diff --git a/docs/docs/k8s/apinto.md b/docs/docs/k8s/apinto.md new file mode 100644 index 00000000..46fdec52 --- /dev/null +++ b/docs/docs/k8s/apinto.md @@ -0,0 +1,49 @@ +# 部署 Apinto API 网关 + +## Prepare + +- 安装 k8s +- 创建 storage-class + +## 企业版 + +::: tip + +cofig.yml 和 apinto-app.yml 包含敏感信息,已用 ansible-vault 加密 + +::: + +- 命名空间 [namespace.yml](https://raw.githubusercontent.com/alomerry/mix/master/vm/scripts/pve/k8s/apps/apinto/namespace.yml) +- Docker 镜像网站密钥 [docker-eolink.yml](https://raw.githubusercontent.com/alomerry/mix/master/vm/scripts/pve/k8s/apps/apinto/docker-eolink.yml) +- 部署 PVC [pvc.yml](https://raw.githubusercontent.com/alomerry/mix/master/vm/scripts/pve/k8s/apps/apinto/) +- 部署 Secret、ConfigMap [config.yml](https://raw.githubusercontent.com/alomerry/mix/master/vm/scripts/pve/k8s/apps/apinto/config.yml) +- 部署 Service [service.yml](https://raw.githubusercontent.com/alomerry/mix/master/vm/scripts/pve/k8s/apps/apinto/service.yml) +- 部署 Redis [redis-app.yml](https://raw.githubusercontent.com/alomerry/mix/master/vm/scripts/pve/k8s/apps/apinto/redis-app.yml),部署完成后进入容器,执行集群初始化操作: + + ```shell + redis-cli --cluster create \ + `dig +short redis-app-0.redis-service.${NAMESPACE}.svc.cluster.local`:6379 \ + `dig +short redis-app-1.redis-service.${NAMESPACE}.svc.cluster.local`:6379 \ + `dig +short redis-app-2.redis-service.${NAMESPACE}.svc.cluster.local`:6379 \ + `dig +short redis-app-3.redis-service.${NAMESPACE}.svc.cluster.local`:6379 \ + `dig +short redis-app-4.redis-service.${NAMESPACE}.svc.cluster.local`:6379 \ + `dig +short redis-app-5.redis-service.${NAMESPACE}.svc.cluster.local`:6379 \ + --cluster-replicas 1 -a 密码 + ``` + +- 部署控制台及依赖 [apinto-app.yml](https://raw.githubusercontent.com/alomerry/mix/master/vm/scripts/pve/k8s/apps/apinto/apinto-app.yml) + + ::: tip + + 官网提供的 apinto-depend.yml 中将 mysql 和 user-center 容器放在同一个 Pod 中,测试发现 mysql 未启动完成时会导致 user-center 未就绪,进而整个 Pod 以及 Service 的 3306 无法访问,最终的 dashboard 会无法登录,因此拆分成了 apinto-depend-mysql 和 apinto-depend-user-center 两个 Pod,按序启动。 + + ::: + +- 创建 ClusterRole [apinto-cluster-role.yml](https://raw.githubusercontent.com/alomerry/mix/master/vm/scripts/pve/k8s/apps/apinto/apinto-cluster-role.yml) +- 创建 Service Account [apinto-service-account.yml](https://raw.githubusercontent.com/alomerry/mix/master/vm/scripts/pve/k8s/apps/apinto/apinto-service-account.yml) +- 创建网关节点 [apinto-gameway.yml](https://raw.githubusercontent.com/alomerry/mix/master/vm/scripts/pve/k8s/apps/apinto/apinto-gameway.yml) + +## Reference + +- [Kubernetes 集群部署应用](https://help.apinto.com/docs/apinto/quick/arrange.html#kubernetes%E9%9B%86%E7%BE%A4%E9%83%A8%E7%BD%B2%E5%BA%94%E7%94%A8) +- [Kubernetes 安装全产品](https://help.eolink.com/tutorial/Apinto/c-1405) \ No newline at end of file diff --git a/vm/ansible/inventory/group_vars/all.yml b/vm/ansible/inventory/group_vars/all.yml deleted file mode 100644 index 6e751c1e..00000000 --- a/vm/ansible/inventory/group_vars/all.yml +++ /dev/null @@ -1,11 +0,0 @@ -ansible_ssh_user: root -k8s: - version: 1.28.1 - crictl_version: 1.28.0 - cni_version: 1.3.0 - elet_service_version: 0.15.1 - containerd_version: 1.7.11 -frp: - version: 0.51.3 - frpcPath: /root/apps/frpc - frpsPath: /root/apps/frps/ \ No newline at end of file diff --git a/vm/ansible/inventory/production.yml b/vm/ansible/inventory/production.yml deleted file mode 100644 index 39853d15..00000000 --- a/vm/ansible/inventory/production.yml +++ /dev/null @@ -1,45 +0,0 @@ -all: - children: - aws: - hosts: - 52.195.38.31 - hostyun: - hosts: - 45.159.50.206 - justhost-vps: - hosts: - 45.136.245.166 - pve-admin: - hosts: - 192.168.31.2 - pve-vm: - hosts: - 192.168.31.156: - 192.168.31.253: - 192.168.31.30: - 192.168.31.5: - 192.168.31.191: - 192.168.31.161: - frps: - children: - aws: - hostyun: - justhost-vps: - frpc: - children: - pve-admin: - cloud: - children: - hosts: - aws: - hostyun: - justhost-vps: - k8s: - children: - pve-vm: - local: - children: - hosts: - pve-admin: - pve-vm: - \ No newline at end of file diff --git a/vm/ansible/playbooks/roles/k8s-master/files/README.md b/vm/ansible/playbooks/roles/k8s-master/files/README.md deleted file mode 100644 index dc103ac3..00000000 --- a/vm/ansible/playbooks/roles/k8s-master/files/README.md +++ /dev/null @@ -1,48 +0,0 @@ -# pre - -- install k8s -- install tekton(将 tekton.yml dashboard.yml 中的 gcr.io 替换成 [gcr.m.daocloud.io] https://www.cnblogs.com/wubolive/p/17317586.html 中提供的) -- install dashboard -- install dashboard-ingress -- pve admin frpc - - ip route - - ```shell - default via 192.168.31.1 dev vmbr0 proto kernel onlink - 10.1.0.0/16 via 192.168.31.199 dev vmbr0 - 10.244.0.0/16 via 192.168.31.199 dev vmbr0 - 192.168.31.0/24 dev vmbr0 proto kernel scope link src 192.168.31.2 - ``` - -## tekton - -删除失败的管道运行: - -kubectl -n target-namespace delete pipelinerun $(kubectl -n target-namespace get pipelinerun -o jsonpath='{range .items[?(@.status.conditions[*].status=="False")]}{.metadata.name}{"\n"}{end}') - - -删除成功的管道 - -kubectl -n xxxx delete pipelinerun $(kubectl -n xxx get pipelinerun -o jsonpath='{range .items[?(@.status.conditions[*].status=="True")]}{.metadata.name}{"\n"}{end}') - -## argocd - -kubectl create namespace argocd -kubectl apply -n argocd -f https://raw.githubusercontent.com/argoproj/argo-cd/stable/manifests/install.yaml - -需要配置 configMap 将 server.insecure =》 true - -kubectl -n argocd get secret argocd-initial-admin-secret -o jsonpath="{.data.password}" | base64 -d; echo - -对于任何感兴趣的人来说,删除此资源的解决方法是删除在 kubernetes 集群中创建的密钥。 - -## 存储 - -### mysql - -- pve admin nfs - -## reference - -- https://www.lixueduan.com/posts/tekton/01-deploy-tekton/ -- [开发访问k8s集群的几种方法(路由和kt) ](https://www.cnblogs.com/skgoo/p/16896441.html) \ No newline at end of file diff --git a/vm/ansible/playbooks/roles/k8s-master/files/TODO.md b/vm/ansible/playbooks/roles/k8s-master/files/TODO.md deleted file mode 100644 index 9bd28f0a..00000000 --- a/vm/ansible/playbooks/roles/k8s-master/files/TODO.md +++ /dev/null @@ -1,37 +0,0 @@ -mac 远程操作集群 - -https://www.cnblogs.com/wubolive/p/11225486.html - -https://kubernetes.io/zh-cn/docs/tasks/tools/install-kubectl-macos/ - - -## ingress nginx 使用非 80 端口 - -https://docs.nginx.com/nginx-ingress-controller/tutorials/custom-listen-ports/ - - -kubectl describe pod -n nocturnal-chorus-player player-music-deployment-c97f89577-fgfqx - -kubectl get pods -A - -kubectl get pods -n nocturnal-chorus-player player-music-deployment-c97f89577-fgfqx - -kubectl logs -n nocturnal-chorus-player player-openapi-consumer-deployment-6994f5c8d5-cdqjn - -kubectl exec -it -n nocturnal-chorus-player player-openapi-consumer-deployment-6994f5c8d5-cdqjn bash - -kubectl delete pod -n nocturnal-chorus-player player-music-deployment-7fd758688f-mfr28 - -kubectl exec -n ingress-nginx -it ingress-nginx-controller-695bfc488d-pk655 bash - -- refence -- https://kubernetes.github.io/ingress-nginx/user-guide/nginx-configuration/configmap/ -- https://docs.nginx.com/nginx-ingress-controller/tutorials/custom-listen-ports/ - -## api - -https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#metadata - -## todo - -- rustdesk https://github.com/rustdesk/rustdesk/releases \ No newline at end of file diff --git a/vm/ansible/playbooks/roles/k8s-master/files/argocd/install/argocd-ingress.yml b/vm/ansible/playbooks/roles/k8s-master/files/argocd/install/argocd-ingress.yml deleted file mode 100644 index dfa4ea7f..00000000 --- a/vm/ansible/playbooks/roles/k8s-master/files/argocd/install/argocd-ingress.yml +++ /dev/null @@ -1,26 +0,0 @@ -apiVersion: networking.k8s.io/v1 -kind: Ingress -metadata: - name: argocd-server-ingress - namespace: argocd - annotations: - nginx.ingress.kubernetes.io/force-ssl-redirect: "false" - nginx.ingress.kubernetes.io/backend-protocol: "HTTP" - nginx.ingress.kubernetes.io/ssl-redirect: "false" -spec: - ingressClassName: nginx - rules: - - host: argocd.alomerry.com - http: - paths: - - path: / - pathType: Prefix - backend: - service: - name: argocd-server - port: - name: http - tls: - - hosts: - - argocd.alomerry.com - secretName: argocd-secret \ No newline at end of file diff --git a/vm/ansible/playbooks/roles/k8s-master/files/argocd/install/argocd.yml b/vm/ansible/playbooks/roles/k8s-master/files/argocd/install/argocd.yml deleted file mode 100644 index 4736fbd7..00000000 --- a/vm/ansible/playbooks/roles/k8s-master/files/argocd/install/argocd.yml +++ /dev/null @@ -1,327 +0,0 @@ ---- -apiVersion: apps/v1 -kind: Deployment -metadata: - labels: - app.kubernetes.io/component: server - app.kubernetes.io/name: argocd-server - app.kubernetes.io/part-of: argocd - name: argocd-server -spec: - selector: - matchLabels: - app.kubernetes.io/name: argocd-server - template: - metadata: - labels: - app.kubernetes.io/name: argocd-server - spec: - affinity: - podAntiAffinity: - preferredDuringSchedulingIgnoredDuringExecution: - - podAffinityTerm: - labelSelector: - matchLabels: - app.kubernetes.io/name: argocd-server - topologyKey: kubernetes.io/hostname - weight: 100 - - podAffinityTerm: - labelSelector: - matchLabels: - app.kubernetes.io/part-of: argocd - topologyKey: kubernetes.io/hostname - weight: 5 - containers: - - args: - - /usr/local/bin/argocd-server - env: - - name: ARGOCD_SERVER_INSECURE - valueFrom: - configMapKeyRef: - key: server.insecure - name: argocd-cmd-params-cm - optional: true - - name: ARGOCD_SERVER_BASEHREF - valueFrom: - configMapKeyRef: - key: server.basehref - name: argocd-cmd-params-cm - optional: true - - name: ARGOCD_SERVER_ROOTPATH - valueFrom: - configMapKeyRef: - key: server.rootpath - name: argocd-cmd-params-cm - optional: true - - name: ARGOCD_SERVER_LOGFORMAT - valueFrom: - configMapKeyRef: - key: server.log.format - name: argocd-cmd-params-cm - optional: true - - name: ARGOCD_SERVER_LOG_LEVEL - valueFrom: - configMapKeyRef: - key: server.log.level - name: argocd-cmd-params-cm - optional: true - - name: ARGOCD_SERVER_REPO_SERVER - valueFrom: - configMapKeyRef: - key: repo.server - name: argocd-cmd-params-cm - optional: true - - name: ARGOCD_SERVER_DEX_SERVER - valueFrom: - configMapKeyRef: - key: server.dex.server - name: argocd-cmd-params-cm - optional: true - - name: ARGOCD_SERVER_DISABLE_AUTH - valueFrom: - configMapKeyRef: - key: server.disable.auth - name: argocd-cmd-params-cm - optional: true - - name: ARGOCD_SERVER_ENABLE_GZIP - valueFrom: - configMapKeyRef: - key: server.enable.gzip - name: argocd-cmd-params-cm - optional: true - - name: ARGOCD_SERVER_REPO_SERVER_TIMEOUT_SECONDS - valueFrom: - configMapKeyRef: - key: server.repo.server.timeout.seconds - name: argocd-cmd-params-cm - optional: true - - name: ARGOCD_SERVER_X_FRAME_OPTIONS - valueFrom: - configMapKeyRef: - key: server.x.frame.options - name: argocd-cmd-params-cm - optional: true - - name: ARGOCD_SERVER_CONTENT_SECURITY_POLICY - valueFrom: - configMapKeyRef: - key: server.content.security.policy - name: argocd-cmd-params-cm - optional: true - - name: ARGOCD_SERVER_REPO_SERVER_PLAINTEXT - valueFrom: - configMapKeyRef: - key: server.repo.server.plaintext - name: argocd-cmd-params-cm - optional: true - - name: ARGOCD_SERVER_REPO_SERVER_STRICT_TLS - valueFrom: - configMapKeyRef: - key: server.repo.server.strict.tls - name: argocd-cmd-params-cm - optional: true - - name: ARGOCD_SERVER_DEX_SERVER_PLAINTEXT - valueFrom: - configMapKeyRef: - key: server.dex.server.plaintext - name: argocd-cmd-params-cm - optional: true - - name: ARGOCD_SERVER_DEX_SERVER_STRICT_TLS - valueFrom: - configMapKeyRef: - key: server.dex.server.strict.tls - name: argocd-cmd-params-cm - optional: true - - name: ARGOCD_TLS_MIN_VERSION - valueFrom: - configMapKeyRef: - key: server.tls.minversion - name: argocd-cmd-params-cm - optional: true - - name: ARGOCD_TLS_MAX_VERSION - valueFrom: - configMapKeyRef: - key: server.tls.maxversion - name: argocd-cmd-params-cm - optional: true - - name: ARGOCD_TLS_CIPHERS - valueFrom: - configMapKeyRef: - key: server.tls.ciphers - name: argocd-cmd-params-cm - optional: true - - name: ARGOCD_SERVER_CONNECTION_STATUS_CACHE_EXPIRATION - valueFrom: - configMapKeyRef: - key: server.connection.status.cache.expiration - name: argocd-cmd-params-cm - optional: true - - name: ARGOCD_SERVER_OIDC_CACHE_EXPIRATION - valueFrom: - configMapKeyRef: - key: server.oidc.cache.expiration - name: argocd-cmd-params-cm - optional: true - - name: ARGOCD_SERVER_LOGIN_ATTEMPTS_EXPIRATION - valueFrom: - configMapKeyRef: - key: server.login.attempts.expiration - name: argocd-cmd-params-cm - optional: true - - name: ARGOCD_SERVER_STATIC_ASSETS - valueFrom: - configMapKeyRef: - key: server.staticassets - name: argocd-cmd-params-cm - optional: true - - name: ARGOCD_APP_STATE_CACHE_EXPIRATION - valueFrom: - configMapKeyRef: - key: server.app.state.cache.expiration - name: argocd-cmd-params-cm - optional: true - - name: REDIS_SERVER - valueFrom: - configMapKeyRef: - key: redis.server - name: argocd-cmd-params-cm - optional: true - - name: REDIS_COMPRESSION - valueFrom: - configMapKeyRef: - key: redis.compression - name: argocd-cmd-params-cm - optional: true - - name: REDISDB - valueFrom: - configMapKeyRef: - key: redis.db - name: argocd-cmd-params-cm - optional: true - - name: ARGOCD_DEFAULT_CACHE_EXPIRATION - valueFrom: - configMapKeyRef: - key: server.default.cache.expiration - name: argocd-cmd-params-cm - optional: true - - name: ARGOCD_MAX_COOKIE_NUMBER - valueFrom: - configMapKeyRef: - key: server.http.cookie.maxnumber - name: argocd-cmd-params-cm - optional: true - - name: ARGOCD_SERVER_LISTEN_ADDRESS - valueFrom: - configMapKeyRef: - key: server.listen.address - name: argocd-cmd-params-cm - optional: true - - name: ARGOCD_SERVER_METRICS_LISTEN_ADDRESS - valueFrom: - configMapKeyRef: - key: server.metrics.listen.address - name: argocd-cmd-params-cm - optional: true - - name: ARGOCD_SERVER_OTLP_ADDRESS - valueFrom: - configMapKeyRef: - key: otlp.address - name: argocd-cmd-params-cm - optional: true - - name: ARGOCD_APPLICATION_NAMESPACES - valueFrom: - configMapKeyRef: - key: application.namespaces - name: argocd-cmd-params-cm - optional: true - - name: ARGOCD_SERVER_ENABLE_PROXY_EXTENSION - valueFrom: - configMapKeyRef: - key: server.enable.proxy.extension - name: argocd-cmd-params-cm - optional: true - image: quay.io/argoproj/argocd:v2.9.3 - imagePullPolicy: Always - livenessProbe: - httpGet: - path: /healthz?full=true - port: 8080 - initialDelaySeconds: 3 - periodSeconds: 30 - timeoutSeconds: 5 - name: argocd-server - ports: - - containerPort: 8080 - - containerPort: 8083 - readinessProbe: - httpGet: - path: /healthz - port: 8080 - initialDelaySeconds: 3 - periodSeconds: 30 - securityContext: - allowPrivilegeEscalation: false - capabilities: - drop: - - ALL - readOnlyRootFilesystem: true - runAsNonRoot: true - seccompProfile: - type: RuntimeDefault - volumeMounts: - - mountPath: /app/config/ssh - name: ssh-known-hosts - - mountPath: /app/config/tls - name: tls-certs - - mountPath: /app/config/server/tls - name: argocd-repo-server-tls - - mountPath: /app/config/dex/tls - name: argocd-dex-server-tls - - mountPath: /home/argocd - name: plugins-home - - mountPath: /tmp - name: tmp - serviceAccountName: argocd-server - volumes: - - emptyDir: {} - name: plugins-home - - emptyDir: {} - name: tmp - - configMap: - name: argocd-ssh-known-hosts-cm - name: ssh-known-hosts - - configMap: - name: argocd-tls-certs-cm - name: tls-certs - - name: argocd-repo-server-tls - secret: - items: - - key: tls.crt - path: tls.crt - - key: tls.key - path: tls.key - - key: ca.crt - path: ca.crt - optional: true - secretName: argocd-repo-server-tls - - name: argocd-dex-server-tls - secret: - items: - - key: tls.crt - path: tls.crt - - key: ca.crt - path: ca.crt - optional: true - secretName: argocd-dex-server-tls ---- -apiVersion: v1 -kind: ConfigMap -metadata: - labels: - app.kubernetes.io/name: argocd-cmd-params-cm - app.kubernetes.io/part-of: argocd - name: argocd-cmd-params-cm - namespace: argocd -data: - dexserver.disable.tls: "true" - server.insecure: "true" ---- diff --git a/vm/ansible/playbooks/roles/k8s-master/files/argocd/install/install-base.yml b/vm/ansible/playbooks/roles/k8s-master/files/argocd/install/install-base.yml deleted file mode 100644 index 2e5fbec1..00000000 --- a/vm/ansible/playbooks/roles/k8s-master/files/argocd/install/install-base.yml +++ /dev/null @@ -1,22040 +0,0 @@ -# This is an auto-generated file. DO NOT EDIT -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - labels: - app.kubernetes.io/name: applications.argoproj.io - app.kubernetes.io/part-of: argocd - name: applications.argoproj.io -spec: - group: argoproj.io - names: - kind: Application - listKind: ApplicationList - plural: applications - shortNames: - - app - - apps - singular: application - scope: Namespaced - versions: - - additionalPrinterColumns: - - jsonPath: .status.sync.status - name: Sync Status - type: string - - jsonPath: .status.health.status - name: Health Status - type: string - - jsonPath: .status.sync.revision - name: Revision - priority: 10 - type: string - name: v1alpha1 - schema: - openAPIV3Schema: - description: Application is a definition of Application resource. - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - operation: - description: Operation contains information about a requested or running - operation - properties: - info: - description: Info is a list of informational items for this operation - items: - properties: - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - initiatedBy: - description: InitiatedBy contains information about who initiated - the operations - properties: - automated: - description: Automated is set to true if operation was initiated - automatically by the application controller. - type: boolean - username: - description: Username contains the name of a user who started - operation - type: string - type: object - retry: - description: Retry controls the strategy to apply if a sync fails - properties: - backoff: - description: Backoff controls how to backoff on subsequent retries - of failed syncs - properties: - duration: - description: Duration is the amount to back off. Default unit - is seconds, but could also be a duration (e.g. "2m", "1h") - type: string - factor: - description: Factor is a factor to multiply the base duration - after each failed retry - format: int64 - type: integer - maxDuration: - description: MaxDuration is the maximum amount of time allowed - for the backoff strategy - type: string - type: object - limit: - description: Limit is the maximum number of attempts for retrying - a failed sync. If set to 0, no retries will be performed. - format: int64 - type: integer - type: object - sync: - description: Sync contains parameters for the operation - properties: - dryRun: - description: DryRun specifies to perform a `kubectl apply --dry-run` - without actually performing the sync - type: boolean - manifests: - description: Manifests is an optional field that overrides sync - source with a local directory for development - items: - type: string - type: array - prune: - description: Prune specifies to delete resources from the cluster - that are no longer tracked in git - type: boolean - resources: - description: Resources describes which resources shall be part - of the sync - items: - description: SyncOperationResource contains resources to sync. - properties: - group: - type: string - kind: - type: string - name: - type: string - namespace: - type: string - required: - - kind - - name - type: object - type: array - revision: - description: Revision is the revision (Git) or chart version (Helm) - which to sync the application to If omitted, will use the revision - specified in app spec. - type: string - revisions: - description: Revisions is the list of revision (Git) or chart - version (Helm) which to sync each source in sources field for - the application to If omitted, will use the revision specified - in app spec. - items: - type: string - type: array - source: - description: Source overrides the source definition set in the - application. This is typically set in a Rollback operation and - is nil during a Sync operation - properties: - chart: - description: Chart is a Helm chart name, and must be specified - for applications sourced from a Helm repo. - type: string - directory: - description: Directory holds path/directory specific options - properties: - exclude: - description: Exclude contains a glob pattern to match - paths against that should be explicitly excluded from - being used during manifest generation - type: string - include: - description: Include contains a glob pattern to match - paths against that should be explicitly included during - manifest generation - type: string - jsonnet: - description: Jsonnet holds options specific to Jsonnet - properties: - extVars: - description: ExtVars is a list of Jsonnet External - Variables - items: - description: JsonnetVar represents a variable to - be passed to jsonnet during manifest generation - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - libs: - description: Additional library search dirs - items: - type: string - type: array - tlas: - description: TLAS is a list of Jsonnet Top-level Arguments - items: - description: JsonnetVar represents a variable to - be passed to jsonnet during manifest generation - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - type: object - recurse: - description: Recurse specifies whether to scan a directory - recursively for manifests - type: boolean - type: object - helm: - description: Helm holds helm specific options - properties: - fileParameters: - description: FileParameters are file parameters to the - helm template - items: - description: HelmFileParameter is a file parameter that's - passed to helm template during manifest generation - properties: - name: - description: Name is the name of the Helm parameter - type: string - path: - description: Path is the path to the file containing - the values for the Helm parameter - type: string - type: object - type: array - ignoreMissingValueFiles: - description: IgnoreMissingValueFiles prevents helm template - from failing when valueFiles do not exist locally by - not appending them to helm template --values - type: boolean - parameters: - description: Parameters is a list of Helm parameters which - are passed to the helm template command upon manifest - generation - items: - description: HelmParameter is a parameter that's passed - to helm template during manifest generation - properties: - forceString: - description: ForceString determines whether to tell - Helm to interpret booleans and numbers as strings - type: boolean - name: - description: Name is the name of the Helm parameter - type: string - value: - description: Value is the value for the Helm parameter - type: string - type: object - type: array - passCredentials: - description: PassCredentials pass credentials to all domains - (Helm's --pass-credentials) - type: boolean - releaseName: - description: ReleaseName is the Helm release name to use. - If omitted it will use the application name - type: string - skipCrds: - description: SkipCrds skips custom resource definition - installation step (Helm's --skip-crds) - type: boolean - valueFiles: - description: ValuesFiles is a list of Helm value files - to use when generating a template - items: - type: string - type: array - values: - description: Values specifies Helm values to be passed - to helm template, typically defined as a block. ValuesObject - takes precedence over Values, so use one or the other. - type: string - valuesObject: - description: ValuesObject specifies Helm values to be - passed to helm template, defined as a map. This takes - precedence over Values. - type: object - x-kubernetes-preserve-unknown-fields: true - version: - description: Version is the Helm version to use for templating - ("3") - type: string - type: object - kustomize: - description: Kustomize holds kustomize specific options - properties: - commonAnnotations: - additionalProperties: - type: string - description: CommonAnnotations is a list of additional - annotations to add to rendered manifests - type: object - commonAnnotationsEnvsubst: - description: CommonAnnotationsEnvsubst specifies whether - to apply env variables substitution for annotation values - type: boolean - commonLabels: - additionalProperties: - type: string - description: CommonLabels is a list of additional labels - to add to rendered manifests - type: object - forceCommonAnnotations: - description: ForceCommonAnnotations specifies whether - to force applying common annotations to resources for - Kustomize apps - type: boolean - forceCommonLabels: - description: ForceCommonLabels specifies whether to force - applying common labels to resources for Kustomize apps - type: boolean - images: - description: Images is a list of Kustomize image override - specifications - items: - description: KustomizeImage represents a Kustomize image - definition in the format [old_image_name=]: - type: string - type: array - namePrefix: - description: NamePrefix is a prefix appended to resources - for Kustomize apps - type: string - nameSuffix: - description: NameSuffix is a suffix appended to resources - for Kustomize apps - type: string - namespace: - description: Namespace sets the namespace that Kustomize - adds to all resources - type: string - patches: - description: Patches is a list of Kustomize patches - items: - properties: - options: - additionalProperties: - type: boolean - type: object - patch: - type: string - path: - type: string - target: - properties: - annotationSelector: - type: string - group: - type: string - kind: - type: string - labelSelector: - type: string - name: - type: string - namespace: - type: string - version: - type: string - type: object - type: object - type: array - replicas: - description: Replicas is a list of Kustomize Replicas - override specifications - items: - properties: - count: - anyOf: - - type: integer - - type: string - description: Number of replicas - x-kubernetes-int-or-string: true - name: - description: Name of Deployment or StatefulSet - type: string - required: - - count - - name - type: object - type: array - version: - description: Version controls which version of Kustomize - to use for rendering manifests - type: string - type: object - path: - description: Path is a directory path within the Git repository, - and is only valid for applications sourced from Git. - type: string - plugin: - description: Plugin holds config management plugin specific - options - properties: - env: - description: Env is a list of environment variable entries - items: - description: EnvEntry represents an entry in the application's - environment - properties: - name: - description: Name is the name of the variable, usually - expressed in uppercase - type: string - value: - description: Value is the value of the variable - type: string - required: - - name - - value - type: object - type: array - name: - type: string - parameters: - items: - properties: - array: - description: Array is the value of an array type - parameter. - items: - type: string - type: array - map: - additionalProperties: - type: string - description: Map is the value of a map type parameter. - type: object - name: - description: Name is the name identifying a parameter. - type: string - string: - description: String_ is the value of a string type - parameter. - type: string - type: object - type: array - type: object - ref: - description: Ref is reference to another source within sources - field. This field will not be used if used with a `source` - tag. - type: string - repoURL: - description: RepoURL is the URL to the repository (Git or - Helm) that contains the application manifests - type: string - targetRevision: - description: TargetRevision defines the revision of the source - to sync the application to. In case of Git, this can be - commit, tag, or branch. If omitted, will equal to HEAD. - In case of Helm, this is a semver tag for the Chart's version. - type: string - required: - - repoURL - type: object - sources: - description: Sources overrides the source definition set in the - application. This is typically set in a Rollback operation and - is nil during a Sync operation - items: - description: ApplicationSource contains all required information - about the source of an application - properties: - chart: - description: Chart is a Helm chart name, and must be specified - for applications sourced from a Helm repo. - type: string - directory: - description: Directory holds path/directory specific options - properties: - exclude: - description: Exclude contains a glob pattern to match - paths against that should be explicitly excluded from - being used during manifest generation - type: string - include: - description: Include contains a glob pattern to match - paths against that should be explicitly included during - manifest generation - type: string - jsonnet: - description: Jsonnet holds options specific to Jsonnet - properties: - extVars: - description: ExtVars is a list of Jsonnet External - Variables - items: - description: JsonnetVar represents a variable - to be passed to jsonnet during manifest generation - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - libs: - description: Additional library search dirs - items: - type: string - type: array - tlas: - description: TLAS is a list of Jsonnet Top-level - Arguments - items: - description: JsonnetVar represents a variable - to be passed to jsonnet during manifest generation - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - type: object - recurse: - description: Recurse specifies whether to scan a directory - recursively for manifests - type: boolean - type: object - helm: - description: Helm holds helm specific options - properties: - fileParameters: - description: FileParameters are file parameters to the - helm template - items: - description: HelmFileParameter is a file parameter - that's passed to helm template during manifest generation - properties: - name: - description: Name is the name of the Helm parameter - type: string - path: - description: Path is the path to the file containing - the values for the Helm parameter - type: string - type: object - type: array - ignoreMissingValueFiles: - description: IgnoreMissingValueFiles prevents helm template - from failing when valueFiles do not exist locally - by not appending them to helm template --values - type: boolean - parameters: - description: Parameters is a list of Helm parameters - which are passed to the helm template command upon - manifest generation - items: - description: HelmParameter is a parameter that's passed - to helm template during manifest generation - properties: - forceString: - description: ForceString determines whether to - tell Helm to interpret booleans and numbers - as strings - type: boolean - name: - description: Name is the name of the Helm parameter - type: string - value: - description: Value is the value for the Helm parameter - type: string - type: object - type: array - passCredentials: - description: PassCredentials pass credentials to all - domains (Helm's --pass-credentials) - type: boolean - releaseName: - description: ReleaseName is the Helm release name to - use. If omitted it will use the application name - type: string - skipCrds: - description: SkipCrds skips custom resource definition - installation step (Helm's --skip-crds) - type: boolean - valueFiles: - description: ValuesFiles is a list of Helm value files - to use when generating a template - items: - type: string - type: array - values: - description: Values specifies Helm values to be passed - to helm template, typically defined as a block. ValuesObject - takes precedence over Values, so use one or the other. - type: string - valuesObject: - description: ValuesObject specifies Helm values to be - passed to helm template, defined as a map. This takes - precedence over Values. - type: object - x-kubernetes-preserve-unknown-fields: true - version: - description: Version is the Helm version to use for - templating ("3") - type: string - type: object - kustomize: - description: Kustomize holds kustomize specific options - properties: - commonAnnotations: - additionalProperties: - type: string - description: CommonAnnotations is a list of additional - annotations to add to rendered manifests - type: object - commonAnnotationsEnvsubst: - description: CommonAnnotationsEnvsubst specifies whether - to apply env variables substitution for annotation - values - type: boolean - commonLabels: - additionalProperties: - type: string - description: CommonLabels is a list of additional labels - to add to rendered manifests - type: object - forceCommonAnnotations: - description: ForceCommonAnnotations specifies whether - to force applying common annotations to resources - for Kustomize apps - type: boolean - forceCommonLabels: - description: ForceCommonLabels specifies whether to - force applying common labels to resources for Kustomize - apps - type: boolean - images: - description: Images is a list of Kustomize image override - specifications - items: - description: KustomizeImage represents a Kustomize - image definition in the format [old_image_name=]: - type: string - type: array - namePrefix: - description: NamePrefix is a prefix appended to resources - for Kustomize apps - type: string - nameSuffix: - description: NameSuffix is a suffix appended to resources - for Kustomize apps - type: string - namespace: - description: Namespace sets the namespace that Kustomize - adds to all resources - type: string - patches: - description: Patches is a list of Kustomize patches - items: - properties: - options: - additionalProperties: - type: boolean - type: object - patch: - type: string - path: - type: string - target: - properties: - annotationSelector: - type: string - group: - type: string - kind: - type: string - labelSelector: - type: string - name: - type: string - namespace: - type: string - version: - type: string - type: object - type: object - type: array - replicas: - description: Replicas is a list of Kustomize Replicas - override specifications - items: - properties: - count: - anyOf: - - type: integer - - type: string - description: Number of replicas - x-kubernetes-int-or-string: true - name: - description: Name of Deployment or StatefulSet - type: string - required: - - count - - name - type: object - type: array - version: - description: Version controls which version of Kustomize - to use for rendering manifests - type: string - type: object - path: - description: Path is a directory path within the Git repository, - and is only valid for applications sourced from Git. - type: string - plugin: - description: Plugin holds config management plugin specific - options - properties: - env: - description: Env is a list of environment variable entries - items: - description: EnvEntry represents an entry in the application's - environment - properties: - name: - description: Name is the name of the variable, - usually expressed in uppercase - type: string - value: - description: Value is the value of the variable - type: string - required: - - name - - value - type: object - type: array - name: - type: string - parameters: - items: - properties: - array: - description: Array is the value of an array type - parameter. - items: - type: string - type: array - map: - additionalProperties: - type: string - description: Map is the value of a map type parameter. - type: object - name: - description: Name is the name identifying a parameter. - type: string - string: - description: String_ is the value of a string - type parameter. - type: string - type: object - type: array - type: object - ref: - description: Ref is reference to another source within sources - field. This field will not be used if used with a `source` - tag. - type: string - repoURL: - description: RepoURL is the URL to the repository (Git or - Helm) that contains the application manifests - type: string - targetRevision: - description: TargetRevision defines the revision of the - source to sync the application to. In case of Git, this - can be commit, tag, or branch. If omitted, will equal - to HEAD. In case of Helm, this is a semver tag for the - Chart's version. - type: string - required: - - repoURL - type: object - type: array - syncOptions: - description: SyncOptions provide per-sync sync-options, e.g. Validate=false - items: - type: string - type: array - syncStrategy: - description: SyncStrategy describes how to perform the sync - properties: - apply: - description: Apply will perform a `kubectl apply` to perform - the sync. - properties: - force: - description: Force indicates whether or not to supply - the --force flag to `kubectl apply`. The --force flag - deletes and re-create the resource, when PATCH encounters - conflict and has retried for 5 times. - type: boolean - type: object - hook: - description: Hook will submit any referenced resources to - perform the sync. This is the default strategy - properties: - force: - description: Force indicates whether or not to supply - the --force flag to `kubectl apply`. The --force flag - deletes and re-create the resource, when PATCH encounters - conflict and has retried for 5 times. - type: boolean - type: object - type: object - type: object - type: object - spec: - description: ApplicationSpec represents desired application state. Contains - link to repository with application definition and additional parameters - link definition revision. - properties: - destination: - description: Destination is a reference to the target Kubernetes server - and namespace - properties: - name: - description: Name is an alternate way of specifying the target - cluster by its symbolic name. This must be set if Server is - not set. - type: string - namespace: - description: Namespace specifies the target namespace for the - application's resources. The namespace will only be set for - namespace-scoped resources that have not set a value for .metadata.namespace - type: string - server: - description: Server specifies the URL of the target cluster's - Kubernetes control plane API. This must be set if Name is not - set. - type: string - type: object - ignoreDifferences: - description: IgnoreDifferences is a list of resources and their fields - which should be ignored during comparison - items: - description: ResourceIgnoreDifferences contains resource filter - and list of json paths which should be ignored during comparison - with live state. - properties: - group: - type: string - jqPathExpressions: - items: - type: string - type: array - jsonPointers: - items: - type: string - type: array - kind: - type: string - managedFieldsManagers: - description: ManagedFieldsManagers is a list of trusted managers. - Fields mutated by those managers will take precedence over - the desired state defined in the SCM and won't be displayed - in diffs - items: - type: string - type: array - name: - type: string - namespace: - type: string - required: - - kind - type: object - type: array - info: - description: Info contains a list of information (URLs, email addresses, - and plain text) that relates to the application - items: - properties: - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - project: - description: Project is a reference to the project this application - belongs to. The empty string means that application belongs to the - 'default' project. - type: string - revisionHistoryLimit: - description: RevisionHistoryLimit limits the number of items kept - in the application's revision history, which is used for informational - purposes as well as for rollbacks to previous versions. This should - only be changed in exceptional circumstances. Setting to zero will - store no history. This will reduce storage used. Increasing will - increase the space used to store the history, so we do not recommend - increasing it. Default is 10. - format: int64 - type: integer - source: - description: Source is a reference to the location of the application's - manifests or chart - properties: - chart: - description: Chart is a Helm chart name, and must be specified - for applications sourced from a Helm repo. - type: string - directory: - description: Directory holds path/directory specific options - properties: - exclude: - description: Exclude contains a glob pattern to match paths - against that should be explicitly excluded from being used - during manifest generation - type: string - include: - description: Include contains a glob pattern to match paths - against that should be explicitly included during manifest - generation - type: string - jsonnet: - description: Jsonnet holds options specific to Jsonnet - properties: - extVars: - description: ExtVars is a list of Jsonnet External Variables - items: - description: JsonnetVar represents a variable to be - passed to jsonnet during manifest generation - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - libs: - description: Additional library search dirs - items: - type: string - type: array - tlas: - description: TLAS is a list of Jsonnet Top-level Arguments - items: - description: JsonnetVar represents a variable to be - passed to jsonnet during manifest generation - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - type: object - recurse: - description: Recurse specifies whether to scan a directory - recursively for manifests - type: boolean - type: object - helm: - description: Helm holds helm specific options - properties: - fileParameters: - description: FileParameters are file parameters to the helm - template - items: - description: HelmFileParameter is a file parameter that's - passed to helm template during manifest generation - properties: - name: - description: Name is the name of the Helm parameter - type: string - path: - description: Path is the path to the file containing - the values for the Helm parameter - type: string - type: object - type: array - ignoreMissingValueFiles: - description: IgnoreMissingValueFiles prevents helm template - from failing when valueFiles do not exist locally by not - appending them to helm template --values - type: boolean - parameters: - description: Parameters is a list of Helm parameters which - are passed to the helm template command upon manifest generation - items: - description: HelmParameter is a parameter that's passed - to helm template during manifest generation - properties: - forceString: - description: ForceString determines whether to tell - Helm to interpret booleans and numbers as strings - type: boolean - name: - description: Name is the name of the Helm parameter - type: string - value: - description: Value is the value for the Helm parameter - type: string - type: object - type: array - passCredentials: - description: PassCredentials pass credentials to all domains - (Helm's --pass-credentials) - type: boolean - releaseName: - description: ReleaseName is the Helm release name to use. - If omitted it will use the application name - type: string - skipCrds: - description: SkipCrds skips custom resource definition installation - step (Helm's --skip-crds) - type: boolean - valueFiles: - description: ValuesFiles is a list of Helm value files to - use when generating a template - items: - type: string - type: array - values: - description: Values specifies Helm values to be passed to - helm template, typically defined as a block. ValuesObject - takes precedence over Values, so use one or the other. - type: string - valuesObject: - description: ValuesObject specifies Helm values to be passed - to helm template, defined as a map. This takes precedence - over Values. - type: object - x-kubernetes-preserve-unknown-fields: true - version: - description: Version is the Helm version to use for templating - ("3") - type: string - type: object - kustomize: - description: Kustomize holds kustomize specific options - properties: - commonAnnotations: - additionalProperties: - type: string - description: CommonAnnotations is a list of additional annotations - to add to rendered manifests - type: object - commonAnnotationsEnvsubst: - description: CommonAnnotationsEnvsubst specifies whether to - apply env variables substitution for annotation values - type: boolean - commonLabels: - additionalProperties: - type: string - description: CommonLabels is a list of additional labels to - add to rendered manifests - type: object - forceCommonAnnotations: - description: ForceCommonAnnotations specifies whether to force - applying common annotations to resources for Kustomize apps - type: boolean - forceCommonLabels: - description: ForceCommonLabels specifies whether to force - applying common labels to resources for Kustomize apps - type: boolean - images: - description: Images is a list of Kustomize image override - specifications - items: - description: KustomizeImage represents a Kustomize image - definition in the format [old_image_name=]: - type: string - type: array - namePrefix: - description: NamePrefix is a prefix appended to resources - for Kustomize apps - type: string - nameSuffix: - description: NameSuffix is a suffix appended to resources - for Kustomize apps - type: string - namespace: - description: Namespace sets the namespace that Kustomize adds - to all resources - type: string - patches: - description: Patches is a list of Kustomize patches - items: - properties: - options: - additionalProperties: - type: boolean - type: object - patch: - type: string - path: - type: string - target: - properties: - annotationSelector: - type: string - group: - type: string - kind: - type: string - labelSelector: - type: string - name: - type: string - namespace: - type: string - version: - type: string - type: object - type: object - type: array - replicas: - description: Replicas is a list of Kustomize Replicas override - specifications - items: - properties: - count: - anyOf: - - type: integer - - type: string - description: Number of replicas - x-kubernetes-int-or-string: true - name: - description: Name of Deployment or StatefulSet - type: string - required: - - count - - name - type: object - type: array - version: - description: Version controls which version of Kustomize to - use for rendering manifests - type: string - type: object - path: - description: Path is a directory path within the Git repository, - and is only valid for applications sourced from Git. - type: string - plugin: - description: Plugin holds config management plugin specific options - properties: - env: - description: Env is a list of environment variable entries - items: - description: EnvEntry represents an entry in the application's - environment - properties: - name: - description: Name is the name of the variable, usually - expressed in uppercase - type: string - value: - description: Value is the value of the variable - type: string - required: - - name - - value - type: object - type: array - name: - type: string - parameters: - items: - properties: - array: - description: Array is the value of an array type parameter. - items: - type: string - type: array - map: - additionalProperties: - type: string - description: Map is the value of a map type parameter. - type: object - name: - description: Name is the name identifying a parameter. - type: string - string: - description: String_ is the value of a string type parameter. - type: string - type: object - type: array - type: object - ref: - description: Ref is reference to another source within sources - field. This field will not be used if used with a `source` tag. - type: string - repoURL: - description: RepoURL is the URL to the repository (Git or Helm) - that contains the application manifests - type: string - targetRevision: - description: TargetRevision defines the revision of the source - to sync the application to. In case of Git, this can be commit, - tag, or branch. If omitted, will equal to HEAD. In case of Helm, - this is a semver tag for the Chart's version. - type: string - required: - - repoURL - type: object - sources: - description: Sources is a reference to the location of the application's - manifests or chart - items: - description: ApplicationSource contains all required information - about the source of an application - properties: - chart: - description: Chart is a Helm chart name, and must be specified - for applications sourced from a Helm repo. - type: string - directory: - description: Directory holds path/directory specific options - properties: - exclude: - description: Exclude contains a glob pattern to match paths - against that should be explicitly excluded from being - used during manifest generation - type: string - include: - description: Include contains a glob pattern to match paths - against that should be explicitly included during manifest - generation - type: string - jsonnet: - description: Jsonnet holds options specific to Jsonnet - properties: - extVars: - description: ExtVars is a list of Jsonnet External Variables - items: - description: JsonnetVar represents a variable to be - passed to jsonnet during manifest generation - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - libs: - description: Additional library search dirs - items: - type: string - type: array - tlas: - description: TLAS is a list of Jsonnet Top-level Arguments - items: - description: JsonnetVar represents a variable to be - passed to jsonnet during manifest generation - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - type: object - recurse: - description: Recurse specifies whether to scan a directory - recursively for manifests - type: boolean - type: object - helm: - description: Helm holds helm specific options - properties: - fileParameters: - description: FileParameters are file parameters to the helm - template - items: - description: HelmFileParameter is a file parameter that's - passed to helm template during manifest generation - properties: - name: - description: Name is the name of the Helm parameter - type: string - path: - description: Path is the path to the file containing - the values for the Helm parameter - type: string - type: object - type: array - ignoreMissingValueFiles: - description: IgnoreMissingValueFiles prevents helm template - from failing when valueFiles do not exist locally by not - appending them to helm template --values - type: boolean - parameters: - description: Parameters is a list of Helm parameters which - are passed to the helm template command upon manifest - generation - items: - description: HelmParameter is a parameter that's passed - to helm template during manifest generation - properties: - forceString: - description: ForceString determines whether to tell - Helm to interpret booleans and numbers as strings - type: boolean - name: - description: Name is the name of the Helm parameter - type: string - value: - description: Value is the value for the Helm parameter - type: string - type: object - type: array - passCredentials: - description: PassCredentials pass credentials to all domains - (Helm's --pass-credentials) - type: boolean - releaseName: - description: ReleaseName is the Helm release name to use. - If omitted it will use the application name - type: string - skipCrds: - description: SkipCrds skips custom resource definition installation - step (Helm's --skip-crds) - type: boolean - valueFiles: - description: ValuesFiles is a list of Helm value files to - use when generating a template - items: - type: string - type: array - values: - description: Values specifies Helm values to be passed to - helm template, typically defined as a block. ValuesObject - takes precedence over Values, so use one or the other. - type: string - valuesObject: - description: ValuesObject specifies Helm values to be passed - to helm template, defined as a map. This takes precedence - over Values. - type: object - x-kubernetes-preserve-unknown-fields: true - version: - description: Version is the Helm version to use for templating - ("3") - type: string - type: object - kustomize: - description: Kustomize holds kustomize specific options - properties: - commonAnnotations: - additionalProperties: - type: string - description: CommonAnnotations is a list of additional annotations - to add to rendered manifests - type: object - commonAnnotationsEnvsubst: - description: CommonAnnotationsEnvsubst specifies whether - to apply env variables substitution for annotation values - type: boolean - commonLabels: - additionalProperties: - type: string - description: CommonLabels is a list of additional labels - to add to rendered manifests - type: object - forceCommonAnnotations: - description: ForceCommonAnnotations specifies whether to - force applying common annotations to resources for Kustomize - apps - type: boolean - forceCommonLabels: - description: ForceCommonLabels specifies whether to force - applying common labels to resources for Kustomize apps - type: boolean - images: - description: Images is a list of Kustomize image override - specifications - items: - description: KustomizeImage represents a Kustomize image - definition in the format [old_image_name=]: - type: string - type: array - namePrefix: - description: NamePrefix is a prefix appended to resources - for Kustomize apps - type: string - nameSuffix: - description: NameSuffix is a suffix appended to resources - for Kustomize apps - type: string - namespace: - description: Namespace sets the namespace that Kustomize - adds to all resources - type: string - patches: - description: Patches is a list of Kustomize patches - items: - properties: - options: - additionalProperties: - type: boolean - type: object - patch: - type: string - path: - type: string - target: - properties: - annotationSelector: - type: string - group: - type: string - kind: - type: string - labelSelector: - type: string - name: - type: string - namespace: - type: string - version: - type: string - type: object - type: object - type: array - replicas: - description: Replicas is a list of Kustomize Replicas override - specifications - items: - properties: - count: - anyOf: - - type: integer - - type: string - description: Number of replicas - x-kubernetes-int-or-string: true - name: - description: Name of Deployment or StatefulSet - type: string - required: - - count - - name - type: object - type: array - version: - description: Version controls which version of Kustomize - to use for rendering manifests - type: string - type: object - path: - description: Path is a directory path within the Git repository, - and is only valid for applications sourced from Git. - type: string - plugin: - description: Plugin holds config management plugin specific - options - properties: - env: - description: Env is a list of environment variable entries - items: - description: EnvEntry represents an entry in the application's - environment - properties: - name: - description: Name is the name of the variable, usually - expressed in uppercase - type: string - value: - description: Value is the value of the variable - type: string - required: - - name - - value - type: object - type: array - name: - type: string - parameters: - items: - properties: - array: - description: Array is the value of an array type parameter. - items: - type: string - type: array - map: - additionalProperties: - type: string - description: Map is the value of a map type parameter. - type: object - name: - description: Name is the name identifying a parameter. - type: string - string: - description: String_ is the value of a string type - parameter. - type: string - type: object - type: array - type: object - ref: - description: Ref is reference to another source within sources - field. This field will not be used if used with a `source` - tag. - type: string - repoURL: - description: RepoURL is the URL to the repository (Git or Helm) - that contains the application manifests - type: string - targetRevision: - description: TargetRevision defines the revision of the source - to sync the application to. In case of Git, this can be commit, - tag, or branch. If omitted, will equal to HEAD. In case of - Helm, this is a semver tag for the Chart's version. - type: string - required: - - repoURL - type: object - type: array - syncPolicy: - description: SyncPolicy controls when and how a sync will be performed - properties: - automated: - description: Automated will keep an application synced to the - target revision - properties: - allowEmpty: - description: 'AllowEmpty allows apps have zero live resources - (default: false)' - type: boolean - prune: - description: 'Prune specifies whether to delete resources - from the cluster that are not found in the sources anymore - as part of automated sync (default: false)' - type: boolean - selfHeal: - description: 'SelfHeal specifies whether to revert resources - back to their desired state upon modification in the cluster - (default: false)' - type: boolean - type: object - managedNamespaceMetadata: - description: ManagedNamespaceMetadata controls metadata in the - given namespace (if CreateNamespace=true) - properties: - annotations: - additionalProperties: - type: string - type: object - labels: - additionalProperties: - type: string - type: object - type: object - retry: - description: Retry controls failed sync retry behavior - properties: - backoff: - description: Backoff controls how to backoff on subsequent - retries of failed syncs - properties: - duration: - description: Duration is the amount to back off. Default - unit is seconds, but could also be a duration (e.g. - "2m", "1h") - type: string - factor: - description: Factor is a factor to multiply the base duration - after each failed retry - format: int64 - type: integer - maxDuration: - description: MaxDuration is the maximum amount of time - allowed for the backoff strategy - type: string - type: object - limit: - description: Limit is the maximum number of attempts for retrying - a failed sync. If set to 0, no retries will be performed. - format: int64 - type: integer - type: object - syncOptions: - description: Options allow you to specify whole app sync-options - items: - type: string - type: array - type: object - required: - - destination - - project - type: object - status: - description: ApplicationStatus contains status information for the application - properties: - conditions: - description: Conditions is a list of currently observed application - conditions - items: - description: ApplicationCondition contains details about an application - condition, which is usually an error or warning - properties: - lastTransitionTime: - description: LastTransitionTime is the time the condition was - last observed - format: date-time - type: string - message: - description: Message contains human-readable message indicating - details about condition - type: string - type: - description: Type is an application condition type - type: string - required: - - message - - type - type: object - type: array - controllerNamespace: - description: ControllerNamespace indicates the namespace in which - the application controller is located - type: string - health: - description: Health contains information about the application's current - health status - properties: - message: - description: Message is a human-readable informational message - describing the health status - type: string - status: - description: Status holds the status code of the application or - resource - type: string - type: object - history: - description: History contains information about the application's - sync history - items: - description: RevisionHistory contains history information about - a previous sync - properties: - deployStartedAt: - description: DeployStartedAt holds the time the sync operation - started - format: date-time - type: string - deployedAt: - description: DeployedAt holds the time the sync operation completed - format: date-time - type: string - id: - description: ID is an auto incrementing identifier of the RevisionHistory - format: int64 - type: integer - revision: - description: Revision holds the revision the sync was performed - against - type: string - revisions: - description: Revisions holds the revision of each source in - sources field the sync was performed against - items: - type: string - type: array - source: - description: Source is a reference to the application source - used for the sync operation - properties: - chart: - description: Chart is a Helm chart name, and must be specified - for applications sourced from a Helm repo. - type: string - directory: - description: Directory holds path/directory specific options - properties: - exclude: - description: Exclude contains a glob pattern to match - paths against that should be explicitly excluded from - being used during manifest generation - type: string - include: - description: Include contains a glob pattern to match - paths against that should be explicitly included during - manifest generation - type: string - jsonnet: - description: Jsonnet holds options specific to Jsonnet - properties: - extVars: - description: ExtVars is a list of Jsonnet External - Variables - items: - description: JsonnetVar represents a variable - to be passed to jsonnet during manifest generation - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - libs: - description: Additional library search dirs - items: - type: string - type: array - tlas: - description: TLAS is a list of Jsonnet Top-level - Arguments - items: - description: JsonnetVar represents a variable - to be passed to jsonnet during manifest generation - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - type: object - recurse: - description: Recurse specifies whether to scan a directory - recursively for manifests - type: boolean - type: object - helm: - description: Helm holds helm specific options - properties: - fileParameters: - description: FileParameters are file parameters to the - helm template - items: - description: HelmFileParameter is a file parameter - that's passed to helm template during manifest generation - properties: - name: - description: Name is the name of the Helm parameter - type: string - path: - description: Path is the path to the file containing - the values for the Helm parameter - type: string - type: object - type: array - ignoreMissingValueFiles: - description: IgnoreMissingValueFiles prevents helm template - from failing when valueFiles do not exist locally - by not appending them to helm template --values - type: boolean - parameters: - description: Parameters is a list of Helm parameters - which are passed to the helm template command upon - manifest generation - items: - description: HelmParameter is a parameter that's passed - to helm template during manifest generation - properties: - forceString: - description: ForceString determines whether to - tell Helm to interpret booleans and numbers - as strings - type: boolean - name: - description: Name is the name of the Helm parameter - type: string - value: - description: Value is the value for the Helm parameter - type: string - type: object - type: array - passCredentials: - description: PassCredentials pass credentials to all - domains (Helm's --pass-credentials) - type: boolean - releaseName: - description: ReleaseName is the Helm release name to - use. If omitted it will use the application name - type: string - skipCrds: - description: SkipCrds skips custom resource definition - installation step (Helm's --skip-crds) - type: boolean - valueFiles: - description: ValuesFiles is a list of Helm value files - to use when generating a template - items: - type: string - type: array - values: - description: Values specifies Helm values to be passed - to helm template, typically defined as a block. ValuesObject - takes precedence over Values, so use one or the other. - type: string - valuesObject: - description: ValuesObject specifies Helm values to be - passed to helm template, defined as a map. This takes - precedence over Values. - type: object - x-kubernetes-preserve-unknown-fields: true - version: - description: Version is the Helm version to use for - templating ("3") - type: string - type: object - kustomize: - description: Kustomize holds kustomize specific options - properties: - commonAnnotations: - additionalProperties: - type: string - description: CommonAnnotations is a list of additional - annotations to add to rendered manifests - type: object - commonAnnotationsEnvsubst: - description: CommonAnnotationsEnvsubst specifies whether - to apply env variables substitution for annotation - values - type: boolean - commonLabels: - additionalProperties: - type: string - description: CommonLabels is a list of additional labels - to add to rendered manifests - type: object - forceCommonAnnotations: - description: ForceCommonAnnotations specifies whether - to force applying common annotations to resources - for Kustomize apps - type: boolean - forceCommonLabels: - description: ForceCommonLabels specifies whether to - force applying common labels to resources for Kustomize - apps - type: boolean - images: - description: Images is a list of Kustomize image override - specifications - items: - description: KustomizeImage represents a Kustomize - image definition in the format [old_image_name=]: - type: string - type: array - namePrefix: - description: NamePrefix is a prefix appended to resources - for Kustomize apps - type: string - nameSuffix: - description: NameSuffix is a suffix appended to resources - for Kustomize apps - type: string - namespace: - description: Namespace sets the namespace that Kustomize - adds to all resources - type: string - patches: - description: Patches is a list of Kustomize patches - items: - properties: - options: - additionalProperties: - type: boolean - type: object - patch: - type: string - path: - type: string - target: - properties: - annotationSelector: - type: string - group: - type: string - kind: - type: string - labelSelector: - type: string - name: - type: string - namespace: - type: string - version: - type: string - type: object - type: object - type: array - replicas: - description: Replicas is a list of Kustomize Replicas - override specifications - items: - properties: - count: - anyOf: - - type: integer - - type: string - description: Number of replicas - x-kubernetes-int-or-string: true - name: - description: Name of Deployment or StatefulSet - type: string - required: - - count - - name - type: object - type: array - version: - description: Version controls which version of Kustomize - to use for rendering manifests - type: string - type: object - path: - description: Path is a directory path within the Git repository, - and is only valid for applications sourced from Git. - type: string - plugin: - description: Plugin holds config management plugin specific - options - properties: - env: - description: Env is a list of environment variable entries - items: - description: EnvEntry represents an entry in the application's - environment - properties: - name: - description: Name is the name of the variable, - usually expressed in uppercase - type: string - value: - description: Value is the value of the variable - type: string - required: - - name - - value - type: object - type: array - name: - type: string - parameters: - items: - properties: - array: - description: Array is the value of an array type - parameter. - items: - type: string - type: array - map: - additionalProperties: - type: string - description: Map is the value of a map type parameter. - type: object - name: - description: Name is the name identifying a parameter. - type: string - string: - description: String_ is the value of a string - type parameter. - type: string - type: object - type: array - type: object - ref: - description: Ref is reference to another source within sources - field. This field will not be used if used with a `source` - tag. - type: string - repoURL: - description: RepoURL is the URL to the repository (Git or - Helm) that contains the application manifests - type: string - targetRevision: - description: TargetRevision defines the revision of the - source to sync the application to. In case of Git, this - can be commit, tag, or branch. If omitted, will equal - to HEAD. In case of Helm, this is a semver tag for the - Chart's version. - type: string - required: - - repoURL - type: object - sources: - description: Sources is a reference to the application sources - used for the sync operation - items: - description: ApplicationSource contains all required information - about the source of an application - properties: - chart: - description: Chart is a Helm chart name, and must be specified - for applications sourced from a Helm repo. - type: string - directory: - description: Directory holds path/directory specific options - properties: - exclude: - description: Exclude contains a glob pattern to match - paths against that should be explicitly excluded - from being used during manifest generation - type: string - include: - description: Include contains a glob pattern to match - paths against that should be explicitly included - during manifest generation - type: string - jsonnet: - description: Jsonnet holds options specific to Jsonnet - properties: - extVars: - description: ExtVars is a list of Jsonnet External - Variables - items: - description: JsonnetVar represents a variable - to be passed to jsonnet during manifest generation - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - libs: - description: Additional library search dirs - items: - type: string - type: array - tlas: - description: TLAS is a list of Jsonnet Top-level - Arguments - items: - description: JsonnetVar represents a variable - to be passed to jsonnet during manifest generation - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - type: object - recurse: - description: Recurse specifies whether to scan a directory - recursively for manifests - type: boolean - type: object - helm: - description: Helm holds helm specific options - properties: - fileParameters: - description: FileParameters are file parameters to - the helm template - items: - description: HelmFileParameter is a file parameter - that's passed to helm template during manifest - generation - properties: - name: - description: Name is the name of the Helm parameter - type: string - path: - description: Path is the path to the file containing - the values for the Helm parameter - type: string - type: object - type: array - ignoreMissingValueFiles: - description: IgnoreMissingValueFiles prevents helm - template from failing when valueFiles do not exist - locally by not appending them to helm template --values - type: boolean - parameters: - description: Parameters is a list of Helm parameters - which are passed to the helm template command upon - manifest generation - items: - description: HelmParameter is a parameter that's - passed to helm template during manifest generation - properties: - forceString: - description: ForceString determines whether - to tell Helm to interpret booleans and numbers - as strings - type: boolean - name: - description: Name is the name of the Helm parameter - type: string - value: - description: Value is the value for the Helm - parameter - type: string - type: object - type: array - passCredentials: - description: PassCredentials pass credentials to all - domains (Helm's --pass-credentials) - type: boolean - releaseName: - description: ReleaseName is the Helm release name - to use. If omitted it will use the application name - type: string - skipCrds: - description: SkipCrds skips custom resource definition - installation step (Helm's --skip-crds) - type: boolean - valueFiles: - description: ValuesFiles is a list of Helm value files - to use when generating a template - items: - type: string - type: array - values: - description: Values specifies Helm values to be passed - to helm template, typically defined as a block. - ValuesObject takes precedence over Values, so use - one or the other. - type: string - valuesObject: - description: ValuesObject specifies Helm values to - be passed to helm template, defined as a map. This - takes precedence over Values. - type: object - x-kubernetes-preserve-unknown-fields: true - version: - description: Version is the Helm version to use for - templating ("3") - type: string - type: object - kustomize: - description: Kustomize holds kustomize specific options - properties: - commonAnnotations: - additionalProperties: - type: string - description: CommonAnnotations is a list of additional - annotations to add to rendered manifests - type: object - commonAnnotationsEnvsubst: - description: CommonAnnotationsEnvsubst specifies whether - to apply env variables substitution for annotation - values - type: boolean - commonLabels: - additionalProperties: - type: string - description: CommonLabels is a list of additional - labels to add to rendered manifests - type: object - forceCommonAnnotations: - description: ForceCommonAnnotations specifies whether - to force applying common annotations to resources - for Kustomize apps - type: boolean - forceCommonLabels: - description: ForceCommonLabels specifies whether to - force applying common labels to resources for Kustomize - apps - type: boolean - images: - description: Images is a list of Kustomize image override - specifications - items: - description: KustomizeImage represents a Kustomize - image definition in the format [old_image_name=]: - type: string - type: array - namePrefix: - description: NamePrefix is a prefix appended to resources - for Kustomize apps - type: string - nameSuffix: - description: NameSuffix is a suffix appended to resources - for Kustomize apps - type: string - namespace: - description: Namespace sets the namespace that Kustomize - adds to all resources - type: string - patches: - description: Patches is a list of Kustomize patches - items: - properties: - options: - additionalProperties: - type: boolean - type: object - patch: - type: string - path: - type: string - target: - properties: - annotationSelector: - type: string - group: - type: string - kind: - type: string - labelSelector: - type: string - name: - type: string - namespace: - type: string - version: - type: string - type: object - type: object - type: array - replicas: - description: Replicas is a list of Kustomize Replicas - override specifications - items: - properties: - count: - anyOf: - - type: integer - - type: string - description: Number of replicas - x-kubernetes-int-or-string: true - name: - description: Name of Deployment or StatefulSet - type: string - required: - - count - - name - type: object - type: array - version: - description: Version controls which version of Kustomize - to use for rendering manifests - type: string - type: object - path: - description: Path is a directory path within the Git repository, - and is only valid for applications sourced from Git. - type: string - plugin: - description: Plugin holds config management plugin specific - options - properties: - env: - description: Env is a list of environment variable - entries - items: - description: EnvEntry represents an entry in the - application's environment - properties: - name: - description: Name is the name of the variable, - usually expressed in uppercase - type: string - value: - description: Value is the value of the variable - type: string - required: - - name - - value - type: object - type: array - name: - type: string - parameters: - items: - properties: - array: - description: Array is the value of an array - type parameter. - items: - type: string - type: array - map: - additionalProperties: - type: string - description: Map is the value of a map type - parameter. - type: object - name: - description: Name is the name identifying a - parameter. - type: string - string: - description: String_ is the value of a string - type parameter. - type: string - type: object - type: array - type: object - ref: - description: Ref is reference to another source within - sources field. This field will not be used if used with - a `source` tag. - type: string - repoURL: - description: RepoURL is the URL to the repository (Git - or Helm) that contains the application manifests - type: string - targetRevision: - description: TargetRevision defines the revision of the - source to sync the application to. In case of Git, this - can be commit, tag, or branch. If omitted, will equal - to HEAD. In case of Helm, this is a semver tag for the - Chart's version. - type: string - required: - - repoURL - type: object - type: array - required: - - deployedAt - - id - type: object - type: array - observedAt: - description: 'ObservedAt indicates when the application state was - updated without querying latest git state Deprecated: controller - no longer updates ObservedAt field' - format: date-time - type: string - operationState: - description: OperationState contains information about any ongoing - operations, such as a sync - properties: - finishedAt: - description: FinishedAt contains time of operation completion - format: date-time - type: string - message: - description: Message holds any pertinent messages when attempting - to perform operation (typically errors). - type: string - operation: - description: Operation is the original requested operation - properties: - info: - description: Info is a list of informational items for this - operation - items: - properties: - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - initiatedBy: - description: InitiatedBy contains information about who initiated - the operations - properties: - automated: - description: Automated is set to true if operation was - initiated automatically by the application controller. - type: boolean - username: - description: Username contains the name of a user who - started operation - type: string - type: object - retry: - description: Retry controls the strategy to apply if a sync - fails - properties: - backoff: - description: Backoff controls how to backoff on subsequent - retries of failed syncs - properties: - duration: - description: Duration is the amount to back off. Default - unit is seconds, but could also be a duration (e.g. - "2m", "1h") - type: string - factor: - description: Factor is a factor to multiply the base - duration after each failed retry - format: int64 - type: integer - maxDuration: - description: MaxDuration is the maximum amount of - time allowed for the backoff strategy - type: string - type: object - limit: - description: Limit is the maximum number of attempts for - retrying a failed sync. If set to 0, no retries will - be performed. - format: int64 - type: integer - type: object - sync: - description: Sync contains parameters for the operation - properties: - dryRun: - description: DryRun specifies to perform a `kubectl apply - --dry-run` without actually performing the sync - type: boolean - manifests: - description: Manifests is an optional field that overrides - sync source with a local directory for development - items: - type: string - type: array - prune: - description: Prune specifies to delete resources from - the cluster that are no longer tracked in git - type: boolean - resources: - description: Resources describes which resources shall - be part of the sync - items: - description: SyncOperationResource contains resources - to sync. - properties: - group: - type: string - kind: - type: string - name: - type: string - namespace: - type: string - required: - - kind - - name - type: object - type: array - revision: - description: Revision is the revision (Git) or chart version - (Helm) which to sync the application to If omitted, - will use the revision specified in app spec. - type: string - revisions: - description: Revisions is the list of revision (Git) or - chart version (Helm) which to sync each source in sources - field for the application to If omitted, will use the - revision specified in app spec. - items: - type: string - type: array - source: - description: Source overrides the source definition set - in the application. This is typically set in a Rollback - operation and is nil during a Sync operation - properties: - chart: - description: Chart is a Helm chart name, and must - be specified for applications sourced from a Helm - repo. - type: string - directory: - description: Directory holds path/directory specific - options - properties: - exclude: - description: Exclude contains a glob pattern to - match paths against that should be explicitly - excluded from being used during manifest generation - type: string - include: - description: Include contains a glob pattern to - match paths against that should be explicitly - included during manifest generation - type: string - jsonnet: - description: Jsonnet holds options specific to - Jsonnet - properties: - extVars: - description: ExtVars is a list of Jsonnet - External Variables - items: - description: JsonnetVar represents a variable - to be passed to jsonnet during manifest - generation - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - libs: - description: Additional library search dirs - items: - type: string - type: array - tlas: - description: TLAS is a list of Jsonnet Top-level - Arguments - items: - description: JsonnetVar represents a variable - to be passed to jsonnet during manifest - generation - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - type: object - recurse: - description: Recurse specifies whether to scan - a directory recursively for manifests - type: boolean - type: object - helm: - description: Helm holds helm specific options - properties: - fileParameters: - description: FileParameters are file parameters - to the helm template - items: - description: HelmFileParameter is a file parameter - that's passed to helm template during manifest - generation - properties: - name: - description: Name is the name of the Helm - parameter - type: string - path: - description: Path is the path to the file - containing the values for the Helm parameter - type: string - type: object - type: array - ignoreMissingValueFiles: - description: IgnoreMissingValueFiles prevents - helm template from failing when valueFiles do - not exist locally by not appending them to helm - template --values - type: boolean - parameters: - description: Parameters is a list of Helm parameters - which are passed to the helm template command - upon manifest generation - items: - description: HelmParameter is a parameter that's - passed to helm template during manifest generation - properties: - forceString: - description: ForceString determines whether - to tell Helm to interpret booleans and - numbers as strings - type: boolean - name: - description: Name is the name of the Helm - parameter - type: string - value: - description: Value is the value for the - Helm parameter - type: string - type: object - type: array - passCredentials: - description: PassCredentials pass credentials - to all domains (Helm's --pass-credentials) - type: boolean - releaseName: - description: ReleaseName is the Helm release name - to use. If omitted it will use the application - name - type: string - skipCrds: - description: SkipCrds skips custom resource definition - installation step (Helm's --skip-crds) - type: boolean - valueFiles: - description: ValuesFiles is a list of Helm value - files to use when generating a template - items: - type: string - type: array - values: - description: Values specifies Helm values to be - passed to helm template, typically defined as - a block. ValuesObject takes precedence over - Values, so use one or the other. - type: string - valuesObject: - description: ValuesObject specifies Helm values - to be passed to helm template, defined as a - map. This takes precedence over Values. - type: object - x-kubernetes-preserve-unknown-fields: true - version: - description: Version is the Helm version to use - for templating ("3") - type: string - type: object - kustomize: - description: Kustomize holds kustomize specific options - properties: - commonAnnotations: - additionalProperties: - type: string - description: CommonAnnotations is a list of additional - annotations to add to rendered manifests - type: object - commonAnnotationsEnvsubst: - description: CommonAnnotationsEnvsubst specifies - whether to apply env variables substitution - for annotation values - type: boolean - commonLabels: - additionalProperties: - type: string - description: CommonLabels is a list of additional - labels to add to rendered manifests - type: object - forceCommonAnnotations: - description: ForceCommonAnnotations specifies - whether to force applying common annotations - to resources for Kustomize apps - type: boolean - forceCommonLabels: - description: ForceCommonLabels specifies whether - to force applying common labels to resources - for Kustomize apps - type: boolean - images: - description: Images is a list of Kustomize image - override specifications - items: - description: KustomizeImage represents a Kustomize - image definition in the format [old_image_name=]: - type: string - type: array - namePrefix: - description: NamePrefix is a prefix appended to - resources for Kustomize apps - type: string - nameSuffix: - description: NameSuffix is a suffix appended to - resources for Kustomize apps - type: string - namespace: - description: Namespace sets the namespace that - Kustomize adds to all resources - type: string - patches: - description: Patches is a list of Kustomize patches - items: - properties: - options: - additionalProperties: - type: boolean - type: object - patch: - type: string - path: - type: string - target: - properties: - annotationSelector: - type: string - group: - type: string - kind: - type: string - labelSelector: - type: string - name: - type: string - namespace: - type: string - version: - type: string - type: object - type: object - type: array - replicas: - description: Replicas is a list of Kustomize Replicas - override specifications - items: - properties: - count: - anyOf: - - type: integer - - type: string - description: Number of replicas - x-kubernetes-int-or-string: true - name: - description: Name of Deployment or StatefulSet - type: string - required: - - count - - name - type: object - type: array - version: - description: Version controls which version of - Kustomize to use for rendering manifests - type: string - type: object - path: - description: Path is a directory path within the Git - repository, and is only valid for applications sourced - from Git. - type: string - plugin: - description: Plugin holds config management plugin - specific options - properties: - env: - description: Env is a list of environment variable - entries - items: - description: EnvEntry represents an entry in - the application's environment - properties: - name: - description: Name is the name of the variable, - usually expressed in uppercase - type: string - value: - description: Value is the value of the variable - type: string - required: - - name - - value - type: object - type: array - name: - type: string - parameters: - items: - properties: - array: - description: Array is the value of an array - type parameter. - items: - type: string - type: array - map: - additionalProperties: - type: string - description: Map is the value of a map type - parameter. - type: object - name: - description: Name is the name identifying - a parameter. - type: string - string: - description: String_ is the value of a string - type parameter. - type: string - type: object - type: array - type: object - ref: - description: Ref is reference to another source within - sources field. This field will not be used if used - with a `source` tag. - type: string - repoURL: - description: RepoURL is the URL to the repository - (Git or Helm) that contains the application manifests - type: string - targetRevision: - description: TargetRevision defines the revision of - the source to sync the application to. In case of - Git, this can be commit, tag, or branch. If omitted, - will equal to HEAD. In case of Helm, this is a semver - tag for the Chart's version. - type: string - required: - - repoURL - type: object - sources: - description: Sources overrides the source definition set - in the application. This is typically set in a Rollback - operation and is nil during a Sync operation - items: - description: ApplicationSource contains all required - information about the source of an application - properties: - chart: - description: Chart is a Helm chart name, and must - be specified for applications sourced from a Helm - repo. - type: string - directory: - description: Directory holds path/directory specific - options - properties: - exclude: - description: Exclude contains a glob pattern - to match paths against that should be explicitly - excluded from being used during manifest generation - type: string - include: - description: Include contains a glob pattern - to match paths against that should be explicitly - included during manifest generation - type: string - jsonnet: - description: Jsonnet holds options specific - to Jsonnet - properties: - extVars: - description: ExtVars is a list of Jsonnet - External Variables - items: - description: JsonnetVar represents a variable - to be passed to jsonnet during manifest - generation - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - libs: - description: Additional library search dirs - items: - type: string - type: array - tlas: - description: TLAS is a list of Jsonnet Top-level - Arguments - items: - description: JsonnetVar represents a variable - to be passed to jsonnet during manifest - generation - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - type: object - recurse: - description: Recurse specifies whether to scan - a directory recursively for manifests - type: boolean - type: object - helm: - description: Helm holds helm specific options - properties: - fileParameters: - description: FileParameters are file parameters - to the helm template - items: - description: HelmFileParameter is a file parameter - that's passed to helm template during manifest - generation - properties: - name: - description: Name is the name of the Helm - parameter - type: string - path: - description: Path is the path to the file - containing the values for the Helm parameter - type: string - type: object - type: array - ignoreMissingValueFiles: - description: IgnoreMissingValueFiles prevents - helm template from failing when valueFiles - do not exist locally by not appending them - to helm template --values - type: boolean - parameters: - description: Parameters is a list of Helm parameters - which are passed to the helm template command - upon manifest generation - items: - description: HelmParameter is a parameter - that's passed to helm template during manifest - generation - properties: - forceString: - description: ForceString determines whether - to tell Helm to interpret booleans and - numbers as strings - type: boolean - name: - description: Name is the name of the Helm - parameter - type: string - value: - description: Value is the value for the - Helm parameter - type: string - type: object - type: array - passCredentials: - description: PassCredentials pass credentials - to all domains (Helm's --pass-credentials) - type: boolean - releaseName: - description: ReleaseName is the Helm release - name to use. If omitted it will use the application - name - type: string - skipCrds: - description: SkipCrds skips custom resource - definition installation step (Helm's --skip-crds) - type: boolean - valueFiles: - description: ValuesFiles is a list of Helm value - files to use when generating a template - items: - type: string - type: array - values: - description: Values specifies Helm values to - be passed to helm template, typically defined - as a block. ValuesObject takes precedence - over Values, so use one or the other. - type: string - valuesObject: - description: ValuesObject specifies Helm values - to be passed to helm template, defined as - a map. This takes precedence over Values. - type: object - x-kubernetes-preserve-unknown-fields: true - version: - description: Version is the Helm version to - use for templating ("3") - type: string - type: object - kustomize: - description: Kustomize holds kustomize specific - options - properties: - commonAnnotations: - additionalProperties: - type: string - description: CommonAnnotations is a list of - additional annotations to add to rendered - manifests - type: object - commonAnnotationsEnvsubst: - description: CommonAnnotationsEnvsubst specifies - whether to apply env variables substitution - for annotation values - type: boolean - commonLabels: - additionalProperties: - type: string - description: CommonLabels is a list of additional - labels to add to rendered manifests - type: object - forceCommonAnnotations: - description: ForceCommonAnnotations specifies - whether to force applying common annotations - to resources for Kustomize apps - type: boolean - forceCommonLabels: - description: ForceCommonLabels specifies whether - to force applying common labels to resources - for Kustomize apps - type: boolean - images: - description: Images is a list of Kustomize image - override specifications - items: - description: KustomizeImage represents a Kustomize - image definition in the format [old_image_name=]: - type: string - type: array - namePrefix: - description: NamePrefix is a prefix appended - to resources for Kustomize apps - type: string - nameSuffix: - description: NameSuffix is a suffix appended - to resources for Kustomize apps - type: string - namespace: - description: Namespace sets the namespace that - Kustomize adds to all resources - type: string - patches: - description: Patches is a list of Kustomize - patches - items: - properties: - options: - additionalProperties: - type: boolean - type: object - patch: - type: string - path: - type: string - target: - properties: - annotationSelector: - type: string - group: - type: string - kind: - type: string - labelSelector: - type: string - name: - type: string - namespace: - type: string - version: - type: string - type: object - type: object - type: array - replicas: - description: Replicas is a list of Kustomize - Replicas override specifications - items: - properties: - count: - anyOf: - - type: integer - - type: string - description: Number of replicas - x-kubernetes-int-or-string: true - name: - description: Name of Deployment or StatefulSet - type: string - required: - - count - - name - type: object - type: array - version: - description: Version controls which version - of Kustomize to use for rendering manifests - type: string - type: object - path: - description: Path is a directory path within the - Git repository, and is only valid for applications - sourced from Git. - type: string - plugin: - description: Plugin holds config management plugin - specific options - properties: - env: - description: Env is a list of environment variable - entries - items: - description: EnvEntry represents an entry - in the application's environment - properties: - name: - description: Name is the name of the variable, - usually expressed in uppercase - type: string - value: - description: Value is the value of the - variable - type: string - required: - - name - - value - type: object - type: array - name: - type: string - parameters: - items: - properties: - array: - description: Array is the value of an - array type parameter. - items: - type: string - type: array - map: - additionalProperties: - type: string - description: Map is the value of a map - type parameter. - type: object - name: - description: Name is the name identifying - a parameter. - type: string - string: - description: String_ is the value of a - string type parameter. - type: string - type: object - type: array - type: object - ref: - description: Ref is reference to another source - within sources field. This field will not be used - if used with a `source` tag. - type: string - repoURL: - description: RepoURL is the URL to the repository - (Git or Helm) that contains the application manifests - type: string - targetRevision: - description: TargetRevision defines the revision - of the source to sync the application to. In case - of Git, this can be commit, tag, or branch. If - omitted, will equal to HEAD. In case of Helm, - this is a semver tag for the Chart's version. - type: string - required: - - repoURL - type: object - type: array - syncOptions: - description: SyncOptions provide per-sync sync-options, - e.g. Validate=false - items: - type: string - type: array - syncStrategy: - description: SyncStrategy describes how to perform the - sync - properties: - apply: - description: Apply will perform a `kubectl apply` - to perform the sync. - properties: - force: - description: Force indicates whether or not to - supply the --force flag to `kubectl apply`. - The --force flag deletes and re-create the resource, - when PATCH encounters conflict and has retried - for 5 times. - type: boolean - type: object - hook: - description: Hook will submit any referenced resources - to perform the sync. This is the default strategy - properties: - force: - description: Force indicates whether or not to - supply the --force flag to `kubectl apply`. - The --force flag deletes and re-create the resource, - when PATCH encounters conflict and has retried - for 5 times. - type: boolean - type: object - type: object - type: object - type: object - phase: - description: Phase is the current phase of the operation - type: string - retryCount: - description: RetryCount contains time of operation retries - format: int64 - type: integer - startedAt: - description: StartedAt contains time of operation start - format: date-time - type: string - syncResult: - description: SyncResult is the result of a Sync operation - properties: - managedNamespaceMetadata: - description: ManagedNamespaceMetadata contains the current - sync state of managed namespace metadata - properties: - annotations: - additionalProperties: - type: string - type: object - labels: - additionalProperties: - type: string - type: object - type: object - resources: - description: Resources contains a list of sync result items - for each individual resource in a sync operation - items: - description: ResourceResult holds the operation result details - of a specific resource - properties: - group: - description: Group specifies the API group of the resource - type: string - hookPhase: - description: HookPhase contains the state of any operation - associated with this resource OR hook This can also - contain values for non-hook resources. - type: string - hookType: - description: HookType specifies the type of the hook. - Empty for non-hook resources - type: string - kind: - description: Kind specifies the API kind of the resource - type: string - message: - description: Message contains an informational or error - message for the last sync OR operation - type: string - name: - description: Name specifies the name of the resource - type: string - namespace: - description: Namespace specifies the target namespace - of the resource - type: string - status: - description: Status holds the final result of the sync. - Will be empty if the resources is yet to be applied/pruned - and is always zero-value for hooks - type: string - syncPhase: - description: SyncPhase indicates the particular phase - of the sync that this result was acquired in - type: string - version: - description: Version specifies the API version of the - resource - type: string - required: - - group - - kind - - name - - namespace - - version - type: object - type: array - revision: - description: Revision holds the revision this sync operation - was performed to - type: string - revisions: - description: Revisions holds the revision this sync operation - was performed for respective indexed source in sources field - items: - type: string - type: array - source: - description: Source records the application source information - of the sync, used for comparing auto-sync - properties: - chart: - description: Chart is a Helm chart name, and must be specified - for applications sourced from a Helm repo. - type: string - directory: - description: Directory holds path/directory specific options - properties: - exclude: - description: Exclude contains a glob pattern to match - paths against that should be explicitly excluded - from being used during manifest generation - type: string - include: - description: Include contains a glob pattern to match - paths against that should be explicitly included - during manifest generation - type: string - jsonnet: - description: Jsonnet holds options specific to Jsonnet - properties: - extVars: - description: ExtVars is a list of Jsonnet External - Variables - items: - description: JsonnetVar represents a variable - to be passed to jsonnet during manifest generation - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - libs: - description: Additional library search dirs - items: - type: string - type: array - tlas: - description: TLAS is a list of Jsonnet Top-level - Arguments - items: - description: JsonnetVar represents a variable - to be passed to jsonnet during manifest generation - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - type: object - recurse: - description: Recurse specifies whether to scan a directory - recursively for manifests - type: boolean - type: object - helm: - description: Helm holds helm specific options - properties: - fileParameters: - description: FileParameters are file parameters to - the helm template - items: - description: HelmFileParameter is a file parameter - that's passed to helm template during manifest - generation - properties: - name: - description: Name is the name of the Helm parameter - type: string - path: - description: Path is the path to the file containing - the values for the Helm parameter - type: string - type: object - type: array - ignoreMissingValueFiles: - description: IgnoreMissingValueFiles prevents helm - template from failing when valueFiles do not exist - locally by not appending them to helm template --values - type: boolean - parameters: - description: Parameters is a list of Helm parameters - which are passed to the helm template command upon - manifest generation - items: - description: HelmParameter is a parameter that's - passed to helm template during manifest generation - properties: - forceString: - description: ForceString determines whether - to tell Helm to interpret booleans and numbers - as strings - type: boolean - name: - description: Name is the name of the Helm parameter - type: string - value: - description: Value is the value for the Helm - parameter - type: string - type: object - type: array - passCredentials: - description: PassCredentials pass credentials to all - domains (Helm's --pass-credentials) - type: boolean - releaseName: - description: ReleaseName is the Helm release name - to use. If omitted it will use the application name - type: string - skipCrds: - description: SkipCrds skips custom resource definition - installation step (Helm's --skip-crds) - type: boolean - valueFiles: - description: ValuesFiles is a list of Helm value files - to use when generating a template - items: - type: string - type: array - values: - description: Values specifies Helm values to be passed - to helm template, typically defined as a block. - ValuesObject takes precedence over Values, so use - one or the other. - type: string - valuesObject: - description: ValuesObject specifies Helm values to - be passed to helm template, defined as a map. This - takes precedence over Values. - type: object - x-kubernetes-preserve-unknown-fields: true - version: - description: Version is the Helm version to use for - templating ("3") - type: string - type: object - kustomize: - description: Kustomize holds kustomize specific options - properties: - commonAnnotations: - additionalProperties: - type: string - description: CommonAnnotations is a list of additional - annotations to add to rendered manifests - type: object - commonAnnotationsEnvsubst: - description: CommonAnnotationsEnvsubst specifies whether - to apply env variables substitution for annotation - values - type: boolean - commonLabels: - additionalProperties: - type: string - description: CommonLabels is a list of additional - labels to add to rendered manifests - type: object - forceCommonAnnotations: - description: ForceCommonAnnotations specifies whether - to force applying common annotations to resources - for Kustomize apps - type: boolean - forceCommonLabels: - description: ForceCommonLabels specifies whether to - force applying common labels to resources for Kustomize - apps - type: boolean - images: - description: Images is a list of Kustomize image override - specifications - items: - description: KustomizeImage represents a Kustomize - image definition in the format [old_image_name=]: - type: string - type: array - namePrefix: - description: NamePrefix is a prefix appended to resources - for Kustomize apps - type: string - nameSuffix: - description: NameSuffix is a suffix appended to resources - for Kustomize apps - type: string - namespace: - description: Namespace sets the namespace that Kustomize - adds to all resources - type: string - patches: - description: Patches is a list of Kustomize patches - items: - properties: - options: - additionalProperties: - type: boolean - type: object - patch: - type: string - path: - type: string - target: - properties: - annotationSelector: - type: string - group: - type: string - kind: - type: string - labelSelector: - type: string - name: - type: string - namespace: - type: string - version: - type: string - type: object - type: object - type: array - replicas: - description: Replicas is a list of Kustomize Replicas - override specifications - items: - properties: - count: - anyOf: - - type: integer - - type: string - description: Number of replicas - x-kubernetes-int-or-string: true - name: - description: Name of Deployment or StatefulSet - type: string - required: - - count - - name - type: object - type: array - version: - description: Version controls which version of Kustomize - to use for rendering manifests - type: string - type: object - path: - description: Path is a directory path within the Git repository, - and is only valid for applications sourced from Git. - type: string - plugin: - description: Plugin holds config management plugin specific - options - properties: - env: - description: Env is a list of environment variable - entries - items: - description: EnvEntry represents an entry in the - application's environment - properties: - name: - description: Name is the name of the variable, - usually expressed in uppercase - type: string - value: - description: Value is the value of the variable - type: string - required: - - name - - value - type: object - type: array - name: - type: string - parameters: - items: - properties: - array: - description: Array is the value of an array - type parameter. - items: - type: string - type: array - map: - additionalProperties: - type: string - description: Map is the value of a map type - parameter. - type: object - name: - description: Name is the name identifying a - parameter. - type: string - string: - description: String_ is the value of a string - type parameter. - type: string - type: object - type: array - type: object - ref: - description: Ref is reference to another source within - sources field. This field will not be used if used with - a `source` tag. - type: string - repoURL: - description: RepoURL is the URL to the repository (Git - or Helm) that contains the application manifests - type: string - targetRevision: - description: TargetRevision defines the revision of the - source to sync the application to. In case of Git, this - can be commit, tag, or branch. If omitted, will equal - to HEAD. In case of Helm, this is a semver tag for the - Chart's version. - type: string - required: - - repoURL - type: object - sources: - description: Source records the application source information - of the sync, used for comparing auto-sync - items: - description: ApplicationSource contains all required information - about the source of an application - properties: - chart: - description: Chart is a Helm chart name, and must be - specified for applications sourced from a Helm repo. - type: string - directory: - description: Directory holds path/directory specific - options - properties: - exclude: - description: Exclude contains a glob pattern to - match paths against that should be explicitly - excluded from being used during manifest generation - type: string - include: - description: Include contains a glob pattern to - match paths against that should be explicitly - included during manifest generation - type: string - jsonnet: - description: Jsonnet holds options specific to Jsonnet - properties: - extVars: - description: ExtVars is a list of Jsonnet External - Variables - items: - description: JsonnetVar represents a variable - to be passed to jsonnet during manifest - generation - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - libs: - description: Additional library search dirs - items: - type: string - type: array - tlas: - description: TLAS is a list of Jsonnet Top-level - Arguments - items: - description: JsonnetVar represents a variable - to be passed to jsonnet during manifest - generation - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - type: object - recurse: - description: Recurse specifies whether to scan a - directory recursively for manifests - type: boolean - type: object - helm: - description: Helm holds helm specific options - properties: - fileParameters: - description: FileParameters are file parameters - to the helm template - items: - description: HelmFileParameter is a file parameter - that's passed to helm template during manifest - generation - properties: - name: - description: Name is the name of the Helm - parameter - type: string - path: - description: Path is the path to the file - containing the values for the Helm parameter - type: string - type: object - type: array - ignoreMissingValueFiles: - description: IgnoreMissingValueFiles prevents helm - template from failing when valueFiles do not exist - locally by not appending them to helm template - --values - type: boolean - parameters: - description: Parameters is a list of Helm parameters - which are passed to the helm template command - upon manifest generation - items: - description: HelmParameter is a parameter that's - passed to helm template during manifest generation - properties: - forceString: - description: ForceString determines whether - to tell Helm to interpret booleans and numbers - as strings - type: boolean - name: - description: Name is the name of the Helm - parameter - type: string - value: - description: Value is the value for the Helm - parameter - type: string - type: object - type: array - passCredentials: - description: PassCredentials pass credentials to - all domains (Helm's --pass-credentials) - type: boolean - releaseName: - description: ReleaseName is the Helm release name - to use. If omitted it will use the application - name - type: string - skipCrds: - description: SkipCrds skips custom resource definition - installation step (Helm's --skip-crds) - type: boolean - valueFiles: - description: ValuesFiles is a list of Helm value - files to use when generating a template - items: - type: string - type: array - values: - description: Values specifies Helm values to be - passed to helm template, typically defined as - a block. ValuesObject takes precedence over Values, - so use one or the other. - type: string - valuesObject: - description: ValuesObject specifies Helm values - to be passed to helm template, defined as a map. - This takes precedence over Values. - type: object - x-kubernetes-preserve-unknown-fields: true - version: - description: Version is the Helm version to use - for templating ("3") - type: string - type: object - kustomize: - description: Kustomize holds kustomize specific options - properties: - commonAnnotations: - additionalProperties: - type: string - description: CommonAnnotations is a list of additional - annotations to add to rendered manifests - type: object - commonAnnotationsEnvsubst: - description: CommonAnnotationsEnvsubst specifies - whether to apply env variables substitution for - annotation values - type: boolean - commonLabels: - additionalProperties: - type: string - description: CommonLabels is a list of additional - labels to add to rendered manifests - type: object - forceCommonAnnotations: - description: ForceCommonAnnotations specifies whether - to force applying common annotations to resources - for Kustomize apps - type: boolean - forceCommonLabels: - description: ForceCommonLabels specifies whether - to force applying common labels to resources for - Kustomize apps - type: boolean - images: - description: Images is a list of Kustomize image - override specifications - items: - description: KustomizeImage represents a Kustomize - image definition in the format [old_image_name=]: - type: string - type: array - namePrefix: - description: NamePrefix is a prefix appended to - resources for Kustomize apps - type: string - nameSuffix: - description: NameSuffix is a suffix appended to - resources for Kustomize apps - type: string - namespace: - description: Namespace sets the namespace that Kustomize - adds to all resources - type: string - patches: - description: Patches is a list of Kustomize patches - items: - properties: - options: - additionalProperties: - type: boolean - type: object - patch: - type: string - path: - type: string - target: - properties: - annotationSelector: - type: string - group: - type: string - kind: - type: string - labelSelector: - type: string - name: - type: string - namespace: - type: string - version: - type: string - type: object - type: object - type: array - replicas: - description: Replicas is a list of Kustomize Replicas - override specifications - items: - properties: - count: - anyOf: - - type: integer - - type: string - description: Number of replicas - x-kubernetes-int-or-string: true - name: - description: Name of Deployment or StatefulSet - type: string - required: - - count - - name - type: object - type: array - version: - description: Version controls which version of Kustomize - to use for rendering manifests - type: string - type: object - path: - description: Path is a directory path within the Git - repository, and is only valid for applications sourced - from Git. - type: string - plugin: - description: Plugin holds config management plugin specific - options - properties: - env: - description: Env is a list of environment variable - entries - items: - description: EnvEntry represents an entry in the - application's environment - properties: - name: - description: Name is the name of the variable, - usually expressed in uppercase - type: string - value: - description: Value is the value of the variable - type: string - required: - - name - - value - type: object - type: array - name: - type: string - parameters: - items: - properties: - array: - description: Array is the value of an array - type parameter. - items: - type: string - type: array - map: - additionalProperties: - type: string - description: Map is the value of a map type - parameter. - type: object - name: - description: Name is the name identifying - a parameter. - type: string - string: - description: String_ is the value of a string - type parameter. - type: string - type: object - type: array - type: object - ref: - description: Ref is reference to another source within - sources field. This field will not be used if used - with a `source` tag. - type: string - repoURL: - description: RepoURL is the URL to the repository (Git - or Helm) that contains the application manifests - type: string - targetRevision: - description: TargetRevision defines the revision of - the source to sync the application to. In case of - Git, this can be commit, tag, or branch. If omitted, - will equal to HEAD. In case of Helm, this is a semver - tag for the Chart's version. - type: string - required: - - repoURL - type: object - type: array - required: - - revision - type: object - required: - - operation - - phase - - startedAt - type: object - reconciledAt: - description: ReconciledAt indicates when the application state was - reconciled using the latest git version - format: date-time - type: string - resourceHealthSource: - description: 'ResourceHealthSource indicates where the resource health - status is stored: inline if not set or appTree' - type: string - resources: - description: Resources is a list of Kubernetes resources managed by - this application - items: - description: 'ResourceStatus holds the current sync and health status - of a resource TODO: describe members of this type' - properties: - group: - type: string - health: - description: HealthStatus contains information about the currently - observed health state of an application or resource - properties: - message: - description: Message is a human-readable informational message - describing the health status - type: string - status: - description: Status holds the status code of the application - or resource - type: string - type: object - hook: - type: boolean - kind: - type: string - name: - type: string - namespace: - type: string - requiresPruning: - type: boolean - status: - description: SyncStatusCode is a type which represents possible - comparison results - type: string - syncWave: - format: int64 - type: integer - version: - type: string - type: object - type: array - sourceType: - description: SourceType specifies the type of this application - type: string - sourceTypes: - description: SourceTypes specifies the type of the sources included - in the application - items: - description: ApplicationSourceType specifies the type of the application's - source - type: string - type: array - summary: - description: Summary contains a list of URLs and container images - used by this application - properties: - externalURLs: - description: ExternalURLs holds all external URLs of application - child resources. - items: - type: string - type: array - images: - description: Images holds all images of application child resources. - items: - type: string - type: array - type: object - sync: - description: Sync contains information about the application's current - sync status - properties: - comparedTo: - description: ComparedTo contains information about what has been - compared - properties: - destination: - description: Destination is a reference to the application's - destination used for comparison - properties: - name: - description: Name is an alternate way of specifying the - target cluster by its symbolic name. This must be set - if Server is not set. - type: string - namespace: - description: Namespace specifies the target namespace - for the application's resources. The namespace will - only be set for namespace-scoped resources that have - not set a value for .metadata.namespace - type: string - server: - description: Server specifies the URL of the target cluster's - Kubernetes control plane API. This must be set if Name - is not set. - type: string - type: object - ignoreDifferences: - description: IgnoreDifferences is a reference to the application's - ignored differences used for comparison - items: - description: ResourceIgnoreDifferences contains resource - filter and list of json paths which should be ignored - during comparison with live state. - properties: - group: - type: string - jqPathExpressions: - items: - type: string - type: array - jsonPointers: - items: - type: string - type: array - kind: - type: string - managedFieldsManagers: - description: ManagedFieldsManagers is a list of trusted - managers. Fields mutated by those managers will take - precedence over the desired state defined in the SCM - and won't be displayed in diffs - items: - type: string - type: array - name: - type: string - namespace: - type: string - required: - - kind - type: object - type: array - source: - description: Source is a reference to the application's source - used for comparison - properties: - chart: - description: Chart is a Helm chart name, and must be specified - for applications sourced from a Helm repo. - type: string - directory: - description: Directory holds path/directory specific options - properties: - exclude: - description: Exclude contains a glob pattern to match - paths against that should be explicitly excluded - from being used during manifest generation - type: string - include: - description: Include contains a glob pattern to match - paths against that should be explicitly included - during manifest generation - type: string - jsonnet: - description: Jsonnet holds options specific to Jsonnet - properties: - extVars: - description: ExtVars is a list of Jsonnet External - Variables - items: - description: JsonnetVar represents a variable - to be passed to jsonnet during manifest generation - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - libs: - description: Additional library search dirs - items: - type: string - type: array - tlas: - description: TLAS is a list of Jsonnet Top-level - Arguments - items: - description: JsonnetVar represents a variable - to be passed to jsonnet during manifest generation - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - type: object - recurse: - description: Recurse specifies whether to scan a directory - recursively for manifests - type: boolean - type: object - helm: - description: Helm holds helm specific options - properties: - fileParameters: - description: FileParameters are file parameters to - the helm template - items: - description: HelmFileParameter is a file parameter - that's passed to helm template during manifest - generation - properties: - name: - description: Name is the name of the Helm parameter - type: string - path: - description: Path is the path to the file containing - the values for the Helm parameter - type: string - type: object - type: array - ignoreMissingValueFiles: - description: IgnoreMissingValueFiles prevents helm - template from failing when valueFiles do not exist - locally by not appending them to helm template --values - type: boolean - parameters: - description: Parameters is a list of Helm parameters - which are passed to the helm template command upon - manifest generation - items: - description: HelmParameter is a parameter that's - passed to helm template during manifest generation - properties: - forceString: - description: ForceString determines whether - to tell Helm to interpret booleans and numbers - as strings - type: boolean - name: - description: Name is the name of the Helm parameter - type: string - value: - description: Value is the value for the Helm - parameter - type: string - type: object - type: array - passCredentials: - description: PassCredentials pass credentials to all - domains (Helm's --pass-credentials) - type: boolean - releaseName: - description: ReleaseName is the Helm release name - to use. If omitted it will use the application name - type: string - skipCrds: - description: SkipCrds skips custom resource definition - installation step (Helm's --skip-crds) - type: boolean - valueFiles: - description: ValuesFiles is a list of Helm value files - to use when generating a template - items: - type: string - type: array - values: - description: Values specifies Helm values to be passed - to helm template, typically defined as a block. - ValuesObject takes precedence over Values, so use - one or the other. - type: string - valuesObject: - description: ValuesObject specifies Helm values to - be passed to helm template, defined as a map. This - takes precedence over Values. - type: object - x-kubernetes-preserve-unknown-fields: true - version: - description: Version is the Helm version to use for - templating ("3") - type: string - type: object - kustomize: - description: Kustomize holds kustomize specific options - properties: - commonAnnotations: - additionalProperties: - type: string - description: CommonAnnotations is a list of additional - annotations to add to rendered manifests - type: object - commonAnnotationsEnvsubst: - description: CommonAnnotationsEnvsubst specifies whether - to apply env variables substitution for annotation - values - type: boolean - commonLabels: - additionalProperties: - type: string - description: CommonLabels is a list of additional - labels to add to rendered manifests - type: object - forceCommonAnnotations: - description: ForceCommonAnnotations specifies whether - to force applying common annotations to resources - for Kustomize apps - type: boolean - forceCommonLabels: - description: ForceCommonLabels specifies whether to - force applying common labels to resources for Kustomize - apps - type: boolean - images: - description: Images is a list of Kustomize image override - specifications - items: - description: KustomizeImage represents a Kustomize - image definition in the format [old_image_name=]: - type: string - type: array - namePrefix: - description: NamePrefix is a prefix appended to resources - for Kustomize apps - type: string - nameSuffix: - description: NameSuffix is a suffix appended to resources - for Kustomize apps - type: string - namespace: - description: Namespace sets the namespace that Kustomize - adds to all resources - type: string - patches: - description: Patches is a list of Kustomize patches - items: - properties: - options: - additionalProperties: - type: boolean - type: object - patch: - type: string - path: - type: string - target: - properties: - annotationSelector: - type: string - group: - type: string - kind: - type: string - labelSelector: - type: string - name: - type: string - namespace: - type: string - version: - type: string - type: object - type: object - type: array - replicas: - description: Replicas is a list of Kustomize Replicas - override specifications - items: - properties: - count: - anyOf: - - type: integer - - type: string - description: Number of replicas - x-kubernetes-int-or-string: true - name: - description: Name of Deployment or StatefulSet - type: string - required: - - count - - name - type: object - type: array - version: - description: Version controls which version of Kustomize - to use for rendering manifests - type: string - type: object - path: - description: Path is a directory path within the Git repository, - and is only valid for applications sourced from Git. - type: string - plugin: - description: Plugin holds config management plugin specific - options - properties: - env: - description: Env is a list of environment variable - entries - items: - description: EnvEntry represents an entry in the - application's environment - properties: - name: - description: Name is the name of the variable, - usually expressed in uppercase - type: string - value: - description: Value is the value of the variable - type: string - required: - - name - - value - type: object - type: array - name: - type: string - parameters: - items: - properties: - array: - description: Array is the value of an array - type parameter. - items: - type: string - type: array - map: - additionalProperties: - type: string - description: Map is the value of a map type - parameter. - type: object - name: - description: Name is the name identifying a - parameter. - type: string - string: - description: String_ is the value of a string - type parameter. - type: string - type: object - type: array - type: object - ref: - description: Ref is reference to another source within - sources field. This field will not be used if used with - a `source` tag. - type: string - repoURL: - description: RepoURL is the URL to the repository (Git - or Helm) that contains the application manifests - type: string - targetRevision: - description: TargetRevision defines the revision of the - source to sync the application to. In case of Git, this - can be commit, tag, or branch. If omitted, will equal - to HEAD. In case of Helm, this is a semver tag for the - Chart's version. - type: string - required: - - repoURL - type: object - sources: - description: Sources is a reference to the application's multiple - sources used for comparison - items: - description: ApplicationSource contains all required information - about the source of an application - properties: - chart: - description: Chart is a Helm chart name, and must be - specified for applications sourced from a Helm repo. - type: string - directory: - description: Directory holds path/directory specific - options - properties: - exclude: - description: Exclude contains a glob pattern to - match paths against that should be explicitly - excluded from being used during manifest generation - type: string - include: - description: Include contains a glob pattern to - match paths against that should be explicitly - included during manifest generation - type: string - jsonnet: - description: Jsonnet holds options specific to Jsonnet - properties: - extVars: - description: ExtVars is a list of Jsonnet External - Variables - items: - description: JsonnetVar represents a variable - to be passed to jsonnet during manifest - generation - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - libs: - description: Additional library search dirs - items: - type: string - type: array - tlas: - description: TLAS is a list of Jsonnet Top-level - Arguments - items: - description: JsonnetVar represents a variable - to be passed to jsonnet during manifest - generation - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - type: object - recurse: - description: Recurse specifies whether to scan a - directory recursively for manifests - type: boolean - type: object - helm: - description: Helm holds helm specific options - properties: - fileParameters: - description: FileParameters are file parameters - to the helm template - items: - description: HelmFileParameter is a file parameter - that's passed to helm template during manifest - generation - properties: - name: - description: Name is the name of the Helm - parameter - type: string - path: - description: Path is the path to the file - containing the values for the Helm parameter - type: string - type: object - type: array - ignoreMissingValueFiles: - description: IgnoreMissingValueFiles prevents helm - template from failing when valueFiles do not exist - locally by not appending them to helm template - --values - type: boolean - parameters: - description: Parameters is a list of Helm parameters - which are passed to the helm template command - upon manifest generation - items: - description: HelmParameter is a parameter that's - passed to helm template during manifest generation - properties: - forceString: - description: ForceString determines whether - to tell Helm to interpret booleans and numbers - as strings - type: boolean - name: - description: Name is the name of the Helm - parameter - type: string - value: - description: Value is the value for the Helm - parameter - type: string - type: object - type: array - passCredentials: - description: PassCredentials pass credentials to - all domains (Helm's --pass-credentials) - type: boolean - releaseName: - description: ReleaseName is the Helm release name - to use. If omitted it will use the application - name - type: string - skipCrds: - description: SkipCrds skips custom resource definition - installation step (Helm's --skip-crds) - type: boolean - valueFiles: - description: ValuesFiles is a list of Helm value - files to use when generating a template - items: - type: string - type: array - values: - description: Values specifies Helm values to be - passed to helm template, typically defined as - a block. ValuesObject takes precedence over Values, - so use one or the other. - type: string - valuesObject: - description: ValuesObject specifies Helm values - to be passed to helm template, defined as a map. - This takes precedence over Values. - type: object - x-kubernetes-preserve-unknown-fields: true - version: - description: Version is the Helm version to use - for templating ("3") - type: string - type: object - kustomize: - description: Kustomize holds kustomize specific options - properties: - commonAnnotations: - additionalProperties: - type: string - description: CommonAnnotations is a list of additional - annotations to add to rendered manifests - type: object - commonAnnotationsEnvsubst: - description: CommonAnnotationsEnvsubst specifies - whether to apply env variables substitution for - annotation values - type: boolean - commonLabels: - additionalProperties: - type: string - description: CommonLabels is a list of additional - labels to add to rendered manifests - type: object - forceCommonAnnotations: - description: ForceCommonAnnotations specifies whether - to force applying common annotations to resources - for Kustomize apps - type: boolean - forceCommonLabels: - description: ForceCommonLabels specifies whether - to force applying common labels to resources for - Kustomize apps - type: boolean - images: - description: Images is a list of Kustomize image - override specifications - items: - description: KustomizeImage represents a Kustomize - image definition in the format [old_image_name=]: - type: string - type: array - namePrefix: - description: NamePrefix is a prefix appended to - resources for Kustomize apps - type: string - nameSuffix: - description: NameSuffix is a suffix appended to - resources for Kustomize apps - type: string - namespace: - description: Namespace sets the namespace that Kustomize - adds to all resources - type: string - patches: - description: Patches is a list of Kustomize patches - items: - properties: - options: - additionalProperties: - type: boolean - type: object - patch: - type: string - path: - type: string - target: - properties: - annotationSelector: - type: string - group: - type: string - kind: - type: string - labelSelector: - type: string - name: - type: string - namespace: - type: string - version: - type: string - type: object - type: object - type: array - replicas: - description: Replicas is a list of Kustomize Replicas - override specifications - items: - properties: - count: - anyOf: - - type: integer - - type: string - description: Number of replicas - x-kubernetes-int-or-string: true - name: - description: Name of Deployment or StatefulSet - type: string - required: - - count - - name - type: object - type: array - version: - description: Version controls which version of Kustomize - to use for rendering manifests - type: string - type: object - path: - description: Path is a directory path within the Git - repository, and is only valid for applications sourced - from Git. - type: string - plugin: - description: Plugin holds config management plugin specific - options - properties: - env: - description: Env is a list of environment variable - entries - items: - description: EnvEntry represents an entry in the - application's environment - properties: - name: - description: Name is the name of the variable, - usually expressed in uppercase - type: string - value: - description: Value is the value of the variable - type: string - required: - - name - - value - type: object - type: array - name: - type: string - parameters: - items: - properties: - array: - description: Array is the value of an array - type parameter. - items: - type: string - type: array - map: - additionalProperties: - type: string - description: Map is the value of a map type - parameter. - type: object - name: - description: Name is the name identifying - a parameter. - type: string - string: - description: String_ is the value of a string - type parameter. - type: string - type: object - type: array - type: object - ref: - description: Ref is reference to another source within - sources field. This field will not be used if used - with a `source` tag. - type: string - repoURL: - description: RepoURL is the URL to the repository (Git - or Helm) that contains the application manifests - type: string - targetRevision: - description: TargetRevision defines the revision of - the source to sync the application to. In case of - Git, this can be commit, tag, or branch. If omitted, - will equal to HEAD. In case of Helm, this is a semver - tag for the Chart's version. - type: string - required: - - repoURL - type: object - type: array - required: - - destination - type: object - revision: - description: Revision contains information about the revision - the comparison has been performed to - type: string - revisions: - description: Revisions contains information about the revisions - of multiple sources the comparison has been performed to - items: - type: string - type: array - status: - description: Status is the sync state of the comparison - type: string - required: - - status - type: object - type: object - required: - - metadata - - spec - type: object - served: true - storage: true - subresources: {} ---- -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - labels: - app.kubernetes.io/name: applicationsets.argoproj.io - app.kubernetes.io/part-of: argocd - name: applicationsets.argoproj.io -spec: - group: argoproj.io - names: - kind: ApplicationSet - listKind: ApplicationSetList - plural: applicationsets - shortNames: - - appset - - appsets - singular: applicationset - scope: Namespaced - versions: - - name: v1alpha1 - schema: - openAPIV3Schema: - properties: - apiVersion: - type: string - kind: - type: string - metadata: - type: object - spec: - properties: - applyNestedSelectors: - type: boolean - generators: - items: - properties: - clusterDecisionResource: - properties: - configMapRef: - type: string - labelSelector: - properties: - matchExpressions: - items: - properties: - key: - type: string - operator: - type: string - values: - items: - type: string - type: array - required: - - key - - operator - type: object - type: array - matchLabels: - additionalProperties: - type: string - type: object - type: object - name: - type: string - requeueAfterSeconds: - format: int64 - type: integer - template: - properties: - metadata: - properties: - annotations: - additionalProperties: - type: string - type: object - finalizers: - items: - type: string - type: array - labels: - additionalProperties: - type: string - type: object - name: - type: string - namespace: - type: string - type: object - spec: - properties: - destination: - properties: - name: - type: string - namespace: - type: string - server: - type: string - type: object - ignoreDifferences: - items: - properties: - group: - type: string - jqPathExpressions: - items: - type: string - type: array - jsonPointers: - items: - type: string - type: array - kind: - type: string - managedFieldsManagers: - items: - type: string - type: array - name: - type: string - namespace: - type: string - required: - - kind - type: object - type: array - info: - items: - properties: - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - project: - type: string - revisionHistoryLimit: - format: int64 - type: integer - source: - properties: - chart: - type: string - directory: - properties: - exclude: - type: string - include: - type: string - jsonnet: - properties: - extVars: - items: - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - libs: - items: - type: string - type: array - tlas: - items: - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - type: object - recurse: - type: boolean - type: object - helm: - properties: - fileParameters: - items: - properties: - name: - type: string - path: - type: string - type: object - type: array - ignoreMissingValueFiles: - type: boolean - parameters: - items: - properties: - forceString: - type: boolean - name: - type: string - value: - type: string - type: object - type: array - passCredentials: - type: boolean - releaseName: - type: string - skipCrds: - type: boolean - valueFiles: - items: - type: string - type: array - values: - type: string - valuesObject: - type: object - x-kubernetes-preserve-unknown-fields: true - version: - type: string - type: object - kustomize: - properties: - commonAnnotations: - additionalProperties: - type: string - type: object - commonAnnotationsEnvsubst: - type: boolean - commonLabels: - additionalProperties: - type: string - type: object - forceCommonAnnotations: - type: boolean - forceCommonLabels: - type: boolean - images: - items: - type: string - type: array - namePrefix: - type: string - nameSuffix: - type: string - namespace: - type: string - patches: - items: - properties: - options: - additionalProperties: - type: boolean - type: object - patch: - type: string - path: - type: string - target: - properties: - annotationSelector: - type: string - group: - type: string - kind: - type: string - labelSelector: - type: string - name: - type: string - namespace: - type: string - version: - type: string - type: object - type: object - type: array - replicas: - items: - properties: - count: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - name: - type: string - required: - - count - - name - type: object - type: array - version: - type: string - type: object - path: - type: string - plugin: - properties: - env: - items: - properties: - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - name: - type: string - parameters: - items: - properties: - array: - items: - type: string - type: array - map: - additionalProperties: - type: string - type: object - name: - type: string - string: - type: string - type: object - type: array - type: object - ref: - type: string - repoURL: - type: string - targetRevision: - type: string - required: - - repoURL - type: object - sources: - items: - properties: - chart: - type: string - directory: - properties: - exclude: - type: string - include: - type: string - jsonnet: - properties: - extVars: - items: - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - libs: - items: - type: string - type: array - tlas: - items: - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - type: object - recurse: - type: boolean - type: object - helm: - properties: - fileParameters: - items: - properties: - name: - type: string - path: - type: string - type: object - type: array - ignoreMissingValueFiles: - type: boolean - parameters: - items: - properties: - forceString: - type: boolean - name: - type: string - value: - type: string - type: object - type: array - passCredentials: - type: boolean - releaseName: - type: string - skipCrds: - type: boolean - valueFiles: - items: - type: string - type: array - values: - type: string - valuesObject: - type: object - x-kubernetes-preserve-unknown-fields: true - version: - type: string - type: object - kustomize: - properties: - commonAnnotations: - additionalProperties: - type: string - type: object - commonAnnotationsEnvsubst: - type: boolean - commonLabels: - additionalProperties: - type: string - type: object - forceCommonAnnotations: - type: boolean - forceCommonLabels: - type: boolean - images: - items: - type: string - type: array - namePrefix: - type: string - nameSuffix: - type: string - namespace: - type: string - patches: - items: - properties: - options: - additionalProperties: - type: boolean - type: object - patch: - type: string - path: - type: string - target: - properties: - annotationSelector: - type: string - group: - type: string - kind: - type: string - labelSelector: - type: string - name: - type: string - namespace: - type: string - version: - type: string - type: object - type: object - type: array - replicas: - items: - properties: - count: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - name: - type: string - required: - - count - - name - type: object - type: array - version: - type: string - type: object - path: - type: string - plugin: - properties: - env: - items: - properties: - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - name: - type: string - parameters: - items: - properties: - array: - items: - type: string - type: array - map: - additionalProperties: - type: string - type: object - name: - type: string - string: - type: string - type: object - type: array - type: object - ref: - type: string - repoURL: - type: string - targetRevision: - type: string - required: - - repoURL - type: object - type: array - syncPolicy: - properties: - automated: - properties: - allowEmpty: - type: boolean - prune: - type: boolean - selfHeal: - type: boolean - type: object - managedNamespaceMetadata: - properties: - annotations: - additionalProperties: - type: string - type: object - labels: - additionalProperties: - type: string - type: object - type: object - retry: - properties: - backoff: - properties: - duration: - type: string - factor: - format: int64 - type: integer - maxDuration: - type: string - type: object - limit: - format: int64 - type: integer - type: object - syncOptions: - items: - type: string - type: array - type: object - required: - - destination - - project - type: object - required: - - metadata - - spec - type: object - values: - additionalProperties: - type: string - type: object - required: - - configMapRef - type: object - clusters: - properties: - selector: - properties: - matchExpressions: - items: - properties: - key: - type: string - operator: - type: string - values: - items: - type: string - type: array - required: - - key - - operator - type: object - type: array - matchLabels: - additionalProperties: - type: string - type: object - type: object - template: - properties: - metadata: - properties: - annotations: - additionalProperties: - type: string - type: object - finalizers: - items: - type: string - type: array - labels: - additionalProperties: - type: string - type: object - name: - type: string - namespace: - type: string - type: object - spec: - properties: - destination: - properties: - name: - type: string - namespace: - type: string - server: - type: string - type: object - ignoreDifferences: - items: - properties: - group: - type: string - jqPathExpressions: - items: - type: string - type: array - jsonPointers: - items: - type: string - type: array - kind: - type: string - managedFieldsManagers: - items: - type: string - type: array - name: - type: string - namespace: - type: string - required: - - kind - type: object - type: array - info: - items: - properties: - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - project: - type: string - revisionHistoryLimit: - format: int64 - type: integer - source: - properties: - chart: - type: string - directory: - properties: - exclude: - type: string - include: - type: string - jsonnet: - properties: - extVars: - items: - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - libs: - items: - type: string - type: array - tlas: - items: - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - type: object - recurse: - type: boolean - type: object - helm: - properties: - fileParameters: - items: - properties: - name: - type: string - path: - type: string - type: object - type: array - ignoreMissingValueFiles: - type: boolean - parameters: - items: - properties: - forceString: - type: boolean - name: - type: string - value: - type: string - type: object - type: array - passCredentials: - type: boolean - releaseName: - type: string - skipCrds: - type: boolean - valueFiles: - items: - type: string - type: array - values: - type: string - valuesObject: - type: object - x-kubernetes-preserve-unknown-fields: true - version: - type: string - type: object - kustomize: - properties: - commonAnnotations: - additionalProperties: - type: string - type: object - commonAnnotationsEnvsubst: - type: boolean - commonLabels: - additionalProperties: - type: string - type: object - forceCommonAnnotations: - type: boolean - forceCommonLabels: - type: boolean - images: - items: - type: string - type: array - namePrefix: - type: string - nameSuffix: - type: string - namespace: - type: string - patches: - items: - properties: - options: - additionalProperties: - type: boolean - type: object - patch: - type: string - path: - type: string - target: - properties: - annotationSelector: - type: string - group: - type: string - kind: - type: string - labelSelector: - type: string - name: - type: string - namespace: - type: string - version: - type: string - type: object - type: object - type: array - replicas: - items: - properties: - count: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - name: - type: string - required: - - count - - name - type: object - type: array - version: - type: string - type: object - path: - type: string - plugin: - properties: - env: - items: - properties: - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - name: - type: string - parameters: - items: - properties: - array: - items: - type: string - type: array - map: - additionalProperties: - type: string - type: object - name: - type: string - string: - type: string - type: object - type: array - type: object - ref: - type: string - repoURL: - type: string - targetRevision: - type: string - required: - - repoURL - type: object - sources: - items: - properties: - chart: - type: string - directory: - properties: - exclude: - type: string - include: - type: string - jsonnet: - properties: - extVars: - items: - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - libs: - items: - type: string - type: array - tlas: - items: - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - type: object - recurse: - type: boolean - type: object - helm: - properties: - fileParameters: - items: - properties: - name: - type: string - path: - type: string - type: object - type: array - ignoreMissingValueFiles: - type: boolean - parameters: - items: - properties: - forceString: - type: boolean - name: - type: string - value: - type: string - type: object - type: array - passCredentials: - type: boolean - releaseName: - type: string - skipCrds: - type: boolean - valueFiles: - items: - type: string - type: array - values: - type: string - valuesObject: - type: object - x-kubernetes-preserve-unknown-fields: true - version: - type: string - type: object - kustomize: - properties: - commonAnnotations: - additionalProperties: - type: string - type: object - commonAnnotationsEnvsubst: - type: boolean - commonLabels: - additionalProperties: - type: string - type: object - forceCommonAnnotations: - type: boolean - forceCommonLabels: - type: boolean - images: - items: - type: string - type: array - namePrefix: - type: string - nameSuffix: - type: string - namespace: - type: string - patches: - items: - properties: - options: - additionalProperties: - type: boolean - type: object - patch: - type: string - path: - type: string - target: - properties: - annotationSelector: - type: string - group: - type: string - kind: - type: string - labelSelector: - type: string - name: - type: string - namespace: - type: string - version: - type: string - type: object - type: object - type: array - replicas: - items: - properties: - count: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - name: - type: string - required: - - count - - name - type: object - type: array - version: - type: string - type: object - path: - type: string - plugin: - properties: - env: - items: - properties: - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - name: - type: string - parameters: - items: - properties: - array: - items: - type: string - type: array - map: - additionalProperties: - type: string - type: object - name: - type: string - string: - type: string - type: object - type: array - type: object - ref: - type: string - repoURL: - type: string - targetRevision: - type: string - required: - - repoURL - type: object - type: array - syncPolicy: - properties: - automated: - properties: - allowEmpty: - type: boolean - prune: - type: boolean - selfHeal: - type: boolean - type: object - managedNamespaceMetadata: - properties: - annotations: - additionalProperties: - type: string - type: object - labels: - additionalProperties: - type: string - type: object - type: object - retry: - properties: - backoff: - properties: - duration: - type: string - factor: - format: int64 - type: integer - maxDuration: - type: string - type: object - limit: - format: int64 - type: integer - type: object - syncOptions: - items: - type: string - type: array - type: object - required: - - destination - - project - type: object - required: - - metadata - - spec - type: object - values: - additionalProperties: - type: string - type: object - type: object - git: - properties: - directories: - items: - properties: - exclude: - type: boolean - path: - type: string - required: - - path - type: object - type: array - files: - items: - properties: - path: - type: string - required: - - path - type: object - type: array - pathParamPrefix: - type: string - repoURL: - type: string - requeueAfterSeconds: - format: int64 - type: integer - revision: - type: string - template: - properties: - metadata: - properties: - annotations: - additionalProperties: - type: string - type: object - finalizers: - items: - type: string - type: array - labels: - additionalProperties: - type: string - type: object - name: - type: string - namespace: - type: string - type: object - spec: - properties: - destination: - properties: - name: - type: string - namespace: - type: string - server: - type: string - type: object - ignoreDifferences: - items: - properties: - group: - type: string - jqPathExpressions: - items: - type: string - type: array - jsonPointers: - items: - type: string - type: array - kind: - type: string - managedFieldsManagers: - items: - type: string - type: array - name: - type: string - namespace: - type: string - required: - - kind - type: object - type: array - info: - items: - properties: - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - project: - type: string - revisionHistoryLimit: - format: int64 - type: integer - source: - properties: - chart: - type: string - directory: - properties: - exclude: - type: string - include: - type: string - jsonnet: - properties: - extVars: - items: - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - libs: - items: - type: string - type: array - tlas: - items: - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - type: object - recurse: - type: boolean - type: object - helm: - properties: - fileParameters: - items: - properties: - name: - type: string - path: - type: string - type: object - type: array - ignoreMissingValueFiles: - type: boolean - parameters: - items: - properties: - forceString: - type: boolean - name: - type: string - value: - type: string - type: object - type: array - passCredentials: - type: boolean - releaseName: - type: string - skipCrds: - type: boolean - valueFiles: - items: - type: string - type: array - values: - type: string - valuesObject: - type: object - x-kubernetes-preserve-unknown-fields: true - version: - type: string - type: object - kustomize: - properties: - commonAnnotations: - additionalProperties: - type: string - type: object - commonAnnotationsEnvsubst: - type: boolean - commonLabels: - additionalProperties: - type: string - type: object - forceCommonAnnotations: - type: boolean - forceCommonLabels: - type: boolean - images: - items: - type: string - type: array - namePrefix: - type: string - nameSuffix: - type: string - namespace: - type: string - patches: - items: - properties: - options: - additionalProperties: - type: boolean - type: object - patch: - type: string - path: - type: string - target: - properties: - annotationSelector: - type: string - group: - type: string - kind: - type: string - labelSelector: - type: string - name: - type: string - namespace: - type: string - version: - type: string - type: object - type: object - type: array - replicas: - items: - properties: - count: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - name: - type: string - required: - - count - - name - type: object - type: array - version: - type: string - type: object - path: - type: string - plugin: - properties: - env: - items: - properties: - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - name: - type: string - parameters: - items: - properties: - array: - items: - type: string - type: array - map: - additionalProperties: - type: string - type: object - name: - type: string - string: - type: string - type: object - type: array - type: object - ref: - type: string - repoURL: - type: string - targetRevision: - type: string - required: - - repoURL - type: object - sources: - items: - properties: - chart: - type: string - directory: - properties: - exclude: - type: string - include: - type: string - jsonnet: - properties: - extVars: - items: - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - libs: - items: - type: string - type: array - tlas: - items: - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - type: object - recurse: - type: boolean - type: object - helm: - properties: - fileParameters: - items: - properties: - name: - type: string - path: - type: string - type: object - type: array - ignoreMissingValueFiles: - type: boolean - parameters: - items: - properties: - forceString: - type: boolean - name: - type: string - value: - type: string - type: object - type: array - passCredentials: - type: boolean - releaseName: - type: string - skipCrds: - type: boolean - valueFiles: - items: - type: string - type: array - values: - type: string - valuesObject: - type: object - x-kubernetes-preserve-unknown-fields: true - version: - type: string - type: object - kustomize: - properties: - commonAnnotations: - additionalProperties: - type: string - type: object - commonAnnotationsEnvsubst: - type: boolean - commonLabels: - additionalProperties: - type: string - type: object - forceCommonAnnotations: - type: boolean - forceCommonLabels: - type: boolean - images: - items: - type: string - type: array - namePrefix: - type: string - nameSuffix: - type: string - namespace: - type: string - patches: - items: - properties: - options: - additionalProperties: - type: boolean - type: object - patch: - type: string - path: - type: string - target: - properties: - annotationSelector: - type: string - group: - type: string - kind: - type: string - labelSelector: - type: string - name: - type: string - namespace: - type: string - version: - type: string - type: object - type: object - type: array - replicas: - items: - properties: - count: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - name: - type: string - required: - - count - - name - type: object - type: array - version: - type: string - type: object - path: - type: string - plugin: - properties: - env: - items: - properties: - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - name: - type: string - parameters: - items: - properties: - array: - items: - type: string - type: array - map: - additionalProperties: - type: string - type: object - name: - type: string - string: - type: string - type: object - type: array - type: object - ref: - type: string - repoURL: - type: string - targetRevision: - type: string - required: - - repoURL - type: object - type: array - syncPolicy: - properties: - automated: - properties: - allowEmpty: - type: boolean - prune: - type: boolean - selfHeal: - type: boolean - type: object - managedNamespaceMetadata: - properties: - annotations: - additionalProperties: - type: string - type: object - labels: - additionalProperties: - type: string - type: object - type: object - retry: - properties: - backoff: - properties: - duration: - type: string - factor: - format: int64 - type: integer - maxDuration: - type: string - type: object - limit: - format: int64 - type: integer - type: object - syncOptions: - items: - type: string - type: array - type: object - required: - - destination - - project - type: object - required: - - metadata - - spec - type: object - values: - additionalProperties: - type: string - type: object - required: - - repoURL - - revision - type: object - list: - properties: - elements: - items: - x-kubernetes-preserve-unknown-fields: true - type: array - elementsYaml: - type: string - template: - properties: - metadata: - properties: - annotations: - additionalProperties: - type: string - type: object - finalizers: - items: - type: string - type: array - labels: - additionalProperties: - type: string - type: object - name: - type: string - namespace: - type: string - type: object - spec: - properties: - destination: - properties: - name: - type: string - namespace: - type: string - server: - type: string - type: object - ignoreDifferences: - items: - properties: - group: - type: string - jqPathExpressions: - items: - type: string - type: array - jsonPointers: - items: - type: string - type: array - kind: - type: string - managedFieldsManagers: - items: - type: string - type: array - name: - type: string - namespace: - type: string - required: - - kind - type: object - type: array - info: - items: - properties: - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - project: - type: string - revisionHistoryLimit: - format: int64 - type: integer - source: - properties: - chart: - type: string - directory: - properties: - exclude: - type: string - include: - type: string - jsonnet: - properties: - extVars: - items: - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - libs: - items: - type: string - type: array - tlas: - items: - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - type: object - recurse: - type: boolean - type: object - helm: - properties: - fileParameters: - items: - properties: - name: - type: string - path: - type: string - type: object - type: array - ignoreMissingValueFiles: - type: boolean - parameters: - items: - properties: - forceString: - type: boolean - name: - type: string - value: - type: string - type: object - type: array - passCredentials: - type: boolean - releaseName: - type: string - skipCrds: - type: boolean - valueFiles: - items: - type: string - type: array - values: - type: string - valuesObject: - type: object - x-kubernetes-preserve-unknown-fields: true - version: - type: string - type: object - kustomize: - properties: - commonAnnotations: - additionalProperties: - type: string - type: object - commonAnnotationsEnvsubst: - type: boolean - commonLabels: - additionalProperties: - type: string - type: object - forceCommonAnnotations: - type: boolean - forceCommonLabels: - type: boolean - images: - items: - type: string - type: array - namePrefix: - type: string - nameSuffix: - type: string - namespace: - type: string - patches: - items: - properties: - options: - additionalProperties: - type: boolean - type: object - patch: - type: string - path: - type: string - target: - properties: - annotationSelector: - type: string - group: - type: string - kind: - type: string - labelSelector: - type: string - name: - type: string - namespace: - type: string - version: - type: string - type: object - type: object - type: array - replicas: - items: - properties: - count: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - name: - type: string - required: - - count - - name - type: object - type: array - version: - type: string - type: object - path: - type: string - plugin: - properties: - env: - items: - properties: - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - name: - type: string - parameters: - items: - properties: - array: - items: - type: string - type: array - map: - additionalProperties: - type: string - type: object - name: - type: string - string: - type: string - type: object - type: array - type: object - ref: - type: string - repoURL: - type: string - targetRevision: - type: string - required: - - repoURL - type: object - sources: - items: - properties: - chart: - type: string - directory: - properties: - exclude: - type: string - include: - type: string - jsonnet: - properties: - extVars: - items: - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - libs: - items: - type: string - type: array - tlas: - items: - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - type: object - recurse: - type: boolean - type: object - helm: - properties: - fileParameters: - items: - properties: - name: - type: string - path: - type: string - type: object - type: array - ignoreMissingValueFiles: - type: boolean - parameters: - items: - properties: - forceString: - type: boolean - name: - type: string - value: - type: string - type: object - type: array - passCredentials: - type: boolean - releaseName: - type: string - skipCrds: - type: boolean - valueFiles: - items: - type: string - type: array - values: - type: string - valuesObject: - type: object - x-kubernetes-preserve-unknown-fields: true - version: - type: string - type: object - kustomize: - properties: - commonAnnotations: - additionalProperties: - type: string - type: object - commonAnnotationsEnvsubst: - type: boolean - commonLabels: - additionalProperties: - type: string - type: object - forceCommonAnnotations: - type: boolean - forceCommonLabels: - type: boolean - images: - items: - type: string - type: array - namePrefix: - type: string - nameSuffix: - type: string - namespace: - type: string - patches: - items: - properties: - options: - additionalProperties: - type: boolean - type: object - patch: - type: string - path: - type: string - target: - properties: - annotationSelector: - type: string - group: - type: string - kind: - type: string - labelSelector: - type: string - name: - type: string - namespace: - type: string - version: - type: string - type: object - type: object - type: array - replicas: - items: - properties: - count: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - name: - type: string - required: - - count - - name - type: object - type: array - version: - type: string - type: object - path: - type: string - plugin: - properties: - env: - items: - properties: - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - name: - type: string - parameters: - items: - properties: - array: - items: - type: string - type: array - map: - additionalProperties: - type: string - type: object - name: - type: string - string: - type: string - type: object - type: array - type: object - ref: - type: string - repoURL: - type: string - targetRevision: - type: string - required: - - repoURL - type: object - type: array - syncPolicy: - properties: - automated: - properties: - allowEmpty: - type: boolean - prune: - type: boolean - selfHeal: - type: boolean - type: object - managedNamespaceMetadata: - properties: - annotations: - additionalProperties: - type: string - type: object - labels: - additionalProperties: - type: string - type: object - type: object - retry: - properties: - backoff: - properties: - duration: - type: string - factor: - format: int64 - type: integer - maxDuration: - type: string - type: object - limit: - format: int64 - type: integer - type: object - syncOptions: - items: - type: string - type: array - type: object - required: - - destination - - project - type: object - required: - - metadata - - spec - type: object - required: - - elements - type: object - matrix: - properties: - generators: - items: - properties: - clusterDecisionResource: - properties: - configMapRef: - type: string - labelSelector: - properties: - matchExpressions: - items: - properties: - key: - type: string - operator: - type: string - values: - items: - type: string - type: array - required: - - key - - operator - type: object - type: array - matchLabels: - additionalProperties: - type: string - type: object - type: object - name: - type: string - requeueAfterSeconds: - format: int64 - type: integer - template: - properties: - metadata: - properties: - annotations: - additionalProperties: - type: string - type: object - finalizers: - items: - type: string - type: array - labels: - additionalProperties: - type: string - type: object - name: - type: string - namespace: - type: string - type: object - spec: - properties: - destination: - properties: - name: - type: string - namespace: - type: string - server: - type: string - type: object - ignoreDifferences: - items: - properties: - group: - type: string - jqPathExpressions: - items: - type: string - type: array - jsonPointers: - items: - type: string - type: array - kind: - type: string - managedFieldsManagers: - items: - type: string - type: array - name: - type: string - namespace: - type: string - required: - - kind - type: object - type: array - info: - items: - properties: - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - project: - type: string - revisionHistoryLimit: - format: int64 - type: integer - source: - properties: - chart: - type: string - directory: - properties: - exclude: - type: string - include: - type: string - jsonnet: - properties: - extVars: - items: - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - libs: - items: - type: string - type: array - tlas: - items: - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - type: object - recurse: - type: boolean - type: object - helm: - properties: - fileParameters: - items: - properties: - name: - type: string - path: - type: string - type: object - type: array - ignoreMissingValueFiles: - type: boolean - parameters: - items: - properties: - forceString: - type: boolean - name: - type: string - value: - type: string - type: object - type: array - passCredentials: - type: boolean - releaseName: - type: string - skipCrds: - type: boolean - valueFiles: - items: - type: string - type: array - values: - type: string - valuesObject: - type: object - x-kubernetes-preserve-unknown-fields: true - version: - type: string - type: object - kustomize: - properties: - commonAnnotations: - additionalProperties: - type: string - type: object - commonAnnotationsEnvsubst: - type: boolean - commonLabels: - additionalProperties: - type: string - type: object - forceCommonAnnotations: - type: boolean - forceCommonLabels: - type: boolean - images: - items: - type: string - type: array - namePrefix: - type: string - nameSuffix: - type: string - namespace: - type: string - patches: - items: - properties: - options: - additionalProperties: - type: boolean - type: object - patch: - type: string - path: - type: string - target: - properties: - annotationSelector: - type: string - group: - type: string - kind: - type: string - labelSelector: - type: string - name: - type: string - namespace: - type: string - version: - type: string - type: object - type: object - type: array - replicas: - items: - properties: - count: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - name: - type: string - required: - - count - - name - type: object - type: array - version: - type: string - type: object - path: - type: string - plugin: - properties: - env: - items: - properties: - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - name: - type: string - parameters: - items: - properties: - array: - items: - type: string - type: array - map: - additionalProperties: - type: string - type: object - name: - type: string - string: - type: string - type: object - type: array - type: object - ref: - type: string - repoURL: - type: string - targetRevision: - type: string - required: - - repoURL - type: object - sources: - items: - properties: - chart: - type: string - directory: - properties: - exclude: - type: string - include: - type: string - jsonnet: - properties: - extVars: - items: - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - libs: - items: - type: string - type: array - tlas: - items: - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - type: object - recurse: - type: boolean - type: object - helm: - properties: - fileParameters: - items: - properties: - name: - type: string - path: - type: string - type: object - type: array - ignoreMissingValueFiles: - type: boolean - parameters: - items: - properties: - forceString: - type: boolean - name: - type: string - value: - type: string - type: object - type: array - passCredentials: - type: boolean - releaseName: - type: string - skipCrds: - type: boolean - valueFiles: - items: - type: string - type: array - values: - type: string - valuesObject: - type: object - x-kubernetes-preserve-unknown-fields: true - version: - type: string - type: object - kustomize: - properties: - commonAnnotations: - additionalProperties: - type: string - type: object - commonAnnotationsEnvsubst: - type: boolean - commonLabels: - additionalProperties: - type: string - type: object - forceCommonAnnotations: - type: boolean - forceCommonLabels: - type: boolean - images: - items: - type: string - type: array - namePrefix: - type: string - nameSuffix: - type: string - namespace: - type: string - patches: - items: - properties: - options: - additionalProperties: - type: boolean - type: object - patch: - type: string - path: - type: string - target: - properties: - annotationSelector: - type: string - group: - type: string - kind: - type: string - labelSelector: - type: string - name: - type: string - namespace: - type: string - version: - type: string - type: object - type: object - type: array - replicas: - items: - properties: - count: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - name: - type: string - required: - - count - - name - type: object - type: array - version: - type: string - type: object - path: - type: string - plugin: - properties: - env: - items: - properties: - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - name: - type: string - parameters: - items: - properties: - array: - items: - type: string - type: array - map: - additionalProperties: - type: string - type: object - name: - type: string - string: - type: string - type: object - type: array - type: object - ref: - type: string - repoURL: - type: string - targetRevision: - type: string - required: - - repoURL - type: object - type: array - syncPolicy: - properties: - automated: - properties: - allowEmpty: - type: boolean - prune: - type: boolean - selfHeal: - type: boolean - type: object - managedNamespaceMetadata: - properties: - annotations: - additionalProperties: - type: string - type: object - labels: - additionalProperties: - type: string - type: object - type: object - retry: - properties: - backoff: - properties: - duration: - type: string - factor: - format: int64 - type: integer - maxDuration: - type: string - type: object - limit: - format: int64 - type: integer - type: object - syncOptions: - items: - type: string - type: array - type: object - required: - - destination - - project - type: object - required: - - metadata - - spec - type: object - values: - additionalProperties: - type: string - type: object - required: - - configMapRef - type: object - clusters: - properties: - selector: - properties: - matchExpressions: - items: - properties: - key: - type: string - operator: - type: string - values: - items: - type: string - type: array - required: - - key - - operator - type: object - type: array - matchLabels: - additionalProperties: - type: string - type: object - type: object - template: - properties: - metadata: - properties: - annotations: - additionalProperties: - type: string - type: object - finalizers: - items: - type: string - type: array - labels: - additionalProperties: - type: string - type: object - name: - type: string - namespace: - type: string - type: object - spec: - properties: - destination: - properties: - name: - type: string - namespace: - type: string - server: - type: string - type: object - ignoreDifferences: - items: - properties: - group: - type: string - jqPathExpressions: - items: - type: string - type: array - jsonPointers: - items: - type: string - type: array - kind: - type: string - managedFieldsManagers: - items: - type: string - type: array - name: - type: string - namespace: - type: string - required: - - kind - type: object - type: array - info: - items: - properties: - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - project: - type: string - revisionHistoryLimit: - format: int64 - type: integer - source: - properties: - chart: - type: string - directory: - properties: - exclude: - type: string - include: - type: string - jsonnet: - properties: - extVars: - items: - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - libs: - items: - type: string - type: array - tlas: - items: - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - type: object - recurse: - type: boolean - type: object - helm: - properties: - fileParameters: - items: - properties: - name: - type: string - path: - type: string - type: object - type: array - ignoreMissingValueFiles: - type: boolean - parameters: - items: - properties: - forceString: - type: boolean - name: - type: string - value: - type: string - type: object - type: array - passCredentials: - type: boolean - releaseName: - type: string - skipCrds: - type: boolean - valueFiles: - items: - type: string - type: array - values: - type: string - valuesObject: - type: object - x-kubernetes-preserve-unknown-fields: true - version: - type: string - type: object - kustomize: - properties: - commonAnnotations: - additionalProperties: - type: string - type: object - commonAnnotationsEnvsubst: - type: boolean - commonLabels: - additionalProperties: - type: string - type: object - forceCommonAnnotations: - type: boolean - forceCommonLabels: - type: boolean - images: - items: - type: string - type: array - namePrefix: - type: string - nameSuffix: - type: string - namespace: - type: string - patches: - items: - properties: - options: - additionalProperties: - type: boolean - type: object - patch: - type: string - path: - type: string - target: - properties: - annotationSelector: - type: string - group: - type: string - kind: - type: string - labelSelector: - type: string - name: - type: string - namespace: - type: string - version: - type: string - type: object - type: object - type: array - replicas: - items: - properties: - count: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - name: - type: string - required: - - count - - name - type: object - type: array - version: - type: string - type: object - path: - type: string - plugin: - properties: - env: - items: - properties: - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - name: - type: string - parameters: - items: - properties: - array: - items: - type: string - type: array - map: - additionalProperties: - type: string - type: object - name: - type: string - string: - type: string - type: object - type: array - type: object - ref: - type: string - repoURL: - type: string - targetRevision: - type: string - required: - - repoURL - type: object - sources: - items: - properties: - chart: - type: string - directory: - properties: - exclude: - type: string - include: - type: string - jsonnet: - properties: - extVars: - items: - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - libs: - items: - type: string - type: array - tlas: - items: - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - type: object - recurse: - type: boolean - type: object - helm: - properties: - fileParameters: - items: - properties: - name: - type: string - path: - type: string - type: object - type: array - ignoreMissingValueFiles: - type: boolean - parameters: - items: - properties: - forceString: - type: boolean - name: - type: string - value: - type: string - type: object - type: array - passCredentials: - type: boolean - releaseName: - type: string - skipCrds: - type: boolean - valueFiles: - items: - type: string - type: array - values: - type: string - valuesObject: - type: object - x-kubernetes-preserve-unknown-fields: true - version: - type: string - type: object - kustomize: - properties: - commonAnnotations: - additionalProperties: - type: string - type: object - commonAnnotationsEnvsubst: - type: boolean - commonLabels: - additionalProperties: - type: string - type: object - forceCommonAnnotations: - type: boolean - forceCommonLabels: - type: boolean - images: - items: - type: string - type: array - namePrefix: - type: string - nameSuffix: - type: string - namespace: - type: string - patches: - items: - properties: - options: - additionalProperties: - type: boolean - type: object - patch: - type: string - path: - type: string - target: - properties: - annotationSelector: - type: string - group: - type: string - kind: - type: string - labelSelector: - type: string - name: - type: string - namespace: - type: string - version: - type: string - type: object - type: object - type: array - replicas: - items: - properties: - count: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - name: - type: string - required: - - count - - name - type: object - type: array - version: - type: string - type: object - path: - type: string - plugin: - properties: - env: - items: - properties: - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - name: - type: string - parameters: - items: - properties: - array: - items: - type: string - type: array - map: - additionalProperties: - type: string - type: object - name: - type: string - string: - type: string - type: object - type: array - type: object - ref: - type: string - repoURL: - type: string - targetRevision: - type: string - required: - - repoURL - type: object - type: array - syncPolicy: - properties: - automated: - properties: - allowEmpty: - type: boolean - prune: - type: boolean - selfHeal: - type: boolean - type: object - managedNamespaceMetadata: - properties: - annotations: - additionalProperties: - type: string - type: object - labels: - additionalProperties: - type: string - type: object - type: object - retry: - properties: - backoff: - properties: - duration: - type: string - factor: - format: int64 - type: integer - maxDuration: - type: string - type: object - limit: - format: int64 - type: integer - type: object - syncOptions: - items: - type: string - type: array - type: object - required: - - destination - - project - type: object - required: - - metadata - - spec - type: object - values: - additionalProperties: - type: string - type: object - type: object - git: - properties: - directories: - items: - properties: - exclude: - type: boolean - path: - type: string - required: - - path - type: object - type: array - files: - items: - properties: - path: - type: string - required: - - path - type: object - type: array - pathParamPrefix: - type: string - repoURL: - type: string - requeueAfterSeconds: - format: int64 - type: integer - revision: - type: string - template: - properties: - metadata: - properties: - annotations: - additionalProperties: - type: string - type: object - finalizers: - items: - type: string - type: array - labels: - additionalProperties: - type: string - type: object - name: - type: string - namespace: - type: string - type: object - spec: - properties: - destination: - properties: - name: - type: string - namespace: - type: string - server: - type: string - type: object - ignoreDifferences: - items: - properties: - group: - type: string - jqPathExpressions: - items: - type: string - type: array - jsonPointers: - items: - type: string - type: array - kind: - type: string - managedFieldsManagers: - items: - type: string - type: array - name: - type: string - namespace: - type: string - required: - - kind - type: object - type: array - info: - items: - properties: - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - project: - type: string - revisionHistoryLimit: - format: int64 - type: integer - source: - properties: - chart: - type: string - directory: - properties: - exclude: - type: string - include: - type: string - jsonnet: - properties: - extVars: - items: - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - libs: - items: - type: string - type: array - tlas: - items: - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - type: object - recurse: - type: boolean - type: object - helm: - properties: - fileParameters: - items: - properties: - name: - type: string - path: - type: string - type: object - type: array - ignoreMissingValueFiles: - type: boolean - parameters: - items: - properties: - forceString: - type: boolean - name: - type: string - value: - type: string - type: object - type: array - passCredentials: - type: boolean - releaseName: - type: string - skipCrds: - type: boolean - valueFiles: - items: - type: string - type: array - values: - type: string - valuesObject: - type: object - x-kubernetes-preserve-unknown-fields: true - version: - type: string - type: object - kustomize: - properties: - commonAnnotations: - additionalProperties: - type: string - type: object - commonAnnotationsEnvsubst: - type: boolean - commonLabels: - additionalProperties: - type: string - type: object - forceCommonAnnotations: - type: boolean - forceCommonLabels: - type: boolean - images: - items: - type: string - type: array - namePrefix: - type: string - nameSuffix: - type: string - namespace: - type: string - patches: - items: - properties: - options: - additionalProperties: - type: boolean - type: object - patch: - type: string - path: - type: string - target: - properties: - annotationSelector: - type: string - group: - type: string - kind: - type: string - labelSelector: - type: string - name: - type: string - namespace: - type: string - version: - type: string - type: object - type: object - type: array - replicas: - items: - properties: - count: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - name: - type: string - required: - - count - - name - type: object - type: array - version: - type: string - type: object - path: - type: string - plugin: - properties: - env: - items: - properties: - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - name: - type: string - parameters: - items: - properties: - array: - items: - type: string - type: array - map: - additionalProperties: - type: string - type: object - name: - type: string - string: - type: string - type: object - type: array - type: object - ref: - type: string - repoURL: - type: string - targetRevision: - type: string - required: - - repoURL - type: object - sources: - items: - properties: - chart: - type: string - directory: - properties: - exclude: - type: string - include: - type: string - jsonnet: - properties: - extVars: - items: - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - libs: - items: - type: string - type: array - tlas: - items: - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - type: object - recurse: - type: boolean - type: object - helm: - properties: - fileParameters: - items: - properties: - name: - type: string - path: - type: string - type: object - type: array - ignoreMissingValueFiles: - type: boolean - parameters: - items: - properties: - forceString: - type: boolean - name: - type: string - value: - type: string - type: object - type: array - passCredentials: - type: boolean - releaseName: - type: string - skipCrds: - type: boolean - valueFiles: - items: - type: string - type: array - values: - type: string - valuesObject: - type: object - x-kubernetes-preserve-unknown-fields: true - version: - type: string - type: object - kustomize: - properties: - commonAnnotations: - additionalProperties: - type: string - type: object - commonAnnotationsEnvsubst: - type: boolean - commonLabels: - additionalProperties: - type: string - type: object - forceCommonAnnotations: - type: boolean - forceCommonLabels: - type: boolean - images: - items: - type: string - type: array - namePrefix: - type: string - nameSuffix: - type: string - namespace: - type: string - patches: - items: - properties: - options: - additionalProperties: - type: boolean - type: object - patch: - type: string - path: - type: string - target: - properties: - annotationSelector: - type: string - group: - type: string - kind: - type: string - labelSelector: - type: string - name: - type: string - namespace: - type: string - version: - type: string - type: object - type: object - type: array - replicas: - items: - properties: - count: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - name: - type: string - required: - - count - - name - type: object - type: array - version: - type: string - type: object - path: - type: string - plugin: - properties: - env: - items: - properties: - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - name: - type: string - parameters: - items: - properties: - array: - items: - type: string - type: array - map: - additionalProperties: - type: string - type: object - name: - type: string - string: - type: string - type: object - type: array - type: object - ref: - type: string - repoURL: - type: string - targetRevision: - type: string - required: - - repoURL - type: object - type: array - syncPolicy: - properties: - automated: - properties: - allowEmpty: - type: boolean - prune: - type: boolean - selfHeal: - type: boolean - type: object - managedNamespaceMetadata: - properties: - annotations: - additionalProperties: - type: string - type: object - labels: - additionalProperties: - type: string - type: object - type: object - retry: - properties: - backoff: - properties: - duration: - type: string - factor: - format: int64 - type: integer - maxDuration: - type: string - type: object - limit: - format: int64 - type: integer - type: object - syncOptions: - items: - type: string - type: array - type: object - required: - - destination - - project - type: object - required: - - metadata - - spec - type: object - values: - additionalProperties: - type: string - type: object - required: - - repoURL - - revision - type: object - list: - properties: - elements: - items: - x-kubernetes-preserve-unknown-fields: true - type: array - elementsYaml: - type: string - template: - properties: - metadata: - properties: - annotations: - additionalProperties: - type: string - type: object - finalizers: - items: - type: string - type: array - labels: - additionalProperties: - type: string - type: object - name: - type: string - namespace: - type: string - type: object - spec: - properties: - destination: - properties: - name: - type: string - namespace: - type: string - server: - type: string - type: object - ignoreDifferences: - items: - properties: - group: - type: string - jqPathExpressions: - items: - type: string - type: array - jsonPointers: - items: - type: string - type: array - kind: - type: string - managedFieldsManagers: - items: - type: string - type: array - name: - type: string - namespace: - type: string - required: - - kind - type: object - type: array - info: - items: - properties: - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - project: - type: string - revisionHistoryLimit: - format: int64 - type: integer - source: - properties: - chart: - type: string - directory: - properties: - exclude: - type: string - include: - type: string - jsonnet: - properties: - extVars: - items: - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - libs: - items: - type: string - type: array - tlas: - items: - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - type: object - recurse: - type: boolean - type: object - helm: - properties: - fileParameters: - items: - properties: - name: - type: string - path: - type: string - type: object - type: array - ignoreMissingValueFiles: - type: boolean - parameters: - items: - properties: - forceString: - type: boolean - name: - type: string - value: - type: string - type: object - type: array - passCredentials: - type: boolean - releaseName: - type: string - skipCrds: - type: boolean - valueFiles: - items: - type: string - type: array - values: - type: string - valuesObject: - type: object - x-kubernetes-preserve-unknown-fields: true - version: - type: string - type: object - kustomize: - properties: - commonAnnotations: - additionalProperties: - type: string - type: object - commonAnnotationsEnvsubst: - type: boolean - commonLabels: - additionalProperties: - type: string - type: object - forceCommonAnnotations: - type: boolean - forceCommonLabels: - type: boolean - images: - items: - type: string - type: array - namePrefix: - type: string - nameSuffix: - type: string - namespace: - type: string - patches: - items: - properties: - options: - additionalProperties: - type: boolean - type: object - patch: - type: string - path: - type: string - target: - properties: - annotationSelector: - type: string - group: - type: string - kind: - type: string - labelSelector: - type: string - name: - type: string - namespace: - type: string - version: - type: string - type: object - type: object - type: array - replicas: - items: - properties: - count: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - name: - type: string - required: - - count - - name - type: object - type: array - version: - type: string - type: object - path: - type: string - plugin: - properties: - env: - items: - properties: - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - name: - type: string - parameters: - items: - properties: - array: - items: - type: string - type: array - map: - additionalProperties: - type: string - type: object - name: - type: string - string: - type: string - type: object - type: array - type: object - ref: - type: string - repoURL: - type: string - targetRevision: - type: string - required: - - repoURL - type: object - sources: - items: - properties: - chart: - type: string - directory: - properties: - exclude: - type: string - include: - type: string - jsonnet: - properties: - extVars: - items: - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - libs: - items: - type: string - type: array - tlas: - items: - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - type: object - recurse: - type: boolean - type: object - helm: - properties: - fileParameters: - items: - properties: - name: - type: string - path: - type: string - type: object - type: array - ignoreMissingValueFiles: - type: boolean - parameters: - items: - properties: - forceString: - type: boolean - name: - type: string - value: - type: string - type: object - type: array - passCredentials: - type: boolean - releaseName: - type: string - skipCrds: - type: boolean - valueFiles: - items: - type: string - type: array - values: - type: string - valuesObject: - type: object - x-kubernetes-preserve-unknown-fields: true - version: - type: string - type: object - kustomize: - properties: - commonAnnotations: - additionalProperties: - type: string - type: object - commonAnnotationsEnvsubst: - type: boolean - commonLabels: - additionalProperties: - type: string - type: object - forceCommonAnnotations: - type: boolean - forceCommonLabels: - type: boolean - images: - items: - type: string - type: array - namePrefix: - type: string - nameSuffix: - type: string - namespace: - type: string - patches: - items: - properties: - options: - additionalProperties: - type: boolean - type: object - patch: - type: string - path: - type: string - target: - properties: - annotationSelector: - type: string - group: - type: string - kind: - type: string - labelSelector: - type: string - name: - type: string - namespace: - type: string - version: - type: string - type: object - type: object - type: array - replicas: - items: - properties: - count: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - name: - type: string - required: - - count - - name - type: object - type: array - version: - type: string - type: object - path: - type: string - plugin: - properties: - env: - items: - properties: - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - name: - type: string - parameters: - items: - properties: - array: - items: - type: string - type: array - map: - additionalProperties: - type: string - type: object - name: - type: string - string: - type: string - type: object - type: array - type: object - ref: - type: string - repoURL: - type: string - targetRevision: - type: string - required: - - repoURL - type: object - type: array - syncPolicy: - properties: - automated: - properties: - allowEmpty: - type: boolean - prune: - type: boolean - selfHeal: - type: boolean - type: object - managedNamespaceMetadata: - properties: - annotations: - additionalProperties: - type: string - type: object - labels: - additionalProperties: - type: string - type: object - type: object - retry: - properties: - backoff: - properties: - duration: - type: string - factor: - format: int64 - type: integer - maxDuration: - type: string - type: object - limit: - format: int64 - type: integer - type: object - syncOptions: - items: - type: string - type: array - type: object - required: - - destination - - project - type: object - required: - - metadata - - spec - type: object - required: - - elements - type: object - matrix: - x-kubernetes-preserve-unknown-fields: true - merge: - x-kubernetes-preserve-unknown-fields: true - plugin: - properties: - configMapRef: - properties: - name: - type: string - required: - - name - type: object - input: - properties: - parameters: - additionalProperties: - x-kubernetes-preserve-unknown-fields: true - type: object - type: object - requeueAfterSeconds: - format: int64 - type: integer - template: - properties: - metadata: - properties: - annotations: - additionalProperties: - type: string - type: object - finalizers: - items: - type: string - type: array - labels: - additionalProperties: - type: string - type: object - name: - type: string - namespace: - type: string - type: object - spec: - properties: - destination: - properties: - name: - type: string - namespace: - type: string - server: - type: string - type: object - ignoreDifferences: - items: - properties: - group: - type: string - jqPathExpressions: - items: - type: string - type: array - jsonPointers: - items: - type: string - type: array - kind: - type: string - managedFieldsManagers: - items: - type: string - type: array - name: - type: string - namespace: - type: string - required: - - kind - type: object - type: array - info: - items: - properties: - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - project: - type: string - revisionHistoryLimit: - format: int64 - type: integer - source: - properties: - chart: - type: string - directory: - properties: - exclude: - type: string - include: - type: string - jsonnet: - properties: - extVars: - items: - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - libs: - items: - type: string - type: array - tlas: - items: - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - type: object - recurse: - type: boolean - type: object - helm: - properties: - fileParameters: - items: - properties: - name: - type: string - path: - type: string - type: object - type: array - ignoreMissingValueFiles: - type: boolean - parameters: - items: - properties: - forceString: - type: boolean - name: - type: string - value: - type: string - type: object - type: array - passCredentials: - type: boolean - releaseName: - type: string - skipCrds: - type: boolean - valueFiles: - items: - type: string - type: array - values: - type: string - valuesObject: - type: object - x-kubernetes-preserve-unknown-fields: true - version: - type: string - type: object - kustomize: - properties: - commonAnnotations: - additionalProperties: - type: string - type: object - commonAnnotationsEnvsubst: - type: boolean - commonLabels: - additionalProperties: - type: string - type: object - forceCommonAnnotations: - type: boolean - forceCommonLabels: - type: boolean - images: - items: - type: string - type: array - namePrefix: - type: string - nameSuffix: - type: string - namespace: - type: string - patches: - items: - properties: - options: - additionalProperties: - type: boolean - type: object - patch: - type: string - path: - type: string - target: - properties: - annotationSelector: - type: string - group: - type: string - kind: - type: string - labelSelector: - type: string - name: - type: string - namespace: - type: string - version: - type: string - type: object - type: object - type: array - replicas: - items: - properties: - count: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - name: - type: string - required: - - count - - name - type: object - type: array - version: - type: string - type: object - path: - type: string - plugin: - properties: - env: - items: - properties: - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - name: - type: string - parameters: - items: - properties: - array: - items: - type: string - type: array - map: - additionalProperties: - type: string - type: object - name: - type: string - string: - type: string - type: object - type: array - type: object - ref: - type: string - repoURL: - type: string - targetRevision: - type: string - required: - - repoURL - type: object - sources: - items: - properties: - chart: - type: string - directory: - properties: - exclude: - type: string - include: - type: string - jsonnet: - properties: - extVars: - items: - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - libs: - items: - type: string - type: array - tlas: - items: - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - type: object - recurse: - type: boolean - type: object - helm: - properties: - fileParameters: - items: - properties: - name: - type: string - path: - type: string - type: object - type: array - ignoreMissingValueFiles: - type: boolean - parameters: - items: - properties: - forceString: - type: boolean - name: - type: string - value: - type: string - type: object - type: array - passCredentials: - type: boolean - releaseName: - type: string - skipCrds: - type: boolean - valueFiles: - items: - type: string - type: array - values: - type: string - valuesObject: - type: object - x-kubernetes-preserve-unknown-fields: true - version: - type: string - type: object - kustomize: - properties: - commonAnnotations: - additionalProperties: - type: string - type: object - commonAnnotationsEnvsubst: - type: boolean - commonLabels: - additionalProperties: - type: string - type: object - forceCommonAnnotations: - type: boolean - forceCommonLabels: - type: boolean - images: - items: - type: string - type: array - namePrefix: - type: string - nameSuffix: - type: string - namespace: - type: string - patches: - items: - properties: - options: - additionalProperties: - type: boolean - type: object - patch: - type: string - path: - type: string - target: - properties: - annotationSelector: - type: string - group: - type: string - kind: - type: string - labelSelector: - type: string - name: - type: string - namespace: - type: string - version: - type: string - type: object - type: object - type: array - replicas: - items: - properties: - count: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - name: - type: string - required: - - count - - name - type: object - type: array - version: - type: string - type: object - path: - type: string - plugin: - properties: - env: - items: - properties: - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - name: - type: string - parameters: - items: - properties: - array: - items: - type: string - type: array - map: - additionalProperties: - type: string - type: object - name: - type: string - string: - type: string - type: object - type: array - type: object - ref: - type: string - repoURL: - type: string - targetRevision: - type: string - required: - - repoURL - type: object - type: array - syncPolicy: - properties: - automated: - properties: - allowEmpty: - type: boolean - prune: - type: boolean - selfHeal: - type: boolean - type: object - managedNamespaceMetadata: - properties: - annotations: - additionalProperties: - type: string - type: object - labels: - additionalProperties: - type: string - type: object - type: object - retry: - properties: - backoff: - properties: - duration: - type: string - factor: - format: int64 - type: integer - maxDuration: - type: string - type: object - limit: - format: int64 - type: integer - type: object - syncOptions: - items: - type: string - type: array - type: object - required: - - destination - - project - type: object - required: - - metadata - - spec - type: object - values: - additionalProperties: - type: string - type: object - required: - - configMapRef - type: object - pullRequest: - properties: - azuredevops: - properties: - api: - type: string - labels: - items: - type: string - type: array - organization: - type: string - project: - type: string - repo: - type: string - tokenRef: - properties: - key: - type: string - secretName: - type: string - required: - - key - - secretName - type: object - required: - - organization - - project - - repo - type: object - bitbucket: - properties: - api: - type: string - basicAuth: - properties: - passwordRef: - properties: - key: - type: string - secretName: - type: string - required: - - key - - secretName - type: object - username: - type: string - required: - - passwordRef - - username - type: object - bearerToken: - properties: - tokenRef: - properties: - key: - type: string - secretName: - type: string - required: - - key - - secretName - type: object - required: - - tokenRef - type: object - owner: - type: string - repo: - type: string - required: - - owner - - repo - type: object - bitbucketServer: - properties: - api: - type: string - basicAuth: - properties: - passwordRef: - properties: - key: - type: string - secretName: - type: string - required: - - key - - secretName - type: object - username: - type: string - required: - - passwordRef - - username - type: object - project: - type: string - repo: - type: string - required: - - api - - project - - repo - type: object - filters: - items: - properties: - branchMatch: - type: string - targetBranchMatch: - type: string - type: object - type: array - gitea: - properties: - api: - type: string - insecure: - type: boolean - owner: - type: string - repo: - type: string - tokenRef: - properties: - key: - type: string - secretName: - type: string - required: - - key - - secretName - type: object - required: - - api - - owner - - repo - type: object - github: - properties: - api: - type: string - appSecretName: - type: string - labels: - items: - type: string - type: array - owner: - type: string - repo: - type: string - tokenRef: - properties: - key: - type: string - secretName: - type: string - required: - - key - - secretName - type: object - required: - - owner - - repo - type: object - gitlab: - properties: - api: - type: string - insecure: - type: boolean - labels: - items: - type: string - type: array - project: - type: string - pullRequestState: - type: string - tokenRef: - properties: - key: - type: string - secretName: - type: string - required: - - key - - secretName - type: object - required: - - project - type: object - requeueAfterSeconds: - format: int64 - type: integer - template: - properties: - metadata: - properties: - annotations: - additionalProperties: - type: string - type: object - finalizers: - items: - type: string - type: array - labels: - additionalProperties: - type: string - type: object - name: - type: string - namespace: - type: string - type: object - spec: - properties: - destination: - properties: - name: - type: string - namespace: - type: string - server: - type: string - type: object - ignoreDifferences: - items: - properties: - group: - type: string - jqPathExpressions: - items: - type: string - type: array - jsonPointers: - items: - type: string - type: array - kind: - type: string - managedFieldsManagers: - items: - type: string - type: array - name: - type: string - namespace: - type: string - required: - - kind - type: object - type: array - info: - items: - properties: - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - project: - type: string - revisionHistoryLimit: - format: int64 - type: integer - source: - properties: - chart: - type: string - directory: - properties: - exclude: - type: string - include: - type: string - jsonnet: - properties: - extVars: - items: - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - libs: - items: - type: string - type: array - tlas: - items: - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - type: object - recurse: - type: boolean - type: object - helm: - properties: - fileParameters: - items: - properties: - name: - type: string - path: - type: string - type: object - type: array - ignoreMissingValueFiles: - type: boolean - parameters: - items: - properties: - forceString: - type: boolean - name: - type: string - value: - type: string - type: object - type: array - passCredentials: - type: boolean - releaseName: - type: string - skipCrds: - type: boolean - valueFiles: - items: - type: string - type: array - values: - type: string - valuesObject: - type: object - x-kubernetes-preserve-unknown-fields: true - version: - type: string - type: object - kustomize: - properties: - commonAnnotations: - additionalProperties: - type: string - type: object - commonAnnotationsEnvsubst: - type: boolean - commonLabels: - additionalProperties: - type: string - type: object - forceCommonAnnotations: - type: boolean - forceCommonLabels: - type: boolean - images: - items: - type: string - type: array - namePrefix: - type: string - nameSuffix: - type: string - namespace: - type: string - patches: - items: - properties: - options: - additionalProperties: - type: boolean - type: object - patch: - type: string - path: - type: string - target: - properties: - annotationSelector: - type: string - group: - type: string - kind: - type: string - labelSelector: - type: string - name: - type: string - namespace: - type: string - version: - type: string - type: object - type: object - type: array - replicas: - items: - properties: - count: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - name: - type: string - required: - - count - - name - type: object - type: array - version: - type: string - type: object - path: - type: string - plugin: - properties: - env: - items: - properties: - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - name: - type: string - parameters: - items: - properties: - array: - items: - type: string - type: array - map: - additionalProperties: - type: string - type: object - name: - type: string - string: - type: string - type: object - type: array - type: object - ref: - type: string - repoURL: - type: string - targetRevision: - type: string - required: - - repoURL - type: object - sources: - items: - properties: - chart: - type: string - directory: - properties: - exclude: - type: string - include: - type: string - jsonnet: - properties: - extVars: - items: - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - libs: - items: - type: string - type: array - tlas: - items: - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - type: object - recurse: - type: boolean - type: object - helm: - properties: - fileParameters: - items: - properties: - name: - type: string - path: - type: string - type: object - type: array - ignoreMissingValueFiles: - type: boolean - parameters: - items: - properties: - forceString: - type: boolean - name: - type: string - value: - type: string - type: object - type: array - passCredentials: - type: boolean - releaseName: - type: string - skipCrds: - type: boolean - valueFiles: - items: - type: string - type: array - values: - type: string - valuesObject: - type: object - x-kubernetes-preserve-unknown-fields: true - version: - type: string - type: object - kustomize: - properties: - commonAnnotations: - additionalProperties: - type: string - type: object - commonAnnotationsEnvsubst: - type: boolean - commonLabels: - additionalProperties: - type: string - type: object - forceCommonAnnotations: - type: boolean - forceCommonLabels: - type: boolean - images: - items: - type: string - type: array - namePrefix: - type: string - nameSuffix: - type: string - namespace: - type: string - patches: - items: - properties: - options: - additionalProperties: - type: boolean - type: object - patch: - type: string - path: - type: string - target: - properties: - annotationSelector: - type: string - group: - type: string - kind: - type: string - labelSelector: - type: string - name: - type: string - namespace: - type: string - version: - type: string - type: object - type: object - type: array - replicas: - items: - properties: - count: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - name: - type: string - required: - - count - - name - type: object - type: array - version: - type: string - type: object - path: - type: string - plugin: - properties: - env: - items: - properties: - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - name: - type: string - parameters: - items: - properties: - array: - items: - type: string - type: array - map: - additionalProperties: - type: string - type: object - name: - type: string - string: - type: string - type: object - type: array - type: object - ref: - type: string - repoURL: - type: string - targetRevision: - type: string - required: - - repoURL - type: object - type: array - syncPolicy: - properties: - automated: - properties: - allowEmpty: - type: boolean - prune: - type: boolean - selfHeal: - type: boolean - type: object - managedNamespaceMetadata: - properties: - annotations: - additionalProperties: - type: string - type: object - labels: - additionalProperties: - type: string - type: object - type: object - retry: - properties: - backoff: - properties: - duration: - type: string - factor: - format: int64 - type: integer - maxDuration: - type: string - type: object - limit: - format: int64 - type: integer - type: object - syncOptions: - items: - type: string - type: array - type: object - required: - - destination - - project - type: object - required: - - metadata - - spec - type: object - type: object - scmProvider: - properties: - awsCodeCommit: - properties: - allBranches: - type: boolean - region: - type: string - role: - type: string - tagFilters: - items: - properties: - key: - type: string - value: - type: string - required: - - key - type: object - type: array - type: object - azureDevOps: - properties: - accessTokenRef: - properties: - key: - type: string - secretName: - type: string - required: - - key - - secretName - type: object - allBranches: - type: boolean - api: - type: string - organization: - type: string - teamProject: - type: string - required: - - accessTokenRef - - organization - - teamProject - type: object - bitbucket: - properties: - allBranches: - type: boolean - appPasswordRef: - properties: - key: - type: string - secretName: - type: string - required: - - key - - secretName - type: object - owner: - type: string - user: - type: string - required: - - appPasswordRef - - owner - - user - type: object - bitbucketServer: - properties: - allBranches: - type: boolean - api: - type: string - basicAuth: - properties: - passwordRef: - properties: - key: - type: string - secretName: - type: string - required: - - key - - secretName - type: object - username: - type: string - required: - - passwordRef - - username - type: object - project: - type: string - required: - - api - - project - type: object - cloneProtocol: - type: string - filters: - items: - properties: - branchMatch: - type: string - labelMatch: - type: string - pathsDoNotExist: - items: - type: string - type: array - pathsExist: - items: - type: string - type: array - repositoryMatch: - type: string - type: object - type: array - gitea: - properties: - allBranches: - type: boolean - api: - type: string - insecure: - type: boolean - owner: - type: string - tokenRef: - properties: - key: - type: string - secretName: - type: string - required: - - key - - secretName - type: object - required: - - api - - owner - type: object - github: - properties: - allBranches: - type: boolean - api: - type: string - appSecretName: - type: string - organization: - type: string - tokenRef: - properties: - key: - type: string - secretName: - type: string - required: - - key - - secretName - type: object - required: - - organization - type: object - gitlab: - properties: - allBranches: - type: boolean - api: - type: string - group: - type: string - includeSharedProjects: - type: boolean - includeSubgroups: - type: boolean - insecure: - type: boolean - tokenRef: - properties: - key: - type: string - secretName: - type: string - required: - - key - - secretName - type: object - topic: - type: string - required: - - group - type: object - requeueAfterSeconds: - format: int64 - type: integer - template: - properties: - metadata: - properties: - annotations: - additionalProperties: - type: string - type: object - finalizers: - items: - type: string - type: array - labels: - additionalProperties: - type: string - type: object - name: - type: string - namespace: - type: string - type: object - spec: - properties: - destination: - properties: - name: - type: string - namespace: - type: string - server: - type: string - type: object - ignoreDifferences: - items: - properties: - group: - type: string - jqPathExpressions: - items: - type: string - type: array - jsonPointers: - items: - type: string - type: array - kind: - type: string - managedFieldsManagers: - items: - type: string - type: array - name: - type: string - namespace: - type: string - required: - - kind - type: object - type: array - info: - items: - properties: - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - project: - type: string - revisionHistoryLimit: - format: int64 - type: integer - source: - properties: - chart: - type: string - directory: - properties: - exclude: - type: string - include: - type: string - jsonnet: - properties: - extVars: - items: - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - libs: - items: - type: string - type: array - tlas: - items: - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - type: object - recurse: - type: boolean - type: object - helm: - properties: - fileParameters: - items: - properties: - name: - type: string - path: - type: string - type: object - type: array - ignoreMissingValueFiles: - type: boolean - parameters: - items: - properties: - forceString: - type: boolean - name: - type: string - value: - type: string - type: object - type: array - passCredentials: - type: boolean - releaseName: - type: string - skipCrds: - type: boolean - valueFiles: - items: - type: string - type: array - values: - type: string - valuesObject: - type: object - x-kubernetes-preserve-unknown-fields: true - version: - type: string - type: object - kustomize: - properties: - commonAnnotations: - additionalProperties: - type: string - type: object - commonAnnotationsEnvsubst: - type: boolean - commonLabels: - additionalProperties: - type: string - type: object - forceCommonAnnotations: - type: boolean - forceCommonLabels: - type: boolean - images: - items: - type: string - type: array - namePrefix: - type: string - nameSuffix: - type: string - namespace: - type: string - patches: - items: - properties: - options: - additionalProperties: - type: boolean - type: object - patch: - type: string - path: - type: string - target: - properties: - annotationSelector: - type: string - group: - type: string - kind: - type: string - labelSelector: - type: string - name: - type: string - namespace: - type: string - version: - type: string - type: object - type: object - type: array - replicas: - items: - properties: - count: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - name: - type: string - required: - - count - - name - type: object - type: array - version: - type: string - type: object - path: - type: string - plugin: - properties: - env: - items: - properties: - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - name: - type: string - parameters: - items: - properties: - array: - items: - type: string - type: array - map: - additionalProperties: - type: string - type: object - name: - type: string - string: - type: string - type: object - type: array - type: object - ref: - type: string - repoURL: - type: string - targetRevision: - type: string - required: - - repoURL - type: object - sources: - items: - properties: - chart: - type: string - directory: - properties: - exclude: - type: string - include: - type: string - jsonnet: - properties: - extVars: - items: - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - libs: - items: - type: string - type: array - tlas: - items: - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - type: object - recurse: - type: boolean - type: object - helm: - properties: - fileParameters: - items: - properties: - name: - type: string - path: - type: string - type: object - type: array - ignoreMissingValueFiles: - type: boolean - parameters: - items: - properties: - forceString: - type: boolean - name: - type: string - value: - type: string - type: object - type: array - passCredentials: - type: boolean - releaseName: - type: string - skipCrds: - type: boolean - valueFiles: - items: - type: string - type: array - values: - type: string - valuesObject: - type: object - x-kubernetes-preserve-unknown-fields: true - version: - type: string - type: object - kustomize: - properties: - commonAnnotations: - additionalProperties: - type: string - type: object - commonAnnotationsEnvsubst: - type: boolean - commonLabels: - additionalProperties: - type: string - type: object - forceCommonAnnotations: - type: boolean - forceCommonLabels: - type: boolean - images: - items: - type: string - type: array - namePrefix: - type: string - nameSuffix: - type: string - namespace: - type: string - patches: - items: - properties: - options: - additionalProperties: - type: boolean - type: object - patch: - type: string - path: - type: string - target: - properties: - annotationSelector: - type: string - group: - type: string - kind: - type: string - labelSelector: - type: string - name: - type: string - namespace: - type: string - version: - type: string - type: object - type: object - type: array - replicas: - items: - properties: - count: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - name: - type: string - required: - - count - - name - type: object - type: array - version: - type: string - type: object - path: - type: string - plugin: - properties: - env: - items: - properties: - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - name: - type: string - parameters: - items: - properties: - array: - items: - type: string - type: array - map: - additionalProperties: - type: string - type: object - name: - type: string - string: - type: string - type: object - type: array - type: object - ref: - type: string - repoURL: - type: string - targetRevision: - type: string - required: - - repoURL - type: object - type: array - syncPolicy: - properties: - automated: - properties: - allowEmpty: - type: boolean - prune: - type: boolean - selfHeal: - type: boolean - type: object - managedNamespaceMetadata: - properties: - annotations: - additionalProperties: - type: string - type: object - labels: - additionalProperties: - type: string - type: object - type: object - retry: - properties: - backoff: - properties: - duration: - type: string - factor: - format: int64 - type: integer - maxDuration: - type: string - type: object - limit: - format: int64 - type: integer - type: object - syncOptions: - items: - type: string - type: array - type: object - required: - - destination - - project - type: object - required: - - metadata - - spec - type: object - values: - additionalProperties: - type: string - type: object - type: object - selector: - properties: - matchExpressions: - items: - properties: - key: - type: string - operator: - type: string - values: - items: - type: string - type: array - required: - - key - - operator - type: object - type: array - matchLabels: - additionalProperties: - type: string - type: object - type: object - type: object - type: array - template: - properties: - metadata: - properties: - annotations: - additionalProperties: - type: string - type: object - finalizers: - items: - type: string - type: array - labels: - additionalProperties: - type: string - type: object - name: - type: string - namespace: - type: string - type: object - spec: - properties: - destination: - properties: - name: - type: string - namespace: - type: string - server: - type: string - type: object - ignoreDifferences: - items: - properties: - group: - type: string - jqPathExpressions: - items: - type: string - type: array - jsonPointers: - items: - type: string - type: array - kind: - type: string - managedFieldsManagers: - items: - type: string - type: array - name: - type: string - namespace: - type: string - required: - - kind - type: object - type: array - info: - items: - properties: - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - project: - type: string - revisionHistoryLimit: - format: int64 - type: integer - source: - properties: - chart: - type: string - directory: - properties: - exclude: - type: string - include: - type: string - jsonnet: - properties: - extVars: - items: - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - libs: - items: - type: string - type: array - tlas: - items: - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - type: object - recurse: - type: boolean - type: object - helm: - properties: - fileParameters: - items: - properties: - name: - type: string - path: - type: string - type: object - type: array - ignoreMissingValueFiles: - type: boolean - parameters: - items: - properties: - forceString: - type: boolean - name: - type: string - value: - type: string - type: object - type: array - passCredentials: - type: boolean - releaseName: - type: string - skipCrds: - type: boolean - valueFiles: - items: - type: string - type: array - values: - type: string - valuesObject: - type: object - x-kubernetes-preserve-unknown-fields: true - version: - type: string - type: object - kustomize: - properties: - commonAnnotations: - additionalProperties: - type: string - type: object - commonAnnotationsEnvsubst: - type: boolean - commonLabels: - additionalProperties: - type: string - type: object - forceCommonAnnotations: - type: boolean - forceCommonLabels: - type: boolean - images: - items: - type: string - type: array - namePrefix: - type: string - nameSuffix: - type: string - namespace: - type: string - patches: - items: - properties: - options: - additionalProperties: - type: boolean - type: object - patch: - type: string - path: - type: string - target: - properties: - annotationSelector: - type: string - group: - type: string - kind: - type: string - labelSelector: - type: string - name: - type: string - namespace: - type: string - version: - type: string - type: object - type: object - type: array - replicas: - items: - properties: - count: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - name: - type: string - required: - - count - - name - type: object - type: array - version: - type: string - type: object - path: - type: string - plugin: - properties: - env: - items: - properties: - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - name: - type: string - parameters: - items: - properties: - array: - items: - type: string - type: array - map: - additionalProperties: - type: string - type: object - name: - type: string - string: - type: string - type: object - type: array - type: object - ref: - type: string - repoURL: - type: string - targetRevision: - type: string - required: - - repoURL - type: object - sources: - items: - properties: - chart: - type: string - directory: - properties: - exclude: - type: string - include: - type: string - jsonnet: - properties: - extVars: - items: - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - libs: - items: - type: string - type: array - tlas: - items: - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - type: object - recurse: - type: boolean - type: object - helm: - properties: - fileParameters: - items: - properties: - name: - type: string - path: - type: string - type: object - type: array - ignoreMissingValueFiles: - type: boolean - parameters: - items: - properties: - forceString: - type: boolean - name: - type: string - value: - type: string - type: object - type: array - passCredentials: - type: boolean - releaseName: - type: string - skipCrds: - type: boolean - valueFiles: - items: - type: string - type: array - values: - type: string - valuesObject: - type: object - x-kubernetes-preserve-unknown-fields: true - version: - type: string - type: object - kustomize: - properties: - commonAnnotations: - additionalProperties: - type: string - type: object - commonAnnotationsEnvsubst: - type: boolean - commonLabels: - additionalProperties: - type: string - type: object - forceCommonAnnotations: - type: boolean - forceCommonLabels: - type: boolean - images: - items: - type: string - type: array - namePrefix: - type: string - nameSuffix: - type: string - namespace: - type: string - patches: - items: - properties: - options: - additionalProperties: - type: boolean - type: object - patch: - type: string - path: - type: string - target: - properties: - annotationSelector: - type: string - group: - type: string - kind: - type: string - labelSelector: - type: string - name: - type: string - namespace: - type: string - version: - type: string - type: object - type: object - type: array - replicas: - items: - properties: - count: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - name: - type: string - required: - - count - - name - type: object - type: array - version: - type: string - type: object - path: - type: string - plugin: - properties: - env: - items: - properties: - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - name: - type: string - parameters: - items: - properties: - array: - items: - type: string - type: array - map: - additionalProperties: - type: string - type: object - name: - type: string - string: - type: string - type: object - type: array - type: object - ref: - type: string - repoURL: - type: string - targetRevision: - type: string - required: - - repoURL - type: object - type: array - syncPolicy: - properties: - automated: - properties: - allowEmpty: - type: boolean - prune: - type: boolean - selfHeal: - type: boolean - type: object - managedNamespaceMetadata: - properties: - annotations: - additionalProperties: - type: string - type: object - labels: - additionalProperties: - type: string - type: object - type: object - retry: - properties: - backoff: - properties: - duration: - type: string - factor: - format: int64 - type: integer - maxDuration: - type: string - type: object - limit: - format: int64 - type: integer - type: object - syncOptions: - items: - type: string - type: array - type: object - required: - - destination - - project - type: object - required: - - metadata - - spec - type: object - required: - - generators - type: object - merge: - properties: - generators: - items: - properties: - clusterDecisionResource: - properties: - configMapRef: - type: string - labelSelector: - properties: - matchExpressions: - items: - properties: - key: - type: string - operator: - type: string - values: - items: - type: string - type: array - required: - - key - - operator - type: object - type: array - matchLabels: - additionalProperties: - type: string - type: object - type: object - name: - type: string - requeueAfterSeconds: - format: int64 - type: integer - template: - properties: - metadata: - properties: - annotations: - additionalProperties: - type: string - type: object - finalizers: - items: - type: string - type: array - labels: - additionalProperties: - type: string - type: object - name: - type: string - namespace: - type: string - type: object - spec: - properties: - destination: - properties: - name: - type: string - namespace: - type: string - server: - type: string - type: object - ignoreDifferences: - items: - properties: - group: - type: string - jqPathExpressions: - items: - type: string - type: array - jsonPointers: - items: - type: string - type: array - kind: - type: string - managedFieldsManagers: - items: - type: string - type: array - name: - type: string - namespace: - type: string - required: - - kind - type: object - type: array - info: - items: - properties: - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - project: - type: string - revisionHistoryLimit: - format: int64 - type: integer - source: - properties: - chart: - type: string - directory: - properties: - exclude: - type: string - include: - type: string - jsonnet: - properties: - extVars: - items: - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - libs: - items: - type: string - type: array - tlas: - items: - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - type: object - recurse: - type: boolean - type: object - helm: - properties: - fileParameters: - items: - properties: - name: - type: string - path: - type: string - type: object - type: array - ignoreMissingValueFiles: - type: boolean - parameters: - items: - properties: - forceString: - type: boolean - name: - type: string - value: - type: string - type: object - type: array - passCredentials: - type: boolean - releaseName: - type: string - skipCrds: - type: boolean - valueFiles: - items: - type: string - type: array - values: - type: string - valuesObject: - type: object - x-kubernetes-preserve-unknown-fields: true - version: - type: string - type: object - kustomize: - properties: - commonAnnotations: - additionalProperties: - type: string - type: object - commonAnnotationsEnvsubst: - type: boolean - commonLabels: - additionalProperties: - type: string - type: object - forceCommonAnnotations: - type: boolean - forceCommonLabels: - type: boolean - images: - items: - type: string - type: array - namePrefix: - type: string - nameSuffix: - type: string - namespace: - type: string - patches: - items: - properties: - options: - additionalProperties: - type: boolean - type: object - patch: - type: string - path: - type: string - target: - properties: - annotationSelector: - type: string - group: - type: string - kind: - type: string - labelSelector: - type: string - name: - type: string - namespace: - type: string - version: - type: string - type: object - type: object - type: array - replicas: - items: - properties: - count: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - name: - type: string - required: - - count - - name - type: object - type: array - version: - type: string - type: object - path: - type: string - plugin: - properties: - env: - items: - properties: - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - name: - type: string - parameters: - items: - properties: - array: - items: - type: string - type: array - map: - additionalProperties: - type: string - type: object - name: - type: string - string: - type: string - type: object - type: array - type: object - ref: - type: string - repoURL: - type: string - targetRevision: - type: string - required: - - repoURL - type: object - sources: - items: - properties: - chart: - type: string - directory: - properties: - exclude: - type: string - include: - type: string - jsonnet: - properties: - extVars: - items: - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - libs: - items: - type: string - type: array - tlas: - items: - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - type: object - recurse: - type: boolean - type: object - helm: - properties: - fileParameters: - items: - properties: - name: - type: string - path: - type: string - type: object - type: array - ignoreMissingValueFiles: - type: boolean - parameters: - items: - properties: - forceString: - type: boolean - name: - type: string - value: - type: string - type: object - type: array - passCredentials: - type: boolean - releaseName: - type: string - skipCrds: - type: boolean - valueFiles: - items: - type: string - type: array - values: - type: string - valuesObject: - type: object - x-kubernetes-preserve-unknown-fields: true - version: - type: string - type: object - kustomize: - properties: - commonAnnotations: - additionalProperties: - type: string - type: object - commonAnnotationsEnvsubst: - type: boolean - commonLabels: - additionalProperties: - type: string - type: object - forceCommonAnnotations: - type: boolean - forceCommonLabels: - type: boolean - images: - items: - type: string - type: array - namePrefix: - type: string - nameSuffix: - type: string - namespace: - type: string - patches: - items: - properties: - options: - additionalProperties: - type: boolean - type: object - patch: - type: string - path: - type: string - target: - properties: - annotationSelector: - type: string - group: - type: string - kind: - type: string - labelSelector: - type: string - name: - type: string - namespace: - type: string - version: - type: string - type: object - type: object - type: array - replicas: - items: - properties: - count: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - name: - type: string - required: - - count - - name - type: object - type: array - version: - type: string - type: object - path: - type: string - plugin: - properties: - env: - items: - properties: - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - name: - type: string - parameters: - items: - properties: - array: - items: - type: string - type: array - map: - additionalProperties: - type: string - type: object - name: - type: string - string: - type: string - type: object - type: array - type: object - ref: - type: string - repoURL: - type: string - targetRevision: - type: string - required: - - repoURL - type: object - type: array - syncPolicy: - properties: - automated: - properties: - allowEmpty: - type: boolean - prune: - type: boolean - selfHeal: - type: boolean - type: object - managedNamespaceMetadata: - properties: - annotations: - additionalProperties: - type: string - type: object - labels: - additionalProperties: - type: string - type: object - type: object - retry: - properties: - backoff: - properties: - duration: - type: string - factor: - format: int64 - type: integer - maxDuration: - type: string - type: object - limit: - format: int64 - type: integer - type: object - syncOptions: - items: - type: string - type: array - type: object - required: - - destination - - project - type: object - required: - - metadata - - spec - type: object - values: - additionalProperties: - type: string - type: object - required: - - configMapRef - type: object - clusters: - properties: - selector: - properties: - matchExpressions: - items: - properties: - key: - type: string - operator: - type: string - values: - items: - type: string - type: array - required: - - key - - operator - type: object - type: array - matchLabels: - additionalProperties: - type: string - type: object - type: object - template: - properties: - metadata: - properties: - annotations: - additionalProperties: - type: string - type: object - finalizers: - items: - type: string - type: array - labels: - additionalProperties: - type: string - type: object - name: - type: string - namespace: - type: string - type: object - spec: - properties: - destination: - properties: - name: - type: string - namespace: - type: string - server: - type: string - type: object - ignoreDifferences: - items: - properties: - group: - type: string - jqPathExpressions: - items: - type: string - type: array - jsonPointers: - items: - type: string - type: array - kind: - type: string - managedFieldsManagers: - items: - type: string - type: array - name: - type: string - namespace: - type: string - required: - - kind - type: object - type: array - info: - items: - properties: - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - project: - type: string - revisionHistoryLimit: - format: int64 - type: integer - source: - properties: - chart: - type: string - directory: - properties: - exclude: - type: string - include: - type: string - jsonnet: - properties: - extVars: - items: - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - libs: - items: - type: string - type: array - tlas: - items: - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - type: object - recurse: - type: boolean - type: object - helm: - properties: - fileParameters: - items: - properties: - name: - type: string - path: - type: string - type: object - type: array - ignoreMissingValueFiles: - type: boolean - parameters: - items: - properties: - forceString: - type: boolean - name: - type: string - value: - type: string - type: object - type: array - passCredentials: - type: boolean - releaseName: - type: string - skipCrds: - type: boolean - valueFiles: - items: - type: string - type: array - values: - type: string - valuesObject: - type: object - x-kubernetes-preserve-unknown-fields: true - version: - type: string - type: object - kustomize: - properties: - commonAnnotations: - additionalProperties: - type: string - type: object - commonAnnotationsEnvsubst: - type: boolean - commonLabels: - additionalProperties: - type: string - type: object - forceCommonAnnotations: - type: boolean - forceCommonLabels: - type: boolean - images: - items: - type: string - type: array - namePrefix: - type: string - nameSuffix: - type: string - namespace: - type: string - patches: - items: - properties: - options: - additionalProperties: - type: boolean - type: object - patch: - type: string - path: - type: string - target: - properties: - annotationSelector: - type: string - group: - type: string - kind: - type: string - labelSelector: - type: string - name: - type: string - namespace: - type: string - version: - type: string - type: object - type: object - type: array - replicas: - items: - properties: - count: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - name: - type: string - required: - - count - - name - type: object - type: array - version: - type: string - type: object - path: - type: string - plugin: - properties: - env: - items: - properties: - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - name: - type: string - parameters: - items: - properties: - array: - items: - type: string - type: array - map: - additionalProperties: - type: string - type: object - name: - type: string - string: - type: string - type: object - type: array - type: object - ref: - type: string - repoURL: - type: string - targetRevision: - type: string - required: - - repoURL - type: object - sources: - items: - properties: - chart: - type: string - directory: - properties: - exclude: - type: string - include: - type: string - jsonnet: - properties: - extVars: - items: - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - libs: - items: - type: string - type: array - tlas: - items: - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - type: object - recurse: - type: boolean - type: object - helm: - properties: - fileParameters: - items: - properties: - name: - type: string - path: - type: string - type: object - type: array - ignoreMissingValueFiles: - type: boolean - parameters: - items: - properties: - forceString: - type: boolean - name: - type: string - value: - type: string - type: object - type: array - passCredentials: - type: boolean - releaseName: - type: string - skipCrds: - type: boolean - valueFiles: - items: - type: string - type: array - values: - type: string - valuesObject: - type: object - x-kubernetes-preserve-unknown-fields: true - version: - type: string - type: object - kustomize: - properties: - commonAnnotations: - additionalProperties: - type: string - type: object - commonAnnotationsEnvsubst: - type: boolean - commonLabels: - additionalProperties: - type: string - type: object - forceCommonAnnotations: - type: boolean - forceCommonLabels: - type: boolean - images: - items: - type: string - type: array - namePrefix: - type: string - nameSuffix: - type: string - namespace: - type: string - patches: - items: - properties: - options: - additionalProperties: - type: boolean - type: object - patch: - type: string - path: - type: string - target: - properties: - annotationSelector: - type: string - group: - type: string - kind: - type: string - labelSelector: - type: string - name: - type: string - namespace: - type: string - version: - type: string - type: object - type: object - type: array - replicas: - items: - properties: - count: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - name: - type: string - required: - - count - - name - type: object - type: array - version: - type: string - type: object - path: - type: string - plugin: - properties: - env: - items: - properties: - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - name: - type: string - parameters: - items: - properties: - array: - items: - type: string - type: array - map: - additionalProperties: - type: string - type: object - name: - type: string - string: - type: string - type: object - type: array - type: object - ref: - type: string - repoURL: - type: string - targetRevision: - type: string - required: - - repoURL - type: object - type: array - syncPolicy: - properties: - automated: - properties: - allowEmpty: - type: boolean - prune: - type: boolean - selfHeal: - type: boolean - type: object - managedNamespaceMetadata: - properties: - annotations: - additionalProperties: - type: string - type: object - labels: - additionalProperties: - type: string - type: object - type: object - retry: - properties: - backoff: - properties: - duration: - type: string - factor: - format: int64 - type: integer - maxDuration: - type: string - type: object - limit: - format: int64 - type: integer - type: object - syncOptions: - items: - type: string - type: array - type: object - required: - - destination - - project - type: object - required: - - metadata - - spec - type: object - values: - additionalProperties: - type: string - type: object - type: object - git: - properties: - directories: - items: - properties: - exclude: - type: boolean - path: - type: string - required: - - path - type: object - type: array - files: - items: - properties: - path: - type: string - required: - - path - type: object - type: array - pathParamPrefix: - type: string - repoURL: - type: string - requeueAfterSeconds: - format: int64 - type: integer - revision: - type: string - template: - properties: - metadata: - properties: - annotations: - additionalProperties: - type: string - type: object - finalizers: - items: - type: string - type: array - labels: - additionalProperties: - type: string - type: object - name: - type: string - namespace: - type: string - type: object - spec: - properties: - destination: - properties: - name: - type: string - namespace: - type: string - server: - type: string - type: object - ignoreDifferences: - items: - properties: - group: - type: string - jqPathExpressions: - items: - type: string - type: array - jsonPointers: - items: - type: string - type: array - kind: - type: string - managedFieldsManagers: - items: - type: string - type: array - name: - type: string - namespace: - type: string - required: - - kind - type: object - type: array - info: - items: - properties: - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - project: - type: string - revisionHistoryLimit: - format: int64 - type: integer - source: - properties: - chart: - type: string - directory: - properties: - exclude: - type: string - include: - type: string - jsonnet: - properties: - extVars: - items: - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - libs: - items: - type: string - type: array - tlas: - items: - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - type: object - recurse: - type: boolean - type: object - helm: - properties: - fileParameters: - items: - properties: - name: - type: string - path: - type: string - type: object - type: array - ignoreMissingValueFiles: - type: boolean - parameters: - items: - properties: - forceString: - type: boolean - name: - type: string - value: - type: string - type: object - type: array - passCredentials: - type: boolean - releaseName: - type: string - skipCrds: - type: boolean - valueFiles: - items: - type: string - type: array - values: - type: string - valuesObject: - type: object - x-kubernetes-preserve-unknown-fields: true - version: - type: string - type: object - kustomize: - properties: - commonAnnotations: - additionalProperties: - type: string - type: object - commonAnnotationsEnvsubst: - type: boolean - commonLabels: - additionalProperties: - type: string - type: object - forceCommonAnnotations: - type: boolean - forceCommonLabels: - type: boolean - images: - items: - type: string - type: array - namePrefix: - type: string - nameSuffix: - type: string - namespace: - type: string - patches: - items: - properties: - options: - additionalProperties: - type: boolean - type: object - patch: - type: string - path: - type: string - target: - properties: - annotationSelector: - type: string - group: - type: string - kind: - type: string - labelSelector: - type: string - name: - type: string - namespace: - type: string - version: - type: string - type: object - type: object - type: array - replicas: - items: - properties: - count: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - name: - type: string - required: - - count - - name - type: object - type: array - version: - type: string - type: object - path: - type: string - plugin: - properties: - env: - items: - properties: - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - name: - type: string - parameters: - items: - properties: - array: - items: - type: string - type: array - map: - additionalProperties: - type: string - type: object - name: - type: string - string: - type: string - type: object - type: array - type: object - ref: - type: string - repoURL: - type: string - targetRevision: - type: string - required: - - repoURL - type: object - sources: - items: - properties: - chart: - type: string - directory: - properties: - exclude: - type: string - include: - type: string - jsonnet: - properties: - extVars: - items: - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - libs: - items: - type: string - type: array - tlas: - items: - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - type: object - recurse: - type: boolean - type: object - helm: - properties: - fileParameters: - items: - properties: - name: - type: string - path: - type: string - type: object - type: array - ignoreMissingValueFiles: - type: boolean - parameters: - items: - properties: - forceString: - type: boolean - name: - type: string - value: - type: string - type: object - type: array - passCredentials: - type: boolean - releaseName: - type: string - skipCrds: - type: boolean - valueFiles: - items: - type: string - type: array - values: - type: string - valuesObject: - type: object - x-kubernetes-preserve-unknown-fields: true - version: - type: string - type: object - kustomize: - properties: - commonAnnotations: - additionalProperties: - type: string - type: object - commonAnnotationsEnvsubst: - type: boolean - commonLabels: - additionalProperties: - type: string - type: object - forceCommonAnnotations: - type: boolean - forceCommonLabels: - type: boolean - images: - items: - type: string - type: array - namePrefix: - type: string - nameSuffix: - type: string - namespace: - type: string - patches: - items: - properties: - options: - additionalProperties: - type: boolean - type: object - patch: - type: string - path: - type: string - target: - properties: - annotationSelector: - type: string - group: - type: string - kind: - type: string - labelSelector: - type: string - name: - type: string - namespace: - type: string - version: - type: string - type: object - type: object - type: array - replicas: - items: - properties: - count: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - name: - type: string - required: - - count - - name - type: object - type: array - version: - type: string - type: object - path: - type: string - plugin: - properties: - env: - items: - properties: - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - name: - type: string - parameters: - items: - properties: - array: - items: - type: string - type: array - map: - additionalProperties: - type: string - type: object - name: - type: string - string: - type: string - type: object - type: array - type: object - ref: - type: string - repoURL: - type: string - targetRevision: - type: string - required: - - repoURL - type: object - type: array - syncPolicy: - properties: - automated: - properties: - allowEmpty: - type: boolean - prune: - type: boolean - selfHeal: - type: boolean - type: object - managedNamespaceMetadata: - properties: - annotations: - additionalProperties: - type: string - type: object - labels: - additionalProperties: - type: string - type: object - type: object - retry: - properties: - backoff: - properties: - duration: - type: string - factor: - format: int64 - type: integer - maxDuration: - type: string - type: object - limit: - format: int64 - type: integer - type: object - syncOptions: - items: - type: string - type: array - type: object - required: - - destination - - project - type: object - required: - - metadata - - spec - type: object - values: - additionalProperties: - type: string - type: object - required: - - repoURL - - revision - type: object - list: - properties: - elements: - items: - x-kubernetes-preserve-unknown-fields: true - type: array - elementsYaml: - type: string - template: - properties: - metadata: - properties: - annotations: - additionalProperties: - type: string - type: object - finalizers: - items: - type: string - type: array - labels: - additionalProperties: - type: string - type: object - name: - type: string - namespace: - type: string - type: object - spec: - properties: - destination: - properties: - name: - type: string - namespace: - type: string - server: - type: string - type: object - ignoreDifferences: - items: - properties: - group: - type: string - jqPathExpressions: - items: - type: string - type: array - jsonPointers: - items: - type: string - type: array - kind: - type: string - managedFieldsManagers: - items: - type: string - type: array - name: - type: string - namespace: - type: string - required: - - kind - type: object - type: array - info: - items: - properties: - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - project: - type: string - revisionHistoryLimit: - format: int64 - type: integer - source: - properties: - chart: - type: string - directory: - properties: - exclude: - type: string - include: - type: string - jsonnet: - properties: - extVars: - items: - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - libs: - items: - type: string - type: array - tlas: - items: - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - type: object - recurse: - type: boolean - type: object - helm: - properties: - fileParameters: - items: - properties: - name: - type: string - path: - type: string - type: object - type: array - ignoreMissingValueFiles: - type: boolean - parameters: - items: - properties: - forceString: - type: boolean - name: - type: string - value: - type: string - type: object - type: array - passCredentials: - type: boolean - releaseName: - type: string - skipCrds: - type: boolean - valueFiles: - items: - type: string - type: array - values: - type: string - valuesObject: - type: object - x-kubernetes-preserve-unknown-fields: true - version: - type: string - type: object - kustomize: - properties: - commonAnnotations: - additionalProperties: - type: string - type: object - commonAnnotationsEnvsubst: - type: boolean - commonLabels: - additionalProperties: - type: string - type: object - forceCommonAnnotations: - type: boolean - forceCommonLabels: - type: boolean - images: - items: - type: string - type: array - namePrefix: - type: string - nameSuffix: - type: string - namespace: - type: string - patches: - items: - properties: - options: - additionalProperties: - type: boolean - type: object - patch: - type: string - path: - type: string - target: - properties: - annotationSelector: - type: string - group: - type: string - kind: - type: string - labelSelector: - type: string - name: - type: string - namespace: - type: string - version: - type: string - type: object - type: object - type: array - replicas: - items: - properties: - count: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - name: - type: string - required: - - count - - name - type: object - type: array - version: - type: string - type: object - path: - type: string - plugin: - properties: - env: - items: - properties: - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - name: - type: string - parameters: - items: - properties: - array: - items: - type: string - type: array - map: - additionalProperties: - type: string - type: object - name: - type: string - string: - type: string - type: object - type: array - type: object - ref: - type: string - repoURL: - type: string - targetRevision: - type: string - required: - - repoURL - type: object - sources: - items: - properties: - chart: - type: string - directory: - properties: - exclude: - type: string - include: - type: string - jsonnet: - properties: - extVars: - items: - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - libs: - items: - type: string - type: array - tlas: - items: - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - type: object - recurse: - type: boolean - type: object - helm: - properties: - fileParameters: - items: - properties: - name: - type: string - path: - type: string - type: object - type: array - ignoreMissingValueFiles: - type: boolean - parameters: - items: - properties: - forceString: - type: boolean - name: - type: string - value: - type: string - type: object - type: array - passCredentials: - type: boolean - releaseName: - type: string - skipCrds: - type: boolean - valueFiles: - items: - type: string - type: array - values: - type: string - valuesObject: - type: object - x-kubernetes-preserve-unknown-fields: true - version: - type: string - type: object - kustomize: - properties: - commonAnnotations: - additionalProperties: - type: string - type: object - commonAnnotationsEnvsubst: - type: boolean - commonLabels: - additionalProperties: - type: string - type: object - forceCommonAnnotations: - type: boolean - forceCommonLabels: - type: boolean - images: - items: - type: string - type: array - namePrefix: - type: string - nameSuffix: - type: string - namespace: - type: string - patches: - items: - properties: - options: - additionalProperties: - type: boolean - type: object - patch: - type: string - path: - type: string - target: - properties: - annotationSelector: - type: string - group: - type: string - kind: - type: string - labelSelector: - type: string - name: - type: string - namespace: - type: string - version: - type: string - type: object - type: object - type: array - replicas: - items: - properties: - count: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - name: - type: string - required: - - count - - name - type: object - type: array - version: - type: string - type: object - path: - type: string - plugin: - properties: - env: - items: - properties: - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - name: - type: string - parameters: - items: - properties: - array: - items: - type: string - type: array - map: - additionalProperties: - type: string - type: object - name: - type: string - string: - type: string - type: object - type: array - type: object - ref: - type: string - repoURL: - type: string - targetRevision: - type: string - required: - - repoURL - type: object - type: array - syncPolicy: - properties: - automated: - properties: - allowEmpty: - type: boolean - prune: - type: boolean - selfHeal: - type: boolean - type: object - managedNamespaceMetadata: - properties: - annotations: - additionalProperties: - type: string - type: object - labels: - additionalProperties: - type: string - type: object - type: object - retry: - properties: - backoff: - properties: - duration: - type: string - factor: - format: int64 - type: integer - maxDuration: - type: string - type: object - limit: - format: int64 - type: integer - type: object - syncOptions: - items: - type: string - type: array - type: object - required: - - destination - - project - type: object - required: - - metadata - - spec - type: object - required: - - elements - type: object - matrix: - x-kubernetes-preserve-unknown-fields: true - merge: - x-kubernetes-preserve-unknown-fields: true - plugin: - properties: - configMapRef: - properties: - name: - type: string - required: - - name - type: object - input: - properties: - parameters: - additionalProperties: - x-kubernetes-preserve-unknown-fields: true - type: object - type: object - requeueAfterSeconds: - format: int64 - type: integer - template: - properties: - metadata: - properties: - annotations: - additionalProperties: - type: string - type: object - finalizers: - items: - type: string - type: array - labels: - additionalProperties: - type: string - type: object - name: - type: string - namespace: - type: string - type: object - spec: - properties: - destination: - properties: - name: - type: string - namespace: - type: string - server: - type: string - type: object - ignoreDifferences: - items: - properties: - group: - type: string - jqPathExpressions: - items: - type: string - type: array - jsonPointers: - items: - type: string - type: array - kind: - type: string - managedFieldsManagers: - items: - type: string - type: array - name: - type: string - namespace: - type: string - required: - - kind - type: object - type: array - info: - items: - properties: - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - project: - type: string - revisionHistoryLimit: - format: int64 - type: integer - source: - properties: - chart: - type: string - directory: - properties: - exclude: - type: string - include: - type: string - jsonnet: - properties: - extVars: - items: - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - libs: - items: - type: string - type: array - tlas: - items: - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - type: object - recurse: - type: boolean - type: object - helm: - properties: - fileParameters: - items: - properties: - name: - type: string - path: - type: string - type: object - type: array - ignoreMissingValueFiles: - type: boolean - parameters: - items: - properties: - forceString: - type: boolean - name: - type: string - value: - type: string - type: object - type: array - passCredentials: - type: boolean - releaseName: - type: string - skipCrds: - type: boolean - valueFiles: - items: - type: string - type: array - values: - type: string - valuesObject: - type: object - x-kubernetes-preserve-unknown-fields: true - version: - type: string - type: object - kustomize: - properties: - commonAnnotations: - additionalProperties: - type: string - type: object - commonAnnotationsEnvsubst: - type: boolean - commonLabels: - additionalProperties: - type: string - type: object - forceCommonAnnotations: - type: boolean - forceCommonLabels: - type: boolean - images: - items: - type: string - type: array - namePrefix: - type: string - nameSuffix: - type: string - namespace: - type: string - patches: - items: - properties: - options: - additionalProperties: - type: boolean - type: object - patch: - type: string - path: - type: string - target: - properties: - annotationSelector: - type: string - group: - type: string - kind: - type: string - labelSelector: - type: string - name: - type: string - namespace: - type: string - version: - type: string - type: object - type: object - type: array - replicas: - items: - properties: - count: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - name: - type: string - required: - - count - - name - type: object - type: array - version: - type: string - type: object - path: - type: string - plugin: - properties: - env: - items: - properties: - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - name: - type: string - parameters: - items: - properties: - array: - items: - type: string - type: array - map: - additionalProperties: - type: string - type: object - name: - type: string - string: - type: string - type: object - type: array - type: object - ref: - type: string - repoURL: - type: string - targetRevision: - type: string - required: - - repoURL - type: object - sources: - items: - properties: - chart: - type: string - directory: - properties: - exclude: - type: string - include: - type: string - jsonnet: - properties: - extVars: - items: - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - libs: - items: - type: string - type: array - tlas: - items: - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - type: object - recurse: - type: boolean - type: object - helm: - properties: - fileParameters: - items: - properties: - name: - type: string - path: - type: string - type: object - type: array - ignoreMissingValueFiles: - type: boolean - parameters: - items: - properties: - forceString: - type: boolean - name: - type: string - value: - type: string - type: object - type: array - passCredentials: - type: boolean - releaseName: - type: string - skipCrds: - type: boolean - valueFiles: - items: - type: string - type: array - values: - type: string - valuesObject: - type: object - x-kubernetes-preserve-unknown-fields: true - version: - type: string - type: object - kustomize: - properties: - commonAnnotations: - additionalProperties: - type: string - type: object - commonAnnotationsEnvsubst: - type: boolean - commonLabels: - additionalProperties: - type: string - type: object - forceCommonAnnotations: - type: boolean - forceCommonLabels: - type: boolean - images: - items: - type: string - type: array - namePrefix: - type: string - nameSuffix: - type: string - namespace: - type: string - patches: - items: - properties: - options: - additionalProperties: - type: boolean - type: object - patch: - type: string - path: - type: string - target: - properties: - annotationSelector: - type: string - group: - type: string - kind: - type: string - labelSelector: - type: string - name: - type: string - namespace: - type: string - version: - type: string - type: object - type: object - type: array - replicas: - items: - properties: - count: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - name: - type: string - required: - - count - - name - type: object - type: array - version: - type: string - type: object - path: - type: string - plugin: - properties: - env: - items: - properties: - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - name: - type: string - parameters: - items: - properties: - array: - items: - type: string - type: array - map: - additionalProperties: - type: string - type: object - name: - type: string - string: - type: string - type: object - type: array - type: object - ref: - type: string - repoURL: - type: string - targetRevision: - type: string - required: - - repoURL - type: object - type: array - syncPolicy: - properties: - automated: - properties: - allowEmpty: - type: boolean - prune: - type: boolean - selfHeal: - type: boolean - type: object - managedNamespaceMetadata: - properties: - annotations: - additionalProperties: - type: string - type: object - labels: - additionalProperties: - type: string - type: object - type: object - retry: - properties: - backoff: - properties: - duration: - type: string - factor: - format: int64 - type: integer - maxDuration: - type: string - type: object - limit: - format: int64 - type: integer - type: object - syncOptions: - items: - type: string - type: array - type: object - required: - - destination - - project - type: object - required: - - metadata - - spec - type: object - values: - additionalProperties: - type: string - type: object - required: - - configMapRef - type: object - pullRequest: - properties: - azuredevops: - properties: - api: - type: string - labels: - items: - type: string - type: array - organization: - type: string - project: - type: string - repo: - type: string - tokenRef: - properties: - key: - type: string - secretName: - type: string - required: - - key - - secretName - type: object - required: - - organization - - project - - repo - type: object - bitbucket: - properties: - api: - type: string - basicAuth: - properties: - passwordRef: - properties: - key: - type: string - secretName: - type: string - required: - - key - - secretName - type: object - username: - type: string - required: - - passwordRef - - username - type: object - bearerToken: - properties: - tokenRef: - properties: - key: - type: string - secretName: - type: string - required: - - key - - secretName - type: object - required: - - tokenRef - type: object - owner: - type: string - repo: - type: string - required: - - owner - - repo - type: object - bitbucketServer: - properties: - api: - type: string - basicAuth: - properties: - passwordRef: - properties: - key: - type: string - secretName: - type: string - required: - - key - - secretName - type: object - username: - type: string - required: - - passwordRef - - username - type: object - project: - type: string - repo: - type: string - required: - - api - - project - - repo - type: object - filters: - items: - properties: - branchMatch: - type: string - targetBranchMatch: - type: string - type: object - type: array - gitea: - properties: - api: - type: string - insecure: - type: boolean - owner: - type: string - repo: - type: string - tokenRef: - properties: - key: - type: string - secretName: - type: string - required: - - key - - secretName - type: object - required: - - api - - owner - - repo - type: object - github: - properties: - api: - type: string - appSecretName: - type: string - labels: - items: - type: string - type: array - owner: - type: string - repo: - type: string - tokenRef: - properties: - key: - type: string - secretName: - type: string - required: - - key - - secretName - type: object - required: - - owner - - repo - type: object - gitlab: - properties: - api: - type: string - insecure: - type: boolean - labels: - items: - type: string - type: array - project: - type: string - pullRequestState: - type: string - tokenRef: - properties: - key: - type: string - secretName: - type: string - required: - - key - - secretName - type: object - required: - - project - type: object - requeueAfterSeconds: - format: int64 - type: integer - template: - properties: - metadata: - properties: - annotations: - additionalProperties: - type: string - type: object - finalizers: - items: - type: string - type: array - labels: - additionalProperties: - type: string - type: object - name: - type: string - namespace: - type: string - type: object - spec: - properties: - destination: - properties: - name: - type: string - namespace: - type: string - server: - type: string - type: object - ignoreDifferences: - items: - properties: - group: - type: string - jqPathExpressions: - items: - type: string - type: array - jsonPointers: - items: - type: string - type: array - kind: - type: string - managedFieldsManagers: - items: - type: string - type: array - name: - type: string - namespace: - type: string - required: - - kind - type: object - type: array - info: - items: - properties: - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - project: - type: string - revisionHistoryLimit: - format: int64 - type: integer - source: - properties: - chart: - type: string - directory: - properties: - exclude: - type: string - include: - type: string - jsonnet: - properties: - extVars: - items: - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - libs: - items: - type: string - type: array - tlas: - items: - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - type: object - recurse: - type: boolean - type: object - helm: - properties: - fileParameters: - items: - properties: - name: - type: string - path: - type: string - type: object - type: array - ignoreMissingValueFiles: - type: boolean - parameters: - items: - properties: - forceString: - type: boolean - name: - type: string - value: - type: string - type: object - type: array - passCredentials: - type: boolean - releaseName: - type: string - skipCrds: - type: boolean - valueFiles: - items: - type: string - type: array - values: - type: string - valuesObject: - type: object - x-kubernetes-preserve-unknown-fields: true - version: - type: string - type: object - kustomize: - properties: - commonAnnotations: - additionalProperties: - type: string - type: object - commonAnnotationsEnvsubst: - type: boolean - commonLabels: - additionalProperties: - type: string - type: object - forceCommonAnnotations: - type: boolean - forceCommonLabels: - type: boolean - images: - items: - type: string - type: array - namePrefix: - type: string - nameSuffix: - type: string - namespace: - type: string - patches: - items: - properties: - options: - additionalProperties: - type: boolean - type: object - patch: - type: string - path: - type: string - target: - properties: - annotationSelector: - type: string - group: - type: string - kind: - type: string - labelSelector: - type: string - name: - type: string - namespace: - type: string - version: - type: string - type: object - type: object - type: array - replicas: - items: - properties: - count: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - name: - type: string - required: - - count - - name - type: object - type: array - version: - type: string - type: object - path: - type: string - plugin: - properties: - env: - items: - properties: - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - name: - type: string - parameters: - items: - properties: - array: - items: - type: string - type: array - map: - additionalProperties: - type: string - type: object - name: - type: string - string: - type: string - type: object - type: array - type: object - ref: - type: string - repoURL: - type: string - targetRevision: - type: string - required: - - repoURL - type: object - sources: - items: - properties: - chart: - type: string - directory: - properties: - exclude: - type: string - include: - type: string - jsonnet: - properties: - extVars: - items: - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - libs: - items: - type: string - type: array - tlas: - items: - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - type: object - recurse: - type: boolean - type: object - helm: - properties: - fileParameters: - items: - properties: - name: - type: string - path: - type: string - type: object - type: array - ignoreMissingValueFiles: - type: boolean - parameters: - items: - properties: - forceString: - type: boolean - name: - type: string - value: - type: string - type: object - type: array - passCredentials: - type: boolean - releaseName: - type: string - skipCrds: - type: boolean - valueFiles: - items: - type: string - type: array - values: - type: string - valuesObject: - type: object - x-kubernetes-preserve-unknown-fields: true - version: - type: string - type: object - kustomize: - properties: - commonAnnotations: - additionalProperties: - type: string - type: object - commonAnnotationsEnvsubst: - type: boolean - commonLabels: - additionalProperties: - type: string - type: object - forceCommonAnnotations: - type: boolean - forceCommonLabels: - type: boolean - images: - items: - type: string - type: array - namePrefix: - type: string - nameSuffix: - type: string - namespace: - type: string - patches: - items: - properties: - options: - additionalProperties: - type: boolean - type: object - patch: - type: string - path: - type: string - target: - properties: - annotationSelector: - type: string - group: - type: string - kind: - type: string - labelSelector: - type: string - name: - type: string - namespace: - type: string - version: - type: string - type: object - type: object - type: array - replicas: - items: - properties: - count: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - name: - type: string - required: - - count - - name - type: object - type: array - version: - type: string - type: object - path: - type: string - plugin: - properties: - env: - items: - properties: - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - name: - type: string - parameters: - items: - properties: - array: - items: - type: string - type: array - map: - additionalProperties: - type: string - type: object - name: - type: string - string: - type: string - type: object - type: array - type: object - ref: - type: string - repoURL: - type: string - targetRevision: - type: string - required: - - repoURL - type: object - type: array - syncPolicy: - properties: - automated: - properties: - allowEmpty: - type: boolean - prune: - type: boolean - selfHeal: - type: boolean - type: object - managedNamespaceMetadata: - properties: - annotations: - additionalProperties: - type: string - type: object - labels: - additionalProperties: - type: string - type: object - type: object - retry: - properties: - backoff: - properties: - duration: - type: string - factor: - format: int64 - type: integer - maxDuration: - type: string - type: object - limit: - format: int64 - type: integer - type: object - syncOptions: - items: - type: string - type: array - type: object - required: - - destination - - project - type: object - required: - - metadata - - spec - type: object - type: object - scmProvider: - properties: - awsCodeCommit: - properties: - allBranches: - type: boolean - region: - type: string - role: - type: string - tagFilters: - items: - properties: - key: - type: string - value: - type: string - required: - - key - type: object - type: array - type: object - azureDevOps: - properties: - accessTokenRef: - properties: - key: - type: string - secretName: - type: string - required: - - key - - secretName - type: object - allBranches: - type: boolean - api: - type: string - organization: - type: string - teamProject: - type: string - required: - - accessTokenRef - - organization - - teamProject - type: object - bitbucket: - properties: - allBranches: - type: boolean - appPasswordRef: - properties: - key: - type: string - secretName: - type: string - required: - - key - - secretName - type: object - owner: - type: string - user: - type: string - required: - - appPasswordRef - - owner - - user - type: object - bitbucketServer: - properties: - allBranches: - type: boolean - api: - type: string - basicAuth: - properties: - passwordRef: - properties: - key: - type: string - secretName: - type: string - required: - - key - - secretName - type: object - username: - type: string - required: - - passwordRef - - username - type: object - project: - type: string - required: - - api - - project - type: object - cloneProtocol: - type: string - filters: - items: - properties: - branchMatch: - type: string - labelMatch: - type: string - pathsDoNotExist: - items: - type: string - type: array - pathsExist: - items: - type: string - type: array - repositoryMatch: - type: string - type: object - type: array - gitea: - properties: - allBranches: - type: boolean - api: - type: string - insecure: - type: boolean - owner: - type: string - tokenRef: - properties: - key: - type: string - secretName: - type: string - required: - - key - - secretName - type: object - required: - - api - - owner - type: object - github: - properties: - allBranches: - type: boolean - api: - type: string - appSecretName: - type: string - organization: - type: string - tokenRef: - properties: - key: - type: string - secretName: - type: string - required: - - key - - secretName - type: object - required: - - organization - type: object - gitlab: - properties: - allBranches: - type: boolean - api: - type: string - group: - type: string - includeSharedProjects: - type: boolean - includeSubgroups: - type: boolean - insecure: - type: boolean - tokenRef: - properties: - key: - type: string - secretName: - type: string - required: - - key - - secretName - type: object - topic: - type: string - required: - - group - type: object - requeueAfterSeconds: - format: int64 - type: integer - template: - properties: - metadata: - properties: - annotations: - additionalProperties: - type: string - type: object - finalizers: - items: - type: string - type: array - labels: - additionalProperties: - type: string - type: object - name: - type: string - namespace: - type: string - type: object - spec: - properties: - destination: - properties: - name: - type: string - namespace: - type: string - server: - type: string - type: object - ignoreDifferences: - items: - properties: - group: - type: string - jqPathExpressions: - items: - type: string - type: array - jsonPointers: - items: - type: string - type: array - kind: - type: string - managedFieldsManagers: - items: - type: string - type: array - name: - type: string - namespace: - type: string - required: - - kind - type: object - type: array - info: - items: - properties: - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - project: - type: string - revisionHistoryLimit: - format: int64 - type: integer - source: - properties: - chart: - type: string - directory: - properties: - exclude: - type: string - include: - type: string - jsonnet: - properties: - extVars: - items: - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - libs: - items: - type: string - type: array - tlas: - items: - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - type: object - recurse: - type: boolean - type: object - helm: - properties: - fileParameters: - items: - properties: - name: - type: string - path: - type: string - type: object - type: array - ignoreMissingValueFiles: - type: boolean - parameters: - items: - properties: - forceString: - type: boolean - name: - type: string - value: - type: string - type: object - type: array - passCredentials: - type: boolean - releaseName: - type: string - skipCrds: - type: boolean - valueFiles: - items: - type: string - type: array - values: - type: string - valuesObject: - type: object - x-kubernetes-preserve-unknown-fields: true - version: - type: string - type: object - kustomize: - properties: - commonAnnotations: - additionalProperties: - type: string - type: object - commonAnnotationsEnvsubst: - type: boolean - commonLabels: - additionalProperties: - type: string - type: object - forceCommonAnnotations: - type: boolean - forceCommonLabels: - type: boolean - images: - items: - type: string - type: array - namePrefix: - type: string - nameSuffix: - type: string - namespace: - type: string - patches: - items: - properties: - options: - additionalProperties: - type: boolean - type: object - patch: - type: string - path: - type: string - target: - properties: - annotationSelector: - type: string - group: - type: string - kind: - type: string - labelSelector: - type: string - name: - type: string - namespace: - type: string - version: - type: string - type: object - type: object - type: array - replicas: - items: - properties: - count: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - name: - type: string - required: - - count - - name - type: object - type: array - version: - type: string - type: object - path: - type: string - plugin: - properties: - env: - items: - properties: - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - name: - type: string - parameters: - items: - properties: - array: - items: - type: string - type: array - map: - additionalProperties: - type: string - type: object - name: - type: string - string: - type: string - type: object - type: array - type: object - ref: - type: string - repoURL: - type: string - targetRevision: - type: string - required: - - repoURL - type: object - sources: - items: - properties: - chart: - type: string - directory: - properties: - exclude: - type: string - include: - type: string - jsonnet: - properties: - extVars: - items: - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - libs: - items: - type: string - type: array - tlas: - items: - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - type: object - recurse: - type: boolean - type: object - helm: - properties: - fileParameters: - items: - properties: - name: - type: string - path: - type: string - type: object - type: array - ignoreMissingValueFiles: - type: boolean - parameters: - items: - properties: - forceString: - type: boolean - name: - type: string - value: - type: string - type: object - type: array - passCredentials: - type: boolean - releaseName: - type: string - skipCrds: - type: boolean - valueFiles: - items: - type: string - type: array - values: - type: string - valuesObject: - type: object - x-kubernetes-preserve-unknown-fields: true - version: - type: string - type: object - kustomize: - properties: - commonAnnotations: - additionalProperties: - type: string - type: object - commonAnnotationsEnvsubst: - type: boolean - commonLabels: - additionalProperties: - type: string - type: object - forceCommonAnnotations: - type: boolean - forceCommonLabels: - type: boolean - images: - items: - type: string - type: array - namePrefix: - type: string - nameSuffix: - type: string - namespace: - type: string - patches: - items: - properties: - options: - additionalProperties: - type: boolean - type: object - patch: - type: string - path: - type: string - target: - properties: - annotationSelector: - type: string - group: - type: string - kind: - type: string - labelSelector: - type: string - name: - type: string - namespace: - type: string - version: - type: string - type: object - type: object - type: array - replicas: - items: - properties: - count: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - name: - type: string - required: - - count - - name - type: object - type: array - version: - type: string - type: object - path: - type: string - plugin: - properties: - env: - items: - properties: - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - name: - type: string - parameters: - items: - properties: - array: - items: - type: string - type: array - map: - additionalProperties: - type: string - type: object - name: - type: string - string: - type: string - type: object - type: array - type: object - ref: - type: string - repoURL: - type: string - targetRevision: - type: string - required: - - repoURL - type: object - type: array - syncPolicy: - properties: - automated: - properties: - allowEmpty: - type: boolean - prune: - type: boolean - selfHeal: - type: boolean - type: object - managedNamespaceMetadata: - properties: - annotations: - additionalProperties: - type: string - type: object - labels: - additionalProperties: - type: string - type: object - type: object - retry: - properties: - backoff: - properties: - duration: - type: string - factor: - format: int64 - type: integer - maxDuration: - type: string - type: object - limit: - format: int64 - type: integer - type: object - syncOptions: - items: - type: string - type: array - type: object - required: - - destination - - project - type: object - required: - - metadata - - spec - type: object - values: - additionalProperties: - type: string - type: object - type: object - selector: - properties: - matchExpressions: - items: - properties: - key: - type: string - operator: - type: string - values: - items: - type: string - type: array - required: - - key - - operator - type: object - type: array - matchLabels: - additionalProperties: - type: string - type: object - type: object - type: object - type: array - mergeKeys: - items: - type: string - type: array - template: - properties: - metadata: - properties: - annotations: - additionalProperties: - type: string - type: object - finalizers: - items: - type: string - type: array - labels: - additionalProperties: - type: string - type: object - name: - type: string - namespace: - type: string - type: object - spec: - properties: - destination: - properties: - name: - type: string - namespace: - type: string - server: - type: string - type: object - ignoreDifferences: - items: - properties: - group: - type: string - jqPathExpressions: - items: - type: string - type: array - jsonPointers: - items: - type: string - type: array - kind: - type: string - managedFieldsManagers: - items: - type: string - type: array - name: - type: string - namespace: - type: string - required: - - kind - type: object - type: array - info: - items: - properties: - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - project: - type: string - revisionHistoryLimit: - format: int64 - type: integer - source: - properties: - chart: - type: string - directory: - properties: - exclude: - type: string - include: - type: string - jsonnet: - properties: - extVars: - items: - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - libs: - items: - type: string - type: array - tlas: - items: - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - type: object - recurse: - type: boolean - type: object - helm: - properties: - fileParameters: - items: - properties: - name: - type: string - path: - type: string - type: object - type: array - ignoreMissingValueFiles: - type: boolean - parameters: - items: - properties: - forceString: - type: boolean - name: - type: string - value: - type: string - type: object - type: array - passCredentials: - type: boolean - releaseName: - type: string - skipCrds: - type: boolean - valueFiles: - items: - type: string - type: array - values: - type: string - valuesObject: - type: object - x-kubernetes-preserve-unknown-fields: true - version: - type: string - type: object - kustomize: - properties: - commonAnnotations: - additionalProperties: - type: string - type: object - commonAnnotationsEnvsubst: - type: boolean - commonLabels: - additionalProperties: - type: string - type: object - forceCommonAnnotations: - type: boolean - forceCommonLabels: - type: boolean - images: - items: - type: string - type: array - namePrefix: - type: string - nameSuffix: - type: string - namespace: - type: string - patches: - items: - properties: - options: - additionalProperties: - type: boolean - type: object - patch: - type: string - path: - type: string - target: - properties: - annotationSelector: - type: string - group: - type: string - kind: - type: string - labelSelector: - type: string - name: - type: string - namespace: - type: string - version: - type: string - type: object - type: object - type: array - replicas: - items: - properties: - count: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - name: - type: string - required: - - count - - name - type: object - type: array - version: - type: string - type: object - path: - type: string - plugin: - properties: - env: - items: - properties: - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - name: - type: string - parameters: - items: - properties: - array: - items: - type: string - type: array - map: - additionalProperties: - type: string - type: object - name: - type: string - string: - type: string - type: object - type: array - type: object - ref: - type: string - repoURL: - type: string - targetRevision: - type: string - required: - - repoURL - type: object - sources: - items: - properties: - chart: - type: string - directory: - properties: - exclude: - type: string - include: - type: string - jsonnet: - properties: - extVars: - items: - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - libs: - items: - type: string - type: array - tlas: - items: - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - type: object - recurse: - type: boolean - type: object - helm: - properties: - fileParameters: - items: - properties: - name: - type: string - path: - type: string - type: object - type: array - ignoreMissingValueFiles: - type: boolean - parameters: - items: - properties: - forceString: - type: boolean - name: - type: string - value: - type: string - type: object - type: array - passCredentials: - type: boolean - releaseName: - type: string - skipCrds: - type: boolean - valueFiles: - items: - type: string - type: array - values: - type: string - valuesObject: - type: object - x-kubernetes-preserve-unknown-fields: true - version: - type: string - type: object - kustomize: - properties: - commonAnnotations: - additionalProperties: - type: string - type: object - commonAnnotationsEnvsubst: - type: boolean - commonLabels: - additionalProperties: - type: string - type: object - forceCommonAnnotations: - type: boolean - forceCommonLabels: - type: boolean - images: - items: - type: string - type: array - namePrefix: - type: string - nameSuffix: - type: string - namespace: - type: string - patches: - items: - properties: - options: - additionalProperties: - type: boolean - type: object - patch: - type: string - path: - type: string - target: - properties: - annotationSelector: - type: string - group: - type: string - kind: - type: string - labelSelector: - type: string - name: - type: string - namespace: - type: string - version: - type: string - type: object - type: object - type: array - replicas: - items: - properties: - count: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - name: - type: string - required: - - count - - name - type: object - type: array - version: - type: string - type: object - path: - type: string - plugin: - properties: - env: - items: - properties: - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - name: - type: string - parameters: - items: - properties: - array: - items: - type: string - type: array - map: - additionalProperties: - type: string - type: object - name: - type: string - string: - type: string - type: object - type: array - type: object - ref: - type: string - repoURL: - type: string - targetRevision: - type: string - required: - - repoURL - type: object - type: array - syncPolicy: - properties: - automated: - properties: - allowEmpty: - type: boolean - prune: - type: boolean - selfHeal: - type: boolean - type: object - managedNamespaceMetadata: - properties: - annotations: - additionalProperties: - type: string - type: object - labels: - additionalProperties: - type: string - type: object - type: object - retry: - properties: - backoff: - properties: - duration: - type: string - factor: - format: int64 - type: integer - maxDuration: - type: string - type: object - limit: - format: int64 - type: integer - type: object - syncOptions: - items: - type: string - type: array - type: object - required: - - destination - - project - type: object - required: - - metadata - - spec - type: object - required: - - generators - - mergeKeys - type: object - plugin: - properties: - configMapRef: - properties: - name: - type: string - required: - - name - type: object - input: - properties: - parameters: - additionalProperties: - x-kubernetes-preserve-unknown-fields: true - type: object - type: object - requeueAfterSeconds: - format: int64 - type: integer - template: - properties: - metadata: - properties: - annotations: - additionalProperties: - type: string - type: object - finalizers: - items: - type: string - type: array - labels: - additionalProperties: - type: string - type: object - name: - type: string - namespace: - type: string - type: object - spec: - properties: - destination: - properties: - name: - type: string - namespace: - type: string - server: - type: string - type: object - ignoreDifferences: - items: - properties: - group: - type: string - jqPathExpressions: - items: - type: string - type: array - jsonPointers: - items: - type: string - type: array - kind: - type: string - managedFieldsManagers: - items: - type: string - type: array - name: - type: string - namespace: - type: string - required: - - kind - type: object - type: array - info: - items: - properties: - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - project: - type: string - revisionHistoryLimit: - format: int64 - type: integer - source: - properties: - chart: - type: string - directory: - properties: - exclude: - type: string - include: - type: string - jsonnet: - properties: - extVars: - items: - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - libs: - items: - type: string - type: array - tlas: - items: - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - type: object - recurse: - type: boolean - type: object - helm: - properties: - fileParameters: - items: - properties: - name: - type: string - path: - type: string - type: object - type: array - ignoreMissingValueFiles: - type: boolean - parameters: - items: - properties: - forceString: - type: boolean - name: - type: string - value: - type: string - type: object - type: array - passCredentials: - type: boolean - releaseName: - type: string - skipCrds: - type: boolean - valueFiles: - items: - type: string - type: array - values: - type: string - valuesObject: - type: object - x-kubernetes-preserve-unknown-fields: true - version: - type: string - type: object - kustomize: - properties: - commonAnnotations: - additionalProperties: - type: string - type: object - commonAnnotationsEnvsubst: - type: boolean - commonLabels: - additionalProperties: - type: string - type: object - forceCommonAnnotations: - type: boolean - forceCommonLabels: - type: boolean - images: - items: - type: string - type: array - namePrefix: - type: string - nameSuffix: - type: string - namespace: - type: string - patches: - items: - properties: - options: - additionalProperties: - type: boolean - type: object - patch: - type: string - path: - type: string - target: - properties: - annotationSelector: - type: string - group: - type: string - kind: - type: string - labelSelector: - type: string - name: - type: string - namespace: - type: string - version: - type: string - type: object - type: object - type: array - replicas: - items: - properties: - count: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - name: - type: string - required: - - count - - name - type: object - type: array - version: - type: string - type: object - path: - type: string - plugin: - properties: - env: - items: - properties: - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - name: - type: string - parameters: - items: - properties: - array: - items: - type: string - type: array - map: - additionalProperties: - type: string - type: object - name: - type: string - string: - type: string - type: object - type: array - type: object - ref: - type: string - repoURL: - type: string - targetRevision: - type: string - required: - - repoURL - type: object - sources: - items: - properties: - chart: - type: string - directory: - properties: - exclude: - type: string - include: - type: string - jsonnet: - properties: - extVars: - items: - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - libs: - items: - type: string - type: array - tlas: - items: - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - type: object - recurse: - type: boolean - type: object - helm: - properties: - fileParameters: - items: - properties: - name: - type: string - path: - type: string - type: object - type: array - ignoreMissingValueFiles: - type: boolean - parameters: - items: - properties: - forceString: - type: boolean - name: - type: string - value: - type: string - type: object - type: array - passCredentials: - type: boolean - releaseName: - type: string - skipCrds: - type: boolean - valueFiles: - items: - type: string - type: array - values: - type: string - valuesObject: - type: object - x-kubernetes-preserve-unknown-fields: true - version: - type: string - type: object - kustomize: - properties: - commonAnnotations: - additionalProperties: - type: string - type: object - commonAnnotationsEnvsubst: - type: boolean - commonLabels: - additionalProperties: - type: string - type: object - forceCommonAnnotations: - type: boolean - forceCommonLabels: - type: boolean - images: - items: - type: string - type: array - namePrefix: - type: string - nameSuffix: - type: string - namespace: - type: string - patches: - items: - properties: - options: - additionalProperties: - type: boolean - type: object - patch: - type: string - path: - type: string - target: - properties: - annotationSelector: - type: string - group: - type: string - kind: - type: string - labelSelector: - type: string - name: - type: string - namespace: - type: string - version: - type: string - type: object - type: object - type: array - replicas: - items: - properties: - count: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - name: - type: string - required: - - count - - name - type: object - type: array - version: - type: string - type: object - path: - type: string - plugin: - properties: - env: - items: - properties: - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - name: - type: string - parameters: - items: - properties: - array: - items: - type: string - type: array - map: - additionalProperties: - type: string - type: object - name: - type: string - string: - type: string - type: object - type: array - type: object - ref: - type: string - repoURL: - type: string - targetRevision: - type: string - required: - - repoURL - type: object - type: array - syncPolicy: - properties: - automated: - properties: - allowEmpty: - type: boolean - prune: - type: boolean - selfHeal: - type: boolean - type: object - managedNamespaceMetadata: - properties: - annotations: - additionalProperties: - type: string - type: object - labels: - additionalProperties: - type: string - type: object - type: object - retry: - properties: - backoff: - properties: - duration: - type: string - factor: - format: int64 - type: integer - maxDuration: - type: string - type: object - limit: - format: int64 - type: integer - type: object - syncOptions: - items: - type: string - type: array - type: object - required: - - destination - - project - type: object - required: - - metadata - - spec - type: object - values: - additionalProperties: - type: string - type: object - required: - - configMapRef - type: object - pullRequest: - properties: - azuredevops: - properties: - api: - type: string - labels: - items: - type: string - type: array - organization: - type: string - project: - type: string - repo: - type: string - tokenRef: - properties: - key: - type: string - secretName: - type: string - required: - - key - - secretName - type: object - required: - - organization - - project - - repo - type: object - bitbucket: - properties: - api: - type: string - basicAuth: - properties: - passwordRef: - properties: - key: - type: string - secretName: - type: string - required: - - key - - secretName - type: object - username: - type: string - required: - - passwordRef - - username - type: object - bearerToken: - properties: - tokenRef: - properties: - key: - type: string - secretName: - type: string - required: - - key - - secretName - type: object - required: - - tokenRef - type: object - owner: - type: string - repo: - type: string - required: - - owner - - repo - type: object - bitbucketServer: - properties: - api: - type: string - basicAuth: - properties: - passwordRef: - properties: - key: - type: string - secretName: - type: string - required: - - key - - secretName - type: object - username: - type: string - required: - - passwordRef - - username - type: object - project: - type: string - repo: - type: string - required: - - api - - project - - repo - type: object - filters: - items: - properties: - branchMatch: - type: string - targetBranchMatch: - type: string - type: object - type: array - gitea: - properties: - api: - type: string - insecure: - type: boolean - owner: - type: string - repo: - type: string - tokenRef: - properties: - key: - type: string - secretName: - type: string - required: - - key - - secretName - type: object - required: - - api - - owner - - repo - type: object - github: - properties: - api: - type: string - appSecretName: - type: string - labels: - items: - type: string - type: array - owner: - type: string - repo: - type: string - tokenRef: - properties: - key: - type: string - secretName: - type: string - required: - - key - - secretName - type: object - required: - - owner - - repo - type: object - gitlab: - properties: - api: - type: string - insecure: - type: boolean - labels: - items: - type: string - type: array - project: - type: string - pullRequestState: - type: string - tokenRef: - properties: - key: - type: string - secretName: - type: string - required: - - key - - secretName - type: object - required: - - project - type: object - requeueAfterSeconds: - format: int64 - type: integer - template: - properties: - metadata: - properties: - annotations: - additionalProperties: - type: string - type: object - finalizers: - items: - type: string - type: array - labels: - additionalProperties: - type: string - type: object - name: - type: string - namespace: - type: string - type: object - spec: - properties: - destination: - properties: - name: - type: string - namespace: - type: string - server: - type: string - type: object - ignoreDifferences: - items: - properties: - group: - type: string - jqPathExpressions: - items: - type: string - type: array - jsonPointers: - items: - type: string - type: array - kind: - type: string - managedFieldsManagers: - items: - type: string - type: array - name: - type: string - namespace: - type: string - required: - - kind - type: object - type: array - info: - items: - properties: - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - project: - type: string - revisionHistoryLimit: - format: int64 - type: integer - source: - properties: - chart: - type: string - directory: - properties: - exclude: - type: string - include: - type: string - jsonnet: - properties: - extVars: - items: - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - libs: - items: - type: string - type: array - tlas: - items: - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - type: object - recurse: - type: boolean - type: object - helm: - properties: - fileParameters: - items: - properties: - name: - type: string - path: - type: string - type: object - type: array - ignoreMissingValueFiles: - type: boolean - parameters: - items: - properties: - forceString: - type: boolean - name: - type: string - value: - type: string - type: object - type: array - passCredentials: - type: boolean - releaseName: - type: string - skipCrds: - type: boolean - valueFiles: - items: - type: string - type: array - values: - type: string - valuesObject: - type: object - x-kubernetes-preserve-unknown-fields: true - version: - type: string - type: object - kustomize: - properties: - commonAnnotations: - additionalProperties: - type: string - type: object - commonAnnotationsEnvsubst: - type: boolean - commonLabels: - additionalProperties: - type: string - type: object - forceCommonAnnotations: - type: boolean - forceCommonLabels: - type: boolean - images: - items: - type: string - type: array - namePrefix: - type: string - nameSuffix: - type: string - namespace: - type: string - patches: - items: - properties: - options: - additionalProperties: - type: boolean - type: object - patch: - type: string - path: - type: string - target: - properties: - annotationSelector: - type: string - group: - type: string - kind: - type: string - labelSelector: - type: string - name: - type: string - namespace: - type: string - version: - type: string - type: object - type: object - type: array - replicas: - items: - properties: - count: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - name: - type: string - required: - - count - - name - type: object - type: array - version: - type: string - type: object - path: - type: string - plugin: - properties: - env: - items: - properties: - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - name: - type: string - parameters: - items: - properties: - array: - items: - type: string - type: array - map: - additionalProperties: - type: string - type: object - name: - type: string - string: - type: string - type: object - type: array - type: object - ref: - type: string - repoURL: - type: string - targetRevision: - type: string - required: - - repoURL - type: object - sources: - items: - properties: - chart: - type: string - directory: - properties: - exclude: - type: string - include: - type: string - jsonnet: - properties: - extVars: - items: - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - libs: - items: - type: string - type: array - tlas: - items: - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - type: object - recurse: - type: boolean - type: object - helm: - properties: - fileParameters: - items: - properties: - name: - type: string - path: - type: string - type: object - type: array - ignoreMissingValueFiles: - type: boolean - parameters: - items: - properties: - forceString: - type: boolean - name: - type: string - value: - type: string - type: object - type: array - passCredentials: - type: boolean - releaseName: - type: string - skipCrds: - type: boolean - valueFiles: - items: - type: string - type: array - values: - type: string - valuesObject: - type: object - x-kubernetes-preserve-unknown-fields: true - version: - type: string - type: object - kustomize: - properties: - commonAnnotations: - additionalProperties: - type: string - type: object - commonAnnotationsEnvsubst: - type: boolean - commonLabels: - additionalProperties: - type: string - type: object - forceCommonAnnotations: - type: boolean - forceCommonLabels: - type: boolean - images: - items: - type: string - type: array - namePrefix: - type: string - nameSuffix: - type: string - namespace: - type: string - patches: - items: - properties: - options: - additionalProperties: - type: boolean - type: object - patch: - type: string - path: - type: string - target: - properties: - annotationSelector: - type: string - group: - type: string - kind: - type: string - labelSelector: - type: string - name: - type: string - namespace: - type: string - version: - type: string - type: object - type: object - type: array - replicas: - items: - properties: - count: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - name: - type: string - required: - - count - - name - type: object - type: array - version: - type: string - type: object - path: - type: string - plugin: - properties: - env: - items: - properties: - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - name: - type: string - parameters: - items: - properties: - array: - items: - type: string - type: array - map: - additionalProperties: - type: string - type: object - name: - type: string - string: - type: string - type: object - type: array - type: object - ref: - type: string - repoURL: - type: string - targetRevision: - type: string - required: - - repoURL - type: object - type: array - syncPolicy: - properties: - automated: - properties: - allowEmpty: - type: boolean - prune: - type: boolean - selfHeal: - type: boolean - type: object - managedNamespaceMetadata: - properties: - annotations: - additionalProperties: - type: string - type: object - labels: - additionalProperties: - type: string - type: object - type: object - retry: - properties: - backoff: - properties: - duration: - type: string - factor: - format: int64 - type: integer - maxDuration: - type: string - type: object - limit: - format: int64 - type: integer - type: object - syncOptions: - items: - type: string - type: array - type: object - required: - - destination - - project - type: object - required: - - metadata - - spec - type: object - type: object - scmProvider: - properties: - awsCodeCommit: - properties: - allBranches: - type: boolean - region: - type: string - role: - type: string - tagFilters: - items: - properties: - key: - type: string - value: - type: string - required: - - key - type: object - type: array - type: object - azureDevOps: - properties: - accessTokenRef: - properties: - key: - type: string - secretName: - type: string - required: - - key - - secretName - type: object - allBranches: - type: boolean - api: - type: string - organization: - type: string - teamProject: - type: string - required: - - accessTokenRef - - organization - - teamProject - type: object - bitbucket: - properties: - allBranches: - type: boolean - appPasswordRef: - properties: - key: - type: string - secretName: - type: string - required: - - key - - secretName - type: object - owner: - type: string - user: - type: string - required: - - appPasswordRef - - owner - - user - type: object - bitbucketServer: - properties: - allBranches: - type: boolean - api: - type: string - basicAuth: - properties: - passwordRef: - properties: - key: - type: string - secretName: - type: string - required: - - key - - secretName - type: object - username: - type: string - required: - - passwordRef - - username - type: object - project: - type: string - required: - - api - - project - type: object - cloneProtocol: - type: string - filters: - items: - properties: - branchMatch: - type: string - labelMatch: - type: string - pathsDoNotExist: - items: - type: string - type: array - pathsExist: - items: - type: string - type: array - repositoryMatch: - type: string - type: object - type: array - gitea: - properties: - allBranches: - type: boolean - api: - type: string - insecure: - type: boolean - owner: - type: string - tokenRef: - properties: - key: - type: string - secretName: - type: string - required: - - key - - secretName - type: object - required: - - api - - owner - type: object - github: - properties: - allBranches: - type: boolean - api: - type: string - appSecretName: - type: string - organization: - type: string - tokenRef: - properties: - key: - type: string - secretName: - type: string - required: - - key - - secretName - type: object - required: - - organization - type: object - gitlab: - properties: - allBranches: - type: boolean - api: - type: string - group: - type: string - includeSharedProjects: - type: boolean - includeSubgroups: - type: boolean - insecure: - type: boolean - tokenRef: - properties: - key: - type: string - secretName: - type: string - required: - - key - - secretName - type: object - topic: - type: string - required: - - group - type: object - requeueAfterSeconds: - format: int64 - type: integer - template: - properties: - metadata: - properties: - annotations: - additionalProperties: - type: string - type: object - finalizers: - items: - type: string - type: array - labels: - additionalProperties: - type: string - type: object - name: - type: string - namespace: - type: string - type: object - spec: - properties: - destination: - properties: - name: - type: string - namespace: - type: string - server: - type: string - type: object - ignoreDifferences: - items: - properties: - group: - type: string - jqPathExpressions: - items: - type: string - type: array - jsonPointers: - items: - type: string - type: array - kind: - type: string - managedFieldsManagers: - items: - type: string - type: array - name: - type: string - namespace: - type: string - required: - - kind - type: object - type: array - info: - items: - properties: - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - project: - type: string - revisionHistoryLimit: - format: int64 - type: integer - source: - properties: - chart: - type: string - directory: - properties: - exclude: - type: string - include: - type: string - jsonnet: - properties: - extVars: - items: - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - libs: - items: - type: string - type: array - tlas: - items: - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - type: object - recurse: - type: boolean - type: object - helm: - properties: - fileParameters: - items: - properties: - name: - type: string - path: - type: string - type: object - type: array - ignoreMissingValueFiles: - type: boolean - parameters: - items: - properties: - forceString: - type: boolean - name: - type: string - value: - type: string - type: object - type: array - passCredentials: - type: boolean - releaseName: - type: string - skipCrds: - type: boolean - valueFiles: - items: - type: string - type: array - values: - type: string - valuesObject: - type: object - x-kubernetes-preserve-unknown-fields: true - version: - type: string - type: object - kustomize: - properties: - commonAnnotations: - additionalProperties: - type: string - type: object - commonAnnotationsEnvsubst: - type: boolean - commonLabels: - additionalProperties: - type: string - type: object - forceCommonAnnotations: - type: boolean - forceCommonLabels: - type: boolean - images: - items: - type: string - type: array - namePrefix: - type: string - nameSuffix: - type: string - namespace: - type: string - patches: - items: - properties: - options: - additionalProperties: - type: boolean - type: object - patch: - type: string - path: - type: string - target: - properties: - annotationSelector: - type: string - group: - type: string - kind: - type: string - labelSelector: - type: string - name: - type: string - namespace: - type: string - version: - type: string - type: object - type: object - type: array - replicas: - items: - properties: - count: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - name: - type: string - required: - - count - - name - type: object - type: array - version: - type: string - type: object - path: - type: string - plugin: - properties: - env: - items: - properties: - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - name: - type: string - parameters: - items: - properties: - array: - items: - type: string - type: array - map: - additionalProperties: - type: string - type: object - name: - type: string - string: - type: string - type: object - type: array - type: object - ref: - type: string - repoURL: - type: string - targetRevision: - type: string - required: - - repoURL - type: object - sources: - items: - properties: - chart: - type: string - directory: - properties: - exclude: - type: string - include: - type: string - jsonnet: - properties: - extVars: - items: - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - libs: - items: - type: string - type: array - tlas: - items: - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - type: object - recurse: - type: boolean - type: object - helm: - properties: - fileParameters: - items: - properties: - name: - type: string - path: - type: string - type: object - type: array - ignoreMissingValueFiles: - type: boolean - parameters: - items: - properties: - forceString: - type: boolean - name: - type: string - value: - type: string - type: object - type: array - passCredentials: - type: boolean - releaseName: - type: string - skipCrds: - type: boolean - valueFiles: - items: - type: string - type: array - values: - type: string - valuesObject: - type: object - x-kubernetes-preserve-unknown-fields: true - version: - type: string - type: object - kustomize: - properties: - commonAnnotations: - additionalProperties: - type: string - type: object - commonAnnotationsEnvsubst: - type: boolean - commonLabels: - additionalProperties: - type: string - type: object - forceCommonAnnotations: - type: boolean - forceCommonLabels: - type: boolean - images: - items: - type: string - type: array - namePrefix: - type: string - nameSuffix: - type: string - namespace: - type: string - patches: - items: - properties: - options: - additionalProperties: - type: boolean - type: object - patch: - type: string - path: - type: string - target: - properties: - annotationSelector: - type: string - group: - type: string - kind: - type: string - labelSelector: - type: string - name: - type: string - namespace: - type: string - version: - type: string - type: object - type: object - type: array - replicas: - items: - properties: - count: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - name: - type: string - required: - - count - - name - type: object - type: array - version: - type: string - type: object - path: - type: string - plugin: - properties: - env: - items: - properties: - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - name: - type: string - parameters: - items: - properties: - array: - items: - type: string - type: array - map: - additionalProperties: - type: string - type: object - name: - type: string - string: - type: string - type: object - type: array - type: object - ref: - type: string - repoURL: - type: string - targetRevision: - type: string - required: - - repoURL - type: object - type: array - syncPolicy: - properties: - automated: - properties: - allowEmpty: - type: boolean - prune: - type: boolean - selfHeal: - type: boolean - type: object - managedNamespaceMetadata: - properties: - annotations: - additionalProperties: - type: string - type: object - labels: - additionalProperties: - type: string - type: object - type: object - retry: - properties: - backoff: - properties: - duration: - type: string - factor: - format: int64 - type: integer - maxDuration: - type: string - type: object - limit: - format: int64 - type: integer - type: object - syncOptions: - items: - type: string - type: array - type: object - required: - - destination - - project - type: object - required: - - metadata - - spec - type: object - values: - additionalProperties: - type: string - type: object - type: object - selector: - properties: - matchExpressions: - items: - properties: - key: - type: string - operator: - type: string - values: - items: - type: string - type: array - required: - - key - - operator - type: object - type: array - matchLabels: - additionalProperties: - type: string - type: object - type: object - type: object - type: array - goTemplate: - type: boolean - goTemplateOptions: - items: - type: string - type: array - ignoreApplicationDifferences: - items: - properties: - jqPathExpressions: - items: - type: string - type: array - jsonPointers: - items: - type: string - type: array - name: - type: string - type: object - type: array - preservedFields: - properties: - annotations: - items: - type: string - type: array - labels: - items: - type: string - type: array - type: object - strategy: - properties: - rollingSync: - properties: - steps: - items: - properties: - matchExpressions: - items: - properties: - key: - type: string - operator: - type: string - values: - items: - type: string - type: array - type: object - type: array - maxUpdate: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - type: object - type: array - type: object - type: - type: string - type: object - syncPolicy: - properties: - applicationsSync: - enum: - - create-only - - create-update - - create-delete - - sync - type: string - preserveResourcesOnDeletion: - type: boolean - type: object - template: - properties: - metadata: - properties: - annotations: - additionalProperties: - type: string - type: object - finalizers: - items: - type: string - type: array - labels: - additionalProperties: - type: string - type: object - name: - type: string - namespace: - type: string - type: object - spec: - properties: - destination: - properties: - name: - type: string - namespace: - type: string - server: - type: string - type: object - ignoreDifferences: - items: - properties: - group: - type: string - jqPathExpressions: - items: - type: string - type: array - jsonPointers: - items: - type: string - type: array - kind: - type: string - managedFieldsManagers: - items: - type: string - type: array - name: - type: string - namespace: - type: string - required: - - kind - type: object - type: array - info: - items: - properties: - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - project: - type: string - revisionHistoryLimit: - format: int64 - type: integer - source: - properties: - chart: - type: string - directory: - properties: - exclude: - type: string - include: - type: string - jsonnet: - properties: - extVars: - items: - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - libs: - items: - type: string - type: array - tlas: - items: - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - type: object - recurse: - type: boolean - type: object - helm: - properties: - fileParameters: - items: - properties: - name: - type: string - path: - type: string - type: object - type: array - ignoreMissingValueFiles: - type: boolean - parameters: - items: - properties: - forceString: - type: boolean - name: - type: string - value: - type: string - type: object - type: array - passCredentials: - type: boolean - releaseName: - type: string - skipCrds: - type: boolean - valueFiles: - items: - type: string - type: array - values: - type: string - valuesObject: - type: object - x-kubernetes-preserve-unknown-fields: true - version: - type: string - type: object - kustomize: - properties: - commonAnnotations: - additionalProperties: - type: string - type: object - commonAnnotationsEnvsubst: - type: boolean - commonLabels: - additionalProperties: - type: string - type: object - forceCommonAnnotations: - type: boolean - forceCommonLabels: - type: boolean - images: - items: - type: string - type: array - namePrefix: - type: string - nameSuffix: - type: string - namespace: - type: string - patches: - items: - properties: - options: - additionalProperties: - type: boolean - type: object - patch: - type: string - path: - type: string - target: - properties: - annotationSelector: - type: string - group: - type: string - kind: - type: string - labelSelector: - type: string - name: - type: string - namespace: - type: string - version: - type: string - type: object - type: object - type: array - replicas: - items: - properties: - count: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - name: - type: string - required: - - count - - name - type: object - type: array - version: - type: string - type: object - path: - type: string - plugin: - properties: - env: - items: - properties: - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - name: - type: string - parameters: - items: - properties: - array: - items: - type: string - type: array - map: - additionalProperties: - type: string - type: object - name: - type: string - string: - type: string - type: object - type: array - type: object - ref: - type: string - repoURL: - type: string - targetRevision: - type: string - required: - - repoURL - type: object - sources: - items: - properties: - chart: - type: string - directory: - properties: - exclude: - type: string - include: - type: string - jsonnet: - properties: - extVars: - items: - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - libs: - items: - type: string - type: array - tlas: - items: - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - type: object - recurse: - type: boolean - type: object - helm: - properties: - fileParameters: - items: - properties: - name: - type: string - path: - type: string - type: object - type: array - ignoreMissingValueFiles: - type: boolean - parameters: - items: - properties: - forceString: - type: boolean - name: - type: string - value: - type: string - type: object - type: array - passCredentials: - type: boolean - releaseName: - type: string - skipCrds: - type: boolean - valueFiles: - items: - type: string - type: array - values: - type: string - valuesObject: - type: object - x-kubernetes-preserve-unknown-fields: true - version: - type: string - type: object - kustomize: - properties: - commonAnnotations: - additionalProperties: - type: string - type: object - commonAnnotationsEnvsubst: - type: boolean - commonLabels: - additionalProperties: - type: string - type: object - forceCommonAnnotations: - type: boolean - forceCommonLabels: - type: boolean - images: - items: - type: string - type: array - namePrefix: - type: string - nameSuffix: - type: string - namespace: - type: string - patches: - items: - properties: - options: - additionalProperties: - type: boolean - type: object - patch: - type: string - path: - type: string - target: - properties: - annotationSelector: - type: string - group: - type: string - kind: - type: string - labelSelector: - type: string - name: - type: string - namespace: - type: string - version: - type: string - type: object - type: object - type: array - replicas: - items: - properties: - count: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - name: - type: string - required: - - count - - name - type: object - type: array - version: - type: string - type: object - path: - type: string - plugin: - properties: - env: - items: - properties: - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - name: - type: string - parameters: - items: - properties: - array: - items: - type: string - type: array - map: - additionalProperties: - type: string - type: object - name: - type: string - string: - type: string - type: object - type: array - type: object - ref: - type: string - repoURL: - type: string - targetRevision: - type: string - required: - - repoURL - type: object - type: array - syncPolicy: - properties: - automated: - properties: - allowEmpty: - type: boolean - prune: - type: boolean - selfHeal: - type: boolean - type: object - managedNamespaceMetadata: - properties: - annotations: - additionalProperties: - type: string - type: object - labels: - additionalProperties: - type: string - type: object - type: object - retry: - properties: - backoff: - properties: - duration: - type: string - factor: - format: int64 - type: integer - maxDuration: - type: string - type: object - limit: - format: int64 - type: integer - type: object - syncOptions: - items: - type: string - type: array - type: object - required: - - destination - - project - type: object - required: - - metadata - - spec - type: object - required: - - generators - - template - type: object - status: - properties: - applicationStatus: - items: - properties: - application: - type: string - lastTransitionTime: - format: date-time - type: string - message: - type: string - status: - type: string - step: - type: string - required: - - application - - message - - status - - step - type: object - type: array - conditions: - items: - properties: - lastTransitionTime: - format: date-time - type: string - message: - type: string - reason: - type: string - status: - type: string - type: - type: string - required: - - message - - reason - - status - - type - type: object - type: array - type: object - required: - - metadata - - spec - type: object - served: true - storage: true - subresources: - status: {} ---- -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - labels: - app.kubernetes.io/name: appprojects.argoproj.io - app.kubernetes.io/part-of: argocd - name: appprojects.argoproj.io -spec: - group: argoproj.io - names: - kind: AppProject - listKind: AppProjectList - plural: appprojects - shortNames: - - appproj - - appprojs - singular: appproject - scope: Namespaced - versions: - - name: v1alpha1 - schema: - openAPIV3Schema: - description: 'AppProject provides a logical grouping of applications, providing - controls for: * where the apps may deploy to (cluster whitelist) * what - may be deployed (repository whitelist, resource whitelist/blacklist) * who - can access these applications (roles, OIDC group claims bindings) * and - what they can do (RBAC policies) * automation access to these roles (JWT - tokens)' - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: AppProjectSpec is the specification of an AppProject - properties: - clusterResourceBlacklist: - description: ClusterResourceBlacklist contains list of blacklisted - cluster level resources - items: - description: GroupKind specifies a Group and a Kind, but does not - force a version. This is useful for identifying concepts during - lookup stages without having partially valid types - properties: - group: - type: string - kind: - type: string - required: - - group - - kind - type: object - type: array - clusterResourceWhitelist: - description: ClusterResourceWhitelist contains list of whitelisted - cluster level resources - items: - description: GroupKind specifies a Group and a Kind, but does not - force a version. This is useful for identifying concepts during - lookup stages without having partially valid types - properties: - group: - type: string - kind: - type: string - required: - - group - - kind - type: object - type: array - description: - description: Description contains optional project description - type: string - destinations: - description: Destinations contains list of destinations available - for deployment - items: - description: ApplicationDestination holds information about the - application's destination - properties: - name: - description: Name is an alternate way of specifying the target - cluster by its symbolic name. This must be set if Server is - not set. - type: string - namespace: - description: Namespace specifies the target namespace for the - application's resources. The namespace will only be set for - namespace-scoped resources that have not set a value for .metadata.namespace - type: string - server: - description: Server specifies the URL of the target cluster's - Kubernetes control plane API. This must be set if Name is - not set. - type: string - type: object - type: array - namespaceResourceBlacklist: - description: NamespaceResourceBlacklist contains list of blacklisted - namespace level resources - items: - description: GroupKind specifies a Group and a Kind, but does not - force a version. This is useful for identifying concepts during - lookup stages without having partially valid types - properties: - group: - type: string - kind: - type: string - required: - - group - - kind - type: object - type: array - namespaceResourceWhitelist: - description: NamespaceResourceWhitelist contains list of whitelisted - namespace level resources - items: - description: GroupKind specifies a Group and a Kind, but does not - force a version. This is useful for identifying concepts during - lookup stages without having partially valid types - properties: - group: - type: string - kind: - type: string - required: - - group - - kind - type: object - type: array - orphanedResources: - description: OrphanedResources specifies if controller should monitor - orphaned resources of apps in this project - properties: - ignore: - description: Ignore contains a list of resources that are to be - excluded from orphaned resources monitoring - items: - description: OrphanedResourceKey is a reference to a resource - to be ignored from - properties: - group: - type: string - kind: - type: string - name: - type: string - type: object - type: array - warn: - description: Warn indicates if warning condition should be created - for apps which have orphaned resources - type: boolean - type: object - permitOnlyProjectScopedClusters: - description: PermitOnlyProjectScopedClusters determines whether destinations - can only reference clusters which are project-scoped - type: boolean - roles: - description: Roles are user defined RBAC roles associated with this - project - items: - description: ProjectRole represents a role that has access to a - project - properties: - description: - description: Description is a description of the role - type: string - groups: - description: Groups are a list of OIDC group claims bound to - this role - items: - type: string - type: array - jwtTokens: - description: JWTTokens are a list of generated JWT tokens bound - to this role - items: - description: JWTToken holds the issuedAt and expiresAt values - of a token - properties: - exp: - format: int64 - type: integer - iat: - format: int64 - type: integer - id: - type: string - required: - - iat - type: object - type: array - name: - description: Name is a name for this role - type: string - policies: - description: Policies Stores a list of casbin formatted strings - that define access policies for the role in the project - items: - type: string - type: array - required: - - name - type: object - type: array - signatureKeys: - description: SignatureKeys contains a list of PGP key IDs that commits - in Git must be signed with in order to be allowed for sync - items: - description: SignatureKey is the specification of a key required - to verify commit signatures with - properties: - keyID: - description: The ID of the key in hexadecimal notation - type: string - required: - - keyID - type: object - type: array - sourceNamespaces: - description: SourceNamespaces defines the namespaces application resources - are allowed to be created in - items: - type: string - type: array - sourceRepos: - description: SourceRepos contains list of repository URLs which can - be used for deployment - items: - type: string - type: array - syncWindows: - description: SyncWindows controls when syncs can be run for apps in - this project - items: - description: SyncWindow contains the kind, time, duration and attributes - that are used to assign the syncWindows to apps - properties: - applications: - description: Applications contains a list of applications that - the window will apply to - items: - type: string - type: array - clusters: - description: Clusters contains a list of clusters that the window - will apply to - items: - type: string - type: array - duration: - description: Duration is the amount of time the sync window - will be open - type: string - kind: - description: Kind defines if the window allows or blocks syncs - type: string - manualSync: - description: ManualSync enables manual syncs when they would - otherwise be blocked - type: boolean - namespaces: - description: Namespaces contains a list of namespaces that the - window will apply to - items: - type: string - type: array - schedule: - description: Schedule is the time the window will begin, specified - in cron format - type: string - timeZone: - description: TimeZone of the sync that will be applied to the - schedule - type: string - type: object - type: array - type: object - status: - description: AppProjectStatus contains status information for AppProject - CRs - properties: - jwtTokensByRole: - additionalProperties: - description: JWTTokens represents a list of JWT tokens - properties: - items: - items: - description: JWTToken holds the issuedAt and expiresAt values - of a token - properties: - exp: - format: int64 - type: integer - iat: - format: int64 - type: integer - id: - type: string - required: - - iat - type: object - type: array - type: object - description: JWTTokensByRole contains a list of JWT tokens issued - for a given role - type: object - type: object - required: - - metadata - - spec - type: object - served: true - storage: true ---- -apiVersion: v1 -kind: ServiceAccount -metadata: - labels: - app.kubernetes.io/component: application-controller - app.kubernetes.io/name: argocd-application-controller - app.kubernetes.io/part-of: argocd - name: argocd-application-controller ---- -apiVersion: v1 -kind: ServiceAccount -metadata: - labels: - app.kubernetes.io/component: applicationset-controller - app.kubernetes.io/name: argocd-applicationset-controller - app.kubernetes.io/part-of: argocd - name: argocd-applicationset-controller ---- -apiVersion: v1 -kind: ServiceAccount -metadata: - labels: - app.kubernetes.io/component: dex-server - app.kubernetes.io/name: argocd-dex-server - app.kubernetes.io/part-of: argocd - name: argocd-dex-server ---- -apiVersion: v1 -kind: ServiceAccount -metadata: - labels: - app.kubernetes.io/component: notifications-controller - app.kubernetes.io/name: argocd-notifications-controller - app.kubernetes.io/part-of: argocd - name: argocd-notifications-controller ---- -apiVersion: v1 -kind: ServiceAccount -metadata: - labels: - app.kubernetes.io/component: redis - app.kubernetes.io/name: argocd-redis - app.kubernetes.io/part-of: argocd - name: argocd-redis ---- -apiVersion: v1 -kind: ServiceAccount -metadata: - labels: - app.kubernetes.io/component: repo-server - app.kubernetes.io/name: argocd-repo-server - app.kubernetes.io/part-of: argocd - name: argocd-repo-server ---- -apiVersion: v1 -kind: ServiceAccount -metadata: - labels: - app.kubernetes.io/component: server - app.kubernetes.io/name: argocd-server - app.kubernetes.io/part-of: argocd - name: argocd-server ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: Role -metadata: - labels: - app.kubernetes.io/component: application-controller - app.kubernetes.io/name: argocd-application-controller - app.kubernetes.io/part-of: argocd - name: argocd-application-controller -rules: -- apiGroups: - - "" - resources: - - secrets - - configmaps - verbs: - - get - - list - - watch -- apiGroups: - - argoproj.io - resources: - - applications - - appprojects - verbs: - - create - - get - - list - - watch - - update - - patch - - delete -- apiGroups: - - "" - resources: - - events - verbs: - - create - - list ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: Role -metadata: - labels: - app.kubernetes.io/component: applicationset-controller - app.kubernetes.io/name: argocd-applicationset-controller - app.kubernetes.io/part-of: argocd - name: argocd-applicationset-controller -rules: -- apiGroups: - - argoproj.io - resources: - - applications - - applicationsets - - applicationsets/finalizers - verbs: - - create - - delete - - get - - list - - patch - - update - - watch -- apiGroups: - - argoproj.io - resources: - - appprojects - verbs: - - get -- apiGroups: - - argoproj.io - resources: - - applicationsets/status - verbs: - - get - - patch - - update -- apiGroups: - - "" - resources: - - events - verbs: - - create - - get - - list - - patch - - watch -- apiGroups: - - "" - resources: - - secrets - - configmaps - verbs: - - get - - list - - watch -- apiGroups: - - apps - - extensions - resources: - - deployments - verbs: - - get - - list - - watch ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: Role -metadata: - labels: - app.kubernetes.io/component: dex-server - app.kubernetes.io/name: argocd-dex-server - app.kubernetes.io/part-of: argocd - name: argocd-dex-server -rules: -- apiGroups: - - "" - resources: - - secrets - - configmaps - verbs: - - get - - list - - watch ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: Role -metadata: - labels: - app.kubernetes.io/component: notifications-controller - app.kubernetes.io/name: argocd-notifications-controller - app.kubernetes.io/part-of: argocd - name: argocd-notifications-controller -rules: -- apiGroups: - - argoproj.io - resources: - - applications - - appprojects - verbs: - - get - - list - - watch - - update - - patch -- apiGroups: - - "" - resources: - - configmaps - - secrets - verbs: - - list - - watch -- apiGroups: - - "" - resourceNames: - - argocd-notifications-cm - resources: - - configmaps - verbs: - - get -- apiGroups: - - "" - resourceNames: - - argocd-notifications-secret - resources: - - secrets - verbs: - - get ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: Role -metadata: - labels: - app.kubernetes.io/component: server - app.kubernetes.io/name: argocd-server - app.kubernetes.io/part-of: argocd - name: argocd-server -rules: -- apiGroups: - - "" - resources: - - secrets - - configmaps - verbs: - - create - - get - - list - - watch - - update - - patch - - delete -- apiGroups: - - argoproj.io - resources: - - applications - - appprojects - - applicationsets - verbs: - - create - - get - - list - - watch - - update - - delete - - patch -- apiGroups: - - "" - resources: - - events - verbs: - - create - - list ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRole -metadata: - labels: - app.kubernetes.io/component: application-controller - app.kubernetes.io/name: argocd-application-controller - app.kubernetes.io/part-of: argocd - name: argocd-application-controller -rules: -- apiGroups: - - '*' - resources: - - '*' - verbs: - - '*' -- nonResourceURLs: - - '*' - verbs: - - '*' ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRole -metadata: - labels: - app.kubernetes.io/component: server - app.kubernetes.io/name: argocd-server - app.kubernetes.io/part-of: argocd - name: argocd-server -rules: -- apiGroups: - - '*' - resources: - - '*' - verbs: - - delete - - get - - patch -- apiGroups: - - "" - resources: - - events - verbs: - - list -- apiGroups: - - "" - resources: - - pods - - pods/log - verbs: - - get -- apiGroups: - - argoproj.io - resources: - - applications - - applicationsets - verbs: - - get - - list - - watch -- apiGroups: - - batch - resources: - - jobs - verbs: - - create -- apiGroups: - - argoproj.io - resources: - - workflows - verbs: - - create ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: RoleBinding -metadata: - labels: - app.kubernetes.io/component: application-controller - app.kubernetes.io/name: argocd-application-controller - app.kubernetes.io/part-of: argocd - name: argocd-application-controller -roleRef: - apiGroup: rbac.authorization.k8s.io - kind: Role - name: argocd-application-controller -subjects: -- kind: ServiceAccount - name: argocd-application-controller ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: RoleBinding -metadata: - labels: - app.kubernetes.io/component: applicationset-controller - app.kubernetes.io/name: argocd-applicationset-controller - app.kubernetes.io/part-of: argocd - name: argocd-applicationset-controller -roleRef: - apiGroup: rbac.authorization.k8s.io - kind: Role - name: argocd-applicationset-controller -subjects: -- kind: ServiceAccount - name: argocd-applicationset-controller ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: RoleBinding -metadata: - labels: - app.kubernetes.io/component: dex-server - app.kubernetes.io/name: argocd-dex-server - app.kubernetes.io/part-of: argocd - name: argocd-dex-server -roleRef: - apiGroup: rbac.authorization.k8s.io - kind: Role - name: argocd-dex-server -subjects: -- kind: ServiceAccount - name: argocd-dex-server ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: RoleBinding -metadata: - labels: - app.kubernetes.io/component: notifications-controller - app.kubernetes.io/name: argocd-notifications-controller - app.kubernetes.io/part-of: argocd - name: argocd-notifications-controller -roleRef: - apiGroup: rbac.authorization.k8s.io - kind: Role - name: argocd-notifications-controller -subjects: -- kind: ServiceAccount - name: argocd-notifications-controller ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: RoleBinding -metadata: - labels: - app.kubernetes.io/component: server - app.kubernetes.io/name: argocd-server - app.kubernetes.io/part-of: argocd - name: argocd-server -roleRef: - apiGroup: rbac.authorization.k8s.io - kind: Role - name: argocd-server -subjects: -- kind: ServiceAccount - name: argocd-server ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRoleBinding -metadata: - labels: - app.kubernetes.io/component: application-controller - app.kubernetes.io/name: argocd-application-controller - app.kubernetes.io/part-of: argocd - name: argocd-application-controller -roleRef: - apiGroup: rbac.authorization.k8s.io - kind: ClusterRole - name: argocd-application-controller -subjects: -- kind: ServiceAccount - name: argocd-application-controller - namespace: argocd ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRoleBinding -metadata: - labels: - app.kubernetes.io/component: server - app.kubernetes.io/name: argocd-server - app.kubernetes.io/part-of: argocd - name: argocd-server -roleRef: - apiGroup: rbac.authorization.k8s.io - kind: ClusterRole - name: argocd-server -subjects: -- kind: ServiceAccount - name: argocd-server - namespace: argocd ---- -apiVersion: v1 -kind: ConfigMap -metadata: - labels: - app.kubernetes.io/name: argocd-cm - app.kubernetes.io/part-of: argocd - name: argocd-cm ---- -apiVersion: v1 -kind: ConfigMap -metadata: - labels: - app.kubernetes.io/name: argocd-gpg-keys-cm - app.kubernetes.io/part-of: argocd - name: argocd-gpg-keys-cm ---- -apiVersion: v1 -kind: ConfigMap -metadata: - labels: - app.kubernetes.io/component: notifications-controller - app.kubernetes.io/name: argocd-notifications-controller - app.kubernetes.io/part-of: argocd - name: argocd-notifications-cm ---- -apiVersion: v1 -kind: ConfigMap -metadata: - labels: - app.kubernetes.io/name: argocd-rbac-cm - app.kubernetes.io/part-of: argocd - name: argocd-rbac-cm ---- -apiVersion: v1 -data: - ssh_known_hosts: | - # This file was automatically generated by hack/update-ssh-known-hosts.sh. DO NOT EDIT - [ssh.github.com]:443 ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBEmKSENjQEezOmxkZMy7opKgwFB9nkt5YRrYMjNuG5N87uRgg6CLrbo5wAdT/y6v0mKV0U2w0WZ2YB/++Tpockg= - [ssh.github.com]:443 ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOMqqnkVzrm0SdG6UOoqKLsabgH5C9okWi0dh2l9GKJl - [ssh.github.com]:443 ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQCj7ndNxQowgcQnjshcLrqPEiiphnt+VTTvDP6mHBL9j1aNUkY4Ue1gvwnGLVlOhGeYrnZaMgRK6+PKCUXaDbC7qtbW8gIkhL7aGCsOr/C56SJMy/BCZfxd1nWzAOxSDPgVsmerOBYfNqltV9/hWCqBywINIR+5dIg6JTJ72pcEpEjcYgXkE2YEFXV1JHnsKgbLWNlhScqb2UmyRkQyytRLtL+38TGxkxCflmO+5Z8CSSNY7GidjMIZ7Q4zMjA2n1nGrlTDkzwDCsw+wqFPGQA179cnfGWOWRVruj16z6XyvxvjJwbz0wQZ75XK5tKSb7FNyeIEs4TT4jk+S4dhPeAUC5y+bDYirYgM4GC7uEnztnZyaVWQ7B381AK4Qdrwt51ZqExKbQpTUNn+EjqoTwvqNj4kqx5QUCI0ThS/YkOxJCXmPUWZbhjpCg56i+2aB6CmK2JGhn57K5mj0MNdBXA4/WnwH6XoPWJzK5Nyu2zB3nAZp+S5hpQs+p1vN1/wsjk= - bitbucket.org ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBPIQmuzMBuKdWeF4+a2sjSSpBK0iqitSQ+5BM9KhpexuGt20JpTVM7u5BDZngncgrqDMbWdxMWWOGtZ9UgbqgZE= - bitbucket.org ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIIazEu89wgQZ4bqs3d63QSMzYVa0MuJ2e2gKTKqu+UUO - bitbucket.org ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQDQeJzhupRu0u0cdegZIa8e86EG2qOCsIsD1Xw0xSeiPDlCr7kq97NLmMbpKTX6Esc30NuoqEEHCuc7yWtwp8dI76EEEB1VqY9QJq6vk+aySyboD5QF61I/1WeTwu+deCbgKMGbUijeXhtfbxSxm6JwGrXrhBdofTsbKRUsrN1WoNgUa8uqN1Vx6WAJw1JHPhglEGGHea6QICwJOAr/6mrui/oB7pkaWKHj3z7d1IC4KWLtY47elvjbaTlkN04Kc/5LFEirorGYVbt15kAUlqGM65pk6ZBxtaO3+30LVlORZkxOh+LKL/BvbZ/iRNhItLqNyieoQj/uh/7Iv4uyH/cV/0b4WDSd3DptigWq84lJubb9t/DnZlrJazxyDCulTmKdOR7vs9gMTo+uoIrPSb8ScTtvw65+odKAlBj59dhnVp9zd7QUojOpXlL62Aw56U4oO+FALuevvMjiWeavKhJqlR7i5n9srYcrNV7ttmDw7kf/97P5zauIhxcjX+xHv4M= - github.com ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBEmKSENjQEezOmxkZMy7opKgwFB9nkt5YRrYMjNuG5N87uRgg6CLrbo5wAdT/y6v0mKV0U2w0WZ2YB/++Tpockg= - github.com ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOMqqnkVzrm0SdG6UOoqKLsabgH5C9okWi0dh2l9GKJl - github.com ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQCj7ndNxQowgcQnjshcLrqPEiiphnt+VTTvDP6mHBL9j1aNUkY4Ue1gvwnGLVlOhGeYrnZaMgRK6+PKCUXaDbC7qtbW8gIkhL7aGCsOr/C56SJMy/BCZfxd1nWzAOxSDPgVsmerOBYfNqltV9/hWCqBywINIR+5dIg6JTJ72pcEpEjcYgXkE2YEFXV1JHnsKgbLWNlhScqb2UmyRkQyytRLtL+38TGxkxCflmO+5Z8CSSNY7GidjMIZ7Q4zMjA2n1nGrlTDkzwDCsw+wqFPGQA179cnfGWOWRVruj16z6XyvxvjJwbz0wQZ75XK5tKSb7FNyeIEs4TT4jk+S4dhPeAUC5y+bDYirYgM4GC7uEnztnZyaVWQ7B381AK4Qdrwt51ZqExKbQpTUNn+EjqoTwvqNj4kqx5QUCI0ThS/YkOxJCXmPUWZbhjpCg56i+2aB6CmK2JGhn57K5mj0MNdBXA4/WnwH6XoPWJzK5Nyu2zB3nAZp+S5hpQs+p1vN1/wsjk= - gitlab.com ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBFSMqzJeV9rUzU4kWitGjeR4PWSa29SPqJ1fVkhtj3Hw9xjLVXVYrU9QlYWrOLXBpQ6KWjbjTDTdDkoohFzgbEY= - gitlab.com ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIAfuCHKVTjquxvt6CM6tdG4SLp1Btn/nOeHHE5UOzRdf - gitlab.com ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCsj2bNKTBSpIYDEGk9KxsGh3mySTRgMtXL583qmBpzeQ+jqCMRgBqB98u3z++J1sKlXHWfM9dyhSevkMwSbhoR8XIq/U0tCNyokEi/ueaBMCvbcTHhO7FcwzY92WK4Yt0aGROY5qX2UKSeOvuP4D6TPqKF1onrSzH9bx9XUf2lEdWT/ia1NEKjunUqu1xOB/StKDHMoX4/OKyIzuS0q/T1zOATthvasJFoPrAjkohTyaDUz2LN5JoH839hViyEG82yB+MjcFV5MU3N1l1QL3cVUCh93xSaua1N85qivl+siMkPGbO5xR/En4iEY6K2XPASUEMaieWVNTRCtJ4S8H+9 - ssh.dev.azure.com ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC7Hr1oTWqNqOlzGJOfGJ4NakVyIzf1rXYd4d7wo6jBlkLvCA4odBlL0mDUyZ0/QUfTTqeu+tm22gOsv+VrVTMk6vwRU75gY/y9ut5Mb3bR5BV58dKXyq9A9UeB5Cakehn5Zgm6x1mKoVyf+FFn26iYqXJRgzIZZcZ5V6hrE0Qg39kZm4az48o0AUbf6Sp4SLdvnuMa2sVNwHBboS7EJkm57XQPVU3/QpyNLHbWDdzwtrlS+ez30S3AdYhLKEOxAG8weOnyrtLJAUen9mTkol8oII1edf7mWWbWVf0nBmly21+nZcmCTISQBtdcyPaEno7fFQMDD26/s0lfKob4Kw8H - vs-ssh.visualstudio.com ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC7Hr1oTWqNqOlzGJOfGJ4NakVyIzf1rXYd4d7wo6jBlkLvCA4odBlL0mDUyZ0/QUfTTqeu+tm22gOsv+VrVTMk6vwRU75gY/y9ut5Mb3bR5BV58dKXyq9A9UeB5Cakehn5Zgm6x1mKoVyf+FFn26iYqXJRgzIZZcZ5V6hrE0Qg39kZm4az48o0AUbf6Sp4SLdvnuMa2sVNwHBboS7EJkm57XQPVU3/QpyNLHbWDdzwtrlS+ez30S3AdYhLKEOxAG8weOnyrtLJAUen9mTkol8oII1edf7mWWbWVf0nBmly21+nZcmCTISQBtdcyPaEno7fFQMDD26/s0lfKob4Kw8H -kind: ConfigMap -metadata: - labels: - app.kubernetes.io/name: argocd-ssh-known-hosts-cm - app.kubernetes.io/part-of: argocd - name: argocd-ssh-known-hosts-cm ---- -apiVersion: v1 -kind: ConfigMap -metadata: - labels: - app.kubernetes.io/name: argocd-tls-certs-cm - app.kubernetes.io/part-of: argocd - name: argocd-tls-certs-cm ---- -apiVersion: v1 -kind: Secret -metadata: - labels: - app.kubernetes.io/component: notifications-controller - app.kubernetes.io/name: argocd-notifications-controller - app.kubernetes.io/part-of: argocd - name: argocd-notifications-secret -type: Opaque ---- -apiVersion: v1 -kind: Secret -metadata: - labels: - app.kubernetes.io/name: argocd-secret - app.kubernetes.io/part-of: argocd - name: argocd-secret -type: Opaque ---- -apiVersion: v1 -kind: Service -metadata: - labels: - app.kubernetes.io/component: applicationset-controller - app.kubernetes.io/name: argocd-applicationset-controller - app.kubernetes.io/part-of: argocd - name: argocd-applicationset-controller -spec: - ports: - - name: webhook - port: 7000 - protocol: TCP - targetPort: webhook - - name: metrics - port: 8080 - protocol: TCP - targetPort: metrics - selector: - app.kubernetes.io/name: argocd-applicationset-controller ---- -apiVersion: v1 -kind: Service -metadata: - labels: - app.kubernetes.io/component: dex-server - app.kubernetes.io/name: argocd-dex-server - app.kubernetes.io/part-of: argocd - name: argocd-dex-server -spec: - ports: - - appProtocol: TCP - name: http - port: 5556 - protocol: TCP - targetPort: 5556 - - name: grpc - port: 5557 - protocol: TCP - targetPort: 5557 - - name: metrics - port: 5558 - protocol: TCP - targetPort: 5558 - selector: - app.kubernetes.io/name: argocd-dex-server ---- -apiVersion: v1 -kind: Service -metadata: - labels: - app.kubernetes.io/component: metrics - app.kubernetes.io/name: argocd-metrics - app.kubernetes.io/part-of: argocd - name: argocd-metrics -spec: - ports: - - name: metrics - port: 8082 - protocol: TCP - targetPort: 8082 - selector: - app.kubernetes.io/name: argocd-application-controller ---- -apiVersion: v1 -kind: Service -metadata: - labels: - app.kubernetes.io/component: notifications-controller - app.kubernetes.io/name: argocd-notifications-controller-metrics - app.kubernetes.io/part-of: argocd - name: argocd-notifications-controller-metrics -spec: - ports: - - name: metrics - port: 9001 - protocol: TCP - targetPort: 9001 - selector: - app.kubernetes.io/name: argocd-notifications-controller ---- -apiVersion: v1 -kind: Service -metadata: - labels: - app.kubernetes.io/component: redis - app.kubernetes.io/name: argocd-redis - app.kubernetes.io/part-of: argocd - name: argocd-redis -spec: - ports: - - name: tcp-redis - port: 6379 - targetPort: 6379 - selector: - app.kubernetes.io/name: argocd-redis ---- -apiVersion: v1 -kind: Service -metadata: - labels: - app.kubernetes.io/component: repo-server - app.kubernetes.io/name: argocd-repo-server - app.kubernetes.io/part-of: argocd - name: argocd-repo-server -spec: - ports: - - name: server - port: 8081 - protocol: TCP - targetPort: 8081 - - name: metrics - port: 8084 - protocol: TCP - targetPort: 8084 - selector: - app.kubernetes.io/name: argocd-repo-server ---- -apiVersion: v1 -kind: Service -metadata: - labels: - app.kubernetes.io/component: server - app.kubernetes.io/name: argocd-server - app.kubernetes.io/part-of: argocd - name: argocd-server -spec: - ports: - - name: http - port: 80 - protocol: TCP - targetPort: 8080 - - name: https - port: 443 - protocol: TCP - targetPort: 8080 - selector: - app.kubernetes.io/name: argocd-server ---- -apiVersion: v1 -kind: Service -metadata: - labels: - app.kubernetes.io/component: server - app.kubernetes.io/name: argocd-server-metrics - app.kubernetes.io/part-of: argocd - name: argocd-server-metrics -spec: - ports: - - name: metrics - port: 8083 - protocol: TCP - targetPort: 8083 - selector: - app.kubernetes.io/name: argocd-server ---- -apiVersion: apps/v1 -kind: Deployment -metadata: - labels: - app.kubernetes.io/component: applicationset-controller - app.kubernetes.io/name: argocd-applicationset-controller - app.kubernetes.io/part-of: argocd - name: argocd-applicationset-controller -spec: - selector: - matchLabels: - app.kubernetes.io/name: argocd-applicationset-controller - template: - metadata: - labels: - app.kubernetes.io/name: argocd-applicationset-controller - spec: - containers: - - args: - - /usr/local/bin/argocd-applicationset-controller - env: - - name: ARGOCD_APPLICATIONSET_CONTROLLER_GLOBAL_PRESERVED_ANNOTATIONS - valueFrom: - configMapKeyRef: - key: applicationsetcontroller.global.preserved.annotations - name: argocd-cmd-params-cm - optional: true - - name: ARGOCD_APPLICATIONSET_CONTROLLER_GLOBAL_PRESERVED_LABELS - valueFrom: - configMapKeyRef: - key: applicationsetcontroller.global.preserved.labels - name: argocd-cmd-params-cm - optional: true - - name: NAMESPACE - valueFrom: - fieldRef: - fieldPath: metadata.namespace - - name: ARGOCD_APPLICATIONSET_CONTROLLER_ENABLE_LEADER_ELECTION - valueFrom: - configMapKeyRef: - key: applicationsetcontroller.enable.leader.election - name: argocd-cmd-params-cm - optional: true - - name: ARGOCD_APPLICATIONSET_CONTROLLER_REPO_SERVER - valueFrom: - configMapKeyRef: - key: repo.server - name: argocd-cmd-params-cm - optional: true - - name: ARGOCD_APPLICATIONSET_CONTROLLER_POLICY - valueFrom: - configMapKeyRef: - key: applicationsetcontroller.policy - name: argocd-cmd-params-cm - optional: true - - name: ARGOCD_APPLICATIONSET_CONTROLLER_ENABLE_POLICY_OVERRIDE - valueFrom: - configMapKeyRef: - key: applicationsetcontroller.enable.policy.override - name: argocd-cmd-params-cm - optional: true - - name: ARGOCD_APPLICATIONSET_CONTROLLER_DEBUG - valueFrom: - configMapKeyRef: - key: applicationsetcontroller.debug - name: argocd-cmd-params-cm - optional: true - - name: ARGOCD_APPLICATIONSET_CONTROLLER_LOGFORMAT - valueFrom: - configMapKeyRef: - key: applicationsetcontroller.log.format - name: argocd-cmd-params-cm - optional: true - - name: ARGOCD_APPLICATIONSET_CONTROLLER_LOGLEVEL - valueFrom: - configMapKeyRef: - key: applicationsetcontroller.log.level - name: argocd-cmd-params-cm - optional: true - - name: ARGOCD_APPLICATIONSET_CONTROLLER_DRY_RUN - valueFrom: - configMapKeyRef: - key: applicationsetcontroller.dryrun - name: argocd-cmd-params-cm - optional: true - - name: ARGOCD_GIT_MODULES_ENABLED - valueFrom: - configMapKeyRef: - key: applicationsetcontroller.enable.git.submodule - name: argocd-cmd-params-cm - optional: true - - name: ARGOCD_APPLICATIONSET_CONTROLLER_ENABLE_PROGRESSIVE_SYNCS - valueFrom: - configMapKeyRef: - key: applicationsetcontroller.enable.progressive.syncs - name: argocd-cmd-params-cm - optional: true - - name: ARGOCD_APPLICATIONSET_CONTROLLER_ENABLE_NEW_GIT_FILE_GLOBBING - valueFrom: - configMapKeyRef: - key: applicationsetcontroller.enable.new.git.file.globbing - name: argocd-cmd-params-cm - optional: true - - name: ARGOCD_APPLICATIONSET_CONTROLLER_REPO_SERVER_PLAINTEXT - valueFrom: - configMapKeyRef: - key: applicationsetcontroller.repo.server.plaintext - name: argocd-cmd-params-cm - optional: true - - name: ARGOCD_APPLICATIONSET_CONTROLLER_REPO_SERVER_STRICT_TLS - valueFrom: - configMapKeyRef: - key: applicationsetcontroller.repo.server.strict.tls - name: argocd-cmd-params-cm - optional: true - - name: ARGOCD_APPLICATIONSET_CONTROLLER_REPO_SERVER_TIMEOUT_SECONDS - valueFrom: - configMapKeyRef: - key: applicationsetcontroller.repo.server.timeout.seconds - name: argocd-cmd-params-cm - optional: true - - name: ARGOCD_APPLICATIONSET_CONTROLLER_CONCURRENT_RECONCILIATIONS - valueFrom: - configMapKeyRef: - key: applicationsetcontroller.concurrent.reconciliations.max - name: argocd-cmd-params-cm - optional: true - - name: ARGOCD_APPLICATIONSET_CONTROLLER_NAMESPACES - valueFrom: - configMapKeyRef: - key: applicationsetcontroller.namespaces - name: argocd-cmd-params-cm - optional: true - - name: ARGOCD_APPLICATIONSET_CONTROLLER_SCM_ROOT_CA_PATH - valueFrom: - configMapKeyRef: - key: applicationsetcontroller.scm.root.ca.path - name: argocd-cmd-params-cm - optional: true - - name: ARGOCD_APPLICATIONSET_CONTROLLER_ALLOWED_SCM_PROVIDERS - valueFrom: - configMapKeyRef: - key: applicationsetcontroller.allowed.scm.providers - name: argocd-cmd-params-cm - optional: true - image: quay.io/argoproj/argocd:v2.9.3 - imagePullPolicy: Always - name: argocd-applicationset-controller - ports: - - containerPort: 7000 - name: webhook - - containerPort: 8080 - name: metrics - securityContext: - allowPrivilegeEscalation: false - capabilities: - drop: - - ALL - readOnlyRootFilesystem: true - runAsNonRoot: true - seccompProfile: - type: RuntimeDefault - volumeMounts: - - mountPath: /app/config/ssh - name: ssh-known-hosts - - mountPath: /app/config/tls - name: tls-certs - - mountPath: /app/config/gpg/source - name: gpg-keys - - mountPath: /app/config/gpg/keys - name: gpg-keyring - - mountPath: /tmp - name: tmp - - mountPath: /app/config/reposerver/tls - name: argocd-repo-server-tls - serviceAccountName: argocd-applicationset-controller - volumes: - - configMap: - name: argocd-ssh-known-hosts-cm - name: ssh-known-hosts - - configMap: - name: argocd-tls-certs-cm - name: tls-certs - - configMap: - name: argocd-gpg-keys-cm - name: gpg-keys - - emptyDir: {} - name: gpg-keyring - - emptyDir: {} - name: tmp - - name: argocd-repo-server-tls - secret: - items: - - key: tls.crt - path: tls.crt - - key: tls.key - path: tls.key - - key: ca.crt - path: ca.crt - optional: true - secretName: argocd-repo-server-tls ---- -apiVersion: apps/v1 -kind: Deployment -metadata: - labels: - app.kubernetes.io/component: dex-server - app.kubernetes.io/name: argocd-dex-server - app.kubernetes.io/part-of: argocd - name: argocd-dex-server -spec: - selector: - matchLabels: - app.kubernetes.io/name: argocd-dex-server - template: - metadata: - labels: - app.kubernetes.io/name: argocd-dex-server - spec: - affinity: - podAntiAffinity: - preferredDuringSchedulingIgnoredDuringExecution: - - podAffinityTerm: - labelSelector: - matchLabels: - app.kubernetes.io/part-of: argocd - topologyKey: kubernetes.io/hostname - weight: 5 - containers: - - command: - - /shared/argocd-dex - - rundex - env: - - name: ARGOCD_DEX_SERVER_DISABLE_TLS - valueFrom: - configMapKeyRef: - key: dexserver.disable.tls - name: argocd-cmd-params-cm - optional: true - image: ghcr.io/dexidp/dex:v2.37.0 - imagePullPolicy: Always - name: dex - ports: - - containerPort: 5556 - - containerPort: 5557 - - containerPort: 5558 - securityContext: - allowPrivilegeEscalation: false - capabilities: - drop: - - ALL - readOnlyRootFilesystem: true - runAsNonRoot: true - seccompProfile: - type: RuntimeDefault - volumeMounts: - - mountPath: /shared - name: static-files - - mountPath: /tmp - name: dexconfig - - mountPath: /tls - name: argocd-dex-server-tls - initContainers: - - command: - - /bin/cp - - -n - - /usr/local/bin/argocd - - /shared/argocd-dex - image: quay.io/argoproj/argocd:v2.9.3 - imagePullPolicy: Always - name: copyutil - securityContext: - allowPrivilegeEscalation: false - capabilities: - drop: - - ALL - readOnlyRootFilesystem: true - runAsNonRoot: true - seccompProfile: - type: RuntimeDefault - volumeMounts: - - mountPath: /shared - name: static-files - - mountPath: /tmp - name: dexconfig - serviceAccountName: argocd-dex-server - volumes: - - emptyDir: {} - name: static-files - - emptyDir: {} - name: dexconfig - - name: argocd-dex-server-tls - secret: - items: - - key: tls.crt - path: tls.crt - - key: tls.key - path: tls.key - - key: ca.crt - path: ca.crt - optional: true - secretName: argocd-dex-server-tls ---- -apiVersion: apps/v1 -kind: Deployment -metadata: - labels: - app.kubernetes.io/component: notifications-controller - app.kubernetes.io/name: argocd-notifications-controller - app.kubernetes.io/part-of: argocd - name: argocd-notifications-controller -spec: - selector: - matchLabels: - app.kubernetes.io/name: argocd-notifications-controller - strategy: - type: Recreate - template: - metadata: - labels: - app.kubernetes.io/name: argocd-notifications-controller - spec: - containers: - - args: - - /usr/local/bin/argocd-notifications - env: - - name: ARGOCD_NOTIFICATIONS_CONTROLLER_LOGFORMAT - valueFrom: - configMapKeyRef: - key: notificationscontroller.log.format - name: argocd-cmd-params-cm - optional: true - - name: ARGOCD_NOTIFICATIONS_CONTROLLER_LOGLEVEL - valueFrom: - configMapKeyRef: - key: notificationscontroller.log.level - name: argocd-cmd-params-cm - optional: true - - name: ARGOCD_APPLICATION_NAMESPACES - valueFrom: - configMapKeyRef: - key: application.namespaces - name: argocd-cmd-params-cm - optional: true - image: quay.io/argoproj/argocd:v2.9.3 - imagePullPolicy: Always - livenessProbe: - tcpSocket: - port: 9001 - name: argocd-notifications-controller - securityContext: - allowPrivilegeEscalation: false - capabilities: - drop: - - ALL - readOnlyRootFilesystem: true - volumeMounts: - - mountPath: /app/config/tls - name: tls-certs - - mountPath: /app/config/reposerver/tls - name: argocd-repo-server-tls - workingDir: /app - securityContext: - runAsNonRoot: true - seccompProfile: - type: RuntimeDefault - serviceAccountName: argocd-notifications-controller - volumes: - - configMap: - name: argocd-tls-certs-cm - name: tls-certs - - name: argocd-repo-server-tls - secret: - items: - - key: tls.crt - path: tls.crt - - key: tls.key - path: tls.key - - key: ca.crt - path: ca.crt - optional: true - secretName: argocd-repo-server-tls ---- -apiVersion: apps/v1 -kind: Deployment -metadata: - labels: - app.kubernetes.io/component: redis - app.kubernetes.io/name: argocd-redis - app.kubernetes.io/part-of: argocd - name: argocd-redis -spec: - selector: - matchLabels: - app.kubernetes.io/name: argocd-redis - template: - metadata: - labels: - app.kubernetes.io/name: argocd-redis - spec: - affinity: - podAntiAffinity: - preferredDuringSchedulingIgnoredDuringExecution: - - podAffinityTerm: - labelSelector: - matchLabels: - app.kubernetes.io/name: argocd-redis - topologyKey: kubernetes.io/hostname - weight: 100 - - podAffinityTerm: - labelSelector: - matchLabels: - app.kubernetes.io/part-of: argocd - topologyKey: kubernetes.io/hostname - weight: 5 - containers: - - args: - - --save - - "" - - --appendonly - - "no" - image: redis:7.0.11-alpine - imagePullPolicy: Always - name: redis - ports: - - containerPort: 6379 - securityContext: - allowPrivilegeEscalation: false - capabilities: - drop: - - ALL - readOnlyRootFilesystem: true - securityContext: - runAsNonRoot: true - runAsUser: 999 - seccompProfile: - type: RuntimeDefault - serviceAccountName: argocd-redis ---- -apiVersion: apps/v1 -kind: Deployment -metadata: - labels: - app.kubernetes.io/component: repo-server - app.kubernetes.io/name: argocd-repo-server - app.kubernetes.io/part-of: argocd - name: argocd-repo-server -spec: - selector: - matchLabels: - app.kubernetes.io/name: argocd-repo-server - template: - metadata: - labels: - app.kubernetes.io/name: argocd-repo-server - spec: - affinity: - podAntiAffinity: - preferredDuringSchedulingIgnoredDuringExecution: - - podAffinityTerm: - labelSelector: - matchLabels: - app.kubernetes.io/name: argocd-repo-server - topologyKey: kubernetes.io/hostname - weight: 100 - - podAffinityTerm: - labelSelector: - matchLabels: - app.kubernetes.io/part-of: argocd - topologyKey: kubernetes.io/hostname - weight: 5 - automountServiceAccountToken: false - containers: - - args: - - /usr/local/bin/argocd-repo-server - env: - - name: ARGOCD_RECONCILIATION_TIMEOUT - valueFrom: - configMapKeyRef: - key: timeout.reconciliation - name: argocd-cm - optional: true - - name: ARGOCD_REPO_SERVER_LOGFORMAT - valueFrom: - configMapKeyRef: - key: reposerver.log.format - name: argocd-cmd-params-cm - optional: true - - name: ARGOCD_REPO_SERVER_LOGLEVEL - valueFrom: - configMapKeyRef: - key: reposerver.log.level - name: argocd-cmd-params-cm - optional: true - - name: ARGOCD_REPO_SERVER_PARALLELISM_LIMIT - valueFrom: - configMapKeyRef: - key: reposerver.parallelism.limit - name: argocd-cmd-params-cm - optional: true - - name: ARGOCD_REPO_SERVER_LISTEN_ADDRESS - valueFrom: - configMapKeyRef: - key: reposerver.listen.address - name: argocd-cmd-params-cm - optional: true - - name: ARGOCD_REPO_SERVER_LISTEN_METRICS_ADDRESS - valueFrom: - configMapKeyRef: - key: reposerver.metrics.listen.address - name: argocd-cmd-params-cm - optional: true - - name: ARGOCD_REPO_SERVER_DISABLE_TLS - valueFrom: - configMapKeyRef: - key: reposerver.disable.tls - name: argocd-cmd-params-cm - optional: true - - name: ARGOCD_TLS_MIN_VERSION - valueFrom: - configMapKeyRef: - key: reposerver.tls.minversion - name: argocd-cmd-params-cm - optional: true - - name: ARGOCD_TLS_MAX_VERSION - valueFrom: - configMapKeyRef: - key: reposerver.tls.maxversion - name: argocd-cmd-params-cm - optional: true - - name: ARGOCD_TLS_CIPHERS - valueFrom: - configMapKeyRef: - key: reposerver.tls.ciphers - name: argocd-cmd-params-cm - optional: true - - name: ARGOCD_REPO_CACHE_EXPIRATION - valueFrom: - configMapKeyRef: - key: reposerver.repo.cache.expiration - name: argocd-cmd-params-cm - optional: true - - name: REDIS_SERVER - valueFrom: - configMapKeyRef: - key: redis.server - name: argocd-cmd-params-cm - optional: true - - name: REDIS_COMPRESSION - valueFrom: - configMapKeyRef: - key: redis.compression - name: argocd-cmd-params-cm - optional: true - - name: REDISDB - valueFrom: - configMapKeyRef: - key: redis.db - name: argocd-cmd-params-cm - optional: true - - name: ARGOCD_DEFAULT_CACHE_EXPIRATION - valueFrom: - configMapKeyRef: - key: reposerver.default.cache.expiration - name: argocd-cmd-params-cm - optional: true - - name: ARGOCD_REPO_SERVER_OTLP_ADDRESS - valueFrom: - configMapKeyRef: - key: otlp.address - name: argocd-cmd-params-cm - optional: true - - name: ARGOCD_REPO_SERVER_MAX_COMBINED_DIRECTORY_MANIFESTS_SIZE - valueFrom: - configMapKeyRef: - key: reposerver.max.combined.directory.manifests.size - name: argocd-cmd-params-cm - optional: true - - name: ARGOCD_REPO_SERVER_PLUGIN_TAR_EXCLUSIONS - valueFrom: - configMapKeyRef: - key: reposerver.plugin.tar.exclusions - name: argocd-cmd-params-cm - optional: true - - name: ARGOCD_REPO_SERVER_ALLOW_OUT_OF_BOUNDS_SYMLINKS - valueFrom: - configMapKeyRef: - key: reposerver.allow.oob.symlinks - name: argocd-cmd-params-cm - optional: true - - name: ARGOCD_REPO_SERVER_STREAMED_MANIFEST_MAX_TAR_SIZE - valueFrom: - configMapKeyRef: - key: reposerver.streamed.manifest.max.tar.size - name: argocd-cmd-params-cm - optional: true - - name: ARGOCD_REPO_SERVER_STREAMED_MANIFEST_MAX_EXTRACTED_SIZE - valueFrom: - configMapKeyRef: - key: reposerver.streamed.manifest.max.extracted.size - name: argocd-cmd-params-cm - optional: true - - name: ARGOCD_REPO_SERVER_HELM_MANIFEST_MAX_EXTRACTED_SIZE - valueFrom: - configMapKeyRef: - key: reposerver.helm.manifest.max.extracted.size - name: argocd-cmd-params-cm - optional: true - - name: ARGOCD_REPO_SERVER_DISABLE_HELM_MANIFEST_MAX_EXTRACTED_SIZE - valueFrom: - configMapKeyRef: - key: reposerver.disable.helm.manifest.max.extracted.size - name: argocd-cmd-params-cm - optional: true - - name: ARGOCD_GIT_MODULES_ENABLED - valueFrom: - configMapKeyRef: - key: reposerver.enable.git.submodule - name: argocd-cmd-params-cm - optional: true - - name: HELM_CACHE_HOME - value: /helm-working-dir - - name: HELM_CONFIG_HOME - value: /helm-working-dir - - name: HELM_DATA_HOME - value: /helm-working-dir - image: quay.io/argoproj/argocd:v2.9.3 - imagePullPolicy: Always - livenessProbe: - failureThreshold: 3 - httpGet: - path: /healthz?full=true - port: 8084 - initialDelaySeconds: 30 - periodSeconds: 30 - timeoutSeconds: 5 - name: argocd-repo-server - ports: - - containerPort: 8081 - - containerPort: 8084 - readinessProbe: - httpGet: - path: /healthz - port: 8084 - initialDelaySeconds: 5 - periodSeconds: 10 - securityContext: - allowPrivilegeEscalation: false - capabilities: - drop: - - ALL - readOnlyRootFilesystem: true - runAsNonRoot: true - seccompProfile: - type: RuntimeDefault - volumeMounts: - - mountPath: /app/config/ssh - name: ssh-known-hosts - - mountPath: /app/config/tls - name: tls-certs - - mountPath: /app/config/gpg/source - name: gpg-keys - - mountPath: /app/config/gpg/keys - name: gpg-keyring - - mountPath: /app/config/reposerver/tls - name: argocd-repo-server-tls - - mountPath: /tmp - name: tmp - - mountPath: /helm-working-dir - name: helm-working-dir - - mountPath: /home/argocd/cmp-server/plugins - name: plugins - initContainers: - - command: - - /bin/cp - - -n - - /usr/local/bin/argocd - - /var/run/argocd/argocd-cmp-server - image: quay.io/argoproj/argocd:v2.9.3 - name: copyutil - securityContext: - allowPrivilegeEscalation: false - capabilities: - drop: - - ALL - readOnlyRootFilesystem: true - runAsNonRoot: true - seccompProfile: - type: RuntimeDefault - volumeMounts: - - mountPath: /var/run/argocd - name: var-files - serviceAccountName: argocd-repo-server - volumes: - - configMap: - name: argocd-ssh-known-hosts-cm - name: ssh-known-hosts - - configMap: - name: argocd-tls-certs-cm - name: tls-certs - - configMap: - name: argocd-gpg-keys-cm - name: gpg-keys - - emptyDir: {} - name: gpg-keyring - - emptyDir: {} - name: tmp - - emptyDir: {} - name: helm-working-dir - - name: argocd-repo-server-tls - secret: - items: - - key: tls.crt - path: tls.crt - - key: tls.key - path: tls.key - - key: ca.crt - path: ca.crt - optional: true - secretName: argocd-repo-server-tls - - emptyDir: {} - name: var-files - - emptyDir: {} - name: plugins ---- -apiVersion: apps/v1 -kind: StatefulSet -metadata: - labels: - app.kubernetes.io/component: application-controller - app.kubernetes.io/name: argocd-application-controller - app.kubernetes.io/part-of: argocd - name: argocd-application-controller -spec: - replicas: 1 - selector: - matchLabels: - app.kubernetes.io/name: argocd-application-controller - serviceName: argocd-application-controller - template: - metadata: - labels: - app.kubernetes.io/name: argocd-application-controller - spec: - affinity: - podAntiAffinity: - preferredDuringSchedulingIgnoredDuringExecution: - - podAffinityTerm: - labelSelector: - matchLabels: - app.kubernetes.io/name: argocd-application-controller - topologyKey: kubernetes.io/hostname - weight: 100 - - podAffinityTerm: - labelSelector: - matchLabels: - app.kubernetes.io/part-of: argocd - topologyKey: kubernetes.io/hostname - weight: 5 - containers: - - args: - - /usr/local/bin/argocd-application-controller - env: - - name: ARGOCD_CONTROLLER_REPLICAS - value: "1" - - name: ARGOCD_RECONCILIATION_TIMEOUT - valueFrom: - configMapKeyRef: - key: timeout.reconciliation - name: argocd-cm - optional: true - - name: ARGOCD_HARD_RECONCILIATION_TIMEOUT - valueFrom: - configMapKeyRef: - key: timeout.hard.reconciliation - name: argocd-cm - optional: true - - name: ARGOCD_APPLICATION_CONTROLLER_REPO_SERVER - valueFrom: - configMapKeyRef: - key: repo.server - name: argocd-cmd-params-cm - optional: true - - name: ARGOCD_APPLICATION_CONTROLLER_REPO_SERVER_TIMEOUT_SECONDS - valueFrom: - configMapKeyRef: - key: controller.repo.server.timeout.seconds - name: argocd-cmd-params-cm - optional: true - - name: ARGOCD_APPLICATION_CONTROLLER_STATUS_PROCESSORS - valueFrom: - configMapKeyRef: - key: controller.status.processors - name: argocd-cmd-params-cm - optional: true - - name: ARGOCD_APPLICATION_CONTROLLER_OPERATION_PROCESSORS - valueFrom: - configMapKeyRef: - key: controller.operation.processors - name: argocd-cmd-params-cm - optional: true - - name: ARGOCD_APPLICATION_CONTROLLER_LOGFORMAT - valueFrom: - configMapKeyRef: - key: controller.log.format - name: argocd-cmd-params-cm - optional: true - - name: ARGOCD_APPLICATION_CONTROLLER_LOGLEVEL - valueFrom: - configMapKeyRef: - key: controller.log.level - name: argocd-cmd-params-cm - optional: true - - name: ARGOCD_APPLICATION_CONTROLLER_METRICS_CACHE_EXPIRATION - valueFrom: - configMapKeyRef: - key: controller.metrics.cache.expiration - name: argocd-cmd-params-cm - optional: true - - name: ARGOCD_APPLICATION_CONTROLLER_SELF_HEAL_TIMEOUT_SECONDS - valueFrom: - configMapKeyRef: - key: controller.self.heal.timeout.seconds - name: argocd-cmd-params-cm - optional: true - - name: ARGOCD_APPLICATION_CONTROLLER_REPO_SERVER_PLAINTEXT - valueFrom: - configMapKeyRef: - key: controller.repo.server.plaintext - name: argocd-cmd-params-cm - optional: true - - name: ARGOCD_APPLICATION_CONTROLLER_REPO_SERVER_STRICT_TLS - valueFrom: - configMapKeyRef: - key: controller.repo.server.strict.tls - name: argocd-cmd-params-cm - optional: true - - name: ARGOCD_APPLICATION_CONTROLLER_PERSIST_RESOURCE_HEALTH - valueFrom: - configMapKeyRef: - key: controller.resource.health.persist - name: argocd-cmd-params-cm - optional: true - - name: ARGOCD_APP_STATE_CACHE_EXPIRATION - valueFrom: - configMapKeyRef: - key: controller.app.state.cache.expiration - name: argocd-cmd-params-cm - optional: true - - name: REDIS_SERVER - valueFrom: - configMapKeyRef: - key: redis.server - name: argocd-cmd-params-cm - optional: true - - name: REDIS_COMPRESSION - valueFrom: - configMapKeyRef: - key: redis.compression - name: argocd-cmd-params-cm - optional: true - - name: REDISDB - valueFrom: - configMapKeyRef: - key: redis.db - name: argocd-cmd-params-cm - optional: true - - name: ARGOCD_DEFAULT_CACHE_EXPIRATION - valueFrom: - configMapKeyRef: - key: controller.default.cache.expiration - name: argocd-cmd-params-cm - optional: true - - name: ARGOCD_APPLICATION_CONTROLLER_OTLP_ADDRESS - valueFrom: - configMapKeyRef: - key: otlp.address - name: argocd-cmd-params-cm - optional: true - - name: ARGOCD_APPLICATION_NAMESPACES - valueFrom: - configMapKeyRef: - key: application.namespaces - name: argocd-cmd-params-cm - optional: true - - name: ARGOCD_CONTROLLER_SHARDING_ALGORITHM - valueFrom: - configMapKeyRef: - key: controller.sharding.algorithm - name: argocd-cmd-params-cm - optional: true - - name: ARGOCD_APPLICATION_CONTROLLER_KUBECTL_PARALLELISM_LIMIT - valueFrom: - configMapKeyRef: - key: controller.kubectl.parallelism.limit - name: argocd-cmd-params-cm - optional: true - image: quay.io/argoproj/argocd:v2.9.3 - imagePullPolicy: Always - name: argocd-application-controller - ports: - - containerPort: 8082 - readinessProbe: - httpGet: - path: /healthz - port: 8082 - initialDelaySeconds: 5 - periodSeconds: 10 - securityContext: - allowPrivilegeEscalation: false - capabilities: - drop: - - ALL - readOnlyRootFilesystem: true - runAsNonRoot: true - seccompProfile: - type: RuntimeDefault - volumeMounts: - - mountPath: /app/config/controller/tls - name: argocd-repo-server-tls - - mountPath: /home/argocd - name: argocd-home - workingDir: /home/argocd - serviceAccountName: argocd-application-controller - volumes: - - emptyDir: {} - name: argocd-home - - name: argocd-repo-server-tls - secret: - items: - - key: tls.crt - path: tls.crt - - key: tls.key - path: tls.key - - key: ca.crt - path: ca.crt - optional: true - secretName: argocd-repo-server-tls ---- -apiVersion: networking.k8s.io/v1 -kind: NetworkPolicy -metadata: - name: argocd-application-controller-network-policy -spec: - ingress: - - from: - - namespaceSelector: {} - ports: - - port: 8082 - podSelector: - matchLabels: - app.kubernetes.io/name: argocd-application-controller - policyTypes: - - Ingress ---- -apiVersion: networking.k8s.io/v1 -kind: NetworkPolicy -metadata: - name: argocd-applicationset-controller-network-policy -spec: - ingress: - - from: - - namespaceSelector: {} - ports: - - port: 7000 - protocol: TCP - - port: 8080 - protocol: TCP - podSelector: - matchLabels: - app.kubernetes.io/name: argocd-applicationset-controller - policyTypes: - - Ingress ---- -apiVersion: networking.k8s.io/v1 -kind: NetworkPolicy -metadata: - name: argocd-dex-server-network-policy -spec: - ingress: - - from: - - podSelector: - matchLabels: - app.kubernetes.io/name: argocd-server - ports: - - port: 5556 - protocol: TCP - - port: 5557 - protocol: TCP - - from: - - namespaceSelector: {} - ports: - - port: 5558 - protocol: TCP - podSelector: - matchLabels: - app.kubernetes.io/name: argocd-dex-server - policyTypes: - - Ingress ---- -apiVersion: networking.k8s.io/v1 -kind: NetworkPolicy -metadata: - labels: - app.kubernetes.io/component: notifications-controller - app.kubernetes.io/name: argocd-notifications-controller - app.kubernetes.io/part-of: argocd - name: argocd-notifications-controller-network-policy -spec: - ingress: - - from: - - namespaceSelector: {} - ports: - - port: 9001 - protocol: TCP - podSelector: - matchLabels: - app.kubernetes.io/name: argocd-notifications-controller - policyTypes: - - Ingress ---- -apiVersion: networking.k8s.io/v1 -kind: NetworkPolicy -metadata: - name: argocd-redis-network-policy -spec: - egress: - - ports: - - port: 53 - protocol: UDP - - port: 53 - protocol: TCP - ingress: - - from: - - podSelector: - matchLabels: - app.kubernetes.io/name: argocd-server - - podSelector: - matchLabels: - app.kubernetes.io/name: argocd-repo-server - - podSelector: - matchLabels: - app.kubernetes.io/name: argocd-application-controller - ports: - - port: 6379 - protocol: TCP - podSelector: - matchLabels: - app.kubernetes.io/name: argocd-redis - policyTypes: - - Ingress - - Egress ---- -apiVersion: networking.k8s.io/v1 -kind: NetworkPolicy -metadata: - name: argocd-repo-server-network-policy -spec: - ingress: - - from: - - podSelector: - matchLabels: - app.kubernetes.io/name: argocd-server - - podSelector: - matchLabels: - app.kubernetes.io/name: argocd-application-controller - - podSelector: - matchLabels: - app.kubernetes.io/name: argocd-notifications-controller - - podSelector: - matchLabels: - app.kubernetes.io/name: argocd-applicationset-controller - ports: - - port: 8081 - protocol: TCP - - from: - - namespaceSelector: {} - ports: - - port: 8084 - podSelector: - matchLabels: - app.kubernetes.io/name: argocd-repo-server - policyTypes: - - Ingress ---- -apiVersion: networking.k8s.io/v1 -kind: NetworkPolicy -metadata: - name: argocd-server-network-policy -spec: - ingress: - - {} - podSelector: - matchLabels: - app.kubernetes.io/name: argocd-server - policyTypes: - - Ingress \ No newline at end of file diff --git a/vm/ansible/playbooks/roles/k8s-master/files/bark/bark.yml b/vm/ansible/playbooks/roles/k8s-master/files/bark/bark.yml deleted file mode 100644 index e08763c1..00000000 --- a/vm/ansible/playbooks/roles/k8s-master/files/bark/bark.yml +++ /dev/null @@ -1,70 +0,0 @@ -# https://day.app/2018/06/bark-server-document/ -# create database bark; -# create user 'bark'@'%' identified by 'xxx'; -# grant all on bark.* to 'bark'@'%' with grant option; -# flush privileges; ---- -apiVersion: v1 -kind: Service -metadata: - name: bark-server-service - namespace: alomerry -spec: - ports: - - name: bark-port - port: 8639 - targetPort: bark-port - selector: - app: bark-server ---- -apiVersion: apps/v1 -kind: Deployment -metadata: - name: bark-server-deployment - namespace: alomerry -spec: - replicas: 1 - selector: - matchLabels: - app: bark-server - template: - metadata: - labels: - app: bark-server - spec: - containers: - - image: finab/bark-server:v2.1.5 - name: bark-server - env: - - name: TZ - value: "Asia/Shanghai" - - name: BARK_SERVER_DSN - valueFrom: - secretKeyRef: - name: mysql-bark-db-secret - key: barkDsn - ports: - - name: bark-port - containerPort: 8080 ---- -apiVersion: networking.k8s.io/v1 -kind: Ingress -metadata: - name: bark-dashboard-ingress - namespace: alomerry - annotations: - nginx.ingress.kubernetes.io/rewrite-target: / - nginx.ingress.kubernetes.io/enable-logging: "true" -spec: - ingressClassName: nginx - rules: - - host: bark.alomerry.com - http: - paths: - - path: / - pathType: Prefix - backend: - service: - name: bark-server-service - port: - number: 8639 \ No newline at end of file diff --git a/vm/ansible/playbooks/roles/k8s-master/files/mysql/README.md b/vm/ansible/playbooks/roles/k8s-master/files/mysql/README.md deleted file mode 100644 index 2211b29a..00000000 --- a/vm/ansible/playbooks/roles/k8s-master/files/mysql/README.md +++ /dev/null @@ -1,5 +0,0 @@ -- namespace -- pvc -- pv -- secret -- mysql.yml \ No newline at end of file diff --git a/vm/ansible/playbooks/roles/k8s-master/files/mysql/mysql.yml b/vm/ansible/playbooks/roles/k8s-master/files/mysql/mysql.yml deleted file mode 100644 index 393fb56c..00000000 --- a/vm/ansible/playbooks/roles/k8s-master/files/mysql/mysql.yml +++ /dev/null @@ -1,81 +0,0 @@ -apiVersion: v1 -kind: Service -metadata: - name: mysql-service - namespace: alomerry -spec: - ports: - - name: mysql - port: 3306 - targetPort: mysql - protocol: TCP - selector: - app: mysql ---- -apiVersion: v1 -kind: ConfigMap -metadata: - name: mysql-config - namespace: alomerry - labels: - app: mysql -data: - my.cnf: | - [mysql] - default-character-set=utf8mb4 - [mysqld] - max_connections = 2000 ---- -apiVersion: apps/v1 -kind: Deployment -metadata: - name: mysql-deployment - namespace: alomerry -spec: - replicas: 1 - selector: - matchLabels: - app: mysql - strategy: - type: Recreate - template: - metadata: - labels: - app: mysql - spec: - containers: - - image: mysql:8.0 - name: mysql - env: - - name: MYSQL_ROOT_PASSWORD - valueFrom: - secretKeyRef: - name: mysql-secret - key: rootPasswd - - name: MYSQL_ROOT_HOST - value: "" - ports: - - containerPort: 3306 - protocol: TCP - name: mysql - volumeMounts: - - name: mysql-config - mountPath: /etc/mysql/conf.d/my.cnf - subPath: my.cnf - - name: localtime - readOnly: true - mountPath: /etc/localtime - - name: mysql-pv - mountPath: /var/lib/mysql - volumes: - - name: mysql-config - configMap: - name: mysql-config - - name: mysql-pv - persistentVolumeClaim: - claimName: mysql-pvc - - name: localtime - hostPath: - type: File - path: /etc/localtime ---- \ No newline at end of file diff --git a/vm/ansible/playbooks/roles/k8s-master/files/mysql/storage.yml b/vm/ansible/playbooks/roles/k8s-master/files/mysql/storage.yml deleted file mode 100644 index 5a429691..00000000 --- a/vm/ansible/playbooks/roles/k8s-master/files/mysql/storage.yml +++ /dev/null @@ -1,36 +0,0 @@ -apiVersion: v1 -kind: Namespace -metadata: - name: alomerry ---- -apiVersion: v1 -kind: PersistentVolume -metadata: - name: mysql-pv - labels: - service: mysql -spec: - capacity: - storage: 20Gi - accessModes: - - ReadWriteOnce - nfs: - path: /mnt/nvme0n1p1/mysql - server: 192.168.31.2 - persistentVolumeReclaimPolicy: Retain ---- -apiVersion: v1 -kind: PersistentVolumeClaim -metadata: - name: mysql-pvc - namespace: alomerry -spec: - selector: - matchLabels: - service: mysql - resources: - requests: - storage: 10Gi - volumeMode: Filesystem - accessModes: - - ReadWriteOnce \ No newline at end of file diff --git a/vm/ansible/playbooks/roles/k8s-master/files/storage/kodo.yml b/vm/ansible/playbooks/roles/k8s-master/files/storage/kodo.yml deleted file mode 100644 index e5cddd3c..00000000 --- a/vm/ansible/playbooks/roles/k8s-master/files/storage/kodo.yml +++ /dev/null @@ -1,15 +0,0 @@ -apiVersion: v1 - metadata: - name: kodo-csi-pv-secret - kind: Secret - type: Opaque - data: - accesskey: "" # 必填, 必须是 BASE64 格式 - secretkey: "" # 必填, 必须是 BASE64 格式 - stringData: - bucketname: "alomerry" # 必填 - ucendpoint: "https://kodo-config.qiniuapi.com" # 必填 在公有云中,该字段可以填写为 https://kodo-config.qiniuapi.com - storageclass: "STANDARD" # 可选 默认为 STANDARD,可选值为 STANDARD,LINE,GLACIER,DEEP_ARCHIVE - region: "z0" # 可选 默认为 z0 代表华东区 - subdir: "" # 可选 仅挂载子目录,适用于通过 Bucket Policy 授权子目录的用户 - s3forcepathstyle: "false" # 可选 是否仅使用 Path Style 调用 S3 API,适用于私有云环境 \ No newline at end of file diff --git a/vm/ansible/playbooks/roles/k8s-master/files/storage/mysql/kodo.yml b/vm/ansible/playbooks/roles/k8s-master/files/storage/mysql/kodo.yml deleted file mode 100644 index 8e2d9fa8..00000000 --- a/vm/ansible/playbooks/roles/k8s-master/files/storage/mysql/kodo.yml +++ /dev/null @@ -1,56 +0,0 @@ -apiVersion: v1 -kind: PersistentVolume -metadata: - name: kodo-csi-pv-mysql # PV 名称,可以修改 - labels: - kodo-pvname: kodo-csi-pv-mysql # PVC 匹配用的标签,可以修改 -spec: - capacity: - storage: 5Gi # 空间大小,可以修改 - accessModes: - - ReadWriteMany - persistentVolumeReclaimPolicy: Retain # 无需修改,Kodo CSI 驱动只支持 Retain 策略 - csi: - driver: kodoplugin.storage.qiniu.com - volumeHandle: kodo-csi-pv # 指定为上面的 PV 名称 - volumeAttributes: - uploadcutoff: "209715200" # 分片上传阈值,大于该阈值的文件将自动使用分片的形式上传,单位为字节。默认为 200 MB,最小值为 0,最大不能超过 5 GB。 - uploadchunksize: "5242880" # 分片大小,单位为字节,默认为 5 MB。对于大文件而言,适当提高分片大小将有效提升上传效率。 - uploadconcurrency: "4" # 分片上传并发度,默认为 4。 - vfscachemode: "off" # 本地缓存模式,可选值为 off,minimal,writes,full。 - dircacheduration: "5m0s" # 目录缓存时长,默认为 5m0s。当列举目录时,如果目录没有缓存或缓存已经失效,则会从云存储列举,然后刷新缓存。 - buffersize: "16777216" # 文件内存缓冲区最大尺寸,单位为字节,默认为 16 MB。当文件被下载时,数据将被读入内存缓冲区等待读请求来获取。 - vfsreadahead: "0" # 额外预读取大小,单位为字节,默认为 0。仅在 vfscachemode 为 full 时,当文件被下载时,buffersize 大小的数据将被读取到内存缓冲区等待读取,之后的 vfsreadahead 大小的数据则被读取到本地缓存中等待读取。 - vfscachemaxage: "1h0m0s" # 本地缓存时长,默认为 1h0m0s。当本地缓存被启用时,缓存的数据最长有效期,超过有效期的数据将被自动删除。 - vfscachemaxsize: "off" # 最大本地缓存尺寸,默认为 off。 - vfscachepollinterval: "1m0s" # 清理缓存频率,默认为 1m0s。 - vfswriteback: "5s" # 本地缓存上传延迟时长,默认为 5s。 当本地写缓存被启用时,被写入的文件仅在被关闭后,且在延迟时长内没有被再打开的数据才会被上传到云存储。 - vfsreadchunksize: "134217728" # 首次下载分片大小,单位为字节,默认为 128 MB。 当 vfsreadchunksize 大于 0 时,文件总是以分片的形式被下载,且每次下载的分片被读取完毕后,下次下载的分片大小是前一次的两倍,直到分片大小达到 vfsreadchunksizelimit 或文件被下载完毕为止。 - vfsreadchunksizelimit: "off" # 最大下载分片大小,单位为字节,默认为 off。当下载的分片大小不断翻倍直到大于等于 vfsreadchunksizelimit 后,之后每次下载的分片大小总是等于 vfsreadchunksizelimit,直到文件被下载完毕为止。 - nochecksum: "no" # 上传下载时不再校验数据,默认为总是校验数据。 - nomodtime: "no" # 不再读写文件修改时间,默认为总是读写文件修改时间。禁止读写文件修改时间可以提升文件系统的性能。 - noseek: "no" # 禁止文件寻址,默认为允许文件寻址。统。 - readonly: "no" # 只读文件系统,默认为可以修改文件系 - transfers: "4" # 本地缓存上传并发度,默认为 4。当本地写缓存被启用时,异步上传文件的并发度。 - nodePublishSecretRef: - name: kodo-csi-pv-secret # 指定 Secret 名称 - namespace: default -``` - -pvc - -```yml -apiVersion: v1 -kind: PersistentVolumeClaim -metadata: - name: kodo-pvc # PVC 名称,可以修改 -spec: - accessModes: - - ReadWriteMany - storageClassName: '' - resources: - requests: - storage: 5Gi # 申请空间大小,可以修改 - selector: - matchLabels: - kodo-pvname: kodo-csi-pv # 匹配 PV 的标签 \ No newline at end of file diff --git a/vm/ansible/playbooks/roles/k8s-master/files/tekton/install/dashboard-ingress.yml b/vm/ansible/playbooks/roles/k8s-master/files/tekton/install/dashboard-ingress.yml deleted file mode 100644 index 11a00b51..00000000 --- a/vm/ansible/playbooks/roles/k8s-master/files/tekton/install/dashboard-ingress.yml +++ /dev/null @@ -1,21 +0,0 @@ -apiVersion: networking.k8s.io/v1 -kind: Ingress -metadata: - name: tekton-dashboard-ingress - namespace: tekton-pipelines - annotations: - nginx.ingress.kubernetes.io/rewrite-target: / - nginx.ingress.kubernetes.io/enable-logging: "true" -spec: - ingressClassName: nginx - rules: - - host: tekton.alomerry.com - http: - paths: - - path: / - pathType: Prefix - backend: - service: - name: tekton-dashboard - port: - number: 9097 \ No newline at end of file diff --git a/vm/ansible/playbooks/roles/k8s-master/files/tekton/install/dashboard-v0.42.0.yaml b/vm/ansible/playbooks/roles/k8s-master/files/tekton/install/dashboard-v0.42.0.yaml deleted file mode 100644 index beff5a7e..00000000 --- a/vm/ansible/playbooks/roles/k8s-master/files/tekton/install/dashboard-v0.42.0.yaml +++ /dev/null @@ -1,335 +0,0 @@ -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - labels: - app.kubernetes.io/component: dashboard - app.kubernetes.io/instance: default - app.kubernetes.io/part-of: tekton-dashboard - name: extensions.dashboard.tekton.dev -spec: - group: dashboard.tekton.dev - names: - categories: - - tekton - - tekton-dashboard - kind: Extension - plural: extensions - shortNames: - - ext - - exts - preserveUnknownFields: false - scope: Namespaced - versions: - - additionalPrinterColumns: - - jsonPath: .spec.apiVersion - name: API version - type: string - - jsonPath: .spec.name - name: Kind - type: string - - jsonPath: .spec.displayname - name: Display name - type: string - - jsonPath: .metadata.creationTimestamp - name: Age - type: date - name: v1alpha1 - schema: - openAPIV3Schema: - type: object - x-kubernetes-preserve-unknown-fields: true - served: true - storage: true - subresources: - status: {} ---- -apiVersion: v1 -kind: ServiceAccount -metadata: - labels: - app.kubernetes.io/component: dashboard - app.kubernetes.io/instance: default - app.kubernetes.io/part-of: tekton-dashboard - name: tekton-dashboard - namespace: tekton-pipelines ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: Role -metadata: - labels: - app.kubernetes.io/instance: default - app.kubernetes.io/part-of: tekton-dashboard - name: tekton-dashboard-info - namespace: tekton-pipelines -rules: - - apiGroups: - - "" - resourceNames: - - dashboard-info - resources: - - configmaps - verbs: - - get ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRole -metadata: - labels: - app.kubernetes.io/component: dashboard - app.kubernetes.io/instance: default - app.kubernetes.io/part-of: tekton-dashboard - name: tekton-dashboard-backend -rules: - - apiGroups: - - apiextensions.k8s.io - resources: - - customresourcedefinitions - verbs: - - get - - list - - apiGroups: - - security.openshift.io - resources: - - securitycontextconstraints - verbs: - - use - - apiGroups: - - tekton.dev - resources: - - clustertasks - verbs: - - get - - list - - watch - - apiGroups: - - triggers.tekton.dev - resources: - - clusterinterceptors - - clustertriggerbindings - verbs: - - get - - list - - watch ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRole -metadata: - labels: - app.kubernetes.io/component: dashboard - app.kubernetes.io/instance: default - app.kubernetes.io/part-of: tekton-dashboard - name: tekton-dashboard-tenant -rules: - - apiGroups: - - dashboard.tekton.dev - resources: - - extensions - verbs: - - get - - list - - watch - - apiGroups: - - "" - resources: - - events - - namespaces - - pods - - pods/log - verbs: - - get - - list - - watch - - apiGroups: - - tekton.dev - resources: - - tasks - - taskruns - - pipelines - - pipelineruns - - customruns - verbs: - - get - - list - - watch - - apiGroups: - - triggers.tekton.dev - resources: - - eventlisteners - - interceptors - - triggerbindings - - triggers - - triggertemplates - verbs: - - get - - list - - watch ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: RoleBinding -metadata: - labels: - app.kubernetes.io/instance: default - app.kubernetes.io/part-of: tekton-dashboard - name: tekton-dashboard-info - namespace: tekton-pipelines -roleRef: - apiGroup: rbac.authorization.k8s.io - kind: Role - name: tekton-dashboard-info -subjects: - - apiGroup: rbac.authorization.k8s.io - kind: Group - name: system:authenticated ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRoleBinding -metadata: - labels: - app.kubernetes.io/component: dashboard - app.kubernetes.io/instance: default - app.kubernetes.io/part-of: tekton-dashboard - rbac.dashboard.tekton.dev/subject: tekton-dashboard - name: tekton-dashboard-backend -roleRef: - apiGroup: rbac.authorization.k8s.io - kind: ClusterRole - name: tekton-dashboard-backend -subjects: - - kind: ServiceAccount - name: tekton-dashboard - namespace: tekton-pipelines ---- -apiVersion: v1 -data: - version: v0.42.0 -kind: ConfigMap -metadata: - labels: - app.kubernetes.io/instance: default - app.kubernetes.io/part-of: tekton-dashboard - name: dashboard-info - namespace: tekton-pipelines ---- -apiVersion: v1 -kind: Service -metadata: - labels: - app: tekton-dashboard - app.kubernetes.io/component: dashboard - app.kubernetes.io/instance: default - app.kubernetes.io/name: dashboard - app.kubernetes.io/part-of: tekton-dashboard - app.kubernetes.io/version: v0.42.0 - dashboard.tekton.dev/release: v0.42.0 - version: v0.42.0 - name: tekton-dashboard - namespace: tekton-pipelines -spec: - ports: - - name: http - port: 9097 - protocol: TCP - targetPort: 9097 - selector: - app.kubernetes.io/component: dashboard - app.kubernetes.io/instance: default - app.kubernetes.io/name: dashboard - app.kubernetes.io/part-of: tekton-dashboard ---- -apiVersion: apps/v1 -kind: Deployment -metadata: - labels: - app: tekton-dashboard - app.kubernetes.io/component: dashboard - app.kubernetes.io/instance: default - app.kubernetes.io/name: dashboard - app.kubernetes.io/part-of: tekton-dashboard - app.kubernetes.io/version: v0.42.0 - dashboard.tekton.dev/release: v0.42.0 - version: v0.42.0 - name: tekton-dashboard - namespace: tekton-pipelines -spec: - replicas: 1 - selector: - matchLabels: - app.kubernetes.io/component: dashboard - app.kubernetes.io/instance: default - app.kubernetes.io/name: dashboard - app.kubernetes.io/part-of: tekton-dashboard - template: - metadata: - labels: - app: tekton-dashboard - app.kubernetes.io/component: dashboard - app.kubernetes.io/instance: default - app.kubernetes.io/name: dashboard - app.kubernetes.io/part-of: tekton-dashboard - app.kubernetes.io/version: v0.42.0 - name: tekton-dashboard - spec: - containers: - - args: - - --port=9097 - - --logout-url= - - --pipelines-namespace=tekton-pipelines - - --triggers-namespace=tekton-pipelines - - --read-only=true - - --log-level=info - - --log-format=json - - --namespace= - - --namespaces= - - --stream-logs=true - - --external-logs= - env: - - name: INSTALLED_NAMESPACE - valueFrom: - fieldRef: - fieldPath: metadata.namespace - image: gcr.io/tekton-releases/github.com/tektoncd/dashboard/cmd/dashboard:v0.42.0@sha256:166afa47eda4982546fc996661f6c251ae7d69f7f0b09e19a1ac3fb5b045174f - livenessProbe: - httpGet: - path: /health - port: 9097 - name: tekton-dashboard - ports: - - containerPort: 9097 - readinessProbe: - httpGet: - path: /readiness - port: 9097 - securityContext: - allowPrivilegeEscalation: false - capabilities: - drop: - - ALL - runAsGroup: 65532 - runAsNonRoot: true - runAsUser: 65532 - seccompProfile: - type: RuntimeDefault - nodeSelector: - kubernetes.io/os: linux - serviceAccountName: tekton-dashboard - volumes: [] - ---- ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRoleBinding -metadata: - labels: - app.kubernetes.io/component: dashboard - app.kubernetes.io/instance: default - app.kubernetes.io/part-of: tekton-dashboard - rbac.dashboard.tekton.dev/subject: tekton-dashboard - name: tekton-dashboard-tenant -roleRef: - apiGroup: rbac.authorization.k8s.io - kind: ClusterRole - name: tekton-dashboard-tenant -subjects: - - kind: ServiceAccount - name: tekton-dashboard - namespace: tekton-pipelines diff --git a/vm/ansible/playbooks/roles/k8s-master/files/tekton/install/tekton-v0.53.3.yml b/vm/ansible/playbooks/roles/k8s-master/files/tekton/install/tekton-v0.53.3.yml deleted file mode 100644 index 2f7db32e..00000000 --- a/vm/ansible/playbooks/roles/k8s-master/files/tekton/install/tekton-v0.53.3.yml +++ /dev/null @@ -1,3463 +0,0 @@ -# Copyright 2019 The Tekton Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -kind: Namespace -metadata: - name: tekton-pipelines - labels: - app.kubernetes.io/instance: default - app.kubernetes.io/part-of: tekton-pipelines - pod-security.kubernetes.io/enforce: restricted - ---- -# Copyright 2020-2022 The Tekton Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -kind: ClusterRole -apiVersion: rbac.authorization.k8s.io/v1 -metadata: - name: tekton-pipelines-controller-cluster-access - labels: - app.kubernetes.io/component: controller - app.kubernetes.io/instance: default - app.kubernetes.io/part-of: tekton-pipelines -rules: - - apiGroups: [""] - # Controller needs to watch Pods created by TaskRuns to see them progress. - resources: ["pods"] - verbs: ["list", "watch"] - - apiGroups: [""] - # Controller needs to get the list of cordoned nodes over the course of a single run - resources: ["nodes"] - verbs: ["list"] - # Controller needs cluster access to all of the CRDs that it is responsible for - # managing. - - apiGroups: ["tekton.dev"] - resources: ["tasks", "clustertasks", "taskruns", "pipelines", "pipelineruns", "customruns", "stepactions"] - verbs: ["get", "list", "create", "update", "delete", "patch", "watch"] - - apiGroups: ["tekton.dev"] - resources: ["verificationpolicies"] - verbs: ["get", "list", "watch"] - - apiGroups: ["tekton.dev"] - resources: ["taskruns/finalizers", "pipelineruns/finalizers", "customruns/finalizers"] - verbs: ["get", "list", "create", "update", "delete", "patch", "watch"] - - apiGroups: ["tekton.dev"] - resources: ["tasks/status", "clustertasks/status", "taskruns/status", "pipelines/status", "pipelineruns/status", "customruns/status", "verificationpolicies/status", "stepactions/status"] - verbs: ["get", "list", "create", "update", "delete", "patch", "watch"] - # resolution.tekton.dev - - apiGroups: ["resolution.tekton.dev"] - resources: ["resolutionrequests", "resolutionrequests/status"] - verbs: ["get", "list", "create", "update", "delete", "patch", "watch"] ---- -kind: ClusterRole -apiVersion: rbac.authorization.k8s.io/v1 -metadata: - # This is the access that the controller needs on a per-namespace basis. - name: tekton-pipelines-controller-tenant-access - labels: - app.kubernetes.io/component: controller - app.kubernetes.io/instance: default - app.kubernetes.io/part-of: tekton-pipelines -rules: - # Read-write access to create Pods and PVCs (for Workspaces) - - apiGroups: [""] - resources: ["pods", "persistentvolumeclaims"] - verbs: ["get", "list", "create", "update", "delete", "patch", "watch"] - # Write permissions to publish events. - - apiGroups: [""] - resources: ["events"] - verbs: ["create", "update", "patch"] - # Read-only access to these. - - apiGroups: [""] - resources: ["configmaps", "limitranges", "secrets", "serviceaccounts"] - verbs: ["get", "list", "watch"] - # Read-write access to StatefulSets for Affinity Assistant. - - apiGroups: ["apps"] - resources: ["statefulsets"] - verbs: ["get", "list", "create", "update", "delete", "patch", "watch"] ---- -kind: ClusterRole -apiVersion: rbac.authorization.k8s.io/v1 -metadata: - name: tekton-pipelines-webhook-cluster-access - labels: - app.kubernetes.io/component: webhook - app.kubernetes.io/instance: default - app.kubernetes.io/part-of: tekton-pipelines -rules: - # The webhook needs to be able to get and update customresourcedefinitions, - # mainly to update the webhook certificates. - - apiGroups: ["apiextensions.k8s.io"] - resources: ["customresourcedefinitions", "customresourcedefinitions/status"] - verbs: ["get", "update", "patch"] - resourceNames: - - pipelines.tekton.dev - - pipelineruns.tekton.dev - - tasks.tekton.dev - - clustertasks.tekton.dev - - taskruns.tekton.dev - - resolutionrequests.resolution.tekton.dev - - customruns.tekton.dev - - verificationpolicies.tekton.dev - - stepactions.tekton.dev - # knative.dev/pkg needs list/watch permissions to set up informers for the webhook. - - apiGroups: ["apiextensions.k8s.io"] - resources: ["customresourcedefinitions"] - verbs: ["list", "watch"] - - apiGroups: ["admissionregistration.k8s.io"] - # The webhook performs a reconciliation on these two resources and continuously - # updates configuration. - resources: ["mutatingwebhookconfigurations", "validatingwebhookconfigurations"] - # knative starts informers on these things, which is why we need get, list and watch. - verbs: ["list", "watch"] - - apiGroups: ["admissionregistration.k8s.io"] - resources: ["mutatingwebhookconfigurations"] - # This mutating webhook is responsible for applying defaults to tekton objects - # as they are received. - resourceNames: ["webhook.pipeline.tekton.dev"] - # When there are changes to the configs or secrets, knative updates the mutatingwebhook config - # with the updated certificates or the refreshed set of rules. - verbs: ["get", "update", "delete"] - - apiGroups: ["admissionregistration.k8s.io"] - resources: ["validatingwebhookconfigurations"] - # validation.webhook.pipeline.tekton.dev performs schema validation when you, for example, create TaskRuns. - # config.webhook.pipeline.tekton.dev validates the logging configuration against knative's logging structure - resourceNames: ["validation.webhook.pipeline.tekton.dev", "config.webhook.pipeline.tekton.dev"] - # When there are changes to the configs or secrets, knative updates the validatingwebhook config - # with the updated certificates or the refreshed set of rules. - verbs: ["get", "update", "delete"] - - apiGroups: [""] - resources: ["namespaces"] - verbs: ["get"] - # The webhook configured the namespace as the OwnerRef on various cluster-scoped resources, - # which requires we can Get the system namespace. - resourceNames: ["tekton-pipelines"] - - apiGroups: [""] - resources: ["namespaces/finalizers"] - verbs: ["update"] - # The webhook configured the namespace as the OwnerRef on various cluster-scoped resources, - # which requires we can update the system namespace finalizers. - resourceNames: ["tekton-pipelines"] ---- -kind: ClusterRole -apiVersion: rbac.authorization.k8s.io/v1 -metadata: - name: tekton-events-controller-cluster-access - labels: - app.kubernetes.io/component: events - app.kubernetes.io/instance: default - app.kubernetes.io/part-of: tekton-pipelines -rules: - - apiGroups: ["tekton.dev"] - resources: ["tasks", "clustertasks", "taskruns", "pipelines", "pipelineruns", "customruns"] - verbs: ["get", "list", "watch"] - ---- -# Copyright 2020 The Tekton Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -kind: Role -apiVersion: rbac.authorization.k8s.io/v1 -metadata: - name: tekton-pipelines-controller - namespace: tekton-pipelines - labels: - app.kubernetes.io/component: controller - app.kubernetes.io/instance: default - app.kubernetes.io/part-of: tekton-pipelines -rules: - - apiGroups: [""] - resources: ["configmaps"] - verbs: ["list", "watch"] - # The controller needs access to these configmaps for logging information and runtime configuration. - - apiGroups: [""] - resources: ["configmaps"] - verbs: ["get"] - resourceNames: ["config-logging", "config-observability", "feature-flags", "config-leader-election-controller", "config-registry-cert"] ---- -kind: Role -apiVersion: rbac.authorization.k8s.io/v1 -metadata: - name: tekton-pipelines-webhook - namespace: tekton-pipelines - labels: - app.kubernetes.io/component: webhook - app.kubernetes.io/instance: default - app.kubernetes.io/part-of: tekton-pipelines -rules: - - apiGroups: [""] - resources: ["configmaps"] - verbs: ["list", "watch"] - # The webhook needs access to these configmaps for logging information. - - apiGroups: [""] - resources: ["configmaps"] - verbs: ["get"] - resourceNames: ["config-logging", "config-observability", "config-leader-election-webhook", "feature-flags"] - - apiGroups: [""] - resources: ["secrets"] - verbs: ["list", "watch"] - # The webhook daemon makes a reconciliation loop on webhook-certs. Whenever - # the secret changes it updates the webhook configurations with the certificates - # stored in the secret. - - apiGroups: [""] - resources: ["secrets"] - verbs: ["get", "update"] - resourceNames: ["webhook-certs"] ---- -kind: Role -apiVersion: rbac.authorization.k8s.io/v1 -metadata: - name: tekton-pipelines-events-controller - namespace: tekton-pipelines - labels: - app.kubernetes.io/component: events - app.kubernetes.io/instance: default - app.kubernetes.io/part-of: tekton-pipelines -rules: - - apiGroups: [""] - resources: ["configmaps"] - verbs: ["list", "watch"] - # The controller needs access to these configmaps for logging information and runtime configuration. - - apiGroups: [""] - resources: ["configmaps"] - verbs: ["get"] - resourceNames: ["config-logging", "config-observability", "feature-flags", "config-leader-election-events", "config-registry-cert"] ---- -kind: Role -apiVersion: rbac.authorization.k8s.io/v1 -metadata: - name: tekton-pipelines-leader-election - namespace: tekton-pipelines - labels: - app.kubernetes.io/instance: default - app.kubernetes.io/part-of: tekton-pipelines -rules: - # We uses leases for leaderelection - - apiGroups: ["coordination.k8s.io"] - resources: ["leases"] - verbs: ["get", "list", "create", "update", "delete", "patch", "watch"] ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: Role -metadata: - name: tekton-pipelines-info - namespace: tekton-pipelines - labels: - app.kubernetes.io/instance: default - app.kubernetes.io/part-of: tekton-pipelines -rules: - # All system:authenticated users needs to have access - # of the pipelines-info ConfigMap even if they don't - # have access to the other resources present in the - # installed namespace. - - apiGroups: [""] - resources: ["configmaps"] - resourceNames: ["pipelines-info"] - verbs: ["get"] - ---- -# Copyright 2019 The Tekton Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -apiVersion: v1 -kind: ServiceAccount -metadata: - name: tekton-pipelines-controller - namespace: tekton-pipelines - labels: - app.kubernetes.io/component: controller - app.kubernetes.io/instance: default - app.kubernetes.io/part-of: tekton-pipelines ---- -apiVersion: v1 -kind: ServiceAccount -metadata: - name: tekton-pipelines-webhook - namespace: tekton-pipelines - labels: - app.kubernetes.io/component: webhook - app.kubernetes.io/instance: default - app.kubernetes.io/part-of: tekton-pipelines ---- -apiVersion: v1 -kind: ServiceAccount -metadata: - name: tekton-events-controller - namespace: tekton-pipelines - labels: - app.kubernetes.io/component: events - app.kubernetes.io/instance: default - app.kubernetes.io/part-of: tekton-pipelines - ---- -# Copyright 2019 The Tekton Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRoleBinding -metadata: - name: tekton-pipelines-controller-cluster-access - labels: - app.kubernetes.io/component: controller - app.kubernetes.io/instance: default - app.kubernetes.io/part-of: tekton-pipelines -subjects: - - kind: ServiceAccount - name: tekton-pipelines-controller - namespace: tekton-pipelines -roleRef: - kind: ClusterRole - name: tekton-pipelines-controller-cluster-access - apiGroup: rbac.authorization.k8s.io ---- -# If this ClusterRoleBinding is replaced with a RoleBinding -# then the ClusterRole would be namespaced. The access described by -# the tekton-pipelines-controller-tenant-access ClusterRole would -# be scoped to individual tenant namespaces. -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRoleBinding -metadata: - name: tekton-pipelines-controller-tenant-access - labels: - app.kubernetes.io/component: controller - app.kubernetes.io/instance: default - app.kubernetes.io/part-of: tekton-pipelines -subjects: - - kind: ServiceAccount - name: tekton-pipelines-controller - namespace: tekton-pipelines -roleRef: - kind: ClusterRole - name: tekton-pipelines-controller-tenant-access - apiGroup: rbac.authorization.k8s.io ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRoleBinding -metadata: - name: tekton-pipelines-webhook-cluster-access - labels: - app.kubernetes.io/component: webhook - app.kubernetes.io/instance: default - app.kubernetes.io/part-of: tekton-pipelines -subjects: - - kind: ServiceAccount - name: tekton-pipelines-webhook - namespace: tekton-pipelines -roleRef: - kind: ClusterRole - name: tekton-pipelines-webhook-cluster-access - apiGroup: rbac.authorization.k8s.io ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRoleBinding -metadata: - name: tekton-events-controller-cluster-access - labels: - app.kubernetes.io/component: events - app.kubernetes.io/instance: default - app.kubernetes.io/part-of: tekton-pipelines -subjects: - - kind: ServiceAccount - name: tekton-events-controller - namespace: tekton-pipelines -roleRef: - kind: ClusterRole - name: tekton-events-controller-cluster-access - apiGroup: rbac.authorization.k8s.io - ---- -# Copyright 2020 The Tekton Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: rbac.authorization.k8s.io/v1 -kind: RoleBinding -metadata: - name: tekton-pipelines-controller - namespace: tekton-pipelines - labels: - app.kubernetes.io/component: controller - app.kubernetes.io/instance: default - app.kubernetes.io/part-of: tekton-pipelines -subjects: - - kind: ServiceAccount - name: tekton-pipelines-controller - namespace: tekton-pipelines -roleRef: - kind: Role - name: tekton-pipelines-controller - apiGroup: rbac.authorization.k8s.io ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: RoleBinding -metadata: - name: tekton-pipelines-webhook - namespace: tekton-pipelines - labels: - app.kubernetes.io/component: webhook - app.kubernetes.io/instance: default - app.kubernetes.io/part-of: tekton-pipelines -subjects: - - kind: ServiceAccount - name: tekton-pipelines-webhook - namespace: tekton-pipelines -roleRef: - kind: Role - name: tekton-pipelines-webhook - apiGroup: rbac.authorization.k8s.io ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: RoleBinding -metadata: - name: tekton-pipelines-controller-leaderelection - namespace: tekton-pipelines - labels: - app.kubernetes.io/component: controller - app.kubernetes.io/instance: default - app.kubernetes.io/part-of: tekton-pipelines -subjects: - - kind: ServiceAccount - name: tekton-pipelines-controller - namespace: tekton-pipelines -roleRef: - kind: Role - name: tekton-pipelines-leader-election - apiGroup: rbac.authorization.k8s.io ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: RoleBinding -metadata: - name: tekton-pipelines-webhook-leaderelection - namespace: tekton-pipelines - labels: - app.kubernetes.io/component: webhook - app.kubernetes.io/instance: default - app.kubernetes.io/part-of: tekton-pipelines -subjects: - - kind: ServiceAccount - name: tekton-pipelines-webhook - namespace: tekton-pipelines -roleRef: - kind: Role - name: tekton-pipelines-leader-election - apiGroup: rbac.authorization.k8s.io ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: RoleBinding -metadata: - name: tekton-pipelines-info - namespace: tekton-pipelines - labels: - app.kubernetes.io/instance: default - app.kubernetes.io/part-of: tekton-pipelines -subjects: - # Giving all system:authenticated users the access of the - # ConfigMap which contains version information. - - kind: Group - name: system:authenticated - apiGroup: rbac.authorization.k8s.io -roleRef: - apiGroup: rbac.authorization.k8s.io - kind: Role - name: tekton-pipelines-info ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: RoleBinding -metadata: - name: tekton-pipelines-events-controller - namespace: tekton-pipelines - labels: - app.kubernetes.io/component: events - app.kubernetes.io/instance: default - app.kubernetes.io/part-of: tekton-pipelines -subjects: - - kind: ServiceAccount - name: tekton-events-controller - namespace: tekton-pipelines -roleRef: - kind: Role - name: tekton-pipelines-events-controller - apiGroup: rbac.authorization.k8s.io ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: RoleBinding -metadata: - name: tekton-events-controller-leaderelection - namespace: tekton-pipelines - labels: - app.kubernetes.io/component: events - app.kubernetes.io/instance: default - app.kubernetes.io/part-of: tekton-pipelines -subjects: - - kind: ServiceAccount - name: tekton-events-controller - namespace: tekton-pipelines -roleRef: - kind: Role - name: tekton-pipelines-leader-election - apiGroup: rbac.authorization.k8s.io - ---- -# Copyright 2019 The Tekton Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - name: clustertasks.tekton.dev - labels: - app.kubernetes.io/instance: default - app.kubernetes.io/part-of: tekton-pipelines - pipeline.tekton.dev/release: "v0.53.3" - version: "v0.53.3" -spec: - group: tekton.dev - preserveUnknownFields: false - versions: - - name: v1beta1 - served: true - storage: true - schema: - openAPIV3Schema: - type: object - # One can use x-kubernetes-preserve-unknown-fields: true - # at the root of the schema (and inside any properties, additionalProperties) - # to get the traditional CRD behaviour that nothing is pruned, despite - # setting spec.preserveUnknownProperties: false. - # - # See https://kubernetes.io/blog/2019/06/20/crd-structural-schema/ - # See issue: https://github.com/knative/serving/issues/912 - x-kubernetes-preserve-unknown-fields: true - # Opt into the status subresource so metadata.generation - # starts to increment - subresources: - status: {} - names: - kind: ClusterTask - plural: clustertasks - singular: clustertask - categories: - - tekton - - tekton-pipelines - scope: Cluster - conversion: - strategy: Webhook - webhook: - conversionReviewVersions: ["v1beta1"] - clientConfig: - service: - name: tekton-pipelines-webhook - namespace: tekton-pipelines - ---- -# Copyright 2020 The Tekton Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - name: customruns.tekton.dev - labels: - app.kubernetes.io/instance: default - app.kubernetes.io/part-of: tekton-pipelines - pipeline.tekton.dev/release: "v0.53.3" - version: "v0.53.3" -spec: - group: tekton.dev - preserveUnknownFields: false - versions: - - name: v1beta1 - served: true - storage: true - schema: - openAPIV3Schema: - type: object - # One can use x-kubernetes-preserve-unknown-fields: true - # at the root of the schema (and inside any properties, additionalProperties) - # to get the traditional CRD behaviour that nothing is pruned, despite - # setting spec.preserveUnknownProperties: false. - # - # See https://kubernetes.io/blog/2019/06/20/crd-structural-schema/ - # See issue: https://github.com/knative/serving/issues/912 - x-kubernetes-preserve-unknown-fields: true - additionalPrinterColumns: - - name: Succeeded - type: string - jsonPath: ".status.conditions[?(@.type==\"Succeeded\")].status" - - name: Reason - type: string - jsonPath: ".status.conditions[?(@.type==\"Succeeded\")].reason" - - name: StartTime - type: date - jsonPath: .status.startTime - - name: CompletionTime - type: date - jsonPath: .status.completionTime - # Opt into the status subresource so metadata.generation - # starts to increment - subresources: - status: {} - names: - kind: CustomRun - plural: customruns - singular: customrun - categories: - - tekton - - tekton-pipelines - scope: Namespaced - ---- -# Copyright 2019 The Tekton Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - name: pipelines.tekton.dev - labels: - app.kubernetes.io/instance: default - app.kubernetes.io/part-of: tekton-pipelines - pipeline.tekton.dev/release: "v0.53.3" - version: "v0.53.3" -spec: - group: tekton.dev - preserveUnknownFields: false - versions: - - name: v1beta1 - served: true - storage: false - subresources: - status: {} - schema: - openAPIV3Schema: - type: object - # One can use x-kubernetes-preserve-unknown-fields: true - # at the root of the schema (and inside any properties, additionalProperties) - # to get the traditional CRD behaviour that nothing is pruned, despite - # setting spec.preserveUnknownProperties: false. - # - # See https://kubernetes.io/blog/2019/06/20/crd-structural-schema/ - # See issue: https://github.com/knative/serving/issues/912 - x-kubernetes-preserve-unknown-fields: true - - name: v1 - served: true - storage: true - schema: - openAPIV3Schema: - type: object - # OpenAPIV3 schema allows Kubernetes to perform validation on the schema fields - # and use the schema in tooling such as `kubectl explain`. - # Using "x-kubernetes-preserve-unknown-fields: true" - # at the root of the schema (or within it) allows arbitrary fields. - # We currently perform our own validation separately. - # See https://kubernetes.io/docs/tasks/extend-kubernetes/custom-resources/custom-resource-definitions/#specifying-a-structural-schema - # for more info. - x-kubernetes-preserve-unknown-fields: true - # Opt into the status subresource so metadata.generation - # starts to increment - subresources: - status: {} - names: - kind: Pipeline - plural: pipelines - singular: pipeline - categories: - - tekton - - tekton-pipelines - scope: Namespaced - conversion: - strategy: Webhook - webhook: - conversionReviewVersions: ["v1beta1", "v1"] - clientConfig: - service: - name: tekton-pipelines-webhook - namespace: tekton-pipelines - ---- -# Copyright 2019 The Tekton Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - name: pipelineruns.tekton.dev - labels: - app.kubernetes.io/instance: default - app.kubernetes.io/part-of: tekton-pipelines - pipeline.tekton.dev/release: "v0.53.3" - version: "v0.53.3" -spec: - group: tekton.dev - preserveUnknownFields: false - versions: - - name: v1beta1 - served: true - storage: false - schema: - openAPIV3Schema: - type: object - # One can use x-kubernetes-preserve-unknown-fields: true - # at the root of the schema (and inside any properties, additionalProperties) - # to get the traditional CRD behaviour that nothing is pruned, despite - # setting spec.preserveUnknownProperties: false. - # - # See https://kubernetes.io/blog/2019/06/20/crd-structural-schema/ - # See issue: https://github.com/knative/serving/issues/912 - x-kubernetes-preserve-unknown-fields: true - additionalPrinterColumns: - - name: Succeeded - type: string - jsonPath: ".status.conditions[?(@.type==\"Succeeded\")].status" - - name: Reason - type: string - jsonPath: ".status.conditions[?(@.type==\"Succeeded\")].reason" - - name: StartTime - type: date - jsonPath: .status.startTime - - name: CompletionTime - type: date - jsonPath: .status.completionTime - # Opt into the status subresource so metadata.generation - # starts to increment - subresources: - status: {} - - name: v1 - served: true - storage: true - schema: - openAPIV3Schema: - type: object - # One can use x-kubernetes-preserve-unknown-fields: true - # at the root of the schema (and inside any properties, additionalProperties) - # to get the traditional CRD behaviour that nothing is pruned, despite - # setting spec.preserveUnknownProperties: false. - # - # See https://kubernetes.io/blog/2019/06/20/crd-structural-schema/ - # See issue: https://github.com/knative/serving/issues/912 - x-kubernetes-preserve-unknown-fields: true - additionalPrinterColumns: - - name: Succeeded - type: string - jsonPath: ".status.conditions[?(@.type==\"Succeeded\")].status" - - name: Reason - type: string - jsonPath: ".status.conditions[?(@.type==\"Succeeded\")].reason" - - name: StartTime - type: date - jsonPath: .status.startTime - - name: CompletionTime - type: date - jsonPath: .status.completionTime - # Opt into the status subresource so metadata.generation - # starts to increment - subresources: - status: {} - names: - kind: PipelineRun - plural: pipelineruns - singular: pipelinerun - categories: - - tekton - - tekton-pipelines - shortNames: - - pr - - prs - scope: Namespaced - conversion: - strategy: Webhook - webhook: - conversionReviewVersions: ["v1beta1", "v1"] - clientConfig: - service: - name: tekton-pipelines-webhook - namespace: tekton-pipelines - ---- -# Copyright 2022 The Tekton Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - name: resolutionrequests.resolution.tekton.dev - labels: - resolution.tekton.dev/release: devel -spec: - group: resolution.tekton.dev - scope: Namespaced - names: - kind: ResolutionRequest - plural: resolutionrequests - singular: resolutionrequest - categories: - - tekton - - tekton-pipelines - shortNames: - - resolutionrequest - - resolutionrequests - versions: - - name: v1alpha1 - served: true - deprecated: true - storage: false - subresources: - status: {} - schema: - openAPIV3Schema: - type: object - # One can use x-kubernetes-preserve-unknown-fields: true - # at the root of the schema (and inside any properties, additionalProperties) - # to get the traditional CRD behaviour that nothing is pruned, despite - # setting spec.preserveUnknownProperties: false. - # - # See https://kubernetes.io/blog/2019/06/20/crd-structural-schema/ - # See issue: https://github.com/knative/serving/issues/912 - x-kubernetes-preserve-unknown-fields: true - additionalPrinterColumns: - - name: Succeeded - type: string - jsonPath: ".status.conditions[?(@.type=='Succeeded')].status" - - name: Reason - type: string - jsonPath: ".status.conditions[?(@.type=='Succeeded')].reason" - - name: v1beta1 - served: true - storage: true - subresources: - status: {} - schema: - openAPIV3Schema: - type: object - # One can use x-kubernetes-preserve-unknown-fields: true - # at the root of the schema (and inside any properties, additionalProperties) - # to get the traditional CRD behaviour that nothing is pruned, despite - # setting spec.preserveUnknownProperties: false. - # - # See https://kubernetes.io/blog/2019/06/20/crd-structural-schema/ - # See issue: https://github.com/knative/serving/issues/912 - x-kubernetes-preserve-unknown-fields: true - additionalPrinterColumns: - - name: OwnerKind - type: string - jsonPath: ".metadata.ownerReferences[0].kind" - - name: Owner - type: string - jsonPath: ".metadata.ownerReferences[0].name" - - name: Succeeded - type: string - jsonPath: ".status.conditions[?(@.type=='Succeeded')].status" - - name: Reason - type: string - jsonPath: ".status.conditions[?(@.type=='Succeeded')].reason" - - name: StartTime - type: string - jsonPath: .metadata.creationTimestamp - - name: EndTime - type: string - jsonPath: .status.conditions[?(@.type=='Succeeded')].lastTransitionTime - conversion: - strategy: Webhook - webhook: - conversionReviewVersions: ["v1alpha1", "v1beta1"] - clientConfig: - service: - name: tekton-pipelines-webhook - namespace: tekton-pipelines - ---- -# Copyright 2023 The Tekton Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - name: stepactions.tekton.dev - labels: - app.kubernetes.io/instance: default - app.kubernetes.io/part-of: tekton-pipelines - pipeline.tekton.dev/release: "v0.53.3" - version: "v0.53.3" -spec: - group: tekton.dev - preserveUnknownFields: false - versions: - - name: v1alpha1 - served: true - storage: true - schema: - openAPIV3Schema: - type: object - # One can use x-kubernetes-preserve-unknown-fields: true - # at the root of the schema (and inside any properties, additionalProperties) - # to get the traditional CRD behaviour that nothing is pruned, despite - # setting spec.preserveUnknownProperties: false. - # - # See https://kubernetes.io/blog/2019/06/20/crd-structural-schema/ - # See issue: https://github.com/knative/serving/issues/912 - x-kubernetes-preserve-unknown-fields: true - # Opt into the status subresource so metadata.generation - # starts to increment - subresources: - status: {} - names: - kind: StepAction - plural: stepactions - singular: stepaction - categories: - - tekton - - tekton-pipelines - scope: Namespaced - ---- -# Copyright 2019 The Tekton Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - name: tasks.tekton.dev - labels: - app.kubernetes.io/instance: default - app.kubernetes.io/part-of: tekton-pipelines - pipeline.tekton.dev/release: "v0.53.3" - version: "v0.53.3" -spec: - group: tekton.dev - preserveUnknownFields: false - versions: - - name: v1beta1 - served: true - storage: false - schema: - openAPIV3Schema: - type: object - # One can use x-kubernetes-preserve-unknown-fields: true - # at the root of the schema (and inside any properties, additionalProperties) - # to get the traditional CRD behaviour that nothing is pruned, despite - # setting spec.preserveUnknownProperties: false. - # - # See https://kubernetes.io/blog/2019/06/20/crd-structural-schema/ - # See issue: https://github.com/knative/serving/issues/912 - x-kubernetes-preserve-unknown-fields: true - # Opt into the status subresource so metadata.generation - # starts to increment - subresources: - status: {} - - name: v1 - served: true - storage: true - schema: - openAPIV3Schema: - type: object - # TODO(#1461): Add OpenAPIV3 schema - # OpenAPIV3 schema allows Kubernetes to perform validation on the schema fields - # and use the schema in tooling such as `kubectl explain`. - # Using "x-kubernetes-preserve-unknown-fields: true" - # at the root of the schema (or within it) allows arbitrary fields. - # We currently perform our own validation separately. - # See https://kubernetes.io/docs/tasks/extend-kubernetes/custom-resources/custom-resource-definitions/#specifying-a-structural-schema - # for more info. - x-kubernetes-preserve-unknown-fields: true - # Opt into the status subresource so metadata.generation - # starts to increment - subresources: - status: {} - names: - kind: Task - plural: tasks - singular: task - categories: - - tekton - - tekton-pipelines - scope: Namespaced - conversion: - strategy: Webhook - webhook: - conversionReviewVersions: ["v1beta1", "v1"] - clientConfig: - service: - name: tekton-pipelines-webhook - namespace: tekton-pipelines - ---- -# Copyright 2019 The Tekton Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - name: taskruns.tekton.dev - labels: - app.kubernetes.io/instance: default - app.kubernetes.io/part-of: tekton-pipelines - pipeline.tekton.dev/release: "v0.53.3" - version: "v0.53.3" -spec: - group: tekton.dev - preserveUnknownFields: false - versions: - - name: v1beta1 - served: true - storage: false - schema: - openAPIV3Schema: - type: object - # One can use x-kubernetes-preserve-unknown-fields: true - # at the root of the schema (and inside any properties, additionalProperties) - # to get the traditional CRD behaviour that nothing is pruned, despite - # setting spec.preserveUnknownProperties: false. - # - # See https://kubernetes.io/blog/2019/06/20/crd-structural-schema/ - # See issue: https://github.com/knative/serving/issues/912 - x-kubernetes-preserve-unknown-fields: true - additionalPrinterColumns: - - name: Succeeded - type: string - jsonPath: ".status.conditions[?(@.type==\"Succeeded\")].status" - - name: Reason - type: string - jsonPath: ".status.conditions[?(@.type==\"Succeeded\")].reason" - - name: StartTime - type: date - jsonPath: .status.startTime - - name: CompletionTime - type: date - jsonPath: .status.completionTime - # Opt into the status subresource so metadata.generation - # starts to increment - subresources: - status: {} - - name: v1 - served: true - storage: true - schema: - openAPIV3Schema: - type: object - # One can use x-kubernetes-preserve-unknown-fields: true - # at the root of the schema (and inside any properties, additionalProperties) - # to get the traditional CRD behaviour that nothing is pruned, despite - # setting spec.preserveUnknownProperties: false. - # - # See https://kubernetes.io/blog/2019/06/20/crd-structural-schema/ - # See issue: https://github.com/knative/serving/issues/912 - x-kubernetes-preserve-unknown-fields: true - additionalPrinterColumns: - - name: Succeeded - type: string - jsonPath: ".status.conditions[?(@.type==\"Succeeded\")].status" - - name: Reason - type: string - jsonPath: ".status.conditions[?(@.type==\"Succeeded\")].reason" - - name: StartTime - type: date - jsonPath: .status.startTime - - name: CompletionTime - type: date - jsonPath: .status.completionTime - # Opt into the status subresource so metadata.generation - # starts to increment - subresources: - status: {} - names: - kind: TaskRun - plural: taskruns - singular: taskrun - categories: - - tekton - - tekton-pipelines - shortNames: - - tr - - trs - scope: Namespaced - conversion: - strategy: Webhook - webhook: - conversionReviewVersions: ["v1beta1", "v1"] - clientConfig: - service: - name: tekton-pipelines-webhook - namespace: tekton-pipelines - ---- -# Copyright 2022 The Tekton Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - name: verificationpolicies.tekton.dev - labels: - app.kubernetes.io/instance: default - app.kubernetes.io/part-of: tekton-pipelines - pipeline.tekton.dev/release: "v0.53.3" - version: "v0.53.3" -spec: - group: tekton.dev - versions: - - name: v1alpha1 - served: true - storage: true - schema: - openAPIV3Schema: - type: object - # One can use x-kubernetes-preserve-unknown-fields: true - # at the root of the schema (and inside any properties, additionalProperties) - # to get the traditional CRD behaviour that nothing is pruned, despite - # setting spec.preserveUnknownProperties: false. - # - # See https://kubernetes.io/blog/2019/06/20/crd-structural-schema/ - # See issue: https://github.com/knative/serving/issues/912 - x-kubernetes-preserve-unknown-fields: true - names: - kind: VerificationPolicy - plural: verificationpolicies - singular: verificationpolicy - categories: - - tekton - - tekton-pipelines - scope: Namespaced - ---- -# Copyright 2020 The Tekton Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -kind: Secret -metadata: - name: webhook-certs - namespace: tekton-pipelines - labels: - app.kubernetes.io/component: webhook - app.kubernetes.io/instance: default - app.kubernetes.io/part-of: tekton-pipelines - pipeline.tekton.dev/release: "v0.53.3" -# The data is populated at install time. ---- -apiVersion: admissionregistration.k8s.io/v1 -kind: ValidatingWebhookConfiguration -metadata: - name: validation.webhook.pipeline.tekton.dev - labels: - app.kubernetes.io/component: webhook - app.kubernetes.io/instance: default - app.kubernetes.io/part-of: tekton-pipelines - pipeline.tekton.dev/release: "v0.53.3" -webhooks: - - admissionReviewVersions: ["v1"] - clientConfig: - service: - name: tekton-pipelines-webhook - namespace: tekton-pipelines - failurePolicy: Fail - sideEffects: None - name: validation.webhook.pipeline.tekton.dev ---- -apiVersion: admissionregistration.k8s.io/v1 -kind: MutatingWebhookConfiguration -metadata: - name: webhook.pipeline.tekton.dev - labels: - app.kubernetes.io/component: webhook - app.kubernetes.io/instance: default - app.kubernetes.io/part-of: tekton-pipelines - pipeline.tekton.dev/release: "v0.53.3" -webhooks: - - admissionReviewVersions: ["v1"] - clientConfig: - service: - name: tekton-pipelines-webhook - namespace: tekton-pipelines - failurePolicy: Fail - sideEffects: None - name: webhook.pipeline.tekton.dev ---- -apiVersion: admissionregistration.k8s.io/v1 -kind: ValidatingWebhookConfiguration -metadata: - name: config.webhook.pipeline.tekton.dev - labels: - app.kubernetes.io/component: webhook - app.kubernetes.io/instance: default - app.kubernetes.io/part-of: tekton-pipelines - pipeline.tekton.dev/release: "v0.53.3" -webhooks: - - admissionReviewVersions: ["v1"] - clientConfig: - service: - name: tekton-pipelines-webhook - namespace: tekton-pipelines - failurePolicy: Fail - sideEffects: None - name: config.webhook.pipeline.tekton.dev - objectSelector: - matchLabels: - app.kubernetes.io/part-of: tekton-pipelines - ---- -# Copyright 2019-2022 The Tekton Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRole -metadata: - name: tekton-aggregate-edit - labels: - app.kubernetes.io/instance: default - app.kubernetes.io/part-of: tekton-pipelines - rbac.authorization.k8s.io/aggregate-to-edit: "true" - rbac.authorization.k8s.io/aggregate-to-admin: "true" -rules: - - apiGroups: - - tekton.dev - resources: - - tasks - - taskruns - - pipelines - - pipelineruns - - runs - - customruns - - stepactions - verbs: - - create - - delete - - deletecollection - - get - - list - - patch - - update - - watch - ---- -# Copyright 2019-2022 The Tekton Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRole -metadata: - name: tekton-aggregate-view - labels: - app.kubernetes.io/instance: default - app.kubernetes.io/part-of: tekton-pipelines - rbac.authorization.k8s.io/aggregate-to-view: "true" -rules: - - apiGroups: - - tekton.dev - resources: - - tasks - - taskruns - - pipelines - - pipelineruns - - runs - - customruns - - stepactions - verbs: - - get - - list - - watch - ---- -# Copyright 2019 The Tekton Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -kind: ConfigMap -metadata: - name: config-defaults - namespace: tekton-pipelines - labels: - app.kubernetes.io/instance: default - app.kubernetes.io/part-of: tekton-pipelines -data: - _example: | - ################################ - # # - # EXAMPLE CONFIGURATION # - # # - ################################ - - # This block is not actually functional configuration, - # but serves to illustrate the available configuration - # options and document them in a way that is accessible - # to users that `kubectl edit` this config map. - # - # These sample configuration options may be copied out of - # this example block and unindented to be in the data block - # to actually change the configuration. - - # default-timeout-minutes contains the default number of - # minutes to use for TaskRun and PipelineRun, if none is specified. - default-timeout-minutes: "60" # 60 minutes - - # default-service-account contains the default service account name - # to use for TaskRun and PipelineRun, if none is specified. - default-service-account: "default" - - # default-managed-by-label-value contains the default value given to the - # "app.kubernetes.io/managed-by" label applied to all Pods created for - # TaskRuns. If a user's requested TaskRun specifies another value for this - # label, the user's request supercedes. - default-managed-by-label-value: "tekton-pipelines" - - # default-pod-template contains the default pod template to use for - # TaskRun and PipelineRun. If a pod template is specified on the - # PipelineRun, the default-pod-template is merged with that one. - # default-pod-template: - - # default-affinity-assistant-pod-template contains the default pod template - # to use for affinity assistant pods. If a pod template is specified on the - # PipelineRun, the default-affinity-assistant-pod-template is merged with - # that one. - # default-affinity-assistant-pod-template: - - # default-cloud-events-sink contains the default CloudEvents sink to be - # used for TaskRun and PipelineRun, when no sink is specified. - # Note that right now it is still not possible to set a PipelineRun or - # TaskRun specific sink, so the default is the only option available. - # If no sink is specified, no CloudEvent is generated - # default-cloud-events-sink: - - # default-task-run-workspace-binding contains the default workspace - # configuration provided for any Workspaces that a Task declares - # but that a TaskRun does not explicitly provide. - # default-task-run-workspace-binding: | - # emptyDir: {} - - # default-max-matrix-combinations-count contains the default maximum number - # of combinations from a Matrix, if none is specified. - default-max-matrix-combinations-count: "256" - - # default-forbidden-env contains comma seperated environment variables that cannot be - # overridden by podTemplate. - default-forbidden-env: - - # default-resolver-type contains the default resolver type to be used in the cluster, - # no default-resolver-type is specified by default - default-resolver-type: - ---- -# Copyright 2023 The Tekton Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -kind: ConfigMap -metadata: - name: config-events - namespace: tekton-pipelines - labels: - app.kubernetes.io/instance: default - app.kubernetes.io/part-of: tekton-pipelines -data: - _example: | - ################################ - # # - # EXAMPLE CONFIGURATION # - # # - ################################ - - # This block is not actually functional configuration, - # but serves to illustrate the available configuration - # options and document them in a way that is accessible - # to users that `kubectl edit` this config map. - # - # These sample configuration options may be copied out of - # this example block and unindented to be in the data block - # to actually change the configuration. - - # formats contains a comma seperated list of event formats to be used - # the only format supported today is "tektonv1". An empty string is not - # a valid configuration. To disable events, do not specify the sink. - formats: "tektonv1" - - # sink contains the event sink to be used for TaskRun, PipelineRun and - # CustomRun. If no sink is specified, no CloudEvent is generated. - # This setting supercedes the "default-cloud-events-sink" from the - # "config-defaults" config map - sink: "https://events.sink/cdevents" - ---- -# Copyright 2019 The Tekton Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -kind: ConfigMap -metadata: - name: feature-flags - namespace: tekton-pipelines - labels: - app.kubernetes.io/instance: default - app.kubernetes.io/part-of: tekton-pipelines -data: - # Setting this flag to "true" will prevent Tekton to create an - # Affinity Assistant for every TaskRun sharing a PVC workspace - # - # The default behaviour is for Tekton to create Affinity Assistants - # - # See more in the Affinity Assistant documentation - # https://github.com/tektoncd/pipeline/blob/main/docs/affinityassistants.md - # or https://github.com/tektoncd/pipeline/pull/2630 for more info. - # - # Note: This feature flag is deprecated and will be removed in release v0.60. Consider using `coschedule` feature flag to configure Affinity Assistant behavior. - disable-affinity-assistant: "false" - # Setting this flag will determine how PipelineRun Pods are scheduled with Affinity Assistant. - # Acceptable values are "workspaces" (default), "pipelineruns", "isolate-pipelinerun", or "disabled". - # - # Setting it to "workspaces" will schedule all the taskruns sharing the same PVC-based workspace in a pipelinerun to the same node. - # Setting it to "pipelineruns" will schedule all the taskruns in a pipelinerun to the same node. - # Setting it to "isolate-pipelinerun" will schedule all the taskruns in a pipelinerun to the same node, - # and only allows one pipelinerun to run on a node at a time. - # Setting it to "disabled" will not apply any coschedule policy. - # - # See more in the Affinity Assistant documentation - # https://github.com/tektoncd/pipeline/blob/main/docs/affinityassistants.md - coschedule: "workspaces" - # Setting this flag to "true" will prevent Tekton scanning attached - # service accounts and injecting any credentials it finds into your - # Steps. - # - # The default behaviour currently is for Tekton to search service - # accounts for secrets matching a specified format and automatically - # mount those into your Steps. - # - # Note: setting this to "true" will prevent PipelineResources from - # working. - # - # See https://github.com/tektoncd/pipeline/issues/2791 for more - # info. - disable-creds-init: "false" - # Setting this flag to "false" will stop Tekton from waiting for a - # TaskRun's sidecar containers to be running before starting the first - # step. This will allow Tasks to be run in environments that don't - # support the DownwardAPI volume type, but may lead to unintended - # behaviour if sidecars are used. - # - # See https://github.com/tektoncd/pipeline/issues/4937 for more info. - await-sidecar-readiness: "true" - # This option should be set to false when Pipelines is running in a - # cluster that does not use injected sidecars such as Istio. Setting - # it to false should decrease the time it takes for a TaskRun to start - # running. For clusters that use injected sidecars, setting this - # option to false can lead to unexpected behavior. - # - # See https://github.com/tektoncd/pipeline/issues/2080 for more info. - running-in-environment-with-injected-sidecars: "true" - # Setting this flag to "true" will require that any Git SSH Secret - # offered to Tekton must have known_hosts included. - # - # See https://github.com/tektoncd/pipeline/issues/2981 for more - # info. - require-git-ssh-secret-known-hosts: "false" - # Setting this flag to "true" enables the use of Tekton OCI bundle. - # This is an experimental feature and thus should still be considered - # an alpha feature. - enable-tekton-oci-bundles: "false" - # Setting this flag will determine which gated features are enabled. - # Acceptable values are "stable", "beta", or "alpha". - enable-api-fields: "beta" - # Setting this flag to "true" enables CloudEvents for CustomRuns and Runs, as long as a - # CloudEvents sink is configured in the config-defaults config map - send-cloudevents-for-runs: "false" - # This flag affects the behavior of taskruns and pipelineruns in cases where no VerificationPolicies match them. - # If it is set to "fail", TaskRuns and PipelineRuns will fail verification if no matching policies are found. - # If it is set to "warn", TaskRuns and PipelineRuns will run to completion if no matching policies are found, and an error will be logged. - # If it is set to "ignore", TaskRuns and PipelineRuns will run to completion if no matching policies are found, and no error will be logged. - trusted-resources-verification-no-match-policy: "ignore" - # Setting this flag to "true" enables populating the "provenance" field in TaskRun - # and PipelineRun status. This field contains metadata about resources used - # in the TaskRun/PipelineRun such as the source from where a remote Task/Pipeline - # definition was fetched. - enable-provenance-in-status: "true" - # Setting this flag will determine how Tekton pipelines will handle non-falsifiable provenance. - # If set to "spire", then SPIRE will be used to ensure non-falsifiable provenance. - # If set to "none", then Tekton will not have non-falsifiable provenance. - # This is an experimental feature and thus should still be considered an alpha feature. - enforce-nonfalsifiability: "none" - # Setting this flag will determine how Tekton pipelines will handle extracting results from the task. - # Acceptable values are "termination-message" or "sidecar-logs". - # "sidecar-logs" is an experimental feature and thus should still be considered - # an alpha feature. - results-from: "termination-message" - # Setting this flag will determine the upper limit of each task result - # This flag is optional and only associated with the previous flag, results-from - # When results-from is set to "sidecar-logs", this flag can be used to configure the upper limit of a task result - # max-result-size: "4096" - # Setting this flag to "true" will limit privileges for containers injected by Tekton into TaskRuns. - # This allows TaskRuns to run in namespaces with "restricted" pod security standards. - # Not all Kubernetes implementations support this option. - set-security-context: "false" - # Setting this flag to "true" will keep pod on cancellation - # allowing examination of the logs on the pods from cancelled taskruns - keep-pod-on-cancel: "false" - # Setting this flag to "true" will enable the CEL evaluation in WhenExpression - enable-cel-in-whenexpression: "false" - # Setting this flag to "true" will enable the use of StepActions in Steps - # This feature is in preview mode and not implemented yet. Please check #7259 for updates. - enable-step-actions: "false" - ---- -# Copyright 2021 The Tekton Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -kind: ConfigMap -metadata: - name: pipelines-info - namespace: tekton-pipelines - labels: - app.kubernetes.io/instance: default - app.kubernetes.io/part-of: tekton-pipelines -data: - # Contains pipelines version which can be queried by external - # tools such as CLI. Elevated permissions are already given to - # this ConfigMap such that even if we don't have access to - # other resources in the namespace we still can have access to - # this ConfigMap. - version: "v0.53.3" - ---- -# Copyright 2020 Tekton Authors LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -kind: ConfigMap -metadata: - name: config-leader-election-controller - namespace: tekton-pipelines - labels: - app.kubernetes.io/instance: default - app.kubernetes.io/part-of: tekton-pipelines -data: - _example: | - ################################ - # # - # EXAMPLE CONFIGURATION # - # # - ################################ - # This block is not actually functional configuration, - # but serves to illustrate the available configuration - # options and document them in a way that is accessible - # to users that `kubectl edit` this config map. - # - # These sample configuration options may be copied out of - # this example block and unindented to be in the data block - # to actually change the configuration. - # lease-duration is how long non-leaders will wait to try to acquire the - # lock; 15 seconds is the value used by core kubernetes controllers. - lease-duration: "60s" - # renew-deadline is how long a leader will try to renew the lease before - # giving up; 10 seconds is the value used by core kubernetes controllers. - renew-deadline: "40s" - # retry-period is how long the leader election client waits between tries of - # actions; 2 seconds is the value used by core kubernetes controllers. - retry-period: "10s" - # buckets is the number of buckets used to partition key space of each - # Reconciler. If this number is M and the replica number of the controller - # is N, the N replicas will compete for the M buckets. The owner of a - # bucket will take care of the reconciling for the keys partitioned into - # that bucket. - buckets: "1" - ---- -# Copyright 2023 Tekton Authors LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -kind: ConfigMap -metadata: - name: config-leader-election-events - namespace: tekton-pipelines - labels: - app.kubernetes.io/instance: default - app.kubernetes.io/part-of: tekton-pipelines -data: - _example: | - ################################ - # # - # EXAMPLE CONFIGURATION # - # # - ################################ - # This block is not actually functional configuration, - # but serves to illustrate the available configuration - # options and document them in a way that is accessible - # to users that `kubectl edit` this config map. - # - # These sample configuration options may be copied out of - # this example block and unindented to be in the data block - # to actually change the configuration. - # lease-duration is how long non-leaders will wait to try to acquire the - # lock; 15 seconds is the value used by core kubernetes controllers. - lease-duration: "60s" - # renew-deadline is how long a leader will try to renew the lease before - # giving up; 10 seconds is the value used by core kubernetes controllers. - renew-deadline: "40s" - # retry-period is how long the leader election client waits between tries of - # actions; 2 seconds is the value used by core kubernetes controllers. - retry-period: "10s" - # buckets is the number of buckets used to partition key space of each - # Reconciler. If this number is M and the replica number of the controller - # is N, the N replicas will compete for the M buckets. The owner of a - # bucket will take care of the reconciling for the keys partitioned into - # that bucket. - buckets: "1" - ---- -# Copyright 2023 Tekton Authors LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -kind: ConfigMap -metadata: - name: config-leader-election-webhook - namespace: tekton-pipelines - labels: - app.kubernetes.io/instance: default - app.kubernetes.io/part-of: tekton-pipelines -data: - _example: | - ################################ - # # - # EXAMPLE CONFIGURATION # - # # - ################################ - # This block is not actually functional configuration, - # but serves to illustrate the available configuration - # options and document them in a way that is accessible - # to users that `kubectl edit` this config map. - # - # These sample configuration options may be copied out of - # this example block and unindented to be in the data block - # to actually change the configuration. - # lease-duration is how long non-leaders will wait to try to acquire the - # lock; 15 seconds is the value used by core kubernetes controllers. - lease-duration: "60s" - # renew-deadline is how long a leader will try to renew the lease before - # giving up; 10 seconds is the value used by core kubernetes controllers. - renew-deadline: "40s" - # retry-period is how long the leader election client waits between tries of - # actions; 2 seconds is the value used by core kubernetes controllers. - retry-period: "10s" - # buckets is the number of buckets used to partition key space of each - # Reconciler. If this number is M and the replica number of the controller - # is N, the N replicas will compete for the M buckets. The owner of a - # bucket will take care of the reconciling for the keys partitioned into - # that bucket. - buckets: "1" - ---- -# Copyright 2019 Tekton Authors LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -kind: ConfigMap -metadata: - name: config-logging - namespace: tekton-pipelines - labels: - app.kubernetes.io/instance: default - app.kubernetes.io/part-of: tekton-pipelines -data: - zap-logger-config: | - { - "level": "info", - "development": false, - "sampling": { - "initial": 100, - "thereafter": 100 - }, - "outputPaths": ["stdout"], - "errorOutputPaths": ["stderr"], - "encoding": "json", - "encoderConfig": { - "timeKey": "timestamp", - "levelKey": "severity", - "nameKey": "logger", - "callerKey": "caller", - "messageKey": "message", - "stacktraceKey": "stacktrace", - "lineEnding": "", - "levelEncoder": "", - "timeEncoder": "iso8601", - "durationEncoder": "", - "callerEncoder": "" - } - } - # Log level overrides - loglevel.controller: "info" - loglevel.webhook: "info" - ---- -# Copyright 2019 The Tekton Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -kind: ConfigMap -metadata: - name: config-observability - namespace: tekton-pipelines - labels: - app.kubernetes.io/instance: default - app.kubernetes.io/part-of: tekton-pipelines -data: - _example: | - ################################ - # # - # EXAMPLE CONFIGURATION # - # # - ################################ - - # This block is not actually functional configuration, - # but serves to illustrate the available configuration - # options and document them in a way that is accessible - # to users that `kubectl edit` this config map. - # - # These sample configuration options may be copied out of - # this example block and unindented to be in the data block - # to actually change the configuration. - - # metrics.backend-destination field specifies the system metrics destination. - # It supports either prometheus (the default) or stackdriver. - # Note: Using Stackdriver will incur additional charges. - metrics.backend-destination: prometheus - - # metrics.stackdriver-project-id field specifies the Stackdriver project ID. This - # field is optional. When running on GCE, application default credentials will be - # used and metrics will be sent to the cluster's project if this field is - # not provided. - metrics.stackdriver-project-id: "" - - # metrics.allow-stackdriver-custom-metrics indicates whether it is allowed - # to send metrics to Stackdriver using "global" resource type and custom - # metric type. Setting this flag to "true" could cause extra Stackdriver - # charge. If metrics.backend-destination is not Stackdriver, this is - # ignored. - metrics.allow-stackdriver-custom-metrics: "false" - metrics.taskrun.level: "task" - metrics.taskrun.duration-type: "histogram" - metrics.pipelinerun.level: "pipeline" - metrics.pipelinerun.duration-type: "histogram" - metrics.count.enable-reason: "false" - ---- -# Copyright 2020 Tekton Authors LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -kind: ConfigMap -metadata: - name: config-registry-cert - namespace: tekton-pipelines - labels: - app.kubernetes.io/instance: default - app.kubernetes.io/part-of: tekton-pipelines -# data: -# # Registry's self-signed certificate -# cert: | - ---- -# Copyright 2022 The Tekton Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -kind: ConfigMap -metadata: - name: config-spire - namespace: tekton-pipelines - labels: - app.kubernetes.io/instance: default - app.kubernetes.io/part-of: tekton-pipelines -data: - _example: | - ################################ - # # - # EXAMPLE CONFIGURATION # - # # - ################################ - # This block is not actually functional configuration, - # but serves to illustrate the available configuration - # options and document them in a way that is accessible - # to users that `kubectl edit` this config map. - # - # These sample configuration options may be copied out of - # this example block and unindented to be in the data block - # to actually change the configuration. - # - # spire-trust-domain specifies the SPIRE trust domain to use. - # spire-trust-domain: "example.org" - # - # spire-socket-path specifies the SPIRE agent socket for SPIFFE workload API. - # spire-socket-path: "unix:///spiffe-workload-api/spire-agent.sock" - # - # spire-server-addr specifies the SPIRE server address for workload/node registration. - # spire-server-addr: "spire-server.spire.svc.cluster.local:8081" - # - # spire-node-alias-prefix specifies the SPIRE node alias prefix to use. - # spire-node-alias-prefix: "/tekton-node/" - ---- -# Copyright 2023 The Tekton Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -kind: ConfigMap -metadata: - name: config-tracing - namespace: tekton-pipelines - labels: - app.kubernetes.io/instance: default - app.kubernetes.io/part-of: tekton-pipelines -data: - _example: | - ################################ - # # - # EXAMPLE CONFIGURATION # - # # - ################################ - # This block is not actually functional configuration, - # but serves to illustrate the available configuration - # options and document them in a way that is accessible - # to users that `kubectl edit` this config map. - # - # These sample configuration options may be copied out of - # this example block and unindented to be in the data block - # to actually change the configuration. - # - # Enable sending traces to defined endpoint by setting this to true - enabled: "true" - # - # API endpoint to send the traces to - # (optional): The default value is given below - endpoint: "http://jaeger-collector.jaeger.svc.cluster.local:14268/api/traces" - ---- -# Copyright 2019 The Tekton Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: apps/v1 -kind: Deployment -metadata: - name: tekton-pipelines-controller - namespace: tekton-pipelines - labels: - app.kubernetes.io/name: controller - app.kubernetes.io/component: controller - app.kubernetes.io/instance: default - app.kubernetes.io/version: "v0.53.3" - app.kubernetes.io/part-of: tekton-pipelines - # tekton.dev/release value replaced with inputs.params.versionTag in pipeline/tekton/publish.yaml - pipeline.tekton.dev/release: "v0.53.3" - # labels below are related to istio and should not be used for resource lookup - version: "v0.53.3" -spec: - replicas: 1 - selector: - matchLabels: - app.kubernetes.io/name: controller - app.kubernetes.io/component: controller - app.kubernetes.io/instance: default - app.kubernetes.io/part-of: tekton-pipelines - template: - metadata: - labels: - app.kubernetes.io/name: controller - app.kubernetes.io/component: controller - app.kubernetes.io/instance: default - app.kubernetes.io/version: "v0.53.3" - app.kubernetes.io/part-of: tekton-pipelines - # tekton.dev/release value replaced with inputs.params.versionTag in pipeline/tekton/publish.yaml - pipeline.tekton.dev/release: "v0.53.3" - # labels below are related to istio and should not be used for resource lookup - app: tekton-pipelines-controller - version: "v0.53.3" - spec: - affinity: - nodeAffinity: - requiredDuringSchedulingIgnoredDuringExecution: - nodeSelectorTerms: - - matchExpressions: - - key: kubernetes.io/os - operator: NotIn - values: - - windows - serviceAccountName: tekton-pipelines-controller - containers: - - name: tekton-pipelines-controller - image: gcr.io/tekton-releases/github.com/tektoncd/pipeline/cmd/controller:v0.53.3@sha256:c1a11690127e45a40b9bb0604868672dd702b5ac84581d261166b826b0cafcf6 - args: [ - # These images are built on-demand by `ko resolve` and are replaced - # by image references by digest. - "-entrypoint-image", "gcr.io/tekton-releases/github.com/tektoncd/pipeline/cmd/entrypoint:v0.53.3@sha256:46ab99e2cfb183e3bd6350f8f4c520a63cb592e560a1b1ab1c5b78459f376b32", "-nop-image", "gcr.io/tekton-releases/github.com/tektoncd/pipeline/cmd/nop:v0.53.3@sha256:ef18a715c503c7edde4459aa507bf1b21fae1fc364cc39c097ab98231e573719", "-sidecarlogresults-image", "gcr.io/tekton-releases/github.com/tektoncd/pipeline/cmd/sidecarlogresults:v0.53.3@sha256:a3a9ddcc4a2ad43a4054c7c148896d8d5bdb1571f1dcca5b81e8e8ab714dccdd", "-workingdirinit-image", "gcr.io/tekton-releases/github.com/tektoncd/pipeline/cmd/workingdirinit:v0.53.3@sha256:672d501799bd857c7c4115fc2fec64112dd5beed76482c2b0ad597eeb1b75c17", - # The shell image must allow root in order to create directories and copy files to PVCs. - # cgr.dev/chainguard/busybox as of April 14 2022 - # image shall not contains tag, so it will be supported on a runtime like cri-o - "-shell-image", "cgr.dev/chainguard/busybox@sha256:19f02276bf8dbdd62f069b922f10c65262cc34b710eea26ff928129a736be791", - # for script mode to work with windows we need a powershell image - # pinning to nanoserver tag as of July 15 2021 - "-shell-image-win", "mcr.microsoft.com/powershell:nanoserver@sha256:b6d5ff841b78bdf2dfed7550000fd4f3437385b8fa686ec0f010be24777654d6"] - volumeMounts: - - name: config-logging - mountPath: /etc/config-logging - - name: config-registry-cert - mountPath: /etc/config-registry-cert - env: - - name: SYSTEM_NAMESPACE - valueFrom: - fieldRef: - fieldPath: metadata.namespace - # If you are changing these names, you will also need to update - # the controller's Role in 200-role.yaml to include the new - # values in the "configmaps" "get" rule. - - name: CONFIG_DEFAULTS_NAME - value: config-defaults - - name: CONFIG_LOGGING_NAME - value: config-logging - - name: CONFIG_OBSERVABILITY_NAME - value: config-observability - - name: CONFIG_FEATURE_FLAGS_NAME - value: feature-flags - - name: CONFIG_LEADERELECTION_NAME - value: config-leader-election-controller - - name: CONFIG_SPIRE - value: config-spire - - name: SSL_CERT_FILE - value: /etc/config-registry-cert/cert - - name: SSL_CERT_DIR - value: /etc/ssl/certs - - name: METRICS_DOMAIN - value: tekton.dev/pipeline - # The following variables can be uncommented with correct values to enable Jaeger tracing - #- name: OTEL_EXPORTER_JAEGER_ENDPOINT - # value: http://jaeger-collector.jaeger:14268/api/traces - #- name: OTEL_EXPORTER_JAEGER_USER - # value: username - #- name: OTEL_EXPORTER_JAEGER_PASSWORD - # value: password - securityContext: - allowPrivilegeEscalation: false - capabilities: - drop: - - "ALL" - # User 65532 is the nonroot user ID - runAsUser: 65532 - runAsGroup: 65532 - runAsNonRoot: true - seccompProfile: - type: RuntimeDefault - ports: - - name: metrics - containerPort: 9090 - - name: profiling - containerPort: 8008 - - name: probes - containerPort: 8080 - livenessProbe: - httpGet: - path: /health - port: probes - scheme: HTTP - initialDelaySeconds: 5 - periodSeconds: 10 - timeoutSeconds: 5 - readinessProbe: - httpGet: - path: /readiness - port: probes - scheme: HTTP - initialDelaySeconds: 5 - periodSeconds: 10 - timeoutSeconds: 5 - volumes: - - name: config-logging - configMap: - name: config-logging - - name: config-registry-cert - configMap: - name: config-registry-cert ---- -apiVersion: v1 -kind: Service -metadata: - labels: - app.kubernetes.io/name: controller - app.kubernetes.io/component: controller - app.kubernetes.io/instance: default - app.kubernetes.io/version: "v0.53.3" - app.kubernetes.io/part-of: tekton-pipelines - # tekton.dev/release value replaced with inputs.params.versionTag in pipeline/tekton/publish.yaml - pipeline.tekton.dev/release: "v0.53.3" - # labels below are related to istio and should not be used for resource lookup - app: tekton-pipelines-controller - version: "v0.53.3" - name: tekton-pipelines-controller - namespace: tekton-pipelines -spec: - ports: - - name: http-metrics - port: 9090 - protocol: TCP - targetPort: 9090 - - name: http-profiling - port: 8008 - targetPort: 8008 - - name: probes - port: 8080 - selector: - app.kubernetes.io/name: controller - app.kubernetes.io/component: controller - app.kubernetes.io/instance: default - app.kubernetes.io/part-of: tekton-pipelines - ---- -# Copyright 2023 The Tekton Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: apps/v1 -kind: Deployment -metadata: - name: tekton-events-controller - namespace: tekton-pipelines - labels: - app.kubernetes.io/name: events - app.kubernetes.io/component: events - app.kubernetes.io/instance: default - app.kubernetes.io/version: "v0.53.3" - app.kubernetes.io/part-of: tekton-pipelines - # tekton.dev/release value replaced with inputs.params.versionTag in pipeline/tekton/publish.yaml - pipeline.tekton.dev/release: "v0.53.3" - # labels below are related to istio and should not be used for resource lookup - version: "v0.53.3" -spec: - replicas: 1 - selector: - matchLabels: - app.kubernetes.io/name: events - app.kubernetes.io/component: events - app.kubernetes.io/instance: default - app.kubernetes.io/part-of: tekton-pipelines - template: - metadata: - labels: - app.kubernetes.io/name: events - app.kubernetes.io/component: events - app.kubernetes.io/instance: default - app.kubernetes.io/version: "v0.53.3" - app.kubernetes.io/part-of: tekton-pipelines - # tekton.dev/release value replaced with inputs.params.versionTag in pipeline/tekton/publish.yaml - pipeline.tekton.dev/release: "v0.53.3" - # labels below are related to istio and should not be used for resource lookup - app: tekton-events-controller - version: "v0.53.3" - spec: - affinity: - nodeAffinity: - requiredDuringSchedulingIgnoredDuringExecution: - nodeSelectorTerms: - - matchExpressions: - - key: kubernetes.io/os - operator: NotIn - values: - - windows - serviceAccountName: tekton-events-controller - containers: - - name: tekton-events-controller - image: gcr.io/tekton-releases/github.com/tektoncd/pipeline/cmd/events:v0.53.3@sha256:502030ad2793ebc9875227b862c715964aaec15bfa5a256973ed942802f1cbe9 - args: [] - volumeMounts: - - name: config-logging - mountPath: /etc/config-logging - - name: config-registry-cert - mountPath: /etc/config-registry-cert - env: - - name: SYSTEM_NAMESPACE - valueFrom: - fieldRef: - fieldPath: metadata.namespace - # If you are changing these names, you will also need to update - # the controller's Role in 200-role.yaml to include the new - # values in the "configmaps" "get" rule. - - name: CONFIG_DEFAULTS_NAME - value: config-defaults - - name: CONFIG_LOGGING_NAME - value: config-logging - - name: CONFIG_OBSERVABILITY_NAME - value: config-observability - - name: CONFIG_LEADERELECTION_NAME - value: config-leader-election-events - - name: SSL_CERT_FILE - value: /etc/config-registry-cert/cert - - name: SSL_CERT_DIR - value: /etc/ssl/certs - securityContext: - allowPrivilegeEscalation: false - capabilities: - drop: - - "ALL" - # User 65532 is the nonroot user ID - runAsUser: 65532 - runAsGroup: 65532 - runAsNonRoot: true - seccompProfile: - type: RuntimeDefault - ports: - - name: metrics - containerPort: 9090 - - name: profiling - containerPort: 8008 - - name: probes - containerPort: 8080 - livenessProbe: - httpGet: - path: /health - port: probes - scheme: HTTP - initialDelaySeconds: 5 - periodSeconds: 10 - timeoutSeconds: 5 - readinessProbe: - httpGet: - path: /readiness - port: probes - scheme: HTTP - initialDelaySeconds: 5 - periodSeconds: 10 - timeoutSeconds: 5 - volumes: - - name: config-logging - configMap: - name: config-logging - - name: config-registry-cert - configMap: - name: config-registry-cert ---- -apiVersion: v1 -kind: Service -metadata: - labels: - app.kubernetes.io/name: events - app.kubernetes.io/component: events - app.kubernetes.io/instance: default - app.kubernetes.io/version: "v0.53.3" - app.kubernetes.io/part-of: tekton-pipelines - # tekton.dev/release value replaced with inputs.params.versionTag in pipeline/tekton/publish.yaml - pipeline.tekton.dev/release: "v0.53.3" - # labels below are related to istio and should not be used for resource lookup - app: tekton-events-controller - version: "v0.53.3" - name: tekton-events-controller - namespace: tekton-pipelines -spec: - ports: - - name: http-metrics - port: 9090 - protocol: TCP - targetPort: 9090 - - name: http-profiling - port: 8008 - targetPort: 8008 - - name: probes - port: 8080 - selector: - app.kubernetes.io/name: events - app.kubernetes.io/component: events - app.kubernetes.io/instance: default - app.kubernetes.io/part-of: tekton-pipelines - ---- -# Copyright 2022 The Tekton Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -kind: Namespace -metadata: - name: tekton-pipelines-resolvers - labels: - app.kubernetes.io/component: resolvers - app.kubernetes.io/instance: default - app.kubernetes.io/part-of: tekton-pipelines - pod-security.kubernetes.io/enforce: restricted - ---- -# Copyright 2022 The Tekton Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -kind: ClusterRole -apiVersion: rbac.authorization.k8s.io/v1 -metadata: - # ClusterRole for resolvers to monitor and update resolutionrequests. - name: tekton-pipelines-resolvers-resolution-request-updates - labels: - app.kubernetes.io/component: resolvers - app.kubernetes.io/instance: default - app.kubernetes.io/part-of: tekton-pipelines -rules: - - apiGroups: ["resolution.tekton.dev"] - resources: ["resolutionrequests", "resolutionrequests/status"] - verbs: ["get", "list", "watch", "update", "patch"] - - apiGroups: ["tekton.dev"] - resources: ["tasks", "pipelines"] - verbs: ["get", "list"] - # Read-only access to these. - - apiGroups: [""] - resources: ["secrets"] - verbs: ["get", "list", "watch"] - ---- -# Copyright 2022 The Tekton Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -kind: Role -apiVersion: rbac.authorization.k8s.io/v1 -metadata: - name: tekton-pipelines-resolvers-namespace-rbac - namespace: tekton-pipelines-resolvers - labels: - app.kubernetes.io/component: resolvers - app.kubernetes.io/instance: default - app.kubernetes.io/part-of: tekton-pipelines -rules: - # Needed to watch and load configuration and secret data. - - apiGroups: [""] - resources: ["configmaps", "secrets"] - verbs: ["get", "list", "update", "watch"] - # This is needed by leader election to run the controller in HA. - - apiGroups: ["coordination.k8s.io"] - resources: ["leases"] - verbs: ["get", "list", "create", "update", "delete", "patch", "watch"] - ---- -# Copyright 2022 The Tekton Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -kind: ServiceAccount -metadata: - name: tekton-pipelines-resolvers - namespace: tekton-pipelines-resolvers - labels: - app.kubernetes.io/component: resolvers - app.kubernetes.io/instance: default - app.kubernetes.io/part-of: tekton-pipelines - ---- -# Copyright 2021 The Tekton Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRoleBinding -metadata: - name: tekton-pipelines-resolvers - labels: - app.kubernetes.io/component: resolvers - app.kubernetes.io/instance: default - app.kubernetes.io/part-of: tekton-pipelines -subjects: - - kind: ServiceAccount - name: tekton-pipelines-resolvers - namespace: tekton-pipelines-resolvers -roleRef: - kind: ClusterRole - name: tekton-pipelines-resolvers-resolution-request-updates - apiGroup: rbac.authorization.k8s.io - ---- -# Copyright 2021 The Tekton Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: rbac.authorization.k8s.io/v1 -kind: RoleBinding -metadata: - name: tekton-pipelines-resolvers-namespace-rbac - namespace: tekton-pipelines-resolvers - labels: - app.kubernetes.io/component: resolvers - app.kubernetes.io/instance: default - app.kubernetes.io/part-of: tekton-pipelines -subjects: - - kind: ServiceAccount - name: tekton-pipelines-resolvers - namespace: tekton-pipelines-resolvers -roleRef: - kind: Role - name: tekton-pipelines-resolvers-namespace-rbac - apiGroup: rbac.authorization.k8s.io - ---- -# Copyright 2022 The Tekton Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -kind: ConfigMap -metadata: - name: bundleresolver-config - namespace: tekton-pipelines-resolvers - labels: - app.kubernetes.io/component: resolvers - app.kubernetes.io/instance: default - app.kubernetes.io/part-of: tekton-pipelines -data: - # the default service account name to use for bundle requests. - default-service-account: "default" - # The default layer kind in the bundle image. - default-kind: "task" - ---- -# Copyright 2022 The Tekton Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -kind: ConfigMap -metadata: - name: cluster-resolver-config - namespace: tekton-pipelines-resolvers - labels: - app.kubernetes.io/component: resolvers - app.kubernetes.io/instance: default - app.kubernetes.io/part-of: tekton-pipelines -data: - # The default kind to fetch. - default-kind: "task" - # The default namespace to look for resources in. - default-namespace: "" - # An optional comma-separated list of namespaces which the resolver is allowed to access. Defaults to empty, meaning all namespaces are allowed. - allowed-namespaces: "" - # An optional comma-separated list of namespaces which the resolver is blocked from accessing. Defaults to empty, meaning all namespaces are allowed. - blocked-namespaces: "" - ---- -# Copyright 2019 The Tekton Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -kind: ConfigMap -metadata: - name: resolvers-feature-flags - namespace: tekton-pipelines-resolvers - labels: - app.kubernetes.io/component: resolvers - app.kubernetes.io/instance: default - app.kubernetes.io/part-of: tekton-pipelines -data: - # Setting this flag to "true" enables remote resolution of Tekton OCI bundles. - enable-bundles-resolver: "true" - # Setting this flag to "true" enables remote resolution of tasks and pipelines via the Tekton Hub. - enable-hub-resolver: "true" - # Setting this flag to "true" enables remote resolution of tasks and pipelines from Git repositories. - enable-git-resolver: "true" - # Setting this flag to "true" enables remote resolution of tasks and pipelines from other namespaces within the cluster. - enable-cluster-resolver: "true" - ---- -# Copyright 2020 Tekton Authors LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -kind: ConfigMap -metadata: - name: config-leader-election-resolvers - namespace: tekton-pipelines-resolvers - labels: - app.kubernetes.io/component: resolvers - app.kubernetes.io/instance: default - app.kubernetes.io/part-of: tekton-pipelines -data: - _example: | - ################################ - # # - # EXAMPLE CONFIGURATION # - # # - ################################ - # This block is not actually functional configuration, - # but serves to illustrate the available configuration - # options and document them in a way that is accessible - # to users that `kubectl edit` this config map. - # - # These sample configuration options may be copied out of - # this example block and unindented to be in the data block - # to actually change the configuration. - # lease-duration is how long non-leaders will wait to try to acquire the - # lock; 15 seconds is the value used by core kubernetes controllers. - lease-duration: "60s" - # renew-deadline is how long a leader will try to renew the lease before - # giving up; 10 seconds is the value used by core kubernetes controllers. - renew-deadline: "40s" - # retry-period is how long the leader election client waits between tries of - # actions; 2 seconds is the value used by core kubernetes controllers. - retry-period: "10s" - # buckets is the number of buckets used to partition key space of each - # Reconciler. If this number is M and the replica number of the controller - # is N, the N replicas will compete for the M buckets. The owner of a - # bucket will take care of the reconciling for the keys partitioned into - # that bucket. - buckets: "1" - ---- -# Copyright 2019 Tekton Authors LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -kind: ConfigMap -metadata: - name: config-logging - namespace: tekton-pipelines-resolvers - labels: - app.kubernetes.io/component: resolvers - app.kubernetes.io/instance: default - app.kubernetes.io/part-of: tekton-pipelines -data: - zap-logger-config: | - { - "level": "info", - "development": false, - "sampling": { - "initial": 100, - "thereafter": 100 - }, - "outputPaths": ["stdout"], - "errorOutputPaths": ["stderr"], - "encoding": "json", - "encoderConfig": { - "timeKey": "timestamp", - "levelKey": "severity", - "nameKey": "logger", - "callerKey": "caller", - "messageKey": "message", - "stacktraceKey": "stacktrace", - "lineEnding": "", - "levelEncoder": "", - "timeEncoder": "iso8601", - "durationEncoder": "", - "callerEncoder": "" - } - } - # Log level overrides - loglevel.controller: "info" - loglevel.webhook: "info" - ---- -# Copyright 2022 The Tekton Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -kind: ConfigMap -metadata: - name: config-observability - namespace: tekton-pipelines-resolvers - labels: - app.kubernetes.io/component: resolvers - app.kubernetes.io/instance: default - app.kubernetes.io/part-of: tekton-pipelines -data: - _example: | - ################################ - # # - # EXAMPLE CONFIGURATION # - # # - ################################ - - # This block is not actually functional configuration, - # but serves to illustrate the available configuration - # options and document them in a way that is accessible - # to users that `kubectl edit` this config map. - # - # These sample configuration options may be copied out of - # this example block and unindented to be in the data block - # to actually change the configuration. - - # metrics.backend-destination field specifies the system metrics destination. - # It supports either prometheus (the default) or stackdriver. - # Note: Using stackdriver will incur additional charges - metrics.backend-destination: prometheus - - # metrics.request-metrics-backend-destination specifies the request metrics - # destination. If non-empty, it enables queue proxy to send request metrics. - # Currently supported values: prometheus, stackdriver. - metrics.request-metrics-backend-destination: prometheus - - # metrics.stackdriver-project-id field specifies the stackdriver project ID. This - # field is optional. When running on GCE, application default credentials will be - # used if this field is not provided. - metrics.stackdriver-project-id: "" - - # metrics.allow-stackdriver-custom-metrics indicates whether it is allowed to send metrics to - # Stackdriver using "global" resource type and custom metric type if the - # metrics are not supported by "knative_revision" resource type. Setting this - # flag to "true" could cause extra Stackdriver charge. - # If metrics.backend-destination is not Stackdriver, this is ignored. - metrics.allow-stackdriver-custom-metrics: "false" - ---- -# Copyright 2022 The Tekton Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -kind: ConfigMap -metadata: - name: git-resolver-config - namespace: tekton-pipelines-resolvers - labels: - app.kubernetes.io/component: resolvers - app.kubernetes.io/instance: default - app.kubernetes.io/part-of: tekton-pipelines -data: - # The maximum amount of time a single anonymous cloning resolution may take. - fetch-timeout: "1m" - # The git url to fetch the remote resource from when using anonymous cloning. - default-url: "https://github.com/tektoncd/catalog.git" - # The git revision to fetch the remote resource from with either anonymous cloning or the authenticated API. - default-revision: "main" - # The SCM type to use with the authenticated API. Can be github, gitlab, gitea, bitbucketserver, bitbucketcloud - scm-type: "github" - # The SCM server URL to use with the authenticated API. Not needed when using github.com, gitlab.com, or BitBucket Cloud - server-url: "" - # The Kubernetes secret containing the API token for the SCM provider. Required when using the authenticated API. - api-token-secret-name: "" - # The key in the API token secret containing the actual token. Required when using the authenticated API. - api-token-secret-key: "" - # The namespace containing the API token secret. Defaults to "default". - api-token-secret-namespace: "default" - # The default organization to look for repositories under when using the authenticated API, - # if not specified in the resolver parameters. Optional. - default-org: "" - ---- -# Copyright 2022 The Tekton Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -kind: ConfigMap -metadata: - name: hubresolver-config - namespace: tekton-pipelines-resolvers - labels: - app.kubernetes.io/component: resolvers - app.kubernetes.io/instance: default - app.kubernetes.io/part-of: tekton-pipelines -data: - # the default Tekton Hub catalog from where to pull the resource. - default-tekton-hub-catalog: "Tekton" - # the default Artifact Hub Task catalog from where to pull the resource. - default-artifact-hub-task-catalog: "tekton-catalog-tasks" - # the default Artifact Hub Pipeline catalog from where to pull the resource. - default-artifact-hub-pipeline-catalog: "tekton-catalog-pipelines" - # the default layer kind in the hub image. - default-kind: "task" - # the default hub source to pull the resource from. - default-type: "artifact" - ---- -# Copyright 2022 The Tekton Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -apiVersion: apps/v1 -kind: Deployment -metadata: - name: tekton-pipelines-remote-resolvers - namespace: tekton-pipelines-resolvers - labels: - app.kubernetes.io/name: resolvers - app.kubernetes.io/component: resolvers - app.kubernetes.io/instance: default - app.kubernetes.io/version: "v0.53.3" - app.kubernetes.io/part-of: tekton-pipelines - # tekton.dev/release value replaced with inputs.params.versionTag in pipeline/tekton/publish.yaml - pipeline.tekton.dev/release: "v0.53.3" - # labels below are related to istio and should not be used for resource lookup - version: "v0.53.3" -spec: - replicas: 1 - selector: - matchLabels: - app.kubernetes.io/name: resolvers - app.kubernetes.io/component: resolvers - app.kubernetes.io/instance: default - app.kubernetes.io/part-of: tekton-pipelines - template: - metadata: - labels: - app.kubernetes.io/name: resolvers - app.kubernetes.io/component: resolvers - app.kubernetes.io/instance: default - app.kubernetes.io/version: "v0.53.3" - app.kubernetes.io/part-of: tekton-pipelines - # tekton.dev/release value replaced with inputs.params.versionTag in pipeline/tekton/publish.yaml - pipeline.tekton.dev/release: "v0.53.3" - # labels below are related to istio and should not be used for resource lookup - app: tekton-pipelines-resolvers - version: "v0.53.3" - spec: - affinity: - podAntiAffinity: - preferredDuringSchedulingIgnoredDuringExecution: - - podAffinityTerm: - labelSelector: - matchLabels: - app.kubernetes.io/name: resolvers - app.kubernetes.io/component: resolvers - app.kubernetes.io/instance: default - app.kubernetes.io/part-of: tekton-pipelines - topologyKey: kubernetes.io/hostname - weight: 100 - serviceAccountName: tekton-pipelines-resolvers - containers: - - name: controller - image: gcr.io/tekton-releases/github.com/tektoncd/pipeline/cmd/resolvers:v0.53.3@sha256:832bf7cc383f1e3778545f886fde54d59514fea7a6194c323a491491df64cb86 - resources: - requests: - cpu: 100m - memory: 100Mi - limits: - cpu: 1000m - memory: 4Gi - ports: - - name: metrics - containerPort: 9090 - - name: profiling - containerPort: 8008 - # This must match the value of the environment variable PROBES_PORT. - - name: probes - containerPort: 8080 - env: - - name: SYSTEM_NAMESPACE - valueFrom: - fieldRef: - fieldPath: metadata.namespace - # If you are changing these names, you will also need to update - # the controller's Role in 200-role.yaml to include the new - # values in the "configmaps" "get" rule. - - name: CONFIG_LOGGING_NAME - value: config-logging - - name: CONFIG_OBSERVABILITY_NAME - value: config-observability - - name: CONFIG_FEATURE_FLAGS_NAME - value: feature-flags - - name: CONFIG_LEADERELECTION_NAME - value: config-leader-election-resolvers - - name: METRICS_DOMAIN - value: tekton.dev/resolution - - name: PROBES_PORT - value: "8080" - # Override this env var to set a private hub api endpoint - - name: ARTIFACT_HUB_API - value: "https://artifacthub.io/" - - name: TEKTON_HUB_API - value: "https://api.hub.tekton.dev/" - securityContext: - allowPrivilegeEscalation: false - readOnlyRootFilesystem: true - runAsNonRoot: true - capabilities: - drop: - - "ALL" - seccompProfile: - type: RuntimeDefault - ---- -# Copyright 2023 The Tekton Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -apiVersion: v1 -kind: Service -metadata: - labels: - app.kubernetes.io/name: resolvers - app.kubernetes.io/component: resolvers - app.kubernetes.io/instance: default - app.kubernetes.io/version: "v0.53.3" - app.kubernetes.io/part-of: tekton-pipelines - # tekton.dev/release value replaced with inputs.params.versionTag in pipeline/tekton/publish.yaml - pipeline.tekton.dev/release: "v0.53.3" - # labels below are related to istio and should not be used for resource lookup - app: tekton-pipelines-remote-resolvers - version: "v0.53.3" - name: tekton-pipelines-remote-resolvers - namespace: tekton-pipelines-resolvers -spec: - ports: - - name: http-metrics - port: 9090 - protocol: TCP - targetPort: 9090 - - name: http-profiling - port: 8008 - targetPort: 8008 - - name: probes - port: 8080 - selector: - app.kubernetes.io/name: resolvers - app.kubernetes.io/component: resolvers - app.kubernetes.io/instance: default - app.kubernetes.io/part-of: tekton-pipelines - ---- -# Copyright 2020 The Tekton Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: autoscaling/v2 -kind: HorizontalPodAutoscaler -metadata: - name: tekton-pipelines-webhook - namespace: tekton-pipelines - labels: - app.kubernetes.io/name: webhook - app.kubernetes.io/component: webhook - app.kubernetes.io/instance: default - app.kubernetes.io/version: "v0.53.3" - app.kubernetes.io/part-of: tekton-pipelines - # tekton.dev/release value replaced with inputs.params.versionTag in pipeline/tekton/publish.yaml - pipeline.tekton.dev/release: "v0.53.3" - # labels below are related to istio and should not be used for resource lookup - version: "v0.53.3" -spec: - minReplicas: 1 - maxReplicas: 5 - scaleTargetRef: - apiVersion: apps/v1 - kind: Deployment - name: tekton-pipelines-webhook - metrics: - - type: Resource - resource: - name: cpu - target: - type: Utilization - averageUtilization: 100 - ---- -# Copyright 2020 The Tekton Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: apps/v1 -kind: Deployment -metadata: - # Note: the Deployment name must be the same as the Service name specified in - # config/400-webhook-service.yaml. If you change this name, you must also - # change the value of WEBHOOK_SERVICE_NAME below. - name: tekton-pipelines-webhook - namespace: tekton-pipelines - labels: - app.kubernetes.io/name: webhook - app.kubernetes.io/component: webhook - app.kubernetes.io/instance: default - app.kubernetes.io/version: "v0.53.3" - app.kubernetes.io/part-of: tekton-pipelines - # tekton.dev/release value replaced with inputs.params.versionTag in pipeline/tekton/publish.yaml - pipeline.tekton.dev/release: "v0.53.3" - # labels below are related to istio and should not be used for resource lookup - version: "v0.53.3" -spec: - selector: - matchLabels: - app.kubernetes.io/name: webhook - app.kubernetes.io/component: webhook - app.kubernetes.io/instance: default - app.kubernetes.io/part-of: tekton-pipelines - template: - metadata: - labels: - app.kubernetes.io/name: webhook - app.kubernetes.io/component: webhook - app.kubernetes.io/instance: default - app.kubernetes.io/version: "v0.53.3" - app.kubernetes.io/part-of: tekton-pipelines - # tekton.dev/release value replaced with inputs.params.versionTag in pipeline/tekton/publish.yaml - pipeline.tekton.dev/release: "v0.53.3" - # labels below are related to istio and should not be used for resource lookup - app: tekton-pipelines-webhook - version: "v0.53.3" - spec: - affinity: - nodeAffinity: - requiredDuringSchedulingIgnoredDuringExecution: - nodeSelectorTerms: - - matchExpressions: - - key: kubernetes.io/os - operator: NotIn - values: - - windows - podAntiAffinity: - preferredDuringSchedulingIgnoredDuringExecution: - - podAffinityTerm: - labelSelector: - matchLabels: - app.kubernetes.io/name: webhook - app.kubernetes.io/component: webhook - app.kubernetes.io/instance: default - app.kubernetes.io/part-of: tekton-pipelines - topologyKey: kubernetes.io/hostname - weight: 100 - serviceAccountName: tekton-pipelines-webhook - containers: - - name: webhook - # This is the Go import path for the binary that is containerized - # and substituted here. - image: gcr.io/tekton-releases/github.com/tektoncd/pipeline/cmd/webhook:v0.53.3@sha256:85597a64b3f75900807d1fa8621bceae05f73cf9d095d83b9e00f04aa218f100 - # Resource request required for autoscaler to take any action for a metric - resources: - requests: - cpu: 100m - memory: 100Mi - limits: - cpu: 500m - memory: 500Mi - env: - - name: SYSTEM_NAMESPACE - valueFrom: - fieldRef: - fieldPath: metadata.namespace - # If you are changing these names, you will also need to update - # the webhook's Role in 200-role.yaml to include the new - # values in the "configmaps" "get" rule. - - name: CONFIG_LOGGING_NAME - value: config-logging - - name: CONFIG_OBSERVABILITY_NAME - value: config-observability - - name: CONFIG_LEADERELECTION_NAME - value: config-leader-election-webhook - - name: CONFIG_FEATURE_FLAGS_NAME - value: feature-flags - # If you change PROBES_PORT, you will also need to change the - # containerPort "probes" to the same value. - - name: PROBES_PORT - value: "8080" - # If you change WEBHOOK_PORT, you will also need to change the - # containerPort "https-webhook" to the same value. - - name: WEBHOOK_PORT - value: "8443" - # if you change WEBHOOK_ADMISSION_CONTROLLER_NAME, you will also need to update - # the webhooks.name in 500-webhooks.yaml to include the new names of admission webhooks. - # Additionally, you will also need to change the resource names (metadata.name) of - # "MutatingWebhookConfiguration" and "ValidatingWebhookConfiguration" in 500-webhooks.yaml - # to reflect the change in the name of the admission webhook. - # Followed by changing the webhook's Role in 200-clusterrole.yaml to update the "resourceNames" of - # "mutatingwebhookconfigurations" and "validatingwebhookconfigurations" resources. - - name: WEBHOOK_ADMISSION_CONTROLLER_NAME - value: webhook.pipeline.tekton.dev - - name: WEBHOOK_SERVICE_NAME - value: tekton-pipelines-webhook - - name: WEBHOOK_SECRET_NAME - value: webhook-certs - - name: METRICS_DOMAIN - value: tekton.dev/pipeline - securityContext: - allowPrivilegeEscalation: false - capabilities: - drop: - - "ALL" - # User 65532 is the distroless nonroot user ID - runAsUser: 65532 - runAsGroup: 65532 - runAsNonRoot: true - seccompProfile: - type: RuntimeDefault - ports: - - name: metrics - containerPort: 9090 - - name: profiling - containerPort: 8008 - # This must match the value of the environment variable WEBHOOK_PORT. - - name: https-webhook - containerPort: 8443 - # This must match the value of the environment variable PROBES_PORT. - - name: probes - containerPort: 8080 - livenessProbe: - httpGet: - path: /health - port: probes - scheme: HTTP - initialDelaySeconds: 5 - periodSeconds: 10 - timeoutSeconds: 5 - readinessProbe: - httpGet: - path: /readiness - port: probes - scheme: HTTP - initialDelaySeconds: 5 - periodSeconds: 10 - timeoutSeconds: 5 ---- -apiVersion: v1 -kind: Service -metadata: - labels: - app.kubernetes.io/name: webhook - app.kubernetes.io/component: webhook - app.kubernetes.io/instance: default - app.kubernetes.io/version: "v0.53.3" - app.kubernetes.io/part-of: tekton-pipelines - # tekton.dev/release value replaced with inputs.params.versionTag in pipeline/tekton/publish.yaml - pipeline.tekton.dev/release: "v0.53.3" - # labels below are related to istio and should not be used for resource lookup - app: tekton-pipelines-webhook - version: "v0.53.3" - name: tekton-pipelines-webhook - namespace: tekton-pipelines -spec: - ports: - # Define metrics and profiling for them to be accessible within service meshes. - - name: http-metrics - port: 9090 - targetPort: metrics - - name: http-profiling - port: 8008 - targetPort: profiling - - name: https-webhook - port: 443 - targetPort: https-webhook - - name: probes - port: 8080 - targetPort: probes - selector: - app.kubernetes.io/name: webhook - app.kubernetes.io/component: webhook - app.kubernetes.io/instance: default - app.kubernetes.io/part-of: tekton-pipelines - ---- diff --git a/vm/ansible/playbooks/roles/k8s-master/files/tekton/projects/pipelines/deploy-mix.yml b/vm/ansible/playbooks/roles/k8s-master/files/tekton/projects/pipelines/deploy-mix.yml deleted file mode 100644 index fc5ce123..00000000 --- a/vm/ansible/playbooks/roles/k8s-master/files/tekton/projects/pipelines/deploy-mix.yml +++ /dev/null @@ -1,55 +0,0 @@ -apiVersion: tekton.dev/v1beta1 -kind: Pipeline -metadata: - name: deploy-mix -spec: - params: - - name: repo-url - type: string - - name: mix-module - type: string - - name: build-output-path - type: string - workspaces: - - name: ssh-creds - - name: shared-data - tasks: - - name: fetch-source - taskRef: - name: git-clone - workspaces: - - name: output - workspace: shared-data - params: - - name: url - value: $(params.repo-url) - - name: build-mix - runAfter: [ "fetch-source" ] - taskRef: - name: build-mix - workspaces: - - name: source - workspace: shared-data - params: - - name: mix-module - value: $(params.mix-module) - - name: deploy-mix - runAfter: [ "build-mix" ] - taskRef: - name: rsync - params: - - name: direction - value: "local-to-remote" - - name: local-path - value: "./$(params.build-output-path)" - - name: remote-ip - value: "proxy.alomerry.com" - - name: remote-username - value: "root" - - name: remote-path - value: "/root/apps/nginx/site/$(params.mix-module).alomerry.com/" - workspaces: - - name: source - workspace: shared-data - - name: ssh-directory - workspace: ssh-creds \ No newline at end of file diff --git a/vm/ansible/playbooks/roles/k8s-master/files/tekton/projects/tasks/build-mix.yml b/vm/ansible/playbooks/roles/k8s-master/files/tekton/projects/tasks/build-mix.yml deleted file mode 100644 index d2aabc99..00000000 --- a/vm/ansible/playbooks/roles/k8s-master/files/tekton/projects/tasks/build-mix.yml +++ /dev/null @@ -1,24 +0,0 @@ -apiVersion: tekton.dev/v1beta1 -kind: Task -metadata: - name: build-mix -spec: - description: build frontend project. - workspaces: - - name: source - params: - - name: mix-module - type: string - steps: - - name: build - image: registry.cn-hangzhou.aliyuncs.com/alomerry/base-frontend:v20.5.1 - env: - - name: MIX_MODULE - value: $(params.mix-module) - script: | - #!/bin/sh - cd $(workspaces.source.path)/${MIX_MODULE} - npm config set registry https://registry.npmmirror.com - npm config get registry - pnpm install && pnpm build - timeout: 180s \ No newline at end of file diff --git a/vm/ansible/playbooks/roles/k8s-master/files/tekton/projects/tasks/git-clone.yml b/vm/ansible/playbooks/roles/k8s-master/files/tekton/projects/tasks/git-clone.yml deleted file mode 100644 index 050b1358..00000000 --- a/vm/ansible/playbooks/roles/k8s-master/files/tekton/projects/tasks/git-clone.yml +++ /dev/null @@ -1,242 +0,0 @@ -apiVersion: tekton.dev/v1beta1 -kind: Task -metadata: - name: git-clone - labels: - app.kubernetes.io/version: "0.9" - annotations: - tekton.dev/pipelines.minVersion: "0.38.0" - tekton.dev/categories: Git - tekton.dev/tags: git - tekton.dev/displayName: "git clone" - tekton.dev/platforms: "linux/amd64,linux/s390x,linux/ppc64le,linux/arm64" -spec: - description: >- - These Tasks are Git tasks to work with repositories used by other tasks - in your Pipeline. - - The git-clone Task will clone a repo from the provided url into the - output Workspace. By default the repo will be cloned into the root of - your Workspace. You can clone into a subdirectory by setting this Task's - subdirectory param. This Task also supports sparse checkouts. To perform - a sparse checkout, pass a list of comma separated directory patterns to - this Task's sparseCheckoutDirectories param. - workspaces: - - name: output - description: The git repo will be cloned onto the volume backing this Workspace. - - name: ssh-directory - optional: true - description: | - A .ssh directory with private key, known_hosts, config, etc. Copied to - the user's home before git commands are executed. Used to authenticate - with the git remote when performing the clone. Binding a Secret to this - Workspace is strongly recommended over other volume types. - - name: basic-auth - optional: true - description: | - A Workspace containing a .gitconfig and .git-credentials file. These - will be copied to the user's home before any git commands are run. Any - other files in this Workspace are ignored. It is strongly recommended - to use ssh-directory over basic-auth whenever possible and to bind a - Secret to this Workspace over other volume types. - - name: ssl-ca-directory - optional: true - description: | - A workspace containing CA certificates, this will be used by Git to - verify the peer with when fetching or pushing over HTTPS. - params: - - name: url - description: Repository URL to clone from. - type: string - - name: revision - description: Revision to checkout. (branch, tag, sha, ref, etc...) - type: string - default: "" - - name: refspec - description: Refspec to fetch before checking out revision. - default: "" - - name: submodules - description: Initialize and fetch git submodules. - type: string - default: "true" - - name: depth - description: Perform a shallow clone, fetching only the most recent N commits. - type: string - default: "1" - - name: sslVerify - description: Set the `http.sslVerify` global git config. Setting this to `false` is not advised unless you are sure that you trust your git remote. - type: string - default: "true" - - name: crtFileName - description: file name of mounted crt using ssl-ca-directory workspace. default value is ca-bundle.crt. - type: string - default: "ca-bundle.crt" - - name: subdirectory - description: Subdirectory inside the `output` Workspace to clone the repo into. - type: string - default: "" - - name: sparseCheckoutDirectories - description: Define the directory patterns to match or exclude when performing a sparse checkout. - type: string - default: "" - - name: deleteExisting - description: Clean out the contents of the destination directory if it already exists before cloning. - type: string - default: "true" - - name: httpProxy - description: HTTP proxy server for non-SSL requests. - type: string - default: "" - - name: httpsProxy - description: HTTPS proxy server for SSL requests. - type: string - default: "" - - name: noProxy - description: Opt out of proxying HTTP/HTTPS requests. - type: string - default: "" - - name: verbose - description: Log the commands that are executed during `git-clone`'s operation. - type: string - default: "true" - - name: gitInitImage - description: The image providing the git-init binary that this Task runs. - type: string - default: "gcr.io/tekton-releases/github.com/tektoncd/pipeline/cmd/git-init:v0.40.2" - - name: userHome - description: | - Absolute path to the user's home directory. - type: string - default: "/home/git" - results: - - name: commit - description: The precise commit SHA that was fetched by this Task. - - name: url - description: The precise URL that was fetched by this Task. - - name: committer-date - description: The epoch timestamp of the commit that was fetched by this Task. - steps: - - name: clone - image: "$(params.gitInitImage)" - env: - - name: HOME - value: "$(params.userHome)" - - name: PARAM_URL - value: $(params.url) - - name: PARAM_REVISION - value: $(params.revision) - - name: PARAM_REFSPEC - value: $(params.refspec) - - name: PARAM_SUBMODULES - value: $(params.submodules) - - name: PARAM_DEPTH - value: $(params.depth) - - name: PARAM_SSL_VERIFY - value: $(params.sslVerify) - - name: PARAM_CRT_FILENAME - value: $(params.crtFileName) - - name: PARAM_SUBDIRECTORY - value: $(params.subdirectory) - - name: PARAM_DELETE_EXISTING - value: $(params.deleteExisting) - - name: PARAM_HTTP_PROXY - value: $(params.httpProxy) - - name: PARAM_HTTPS_PROXY - value: $(params.httpsProxy) - - name: PARAM_NO_PROXY - value: $(params.noProxy) - - name: PARAM_VERBOSE - value: $(params.verbose) - - name: PARAM_SPARSE_CHECKOUT_DIRECTORIES - value: $(params.sparseCheckoutDirectories) - - name: PARAM_USER_HOME - value: $(params.userHome) - - name: WORKSPACE_OUTPUT_PATH - value: $(workspaces.output.path) - - name: WORKSPACE_SSH_DIRECTORY_BOUND - value: $(workspaces.ssh-directory.bound) - - name: WORKSPACE_SSH_DIRECTORY_PATH - value: $(workspaces.ssh-directory.path) - - name: WORKSPACE_BASIC_AUTH_DIRECTORY_BOUND - value: $(workspaces.basic-auth.bound) - - name: WORKSPACE_BASIC_AUTH_DIRECTORY_PATH - value: $(workspaces.basic-auth.path) - - name: WORKSPACE_SSL_CA_DIRECTORY_BOUND - value: $(workspaces.ssl-ca-directory.bound) - - name: WORKSPACE_SSL_CA_DIRECTORY_PATH - value: $(workspaces.ssl-ca-directory.path) - securityContext: - runAsNonRoot: true - runAsUser: 65532 - script: | - #!/usr/bin/env sh - set -eu - - if [ "${PARAM_VERBOSE}" = "true" ] ; then - set -x - fi - - if [ "${WORKSPACE_BASIC_AUTH_DIRECTORY_BOUND}" = "true" ] ; then - cp "${WORKSPACE_BASIC_AUTH_DIRECTORY_PATH}/.git-credentials" "${PARAM_USER_HOME}/.git-credentials" - cp "${WORKSPACE_BASIC_AUTH_DIRECTORY_PATH}/.gitconfig" "${PARAM_USER_HOME}/.gitconfig" - chmod 400 "${PARAM_USER_HOME}/.git-credentials" - chmod 400 "${PARAM_USER_HOME}/.gitconfig" - fi - - if [ "${WORKSPACE_SSH_DIRECTORY_BOUND}" = "true" ] ; then - cp -R "${WORKSPACE_SSH_DIRECTORY_PATH}" "${PARAM_USER_HOME}"/.ssh - chmod 700 "${PARAM_USER_HOME}"/.ssh - chmod -R 400 "${PARAM_USER_HOME}"/.ssh/* - fi - - if [ "${WORKSPACE_SSL_CA_DIRECTORY_BOUND}" = "true" ] ; then - export GIT_SSL_CAPATH="${WORKSPACE_SSL_CA_DIRECTORY_PATH}" - if [ "${PARAM_CRT_FILENAME}" != "" ] ; then - export GIT_SSL_CAINFO="${WORKSPACE_SSL_CA_DIRECTORY_PATH}/${PARAM_CRT_FILENAME}" - fi - fi - CHECKOUT_DIR="${WORKSPACE_OUTPUT_PATH}/${PARAM_SUBDIRECTORY}" - - cleandir() { - # Delete any existing contents of the repo directory if it exists. - # - # We don't just "rm -rf ${CHECKOUT_DIR}" because ${CHECKOUT_DIR} might be "/" - # or the root of a mounted volume. - if [ -d "${CHECKOUT_DIR}" ] ; then - # Delete non-hidden files and directories - rm -rf "${CHECKOUT_DIR:?}"/* - # Delete files and directories starting with . but excluding .. - rm -rf "${CHECKOUT_DIR}"/.[!.]* - # Delete files and directories starting with .. plus any other character - rm -rf "${CHECKOUT_DIR}"/..?* - fi - } - - if [ "${PARAM_DELETE_EXISTING}" = "true" ] ; then - cleandir || true - fi - - test -z "${PARAM_HTTP_PROXY}" || export HTTP_PROXY="${PARAM_HTTP_PROXY}" - test -z "${PARAM_HTTPS_PROXY}" || export HTTPS_PROXY="${PARAM_HTTPS_PROXY}" - test -z "${PARAM_NO_PROXY}" || export NO_PROXY="${PARAM_NO_PROXY}" - - git config --global --add safe.directory "${WORKSPACE_OUTPUT_PATH}" - /ko-app/git-init \ - -url="${PARAM_URL}" \ - -revision="${PARAM_REVISION}" \ - -refspec="${PARAM_REFSPEC}" \ - -path="${CHECKOUT_DIR}" \ - -sslVerify="${PARAM_SSL_VERIFY}" \ - -submodules="${PARAM_SUBMODULES}" \ - -depth="${PARAM_DEPTH}" \ - -sparseCheckoutDirectories="${PARAM_SPARSE_CHECKOUT_DIRECTORIES}" - cd "${CHECKOUT_DIR}" - RESULT_SHA="$(git rev-parse HEAD)" - EXIT_CODE="$?" - if [ "${EXIT_CODE}" != 0 ] ; then - exit "${EXIT_CODE}" - fi - RESULT_COMMITTER_DATE="$(git log -1 --pretty=%ct)" - printf "%s" "${RESULT_COMMITTER_DATE}" > "$(results.committer-date.path)" - printf "%s" "${RESULT_SHA}" > "$(results.commit.path)" - printf "%s" "${PARAM_URL}" > "$(results.url.path)" \ No newline at end of file diff --git a/vm/ansible/playbooks/roles/k8s-master/files/tekton/projects/tasks/rsync.yml b/vm/ansible/playbooks/roles/k8s-master/files/tekton/projects/tasks/rsync.yml deleted file mode 100644 index 0d3bc882..00000000 --- a/vm/ansible/playbooks/roles/k8s-master/files/tekton/projects/tasks/rsync.yml +++ /dev/null @@ -1,57 +0,0 @@ ---- -apiVersion: tekton.dev/v1beta1 -kind: Task -metadata: - name: rsync - labels: - app.kubernetes.io/version: "0.1" - annotations: - tekton.dev/pipelines.minVersion: "0.17.0" - tekton.dev/tags: rsync, files sync - tekton.dev/categories: CLI - tekton.dev/displayName: "rsync" - tekton.dev/platforms: "linux/amd64,linux/s390x,linux/ppc64le,linux/arm64" -spec: - description: >- - This task can be used to synchronize local and remote files. - workspaces: - - name: source - description: The directory you want to sync. - - name: ssh-directory - optional: true - description: ssh directory with private key, known_hosts, config. - params: - - name: direction - type: string - default: "local-to-remote" - - name: local-path - type: string - default: "./" - - name: remote-path - type: string - default: "~/" - - name: remote-ip - type: string - default: "0.0.0.0" - - name: remote-username - type: string - default: "root" - steps: - - name: rsync - image: docker.io/shaowenchen/rsync-sshpass:v1@sha256:934985f9a955f416c7378e22d847ac1320fcae1495ee70ad53c9f9fc08b99323 - env: - - name: SSH_DIRECTORY_PATH - value: $(workspaces.ssh-directory.path) - workingDir: $(workspaces.source.path) - script: | - cp -R "${SSH_DIRECTORY_PATH}" "$HOME"/.ssh - chmod 700 "$HOME"/.ssh - chmod -R 400 "$HOME"/.ssh/* - - if [ "$(params.direction)" = "remote-to-local" ] ; then - echo "remote to local" - rsync -ratlzv -e "ssh -o StrictHostKeyChecking=no -i $HOME/.ssh/id_rsa" "$(params.remote-username)"@"$(params.remote-ip)":"$(params.remote-path)"/ "$(params.local-path)" - else - echo "local to remote" - rsync -ratlzv -e "ssh -o StrictHostKeyChecking=no -i $HOME/.ssh/id_rsa" "$(params.local-path)" "$(params.remote-username)"@"$(params.remote-ip)":"$(params.remote-path)"/ - fi \ No newline at end of file diff --git a/vm/ansible/playbooks/roles/k8s-master/files/tekton/storage.yml b/vm/ansible/playbooks/roles/k8s-master/files/tekton/storage.yml deleted file mode 100644 index 923df7ce..00000000 --- a/vm/ansible/playbooks/roles/k8s-master/files/tekton/storage.yml +++ /dev/null @@ -1,66 +0,0 @@ -apiVersion: v1 -kind: PersistentVolume -metadata: - name: tekton-pv-docs - labels: - service: tekton - project: docs -spec: - capacity: - storage: 2Gi - accessModes: - - ReadWriteOnce - nfs: - path: /mnt/nvme0n1p1/tekton/docs - server: 192.168.31.2 - persistentVolumeReclaimPolicy: Retain ---- -apiVersion: v1 -kind: PersistentVolume -metadata: - name: tekton-pv-blog - labels: - service: tekton - project: blog -spec: - capacity: - storage: 2Gi - accessModes: - - ReadWriteOnce - nfs: - path: /mnt/nvme0n1p1/tekton/blog - server: 192.168.31.2 - persistentVolumeReclaimPolicy: Retain ---- -apiVersion: v1 -kind: PersistentVolumeClaim -metadata: - name: tekton-pvc-blog - namespace: argocd -spec: - selector: - matchLabels: - service: tekton - project: blog - resources: - requests: - storage: 2Gi - volumeMode: Filesystem - accessModes: - - ReadWriteOnce ---- -apiVersion: v1 -kind: PersistentVolumeClaim -metadata: - name: tekton-pvc-docs -spec: - selector: - matchLabels: - service: tekton - project: docs - resources: - requests: - storage: 2Gi - volumeMode: Filesystem - accessModes: - - ReadWriteOnce \ No newline at end of file diff --git a/vm/ansible/playbooks/roles/k8s-master/pv.yml b/vm/ansible/playbooks/roles/k8s-master/pv.yml deleted file mode 100644 index 961af199..00000000 --- a/vm/ansible/playbooks/roles/k8s-master/pv.yml +++ /dev/null @@ -1,15 +0,0 @@ -apiVersion: v1 -kind: PersistentVolume -metadata: - name: tekton-pv - labels: - service: tekton -spec: - capacity: - storage: 15Gi - accessModes: - - ReadWriteOnce - nfs: - path: /mnt/nvme0n1p1/tekton - server: 192.168.31.2 - persistentVolumeReclaimPolicy: Retain \ No newline at end of file diff --git a/vm/ansible/playbooks/roles/k8s-node/files/conf/etc/modules-load.d/k8s.conf b/vm/ansible/playbooks/roles/k8s-node/files/conf/etc/modules-load.d/k8s.conf deleted file mode 100644 index a66efc65..00000000 --- a/vm/ansible/playbooks/roles/k8s-node/files/conf/etc/modules-load.d/k8s.conf +++ /dev/null @@ -1,2 +0,0 @@ -overlay -br_netfilter \ No newline at end of file diff --git a/vm/ansible/playbooks/roles/k8s-node/files/conf/etc/sysctl.d/k8s.conf b/vm/ansible/playbooks/roles/k8s-node/files/conf/etc/sysctl.d/k8s.conf deleted file mode 100644 index 107b4b0e..00000000 --- a/vm/ansible/playbooks/roles/k8s-node/files/conf/etc/sysctl.d/k8s.conf +++ /dev/null @@ -1,3 +0,0 @@ -net.bridge.bridge-nf-call-iptables = 1 -net.bridge.bridge-nf-call-ip6tables = 1 -net.ipv4.ip_forward = 1 \ No newline at end of file diff --git a/vm/ansible/playbooks/roles/k8s-node/files/containerd-conf.toml b/vm/ansible/playbooks/roles/k8s-node/files/containerd-conf.toml deleted file mode 100755 index f28cd502..00000000 --- a/vm/ansible/playbooks/roles/k8s-node/files/containerd-conf.toml +++ /dev/null @@ -1,252 +0,0 @@ -disabled_plugins = [] -imports = [] -oom_score = 0 -plugin_dir = "" -required_plugins = [] -root = "/var/lib/containerd" -state = "/run/containerd" -temp = "" -version = 2 - -enabled_plugins = ["cri"] - -[cgroup] - path = "" - -[debug] - address = "" - format = "" - gid = 0 - level = "" - uid = 0 - -[grpc] - address = "/run/containerd/containerd.sock" - gid = 0 - max_recv_message_size = 16777216 - max_send_message_size = 16777216 - tcp_address = "" - tcp_tls_ca = "" - tcp_tls_cert = "" - tcp_tls_key = "" - uid = 0 - -[metrics] - address = "" - grpc_histogram = false - -[plugins] - - [plugins."io.containerd.gc.v1.scheduler"] - deletion_threshold = 0 - mutation_threshold = 100 - pause_threshold = 0.02 - schedule_delay = "0s" - startup_delay = "100ms" - - [plugins."io.containerd.grpc.v1.cri"] - device_ownership_from_security_context = false - disable_apparmor = false - disable_cgroup = false - disable_hugetlb_controller = true - disable_proc_mount = false - disable_tcp_service = true - enable_selinux = false - enable_tls_streaming = false - enable_unprivileged_icmp = false - enable_unprivileged_ports = false - ignore_image_defined_volumes = false - max_concurrent_downloads = 3 - max_container_log_line_size = 16384 - netns_mounts_under_state_dir = false - restrict_oom_score_adj = false - sandbox_image = "registry.aliyuncs.com/google_containers/pause:3.9" - selinux_category_range = 1024 - stats_collect_period = 10 - stream_idle_timeout = "4h0m0s" - stream_server_address = "127.0.0.1" - stream_server_port = "0" - systemd_cgroup = false - tolerate_missing_hugetlb_controller = true - unset_seccomp_profile = "" - - [plugins."io.containerd.grpc.v1.cri".cni] - bin_dir = "/opt/cni/bin" - conf_dir = "/etc/cni/net.d" - conf_template = "" - ip_pref = "" - max_conf_num = 1 - - [plugins."io.containerd.grpc.v1.cri".containerd] - default_runtime_name = "runc" - disable_snapshot_annotations = true - discard_unpacked_layers = false - ignore_rdt_not_enabled_errors = false - no_pivot = false - snapshotter = "overlayfs" - - [plugins."io.containerd.grpc.v1.cri".containerd.default_runtime] - base_runtime_spec = "" - cni_conf_dir = "" - cni_max_conf_num = 0 - container_annotations = [] - pod_annotations = [] - privileged_without_host_devices = false - runtime_engine = "" - runtime_path = "" - runtime_root = "" - runtime_type = "" - - [plugins."io.containerd.grpc.v1.cri".containerd.default_runtime.options] - - [plugins."io.containerd.grpc.v1.cri".containerd.runtimes] - - [plugins."io.containerd.grpc.v1.cri".containerd.runtimes.runc] - base_runtime_spec = "" - cni_conf_dir = "" - cni_max_conf_num = 0 - container_annotations = [] - pod_annotations = [] - privileged_without_host_devices = false - runtime_engine = "" - runtime_path = "" - runtime_root = "" - runtime_type = "io.containerd.runc.v2" - - [plugins."io.containerd.grpc.v1.cri".containerd.runtimes.runc.options] - BinaryName = "" - CriuImagePath = "" - CriuPath = "" - CriuWorkPath = "" - IoGid = 0 - IoUid = 0 - NoNewKeyring = false - NoPivotRoot = false - Root = "" - ShimCgroup = "" - SystemdCgroup = true - - [plugins."io.containerd.grpc.v1.cri".containerd.untrusted_workload_runtime] - base_runtime_spec = "" - cni_conf_dir = "" - cni_max_conf_num = 0 - container_annotations = [] - pod_annotations = [] - privileged_without_host_devices = false - runtime_engine = "" - runtime_path = "" - runtime_root = "" - runtime_type = "" - - [plugins."io.containerd.grpc.v1.cri".containerd.untrusted_workload_runtime.options] - - [plugins."io.containerd.grpc.v1.cri".image_decryption] - key_model = "node" - - [plugins."io.containerd.grpc.v1.cri".registry] - config_path = "" - - [plugins."io.containerd.grpc.v1.cri".registry.auths] - - [plugins."io.containerd.grpc.v1.cri".registry.configs] - - [plugins."io.containerd.grpc.v1.cri".registry.headers] - - [plugins."io.containerd.grpc.v1.cri".registry.mirrors] - - [plugins."io.containerd.grpc.v1.cri".x509_key_pair_streaming] - tls_cert_file = "" - tls_key_file = "" - - [plugins."io.containerd.internal.v1.opt"] - path = "/opt/containerd" - - [plugins."io.containerd.internal.v1.restart"] - interval = "10s" - - [plugins."io.containerd.internal.v1.tracing"] - sampling_ratio = 1.0 - service_name = "containerd" - - [plugins."io.containerd.metadata.v1.bolt"] - content_sharing_policy = "shared" - - [plugins."io.containerd.monitor.v1.cgroups"] - no_prometheus = false - - [plugins."io.containerd.runtime.v1.linux"] - no_shim = false - runtime = "runc" - runtime_root = "" - shim = "containerd-shim" - shim_debug = false - - [plugins."io.containerd.runtime.v2.task"] - platforms = ["linux/amd64"] - sched_core = false - - [plugins."io.containerd.service.v1.diff-service"] - default = ["walking"] - - [plugins."io.containerd.service.v1.tasks-service"] - rdt_config_file = "" - - [plugins."io.containerd.snapshotter.v1.aufs"] - root_path = "" - - [plugins."io.containerd.snapshotter.v1.btrfs"] - root_path = "" - - [plugins."io.containerd.snapshotter.v1.devmapper"] - async_remove = false - base_image_size = "" - discard_blocks = false - fs_options = "" - fs_type = "" - pool_name = "" - root_path = "" - - [plugins."io.containerd.snapshotter.v1.native"] - root_path = "" - - [plugins."io.containerd.snapshotter.v1.overlayfs"] - root_path = "" - upperdir_label = false - - [plugins."io.containerd.snapshotter.v1.zfs"] - root_path = "" - - [plugins."io.containerd.tracing.processor.v1.otlp"] - endpoint = "" - insecure = false - protocol = "" - -[proxy_plugins] - -[stream_processors] - - [stream_processors."io.containerd.ocicrypt.decoder.v1.tar"] - accepts = ["application/vnd.oci.image.layer.v1.tar+encrypted"] - args = ["--decryption-keys-path", "/etc/containerd/ocicrypt/keys"] - env = ["OCICRYPT_KEYPROVIDER_CONFIG=/etc/containerd/ocicrypt/ocicrypt_keyprovider.conf"] - path = "ctd-decoder" - returns = "application/vnd.oci.image.layer.v1.tar" - - [stream_processors."io.containerd.ocicrypt.decoder.v1.tar.gzip"] - accepts = ["application/vnd.oci.image.layer.v1.tar+gzip+encrypted"] - args = ["--decryption-keys-path", "/etc/containerd/ocicrypt/keys"] - env = ["OCICRYPT_KEYPROVIDER_CONFIG=/etc/containerd/ocicrypt/ocicrypt_keyprovider.conf"] - path = "ctd-decoder" - returns = "application/vnd.oci.image.layer.v1.tar+gzip" - -[timeouts] - "io.containerd.timeout.bolt.open" = "0s" - "io.containerd.timeout.shim.cleanup" = "5s" - "io.containerd.timeout.shim.load" = "5s" - "io.containerd.timeout.shim.shutdown" = "3s" - "io.containerd.timeout.task.state" = "2s" - -[ttrpc] - address = "" - gid = 0 - uid = 0 \ No newline at end of file diff --git a/vm/ansible/playbooks/roles/k8s-node/files/fstab b/vm/ansible/playbooks/roles/k8s-node/files/fstab deleted file mode 100644 index cb1ebbb2..00000000 --- a/vm/ansible/playbooks/roles/k8s-node/files/fstab +++ /dev/null @@ -1,12 +0,0 @@ -# /etc/fstab: static file system information. -# -# Use 'blkid' to print the universally unique identifier for a -# device; this may be used with UUID= as a more robust way to name devices -# that works even if disks are added and removed. See fstab(5). -# -# -# / was on /dev/sda3 during curtin installation -/dev/disk/by-uuid/e7b60e1d-817b-41b9-818d-8253d52dd57f / ext4 defaults 0 1 -# /boot was on /dev/sda2 during curtin installation -/dev/disk/by-uuid/7e25cdbf-e56b-47de-8d89-981f713c761c /boot ext4 defaults 0 1 -# /swap.img none swap sw 0 0 \ No newline at end of file diff --git a/vm/ansible/playbooks/roles/k8s-node/files/install/cni.sh b/vm/ansible/playbooks/roles/k8s-node/files/install/cni.sh deleted file mode 100644 index d8195b7f..00000000 --- a/vm/ansible/playbooks/roles/k8s-node/files/install/cni.sh +++ /dev/null @@ -1,41 +0,0 @@ -#!/bin/bash -e - -# export https_proxy=http://192.168.31.193:7890 http_proxy=http://192.168.31.193:7890 all_proxy=socks5://192.168.31.193:7890 - -# 获取 cni 下载链接 -# $1 版本号 -get_download_link() { - echo "https://github.com/containernetworking/plugins/releases/download/v$1/cni-plugins-linux-amd64-v$1.tgz" -} - -# 清理 -clean() { - rm -rf /tmp/cni-* - rm -rf /tmp/cni/* - mkdir -p /opt/cni/bin/ -} - -install() { - # 下载 - readonly link=$(get_download_link $1) - # export https_proxy=http://192.168.31.193:7890 http_proxy=http://192.168.31.193:7890 all_proxy=socks5://192.168.31.193:7890 - wget -P /tmp/cni ${link} - # 解压 - tar -zxf /tmp/cni/cni-plugins-linux-amd64-v$1.tgz -C /tmp/cni/ - rm /tmp/cni/cni-plugins-linux-amd64-v$1.tgz - # 移动 - cp /tmp/cni/* /opt/cni/bin/ -} - -main() { - clean - - readonly cni_version=${1:?"need cni_version!"} - install ${cni_version} - - clean -} - -main $@ - -# TODO 检测 MD5 一致时不下载 \ No newline at end of file diff --git a/vm/ansible/playbooks/roles/k8s-node/files/install/containerd.sh b/vm/ansible/playbooks/roles/k8s-node/files/install/containerd.sh deleted file mode 100644 index 67a4bd5d..00000000 --- a/vm/ansible/playbooks/roles/k8s-node/files/install/containerd.sh +++ /dev/null @@ -1,61 +0,0 @@ -#!/bin/bash - -# export https_proxy=http://192.168.31.193:7890 http_proxy=http://192.168.31.193:7890 all_proxy=socks5://192.168.31.193:7890 - -# 获取 cni 下载链接 -# $1 版本号 -get_download_link() { - echo "https://github.com/containerd/containerd/releases/download/v$1/containerd-$1-linux-amd64.tar.gz" -} - -# 清理 -clean() { - rm -rf /tmp/containerd-* - rm -rf /tmp/containerd/* -} - -read_sha256() { - while read sha256 - do - echo "$sha256" - break - done < $1 -} - -install() { - # 下载 - readonly link=$(get_download_link $1) - # export https_proxy=http://192.168.31.193:7890 http_proxy=http://192.168.31.193:7890 all_proxy=socks5://192.168.31.193:7890 - wget -P /tmp/containerd ${link} - - # 解压 - tar -xzf /tmp/containerd/containerd-$1-linux-amd64.tar.gz -C /tmp/containerd/ - rm /tmp/containerd/containerd-$1-linux-amd64.tar.gz - # 移动 - cp /tmp/containerd/bin/* /usr/local/bin/ -} - -main() { - readonly containerd_version=${1:?"need containerd_version!"} - - # 首先下载 sha256sum 文件 - readonly sha256="$(get_download_link ${containerd_version}).sha256sum" - wget -P /tmp/containerd/ ${sha256} - # 如果已经有对应版本的压缩包,则校验压缩包 - readonly shaPath="/tmp/containerd/containerd-${containerd_version}-linux-amd64.tar.gz" - if [ -e ${shaPath} ]; then - readonly sha256_str=read_sha256 ${shaPath} - readonly need_check_str=$(sha256sum /tmp/containerd/containerd-${containerd_version}-linux-amd64.tar.gz) - # 如果压缩包有损坏,则重新下载 - if [ ${sha256_str} != ${need_check_str} ]; then - install - # else - # empty - fi - else - install - fi -} - -main $@ -# TODO 检测 MD5 一致时不下载 \ No newline at end of file diff --git a/vm/ansible/playbooks/roles/k8s-node/files/install/crictl.sh b/vm/ansible/playbooks/roles/k8s-node/files/install/crictl.sh deleted file mode 100644 index 990774c9..00000000 --- a/vm/ansible/playbooks/roles/k8s-node/files/install/crictl.sh +++ /dev/null @@ -1,57 +0,0 @@ -#!/bin/bash - -# 检查 crictl 是否存在 -crictl_exists() { - if [ -e "/usr/local/bin/crictl" ]; then - echo 1 - else - echo 0 - fi -} - -# 获取 crictl 下载链接 -# $1 版本号 -get_download_link() { - echo "https://github.com/kubernetes-sigs/cri-tools/releases/download/v$1/crictl-v$1-linux-amd64.tar.gz" -} - -# 清理 -clean() { - rm -rf /tmp/crictl - rm -rf /tmp/crictl-* -} - -install() { - # 下载 - readonly link=$(get_download_link $1) - wget -P /tmp ${link} - - # 解压 - tar -zxf /tmp/crictl-v$1-linux-amd64.tar.gz -C /tmp/ - - # 移动 - cp /tmp/crictl /usr/local/bin/ - chmod +x /usr/local/bin/crictl -} - -update() { - readonly current_version=$(/usr/local/bin/crictl -v | sed -e 's/^crictl version v//') - if [ $1 '>' ${current_version} ]; then - install $1 - fi -} - -main() { - clean - - readonly crictl_version=${1:?"need crictl_version!"} - if [ $(crictl_exists) -eq 1 ]; then - update ${crictl_version} - else - install ${crictl_version} - fi - - clean -} - -main $@ \ No newline at end of file diff --git a/vm/ansible/playbooks/roles/k8s-node/files/install/kubeadm.sh b/vm/ansible/playbooks/roles/k8s-node/files/install/kubeadm.sh deleted file mode 100644 index 11a884d1..00000000 --- a/vm/ansible/playbooks/roles/k8s-node/files/install/kubeadm.sh +++ /dev/null @@ -1,53 +0,0 @@ -#!/bin/bash - -# 检查 kubeadm 是否存在 -kubeadm_exists() { - if [ -e "/usr/local/bin/kubeadm" ]; then - echo 1 - else - echo 0 - fi -} - -# 获取 kubeadm 下载链接 -# $1 版本号 -get_download_link() { - echo "https://dl.k8s.io/release/v$1/bin/linux/amd64/kubeadm" -} - -# 清理 -clean() { - rm -rf /tmp/kubeadm - rm -rf /tmp/kubeadm-* -} - -install_kubeadm() { - # 下载 - readonly link=$(get_download_link $1) - wget -P /tmp ${link} - - # 安装 - install -o root -g root -m 0755 /tmp/kubeadm /usr/local/bin/kubeadm -} - -update() { - readonly current_version=$(kubeadm version | sed -e 's/.*GitVersion:\"v//' -e 's/\", GitCommit.*//') - if [ $1 '>' ${current_version} ]; then - install_kubeadm $1 - fi -} - -main() { - clean - - readonly k8s_version=${1:?"need k8s_version!"} - if [ $(kubeadm_exists) -eq 1 ]; then - update ${k8s_version} - else - install_kubeadm ${k8s_version} - fi - - clean -} - -main $@ \ No newline at end of file diff --git a/vm/ansible/playbooks/roles/k8s-node/files/install/kubectl.sh b/vm/ansible/playbooks/roles/k8s-node/files/install/kubectl.sh deleted file mode 100644 index f91c8a69..00000000 --- a/vm/ansible/playbooks/roles/k8s-node/files/install/kubectl.sh +++ /dev/null @@ -1,51 +0,0 @@ -#!/bin/bash - -# 检查 kubectl 是否存在 -kubectl_exists() { - if [ -e "/usr/local/bin/kubectl" ]; then - echo 1 - else - echo 0 - fi -} - -# 获取 kubectl 下载链接 -# $1 版本号 -get_download_link() { - echo "https://dl.k8s.io/release/v$1/bin/linux/amd64/kubectl" -} - -# 清理 -clean() { - rm -rf /tmp/kubectl - rm -rf /tmp/kubectl-* -} - -install_kubectl() { - # 下载 - readonly link=$(get_download_link $1) - wget -P /tmp ${link} - - # 安装 - install -o root -g root -m 0755 /tmp/kubectl /usr/local/bin/kubectl -} - -update() { - readonly current_version=$(kubectl version --client | grep "Client Version" | sed -e 's/.*Version: v//') - if [ $1 '>' ${current_version} ]; then - install_kubectl $1 - fi -} - -main() { - readonly k8s_version=${1:?"need k8s_version!"} - if [ $(kubectl_exists) -eq 1 ]; then - update ${k8s_version} - else - install_kubectl ${k8s_version} - fi - - clean -} - -main $@ diff --git a/vm/ansible/playbooks/roles/k8s-node/files/install/kubelet.sh b/vm/ansible/playbooks/roles/k8s-node/files/install/kubelet.sh deleted file mode 100644 index dad5ca75..00000000 --- a/vm/ansible/playbooks/roles/k8s-node/files/install/kubelet.sh +++ /dev/null @@ -1,59 +0,0 @@ -#!/bin/bash - -# 检查 kubelet 是否存在 -kubelet_exists() { - if [ -e "/usr/local/bin/kubelet" ]; then - echo 1 - else - echo 0 - fi -} - -# 获取 kubelet 下载链接 -# $1 版本号 -get_download_link() { - # curl -LO https://dl.k8s.io/release/v1.28.4/bin/linux/amd64/kubelet - echo "https://dl.k8s.io/release/v$1/bin/linux/amd64/kubelet" -} - -# 清理 -clean() { - rm -rf /tmp/kubelet - rm -rf /tmp/kubelet-* -} - -install_kubelet() { - # 下载 - readonly link=$(get_download_link $1) - # export https_proxy=http://192.168.31.193:7890 http_proxy=http://192.168.31.193:7890 all_proxy=socks5://192.168.31.193:7890 - wget -P /tmp ${link} - - # 安装 - install -o root -g root -m 0755 /tmp/kubelet /usr/local/bin/kubelet - mkdir /var/lib/kubelet -} - -update() { - readonly current_version=$(kubelet --version | sed -e 's/^Kubernetes v//') - if [ $1 '>' ${current_version} ]; then - install_kubelet $1 - fi -} - -main() { - clean - - readonly opt=${2} - readonly k8s_version=${1:?"need k8s_version!"} - if [ $2 -eq 1 ]; then - install_kubelet ${k8s_version} - elif [ $(kubelet_exists) -eq 1 ]; then - update ${k8s_version} - else - install_kubelet ${k8s_version} - fi - - clean -} - -main $@ diff --git a/vm/ansible/playbooks/roles/k8s-node/files/k8s-node.sh b/vm/ansible/playbooks/roles/k8s-node/files/k8s-node.sh deleted file mode 100755 index 9b6170c3..00000000 --- a/vm/ansible/playbooks/roles/k8s-node/files/k8s-node.sh +++ /dev/null @@ -1,118 +0,0 @@ -#!/bin/bash - -# export http_proxy=http://192.168.31.2:7890 https_proxy=http://192.168.31.2:7890 -# unset http_proxy https_proxy - -# https://github.com/containerd/containerd/tree/main/script/setup -# https://windcoder.com/shiyong-kubeadm-anzhuangjiyu-containerd-de-kubernetes-jiqun -# https://blog.frognew.com/2021/04/relearning-container-03.html -# https://blog.frognew.com/2023/08/kubeadm-install-kubernetes-1.28.html - - -CNI_VERSION=${CNI_VERSION:-"1.4.0"} -CONTAINERD_VERSION=${CONTAINERD_VERSION:-"1.7.11"} -CRICTL_VERSION=${CRICTL_VERSION:-"1.28.0"} -K8S_VERSION=${K8S_VERSION:-"1.28.1"} -RUNC_VERSION=${RUNC_VERSION:-"1.1.10"} - -install_crictl() { - echo "y" | apt-get install apt-transport-https ca-certificates curl conntrack - wget -P /tmp "https://github.com/kubernetes-sigs/cri-tools/releases/download/v$CRICTL_VERSION/crictl-v$CRICTL_VERSION-linux-amd64.tar.gz" - tar -zxf /tmp/crictl-v$CRICTL_VERSION-linux-amd64.tar.gz -C /tmp/ - install -m 755 crictl /usr/local/bin/crictl - rm -rf /tmp/crictl -} - -install_container_runtimes() { - # 转发 IPv4 并让 iptables 看到桥接流量 - # /etc/modules-load.d/k8s.conf - # /etc/sysctl.d/k8s.conf - modprobe overlay - modprobe br_netfilter - # 应用 sysctl 参数而不重新启动 - sysctl --system - - # 确认 br_netfilter 和 overlay 模块被加载 - lsmod | grep br_netfilter - lsmod | grep overlay - # 确认 net.bridge.bridge-nf-call-iptables、net.bridge.bridge-nf-call-ip6tables 和 net.ipv4.ip_forward 系统变量在你的 sysctl 配置中被设置为 1 - sysctl net.bridge.bridge-nf-call-iptables net.bridge.bridge-nf-call-ip6tables net.ipv4.ip_forward - - # 容器运行时 - # - containerd - # - runc - # - cni - - # containerd - mkdir -p /tmp/containerd - wget -P /tmp https://github.com/containerd/containerd/releases/download/v$CONTAINERD_VERSION/containerd-$CONTAINERD_VERSION-linux-amd64.tar.gz - tar -xzf /tmp/containerd-$CONTAINERD_VERSION-linux-amd64.tar.gz -C /usr/local - # 覆盖 containerd 配置 /etc/systemd/system/containerd.service - mkdir -p /usr/local/lib/systemd/system/ - mkdir -p /etc/containerd - containerd config default > /etc/containerd/config.toml - # 将 /etc/containerd/config.toml 中的 [plugins."io.containerd.grpc.v1.cri".containerd.runtimes.runc.options] 的 SystemdCgroup 置为 true - # sandbox_image = "registry.aliyuncs.com/google_containers/pause:3.9" - - # runc - wget -P /tmp https://github.com/opencontainers/runc/releases/download/v$RUNC_VERSION/runc.amd64 - install -m 755 runc.amd64 /usr/local/sbin/runc - - # cni-plugins - mkdir -p /opt/cni/bin/ && mkdir -p /etc/cni/net.d - wget -P /tmp "https://github.com/containernetworking/plugins/releases/download/v$CNI_VERSION/cni-plugins-linux-amd64-v$CNI_VERSION.tgz" - tar -zxf /tmp/cni-plugins-linux-amd64-v$CNI_VERSION.tgz -C /opt/cni/bin/ - rm /tmp/cni/cni-plugins-linux-amd64-v$CNI_VERSION.tgz - cp /tmp/cni/* /opt/cni/bin/ - - systemctl daemon-reload - systemctl enable --now containerd - systemctl restart containerd.service -} - -install_k8s_v1() { - rm -rf /tmp/kubelet* /tmp/kubectl* /tmp/kubeadm* - mkdir -p /var/lib/kubelet - - wget -P /tmp "https://dl.k8s.io/release/v$K8S_VERSION/bin/linux/amd64/kubelet" - wget -P /tmp "https://dl.k8s.io/release/v$K8S_VERSION/bin/linux/amd64/kubectl" - wget -P /tmp "https://dl.k8s.io/release/v$K8S_VERSION/bin/linux/amd64/kubeadm" - - install -o root -g root -m 0755 /tmp/kubelet /usr/local/bin/kubelet - install -o root -g root -m 0755 /tmp/kubectl /usr/local/bin/kubectl - install -o root -g root -m 0755 /tmp/kubeadm /usr/local/bin/kubeadm - - apt-get install bash-completion - echo 'alias k=kubectl' >>~/.bashrc - kubectl completion bash | tee /etc/bash_completion.d/kubectl > /dev/null - chmod a+r /etc/bash_completion.d/kubectl - source ~/.bashrc -} - -install_k8s_v2() { - curl -s https://mirrors.aliyun.com/kubernetes/apt/doc/apt-key.gpg | apt-key add - - tee /etc/apt/sources.list.d/kubernetes.list <<-'EOF' -deb https://mirrors.aliyun.com/kubernetes/apt/ kubernetes-xenial main -EOF - apt-get update - apt-get install -y kubelet=1.28.1-00 kubeadm=1.28.1-00 kubectl=1.28.1-00 - apt-mark hold kubelet kubeadm kubectl - - systemctl enable kubelet.service -} - -main() { - case "$1" in - cri) - install_container_runtimes - ;; - *) - # 检查所需端口 nc 127.0.0.1 6443 - # 安装容器运行时 - install_container_runtimes - install_k8s - ;; - esac -} - -main $@ \ No newline at end of file diff --git a/vm/ansible/playbooks/roles/k8s-node/files/kubeadm/init.yml b/vm/ansible/playbooks/roles/k8s-node/files/kubeadm/init.yml deleted file mode 100755 index 3bae8968..00000000 --- a/vm/ansible/playbooks/roles/k8s-node/files/kubeadm/init.yml +++ /dev/null @@ -1,36 +0,0 @@ -apiVersion: kubeadm.k8s.io/v1beta3 -bootstrapTokens: -- groups: - - system:bootstrappers:kubeadm:default-node-token - token: abcdef.0123456789abcdef - ttl: 24h0m0s - usages: - - signing - - authentication -kind: InitConfiguration -localAPIEndpoint: - advertiseAddress: 1.2.3.4 - bindPort: 6443 -nodeRegistration: - criSocket: unix:///var/run/containerd/containerd.sock - imagePullPolicy: IfNotPresent - name: node - taints: null ---- -apiServer: - timeoutForControlPlane: 4m0s -apiVersion: kubeadm.k8s.io/v1beta3 -certificatesDir: /etc/kubernetes/pki -clusterName: kubernetes -controllerManager: {} -dns: {} -etcd: - local: - dataDir: /var/lib/etcd -imageRepository: registry.k8s.io -kind: ClusterConfiguration -kubernetesVersion: 1.28.0 -networking: - dnsDomain: cluster.local - serviceSubnet: 10.96.0.0/12 -scheduler: {} \ No newline at end of file diff --git a/vm/ansible/playbooks/roles/k8s-node/files/kubeadm/kubeadm.conf b/vm/ansible/playbooks/roles/k8s-node/files/kubeadm/kubeadm.conf deleted file mode 100755 index 79b6b387..00000000 --- a/vm/ansible/playbooks/roles/k8s-node/files/kubeadm/kubeadm.conf +++ /dev/null @@ -1,11 +0,0 @@ -# Note: This dropin only works with kubeadm and kubelet v1.11+ -[Service] -Environment="KUBELET_KUBECONFIG_ARGS=--bootstrap-kubeconfig=/etc/kubernetes/bootstrap-kubelet.conf --kubeconfig=/etc/kubernetes/kubelet.conf" -Environment="KUBELET_CONFIG_ARGS=--config=/var/lib/kubelet/config.yaml" -# This is a file that "kubeadm init" and "kubeadm join" generates at runtime, populating the KUBELET_KUBEADM_ARGS variable dynamically -EnvironmentFile=-/var/lib/kubelet/kubeadm-flags.env -# This is a file that the user can use for overrides of the kubelet args as a last resort. Preferably, the user should use -# the .NodeRegistration.KubeletExtraArgs object in the configuration files instead. KUBELET_EXTRA_ARGS should be sourced from this file. -EnvironmentFile=-/etc/default/kubelet -ExecStart= -ExecStart=/usr/local/bin/kubelet $KUBELET_KUBECONFIG_ARGS $KUBELET_CONFIG_ARGS $KUBELET_KUBEADM_ARGS $KUBELET_EXTRA_ARGS \ No newline at end of file diff --git a/vm/ansible/playbooks/roles/k8s-node/files/kubelet/kubelet-v0.15.1.service b/vm/ansible/playbooks/roles/k8s-node/files/kubelet/kubelet-v0.15.1.service deleted file mode 100755 index 6cc2bd2a..00000000 --- a/vm/ansible/playbooks/roles/k8s-node/files/kubelet/kubelet-v0.15.1.service +++ /dev/null @@ -1,14 +0,0 @@ -[Unit] -Description=kubelet: The Kubernetes Node Agent -Documentation=https://kubernetes.io/docs/home/ -Wants=network-online.target -After=network-online.target - -[Service] -ExecStart=/usr/local/bin/kubelet -Restart=always -StartLimitInterval=0 -RestartSec=10 - -[Install] -WantedBy=multi-user.target \ No newline at end of file diff --git a/vm/ansible/playbooks/roles/k8s-node/files/service/containerd.service b/vm/ansible/playbooks/roles/k8s-node/files/service/containerd.service deleted file mode 100644 index 07a3dd4c..00000000 --- a/vm/ansible/playbooks/roles/k8s-node/files/service/containerd.service +++ /dev/null @@ -1,30 +0,0 @@ -[Unit] -Description=containerd container runtime -Documentation=https://containerd.io -After=network.target local-fs.target - -[Service] -#uncomment to enable the experimental sbservice (sandboxed) version of containerd/cri integration -#Environment="ENABLE_CRI_SANDBOXES=sandboxed" -ExecStartPre=-/sbin/modprobe overlay -ExecStart=/usr/local/bin/containerd - -Type=notify -Delegate=yes -KillMode=process -Restart=always -RestartSec=5 -# Having non-zero Limit*s causes performance problems due to accounting overhead -# in the kernel. We recommend using cgroups to do container-local accounting. -LimitNPROC=infinity -LimitCORE=infinity -LimitNOFILE=infinity -# Comment TasksMax if your systemd version does not supports it. -# Only systemd 226 and above support this version. -TasksMax=infinity -OOMScoreAdjust=-999 - -[Install] -WantedBy=multi-user.target - -# https://www.modb.pro/db/1693464982470086656 \ No newline at end of file diff --git a/vm/ansible/playbooks/roles/k8s-node/tasks/cni/main.yml b/vm/ansible/playbooks/roles/k8s-node/tasks/cni/main.yml deleted file mode 100755 index 7625a443..00000000 --- a/vm/ansible/playbooks/roles/k8s-node/tasks/cni/main.yml +++ /dev/null @@ -1,28 +0,0 @@ -- name: copy install script - copy: - src: install/cni.sh - dest: /tmp/cni.sh - mode: 0744 -- shell: "/tmp/cni.sh {{ k8s.cni_version}}" -- name: add excute permission - shell: | - chmod +x "/opt/cni/bin/{{ item }}" - with_items: - - bandwidth - - bridge - - dhcp - - firewall - - dummy - - host-device - - host-local - - ipvlan - - loopback - - macvlan - - portmap - - ptp - - sbr - - tap - - static - - tuning - - vlan - - vrf diff --git a/vm/k8s/watch_ingress_cluster_ip.go b/vm/k8s/watch_ingress_cluster_ip.go deleted file mode 100644 index 07eb7d2e..00000000 --- a/vm/k8s/watch_ingress_cluster_ip.go +++ /dev/null @@ -1,68 +0,0 @@ -package main - -import ( - "flag" - "fmt" - "os" - "os/signal" - "syscall" - - "k8s.io/client-go/kubernetes" - "k8s.io/client-go/rest" - "k8s.io/client-go/tools/cache" -) - -func main() { - // 解析命令行参数,包括kubeconfig路径和Ingress命名空间 - kubeconfig := flag.String("kubeconfig", "", "Path to a kubeconfig file") - namespace := flag.String("namespace", "default", "Namespace to watch for Ingress resources") - flag.Parse() - - // 创建Kubernetes配置 - config, err := rest.InClusterConfig() - if err != nil { - if *kubeconfig == "" { - fmt.Printf("Error creating in-cluster config: %v\n", err) - os.Exit(1) - } - // 如果没有InClusterConfig可用,使用外部kubeconfig文件 - config, err = rest.InClusterConfig() - if err != nil { - fmt.Printf("Error creating out-of-cluster config: %v\n", err) - os.Exit(1) - } - } - - // 创建Kubernetes客户端 - clientset, err := kubernetes.NewForConfig(config) - if err != nil { - fmt.Printf("Error creating Kubernetes client: %v\n", err) - os.Exit(1) - } - - // 创建Informer工厂 - factory := cache.NewSharedInformerFactoryWithOptions( - clientset, - 0, // 0表示不使用Resync - cache.ResourceEventHandlerFuncs{ - UpdateFunc: func(oldObj, newObj interface{}) { - // 处理Ingress资源的更新事件 - // 在此处提取Cluster IP信息并进行相应的操作 - fmt.Printf("Ingress updated: %v\n", newObj) - }, - }, - ) - - // 创建Ingress Informer - informer := factory.Networking().V1().Ingresses().Informer() - stopCh := make(chan struct{}) - defer close(stopCh) - - // 启动Informer - go factory.Start(stopCh) - - // 等待终止信号 - signalCh := make(chan os.Signal, 1) - signal.Notify(signalCh, syscall.SIGINT, syscall.SIGTERM) - <-signalCh -} diff --git a/vm/scripts/pve/k8s/apps/apinto/enterprise/apinto-app.yml b/vm/scripts/pve/k8s/apps/apinto/enterprise/apinto-app.yml new file mode 100644 index 00000000..be093b19 --- /dev/null +++ b/vm/scripts/pve/k8s/apps/apinto/enterprise/apinto-app.yml @@ -0,0 +1,486 @@ +$ANSIBLE_VAULT;1.1;AES256 +30346163313866623230393165303566383561623436646530316236323634613032303437353737 +3736613831613664376666383936376661656136376639360a343331336638653736393632633666 +63346536306133653332333837623264323838666461663332363764663965356635626637313738 +3835333733346430310a303835653162653862643039636330373132633833386166313136666538 +61343432633535613236636236613431663034343664626562393239336134316532613061313536 +32383664636339336266646134306130633837646561303835386461306666323537316537383931 +37323362306336336230383663346265363435613366383862623436623031343966393535373461 +64383738323862646237356436303936633263666565343432336463653166373834356666623334 +37346234356663616435373434396166646239353165366438613062646639383732386461383864 +39633665663238333233303361643732306637363033636230656331343631346162303965363233 +61653962653936623134386134393430646535306661666131663761353231333662646664616336 +38366566316564356430616638643834663630373864626638353535396162363663636438316138 +61343261633034323462343538386239643733626664343837303934653161363930643731626238 +33393962646537313666383237346465323739343235633931646336326164333538343366666131 +30393437336566386432393637643034383434383839326339366563333637336533333564666364 +38383735373836363139636339343135303364303962323032613337653431643135623430346131 +65323061313066623061623663363639336266383138633535363330373766373737656536386465 +37356166656139393162353265306134386264626534343166356163393230393461313035623365 +35653438626532646336333136666232633132646330376636306536353661363963346436373262 +66393561393161383532623336313466613130373134656238613264333065616334613239303237 +32346639646264643330636236353065343931353433306161653662373762316566336633366332 +65616565666134663632383265653139656535393566366538346135653761383533383062303637 +37333361333966383430353266633137336237316234626437333238356566343962323931643532 +61306263663463333532323863663863353437666433323363336634333932626662636665646263 +38383535383831313865346564323265616562303166326131316339333664383530396339376236 +39396166306466303139373566376530623730316435306363303134316437353665383832363830 +64613835376238663232333832613937393330386634326430343864326663616638643761626366 +32626430376338353764656531396266616266356636633361646130383736323164623438343366 +32316534613636313133313530396434343639323633366332663361633964613738643462383362 +66373938333462306462303136626230623064333462636664613838613432386563623361613932 +34386464373831333538643031643638626337613338376432653966636363626239633230666137 +38306461376466646434643337303162613935396164393262386566383735343037313436663461 +38383732643730623665363639616335393632383537346231643863316261663034646137326363 +30386665356333333533643631393161356164643764333062616661643233373837336331373461 +65396433383764333065386534636562346238653463343539613936646631623836376461613862 +39343335663564666338646633386236396566353338373238666634333663353061363838393562 +62663831626161663162393265306537643864663638653766323532656536663739353534326535 +66653630373236306339643936646365653530663061623766643363633266343766623133653439 +35633538373130326334373965306639386134383862323932326139393032643333356435363535 +35383834363263323030373363636639306563623539633737613361363265363339333838363565 +61386532353962633735333639643535653931393337366662626631623863626531323537663965 +38346664656136306363633265616661383765373830346430663938323337653336326364613239 +64653930383030636662313835353339323437363534656635643634336466643835363164663931 +35343037363336323166376433353861666231646266366330636665306431393935383937626366 +33386366363935663333643332656463396462373633643063663534636163633534666538623733 +34343164343765383936623338393062356530326433316334646339373164306334623732346436 +39653635336231623463636235303237626363633736633964386164616466626464366530613961 +37316336343066346137323838663931613635626339306239636164626566303665383966636238 +38633336346330346162636632316231333935393532313932323635636136383337303562373431 +35623536613739646664353664313331306130353131356530373031303933663763386136643634 +39366439386463303134386433383262326230626635643461396539663463323663616534653330 +32643062656338326130663332336163353765613532386164623931383837613761353661633766 +35366363653764363461613835643165306564363962643831393336346466323934633737613532 +32346565353064336563383231356361386434623738363434393738386138613161393032393233 +36646662363231313731326561386133393465353161633037653433626165616131303734303732 +39613139326461643731303233373332333039333466343363386639316236383537303833613335 +38346262353132313639623561646531346537363436393563313961363338326638643434653665 +65613931613132623962383739323133333565313531396233653462653830376135363035376463 +63323066376564303264353261613135383065663566623836346335383466343733643466656164 +30333538383165663563366635333763663761646436396163343838643938313763396662636564 +65366364306133623538663863656536366236383734313034343265306664656665336635363466 +65373931626364376338663561623837343433363836656464323538626537666562633537636231 +66313434336333646232616134373136386132346363646538313535353034633837313832333766 +37346362306636656135323232643733663038643533363039396136346264336338643832633632 +39623961353063626631343837643130613036326437343434613630616661366361373762626163 +65643537323038666466623663346266613935323034303539383531323335313131616431363433 +37363039353331663964303865363466613434326634306462313366616538666239656161623538 +31346332356136613036356531336534303961373264313065613431656434306233663231343637 +31663365623638333363316139613365643732663838313334623461623262666439656639666132 +61346232643334656663396264353938316533646364396337383361353638366537663332306133 +39356164396531356535343139643437656133383765623231376565613838626130366264636638 +64643732393037643630303039396434636162343664353866333166336465643234613836363837 +36653732643064393164313832643231393234633464353438356532316237346636333534333436 +65616163646464316163346337323065373566383665656561383161653936643333343863636434 +31333062636235303433346532323264353165336536373137653834373037333437613030626561 +62663537383662633562346439643864626465303532633331353933303163623932323666333638 +32663832623937333663316161356339626233373238626239636239623161383061326535653134 +61356637303465353131386439393737326135636230363962613864636462366239353336316466 +34316630343739613132353336393134306439393030383434323161333933363861343332343231 +30396466376562313563613537383163386565336664373633663362613435666263663134323736 +36376334386264336631646238626136656363323866666336303239313633336235323361323433 +38666335663762643531303761386130316638363964366264303264356464623630653735343561 +37666636363863303262653638373937376164326330643464656465356637643431643463363265 +63656432306234316337613763633262363236633961646131343661396431633139643432623563 +35366230626166373731323736366434303561373565343661376432383661366437366137346464 +61666537333834623139353530376237633935303439376337666266646231653132626634613632 +63383935346531623032306362353763663430383831666466343262333739313036316339663430 +35623066346261623939363539666631653462393739326435333237393438303363393231336335 +66626339333431626432356562346134356136656131356634333438633737646237383366333030 +31656362363966633366373263653634353133623639616562356530366134613963323035326230 +33623266386632656136386134653261623664386430376263346237386631653834626538626563 +33333838356630633139333633373062396630653035333533646535613930303664326362363836 +31323132653161376366633234633039373664333662373165656530633266316633313036316235 +38666234323935663662396635616166373835353330663132393961393632663534316636303630 +32646632306138366531313565326137376461313936396463646366336437346563643638363930 +30393566613137616262333162663164336139393631353761613030373762663465366464353137 +33333265666536356532333636653165323032353535663937316164396232313039373637313831 +34306632343564306563656134373466326262313363633936623665653032656433666138393538 +61316536323330383833656466356637333231353030396661326434343862313162643837323033 +63336465336661323236343337333633343038353865663834353136326239633736336131343235 +31646230363761316330316535323461633133383338353662333665653266333936386432643135 +39373538333936623163336436356566623761353764666364313836343135363564656165356262 +61653839306439303533623930623238316362343561613234383137376665666261356462636166 +65313164306462383765646362313862333066383536356337643237653130653836346530383432 +34383230386664666262306165326363323230386335316232326331383535323765373135353334 +37663366333237313033333238613165626233646462353064636363366338613138613263666335 +37343931363366386230373334326565653934636635313632333832633164633435343137393037 +66666463346531346464313034333565383565333466323239356433396465323336343164613835 +30376462656163613931343035393030333235323463653666363966396335663137663034656636 +35633836386531353366623837333537336134616364353563356432303030326661653739366134 +62343536613465663732663065306363626463313461346563663938343434666162653162393832 +38613262616335633562336537363363303133616131363765373432633038653032366339666533 +37313437633830313362336131613237616138353133613636346338356263343866333739616666 +37343663623031376135643966636135346132313261376533353138636361363834316261643135 +34383030353865383630323333393630616338393664626465336332343831313933323062366237 +32343533393263643166643930666364633634353164626563373539643664666661333235653465 +61343733336333616435613464303637613832343037326366663163653237666235396264316263 +31616432353365323333363566363535383439323737623736383933313233383365626333366338 +36326334346434346432636333656337323963323336373366303331383330323434646432316533 +65386433636138316435646461663330613063653934363666316430333732366337343231363564 +65336665643931613564323963363939363466396535363161613965356132303935313237366530 +38666130386466343664653137316534373636633734326431643238626330396466373365383631 +63313465356132346333316265623761353061323833363863646535613836616562343235653163 +61633763306662373235393262363536653865333363313332336437633566373961646536396461 +38383539643534616361373933646630663331303331323361333931613136383662616563363261 +35336262393266336338393039656236346662373638356166353433656164633236393666666638 +61383738333032323639366532343039353862343665326266313935396432373831323162643039 +33313738383632373966323134306564363130653661396264653738313834633430366130353136 +65393137383431646363343430663734383132323366383062376338616130646630353337353064 +34613337306266656235343836313030343738616536323433326538376561303731306463666235 +65383231383935396662306231626333363763643535626438326166383363303038313966336639 +66633638376664333562633032323766626130306161393135373163363331363134366437353366 +33323266336631633433393432643861356363313032323636326463366131326635343035373366 +39393232363461383763366363623335303833616531323438396362643133326232383838656632 +65393036323264393664303761313035313862653034656434323839396536323563633965316236 +39353065303164323964633739386438356231363564653465396236623164633932326235616634 +66313239323736643238646339386534323330646265633332333537663665383166623538663735 +33386331353333636237616663313963636331353139643931386465653532313137333766323837 +61653139613335633630313464323031653933326438383731326365643934323331323862383464 +31336431656239653364383862373335653131366638316666366637326662333939383738346632 +37323332393862643464343463393934653037393233356466393734366465393538346463643731 +38613765343634316137626466313166336338353934643136396133643739386432323264646535 +39373663393831303030323231353437353135616262323036653239636231303631643339333733 +64393463313461346533353238396361646438393835333663313438333336633163656630333562 +39636234393630656333306533616635343834363733643231383164653062363839363938303837 +34373737303066356532346466643365633934666630656130346238373331323566663866623933 +33316665373730346437616630333635336630333562343335303461666265663437333837396136 +32353738313135333632353961333237353630353337646236663963306634656330396465376435 +31663635313865623738303565343564323461613865643630623832306133343265626166306532 +36353862326130653261656366636464633766393063366163623266616331636637303163373239 +64636633386538643535633732336437616238333435396366636136613861623630383833386333 +61313237616664316232653664316336653231313638636461626236353832303533303662343534 +64613465353337393762646230653537633762336265326361326362323731376133623861356539 +35303638623663613865323336396238623734346665646432303136356565333533623065323735 +61323364343932623133326139303961323239336164353537303866373736303861383338623134 +38346131313633373266353463663233336364346233383738333033636635333235376665373861 +38666536653161353436626632383937363634383830313732643562333733343764346666623331 +31303136636566323433313537303831383033326665646238356537643164386361353932643736 +63366235656333363632623662346564393965303131626531616433363538656665393834626136 +34323533383130396362616630633862656261383036383663643134323238336633343630643963 +65613566306236363233383535393239663430333136363762646638346630643763666330656664 +64323561306234346534356166316562336535326165333163613230646165363063653138356134 +64613131363930663535666135633166623333323165326331336565353039663763633230356238 +34633865666535616461346265393834653835316464663064396363653365633539366637666339 +31613761336561303066623961303935373036353434663363323063396430306237643462303230 +36383131336232363864636430613662396361393661626130356532613935616564306662346530 +30663666363139346630366437666432323031356661383565653666346163656337343138306161 +66323037356238623632643864623663636534323366343561393963356332656336653139353066 +30313638613062363137346430376566393834383238626539663534393938623961633766313936 +36336134336539383031613333373232316633396464303032646661363839383839633563663365 +64643934646330376362613466356632396630313233613832666261313936313132653638626338 +31623766356133313561333164316135386230623034623365343430393434646464623832336438 +35346166616432386435633730623631613162326230626132653662626231303537613631633530 +38646236383439393235383134376262373639373930656231373733656231356565663239383938 +37643533386134343064326532633161393236626537623336643837643733636433343637323161 +65633366393066383332653665666163386266656632623663353232346638633865663532386166 +65333338376364366432396635303036303932663265623765616431613238326331313632663931 +36393939613336316436616161373538396138303333346436633632623766626537336538643132 +35616163383937343161303163326132633535323434653831343762623339376263663161346462 +37353466393336343039313032303362643165383839663663363865333332633839333134313837 +62656639333061343636613239343430333466343433323433373933386530656339336131663733 +38656639386136363534333534623939363262623663643663623535383034633534323539626438 +33393132363261643333636362656233363330653062313039356137313231666664316235383162 +35373334393962653336396335643631623735633432343662386235393032386635346130316236 +64636531363464313637356233326438346261633535363436373163383836373539353864303963 +30326365663461333430353434343361636637303564313033613031393762396533326538643337 +61336666363038626433656433613835613939353233616135376636663261306663303435343737 +37636563306131623230363961376433343530353234333732616233353931313035386631333464 +61353234626263646537306666306463313664643964353565393034396339343439333530376335 +33643033373061663433323065343663373939396338656165373430626234643630343238633833 +39626533396635353964633230373866333933663030323562663736373561353535363363373161 +36646139616635353431396137333932336232316365386637663136376565613338333061396563 +65353434386134636131393633313531353634653439303535343062643939643730666561636339 +63643330333964613430343836323962393633633434616133323839633266383265303230366466 +31626636326635353863333030653338333736626164373234623466663062386366666265653634 +37343339333936656636303238396632656434323733366665383963326130313864616365383837 +37663762303839313466326565366464643733343966353165306461633263356134336239356433 +64376635666262623537646134343235336432303536663832613366656336656363336365363966 +30353662323434353265626137303933343539383833623439303536376332653830373132633534 +30626134636539363939643439323064356435656362353438326661666530616430363164356462 +36636438393834386334376361383033333161333533626163346663383535353537336165346234 +34396538646235303063646663366335643261316637626432363439366436643535613761316535 +30313964323263643965323862356530313231626439326663366161616330333264646532336431 +37653535343834663536366635373865363830343138656262336434656638666435303132383036 +33373537643038303530313332663638376264386637323366616461656231623439613239656566 +30633632343061376536363037376564666332353837636238373265373961356364323739306134 +30353162633631323264333161366230306661383163336666393732666161316138346533613638 +34633439613036633161616137623536636433393665393162313166386562653363386339396464 +64646431663034373461373562313933313135336435373335656635336638343532623066613362 +61323830373464656364303939623562393931616338666431303938626338306463383934303765 +34616263303634653135383261653938333935633264313331643136636338636134653839643431 +65356433653561373466346132633232666638323139333165666666613666653130636463383964 +63626634336531633734303630643135313831636133636664633062303663356261303461353435 +31313531303930613232393364376539623065343538376263366131356237623330646130306662 +66323536376638656132303637363936626165623264313436313763613864646663666162373864 +38343462363637663439326566643737366433316437343931313861353565323036313336323562 +33346464663336613765346530663662373764643331323664656466333031383032363139656233 +37643761316363373431643536373830396565663762643461343663653261333464303736343837 +37306564303837356264303564643030646330343361313933666132623831663531653630396261 +30313631613332343364303836306266653439626134636236386130633037353337333636333366 +35323661383433316335623663656133653433303537333065623565376238383366386363633332 +62656663636363353531366639366366613263623731666635303965313738613031643134383631 +37396637643839353932613437333064313864356536636462326330656665643163383062316130 +32363866656166636232623463346134376263316639666237306136623139656235316537306432 +33383962313264636661306639666236396166633036613634626636376465336234383261323664 +61626436666364653634353833633937616638626538623334653861386464303838616137633162 +38613664646532326638356362623166393236353639396438396164656334313335653335386233 +38336438323134353433643365626230336661613735393739366438393738326238386664633465 +37653635303366393562663233373035306261353239316261626537633265326531626465303863 +37333662636566333364656639316532373335623138663831393032336665636439343666316263 +61636231306638643861653138323366316464633534616361323736383439613339393966383038 +37633861626434666432636264633031623035663932663532663132386635396465356166333133 +33303032643163653062353638333037636266323633346134313433663734383638633331626133 +30303039373330363639373261646135376632366539396333393037333765383434656632386638 +36313161636262316266633739343761373939613336666463656331343164623961333761396330 +33303066636637633635323730663764316136353336653133613763646261643764396566366432 +30643061303266346436616361353739386530333166353730623036393139623963626138376336 +31366561393439633164323738343362336262633637323934383134393232363863633430646465 +34333134346563306536353939373364663735616136643361333038356365626333656631626435 +35336364613236363162353661303432666539323065643565613165633233316664343937393962 +64393062353335393336316536393266356636376339623466386633383231333038333433386136 +33336236633338613636363132386533396462623638393030386537316632633430343233346433 +33613663623961333464313437353263643961316133656339323265653866333664396434666539 +38343037383538396637366436313937346533623661366133353965633132323839366532653363 +31383132383630363337643965356631346633623533383432346266643432666239636563396233 +33663566303666373666393061633432626237373733356666373562303165653561613837316662 +37343738363061663138616430393438643366663361303666613634333962613561663265326165 +32363466656133353639373461633830643532343237656335646266633964353865376535313838 +38326339326533623635616330353764396264336134383365343836303463366632396130376666 +36306266646563656533386662643437616638323138636134633861306662353336343638643266 +30656536633034616437393461326230333639643432663665323864333866373363643434376664 +36316666353561376234343137353233366239643139626137356334373030623166333132626139 +31653232633138653665623666356333363434356634363562363862663734643239643133373363 +63626630633237316364393631396165366466373666643030393831306335366339356562313638 +31333537373665303662393938363139343035623161636531366435616639306639313964346232 +61376239653833323964643539666137396465306238366633363138616430346230353865656462 +32636332393964653132366434623430306161343861666430316563316132613230383538666439 +63613563613365663836313236386464626264383633353462356637316134393239663865646563 +66343834363465663830316262316431386363393564343635376161626432356139373836346362 +31666365353064353561383964393836323033373261386363376534393634303833386662353332 +30393133393735356338303164346265316664323430303261393765386562316633313766336439 +66303561633035383363383966303261636635396461383437333835646231333764616261306661 +31646562386361373261376239623763363363343030383262366233386436363134326133633131 +37386465313438656236396138373962616362363939323662353961373965373132323264626364 +33653563373631626366343032633066616539653665366462346563373061313735323161343936 +37356464306564306530643865393763633637303030333763316130303166306239663034656138 +34393263346364663562343239343531386561313939663464396338366533353861366537643961 +63653931316161343732333730386662326234656561353563316163633436363530383836316566 +61643538623235346334633962323866613731343466303539313535333462363861636533366134 +61353762656134303163613832656334336363326138386163336135623931373133393765343033 +31313530393530306132613730343262633866663330366265353235646537303566306630333834 +65656133626666363032323063303234393533356262633262373430343732343462393730623566 +30363237336530623538633336666430383536663330653333613564653463626630623131336564 +65376135326532616136653938376538633265396638613666363665323736303334636333376162 +38333139313730633137316530623564346233346637326631333564396131333362343735366439 +61373464303265623234613361323939306235656363323763316164333531336539626262613762 +31323863363437326432353463303332613430653831656437613233653237643536333038323137 +37633461383830313461646438353130623736313439306562353439626132643831336134663634 +38336338353938346238333039326434643362336366623132363935373161613732316632336131 +38303436393763623964346264626535626632633031613631613133383231313039326139333432 +31653061373231316162363464663132366135653835656166636432613065653662646638316636 +30663161336135363765386236666366373737346237646665663666303237363838623865623236 +64383434643539663338306266653434363138646264623665646463363462323864643434363666 +30656635656561316436303464316630323466326436323231636634303463306263646431656165 +39616230616662613564613131666365373238646334376434353330626363383666623861643437 +31663661363965666238376236373662333263336138653834666261336134353165316334343537 +33386665316563306266616434393362616438313562326435643834643266393635396237353534 +65386438363930623265626533376364313865323263663365333464666534353437653432393831 +33393131326261616261396430323234623965346438613037326338396631656333663664623232 +36316335346162333032366631653237353931376666623734613862353563616130643463353465 +30313031383834373362393162343330643563626265366234383534373664303239386132383761 +65353465633237333937633063643935353164373832643164313762623162336431613265316664 +37326438616139623161663430363134653035313730663664653233633532383066336538376238 +35336661663931303266316330346631366333613062356139616633666265656364336231626435 +37663236323831366266636631336566633064333164316131373431666231336335613032633164 +35356162353063343934616636323832353063623465623334356336613763363336393433653164 +32323964313564626230336162393537636263643031393763653536386139383863663238383266 +61313934383761366461393537383639663236383761323464636534396464656631613066373339 +35373334396263316235633233616130313732313235646239393939336434343235353137333534 +31383464383931373862636337636233346330316232353263366632623065633865383130306533 +34326532633934333139393230336265626262396264646563313364653236383333306362636636 +32373831666466373461386161386639393136333034333662633234336366663666626132313262 +35626530393532623662316664623738383261336134656234643233343434323361663163663465 +39303466323036643231653565323038306532656230303735326436316433326235303138353834 +38383463353235646266396633326336376236383134343430633863363437613233626336343833 +61396432366161663135386539616238396465366135613136646633643365306162383964623534 +33323938346365326234326137666531323334366137666232353631613261346238343938323639 +33373038626632383864643637353930303064623935396533653163623235306532663963633238 +34623232613933346666383862646665643533616633363263613534373066633636303266633434 +30343933616539383730346137326663333537666632343866313437613762623062616637373032 +62376466643931343237623231626436333065663733343732306263336364663766656266666261 +39636630353537656464663964353864336237343031343466633562613363643862396534643839 +35396337616130326137646162623237666337346638373038326531633532663763663030393364 +35306232313061386534336330623462363634656566326236663536376366326261613738343238 +32633336663232346366383237613964643865623437396363346139613039623361393165613066 +66383234343363333135323535616265633339373335386137316165333165363766343061386138 +35663466613666633932653333633365376637366561643937333331333536333234303031653962 +30303735393730626661346364333130323538623565336634373365353666643364623938613936 +31646561353163316561376666626432386461646630643034633333303435646438636438393231 +36383864386639306265313132353736326630333835623834646566363062646663336465383634 +30646438346235653462623362636237366261343661353764636165666163393565396365343137 +36633430666662643830313465356436353262656534306236373166303165633962336231363830 +38343234353862376530356130323436376133353366353335356464373735313535376432643436 +35613132363463663137666631333066363932613533343039613762393235346366336532616165 +32623838326463386461653430333762313765633138303234353230663664643465343437653937 +63643734646235356232656563323139386335353537383364363437393433613233366561363962 +39346461623331303631663935363437353939666435373664316561343737353037353561333430 +33646335626430626566626137336466323762633135623462623662666637306362353937633661 +34343562666431303362326264616466353237346333363862626166633334303630396631323961 +61336131316561373130623461396439306339663930323834383538666166323137323433623932 +32666334386461386337633465383866313636363036653662336364633937363066613731376432 +30636230316261353331393963363339333035643561393533396239373666633333333237636636 +63323739323461663362303430383765313538356536633735633332356232663665306334326636 +63626666396461643238326166356266383137383530663636313134393933656465343033623136 +30356239383937316330663461643735626130306531343837356439356337396436343339356237 +32623033646161333561346536643639333831396435653362643737396535653462343066366161 +32393639653165383137383663323939623832303437393531313963653634623064653664363563 +61326335623739343634636633336665353061353636316233326331323566316237386562326534 +34663265386239373634623335383835666465333463353731343566623633613336306562313836 +64303166343530663962663034393630623534383339386163653337336164383330613361643436 +32343864336564323962313764363735623632373834386635323532336234643136393233643662 +38616435366165613366363238306331396165616130666165626430333865383038346332656137 +62333662383462663531386165643737343937653936623863633662333433376466643866643562 +35323961376263393166323930623661313162323330363265333164663437646439316364336131 +31623230373661383232656463353134666435663839643439643831623865613830323635393363 +36303531343363376437623833393630306632323461616631616634666262383366343730663636 +35363165366235396633643637343263373266356532643036316562386339383739623836616666 +66343839636365336634663363366664643238346435323466626362343236616364636231343365 +61616530336262643237633939376662666165333437626566393637383635363066653163623265 +31336334323638366565306466326639363939643061303031376564356436366532663162656331 +30353933333262303161643730626163656135646639313163316334643439346238666663653235 +37393164356139663634306261656464393933316237323530353834333634343035356165663639 +31343632383065363339633166323762666330626337333439643038373364346130393638323363 +65656435303662333630613966643763396662376461313536656639666262616234363338623961 +31666433626265643232643064353032653437393964616134623436363839326635333531303334 +35653430366636353737366130346564633336363662633162333534383532393830313762326337 +35373866646630383436306131313833343261363238353838623063663263386465383438636632 +31396362373935653935646435353538396138373130663239346330383531366535313661323135 +64313931633463636232666635633034663131666130653731636233623139613439396532376235 +37353563616335353066643765663634343431626364666338663661663330343639616133326634 +34313733386463326538326331393061343231303138663132646563633735396135373737616330 +39343762383266643836386631626261336561656334626365656136323636393532383864303963 +66316363333864663534616434356430313132646530303234396436346362396663613235663066 +32326364373530663166326565656231666363356134386232333833343437616230306666626165 +61313566636135393438343838356132653464663239643463373963613161313366383834663438 +64303732356335306530393139316666633865343866373435376335353236656536313137663162 +32613037643839336236613631343932376462623637333837353864356533323537393361646635 +33373062633932356561653135313631396631623165646539336462613537343463613838643665 +61656361316135326564643866303934663062303734393566636134323538303335313830353631 +38666131306238313138356436366136626132363332393237653138326538393964356466343030 +61326135666266346539616135393533626135663635356235366435316433653261656339306635 +32326362383165653866346238343166613162383131383365343139306336393238666434313364 +34663762613032663737333566373062396633363332343262376634663562323965306262303964 +36636362353062323261373261393863366337626362343633643765653836613561333764396161 +35333639343262616337303535383461336531623035623437646566393762366366633732373838 +63663635616235656562616262303535393631626366633665366338386631396165313331653735 +31336234336131303565663533613033313434663234363461633532343634313930306165663064 +31613730393564663731393634303830626539366433623066363532643438653338646563366363 +62616662613264636630336330616361346461383862626562303263333537646563346139396165 +33636231363334373161353863326538666633346636313536663432326537313232646463626132 +32653136393961376233626333646233323263313431333237323331323962613862336266353962 +32306234643334633734333031373062363935336432313764366138663535353761373039316236 +62653239346661653037313066663165376233623766636433363266303530643833306530636334 +38356535663163393461633263393430646130376430623331333131373864643933353831623235 +38326530323066376364323039386363343232666265313162346433343538663564373533646630 +35616164333831636332386631336366313436383134646231383936366364653639323564343038 +34383434366238323430316630326265323535343131386365363464363832366634643539333231 +64323535353830386137313730333738366139623565626337633135373139343165343730646137 +39636662653065346239646162306361326663353737663433346432303539306238636262646638 +32623063616364653461303730636465613336653963366462386263343162323836353238383534 +37343834323965643862336139366463343733333262653130376137663339303239356136656631 +31383666393038613030366137396333336666646631373938323535363431613564343135313831 +38616235376634613765323164643238666432326534303837393634386437313635623838626364 +37323433623562383439333661346533373366643638343361366635393931643132376232313634 +63626139373462373331306465353534653663326365633961313635363264363061623437663731 +61313564383633343435306562306335376263633965653531663139383261666532616335663537 +66623363313137353538663662646362613961313566376565333163636430353736376564303166 +65303939636332643334663033663736306331396332636436383864303036623634323433653936 +65623830653864326338303936356132653931623631356264323235663261356566613533626166 +65383134663138666261636439623164336536383431663734633839623736623237343834663562 +66616636366138303538663431383438626230386132333366346333643165333234373234333461 +31333464626136396239376166643534346231323035613264643861643662623439376566313734 +35326264303230393938303331326562636465353436643633353931396237353763623936646432 +36313965313736353864396239383062653436613662313933626635326632643236343834653630 +32623832373565663539386364646139643533313361316161613935306464623962383463623830 +33333265393061346134356431333362623661616433636135353665303763613566313064383830 +64396131336339656337323764613365626530353032393438303030373731366664363739323034 +30386135653735313331633464363864373634336633313339373164303837653535336431383861 +30613732666366613564613133616130376238663566353264313538633966363963643562366339 +37663636396339303964613035663433376133333861636264316534373538633738396231396132 +61613137393030336665383834646433613962363538366365396630366362643830383064386532 +31343531376332613839303038323738663161363737643133613536396636333135643266303663 +30643530356265613038353962666130373038333365623330323062356632386630313261616639 +32333032306636326139373035373937336134333339666461343735623430613438633463396133 +65356665616231636537656132646633663139663137313266613165323766623636316431623631 +66393632323639613231613461393362346332666633383862616462323936636133613063613866 +39616231306538616337333530333131343139623665303436386539336431656333373462623839 +65303138626639656338303262316262303236623435333934616533343562656162396631383062 +30393231396534346631366363616661623939643833336463613838366565303236356333323335 +33643038336161633339663834313233306165376631383665356565316165383863313734633438 +30643462393463626531313930623463356162343336376636383635636431343033343030383734 +37353062386537393435643563636462633239653432653661626232346135643066643538333938 +36303062666137633134653866313631623635643936386336386137333933336564616666383639 +66303437303833386162626139313262333063306235313938663539306565316239316231626130 +65313739383234353934326363373733333736336231623939636662313235636639303334333966 +36336130316436373265643666616264633562376638633731386237346232393934663338326530 +30643963336565373137626666343831646437333039386132356432336633323565316261653361 +39393938326363373062396131376165343132613763643333393135303166346433313764346136 +64343934626433393433656338656163623435386565616464306162363564346162373066313939 +38333661623636356138333763303931333935333238383434316664633131333765393264633830 +39653837343537373332343331383333353665306161383563383433393937383966633236353835 +31613666666164333936383134626634316634643032313037383236626333306538623339613562 +63346539313733373161323430373239393565623535393938313838656234396533396364383865 +39623831336266633335303666623861333736313232336132393963626538303065396335633938 +32333339343630373365613364343635623734333036333062633761333265333735636663663635 +38356630626630396633636362643162376164306538343166393161633933653131633532336164 +63336231653263323362366465376234333931343565333436326635326330623831636131646136 +34346635326361613266383030343238343362306635313737303961306463363039386433383465 +65343465353932613237326263356531343837663163613138366461643464303865373939366535 +62383739383539643665366332353834626465613366366234353834626536653533633936353839 +33323565626365656132316530323133613030316530653930323935633633373232306236666431 +33363131366430623866626431613433393138396662636632633230316336633764613837323136 +61373832663862663065393136646433396366346438333739656431636139343630316637333964 +30626231656533353037656235646632393466343334666130616365336530316532633739343632 +39663132633562313163646439623931396634316436663839346431356334636230313739333130 +31396436376338353063316532313562656366653032333937373631343864353734633130363562 +61373262343933353365333636613532653063393063373966613035346561643765656437353832 +30646463663639303764373134363232656664623432356339336636333338366564336633343034 +36623737616663353963626638613762616437666130623834376435623462393562336632323764 +64616638636139383630626539656332306161363531613534333462313866393131346431623637 +32616338666565343633356462373565336638616334313831613463326235663364313534383930 +36356561656230333332366339623738633531396630643661663637633036376337346464353431 +63316632363565373035323636326332633737303730383163396561346636373565343066333035 +31396665353339653331613537623130333262323630333430326365616133336465623264636161 +64373532653834386538383732343362366461323436633962636164616332333031336264343638 +31346239663539626265356163613430366434663262396335663565636531363731386565616532 +31343761663162366439303632386330663965396133353065346366363139636164303531613330 +64393137316237303663616564616235313766646266363261323130653536636330306535666637 +62616362316333663430656134613464653165303839363939373037386531633031636132336165 +38383736643631616166346535653564396131643765643637616430323231323637343661326235 +61613166643732336563623466396633356436336438613036343264313366303637313238646637 +32616563336363333535323962386531656464333364323739393862656466666263383230663662 +66336339396339306433366531623063653131633135663163653964663163396366313532626261 +34383733653933396466353434366434323037663537326333363866323437303662613330653661 +39336263633533363636316161653238336463316438396465653430613930396630353937313166 +65643266666536616337383465663133646336623161306435626435353062623438356330323165 +38633034663364633234663863623335323735616163363834383832653334383539353734623235 +35333462313630363936386562666637363934626638653230363933633731373030613335303165 +31396335373237393332333330343238363634303939343864323133386165336631613833346363 +36306636326364316337613062326539313635346134363865663634353130373466313038363332 +38326164323130346363633330656436666534303965653237313866393130636661356230323963 +36373439346338323830393736373765366136306533633832323863336231346362643430323966 +35313839396234363531653332376331336366666237616131383261346530643431346166646162 +37633533656436373432636238623266323366386534303265353661353565343363373066653262 +66343162313765636565353633643364316135326135326335396565633764363763373562383137 +61666639363838653766336434393963326562346337393835323033323630623637383030633532 +64323235343661653033333161393861663165626239663463646465663861356662386238396636 +64333539393763363539373566373839373030613233313332376363653931393062393130346661 +31303262653034613235646662633435336331376239376535313663653339643838323139616563 +65626537616239633830623965393363393134623064303663323934613335343335663363306639 +32626337643936373334653234313239336631326635386430323939363131666235373236633036 +65383066353962386266353363386533386138386664313733633534356331353062323130613230 +63626637653231663334383161613839333761663133386237636435313834383931326234363033 +64373263323731613738626532633566376236356233376438613266326365333961663730333063 +37346331393933306264633262626563666661663366383766343066663130343664 diff --git a/vm/scripts/pve/k8s/apps/apinto/enterprise/apinto-cluster-role.yml b/vm/scripts/pve/k8s/apps/apinto/enterprise/apinto-cluster-role.yml new file mode 100644 index 00000000..954ddcfe --- /dev/null +++ b/vm/scripts/pve/k8s/apps/apinto/enterprise/apinto-cluster-role.yml @@ -0,0 +1,155 @@ +--- +aggregationRule: + clusterRoleSelectors: + - matchLabels: + rbac.authorization.k8s.io/aggregate-to-view: 'true' +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + annotations: + rbac.authorization.kubernetes.io/autoupdate: 'true' + labels: + kubernetes.io/bootstrapping: rbac-defaults + rbac.authorization.k8s.io/aggregate-to-edit: 'true' + name: view +rules: + - apiGroups: + - '' + resources: + - configmaps + - endpoints + - persistentvolumeclaims + - persistentvolumeclaims/status + - pods + - replicationcontrollers + - replicationcontrollers/scale + - serviceaccounts + - services + - services/status + verbs: + - get + - list + - watch + - apiGroups: + - '' + resources: + - bindings + - events + - limitranges + - namespaces/status + - pods/log + - pods/status + - replicationcontrollers/status + - resourcequotas + - resourcequotas/status + verbs: + - get + - list + - watch + - apiGroups: + - '' + resources: + - namespaces + verbs: + - get + - list + - watch + - apiGroups: + - apps + resources: + - controllerrevisions + - daemonsets + - daemonsets/status + - deployments + - deployments/scale + - deployments/status + - replicasets + - replicasets/scale + - replicasets/status + - statefulsets + - statefulsets/scale + - statefulsets/status + verbs: + - get + - list + - watch + - apiGroups: + - autoscaling + resources: + - horizontalpodautoscalers + - horizontalpodautoscalers/status + verbs: + - get + - list + - watch + - apiGroups: + - batch + resources: + - cronjobs + - cronjobs/status + - jobs + - jobs/status + verbs: + - get + - list + - watch + - apiGroups: + - extensions + resources: + - daemonsets + - daemonsets/status + - deployments + - deployments/scale + - deployments/status + - ingresses + - ingresses/status + - networkpolicies + - replicasets + - replicasets/scale + - replicasets/status + - replicationcontrollers/scale + verbs: + - get + - list + - watch + - apiGroups: + - policy + resources: + - poddisruptionbudgets + - poddisruptionbudgets/status + verbs: + - get + - list + - watch + - apiGroups: + - networking.k8s.io + resources: + - ingresses + - ingresses/status + - networkpolicies + verbs: + - get + - list + - watch + - apiGroups: + - metrics.k8s.io + resources: + - pods + - nodes + verbs: + - get + - list + - watch + - apiGroups: + - tekton.dev + resources: + - tasks + - taskruns + - pipelines + - pipelineruns + - pipelineresources + - conditions + verbs: + - get + - list + - watch \ No newline at end of file diff --git a/vm/scripts/pve/k8s/apps/apinto/enterprise/apinto-gateway.yml b/vm/scripts/pve/k8s/apps/apinto/enterprise/apinto-gateway.yml new file mode 100644 index 00000000..0bbb9cbb --- /dev/null +++ b/vm/scripts/pve/k8s/apps/apinto/enterprise/apinto-gateway.yml @@ -0,0 +1,81 @@ +--- +apiVersion: apps/v1 +kind: StatefulSet +metadata: + annotations: {} + labels: + k8s.kuboard.cn/name: apinto-gateway-stateful + name: apinto-gateway-stateful + namespace: apinto +spec: + replicas: 3 + revisionHistoryLimit: 3 + selector: + matchLabels: + k8s.kuboard.cn/name: apinto-gateway-stateful + serviceName: apinto-gateway-stateful + template: + metadata: + labels: + k8s.kuboard.cn/name: apinto-gateway-stateful + spec: + containers: + - env: + - name: POD_IP + valueFrom: + fieldRef: + apiVersion: v1 + fieldPath: status.podIP + - name: SVC_NAME + value: apinto-gateway-stateful + - name: SVC_NAMESPACE + valueFrom: + fieldRef: + apiVersion: v1 + fieldPath: metadata.namespace + - name: APINTO_ADMIN_PORT + value: '9401' + - name: SVC_TOKEN + valueFrom: + secretKeyRef: + key: token + name: apinto-token + image: 'eolinker/apinto-gateway' + imagePullPolicy: Always + lifecycle: + postStart: + exec: + command: + - /bin/bash + - '-c' + - nohup bash /apinto/join.sh >nohup.out 2>&1 & + preStop: + exec: + command: + - /bin/bash + - '-c' + - bash /apinto/leave.sh + name: apinto-gateway-stateful + volumeMounts: + - mountPath: /var/lib/apinto + name: apinto-gateway-app + subPath: data/ + - mountPath: /var/log/apinto + name: apinto-gateway-app + subPath: log/ + restartPolicy: Always + volumeClaimTemplates: + - apiVersion: v1 + kind: PersistentVolumeClaim + metadata: + annotations: + k8s.kuboard.cn/pvcType: Dynamic + name: apinto-gateway-app + spec: + accessModes: + - ReadWriteOnce + resources: + requests: + storage: 5G + storageClassName: nfs-csi + volumeMode: Filesystem \ No newline at end of file diff --git a/vm/scripts/pve/k8s/apps/apinto/enterprise/apinto-service-account.yml b/vm/scripts/pve/k8s/apps/apinto/enterprise/apinto-service-account.yml new file mode 100644 index 00000000..634ecdd7 --- /dev/null +++ b/vm/scripts/pve/k8s/apps/apinto/enterprise/apinto-service-account.yml @@ -0,0 +1,31 @@ +--- +apiVersion: v1 +kind: ServiceAccount +metadata: + name: apinto + namespace: apinto + +--- +apiVersion: v1 +kind: Secret +metadata: + annotations: + kubernetes.io/service-account.name: apinto + name: apinto-token + namespace: apinto +type: kubernetes.io/service-account-token + +--- +kind: RoleBinding +apiVersion: rbac.authorization.k8s.io/v1 +metadata: + name: role-bind-apinto + namespace: apinto +subjects: + - kind: ServiceAccount + name: apinto + namespace: apinto +roleRef: + kind: ClusterRole + name: view + apiGroup: rbac.authorization.k8s.io \ No newline at end of file diff --git a/vm/scripts/pve/k8s/apps/apinto/enterprise/config.yml b/vm/scripts/pve/k8s/apps/apinto/enterprise/config.yml new file mode 100644 index 00000000..b3beead9 --- /dev/null +++ b/vm/scripts/pve/k8s/apps/apinto/enterprise/config.yml @@ -0,0 +1,38 @@ +$ANSIBLE_VAULT;1.1;AES256 +31646633306330633962303935396637396564326234383363373566396330386537346664636439 +3363363030383438376237626265636664633531393730310a363435386664663633616162653830 +63653866643466646138356563616465396534393362653738373337663535653935353532376264 +6133363066336535660a303661356530346363656536666634376538323563323764376230666638 +37356531313262616135316337613334663065333930656137633232396539356262313937323064 +36386532373436316536643139393362326165613866376538396263343364353730353231393430 +38333234626638303962303231653866656664366230636133343565633232663634333532316333 +31303730393062336436333933383966613139643365623532373036613064663236383861643932 +62373133656430653632636531633165643361366234373734353864633934316266376333306530 +65336438356662663536366130373336363265646265363038663236393063633634333536323433 +32636537323835383638346564393364653131643362656564386562623731333639373863366263 +30373632333734323466613239623066386634613332363762313563386238633361393533333835 +39333862316263613263373061663735313239613161326231323735343733613765353430653031 +36326436663836323365323035663938643036336135303965366665356638316636366637613164 +39663262396438326538363531383939626533376264383265353463303938383038366438346431 +37393333346134383134376537353833313934363436623163336135313631323934306430666530 +37373938393566333363633732363432643836633364376361616430333936393363306661333639 +61313834393433643231623062666362613561373530333234623832366263376563346536646661 +37336232343863626436336130653739363366343835346433356162383334616366326437633430 +36363265343832303136383862343064336461343532326436643830623763353766303562623433 +62663032626434353666633539373533623734633433613834363362663538616364316661326138 +35366163643434333366323963653935363536613736333636386439393162316238346433646361 +65633233363534366562313661326336366238343939383834353164633263666438343935313434 +37306433643466316334663333386138323665366134323736613763386639353435613766346437 +35343631326437393163393033323131663065313861396562373137336461316463343461343064 +62333966616631393437343363323337386234613264356333656166326336623865633031393531 +62396534323866633965366361653561353365373564353630316136663932643237663364633333 +30366136303436336335353139303832313562356565616538366238343339623834363032663430 +36643539316438366134383166623766303431363832396130633635383037343262663462656361 +37363565326635396239306336386431633764346461376135646235356236373065373339383634 +37373534353131643033343961383430663861616136386262616132366434643837623231663236 +66613964636465663837373462313331383138383133633833356434323234336532386261323339 +32613063353031383538363331656663383061346364383734323538386231333633336261353534 +33303637336332396266653934303537373761613161333863366465326338343430396563636665 +30343832393364613266333133613963376134656232373738346462376131653861626337333231 +34633034343038363538393133333934326338646133623661376137333062323939326335626264 +3035 diff --git a/vm/scripts/pve/k8s/apps/apinto/enterprise/docker-eolink.yml b/vm/scripts/pve/k8s/apps/apinto/enterprise/docker-eolink.yml new file mode 100644 index 00000000..3f44ca2f --- /dev/null +++ b/vm/scripts/pve/k8s/apps/apinto/enterprise/docker-eolink.yml @@ -0,0 +1,11 @@ +--- +apiVersion: v1 +data: + .dockerconfigjson: >- + eyJhdXRocyI6eyJodHRwczovL2RvY2tlci5lb2xpbmtlci5jb20iOnsidXNlcm5hbWUiOiJlb2xpbmtlciIsInBhc3N3b3JkIjoiRW9saW5rZXIxMjMiLCJhdXRoIjoiWlc5c2FXNXJaWEk2Ulc5c2FXNXJaWEl4TWpNPSJ9fX0= +immutable: false +kind: Secret +metadata: + name: docker-eolinker + namespace: apinto +type: kubernetes.io/dockerconfigjson \ No newline at end of file diff --git a/vm/scripts/pve/k8s/apps/apinto/enterprise/namespace.yml b/vm/scripts/pve/k8s/apps/apinto/enterprise/namespace.yml new file mode 100644 index 00000000..26b314ef --- /dev/null +++ b/vm/scripts/pve/k8s/apps/apinto/enterprise/namespace.yml @@ -0,0 +1,5 @@ +--- +apiVersion: v1 +kind: Namespace +metadata: + name: apinto \ No newline at end of file diff --git a/vm/scripts/pve/k8s/apps/apinto/enterprise/pvc.yml b/vm/scripts/pve/k8s/apps/apinto/enterprise/pvc.yml new file mode 100644 index 00000000..a2d6aa42 --- /dev/null +++ b/vm/scripts/pve/k8s/apps/apinto/enterprise/pvc.yml @@ -0,0 +1,145 @@ +--- +apiVersion: v1 +kind: PersistentVolumeClaim +metadata: + labels: + app: redis-app + name: redis-data-redis-app-0 + namespace: apinto +spec: + accessModes: + - ReadWriteOnce + resources: + requests: + storage: 200M + volumeMode: Filesystem + storageClassName: nfs-csi + +--- +apiVersion: v1 +kind: PersistentVolumeClaim +metadata: + labels: + app: redis-app + name: redis-data-redis-app-1 + namespace: apinto +spec: + accessModes: + - ReadWriteOnce + resources: + requests: + storage: 200M + volumeMode: Filesystem + storageClassName: nfs-csi + +--- +apiVersion: v1 +kind: PersistentVolumeClaim +metadata: + labels: + app: redis-app + name: redis-data-redis-app-2 + namespace: apinto +spec: + accessModes: + - ReadWriteOnce + resources: + requests: + storage: 200M + volumeMode: Filesystem + storageClassName: nfs-csi + +--- +apiVersion: v1 +kind: PersistentVolumeClaim +metadata: + labels: + app: redis-app + name: redis-data-redis-app-3 + namespace: apinto +spec: + accessModes: + - ReadWriteOnce + resources: + requests: + storage: 200M + volumeMode: Filesystem + storageClassName: nfs-csi + +--- +apiVersion: v1 +kind: PersistentVolumeClaim +metadata: + labels: + app: redis-app + name: redis-data-redis-app-4 + namespace: apinto +spec: + accessModes: + - ReadWriteOnce + resources: + requests: + storage: 200M + volumeMode: Filesystem + storageClassName: nfs-csi + +--- +apiVersion: v1 +kind: PersistentVolumeClaim +metadata: + labels: + app: redis-app + name: redis-data-redis-app-5 + namespace: apinto +spec: + accessModes: + - ReadWriteOnce + resources: + requests: + storage: 200M + volumeMode: Filesystem + storageClassName: nfs-csi + +--- +apiVersion: v1 +kind: PersistentVolumeClaim +metadata: + name: mysql-pvc + namespace: apinto +spec: + accessModes: + - ReadWriteOnce + resources: + requests: + storage: 30G + volumeMode: Filesystem + storageClassName: nfs-csi +--- +apiVersion: v1 +kind: PersistentVolumeClaim +metadata: + name: influxdb-pvc + namespace: apinto +spec: + accessModes: + - ReadWriteOnce + resources: + requests: + storage: 15G + volumeMode: Filesystem + storageClassName: nfs-csi + +--- +apiVersion: v1 +kind: PersistentVolumeClaim +metadata: + name: apikit-user-center-pvc + namespace: apinto +spec: + accessModes: + - ReadWriteOnce + resources: + requests: + storage: 1G + volumeMode: Filesystem + storageClassName: nfs-csi \ No newline at end of file diff --git a/vm/scripts/pve/k8s/apps/apinto/enterprise/redis-app.yml b/vm/scripts/pve/k8s/apps/apinto/enterprise/redis-app.yml new file mode 100644 index 00000000..0da5494c --- /dev/null +++ b/vm/scripts/pve/k8s/apps/apinto/enterprise/redis-app.yml @@ -0,0 +1,59 @@ +--- +apiVersion: apps/v1 +kind: StatefulSet +metadata: + name: redis-app + namespace: apinto +spec: + serviceName: "redis-service" + replicas: 6 + template: + metadata: + labels: + app: redis-app + spec: + terminationGracePeriodSeconds: 20 + containers: + - name: redis + image: docker.eolinker.com/docker/redis:6.2.7 + command: + - "redis-server" + env: + - name: NAMESPACE + valueFrom: + fieldRef: + apiVersion: v1 + fieldPath: metadata.namespace + args: + - "/etc/redis/redis.conf" + - "--protected-mode" + - "no" + resources: + requests: + cpu: "100m" + memory: "100Mi" + volumeMounts: + - name: "redis-conf" + mountPath: "/etc/redis" + - name: "redis-data" + mountPath: "/var/lib/redis" + imagePullSecrets: + - name: docker-eolinker + volumes: + - name: "redis-conf" + configMap: + name: "redis-conf" + items: + - key: "redis.conf" + path: "redis.conf" + volumeClaimTemplates: + - metadata: + name: redis-data + spec: + accessModes: [ "ReadWriteOnce" ] + resources: + requests: + storage: 200M + selector: + matchLabels: + app: redis-app \ No newline at end of file diff --git a/vm/scripts/pve/k8s/apps/apinto/enterprise/service.yml b/vm/scripts/pve/k8s/apps/apinto/enterprise/service.yml new file mode 100644 index 00000000..6f2095ca --- /dev/null +++ b/vm/scripts/pve/k8s/apps/apinto/enterprise/service.yml @@ -0,0 +1,151 @@ +--- +apiVersion: v1 +kind: Service +metadata: + name: redis-service + namespace: apinto + labels: + app: redis-app +spec: + ports: + - name: redis-port + port: 6379 + selector: + app: redis-app +--- +apiVersion: v1 +kind: Service +metadata: + name: redis-access-service + namespace: apinto + labels: + app: redis-app +spec: + ports: + - name: redis-port + protocol: "TCP" + port: 6379 + targetPort: 6379 + selector: + app: redis-app + +--- +apiVersion: v1 +kind: Service +metadata: + annotations: {} + labels: + k8s.kuboard.cn/name: influxdb + name: influxdb + namespace: apinto +spec: + externalTrafficPolicy: Cluster + ports: + - name: influx + nodePort: 31086 + port: 8086 + protocol: TCP + targetPort: 8086 + selector: + k8s.kuboard.cn/name: influxdb + sessionAffinity: None + type: NodePort + +--- +apiVersion: v1 +kind: Service +metadata: + annotations: {} + labels: + k8s.kuboard.cn/name: apinto-dashboard + name: apinto-dashboard + namespace: apinto +spec: + externalTrafficPolicy: Cluster + ports: + - name: service + nodePort: 31190 + port: 8080 + protocol: TCP + targetPort: 8080 + selector: + k8s.kuboard.cn/name: apinto-dashboard + sessionAffinity: ClientIP + sessionAffinityConfig: + clientIP: + timeoutSeconds: 10800 + type: NodePort + +--- +apiVersion: v1 +kind: Service +metadata: + labels: + k8s.kuboard.cn/name: apinto-depend + name: apinto-depend + namespace: apinto +spec: + ports: + - name: mysql + port: 3306 + protocol: TCP + targetPort: 3306 + - name: user-center + port: 19007 + protocol: TCP + targetPort: 19007 + selector: + k8s.kuboard.cn/name: apinto-depend + type: ClusterIP +--- +apiVersion: v1 +kind: Service +metadata: + annotations: {} + labels: + k8s.kuboard.cn/name: apinto-plugin + name: apinto-plugin + namespace: apinto +spec: + ports: + - name: apinto-monitor + port: 8080 + protocol: TCP + targetPort: 8080 + - name: apinto-user-center + port: 9080 + protocol: TCP + targetPort: 9080 + selector: + k8s.kuboard.cn/name: apinto-plugin + type: ClusterIP + +--- +apiVersion: v1 +kind: Service +metadata: + annotations: {} + labels: + k8s.kuboard.cn/name: apinto-gateway-stateful + name: apinto-gateway-stateful + namespace: apinto +spec: + ports: + - name: http + nodePort: 31189 + port: 8099 + protocol: TCP + targetPort: 8099 + - name: admin + nodePort: 31194 + port: 9400 + protocol: TCP + targetPort: 9400 + - name: cluster + nodePort: 31191 + port: 9401 + protocol: TCP + targetPort: 9401 + type: NodePort + selector: + k8s.kuboard.cn/name: apinto-gateway-stateful \ No newline at end of file