotations adds additional kustomize commonAnnotations 241 map<string, string> commonAnnotations = 6; 242 } 243 244 // ApplicationSourcePlugin holds config management plugin specific options 245 message ApplicationSourcePlugin { 246 optional string name = 1; 247 248 repeated EnvEntry env = 2; 249 } 250 251 // ApplicationSpec represents desired application state. Contains link to repository with application definition and additional parameters link definition revision. 252 message ApplicationSpec { 253 // Source is a reference to the location ksonnet application definition 254 optional ApplicationSource source = 1; 255 256 // Destination overrides the kubernetes server and namespace defined in the environment ksonnet app.yaml 257 optional ApplicationDestination destination = 2; 258 259 // Project is a application project name. Empty name means that application belongs to 'default' project. 260 optional string project = 3; 261 262 // SyncPolicy controls when a sync will be performed 263 optional SyncPolicy syncPolicy = 4; 264 265 // IgnoreDifferences controls resources fields which should be ignored during comparison 266 repeated ResourceIgnoreDifferences ignoreDifferences = 5; 267 268 // Infos contains a list of useful information (URLs, email addresses, and plain text) that relates to the application 269 repeated Info info = 6; 270 271 // This limits this number of items kept in the apps revision history. 272 // This should only be changed in exceptional circumstances. 273 // Setting to zero will store no history. This will reduce storage used. 274 // Increasing will increase the space used to store the history, so we do not recommend increasing it. 275 // Default is 10. 276 optional int64 revisionHistoryLimit = 7; 277 } 278 279 // ApplicationStatus contains information about application sync, health status 280 message ApplicationStatus { 281 repeated ResourceStatus resources = 1; 282 283 optional SyncStatus sync = 2; 284 285 optional HealthStatus health = 3; 286 287 repeated RevisionHistory history = 4; 288 289 repeated ApplicationCondition conditions = 5; 290 291 // ReconciledAt indicates when the application state was reconciled using the latest git version 292 optional k8s.io.apimachinery.pkg.apis.meta.v1.Time reconciledAt = 6; 293 294 optional OperationState operationState = 7; 295 296 // ObservedAt indicates when the application state was updated without querying latest git state 297 // Deprecated: controller no longer updates ObservedAt field 298 optional k8s.io.apimachinery.pkg.apis.meta.v1.Time observedAt = 8; 299 300 optional string sourceType = 9; 301 302 optional ApplicationSummary summary = 10; 303 } 304 305 message ApplicationSummary { 306 // ExternalURLs holds all external URLs of application child resources. 307 repeated string externalURLs = 1; 308 309 // Images holds all images of application child resources. 310 repeated string images = 2; 311 } 312 313 // ApplicationTree holds nodes which belongs to the application 314 message ApplicationTree { 315 // Nodes contains list of nodes which either directly managed by the application and children of directly managed nodes. 316 repeated ResourceNode nodes = 1; 317 318 // OrphanedNodes contains if or orphaned nodes: nodes which are not managed by the app but in the same namespace. List is populated only if orphaned resources enabled in app project. 319 repeated ResourceNode orphanedNodes = 2; 320 } 321 322 // ApplicationWatchEvent contains information about application change. 323 message ApplicationWatchEvent { 324 optional string type = 1; 325 326 // Application is: 327 // * If Type is Added or Modified: the new state of the object. 328 // * If Type is Deleted: the state of the object immediately before deletion. 329 // * If Type is Error: *api.Status is recommended; other types may make sense 330 // depending on context. 331 optional Application application = 2; 332 } 333 334 // Backoff is a backoff strategy to use within retryStrategy 335 message Backoff { 336 // Duration is the amount to back off. Default unit is seconds, but could also be a duration (e.g. "2m", "1h") 337 optional string duration = 1; 338 339 // Factor is a factor to multiply the base duration after each failed retry 340 optional int64 factor = 2; 341 342 // MaxDuration is the maximum amount of time allowed for the backoff strategy 343 optional string maxDuration = 3; 344 } 345 346 // Cluster is the definition of a cluster resource 347 message Cluster { 348 // Server is the API server URL of the Kubernetes cluster 349 optional string server = 1; 350 351 // Name of the cluster. If omitted, will use the server address 352 optional string name = 2; 353 354 // Config holds cluster information for connecting to a cluster 355 optional ClusterConfig config = 3; 356 357 // DEPRECATED: use Info.ConnectionState field instead. 358 // ConnectionState contains information about cluster connection state 359 optional ConnectionState connectionState = 4; 360 361 // DEPRECATED: use Info.ServerVersion field instead. 362 // The server version 363 optional string serverVersion = 5; 364 365 // Holds list of namespaces which are accessible in that cluster. Cluster level resources would be ignored if namespace list is not empty. 366 repeated string namespaces = 6; 367 368 // RefreshRequestedAt holds time when cluster cache refresh has been requested 369 optional k8s.io.apimachinery.pkg.apis.meta.v1.Time refreshRequestedAt = 7; 370 371 // Holds information about cluster cache 372 optional ClusterInfo info = 8; 373 374 // Shard contains optional shard number. Calculated on the fly by the application controller if not specified. 375 optional int64 shard = 9; 376 } 377 378 message ClusterCacheInfo { 379 // ResourcesCount holds number of observed Kubernetes resources 380 optional int64 resourcesCount = 1; 381 382 // APIsCount holds number of observed Kubernetes API count 383 optional int64 apisCount = 2; 384 385 // LastCacheSyncTime holds time of most recent cache synchronization 386 optional k8s.io.apimachinery.pkg.apis.meta.v1.Time lastCacheSyncTime = 3; 387 } 388 389 // ClusterConfig is the configuration attributes. This structure is subset of the go-client 390 // rest.Config with annotations added for marshalling. 391 message ClusterConfig { 392 // Server requires Basic authentication 393 optional string username = 1; 394 395 optional string password = 2; 396 397 // Server requires Bearer authentication. This client will not attempt to use 398 // refresh tokens for an OAuth2 flow. 399 // TODO: demonstrate an OAuth2 compatible client. 400 optional string bearerToken = 3; 401 402 // TLSClientConfig contains settings to enable transport layer security 403 optional TLSClientConfig tlsClientConfig = 4; 404 405 // AWSAuthConfig contains IAM authentication configuration 406 optional AWSAuthConfig awsAuthConfig = 5; 407 408 // ExecProviderConfig contains configuration for an exec provider 409 optional ExecProviderConfig execProviderConfig = 6; 410 } 411 412 message ClusterInfo { 413 optional ConnectionState connectionState = 1; 414 415 optional string serverVersion = 2; 416 417 optional ClusterCacheInfo cacheInfo = 3; 418 419 optional int64 applicationsCount = 4; 420 } 421 422 // ClusterList is a collection of Clusters. 423 message ClusterList { 424 optional k8s.io.apimachinery.pkg.apis.meta.v1.ListMeta metadata = 1; 425 426 repeated Cluster items = 2; 427 } 428 429 // Command holds binary path and arguments list 430 message Command { 431 repeated string command = 1; 432 433 repeated string args = 2; 434 } 435 436 // ComparedTo contains application source and target which was used for resources comparison 437 message ComparedTo { 438 optional ApplicationSource source = 1; 439 440 optional ApplicationDestination destination = 2; 441 } 442 443 // ComponentParameter contains information about component parameter value 444 message ComponentParameter { 445 optional string component = 1; 446 447 optional string name = 2; 448 449 optional string value = 3; 450 } 451 452 // ConfigManagementPlugin contains config management plugin configuration 453 message ConfigManagementPlugin { 454 optional string name = 1; 455 456 optional Command init = 2; 457 458 optional Command generate = 3; 459 } 460 461 // ConnectionState contains information about remote resource connection state 462 message ConnectionState { 463 optional string status = 1; 464 465 optional string message = 2; 466 467 optional k8s.io.apimachinery.pkg.apis.meta.v1.Time attemptedAt = 3; 468 } 469 470 message EnvEntry { 471 // the name, usually uppercase 472 optional string name = 1; 473 474 // the value 475 optional string value = 2; 476 } 477 478 // ExecProviderConfig is config used to call an external command to perform cluster authentication 479 // See: https://godoc.org/k8s.io/client-go/tools/clientcmd/api#ExecConfig 480 message ExecProviderConfig { 481 // Command to execute 482 optional string command = 1; 483 484 // Arguments to pass to the command when executing it 485 repeated string args = 2; 486 487 // Env defines additional environment variables to expose to the process 488 map<string, string> env = 3; 489 490 // Preferred input version of the ExecInfo 491 optional string apiVersion = 4; 492 493 // This text is shown to the user when the executable doesn't seem to be present 494 optional string installHint = 5; 495 } 496 497 // GnuPGPublicKey is a representation of a GnuPG public key 498 message GnuPGPublicKey { 499 // KeyID in hexadecimal string format 500 optional string keyID = 1; 501 502 // Fingerprint of the key 503 optional string fingerprint = 2; 504 505 // Owner identification 506 optional string owner = 3; 507 508 // Trust level 509 optional string trust = 4; 510 511 // Key sub type (e.g. rsa4096) 512 optional string subType = 5; 513 514 // Key data 515 optional string keyData = 6; 516 } 517 518 // GnuPGPublicKeyList is a collection of GnuPGPublicKey objects 519 message GnuPGPublicKeyList { 520 optional k8s.io.apimachinery.pkg.apis.meta.v1.ListMeta metadata = 1; 521 522 repeated GnuPGPublicKey items = 2; 523 } 524 525 message HealthStatus { 526 optional string status = 1; 527 528 optional string message = 2; 529 } 530 531 // HelmFileParameter is a file parameter to a helm template 532 message HelmFileParameter { 533 // Name is the name of the helm parameter 534 optional string name = 1; 535 536 // Path is the path value for the helm parameter 537 optional string path = 2; 538 } 539 540 // HelmParameter is a parameter to a helm template 541 message HelmParameter { 542 // Name is the name of the helm parameter 543 optional string name = 1; 544 545 // Value is the value for the helm parameter 546 optional string value = 2; 547 548 // ForceString determines whether to tell Helm to interpret booleans and numbers as strings 549 optional bool forceString = 3; 550 } 551 552 message Info { 553 optional string name = 1; 554 555 optional string value = 2; 556 } 557 558 // InfoItem contains human readable information about object 559 message InfoItem { 560 // Name is a human readable title for this piece of information. 561 optional string name = 1; 562 563 // Value is human readable content. 564 optional string value = 2; 565 } 566 567 // JWTToken holds the issuedAt and expiresAt values of a token 568 message JWTToken { 569 optional int64 iat = 1; 570 571 optional int64 exp = 2; 572 573 optional string id = 3; 574 } 575 576 message JWTTokens { 577 repeated JWTToken items = 1; 578 } 579 580 // JsonnetVar is a jsonnet variable 581 message JsonnetVar { 582 optional string name = 1; 583 584 optional string value = 2; 585 586 optional bool code = 3; 587 } 588 589 // KnownTypeField contains mapping between CRD field and known Kubernetes type 590 message KnownTypeField { 591 optional string field = 1; 592 593 optional string type = 2; 594 } 595 596 // KsonnetParameter is a ksonnet component parameter 597 message KsonnetParameter { 598 optional string component = 1; 599 600 optional string name = 2; 601 602 optional string value = 3; 603 } 604 605 // KustomizeOptions are options for kustomize to use when building manifests 606 message KustomizeOptions { 607 // BuildOptions is a string of build parameters to use when calling `kustomize build` 608 optional string buildOptions = 1; 609 610 // BinaryPath holds optional path to kustomize binary 611 optional string binaryPath = 2; 612 } 613 614 // Operation contains requested operation parameters. 615 message Operation { 616 optional SyncOperation sync = 1; 617 618 optional OperationInitiator initiatedBy = 2; 619 620 repeated Info info = 3; 621 622 // Retry controls failed sync retry behavior 623 optional RetryStrategy retry = 4; 624 } 625 626 // OperationInitiator holds information about the operation initiator 627 message OperationInitiator { 628 // Name of a user who started operation. 629 optional string username = 1; 630 631 // Automated is set to true if operation was initiated automatically by the application controller. 632 optional bool automated = 2; 633 } 634 635 // OperationState contains information about state of currently performing operation on application. 636 message OperationState { 637 // Operation is the original requested operation 638 optional Operation operation = 1; 639 640 // Phase is the current phase of the operation 641 optional string phase = 2; 642 643 // Message hold any pertinent messages when attempting to perform operation (typically errors). 644 optional string message = 3; 645 646 // SyncResult is the result of a Sync operation 647 optional SyncOperationResult syncResult = 4; 648 649 // StartedAt contains time of operation start 650 optional k8s.io.apimachinery.pkg.apis.meta.v1.Time startedAt = 6; 651 652 // FinishedAt contains time of operation completion 653 optional k8s.io.apimachinery.pkg.apis.meta.v1.Time finishedAt = 7; 654 655 // RetryCount contains time of operation retries 656 optional int64 retryCount = 8; 657 } 658 659 message OrphanedResourceKey { 660 optional string group = 1; 661 662 optional string kind = 2; 663 664 optional string name = 3; 665 } 666 667 // OrphanedResourcesMonitorSettings holds settings of orphaned resources monitoring 668 message OrphanedResourcesMonitorSettings { 669 // Warn indicates if warning condition should be created for apps which have orphaned resources 670 optional bool warn = 1; 671 672 repeated OrphanedResourceKey ignore = 2; 673 } 674 675 message OverrideIgnoreDiff { 676 repeated string jSONPointers = 1; 677 } 678 679 // ProjectRole represents a role that has access to a project 680 message ProjectRole { 681 // Name is a name for this role 682 optional string name = 1; 683 684 // Description is a description of the role 685 optional string description = 2; 686 687 // Policies Stores a list of casbin formated strings that define access policies for the role in the project 688 repeated string policies = 3; 689 690 // JWTTokens are a list of generated JWT tokens bound to this role 691 repeated JWTToken jwtTokens = 4; 692 693 // Groups are a list of OIDC group claims bound to this role 694 repeated string groups = 5; 695 } 696 697 // RepoCreds holds a repository credentials definition 698 message RepoCreds { 699 // URL is the URL that this credentials matches to 700 optional string url = 1; 701 702 // Username for authenticating at the repo server 703 optional string username = 2; 704 705 // Password for authenticating at the repo server 706 optional string password = 3; 707 708 // SSH private key data for authenticating at the repo server (only Git repos) 709 optional string sshPrivateKey = 4; 710 711 // TLS client cert data for authenticating at the repo server 712 optional string tlsClientCertData = 5; 713 714 // TLS client cert key for authenticating at the repo server 715 optional string tlsClientCertKey = 6; 716 } 717 718 // RepositoryList is a collection of Repositories. 719 message RepoCredsList { 720 optional k8s.io.apimachinery.pkg.apis.meta.v1.ListMeta metadata = 1; 721 722 repeated RepoCreds items = 2; 723 } 724 725 // Repository is a repository holding application configurations 726 message Repository { 727 // URL of the repo 728 optional string repo = 1; 729 730 // Username for authenticating at the repo server 731 optional string username = 2; 732 733 // Password for authenticating at the repo server 734 optional string password = 3; 735 736 // SSH private key data for authenticating at the repo server 737 // only for Git repos 738 optional string sshPrivateKey = 4; 739 740 // Current state of repository server connecting 741 optional ConnectionState connectionState = 5; 742 743 // InsecureIgnoreHostKey should not be used anymore, Insecure is favoured 744 // only for Git repos 745 optional bool insecureIgnoreHostKey = 6; 746 747 // Whether the repo is insecure 748 optional bool insecure = 7; 749 750 // Whether git-lfs support should be enabled for this repo 751 optional bool enableLfs = 8; 752 753 // TLS client cert data for authenticating at the repo server 754 optional string tlsClientCertData = 9; 755 756 // TLS client cert key for authenticating at the repo server 757 optional string tlsClientCertKey = 10; 758 759 // type of the repo, maybe "git or "helm, "git" is assumed if empty or absent 760 optional string type = 11; 761 762 // only for Helm repos 763 optional string name = 12; 764 765 // Whether credentials were inherited from a credential set 766 optional bool inheritedCreds = 13; 767 768 // Whether helm-oci support should be enabled for this repo 769 optional bool enableOCI = 14; 770 } 771 772 // A RepositoryCertificate is either SSH known hosts entry or TLS certificate 773 message RepositoryCertificate { 774 // Name of the server the certificate is intended for 775 optional string serverName = 1; 776 777 // Type of certificate - currently "https" or "ssh" 778 optional string certType = 2; 779 780 // The sub type of the cert, i.e. "ssh-rsa" 781 optional string certSubType = 3; 782 783 // Actual certificate data, protocol dependent 784 optional bytes certData = 4; 785 786 // Additional certificate info (e.g. SSH fingerprint, X509 CommonName) 787 optional string certInfo = 5; 788 } 789 790 // RepositoryCertificateList is a collection of RepositoryCertificates 791 message RepositoryCertificateList { 792 optional k8s.io.apimachinery.pkg.apis.meta.v1.ListMeta metadata = 1; 793 794 // List of certificates to be processed 795 repeated RepositoryCertificate items = 2; 796 } 797 798 // RepositoryList is a collection of Repositories. 799 message RepositoryList { 800 optional k8s.io.apimachinery.pkg.apis.meta.v1.ListMeta metadata = 1; 801 802 repeated Repository items = 2; 803 } 804 805 message ResourceAction { 806 optional string name = 1; 807 808 repeated ResourceActionParam params = 2; 809 810 optional bool disabled = 3; 811 } 812 813 message ResourceActionDefinition { 814 optional string name = 1; 815 816 optional string actionLua = 2; 817 } 818 819 message ResourceActionParam { 820 optional string name = 1; 821 822 optional string value = 2; 823 824 optional string type = 3; 825 826 optional string default = 4; 827 } 828 829 message ResourceActions { 830 optional string actionDiscoveryLua = 1; 831 832 repeated ResourceActionDefinition definitions = 2; 833 } 834 835 // ResourceDiff holds the diff of a live and target resource object 836 message ResourceDiff { 837 optional string group = 1; 838 839 optional string kind = 2; 840 841 optional string namespace = 3; 842 843 optional string name = 4; 844 845 // TargetState contains the JSON serialized resource manifest defined in the Git/Helm 846 optional string targetState = 5; 847 848 // TargetState contains the JSON live resource manifest 849 optional string liveState = 6; 850 851 // Diff contains the JSON patch between target and live resource 852 // Deprecated: use NormalizedLiveState and PredictedLiveState to render the difference 853 optional string diff = 7; 854 855 optional bool hook = 8; 856 857 // NormalizedLiveState contains JSON serialized live resource state with applied normalizations 858 optional string normalizedLiveState = 9; 859 860 // PredictedLiveState contains JSON serialized resource state that is calculated based on normalized and target resource state 861 optional string predictedLiveState = 10; 862 } 863 864 // ResourceIgnoreDifferences contains resource filter and list of json paths which should be ignored during comparison with live state. 865 message ResourceIgnoreDifferences { 866 optional string group = 1; 867 868 optional string kind = 2; 869 870 optional string name = 3; 871 872 optional string namespace = 4; 873 874 repeated string jsonPointers = 5; 875 } 876 877 // ResourceNetworkingInfo holds networking resource related information 878 message ResourceNetworkingInfo { 879 map<string, string> targetLabels = 1; 880 881 repeated ResourceRef targetRefs = 2; 882 883 map<string, string> labels = 3; 884 885 repeated k8s.io.api.core.v1.LoadBalancerIngress ingress = 4; 886 887 // ExternalURLs holds list of URLs which should be available externally. List is populated for ingress resources using rules hostnames. 888 repeated string externalURLs = 5; 889 } 890 891 // ResourceNode contains information about live resource and its children 892 message ResourceNode { 893 optional ResourceRef resourceRef = 1; 894 895 repeated ResourceRef parentRefs = 2; 896 897 repeated InfoItem info = 3; 898 899 optional ResourceNetworkingInfo networkingInfo = 4; 900 901 optional string resourceVersion = 5; 902 903 repeated string images = 6; 904 905 optional HealthStatus health = 7; 906 907 optional k8s.io.apimachinery.pkg.apis.meta.v1.Time createdAt = 8; 908 } 909 910 // ResourceOverride holds configuration to customize resource diffing and health assessment 911 message ResourceOverride { 912 optional string healthLua = 1; 913 914 optional string actions = 3; 915 916 optional OverrideIgnoreDiff ignoreDifferences = 2; 917 918 repeated KnownTypeField knownTypeFields = 4; 919 } 920 921 // ResourceRef includes fields which unique identify resource 922 message ResourceRef { 923 optional string group = 1; 924 925 optional string version = 2; 926 927 optional string kind = 3; 928 929 optional string namespace = 4; 930 931 optional string name = 5; 932 933 optional string uid = 6; 934 } 935 936 // ResourceResult holds the operation result details of a specific resource 937 message ResourceResult { 938 optional string group = 1; 939 940 optional string version = 2; 941 942 optional string kind = 3; 943 944 optional string namespace = 4; 945 946 optional string name = 5; 947 948 // the final result of the sync, this is be empty if the resources is yet to be applied/pruned and is always zero-value for hooks 949 optional string status = 6; 950 951 // message for the last sync OR operation 952 optional string message = 7; 953 954 // the type of the hook, empty for non-hook resources 955 optional string hookType = 8; 956 957 // the state of any operation associated with this resource OR hook 958 // note: can contain values for non-hook resources 959 optional string hookPhase = 9; 960 961 // indicates the particular phase of the sync that this is for 962 optional string syncPhase = 10; 963 } 964 965 // ResourceStatus holds the current sync and health status of a resource 966 message ResourceStatus { 967 optional string group = 1; 968 969 optional string version = 2; 970 971 optional string kind = 3; 972 973 optional string namespace = 4; 974 975 optional string name = 5; 976 977 optional string status = 6; 978 979 optional HealthStatus health = 7; 980 981 optional bool hook = 8; 982 983 optional bool requiresPruning = 9; 984 } 985 986 message RetryStrategy { 987 // Limit is the maximum number of attempts when retrying a container 988 optional int64 limit = 1; 989 990 // Backoff is a backoff strategy 991 optional Backoff backoff = 2; 992 } 993 994 // RevisionHistory contains information relevant to an application deployment 995 message RevisionHistory { 996 // Revision holds the revision of the sync 997 optional string revision = 2; 998 999 // DeployedAt holds the time the deployment completed 1000 optional k8s.io.apimachinery.pkg.apis.meta.v1.Time deployedAt = 4; 1001 1002 // ID is an auto incrementing identifier of the RevisionHistory 1003 optional int64 id = 5; 1004 1005 optional ApplicationSource source = 6; 1006 1007 // DeployStartedAt holds the time the deployment started 1008 optional k8s.io.apimachinery.pkg.apis.meta.v1.Time deployStartedAt = 7; 1009 } 1010 1011 // data about a specific revision within a repo 1012 message RevisionMetadata { 1013 // who authored this revision, 1014 // typically their name and email, e.g. "John Doe <john_doe@my-company.com>", 1015 // but might not match this example 1016 optional string author = 1; 1017 1018 // when the revision was authored 1019 optional k8s.io.apimachinery.pkg.apis.meta.v1.Time date = 2; 1020 1021 // tags on the revision, 1022 // note - tags can move from one revision to another 1023 repeated string tags = 3; 1024 1025 // the message associated with the revision, 1026 // probably the commit message, 1027 // this is truncated to the first newline or 64 characters (which ever comes first) 1028 optional string message = 4; 1029 1030 // If revision was signed with GPG, and signature verification is enabled, 1031 // this contains a hint on the signer 1032 optional string signatureInfo = 5; 1033 } 1034 1035 // SignatureKey is the specification of a key required to verify commit signatures with 1036 message SignatureKey { 1037 // The ID of the key in hexadecimal notation 1038 optional string keyID = 1; 1039 } 1040 1041 // SyncOperation contains sync operation details. 1042 message SyncOperation { 1043 // Revision is the revision in which to sync the application to. 1044 // If omitted, will use the revision specified in app spec. 1045 optional string revision = 1; 1046 1047 // Prune deletes resources that are no longer tracked in git 1048 optional bool prune = 2; 1049 1050 // DryRun will perform a `kubectl apply --dry-run` without actually performing the sync 1051 optional bool dryRun = 3; 1052 1053 // SyncStrategy describes how to perform the sync 1054 optional SyncStrategy syncStrategy = 4; 1055 1056 // Resources describes which resources to sync 1057 repeated SyncOperationResource resources = 6; 1058 1059 // Source overrides the source definition set in the application. 1060 // This is typically set in a Rollback operation and nil during a Sync operation 1061 optional ApplicationSource source = 7; 1062 1063 // Manifests is an optional field that overrides sync source with a local directory for development 1064 repeated string manifests = 8; 1065 1066 // SyncOptions provide per-sync sync-options, e.g. Validate=false 1067 repeated string syncOptions = 9; 1068 } 1069 1070 // SyncOperationResource contains resources to sync. 1071 message SyncOperationResource { 1072 optional string group = 1; 1073 1074 optional string kind = 2; 1075 1076 optional string name = 3; 1077 1078 optional string namespace = 4; 1079 } 1080 1081 // SyncOperationResult represent result of sync operation 1082 message SyncOperationResult { 1083 // Resources holds the sync result of each individual resource 1084 repeated ResourceResult resources = 1; 1085 1086 // Revision holds the revision of the sync 1087 optional string revision = 2; 1088 1089 // Source records the application source information of the sync, used for comparing auto-sync 1090 optional ApplicationSource source = 3; 1091 } 1092 1093 // SyncPolicy controls when a sync will be performed in response to updates in git 1094 message SyncPolicy { 1095 // Automated will keep an application synced to the target revision 1096 optional SyncPolicyAutomated automated = 1; 1097 1098 // Options allow you to specify whole app sync-options 1099 repeated string syncOptions = 2; 1100 1101 // Retry controls failed sync retry behavior 1102 optional RetryStrategy retry = 3; 1103 } 1104 1105 // SyncPolicyAutomated controls the behavior of an automated sync 1106 message SyncPolicyAutomated { 1107 // Prune will prune resources automatically as part of automated sync (default: false) 1108 optional bool prune = 1; 1109 1110 // SelfHeal enables auto-syncing if (default: false) 1111 optional bool selfHeal = 2; 1112 1113 // AllowEmpty allows apps have zero live resources (default: false) 1114 optional bool allowEmpty = 3; 1115 } 1116 1117 // SyncStatus is a comparison result of application spec and deployed application. 1118 message SyncStatus { 1119 optional string status = 1; 1120 1121 optional ComparedTo comparedTo = 2; 1122 1123 optional string revision = 3; 1124 } 1125 1126 // SyncStrategy controls the manner in which a sync is performed 1127 message SyncStrategy { 1128 // Apply will perform a `kubectl apply` to perform the sync. 1129 optional SyncStrategyApply apply = 1; 1130 1131 // Hook will submit any referenced resources to perform the sync. This is the default strategy 1132 optional SyncStrategyHook hook = 2; 1133 } 1134 1135 // SyncStrategyApply uses `kubectl apply` to perform the apply 1136 message SyncStrategyApply { 1137 // Force indicates whether or not to supply the --force flag to `kubectl apply`. 1138 // The --force flag deletes and re-create the resource, when PATCH encounters conflict and has 1139 // retried for 5 times. 1140 optional bool force = 1; 1141 } 1142 1143 // SyncStrategyHook will perform a sync using hooks annotations. 1144 // If no hook annotation is specified falls back to `kubectl apply`. 1145 message SyncStrategyHook { 1146 // Embed SyncStrategyApply type to inherit any `apply` options 1147 // +optional 1148 optional SyncStrategyApply syncStrategyApply = 1; 1149 } 1150 1151 // SyncWindow contains the kind, time, duration and attributes that are used to assign the syncWindows to apps 1152 message SyncWindow { 1153 // Kind defines if the window allows or blocks syncs 1154 optional string kind = 1; 1155 1156 // Schedule is the time the window will begin, specified in cron format 1157 optional string schedule = 2; 1158 1159 // Duration is the amount of time the sync window will be open 1160 optional string duration = 3; 1161 1162 // Applications contains a list of applications that the window will apply to 1163 repeated string applications = 4; 1164 1165 // Namespaces contains a list of namespaces that the window will apply to 1166 repeated string namespaces = 5; 1167 1168 // Clusters contains a list of clusters that the window will apply to 1169 repeated string clusters = 6; 1170 1171 // ManualSync enables manual syncs when they would otherwise be blocked 1172 optional bool manualSync = 7; 1173 } 1174 1175 // TLSClientConfig contains settings to enable transport layer security 1176 message TLSClientConfig { 1177 // Server should be accessed without verifying the TLS certificate. For testing only. 1178 optional bool insecure = 1; 1179 1180 // ServerName is passed to the server for SNI and is used in the client to check server 1181 // certificates against. If ServerName is empty, the hostname used to contact the 1182 // server is used. 1183 optional string serverName = 2; 1184 1185 // CertData holds PEM-encoded bytes (typically read from a client certificate file). 1186 // CertData takes precedence over CertFile 1187 optional bytes certData = 3; 1188 1189 // KeyData holds PEM-encoded bytes (typically read from a client certificate key file). 1190 // KeyData takes precedence over KeyFile 1191 optional bytes keyData = 4; 1192 1193 // CAData holds PEM-encoded bytes (typically read from a root certificates bundle). 1194 // CAData takes precedence over CAFile 1195 optional bytes caData = 5; 1196 } 1197