Add Flux v2.6.4 component manifests · bram.gotink.be/macharian@8b5bfdd

+13032

1 changed file

expand all

kubernetes

flux

flux-system

gotk-components.yaml

+13032

kubernetes/flux/flux-system/gotk-components.yaml

··· 1 + --- 2 + # This manifest was generated by flux. DO NOT EDIT. 3 + # Flux Version: v2.6.4 4 + # Components: source-controller,kustomize-controller,helm-controller,notification-controller 5 + apiVersion: v1 6 + kind: Namespace 7 + metadata: 8 + labels: 9 + app.kubernetes.io/instance: flux-system 10 + app.kubernetes.io/part-of: flux 11 + app.kubernetes.io/version: v2.6.4 12 + pod-security.kubernetes.io/warn: restricted 13 + pod-security.kubernetes.io/warn-version: latest 14 + name: flux-system 15 + --- 16 + apiVersion: networking.k8s.io/v1 17 + kind: NetworkPolicy 18 + metadata: 19 + labels: 20 + app.kubernetes.io/instance: flux-system 21 + app.kubernetes.io/part-of: flux 22 + app.kubernetes.io/version: v2.6.4 23 + name: allow-egress 24 + namespace: flux-system 25 + spec: 26 + egress: 27 + - {} 28 + ingress: 29 + - from: 30 + - podSelector: {} 31 + podSelector: {} 32 + policyTypes: 33 + - Ingress 34 + - Egress 35 + --- 36 + apiVersion: networking.k8s.io/v1 37 + kind: NetworkPolicy 38 + metadata: 39 + labels: 40 + app.kubernetes.io/instance: flux-system 41 + app.kubernetes.io/part-of: flux 42 + app.kubernetes.io/version: v2.6.4 43 + name: allow-scraping 44 + namespace: flux-system 45 + spec: 46 + ingress: 47 + - from: 48 + - namespaceSelector: {} 49 + ports: 50 + - port: 8080 51 + protocol: TCP 52 + podSelector: {} 53 + policyTypes: 54 + - Ingress 55 + --- 56 + apiVersion: networking.k8s.io/v1 57 + kind: NetworkPolicy 58 + metadata: 59 + labels: 60 + app.kubernetes.io/instance: flux-system 61 + app.kubernetes.io/part-of: flux 62 + app.kubernetes.io/version: v2.6.4 63 + name: allow-webhooks 64 + namespace: flux-system 65 + spec: 66 + ingress: 67 + - from: 68 + - namespaceSelector: {} 69 + podSelector: 70 + matchLabels: 71 + app: notification-controller 72 + policyTypes: 73 + - Ingress 74 + --- 75 + apiVersion: v1 76 + kind: ResourceQuota 77 + metadata: 78 + labels: 79 + app.kubernetes.io/instance: flux-system 80 + app.kubernetes.io/part-of: flux 81 + app.kubernetes.io/version: v2.6.4 82 + name: critical-pods-flux-system 83 + namespace: flux-system 84 + spec: 85 + hard: 86 + pods: "1000" 87 + scopeSelector: 88 + matchExpressions: 89 + - operator: In 90 + scopeName: PriorityClass 91 + values: 92 + - system-node-critical 93 + - system-cluster-critical 94 + --- 95 + apiVersion: rbac.authorization.k8s.io/v1 96 + kind: ClusterRole 97 + metadata: 98 + labels: 99 + app.kubernetes.io/instance: flux-system 100 + app.kubernetes.io/part-of: flux 101 + app.kubernetes.io/version: v2.6.4 102 + name: crd-controller-flux-system 103 + rules: 104 + - apiGroups: 105 + - source.toolkit.fluxcd.io 106 + resources: 107 + - '*' 108 + verbs: 109 + - '*' 110 + - apiGroups: 111 + - kustomize.toolkit.fluxcd.io 112 + resources: 113 + - '*' 114 + verbs: 115 + - '*' 116 + - apiGroups: 117 + - helm.toolkit.fluxcd.io 118 + resources: 119 + - '*' 120 + verbs: 121 + - '*' 122 + - apiGroups: 123 + - notification.toolkit.fluxcd.io 124 + resources: 125 + - '*' 126 + verbs: 127 + - '*' 128 + - apiGroups: 129 + - image.toolkit.fluxcd.io 130 + resources: 131 + - '*' 132 + verbs: 133 + - '*' 134 + - apiGroups: 135 + - "" 136 + resources: 137 + - namespaces 138 + - secrets 139 + - configmaps 140 + - serviceaccounts 141 + verbs: 142 + - get 143 + - list 144 + - watch 145 + - apiGroups: 146 + - "" 147 + resources: 148 + - events 149 + verbs: 150 + - create 151 + - patch 152 + - apiGroups: 153 + - "" 154 + resources: 155 + - configmaps 156 + verbs: 157 + - get 158 + - list 159 + - watch 160 + - create 161 + - update 162 + - patch 163 + - delete 164 + - apiGroups: 165 + - "" 166 + resources: 167 + - configmaps/status 168 + verbs: 169 + - get 170 + - update 171 + - patch 172 + - apiGroups: 173 + - coordination.k8s.io 174 + resources: 175 + - leases 176 + verbs: 177 + - get 178 + - list 179 + - watch 180 + - create 181 + - update 182 + - patch 183 + - delete 184 + - apiGroups: 185 + - "" 186 + resources: 187 + - serviceaccounts/token 188 + verbs: 189 + - create 190 + - nonResourceURLs: 191 + - /livez/ping 192 + verbs: 193 + - head 194 + --- 195 + apiVersion: rbac.authorization.k8s.io/v1 196 + kind: ClusterRole 197 + metadata: 198 + labels: 199 + app.kubernetes.io/instance: flux-system 200 + app.kubernetes.io/part-of: flux 201 + app.kubernetes.io/version: v2.6.4 202 + rbac.authorization.k8s.io/aggregate-to-admin: "true" 203 + rbac.authorization.k8s.io/aggregate-to-edit: "true" 204 + name: flux-edit-flux-system 205 + rules: 206 + - apiGroups: 207 + - notification.toolkit.fluxcd.io 208 + - source.toolkit.fluxcd.io 209 + - helm.toolkit.fluxcd.io 210 + - image.toolkit.fluxcd.io 211 + - kustomize.toolkit.fluxcd.io 212 + resources: 213 + - '*' 214 + verbs: 215 + - create 216 + - delete 217 + - deletecollection 218 + - patch 219 + - update 220 + --- 221 + apiVersion: rbac.authorization.k8s.io/v1 222 + kind: ClusterRole 223 + metadata: 224 + labels: 225 + app.kubernetes.io/instance: flux-system 226 + app.kubernetes.io/part-of: flux 227 + app.kubernetes.io/version: v2.6.4 228 + rbac.authorization.k8s.io/aggregate-to-admin: "true" 229 + rbac.authorization.k8s.io/aggregate-to-edit: "true" 230 + rbac.authorization.k8s.io/aggregate-to-view: "true" 231 + name: flux-view-flux-system 232 + rules: 233 + - apiGroups: 234 + - notification.toolkit.fluxcd.io 235 + - source.toolkit.fluxcd.io 236 + - helm.toolkit.fluxcd.io 237 + - image.toolkit.fluxcd.io 238 + - kustomize.toolkit.fluxcd.io 239 + resources: 240 + - '*' 241 + verbs: 242 + - get 243 + - list 244 + - watch 245 + --- 246 + apiVersion: rbac.authorization.k8s.io/v1 247 + kind: ClusterRoleBinding 248 + metadata: 249 + labels: 250 + app.kubernetes.io/instance: flux-system 251 + app.kubernetes.io/part-of: flux 252 + app.kubernetes.io/version: v2.6.4 253 + name: cluster-reconciler-flux-system 254 + roleRef: 255 + apiGroup: rbac.authorization.k8s.io 256 + kind: ClusterRole 257 + name: cluster-admin 258 + subjects: 259 + - kind: ServiceAccount 260 + name: kustomize-controller 261 + namespace: flux-system 262 + - kind: ServiceAccount 263 + name: helm-controller 264 + namespace: flux-system 265 + --- 266 + apiVersion: rbac.authorization.k8s.io/v1 267 + kind: ClusterRoleBinding 268 + metadata: 269 + labels: 270 + app.kubernetes.io/instance: flux-system 271 + app.kubernetes.io/part-of: flux 272 + app.kubernetes.io/version: v2.6.4 273 + name: crd-controller-flux-system 274 + roleRef: 275 + apiGroup: rbac.authorization.k8s.io 276 + kind: ClusterRole 277 + name: crd-controller-flux-system 278 + subjects: 279 + - kind: ServiceAccount 280 + name: kustomize-controller 281 + namespace: flux-system 282 + - kind: ServiceAccount 283 + name: helm-controller 284 + namespace: flux-system 285 + - kind: ServiceAccount 286 + name: source-controller 287 + namespace: flux-system 288 + - kind: ServiceAccount 289 + name: notification-controller 290 + namespace: flux-system 291 + - kind: ServiceAccount 292 + name: image-reflector-controller 293 + namespace: flux-system 294 + - kind: ServiceAccount 295 + name: image-automation-controller 296 + namespace: flux-system 297 + --- 298 + apiVersion: apiextensions.k8s.io/v1 299 + kind: CustomResourceDefinition 300 + metadata: 301 + annotations: 302 + controller-gen.kubebuilder.io/version: v0.16.1 303 + labels: 304 + app.kubernetes.io/component: source-controller 305 + app.kubernetes.io/instance: flux-system 306 + app.kubernetes.io/part-of: flux 307 + app.kubernetes.io/version: v2.6.4 308 + name: buckets.source.toolkit.fluxcd.io 309 + spec: 310 + group: source.toolkit.fluxcd.io 311 + names: 312 + kind: Bucket 313 + listKind: BucketList 314 + plural: buckets 315 + singular: bucket 316 + scope: Namespaced 317 + versions: 318 + - additionalPrinterColumns: 319 + - jsonPath: .spec.endpoint 320 + name: Endpoint 321 + type: string 322 + - jsonPath: .metadata.creationTimestamp 323 + name: Age 324 + type: date 325 + - jsonPath: .status.conditions[?(@.type=="Ready")].status 326 + name: Ready 327 + type: string 328 + - jsonPath: .status.conditions[?(@.type=="Ready")].message 329 + name: Status 330 + type: string 331 + name: v1 332 + schema: 333 + openAPIV3Schema: 334 + description: Bucket is the Schema for the buckets API. 335 + properties: 336 + apiVersion: 337 + description: |- 338 + APIVersion defines the versioned schema of this representation of an object. 339 + Servers should convert recognized schemas to the latest internal value, and 340 + may reject unrecognized values. 341 + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources 342 + type: string 343 + kind: 344 + description: |- 345 + Kind is a string value representing the REST resource this object represents. 346 + Servers may infer this from the endpoint the client submits requests to. 347 + Cannot be updated. 348 + In CamelCase. 349 + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds 350 + type: string 351 + metadata: 352 + type: object 353 + spec: 354 + description: |- 355 + BucketSpec specifies the required configuration to produce an Artifact for 356 + an object storage bucket. 357 + properties: 358 + bucketName: 359 + description: BucketName is the name of the object storage bucket. 360 + type: string 361 + certSecretRef: 362 + description: |- 363 + CertSecretRef can be given the name of a Secret containing 364 + either or both of 365 + 366 + - a PEM-encoded client certificate (`tls.crt`) and private 367 + key (`tls.key`); 368 + - a PEM-encoded CA certificate (`ca.crt`) 369 + 370 + and whichever are supplied, will be used for connecting to the 371 + bucket. The client cert and key are useful if you are 372 + authenticating with a certificate; the CA cert is useful if 373 + you are using a self-signed server certificate. The Secret must 374 + be of type `Opaque` or `kubernetes.io/tls`. 375 + 376 + This field is only supported for the `generic` provider. 377 + properties: 378 + name: 379 + description: Name of the referent. 380 + type: string 381 + required: 382 + - name 383 + type: object 384 + endpoint: 385 + description: Endpoint is the object storage address the BucketName 386 + is located at. 387 + type: string 388 + ignore: 389 + description: |- 390 + Ignore overrides the set of excluded patterns in the .sourceignore format 391 + (which is the same as .gitignore). If not provided, a default will be used, 392 + consult the documentation for your version to find out what those are. 393 + type: string 394 + insecure: 395 + description: Insecure allows connecting to a non-TLS HTTP Endpoint. 396 + type: boolean 397 + interval: 398 + description: |- 399 + Interval at which the Bucket Endpoint is checked for updates. 400 + This interval is approximate and may be subject to jitter to ensure 401 + efficient use of resources. 402 + pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$ 403 + type: string 404 + prefix: 405 + description: Prefix to use for server-side filtering of files in the 406 + Bucket. 407 + type: string 408 + provider: 409 + default: generic 410 + description: |- 411 + Provider of the object storage bucket. 412 + Defaults to 'generic', which expects an S3 (API) compatible object 413 + storage. 414 + enum: 415 + - generic 416 + - aws 417 + - gcp 418 + - azure 419 + type: string 420 + proxySecretRef: 421 + description: |- 422 + ProxySecretRef specifies the Secret containing the proxy configuration 423 + to use while communicating with the Bucket server. 424 + properties: 425 + name: 426 + description: Name of the referent. 427 + type: string 428 + required: 429 + - name 430 + type: object 431 + region: 432 + description: Region of the Endpoint where the BucketName is located 433 + in. 434 + type: string 435 + secretRef: 436 + description: |- 437 + SecretRef specifies the Secret containing authentication credentials 438 + for the Bucket. 439 + properties: 440 + name: 441 + description: Name of the referent. 442 + type: string 443 + required: 444 + - name 445 + type: object 446 + sts: 447 + description: |- 448 + STS specifies the required configuration to use a Security Token 449 + Service for fetching temporary credentials to authenticate in a 450 + Bucket provider. 451 + 452 + This field is only supported for the `aws` and `generic` providers. 453 + properties: 454 + certSecretRef: 455 + description: |- 456 + CertSecretRef can be given the name of a Secret containing 457 + either or both of 458 + 459 + - a PEM-encoded client certificate (`tls.crt`) and private 460 + key (`tls.key`); 461 + - a PEM-encoded CA certificate (`ca.crt`) 462 + 463 + and whichever are supplied, will be used for connecting to the 464 + STS endpoint. The client cert and key are useful if you are 465 + authenticating with a certificate; the CA cert is useful if 466 + you are using a self-signed server certificate. The Secret must 467 + be of type `Opaque` or `kubernetes.io/tls`. 468 + 469 + This field is only supported for the `ldap` provider. 470 + properties: 471 + name: 472 + description: Name of the referent. 473 + type: string 474 + required: 475 + - name 476 + type: object 477 + endpoint: 478 + description: |- 479 + Endpoint is the HTTP/S endpoint of the Security Token Service from 480 + where temporary credentials will be fetched. 481 + pattern: ^(http|https)://.*$ 482 + type: string 483 + provider: 484 + description: Provider of the Security Token Service. 485 + enum: 486 + - aws 487 + - ldap 488 + type: string 489 + secretRef: 490 + description: |- 491 + SecretRef specifies the Secret containing authentication credentials 492 + for the STS endpoint. This Secret must contain the fields `username` 493 + and `password` and is supported only for the `ldap` provider. 494 + properties: 495 + name: 496 + description: Name of the referent. 497 + type: string 498 + required: 499 + - name 500 + type: object 501 + required: 502 + - endpoint 503 + - provider 504 + type: object 505 + suspend: 506 + description: |- 507 + Suspend tells the controller to suspend the reconciliation of this 508 + Bucket. 509 + type: boolean 510 + timeout: 511 + default: 60s 512 + description: Timeout for fetch operations, defaults to 60s. 513 + pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m))+$ 514 + type: string 515 + required: 516 + - bucketName 517 + - endpoint 518 + - interval 519 + type: object 520 + x-kubernetes-validations: 521 + - message: STS configuration is only supported for the 'aws' and 'generic' 522 + Bucket providers 523 + rule: self.provider == 'aws' || self.provider == 'generic' || !has(self.sts) 524 + - message: '''aws'' is the only supported STS provider for the ''aws'' 525 + Bucket provider' 526 + rule: self.provider != 'aws' || !has(self.sts) || self.sts.provider 527 + == 'aws' 528 + - message: '''ldap'' is the only supported STS provider for the ''generic'' 529 + Bucket provider' 530 + rule: self.provider != 'generic' || !has(self.sts) || self.sts.provider 531 + == 'ldap' 532 + - message: spec.sts.secretRef is not required for the 'aws' STS provider 533 + rule: '!has(self.sts) || self.sts.provider != ''aws'' || !has(self.sts.secretRef)' 534 + - message: spec.sts.certSecretRef is not required for the 'aws' STS provider 535 + rule: '!has(self.sts) || self.sts.provider != ''aws'' || !has(self.sts.certSecretRef)' 536 + status: 537 + default: 538 + observedGeneration: -1 539 + description: BucketStatus records the observed state of a Bucket. 540 + properties: 541 + artifact: 542 + description: Artifact represents the last successful Bucket reconciliation. 543 + properties: 544 + digest: 545 + description: Digest is the digest of the file in the form of '<algorithm>:<checksum>'. 546 + pattern: ^[a-z0-9]+(?:[.+_-][a-z0-9]+)*:[a-zA-Z0-9=_-]+$ 547 + type: string 548 + lastUpdateTime: 549 + description: |- 550 + LastUpdateTime is the timestamp corresponding to the last update of the 551 + Artifact. 552 + format: date-time 553 + type: string 554 + metadata: 555 + additionalProperties: 556 + type: string 557 + description: Metadata holds upstream information such as OCI annotations. 558 + type: object 559 + path: 560 + description: |- 561 + Path is the relative file path of the Artifact. It can be used to locate 562 + the file in the root of the Artifact storage on the local file system of 563 + the controller managing the Source. 564 + type: string 565 + revision: 566 + description: |- 567 + Revision is a human-readable identifier traceable in the origin source 568 + system. It can be a Git commit SHA, Git tag, a Helm chart version, etc. 569 + type: string 570 + size: 571 + description: Size is the number of bytes in the file. 572 + format: int64 573 + type: integer 574 + url: 575 + description: |- 576 + URL is the HTTP address of the Artifact as exposed by the controller 577 + managing the Source. It can be used to retrieve the Artifact for 578 + consumption, e.g. by another controller applying the Artifact contents. 579 + type: string 580 + required: 581 + - lastUpdateTime 582 + - path 583 + - revision 584 + - url 585 + type: object 586 + conditions: 587 + description: Conditions holds the conditions for the Bucket. 588 + items: 589 + description: Condition contains details for one aspect of the current 590 + state of this API Resource. 591 + properties: 592 + lastTransitionTime: 593 + description: |- 594 + lastTransitionTime is the last time the condition transitioned from one status to another. 595 + This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. 596 + format: date-time 597 + type: string 598 + message: 599 + description: |- 600 + message is a human readable message indicating details about the transition. 601 + This may be an empty string. 602 + maxLength: 32768 603 + type: string 604 + observedGeneration: 605 + description: |- 606 + observedGeneration represents the .metadata.generation that the condition was set based upon. 607 + For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date 608 + with respect to the current state of the instance. 609 + format: int64 610 + minimum: 0 611 + type: integer 612 + reason: 613 + description: |- 614 + reason contains a programmatic identifier indicating the reason for the condition's last transition. 615 + Producers of specific condition types may define expected values and meanings for this field, 616 + and whether the values are considered a guaranteed API. 617 + The value should be a CamelCase string. 618 + This field may not be empty. 619 + maxLength: 1024 620 + minLength: 1 621 + pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ 622 + type: string 623 + status: 624 + description: status of the condition, one of True, False, Unknown. 625 + enum: 626 + - "True" 627 + - "False" 628 + - Unknown 629 + type: string 630 + type: 631 + description: type of condition in CamelCase or in foo.example.com/CamelCase. 632 + maxLength: 316 633 + pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ 634 + type: string 635 + required: 636 + - lastTransitionTime 637 + - message 638 + - reason 639 + - status 640 + - type 641 + type: object 642 + type: array 643 + lastHandledReconcileAt: 644 + description: |- 645 + LastHandledReconcileAt holds the value of the most recent 646 + reconcile request value, so a change of the annotation value 647 + can be detected. 648 + type: string 649 + observedGeneration: 650 + description: ObservedGeneration is the last observed generation of 651 + the Bucket object. 652 + format: int64 653 + type: integer 654 + observedIgnore: 655 + description: |- 656 + ObservedIgnore is the observed exclusion patterns used for constructing 657 + the source artifact. 658 + type: string 659 + url: 660 + description: |- 661 + URL is the dynamic fetch link for the latest Artifact. 662 + It is provided on a "best effort" basis, and using the precise 663 + BucketStatus.Artifact data is recommended. 664 + type: string 665 + type: object 666 + type: object 667 + served: true 668 + storage: true 669 + subresources: 670 + status: {} 671 + - additionalPrinterColumns: 672 + - jsonPath: .spec.endpoint 673 + name: Endpoint 674 + type: string 675 + - jsonPath: .status.conditions[?(@.type=="Ready")].status 676 + name: Ready 677 + type: string 678 + - jsonPath: .status.conditions[?(@.type=="Ready")].message 679 + name: Status 680 + type: string 681 + - jsonPath: .metadata.creationTimestamp 682 + name: Age 683 + type: date 684 + deprecated: true 685 + deprecationWarning: v1beta1 Bucket is deprecated, upgrade to v1 686 + name: v1beta1 687 + schema: 688 + openAPIV3Schema: 689 + description: Bucket is the Schema for the buckets API 690 + properties: 691 + apiVersion: 692 + description: |- 693 + APIVersion defines the versioned schema of this representation of an object. 694 + Servers should convert recognized schemas to the latest internal value, and 695 + may reject unrecognized values. 696 + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources 697 + type: string 698 + kind: 699 + description: |- 700 + Kind is a string value representing the REST resource this object represents. 701 + Servers may infer this from the endpoint the client submits requests to. 702 + Cannot be updated. 703 + In CamelCase. 704 + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds 705 + type: string 706 + metadata: 707 + type: object 708 + spec: 709 + description: BucketSpec defines the desired state of an S3 compatible 710 + bucket 711 + properties: 712 + accessFrom: 713 + description: AccessFrom defines an Access Control List for allowing 714 + cross-namespace references to this object. 715 + properties: 716 + namespaceSelectors: 717 + description: |- 718 + NamespaceSelectors is the list of namespace selectors to which this ACL applies. 719 + Items in this list are evaluated using a logical OR operation. 720 + items: 721 + description: |- 722 + NamespaceSelector selects the namespaces to which this ACL applies. 723 + An empty map of MatchLabels matches all namespaces in a cluster. 724 + properties: 725 + matchLabels: 726 + additionalProperties: 727 + type: string 728 + description: |- 729 + MatchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels 730 + map is equivalent to an element of matchExpressions, whose key field is "key", the 731 + operator is "In", and the values array contains only "value". The requirements are ANDed. 732 + type: object 733 + type: object 734 + type: array 735 + required: 736 + - namespaceSelectors 737 + type: object 738 + bucketName: 739 + description: The bucket name. 740 + type: string 741 + endpoint: 742 + description: The bucket endpoint address. 743 + type: string 744 + ignore: 745 + description: |- 746 + Ignore overrides the set of excluded patterns in the .sourceignore format 747 + (which is the same as .gitignore). If not provided, a default will be used, 748 + consult the documentation for your version to find out what those are. 749 + type: string 750 + insecure: 751 + description: Insecure allows connecting to a non-TLS S3 HTTP endpoint. 752 + type: boolean 753 + interval: 754 + description: The interval at which to check for bucket updates. 755 + type: string 756 + provider: 757 + default: generic 758 + description: The S3 compatible storage provider name, default ('generic'). 759 + enum: 760 + - generic 761 + - aws 762 + - gcp 763 + type: string 764 + region: 765 + description: The bucket region. 766 + type: string 767 + secretRef: 768 + description: |- 769 + The name of the secret containing authentication credentials 770 + for the Bucket. 771 + properties: 772 + name: 773 + description: Name of the referent. 774 + type: string 775 + required: 776 + - name 777 + type: object 778 + suspend: 779 + description: This flag tells the controller to suspend the reconciliation 780 + of this source. 781 + type: boolean 782 + timeout: 783 + default: 60s 784 + description: The timeout for download operations, defaults to 60s. 785 + type: string 786 + required: 787 + - bucketName 788 + - endpoint 789 + - interval 790 + type: object 791 + status: 792 + default: 793 + observedGeneration: -1 794 + description: BucketStatus defines the observed state of a bucket 795 + properties: 796 + artifact: 797 + description: Artifact represents the output of the last successful 798 + Bucket sync. 799 + properties: 800 + checksum: 801 + description: Checksum is the SHA256 checksum of the artifact. 802 + type: string 803 + lastUpdateTime: 804 + description: |- 805 + LastUpdateTime is the timestamp corresponding to the last update of this 806 + artifact. 807 + format: date-time 808 + type: string 809 + path: 810 + description: Path is the relative file path of this artifact. 811 + type: string 812 + revision: 813 + description: |- 814 + Revision is a human readable identifier traceable in the origin source 815 + system. It can be a Git commit SHA, Git tag, a Helm index timestamp, a Helm 816 + chart version, etc. 817 + type: string 818 + url: 819 + description: URL is the HTTP address of this artifact. 820 + type: string 821 + required: 822 + - lastUpdateTime 823 + - path 824 + - url 825 + type: object 826 + conditions: 827 + description: Conditions holds the conditions for the Bucket. 828 + items: 829 + description: Condition contains details for one aspect of the current 830 + state of this API Resource. 831 + properties: 832 + lastTransitionTime: 833 + description: |- 834 + lastTransitionTime is the last time the condition transitioned from one status to another. 835 + This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. 836 + format: date-time 837 + type: string 838 + message: 839 + description: |- 840 + message is a human readable message indicating details about the transition. 841 + This may be an empty string. 842 + maxLength: 32768 843 + type: string 844 + observedGeneration: 845 + description: |- 846 + observedGeneration represents the .metadata.generation that the condition was set based upon. 847 + For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date 848 + with respect to the current state of the instance. 849 + format: int64 850 + minimum: 0 851 + type: integer 852 + reason: 853 + description: |- 854 + reason contains a programmatic identifier indicating the reason for the condition's last transition. 855 + Producers of specific condition types may define expected values and meanings for this field, 856 + and whether the values are considered a guaranteed API. 857 + The value should be a CamelCase string. 858 + This field may not be empty. 859 + maxLength: 1024 860 + minLength: 1 861 + pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ 862 + type: string 863 + status: 864 + description: status of the condition, one of True, False, Unknown. 865 + enum: 866 + - "True" 867 + - "False" 868 + - Unknown 869 + type: string 870 + type: 871 + description: type of condition in CamelCase or in foo.example.com/CamelCase. 872 + maxLength: 316 873 + pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ 874 + type: string 875 + required: 876 + - lastTransitionTime 877 + - message 878 + - reason 879 + - status 880 + - type 881 + type: object 882 + type: array 883 + lastHandledReconcileAt: 884 + description: |- 885 + LastHandledReconcileAt holds the value of the most recent 886 + reconcile request value, so a change of the annotation value 887 + can be detected. 888 + type: string 889 + observedGeneration: 890 + description: ObservedGeneration is the last observed generation. 891 + format: int64 892 + type: integer 893 + url: 894 + description: URL is the download link for the artifact output of the 895 + last Bucket sync. 896 + type: string 897 + type: object 898 + type: object 899 + served: true 900 + storage: false 901 + subresources: 902 + status: {} 903 + - additionalPrinterColumns: 904 + - jsonPath: .spec.endpoint 905 + name: Endpoint 906 + type: string 907 + - jsonPath: .metadata.creationTimestamp 908 + name: Age 909 + type: date 910 + - jsonPath: .status.conditions[?(@.type=="Ready")].status 911 + name: Ready 912 + type: string 913 + - jsonPath: .status.conditions[?(@.type=="Ready")].message 914 + name: Status 915 + type: string 916 + deprecated: true 917 + deprecationWarning: v1beta2 Bucket is deprecated, upgrade to v1 918 + name: v1beta2 919 + schema: 920 + openAPIV3Schema: 921 + description: Bucket is the Schema for the buckets API. 922 + properties: 923 + apiVersion: 924 + description: |- 925 + APIVersion defines the versioned schema of this representation of an object. 926 + Servers should convert recognized schemas to the latest internal value, and 927 + may reject unrecognized values. 928 + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources 929 + type: string 930 + kind: 931 + description: |- 932 + Kind is a string value representing the REST resource this object represents. 933 + Servers may infer this from the endpoint the client submits requests to. 934 + Cannot be updated. 935 + In CamelCase. 936 + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds 937 + type: string 938 + metadata: 939 + type: object 940 + spec: 941 + description: |- 942 + BucketSpec specifies the required configuration to produce an Artifact for 943 + an object storage bucket. 944 + properties: 945 + accessFrom: 946 + description: |- 947 + AccessFrom specifies an Access Control List for allowing cross-namespace 948 + references to this object. 949 + NOTE: Not implemented, provisional as of https://github.com/fluxcd/flux2/pull/2092 950 + properties: 951 + namespaceSelectors: 952 + description: |- 953 + NamespaceSelectors is the list of namespace selectors to which this ACL applies. 954 + Items in this list are evaluated using a logical OR operation. 955 + items: 956 + description: |- 957 + NamespaceSelector selects the namespaces to which this ACL applies. 958 + An empty map of MatchLabels matches all namespaces in a cluster. 959 + properties: 960 + matchLabels: 961 + additionalProperties: 962 + type: string 963 + description: |- 964 + MatchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels 965 + map is equivalent to an element of matchExpressions, whose key field is "key", the 966 + operator is "In", and the values array contains only "value". The requirements are ANDed. 967 + type: object 968 + type: object 969 + type: array 970 + required: 971 + - namespaceSelectors 972 + type: object 973 + bucketName: 974 + description: BucketName is the name of the object storage bucket. 975 + type: string 976 + certSecretRef: 977 + description: |- 978 + CertSecretRef can be given the name of a Secret containing 979 + either or both of 980 + 981 + - a PEM-encoded client certificate (`tls.crt`) and private 982 + key (`tls.key`); 983 + - a PEM-encoded CA certificate (`ca.crt`) 984 + 985 + and whichever are supplied, will be used for connecting to the 986 + bucket. The client cert and key are useful if you are 987 + authenticating with a certificate; the CA cert is useful if 988 + you are using a self-signed server certificate. The Secret must 989 + be of type `Opaque` or `kubernetes.io/tls`. 990 + 991 + This field is only supported for the `generic` provider. 992 + properties: 993 + name: 994 + description: Name of the referent. 995 + type: string 996 + required: 997 + - name 998 + type: object 999 + endpoint: 1000 + description: Endpoint is the object storage address the BucketName 1001 + is located at. 1002 + type: string 1003 + ignore: 1004 + description: |- 1005 + Ignore overrides the set of excluded patterns in the .sourceignore format 1006 + (which is the same as .gitignore). If not provided, a default will be used, 1007 + consult the documentation for your version to find out what those are. 1008 + type: string 1009 + insecure: 1010 + description: Insecure allows connecting to a non-TLS HTTP Endpoint. 1011 + type: boolean 1012 + interval: 1013 + description: |- 1014 + Interval at which the Bucket Endpoint is checked for updates. 1015 + This interval is approximate and may be subject to jitter to ensure 1016 + efficient use of resources. 1017 + pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$ 1018 + type: string 1019 + prefix: 1020 + description: Prefix to use for server-side filtering of files in the 1021 + Bucket. 1022 + type: string 1023 + provider: 1024 + default: generic 1025 + description: |- 1026 + Provider of the object storage bucket. 1027 + Defaults to 'generic', which expects an S3 (API) compatible object 1028 + storage. 1029 + enum: 1030 + - generic 1031 + - aws 1032 + - gcp 1033 + - azure 1034 + type: string 1035 + proxySecretRef: 1036 + description: |- 1037 + ProxySecretRef specifies the Secret containing the proxy configuration 1038 + to use while communicating with the Bucket server. 1039 + properties: 1040 + name: 1041 + description: Name of the referent. 1042 + type: string 1043 + required: 1044 + - name 1045 + type: object 1046 + region: 1047 + description: Region of the Endpoint where the BucketName is located 1048 + in. 1049 + type: string 1050 + secretRef: 1051 + description: |- 1052 + SecretRef specifies the Secret containing authentication credentials 1053 + for the Bucket. 1054 + properties: 1055 + name: 1056 + description: Name of the referent. 1057 + type: string 1058 + required: 1059 + - name 1060 + type: object 1061 + sts: 1062 + description: |- 1063 + STS specifies the required configuration to use a Security Token 1064 + Service for fetching temporary credentials to authenticate in a 1065 + Bucket provider. 1066 + 1067 + This field is only supported for the `aws` and `generic` providers. 1068 + properties: 1069 + certSecretRef: 1070 + description: |- 1071 + CertSecretRef can be given the name of a Secret containing 1072 + either or both of 1073 + 1074 + - a PEM-encoded client certificate (`tls.crt`) and private 1075 + key (`tls.key`); 1076 + - a PEM-encoded CA certificate (`ca.crt`) 1077 + 1078 + and whichever are supplied, will be used for connecting to the 1079 + STS endpoint. The client cert and key are useful if you are 1080 + authenticating with a certificate; the CA cert is useful if 1081 + you are using a self-signed server certificate. The Secret must 1082 + be of type `Opaque` or `kubernetes.io/tls`. 1083 + 1084 + This field is only supported for the `ldap` provider. 1085 + properties: 1086 + name: 1087 + description: Name of the referent. 1088 + type: string 1089 + required: 1090 + - name 1091 + type: object 1092 + endpoint: 1093 + description: |- 1094 + Endpoint is the HTTP/S endpoint of the Security Token Service from 1095 + where temporary credentials will be fetched. 1096 + pattern: ^(http|https)://.*$ 1097 + type: string 1098 + provider: 1099 + description: Provider of the Security Token Service. 1100 + enum: 1101 + - aws 1102 + - ldap 1103 + type: string 1104 + secretRef: 1105 + description: |- 1106 + SecretRef specifies the Secret containing authentication credentials 1107 + for the STS endpoint. This Secret must contain the fields `username` 1108 + and `password` and is supported only for the `ldap` provider. 1109 + properties: 1110 + name: 1111 + description: Name of the referent. 1112 + type: string 1113 + required: 1114 + - name 1115 + type: object 1116 + required: 1117 + - endpoint 1118 + - provider 1119 + type: object 1120 + suspend: 1121 + description: |- 1122 + Suspend tells the controller to suspend the reconciliation of this 1123 + Bucket. 1124 + type: boolean 1125 + timeout: 1126 + default: 60s 1127 + description: Timeout for fetch operations, defaults to 60s. 1128 + pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m))+$ 1129 + type: string 1130 + required: 1131 + - bucketName 1132 + - endpoint 1133 + - interval 1134 + type: object 1135 + x-kubernetes-validations: 1136 + - message: STS configuration is only supported for the 'aws' and 'generic' 1137 + Bucket providers 1138 + rule: self.provider == 'aws' || self.provider == 'generic' || !has(self.sts) 1139 + - message: '''aws'' is the only supported STS provider for the ''aws'' 1140 + Bucket provider' 1141 + rule: self.provider != 'aws' || !has(self.sts) || self.sts.provider 1142 + == 'aws' 1143 + - message: '''ldap'' is the only supported STS provider for the ''generic'' 1144 + Bucket provider' 1145 + rule: self.provider != 'generic' || !has(self.sts) || self.sts.provider 1146 + == 'ldap' 1147 + - message: spec.sts.secretRef is not required for the 'aws' STS provider 1148 + rule: '!has(self.sts) || self.sts.provider != ''aws'' || !has(self.sts.secretRef)' 1149 + - message: spec.sts.certSecretRef is not required for the 'aws' STS provider 1150 + rule: '!has(self.sts) || self.sts.provider != ''aws'' || !has(self.sts.certSecretRef)' 1151 + status: 1152 + default: 1153 + observedGeneration: -1 1154 + description: BucketStatus records the observed state of a Bucket. 1155 + properties: 1156 + artifact: 1157 + description: Artifact represents the last successful Bucket reconciliation. 1158 + properties: 1159 + digest: 1160 + description: Digest is the digest of the file in the form of '<algorithm>:<checksum>'. 1161 + pattern: ^[a-z0-9]+(?:[.+_-][a-z0-9]+)*:[a-zA-Z0-9=_-]+$ 1162 + type: string 1163 + lastUpdateTime: 1164 + description: |- 1165 + LastUpdateTime is the timestamp corresponding to the last update of the 1166 + Artifact. 1167 + format: date-time 1168 + type: string 1169 + metadata: 1170 + additionalProperties: 1171 + type: string 1172 + description: Metadata holds upstream information such as OCI annotations. 1173 + type: object 1174 + path: 1175 + description: |- 1176 + Path is the relative file path of the Artifact. It can be used to locate 1177 + the file in the root of the Artifact storage on the local file system of 1178 + the controller managing the Source. 1179 + type: string 1180 + revision: 1181 + description: |- 1182 + Revision is a human-readable identifier traceable in the origin source 1183 + system. It can be a Git commit SHA, Git tag, a Helm chart version, etc. 1184 + type: string 1185 + size: 1186 + description: Size is the number of bytes in the file. 1187 + format: int64 1188 + type: integer 1189 + url: 1190 + description: |- 1191 + URL is the HTTP address of the Artifact as exposed by the controller 1192 + managing the Source. It can be used to retrieve the Artifact for 1193 + consumption, e.g. by another controller applying the Artifact contents. 1194 + type: string 1195 + required: 1196 + - lastUpdateTime 1197 + - path 1198 + - revision 1199 + - url 1200 + type: object 1201 + conditions: 1202 + description: Conditions holds the conditions for the Bucket. 1203 + items: 1204 + description: Condition contains details for one aspect of the current 1205 + state of this API Resource. 1206 + properties: 1207 + lastTransitionTime: 1208 + description: |- 1209 + lastTransitionTime is the last time the condition transitioned from one status to another. 1210 + This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. 1211 + format: date-time 1212 + type: string 1213 + message: 1214 + description: |- 1215 + message is a human readable message indicating details about the transition. 1216 + This may be an empty string. 1217 + maxLength: 32768 1218 + type: string 1219 + observedGeneration: 1220 + description: |- 1221 + observedGeneration represents the .metadata.generation that the condition was set based upon. 1222 + For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date 1223 + with respect to the current state of the instance. 1224 + format: int64 1225 + minimum: 0 1226 + type: integer 1227 + reason: 1228 + description: |- 1229 + reason contains a programmatic identifier indicating the reason for the condition's last transition. 1230 + Producers of specific condition types may define expected values and meanings for this field, 1231 + and whether the values are considered a guaranteed API. 1232 + The value should be a CamelCase string. 1233 + This field may not be empty. 1234 + maxLength: 1024 1235 + minLength: 1 1236 + pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ 1237 + type: string 1238 + status: 1239 + description: status of the condition, one of True, False, Unknown. 1240 + enum: 1241 + - "True" 1242 + - "False" 1243 + - Unknown 1244 + type: string 1245 + type: 1246 + description: type of condition in CamelCase or in foo.example.com/CamelCase. 1247 + maxLength: 316 1248 + pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ 1249 + type: string 1250 + required: 1251 + - lastTransitionTime 1252 + - message 1253 + - reason 1254 + - status 1255 + - type 1256 + type: object 1257 + type: array 1258 + lastHandledReconcileAt: 1259 + description: |- 1260 + LastHandledReconcileAt holds the value of the most recent 1261 + reconcile request value, so a change of the annotation value 1262 + can be detected. 1263 + type: string 1264 + observedGeneration: 1265 + description: ObservedGeneration is the last observed generation of 1266 + the Bucket object. 1267 + format: int64 1268 + type: integer 1269 + observedIgnore: 1270 + description: |- 1271 + ObservedIgnore is the observed exclusion patterns used for constructing 1272 + the source artifact. 1273 + type: string 1274 + url: 1275 + description: |- 1276 + URL is the dynamic fetch link for the latest Artifact. 1277 + It is provided on a "best effort" basis, and using the precise 1278 + BucketStatus.Artifact data is recommended. 1279 + type: string 1280 + type: object 1281 + type: object 1282 + served: true 1283 + storage: false 1284 + subresources: 1285 + status: {} 1286 + --- 1287 + apiVersion: apiextensions.k8s.io/v1 1288 + kind: CustomResourceDefinition 1289 + metadata: 1290 + annotations: 1291 + controller-gen.kubebuilder.io/version: v0.16.1 1292 + labels: 1293 + app.kubernetes.io/component: source-controller 1294 + app.kubernetes.io/instance: flux-system 1295 + app.kubernetes.io/part-of: flux 1296 + app.kubernetes.io/version: v2.6.4 1297 + name: gitrepositories.source.toolkit.fluxcd.io 1298 + spec: 1299 + group: source.toolkit.fluxcd.io 1300 + names: 1301 + kind: GitRepository 1302 + listKind: GitRepositoryList 1303 + plural: gitrepositories 1304 + shortNames: 1305 + - gitrepo 1306 + singular: gitrepository 1307 + scope: Namespaced 1308 + versions: 1309 + - additionalPrinterColumns: 1310 + - jsonPath: .spec.url 1311 + name: URL 1312 + type: string 1313 + - jsonPath: .metadata.creationTimestamp 1314 + name: Age 1315 + type: date 1316 + - jsonPath: .status.conditions[?(@.type=="Ready")].status 1317 + name: Ready 1318 + type: string 1319 + - jsonPath: .status.conditions[?(@.type=="Ready")].message 1320 + name: Status 1321 + type: string 1322 + name: v1 1323 + schema: 1324 + openAPIV3Schema: 1325 + description: GitRepository is the Schema for the gitrepositories API. 1326 + properties: 1327 + apiVersion: 1328 + description: |- 1329 + APIVersion defines the versioned schema of this representation of an object. 1330 + Servers should convert recognized schemas to the latest internal value, and 1331 + may reject unrecognized values. 1332 + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources 1333 + type: string 1334 + kind: 1335 + description: |- 1336 + Kind is a string value representing the REST resource this object represents. 1337 + Servers may infer this from the endpoint the client submits requests to. 1338 + Cannot be updated. 1339 + In CamelCase. 1340 + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds 1341 + type: string 1342 + metadata: 1343 + type: object 1344 + spec: 1345 + description: |- 1346 + GitRepositorySpec specifies the required configuration to produce an 1347 + Artifact for a Git repository. 1348 + properties: 1349 + ignore: 1350 + description: |- 1351 + Ignore overrides the set of excluded patterns in the .sourceignore format 1352 + (which is the same as .gitignore). If not provided, a default will be used, 1353 + consult the documentation for your version to find out what those are. 1354 + type: string 1355 + include: 1356 + description: |- 1357 + Include specifies a list of GitRepository resources which Artifacts 1358 + should be included in the Artifact produced for this GitRepository. 1359 + items: 1360 + description: |- 1361 + GitRepositoryInclude specifies a local reference to a GitRepository which 1362 + Artifact (sub-)contents must be included, and where they should be placed. 1363 + properties: 1364 + fromPath: 1365 + description: |- 1366 + FromPath specifies the path to copy contents from, defaults to the root 1367 + of the Artifact. 1368 + type: string 1369 + repository: 1370 + description: |- 1371 + GitRepositoryRef specifies the GitRepository which Artifact contents 1372 + must be included. 1373 + properties: 1374 + name: 1375 + description: Name of the referent. 1376 + type: string 1377 + required: 1378 + - name 1379 + type: object 1380 + toPath: 1381 + description: |- 1382 + ToPath specifies the path to copy contents to, defaults to the name of 1383 + the GitRepositoryRef. 1384 + type: string 1385 + required: 1386 + - repository 1387 + type: object 1388 + type: array 1389 + interval: 1390 + description: |- 1391 + Interval at which the GitRepository URL is checked for updates. 1392 + This interval is approximate and may be subject to jitter to ensure 1393 + efficient use of resources. 1394 + pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$ 1395 + type: string 1396 + provider: 1397 + description: |- 1398 + Provider used for authentication, can be 'azure', 'github', 'generic'. 1399 + When not specified, defaults to 'generic'. 1400 + enum: 1401 + - generic 1402 + - azure 1403 + - github 1404 + type: string 1405 + proxySecretRef: 1406 + description: |- 1407 + ProxySecretRef specifies the Secret containing the proxy configuration 1408 + to use while communicating with the Git server. 1409 + properties: 1410 + name: 1411 + description: Name of the referent. 1412 + type: string 1413 + required: 1414 + - name 1415 + type: object 1416 + recurseSubmodules: 1417 + description: |- 1418 + RecurseSubmodules enables the initialization of all submodules within 1419 + the GitRepository as cloned from the URL, using their default settings. 1420 + type: boolean 1421 + ref: 1422 + description: |- 1423 + Reference specifies the Git reference to resolve and monitor for 1424 + changes, defaults to the 'master' branch. 1425 + properties: 1426 + branch: 1427 + description: Branch to check out, defaults to 'master' if no other 1428 + field is defined. 1429 + type: string 1430 + commit: 1431 + description: |- 1432 + Commit SHA to check out, takes precedence over all reference fields. 1433 + 1434 + This can be combined with Branch to shallow clone the branch, in which 1435 + the commit is expected to exist. 1436 + type: string 1437 + name: 1438 + description: |- 1439 + Name of the reference to check out; takes precedence over Branch, Tag and SemVer. 1440 + 1441 + It must be a valid Git reference: https://git-scm.com/docs/git-check-ref-format#_description 1442 + Examples: "refs/heads/main", "refs/tags/v0.1.0", "refs/pull/420/head", "refs/merge-requests/1/head" 1443 + type: string 1444 + semver: 1445 + description: SemVer tag expression to check out, takes precedence 1446 + over Tag. 1447 + type: string 1448 + tag: 1449 + description: Tag to check out, takes precedence over Branch. 1450 + type: string 1451 + type: object 1452 + secretRef: 1453 + description: |- 1454 + SecretRef specifies the Secret containing authentication credentials for 1455 + the GitRepository. 1456 + For HTTPS repositories the Secret must contain 'username' and 'password' 1457 + fields for basic auth or 'bearerToken' field for token auth. 1458 + For SSH repositories the Secret must contain 'identity' 1459 + and 'known_hosts' fields. 1460 + properties: 1461 + name: 1462 + description: Name of the referent. 1463 + type: string 1464 + required: 1465 + - name 1466 + type: object 1467 + sparseCheckout: 1468 + description: |- 1469 + SparseCheckout specifies a list of directories to checkout when cloning 1470 + the repository. If specified, only these directories are included in the 1471 + Artifact produced for this GitRepository. 1472 + items: 1473 + type: string 1474 + type: array 1475 + suspend: 1476 + description: |- 1477 + Suspend tells the controller to suspend the reconciliation of this 1478 + GitRepository. 1479 + type: boolean 1480 + timeout: 1481 + default: 60s 1482 + description: Timeout for Git operations like cloning, defaults to 1483 + 60s. 1484 + pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m))+$ 1485 + type: string 1486 + url: 1487 + description: URL specifies the Git repository URL, it can be an HTTP/S 1488 + or SSH address. 1489 + pattern: ^(http|https|ssh)://.*$ 1490 + type: string 1491 + verify: 1492 + description: |- 1493 + Verification specifies the configuration to verify the Git commit 1494 + signature(s). 1495 + properties: 1496 + mode: 1497 + default: HEAD 1498 + description: |- 1499 + Mode specifies which Git object(s) should be verified. 1500 + 1501 + The variants "head" and "HEAD" both imply the same thing, i.e. verify 1502 + the commit that the HEAD of the Git repository points to. The variant 1503 + "head" solely exists to ensure backwards compatibility. 1504 + enum: 1505 + - head 1506 + - HEAD 1507 + - Tag 1508 + - TagAndHEAD 1509 + type: string 1510 + secretRef: 1511 + description: |- 1512 + SecretRef specifies the Secret containing the public keys of trusted Git 1513 + authors. 1514 + properties: 1515 + name: 1516 + description: Name of the referent. 1517 + type: string 1518 + required: 1519 + - name 1520 + type: object 1521 + required: 1522 + - secretRef 1523 + type: object 1524 + required: 1525 + - interval 1526 + - url 1527 + type: object 1528 + status: 1529 + default: 1530 + observedGeneration: -1 1531 + description: GitRepositoryStatus records the observed state of a Git repository. 1532 + properties: 1533 + artifact: 1534 + description: Artifact represents the last successful GitRepository 1535 + reconciliation. 1536 + properties: 1537 + digest: 1538 + description: Digest is the digest of the file in the form of '<algorithm>:<checksum>'. 1539 + pattern: ^[a-z0-9]+(?:[.+_-][a-z0-9]+)*:[a-zA-Z0-9=_-]+$ 1540 + type: string 1541 + lastUpdateTime: 1542 + description: |- 1543 + LastUpdateTime is the timestamp corresponding to the last update of the 1544 + Artifact. 1545 + format: date-time 1546 + type: string 1547 + metadata: 1548 + additionalProperties: 1549 + type: string 1550 + description: Metadata holds upstream information such as OCI annotations. 1551 + type: object 1552 + path: 1553 + description: |- 1554 + Path is the relative file path of the Artifact. It can be used to locate 1555 + the file in the root of the Artifact storage on the local file system of 1556 + the controller managing the Source. 1557 + type: string 1558 + revision: 1559 + description: |- 1560 + Revision is a human-readable identifier traceable in the origin source 1561 + system. It can be a Git commit SHA, Git tag, a Helm chart version, etc. 1562 + type: string 1563 + size: 1564 + description: Size is the number of bytes in the file. 1565 + format: int64 1566 + type: integer 1567 + url: 1568 + description: |- 1569 + URL is the HTTP address of the Artifact as exposed by the controller 1570 + managing the Source. It can be used to retrieve the Artifact for 1571 + consumption, e.g. by another controller applying the Artifact contents. 1572 + type: string 1573 + required: 1574 + - lastUpdateTime 1575 + - path 1576 + - revision 1577 + - url 1578 + type: object 1579 + conditions: 1580 + description: Conditions holds the conditions for the GitRepository. 1581 + items: 1582 + description: Condition contains details for one aspect of the current 1583 + state of this API Resource. 1584 + properties: 1585 + lastTransitionTime: 1586 + description: |- 1587 + lastTransitionTime is the last time the condition transitioned from one status to another. 1588 + This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. 1589 + format: date-time 1590 + type: string 1591 + message: 1592 + description: |- 1593 + message is a human readable message indicating details about the transition. 1594 + This may be an empty string. 1595 + maxLength: 32768 1596 + type: string 1597 + observedGeneration: 1598 + description: |- 1599 + observedGeneration represents the .metadata.generation that the condition was set based upon. 1600 + For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date 1601 + with respect to the current state of the instance. 1602 + format: int64 1603 + minimum: 0 1604 + type: integer 1605 + reason: 1606 + description: |- 1607 + reason contains a programmatic identifier indicating the reason for the condition's last transition. 1608 + Producers of specific condition types may define expected values and meanings for this field, 1609 + and whether the values are considered a guaranteed API. 1610 + The value should be a CamelCase string. 1611 + This field may not be empty. 1612 + maxLength: 1024 1613 + minLength: 1 1614 + pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ 1615 + type: string 1616 + status: 1617 + description: status of the condition, one of True, False, Unknown. 1618 + enum: 1619 + - "True" 1620 + - "False" 1621 + - Unknown 1622 + type: string 1623 + type: 1624 + description: type of condition in CamelCase or in foo.example.com/CamelCase. 1625 + maxLength: 316 1626 + pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ 1627 + type: string 1628 + required: 1629 + - lastTransitionTime 1630 + - message 1631 + - reason 1632 + - status 1633 + - type 1634 + type: object 1635 + type: array 1636 + includedArtifacts: 1637 + description: |- 1638 + IncludedArtifacts contains a list of the last successfully included 1639 + Artifacts as instructed by GitRepositorySpec.Include. 1640 + items: 1641 + description: Artifact represents the output of a Source reconciliation. 1642 + properties: 1643 + digest: 1644 + description: Digest is the digest of the file in the form of 1645 + '<algorithm>:<checksum>'. 1646 + pattern: ^[a-z0-9]+(?:[.+_-][a-z0-9]+)*:[a-zA-Z0-9=_-]+$ 1647 + type: string 1648 + lastUpdateTime: 1649 + description: |- 1650 + LastUpdateTime is the timestamp corresponding to the last update of the 1651 + Artifact. 1652 + format: date-time 1653 + type: string 1654 + metadata: 1655 + additionalProperties: 1656 + type: string 1657 + description: Metadata holds upstream information such as OCI 1658 + annotations. 1659 + type: object 1660 + path: 1661 + description: |- 1662 + Path is the relative file path of the Artifact. It can be used to locate 1663 + the file in the root of the Artifact storage on the local file system of 1664 + the controller managing the Source. 1665 + type: string 1666 + revision: 1667 + description: |- 1668 + Revision is a human-readable identifier traceable in the origin source 1669 + system. It can be a Git commit SHA, Git tag, a Helm chart version, etc. 1670 + type: string 1671 + size: 1672 + description: Size is the number of bytes in the file. 1673 + format: int64 1674 + type: integer 1675 + url: 1676 + description: |- 1677 + URL is the HTTP address of the Artifact as exposed by the controller 1678 + managing the Source. It can be used to retrieve the Artifact for 1679 + consumption, e.g. by another controller applying the Artifact contents. 1680 + type: string 1681 + required: 1682 + - lastUpdateTime 1683 + - path 1684 + - revision 1685 + - url 1686 + type: object 1687 + type: array 1688 + lastHandledReconcileAt: 1689 + description: |- 1690 + LastHandledReconcileAt holds the value of the most recent 1691 + reconcile request value, so a change of the annotation value 1692 + can be detected. 1693 + type: string 1694 + observedGeneration: 1695 + description: |- 1696 + ObservedGeneration is the last observed generation of the GitRepository 1697 + object. 1698 + format: int64 1699 + type: integer 1700 + observedIgnore: 1701 + description: |- 1702 + ObservedIgnore is the observed exclusion patterns used for constructing 1703 + the source artifact. 1704 + type: string 1705 + observedInclude: 1706 + description: |- 1707 + ObservedInclude is the observed list of GitRepository resources used to 1708 + produce the current Artifact. 1709 + items: 1710 + description: |- 1711 + GitRepositoryInclude specifies a local reference to a GitRepository which 1712 + Artifact (sub-)contents must be included, and where they should be placed. 1713 + properties: 1714 + fromPath: 1715 + description: |- 1716 + FromPath specifies the path to copy contents from, defaults to the root 1717 + of the Artifact. 1718 + type: string 1719 + repository: 1720 + description: |- 1721 + GitRepositoryRef specifies the GitRepository which Artifact contents 1722 + must be included. 1723 + properties: 1724 + name: 1725 + description: Name of the referent. 1726 + type: string 1727 + required: 1728 + - name 1729 + type: object 1730 + toPath: 1731 + description: |- 1732 + ToPath specifies the path to copy contents to, defaults to the name of 1733 + the GitRepositoryRef. 1734 + type: string 1735 + required: 1736 + - repository 1737 + type: object 1738 + type: array 1739 + observedRecurseSubmodules: 1740 + description: |- 1741 + ObservedRecurseSubmodules is the observed resource submodules 1742 + configuration used to produce the current Artifact. 1743 + type: boolean 1744 + observedSparseCheckout: 1745 + description: |- 1746 + ObservedSparseCheckout is the observed list of directories used to 1747 + produce the current Artifact. 1748 + items: 1749 + type: string 1750 + type: array 1751 + sourceVerificationMode: 1752 + description: |- 1753 + SourceVerificationMode is the last used verification mode indicating 1754 + which Git object(s) have been verified. 1755 + type: string 1756 + type: object 1757 + type: object 1758 + served: true 1759 + storage: true 1760 + subresources: 1761 + status: {} 1762 + - additionalPrinterColumns: 1763 + - jsonPath: .spec.url 1764 + name: URL 1765 + type: string 1766 + - jsonPath: .status.conditions[?(@.type=="Ready")].status 1767 + name: Ready 1768 + type: string 1769 + - jsonPath: .status.conditions[?(@.type=="Ready")].message 1770 + name: Status 1771 + type: string 1772 + - jsonPath: .metadata.creationTimestamp 1773 + name: Age 1774 + type: date 1775 + deprecated: true 1776 + deprecationWarning: v1beta1 GitRepository is deprecated, upgrade to v1 1777 + name: v1beta1 1778 + schema: 1779 + openAPIV3Schema: 1780 + description: GitRepository is the Schema for the gitrepositories API 1781 + properties: 1782 + apiVersion: 1783 + description: |- 1784 + APIVersion defines the versioned schema of this representation of an object. 1785 + Servers should convert recognized schemas to the latest internal value, and 1786 + may reject unrecognized values. 1787 + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources 1788 + type: string 1789 + kind: 1790 + description: |- 1791 + Kind is a string value representing the REST resource this object represents. 1792 + Servers may infer this from the endpoint the client submits requests to. 1793 + Cannot be updated. 1794 + In CamelCase. 1795 + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds 1796 + type: string 1797 + metadata: 1798 + type: object 1799 + spec: 1800 + description: GitRepositorySpec defines the desired state of a Git repository. 1801 + properties: 1802 + accessFrom: 1803 + description: AccessFrom defines an Access Control List for allowing 1804 + cross-namespace references to this object. 1805 + properties: 1806 + namespaceSelectors: 1807 + description: |- 1808 + NamespaceSelectors is the list of namespace selectors to which this ACL applies. 1809 + Items in this list are evaluated using a logical OR operation. 1810 + items: 1811 + description: |- 1812 + NamespaceSelector selects the namespaces to which this ACL applies. 1813 + An empty map of MatchLabels matches all namespaces in a cluster. 1814 + properties: 1815 + matchLabels: 1816 + additionalProperties: 1817 + type: string 1818 + description: |- 1819 + MatchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels 1820 + map is equivalent to an element of matchExpressions, whose key field is "key", the 1821 + operator is "In", and the values array contains only "value". The requirements are ANDed. 1822 + type: object 1823 + type: object 1824 + type: array 1825 + required: 1826 + - namespaceSelectors 1827 + type: object 1828 + gitImplementation: 1829 + default: go-git 1830 + description: |- 1831 + Determines which git client library to use. 1832 + Defaults to go-git, valid values are ('go-git', 'libgit2'). 1833 + enum: 1834 + - go-git 1835 + - libgit2 1836 + type: string 1837 + ignore: 1838 + description: |- 1839 + Ignore overrides the set of excluded patterns in the .sourceignore format 1840 + (which is the same as .gitignore). If not provided, a default will be used, 1841 + consult the documentation for your version to find out what those are. 1842 + type: string 1843 + include: 1844 + description: Extra git repositories to map into the repository 1845 + items: 1846 + description: GitRepositoryInclude defines a source with a from and 1847 + to path. 1848 + properties: 1849 + fromPath: 1850 + description: The path to copy contents from, defaults to the 1851 + root directory. 1852 + type: string 1853 + repository: 1854 + description: Reference to a GitRepository to include. 1855 + properties: 1856 + name: 1857 + description: Name of the referent. 1858 + type: string 1859 + required: 1860 + - name 1861 + type: object 1862 + toPath: 1863 + description: The path to copy contents to, defaults to the name 1864 + of the source ref. 1865 + type: string 1866 + required: 1867 + - repository 1868 + type: object 1869 + type: array 1870 + interval: 1871 + description: The interval at which to check for repository updates. 1872 + type: string 1873 + recurseSubmodules: 1874 + description: |- 1875 + When enabled, after the clone is created, initializes all submodules within, 1876 + using their default settings. 1877 + This option is available only when using the 'go-git' GitImplementation. 1878 + type: boolean 1879 + ref: 1880 + description: |- 1881 + The Git reference to checkout and monitor for changes, defaults to 1882 + master branch. 1883 + properties: 1884 + branch: 1885 + description: The Git branch to checkout, defaults to master. 1886 + type: string 1887 + commit: 1888 + description: The Git commit SHA to checkout, if specified Tag 1889 + filters will be ignored. 1890 + type: string 1891 + semver: 1892 + description: The Git tag semver expression, takes precedence over 1893 + Tag. 1894 + type: string 1895 + tag: 1896 + description: The Git tag to checkout, takes precedence over Branch. 1897 + type: string 1898 + type: object 1899 + secretRef: 1900 + description: |- 1901 + The secret name containing the Git credentials. 1902 + For HTTPS repositories the secret must contain username and password 1903 + fields. 1904 + For SSH repositories the secret must contain identity and known_hosts 1905 + fields. 1906 + properties: 1907 + name: 1908 + description: Name of the referent. 1909 + type: string 1910 + required: 1911 + - name 1912 + type: object 1913 + suspend: 1914 + description: This flag tells the controller to suspend the reconciliation 1915 + of this source. 1916 + type: boolean 1917 + timeout: 1918 + default: 60s 1919 + description: The timeout for remote Git operations like cloning, defaults 1920 + to 60s. 1921 + type: string 1922 + url: 1923 + description: The repository URL, can be a HTTP/S or SSH address. 1924 + pattern: ^(http|https|ssh)://.*$ 1925 + type: string 1926 + verify: 1927 + description: Verify OpenPGP signature for the Git commit HEAD points 1928 + to. 1929 + properties: 1930 + mode: 1931 + description: Mode describes what git object should be verified, 1932 + currently ('head'). 1933 + enum: 1934 + - head 1935 + type: string 1936 + secretRef: 1937 + description: The secret name containing the public keys of all 1938 + trusted Git authors. 1939 + properties: 1940 + name: 1941 + description: Name of the referent. 1942 + type: string 1943 + required: 1944 + - name 1945 + type: object 1946 + required: 1947 + - mode 1948 + type: object 1949 + required: 1950 + - interval 1951 + - url 1952 + type: object 1953 + status: 1954 + default: 1955 + observedGeneration: -1 1956 + description: GitRepositoryStatus defines the observed state of a Git repository. 1957 + properties: 1958 + artifact: 1959 + description: Artifact represents the output of the last successful 1960 + repository sync. 1961 + properties: 1962 + checksum: 1963 + description: Checksum is the SHA256 checksum of the artifact. 1964 + type: string 1965 + lastUpdateTime: 1966 + description: |- 1967 + LastUpdateTime is the timestamp corresponding to the last update of this 1968 + artifact. 1969 + format: date-time 1970 + type: string 1971 + path: 1972 + description: Path is the relative file path of this artifact. 1973 + type: string 1974 + revision: 1975 + description: |- 1976 + Revision is a human readable identifier traceable in the origin source 1977 + system. It can be a Git commit SHA, Git tag, a Helm index timestamp, a Helm 1978 + chart version, etc. 1979 + type: string 1980 + url: 1981 + description: URL is the HTTP address of this artifact. 1982 + type: string 1983 + required: 1984 + - lastUpdateTime 1985 + - path 1986 + - url 1987 + type: object 1988 + conditions: 1989 + description: Conditions holds the conditions for the GitRepository. 1990 + items: 1991 + description: Condition contains details for one aspect of the current 1992 + state of this API Resource. 1993 + properties: 1994 + lastTransitionTime: 1995 + description: |- 1996 + lastTransitionTime is the last time the condition transitioned from one status to another. 1997 + This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. 1998 + format: date-time 1999 + type: string 2000 + message: 2001 + description: |- 2002 + message is a human readable message indicating details about the transition. 2003 + This may be an empty string. 2004 + maxLength: 32768 2005 + type: string 2006 + observedGeneration: 2007 + description: |- 2008 + observedGeneration represents the .metadata.generation that the condition was set based upon. 2009 + For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date 2010 + with respect to the current state of the instance. 2011 + format: int64 2012 + minimum: 0 2013 + type: integer 2014 + reason: 2015 + description: |- 2016 + reason contains a programmatic identifier indicating the reason for the condition's last transition. 2017 + Producers of specific condition types may define expected values and meanings for this field, 2018 + and whether the values are considered a guaranteed API. 2019 + The value should be a CamelCase string. 2020 + This field may not be empty. 2021 + maxLength: 1024 2022 + minLength: 1 2023 + pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ 2024 + type: string 2025 + status: 2026 + description: status of the condition, one of True, False, Unknown. 2027 + enum: 2028 + - "True" 2029 + - "False" 2030 + - Unknown 2031 + type: string 2032 + type: 2033 + description: type of condition in CamelCase or in foo.example.com/CamelCase. 2034 + maxLength: 316 2035 + pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ 2036 + type: string 2037 + required: 2038 + - lastTransitionTime 2039 + - message 2040 + - reason 2041 + - status 2042 + - type 2043 + type: object 2044 + type: array 2045 + includedArtifacts: 2046 + description: IncludedArtifacts represents the included artifacts from 2047 + the last successful repository sync. 2048 + items: 2049 + description: Artifact represents the output of a source synchronisation. 2050 + properties: 2051 + checksum: 2052 + description: Checksum is the SHA256 checksum of the artifact. 2053 + type: string 2054 + lastUpdateTime: 2055 + description: |- 2056 + LastUpdateTime is the timestamp corresponding to the last update of this 2057 + artifact. 2058 + format: date-time 2059 + type: string 2060 + path: 2061 + description: Path is the relative file path of this artifact. 2062 + type: string 2063 + revision: 2064 + description: |- 2065 + Revision is a human readable identifier traceable in the origin source 2066 + system. It can be a Git commit SHA, Git tag, a Helm index timestamp, a Helm 2067 + chart version, etc. 2068 + type: string 2069 + url: 2070 + description: URL is the HTTP address of this artifact. 2071 + type: string 2072 + required: 2073 + - lastUpdateTime 2074 + - path 2075 + - url 2076 + type: object 2077 + type: array 2078 + lastHandledReconcileAt: 2079 + description: |- 2080 + LastHandledReconcileAt holds the value of the most recent 2081 + reconcile request value, so a change of the annotation value 2082 + can be detected. 2083 + type: string 2084 + observedGeneration: 2085 + description: ObservedGeneration is the last observed generation. 2086 + format: int64 2087 + type: integer 2088 + url: 2089 + description: |- 2090 + URL is the download link for the artifact output of the last repository 2091 + sync. 2092 + type: string 2093 + type: object 2094 + type: object 2095 + served: true 2096 + storage: false 2097 + subresources: 2098 + status: {} 2099 + - additionalPrinterColumns: 2100 + - jsonPath: .spec.url 2101 + name: URL 2102 + type: string 2103 + - jsonPath: .metadata.creationTimestamp 2104 + name: Age 2105 + type: date 2106 + - jsonPath: .status.conditions[?(@.type=="Ready")].status 2107 + name: Ready 2108 + type: string 2109 + - jsonPath: .status.conditions[?(@.type=="Ready")].message 2110 + name: Status 2111 + type: string 2112 + deprecated: true 2113 + deprecationWarning: v1beta2 GitRepository is deprecated, upgrade to v1 2114 + name: v1beta2 2115 + schema: 2116 + openAPIV3Schema: 2117 + description: GitRepository is the Schema for the gitrepositories API. 2118 + properties: 2119 + apiVersion: 2120 + description: |- 2121 + APIVersion defines the versioned schema of this representation of an object. 2122 + Servers should convert recognized schemas to the latest internal value, and 2123 + may reject unrecognized values. 2124 + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources 2125 + type: string 2126 + kind: 2127 + description: |- 2128 + Kind is a string value representing the REST resource this object represents. 2129 + Servers may infer this from the endpoint the client submits requests to. 2130 + Cannot be updated. 2131 + In CamelCase. 2132 + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds 2133 + type: string 2134 + metadata: 2135 + type: object 2136 + spec: 2137 + description: |- 2138 + GitRepositorySpec specifies the required configuration to produce an 2139 + Artifact for a Git repository. 2140 + properties: 2141 + accessFrom: 2142 + description: |- 2143 + AccessFrom specifies an Access Control List for allowing cross-namespace 2144 + references to this object. 2145 + NOTE: Not implemented, provisional as of https://github.com/fluxcd/flux2/pull/2092 2146 + properties: 2147 + namespaceSelectors: 2148 + description: |- 2149 + NamespaceSelectors is the list of namespace selectors to which this ACL applies. 2150 + Items in this list are evaluated using a logical OR operation. 2151 + items: 2152 + description: |- 2153 + NamespaceSelector selects the namespaces to which this ACL applies. 2154 + An empty map of MatchLabels matches all namespaces in a cluster. 2155 + properties: 2156 + matchLabels: 2157 + additionalProperties: 2158 + type: string 2159 + description: |- 2160 + MatchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels 2161 + map is equivalent to an element of matchExpressions, whose key field is "key", the 2162 + operator is "In", and the values array contains only "value". The requirements are ANDed. 2163 + type: object 2164 + type: object 2165 + type: array 2166 + required: 2167 + - namespaceSelectors 2168 + type: object 2169 + gitImplementation: 2170 + default: go-git 2171 + description: |- 2172 + GitImplementation specifies which Git client library implementation to 2173 + use. Defaults to 'go-git', valid values are ('go-git', 'libgit2'). 2174 + Deprecated: gitImplementation is deprecated now that 'go-git' is the 2175 + only supported implementation. 2176 + enum: 2177 + - go-git 2178 + - libgit2 2179 + type: string 2180 + ignore: 2181 + description: |- 2182 + Ignore overrides the set of excluded patterns in the .sourceignore format 2183 + (which is the same as .gitignore). If not provided, a default will be used, 2184 + consult the documentation for your version to find out what those are. 2185 + type: string 2186 + include: 2187 + description: |- 2188 + Include specifies a list of GitRepository resources which Artifacts 2189 + should be included in the Artifact produced for this GitRepository. 2190 + items: 2191 + description: |- 2192 + GitRepositoryInclude specifies a local reference to a GitRepository which 2193 + Artifact (sub-)contents must be included, and where they should be placed. 2194 + properties: 2195 + fromPath: 2196 + description: |- 2197 + FromPath specifies the path to copy contents from, defaults to the root 2198 + of the Artifact. 2199 + type: string 2200 + repository: 2201 + description: |- 2202 + GitRepositoryRef specifies the GitRepository which Artifact contents 2203 + must be included. 2204 + properties: 2205 + name: 2206 + description: Name of the referent. 2207 + type: string 2208 + required: 2209 + - name 2210 + type: object 2211 + toPath: 2212 + description: |- 2213 + ToPath specifies the path to copy contents to, defaults to the name of 2214 + the GitRepositoryRef. 2215 + type: string 2216 + required: 2217 + - repository 2218 + type: object 2219 + type: array 2220 + interval: 2221 + description: Interval at which to check the GitRepository for updates. 2222 + pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$ 2223 + type: string 2224 + recurseSubmodules: 2225 + description: |- 2226 + RecurseSubmodules enables the initialization of all submodules within 2227 + the GitRepository as cloned from the URL, using their default settings. 2228 + type: boolean 2229 + ref: 2230 + description: |- 2231 + Reference specifies the Git reference to resolve and monitor for 2232 + changes, defaults to the 'master' branch. 2233 + properties: 2234 + branch: 2235 + description: Branch to check out, defaults to 'master' if no other 2236 + field is defined. 2237 + type: string 2238 + commit: 2239 + description: |- 2240 + Commit SHA to check out, takes precedence over all reference fields. 2241 + 2242 + This can be combined with Branch to shallow clone the branch, in which 2243 + the commit is expected to exist. 2244 + type: string 2245 + name: 2246 + description: |- 2247 + Name of the reference to check out; takes precedence over Branch, Tag and SemVer. 2248 + 2249 + It must be a valid Git reference: https://git-scm.com/docs/git-check-ref-format#_description 2250 + Examples: "refs/heads/main", "refs/tags/v0.1.0", "refs/pull/420/head", "refs/merge-requests/1/head" 2251 + type: string 2252 + semver: 2253 + description: SemVer tag expression to check out, takes precedence 2254 + over Tag. 2255 + type: string 2256 + tag: 2257 + description: Tag to check out, takes precedence over Branch. 2258 + type: string 2259 + type: object 2260 + secretRef: 2261 + description: |- 2262 + SecretRef specifies the Secret containing authentication credentials for 2263 + the GitRepository. 2264 + For HTTPS repositories the Secret must contain 'username' and 'password' 2265 + fields for basic auth or 'bearerToken' field for token auth. 2266 + For SSH repositories the Secret must contain 'identity' 2267 + and 'known_hosts' fields. 2268 + properties: 2269 + name: 2270 + description: Name of the referent. 2271 + type: string 2272 + required: 2273 + - name 2274 + type: object 2275 + suspend: 2276 + description: |- 2277 + Suspend tells the controller to suspend the reconciliation of this 2278 + GitRepository. 2279 + type: boolean 2280 + timeout: 2281 + default: 60s 2282 + description: Timeout for Git operations like cloning, defaults to 2283 + 60s. 2284 + pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m))+$ 2285 + type: string 2286 + url: 2287 + description: URL specifies the Git repository URL, it can be an HTTP/S 2288 + or SSH address. 2289 + pattern: ^(http|https|ssh)://.*$ 2290 + type: string 2291 + verify: 2292 + description: |- 2293 + Verification specifies the configuration to verify the Git commit 2294 + signature(s). 2295 + properties: 2296 + mode: 2297 + description: Mode specifies what Git object should be verified, 2298 + currently ('head'). 2299 + enum: 2300 + - head 2301 + type: string 2302 + secretRef: 2303 + description: |- 2304 + SecretRef specifies the Secret containing the public keys of trusted Git 2305 + authors. 2306 + properties: 2307 + name: 2308 + description: Name of the referent. 2309 + type: string 2310 + required: 2311 + - name 2312 + type: object 2313 + required: 2314 + - mode 2315 + - secretRef 2316 + type: object 2317 + required: 2318 + - interval 2319 + - url 2320 + type: object 2321 + status: 2322 + default: 2323 + observedGeneration: -1 2324 + description: GitRepositoryStatus records the observed state of a Git repository. 2325 + properties: 2326 + artifact: 2327 + description: Artifact represents the last successful GitRepository 2328 + reconciliation. 2329 + properties: 2330 + digest: 2331 + description: Digest is the digest of the file in the form of '<algorithm>:<checksum>'. 2332 + pattern: ^[a-z0-9]+(?:[.+_-][a-z0-9]+)*:[a-zA-Z0-9=_-]+$ 2333 + type: string 2334 + lastUpdateTime: 2335 + description: |- 2336 + LastUpdateTime is the timestamp corresponding to the last update of the 2337 + Artifact. 2338 + format: date-time 2339 + type: string 2340 + metadata: 2341 + additionalProperties: 2342 + type: string 2343 + description: Metadata holds upstream information such as OCI annotations. 2344 + type: object 2345 + path: 2346 + description: |- 2347 + Path is the relative file path of the Artifact. It can be used to locate 2348 + the file in the root of the Artifact storage on the local file system of 2349 + the controller managing the Source. 2350 + type: string 2351 + revision: 2352 + description: |- 2353 + Revision is a human-readable identifier traceable in the origin source 2354 + system. It can be a Git commit SHA, Git tag, a Helm chart version, etc. 2355 + type: string 2356 + size: 2357 + description: Size is the number of bytes in the file. 2358 + format: int64 2359 + type: integer 2360 + url: 2361 + description: |- 2362 + URL is the HTTP address of the Artifact as exposed by the controller 2363 + managing the Source. It can be used to retrieve the Artifact for 2364 + consumption, e.g. by another controller applying the Artifact contents. 2365 + type: string 2366 + required: 2367 + - lastUpdateTime 2368 + - path 2369 + - revision 2370 + - url 2371 + type: object 2372 + conditions: 2373 + description: Conditions holds the conditions for the GitRepository. 2374 + items: 2375 + description: Condition contains details for one aspect of the current 2376 + state of this API Resource. 2377 + properties: 2378 + lastTransitionTime: 2379 + description: |- 2380 + lastTransitionTime is the last time the condition transitioned from one status to another. 2381 + This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. 2382 + format: date-time 2383 + type: string 2384 + message: 2385 + description: |- 2386 + message is a human readable message indicating details about the transition. 2387 + This may be an empty string. 2388 + maxLength: 32768 2389 + type: string 2390 + observedGeneration: 2391 + description: |- 2392 + observedGeneration represents the .metadata.generation that the condition was set based upon. 2393 + For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date 2394 + with respect to the current state of the instance. 2395 + format: int64 2396 + minimum: 0 2397 + type: integer 2398 + reason: 2399 + description: |- 2400 + reason contains a programmatic identifier indicating the reason for the condition's last transition. 2401 + Producers of specific condition types may define expected values and meanings for this field, 2402 + and whether the values are considered a guaranteed API. 2403 + The value should be a CamelCase string. 2404 + This field may not be empty. 2405 + maxLength: 1024 2406 + minLength: 1 2407 + pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ 2408 + type: string 2409 + status: 2410 + description: status of the condition, one of True, False, Unknown. 2411 + enum: 2412 + - "True" 2413 + - "False" 2414 + - Unknown 2415 + type: string 2416 + type: 2417 + description: type of condition in CamelCase or in foo.example.com/CamelCase. 2418 + maxLength: 316 2419 + pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ 2420 + type: string 2421 + required: 2422 + - lastTransitionTime 2423 + - message 2424 + - reason 2425 + - status 2426 + - type 2427 + type: object 2428 + type: array 2429 + contentConfigChecksum: 2430 + description: |- 2431 + ContentConfigChecksum is a checksum of all the configurations related to 2432 + the content of the source artifact: 2433 + - .spec.ignore 2434 + - .spec.recurseSubmodules 2435 + - .spec.included and the checksum of the included artifacts 2436 + observed in .status.observedGeneration version of the object. This can 2437 + be used to determine if the content of the included repository has 2438 + changed. 2439 + It has the format of `<algo>:<checksum>`, for example: `sha256:<checksum>`. 2440 + 2441 + Deprecated: Replaced with explicit fields for observed artifact content 2442 + config in the status. 2443 + type: string 2444 + includedArtifacts: 2445 + description: |- 2446 + IncludedArtifacts contains a list of the last successfully included 2447 + Artifacts as instructed by GitRepositorySpec.Include. 2448 + items: 2449 + description: Artifact represents the output of a Source reconciliation. 2450 + properties: 2451 + digest: 2452 + description: Digest is the digest of the file in the form of 2453 + '<algorithm>:<checksum>'. 2454 + pattern: ^[a-z0-9]+(?:[.+_-][a-z0-9]+)*:[a-zA-Z0-9=_-]+$ 2455 + type: string 2456 + lastUpdateTime: 2457 + description: |- 2458 + LastUpdateTime is the timestamp corresponding to the last update of the 2459 + Artifact. 2460 + format: date-time 2461 + type: string 2462 + metadata: 2463 + additionalProperties: 2464 + type: string 2465 + description: Metadata holds upstream information such as OCI 2466 + annotations. 2467 + type: object 2468 + path: 2469 + description: |- 2470 + Path is the relative file path of the Artifact. It can be used to locate 2471 + the file in the root of the Artifact storage on the local file system of 2472 + the controller managing the Source. 2473 + type: string 2474 + revision: 2475 + description: |- 2476 + Revision is a human-readable identifier traceable in the origin source 2477 + system. It can be a Git commit SHA, Git tag, a Helm chart version, etc. 2478 + type: string 2479 + size: 2480 + description: Size is the number of bytes in the file. 2481 + format: int64 2482 + type: integer 2483 + url: 2484 + description: |- 2485 + URL is the HTTP address of the Artifact as exposed by the controller 2486 + managing the Source. It can be used to retrieve the Artifact for 2487 + consumption, e.g. by another controller applying the Artifact contents. 2488 + type: string 2489 + required: 2490 + - lastUpdateTime 2491 + - path 2492 + - revision 2493 + - url 2494 + type: object 2495 + type: array 2496 + lastHandledReconcileAt: 2497 + description: |- 2498 + LastHandledReconcileAt holds the value of the most recent 2499 + reconcile request value, so a change of the annotation value 2500 + can be detected. 2501 + type: string 2502 + observedGeneration: 2503 + description: |- 2504 + ObservedGeneration is the last observed generation of the GitRepository 2505 + object. 2506 + format: int64 2507 + type: integer 2508 + observedIgnore: 2509 + description: |- 2510 + ObservedIgnore is the observed exclusion patterns used for constructing 2511 + the source artifact. 2512 + type: string 2513 + observedInclude: 2514 + description: |- 2515 + ObservedInclude is the observed list of GitRepository resources used to 2516 + to produce the current Artifact. 2517 + items: 2518 + description: |- 2519 + GitRepositoryInclude specifies a local reference to a GitRepository which 2520 + Artifact (sub-)contents must be included, and where they should be placed. 2521 + properties: 2522 + fromPath: 2523 + description: |- 2524 + FromPath specifies the path to copy contents from, defaults to the root 2525 + of the Artifact. 2526 + type: string 2527 + repository: 2528 + description: |- 2529 + GitRepositoryRef specifies the GitRepository which Artifact contents 2530 + must be included. 2531 + properties: 2532 + name: 2533 + description: Name of the referent. 2534 + type: string 2535 + required: 2536 + - name 2537 + type: object 2538 + toPath: 2539 + description: |- 2540 + ToPath specifies the path to copy contents to, defaults to the name of 2541 + the GitRepositoryRef. 2542 + type: string 2543 + required: 2544 + - repository 2545 + type: object 2546 + type: array 2547 + observedRecurseSubmodules: 2548 + description: |- 2549 + ObservedRecurseSubmodules is the observed resource submodules 2550 + configuration used to produce the current Artifact. 2551 + type: boolean 2552 + url: 2553 + description: |- 2554 + URL is the dynamic fetch link for the latest Artifact. 2555 + It is provided on a "best effort" basis, and using the precise 2556 + GitRepositoryStatus.Artifact data is recommended. 2557 + type: string 2558 + type: object 2559 + type: object 2560 + served: true 2561 + storage: false 2562 + subresources: 2563 + status: {} 2564 + --- 2565 + apiVersion: apiextensions.k8s.io/v1 2566 + kind: CustomResourceDefinition 2567 + metadata: 2568 + annotations: 2569 + controller-gen.kubebuilder.io/version: v0.16.1 2570 + labels: 2571 + app.kubernetes.io/component: source-controller 2572 + app.kubernetes.io/instance: flux-system 2573 + app.kubernetes.io/part-of: flux 2574 + app.kubernetes.io/version: v2.6.4 2575 + name: helmcharts.source.toolkit.fluxcd.io 2576 + spec: 2577 + group: source.toolkit.fluxcd.io 2578 + names: 2579 + kind: HelmChart 2580 + listKind: HelmChartList 2581 + plural: helmcharts 2582 + shortNames: 2583 + - hc 2584 + singular: helmchart 2585 + scope: Namespaced 2586 + versions: 2587 + - additionalPrinterColumns: 2588 + - jsonPath: .spec.chart 2589 + name: Chart 2590 + type: string 2591 + - jsonPath: .spec.version 2592 + name: Version 2593 + type: string 2594 + - jsonPath: .spec.sourceRef.kind 2595 + name: Source Kind 2596 + type: string 2597 + - jsonPath: .spec.sourceRef.name 2598 + name: Source Name 2599 + type: string 2600 + - jsonPath: .metadata.creationTimestamp 2601 + name: Age 2602 + type: date 2603 + - jsonPath: .status.conditions[?(@.type=="Ready")].status 2604 + name: Ready 2605 + type: string 2606 + - jsonPath: .status.conditions[?(@.type=="Ready")].message 2607 + name: Status 2608 + type: string 2609 + name: v1 2610 + schema: 2611 + openAPIV3Schema: 2612 + description: HelmChart is the Schema for the helmcharts API. 2613 + properties: 2614 + apiVersion: 2615 + description: |- 2616 + APIVersion defines the versioned schema of this representation of an object. 2617 + Servers should convert recognized schemas to the latest internal value, and 2618 + may reject unrecognized values. 2619 + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources 2620 + type: string 2621 + kind: 2622 + description: |- 2623 + Kind is a string value representing the REST resource this object represents. 2624 + Servers may infer this from the endpoint the client submits requests to. 2625 + Cannot be updated. 2626 + In CamelCase. 2627 + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds 2628 + type: string 2629 + metadata: 2630 + type: object 2631 + spec: 2632 + description: HelmChartSpec specifies the desired state of a Helm chart. 2633 + properties: 2634 + chart: 2635 + description: |- 2636 + Chart is the name or path the Helm chart is available at in the 2637 + SourceRef. 2638 + type: string 2639 + ignoreMissingValuesFiles: 2640 + description: |- 2641 + IgnoreMissingValuesFiles controls whether to silently ignore missing values 2642 + files rather than failing. 2643 + type: boolean 2644 + interval: 2645 + description: |- 2646 + Interval at which the HelmChart SourceRef is checked for updates. 2647 + This interval is approximate and may be subject to jitter to ensure 2648 + efficient use of resources. 2649 + pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$ 2650 + type: string 2651 + reconcileStrategy: 2652 + default: ChartVersion 2653 + description: |- 2654 + ReconcileStrategy determines what enables the creation of a new artifact. 2655 + Valid values are ('ChartVersion', 'Revision'). 2656 + See the documentation of the values for an explanation on their behavior. 2657 + Defaults to ChartVersion when omitted. 2658 + enum: 2659 + - ChartVersion 2660 + - Revision 2661 + type: string 2662 + sourceRef: 2663 + description: SourceRef is the reference to the Source the chart is 2664 + available at. 2665 + properties: 2666 + apiVersion: 2667 + description: APIVersion of the referent. 2668 + type: string 2669 + kind: 2670 + description: |- 2671 + Kind of the referent, valid values are ('HelmRepository', 'GitRepository', 2672 + 'Bucket'). 2673 + enum: 2674 + - HelmRepository 2675 + - GitRepository 2676 + - Bucket 2677 + type: string 2678 + name: 2679 + description: Name of the referent. 2680 + type: string 2681 + required: 2682 + - kind 2683 + - name 2684 + type: object 2685 + suspend: 2686 + description: |- 2687 + Suspend tells the controller to suspend the reconciliation of this 2688 + source. 2689 + type: boolean 2690 + valuesFiles: 2691 + description: |- 2692 + ValuesFiles is an alternative list of values files to use as the chart 2693 + values (values.yaml is not included by default), expected to be a 2694 + relative path in the SourceRef. 2695 + Values files are merged in the order of this list with the last file 2696 + overriding the first. Ignored when omitted. 2697 + items: 2698 + type: string 2699 + type: array 2700 + verify: 2701 + description: |- 2702 + Verify contains the secret name containing the trusted public keys 2703 + used to verify the signature and specifies which provider to use to check 2704 + whether OCI image is authentic. 2705 + This field is only supported when using HelmRepository source with spec.type 'oci'. 2706 + Chart dependencies, which are not bundled in the umbrella chart artifact, are not verified. 2707 + properties: 2708 + matchOIDCIdentity: 2709 + description: |- 2710 + MatchOIDCIdentity specifies the identity matching criteria to use 2711 + while verifying an OCI artifact which was signed using Cosign keyless 2712 + signing. The artifact's identity is deemed to be verified if any of the 2713 + specified matchers match against the identity. 2714 + items: 2715 + description: |- 2716 + OIDCIdentityMatch specifies options for verifying the certificate identity, 2717 + i.e. the issuer and the subject of the certificate. 2718 + properties: 2719 + issuer: 2720 + description: |- 2721 + Issuer specifies the regex pattern to match against to verify 2722 + the OIDC issuer in the Fulcio certificate. The pattern must be a 2723 + valid Go regular expression. 2724 + type: string 2725 + subject: 2726 + description: |- 2727 + Subject specifies the regex pattern to match against to verify 2728 + the identity subject in the Fulcio certificate. The pattern must 2729 + be a valid Go regular expression. 2730 + type: string 2731 + required: 2732 + - issuer 2733 + - subject 2734 + type: object 2735 + type: array 2736 + provider: 2737 + default: cosign 2738 + description: Provider specifies the technology used to sign the 2739 + OCI Artifact. 2740 + enum: 2741 + - cosign 2742 + - notation 2743 + type: string 2744 + secretRef: 2745 + description: |- 2746 + SecretRef specifies the Kubernetes Secret containing the 2747 + trusted public keys. 2748 + properties: 2749 + name: 2750 + description: Name of the referent. 2751 + type: string 2752 + required: 2753 + - name 2754 + type: object 2755 + required: 2756 + - provider 2757 + type: object 2758 + version: 2759 + default: '*' 2760 + description: |- 2761 + Version is the chart version semver expression, ignored for charts from 2762 + GitRepository and Bucket sources. Defaults to latest when omitted. 2763 + type: string 2764 + required: 2765 + - chart 2766 + - interval 2767 + - sourceRef 2768 + type: object 2769 + status: 2770 + default: 2771 + observedGeneration: -1 2772 + description: HelmChartStatus records the observed state of the HelmChart. 2773 + properties: 2774 + artifact: 2775 + description: Artifact represents the output of the last successful 2776 + reconciliation. 2777 + properties: 2778 + digest: 2779 + description: Digest is the digest of the file in the form of '<algorithm>:<checksum>'. 2780 + pattern: ^[a-z0-9]+(?:[.+_-][a-z0-9]+)*:[a-zA-Z0-9=_-]+$ 2781 + type: string 2782 + lastUpdateTime: 2783 + description: |- 2784 + LastUpdateTime is the timestamp corresponding to the last update of the 2785 + Artifact. 2786 + format: date-time 2787 + type: string 2788 + metadata: 2789 + additionalProperties: 2790 + type: string 2791 + description: Metadata holds upstream information such as OCI annotations. 2792 + type: object 2793 + path: 2794 + description: |- 2795 + Path is the relative file path of the Artifact. It can be used to locate 2796 + the file in the root of the Artifact storage on the local file system of 2797 + the controller managing the Source. 2798 + type: string 2799 + revision: 2800 + description: |- 2801 + Revision is a human-readable identifier traceable in the origin source 2802 + system. It can be a Git commit SHA, Git tag, a Helm chart version, etc. 2803 + type: string 2804 + size: 2805 + description: Size is the number of bytes in the file. 2806 + format: int64 2807 + type: integer 2808 + url: 2809 + description: |- 2810 + URL is the HTTP address of the Artifact as exposed by the controller 2811 + managing the Source. It can be used to retrieve the Artifact for 2812 + consumption, e.g. by another controller applying the Artifact contents. 2813 + type: string 2814 + required: 2815 + - lastUpdateTime 2816 + - path 2817 + - revision 2818 + - url 2819 + type: object 2820 + conditions: 2821 + description: Conditions holds the conditions for the HelmChart. 2822 + items: 2823 + description: Condition contains details for one aspect of the current 2824 + state of this API Resource. 2825 + properties: 2826 + lastTransitionTime: 2827 + description: |- 2828 + lastTransitionTime is the last time the condition transitioned from one status to another. 2829 + This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. 2830 + format: date-time 2831 + type: string 2832 + message: 2833 + description: |- 2834 + message is a human readable message indicating details about the transition. 2835 + This may be an empty string. 2836 + maxLength: 32768 2837 + type: string 2838 + observedGeneration: 2839 + description: |- 2840 + observedGeneration represents the .metadata.generation that the condition was set based upon. 2841 + For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date 2842 + with respect to the current state of the instance. 2843 + format: int64 2844 + minimum: 0 2845 + type: integer 2846 + reason: 2847 + description: |- 2848 + reason contains a programmatic identifier indicating the reason for the condition's last transition. 2849 + Producers of specific condition types may define expected values and meanings for this field, 2850 + and whether the values are considered a guaranteed API. 2851 + The value should be a CamelCase string. 2852 + This field may not be empty. 2853 + maxLength: 1024 2854 + minLength: 1 2855 + pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ 2856 + type: string 2857 + status: 2858 + description: status of the condition, one of True, False, Unknown. 2859 + enum: 2860 + - "True" 2861 + - "False" 2862 + - Unknown 2863 + type: string 2864 + type: 2865 + description: type of condition in CamelCase or in foo.example.com/CamelCase. 2866 + maxLength: 316 2867 + pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ 2868 + type: string 2869 + required: 2870 + - lastTransitionTime 2871 + - message 2872 + - reason 2873 + - status 2874 + - type 2875 + type: object 2876 + type: array 2877 + lastHandledReconcileAt: 2878 + description: |- 2879 + LastHandledReconcileAt holds the value of the most recent 2880 + reconcile request value, so a change of the annotation value 2881 + can be detected. 2882 + type: string 2883 + observedChartName: 2884 + description: |- 2885 + ObservedChartName is the last observed chart name as specified by the 2886 + resolved chart reference. 2887 + type: string 2888 + observedGeneration: 2889 + description: |- 2890 + ObservedGeneration is the last observed generation of the HelmChart 2891 + object. 2892 + format: int64 2893 + type: integer 2894 + observedSourceArtifactRevision: 2895 + description: |- 2896 + ObservedSourceArtifactRevision is the last observed Artifact.Revision 2897 + of the HelmChartSpec.SourceRef. 2898 + type: string 2899 + observedValuesFiles: 2900 + description: |- 2901 + ObservedValuesFiles are the observed value files of the last successful 2902 + reconciliation. 2903 + It matches the chart in the last successfully reconciled artifact. 2904 + items: 2905 + type: string 2906 + type: array 2907 + url: 2908 + description: |- 2909 + URL is the dynamic fetch link for the latest Artifact. 2910 + It is provided on a "best effort" basis, and using the precise 2911 + BucketStatus.Artifact data is recommended. 2912 + type: string 2913 + type: object 2914 + type: object 2915 + served: true 2916 + storage: true 2917 + subresources: 2918 + status: {} 2919 + - additionalPrinterColumns: 2920 + - jsonPath: .spec.chart 2921 + name: Chart 2922 + type: string 2923 + - jsonPath: .spec.version 2924 + name: Version 2925 + type: string 2926 + - jsonPath: .spec.sourceRef.kind 2927 + name: Source Kind 2928 + type: string 2929 + - jsonPath: .spec.sourceRef.name 2930 + name: Source Name 2931 + type: string 2932 + - jsonPath: .status.conditions[?(@.type=="Ready")].status 2933 + name: Ready 2934 + type: string 2935 + - jsonPath: .status.conditions[?(@.type=="Ready")].message 2936 + name: Status 2937 + type: string 2938 + - jsonPath: .metadata.creationTimestamp 2939 + name: Age 2940 + type: date 2941 + deprecated: true 2942 + deprecationWarning: v1beta1 HelmChart is deprecated, upgrade to v1 2943 + name: v1beta1 2944 + schema: 2945 + openAPIV3Schema: 2946 + description: HelmChart is the Schema for the helmcharts API 2947 + properties: 2948 + apiVersion: 2949 + description: |- 2950 + APIVersion defines the versioned schema of this representation of an object. 2951 + Servers should convert recognized schemas to the latest internal value, and 2952 + may reject unrecognized values. 2953 + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources 2954 + type: string 2955 + kind: 2956 + description: |- 2957 + Kind is a string value representing the REST resource this object represents. 2958 + Servers may infer this from the endpoint the client submits requests to. 2959 + Cannot be updated. 2960 + In CamelCase. 2961 + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds 2962 + type: string 2963 + metadata: 2964 + type: object 2965 + spec: 2966 + description: HelmChartSpec defines the desired state of a Helm chart. 2967 + properties: 2968 + accessFrom: 2969 + description: AccessFrom defines an Access Control List for allowing 2970 + cross-namespace references to this object. 2971 + properties: 2972 + namespaceSelectors: 2973 + description: |- 2974 + NamespaceSelectors is the list of namespace selectors to which this ACL applies. 2975 + Items in this list are evaluated using a logical OR operation. 2976 + items: 2977 + description: |- 2978 + NamespaceSelector selects the namespaces to which this ACL applies. 2979 + An empty map of MatchLabels matches all namespaces in a cluster. 2980 + properties: 2981 + matchLabels: 2982 + additionalProperties: 2983 + type: string 2984 + description: |- 2985 + MatchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels 2986 + map is equivalent to an element of matchExpressions, whose key field is "key", the 2987 + operator is "In", and the values array contains only "value". The requirements are ANDed. 2988 + type: object 2989 + type: object 2990 + type: array 2991 + required: 2992 + - namespaceSelectors 2993 + type: object 2994 + chart: 2995 + description: The name or path the Helm chart is available at in the 2996 + SourceRef. 2997 + type: string 2998 + interval: 2999 + description: The interval at which to check the Source for updates. 3000 + type: string 3001 + reconcileStrategy: 3002 + default: ChartVersion 3003 + description: |- 3004 + Determines what enables the creation of a new artifact. Valid values are 3005 + ('ChartVersion', 'Revision'). 3006 + See the documentation of the values for an explanation on their behavior. 3007 + Defaults to ChartVersion when omitted. 3008 + enum: 3009 + - ChartVersion 3010 + - Revision 3011 + type: string 3012 + sourceRef: 3013 + description: The reference to the Source the chart is available at. 3014 + properties: 3015 + apiVersion: 3016 + description: APIVersion of the referent. 3017 + type: string 3018 + kind: 3019 + description: |- 3020 + Kind of the referent, valid values are ('HelmRepository', 'GitRepository', 3021 + 'Bucket'). 3022 + enum: 3023 + - HelmRepository 3024 + - GitRepository 3025 + - Bucket 3026 + type: string 3027 + name: 3028 + description: Name of the referent. 3029 + type: string 3030 + required: 3031 + - kind 3032 + - name 3033 + type: object 3034 + suspend: 3035 + description: This flag tells the controller to suspend the reconciliation 3036 + of this source. 3037 + type: boolean 3038 + valuesFile: 3039 + description: |- 3040 + Alternative values file to use as the default chart values, expected to 3041 + be a relative path in the SourceRef. Deprecated in favor of ValuesFiles, 3042 + for backwards compatibility the file defined here is merged before the 3043 + ValuesFiles items. Ignored when omitted. 3044 + type: string 3045 + valuesFiles: 3046 + description: |- 3047 + Alternative list of values files to use as the chart values (values.yaml 3048 + is not included by default), expected to be a relative path in the SourceRef. 3049 + Values files are merged in the order of this list with the last file overriding 3050 + the first. Ignored when omitted. 3051 + items: 3052 + type: string 3053 + type: array 3054 + version: 3055 + default: '*' 3056 + description: |- 3057 + The chart version semver expression, ignored for charts from GitRepository 3058 + and Bucket sources. Defaults to latest when omitted. 3059 + type: string 3060 + required: 3061 + - chart 3062 + - interval 3063 + - sourceRef 3064 + type: object 3065 + status: 3066 + default: 3067 + observedGeneration: -1 3068 + description: HelmChartStatus defines the observed state of the HelmChart. 3069 + properties: 3070 + artifact: 3071 + description: Artifact represents the output of the last successful 3072 + chart sync. 3073 + properties: 3074 + checksum: 3075 + description: Checksum is the SHA256 checksum of the artifact. 3076 + type: string 3077 + lastUpdateTime: 3078 + description: |- 3079 + LastUpdateTime is the timestamp corresponding to the last update of this 3080 + artifact. 3081 + format: date-time 3082 + type: string 3083 + path: 3084 + description: Path is the relative file path of this artifact. 3085 + type: string 3086 + revision: 3087 + description: |- 3088 + Revision is a human readable identifier traceable in the origin source 3089 + system. It can be a Git commit SHA, Git tag, a Helm index timestamp, a Helm 3090 + chart version, etc. 3091 + type: string 3092 + url: 3093 + description: URL is the HTTP address of this artifact. 3094 + type: string 3095 + required: 3096 + - lastUpdateTime 3097 + - path 3098 + - url 3099 + type: object 3100 + conditions: 3101 + description: Conditions holds the conditions for the HelmChart. 3102 + items: 3103 + description: Condition contains details for one aspect of the current 3104 + state of this API Resource. 3105 + properties: 3106 + lastTransitionTime: 3107 + description: |- 3108 + lastTransitionTime is the last time the condition transitioned from one status to another. 3109 + This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. 3110 + format: date-time 3111 + type: string 3112 + message: 3113 + description: |- 3114 + message is a human readable message indicating details about the transition. 3115 + This may be an empty string. 3116 + maxLength: 32768 3117 + type: string 3118 + observedGeneration: 3119 + description: |- 3120 + observedGeneration represents the .metadata.generation that the condition was set based upon. 3121 + For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date 3122 + with respect to the current state of the instance. 3123 + format: int64 3124 + minimum: 0 3125 + type: integer 3126 + reason: 3127 + description: |- 3128 + reason contains a programmatic identifier indicating the reason for the condition's last transition. 3129 + Producers of specific condition types may define expected values and meanings for this field, 3130 + and whether the values are considered a guaranteed API. 3131 + The value should be a CamelCase string. 3132 + This field may not be empty. 3133 + maxLength: 1024 3134 + minLength: 1 3135 + pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ 3136 + type: string 3137 + status: 3138 + description: status of the condition, one of True, False, Unknown. 3139 + enum: 3140 + - "True" 3141 + - "False" 3142 + - Unknown 3143 + type: string 3144 + type: 3145 + description: type of condition in CamelCase or in foo.example.com/CamelCase. 3146 + maxLength: 316 3147 + pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ 3148 + type: string 3149 + required: 3150 + - lastTransitionTime 3151 + - message 3152 + - reason 3153 + - status 3154 + - type 3155 + type: object 3156 + type: array 3157 + lastHandledReconcileAt: 3158 + description: |- 3159 + LastHandledReconcileAt holds the value of the most recent 3160 + reconcile request value, so a change of the annotation value 3161 + can be detected. 3162 + type: string 3163 + observedGeneration: 3164 + description: ObservedGeneration is the last observed generation. 3165 + format: int64 3166 + type: integer 3167 + url: 3168 + description: URL is the download link for the last chart pulled. 3169 + type: string 3170 + type: object 3171 + type: object 3172 + served: true 3173 + storage: false 3174 + subresources: 3175 + status: {} 3176 + - additionalPrinterColumns: 3177 + - jsonPath: .spec.chart 3178 + name: Chart 3179 + type: string 3180 + - jsonPath: .spec.version 3181 + name: Version 3182 + type: string 3183 + - jsonPath: .spec.sourceRef.kind 3184 + name: Source Kind 3185 + type: string 3186 + - jsonPath: .spec.sourceRef.name 3187 + name: Source Name 3188 + type: string 3189 + - jsonPath: .metadata.creationTimestamp 3190 + name: Age 3191 + type: date 3192 + - jsonPath: .status.conditions[?(@.type=="Ready")].status 3193 + name: Ready 3194 + type: string 3195 + - jsonPath: .status.conditions[?(@.type=="Ready")].message 3196 + name: Status 3197 + type: string 3198 + deprecated: true 3199 + deprecationWarning: v1beta2 HelmChart is deprecated, upgrade to v1 3200 + name: v1beta2 3201 + schema: 3202 + openAPIV3Schema: 3203 + description: HelmChart is the Schema for the helmcharts API. 3204 + properties: 3205 + apiVersion: 3206 + description: |- 3207 + APIVersion defines the versioned schema of this representation of an object. 3208 + Servers should convert recognized schemas to the latest internal value, and 3209 + may reject unrecognized values. 3210 + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources 3211 + type: string 3212 + kind: 3213 + description: |- 3214 + Kind is a string value representing the REST resource this object represents. 3215 + Servers may infer this from the endpoint the client submits requests to. 3216 + Cannot be updated. 3217 + In CamelCase. 3218 + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds 3219 + type: string 3220 + metadata: 3221 + type: object 3222 + spec: 3223 + description: HelmChartSpec specifies the desired state of a Helm chart. 3224 + properties: 3225 + accessFrom: 3226 + description: |- 3227 + AccessFrom specifies an Access Control List for allowing cross-namespace 3228 + references to this object. 3229 + NOTE: Not implemented, provisional as of https://github.com/fluxcd/flux2/pull/2092 3230 + properties: 3231 + namespaceSelectors: 3232 + description: |- 3233 + NamespaceSelectors is the list of namespace selectors to which this ACL applies. 3234 + Items in this list are evaluated using a logical OR operation. 3235 + items: 3236 + description: |- 3237 + NamespaceSelector selects the namespaces to which this ACL applies. 3238 + An empty map of MatchLabels matches all namespaces in a cluster. 3239 + properties: 3240 + matchLabels: 3241 + additionalProperties: 3242 + type: string 3243 + description: |- 3244 + MatchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels 3245 + map is equivalent to an element of matchExpressions, whose key field is "key", the 3246 + operator is "In", and the values array contains only "value". The requirements are ANDed. 3247 + type: object 3248 + type: object 3249 + type: array 3250 + required: 3251 + - namespaceSelectors 3252 + type: object 3253 + chart: 3254 + description: |- 3255 + Chart is the name or path the Helm chart is available at in the 3256 + SourceRef. 3257 + type: string 3258 + ignoreMissingValuesFiles: 3259 + description: |- 3260 + IgnoreMissingValuesFiles controls whether to silently ignore missing values 3261 + files rather than failing. 3262 + type: boolean 3263 + interval: 3264 + description: |- 3265 + Interval at which the HelmChart SourceRef is checked for updates. 3266 + This interval is approximate and may be subject to jitter to ensure 3267 + efficient use of resources. 3268 + pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$ 3269 + type: string 3270 + reconcileStrategy: 3271 + default: ChartVersion 3272 + description: |- 3273 + ReconcileStrategy determines what enables the creation of a new artifact. 3274 + Valid values are ('ChartVersion', 'Revision'). 3275 + See the documentation of the values for an explanation on their behavior. 3276 + Defaults to ChartVersion when omitted. 3277 + enum: 3278 + - ChartVersion 3279 + - Revision 3280 + type: string 3281 + sourceRef: 3282 + description: SourceRef is the reference to the Source the chart is 3283 + available at. 3284 + properties: 3285 + apiVersion: 3286 + description: APIVersion of the referent. 3287 + type: string 3288 + kind: 3289 + description: |- 3290 + Kind of the referent, valid values are ('HelmRepository', 'GitRepository', 3291 + 'Bucket'). 3292 + enum: 3293 + - HelmRepository 3294 + - GitRepository 3295 + - Bucket 3296 + type: string 3297 + name: 3298 + description: Name of the referent. 3299 + type: string 3300 + required: 3301 + - kind 3302 + - name 3303 + type: object 3304 + suspend: 3305 + description: |- 3306 + Suspend tells the controller to suspend the reconciliation of this 3307 + source. 3308 + type: boolean 3309 + valuesFile: 3310 + description: |- 3311 + ValuesFile is an alternative values file to use as the default chart 3312 + values, expected to be a relative path in the SourceRef. Deprecated in 3313 + favor of ValuesFiles, for backwards compatibility the file specified here 3314 + is merged before the ValuesFiles items. Ignored when omitted. 3315 + type: string 3316 + valuesFiles: 3317 + description: |- 3318 + ValuesFiles is an alternative list of values files to use as the chart 3319 + values (values.yaml is not included by default), expected to be a 3320 + relative path in the SourceRef. 3321 + Values files are merged in the order of this list with the last file 3322 + overriding the first. Ignored when omitted. 3323 + items: 3324 + type: string 3325 + type: array 3326 + verify: 3327 + description: |- 3328 + Verify contains the secret name containing the trusted public keys 3329 + used to verify the signature and specifies which provider to use to check 3330 + whether OCI image is authentic. 3331 + This field is only supported when using HelmRepository source with spec.type 'oci'. 3332 + Chart dependencies, which are not bundled in the umbrella chart artifact, are not verified. 3333 + properties: 3334 + matchOIDCIdentity: 3335 + description: |- 3336 + MatchOIDCIdentity specifies the identity matching criteria to use 3337 + while verifying an OCI artifact which was signed using Cosign keyless 3338 + signing. The artifact's identity is deemed to be verified if any of the 3339 + specified matchers match against the identity. 3340 + items: 3341 + description: |- 3342 + OIDCIdentityMatch specifies options for verifying the certificate identity, 3343 + i.e. the issuer and the subject of the certificate. 3344 + properties: 3345 + issuer: 3346 + description: |- 3347 + Issuer specifies the regex pattern to match against to verify 3348 + the OIDC issuer in the Fulcio certificate. The pattern must be a 3349 + valid Go regular expression. 3350 + type: string 3351 + subject: 3352 + description: |- 3353 + Subject specifies the regex pattern to match against to verify 3354 + the identity subject in the Fulcio certificate. The pattern must 3355 + be a valid Go regular expression. 3356 + type: string 3357 + required: 3358 + - issuer 3359 + - subject 3360 + type: object 3361 + type: array 3362 + provider: 3363 + default: cosign 3364 + description: Provider specifies the technology used to sign the 3365 + OCI Artifact. 3366 + enum: 3367 + - cosign 3368 + - notation 3369 + type: string 3370 + secretRef: 3371 + description: |- 3372 + SecretRef specifies the Kubernetes Secret containing the 3373 + trusted public keys. 3374 + properties: 3375 + name: 3376 + description: Name of the referent. 3377 + type: string 3378 + required: 3379 + - name 3380 + type: object 3381 + required: 3382 + - provider 3383 + type: object 3384 + version: 3385 + default: '*' 3386 + description: |- 3387 + Version is the chart version semver expression, ignored for charts from 3388 + GitRepository and Bucket sources. Defaults to latest when omitted. 3389 + type: string 3390 + required: 3391 + - chart 3392 + - interval 3393 + - sourceRef 3394 + type: object 3395 + status: 3396 + default: 3397 + observedGeneration: -1 3398 + description: HelmChartStatus records the observed state of the HelmChart. 3399 + properties: 3400 + artifact: 3401 + description: Artifact represents the output of the last successful 3402 + reconciliation. 3403 + properties: 3404 + digest: 3405 + description: Digest is the digest of the file in the form of '<algorithm>:<checksum>'. 3406 + pattern: ^[a-z0-9]+(?:[.+_-][a-z0-9]+)*:[a-zA-Z0-9=_-]+$ 3407 + type: string 3408 + lastUpdateTime: 3409 + description: |- 3410 + LastUpdateTime is the timestamp corresponding to the last update of the 3411 + Artifact. 3412 + format: date-time 3413 + type: string 3414 + metadata: 3415 + additionalProperties: 3416 + type: string 3417 + description: Metadata holds upstream information such as OCI annotations. 3418 + type: object 3419 + path: 3420 + description: |- 3421 + Path is the relative file path of the Artifact. It can be used to locate 3422 + the file in the root of the Artifact storage on the local file system of 3423 + the controller managing the Source. 3424 + type: string 3425 + revision: 3426 + description: |- 3427 + Revision is a human-readable identifier traceable in the origin source 3428 + system. It can be a Git commit SHA, Git tag, a Helm chart version, etc. 3429 + type: string 3430 + size: 3431 + description: Size is the number of bytes in the file. 3432 + format: int64 3433 + type: integer 3434 + url: 3435 + description: |- 3436 + URL is the HTTP address of the Artifact as exposed by the controller 3437 + managing the Source. It can be used to retrieve the Artifact for 3438 + consumption, e.g. by another controller applying the Artifact contents. 3439 + type: string 3440 + required: 3441 + - lastUpdateTime 3442 + - path 3443 + - revision 3444 + - url 3445 + type: object 3446 + conditions: 3447 + description: Conditions holds the conditions for the HelmChart. 3448 + items: 3449 + description: Condition contains details for one aspect of the current 3450 + state of this API Resource. 3451 + properties: 3452 + lastTransitionTime: 3453 + description: |- 3454 + lastTransitionTime is the last time the condition transitioned from one status to another. 3455 + This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. 3456 + format: date-time 3457 + type: string 3458 + message: 3459 + description: |- 3460 + message is a human readable message indicating details about the transition. 3461 + This may be an empty string. 3462 + maxLength: 32768 3463 + type: string 3464 + observedGeneration: 3465 + description: |- 3466 + observedGeneration represents the .metadata.generation that the condition was set based upon. 3467 + For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date 3468 + with respect to the current state of the instance. 3469 + format: int64 3470 + minimum: 0 3471 + type: integer 3472 + reason: 3473 + description: |- 3474 + reason contains a programmatic identifier indicating the reason for the condition's last transition. 3475 + Producers of specific condition types may define expected values and meanings for this field, 3476 + and whether the values are considered a guaranteed API. 3477 + The value should be a CamelCase string. 3478 + This field may not be empty. 3479 + maxLength: 1024 3480 + minLength: 1 3481 + pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ 3482 + type: string 3483 + status: 3484 + description: status of the condition, one of True, False, Unknown. 3485 + enum: 3486 + - "True" 3487 + - "False" 3488 + - Unknown 3489 + type: string 3490 + type: 3491 + description: type of condition in CamelCase or in foo.example.com/CamelCase. 3492 + maxLength: 316 3493 + pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ 3494 + type: string 3495 + required: 3496 + - lastTransitionTime 3497 + - message 3498 + - reason 3499 + - status 3500 + - type 3501 + type: object 3502 + type: array 3503 + lastHandledReconcileAt: 3504 + description: |- 3505 + LastHandledReconcileAt holds the value of the most recent 3506 + reconcile request value, so a change of the annotation value 3507 + can be detected. 3508 + type: string 3509 + observedChartName: 3510 + description: |- 3511 + ObservedChartName is the last observed chart name as specified by the 3512 + resolved chart reference. 3513 + type: string 3514 + observedGeneration: 3515 + description: |- 3516 + ObservedGeneration is the last observed generation of the HelmChart 3517 + object. 3518 + format: int64 3519 + type: integer 3520 + observedSourceArtifactRevision: 3521 + description: |- 3522 + ObservedSourceArtifactRevision is the last observed Artifact.Revision 3523 + of the HelmChartSpec.SourceRef. 3524 + type: string 3525 + observedValuesFiles: 3526 + description: |- 3527 + ObservedValuesFiles are the observed value files of the last successful 3528 + reconciliation. 3529 + It matches the chart in the last successfully reconciled artifact. 3530 + items: 3531 + type: string 3532 + type: array 3533 + url: 3534 + description: |- 3535 + URL is the dynamic fetch link for the latest Artifact. 3536 + It is provided on a "best effort" basis, and using the precise 3537 + BucketStatus.Artifact data is recommended. 3538 + type: string 3539 + type: object 3540 + type: object 3541 + served: true 3542 + storage: false 3543 + subresources: 3544 + status: {} 3545 + --- 3546 + apiVersion: apiextensions.k8s.io/v1 3547 + kind: CustomResourceDefinition 3548 + metadata: 3549 + annotations: 3550 + controller-gen.kubebuilder.io/version: v0.16.1 3551 + labels: 3552 + app.kubernetes.io/component: source-controller 3553 + app.kubernetes.io/instance: flux-system 3554 + app.kubernetes.io/part-of: flux 3555 + app.kubernetes.io/version: v2.6.4 3556 + name: helmrepositories.source.toolkit.fluxcd.io 3557 + spec: 3558 + group: source.toolkit.fluxcd.io 3559 + names: 3560 + kind: HelmRepository 3561 + listKind: HelmRepositoryList 3562 + plural: helmrepositories 3563 + shortNames: 3564 + - helmrepo 3565 + singular: helmrepository 3566 + scope: Namespaced 3567 + versions: 3568 + - additionalPrinterColumns: 3569 + - jsonPath: .spec.url 3570 + name: URL 3571 + type: string 3572 + - jsonPath: .metadata.creationTimestamp 3573 + name: Age 3574 + type: date 3575 + - jsonPath: .status.conditions[?(@.type=="Ready")].status 3576 + name: Ready 3577 + type: string 3578 + - jsonPath: .status.conditions[?(@.type=="Ready")].message 3579 + name: Status 3580 + type: string 3581 + name: v1 3582 + schema: 3583 + openAPIV3Schema: 3584 + description: HelmRepository is the Schema for the helmrepositories API. 3585 + properties: 3586 + apiVersion: 3587 + description: |- 3588 + APIVersion defines the versioned schema of this representation of an object. 3589 + Servers should convert recognized schemas to the latest internal value, and 3590 + may reject unrecognized values. 3591 + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources 3592 + type: string 3593 + kind: 3594 + description: |- 3595 + Kind is a string value representing the REST resource this object represents. 3596 + Servers may infer this from the endpoint the client submits requests to. 3597 + Cannot be updated. 3598 + In CamelCase. 3599 + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds 3600 + type: string 3601 + metadata: 3602 + type: object 3603 + spec: 3604 + description: |- 3605 + HelmRepositorySpec specifies the required configuration to produce an 3606 + Artifact for a Helm repository index YAML. 3607 + properties: 3608 + accessFrom: 3609 + description: |- 3610 + AccessFrom specifies an Access Control List for allowing cross-namespace 3611 + references to this object. 3612 + NOTE: Not implemented, provisional as of https://github.com/fluxcd/flux2/pull/2092 3613 + properties: 3614 + namespaceSelectors: 3615 + description: |- 3616 + NamespaceSelectors is the list of namespace selectors to which this ACL applies. 3617 + Items in this list are evaluated using a logical OR operation. 3618 + items: 3619 + description: |- 3620 + NamespaceSelector selects the namespaces to which this ACL applies. 3621 + An empty map of MatchLabels matches all namespaces in a cluster. 3622 + properties: 3623 + matchLabels: 3624 + additionalProperties: 3625 + type: string 3626 + description: |- 3627 + MatchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels 3628 + map is equivalent to an element of matchExpressions, whose key field is "key", the 3629 + operator is "In", and the values array contains only "value". The requirements are ANDed. 3630 + type: object 3631 + type: object 3632 + type: array 3633 + required: 3634 + - namespaceSelectors 3635 + type: object 3636 + certSecretRef: 3637 + description: |- 3638 + CertSecretRef can be given the name of a Secret containing 3639 + either or both of 3640 + 3641 + - a PEM-encoded client certificate (`tls.crt`) and private 3642 + key (`tls.key`); 3643 + - a PEM-encoded CA certificate (`ca.crt`) 3644 + 3645 + and whichever are supplied, will be used for connecting to the 3646 + registry. The client cert and key are useful if you are 3647 + authenticating with a certificate; the CA cert is useful if 3648 + you are using a self-signed server certificate. The Secret must 3649 + be of type `Opaque` or `kubernetes.io/tls`. 3650 + 3651 + It takes precedence over the values specified in the Secret referred 3652 + to by `.spec.secretRef`. 3653 + properties: 3654 + name: 3655 + description: Name of the referent. 3656 + type: string 3657 + required: 3658 + - name 3659 + type: object 3660 + insecure: 3661 + description: |- 3662 + Insecure allows connecting to a non-TLS HTTP container registry. 3663 + This field is only taken into account if the .spec.type field is set to 'oci'. 3664 + type: boolean 3665 + interval: 3666 + description: |- 3667 + Interval at which the HelmRepository URL is checked for updates. 3668 + This interval is approximate and may be subject to jitter to ensure 3669 + efficient use of resources. 3670 + pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$ 3671 + type: string 3672 + passCredentials: 3673 + description: |- 3674 + PassCredentials allows the credentials from the SecretRef to be passed 3675 + on to a host that does not match the host as defined in URL. 3676 + This may be required if the host of the advertised chart URLs in the 3677 + index differ from the defined URL. 3678 + Enabling this should be done with caution, as it can potentially result 3679 + in credentials getting stolen in a MITM-attack. 3680 + type: boolean 3681 + provider: 3682 + default: generic 3683 + description: |- 3684 + Provider used for authentication, can be 'aws', 'azure', 'gcp' or 'generic'. 3685 + This field is optional, and only taken into account if the .spec.type field is set to 'oci'. 3686 + When not specified, defaults to 'generic'. 3687 + enum: 3688 + - generic 3689 + - aws 3690 + - azure 3691 + - gcp 3692 + type: string 3693 + secretRef: 3694 + description: |- 3695 + SecretRef specifies the Secret containing authentication credentials 3696 + for the HelmRepository. 3697 + For HTTP/S basic auth the secret must contain 'username' and 'password' 3698 + fields. 3699 + Support for TLS auth using the 'certFile' and 'keyFile', and/or 'caFile' 3700 + keys is deprecated. Please use `.spec.certSecretRef` instead. 3701 + properties: 3702 + name: 3703 + description: Name of the referent. 3704 + type: string 3705 + required: 3706 + - name 3707 + type: object 3708 + suspend: 3709 + description: |- 3710 + Suspend tells the controller to suspend the reconciliation of this 3711 + HelmRepository. 3712 + type: boolean 3713 + timeout: 3714 + description: |- 3715 + Timeout is used for the index fetch operation for an HTTPS helm repository, 3716 + and for remote OCI Repository operations like pulling for an OCI helm 3717 + chart by the associated HelmChart. 3718 + Its default value is 60s. 3719 + pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m))+$ 3720 + type: string 3721 + type: 3722 + description: |- 3723 + Type of the HelmRepository. 3724 + When this field is set to "oci", the URL field value must be prefixed with "oci://". 3725 + enum: 3726 + - default 3727 + - oci 3728 + type: string 3729 + url: 3730 + description: |- 3731 + URL of the Helm repository, a valid URL contains at least a protocol and 3732 + host. 3733 + pattern: ^(http|https|oci)://.*$ 3734 + type: string 3735 + required: 3736 + - url 3737 + type: object 3738 + status: 3739 + default: 3740 + observedGeneration: -1 3741 + description: HelmRepositoryStatus records the observed state of the HelmRepository. 3742 + properties: 3743 + artifact: 3744 + description: Artifact represents the last successful HelmRepository 3745 + reconciliation. 3746 + properties: 3747 + digest: 3748 + description: Digest is the digest of the file in the form of '<algorithm>:<checksum>'. 3749 + pattern: ^[a-z0-9]+(?:[.+_-][a-z0-9]+)*:[a-zA-Z0-9=_-]+$ 3750 + type: string 3751 + lastUpdateTime: 3752 + description: |- 3753 + LastUpdateTime is the timestamp corresponding to the last update of the 3754 + Artifact. 3755 + format: date-time 3756 + type: string 3757 + metadata: 3758 + additionalProperties: 3759 + type: string 3760 + description: Metadata holds upstream information such as OCI annotations. 3761 + type: object 3762 + path: 3763 + description: |- 3764 + Path is the relative file path of the Artifact. It can be used to locate 3765 + the file in the root of the Artifact storage on the local file system of 3766 + the controller managing the Source. 3767 + type: string 3768 + revision: 3769 + description: |- 3770 + Revision is a human-readable identifier traceable in the origin source 3771 + system. It can be a Git commit SHA, Git tag, a Helm chart version, etc. 3772 + type: string 3773 + size: 3774 + description: Size is the number of bytes in the file. 3775 + format: int64 3776 + type: integer 3777 + url: 3778 + description: |- 3779 + URL is the HTTP address of the Artifact as exposed by the controller 3780 + managing the Source. It can be used to retrieve the Artifact for 3781 + consumption, e.g. by another controller applying the Artifact contents. 3782 + type: string 3783 + required: 3784 + - lastUpdateTime 3785 + - path 3786 + - revision 3787 + - url 3788 + type: object 3789 + conditions: 3790 + description: Conditions holds the conditions for the HelmRepository. 3791 + items: 3792 + description: Condition contains details for one aspect of the current 3793 + state of this API Resource. 3794 + properties: 3795 + lastTransitionTime: 3796 + description: |- 3797 + lastTransitionTime is the last time the condition transitioned from one status to another. 3798 + This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. 3799 + format: date-time 3800 + type: string 3801 + message: 3802 + description: |- 3803 + message is a human readable message indicating details about the transition. 3804 + This may be an empty string. 3805 + maxLength: 32768 3806 + type: string 3807 + observedGeneration: 3808 + description: |- 3809 + observedGeneration represents the .metadata.generation that the condition was set based upon. 3810 + For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date 3811 + with respect to the current state of the instance. 3812 + format: int64 3813 + minimum: 0 3814 + type: integer 3815 + reason: 3816 + description: |- 3817 + reason contains a programmatic identifier indicating the reason for the condition's last transition. 3818 + Producers of specific condition types may define expected values and meanings for this field, 3819 + and whether the values are considered a guaranteed API. 3820 + The value should be a CamelCase string. 3821 + This field may not be empty. 3822 + maxLength: 1024 3823 + minLength: 1 3824 + pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ 3825 + type: string 3826 + status: 3827 + description: status of the condition, one of True, False, Unknown. 3828 + enum: 3829 + - "True" 3830 + - "False" 3831 + - Unknown 3832 + type: string 3833 + type: 3834 + description: type of condition in CamelCase or in foo.example.com/CamelCase. 3835 + maxLength: 316 3836 + pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ 3837 + type: string 3838 + required: 3839 + - lastTransitionTime 3840 + - message 3841 + - reason 3842 + - status 3843 + - type 3844 + type: object 3845 + type: array 3846 + lastHandledReconcileAt: 3847 + description: |- 3848 + LastHandledReconcileAt holds the value of the most recent 3849 + reconcile request value, so a change of the annotation value 3850 + can be detected. 3851 + type: string 3852 + observedGeneration: 3853 + description: |- 3854 + ObservedGeneration is the last observed generation of the HelmRepository 3855 + object. 3856 + format: int64 3857 + type: integer 3858 + url: 3859 + description: |- 3860 + URL is the dynamic fetch link for the latest Artifact. 3861 + It is provided on a "best effort" basis, and using the precise 3862 + HelmRepositoryStatus.Artifact data is recommended. 3863 + type: string 3864 + type: object 3865 + type: object 3866 + served: true 3867 + storage: true 3868 + subresources: 3869 + status: {} 3870 + - additionalPrinterColumns: 3871 + - jsonPath: .spec.url 3872 + name: URL 3873 + type: string 3874 + - jsonPath: .status.conditions[?(@.type=="Ready")].status 3875 + name: Ready 3876 + type: string 3877 + - jsonPath: .status.conditions[?(@.type=="Ready")].message 3878 + name: Status 3879 + type: string 3880 + - jsonPath: .metadata.creationTimestamp 3881 + name: Age 3882 + type: date 3883 + deprecated: true 3884 + deprecationWarning: v1beta1 HelmRepository is deprecated, upgrade to v1 3885 + name: v1beta1 3886 + schema: 3887 + openAPIV3Schema: 3888 + description: HelmRepository is the Schema for the helmrepositories API 3889 + properties: 3890 + apiVersion: 3891 + description: |- 3892 + APIVersion defines the versioned schema of this representation of an object. 3893 + Servers should convert recognized schemas to the latest internal value, and 3894 + may reject unrecognized values. 3895 + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources 3896 + type: string 3897 + kind: 3898 + description: |- 3899 + Kind is a string value representing the REST resource this object represents. 3900 + Servers may infer this from the endpoint the client submits requests to. 3901 + Cannot be updated. 3902 + In CamelCase. 3903 + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds 3904 + type: string 3905 + metadata: 3906 + type: object 3907 + spec: 3908 + description: HelmRepositorySpec defines the reference to a Helm repository. 3909 + properties: 3910 + accessFrom: 3911 + description: AccessFrom defines an Access Control List for allowing 3912 + cross-namespace references to this object. 3913 + properties: 3914 + namespaceSelectors: 3915 + description: |- 3916 + NamespaceSelectors is the list of namespace selectors to which this ACL applies. 3917 + Items in this list are evaluated using a logical OR operation. 3918 + items: 3919 + description: |- 3920 + NamespaceSelector selects the namespaces to which this ACL applies. 3921 + An empty map of MatchLabels matches all namespaces in a cluster. 3922 + properties: 3923 + matchLabels: 3924 + additionalProperties: 3925 + type: string 3926 + description: |- 3927 + MatchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels 3928 + map is equivalent to an element of matchExpressions, whose key field is "key", the 3929 + operator is "In", and the values array contains only "value". The requirements are ANDed. 3930 + type: object 3931 + type: object 3932 + type: array 3933 + required: 3934 + - namespaceSelectors 3935 + type: object 3936 + interval: 3937 + description: The interval at which to check the upstream for updates. 3938 + type: string 3939 + passCredentials: 3940 + description: |- 3941 + PassCredentials allows the credentials from the SecretRef to be passed on to 3942 + a host that does not match the host as defined in URL. 3943 + This may be required if the host of the advertised chart URLs in the index 3944 + differ from the defined URL. 3945 + Enabling this should be done with caution, as it can potentially result in 3946 + credentials getting stolen in a MITM-attack. 3947 + type: boolean 3948 + secretRef: 3949 + description: |- 3950 + The name of the secret containing authentication credentials for the Helm 3951 + repository. 3952 + For HTTP/S basic auth the secret must contain username and 3953 + password fields. 3954 + For TLS the secret must contain a certFile and keyFile, and/or 3955 + caFile fields. 3956 + properties: 3957 + name: 3958 + description: Name of the referent. 3959 + type: string 3960 + required: 3961 + - name 3962 + type: object 3963 + suspend: 3964 + description: This flag tells the controller to suspend the reconciliation 3965 + of this source. 3966 + type: boolean 3967 + timeout: 3968 + default: 60s 3969 + description: The timeout of index downloading, defaults to 60s. 3970 + type: string 3971 + url: 3972 + description: The Helm repository URL, a valid URL contains at least 3973 + a protocol and host. 3974 + type: string 3975 + required: 3976 + - interval 3977 + - url 3978 + type: object 3979 + status: 3980 + default: 3981 + observedGeneration: -1 3982 + description: HelmRepositoryStatus defines the observed state of the HelmRepository. 3983 + properties: 3984 + artifact: 3985 + description: Artifact represents the output of the last successful 3986 + repository sync. 3987 + properties: 3988 + checksum: 3989 + description: Checksum is the SHA256 checksum of the artifact. 3990 + type: string 3991 + lastUpdateTime: 3992 + description: |- 3993 + LastUpdateTime is the timestamp corresponding to the last update of this 3994 + artifact. 3995 + format: date-time 3996 + type: string 3997 + path: 3998 + description: Path is the relative file path of this artifact. 3999 + type: string 4000 + revision: 4001 + description: |- 4002 + Revision is a human readable identifier traceable in the origin source 4003 + system. It can be a Git commit SHA, Git tag, a Helm index timestamp, a Helm 4004 + chart version, etc. 4005 + type: string 4006 + url: 4007 + description: URL is the HTTP address of this artifact. 4008 + type: string 4009 + required: 4010 + - lastUpdateTime 4011 + - path 4012 + - url 4013 + type: object 4014 + conditions: 4015 + description: Conditions holds the conditions for the HelmRepository. 4016 + items: 4017 + description: Condition contains details for one aspect of the current 4018 + state of this API Resource. 4019 + properties: 4020 + lastTransitionTime: 4021 + description: |- 4022 + lastTransitionTime is the last time the condition transitioned from one status to another. 4023 + This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. 4024 + format: date-time 4025 + type: string 4026 + message: 4027 + description: |- 4028 + message is a human readable message indicating details about the transition. 4029 + This may be an empty string. 4030 + maxLength: 32768 4031 + type: string 4032 + observedGeneration: 4033 + description: |- 4034 + observedGeneration represents the .metadata.generation that the condition was set based upon. 4035 + For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date 4036 + with respect to the current state of the instance. 4037 + format: int64 4038 + minimum: 0 4039 + type: integer 4040 + reason: 4041 + description: |- 4042 + reason contains a programmatic identifier indicating the reason for the condition's last transition. 4043 + Producers of specific condition types may define expected values and meanings for this field, 4044 + and whether the values are considered a guaranteed API. 4045 + The value should be a CamelCase string. 4046 + This field may not be empty. 4047 + maxLength: 1024 4048 + minLength: 1 4049 + pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ 4050 + type: string 4051 + status: 4052 + description: status of the condition, one of True, False, Unknown. 4053 + enum: 4054 + - "True" 4055 + - "False" 4056 + - Unknown 4057 + type: string 4058 + type: 4059 + description: type of condition in CamelCase or in foo.example.com/CamelCase. 4060 + maxLength: 316 4061 + pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ 4062 + type: string 4063 + required: 4064 + - lastTransitionTime 4065 + - message 4066 + - reason 4067 + - status 4068 + - type 4069 + type: object 4070 + type: array 4071 + lastHandledReconcileAt: 4072 + description: |- 4073 + LastHandledReconcileAt holds the value of the most recent 4074 + reconcile request value, so a change of the annotation value 4075 + can be detected. 4076 + type: string 4077 + observedGeneration: 4078 + description: ObservedGeneration is the last observed generation. 4079 + format: int64 4080 + type: integer 4081 + url: 4082 + description: URL is the download link for the last index fetched. 4083 + type: string 4084 + type: object 4085 + type: object 4086 + served: true 4087 + storage: false 4088 + subresources: 4089 + status: {} 4090 + - additionalPrinterColumns: 4091 + - jsonPath: .spec.url 4092 + name: URL 4093 + type: string 4094 + - jsonPath: .metadata.creationTimestamp 4095 + name: Age 4096 + type: date 4097 + - jsonPath: .status.conditions[?(@.type=="Ready")].status 4098 + name: Ready 4099 + type: string 4100 + - jsonPath: .status.conditions[?(@.type=="Ready")].message 4101 + name: Status 4102 + type: string 4103 + deprecated: true 4104 + deprecationWarning: v1beta2 HelmRepository is deprecated, upgrade to v1 4105 + name: v1beta2 4106 + schema: 4107 + openAPIV3Schema: 4108 + description: HelmRepository is the Schema for the helmrepositories API. 4109 + properties: 4110 + apiVersion: 4111 + description: |- 4112 + APIVersion defines the versioned schema of this representation of an object. 4113 + Servers should convert recognized schemas to the latest internal value, and 4114 + may reject unrecognized values. 4115 + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources 4116 + type: string 4117 + kind: 4118 + description: |- 4119 + Kind is a string value representing the REST resource this object represents. 4120 + Servers may infer this from the endpoint the client submits requests to. 4121 + Cannot be updated. 4122 + In CamelCase. 4123 + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds 4124 + type: string 4125 + metadata: 4126 + type: object 4127 + spec: 4128 + description: |- 4129 + HelmRepositorySpec specifies the required configuration to produce an 4130 + Artifact for a Helm repository index YAML. 4131 + properties: 4132 + accessFrom: 4133 + description: |- 4134 + AccessFrom specifies an Access Control List for allowing cross-namespace 4135 + references to this object. 4136 + NOTE: Not implemented, provisional as of https://github.com/fluxcd/flux2/pull/2092 4137 + properties: 4138 + namespaceSelectors: 4139 + description: |- 4140 + NamespaceSelectors is the list of namespace selectors to which this ACL applies. 4141 + Items in this list are evaluated using a logical OR operation. 4142 + items: 4143 + description: |- 4144 + NamespaceSelector selects the namespaces to which this ACL applies. 4145 + An empty map of MatchLabels matches all namespaces in a cluster. 4146 + properties: 4147 + matchLabels: 4148 + additionalProperties: 4149 + type: string 4150 + description: |- 4151 + MatchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels 4152 + map is equivalent to an element of matchExpressions, whose key field is "key", the 4153 + operator is "In", and the values array contains only "value". The requirements are ANDed. 4154 + type: object 4155 + type: object 4156 + type: array 4157 + required: 4158 + - namespaceSelectors 4159 + type: object 4160 + certSecretRef: 4161 + description: |- 4162 + CertSecretRef can be given the name of a Secret containing 4163 + either or both of 4164 + 4165 + - a PEM-encoded client certificate (`tls.crt`) and private 4166 + key (`tls.key`); 4167 + - a PEM-encoded CA certificate (`ca.crt`) 4168 + 4169 + and whichever are supplied, will be used for connecting to the 4170 + registry. The client cert and key are useful if you are 4171 + authenticating with a certificate; the CA cert is useful if 4172 + you are using a self-signed server certificate. The Secret must 4173 + be of type `Opaque` or `kubernetes.io/tls`. 4174 + 4175 + It takes precedence over the values specified in the Secret referred 4176 + to by `.spec.secretRef`. 4177 + properties: 4178 + name: 4179 + description: Name of the referent. 4180 + type: string 4181 + required: 4182 + - name 4183 + type: object 4184 + insecure: 4185 + description: |- 4186 + Insecure allows connecting to a non-TLS HTTP container registry. 4187 + This field is only taken into account if the .spec.type field is set to 'oci'. 4188 + type: boolean 4189 + interval: 4190 + description: |- 4191 + Interval at which the HelmRepository URL is checked for updates. 4192 + This interval is approximate and may be subject to jitter to ensure 4193 + efficient use of resources. 4194 + pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$ 4195 + type: string 4196 + passCredentials: 4197 + description: |- 4198 + PassCredentials allows the credentials from the SecretRef to be passed 4199 + on to a host that does not match the host as defined in URL. 4200 + This may be required if the host of the advertised chart URLs in the 4201 + index differ from the defined URL. 4202 + Enabling this should be done with caution, as it can potentially result 4203 + in credentials getting stolen in a MITM-attack. 4204 + type: boolean 4205 + provider: 4206 + default: generic 4207 + description: |- 4208 + Provider used for authentication, can be 'aws', 'azure', 'gcp' or 'generic'. 4209 + This field is optional, and only taken into account if the .spec.type field is set to 'oci'. 4210 + When not specified, defaults to 'generic'. 4211 + enum: 4212 + - generic 4213 + - aws 4214 + - azure 4215 + - gcp 4216 + type: string 4217 + secretRef: 4218 + description: |- 4219 + SecretRef specifies the Secret containing authentication credentials 4220 + for the HelmRepository. 4221 + For HTTP/S basic auth the secret must contain 'username' and 'password' 4222 + fields. 4223 + Support for TLS auth using the 'certFile' and 'keyFile', and/or 'caFile' 4224 + keys is deprecated. Please use `.spec.certSecretRef` instead. 4225 + properties: 4226 + name: 4227 + description: Name of the referent. 4228 + type: string 4229 + required: 4230 + - name 4231 + type: object 4232 + suspend: 4233 + description: |- 4234 + Suspend tells the controller to suspend the reconciliation of this 4235 + HelmRepository. 4236 + type: boolean 4237 + timeout: 4238 + description: |- 4239 + Timeout is used for the index fetch operation for an HTTPS helm repository, 4240 + and for remote OCI Repository operations like pulling for an OCI helm 4241 + chart by the associated HelmChart. 4242 + Its default value is 60s. 4243 + pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m))+$ 4244 + type: string 4245 + type: 4246 + description: |- 4247 + Type of the HelmRepository. 4248 + When this field is set to "oci", the URL field value must be prefixed with "oci://". 4249 + enum: 4250 + - default 4251 + - oci 4252 + type: string 4253 + url: 4254 + description: |- 4255 + URL of the Helm repository, a valid URL contains at least a protocol and 4256 + host. 4257 + pattern: ^(http|https|oci)://.*$ 4258 + type: string 4259 + required: 4260 + - url 4261 + type: object 4262 + status: 4263 + default: 4264 + observedGeneration: -1 4265 + description: HelmRepositoryStatus records the observed state of the HelmRepository. 4266 + properties: 4267 + artifact: 4268 + description: Artifact represents the last successful HelmRepository 4269 + reconciliation. 4270 + properties: 4271 + digest: 4272 + description: Digest is the digest of the file in the form of '<algorithm>:<checksum>'. 4273 + pattern: ^[a-z0-9]+(?:[.+_-][a-z0-9]+)*:[a-zA-Z0-9=_-]+$ 4274 + type: string 4275 + lastUpdateTime: 4276 + description: |- 4277 + LastUpdateTime is the timestamp corresponding to the last update of the 4278 + Artifact. 4279 + format: date-time 4280 + type: string 4281 + metadata: 4282 + additionalProperties: 4283 + type: string 4284 + description: Metadata holds upstream information such as OCI annotations. 4285 + type: object 4286 + path: 4287 + description: |- 4288 + Path is the relative file path of the Artifact. It can be used to locate 4289 + the file in the root of the Artifact storage on the local file system of 4290 + the controller managing the Source. 4291 + type: string 4292 + revision: 4293 + description: |- 4294 + Revision is a human-readable identifier traceable in the origin source 4295 + system. It can be a Git commit SHA, Git tag, a Helm chart version, etc. 4296 + type: string 4297 + size: 4298 + description: Size is the number of bytes in the file. 4299 + format: int64 4300 + type: integer 4301 + url: 4302 + description: |- 4303 + URL is the HTTP address of the Artifact as exposed by the controller 4304 + managing the Source. It can be used to retrieve the Artifact for 4305 + consumption, e.g. by another controller applying the Artifact contents. 4306 + type: string 4307 + required: 4308 + - lastUpdateTime 4309 + - path 4310 + - revision 4311 + - url 4312 + type: object 4313 + conditions: 4314 + description: Conditions holds the conditions for the HelmRepository. 4315 + items: 4316 + description: Condition contains details for one aspect of the current 4317 + state of this API Resource. 4318 + properties: 4319 + lastTransitionTime: 4320 + description: |- 4321 + lastTransitionTime is the last time the condition transitioned from one status to another. 4322 + This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. 4323 + format: date-time 4324 + type: string 4325 + message: 4326 + description: |- 4327 + message is a human readable message indicating details about the transition. 4328 + This may be an empty string. 4329 + maxLength: 32768 4330 + type: string 4331 + observedGeneration: 4332 + description: |- 4333 + observedGeneration represents the .metadata.generation that the condition was set based upon. 4334 + For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date 4335 + with respect to the current state of the instance. 4336 + format: int64 4337 + minimum: 0 4338 + type: integer 4339 + reason: 4340 + description: |- 4341 + reason contains a programmatic identifier indicating the reason for the condition's last transition. 4342 + Producers of specific condition types may define expected values and meanings for this field, 4343 + and whether the values are considered a guaranteed API. 4344 + The value should be a CamelCase string. 4345 + This field may not be empty. 4346 + maxLength: 1024 4347 + minLength: 1 4348 + pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ 4349 + type: string 4350 + status: 4351 + description: status of the condition, one of True, False, Unknown. 4352 + enum: 4353 + - "True" 4354 + - "False" 4355 + - Unknown 4356 + type: string 4357 + type: 4358 + description: type of condition in CamelCase or in foo.example.com/CamelCase. 4359 + maxLength: 316 4360 + pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ 4361 + type: string 4362 + required: 4363 + - lastTransitionTime 4364 + - message 4365 + - reason 4366 + - status 4367 + - type 4368 + type: object 4369 + type: array 4370 + lastHandledReconcileAt: 4371 + description: |- 4372 + LastHandledReconcileAt holds the value of the most recent 4373 + reconcile request value, so a change of the annotation value 4374 + can be detected. 4375 + type: string 4376 + observedGeneration: 4377 + description: |- 4378 + ObservedGeneration is the last observed generation of the HelmRepository 4379 + object. 4380 + format: int64 4381 + type: integer 4382 + url: 4383 + description: |- 4384 + URL is the dynamic fetch link for the latest Artifact. 4385 + It is provided on a "best effort" basis, and using the precise 4386 + HelmRepositoryStatus.Artifact data is recommended. 4387 + type: string 4388 + type: object 4389 + type: object 4390 + served: true 4391 + storage: false 4392 + subresources: 4393 + status: {} 4394 + --- 4395 + apiVersion: apiextensions.k8s.io/v1 4396 + kind: CustomResourceDefinition 4397 + metadata: 4398 + annotations: 4399 + controller-gen.kubebuilder.io/version: v0.16.1 4400 + labels: 4401 + app.kubernetes.io/component: source-controller 4402 + app.kubernetes.io/instance: flux-system 4403 + app.kubernetes.io/part-of: flux 4404 + app.kubernetes.io/version: v2.6.4 4405 + name: ocirepositories.source.toolkit.fluxcd.io 4406 + spec: 4407 + group: source.toolkit.fluxcd.io 4408 + names: 4409 + kind: OCIRepository 4410 + listKind: OCIRepositoryList 4411 + plural: ocirepositories 4412 + shortNames: 4413 + - ocirepo 4414 + singular: ocirepository 4415 + scope: Namespaced 4416 + versions: 4417 + - additionalPrinterColumns: 4418 + - jsonPath: .spec.url 4419 + name: URL 4420 + type: string 4421 + - jsonPath: .status.conditions[?(@.type=="Ready")].status 4422 + name: Ready 4423 + type: string 4424 + - jsonPath: .status.conditions[?(@.type=="Ready")].message 4425 + name: Status 4426 + type: string 4427 + - jsonPath: .metadata.creationTimestamp 4428 + name: Age 4429 + type: date 4430 + name: v1 4431 + schema: 4432 + openAPIV3Schema: 4433 + description: OCIRepository is the Schema for the ocirepositories API 4434 + properties: 4435 + apiVersion: 4436 + description: |- 4437 + APIVersion defines the versioned schema of this representation of an object. 4438 + Servers should convert recognized schemas to the latest internal value, and 4439 + may reject unrecognized values. 4440 + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources 4441 + type: string 4442 + kind: 4443 + description: |- 4444 + Kind is a string value representing the REST resource this object represents. 4445 + Servers may infer this from the endpoint the client submits requests to. 4446 + Cannot be updated. 4447 + In CamelCase. 4448 + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds 4449 + type: string 4450 + metadata: 4451 + type: object 4452 + spec: 4453 + description: OCIRepositorySpec defines the desired state of OCIRepository 4454 + properties: 4455 + certSecretRef: 4456 + description: |- 4457 + CertSecretRef can be given the name of a Secret containing 4458 + either or both of 4459 + 4460 + - a PEM-encoded client certificate (`tls.crt`) and private 4461 + key (`tls.key`); 4462 + - a PEM-encoded CA certificate (`ca.crt`) 4463 + 4464 + and whichever are supplied, will be used for connecting to the 4465 + registry. The client cert and key are useful if you are 4466 + authenticating with a certificate; the CA cert is useful if 4467 + you are using a self-signed server certificate. The Secret must 4468 + be of type `Opaque` or `kubernetes.io/tls`. 4469 + properties: 4470 + name: 4471 + description: Name of the referent. 4472 + type: string 4473 + required: 4474 + - name 4475 + type: object 4476 + ignore: 4477 + description: |- 4478 + Ignore overrides the set of excluded patterns in the .sourceignore format 4479 + (which is the same as .gitignore). If not provided, a default will be used, 4480 + consult the documentation for your version to find out what those are. 4481 + type: string 4482 + insecure: 4483 + description: Insecure allows connecting to a non-TLS HTTP container 4484 + registry. 4485 + type: boolean 4486 + interval: 4487 + description: |- 4488 + Interval at which the OCIRepository URL is checked for updates. 4489 + This interval is approximate and may be subject to jitter to ensure 4490 + efficient use of resources. 4491 + pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$ 4492 + type: string 4493 + layerSelector: 4494 + description: |- 4495 + LayerSelector specifies which layer should be extracted from the OCI artifact. 4496 + When not specified, the first layer found in the artifact is selected. 4497 + properties: 4498 + mediaType: 4499 + description: |- 4500 + MediaType specifies the OCI media type of the layer 4501 + which should be extracted from the OCI Artifact. The 4502 + first layer matching this type is selected. 4503 + type: string 4504 + operation: 4505 + description: |- 4506 + Operation specifies how the selected layer should be processed. 4507 + By default, the layer compressed content is extracted to storage. 4508 + When the operation is set to 'copy', the layer compressed content 4509 + is persisted to storage as it is. 4510 + enum: 4511 + - extract 4512 + - copy 4513 + type: string 4514 + type: object 4515 + provider: 4516 + default: generic 4517 + description: |- 4518 + The provider used for authentication, can be 'aws', 'azure', 'gcp' or 'generic'. 4519 + When not specified, defaults to 'generic'. 4520 + enum: 4521 + - generic 4522 + - aws 4523 + - azure 4524 + - gcp 4525 + type: string 4526 + proxySecretRef: 4527 + description: |- 4528 + ProxySecretRef specifies the Secret containing the proxy configuration 4529 + to use while communicating with the container registry. 4530 + properties: 4531 + name: 4532 + description: Name of the referent. 4533 + type: string 4534 + required: 4535 + - name 4536 + type: object 4537 + ref: 4538 + description: |- 4539 + The OCI reference to pull and monitor for changes, 4540 + defaults to the latest tag. 4541 + properties: 4542 + digest: 4543 + description: |- 4544 + Digest is the image digest to pull, takes precedence over SemVer. 4545 + The value should be in the format 'sha256:<HASH>'. 4546 + type: string 4547 + semver: 4548 + description: |- 4549 + SemVer is the range of tags to pull selecting the latest within 4550 + the range, takes precedence over Tag. 4551 + type: string 4552 + semverFilter: 4553 + description: SemverFilter is a regex pattern to filter the tags 4554 + within the SemVer range. 4555 + type: string 4556 + tag: 4557 + description: Tag is the image tag to pull, defaults to latest. 4558 + type: string 4559 + type: object 4560 + secretRef: 4561 + description: |- 4562 + SecretRef contains the secret name containing the registry login 4563 + credentials to resolve image metadata. 4564 + The secret must be of type kubernetes.io/dockerconfigjson. 4565 + properties: 4566 + name: 4567 + description: Name of the referent. 4568 + type: string 4569 + required: 4570 + - name 4571 + type: object 4572 + serviceAccountName: 4573 + description: |- 4574 + ServiceAccountName is the name of the Kubernetes ServiceAccount used to authenticate 4575 + the image pull if the service account has attached pull secrets. For more information: 4576 + https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/#add-imagepullsecrets-to-a-service-account 4577 + type: string 4578 + suspend: 4579 + description: This flag tells the controller to suspend the reconciliation 4580 + of this source. 4581 + type: boolean 4582 + timeout: 4583 + default: 60s 4584 + description: The timeout for remote OCI Repository operations like 4585 + pulling, defaults to 60s. 4586 + pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m))+$ 4587 + type: string 4588 + url: 4589 + description: |- 4590 + URL is a reference to an OCI artifact repository hosted 4591 + on a remote container registry. 4592 + pattern: ^oci://.*$ 4593 + type: string 4594 + verify: 4595 + description: |- 4596 + Verify contains the secret name containing the trusted public keys 4597 + used to verify the signature and specifies which provider to use to check 4598 + whether OCI image is authentic. 4599 + properties: 4600 + matchOIDCIdentity: 4601 + description: |- 4602 + MatchOIDCIdentity specifies the identity matching criteria to use 4603 + while verifying an OCI artifact which was signed using Cosign keyless 4604 + signing. The artifact's identity is deemed to be verified if any of the 4605 + specified matchers match against the identity. 4606 + items: 4607 + description: |- 4608 + OIDCIdentityMatch specifies options for verifying the certificate identity, 4609 + i.e. the issuer and the subject of the certificate. 4610 + properties: 4611 + issuer: 4612 + description: |- 4613 + Issuer specifies the regex pattern to match against to verify 4614 + the OIDC issuer in the Fulcio certificate. The pattern must be a 4615 + valid Go regular expression. 4616 + type: string 4617 + subject: 4618 + description: |- 4619 + Subject specifies the regex pattern to match against to verify 4620 + the identity subject in the Fulcio certificate. The pattern must 4621 + be a valid Go regular expression. 4622 + type: string 4623 + required: 4624 + - issuer 4625 + - subject 4626 + type: object 4627 + type: array 4628 + provider: 4629 + default: cosign 4630 + description: Provider specifies the technology used to sign the 4631 + OCI Artifact. 4632 + enum: 4633 + - cosign 4634 + - notation 4635 + type: string 4636 + secretRef: 4637 + description: |- 4638 + SecretRef specifies the Kubernetes Secret containing the 4639 + trusted public keys. 4640 + properties: 4641 + name: 4642 + description: Name of the referent. 4643 + type: string 4644 + required: 4645 + - name 4646 + type: object 4647 + required: 4648 + - provider 4649 + type: object 4650 + required: 4651 + - interval 4652 + - url 4653 + type: object 4654 + status: 4655 + default: 4656 + observedGeneration: -1 4657 + description: OCIRepositoryStatus defines the observed state of OCIRepository 4658 + properties: 4659 + artifact: 4660 + description: Artifact represents the output of the last successful 4661 + OCI Repository sync. 4662 + properties: 4663 + digest: 4664 + description: Digest is the digest of the file in the form of '<algorithm>:<checksum>'. 4665 + pattern: ^[a-z0-9]+(?:[.+_-][a-z0-9]+)*:[a-zA-Z0-9=_-]+$ 4666 + type: string 4667 + lastUpdateTime: 4668 + description: |- 4669 + LastUpdateTime is the timestamp corresponding to the last update of the 4670 + Artifact. 4671 + format: date-time 4672 + type: string 4673 + metadata: 4674 + additionalProperties: 4675 + type: string 4676 + description: Metadata holds upstream information such as OCI annotations. 4677 + type: object 4678 + path: 4679 + description: |- 4680 + Path is the relative file path of the Artifact. It can be used to locate 4681 + the file in the root of the Artifact storage on the local file system of 4682 + the controller managing the Source. 4683 + type: string 4684 + revision: 4685 + description: |- 4686 + Revision is a human-readable identifier traceable in the origin source 4687 + system. It can be a Git commit SHA, Git tag, a Helm chart version, etc. 4688 + type: string 4689 + size: 4690 + description: Size is the number of bytes in the file. 4691 + format: int64 4692 + type: integer 4693 + url: 4694 + description: |- 4695 + URL is the HTTP address of the Artifact as exposed by the controller 4696 + managing the Source. It can be used to retrieve the Artifact for 4697 + consumption, e.g. by another controller applying the Artifact contents. 4698 + type: string 4699 + required: 4700 + - lastUpdateTime 4701 + - path 4702 + - revision 4703 + - url 4704 + type: object 4705 + conditions: 4706 + description: Conditions holds the conditions for the OCIRepository. 4707 + items: 4708 + description: Condition contains details for one aspect of the current 4709 + state of this API Resource. 4710 + properties: 4711 + lastTransitionTime: 4712 + description: |- 4713 + lastTransitionTime is the last time the condition transitioned from one status to another. 4714 + This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. 4715 + format: date-time 4716 + type: string 4717 + message: 4718 + description: |- 4719 + message is a human readable message indicating details about the transition. 4720 + This may be an empty string. 4721 + maxLength: 32768 4722 + type: string 4723 + observedGeneration: 4724 + description: |- 4725 + observedGeneration represents the .metadata.generation that the condition was set based upon. 4726 + For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date 4727 + with respect to the current state of the instance. 4728 + format: int64 4729 + minimum: 0 4730 + type: integer 4731 + reason: 4732 + description: |- 4733 + reason contains a programmatic identifier indicating the reason for the condition's last transition. 4734 + Producers of specific condition types may define expected values and meanings for this field, 4735 + and whether the values are considered a guaranteed API. 4736 + The value should be a CamelCase string. 4737 + This field may not be empty. 4738 + maxLength: 1024 4739 + minLength: 1 4740 + pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ 4741 + type: string 4742 + status: 4743 + description: status of the condition, one of True, False, Unknown. 4744 + enum: 4745 + - "True" 4746 + - "False" 4747 + - Unknown 4748 + type: string 4749 + type: 4750 + description: type of condition in CamelCase or in foo.example.com/CamelCase. 4751 + maxLength: 316 4752 + pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ 4753 + type: string 4754 + required: 4755 + - lastTransitionTime 4756 + - message 4757 + - reason 4758 + - status 4759 + - type 4760 + type: object 4761 + type: array 4762 + lastHandledReconcileAt: 4763 + description: |- 4764 + LastHandledReconcileAt holds the value of the most recent 4765 + reconcile request value, so a change of the annotation value 4766 + can be detected. 4767 + type: string 4768 + observedGeneration: 4769 + description: ObservedGeneration is the last observed generation. 4770 + format: int64 4771 + type: integer 4772 + observedIgnore: 4773 + description: |- 4774 + ObservedIgnore is the observed exclusion patterns used for constructing 4775 + the source artifact. 4776 + type: string 4777 + observedLayerSelector: 4778 + description: |- 4779 + ObservedLayerSelector is the observed layer selector used for constructing 4780 + the source artifact. 4781 + properties: 4782 + mediaType: 4783 + description: |- 4784 + MediaType specifies the OCI media type of the layer 4785 + which should be extracted from the OCI Artifact. The 4786 + first layer matching this type is selected. 4787 + type: string 4788 + operation: 4789 + description: |- 4790 + Operation specifies how the selected layer should be processed. 4791 + By default, the layer compressed content is extracted to storage. 4792 + When the operation is set to 'copy', the layer compressed content 4793 + is persisted to storage as it is. 4794 + enum: 4795 + - extract 4796 + - copy 4797 + type: string 4798 + type: object 4799 + url: 4800 + description: URL is the download link for the artifact output of the 4801 + last OCI Repository sync. 4802 + type: string 4803 + type: object 4804 + type: object 4805 + served: true 4806 + storage: true 4807 + subresources: 4808 + status: {} 4809 + - additionalPrinterColumns: 4810 + - jsonPath: .spec.url 4811 + name: URL 4812 + type: string 4813 + - jsonPath: .status.conditions[?(@.type=="Ready")].status 4814 + name: Ready 4815 + type: string 4816 + - jsonPath: .status.conditions[?(@.type=="Ready")].message 4817 + name: Status 4818 + type: string 4819 + - jsonPath: .metadata.creationTimestamp 4820 + name: Age 4821 + type: date 4822 + deprecated: true 4823 + deprecationWarning: v1beta2 OCIRepository is deprecated, upgrade to v1 4824 + name: v1beta2 4825 + schema: 4826 + openAPIV3Schema: 4827 + description: OCIRepository is the Schema for the ocirepositories API 4828 + properties: 4829 + apiVersion: 4830 + description: |- 4831 + APIVersion defines the versioned schema of this representation of an object. 4832 + Servers should convert recognized schemas to the latest internal value, and 4833 + may reject unrecognized values. 4834 + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources 4835 + type: string 4836 + kind: 4837 + description: |- 4838 + Kind is a string value representing the REST resource this object represents. 4839 + Servers may infer this from the endpoint the client submits requests to. 4840 + Cannot be updated. 4841 + In CamelCase. 4842 + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds 4843 + type: string 4844 + metadata: 4845 + type: object 4846 + spec: 4847 + description: OCIRepositorySpec defines the desired state of OCIRepository 4848 + properties: 4849 + certSecretRef: 4850 + description: |- 4851 + CertSecretRef can be given the name of a Secret containing 4852 + either or both of 4853 + 4854 + - a PEM-encoded client certificate (`tls.crt`) and private 4855 + key (`tls.key`); 4856 + - a PEM-encoded CA certificate (`ca.crt`) 4857 + 4858 + and whichever are supplied, will be used for connecting to the 4859 + registry. The client cert and key are useful if you are 4860 + authenticating with a certificate; the CA cert is useful if 4861 + you are using a self-signed server certificate. The Secret must 4862 + be of type `Opaque` or `kubernetes.io/tls`. 4863 + 4864 + Note: Support for the `caFile`, `certFile` and `keyFile` keys have 4865 + been deprecated. 4866 + properties: 4867 + name: 4868 + description: Name of the referent. 4869 + type: string 4870 + required: 4871 + - name 4872 + type: object 4873 + ignore: 4874 + description: |- 4875 + Ignore overrides the set of excluded patterns in the .sourceignore format 4876 + (which is the same as .gitignore). If not provided, a default will be used, 4877 + consult the documentation for your version to find out what those are. 4878 + type: string 4879 + insecure: 4880 + description: Insecure allows connecting to a non-TLS HTTP container 4881 + registry. 4882 + type: boolean 4883 + interval: 4884 + description: |- 4885 + Interval at which the OCIRepository URL is checked for updates. 4886 + This interval is approximate and may be subject to jitter to ensure 4887 + efficient use of resources. 4888 + pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$ 4889 + type: string 4890 + layerSelector: 4891 + description: |- 4892 + LayerSelector specifies which layer should be extracted from the OCI artifact. 4893 + When not specified, the first layer found in the artifact is selected. 4894 + properties: 4895 + mediaType: 4896 + description: |- 4897 + MediaType specifies the OCI media type of the layer 4898 + which should be extracted from the OCI Artifact. The 4899 + first layer matching this type is selected. 4900 + type: string 4901 + operation: 4902 + description: |- 4903 + Operation specifies how the selected layer should be processed. 4904 + By default, the layer compressed content is extracted to storage. 4905 + When the operation is set to 'copy', the layer compressed content 4906 + is persisted to storage as it is. 4907 + enum: 4908 + - extract 4909 + - copy 4910 + type: string 4911 + type: object 4912 + provider: 4913 + default: generic 4914 + description: |- 4915 + The provider used for authentication, can be 'aws', 'azure', 'gcp' or 'generic'. 4916 + When not specified, defaults to 'generic'. 4917 + enum: 4918 + - generic 4919 + - aws 4920 + - azure 4921 + - gcp 4922 + type: string 4923 + proxySecretRef: 4924 + description: |- 4925 + ProxySecretRef specifies the Secret containing the proxy configuration 4926 + to use while communicating with the container registry. 4927 + properties: 4928 + name: 4929 + description: Name of the referent. 4930 + type: string 4931 + required: 4932 + - name 4933 + type: object 4934 + ref: 4935 + description: |- 4936 + The OCI reference to pull and monitor for changes, 4937 + defaults to the latest tag. 4938 + properties: 4939 + digest: 4940 + description: |- 4941 + Digest is the image digest to pull, takes precedence over SemVer. 4942 + The value should be in the format 'sha256:<HASH>'. 4943 + type: string 4944 + semver: 4945 + description: |- 4946 + SemVer is the range of tags to pull selecting the latest within 4947 + the range, takes precedence over Tag. 4948 + type: string 4949 + semverFilter: 4950 + description: SemverFilter is a regex pattern to filter the tags 4951 + within the SemVer range. 4952 + type: string 4953 + tag: 4954 + description: Tag is the image tag to pull, defaults to latest. 4955 + type: string 4956 + type: object 4957 + secretRef: 4958 + description: |- 4959 + SecretRef contains the secret name containing the registry login 4960 + credentials to resolve image metadata. 4961 + The secret must be of type kubernetes.io/dockerconfigjson. 4962 + properties: 4963 + name: 4964 + description: Name of the referent. 4965 + type: string 4966 + required: 4967 + - name 4968 + type: object 4969 + serviceAccountName: 4970 + description: |- 4971 + ServiceAccountName is the name of the Kubernetes ServiceAccount used to authenticate 4972 + the image pull if the service account has attached pull secrets. For more information: 4973 + https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/#add-imagepullsecrets-to-a-service-account 4974 + type: string 4975 + suspend: 4976 + description: This flag tells the controller to suspend the reconciliation 4977 + of this source. 4978 + type: boolean 4979 + timeout: 4980 + default: 60s 4981 + description: The timeout for remote OCI Repository operations like 4982 + pulling, defaults to 60s. 4983 + pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m))+$ 4984 + type: string 4985 + url: 4986 + description: |- 4987 + URL is a reference to an OCI artifact repository hosted 4988 + on a remote container registry. 4989 + pattern: ^oci://.*$ 4990 + type: string 4991 + verify: 4992 + description: |- 4993 + Verify contains the secret name containing the trusted public keys 4994 + used to verify the signature and specifies which provider to use to check 4995 + whether OCI image is authentic. 4996 + properties: 4997 + matchOIDCIdentity: 4998 + description: |- 4999 + MatchOIDCIdentity specifies the identity matching criteria to use 5000 + while verifying an OCI artifact which was signed using Cosign keyless 5001 + signing. The artifact's identity is deemed to be verified if any of the 5002 + specified matchers match against the identity. 5003 + items: 5004 + description: |- 5005 + OIDCIdentityMatch specifies options for verifying the certificate identity, 5006 + i.e. the issuer and the subject of the certificate. 5007 + properties: 5008 + issuer: 5009 + description: |- 5010 + Issuer specifies the regex pattern to match against to verify 5011 + the OIDC issuer in the Fulcio certificate. The pattern must be a 5012 + valid Go regular expression. 5013 + type: string 5014 + subject: 5015 + description: |- 5016 + Subject specifies the regex pattern to match against to verify 5017 + the identity subject in the Fulcio certificate. The pattern must 5018 + be a valid Go regular expression. 5019 + type: string 5020 + required: 5021 + - issuer 5022 + - subject 5023 + type: object 5024 + type: array 5025 + provider: 5026 + default: cosign 5027 + description: Provider specifies the technology used to sign the 5028 + OCI Artifact. 5029 + enum: 5030 + - cosign 5031 + - notation 5032 + type: string 5033 + secretRef: 5034 + description: |- 5035 + SecretRef specifies the Kubernetes Secret containing the 5036 + trusted public keys. 5037 + properties: 5038 + name: 5039 + description: Name of the referent. 5040 + type: string 5041 + required: 5042 + - name 5043 + type: object 5044 + required: 5045 + - provider 5046 + type: object 5047 + required: 5048 + - interval 5049 + - url 5050 + type: object 5051 + status: 5052 + default: 5053 + observedGeneration: -1 5054 + description: OCIRepositoryStatus defines the observed state of OCIRepository 5055 + properties: 5056 + artifact: 5057 + description: Artifact represents the output of the last successful 5058 + OCI Repository sync. 5059 + properties: 5060 + digest: 5061 + description: Digest is the digest of the file in the form of '<algorithm>:<checksum>'. 5062 + pattern: ^[a-z0-9]+(?:[.+_-][a-z0-9]+)*:[a-zA-Z0-9=_-]+$ 5063 + type: string 5064 + lastUpdateTime: 5065 + description: |- 5066 + LastUpdateTime is the timestamp corresponding to the last update of the 5067 + Artifact. 5068 + format: date-time 5069 + type: string 5070 + metadata: 5071 + additionalProperties: 5072 + type: string 5073 + description: Metadata holds upstream information such as OCI annotations. 5074 + type: object 5075 + path: 5076 + description: |- 5077 + Path is the relative file path of the Artifact. It can be used to locate 5078 + the file in the root of the Artifact storage on the local file system of 5079 + the controller managing the Source. 5080 + type: string 5081 + revision: 5082 + description: |- 5083 + Revision is a human-readable identifier traceable in the origin source 5084 + system. It can be a Git commit SHA, Git tag, a Helm chart version, etc. 5085 + type: string 5086 + size: 5087 + description: Size is the number of bytes in the file. 5088 + format: int64 5089 + type: integer 5090 + url: 5091 + description: |- 5092 + URL is the HTTP address of the Artifact as exposed by the controller 5093 + managing the Source. It can be used to retrieve the Artifact for 5094 + consumption, e.g. by another controller applying the Artifact contents. 5095 + type: string 5096 + required: 5097 + - lastUpdateTime 5098 + - path 5099 + - revision 5100 + - url 5101 + type: object 5102 + conditions: 5103 + description: Conditions holds the conditions for the OCIRepository. 5104 + items: 5105 + description: Condition contains details for one aspect of the current 5106 + state of this API Resource. 5107 + properties: 5108 + lastTransitionTime: 5109 + description: |- 5110 + lastTransitionTime is the last time the condition transitioned from one status to another. 5111 + This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. 5112 + format: date-time 5113 + type: string 5114 + message: 5115 + description: |- 5116 + message is a human readable message indicating details about the transition. 5117 + This may be an empty string. 5118 + maxLength: 32768 5119 + type: string 5120 + observedGeneration: 5121 + description: |- 5122 + observedGeneration represents the .metadata.generation that the condition was set based upon. 5123 + For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date 5124 + with respect to the current state of the instance. 5125 + format: int64 5126 + minimum: 0 5127 + type: integer 5128 + reason: 5129 + description: |- 5130 + reason contains a programmatic identifier indicating the reason for the condition's last transition. 5131 + Producers of specific condition types may define expected values and meanings for this field, 5132 + and whether the values are considered a guaranteed API. 5133 + The value should be a CamelCase string. 5134 + This field may not be empty. 5135 + maxLength: 1024 5136 + minLength: 1 5137 + pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ 5138 + type: string 5139 + status: 5140 + description: status of the condition, one of True, False, Unknown. 5141 + enum: 5142 + - "True" 5143 + - "False" 5144 + - Unknown 5145 + type: string 5146 + type: 5147 + description: type of condition in CamelCase or in foo.example.com/CamelCase. 5148 + maxLength: 316 5149 + pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ 5150 + type: string 5151 + required: 5152 + - lastTransitionTime 5153 + - message 5154 + - reason 5155 + - status 5156 + - type 5157 + type: object 5158 + type: array 5159 + contentConfigChecksum: 5160 + description: |- 5161 + ContentConfigChecksum is a checksum of all the configurations related to 5162 + the content of the source artifact: 5163 + - .spec.ignore 5164 + - .spec.layerSelector 5165 + observed in .status.observedGeneration version of the object. This can 5166 + be used to determine if the content configuration has changed and the 5167 + artifact needs to be rebuilt. 5168 + It has the format of `<algo>:<checksum>`, for example: `sha256:<checksum>`. 5169 + 5170 + Deprecated: Replaced with explicit fields for observed artifact content 5171 + config in the status. 5172 + type: string 5173 + lastHandledReconcileAt: 5174 + description: |- 5175 + LastHandledReconcileAt holds the value of the most recent 5176 + reconcile request value, so a change of the annotation value 5177 + can be detected. 5178 + type: string 5179 + observedGeneration: 5180 + description: ObservedGeneration is the last observed generation. 5181 + format: int64 5182 + type: integer 5183 + observedIgnore: 5184 + description: |- 5185 + ObservedIgnore is the observed exclusion patterns used for constructing 5186 + the source artifact. 5187 + type: string 5188 + observedLayerSelector: 5189 + description: |- 5190 + ObservedLayerSelector is the observed layer selector used for constructing 5191 + the source artifact. 5192 + properties: 5193 + mediaType: 5194 + description: |- 5195 + MediaType specifies the OCI media type of the layer 5196 + which should be extracted from the OCI Artifact. The 5197 + first layer matching this type is selected. 5198 + type: string 5199 + operation: 5200 + description: |- 5201 + Operation specifies how the selected layer should be processed. 5202 + By default, the layer compressed content is extracted to storage. 5203 + When the operation is set to 'copy', the layer compressed content 5204 + is persisted to storage as it is. 5205 + enum: 5206 + - extract 5207 + - copy 5208 + type: string 5209 + type: object 5210 + url: 5211 + description: URL is the download link for the artifact output of the 5212 + last OCI Repository sync. 5213 + type: string 5214 + type: object 5215 + type: object 5216 + served: true 5217 + storage: false 5218 + subresources: 5219 + status: {} 5220 + --- 5221 + apiVersion: v1 5222 + kind: ServiceAccount 5223 + metadata: 5224 + labels: 5225 + app.kubernetes.io/component: source-controller 5226 + app.kubernetes.io/instance: flux-system 5227 + app.kubernetes.io/part-of: flux 5228 + app.kubernetes.io/version: v2.6.4 5229 + name: source-controller 5230 + namespace: flux-system 5231 + --- 5232 + apiVersion: v1 5233 + kind: Service 5234 + metadata: 5235 + labels: 5236 + app.kubernetes.io/component: source-controller 5237 + app.kubernetes.io/instance: flux-system 5238 + app.kubernetes.io/part-of: flux 5239 + app.kubernetes.io/version: v2.6.4 5240 + control-plane: controller 5241 + name: source-controller 5242 + namespace: flux-system 5243 + spec: 5244 + ports: 5245 + - name: http 5246 + port: 80 5247 + protocol: TCP 5248 + targetPort: http 5249 + selector: 5250 + app: source-controller 5251 + type: ClusterIP 5252 + --- 5253 + apiVersion: apps/v1 5254 + kind: Deployment 5255 + metadata: 5256 + labels: 5257 + app.kubernetes.io/component: source-controller 5258 + app.kubernetes.io/instance: flux-system 5259 + app.kubernetes.io/part-of: flux 5260 + app.kubernetes.io/version: v2.6.4 5261 + control-plane: controller 5262 + name: source-controller 5263 + namespace: flux-system 5264 + spec: 5265 + replicas: 1 5266 + selector: 5267 + matchLabels: 5268 + app: source-controller 5269 + strategy: 5270 + type: Recreate 5271 + template: 5272 + metadata: 5273 + annotations: 5274 + prometheus.io/port: "8080" 5275 + prometheus.io/scrape: "true" 5276 + labels: 5277 + app: source-controller 5278 + spec: 5279 + containers: 5280 + - args: 5281 + - --events-addr=http://notification-controller.flux-system.svc.cluster.local./ 5282 + - --watch-all-namespaces=true 5283 + - --log-level=info 5284 + - --log-encoding=json 5285 + - --enable-leader-election 5286 + - --storage-path=/data 5287 + - --storage-adv-addr=source-controller.$(RUNTIME_NAMESPACE).svc.cluster.local. 5288 + env: 5289 + - name: RUNTIME_NAMESPACE 5290 + valueFrom: 5291 + fieldRef: 5292 + fieldPath: metadata.namespace 5293 + - name: TUF_ROOT 5294 + value: /tmp/.sigstore 5295 + - name: GOMAXPROCS 5296 + valueFrom: 5297 + resourceFieldRef: 5298 + containerName: manager 5299 + resource: limits.cpu 5300 + - name: GOMEMLIMIT 5301 + valueFrom: 5302 + resourceFieldRef: 5303 + containerName: manager 5304 + resource: limits.memory 5305 + image: ghcr.io/fluxcd/source-controller:v1.6.2 5306 + imagePullPolicy: IfNotPresent 5307 + livenessProbe: 5308 + httpGet: 5309 + path: /healthz 5310 + port: healthz 5311 + name: manager 5312 + ports: 5313 + - containerPort: 9090 5314 + name: http 5315 + protocol: TCP 5316 + - containerPort: 8080 5317 + name: http-prom 5318 + protocol: TCP 5319 + - containerPort: 9440 5320 + name: healthz 5321 + protocol: TCP 5322 + readinessProbe: 5323 + httpGet: 5324 + path: / 5325 + port: http 5326 + resources: 5327 + limits: 5328 + cpu: 1000m 5329 + memory: 1Gi 5330 + requests: 5331 + cpu: 50m 5332 + memory: 64Mi 5333 + securityContext: 5334 + allowPrivilegeEscalation: false 5335 + capabilities: 5336 + drop: 5337 + - ALL 5338 + readOnlyRootFilesystem: true 5339 + runAsNonRoot: true 5340 + seccompProfile: 5341 + type: RuntimeDefault 5342 + volumeMounts: 5343 + - mountPath: /data 5344 + name: data 5345 + - mountPath: /tmp 5346 + name: tmp 5347 + nodeSelector: 5348 + kubernetes.io/os: linux 5349 + priorityClassName: system-cluster-critical 5350 + securityContext: 5351 + fsGroup: 1337 5352 + serviceAccountName: source-controller 5353 + terminationGracePeriodSeconds: 10 5354 + volumes: 5355 + - emptyDir: {} 5356 + name: data 5357 + - emptyDir: {} 5358 + name: tmp 5359 + --- 5360 + apiVersion: apiextensions.k8s.io/v1 5361 + kind: CustomResourceDefinition 5362 + metadata: 5363 + annotations: 5364 + controller-gen.kubebuilder.io/version: v0.16.1 5365 + labels: 5366 + app.kubernetes.io/component: kustomize-controller 5367 + app.kubernetes.io/instance: flux-system 5368 + app.kubernetes.io/part-of: flux 5369 + app.kubernetes.io/version: v2.6.4 5370 + name: kustomizations.kustomize.toolkit.fluxcd.io 5371 + spec: 5372 + group: kustomize.toolkit.fluxcd.io 5373 + names: 5374 + kind: Kustomization 5375 + listKind: KustomizationList 5376 + plural: kustomizations 5377 + shortNames: 5378 + - ks 5379 + singular: kustomization 5380 + scope: Namespaced 5381 + versions: 5382 + - additionalPrinterColumns: 5383 + - jsonPath: .metadata.creationTimestamp 5384 + name: Age 5385 + type: date 5386 + - jsonPath: .status.conditions[?(@.type=="Ready")].status 5387 + name: Ready 5388 + type: string 5389 + - jsonPath: .status.conditions[?(@.type=="Ready")].message 5390 + name: Status 5391 + type: string 5392 + name: v1 5393 + schema: 5394 + openAPIV3Schema: 5395 + description: Kustomization is the Schema for the kustomizations API. 5396 + properties: 5397 + apiVersion: 5398 + description: |- 5399 + APIVersion defines the versioned schema of this representation of an object. 5400 + Servers should convert recognized schemas to the latest internal value, and 5401 + may reject unrecognized values. 5402 + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources 5403 + type: string 5404 + kind: 5405 + description: |- 5406 + Kind is a string value representing the REST resource this object represents. 5407 + Servers may infer this from the endpoint the client submits requests to. 5408 + Cannot be updated. 5409 + In CamelCase. 5410 + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds 5411 + type: string 5412 + metadata: 5413 + type: object 5414 + spec: 5415 + description: |- 5416 + KustomizationSpec defines the configuration to calculate the desired state 5417 + from a Source using Kustomize. 5418 + properties: 5419 + commonMetadata: 5420 + description: |- 5421 + CommonMetadata specifies the common labels and annotations that are 5422 + applied to all resources. Any existing label or annotation will be 5423 + overridden if its key matches a common one. 5424 + properties: 5425 + annotations: 5426 + additionalProperties: 5427 + type: string 5428 + description: Annotations to be added to the object's metadata. 5429 + type: object 5430 + labels: 5431 + additionalProperties: 5432 + type: string 5433 + description: Labels to be added to the object's metadata. 5434 + type: object 5435 + type: object 5436 + components: 5437 + description: Components specifies relative paths to specifications 5438 + of other Components. 5439 + items: 5440 + type: string 5441 + type: array 5442 + decryption: 5443 + description: Decrypt Kubernetes secrets before applying them on the 5444 + cluster. 5445 + properties: 5446 + provider: 5447 + description: Provider is the name of the decryption engine. 5448 + enum: 5449 + - sops 5450 + type: string 5451 + secretRef: 5452 + description: |- 5453 + The secret name containing the private OpenPGP keys used for decryption. 5454 + A static credential for a cloud provider defined inside the Secret 5455 + takes priority to secret-less authentication with the ServiceAccountName 5456 + field. 5457 + properties: 5458 + name: 5459 + description: Name of the referent. 5460 + type: string 5461 + required: 5462 + - name 5463 + type: object 5464 + serviceAccountName: 5465 + description: |- 5466 + ServiceAccountName is the name of the service account used to 5467 + authenticate with KMS services from cloud providers. If a 5468 + static credential for a given cloud provider is defined 5469 + inside the Secret referenced by SecretRef, that static 5470 + credential takes priority. 5471 + type: string 5472 + required: 5473 + - provider 5474 + type: object 5475 + deletionPolicy: 5476 + description: |- 5477 + DeletionPolicy can be used to control garbage collection when this 5478 + Kustomization is deleted. Valid values are ('MirrorPrune', 'Delete', 5479 + 'WaitForTermination', 'Orphan'). 'MirrorPrune' mirrors the Prune field 5480 + (orphan if false, delete if true). Defaults to 'MirrorPrune'. 5481 + enum: 5482 + - MirrorPrune 5483 + - Delete 5484 + - WaitForTermination 5485 + - Orphan 5486 + type: string 5487 + dependsOn: 5488 + description: |- 5489 + DependsOn may contain a meta.NamespacedObjectReference slice 5490 + with references to Kustomization resources that must be ready before this 5491 + Kustomization can be reconciled. 5492 + items: 5493 + description: |- 5494 + NamespacedObjectReference contains enough information to locate the referenced Kubernetes resource object in any 5495 + namespace. 5496 + properties: 5497 + name: 5498 + description: Name of the referent. 5499 + type: string 5500 + namespace: 5501 + description: Namespace of the referent, when not specified it 5502 + acts as LocalObjectReference. 5503 + type: string 5504 + required: 5505 + - name 5506 + type: object 5507 + type: array 5508 + force: 5509 + default: false 5510 + description: |- 5511 + Force instructs the controller to recreate resources 5512 + when patching fails due to an immutable field change. 5513 + type: boolean 5514 + healthCheckExprs: 5515 + description: |- 5516 + HealthCheckExprs is a list of healthcheck expressions for evaluating the 5517 + health of custom resources using Common Expression Language (CEL). 5518 + The expressions are evaluated only when Wait or HealthChecks are specified. 5519 + items: 5520 + description: CustomHealthCheck defines the health check for custom 5521 + resources. 5522 + properties: 5523 + apiVersion: 5524 + description: APIVersion of the custom resource under evaluation. 5525 + type: string 5526 + current: 5527 + description: |- 5528 + Current is the CEL expression that determines if the status 5529 + of the custom resource has reached the desired state. 5530 + type: string 5531 + failed: 5532 + description: |- 5533 + Failed is the CEL expression that determines if the status 5534 + of the custom resource has failed to reach the desired state. 5535 + type: string 5536 + inProgress: 5537 + description: |- 5538 + InProgress is the CEL expression that determines if the status 5539 + of the custom resource has not yet reached the desired state. 5540 + type: string 5541 + kind: 5542 + description: Kind of the custom resource under evaluation. 5543 + type: string 5544 + required: 5545 + - apiVersion 5546 + - current 5547 + - kind 5548 + type: object 5549 + type: array 5550 + healthChecks: 5551 + description: A list of resources to be included in the health assessment. 5552 + items: 5553 + description: |- 5554 + NamespacedObjectKindReference contains enough information to locate the typed referenced Kubernetes resource object 5555 + in any namespace. 5556 + properties: 5557 + apiVersion: 5558 + description: API version of the referent, if not specified the 5559 + Kubernetes preferred version will be used. 5560 + type: string 5561 + kind: 5562 + description: Kind of the referent. 5563 + type: string 5564 + name: 5565 + description: Name of the referent. 5566 + type: string 5567 + namespace: 5568 + description: Namespace of the referent, when not specified it 5569 + acts as LocalObjectReference. 5570 + type: string 5571 + required: 5572 + - kind 5573 + - name 5574 + type: object 5575 + type: array 5576 + images: 5577 + description: |- 5578 + Images is a list of (image name, new name, new tag or digest) 5579 + for changing image names, tags or digests. This can also be achieved with a 5580 + patch, but this operator is simpler to specify. 5581 + items: 5582 + description: Image contains an image name, a new name, a new tag 5583 + or digest, which will replace the original name and tag. 5584 + properties: 5585 + digest: 5586 + description: |- 5587 + Digest is the value used to replace the original image tag. 5588 + If digest is present NewTag value is ignored. 5589 + type: string 5590 + name: 5591 + description: Name is a tag-less image name. 5592 + type: string 5593 + newName: 5594 + description: NewName is the value used to replace the original 5595 + name. 5596 + type: string 5597 + newTag: 5598 + description: NewTag is the value used to replace the original 5599 + tag. 5600 + type: string 5601 + required: 5602 + - name 5603 + type: object 5604 + type: array 5605 + interval: 5606 + description: |- 5607 + The interval at which to reconcile the Kustomization. 5608 + This interval is approximate and may be subject to jitter to ensure 5609 + efficient use of resources. 5610 + pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$ 5611 + type: string 5612 + kubeConfig: 5613 + description: |- 5614 + The KubeConfig for reconciling the Kustomization on a remote cluster. 5615 + When used in combination with KustomizationSpec.ServiceAccountName, 5616 + forces the controller to act on behalf of that Service Account at the 5617 + target cluster. 5618 + If the --default-service-account flag is set, its value will be used as 5619 + a controller level fallback for when KustomizationSpec.ServiceAccountName 5620 + is empty. 5621 + properties: 5622 + secretRef: 5623 + description: |- 5624 + SecretRef holds the name of a secret that contains a key with 5625 + the kubeconfig file as the value. If no key is set, the key will default 5626 + to 'value'. 5627 + It is recommended that the kubeconfig is self-contained, and the secret 5628 + is regularly updated if credentials such as a cloud-access-token expire. 5629 + Cloud specific `cmd-path` auth helpers will not function without adding 5630 + binaries and credentials to the Pod that is responsible for reconciling 5631 + Kubernetes resources. 5632 + properties: 5633 + key: 5634 + description: Key in the Secret, when not specified an implementation-specific 5635 + default key is used. 5636 + type: string 5637 + name: 5638 + description: Name of the Secret. 5639 + type: string 5640 + required: 5641 + - name 5642 + type: object 5643 + required: 5644 + - secretRef 5645 + type: object 5646 + namePrefix: 5647 + description: NamePrefix will prefix the names of all managed resources. 5648 + maxLength: 200 5649 + minLength: 1 5650 + type: string 5651 + nameSuffix: 5652 + description: NameSuffix will suffix the names of all managed resources. 5653 + maxLength: 200 5654 + minLength: 1 5655 + type: string 5656 + patches: 5657 + description: |- 5658 + Strategic merge and JSON patches, defined as inline YAML objects, 5659 + capable of targeting objects based on kind, label and annotation selectors. 5660 + items: 5661 + description: |- 5662 + Patch contains an inline StrategicMerge or JSON6902 patch, and the target the patch should 5663 + be applied to. 5664 + properties: 5665 + patch: 5666 + description: |- 5667 + Patch contains an inline StrategicMerge patch or an inline JSON6902 patch with 5668 + an array of operation objects. 5669 + type: string 5670 + target: 5671 + description: Target points to the resources that the patch document 5672 + should be applied to. 5673 + properties: 5674 + annotationSelector: 5675 + description: |- 5676 + AnnotationSelector is a string that follows the label selection expression 5677 + https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#api 5678 + It matches with the resource annotations. 5679 + type: string 5680 + group: 5681 + description: |- 5682 + Group is the API group to select resources from. 5683 + Together with Version and Kind it is capable of unambiguously identifying and/or selecting resources. 5684 + https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md 5685 + type: string 5686 + kind: 5687 + description: |- 5688 + Kind of the API Group to select resources from. 5689 + Together with Group and Version it is capable of unambiguously 5690 + identifying and/or selecting resources. 5691 + https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md 5692 + type: string 5693 + labelSelector: 5694 + description: |- 5695 + LabelSelector is a string that follows the label selection expression 5696 + https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#api 5697 + It matches with the resource labels. 5698 + type: string 5699 + name: 5700 + description: Name to match resources with. 5701 + type: string 5702 + namespace: 5703 + description: Namespace to select resources from. 5704 + type: string 5705 + version: 5706 + description: |- 5707 + Version of the API Group to select resources from. 5708 + Together with Group and Kind it is capable of unambiguously identifying and/or selecting resources. 5709 + https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md 5710 + type: string 5711 + type: object 5712 + required: 5713 + - patch 5714 + type: object 5715 + type: array 5716 + path: 5717 + description: |- 5718 + Path to the directory containing the kustomization.yaml file, or the 5719 + set of plain YAMLs a kustomization.yaml should be generated for. 5720 + Defaults to 'None', which translates to the root path of the SourceRef. 5721 + type: string 5722 + postBuild: 5723 + description: |- 5724 + PostBuild describes which actions to perform on the YAML manifest 5725 + generated by building the kustomize overlay. 5726 + properties: 5727 + substitute: 5728 + additionalProperties: 5729 + type: string 5730 + description: |- 5731 + Substitute holds a map of key/value pairs. 5732 + The variables defined in your YAML manifests that match any of the keys 5733 + defined in the map will be substituted with the set value. 5734 + Includes support for bash string replacement functions 5735 + e.g. ${var:=default}, ${var:position} and ${var/substring/replacement}. 5736 + type: object 5737 + substituteFrom: 5738 + description: |- 5739 + SubstituteFrom holds references to ConfigMaps and Secrets containing 5740 + the variables and their values to be substituted in the YAML manifests. 5741 + The ConfigMap and the Secret data keys represent the var names, and they 5742 + must match the vars declared in the manifests for the substitution to 5743 + happen. 5744 + items: 5745 + description: |- 5746 + SubstituteReference contains a reference to a resource containing 5747 + the variables name and value. 5748 + properties: 5749 + kind: 5750 + description: Kind of the values referent, valid values are 5751 + ('Secret', 'ConfigMap'). 5752 + enum: 5753 + - Secret 5754 + - ConfigMap 5755 + type: string 5756 + name: 5757 + description: |- 5758 + Name of the values referent. Should reside in the same namespace as the 5759 + referring resource. 5760 + maxLength: 253 5761 + minLength: 1 5762 + type: string 5763 + optional: 5764 + default: false 5765 + description: |- 5766 + Optional indicates whether the referenced resource must exist, or whether to 5767 + tolerate its absence. If true and the referenced resource is absent, proceed 5768 + as if the resource was present but empty, without any variables defined. 5769 + type: boolean 5770 + required: 5771 + - kind 5772 + - name 5773 + type: object 5774 + type: array 5775 + type: object 5776 + prune: 5777 + description: Prune enables garbage collection. 5778 + type: boolean 5779 + retryInterval: 5780 + description: |- 5781 + The interval at which to retry a previously failed reconciliation. 5782 + When not specified, the controller uses the KustomizationSpec.Interval 5783 + value to retry failures. 5784 + pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$ 5785 + type: string 5786 + serviceAccountName: 5787 + description: |- 5788 + The name of the Kubernetes service account to impersonate 5789 + when reconciling this Kustomization. 5790 + type: string 5791 + sourceRef: 5792 + description: Reference of the source where the kustomization file 5793 + is. 5794 + properties: 5795 + apiVersion: 5796 + description: API version of the referent. 5797 + type: string 5798 + kind: 5799 + description: Kind of the referent. 5800 + enum: 5801 + - OCIRepository 5802 + - GitRepository 5803 + - Bucket 5804 + type: string 5805 + name: 5806 + description: Name of the referent. 5807 + type: string 5808 + namespace: 5809 + description: |- 5810 + Namespace of the referent, defaults to the namespace of the Kubernetes 5811 + resource object that contains the reference. 5812 + type: string 5813 + required: 5814 + - kind 5815 + - name 5816 + type: object 5817 + suspend: 5818 + description: |- 5819 + This flag tells the controller to suspend subsequent kustomize executions, 5820 + it does not apply to already started executions. Defaults to false. 5821 + type: boolean 5822 + targetNamespace: 5823 + description: |- 5824 + TargetNamespace sets or overrides the namespace in the 5825 + kustomization.yaml file. 5826 + maxLength: 63 5827 + minLength: 1 5828 + type: string 5829 + timeout: 5830 + description: |- 5831 + Timeout for validation, apply and health checking operations. 5832 + Defaults to 'Interval' duration. 5833 + pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$ 5834 + type: string 5835 + wait: 5836 + description: |- 5837 + Wait instructs the controller to check the health of all the reconciled 5838 + resources. When enabled, the HealthChecks are ignored. Defaults to false. 5839 + type: boolean 5840 + required: 5841 + - interval 5842 + - prune 5843 + - sourceRef 5844 + type: object 5845 + status: 5846 + default: 5847 + observedGeneration: -1 5848 + description: KustomizationStatus defines the observed state of a kustomization. 5849 + properties: 5850 + conditions: 5851 + items: 5852 + description: Condition contains details for one aspect of the current 5853 + state of this API Resource. 5854 + properties: 5855 + lastTransitionTime: 5856 + description: |- 5857 + lastTransitionTime is the last time the condition transitioned from one status to another. 5858 + This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. 5859 + format: date-time 5860 + type: string 5861 + message: 5862 + description: |- 5863 + message is a human readable message indicating details about the transition. 5864 + This may be an empty string. 5865 + maxLength: 32768 5866 + type: string 5867 + observedGeneration: 5868 + description: |- 5869 + observedGeneration represents the .metadata.generation that the condition was set based upon. 5870 + For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date 5871 + with respect to the current state of the instance. 5872 + format: int64 5873 + minimum: 0 5874 + type: integer 5875 + reason: 5876 + description: |- 5877 + reason contains a programmatic identifier indicating the reason for the condition's last transition. 5878 + Producers of specific condition types may define expected values and meanings for this field, 5879 + and whether the values are considered a guaranteed API. 5880 + The value should be a CamelCase string. 5881 + This field may not be empty. 5882 + maxLength: 1024 5883 + minLength: 1 5884 + pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ 5885 + type: string 5886 + status: 5887 + description: status of the condition, one of True, False, Unknown. 5888 + enum: 5889 + - "True" 5890 + - "False" 5891 + - Unknown 5892 + type: string 5893 + type: 5894 + description: type of condition in CamelCase or in foo.example.com/CamelCase. 5895 + maxLength: 316 5896 + pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ 5897 + type: string 5898 + required: 5899 + - lastTransitionTime 5900 + - message 5901 + - reason 5902 + - status 5903 + - type 5904 + type: object 5905 + type: array 5906 + inventory: 5907 + description: |- 5908 + Inventory contains the list of Kubernetes resource object references that 5909 + have been successfully applied. 5910 + properties: 5911 + entries: 5912 + description: Entries of Kubernetes resource object references. 5913 + items: 5914 + description: ResourceRef contains the information necessary 5915 + to locate a resource within a cluster. 5916 + properties: 5917 + id: 5918 + description: |- 5919 + ID is the string representation of the Kubernetes resource object's metadata, 5920 + in the format '<namespace>_<name>_<group>_<kind>'. 5921 + type: string 5922 + v: 5923 + description: Version is the API version of the Kubernetes 5924 + resource object's kind. 5925 + type: string 5926 + required: 5927 + - id 5928 + - v 5929 + type: object 5930 + type: array 5931 + required: 5932 + - entries 5933 + type: object 5934 + lastAppliedOriginRevision: 5935 + description: |- 5936 + The last successfully applied origin revision. 5937 + Equals the origin revision of the applied Artifact from the referenced Source. 5938 + Usually present on the Metadata of the applied Artifact and depends on the 5939 + Source type, e.g. for OCI it's the value associated with the key 5940 + "org.opencontainers.image.revision". 5941 + type: string 5942 + lastAppliedRevision: 5943 + description: |- 5944 + The last successfully applied revision. 5945 + Equals the Revision of the applied Artifact from the referenced Source. 5946 + type: string 5947 + lastAttemptedRevision: 5948 + description: LastAttemptedRevision is the revision of the last reconciliation 5949 + attempt. 5950 + type: string 5951 + lastHandledReconcileAt: 5952 + description: |- 5953 + LastHandledReconcileAt holds the value of the most recent 5954 + reconcile request value, so a change of the annotation value 5955 + can be detected. 5956 + type: string 5957 + observedGeneration: 5958 + description: ObservedGeneration is the last reconciled generation. 5959 + format: int64 5960 + type: integer 5961 + type: object 5962 + type: object 5963 + served: true 5964 + storage: true 5965 + subresources: 5966 + status: {} 5967 + - additionalPrinterColumns: 5968 + - jsonPath: .status.conditions[?(@.type=="Ready")].status 5969 + name: Ready 5970 + type: string 5971 + - jsonPath: .status.conditions[?(@.type=="Ready")].message 5972 + name: Status 5973 + type: string 5974 + - jsonPath: .metadata.creationTimestamp 5975 + name: Age 5976 + type: date 5977 + deprecated: true 5978 + deprecationWarning: v1beta1 Kustomization is deprecated, upgrade to v1 5979 + name: v1beta1 5980 + schema: 5981 + openAPIV3Schema: 5982 + description: Kustomization is the Schema for the kustomizations API. 5983 + properties: 5984 + apiVersion: 5985 + description: |- 5986 + APIVersion defines the versioned schema of this representation of an object. 5987 + Servers should convert recognized schemas to the latest internal value, and 5988 + may reject unrecognized values. 5989 + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources 5990 + type: string 5991 + kind: 5992 + description: |- 5993 + Kind is a string value representing the REST resource this object represents. 5994 + Servers may infer this from the endpoint the client submits requests to. 5995 + Cannot be updated. 5996 + In CamelCase. 5997 + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds 5998 + type: string 5999 + metadata: 6000 + type: object 6001 + spec: 6002 + description: KustomizationSpec defines the desired state of a kustomization. 6003 + properties: 6004 + decryption: 6005 + description: Decrypt Kubernetes secrets before applying them on the 6006 + cluster. 6007 + properties: 6008 + provider: 6009 + description: Provider is the name of the decryption engine. 6010 + enum: 6011 + - sops 6012 + type: string 6013 + secretRef: 6014 + description: The secret name containing the private OpenPGP keys 6015 + used for decryption. 6016 + properties: 6017 + name: 6018 + description: Name of the referent. 6019 + type: string 6020 + required: 6021 + - name 6022 + type: object 6023 + required: 6024 + - provider 6025 + type: object 6026 + dependsOn: 6027 + description: |- 6028 + DependsOn may contain a meta.NamespacedObjectReference slice 6029 + with references to Kustomization resources that must be ready before this 6030 + Kustomization can be reconciled. 6031 + items: 6032 + description: |- 6033 + NamespacedObjectReference contains enough information to locate the referenced Kubernetes resource object in any 6034 + namespace. 6035 + properties: 6036 + name: 6037 + description: Name of the referent. 6038 + type: string 6039 + namespace: 6040 + description: Namespace of the referent, when not specified it 6041 + acts as LocalObjectReference. 6042 + type: string 6043 + required: 6044 + - name 6045 + type: object 6046 + type: array 6047 + force: 6048 + default: false 6049 + description: |- 6050 + Force instructs the controller to recreate resources 6051 + when patching fails due to an immutable field change. 6052 + type: boolean 6053 + healthChecks: 6054 + description: A list of resources to be included in the health assessment. 6055 + items: 6056 + description: |- 6057 + NamespacedObjectKindReference contains enough information to locate the typed referenced Kubernetes resource object 6058 + in any namespace. 6059 + properties: 6060 + apiVersion: 6061 + description: API version of the referent, if not specified the 6062 + Kubernetes preferred version will be used. 6063 + type: string 6064 + kind: 6065 + description: Kind of the referent. 6066 + type: string 6067 + name: 6068 + description: Name of the referent. 6069 + type: string 6070 + namespace: 6071 + description: Namespace of the referent, when not specified it 6072 + acts as LocalObjectReference. 6073 + type: string 6074 + required: 6075 + - kind 6076 + - name 6077 + type: object 6078 + type: array 6079 + images: 6080 + description: |- 6081 + Images is a list of (image name, new name, new tag or digest) 6082 + for changing image names, tags or digests. This can also be achieved with a 6083 + patch, but this operator is simpler to specify. 6084 + items: 6085 + description: Image contains an image name, a new name, a new tag 6086 + or digest, which will replace the original name and tag. 6087 + properties: 6088 + digest: 6089 + description: |- 6090 + Digest is the value used to replace the original image tag. 6091 + If digest is present NewTag value is ignored. 6092 + type: string 6093 + name: 6094 + description: Name is a tag-less image name. 6095 + type: string 6096 + newName: 6097 + description: NewName is the value used to replace the original 6098 + name. 6099 + type: string 6100 + newTag: 6101 + description: NewTag is the value used to replace the original 6102 + tag. 6103 + type: string 6104 + required: 6105 + - name 6106 + type: object 6107 + type: array 6108 + interval: 6109 + description: The interval at which to reconcile the Kustomization. 6110 + type: string 6111 + kubeConfig: 6112 + description: |- 6113 + The KubeConfig for reconciling the Kustomization on a remote cluster. 6114 + When specified, KubeConfig takes precedence over ServiceAccountName. 6115 + properties: 6116 + secretRef: 6117 + description: |- 6118 + SecretRef holds the name to a secret that contains a 'value' key with 6119 + the kubeconfig file as the value. It must be in the same namespace as 6120 + the Kustomization. 6121 + It is recommended that the kubeconfig is self-contained, and the secret 6122 + is regularly updated if credentials such as a cloud-access-token expire. 6123 + Cloud specific `cmd-path` auth helpers will not function without adding 6124 + binaries and credentials to the Pod that is responsible for reconciling 6125 + the Kustomization. 6126 + properties: 6127 + name: 6128 + description: Name of the referent. 6129 + type: string 6130 + required: 6131 + - name 6132 + type: object 6133 + required: 6134 + - secretRef 6135 + type: object 6136 + patches: 6137 + description: |- 6138 + Strategic merge and JSON patches, defined as inline YAML objects, 6139 + capable of targeting objects based on kind, label and annotation selectors. 6140 + items: 6141 + description: |- 6142 + Patch contains an inline StrategicMerge or JSON6902 patch, and the target the patch should 6143 + be applied to. 6144 + properties: 6145 + patch: 6146 + description: |- 6147 + Patch contains an inline StrategicMerge patch or an inline JSON6902 patch with 6148 + an array of operation objects. 6149 + type: string 6150 + target: 6151 + description: Target points to the resources that the patch document 6152 + should be applied to. 6153 + properties: 6154 + annotationSelector: 6155 + description: |- 6156 + AnnotationSelector is a string that follows the label selection expression 6157 + https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#api 6158 + It matches with the resource annotations. 6159 + type: string 6160 + group: 6161 + description: |- 6162 + Group is the API group to select resources from. 6163 + Together with Version and Kind it is capable of unambiguously identifying and/or selecting resources. 6164 + https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md 6165 + type: string 6166 + kind: 6167 + description: |- 6168 + Kind of the API Group to select resources from. 6169 + Together with Group and Version it is capable of unambiguously 6170 + identifying and/or selecting resources. 6171 + https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md 6172 + type: string 6173 + labelSelector: 6174 + description: |- 6175 + LabelSelector is a string that follows the label selection expression 6176 + https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#api 6177 + It matches with the resource labels. 6178 + type: string 6179 + name: 6180 + description: Name to match resources with. 6181 + type: string 6182 + namespace: 6183 + description: Namespace to select resources from. 6184 + type: string 6185 + version: 6186 + description: |- 6187 + Version of the API Group to select resources from. 6188 + Together with Group and Kind it is capable of unambiguously identifying and/or selecting resources. 6189 + https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md 6190 + type: string 6191 + type: object 6192 + required: 6193 + - patch 6194 + type: object 6195 + type: array 6196 + patchesJson6902: 6197 + description: JSON 6902 patches, defined as inline YAML objects. 6198 + items: 6199 + description: JSON6902Patch contains a JSON6902 patch and the target 6200 + the patch should be applied to. 6201 + properties: 6202 + patch: 6203 + description: Patch contains the JSON6902 patch document with 6204 + an array of operation objects. 6205 + items: 6206 + description: |- 6207 + JSON6902 is a JSON6902 operation object. 6208 + https://datatracker.ietf.org/doc/html/rfc6902#section-4 6209 + properties: 6210 + from: 6211 + description: |- 6212 + From contains a JSON-pointer value that references a location within the target document where the operation is 6213 + performed. The meaning of the value depends on the value of Op, and is NOT taken into account by all operations. 6214 + type: string 6215 + op: 6216 + description: |- 6217 + Op indicates the operation to perform. Its value MUST be one of "add", "remove", "replace", "move", "copy", or 6218 + "test". 6219 + https://datatracker.ietf.org/doc/html/rfc6902#section-4 6220 + enum: 6221 + - test 6222 + - remove 6223 + - add 6224 + - replace 6225 + - move 6226 + - copy 6227 + type: string 6228 + path: 6229 + description: |- 6230 + Path contains the JSON-pointer value that references a location within the target document where the operation 6231 + is performed. The meaning of the value depends on the value of Op. 6232 + type: string 6233 + value: 6234 + description: |- 6235 + Value contains a valid JSON structure. The meaning of the value depends on the value of Op, and is NOT taken into 6236 + account by all operations. 6237 + x-kubernetes-preserve-unknown-fields: true 6238 + required: 6239 + - op 6240 + - path 6241 + type: object 6242 + type: array 6243 + target: 6244 + description: Target points to the resources that the patch document 6245 + should be applied to. 6246 + properties: 6247 + annotationSelector: 6248 + description: |- 6249 + AnnotationSelector is a string that follows the label selection expression 6250 + https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#api 6251 + It matches with the resource annotations. 6252 + type: string 6253 + group: 6254 + description: |- 6255 + Group is the API group to select resources from. 6256 + Together with Version and Kind it is capable of unambiguously identifying and/or selecting resources. 6257 + https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md 6258 + type: string 6259 + kind: 6260 + description: |- 6261 + Kind of the API Group to select resources from. 6262 + Together with Group and Version it is capable of unambiguously 6263 + identifying and/or selecting resources. 6264 + https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md 6265 + type: string 6266 + labelSelector: 6267 + description: |- 6268 + LabelSelector is a string that follows the label selection expression 6269 + https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#api 6270 + It matches with the resource labels. 6271 + type: string 6272 + name: 6273 + description: Name to match resources with. 6274 + type: string 6275 + namespace: 6276 + description: Namespace to select resources from. 6277 + type: string 6278 + version: 6279 + description: |- 6280 + Version of the API Group to select resources from. 6281 + Together with Group and Kind it is capable of unambiguously identifying and/or selecting resources. 6282 + https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md 6283 + type: string 6284 + type: object 6285 + required: 6286 + - patch 6287 + - target 6288 + type: object 6289 + type: array 6290 + patchesStrategicMerge: 6291 + description: Strategic merge patches, defined as inline YAML objects. 6292 + items: 6293 + x-kubernetes-preserve-unknown-fields: true 6294 + type: array 6295 + path: 6296 + description: |- 6297 + Path to the directory containing the kustomization.yaml file, or the 6298 + set of plain YAMLs a kustomization.yaml should be generated for. 6299 + Defaults to 'None', which translates to the root path of the SourceRef. 6300 + type: string 6301 + postBuild: 6302 + description: |- 6303 + PostBuild describes which actions to perform on the YAML manifest 6304 + generated by building the kustomize overlay. 6305 + properties: 6306 + substitute: 6307 + additionalProperties: 6308 + type: string 6309 + description: |- 6310 + Substitute holds a map of key/value pairs. 6311 + The variables defined in your YAML manifests 6312 + that match any of the keys defined in the map 6313 + will be substituted with the set value. 6314 + Includes support for bash string replacement functions 6315 + e.g. ${var:=default}, ${var:position} and ${var/substring/replacement}. 6316 + type: object 6317 + substituteFrom: 6318 + description: |- 6319 + SubstituteFrom holds references to ConfigMaps and Secrets containing 6320 + the variables and their values to be substituted in the YAML manifests. 6321 + The ConfigMap and the Secret data keys represent the var names and they 6322 + must match the vars declared in the manifests for the substitution to happen. 6323 + items: 6324 + description: |- 6325 + SubstituteReference contains a reference to a resource containing 6326 + the variables name and value. 6327 + properties: 6328 + kind: 6329 + description: Kind of the values referent, valid values are 6330 + ('Secret', 'ConfigMap'). 6331 + enum: 6332 + - Secret 6333 + - ConfigMap 6334 + type: string 6335 + name: 6336 + description: |- 6337 + Name of the values referent. Should reside in the same namespace as the 6338 + referring resource. 6339 + maxLength: 253 6340 + minLength: 1 6341 + type: string 6342 + required: 6343 + - kind 6344 + - name 6345 + type: object 6346 + type: array 6347 + type: object 6348 + prune: 6349 + description: Prune enables garbage collection. 6350 + type: boolean 6351 + retryInterval: 6352 + description: |- 6353 + The interval at which to retry a previously failed reconciliation. 6354 + When not specified, the controller uses the KustomizationSpec.Interval 6355 + value to retry failures. 6356 + type: string 6357 + serviceAccountName: 6358 + description: |- 6359 + The name of the Kubernetes service account to impersonate 6360 + when reconciling this Kustomization. 6361 + type: string 6362 + sourceRef: 6363 + description: Reference of the source where the kustomization file 6364 + is. 6365 + properties: 6366 + apiVersion: 6367 + description: API version of the referent 6368 + type: string 6369 + kind: 6370 + description: Kind of the referent 6371 + enum: 6372 + - GitRepository 6373 + - Bucket 6374 + type: string 6375 + name: 6376 + description: Name of the referent 6377 + type: string 6378 + namespace: 6379 + description: Namespace of the referent, defaults to the Kustomization 6380 + namespace 6381 + type: string 6382 + required: 6383 + - kind 6384 + - name 6385 + type: object 6386 + suspend: 6387 + description: |- 6388 + This flag tells the controller to suspend subsequent kustomize executions, 6389 + it does not apply to already started executions. Defaults to false. 6390 + type: boolean 6391 + targetNamespace: 6392 + description: |- 6393 + TargetNamespace sets or overrides the namespace in the 6394 + kustomization.yaml file. 6395 + maxLength: 63 6396 + minLength: 1 6397 + type: string 6398 + timeout: 6399 + description: |- 6400 + Timeout for validation, apply and health checking operations. 6401 + Defaults to 'Interval' duration. 6402 + type: string 6403 + validation: 6404 + description: |- 6405 + Validate the Kubernetes objects before applying them on the cluster. 6406 + The validation strategy can be 'client' (local dry-run), 'server' 6407 + (APIServer dry-run) or 'none'. 6408 + When 'Force' is 'true', validation will fallback to 'client' if set to 6409 + 'server' because server-side validation is not supported in this scenario. 6410 + enum: 6411 + - none 6412 + - client 6413 + - server 6414 + type: string 6415 + required: 6416 + - interval 6417 + - prune 6418 + - sourceRef 6419 + type: object 6420 + status: 6421 + default: 6422 + observedGeneration: -1 6423 + description: KustomizationStatus defines the observed state of a kustomization. 6424 + properties: 6425 + conditions: 6426 + items: 6427 + description: Condition contains details for one aspect of the current 6428 + state of this API Resource. 6429 + properties: 6430 + lastTransitionTime: 6431 + description: |- 6432 + lastTransitionTime is the last time the condition transitioned from one status to another. 6433 + This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. 6434 + format: date-time 6435 + type: string 6436 + message: 6437 + description: |- 6438 + message is a human readable message indicating details about the transition. 6439 + This may be an empty string. 6440 + maxLength: 32768 6441 + type: string 6442 + observedGeneration: 6443 + description: |- 6444 + observedGeneration represents the .metadata.generation that the condition was set based upon. 6445 + For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date 6446 + with respect to the current state of the instance. 6447 + format: int64 6448 + minimum: 0 6449 + type: integer 6450 + reason: 6451 + description: |- 6452 + reason contains a programmatic identifier indicating the reason for the condition's last transition. 6453 + Producers of specific condition types may define expected values and meanings for this field, 6454 + and whether the values are considered a guaranteed API. 6455 + The value should be a CamelCase string. 6456 + This field may not be empty. 6457 + maxLength: 1024 6458 + minLength: 1 6459 + pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ 6460 + type: string 6461 + status: 6462 + description: status of the condition, one of True, False, Unknown. 6463 + enum: 6464 + - "True" 6465 + - "False" 6466 + - Unknown 6467 + type: string 6468 + type: 6469 + description: type of condition in CamelCase or in foo.example.com/CamelCase. 6470 + maxLength: 316 6471 + pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ 6472 + type: string 6473 + required: 6474 + - lastTransitionTime 6475 + - message 6476 + - reason 6477 + - status 6478 + - type 6479 + type: object 6480 + type: array 6481 + lastAppliedRevision: 6482 + description: |- 6483 + The last successfully applied revision. 6484 + The revision format for Git sources is <branch|tag>/<commit-sha>. 6485 + type: string 6486 + lastAttemptedRevision: 6487 + description: LastAttemptedRevision is the revision of the last reconciliation 6488 + attempt. 6489 + type: string 6490 + lastHandledReconcileAt: 6491 + description: |- 6492 + LastHandledReconcileAt holds the value of the most recent 6493 + reconcile request value, so a change of the annotation value 6494 + can be detected. 6495 + type: string 6496 + observedGeneration: 6497 + description: ObservedGeneration is the last reconciled generation. 6498 + format: int64 6499 + type: integer 6500 + snapshot: 6501 + description: The last successfully applied revision metadata. 6502 + properties: 6503 + checksum: 6504 + description: The manifests sha1 checksum. 6505 + type: string 6506 + entries: 6507 + description: A list of Kubernetes kinds grouped by namespace. 6508 + items: 6509 + description: |- 6510 + Snapshot holds the metadata of namespaced 6511 + Kubernetes objects 6512 + properties: 6513 + kinds: 6514 + additionalProperties: 6515 + type: string 6516 + description: The list of Kubernetes kinds. 6517 + type: object 6518 + namespace: 6519 + description: The namespace of this entry. 6520 + type: string 6521 + required: 6522 + - kinds 6523 + type: object 6524 + type: array 6525 + required: 6526 + - checksum 6527 + - entries 6528 + type: object 6529 + type: object 6530 + type: object 6531 + served: true 6532 + storage: false 6533 + subresources: 6534 + status: {} 6535 + - additionalPrinterColumns: 6536 + - jsonPath: .metadata.creationTimestamp 6537 + name: Age 6538 + type: date 6539 + - jsonPath: .status.conditions[?(@.type=="Ready")].status 6540 + name: Ready 6541 + type: string 6542 + - jsonPath: .status.conditions[?(@.type=="Ready")].message 6543 + name: Status 6544 + type: string 6545 + deprecated: true 6546 + deprecationWarning: v1beta2 Kustomization is deprecated, upgrade to v1 6547 + name: v1beta2 6548 + schema: 6549 + openAPIV3Schema: 6550 + description: Kustomization is the Schema for the kustomizations API. 6551 + properties: 6552 + apiVersion: 6553 + description: |- 6554 + APIVersion defines the versioned schema of this representation of an object. 6555 + Servers should convert recognized schemas to the latest internal value, and 6556 + may reject unrecognized values. 6557 + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources 6558 + type: string 6559 + kind: 6560 + description: |- 6561 + Kind is a string value representing the REST resource this object represents. 6562 + Servers may infer this from the endpoint the client submits requests to. 6563 + Cannot be updated. 6564 + In CamelCase. 6565 + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds 6566 + type: string 6567 + metadata: 6568 + type: object 6569 + spec: 6570 + description: KustomizationSpec defines the configuration to calculate 6571 + the desired state from a Source using Kustomize. 6572 + properties: 6573 + commonMetadata: 6574 + description: |- 6575 + CommonMetadata specifies the common labels and annotations that are applied to all resources. 6576 + Any existing label or annotation will be overridden if its key matches a common one. 6577 + properties: 6578 + annotations: 6579 + additionalProperties: 6580 + type: string 6581 + description: Annotations to be added to the object's metadata. 6582 + type: object 6583 + labels: 6584 + additionalProperties: 6585 + type: string 6586 + description: Labels to be added to the object's metadata. 6587 + type: object 6588 + type: object 6589 + components: 6590 + description: Components specifies relative paths to specifications 6591 + of other Components. 6592 + items: 6593 + type: string 6594 + type: array 6595 + decryption: 6596 + description: Decrypt Kubernetes secrets before applying them on the 6597 + cluster. 6598 + properties: 6599 + provider: 6600 + description: Provider is the name of the decryption engine. 6601 + enum: 6602 + - sops 6603 + type: string 6604 + secretRef: 6605 + description: The secret name containing the private OpenPGP keys 6606 + used for decryption. 6607 + properties: 6608 + name: 6609 + description: Name of the referent. 6610 + type: string 6611 + required: 6612 + - name 6613 + type: object 6614 + required: 6615 + - provider 6616 + type: object 6617 + dependsOn: 6618 + description: |- 6619 + DependsOn may contain a meta.NamespacedObjectReference slice 6620 + with references to Kustomization resources that must be ready before this 6621 + Kustomization can be reconciled. 6622 + items: 6623 + description: |- 6624 + NamespacedObjectReference contains enough information to locate the referenced Kubernetes resource object in any 6625 + namespace. 6626 + properties: 6627 + name: 6628 + description: Name of the referent. 6629 + type: string 6630 + namespace: 6631 + description: Namespace of the referent, when not specified it 6632 + acts as LocalObjectReference. 6633 + type: string 6634 + required: 6635 + - name 6636 + type: object 6637 + type: array 6638 + force: 6639 + default: false 6640 + description: |- 6641 + Force instructs the controller to recreate resources 6642 + when patching fails due to an immutable field change. 6643 + type: boolean 6644 + healthChecks: 6645 + description: A list of resources to be included in the health assessment. 6646 + items: 6647 + description: |- 6648 + NamespacedObjectKindReference contains enough information to locate the typed referenced Kubernetes resource object 6649 + in any namespace. 6650 + properties: 6651 + apiVersion: 6652 + description: API version of the referent, if not specified the 6653 + Kubernetes preferred version will be used. 6654 + type: string 6655 + kind: 6656 + description: Kind of the referent. 6657 + type: string 6658 + name: 6659 + description: Name of the referent. 6660 + type: string 6661 + namespace: 6662 + description: Namespace of the referent, when not specified it 6663 + acts as LocalObjectReference. 6664 + type: string 6665 + required: 6666 + - kind 6667 + - name 6668 + type: object 6669 + type: array 6670 + images: 6671 + description: |- 6672 + Images is a list of (image name, new name, new tag or digest) 6673 + for changing image names, tags or digests. This can also be achieved with a 6674 + patch, but this operator is simpler to specify. 6675 + items: 6676 + description: Image contains an image name, a new name, a new tag 6677 + or digest, which will replace the original name and tag. 6678 + properties: 6679 + digest: 6680 + description: |- 6681 + Digest is the value used to replace the original image tag. 6682 + If digest is present NewTag value is ignored. 6683 + type: string 6684 + name: 6685 + description: Name is a tag-less image name. 6686 + type: string 6687 + newName: 6688 + description: NewName is the value used to replace the original 6689 + name. 6690 + type: string 6691 + newTag: 6692 + description: NewTag is the value used to replace the original 6693 + tag. 6694 + type: string 6695 + required: 6696 + - name 6697 + type: object 6698 + type: array 6699 + interval: 6700 + description: The interval at which to reconcile the Kustomization. 6701 + pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$ 6702 + type: string 6703 + kubeConfig: 6704 + description: |- 6705 + The KubeConfig for reconciling the Kustomization on a remote cluster. 6706 + When used in combination with KustomizationSpec.ServiceAccountName, 6707 + forces the controller to act on behalf of that Service Account at the 6708 + target cluster. 6709 + If the --default-service-account flag is set, its value will be used as 6710 + a controller level fallback for when KustomizationSpec.ServiceAccountName 6711 + is empty. 6712 + properties: 6713 + secretRef: 6714 + description: |- 6715 + SecretRef holds the name of a secret that contains a key with 6716 + the kubeconfig file as the value. If no key is set, the key will default 6717 + to 'value'. 6718 + It is recommended that the kubeconfig is self-contained, and the secret 6719 + is regularly updated if credentials such as a cloud-access-token expire. 6720 + Cloud specific `cmd-path` auth helpers will not function without adding 6721 + binaries and credentials to the Pod that is responsible for reconciling 6722 + Kubernetes resources. 6723 + properties: 6724 + key: 6725 + description: Key in the Secret, when not specified an implementation-specific 6726 + default key is used. 6727 + type: string 6728 + name: 6729 + description: Name of the Secret. 6730 + type: string 6731 + required: 6732 + - name 6733 + type: object 6734 + required: 6735 + - secretRef 6736 + type: object 6737 + patches: 6738 + description: |- 6739 + Strategic merge and JSON patches, defined as inline YAML objects, 6740 + capable of targeting objects based on kind, label and annotation selectors. 6741 + items: 6742 + description: |- 6743 + Patch contains an inline StrategicMerge or JSON6902 patch, and the target the patch should 6744 + be applied to. 6745 + properties: 6746 + patch: 6747 + description: |- 6748 + Patch contains an inline StrategicMerge patch or an inline JSON6902 patch with 6749 + an array of operation objects. 6750 + type: string 6751 + target: 6752 + description: Target points to the resources that the patch document 6753 + should be applied to. 6754 + properties: 6755 + annotationSelector: 6756 + description: |- 6757 + AnnotationSelector is a string that follows the label selection expression 6758 + https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#api 6759 + It matches with the resource annotations. 6760 + type: string 6761 + group: 6762 + description: |- 6763 + Group is the API group to select resources from. 6764 + Together with Version and Kind it is capable of unambiguously identifying and/or selecting resources. 6765 + https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md 6766 + type: string 6767 + kind: 6768 + description: |- 6769 + Kind of the API Group to select resources from. 6770 + Together with Group and Version it is capable of unambiguously 6771 + identifying and/or selecting resources. 6772 + https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md 6773 + type: string 6774 + labelSelector: 6775 + description: |- 6776 + LabelSelector is a string that follows the label selection expression 6777 + https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#api 6778 + It matches with the resource labels. 6779 + type: string 6780 + name: 6781 + description: Name to match resources with. 6782 + type: string 6783 + namespace: 6784 + description: Namespace to select resources from. 6785 + type: string 6786 + version: 6787 + description: |- 6788 + Version of the API Group to select resources from. 6789 + Together with Group and Kind it is capable of unambiguously identifying and/or selecting resources. 6790 + https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md 6791 + type: string 6792 + type: object 6793 + required: 6794 + - patch 6795 + type: object 6796 + type: array 6797 + patchesJson6902: 6798 + description: |- 6799 + JSON 6902 patches, defined as inline YAML objects. 6800 + Deprecated: Use Patches instead. 6801 + items: 6802 + description: JSON6902Patch contains a JSON6902 patch and the target 6803 + the patch should be applied to. 6804 + properties: 6805 + patch: 6806 + description: Patch contains the JSON6902 patch document with 6807 + an array of operation objects. 6808 + items: 6809 + description: |- 6810 + JSON6902 is a JSON6902 operation object. 6811 + https://datatracker.ietf.org/doc/html/rfc6902#section-4 6812 + properties: 6813 + from: 6814 + description: |- 6815 + From contains a JSON-pointer value that references a location within the target document where the operation is 6816 + performed. The meaning of the value depends on the value of Op, and is NOT taken into account by all operations. 6817 + type: string 6818 + op: 6819 + description: |- 6820 + Op indicates the operation to perform. Its value MUST be one of "add", "remove", "replace", "move", "copy", or 6821 + "test". 6822 + https://datatracker.ietf.org/doc/html/rfc6902#section-4 6823 + enum: 6824 + - test 6825 + - remove 6826 + - add 6827 + - replace 6828 + - move 6829 + - copy 6830 + type: string 6831 + path: 6832 + description: |- 6833 + Path contains the JSON-pointer value that references a location within the target document where the operation 6834 + is performed. The meaning of the value depends on the value of Op. 6835 + type: string 6836 + value: 6837 + description: |- 6838 + Value contains a valid JSON structure. The meaning of the value depends on the value of Op, and is NOT taken into 6839 + account by all operations. 6840 + x-kubernetes-preserve-unknown-fields: true 6841 + required: 6842 + - op 6843 + - path 6844 + type: object 6845 + type: array 6846 + target: 6847 + description: Target points to the resources that the patch document 6848 + should be applied to. 6849 + properties: 6850 + annotationSelector: 6851 + description: |- 6852 + AnnotationSelector is a string that follows the label selection expression 6853 + https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#api 6854 + It matches with the resource annotations. 6855 + type: string 6856 + group: 6857 + description: |- 6858 + Group is the API group to select resources from. 6859 + Together with Version and Kind it is capable of unambiguously identifying and/or selecting resources. 6860 + https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md 6861 + type: string 6862 + kind: 6863 + description: |- 6864 + Kind of the API Group to select resources from. 6865 + Together with Group and Version it is capable of unambiguously 6866 + identifying and/or selecting resources. 6867 + https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md 6868 + type: string 6869 + labelSelector: 6870 + description: |- 6871 + LabelSelector is a string that follows the label selection expression 6872 + https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#api 6873 + It matches with the resource labels. 6874 + type: string 6875 + name: 6876 + description: Name to match resources with. 6877 + type: string 6878 + namespace: 6879 + description: Namespace to select resources from. 6880 + type: string 6881 + version: 6882 + description: |- 6883 + Version of the API Group to select resources from. 6884 + Together with Group and Kind it is capable of unambiguously identifying and/or selecting resources. 6885 + https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md 6886 + type: string 6887 + type: object 6888 + required: 6889 + - patch 6890 + - target 6891 + type: object 6892 + type: array 6893 + patchesStrategicMerge: 6894 + description: |- 6895 + Strategic merge patches, defined as inline YAML objects. 6896 + Deprecated: Use Patches instead. 6897 + items: 6898 + x-kubernetes-preserve-unknown-fields: true 6899 + type: array 6900 + path: 6901 + description: |- 6902 + Path to the directory containing the kustomization.yaml file, or the 6903 + set of plain YAMLs a kustomization.yaml should be generated for. 6904 + Defaults to 'None', which translates to the root path of the SourceRef. 6905 + type: string 6906 + postBuild: 6907 + description: |- 6908 + PostBuild describes which actions to perform on the YAML manifest 6909 + generated by building the kustomize overlay. 6910 + properties: 6911 + substitute: 6912 + additionalProperties: 6913 + type: string 6914 + description: |- 6915 + Substitute holds a map of key/value pairs. 6916 + The variables defined in your YAML manifests 6917 + that match any of the keys defined in the map 6918 + will be substituted with the set value. 6919 + Includes support for bash string replacement functions 6920 + e.g. ${var:=default}, ${var:position} and ${var/substring/replacement}. 6921 + type: object 6922 + substituteFrom: 6923 + description: |- 6924 + SubstituteFrom holds references to ConfigMaps and Secrets containing 6925 + the variables and their values to be substituted in the YAML manifests. 6926 + The ConfigMap and the Secret data keys represent the var names and they 6927 + must match the vars declared in the manifests for the substitution to happen. 6928 + items: 6929 + description: |- 6930 + SubstituteReference contains a reference to a resource containing 6931 + the variables name and value. 6932 + properties: 6933 + kind: 6934 + description: Kind of the values referent, valid values are 6935 + ('Secret', 'ConfigMap'). 6936 + enum: 6937 + - Secret 6938 + - ConfigMap 6939 + type: string 6940 + name: 6941 + description: |- 6942 + Name of the values referent. Should reside in the same namespace as the 6943 + referring resource. 6944 + maxLength: 253 6945 + minLength: 1 6946 + type: string 6947 + optional: 6948 + default: false 6949 + description: |- 6950 + Optional indicates whether the referenced resource must exist, or whether to 6951 + tolerate its absence. If true and the referenced resource is absent, proceed 6952 + as if the resource was present but empty, without any variables defined. 6953 + type: boolean 6954 + required: 6955 + - kind 6956 + - name 6957 + type: object 6958 + type: array 6959 + type: object 6960 + prune: 6961 + description: Prune enables garbage collection. 6962 + type: boolean 6963 + retryInterval: 6964 + description: |- 6965 + The interval at which to retry a previously failed reconciliation. 6966 + When not specified, the controller uses the KustomizationSpec.Interval 6967 + value to retry failures. 6968 + pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$ 6969 + type: string 6970 + serviceAccountName: 6971 + description: |- 6972 + The name of the Kubernetes service account to impersonate 6973 + when reconciling this Kustomization. 6974 + type: string 6975 + sourceRef: 6976 + description: Reference of the source where the kustomization file 6977 + is. 6978 + properties: 6979 + apiVersion: 6980 + description: API version of the referent. 6981 + type: string 6982 + kind: 6983 + description: Kind of the referent. 6984 + enum: 6985 + - OCIRepository 6986 + - GitRepository 6987 + - Bucket 6988 + type: string 6989 + name: 6990 + description: Name of the referent. 6991 + type: string 6992 + namespace: 6993 + description: Namespace of the referent, defaults to the namespace 6994 + of the Kubernetes resource object that contains the reference. 6995 + type: string 6996 + required: 6997 + - kind 6998 + - name 6999 + type: object 7000 + suspend: 7001 + description: |- 7002 + This flag tells the controller to suspend subsequent kustomize executions, 7003 + it does not apply to already started executions. Defaults to false. 7004 + type: boolean 7005 + targetNamespace: 7006 + description: |- 7007 + TargetNamespace sets or overrides the namespace in the 7008 + kustomization.yaml file. 7009 + maxLength: 63 7010 + minLength: 1 7011 + type: string 7012 + timeout: 7013 + description: |- 7014 + Timeout for validation, apply and health checking operations. 7015 + Defaults to 'Interval' duration. 7016 + pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$ 7017 + type: string 7018 + validation: 7019 + description: 'Deprecated: Not used in v1beta2.' 7020 + enum: 7021 + - none 7022 + - client 7023 + - server 7024 + type: string 7025 + wait: 7026 + description: |- 7027 + Wait instructs the controller to check the health of all the reconciled resources. 7028 + When enabled, the HealthChecks are ignored. Defaults to false. 7029 + type: boolean 7030 + required: 7031 + - interval 7032 + - prune 7033 + - sourceRef 7034 + type: object 7035 + status: 7036 + default: 7037 + observedGeneration: -1 7038 + description: KustomizationStatus defines the observed state of a kustomization. 7039 + properties: 7040 + conditions: 7041 + items: 7042 + description: Condition contains details for one aspect of the current 7043 + state of this API Resource. 7044 + properties: 7045 + lastTransitionTime: 7046 + description: |- 7047 + lastTransitionTime is the last time the condition transitioned from one status to another. 7048 + This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. 7049 + format: date-time 7050 + type: string 7051 + message: 7052 + description: |- 7053 + message is a human readable message indicating details about the transition. 7054 + This may be an empty string. 7055 + maxLength: 32768 7056 + type: string 7057 + observedGeneration: 7058 + description: |- 7059 + observedGeneration represents the .metadata.generation that the condition was set based upon. 7060 + For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date 7061 + with respect to the current state of the instance. 7062 + format: int64 7063 + minimum: 0 7064 + type: integer 7065 + reason: 7066 + description: |- 7067 + reason contains a programmatic identifier indicating the reason for the condition's last transition. 7068 + Producers of specific condition types may define expected values and meanings for this field, 7069 + and whether the values are considered a guaranteed API. 7070 + The value should be a CamelCase string. 7071 + This field may not be empty. 7072 + maxLength: 1024 7073 + minLength: 1 7074 + pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ 7075 + type: string 7076 + status: 7077 + description: status of the condition, one of True, False, Unknown. 7078 + enum: 7079 + - "True" 7080 + - "False" 7081 + - Unknown 7082 + type: string 7083 + type: 7084 + description: type of condition in CamelCase or in foo.example.com/CamelCase. 7085 + maxLength: 316 7086 + pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ 7087 + type: string 7088 + required: 7089 + - lastTransitionTime 7090 + - message 7091 + - reason 7092 + - status 7093 + - type 7094 + type: object 7095 + type: array 7096 + inventory: 7097 + description: Inventory contains the list of Kubernetes resource object 7098 + references that have been successfully applied. 7099 + properties: 7100 + entries: 7101 + description: Entries of Kubernetes resource object references. 7102 + items: 7103 + description: ResourceRef contains the information necessary 7104 + to locate a resource within a cluster. 7105 + properties: 7106 + id: 7107 + description: |- 7108 + ID is the string representation of the Kubernetes resource object's metadata, 7109 + in the format '<namespace>_<name>_<group>_<kind>'. 7110 + type: string 7111 + v: 7112 + description: Version is the API version of the Kubernetes 7113 + resource object's kind. 7114 + type: string 7115 + required: 7116 + - id 7117 + - v 7118 + type: object 7119 + type: array 7120 + required: 7121 + - entries 7122 + type: object 7123 + lastAppliedRevision: 7124 + description: |- 7125 + The last successfully applied revision. 7126 + Equals the Revision of the applied Artifact from the referenced Source. 7127 + type: string 7128 + lastAttemptedRevision: 7129 + description: LastAttemptedRevision is the revision of the last reconciliation 7130 + attempt. 7131 + type: string 7132 + lastHandledReconcileAt: 7133 + description: |- 7134 + LastHandledReconcileAt holds the value of the most recent 7135 + reconcile request value, so a change of the annotation value 7136 + can be detected. 7137 + type: string 7138 + observedGeneration: 7139 + description: ObservedGeneration is the last reconciled generation. 7140 + format: int64 7141 + type: integer 7142 + type: object 7143 + type: object 7144 + served: true 7145 + storage: false 7146 + subresources: 7147 + status: {} 7148 + --- 7149 + apiVersion: v1 7150 + kind: ServiceAccount 7151 + metadata: 7152 + labels: 7153 + app.kubernetes.io/component: kustomize-controller 7154 + app.kubernetes.io/instance: flux-system 7155 + app.kubernetes.io/part-of: flux 7156 + app.kubernetes.io/version: v2.6.4 7157 + name: kustomize-controller 7158 + namespace: flux-system 7159 + --- 7160 + apiVersion: apps/v1 7161 + kind: Deployment 7162 + metadata: 7163 + labels: 7164 + app.kubernetes.io/component: kustomize-controller 7165 + app.kubernetes.io/instance: flux-system 7166 + app.kubernetes.io/part-of: flux 7167 + app.kubernetes.io/version: v2.6.4 7168 + control-plane: controller 7169 + name: kustomize-controller 7170 + namespace: flux-system 7171 + spec: 7172 + replicas: 1 7173 + selector: 7174 + matchLabels: 7175 + app: kustomize-controller 7176 + template: 7177 + metadata: 7178 + annotations: 7179 + prometheus.io/port: "8080" 7180 + prometheus.io/scrape: "true" 7181 + labels: 7182 + app: kustomize-controller 7183 + spec: 7184 + containers: 7185 + - args: 7186 + - --events-addr=http://notification-controller.flux-system.svc.cluster.local./ 7187 + - --watch-all-namespaces=true 7188 + - --log-level=info 7189 + - --log-encoding=json 7190 + - --enable-leader-election 7191 + env: 7192 + - name: RUNTIME_NAMESPACE 7193 + valueFrom: 7194 + fieldRef: 7195 + fieldPath: metadata.namespace 7196 + - name: GOMAXPROCS 7197 + valueFrom: 7198 + resourceFieldRef: 7199 + containerName: manager 7200 + resource: limits.cpu 7201 + - name: GOMEMLIMIT 7202 + valueFrom: 7203 + resourceFieldRef: 7204 + containerName: manager 7205 + resource: limits.memory 7206 + image: ghcr.io/fluxcd/kustomize-controller:v1.6.1 7207 + imagePullPolicy: IfNotPresent 7208 + livenessProbe: 7209 + httpGet: 7210 + path: /healthz 7211 + port: healthz 7212 + name: manager 7213 + ports: 7214 + - containerPort: 8080 7215 + name: http-prom 7216 + protocol: TCP 7217 + - containerPort: 9440 7218 + name: healthz 7219 + protocol: TCP 7220 + readinessProbe: 7221 + httpGet: 7222 + path: /readyz 7223 + port: healthz 7224 + resources: 7225 + limits: 7226 + cpu: 1000m 7227 + memory: 1Gi 7228 + requests: 7229 + cpu: 100m 7230 + memory: 64Mi 7231 + securityContext: 7232 + allowPrivilegeEscalation: false 7233 + capabilities: 7234 + drop: 7235 + - ALL 7236 + readOnlyRootFilesystem: true 7237 + runAsNonRoot: true 7238 + seccompProfile: 7239 + type: RuntimeDefault 7240 + volumeMounts: 7241 + - mountPath: /tmp 7242 + name: temp 7243 + nodeSelector: 7244 + kubernetes.io/os: linux 7245 + priorityClassName: system-cluster-critical 7246 + securityContext: 7247 + fsGroup: 1337 7248 + serviceAccountName: kustomize-controller 7249 + terminationGracePeriodSeconds: 60 7250 + volumes: 7251 + - emptyDir: {} 7252 + name: temp 7253 + --- 7254 + apiVersion: apiextensions.k8s.io/v1 7255 + kind: CustomResourceDefinition 7256 + metadata: 7257 + annotations: 7258 + controller-gen.kubebuilder.io/version: v0.16.1 7259 + labels: 7260 + app.kubernetes.io/component: helm-controller 7261 + app.kubernetes.io/instance: flux-system 7262 + app.kubernetes.io/part-of: flux 7263 + app.kubernetes.io/version: v2.6.4 7264 + name: helmreleases.helm.toolkit.fluxcd.io 7265 + spec: 7266 + group: helm.toolkit.fluxcd.io 7267 + names: 7268 + kind: HelmRelease 7269 + listKind: HelmReleaseList 7270 + plural: helmreleases 7271 + shortNames: 7272 + - hr 7273 + singular: helmrelease 7274 + scope: Namespaced 7275 + versions: 7276 + - additionalPrinterColumns: 7277 + - jsonPath: .metadata.creationTimestamp 7278 + name: Age 7279 + type: date 7280 + - jsonPath: .status.conditions[?(@.type=="Ready")].status 7281 + name: Ready 7282 + type: string 7283 + - jsonPath: .status.conditions[?(@.type=="Ready")].message 7284 + name: Status 7285 + type: string 7286 + name: v2 7287 + schema: 7288 + openAPIV3Schema: 7289 + description: HelmRelease is the Schema for the helmreleases API 7290 + properties: 7291 + apiVersion: 7292 + description: |- 7293 + APIVersion defines the versioned schema of this representation of an object. 7294 + Servers should convert recognized schemas to the latest internal value, and 7295 + may reject unrecognized values. 7296 + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources 7297 + type: string 7298 + kind: 7299 + description: |- 7300 + Kind is a string value representing the REST resource this object represents. 7301 + Servers may infer this from the endpoint the client submits requests to. 7302 + Cannot be updated. 7303 + In CamelCase. 7304 + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds 7305 + type: string 7306 + metadata: 7307 + type: object 7308 + spec: 7309 + description: HelmReleaseSpec defines the desired state of a Helm release. 7310 + properties: 7311 + chart: 7312 + description: |- 7313 + Chart defines the template of the v1.HelmChart that should be created 7314 + for this HelmRelease. 7315 + properties: 7316 + metadata: 7317 + description: ObjectMeta holds the template for metadata like labels 7318 + and annotations. 7319 + properties: 7320 + annotations: 7321 + additionalProperties: 7322 + type: string 7323 + description: |- 7324 + Annotations is an unstructured key value map stored with a resource that may be 7325 + set by external tools to store and retrieve arbitrary metadata. They are not 7326 + queryable and should be preserved when modifying objects. 7327 + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations/ 7328 + type: object 7329 + labels: 7330 + additionalProperties: 7331 + type: string 7332 + description: |- 7333 + Map of string keys and values that can be used to organize and categorize 7334 + (scope and select) objects. 7335 + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/ 7336 + type: object 7337 + type: object 7338 + spec: 7339 + description: Spec holds the template for the v1.HelmChartSpec 7340 + for this HelmRelease. 7341 + properties: 7342 + chart: 7343 + description: The name or path the Helm chart is available 7344 + at in the SourceRef. 7345 + maxLength: 2048 7346 + minLength: 1 7347 + type: string 7348 + ignoreMissingValuesFiles: 7349 + description: IgnoreMissingValuesFiles controls whether to 7350 + silently ignore missing values files rather than failing. 7351 + type: boolean 7352 + interval: 7353 + description: |- 7354 + Interval at which to check the v1.Source for updates. Defaults to 7355 + 'HelmReleaseSpec.Interval'. 7356 + pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$ 7357 + type: string 7358 + reconcileStrategy: 7359 + default: ChartVersion 7360 + description: |- 7361 + Determines what enables the creation of a new artifact. Valid values are 7362 + ('ChartVersion', 'Revision'). 7363 + See the documentation of the values for an explanation on their behavior. 7364 + Defaults to ChartVersion when omitted. 7365 + enum: 7366 + - ChartVersion 7367 + - Revision 7368 + type: string 7369 + sourceRef: 7370 + description: The name and namespace of the v1.Source the chart 7371 + is available at. 7372 + properties: 7373 + apiVersion: 7374 + description: APIVersion of the referent. 7375 + type: string 7376 + kind: 7377 + description: Kind of the referent. 7378 + enum: 7379 + - HelmRepository 7380 + - GitRepository 7381 + - Bucket 7382 + type: string 7383 + name: 7384 + description: Name of the referent. 7385 + maxLength: 253 7386 + minLength: 1 7387 + type: string 7388 + namespace: 7389 + description: Namespace of the referent. 7390 + maxLength: 63 7391 + minLength: 1 7392 + type: string 7393 + required: 7394 + - kind 7395 + - name 7396 + type: object 7397 + valuesFiles: 7398 + description: |- 7399 + Alternative list of values files to use as the chart values (values.yaml 7400 + is not included by default), expected to be a relative path in the SourceRef. 7401 + Values files are merged in the order of this list with the last file overriding 7402 + the first. Ignored when omitted. 7403 + items: 7404 + type: string 7405 + type: array 7406 + verify: 7407 + description: |- 7408 + Verify contains the secret name containing the trusted public keys 7409 + used to verify the signature and specifies which provider to use to check 7410 + whether OCI image is authentic. 7411 + This field is only supported for OCI sources. 7412 + Chart dependencies, which are not bundled in the umbrella chart artifact, 7413 + are not verified. 7414 + properties: 7415 + provider: 7416 + default: cosign 7417 + description: Provider specifies the technology used to 7418 + sign the OCI Helm chart. 7419 + enum: 7420 + - cosign 7421 + - notation 7422 + type: string 7423 + secretRef: 7424 + description: |- 7425 + SecretRef specifies the Kubernetes Secret containing the 7426 + trusted public keys. 7427 + properties: 7428 + name: 7429 + description: Name of the referent. 7430 + type: string 7431 + required: 7432 + - name 7433 + type: object 7434 + required: 7435 + - provider 7436 + type: object 7437 + version: 7438 + default: '*' 7439 + description: |- 7440 + Version semver expression, ignored for charts from v1.GitRepository and 7441 + v1beta2.Bucket sources. Defaults to latest when omitted. 7442 + type: string 7443 + required: 7444 + - chart 7445 + - sourceRef 7446 + type: object 7447 + required: 7448 + - spec 7449 + type: object 7450 + chartRef: 7451 + description: |- 7452 + ChartRef holds a reference to a source controller resource containing the 7453 + Helm chart artifact. 7454 + properties: 7455 + apiVersion: 7456 + description: APIVersion of the referent. 7457 + type: string 7458 + kind: 7459 + description: Kind of the referent. 7460 + enum: 7461 + - OCIRepository 7462 + - HelmChart 7463 + type: string 7464 + name: 7465 + description: Name of the referent. 7466 + maxLength: 253 7467 + minLength: 1 7468 + type: string 7469 + namespace: 7470 + description: |- 7471 + Namespace of the referent, defaults to the namespace of the Kubernetes 7472 + resource object that contains the reference. 7473 + maxLength: 63 7474 + minLength: 1 7475 + type: string 7476 + required: 7477 + - kind 7478 + - name 7479 + type: object 7480 + dependsOn: 7481 + description: |- 7482 + DependsOn may contain a meta.NamespacedObjectReference slice with 7483 + references to HelmRelease resources that must be ready before this HelmRelease 7484 + can be reconciled. 7485 + items: 7486 + description: |- 7487 + NamespacedObjectReference contains enough information to locate the referenced Kubernetes resource object in any 7488 + namespace. 7489 + properties: 7490 + name: 7491 + description: Name of the referent. 7492 + type: string 7493 + namespace: 7494 + description: Namespace of the referent, when not specified it 7495 + acts as LocalObjectReference. 7496 + type: string 7497 + required: 7498 + - name 7499 + type: object 7500 + type: array 7501 + driftDetection: 7502 + description: |- 7503 + DriftDetection holds the configuration for detecting and handling 7504 + differences between the manifest in the Helm storage and the resources 7505 + currently existing in the cluster. 7506 + properties: 7507 + ignore: 7508 + description: |- 7509 + Ignore contains a list of rules for specifying which changes to ignore 7510 + during diffing. 7511 + items: 7512 + description: |- 7513 + IgnoreRule defines a rule to selectively disregard specific changes during 7514 + the drift detection process. 7515 + properties: 7516 + paths: 7517 + description: |- 7518 + Paths is a list of JSON Pointer (RFC 6901) paths to be excluded from 7519 + consideration in a Kubernetes object. 7520 + items: 7521 + type: string 7522 + type: array 7523 + target: 7524 + description: |- 7525 + Target is a selector for specifying Kubernetes objects to which this 7526 + rule applies. 7527 + If Target is not set, the Paths will be ignored for all Kubernetes 7528 + objects within the manifest of the Helm release. 7529 + properties: 7530 + annotationSelector: 7531 + description: |- 7532 + AnnotationSelector is a string that follows the label selection expression 7533 + https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#api 7534 + It matches with the resource annotations. 7535 + type: string 7536 + group: 7537 + description: |- 7538 + Group is the API group to select resources from. 7539 + Together with Version and Kind it is capable of unambiguously identifying and/or selecting resources. 7540 + https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md 7541 + type: string 7542 + kind: 7543 + description: |- 7544 + Kind of the API Group to select resources from. 7545 + Together with Group and Version it is capable of unambiguously 7546 + identifying and/or selecting resources. 7547 + https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md 7548 + type: string 7549 + labelSelector: 7550 + description: |- 7551 + LabelSelector is a string that follows the label selection expression 7552 + https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#api 7553 + It matches with the resource labels. 7554 + type: string 7555 + name: 7556 + description: Name to match resources with. 7557 + type: string 7558 + namespace: 7559 + description: Namespace to select resources from. 7560 + type: string 7561 + version: 7562 + description: |- 7563 + Version of the API Group to select resources from. 7564 + Together with Group and Kind it is capable of unambiguously identifying and/or selecting resources. 7565 + https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md 7566 + type: string 7567 + type: object 7568 + required: 7569 + - paths 7570 + type: object 7571 + type: array 7572 + mode: 7573 + description: |- 7574 + Mode defines how differences should be handled between the Helm manifest 7575 + and the manifest currently applied to the cluster. 7576 + If not explicitly set, it defaults to DiffModeDisabled. 7577 + enum: 7578 + - enabled 7579 + - warn 7580 + - disabled 7581 + type: string 7582 + type: object 7583 + install: 7584 + description: Install holds the configuration for Helm install actions 7585 + for this HelmRelease. 7586 + properties: 7587 + crds: 7588 + description: |- 7589 + CRDs upgrade CRDs from the Helm Chart's crds directory according 7590 + to the CRD upgrade policy provided here. Valid values are `Skip`, 7591 + `Create` or `CreateReplace`. Default is `Create` and if omitted 7592 + CRDs are installed but not updated. 7593 + 7594 + Skip: do neither install nor replace (update) any CRDs. 7595 + 7596 + Create: new CRDs are created, existing CRDs are neither updated nor deleted. 7597 + 7598 + CreateReplace: new CRDs are created, existing CRDs are updated (replaced) 7599 + but not deleted. 7600 + 7601 + By default, CRDs are applied (installed) during Helm install action. 7602 + With this option users can opt in to CRD replace existing CRDs on Helm 7603 + install actions, which is not (yet) natively supported by Helm. 7604 + https://helm.sh/docs/chart_best_practices/custom_resource_definitions. 7605 + enum: 7606 + - Skip 7607 + - Create 7608 + - CreateReplace 7609 + type: string 7610 + createNamespace: 7611 + description: |- 7612 + CreateNamespace tells the Helm install action to create the 7613 + HelmReleaseSpec.TargetNamespace if it does not exist yet. 7614 + On uninstall, the namespace will not be garbage collected. 7615 + type: boolean 7616 + disableHooks: 7617 + description: DisableHooks prevents hooks from running during the 7618 + Helm install action. 7619 + type: boolean 7620 + disableOpenAPIValidation: 7621 + description: |- 7622 + DisableOpenAPIValidation prevents the Helm install action from validating 7623 + rendered templates against the Kubernetes OpenAPI Schema. 7624 + type: boolean 7625 + disableSchemaValidation: 7626 + description: |- 7627 + DisableSchemaValidation prevents the Helm install action from validating 7628 + the values against the JSON Schema. 7629 + type: boolean 7630 + disableTakeOwnership: 7631 + description: |- 7632 + DisableTakeOwnership disables taking ownership of existing resources 7633 + during the Helm install action. Defaults to false. 7634 + type: boolean 7635 + disableWait: 7636 + description: |- 7637 + DisableWait disables the waiting for resources to be ready after a Helm 7638 + install has been performed. 7639 + type: boolean 7640 + disableWaitForJobs: 7641 + description: |- 7642 + DisableWaitForJobs disables waiting for jobs to complete after a Helm 7643 + install has been performed. 7644 + type: boolean 7645 + remediation: 7646 + description: |- 7647 + Remediation holds the remediation configuration for when the Helm install 7648 + action for the HelmRelease fails. The default is to not perform any action. 7649 + properties: 7650 + ignoreTestFailures: 7651 + description: |- 7652 + IgnoreTestFailures tells the controller to skip remediation when the Helm 7653 + tests are run after an install action but fail. Defaults to 7654 + 'Test.IgnoreFailures'. 7655 + type: boolean 7656 + remediateLastFailure: 7657 + description: |- 7658 + RemediateLastFailure tells the controller to remediate the last failure, when 7659 + no retries remain. Defaults to 'false'. 7660 + type: boolean 7661 + retries: 7662 + description: |- 7663 + Retries is the number of retries that should be attempted on failures before 7664 + bailing. Remediation, using an uninstall, is performed between each attempt. 7665 + Defaults to '0', a negative integer equals to unlimited retries. 7666 + type: integer 7667 + type: object 7668 + replace: 7669 + description: |- 7670 + Replace tells the Helm install action to re-use the 'ReleaseName', but only 7671 + if that name is a deleted release which remains in the history. 7672 + type: boolean 7673 + skipCRDs: 7674 + description: |- 7675 + SkipCRDs tells the Helm install action to not install any CRDs. By default, 7676 + CRDs are installed if not already present. 7677 + 7678 + Deprecated use CRD policy (`crds`) attribute with value `Skip` instead. 7679 + type: boolean 7680 + timeout: 7681 + description: |- 7682 + Timeout is the time to wait for any individual Kubernetes operation (like 7683 + Jobs for hooks) during the performance of a Helm install action. Defaults to 7684 + 'HelmReleaseSpec.Timeout'. 7685 + pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$ 7686 + type: string 7687 + type: object 7688 + interval: 7689 + description: Interval at which to reconcile the Helm release. 7690 + pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$ 7691 + type: string 7692 + kubeConfig: 7693 + description: |- 7694 + KubeConfig for reconciling the HelmRelease on a remote cluster. 7695 + When used in combination with HelmReleaseSpec.ServiceAccountName, 7696 + forces the controller to act on behalf of that Service Account at the 7697 + target cluster. 7698 + If the --default-service-account flag is set, its value will be used as 7699 + a controller level fallback for when HelmReleaseSpec.ServiceAccountName 7700 + is empty. 7701 + properties: 7702 + secretRef: 7703 + description: |- 7704 + SecretRef holds the name of a secret that contains a key with 7705 + the kubeconfig file as the value. If no key is set, the key will default 7706 + to 'value'. 7707 + It is recommended that the kubeconfig is self-contained, and the secret 7708 + is regularly updated if credentials such as a cloud-access-token expire. 7709 + Cloud specific `cmd-path` auth helpers will not function without adding 7710 + binaries and credentials to the Pod that is responsible for reconciling 7711 + Kubernetes resources. 7712 + properties: 7713 + key: 7714 + description: Key in the Secret, when not specified an implementation-specific 7715 + default key is used. 7716 + type: string 7717 + name: 7718 + description: Name of the Secret. 7719 + type: string 7720 + required: 7721 + - name 7722 + type: object 7723 + required: 7724 + - secretRef 7725 + type: object 7726 + maxHistory: 7727 + description: |- 7728 + MaxHistory is the number of revisions saved by Helm for this HelmRelease. 7729 + Use '0' for an unlimited number of revisions; defaults to '5'. 7730 + type: integer 7731 + persistentClient: 7732 + description: |- 7733 + PersistentClient tells the controller to use a persistent Kubernetes 7734 + client for this release. When enabled, the client will be reused for the 7735 + duration of the reconciliation, instead of being created and destroyed 7736 + for each (step of a) Helm action. 7737 + 7738 + This can improve performance, but may cause issues with some Helm charts 7739 + that for example do create Custom Resource Definitions during installation 7740 + outside Helm's CRD lifecycle hooks, which are then not observed to be 7741 + available by e.g. post-install hooks. 7742 + 7743 + If not set, it defaults to true. 7744 + type: boolean 7745 + postRenderers: 7746 + description: |- 7747 + PostRenderers holds an array of Helm PostRenderers, which will be applied in order 7748 + of their definition. 7749 + items: 7750 + description: PostRenderer contains a Helm PostRenderer specification. 7751 + properties: 7752 + kustomize: 7753 + description: Kustomization to apply as PostRenderer. 7754 + properties: 7755 + images: 7756 + description: |- 7757 + Images is a list of (image name, new name, new tag or digest) 7758 + for changing image names, tags or digests. This can also be achieved with a 7759 + patch, but this operator is simpler to specify. 7760 + items: 7761 + description: Image contains an image name, a new name, 7762 + a new tag or digest, which will replace the original 7763 + name and tag. 7764 + properties: 7765 + digest: 7766 + description: |- 7767 + Digest is the value used to replace the original image tag. 7768 + If digest is present NewTag value is ignored. 7769 + type: string 7770 + name: 7771 + description: Name is a tag-less image name. 7772 + type: string 7773 + newName: 7774 + description: NewName is the value used to replace 7775 + the original name. 7776 + type: string 7777 + newTag: 7778 + description: NewTag is the value used to replace the 7779 + original tag. 7780 + type: string 7781 + required: 7782 + - name 7783 + type: object 7784 + type: array 7785 + patches: 7786 + description: |- 7787 + Strategic merge and JSON patches, defined as inline YAML objects, 7788 + capable of targeting objects based on kind, label and annotation selectors. 7789 + items: 7790 + description: |- 7791 + Patch contains an inline StrategicMerge or JSON6902 patch, and the target the patch should 7792 + be applied to. 7793 + properties: 7794 + patch: 7795 + description: |- 7796 + Patch contains an inline StrategicMerge patch or an inline JSON6902 patch with 7797 + an array of operation objects. 7798 + type: string 7799 + target: 7800 + description: Target points to the resources that the 7801 + patch document should be applied to. 7802 + properties: 7803 + annotationSelector: 7804 + description: |- 7805 + AnnotationSelector is a string that follows the label selection expression 7806 + https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#api 7807 + It matches with the resource annotations. 7808 + type: string 7809 + group: 7810 + description: |- 7811 + Group is the API group to select resources from. 7812 + Together with Version and Kind it is capable of unambiguously identifying and/or selecting resources. 7813 + https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md 7814 + type: string 7815 + kind: 7816 + description: |- 7817 + Kind of the API Group to select resources from. 7818 + Together with Group and Version it is capable of unambiguously 7819 + identifying and/or selecting resources. 7820 + https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md 7821 + type: string 7822 + labelSelector: 7823 + description: |- 7824 + LabelSelector is a string that follows the label selection expression 7825 + https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#api 7826 + It matches with the resource labels. 7827 + type: string 7828 + name: 7829 + description: Name to match resources with. 7830 + type: string 7831 + namespace: 7832 + description: Namespace to select resources from. 7833 + type: string 7834 + version: 7835 + description: |- 7836 + Version of the API Group to select resources from. 7837 + Together with Group and Kind it is capable of unambiguously identifying and/or selecting resources. 7838 + https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md 7839 + type: string 7840 + type: object 7841 + required: 7842 + - patch 7843 + type: object 7844 + type: array 7845 + type: object 7846 + type: object 7847 + type: array 7848 + releaseName: 7849 + description: |- 7850 + ReleaseName used for the Helm release. Defaults to a composition of 7851 + '[TargetNamespace-]Name'. 7852 + maxLength: 53 7853 + minLength: 1 7854 + type: string 7855 + rollback: 7856 + description: Rollback holds the configuration for Helm rollback actions 7857 + for this HelmRelease. 7858 + properties: 7859 + cleanupOnFail: 7860 + description: |- 7861 + CleanupOnFail allows deletion of new resources created during the Helm 7862 + rollback action when it fails. 7863 + type: boolean 7864 + disableHooks: 7865 + description: DisableHooks prevents hooks from running during the 7866 + Helm rollback action. 7867 + type: boolean 7868 + disableWait: 7869 + description: |- 7870 + DisableWait disables the waiting for resources to be ready after a Helm 7871 + rollback has been performed. 7872 + type: boolean 7873 + disableWaitForJobs: 7874 + description: |- 7875 + DisableWaitForJobs disables waiting for jobs to complete after a Helm 7876 + rollback has been performed. 7877 + type: boolean 7878 + force: 7879 + description: Force forces resource updates through a replacement 7880 + strategy. 7881 + type: boolean 7882 + recreate: 7883 + description: Recreate performs pod restarts for the resource if 7884 + applicable. 7885 + type: boolean 7886 + timeout: 7887 + description: |- 7888 + Timeout is the time to wait for any individual Kubernetes operation (like 7889 + Jobs for hooks) during the performance of a Helm rollback action. Defaults to 7890 + 'HelmReleaseSpec.Timeout'. 7891 + pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$ 7892 + type: string 7893 + type: object 7894 + serviceAccountName: 7895 + description: |- 7896 + The name of the Kubernetes service account to impersonate 7897 + when reconciling this HelmRelease. 7898 + maxLength: 253 7899 + minLength: 1 7900 + type: string 7901 + storageNamespace: 7902 + description: |- 7903 + StorageNamespace used for the Helm storage. 7904 + Defaults to the namespace of the HelmRelease. 7905 + maxLength: 63 7906 + minLength: 1 7907 + type: string 7908 + suspend: 7909 + description: |- 7910 + Suspend tells the controller to suspend reconciliation for this HelmRelease, 7911 + it does not apply to already started reconciliations. Defaults to false. 7912 + type: boolean 7913 + targetNamespace: 7914 + description: |- 7915 + TargetNamespace to target when performing operations for the HelmRelease. 7916 + Defaults to the namespace of the HelmRelease. 7917 + maxLength: 63 7918 + minLength: 1 7919 + type: string 7920 + test: 7921 + description: Test holds the configuration for Helm test actions for 7922 + this HelmRelease. 7923 + properties: 7924 + enable: 7925 + description: |- 7926 + Enable enables Helm test actions for this HelmRelease after an Helm install 7927 + or upgrade action has been performed. 7928 + type: boolean 7929 + filters: 7930 + description: Filters is a list of tests to run or exclude from 7931 + running. 7932 + items: 7933 + description: Filter holds the configuration for individual Helm 7934 + test filters. 7935 + properties: 7936 + exclude: 7937 + description: Exclude specifies whether the named test should 7938 + be excluded. 7939 + type: boolean 7940 + name: 7941 + description: Name is the name of the test. 7942 + maxLength: 253 7943 + minLength: 1 7944 + type: string 7945 + required: 7946 + - name 7947 + type: object 7948 + type: array 7949 + ignoreFailures: 7950 + description: |- 7951 + IgnoreFailures tells the controller to skip remediation when the Helm tests 7952 + are run but fail. Can be overwritten for tests run after install or upgrade 7953 + actions in 'Install.IgnoreTestFailures' and 'Upgrade.IgnoreTestFailures'. 7954 + type: boolean 7955 + timeout: 7956 + description: |- 7957 + Timeout is the time to wait for any individual Kubernetes operation during 7958 + the performance of a Helm test action. Defaults to 'HelmReleaseSpec.Timeout'. 7959 + pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$ 7960 + type: string 7961 + type: object 7962 + timeout: 7963 + description: |- 7964 + Timeout is the time to wait for any individual Kubernetes operation (like Jobs 7965 + for hooks) during the performance of a Helm action. Defaults to '5m0s'. 7966 + pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$ 7967 + type: string 7968 + uninstall: 7969 + description: Uninstall holds the configuration for Helm uninstall 7970 + actions for this HelmRelease. 7971 + properties: 7972 + deletionPropagation: 7973 + default: background 7974 + description: |- 7975 + DeletionPropagation specifies the deletion propagation policy when 7976 + a Helm uninstall is performed. 7977 + enum: 7978 + - background 7979 + - foreground 7980 + - orphan 7981 + type: string 7982 + disableHooks: 7983 + description: DisableHooks prevents hooks from running during the 7984 + Helm rollback action. 7985 + type: boolean 7986 + disableWait: 7987 + description: |- 7988 + DisableWait disables waiting for all the resources to be deleted after 7989 + a Helm uninstall is performed. 7990 + type: boolean 7991 + keepHistory: 7992 + description: |- 7993 + KeepHistory tells Helm to remove all associated resources and mark the 7994 + release as deleted, but retain the release history. 7995 + type: boolean 7996 + timeout: 7997 + description: |- 7998 + Timeout is the time to wait for any individual Kubernetes operation (like 7999 + Jobs for hooks) during the performance of a Helm uninstall action. Defaults 8000 + to 'HelmReleaseSpec.Timeout'. 8001 + pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$ 8002 + type: string 8003 + type: object 8004 + upgrade: 8005 + description: Upgrade holds the configuration for Helm upgrade actions 8006 + for this HelmRelease. 8007 + properties: 8008 + cleanupOnFail: 8009 + description: |- 8010 + CleanupOnFail allows deletion of new resources created during the Helm 8011 + upgrade action when it fails. 8012 + type: boolean 8013 + crds: 8014 + description: |- 8015 + CRDs upgrade CRDs from the Helm Chart's crds directory according 8016 + to the CRD upgrade policy provided here. Valid values are `Skip`, 8017 + `Create` or `CreateReplace`. Default is `Skip` and if omitted 8018 + CRDs are neither installed nor upgraded. 8019 + 8020 + Skip: do neither install nor replace (update) any CRDs. 8021 + 8022 + Create: new CRDs are created, existing CRDs are neither updated nor deleted. 8023 + 8024 + CreateReplace: new CRDs are created, existing CRDs are updated (replaced) 8025 + but not deleted. 8026 + 8027 + By default, CRDs are not applied during Helm upgrade action. With this 8028 + option users can opt-in to CRD upgrade, which is not (yet) natively supported by Helm. 8029 + https://helm.sh/docs/chart_best_practices/custom_resource_definitions. 8030 + enum: 8031 + - Skip 8032 + - Create 8033 + - CreateReplace 8034 + type: string 8035 + disableHooks: 8036 + description: DisableHooks prevents hooks from running during the 8037 + Helm upgrade action. 8038 + type: boolean 8039 + disableOpenAPIValidation: 8040 + description: |- 8041 + DisableOpenAPIValidation prevents the Helm upgrade action from validating 8042 + rendered templates against the Kubernetes OpenAPI Schema. 8043 + type: boolean 8044 + disableSchemaValidation: 8045 + description: |- 8046 + DisableSchemaValidation prevents the Helm upgrade action from validating 8047 + the values against the JSON Schema. 8048 + type: boolean 8049 + disableTakeOwnership: 8050 + description: |- 8051 + DisableTakeOwnership disables taking ownership of existing resources 8052 + during the Helm upgrade action. Defaults to false. 8053 + type: boolean 8054 + disableWait: 8055 + description: |- 8056 + DisableWait disables the waiting for resources to be ready after a Helm 8057 + upgrade has been performed. 8058 + type: boolean 8059 + disableWaitForJobs: 8060 + description: |- 8061 + DisableWaitForJobs disables waiting for jobs to complete after a Helm 8062 + upgrade has been performed. 8063 + type: boolean 8064 + force: 8065 + description: Force forces resource updates through a replacement 8066 + strategy. 8067 + type: boolean 8068 + preserveValues: 8069 + description: |- 8070 + PreserveValues will make Helm reuse the last release's values and merge in 8071 + overrides from 'Values'. Setting this flag makes the HelmRelease 8072 + non-declarative. 8073 + type: boolean 8074 + remediation: 8075 + description: |- 8076 + Remediation holds the remediation configuration for when the Helm upgrade 8077 + action for the HelmRelease fails. The default is to not perform any action. 8078 + properties: 8079 + ignoreTestFailures: 8080 + description: |- 8081 + IgnoreTestFailures tells the controller to skip remediation when the Helm 8082 + tests are run after an upgrade action but fail. 8083 + Defaults to 'Test.IgnoreFailures'. 8084 + type: boolean 8085 + remediateLastFailure: 8086 + description: |- 8087 + RemediateLastFailure tells the controller to remediate the last failure, when 8088 + no retries remain. Defaults to 'false' unless 'Retries' is greater than 0. 8089 + type: boolean 8090 + retries: 8091 + description: |- 8092 + Retries is the number of retries that should be attempted on failures before 8093 + bailing. Remediation, using 'Strategy', is performed between each attempt. 8094 + Defaults to '0', a negative integer equals to unlimited retries. 8095 + type: integer 8096 + strategy: 8097 + description: Strategy to use for failure remediation. Defaults 8098 + to 'rollback'. 8099 + enum: 8100 + - rollback 8101 + - uninstall 8102 + type: string 8103 + type: object 8104 + timeout: 8105 + description: |- 8106 + Timeout is the time to wait for any individual Kubernetes operation (like 8107 + Jobs for hooks) during the performance of a Helm upgrade action. Defaults to 8108 + 'HelmReleaseSpec.Timeout'. 8109 + pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$ 8110 + type: string 8111 + type: object 8112 + values: 8113 + description: Values holds the values for this Helm release. 8114 + x-kubernetes-preserve-unknown-fields: true 8115 + valuesFrom: 8116 + description: |- 8117 + ValuesFrom holds references to resources containing Helm values for this HelmRelease, 8118 + and information about how they should be merged. 8119 + items: 8120 + description: |- 8121 + ValuesReference contains a reference to a resource containing Helm values, 8122 + and optionally the key they can be found at. 8123 + properties: 8124 + kind: 8125 + description: Kind of the values referent, valid values are ('Secret', 8126 + 'ConfigMap'). 8127 + enum: 8128 + - Secret 8129 + - ConfigMap 8130 + type: string 8131 + name: 8132 + description: |- 8133 + Name of the values referent. Should reside in the same namespace as the 8134 + referring resource. 8135 + maxLength: 253 8136 + minLength: 1 8137 + type: string 8138 + optional: 8139 + description: |- 8140 + Optional marks this ValuesReference as optional. When set, a not found error 8141 + for the values reference is ignored, but any ValuesKey, TargetPath or 8142 + transient error will still result in a reconciliation failure. 8143 + type: boolean 8144 + targetPath: 8145 + description: |- 8146 + TargetPath is the YAML dot notation path the value should be merged at. When 8147 + set, the ValuesKey is expected to be a single flat value. Defaults to 'None', 8148 + which results in the values getting merged at the root. 8149 + maxLength: 250 8150 + pattern: ^([a-zA-Z0-9_\-.\\\/]|\[[0-9]{1,5}\])+$ 8151 + type: string 8152 + valuesKey: 8153 + description: |- 8154 + ValuesKey is the data key where the values.yaml or a specific value can be 8155 + found at. Defaults to 'values.yaml'. 8156 + maxLength: 253 8157 + pattern: ^[\-._a-zA-Z0-9]+$ 8158 + type: string 8159 + required: 8160 + - kind 8161 + - name 8162 + type: object 8163 + type: array 8164 + required: 8165 + - interval 8166 + type: object 8167 + x-kubernetes-validations: 8168 + - message: either chart or chartRef must be set 8169 + rule: (has(self.chart) && !has(self.chartRef)) || (!has(self.chart) 8170 + && has(self.chartRef)) 8171 + status: 8172 + default: 8173 + observedGeneration: -1 8174 + description: HelmReleaseStatus defines the observed state of a HelmRelease. 8175 + properties: 8176 + conditions: 8177 + description: Conditions holds the conditions for the HelmRelease. 8178 + items: 8179 + description: Condition contains details for one aspect of the current 8180 + state of this API Resource. 8181 + properties: 8182 + lastTransitionTime: 8183 + description: |- 8184 + lastTransitionTime is the last time the condition transitioned from one status to another. 8185 + This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. 8186 + format: date-time 8187 + type: string 8188 + message: 8189 + description: |- 8190 + message is a human readable message indicating details about the transition. 8191 + This may be an empty string. 8192 + maxLength: 32768 8193 + type: string 8194 + observedGeneration: 8195 + description: |- 8196 + observedGeneration represents the .metadata.generation that the condition was set based upon. 8197 + For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date 8198 + with respect to the current state of the instance. 8199 + format: int64 8200 + minimum: 0 8201 + type: integer 8202 + reason: 8203 + description: |- 8204 + reason contains a programmatic identifier indicating the reason for the condition's last transition. 8205 + Producers of specific condition types may define expected values and meanings for this field, 8206 + and whether the values are considered a guaranteed API. 8207 + The value should be a CamelCase string. 8208 + This field may not be empty. 8209 + maxLength: 1024 8210 + minLength: 1 8211 + pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ 8212 + type: string 8213 + status: 8214 + description: status of the condition, one of True, False, Unknown. 8215 + enum: 8216 + - "True" 8217 + - "False" 8218 + - Unknown 8219 + type: string 8220 + type: 8221 + description: type of condition in CamelCase or in foo.example.com/CamelCase. 8222 + maxLength: 316 8223 + pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ 8224 + type: string 8225 + required: 8226 + - lastTransitionTime 8227 + - message 8228 + - reason 8229 + - status 8230 + - type 8231 + type: object 8232 + type: array 8233 + failures: 8234 + description: |- 8235 + Failures is the reconciliation failure count against the latest desired 8236 + state. It is reset after a successful reconciliation. 8237 + format: int64 8238 + type: integer 8239 + helmChart: 8240 + description: |- 8241 + HelmChart is the namespaced name of the HelmChart resource created by 8242 + the controller for the HelmRelease. 8243 + type: string 8244 + history: 8245 + description: |- 8246 + History holds the history of Helm releases performed for this HelmRelease 8247 + up to the last successfully completed release. 8248 + items: 8249 + description: |- 8250 + Snapshot captures a point-in-time copy of the status information for a Helm release, 8251 + as managed by the controller. 8252 + properties: 8253 + apiVersion: 8254 + description: |- 8255 + APIVersion is the API version of the Snapshot. 8256 + Provisional: when the calculation method of the Digest field is changed, 8257 + this field will be used to distinguish between the old and new methods. 8258 + type: string 8259 + appVersion: 8260 + description: AppVersion is the chart app version of the release 8261 + object in storage. 8262 + type: string 8263 + chartName: 8264 + description: ChartName is the chart name of the release object 8265 + in storage. 8266 + type: string 8267 + chartVersion: 8268 + description: |- 8269 + ChartVersion is the chart version of the release object in 8270 + storage. 8271 + type: string 8272 + configDigest: 8273 + description: |- 8274 + ConfigDigest is the checksum of the config (better known as 8275 + "values") of the release object in storage. 8276 + It has the format of `<algo>:<checksum>`. 8277 + type: string 8278 + deleted: 8279 + description: Deleted is when the release was deleted. 8280 + format: date-time 8281 + type: string 8282 + digest: 8283 + description: |- 8284 + Digest is the checksum of the release object in storage. 8285 + It has the format of `<algo>:<checksum>`. 8286 + type: string 8287 + firstDeployed: 8288 + description: FirstDeployed is when the release was first deployed. 8289 + format: date-time 8290 + type: string 8291 + lastDeployed: 8292 + description: LastDeployed is when the release was last deployed. 8293 + format: date-time 8294 + type: string 8295 + name: 8296 + description: Name is the name of the release. 8297 + type: string 8298 + namespace: 8299 + description: Namespace is the namespace the release is deployed 8300 + to. 8301 + type: string 8302 + ociDigest: 8303 + description: OCIDigest is the digest of the OCI artifact associated 8304 + with the release. 8305 + type: string 8306 + status: 8307 + description: Status is the current state of the release. 8308 + type: string 8309 + testHooks: 8310 + additionalProperties: 8311 + description: |- 8312 + TestHookStatus holds the status information for a test hook as observed 8313 + to be run by the controller. 8314 + properties: 8315 + lastCompleted: 8316 + description: LastCompleted is the time the test hook last 8317 + completed. 8318 + format: date-time 8319 + type: string 8320 + lastStarted: 8321 + description: LastStarted is the time the test hook was 8322 + last started. 8323 + format: date-time 8324 + type: string 8325 + phase: 8326 + description: Phase the test hook was observed to be in. 8327 + type: string 8328 + type: object 8329 + description: |- 8330 + TestHooks is the list of test hooks for the release as observed to be 8331 + run by the controller. 8332 + type: object 8333 + version: 8334 + description: Version is the version of the release object in 8335 + storage. 8336 + type: integer 8337 + required: 8338 + - chartName 8339 + - chartVersion 8340 + - configDigest 8341 + - digest 8342 + - firstDeployed 8343 + - lastDeployed 8344 + - name 8345 + - namespace 8346 + - status 8347 + - version 8348 + type: object 8349 + type: array 8350 + installFailures: 8351 + description: |- 8352 + InstallFailures is the install failure count against the latest desired 8353 + state. It is reset after a successful reconciliation. 8354 + format: int64 8355 + type: integer 8356 + lastAttemptedConfigDigest: 8357 + description: |- 8358 + LastAttemptedConfigDigest is the digest for the config (better known as 8359 + "values") of the last reconciliation attempt. 8360 + type: string 8361 + lastAttemptedGeneration: 8362 + description: |- 8363 + LastAttemptedGeneration is the last generation the controller attempted 8364 + to reconcile. 8365 + format: int64 8366 + type: integer 8367 + lastAttemptedReleaseAction: 8368 + description: |- 8369 + LastAttemptedReleaseAction is the last release action performed for this 8370 + HelmRelease. It is used to determine the active remediation strategy. 8371 + enum: 8372 + - install 8373 + - upgrade 8374 + type: string 8375 + lastAttemptedRevision: 8376 + description: |- 8377 + LastAttemptedRevision is the Source revision of the last reconciliation 8378 + attempt. For OCIRepository sources, the 12 first characters of the digest are 8379 + appended to the chart version e.g. "1.2.3+1234567890ab". 8380 + type: string 8381 + lastAttemptedRevisionDigest: 8382 + description: |- 8383 + LastAttemptedRevisionDigest is the digest of the last reconciliation attempt. 8384 + This is only set for OCIRepository sources. 8385 + type: string 8386 + lastAttemptedValuesChecksum: 8387 + description: |- 8388 + LastAttemptedValuesChecksum is the SHA1 checksum for the values of the last 8389 + reconciliation attempt. 8390 + Deprecated: Use LastAttemptedConfigDigest instead. 8391 + type: string 8392 + lastHandledForceAt: 8393 + description: |- 8394 + LastHandledForceAt holds the value of the most recent force request 8395 + value, so a change of the annotation value can be detected. 8396 + type: string 8397 + lastHandledReconcileAt: 8398 + description: |- 8399 + LastHandledReconcileAt holds the value of the most recent 8400 + reconcile request value, so a change of the annotation value 8401 + can be detected. 8402 + type: string 8403 + lastHandledResetAt: 8404 + description: |- 8405 + LastHandledResetAt holds the value of the most recent reset request 8406 + value, so a change of the annotation value can be detected. 8407 + type: string 8408 + lastReleaseRevision: 8409 + description: |- 8410 + LastReleaseRevision is the revision of the last successful Helm release. 8411 + Deprecated: Use History instead. 8412 + type: integer 8413 + observedGeneration: 8414 + description: ObservedGeneration is the last observed generation. 8415 + format: int64 8416 + type: integer 8417 + observedPostRenderersDigest: 8418 + description: |- 8419 + ObservedPostRenderersDigest is the digest for the post-renderers of 8420 + the last successful reconciliation attempt. 8421 + type: string 8422 + storageNamespace: 8423 + description: |- 8424 + StorageNamespace is the namespace of the Helm release storage for the 8425 + current release. 8426 + maxLength: 63 8427 + minLength: 1 8428 + type: string 8429 + upgradeFailures: 8430 + description: |- 8431 + UpgradeFailures is the upgrade failure count against the latest desired 8432 + state. It is reset after a successful reconciliation. 8433 + format: int64 8434 + type: integer 8435 + type: object 8436 + type: object 8437 + served: true 8438 + storage: true 8439 + subresources: 8440 + status: {} 8441 + - additionalPrinterColumns: 8442 + - jsonPath: .metadata.creationTimestamp 8443 + name: Age 8444 + type: date 8445 + - jsonPath: .status.conditions[?(@.type=="Ready")].status 8446 + name: Ready 8447 + type: string 8448 + - jsonPath: .status.conditions[?(@.type=="Ready")].message 8449 + name: Status 8450 + type: string 8451 + deprecated: true 8452 + deprecationWarning: v2beta1 HelmRelease is deprecated, upgrade to v2 8453 + name: v2beta1 8454 + schema: 8455 + openAPIV3Schema: 8456 + description: HelmRelease is the Schema for the helmreleases API 8457 + properties: 8458 + apiVersion: 8459 + description: |- 8460 + APIVersion defines the versioned schema of this representation of an object. 8461 + Servers should convert recognized schemas to the latest internal value, and 8462 + may reject unrecognized values. 8463 + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources 8464 + type: string 8465 + kind: 8466 + description: |- 8467 + Kind is a string value representing the REST resource this object represents. 8468 + Servers may infer this from the endpoint the client submits requests to. 8469 + Cannot be updated. 8470 + In CamelCase. 8471 + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds 8472 + type: string 8473 + metadata: 8474 + type: object 8475 + spec: 8476 + description: HelmReleaseSpec defines the desired state of a Helm release. 8477 + properties: 8478 + chart: 8479 + description: |- 8480 + Chart defines the template of the v1beta2.HelmChart that should be created 8481 + for this HelmRelease. 8482 + properties: 8483 + metadata: 8484 + description: ObjectMeta holds the template for metadata like labels 8485 + and annotations. 8486 + properties: 8487 + annotations: 8488 + additionalProperties: 8489 + type: string 8490 + description: |- 8491 + Annotations is an unstructured key value map stored with a resource that may be 8492 + set by external tools to store and retrieve arbitrary metadata. They are not 8493 + queryable and should be preserved when modifying objects. 8494 + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations/ 8495 + type: object 8496 + labels: 8497 + additionalProperties: 8498 + type: string 8499 + description: |- 8500 + Map of string keys and values that can be used to organize and categorize 8501 + (scope and select) objects. 8502 + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/ 8503 + type: object 8504 + type: object 8505 + spec: 8506 + description: Spec holds the template for the v1beta2.HelmChartSpec 8507 + for this HelmRelease. 8508 + properties: 8509 + chart: 8510 + description: The name or path the Helm chart is available 8511 + at in the SourceRef. 8512 + type: string 8513 + interval: 8514 + description: |- 8515 + Interval at which to check the v1beta2.Source for updates. Defaults to 8516 + 'HelmReleaseSpec.Interval'. 8517 + pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$ 8518 + type: string 8519 + reconcileStrategy: 8520 + default: ChartVersion 8521 + description: |- 8522 + Determines what enables the creation of a new artifact. Valid values are 8523 + ('ChartVersion', 'Revision'). 8524 + See the documentation of the values for an explanation on their behavior. 8525 + Defaults to ChartVersion when omitted. 8526 + enum: 8527 + - ChartVersion 8528 + - Revision 8529 + type: string 8530 + sourceRef: 8531 + description: The name and namespace of the v1beta2.Source 8532 + the chart is available at. 8533 + properties: 8534 + apiVersion: 8535 + description: APIVersion of the referent. 8536 + type: string 8537 + kind: 8538 + description: Kind of the referent. 8539 + enum: 8540 + - HelmRepository 8541 + - GitRepository 8542 + - Bucket 8543 + type: string 8544 + name: 8545 + description: Name of the referent. 8546 + maxLength: 253 8547 + minLength: 1 8548 + type: string 8549 + namespace: 8550 + description: Namespace of the referent. 8551 + maxLength: 63 8552 + minLength: 1 8553 + type: string 8554 + required: 8555 + - kind 8556 + - name 8557 + type: object 8558 + valuesFile: 8559 + description: |- 8560 + Alternative values file to use as the default chart values, expected to 8561 + be a relative path in the SourceRef. Deprecated in favor of ValuesFiles, 8562 + for backwards compatibility the file defined here is merged before the 8563 + ValuesFiles items. Ignored when omitted. 8564 + type: string 8565 + valuesFiles: 8566 + description: |- 8567 + Alternative list of values files to use as the chart values (values.yaml 8568 + is not included by default), expected to be a relative path in the SourceRef. 8569 + Values files are merged in the order of this list with the last file overriding 8570 + the first. Ignored when omitted. 8571 + items: 8572 + type: string 8573 + type: array 8574 + verify: 8575 + description: |- 8576 + Verify contains the secret name containing the trusted public keys 8577 + used to verify the signature and specifies which provider to use to check 8578 + whether OCI image is authentic. 8579 + This field is only supported for OCI sources. 8580 + Chart dependencies, which are not bundled in the umbrella chart artifact, are not verified. 8581 + properties: 8582 + provider: 8583 + default: cosign 8584 + description: Provider specifies the technology used to 8585 + sign the OCI Helm chart. 8586 + enum: 8587 + - cosign 8588 + type: string 8589 + secretRef: 8590 + description: |- 8591 + SecretRef specifies the Kubernetes Secret containing the 8592 + trusted public keys. 8593 + properties: 8594 + name: 8595 + description: Name of the referent. 8596 + type: string 8597 + required: 8598 + - name 8599 + type: object 8600 + required: 8601 + - provider 8602 + type: object 8603 + version: 8604 + default: '*' 8605 + description: |- 8606 + Version semver expression, ignored for charts from v1beta2.GitRepository and 8607 + v1beta2.Bucket sources. Defaults to latest when omitted. 8608 + type: string 8609 + required: 8610 + - chart 8611 + - sourceRef 8612 + type: object 8613 + required: 8614 + - spec 8615 + type: object 8616 + chartRef: 8617 + description: |- 8618 + ChartRef holds a reference to a source controller resource containing the 8619 + Helm chart artifact. 8620 + 8621 + Note: this field is provisional to the v2 API, and not actively used 8622 + by v2beta1 HelmReleases. 8623 + properties: 8624 + apiVersion: 8625 + description: APIVersion of the referent. 8626 + type: string 8627 + kind: 8628 + description: Kind of the referent. 8629 + enum: 8630 + - OCIRepository 8631 + - HelmChart 8632 + type: string 8633 + name: 8634 + description: Name of the referent. 8635 + maxLength: 253 8636 + minLength: 1 8637 + type: string 8638 + namespace: 8639 + description: |- 8640 + Namespace of the referent, defaults to the namespace of the Kubernetes 8641 + resource object that contains the reference. 8642 + maxLength: 63 8643 + minLength: 1 8644 + type: string 8645 + required: 8646 + - kind 8647 + - name 8648 + type: object 8649 + dependsOn: 8650 + description: |- 8651 + DependsOn may contain a meta.NamespacedObjectReference slice with 8652 + references to HelmRelease resources that must be ready before this HelmRelease 8653 + can be reconciled. 8654 + items: 8655 + description: |- 8656 + NamespacedObjectReference contains enough information to locate the referenced Kubernetes resource object in any 8657 + namespace. 8658 + properties: 8659 + name: 8660 + description: Name of the referent. 8661 + type: string 8662 + namespace: 8663 + description: Namespace of the referent, when not specified it 8664 + acts as LocalObjectReference. 8665 + type: string 8666 + required: 8667 + - name 8668 + type: object 8669 + type: array 8670 + driftDetection: 8671 + description: |- 8672 + DriftDetection holds the configuration for detecting and handling 8673 + differences between the manifest in the Helm storage and the resources 8674 + currently existing in the cluster. 8675 + 8676 + Note: this field is provisional to the v2beta2 API, and not actively used 8677 + by v2beta1 HelmReleases. 8678 + properties: 8679 + ignore: 8680 + description: |- 8681 + Ignore contains a list of rules for specifying which changes to ignore 8682 + during diffing. 8683 + items: 8684 + description: |- 8685 + IgnoreRule defines a rule to selectively disregard specific changes during 8686 + the drift detection process. 8687 + properties: 8688 + paths: 8689 + description: |- 8690 + Paths is a list of JSON Pointer (RFC 6901) paths to be excluded from 8691 + consideration in a Kubernetes object. 8692 + items: 8693 + type: string 8694 + type: array 8695 + target: 8696 + description: |- 8697 + Target is a selector for specifying Kubernetes objects to which this 8698 + rule applies. 8699 + If Target is not set, the Paths will be ignored for all Kubernetes 8700 + objects within the manifest of the Helm release. 8701 + properties: 8702 + annotationSelector: 8703 + description: |- 8704 + AnnotationSelector is a string that follows the label selection expression 8705 + https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#api 8706 + It matches with the resource annotations. 8707 + type: string 8708 + group: 8709 + description: |- 8710 + Group is the API group to select resources from. 8711 + Together with Version and Kind it is capable of unambiguously identifying and/or selecting resources. 8712 + https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md 8713 + type: string 8714 + kind: 8715 + description: |- 8716 + Kind of the API Group to select resources from. 8717 + Together with Group and Version it is capable of unambiguously 8718 + identifying and/or selecting resources. 8719 + https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md 8720 + type: string 8721 + labelSelector: 8722 + description: |- 8723 + LabelSelector is a string that follows the label selection expression 8724 + https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#api 8725 + It matches with the resource labels. 8726 + type: string 8727 + name: 8728 + description: Name to match resources with. 8729 + type: string 8730 + namespace: 8731 + description: Namespace to select resources from. 8732 + type: string 8733 + version: 8734 + description: |- 8735 + Version of the API Group to select resources from. 8736 + Together with Group and Kind it is capable of unambiguously identifying and/or selecting resources. 8737 + https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md 8738 + type: string 8739 + type: object 8740 + required: 8741 + - paths 8742 + type: object 8743 + type: array 8744 + mode: 8745 + description: |- 8746 + Mode defines how differences should be handled between the Helm manifest 8747 + and the manifest currently applied to the cluster. 8748 + If not explicitly set, it defaults to DiffModeDisabled. 8749 + enum: 8750 + - enabled 8751 + - warn 8752 + - disabled 8753 + type: string 8754 + type: object 8755 + install: 8756 + description: Install holds the configuration for Helm install actions 8757 + for this HelmRelease. 8758 + properties: 8759 + crds: 8760 + description: |- 8761 + CRDs upgrade CRDs from the Helm Chart's crds directory according 8762 + to the CRD upgrade policy provided here. Valid values are `Skip`, 8763 + `Create` or `CreateReplace`. Default is `Create` and if omitted 8764 + CRDs are installed but not updated. 8765 + 8766 + Skip: do neither install nor replace (update) any CRDs. 8767 + 8768 + Create: new CRDs are created, existing CRDs are neither updated nor deleted. 8769 + 8770 + CreateReplace: new CRDs are created, existing CRDs are updated (replaced) 8771 + but not deleted. 8772 + 8773 + By default, CRDs are applied (installed) during Helm install action. 8774 + With this option users can opt-in to CRD replace existing CRDs on Helm 8775 + install actions, which is not (yet) natively supported by Helm. 8776 + https://helm.sh/docs/chart_best_practices/custom_resource_definitions. 8777 + enum: 8778 + - Skip 8779 + - Create 8780 + - CreateReplace 8781 + type: string 8782 + createNamespace: 8783 + description: |- 8784 + CreateNamespace tells the Helm install action to create the 8785 + HelmReleaseSpec.TargetNamespace if it does not exist yet. 8786 + On uninstall, the namespace will not be garbage collected. 8787 + type: boolean 8788 + disableHooks: 8789 + description: DisableHooks prevents hooks from running during the 8790 + Helm install action. 8791 + type: boolean 8792 + disableOpenAPIValidation: 8793 + description: |- 8794 + DisableOpenAPIValidation prevents the Helm install action from validating 8795 + rendered templates against the Kubernetes OpenAPI Schema. 8796 + type: boolean 8797 + disableWait: 8798 + description: |- 8799 + DisableWait disables the waiting for resources to be ready after a Helm 8800 + install has been performed. 8801 + type: boolean 8802 + disableWaitForJobs: 8803 + description: |- 8804 + DisableWaitForJobs disables waiting for jobs to complete after a Helm 8805 + install has been performed. 8806 + type: boolean 8807 + remediation: 8808 + description: |- 8809 + Remediation holds the remediation configuration for when the Helm install 8810 + action for the HelmRelease fails. The default is to not perform any action. 8811 + properties: 8812 + ignoreTestFailures: 8813 + description: |- 8814 + IgnoreTestFailures tells the controller to skip remediation when the Helm 8815 + tests are run after an install action but fail. Defaults to 8816 + 'Test.IgnoreFailures'. 8817 + type: boolean 8818 + remediateLastFailure: 8819 + description: |- 8820 + RemediateLastFailure tells the controller to remediate the last failure, when 8821 + no retries remain. Defaults to 'false'. 8822 + type: boolean 8823 + retries: 8824 + description: |- 8825 + Retries is the number of retries that should be attempted on failures before 8826 + bailing. Remediation, using an uninstall, is performed between each attempt. 8827 + Defaults to '0', a negative integer equals to unlimited retries. 8828 + type: integer 8829 + type: object 8830 + replace: 8831 + description: |- 8832 + Replace tells the Helm install action to re-use the 'ReleaseName', but only 8833 + if that name is a deleted release which remains in the history. 8834 + type: boolean 8835 + skipCRDs: 8836 + description: |- 8837 + SkipCRDs tells the Helm install action to not install any CRDs. By default, 8838 + CRDs are installed if not already present. 8839 + 8840 + Deprecated use CRD policy (`crds`) attribute with value `Skip` instead. 8841 + type: boolean 8842 + timeout: 8843 + description: |- 8844 + Timeout is the time to wait for any individual Kubernetes operation (like 8845 + Jobs for hooks) during the performance of a Helm install action. Defaults to 8846 + 'HelmReleaseSpec.Timeout'. 8847 + pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$ 8848 + type: string 8849 + type: object 8850 + interval: 8851 + description: |- 8852 + Interval at which to reconcile the Helm release. 8853 + This interval is approximate and may be subject to jitter to ensure 8854 + efficient use of resources. 8855 + pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$ 8856 + type: string 8857 + kubeConfig: 8858 + description: |- 8859 + KubeConfig for reconciling the HelmRelease on a remote cluster. 8860 + When used in combination with HelmReleaseSpec.ServiceAccountName, 8861 + forces the controller to act on behalf of that Service Account at the 8862 + target cluster. 8863 + If the --default-service-account flag is set, its value will be used as 8864 + a controller level fallback for when HelmReleaseSpec.ServiceAccountName 8865 + is empty. 8866 + properties: 8867 + secretRef: 8868 + description: |- 8869 + SecretRef holds the name of a secret that contains a key with 8870 + the kubeconfig file as the value. If no key is set, the key will default 8871 + to 'value'. 8872 + It is recommended that the kubeconfig is self-contained, and the secret 8873 + is regularly updated if credentials such as a cloud-access-token expire. 8874 + Cloud specific `cmd-path` auth helpers will not function without adding 8875 + binaries and credentials to the Pod that is responsible for reconciling 8876 + Kubernetes resources. 8877 + properties: 8878 + key: 8879 + description: Key in the Secret, when not specified an implementation-specific 8880 + default key is used. 8881 + type: string 8882 + name: 8883 + description: Name of the Secret. 8884 + type: string 8885 + required: 8886 + - name 8887 + type: object 8888 + required: 8889 + - secretRef 8890 + type: object 8891 + maxHistory: 8892 + description: |- 8893 + MaxHistory is the number of revisions saved by Helm for this HelmRelease. 8894 + Use '0' for an unlimited number of revisions; defaults to '10'. 8895 + type: integer 8896 + persistentClient: 8897 + description: |- 8898 + PersistentClient tells the controller to use a persistent Kubernetes 8899 + client for this release. When enabled, the client will be reused for the 8900 + duration of the reconciliation, instead of being created and destroyed 8901 + for each (step of a) Helm action. 8902 + 8903 + This can improve performance, but may cause issues with some Helm charts 8904 + that for example do create Custom Resource Definitions during installation 8905 + outside Helm's CRD lifecycle hooks, which are then not observed to be 8906 + available by e.g. post-install hooks. 8907 + 8908 + If not set, it defaults to true. 8909 + type: boolean 8910 + postRenderers: 8911 + description: |- 8912 + PostRenderers holds an array of Helm PostRenderers, which will be applied in order 8913 + of their definition. 8914 + items: 8915 + description: PostRenderer contains a Helm PostRenderer specification. 8916 + properties: 8917 + kustomize: 8918 + description: Kustomization to apply as PostRenderer. 8919 + properties: 8920 + images: 8921 + description: |- 8922 + Images is a list of (image name, new name, new tag or digest) 8923 + for changing image names, tags or digests. This can also be achieved with a 8924 + patch, but this operator is simpler to specify. 8925 + items: 8926 + description: Image contains an image name, a new name, 8927 + a new tag or digest, which will replace the original 8928 + name and tag. 8929 + properties: 8930 + digest: 8931 + description: |- 8932 + Digest is the value used to replace the original image tag. 8933 + If digest is present NewTag value is ignored. 8934 + type: string 8935 + name: 8936 + description: Name is a tag-less image name. 8937 + type: string 8938 + newName: 8939 + description: NewName is the value used to replace 8940 + the original name. 8941 + type: string 8942 + newTag: 8943 + description: NewTag is the value used to replace the 8944 + original tag. 8945 + type: string 8946 + required: 8947 + - name 8948 + type: object 8949 + type: array 8950 + patches: 8951 + description: |- 8952 + Strategic merge and JSON patches, defined as inline YAML objects, 8953 + capable of targeting objects based on kind, label and annotation selectors. 8954 + items: 8955 + description: |- 8956 + Patch contains an inline StrategicMerge or JSON6902 patch, and the target the patch should 8957 + be applied to. 8958 + properties: 8959 + patch: 8960 + description: |- 8961 + Patch contains an inline StrategicMerge patch or an inline JSON6902 patch with 8962 + an array of operation objects. 8963 + type: string 8964 + target: 8965 + description: Target points to the resources that the 8966 + patch document should be applied to. 8967 + properties: 8968 + annotationSelector: 8969 + description: |- 8970 + AnnotationSelector is a string that follows the label selection expression 8971 + https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#api 8972 + It matches with the resource annotations. 8973 + type: string 8974 + group: 8975 + description: |- 8976 + Group is the API group to select resources from. 8977 + Together with Version and Kind it is capable of unambiguously identifying and/or selecting resources. 8978 + https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md 8979 + type: string 8980 + kind: 8981 + description: |- 8982 + Kind of the API Group to select resources from. 8983 + Together with Group and Version it is capable of unambiguously 8984 + identifying and/or selecting resources. 8985 + https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md 8986 + type: string 8987 + labelSelector: 8988 + description: |- 8989 + LabelSelector is a string that follows the label selection expression 8990 + https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#api 8991 + It matches with the resource labels. 8992 + type: string 8993 + name: 8994 + description: Name to match resources with. 8995 + type: string 8996 + namespace: 8997 + description: Namespace to select resources from. 8998 + type: string 8999 + version: 9000 + description: |- 9001 + Version of the API Group to select resources from. 9002 + Together with Group and Kind it is capable of unambiguously identifying and/or selecting resources. 9003 + https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md 9004 + type: string 9005 + type: object 9006 + required: 9007 + - patch 9008 + type: object 9009 + type: array 9010 + patchesJson6902: 9011 + description: JSON 6902 patches, defined as inline YAML objects. 9012 + items: 9013 + description: JSON6902Patch contains a JSON6902 patch and 9014 + the target the patch should be applied to. 9015 + properties: 9016 + patch: 9017 + description: Patch contains the JSON6902 patch document 9018 + with an array of operation objects. 9019 + items: 9020 + description: |- 9021 + JSON6902 is a JSON6902 operation object. 9022 + https://datatracker.ietf.org/doc/html/rfc6902#section-4 9023 + properties: 9024 + from: 9025 + description: |- 9026 + From contains a JSON-pointer value that references a location within the target document where the operation is 9027 + performed. The meaning of the value depends on the value of Op, and is NOT taken into account by all operations. 9028 + type: string 9029 + op: 9030 + description: |- 9031 + Op indicates the operation to perform. Its value MUST be one of "add", "remove", "replace", "move", "copy", or 9032 + "test". 9033 + https://datatracker.ietf.org/doc/html/rfc6902#section-4 9034 + enum: 9035 + - test 9036 + - remove 9037 + - add 9038 + - replace 9039 + - move 9040 + - copy 9041 + type: string 9042 + path: 9043 + description: |- 9044 + Path contains the JSON-pointer value that references a location within the target document where the operation 9045 + is performed. The meaning of the value depends on the value of Op. 9046 + type: string 9047 + value: 9048 + description: |- 9049 + Value contains a valid JSON structure. The meaning of the value depends on the value of Op, and is NOT taken into 9050 + account by all operations. 9051 + x-kubernetes-preserve-unknown-fields: true 9052 + required: 9053 + - op 9054 + - path 9055 + type: object 9056 + type: array 9057 + target: 9058 + description: Target points to the resources that the 9059 + patch document should be applied to. 9060 + properties: 9061 + annotationSelector: 9062 + description: |- 9063 + AnnotationSelector is a string that follows the label selection expression 9064 + https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#api 9065 + It matches with the resource annotations. 9066 + type: string 9067 + group: 9068 + description: |- 9069 + Group is the API group to select resources from. 9070 + Together with Version and Kind it is capable of unambiguously identifying and/or selecting resources. 9071 + https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md 9072 + type: string 9073 + kind: 9074 + description: |- 9075 + Kind of the API Group to select resources from. 9076 + Together with Group and Version it is capable of unambiguously 9077 + identifying and/or selecting resources. 9078 + https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md 9079 + type: string 9080 + labelSelector: 9081 + description: |- 9082 + LabelSelector is a string that follows the label selection expression 9083 + https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#api 9084 + It matches with the resource labels. 9085 + type: string 9086 + name: 9087 + description: Name to match resources with. 9088 + type: string 9089 + namespace: 9090 + description: Namespace to select resources from. 9091 + type: string 9092 + version: 9093 + description: |- 9094 + Version of the API Group to select resources from. 9095 + Together with Group and Kind it is capable of unambiguously identifying and/or selecting resources. 9096 + https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md 9097 + type: string 9098 + type: object 9099 + required: 9100 + - patch 9101 + - target 9102 + type: object 9103 + type: array 9104 + patchesStrategicMerge: 9105 + description: Strategic merge patches, defined as inline 9106 + YAML objects. 9107 + items: 9108 + x-kubernetes-preserve-unknown-fields: true 9109 + type: array 9110 + type: object 9111 + type: object 9112 + type: array 9113 + releaseName: 9114 + description: |- 9115 + ReleaseName used for the Helm release. Defaults to a composition of 9116 + '[TargetNamespace-]Name'. 9117 + maxLength: 53 9118 + minLength: 1 9119 + type: string 9120 + rollback: 9121 + description: Rollback holds the configuration for Helm rollback actions 9122 + for this HelmRelease. 9123 + properties: 9124 + cleanupOnFail: 9125 + description: |- 9126 + CleanupOnFail allows deletion of new resources created during the Helm 9127 + rollback action when it fails. 9128 + type: boolean 9129 + disableHooks: 9130 + description: DisableHooks prevents hooks from running during the 9131 + Helm rollback action. 9132 + type: boolean 9133 + disableWait: 9134 + description: |- 9135 + DisableWait disables the waiting for resources to be ready after a Helm 9136 + rollback has been performed. 9137 + type: boolean 9138 + disableWaitForJobs: 9139 + description: |- 9140 + DisableWaitForJobs disables waiting for jobs to complete after a Helm 9141 + rollback has been performed. 9142 + type: boolean 9143 + force: 9144 + description: Force forces resource updates through a replacement 9145 + strategy. 9146 + type: boolean 9147 + recreate: 9148 + description: Recreate performs pod restarts for the resource if 9149 + applicable. 9150 + type: boolean 9151 + timeout: 9152 + description: |- 9153 + Timeout is the time to wait for any individual Kubernetes operation (like 9154 + Jobs for hooks) during the performance of a Helm rollback action. Defaults to 9155 + 'HelmReleaseSpec.Timeout'. 9156 + pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$ 9157 + type: string 9158 + type: object 9159 + serviceAccountName: 9160 + description: |- 9161 + The name of the Kubernetes service account to impersonate 9162 + when reconciling this HelmRelease. 9163 + type: string 9164 + storageNamespace: 9165 + description: |- 9166 + StorageNamespace used for the Helm storage. 9167 + Defaults to the namespace of the HelmRelease. 9168 + maxLength: 63 9169 + minLength: 1 9170 + type: string 9171 + suspend: 9172 + description: |- 9173 + Suspend tells the controller to suspend reconciliation for this HelmRelease, 9174 + it does not apply to already started reconciliations. Defaults to false. 9175 + type: boolean 9176 + targetNamespace: 9177 + description: |- 9178 + TargetNamespace to target when performing operations for the HelmRelease. 9179 + Defaults to the namespace of the HelmRelease. 9180 + maxLength: 63 9181 + minLength: 1 9182 + type: string 9183 + test: 9184 + description: Test holds the configuration for Helm test actions for 9185 + this HelmRelease. 9186 + properties: 9187 + enable: 9188 + description: |- 9189 + Enable enables Helm test actions for this HelmRelease after an Helm install 9190 + or upgrade action has been performed. 9191 + type: boolean 9192 + ignoreFailures: 9193 + description: |- 9194 + IgnoreFailures tells the controller to skip remediation when the Helm tests 9195 + are run but fail. Can be overwritten for tests run after install or upgrade 9196 + actions in 'Install.IgnoreTestFailures' and 'Upgrade.IgnoreTestFailures'. 9197 + type: boolean 9198 + timeout: 9199 + description: |- 9200 + Timeout is the time to wait for any individual Kubernetes operation during 9201 + the performance of a Helm test action. Defaults to 'HelmReleaseSpec.Timeout'. 9202 + pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$ 9203 + type: string 9204 + type: object 9205 + timeout: 9206 + description: |- 9207 + Timeout is the time to wait for any individual Kubernetes operation (like Jobs 9208 + for hooks) during the performance of a Helm action. Defaults to '5m0s'. 9209 + pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$ 9210 + type: string 9211 + uninstall: 9212 + description: Uninstall holds the configuration for Helm uninstall 9213 + actions for this HelmRelease. 9214 + properties: 9215 + deletionPropagation: 9216 + default: background 9217 + description: |- 9218 + DeletionPropagation specifies the deletion propagation policy when 9219 + a Helm uninstall is performed. 9220 + enum: 9221 + - background 9222 + - foreground 9223 + - orphan 9224 + type: string 9225 + disableHooks: 9226 + description: DisableHooks prevents hooks from running during the 9227 + Helm rollback action. 9228 + type: boolean 9229 + disableWait: 9230 + description: |- 9231 + DisableWait disables waiting for all the resources to be deleted after 9232 + a Helm uninstall is performed. 9233 + type: boolean 9234 + keepHistory: 9235 + description: |- 9236 + KeepHistory tells Helm to remove all associated resources and mark the 9237 + release as deleted, but retain the release history. 9238 + type: boolean 9239 + timeout: 9240 + description: |- 9241 + Timeout is the time to wait for any individual Kubernetes operation (like 9242 + Jobs for hooks) during the performance of a Helm uninstall action. Defaults 9243 + to 'HelmReleaseSpec.Timeout'. 9244 + pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$ 9245 + type: string 9246 + type: object 9247 + upgrade: 9248 + description: Upgrade holds the configuration for Helm upgrade actions 9249 + for this HelmRelease. 9250 + properties: 9251 + cleanupOnFail: 9252 + description: |- 9253 + CleanupOnFail allows deletion of new resources created during the Helm 9254 + upgrade action when it fails. 9255 + type: boolean 9256 + crds: 9257 + description: |- 9258 + CRDs upgrade CRDs from the Helm Chart's crds directory according 9259 + to the CRD upgrade policy provided here. Valid values are `Skip`, 9260 + `Create` or `CreateReplace`. Default is `Skip` and if omitted 9261 + CRDs are neither installed nor upgraded. 9262 + 9263 + Skip: do neither install nor replace (update) any CRDs. 9264 + 9265 + Create: new CRDs are created, existing CRDs are neither updated nor deleted. 9266 + 9267 + CreateReplace: new CRDs are created, existing CRDs are updated (replaced) 9268 + but not deleted. 9269 + 9270 + By default, CRDs are not applied during Helm upgrade action. With this 9271 + option users can opt-in to CRD upgrade, which is not (yet) natively supported by Helm. 9272 + https://helm.sh/docs/chart_best_practices/custom_resource_definitions. 9273 + enum: 9274 + - Skip 9275 + - Create 9276 + - CreateReplace 9277 + type: string 9278 + disableHooks: 9279 + description: DisableHooks prevents hooks from running during the 9280 + Helm upgrade action. 9281 + type: boolean 9282 + disableOpenAPIValidation: 9283 + description: |- 9284 + DisableOpenAPIValidation prevents the Helm upgrade action from validating 9285 + rendered templates against the Kubernetes OpenAPI Schema. 9286 + type: boolean 9287 + disableWait: 9288 + description: |- 9289 + DisableWait disables the waiting for resources to be ready after a Helm 9290 + upgrade has been performed. 9291 + type: boolean 9292 + disableWaitForJobs: 9293 + description: |- 9294 + DisableWaitForJobs disables waiting for jobs to complete after a Helm 9295 + upgrade has been performed. 9296 + type: boolean 9297 + force: 9298 + description: Force forces resource updates through a replacement 9299 + strategy. 9300 + type: boolean 9301 + preserveValues: 9302 + description: |- 9303 + PreserveValues will make Helm reuse the last release's values and merge in 9304 + overrides from 'Values'. Setting this flag makes the HelmRelease 9305 + non-declarative. 9306 + type: boolean 9307 + remediation: 9308 + description: |- 9309 + Remediation holds the remediation configuration for when the Helm upgrade 9310 + action for the HelmRelease fails. The default is to not perform any action. 9311 + properties: 9312 + ignoreTestFailures: 9313 + description: |- 9314 + IgnoreTestFailures tells the controller to skip remediation when the Helm 9315 + tests are run after an upgrade action but fail. 9316 + Defaults to 'Test.IgnoreFailures'. 9317 + type: boolean 9318 + remediateLastFailure: 9319 + description: |- 9320 + RemediateLastFailure tells the controller to remediate the last failure, when 9321 + no retries remain. Defaults to 'false' unless 'Retries' is greater than 0. 9322 + type: boolean 9323 + retries: 9324 + description: |- 9325 + Retries is the number of retries that should be attempted on failures before 9326 + bailing. Remediation, using 'Strategy', is performed between each attempt. 9327 + Defaults to '0', a negative integer equals to unlimited retries. 9328 + type: integer 9329 + strategy: 9330 + description: Strategy to use for failure remediation. Defaults 9331 + to 'rollback'. 9332 + enum: 9333 + - rollback 9334 + - uninstall 9335 + type: string 9336 + type: object 9337 + timeout: 9338 + description: |- 9339 + Timeout is the time to wait for any individual Kubernetes operation (like 9340 + Jobs for hooks) during the performance of a Helm upgrade action. Defaults to 9341 + 'HelmReleaseSpec.Timeout'. 9342 + pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$ 9343 + type: string 9344 + type: object 9345 + values: 9346 + description: Values holds the values for this Helm release. 9347 + x-kubernetes-preserve-unknown-fields: true 9348 + valuesFrom: 9349 + description: |- 9350 + ValuesFrom holds references to resources containing Helm values for this HelmRelease, 9351 + and information about how they should be merged. 9352 + items: 9353 + description: |- 9354 + ValuesReference contains a reference to a resource containing Helm values, 9355 + and optionally the key they can be found at. 9356 + properties: 9357 + kind: 9358 + description: Kind of the values referent, valid values are ('Secret', 9359 + 'ConfigMap'). 9360 + enum: 9361 + - Secret 9362 + - ConfigMap 9363 + type: string 9364 + name: 9365 + description: |- 9366 + Name of the values referent. Should reside in the same namespace as the 9367 + referring resource. 9368 + maxLength: 253 9369 + minLength: 1 9370 + type: string 9371 + optional: 9372 + description: |- 9373 + Optional marks this ValuesReference as optional. When set, a not found error 9374 + for the values reference is ignored, but any ValuesKey, TargetPath or 9375 + transient error will still result in a reconciliation failure. 9376 + type: boolean 9377 + targetPath: 9378 + description: |- 9379 + TargetPath is the YAML dot notation path the value should be merged at. When 9380 + set, the ValuesKey is expected to be a single flat value. Defaults to 'None', 9381 + which results in the values getting merged at the root. 9382 + maxLength: 250 9383 + pattern: ^([a-zA-Z0-9_\-.\\\/]|\[[0-9]{1,5}\])+$ 9384 + type: string 9385 + valuesKey: 9386 + description: |- 9387 + ValuesKey is the data key where the values.yaml or a specific value can be 9388 + found at. Defaults to 'values.yaml'. 9389 + When set, must be a valid Data Key, consisting of alphanumeric characters, 9390 + '-', '_' or '.'. 9391 + maxLength: 253 9392 + pattern: ^[\-._a-zA-Z0-9]+$ 9393 + type: string 9394 + required: 9395 + - kind 9396 + - name 9397 + type: object 9398 + type: array 9399 + required: 9400 + - chart 9401 + - interval 9402 + type: object 9403 + status: 9404 + default: 9405 + observedGeneration: -1 9406 + description: HelmReleaseStatus defines the observed state of a HelmRelease. 9407 + properties: 9408 + conditions: 9409 + description: Conditions holds the conditions for the HelmRelease. 9410 + items: 9411 + description: Condition contains details for one aspect of the current 9412 + state of this API Resource. 9413 + properties: 9414 + lastTransitionTime: 9415 + description: |- 9416 + lastTransitionTime is the last time the condition transitioned from one status to another. 9417 + This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. 9418 + format: date-time 9419 + type: string 9420 + message: 9421 + description: |- 9422 + message is a human readable message indicating details about the transition. 9423 + This may be an empty string. 9424 + maxLength: 32768 9425 + type: string 9426 + observedGeneration: 9427 + description: |- 9428 + observedGeneration represents the .metadata.generation that the condition was set based upon. 9429 + For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date 9430 + with respect to the current state of the instance. 9431 + format: int64 9432 + minimum: 0 9433 + type: integer 9434 + reason: 9435 + description: |- 9436 + reason contains a programmatic identifier indicating the reason for the condition's last transition. 9437 + Producers of specific condition types may define expected values and meanings for this field, 9438 + and whether the values are considered a guaranteed API. 9439 + The value should be a CamelCase string. 9440 + This field may not be empty. 9441 + maxLength: 1024 9442 + minLength: 1 9443 + pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ 9444 + type: string 9445 + status: 9446 + description: status of the condition, one of True, False, Unknown. 9447 + enum: 9448 + - "True" 9449 + - "False" 9450 + - Unknown 9451 + type: string 9452 + type: 9453 + description: type of condition in CamelCase or in foo.example.com/CamelCase. 9454 + maxLength: 316 9455 + pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ 9456 + type: string 9457 + required: 9458 + - lastTransitionTime 9459 + - message 9460 + - reason 9461 + - status 9462 + - type 9463 + type: object 9464 + type: array 9465 + failures: 9466 + description: |- 9467 + Failures is the reconciliation failure count against the latest desired 9468 + state. It is reset after a successful reconciliation. 9469 + format: int64 9470 + type: integer 9471 + helmChart: 9472 + description: |- 9473 + HelmChart is the namespaced name of the HelmChart resource created by 9474 + the controller for the HelmRelease. 9475 + type: string 9476 + history: 9477 + description: |- 9478 + History holds the history of Helm releases performed for this HelmRelease 9479 + up to the last successfully completed release. 9480 + 9481 + Note: this field is provisional to the v2beta2 API, and not actively used 9482 + by v2beta1 HelmReleases. 9483 + items: 9484 + description: |- 9485 + Snapshot captures a point-in-time copy of the status information for a Helm release, 9486 + as managed by the controller. 9487 + properties: 9488 + apiVersion: 9489 + description: |- 9490 + APIVersion is the API version of the Snapshot. 9491 + Provisional: when the calculation method of the Digest field is changed, 9492 + this field will be used to distinguish between the old and new methods. 9493 + type: string 9494 + appVersion: 9495 + description: AppVersion is the chart app version of the release 9496 + object in storage. 9497 + type: string 9498 + chartName: 9499 + description: ChartName is the chart name of the release object 9500 + in storage. 9501 + type: string 9502 + chartVersion: 9503 + description: |- 9504 + ChartVersion is the chart version of the release object in 9505 + storage. 9506 + type: string 9507 + configDigest: 9508 + description: |- 9509 + ConfigDigest is the checksum of the config (better known as 9510 + "values") of the release object in storage. 9511 + It has the format of `<algo>:<checksum>`. 9512 + type: string 9513 + deleted: 9514 + description: Deleted is when the release was deleted. 9515 + format: date-time 9516 + type: string 9517 + digest: 9518 + description: |- 9519 + Digest is the checksum of the release object in storage. 9520 + It has the format of `<algo>:<checksum>`. 9521 + type: string 9522 + firstDeployed: 9523 + description: FirstDeployed is when the release was first deployed. 9524 + format: date-time 9525 + type: string 9526 + lastDeployed: 9527 + description: LastDeployed is when the release was last deployed. 9528 + format: date-time 9529 + type: string 9530 + name: 9531 + description: Name is the name of the release. 9532 + type: string 9533 + namespace: 9534 + description: Namespace is the namespace the release is deployed 9535 + to. 9536 + type: string 9537 + ociDigest: 9538 + description: OCIDigest is the digest of the OCI artifact associated 9539 + with the release. 9540 + type: string 9541 + status: 9542 + description: Status is the current state of the release. 9543 + type: string 9544 + testHooks: 9545 + additionalProperties: 9546 + description: |- 9547 + TestHookStatus holds the status information for a test hook as observed 9548 + to be run by the controller. 9549 + properties: 9550 + lastCompleted: 9551 + description: LastCompleted is the time the test hook last 9552 + completed. 9553 + format: date-time 9554 + type: string 9555 + lastStarted: 9556 + description: LastStarted is the time the test hook was 9557 + last started. 9558 + format: date-time 9559 + type: string 9560 + phase: 9561 + description: Phase the test hook was observed to be in. 9562 + type: string 9563 + type: object 9564 + description: |- 9565 + TestHooks is the list of test hooks for the release as observed to be 9566 + run by the controller. 9567 + type: object 9568 + version: 9569 + description: Version is the version of the release object in 9570 + storage. 9571 + type: integer 9572 + required: 9573 + - chartName 9574 + - chartVersion 9575 + - configDigest 9576 + - digest 9577 + - firstDeployed 9578 + - lastDeployed 9579 + - name 9580 + - namespace 9581 + - status 9582 + - version 9583 + type: object 9584 + type: array 9585 + installFailures: 9586 + description: |- 9587 + InstallFailures is the install failure count against the latest desired 9588 + state. It is reset after a successful reconciliation. 9589 + format: int64 9590 + type: integer 9591 + lastAppliedRevision: 9592 + description: LastAppliedRevision is the revision of the last successfully 9593 + applied source. 9594 + type: string 9595 + lastAttemptedConfigDigest: 9596 + description: |- 9597 + LastAttemptedConfigDigest is the digest for the config (better known as 9598 + "values") of the last reconciliation attempt. 9599 + 9600 + Note: this field is provisional to the v2beta2 API, and not actively used 9601 + by v2beta1 HelmReleases. 9602 + type: string 9603 + lastAttemptedGeneration: 9604 + description: |- 9605 + LastAttemptedGeneration is the last generation the controller attempted 9606 + to reconcile. 9607 + 9608 + Note: this field is provisional to the v2beta2 API, and not actively used 9609 + by v2beta1 HelmReleases. 9610 + format: int64 9611 + type: integer 9612 + lastAttemptedReleaseAction: 9613 + description: |- 9614 + LastAttemptedReleaseAction is the last release action performed for this 9615 + HelmRelease. It is used to determine the active remediation strategy. 9616 + 9617 + Note: this field is provisional to the v2beta2 API, and not actively used 9618 + by v2beta1 HelmReleases. 9619 + type: string 9620 + lastAttemptedRevision: 9621 + description: LastAttemptedRevision is the revision of the last reconciliation 9622 + attempt. 9623 + type: string 9624 + lastAttemptedValuesChecksum: 9625 + description: |- 9626 + LastAttemptedValuesChecksum is the SHA1 checksum of the values of the last 9627 + reconciliation attempt. 9628 + type: string 9629 + lastHandledForceAt: 9630 + description: |- 9631 + LastHandledForceAt holds the value of the most recent force request 9632 + value, so a change of the annotation value can be detected. 9633 + 9634 + Note: this field is provisional to the v2beta2 API, and not actively used 9635 + by v2beta1 HelmReleases. 9636 + type: string 9637 + lastHandledReconcileAt: 9638 + description: |- 9639 + LastHandledReconcileAt holds the value of the most recent 9640 + reconcile request value, so a change of the annotation value 9641 + can be detected. 9642 + type: string 9643 + lastHandledResetAt: 9644 + description: |- 9645 + LastHandledResetAt holds the value of the most recent reset request 9646 + value, so a change of the annotation value can be detected. 9647 + 9648 + Note: this field is provisional to the v2beta2 API, and not actively used 9649 + by v2beta1 HelmReleases. 9650 + type: string 9651 + lastReleaseRevision: 9652 + description: LastReleaseRevision is the revision of the last successful 9653 + Helm release. 9654 + type: integer 9655 + observedGeneration: 9656 + description: ObservedGeneration is the last observed generation. 9657 + format: int64 9658 + type: integer 9659 + observedPostRenderersDigest: 9660 + description: |- 9661 + ObservedPostRenderersDigest is the digest for the post-renderers of 9662 + the last successful reconciliation attempt. 9663 + type: string 9664 + storageNamespace: 9665 + description: |- 9666 + StorageNamespace is the namespace of the Helm release storage for the 9667 + current release. 9668 + 9669 + Note: this field is provisional to the v2beta2 API, and not actively used 9670 + by v2beta1 HelmReleases. 9671 + type: string 9672 + upgradeFailures: 9673 + description: |- 9674 + UpgradeFailures is the upgrade failure count against the latest desired 9675 + state. It is reset after a successful reconciliation. 9676 + format: int64 9677 + type: integer 9678 + type: object 9679 + type: object 9680 + served: true 9681 + storage: false 9682 + subresources: 9683 + status: {} 9684 + - additionalPrinterColumns: 9685 + - jsonPath: .metadata.creationTimestamp 9686 + name: Age 9687 + type: date 9688 + - jsonPath: .status.conditions[?(@.type=="Ready")].status 9689 + name: Ready 9690 + type: string 9691 + - jsonPath: .status.conditions[?(@.type=="Ready")].message 9692 + name: Status 9693 + type: string 9694 + deprecated: true 9695 + deprecationWarning: v2beta2 HelmRelease is deprecated, upgrade to v2 9696 + name: v2beta2 9697 + schema: 9698 + openAPIV3Schema: 9699 + description: HelmRelease is the Schema for the helmreleases API 9700 + properties: 9701 + apiVersion: 9702 + description: |- 9703 + APIVersion defines the versioned schema of this representation of an object. 9704 + Servers should convert recognized schemas to the latest internal value, and 9705 + may reject unrecognized values. 9706 + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources 9707 + type: string 9708 + kind: 9709 + description: |- 9710 + Kind is a string value representing the REST resource this object represents. 9711 + Servers may infer this from the endpoint the client submits requests to. 9712 + Cannot be updated. 9713 + In CamelCase. 9714 + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds 9715 + type: string 9716 + metadata: 9717 + type: object 9718 + spec: 9719 + description: HelmReleaseSpec defines the desired state of a Helm release. 9720 + properties: 9721 + chart: 9722 + description: |- 9723 + Chart defines the template of the v1beta2.HelmChart that should be created 9724 + for this HelmRelease. 9725 + properties: 9726 + metadata: 9727 + description: ObjectMeta holds the template for metadata like labels 9728 + and annotations. 9729 + properties: 9730 + annotations: 9731 + additionalProperties: 9732 + type: string 9733 + description: |- 9734 + Annotations is an unstructured key value map stored with a resource that may be 9735 + set by external tools to store and retrieve arbitrary metadata. They are not 9736 + queryable and should be preserved when modifying objects. 9737 + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations/ 9738 + type: object 9739 + labels: 9740 + additionalProperties: 9741 + type: string 9742 + description: |- 9743 + Map of string keys and values that can be used to organize and categorize 9744 + (scope and select) objects. 9745 + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/ 9746 + type: object 9747 + type: object 9748 + spec: 9749 + description: Spec holds the template for the v1beta2.HelmChartSpec 9750 + for this HelmRelease. 9751 + properties: 9752 + chart: 9753 + description: The name or path the Helm chart is available 9754 + at in the SourceRef. 9755 + maxLength: 2048 9756 + minLength: 1 9757 + type: string 9758 + ignoreMissingValuesFiles: 9759 + description: IgnoreMissingValuesFiles controls whether to 9760 + silently ignore missing values files rather than failing. 9761 + type: boolean 9762 + interval: 9763 + description: |- 9764 + Interval at which to check the v1.Source for updates. Defaults to 9765 + 'HelmReleaseSpec.Interval'. 9766 + pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$ 9767 + type: string 9768 + reconcileStrategy: 9769 + default: ChartVersion 9770 + description: |- 9771 + Determines what enables the creation of a new artifact. Valid values are 9772 + ('ChartVersion', 'Revision'). 9773 + See the documentation of the values for an explanation on their behavior. 9774 + Defaults to ChartVersion when omitted. 9775 + enum: 9776 + - ChartVersion 9777 + - Revision 9778 + type: string 9779 + sourceRef: 9780 + description: The name and namespace of the v1.Source the chart 9781 + is available at. 9782 + properties: 9783 + apiVersion: 9784 + description: APIVersion of the referent. 9785 + type: string 9786 + kind: 9787 + description: Kind of the referent. 9788 + enum: 9789 + - HelmRepository 9790 + - GitRepository 9791 + - Bucket 9792 + type: string 9793 + name: 9794 + description: Name of the referent. 9795 + maxLength: 253 9796 + minLength: 1 9797 + type: string 9798 + namespace: 9799 + description: Namespace of the referent. 9800 + maxLength: 63 9801 + minLength: 1 9802 + type: string 9803 + required: 9804 + - kind 9805 + - name 9806 + type: object 9807 + valuesFile: 9808 + description: |- 9809 + Alternative values file to use as the default chart values, expected to 9810 + be a relative path in the SourceRef. Deprecated in favor of ValuesFiles, 9811 + for backwards compatibility the file defined here is merged before the 9812 + ValuesFiles items. Ignored when omitted. 9813 + type: string 9814 + valuesFiles: 9815 + description: |- 9816 + Alternative list of values files to use as the chart values (values.yaml 9817 + is not included by default), expected to be a relative path in the SourceRef. 9818 + Values files are merged in the order of this list with the last file overriding 9819 + the first. Ignored when omitted. 9820 + items: 9821 + type: string 9822 + type: array 9823 + verify: 9824 + description: |- 9825 + Verify contains the secret name containing the trusted public keys 9826 + used to verify the signature and specifies which provider to use to check 9827 + whether OCI image is authentic. 9828 + This field is only supported for OCI sources. 9829 + Chart dependencies, which are not bundled in the umbrella chart artifact, 9830 + are not verified. 9831 + properties: 9832 + provider: 9833 + default: cosign 9834 + description: Provider specifies the technology used to 9835 + sign the OCI Helm chart. 9836 + enum: 9837 + - cosign 9838 + - notation 9839 + type: string 9840 + secretRef: 9841 + description: |- 9842 + SecretRef specifies the Kubernetes Secret containing the 9843 + trusted public keys. 9844 + properties: 9845 + name: 9846 + description: Name of the referent. 9847 + type: string 9848 + required: 9849 + - name 9850 + type: object 9851 + required: 9852 + - provider 9853 + type: object 9854 + version: 9855 + default: '*' 9856 + description: |- 9857 + Version semver expression, ignored for charts from v1beta2.GitRepository and 9858 + v1beta2.Bucket sources. Defaults to latest when omitted. 9859 + type: string 9860 + required: 9861 + - chart 9862 + - sourceRef 9863 + type: object 9864 + required: 9865 + - spec 9866 + type: object 9867 + chartRef: 9868 + description: |- 9869 + ChartRef holds a reference to a source controller resource containing the 9870 + Helm chart artifact. 9871 + 9872 + Note: this field is provisional to the v2 API, and not actively used 9873 + by v2beta2 HelmReleases. 9874 + properties: 9875 + apiVersion: 9876 + description: APIVersion of the referent. 9877 + type: string 9878 + kind: 9879 + description: Kind of the referent. 9880 + enum: 9881 + - OCIRepository 9882 + - HelmChart 9883 + type: string 9884 + name: 9885 + description: Name of the referent. 9886 + maxLength: 253 9887 + minLength: 1 9888 + type: string 9889 + namespace: 9890 + description: |- 9891 + Namespace of the referent, defaults to the namespace of the Kubernetes 9892 + resource object that contains the reference. 9893 + maxLength: 63 9894 + minLength: 1 9895 + type: string 9896 + required: 9897 + - kind 9898 + - name 9899 + type: object 9900 + dependsOn: 9901 + description: |- 9902 + DependsOn may contain a meta.NamespacedObjectReference slice with 9903 + references to HelmRelease resources that must be ready before this HelmRelease 9904 + can be reconciled. 9905 + items: 9906 + description: |- 9907 + NamespacedObjectReference contains enough information to locate the referenced Kubernetes resource object in any 9908 + namespace. 9909 + properties: 9910 + name: 9911 + description: Name of the referent. 9912 + type: string 9913 + namespace: 9914 + description: Namespace of the referent, when not specified it 9915 + acts as LocalObjectReference. 9916 + type: string 9917 + required: 9918 + - name 9919 + type: object 9920 + type: array 9921 + driftDetection: 9922 + description: |- 9923 + DriftDetection holds the configuration for detecting and handling 9924 + differences between the manifest in the Helm storage and the resources 9925 + currently existing in the cluster. 9926 + properties: 9927 + ignore: 9928 + description: |- 9929 + Ignore contains a list of rules for specifying which changes to ignore 9930 + during diffing. 9931 + items: 9932 + description: |- 9933 + IgnoreRule defines a rule to selectively disregard specific changes during 9934 + the drift detection process. 9935 + properties: 9936 + paths: 9937 + description: |- 9938 + Paths is a list of JSON Pointer (RFC 6901) paths to be excluded from 9939 + consideration in a Kubernetes object. 9940 + items: 9941 + type: string 9942 + type: array 9943 + target: 9944 + description: |- 9945 + Target is a selector for specifying Kubernetes objects to which this 9946 + rule applies. 9947 + If Target is not set, the Paths will be ignored for all Kubernetes 9948 + objects within the manifest of the Helm release. 9949 + properties: 9950 + annotationSelector: 9951 + description: |- 9952 + AnnotationSelector is a string that follows the label selection expression 9953 + https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#api 9954 + It matches with the resource annotations. 9955 + type: string 9956 + group: 9957 + description: |- 9958 + Group is the API group to select resources from. 9959 + Together with Version and Kind it is capable of unambiguously identifying and/or selecting resources. 9960 + https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md 9961 + type: string 9962 + kind: 9963 + description: |- 9964 + Kind of the API Group to select resources from. 9965 + Together with Group and Version it is capable of unambiguously 9966 + identifying and/or selecting resources. 9967 + https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md 9968 + type: string 9969 + labelSelector: 9970 + description: |- 9971 + LabelSelector is a string that follows the label selection expression 9972 + https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#api 9973 + It matches with the resource labels. 9974 + type: string 9975 + name: 9976 + description: Name to match resources with. 9977 + type: string 9978 + namespace: 9979 + description: Namespace to select resources from. 9980 + type: string 9981 + version: 9982 + description: |- 9983 + Version of the API Group to select resources from. 9984 + Together with Group and Kind it is capable of unambiguously identifying and/or selecting resources. 9985 + https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md 9986 + type: string 9987 + type: object 9988 + required: 9989 + - paths 9990 + type: object 9991 + type: array 9992 + mode: 9993 + description: |- 9994 + Mode defines how differences should be handled between the Helm manifest 9995 + and the manifest currently applied to the cluster. 9996 + If not explicitly set, it defaults to DiffModeDisabled. 9997 + enum: 9998 + - enabled 9999 + - warn 10000 + - disabled 10001 + type: string 10002 + type: object 10003 + install: 10004 + description: Install holds the configuration for Helm install actions 10005 + for this HelmRelease. 10006 + properties: 10007 + crds: 10008 + description: |- 10009 + CRDs upgrade CRDs from the Helm Chart's crds directory according 10010 + to the CRD upgrade policy provided here. Valid values are `Skip`, 10011 + `Create` or `CreateReplace`. Default is `Create` and if omitted 10012 + CRDs are installed but not updated. 10013 + 10014 + Skip: do neither install nor replace (update) any CRDs. 10015 + 10016 + Create: new CRDs are created, existing CRDs are neither updated nor deleted. 10017 + 10018 + CreateReplace: new CRDs are created, existing CRDs are updated (replaced) 10019 + but not deleted. 10020 + 10021 + By default, CRDs are applied (installed) during Helm install action. 10022 + With this option users can opt in to CRD replace existing CRDs on Helm 10023 + install actions, which is not (yet) natively supported by Helm. 10024 + https://helm.sh/docs/chart_best_practices/custom_resource_definitions. 10025 + enum: 10026 + - Skip 10027 + - Create 10028 + - CreateReplace 10029 + type: string 10030 + createNamespace: 10031 + description: |- 10032 + CreateNamespace tells the Helm install action to create the 10033 + HelmReleaseSpec.TargetNamespace if it does not exist yet. 10034 + On uninstall, the namespace will not be garbage collected. 10035 + type: boolean 10036 + disableHooks: 10037 + description: DisableHooks prevents hooks from running during the 10038 + Helm install action. 10039 + type: boolean 10040 + disableOpenAPIValidation: 10041 + description: |- 10042 + DisableOpenAPIValidation prevents the Helm install action from validating 10043 + rendered templates against the Kubernetes OpenAPI Schema. 10044 + type: boolean 10045 + disableWait: 10046 + description: |- 10047 + DisableWait disables the waiting for resources to be ready after a Helm 10048 + install has been performed. 10049 + type: boolean 10050 + disableWaitForJobs: 10051 + description: |- 10052 + DisableWaitForJobs disables waiting for jobs to complete after a Helm 10053 + install has been performed. 10054 + type: boolean 10055 + remediation: 10056 + description: |- 10057 + Remediation holds the remediation configuration for when the Helm install 10058 + action for the HelmRelease fails. The default is to not perform any action. 10059 + properties: 10060 + ignoreTestFailures: 10061 + description: |- 10062 + IgnoreTestFailures tells the controller to skip remediation when the Helm 10063 + tests are run after an install action but fail. Defaults to 10064 + 'Test.IgnoreFailures'. 10065 + type: boolean 10066 + remediateLastFailure: 10067 + description: |- 10068 + RemediateLastFailure tells the controller to remediate the last failure, when 10069 + no retries remain. Defaults to 'false'. 10070 + type: boolean 10071 + retries: 10072 + description: |- 10073 + Retries is the number of retries that should be attempted on failures before 10074 + bailing. Remediation, using an uninstall, is performed between each attempt. 10075 + Defaults to '0', a negative integer equals to unlimited retries. 10076 + type: integer 10077 + type: object 10078 + replace: 10079 + description: |- 10080 + Replace tells the Helm install action to re-use the 'ReleaseName', but only 10081 + if that name is a deleted release which remains in the history. 10082 + type: boolean 10083 + skipCRDs: 10084 + description: |- 10085 + SkipCRDs tells the Helm install action to not install any CRDs. By default, 10086 + CRDs are installed if not already present. 10087 + 10088 + Deprecated use CRD policy (`crds`) attribute with value `Skip` instead. 10089 + type: boolean 10090 + timeout: 10091 + description: |- 10092 + Timeout is the time to wait for any individual Kubernetes operation (like 10093 + Jobs for hooks) during the performance of a Helm install action. Defaults to 10094 + 'HelmReleaseSpec.Timeout'. 10095 + pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$ 10096 + type: string 10097 + type: object 10098 + interval: 10099 + description: Interval at which to reconcile the Helm release. 10100 + pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$ 10101 + type: string 10102 + kubeConfig: 10103 + description: |- 10104 + KubeConfig for reconciling the HelmRelease on a remote cluster. 10105 + When used in combination with HelmReleaseSpec.ServiceAccountName, 10106 + forces the controller to act on behalf of that Service Account at the 10107 + target cluster. 10108 + If the --default-service-account flag is set, its value will be used as 10109 + a controller level fallback for when HelmReleaseSpec.ServiceAccountName 10110 + is empty. 10111 + properties: 10112 + secretRef: 10113 + description: |- 10114 + SecretRef holds the name of a secret that contains a key with 10115 + the kubeconfig file as the value. If no key is set, the key will default 10116 + to 'value'. 10117 + It is recommended that the kubeconfig is self-contained, and the secret 10118 + is regularly updated if credentials such as a cloud-access-token expire. 10119 + Cloud specific `cmd-path` auth helpers will not function without adding 10120 + binaries and credentials to the Pod that is responsible for reconciling 10121 + Kubernetes resources. 10122 + properties: 10123 + key: 10124 + description: Key in the Secret, when not specified an implementation-specific 10125 + default key is used. 10126 + type: string 10127 + name: 10128 + description: Name of the Secret. 10129 + type: string 10130 + required: 10131 + - name 10132 + type: object 10133 + required: 10134 + - secretRef 10135 + type: object 10136 + maxHistory: 10137 + description: |- 10138 + MaxHistory is the number of revisions saved by Helm for this HelmRelease. 10139 + Use '0' for an unlimited number of revisions; defaults to '5'. 10140 + type: integer 10141 + persistentClient: 10142 + description: |- 10143 + PersistentClient tells the controller to use a persistent Kubernetes 10144 + client for this release. When enabled, the client will be reused for the 10145 + duration of the reconciliation, instead of being created and destroyed 10146 + for each (step of a) Helm action. 10147 + 10148 + This can improve performance, but may cause issues with some Helm charts 10149 + that for example do create Custom Resource Definitions during installation 10150 + outside Helm's CRD lifecycle hooks, which are then not observed to be 10151 + available by e.g. post-install hooks. 10152 + 10153 + If not set, it defaults to true. 10154 + type: boolean 10155 + postRenderers: 10156 + description: |- 10157 + PostRenderers holds an array of Helm PostRenderers, which will be applied in order 10158 + of their definition. 10159 + items: 10160 + description: PostRenderer contains a Helm PostRenderer specification. 10161 + properties: 10162 + kustomize: 10163 + description: Kustomization to apply as PostRenderer. 10164 + properties: 10165 + images: 10166 + description: |- 10167 + Images is a list of (image name, new name, new tag or digest) 10168 + for changing image names, tags or digests. This can also be achieved with a 10169 + patch, but this operator is simpler to specify. 10170 + items: 10171 + description: Image contains an image name, a new name, 10172 + a new tag or digest, which will replace the original 10173 + name and tag. 10174 + properties: 10175 + digest: 10176 + description: |- 10177 + Digest is the value used to replace the original image tag. 10178 + If digest is present NewTag value is ignored. 10179 + type: string 10180 + name: 10181 + description: Name is a tag-less image name. 10182 + type: string 10183 + newName: 10184 + description: NewName is the value used to replace 10185 + the original name. 10186 + type: string 10187 + newTag: 10188 + description: NewTag is the value used to replace the 10189 + original tag. 10190 + type: string 10191 + required: 10192 + - name 10193 + type: object 10194 + type: array 10195 + patches: 10196 + description: |- 10197 + Strategic merge and JSON patches, defined as inline YAML objects, 10198 + capable of targeting objects based on kind, label and annotation selectors. 10199 + items: 10200 + description: |- 10201 + Patch contains an inline StrategicMerge or JSON6902 patch, and the target the patch should 10202 + be applied to. 10203 + properties: 10204 + patch: 10205 + description: |- 10206 + Patch contains an inline StrategicMerge patch or an inline JSON6902 patch with 10207 + an array of operation objects. 10208 + type: string 10209 + target: 10210 + description: Target points to the resources that the 10211 + patch document should be applied to. 10212 + properties: 10213 + annotationSelector: 10214 + description: |- 10215 + AnnotationSelector is a string that follows the label selection expression 10216 + https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#api 10217 + It matches with the resource annotations. 10218 + type: string 10219 + group: 10220 + description: |- 10221 + Group is the API group to select resources from. 10222 + Together with Version and Kind it is capable of unambiguously identifying and/or selecting resources. 10223 + https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md 10224 + type: string 10225 + kind: 10226 + description: |- 10227 + Kind of the API Group to select resources from. 10228 + Together with Group and Version it is capable of unambiguously 10229 + identifying and/or selecting resources. 10230 + https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md 10231 + type: string 10232 + labelSelector: 10233 + description: |- 10234 + LabelSelector is a string that follows the label selection expression 10235 + https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#api 10236 + It matches with the resource labels. 10237 + type: string 10238 + name: 10239 + description: Name to match resources with. 10240 + type: string 10241 + namespace: 10242 + description: Namespace to select resources from. 10243 + type: string 10244 + version: 10245 + description: |- 10246 + Version of the API Group to select resources from. 10247 + Together with Group and Kind it is capable of unambiguously identifying and/or selecting resources. 10248 + https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md 10249 + type: string 10250 + type: object 10251 + required: 10252 + - patch 10253 + type: object 10254 + type: array 10255 + patchesJson6902: 10256 + description: |- 10257 + JSON 6902 patches, defined as inline YAML objects. 10258 + Deprecated: use Patches instead. 10259 + items: 10260 + description: JSON6902Patch contains a JSON6902 patch and 10261 + the target the patch should be applied to. 10262 + properties: 10263 + patch: 10264 + description: Patch contains the JSON6902 patch document 10265 + with an array of operation objects. 10266 + items: 10267 + description: |- 10268 + JSON6902 is a JSON6902 operation object. 10269 + https://datatracker.ietf.org/doc/html/rfc6902#section-4 10270 + properties: 10271 + from: 10272 + description: |- 10273 + From contains a JSON-pointer value that references a location within the target document where the operation is 10274 + performed. The meaning of the value depends on the value of Op, and is NOT taken into account by all operations. 10275 + type: string 10276 + op: 10277 + description: |- 10278 + Op indicates the operation to perform. Its value MUST be one of "add", "remove", "replace", "move", "copy", or 10279 + "test". 10280 + https://datatracker.ietf.org/doc/html/rfc6902#section-4 10281 + enum: 10282 + - test 10283 + - remove 10284 + - add 10285 + - replace 10286 + - move 10287 + - copy 10288 + type: string 10289 + path: 10290 + description: |- 10291 + Path contains the JSON-pointer value that references a location within the target document where the operation 10292 + is performed. The meaning of the value depends on the value of Op. 10293 + type: string 10294 + value: 10295 + description: |- 10296 + Value contains a valid JSON structure. The meaning of the value depends on the value of Op, and is NOT taken into 10297 + account by all operations. 10298 + x-kubernetes-preserve-unknown-fields: true 10299 + required: 10300 + - op 10301 + - path 10302 + type: object 10303 + type: array 10304 + target: 10305 + description: Target points to the resources that the 10306 + patch document should be applied to. 10307 + properties: 10308 + annotationSelector: 10309 + description: |- 10310 + AnnotationSelector is a string that follows the label selection expression 10311 + https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#api 10312 + It matches with the resource annotations. 10313 + type: string 10314 + group: 10315 + description: |- 10316 + Group is the API group to select resources from. 10317 + Together with Version and Kind it is capable of unambiguously identifying and/or selecting resources. 10318 + https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md 10319 + type: string 10320 + kind: 10321 + description: |- 10322 + Kind of the API Group to select resources from. 10323 + Together with Group and Version it is capable of unambiguously 10324 + identifying and/or selecting resources. 10325 + https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md 10326 + type: string 10327 + labelSelector: 10328 + description: |- 10329 + LabelSelector is a string that follows the label selection expression 10330 + https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#api 10331 + It matches with the resource labels. 10332 + type: string 10333 + name: 10334 + description: Name to match resources with. 10335 + type: string 10336 + namespace: 10337 + description: Namespace to select resources from. 10338 + type: string 10339 + version: 10340 + description: |- 10341 + Version of the API Group to select resources from. 10342 + Together with Group and Kind it is capable of unambiguously identifying and/or selecting resources. 10343 + https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md 10344 + type: string 10345 + type: object 10346 + required: 10347 + - patch 10348 + - target 10349 + type: object 10350 + type: array 10351 + patchesStrategicMerge: 10352 + description: |- 10353 + Strategic merge patches, defined as inline YAML objects. 10354 + Deprecated: use Patches instead. 10355 + items: 10356 + x-kubernetes-preserve-unknown-fields: true 10357 + type: array 10358 + type: object 10359 + type: object 10360 + type: array 10361 + releaseName: 10362 + description: |- 10363 + ReleaseName used for the Helm release. Defaults to a composition of 10364 + '[TargetNamespace-]Name'. 10365 + maxLength: 53 10366 + minLength: 1 10367 + type: string 10368 + rollback: 10369 + description: Rollback holds the configuration for Helm rollback actions 10370 + for this HelmRelease. 10371 + properties: 10372 + cleanupOnFail: 10373 + description: |- 10374 + CleanupOnFail allows deletion of new resources created during the Helm 10375 + rollback action when it fails. 10376 + type: boolean 10377 + disableHooks: 10378 + description: DisableHooks prevents hooks from running during the 10379 + Helm rollback action. 10380 + type: boolean 10381 + disableWait: 10382 + description: |- 10383 + DisableWait disables the waiting for resources to be ready after a Helm 10384 + rollback has been performed. 10385 + type: boolean 10386 + disableWaitForJobs: 10387 + description: |- 10388 + DisableWaitForJobs disables waiting for jobs to complete after a Helm 10389 + rollback has been performed. 10390 + type: boolean 10391 + force: 10392 + description: Force forces resource updates through a replacement 10393 + strategy. 10394 + type: boolean 10395 + recreate: 10396 + description: Recreate performs pod restarts for the resource if 10397 + applicable. 10398 + type: boolean 10399 + timeout: 10400 + description: |- 10401 + Timeout is the time to wait for any individual Kubernetes operation (like 10402 + Jobs for hooks) during the performance of a Helm rollback action. Defaults to 10403 + 'HelmReleaseSpec.Timeout'. 10404 + pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$ 10405 + type: string 10406 + type: object 10407 + serviceAccountName: 10408 + description: |- 10409 + The name of the Kubernetes service account to impersonate 10410 + when reconciling this HelmRelease. 10411 + maxLength: 253 10412 + minLength: 1 10413 + type: string 10414 + storageNamespace: 10415 + description: |- 10416 + StorageNamespace used for the Helm storage. 10417 + Defaults to the namespace of the HelmRelease. 10418 + maxLength: 63 10419 + minLength: 1 10420 + type: string 10421 + suspend: 10422 + description: |- 10423 + Suspend tells the controller to suspend reconciliation for this HelmRelease, 10424 + it does not apply to already started reconciliations. Defaults to false. 10425 + type: boolean 10426 + targetNamespace: 10427 + description: |- 10428 + TargetNamespace to target when performing operations for the HelmRelease. 10429 + Defaults to the namespace of the HelmRelease. 10430 + maxLength: 63 10431 + minLength: 1 10432 + type: string 10433 + test: 10434 + description: Test holds the configuration for Helm test actions for 10435 + this HelmRelease. 10436 + properties: 10437 + enable: 10438 + description: |- 10439 + Enable enables Helm test actions for this HelmRelease after an Helm install 10440 + or upgrade action has been performed. 10441 + type: boolean 10442 + filters: 10443 + description: Filters is a list of tests to run or exclude from 10444 + running. 10445 + items: 10446 + description: Filter holds the configuration for individual Helm 10447 + test filters. 10448 + properties: 10449 + exclude: 10450 + description: Exclude specifies whether the named test should 10451 + be excluded. 10452 + type: boolean 10453 + name: 10454 + description: Name is the name of the test. 10455 + maxLength: 253 10456 + minLength: 1 10457 + type: string 10458 + required: 10459 + - name 10460 + type: object 10461 + type: array 10462 + ignoreFailures: 10463 + description: |- 10464 + IgnoreFailures tells the controller to skip remediation when the Helm tests 10465 + are run but fail. Can be overwritten for tests run after install or upgrade 10466 + actions in 'Install.IgnoreTestFailures' and 'Upgrade.IgnoreTestFailures'. 10467 + type: boolean 10468 + timeout: 10469 + description: |- 10470 + Timeout is the time to wait for any individual Kubernetes operation during 10471 + the performance of a Helm test action. Defaults to 'HelmReleaseSpec.Timeout'. 10472 + pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$ 10473 + type: string 10474 + type: object 10475 + timeout: 10476 + description: |- 10477 + Timeout is the time to wait for any individual Kubernetes operation (like Jobs 10478 + for hooks) during the performance of a Helm action. Defaults to '5m0s'. 10479 + pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$ 10480 + type: string 10481 + uninstall: 10482 + description: Uninstall holds the configuration for Helm uninstall 10483 + actions for this HelmRelease. 10484 + properties: 10485 + deletionPropagation: 10486 + default: background 10487 + description: |- 10488 + DeletionPropagation specifies the deletion propagation policy when 10489 + a Helm uninstall is performed. 10490 + enum: 10491 + - background 10492 + - foreground 10493 + - orphan 10494 + type: string 10495 + disableHooks: 10496 + description: DisableHooks prevents hooks from running during the 10497 + Helm rollback action. 10498 + type: boolean 10499 + disableWait: 10500 + description: |- 10501 + DisableWait disables waiting for all the resources to be deleted after 10502 + a Helm uninstall is performed. 10503 + type: boolean 10504 + keepHistory: 10505 + description: |- 10506 + KeepHistory tells Helm to remove all associated resources and mark the 10507 + release as deleted, but retain the release history. 10508 + type: boolean 10509 + timeout: 10510 + description: |- 10511 + Timeout is the time to wait for any individual Kubernetes operation (like 10512 + Jobs for hooks) during the performance of a Helm uninstall action. Defaults 10513 + to 'HelmReleaseSpec.Timeout'. 10514 + pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$ 10515 + type: string 10516 + type: object 10517 + upgrade: 10518 + description: Upgrade holds the configuration for Helm upgrade actions 10519 + for this HelmRelease. 10520 + properties: 10521 + cleanupOnFail: 10522 + description: |- 10523 + CleanupOnFail allows deletion of new resources created during the Helm 10524 + upgrade action when it fails. 10525 + type: boolean 10526 + crds: 10527 + description: |- 10528 + CRDs upgrade CRDs from the Helm Chart's crds directory according 10529 + to the CRD upgrade policy provided here. Valid values are `Skip`, 10530 + `Create` or `CreateReplace`. Default is `Skip` and if omitted 10531 + CRDs are neither installed nor upgraded. 10532 + 10533 + Skip: do neither install nor replace (update) any CRDs. 10534 + 10535 + Create: new CRDs are created, existing CRDs are neither updated nor deleted. 10536 + 10537 + CreateReplace: new CRDs are created, existing CRDs are updated (replaced) 10538 + but not deleted. 10539 + 10540 + By default, CRDs are not applied during Helm upgrade action. With this 10541 + option users can opt-in to CRD upgrade, which is not (yet) natively supported by Helm. 10542 + https://helm.sh/docs/chart_best_practices/custom_resource_definitions. 10543 + enum: 10544 + - Skip 10545 + - Create 10546 + - CreateReplace 10547 + type: string 10548 + disableHooks: 10549 + description: DisableHooks prevents hooks from running during the 10550 + Helm upgrade action. 10551 + type: boolean 10552 + disableOpenAPIValidation: 10553 + description: |- 10554 + DisableOpenAPIValidation prevents the Helm upgrade action from validating 10555 + rendered templates against the Kubernetes OpenAPI Schema. 10556 + type: boolean 10557 + disableWait: 10558 + description: |- 10559 + DisableWait disables the waiting for resources to be ready after a Helm 10560 + upgrade has been performed. 10561 + type: boolean 10562 + disableWaitForJobs: 10563 + description: |- 10564 + DisableWaitForJobs disables waiting for jobs to complete after a Helm 10565 + upgrade has been performed. 10566 + type: boolean 10567 + force: 10568 + description: Force forces resource updates through a replacement 10569 + strategy. 10570 + type: boolean 10571 + preserveValues: 10572 + description: |- 10573 + PreserveValues will make Helm reuse the last release's values and merge in 10574 + overrides from 'Values'. Setting this flag makes the HelmRelease 10575 + non-declarative. 10576 + type: boolean 10577 + remediation: 10578 + description: |- 10579 + Remediation holds the remediation configuration for when the Helm upgrade 10580 + action for the HelmRelease fails. The default is to not perform any action. 10581 + properties: 10582 + ignoreTestFailures: 10583 + description: |- 10584 + IgnoreTestFailures tells the controller to skip remediation when the Helm 10585 + tests are run after an upgrade action but fail. 10586 + Defaults to 'Test.IgnoreFailures'. 10587 + type: boolean 10588 + remediateLastFailure: 10589 + description: |- 10590 + RemediateLastFailure tells the controller to remediate the last failure, when 10591 + no retries remain. Defaults to 'false' unless 'Retries' is greater than 0. 10592 + type: boolean 10593 + retries: 10594 + description: |- 10595 + Retries is the number of retries that should be attempted on failures before 10596 + bailing. Remediation, using 'Strategy', is performed between each attempt. 10597 + Defaults to '0', a negative integer equals to unlimited retries. 10598 + type: integer 10599 + strategy: 10600 + description: Strategy to use for failure remediation. Defaults 10601 + to 'rollback'. 10602 + enum: 10603 + - rollback 10604 + - uninstall 10605 + type: string 10606 + type: object 10607 + timeout: 10608 + description: |- 10609 + Timeout is the time to wait for any individual Kubernetes operation (like 10610 + Jobs for hooks) during the performance of a Helm upgrade action. Defaults to 10611 + 'HelmReleaseSpec.Timeout'. 10612 + pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$ 10613 + type: string 10614 + type: object 10615 + values: 10616 + description: Values holds the values for this Helm release. 10617 + x-kubernetes-preserve-unknown-fields: true 10618 + valuesFrom: 10619 + description: |- 10620 + ValuesFrom holds references to resources containing Helm values for this HelmRelease, 10621 + and information about how they should be merged. 10622 + items: 10623 + description: |- 10624 + ValuesReference contains a reference to a resource containing Helm values, 10625 + and optionally the key they can be found at. 10626 + properties: 10627 + kind: 10628 + description: Kind of the values referent, valid values are ('Secret', 10629 + 'ConfigMap'). 10630 + enum: 10631 + - Secret 10632 + - ConfigMap 10633 + type: string 10634 + name: 10635 + description: |- 10636 + Name of the values referent. Should reside in the same namespace as the 10637 + referring resource. 10638 + maxLength: 253 10639 + minLength: 1 10640 + type: string 10641 + optional: 10642 + description: |- 10643 + Optional marks this ValuesReference as optional. When set, a not found error 10644 + for the values reference is ignored, but any ValuesKey, TargetPath or 10645 + transient error will still result in a reconciliation failure. 10646 + type: boolean 10647 + targetPath: 10648 + description: |- 10649 + TargetPath is the YAML dot notation path the value should be merged at. When 10650 + set, the ValuesKey is expected to be a single flat value. Defaults to 'None', 10651 + which results in the values getting merged at the root. 10652 + maxLength: 250 10653 + pattern: ^([a-zA-Z0-9_\-.\\\/]|\[[0-9]{1,5}\])+$ 10654 + type: string 10655 + valuesKey: 10656 + description: |- 10657 + ValuesKey is the data key where the values.yaml or a specific value can be 10658 + found at. Defaults to 'values.yaml'. 10659 + maxLength: 253 10660 + pattern: ^[\-._a-zA-Z0-9]+$ 10661 + type: string 10662 + required: 10663 + - kind 10664 + - name 10665 + type: object 10666 + type: array 10667 + required: 10668 + - interval 10669 + type: object 10670 + x-kubernetes-validations: 10671 + - message: either chart or chartRef must be set 10672 + rule: (has(self.chart) && !has(self.chartRef)) || (!has(self.chart) 10673 + && has(self.chartRef)) 10674 + status: 10675 + default: 10676 + observedGeneration: -1 10677 + description: HelmReleaseStatus defines the observed state of a HelmRelease. 10678 + properties: 10679 + conditions: 10680 + description: Conditions holds the conditions for the HelmRelease. 10681 + items: 10682 + description: Condition contains details for one aspect of the current 10683 + state of this API Resource. 10684 + properties: 10685 + lastTransitionTime: 10686 + description: |- 10687 + lastTransitionTime is the last time the condition transitioned from one status to another. 10688 + This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. 10689 + format: date-time 10690 + type: string 10691 + message: 10692 + description: |- 10693 + message is a human readable message indicating details about the transition. 10694 + This may be an empty string. 10695 + maxLength: 32768 10696 + type: string 10697 + observedGeneration: 10698 + description: |- 10699 + observedGeneration represents the .metadata.generation that the condition was set based upon. 10700 + For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date 10701 + with respect to the current state of the instance. 10702 + format: int64 10703 + minimum: 0 10704 + type: integer 10705 + reason: 10706 + description: |- 10707 + reason contains a programmatic identifier indicating the reason for the condition's last transition. 10708 + Producers of specific condition types may define expected values and meanings for this field, 10709 + and whether the values are considered a guaranteed API. 10710 + The value should be a CamelCase string. 10711 + This field may not be empty. 10712 + maxLength: 1024 10713 + minLength: 1 10714 + pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ 10715 + type: string 10716 + status: 10717 + description: status of the condition, one of True, False, Unknown. 10718 + enum: 10719 + - "True" 10720 + - "False" 10721 + - Unknown 10722 + type: string 10723 + type: 10724 + description: type of condition in CamelCase or in foo.example.com/CamelCase. 10725 + maxLength: 316 10726 + pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ 10727 + type: string 10728 + required: 10729 + - lastTransitionTime 10730 + - message 10731 + - reason 10732 + - status 10733 + - type 10734 + type: object 10735 + type: array 10736 + failures: 10737 + description: |- 10738 + Failures is the reconciliation failure count against the latest desired 10739 + state. It is reset after a successful reconciliation. 10740 + format: int64 10741 + type: integer 10742 + helmChart: 10743 + description: |- 10744 + HelmChart is the namespaced name of the HelmChart resource created by 10745 + the controller for the HelmRelease. 10746 + type: string 10747 + history: 10748 + description: |- 10749 + History holds the history of Helm releases performed for this HelmRelease 10750 + up to the last successfully completed release. 10751 + items: 10752 + description: |- 10753 + Snapshot captures a point-in-time copy of the status information for a Helm release, 10754 + as managed by the controller. 10755 + properties: 10756 + apiVersion: 10757 + description: |- 10758 + APIVersion is the API version of the Snapshot. 10759 + Provisional: when the calculation method of the Digest field is changed, 10760 + this field will be used to distinguish between the old and new methods. 10761 + type: string 10762 + appVersion: 10763 + description: AppVersion is the chart app version of the release 10764 + object in storage. 10765 + type: string 10766 + chartName: 10767 + description: ChartName is the chart name of the release object 10768 + in storage. 10769 + type: string 10770 + chartVersion: 10771 + description: |- 10772 + ChartVersion is the chart version of the release object in 10773 + storage. 10774 + type: string 10775 + configDigest: 10776 + description: |- 10777 + ConfigDigest is the checksum of the config (better known as 10778 + "values") of the release object in storage. 10779 + It has the format of `<algo>:<checksum>`. 10780 + type: string 10781 + deleted: 10782 + description: Deleted is when the release was deleted. 10783 + format: date-time 10784 + type: string 10785 + digest: 10786 + description: |- 10787 + Digest is the checksum of the release object in storage. 10788 + It has the format of `<algo>:<checksum>`. 10789 + type: string 10790 + firstDeployed: 10791 + description: FirstDeployed is when the release was first deployed. 10792 + format: date-time 10793 + type: string 10794 + lastDeployed: 10795 + description: LastDeployed is when the release was last deployed. 10796 + format: date-time 10797 + type: string 10798 + name: 10799 + description: Name is the name of the release. 10800 + type: string 10801 + namespace: 10802 + description: Namespace is the namespace the release is deployed 10803 + to. 10804 + type: string 10805 + ociDigest: 10806 + description: OCIDigest is the digest of the OCI artifact associated 10807 + with the release. 10808 + type: string 10809 + status: 10810 + description: Status is the current state of the release. 10811 + type: string 10812 + testHooks: 10813 + additionalProperties: 10814 + description: |- 10815 + TestHookStatus holds the status information for a test hook as observed 10816 + to be run by the controller. 10817 + properties: 10818 + lastCompleted: 10819 + description: LastCompleted is the time the test hook last 10820 + completed. 10821 + format: date-time 10822 + type: string 10823 + lastStarted: 10824 + description: LastStarted is the time the test hook was 10825 + last started. 10826 + format: date-time 10827 + type: string 10828 + phase: 10829 + description: Phase the test hook was observed to be in. 10830 + type: string 10831 + type: object 10832 + description: |- 10833 + TestHooks is the list of test hooks for the release as observed to be 10834 + run by the controller. 10835 + type: object 10836 + version: 10837 + description: Version is the version of the release object in 10838 + storage. 10839 + type: integer 10840 + required: 10841 + - chartName 10842 + - chartVersion 10843 + - configDigest 10844 + - digest 10845 + - firstDeployed 10846 + - lastDeployed 10847 + - name 10848 + - namespace 10849 + - status 10850 + - version 10851 + type: object 10852 + type: array 10853 + installFailures: 10854 + description: |- 10855 + InstallFailures is the install failure count against the latest desired 10856 + state. It is reset after a successful reconciliation. 10857 + format: int64 10858 + type: integer 10859 + lastAppliedRevision: 10860 + description: |- 10861 + LastAppliedRevision is the revision of the last successfully applied 10862 + source. 10863 + Deprecated: the revision can now be found in the History. 10864 + type: string 10865 + lastAttemptedConfigDigest: 10866 + description: |- 10867 + LastAttemptedConfigDigest is the digest for the config (better known as 10868 + "values") of the last reconciliation attempt. 10869 + type: string 10870 + lastAttemptedGeneration: 10871 + description: |- 10872 + LastAttemptedGeneration is the last generation the controller attempted 10873 + to reconcile. 10874 + format: int64 10875 + type: integer 10876 + lastAttemptedReleaseAction: 10877 + description: |- 10878 + LastAttemptedReleaseAction is the last release action performed for this 10879 + HelmRelease. It is used to determine the active remediation strategy. 10880 + enum: 10881 + - install 10882 + - upgrade 10883 + type: string 10884 + lastAttemptedRevision: 10885 + description: |- 10886 + LastAttemptedRevision is the Source revision of the last reconciliation 10887 + attempt. For OCIRepository sources, the 12 first characters of the digest are 10888 + appended to the chart version e.g. "1.2.3+1234567890ab". 10889 + type: string 10890 + lastAttemptedRevisionDigest: 10891 + description: |- 10892 + LastAttemptedRevisionDigest is the digest of the last reconciliation attempt. 10893 + This is only set for OCIRepository sources. 10894 + type: string 10895 + lastAttemptedValuesChecksum: 10896 + description: |- 10897 + LastAttemptedValuesChecksum is the SHA1 checksum for the values of the last 10898 + reconciliation attempt. 10899 + Deprecated: Use LastAttemptedConfigDigest instead. 10900 + type: string 10901 + lastHandledForceAt: 10902 + description: |- 10903 + LastHandledForceAt holds the value of the most recent force request 10904 + value, so a change of the annotation value can be detected. 10905 + type: string 10906 + lastHandledReconcileAt: 10907 + description: |- 10908 + LastHandledReconcileAt holds the value of the most recent 10909 + reconcile request value, so a change of the annotation value 10910 + can be detected. 10911 + type: string 10912 + lastHandledResetAt: 10913 + description: |- 10914 + LastHandledResetAt holds the value of the most recent reset request 10915 + value, so a change of the annotation value can be detected. 10916 + type: string 10917 + lastReleaseRevision: 10918 + description: |- 10919 + LastReleaseRevision is the revision of the last successful Helm release. 10920 + Deprecated: Use History instead. 10921 + type: integer 10922 + observedGeneration: 10923 + description: ObservedGeneration is the last observed generation. 10924 + format: int64 10925 + type: integer 10926 + observedPostRenderersDigest: 10927 + description: |- 10928 + ObservedPostRenderersDigest is the digest for the post-renderers of 10929 + the last successful reconciliation attempt. 10930 + type: string 10931 + storageNamespace: 10932 + description: |- 10933 + StorageNamespace is the namespace of the Helm release storage for the 10934 + current release. 10935 + maxLength: 63 10936 + minLength: 1 10937 + type: string 10938 + upgradeFailures: 10939 + description: |- 10940 + UpgradeFailures is the upgrade failure count against the latest desired 10941 + state. It is reset after a successful reconciliation. 10942 + format: int64 10943 + type: integer 10944 + type: object 10945 + type: object 10946 + served: true 10947 + storage: false 10948 + subresources: 10949 + status: {} 10950 + --- 10951 + apiVersion: v1 10952 + kind: ServiceAccount 10953 + metadata: 10954 + labels: 10955 + app.kubernetes.io/component: helm-controller 10956 + app.kubernetes.io/instance: flux-system 10957 + app.kubernetes.io/part-of: flux 10958 + app.kubernetes.io/version: v2.6.4 10959 + name: helm-controller 10960 + namespace: flux-system 10961 + --- 10962 + apiVersion: apps/v1 10963 + kind: Deployment 10964 + metadata: 10965 + labels: 10966 + app.kubernetes.io/component: helm-controller 10967 + app.kubernetes.io/instance: flux-system 10968 + app.kubernetes.io/part-of: flux 10969 + app.kubernetes.io/version: v2.6.4 10970 + control-plane: controller 10971 + name: helm-controller 10972 + namespace: flux-system 10973 + spec: 10974 + replicas: 1 10975 + selector: 10976 + matchLabels: 10977 + app: helm-controller 10978 + template: 10979 + metadata: 10980 + annotations: 10981 + prometheus.io/port: "8080" 10982 + prometheus.io/scrape: "true" 10983 + labels: 10984 + app: helm-controller 10985 + spec: 10986 + containers: 10987 + - args: 10988 + - --events-addr=http://notification-controller.flux-system.svc.cluster.local./ 10989 + - --watch-all-namespaces=true 10990 + - --log-level=info 10991 + - --log-encoding=json 10992 + - --enable-leader-election 10993 + env: 10994 + - name: RUNTIME_NAMESPACE 10995 + valueFrom: 10996 + fieldRef: 10997 + fieldPath: metadata.namespace 10998 + - name: GOMAXPROCS 10999 + valueFrom: 11000 + resourceFieldRef: 11001 + containerName: manager 11002 + resource: limits.cpu 11003 + - name: GOMEMLIMIT 11004 + valueFrom: 11005 + resourceFieldRef: 11006 + containerName: manager 11007 + resource: limits.memory 11008 + image: ghcr.io/fluxcd/helm-controller:v1.3.0 11009 + imagePullPolicy: IfNotPresent 11010 + livenessProbe: 11011 + httpGet: 11012 + path: /healthz 11013 + port: healthz 11014 + name: manager 11015 + ports: 11016 + - containerPort: 8080 11017 + name: http-prom 11018 + protocol: TCP 11019 + - containerPort: 9440 11020 + name: healthz 11021 + protocol: TCP 11022 + readinessProbe: 11023 + httpGet: 11024 + path: /readyz 11025 + port: healthz 11026 + resources: 11027 + limits: 11028 + cpu: 1000m 11029 + memory: 1Gi 11030 + requests: 11031 + cpu: 100m 11032 + memory: 64Mi 11033 + securityContext: 11034 + allowPrivilegeEscalation: false 11035 + capabilities: 11036 + drop: 11037 + - ALL 11038 + readOnlyRootFilesystem: true 11039 + runAsNonRoot: true 11040 + seccompProfile: 11041 + type: RuntimeDefault 11042 + volumeMounts: 11043 + - mountPath: /tmp 11044 + name: temp 11045 + nodeSelector: 11046 + kubernetes.io/os: linux 11047 + priorityClassName: system-cluster-critical 11048 + securityContext: 11049 + fsGroup: 1337 11050 + serviceAccountName: helm-controller 11051 + terminationGracePeriodSeconds: 600 11052 + volumes: 11053 + - emptyDir: {} 11054 + name: temp 11055 + --- 11056 + apiVersion: apiextensions.k8s.io/v1 11057 + kind: CustomResourceDefinition 11058 + metadata: 11059 + annotations: 11060 + controller-gen.kubebuilder.io/version: v0.16.1 11061 + labels: 11062 + app.kubernetes.io/component: notification-controller 11063 + app.kubernetes.io/instance: flux-system 11064 + app.kubernetes.io/part-of: flux 11065 + app.kubernetes.io/version: v2.6.4 11066 + name: alerts.notification.toolkit.fluxcd.io 11067 + spec: 11068 + group: notification.toolkit.fluxcd.io 11069 + names: 11070 + kind: Alert 11071 + listKind: AlertList 11072 + plural: alerts 11073 + singular: alert 11074 + scope: Namespaced 11075 + versions: 11076 + - additionalPrinterColumns: 11077 + - jsonPath: .metadata.creationTimestamp 11078 + name: Age 11079 + type: date 11080 + - jsonPath: .status.conditions[?(@.type=="Ready")].status 11081 + name: Ready 11082 + type: string 11083 + - jsonPath: .status.conditions[?(@.type=="Ready")].message 11084 + name: Status 11085 + type: string 11086 + deprecated: true 11087 + deprecationWarning: v1beta1 Alert is deprecated, upgrade to v1beta3 11088 + name: v1beta1 11089 + schema: 11090 + openAPIV3Schema: 11091 + description: Alert is the Schema for the alerts API 11092 + properties: 11093 + apiVersion: 11094 + description: |- 11095 + APIVersion defines the versioned schema of this representation of an object. 11096 + Servers should convert recognized schemas to the latest internal value, and 11097 + may reject unrecognized values. 11098 + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources 11099 + type: string 11100 + kind: 11101 + description: |- 11102 + Kind is a string value representing the REST resource this object represents. 11103 + Servers may infer this from the endpoint the client submits requests to. 11104 + Cannot be updated. 11105 + In CamelCase. 11106 + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds 11107 + type: string 11108 + metadata: 11109 + type: object 11110 + spec: 11111 + description: AlertSpec defines an alerting rule for events involving a 11112 + list of objects 11113 + properties: 11114 + eventSeverity: 11115 + default: info 11116 + description: |- 11117 + Filter events based on severity, defaults to ('info'). 11118 + If set to 'info' no events will be filtered. 11119 + enum: 11120 + - info 11121 + - error 11122 + type: string 11123 + eventSources: 11124 + description: Filter events based on the involved objects. 11125 + items: 11126 + description: |- 11127 + CrossNamespaceObjectReference contains enough information to let you locate the 11128 + typed referenced object at cluster level 11129 + properties: 11130 + apiVersion: 11131 + description: API version of the referent 11132 + type: string 11133 + kind: 11134 + description: Kind of the referent 11135 + enum: 11136 + - Bucket 11137 + - GitRepository 11138 + - Kustomization 11139 + - HelmRelease 11140 + - HelmChart 11141 + - HelmRepository 11142 + - ImageRepository 11143 + - ImagePolicy 11144 + - ImageUpdateAutomation 11145 + - OCIRepository 11146 + type: string 11147 + matchLabels: 11148 + additionalProperties: 11149 + type: string 11150 + description: |- 11151 + MatchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels 11152 + map is equivalent to an element of matchExpressions, whose key field is "key", the 11153 + operator is "In", and the values array contains only "value". The requirements are ANDed. 11154 + type: object 11155 + name: 11156 + description: Name of the referent 11157 + maxLength: 53 11158 + minLength: 1 11159 + type: string 11160 + namespace: 11161 + description: Namespace of the referent 11162 + maxLength: 53 11163 + minLength: 1 11164 + type: string 11165 + required: 11166 + - kind 11167 + - name 11168 + type: object 11169 + type: array 11170 + exclusionList: 11171 + description: A list of Golang regular expressions to be used for excluding 11172 + messages. 11173 + items: 11174 + type: string 11175 + type: array 11176 + providerRef: 11177 + description: Send events using this provider. 11178 + properties: 11179 + name: 11180 + description: Name of the referent. 11181 + type: string 11182 + required: 11183 + - name 11184 + type: object 11185 + summary: 11186 + description: Short description of the impact and affected cluster. 11187 + type: string 11188 + suspend: 11189 + description: |- 11190 + This flag tells the controller to suspend subsequent events dispatching. 11191 + Defaults to false. 11192 + type: boolean 11193 + required: 11194 + - eventSources 11195 + - providerRef 11196 + type: object 11197 + status: 11198 + default: 11199 + observedGeneration: -1 11200 + description: AlertStatus defines the observed state of Alert 11201 + properties: 11202 + conditions: 11203 + items: 11204 + description: Condition contains details for one aspect of the current 11205 + state of this API Resource. 11206 + properties: 11207 + lastTransitionTime: 11208 + description: |- 11209 + lastTransitionTime is the last time the condition transitioned from one status to another. 11210 + This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. 11211 + format: date-time 11212 + type: string 11213 + message: 11214 + description: |- 11215 + message is a human readable message indicating details about the transition. 11216 + This may be an empty string. 11217 + maxLength: 32768 11218 + type: string 11219 + observedGeneration: 11220 + description: |- 11221 + observedGeneration represents the .metadata.generation that the condition was set based upon. 11222 + For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date 11223 + with respect to the current state of the instance. 11224 + format: int64 11225 + minimum: 0 11226 + type: integer 11227 + reason: 11228 + description: |- 11229 + reason contains a programmatic identifier indicating the reason for the condition's last transition. 11230 + Producers of specific condition types may define expected values and meanings for this field, 11231 + and whether the values are considered a guaranteed API. 11232 + The value should be a CamelCase string. 11233 + This field may not be empty. 11234 + maxLength: 1024 11235 + minLength: 1 11236 + pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ 11237 + type: string 11238 + status: 11239 + description: status of the condition, one of True, False, Unknown. 11240 + enum: 11241 + - "True" 11242 + - "False" 11243 + - Unknown 11244 + type: string 11245 + type: 11246 + description: type of condition in CamelCase or in foo.example.com/CamelCase. 11247 + maxLength: 316 11248 + pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ 11249 + type: string 11250 + required: 11251 + - lastTransitionTime 11252 + - message 11253 + - reason 11254 + - status 11255 + - type 11256 + type: object 11257 + type: array 11258 + observedGeneration: 11259 + description: ObservedGeneration is the last observed generation. 11260 + format: int64 11261 + type: integer 11262 + type: object 11263 + type: object 11264 + served: true 11265 + storage: false 11266 + subresources: 11267 + status: {} 11268 + - additionalPrinterColumns: 11269 + - jsonPath: .metadata.creationTimestamp 11270 + name: Age 11271 + type: date 11272 + - jsonPath: .status.conditions[?(@.type=="Ready")].status 11273 + name: Ready 11274 + type: string 11275 + - jsonPath: .status.conditions[?(@.type=="Ready")].message 11276 + name: Status 11277 + type: string 11278 + deprecated: true 11279 + deprecationWarning: v1beta2 Alert is deprecated, upgrade to v1beta3 11280 + name: v1beta2 11281 + schema: 11282 + openAPIV3Schema: 11283 + description: Alert is the Schema for the alerts API 11284 + properties: 11285 + apiVersion: 11286 + description: |- 11287 + APIVersion defines the versioned schema of this representation of an object. 11288 + Servers should convert recognized schemas to the latest internal value, and 11289 + may reject unrecognized values. 11290 + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources 11291 + type: string 11292 + kind: 11293 + description: |- 11294 + Kind is a string value representing the REST resource this object represents. 11295 + Servers may infer this from the endpoint the client submits requests to. 11296 + Cannot be updated. 11297 + In CamelCase. 11298 + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds 11299 + type: string 11300 + metadata: 11301 + type: object 11302 + spec: 11303 + description: AlertSpec defines an alerting rule for events involving a 11304 + list of objects. 11305 + properties: 11306 + eventMetadata: 11307 + additionalProperties: 11308 + type: string 11309 + description: |- 11310 + EventMetadata is an optional field for adding metadata to events dispatched by the 11311 + controller. This can be used for enhancing the context of the event. If a field 11312 + would override one already present on the original event as generated by the emitter, 11313 + then the override doesn't happen, i.e. the original value is preserved, and an info 11314 + log is printed. 11315 + type: object 11316 + eventSeverity: 11317 + default: info 11318 + description: |- 11319 + EventSeverity specifies how to filter events based on severity. 11320 + If set to 'info' no events will be filtered. 11321 + enum: 11322 + - info 11323 + - error 11324 + type: string 11325 + eventSources: 11326 + description: |- 11327 + EventSources specifies how to filter events based 11328 + on the involved object kind, name and namespace. 11329 + items: 11330 + description: |- 11331 + CrossNamespaceObjectReference contains enough information to let you locate the 11332 + typed referenced object at cluster level 11333 + properties: 11334 + apiVersion: 11335 + description: API version of the referent 11336 + type: string 11337 + kind: 11338 + description: Kind of the referent 11339 + enum: 11340 + - Bucket 11341 + - GitRepository 11342 + - Kustomization 11343 + - HelmRelease 11344 + - HelmChart 11345 + - HelmRepository 11346 + - ImageRepository 11347 + - ImagePolicy 11348 + - ImageUpdateAutomation 11349 + - OCIRepository 11350 + type: string 11351 + matchLabels: 11352 + additionalProperties: 11353 + type: string 11354 + description: |- 11355 + MatchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels 11356 + map is equivalent to an element of matchExpressions, whose key field is "key", the 11357 + operator is "In", and the values array contains only "value". The requirements are ANDed. 11358 + MatchLabels requires the name to be set to `*`. 11359 + type: object 11360 + name: 11361 + description: |- 11362 + Name of the referent 11363 + If multiple resources are targeted `*` may be set. 11364 + maxLength: 253 11365 + minLength: 1 11366 + type: string 11367 + namespace: 11368 + description: Namespace of the referent 11369 + maxLength: 253 11370 + minLength: 1 11371 + type: string 11372 + required: 11373 + - kind 11374 + - name 11375 + type: object 11376 + type: array 11377 + exclusionList: 11378 + description: |- 11379 + ExclusionList specifies a list of Golang regular expressions 11380 + to be used for excluding messages. 11381 + items: 11382 + type: string 11383 + type: array 11384 + inclusionList: 11385 + description: |- 11386 + InclusionList specifies a list of Golang regular expressions 11387 + to be used for including messages. 11388 + items: 11389 + type: string 11390 + type: array 11391 + providerRef: 11392 + description: ProviderRef specifies which Provider this Alert should 11393 + use. 11394 + properties: 11395 + name: 11396 + description: Name of the referent. 11397 + type: string 11398 + required: 11399 + - name 11400 + type: object 11401 + summary: 11402 + description: Summary holds a short description of the impact and affected 11403 + cluster. 11404 + maxLength: 255 11405 + type: string 11406 + suspend: 11407 + description: |- 11408 + Suspend tells the controller to suspend subsequent 11409 + events handling for this Alert. 11410 + type: boolean 11411 + required: 11412 + - eventSources 11413 + - providerRef 11414 + type: object 11415 + status: 11416 + default: 11417 + observedGeneration: -1 11418 + description: AlertStatus defines the observed state of the Alert. 11419 + properties: 11420 + conditions: 11421 + description: Conditions holds the conditions for the Alert. 11422 + items: 11423 + description: Condition contains details for one aspect of the current 11424 + state of this API Resource. 11425 + properties: 11426 + lastTransitionTime: 11427 + description: |- 11428 + lastTransitionTime is the last time the condition transitioned from one status to another. 11429 + This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. 11430 + format: date-time 11431 + type: string 11432 + message: 11433 + description: |- 11434 + message is a human readable message indicating details about the transition. 11435 + This may be an empty string. 11436 + maxLength: 32768 11437 + type: string 11438 + observedGeneration: 11439 + description: |- 11440 + observedGeneration represents the .metadata.generation that the condition was set based upon. 11441 + For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date 11442 + with respect to the current state of the instance. 11443 + format: int64 11444 + minimum: 0 11445 + type: integer 11446 + reason: 11447 + description: |- 11448 + reason contains a programmatic identifier indicating the reason for the condition's last transition. 11449 + Producers of specific condition types may define expected values and meanings for this field, 11450 + and whether the values are considered a guaranteed API. 11451 + The value should be a CamelCase string. 11452 + This field may not be empty. 11453 + maxLength: 1024 11454 + minLength: 1 11455 + pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ 11456 + type: string 11457 + status: 11458 + description: status of the condition, one of True, False, Unknown. 11459 + enum: 11460 + - "True" 11461 + - "False" 11462 + - Unknown 11463 + type: string 11464 + type: 11465 + description: type of condition in CamelCase or in foo.example.com/CamelCase. 11466 + maxLength: 316 11467 + pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ 11468 + type: string 11469 + required: 11470 + - lastTransitionTime 11471 + - message 11472 + - reason 11473 + - status 11474 + - type 11475 + type: object 11476 + type: array 11477 + lastHandledReconcileAt: 11478 + description: |- 11479 + LastHandledReconcileAt holds the value of the most recent 11480 + reconcile request value, so a change of the annotation value 11481 + can be detected. 11482 + type: string 11483 + observedGeneration: 11484 + description: ObservedGeneration is the last observed generation. 11485 + format: int64 11486 + type: integer 11487 + type: object 11488 + type: object 11489 + served: true 11490 + storage: false 11491 + subresources: 11492 + status: {} 11493 + - additionalPrinterColumns: 11494 + - jsonPath: .metadata.creationTimestamp 11495 + name: Age 11496 + type: date 11497 + name: v1beta3 11498 + schema: 11499 + openAPIV3Schema: 11500 + description: Alert is the Schema for the alerts API 11501 + properties: 11502 + apiVersion: 11503 + description: |- 11504 + APIVersion defines the versioned schema of this representation of an object. 11505 + Servers should convert recognized schemas to the latest internal value, and 11506 + may reject unrecognized values. 11507 + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources 11508 + type: string 11509 + kind: 11510 + description: |- 11511 + Kind is a string value representing the REST resource this object represents. 11512 + Servers may infer this from the endpoint the client submits requests to. 11513 + Cannot be updated. 11514 + In CamelCase. 11515 + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds 11516 + type: string 11517 + metadata: 11518 + type: object 11519 + spec: 11520 + description: AlertSpec defines an alerting rule for events involving a 11521 + list of objects. 11522 + properties: 11523 + eventMetadata: 11524 + additionalProperties: 11525 + type: string 11526 + description: |- 11527 + EventMetadata is an optional field for adding metadata to events dispatched by the 11528 + controller. This can be used for enhancing the context of the event. If a field 11529 + would override one already present on the original event as generated by the emitter, 11530 + then the override doesn't happen, i.e. the original value is preserved, and an info 11531 + log is printed. 11532 + type: object 11533 + eventSeverity: 11534 + default: info 11535 + description: |- 11536 + EventSeverity specifies how to filter events based on severity. 11537 + If set to 'info' no events will be filtered. 11538 + enum: 11539 + - info 11540 + - error 11541 + type: string 11542 + eventSources: 11543 + description: |- 11544 + EventSources specifies how to filter events based 11545 + on the involved object kind, name and namespace. 11546 + items: 11547 + description: |- 11548 + CrossNamespaceObjectReference contains enough information to let you locate the 11549 + typed referenced object at cluster level 11550 + properties: 11551 + apiVersion: 11552 + description: API version of the referent 11553 + type: string 11554 + kind: 11555 + description: Kind of the referent 11556 + enum: 11557 + - Bucket 11558 + - GitRepository 11559 + - Kustomization 11560 + - HelmRelease 11561 + - HelmChart 11562 + - HelmRepository 11563 + - ImageRepository 11564 + - ImagePolicy 11565 + - ImageUpdateAutomation 11566 + - OCIRepository 11567 + type: string 11568 + matchLabels: 11569 + additionalProperties: 11570 + type: string 11571 + description: |- 11572 + MatchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels 11573 + map is equivalent to an element of matchExpressions, whose key field is "key", the 11574 + operator is "In", and the values array contains only "value". The requirements are ANDed. 11575 + MatchLabels requires the name to be set to `*`. 11576 + type: object 11577 + name: 11578 + description: |- 11579 + Name of the referent 11580 + If multiple resources are targeted `*` may be set. 11581 + maxLength: 253 11582 + minLength: 1 11583 + type: string 11584 + namespace: 11585 + description: Namespace of the referent 11586 + maxLength: 253 11587 + minLength: 1 11588 + type: string 11589 + required: 11590 + - kind 11591 + - name 11592 + type: object 11593 + type: array 11594 + exclusionList: 11595 + description: |- 11596 + ExclusionList specifies a list of Golang regular expressions 11597 + to be used for excluding messages. 11598 + items: 11599 + type: string 11600 + type: array 11601 + inclusionList: 11602 + description: |- 11603 + InclusionList specifies a list of Golang regular expressions 11604 + to be used for including messages. 11605 + items: 11606 + type: string 11607 + type: array 11608 + providerRef: 11609 + description: ProviderRef specifies which Provider this Alert should 11610 + use. 11611 + properties: 11612 + name: 11613 + description: Name of the referent. 11614 + type: string 11615 + required: 11616 + - name 11617 + type: object 11618 + summary: 11619 + description: |- 11620 + Summary holds a short description of the impact and affected cluster. 11621 + Deprecated: Use EventMetadata instead. 11622 + maxLength: 255 11623 + type: string 11624 + suspend: 11625 + description: |- 11626 + Suspend tells the controller to suspend subsequent 11627 + events handling for this Alert. 11628 + type: boolean 11629 + required: 11630 + - eventSources 11631 + - providerRef 11632 + type: object 11633 + type: object 11634 + served: true 11635 + storage: true 11636 + subresources: {} 11637 + --- 11638 + apiVersion: apiextensions.k8s.io/v1 11639 + kind: CustomResourceDefinition 11640 + metadata: 11641 + annotations: 11642 + controller-gen.kubebuilder.io/version: v0.16.1 11643 + labels: 11644 + app.kubernetes.io/component: notification-controller 11645 + app.kubernetes.io/instance: flux-system 11646 + app.kubernetes.io/part-of: flux 11647 + app.kubernetes.io/version: v2.6.4 11648 + name: providers.notification.toolkit.fluxcd.io 11649 + spec: 11650 + group: notification.toolkit.fluxcd.io 11651 + names: 11652 + kind: Provider 11653 + listKind: ProviderList 11654 + plural: providers 11655 + singular: provider 11656 + scope: Namespaced 11657 + versions: 11658 + - additionalPrinterColumns: 11659 + - jsonPath: .metadata.creationTimestamp 11660 + name: Age 11661 + type: date 11662 + - jsonPath: .status.conditions[?(@.type=="Ready")].status 11663 + name: Ready 11664 + type: string 11665 + - jsonPath: .status.conditions[?(@.type=="Ready")].message 11666 + name: Status 11667 + type: string 11668 + deprecated: true 11669 + deprecationWarning: v1beta1 Provider is deprecated, upgrade to v1beta3 11670 + name: v1beta1 11671 + schema: 11672 + openAPIV3Schema: 11673 + description: Provider is the Schema for the providers API 11674 + properties: 11675 + apiVersion: 11676 + description: |- 11677 + APIVersion defines the versioned schema of this representation of an object. 11678 + Servers should convert recognized schemas to the latest internal value, and 11679 + may reject unrecognized values. 11680 + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources 11681 + type: string 11682 + kind: 11683 + description: |- 11684 + Kind is a string value representing the REST resource this object represents. 11685 + Servers may infer this from the endpoint the client submits requests to. 11686 + Cannot be updated. 11687 + In CamelCase. 11688 + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds 11689 + type: string 11690 + metadata: 11691 + type: object 11692 + spec: 11693 + description: ProviderSpec defines the desired state of Provider 11694 + properties: 11695 + address: 11696 + description: HTTP/S webhook address of this provider 11697 + pattern: ^(http|https):// 11698 + type: string 11699 + certSecretRef: 11700 + description: |- 11701 + CertSecretRef can be given the name of a secret containing 11702 + a PEM-encoded CA certificate (`caFile`) 11703 + properties: 11704 + name: 11705 + description: Name of the referent. 11706 + type: string 11707 + required: 11708 + - name 11709 + type: object 11710 + channel: 11711 + description: Alert channel for this provider 11712 + type: string 11713 + proxy: 11714 + description: HTTP/S address of the proxy 11715 + pattern: ^(http|https):// 11716 + type: string 11717 + secretRef: 11718 + description: |- 11719 + Secret reference containing the provider webhook URL 11720 + using "address" as data key 11721 + properties: 11722 + name: 11723 + description: Name of the referent. 11724 + type: string 11725 + required: 11726 + - name 11727 + type: object 11728 + suspend: 11729 + description: |- 11730 + This flag tells the controller to suspend subsequent events handling. 11731 + Defaults to false. 11732 + type: boolean 11733 + timeout: 11734 + description: Timeout for sending alerts to the provider. 11735 + pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m))+$ 11736 + type: string 11737 + type: 11738 + description: Type of provider 11739 + enum: 11740 + - slack 11741 + - discord 11742 + - msteams 11743 + - rocket 11744 + - generic 11745 + - generic-hmac 11746 + - github 11747 + - gitlab 11748 + - bitbucket 11749 + - azuredevops 11750 + - googlechat 11751 + - webex 11752 + - sentry 11753 + - azureeventhub 11754 + - telegram 11755 + - lark 11756 + - matrix 11757 + - opsgenie 11758 + - alertmanager 11759 + - grafana 11760 + - githubdispatch 11761 + type: string 11762 + username: 11763 + description: Bot username for this provider 11764 + type: string 11765 + required: 11766 + - type 11767 + type: object 11768 + status: 11769 + default: 11770 + observedGeneration: -1 11771 + description: ProviderStatus defines the observed state of Provider 11772 + properties: 11773 + conditions: 11774 + items: 11775 + description: Condition contains details for one aspect of the current 11776 + state of this API Resource. 11777 + properties: 11778 + lastTransitionTime: 11779 + description: |- 11780 + lastTransitionTime is the last time the condition transitioned from one status to another. 11781 + This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. 11782 + format: date-time 11783 + type: string 11784 + message: 11785 + description: |- 11786 + message is a human readable message indicating details about the transition. 11787 + This may be an empty string. 11788 + maxLength: 32768 11789 + type: string 11790 + observedGeneration: 11791 + description: |- 11792 + observedGeneration represents the .metadata.generation that the condition was set based upon. 11793 + For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date 11794 + with respect to the current state of the instance. 11795 + format: int64 11796 + minimum: 0 11797 + type: integer 11798 + reason: 11799 + description: |- 11800 + reason contains a programmatic identifier indicating the reason for the condition's last transition. 11801 + Producers of specific condition types may define expected values and meanings for this field, 11802 + and whether the values are considered a guaranteed API. 11803 + The value should be a CamelCase string. 11804 + This field may not be empty. 11805 + maxLength: 1024 11806 + minLength: 1 11807 + pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ 11808 + type: string 11809 + status: 11810 + description: status of the condition, one of True, False, Unknown. 11811 + enum: 11812 + - "True" 11813 + - "False" 11814 + - Unknown 11815 + type: string 11816 + type: 11817 + description: type of condition in CamelCase or in foo.example.com/CamelCase. 11818 + maxLength: 316 11819 + pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ 11820 + type: string 11821 + required: 11822 + - lastTransitionTime 11823 + - message 11824 + - reason 11825 + - status 11826 + - type 11827 + type: object 11828 + type: array 11829 + observedGeneration: 11830 + description: ObservedGeneration is the last reconciled generation. 11831 + format: int64 11832 + type: integer 11833 + type: object 11834 + type: object 11835 + served: true 11836 + storage: false 11837 + subresources: 11838 + status: {} 11839 + - additionalPrinterColumns: 11840 + - jsonPath: .metadata.creationTimestamp 11841 + name: Age 11842 + type: date 11843 + - jsonPath: .status.conditions[?(@.type=="Ready")].status 11844 + name: Ready 11845 + type: string 11846 + - jsonPath: .status.conditions[?(@.type=="Ready")].message 11847 + name: Status 11848 + type: string 11849 + deprecated: true 11850 + deprecationWarning: v1beta2 Provider is deprecated, upgrade to v1beta3 11851 + name: v1beta2 11852 + schema: 11853 + openAPIV3Schema: 11854 + description: Provider is the Schema for the providers API. 11855 + properties: 11856 + apiVersion: 11857 + description: |- 11858 + APIVersion defines the versioned schema of this representation of an object. 11859 + Servers should convert recognized schemas to the latest internal value, and 11860 + may reject unrecognized values. 11861 + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources 11862 + type: string 11863 + kind: 11864 + description: |- 11865 + Kind is a string value representing the REST resource this object represents. 11866 + Servers may infer this from the endpoint the client submits requests to. 11867 + Cannot be updated. 11868 + In CamelCase. 11869 + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds 11870 + type: string 11871 + metadata: 11872 + type: object 11873 + spec: 11874 + description: ProviderSpec defines the desired state of the Provider. 11875 + properties: 11876 + address: 11877 + description: |- 11878 + Address specifies the endpoint, in a generic sense, to where alerts are sent. 11879 + What kind of endpoint depends on the specific Provider type being used. 11880 + For the generic Provider, for example, this is an HTTP/S address. 11881 + For other Provider types this could be a project ID or a namespace. 11882 + maxLength: 2048 11883 + type: string 11884 + certSecretRef: 11885 + description: |- 11886 + CertSecretRef specifies the Secret containing 11887 + a PEM-encoded CA certificate (in the `ca.crt` key). 11888 + 11889 + Note: Support for the `caFile` key has 11890 + been deprecated. 11891 + properties: 11892 + name: 11893 + description: Name of the referent. 11894 + type: string 11895 + required: 11896 + - name 11897 + type: object 11898 + channel: 11899 + description: Channel specifies the destination channel where events 11900 + should be posted. 11901 + maxLength: 2048 11902 + type: string 11903 + interval: 11904 + description: Interval at which to reconcile the Provider with its 11905 + Secret references. 11906 + pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$ 11907 + type: string 11908 + proxy: 11909 + description: Proxy the HTTP/S address of the proxy server. 11910 + maxLength: 2048 11911 + pattern: ^(http|https)://.*$ 11912 + type: string 11913 + secretRef: 11914 + description: |- 11915 + SecretRef specifies the Secret containing the authentication 11916 + credentials for this Provider. 11917 + properties: 11918 + name: 11919 + description: Name of the referent. 11920 + type: string 11921 + required: 11922 + - name 11923 + type: object 11924 + suspend: 11925 + description: |- 11926 + Suspend tells the controller to suspend subsequent 11927 + events handling for this Provider. 11928 + type: boolean 11929 + timeout: 11930 + description: Timeout for sending alerts to the Provider. 11931 + pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m))+$ 11932 + type: string 11933 + type: 11934 + description: Type specifies which Provider implementation to use. 11935 + enum: 11936 + - slack 11937 + - discord 11938 + - msteams 11939 + - rocket 11940 + - generic 11941 + - generic-hmac 11942 + - github 11943 + - gitlab 11944 + - gitea 11945 + - bitbucketserver 11946 + - bitbucket 11947 + - azuredevops 11948 + - googlechat 11949 + - googlepubsub 11950 + - webex 11951 + - sentry 11952 + - azureeventhub 11953 + - telegram 11954 + - lark 11955 + - matrix 11956 + - opsgenie 11957 + - alertmanager 11958 + - grafana 11959 + - githubdispatch 11960 + - pagerduty 11961 + - datadog 11962 + type: string 11963 + username: 11964 + description: Username specifies the name under which events are posted. 11965 + maxLength: 2048 11966 + type: string 11967 + required: 11968 + - type 11969 + type: object 11970 + status: 11971 + default: 11972 + observedGeneration: -1 11973 + description: ProviderStatus defines the observed state of the Provider. 11974 + properties: 11975 + conditions: 11976 + description: Conditions holds the conditions for the Provider. 11977 + items: 11978 + description: Condition contains details for one aspect of the current 11979 + state of this API Resource. 11980 + properties: 11981 + lastTransitionTime: 11982 + description: |- 11983 + lastTransitionTime is the last time the condition transitioned from one status to another. 11984 + This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. 11985 + format: date-time 11986 + type: string 11987 + message: 11988 + description: |- 11989 + message is a human readable message indicating details about the transition. 11990 + This may be an empty string. 11991 + maxLength: 32768 11992 + type: string 11993 + observedGeneration: 11994 + description: |- 11995 + observedGeneration represents the .metadata.generation that the condition was set based upon. 11996 + For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date 11997 + with respect to the current state of the instance. 11998 + format: int64 11999 + minimum: 0 12000 + type: integer 12001 + reason: 12002 + description: |- 12003 + reason contains a programmatic identifier indicating the reason for the condition's last transition. 12004 + Producers of specific condition types may define expected values and meanings for this field, 12005 + and whether the values are considered a guaranteed API. 12006 + The value should be a CamelCase string. 12007 + This field may not be empty. 12008 + maxLength: 1024 12009 + minLength: 1 12010 + pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ 12011 + type: string 12012 + status: 12013 + description: status of the condition, one of True, False, Unknown. 12014 + enum: 12015 + - "True" 12016 + - "False" 12017 + - Unknown 12018 + type: string 12019 + type: 12020 + description: type of condition in CamelCase or in foo.example.com/CamelCase. 12021 + maxLength: 316 12022 + pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ 12023 + type: string 12024 + required: 12025 + - lastTransitionTime 12026 + - message 12027 + - reason 12028 + - status 12029 + - type 12030 + type: object 12031 + type: array 12032 + lastHandledReconcileAt: 12033 + description: |- 12034 + LastHandledReconcileAt holds the value of the most recent 12035 + reconcile request value, so a change of the annotation value 12036 + can be detected. 12037 + type: string 12038 + observedGeneration: 12039 + description: ObservedGeneration is the last reconciled generation. 12040 + format: int64 12041 + type: integer 12042 + type: object 12043 + type: object 12044 + served: true 12045 + storage: false 12046 + subresources: 12047 + status: {} 12048 + - additionalPrinterColumns: 12049 + - jsonPath: .metadata.creationTimestamp 12050 + name: Age 12051 + type: date 12052 + name: v1beta3 12053 + schema: 12054 + openAPIV3Schema: 12055 + description: Provider is the Schema for the providers API 12056 + properties: 12057 + apiVersion: 12058 + description: |- 12059 + APIVersion defines the versioned schema of this representation of an object. 12060 + Servers should convert recognized schemas to the latest internal value, and 12061 + may reject unrecognized values. 12062 + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources 12063 + type: string 12064 + kind: 12065 + description: |- 12066 + Kind is a string value representing the REST resource this object represents. 12067 + Servers may infer this from the endpoint the client submits requests to. 12068 + Cannot be updated. 12069 + In CamelCase. 12070 + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds 12071 + type: string 12072 + metadata: 12073 + type: object 12074 + spec: 12075 + description: ProviderSpec defines the desired state of the Provider. 12076 + properties: 12077 + address: 12078 + description: |- 12079 + Address specifies the endpoint, in a generic sense, to where alerts are sent. 12080 + What kind of endpoint depends on the specific Provider type being used. 12081 + For the generic Provider, for example, this is an HTTP/S address. 12082 + For other Provider types this could be a project ID or a namespace. 12083 + maxLength: 2048 12084 + type: string 12085 + certSecretRef: 12086 + description: |- 12087 + CertSecretRef specifies the Secret containing 12088 + a PEM-encoded CA certificate (in the `ca.crt` key). 12089 + 12090 + Note: Support for the `caFile` key has 12091 + been deprecated. 12092 + properties: 12093 + name: 12094 + description: Name of the referent. 12095 + type: string 12096 + required: 12097 + - name 12098 + type: object 12099 + channel: 12100 + description: Channel specifies the destination channel where events 12101 + should be posted. 12102 + maxLength: 2048 12103 + type: string 12104 + commitStatusExpr: 12105 + description: |- 12106 + CommitStatusExpr is a CEL expression that evaluates to a string value 12107 + that can be used to generate a custom commit status message for use 12108 + with eligible Provider types (github, gitlab, gitea, bitbucketserver, 12109 + bitbucket, azuredevops). Supported variables are: event, provider, 12110 + and alert. 12111 + type: string 12112 + interval: 12113 + description: |- 12114 + Interval at which to reconcile the Provider with its Secret references. 12115 + Deprecated and not used in v1beta3. 12116 + pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$ 12117 + type: string 12118 + proxy: 12119 + description: Proxy the HTTP/S address of the proxy server. 12120 + maxLength: 2048 12121 + pattern: ^(http|https)://.*$ 12122 + type: string 12123 + secretRef: 12124 + description: |- 12125 + SecretRef specifies the Secret containing the authentication 12126 + credentials for this Provider. 12127 + properties: 12128 + name: 12129 + description: Name of the referent. 12130 + type: string 12131 + required: 12132 + - name 12133 + type: object 12134 + serviceAccountName: 12135 + description: |- 12136 + ServiceAccountName is the name of the service account used to 12137 + authenticate with services from cloud providers. An error is thrown if a 12138 + static credential is also defined inside the Secret referenced by the 12139 + SecretRef. 12140 + type: string 12141 + suspend: 12142 + description: |- 12143 + Suspend tells the controller to suspend subsequent 12144 + events handling for this Provider. 12145 + type: boolean 12146 + timeout: 12147 + description: Timeout for sending alerts to the Provider. 12148 + pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m))+$ 12149 + type: string 12150 + type: 12151 + description: Type specifies which Provider implementation to use. 12152 + enum: 12153 + - slack 12154 + - discord 12155 + - msteams 12156 + - rocket 12157 + - generic 12158 + - generic-hmac 12159 + - github 12160 + - gitlab 12161 + - gitea 12162 + - bitbucketserver 12163 + - bitbucket 12164 + - azuredevops 12165 + - googlechat 12166 + - googlepubsub 12167 + - webex 12168 + - sentry 12169 + - azureeventhub 12170 + - telegram 12171 + - lark 12172 + - matrix 12173 + - opsgenie 12174 + - alertmanager 12175 + - grafana 12176 + - githubdispatch 12177 + - pagerduty 12178 + - datadog 12179 + - nats 12180 + type: string 12181 + username: 12182 + description: Username specifies the name under which events are posted. 12183 + maxLength: 2048 12184 + type: string 12185 + required: 12186 + - type 12187 + type: object 12188 + x-kubernetes-validations: 12189 + - message: spec.commitStatusExpr is only supported for the 'github', 'gitlab', 12190 + 'gitea', 'bitbucketserver', 'bitbucket', 'azuredevops' provider types 12191 + rule: self.type == 'github' || self.type == 'gitlab' || self.type == 12192 + 'gitea' || self.type == 'bitbucketserver' || self.type == 'bitbucket' 12193 + || self.type == 'azuredevops' || !has(self.commitStatusExpr) 12194 + type: object 12195 + served: true 12196 + storage: true 12197 + subresources: {} 12198 + --- 12199 + apiVersion: apiextensions.k8s.io/v1 12200 + kind: CustomResourceDefinition 12201 + metadata: 12202 + annotations: 12203 + controller-gen.kubebuilder.io/version: v0.16.1 12204 + labels: 12205 + app.kubernetes.io/component: notification-controller 12206 + app.kubernetes.io/instance: flux-system 12207 + app.kubernetes.io/part-of: flux 12208 + app.kubernetes.io/version: v2.6.4 12209 + name: receivers.notification.toolkit.fluxcd.io 12210 + spec: 12211 + group: notification.toolkit.fluxcd.io 12212 + names: 12213 + kind: Receiver 12214 + listKind: ReceiverList 12215 + plural: receivers 12216 + singular: receiver 12217 + scope: Namespaced 12218 + versions: 12219 + - additionalPrinterColumns: 12220 + - jsonPath: .metadata.creationTimestamp 12221 + name: Age 12222 + type: date 12223 + - jsonPath: .status.conditions[?(@.type=="Ready")].status 12224 + name: Ready 12225 + type: string 12226 + - jsonPath: .status.conditions[?(@.type=="Ready")].message 12227 + name: Status 12228 + type: string 12229 + name: v1 12230 + schema: 12231 + openAPIV3Schema: 12232 + description: Receiver is the Schema for the receivers API. 12233 + properties: 12234 + apiVersion: 12235 + description: |- 12236 + APIVersion defines the versioned schema of this representation of an object. 12237 + Servers should convert recognized schemas to the latest internal value, and 12238 + may reject unrecognized values. 12239 + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources 12240 + type: string 12241 + kind: 12242 + description: |- 12243 + Kind is a string value representing the REST resource this object represents. 12244 + Servers may infer this from the endpoint the client submits requests to. 12245 + Cannot be updated. 12246 + In CamelCase. 12247 + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds 12248 + type: string 12249 + metadata: 12250 + type: object 12251 + spec: 12252 + description: ReceiverSpec defines the desired state of the Receiver. 12253 + properties: 12254 + events: 12255 + description: |- 12256 + Events specifies the list of event types to handle, 12257 + e.g. 'push' for GitHub or 'Push Hook' for GitLab. 12258 + items: 12259 + type: string 12260 + type: array 12261 + interval: 12262 + default: 10m 12263 + description: Interval at which to reconcile the Receiver with its 12264 + Secret references. 12265 + pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$ 12266 + type: string 12267 + resourceFilter: 12268 + description: |- 12269 + ResourceFilter is a CEL expression expected to return a boolean that is 12270 + evaluated for each resource referenced in the Resources field when a 12271 + webhook is received. If the expression returns false then the controller 12272 + will not request a reconciliation for the resource. 12273 + When the expression is specified the controller will parse it and mark 12274 + the object as terminally failed if the expression is invalid or does not 12275 + return a boolean. 12276 + type: string 12277 + resources: 12278 + description: A list of resources to be notified about changes. 12279 + items: 12280 + description: |- 12281 + CrossNamespaceObjectReference contains enough information to let you locate the 12282 + typed referenced object at cluster level 12283 + properties: 12284 + apiVersion: 12285 + description: API version of the referent 12286 + type: string 12287 + kind: 12288 + description: Kind of the referent 12289 + enum: 12290 + - Bucket 12291 + - GitRepository 12292 + - Kustomization 12293 + - HelmRelease 12294 + - HelmChart 12295 + - HelmRepository 12296 + - ImageRepository 12297 + - ImagePolicy 12298 + - ImageUpdateAutomation 12299 + - OCIRepository 12300 + type: string 12301 + matchLabels: 12302 + additionalProperties: 12303 + type: string 12304 + description: |- 12305 + MatchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels 12306 + map is equivalent to an element of matchExpressions, whose key field is "key", the 12307 + operator is "In", and the values array contains only "value". The requirements are ANDed. 12308 + MatchLabels requires the name to be set to `*`. 12309 + type: object 12310 + name: 12311 + description: |- 12312 + Name of the referent 12313 + If multiple resources are targeted `*` may be set. 12314 + maxLength: 253 12315 + minLength: 1 12316 + type: string 12317 + namespace: 12318 + description: Namespace of the referent 12319 + maxLength: 253 12320 + minLength: 1 12321 + type: string 12322 + required: 12323 + - kind 12324 + - name 12325 + type: object 12326 + type: array 12327 + secretRef: 12328 + description: |- 12329 + SecretRef specifies the Secret containing the token used 12330 + to validate the payload authenticity. 12331 + properties: 12332 + name: 12333 + description: Name of the referent. 12334 + type: string 12335 + required: 12336 + - name 12337 + type: object 12338 + suspend: 12339 + description: |- 12340 + Suspend tells the controller to suspend subsequent 12341 + events handling for this receiver. 12342 + type: boolean 12343 + type: 12344 + description: |- 12345 + Type of webhook sender, used to determine 12346 + the validation procedure and payload deserialization. 12347 + enum: 12348 + - generic 12349 + - generic-hmac 12350 + - github 12351 + - gitlab 12352 + - bitbucket 12353 + - harbor 12354 + - dockerhub 12355 + - quay 12356 + - gcr 12357 + - nexus 12358 + - acr 12359 + - cdevents 12360 + type: string 12361 + required: 12362 + - resources 12363 + - secretRef 12364 + - type 12365 + type: object 12366 + status: 12367 + default: 12368 + observedGeneration: -1 12369 + description: ReceiverStatus defines the observed state of the Receiver. 12370 + properties: 12371 + conditions: 12372 + description: Conditions holds the conditions for the Receiver. 12373 + items: 12374 + description: Condition contains details for one aspect of the current 12375 + state of this API Resource. 12376 + properties: 12377 + lastTransitionTime: 12378 + description: |- 12379 + lastTransitionTime is the last time the condition transitioned from one status to another. 12380 + This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. 12381 + format: date-time 12382 + type: string 12383 + message: 12384 + description: |- 12385 + message is a human readable message indicating details about the transition. 12386 + This may be an empty string. 12387 + maxLength: 32768 12388 + type: string 12389 + observedGeneration: 12390 + description: |- 12391 + observedGeneration represents the .metadata.generation that the condition was set based upon. 12392 + For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date 12393 + with respect to the current state of the instance. 12394 + format: int64 12395 + minimum: 0 12396 + type: integer 12397 + reason: 12398 + description: |- 12399 + reason contains a programmatic identifier indicating the reason for the condition's last transition. 12400 + Producers of specific condition types may define expected values and meanings for this field, 12401 + and whether the values are considered a guaranteed API. 12402 + The value should be a CamelCase string. 12403 + This field may not be empty. 12404 + maxLength: 1024 12405 + minLength: 1 12406 + pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ 12407 + type: string 12408 + status: 12409 + description: status of the condition, one of True, False, Unknown. 12410 + enum: 12411 + - "True" 12412 + - "False" 12413 + - Unknown 12414 + type: string 12415 + type: 12416 + description: type of condition in CamelCase or in foo.example.com/CamelCase. 12417 + maxLength: 316 12418 + pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ 12419 + type: string 12420 + required: 12421 + - lastTransitionTime 12422 + - message 12423 + - reason 12424 + - status 12425 + - type 12426 + type: object 12427 + type: array 12428 + lastHandledReconcileAt: 12429 + description: |- 12430 + LastHandledReconcileAt holds the value of the most recent 12431 + reconcile request value, so a change of the annotation value 12432 + can be detected. 12433 + type: string 12434 + observedGeneration: 12435 + description: ObservedGeneration is the last observed generation of 12436 + the Receiver object. 12437 + format: int64 12438 + type: integer 12439 + webhookPath: 12440 + description: |- 12441 + WebhookPath is the generated incoming webhook address in the format 12442 + of '/hook/sha256sum(token+name+namespace)'. 12443 + type: string 12444 + type: object 12445 + type: object 12446 + served: true 12447 + storage: true 12448 + subresources: 12449 + status: {} 12450 + - additionalPrinterColumns: 12451 + - jsonPath: .metadata.creationTimestamp 12452 + name: Age 12453 + type: date 12454 + - jsonPath: .status.conditions[?(@.type=="Ready")].status 12455 + name: Ready 12456 + type: string 12457 + - jsonPath: .status.conditions[?(@.type=="Ready")].message 12458 + name: Status 12459 + type: string 12460 + deprecated: true 12461 + deprecationWarning: v1beta1 Receiver is deprecated, upgrade to v1 12462 + name: v1beta1 12463 + schema: 12464 + openAPIV3Schema: 12465 + description: Receiver is the Schema for the receivers API 12466 + properties: 12467 + apiVersion: 12468 + description: |- 12469 + APIVersion defines the versioned schema of this representation of an object. 12470 + Servers should convert recognized schemas to the latest internal value, and 12471 + may reject unrecognized values. 12472 + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources 12473 + type: string 12474 + kind: 12475 + description: |- 12476 + Kind is a string value representing the REST resource this object represents. 12477 + Servers may infer this from the endpoint the client submits requests to. 12478 + Cannot be updated. 12479 + In CamelCase. 12480 + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds 12481 + type: string 12482 + metadata: 12483 + type: object 12484 + spec: 12485 + description: ReceiverSpec defines the desired state of Receiver 12486 + properties: 12487 + events: 12488 + description: |- 12489 + A list of events to handle, 12490 + e.g. 'push' for GitHub or 'Push Hook' for GitLab. 12491 + items: 12492 + type: string 12493 + type: array 12494 + resources: 12495 + description: A list of resources to be notified about changes. 12496 + items: 12497 + description: |- 12498 + CrossNamespaceObjectReference contains enough information to let you locate the 12499 + typed referenced object at cluster level 12500 + properties: 12501 + apiVersion: 12502 + description: API version of the referent 12503 + type: string 12504 + kind: 12505 + description: Kind of the referent 12506 + enum: 12507 + - Bucket 12508 + - GitRepository 12509 + - Kustomization 12510 + - HelmRelease 12511 + - HelmChart 12512 + - HelmRepository 12513 + - ImageRepository 12514 + - ImagePolicy 12515 + - ImageUpdateAutomation 12516 + - OCIRepository 12517 + type: string 12518 + matchLabels: 12519 + additionalProperties: 12520 + type: string 12521 + description: |- 12522 + MatchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels 12523 + map is equivalent to an element of matchExpressions, whose key field is "key", the 12524 + operator is "In", and the values array contains only "value". The requirements are ANDed. 12525 + type: object 12526 + name: 12527 + description: Name of the referent 12528 + maxLength: 53 12529 + minLength: 1 12530 + type: string 12531 + namespace: 12532 + description: Namespace of the referent 12533 + maxLength: 53 12534 + minLength: 1 12535 + type: string 12536 + required: 12537 + - kind 12538 + - name 12539 + type: object 12540 + type: array 12541 + secretRef: 12542 + description: |- 12543 + Secret reference containing the token used 12544 + to validate the payload authenticity 12545 + properties: 12546 + name: 12547 + description: Name of the referent. 12548 + type: string 12549 + required: 12550 + - name 12551 + type: object 12552 + suspend: 12553 + description: |- 12554 + This flag tells the controller to suspend subsequent events handling. 12555 + Defaults to false. 12556 + type: boolean 12557 + type: 12558 + description: |- 12559 + Type of webhook sender, used to determine 12560 + the validation procedure and payload deserialization. 12561 + enum: 12562 + - generic 12563 + - generic-hmac 12564 + - github 12565 + - gitlab 12566 + - bitbucket 12567 + - harbor 12568 + - dockerhub 12569 + - quay 12570 + - gcr 12571 + - nexus 12572 + - acr 12573 + type: string 12574 + required: 12575 + - resources 12576 + - secretRef 12577 + - type 12578 + type: object 12579 + status: 12580 + default: 12581 + observedGeneration: -1 12582 + description: ReceiverStatus defines the observed state of Receiver 12583 + properties: 12584 + conditions: 12585 + items: 12586 + description: Condition contains details for one aspect of the current 12587 + state of this API Resource. 12588 + properties: 12589 + lastTransitionTime: 12590 + description: |- 12591 + lastTransitionTime is the last time the condition transitioned from one status to another. 12592 + This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. 12593 + format: date-time 12594 + type: string 12595 + message: 12596 + description: |- 12597 + message is a human readable message indicating details about the transition. 12598 + This may be an empty string. 12599 + maxLength: 32768 12600 + type: string 12601 + observedGeneration: 12602 + description: |- 12603 + observedGeneration represents the .metadata.generation that the condition was set based upon. 12604 + For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date 12605 + with respect to the current state of the instance. 12606 + format: int64 12607 + minimum: 0 12608 + type: integer 12609 + reason: 12610 + description: |- 12611 + reason contains a programmatic identifier indicating the reason for the condition's last transition. 12612 + Producers of specific condition types may define expected values and meanings for this field, 12613 + and whether the values are considered a guaranteed API. 12614 + The value should be a CamelCase string. 12615 + This field may not be empty. 12616 + maxLength: 1024 12617 + minLength: 1 12618 + pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ 12619 + type: string 12620 + status: 12621 + description: status of the condition, one of True, False, Unknown. 12622 + enum: 12623 + - "True" 12624 + - "False" 12625 + - Unknown 12626 + type: string 12627 + type: 12628 + description: type of condition in CamelCase or in foo.example.com/CamelCase. 12629 + maxLength: 316 12630 + pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ 12631 + type: string 12632 + required: 12633 + - lastTransitionTime 12634 + - message 12635 + - reason 12636 + - status 12637 + - type 12638 + type: object 12639 + type: array 12640 + observedGeneration: 12641 + description: ObservedGeneration is the last observed generation. 12642 + format: int64 12643 + type: integer 12644 + url: 12645 + description: |- 12646 + Generated webhook URL in the format 12647 + of '/hook/sha256sum(token+name+namespace)'. 12648 + type: string 12649 + type: object 12650 + type: object 12651 + served: true 12652 + storage: false 12653 + subresources: 12654 + status: {} 12655 + - additionalPrinterColumns: 12656 + - jsonPath: .metadata.creationTimestamp 12657 + name: Age 12658 + type: date 12659 + - jsonPath: .status.conditions[?(@.type=="Ready")].status 12660 + name: Ready 12661 + type: string 12662 + - jsonPath: .status.conditions[?(@.type=="Ready")].message 12663 + name: Status 12664 + type: string 12665 + deprecated: true 12666 + deprecationWarning: v1beta2 Receiver is deprecated, upgrade to v1 12667 + name: v1beta2 12668 + schema: 12669 + openAPIV3Schema: 12670 + description: Receiver is the Schema for the receivers API. 12671 + properties: 12672 + apiVersion: 12673 + description: |- 12674 + APIVersion defines the versioned schema of this representation of an object. 12675 + Servers should convert recognized schemas to the latest internal value, and 12676 + may reject unrecognized values. 12677 + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources 12678 + type: string 12679 + kind: 12680 + description: |- 12681 + Kind is a string value representing the REST resource this object represents. 12682 + Servers may infer this from the endpoint the client submits requests to. 12683 + Cannot be updated. 12684 + In CamelCase. 12685 + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds 12686 + type: string 12687 + metadata: 12688 + type: object 12689 + spec: 12690 + description: ReceiverSpec defines the desired state of the Receiver. 12691 + properties: 12692 + events: 12693 + description: |- 12694 + Events specifies the list of event types to handle, 12695 + e.g. 'push' for GitHub or 'Push Hook' for GitLab. 12696 + items: 12697 + type: string 12698 + type: array 12699 + interval: 12700 + description: Interval at which to reconcile the Receiver with its 12701 + Secret references. 12702 + pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$ 12703 + type: string 12704 + resources: 12705 + description: A list of resources to be notified about changes. 12706 + items: 12707 + description: |- 12708 + CrossNamespaceObjectReference contains enough information to let you locate the 12709 + typed referenced object at cluster level 12710 + properties: 12711 + apiVersion: 12712 + description: API version of the referent 12713 + type: string 12714 + kind: 12715 + description: Kind of the referent 12716 + enum: 12717 + - Bucket 12718 + - GitRepository 12719 + - Kustomization 12720 + - HelmRelease 12721 + - HelmChart 12722 + - HelmRepository 12723 + - ImageRepository 12724 + - ImagePolicy 12725 + - ImageUpdateAutomation 12726 + - OCIRepository 12727 + type: string 12728 + matchLabels: 12729 + additionalProperties: 12730 + type: string 12731 + description: |- 12732 + MatchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels 12733 + map is equivalent to an element of matchExpressions, whose key field is "key", the 12734 + operator is "In", and the values array contains only "value". The requirements are ANDed. 12735 + MatchLabels requires the name to be set to `*`. 12736 + type: object 12737 + name: 12738 + description: |- 12739 + Name of the referent 12740 + If multiple resources are targeted `*` may be set. 12741 + maxLength: 253 12742 + minLength: 1 12743 + type: string 12744 + namespace: 12745 + description: Namespace of the referent 12746 + maxLength: 253 12747 + minLength: 1 12748 + type: string 12749 + required: 12750 + - kind 12751 + - name 12752 + type: object 12753 + type: array 12754 + secretRef: 12755 + description: |- 12756 + SecretRef specifies the Secret containing the token used 12757 + to validate the payload authenticity. 12758 + properties: 12759 + name: 12760 + description: Name of the referent. 12761 + type: string 12762 + required: 12763 + - name 12764 + type: object 12765 + suspend: 12766 + description: |- 12767 + Suspend tells the controller to suspend subsequent 12768 + events handling for this receiver. 12769 + type: boolean 12770 + type: 12771 + description: |- 12772 + Type of webhook sender, used to determine 12773 + the validation procedure and payload deserialization. 12774 + enum: 12775 + - generic 12776 + - generic-hmac 12777 + - github 12778 + - gitlab 12779 + - bitbucket 12780 + - harbor 12781 + - dockerhub 12782 + - quay 12783 + - gcr 12784 + - nexus 12785 + - acr 12786 + type: string 12787 + required: 12788 + - resources 12789 + - secretRef 12790 + - type 12791 + type: object 12792 + status: 12793 + default: 12794 + observedGeneration: -1 12795 + description: ReceiverStatus defines the observed state of the Receiver. 12796 + properties: 12797 + conditions: 12798 + description: Conditions holds the conditions for the Receiver. 12799 + items: 12800 + description: Condition contains details for one aspect of the current 12801 + state of this API Resource. 12802 + properties: 12803 + lastTransitionTime: 12804 + description: |- 12805 + lastTransitionTime is the last time the condition transitioned from one status to another. 12806 + This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. 12807 + format: date-time 12808 + type: string 12809 + message: 12810 + description: |- 12811 + message is a human readable message indicating details about the transition. 12812 + This may be an empty string. 12813 + maxLength: 32768 12814 + type: string 12815 + observedGeneration: 12816 + description: |- 12817 + observedGeneration represents the .metadata.generation that the condition was set based upon. 12818 + For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date 12819 + with respect to the current state of the instance. 12820 + format: int64 12821 + minimum: 0 12822 + type: integer 12823 + reason: 12824 + description: |- 12825 + reason contains a programmatic identifier indicating the reason for the condition's last transition. 12826 + Producers of specific condition types may define expected values and meanings for this field, 12827 + and whether the values are considered a guaranteed API. 12828 + The value should be a CamelCase string. 12829 + This field may not be empty. 12830 + maxLength: 1024 12831 + minLength: 1 12832 + pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ 12833 + type: string 12834 + status: 12835 + description: status of the condition, one of True, False, Unknown. 12836 + enum: 12837 + - "True" 12838 + - "False" 12839 + - Unknown 12840 + type: string 12841 + type: 12842 + description: type of condition in CamelCase or in foo.example.com/CamelCase. 12843 + maxLength: 316 12844 + pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ 12845 + type: string 12846 + required: 12847 + - lastTransitionTime 12848 + - message 12849 + - reason 12850 + - status 12851 + - type 12852 + type: object 12853 + type: array 12854 + lastHandledReconcileAt: 12855 + description: |- 12856 + LastHandledReconcileAt holds the value of the most recent 12857 + reconcile request value, so a change of the annotation value 12858 + can be detected. 12859 + type: string 12860 + observedGeneration: 12861 + description: ObservedGeneration is the last observed generation of 12862 + the Receiver object. 12863 + format: int64 12864 + type: integer 12865 + url: 12866 + description: |- 12867 + URL is the generated incoming webhook address in the format 12868 + of '/hook/sha256sum(token+name+namespace)'. 12869 + Deprecated: Replaced by WebhookPath. 12870 + type: string 12871 + webhookPath: 12872 + description: |- 12873 + WebhookPath is the generated incoming webhook address in the format 12874 + of '/hook/sha256sum(token+name+namespace)'. 12875 + type: string 12876 + type: object 12877 + type: object 12878 + served: true 12879 + storage: false 12880 + subresources: 12881 + status: {} 12882 + --- 12883 + apiVersion: v1 12884 + kind: ServiceAccount 12885 + metadata: 12886 + labels: 12887 + app.kubernetes.io/component: notification-controller 12888 + app.kubernetes.io/instance: flux-system 12889 + app.kubernetes.io/part-of: flux 12890 + app.kubernetes.io/version: v2.6.4 12891 + name: notification-controller 12892 + namespace: flux-system 12893 + --- 12894 + apiVersion: v1 12895 + kind: Service 12896 + metadata: 12897 + labels: 12898 + app.kubernetes.io/component: notification-controller 12899 + app.kubernetes.io/instance: flux-system 12900 + app.kubernetes.io/part-of: flux 12901 + app.kubernetes.io/version: v2.6.4 12902 + control-plane: controller 12903 + name: notification-controller 12904 + namespace: flux-system 12905 + spec: 12906 + ports: 12907 + - name: http 12908 + port: 80 12909 + protocol: TCP 12910 + targetPort: http 12911 + selector: 12912 + app: notification-controller 12913 + type: ClusterIP 12914 + --- 12915 + apiVersion: v1 12916 + kind: Service 12917 + metadata: 12918 + labels: 12919 + app.kubernetes.io/component: notification-controller 12920 + app.kubernetes.io/instance: flux-system 12921 + app.kubernetes.io/part-of: flux 12922 + app.kubernetes.io/version: v2.6.4 12923 + control-plane: controller 12924 + name: webhook-receiver 12925 + namespace: flux-system 12926 + spec: 12927 + ports: 12928 + - name: http 12929 + port: 80 12930 + protocol: TCP 12931 + targetPort: http-webhook 12932 + selector: 12933 + app: notification-controller 12934 + type: ClusterIP 12935 + --- 12936 + apiVersion: apps/v1 12937 + kind: Deployment 12938 + metadata: 12939 + labels: 12940 + app.kubernetes.io/component: notification-controller 12941 + app.kubernetes.io/instance: flux-system 12942 + app.kubernetes.io/part-of: flux 12943 + app.kubernetes.io/version: v2.6.4 12944 + control-plane: controller 12945 + name: notification-controller 12946 + namespace: flux-system 12947 + spec: 12948 + replicas: 1 12949 + selector: 12950 + matchLabels: 12951 + app: notification-controller 12952 + template: 12953 + metadata: 12954 + annotations: 12955 + prometheus.io/port: "8080" 12956 + prometheus.io/scrape: "true" 12957 + labels: 12958 + app: notification-controller 12959 + spec: 12960 + containers: 12961 + - args: 12962 + - --watch-all-namespaces=true 12963 + - --log-level=info 12964 + - --log-encoding=json 12965 + - --enable-leader-election 12966 + env: 12967 + - name: RUNTIME_NAMESPACE 12968 + valueFrom: 12969 + fieldRef: 12970 + fieldPath: metadata.namespace 12971 + - name: GOMAXPROCS 12972 + valueFrom: 12973 + resourceFieldRef: 12974 + containerName: manager 12975 + resource: limits.cpu 12976 + - name: GOMEMLIMIT 12977 + valueFrom: 12978 + resourceFieldRef: 12979 + containerName: manager 12980 + resource: limits.memory 12981 + image: ghcr.io/fluxcd/notification-controller:v1.6.0 12982 + imagePullPolicy: IfNotPresent 12983 + livenessProbe: 12984 + httpGet: 12985 + path: /healthz 12986 + port: healthz 12987 + name: manager 12988 + ports: 12989 + - containerPort: 9090 12990 + name: http 12991 + protocol: TCP 12992 + - containerPort: 9292 12993 + name: http-webhook 12994 + protocol: TCP 12995 + - containerPort: 8080 12996 + name: http-prom 12997 + protocol: TCP 12998 + - containerPort: 9440 12999 + name: healthz 13000 + protocol: TCP 13001 + readinessProbe: 13002 + httpGet: 13003 + path: /readyz 13004 + port: healthz 13005 + resources: 13006 + limits: 13007 + cpu: 1000m 13008 + memory: 1Gi 13009 + requests: 13010 + cpu: 100m 13011 + memory: 64Mi 13012 + securityContext: 13013 + allowPrivilegeEscalation: false 13014 + capabilities: 13015 + drop: 13016 + - ALL 13017 + readOnlyRootFilesystem: true 13018 + runAsNonRoot: true 13019 + seccompProfile: 13020 + type: RuntimeDefault 13021 + volumeMounts: 13022 + - mountPath: /tmp 13023 + name: temp 13024 + nodeSelector: 13025 + kubernetes.io/os: linux 13026 + securityContext: 13027 + fsGroup: 1337 13028 + serviceAccountName: notification-controller 13029 + terminationGracePeriodSeconds: 10 13030 + volumes: 13031 + - emptyDir: {} 13032 + name: temp

Configure Feed

Configure Feed