diff --git a/class_generator/schema/__cluster_version__.txt b/class_generator/schema/__cluster_version__.txt index c4f82aab64..3aa62a2d4a 100644 --- a/class_generator/schema/__cluster_version__.txt +++ b/class_generator/schema/__cluster_version__.txt @@ -1 +1 @@ -v1.35.2 +v1.35.4 diff --git a/class_generator/schema/__resources-mappings.json.gz b/class_generator/schema/__resources-mappings.json.gz index 504f26a95e..e6cb0d05aa 100644 Binary files a/class_generator/schema/__resources-mappings.json.gz and b/class_generator/schema/__resources-mappings.json.gz differ diff --git a/class_generator/schema/_definitions.json b/class_generator/schema/_definitions.json index 9bccbb9629..efc69c8e7a 100644 --- a/class_generator/schema/_definitions.json +++ b/class_generator/schema/_definitions.json @@ -3251,7 +3251,37 @@ } ] }, - "admission.k8s.io/v1/DeleteOptions": { + "admission.k8s.io/v1/WatchEvent": { + "description": "Event represents a single event to a watched resource.", + "namespaced": true, + "properties": { + "object": { + "allOf": [ + { + "$ref": "#/components/schemas/io.k8s.apimachinery.pkg.runtime.RawExtension" + } + ], + "description": "Object is:\n * If Type is Added or Modified: the new state of the object.\n * If Type is Deleted: the state of the object immediately before deletion.\n * If Type is Error: *Status is recommended; other types may make sense\n depending on context." + }, + "type": { + "default": "", + "type": "string" + } + }, + "required": [ + "type", + "object" + ], + "type": "object", + "x-kubernetes-group-version-kind": [ + { + "group": "admission.k8s.io", + "kind": "WatchEvent", + "version": "v1" + } + ] + }, + "admissionregistration.k8s.io/v1/DeleteOptions": { "description": "DeleteOptions may be provided when deleting an API object.", "namespaced": true, "properties": { @@ -3302,42 +3332,12 @@ "type": "object", "x-kubernetes-group-version-kind": [ { - "group": "admission.k8s.io", + "group": "admissionregistration.k8s.io", "kind": "DeleteOptions", "version": "v1" } ] }, - "admission.k8s.io/v1/WatchEvent": { - "description": "Event represents a single event to a watched resource.", - "namespaced": true, - "properties": { - "object": { - "allOf": [ - { - "$ref": "#/components/schemas/io.k8s.apimachinery.pkg.runtime.RawExtension" - } - ], - "description": "Object is:\n * If Type is Added or Modified: the new state of the object.\n * If Type is Deleted: the state of the object immediately before deletion.\n * If Type is Error: *Status is recommended; other types may make sense\n depending on context." - }, - "type": { - "default": "", - "type": "string" - } - }, - "required": [ - "type", - "object" - ], - "type": "object", - "x-kubernetes-group-version-kind": [ - { - "group": "admission.k8s.io", - "kind": "WatchEvent", - "version": "v1" - } - ] - }, "admissionregistration.k8s.io/v1/MutatingWebhookConfiguration": { "description": "MutatingWebhookConfiguration describes the configuration of and admission webhook that accept or reject and may change the object.", "namespaced": false, @@ -4269,7 +4269,7 @@ } ], "default": {}, - "description": "Spec represents a desired deployment state and how to deploy to it." + "description": "spec represents a desired deployment state and how to deploy to it." }, "status": { "allOf": [ @@ -4278,7 +4278,7 @@ } ], "default": {}, - "description": "Status represents the current deployment state." + "description": "status represents the current deployment state." } }, "required": [ @@ -4302,7 +4302,7 @@ "type": "string" }, "items": { - "description": "Items is a list of deployment configs", + "description": "items is a list of deployment configs", "items": { "allOf": [ { @@ -4353,7 +4353,7 @@ }, "name": { "default": "", - "description": "Name of the deployment config that will be rolled back.", + "description": "name of the deployment config that will be rolled back.", "type": "string" }, "spec": { @@ -4363,14 +4363,14 @@ } ], "default": {}, - "description": "Spec defines the options to rollback generation." + "description": "spec defines the options to rollback generation." }, "updatedAnnotations": { "additionalProperties": { "default": "", "type": "string" }, - "description": "UpdatedAnnotations is a set of new annotations that will be added in the deployment config.", + "description": "updatedAnnotations is a set of new annotations that will be added in the deployment config.", "type": "object" } }, @@ -4419,7 +4419,7 @@ "type": "string" }, "excludeTriggers": { - "description": "ExcludeTriggers instructs the instantiator to avoid processing the specified triggers. This field overrides the triggers from latest and allows clients to control specific logic. This field is ignored if not specified.", + "description": "excludeTriggers instructs the instantiator to avoid processing the specified triggers. This field overrides the triggers from latest and allows clients to control specific logic. This field is ignored if not specified.", "items": { "default": "", "type": "string" @@ -4428,7 +4428,7 @@ }, "force": { "default": false, - "description": "Force will try to force a new deployment to run. If the deployment config is paused, then setting this to true will return an Invalid error.", + "description": "force will try to force a new deployment to run. If the deployment config is paused, then setting this to true will return an Invalid error.", "type": "boolean" }, "kind": { @@ -4437,12 +4437,12 @@ }, "latest": { "default": false, - "description": "Latest will update the deployment config with the latest state from all triggers.", + "description": "latest will update the deployment config with the latest state from all triggers.", "type": "boolean" }, "name": { "default": "", - "description": "Name of the deployment config for requesting a new deployment.", + "description": "name of the deployment config for requesting a new deployment.", "type": "string" } }, @@ -5351,7 +5351,7 @@ "$ref": "#/components/schemas/io.k8s.api.rbac.v1.AggregationRule" } ], - "description": "AggregationRule is an optional field that describes how to build the Rules for this ClusterRole. If AggregationRule is set, then the Rules are controller managed and direct changes to Rules will be stomped by the controller." + "description": "aggregationRule is an optional field that describes how to build the Rules for this ClusterRole. If AggregationRule is set, then the Rules are controller managed and direct changes to Rules will be stomped by the controller." }, "apiVersion": { "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources", @@ -5371,7 +5371,7 @@ "description": "metadata is the standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata" }, "rules": { - "description": "Rules holds all the PolicyRules for this ClusterRole", + "description": "rules holds all the PolicyRules for this ClusterRole", "items": { "allOf": [ { @@ -5404,7 +5404,7 @@ "type": "string" }, "groupNames": { - "description": "GroupNames holds all the groups directly bound to the role. This field should only be specified when supporting legacy clients and servers. See Subjects for further details.", + "description": "groupNames holds all the groups directly bound to the role. This field should only be specified when supporting legacy clients and servers. See Subjects for further details.", "items": { "default": "", "type": "string" @@ -5431,10 +5431,10 @@ } ], "default": {}, - "description": "RoleRef can only reference the current namespace and the global namespace. If the ClusterRoleRef cannot be resolved, the Authorizer must return an error. Since Policy is a singleton, this is sufficient knowledge to locate a role." + "description": "roleRef can only reference the current namespace and the global namespace. If the ClusterRoleRef cannot be resolved, the Authorizer must return an error. Since Policy is a singleton, this is sufficient knowledge to locate a role." }, "subjects": { - "description": "Subjects hold object references to authorize with this rule. This field is ignored if UserNames or GroupNames are specified to support legacy clients and servers. Thus newer clients that do not need to support backwards compatibility should send only fully qualified Subjects and should omit the UserNames and GroupNames fields. Clients that need to support backwards compatibility can use this field to build the UserNames and GroupNames.", + "description": "subjects hold object references to authorize with this rule. This field is ignored if UserNames or GroupNames are specified to support legacy clients and servers. Thus newer clients that do not need to support backwards compatibility should send only fully qualified Subjects and should omit the UserNames and GroupNames fields. Clients that need to support backwards compatibility can use this field to build the UserNames and GroupNames.", "items": { "allOf": [ { @@ -5446,7 +5446,7 @@ "type": "array" }, "userNames": { - "description": "UserNames holds all the usernames directly bound to the role. This field should only be specified when supporting legacy clients and servers. See Subjects for further details.", + "description": "userNames holds all the usernames directly bound to the role. This field should only be specified when supporting legacy clients and servers. See Subjects for further details.", "items": { "default": "", "type": "string" @@ -5476,7 +5476,7 @@ "type": "string" }, "items": { - "description": "Items is a list of ClusterRoleBindings", + "description": "items is a list of ClusterRoleBindings", "items": { "allOf": [ { @@ -5522,7 +5522,7 @@ "type": "string" }, "items": { - "description": "Items is a list of ClusterRoles", + "description": "items is a list of ClusterRoles", "items": { "allOf": [ { @@ -5573,30 +5573,39 @@ "$ref": "#/components/schemas/io.k8s.apimachinery.pkg.runtime.RawExtension" } ], - "description": "Content is the actual content of the request for create and update" + "description": "content is the actual content of the request for create and update" }, "isNonResourceURL": { "default": false, - "description": "IsNonResourceURL is true if this is a request for a non-resource URL (outside of the resource hierarchy)", + "description": "isNonResourceURL is true if this is a request for a non-resource URL (outside of the resource hierarchy)", "type": "boolean" }, "kind": { "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", "type": "string" }, + "metadata": { + "allOf": [ + { + "$ref": "#/components/schemas/io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta" + } + ], + "default": {}, + "description": "metadata is the standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata" + }, "namespace": { "default": "", - "description": "Namespace is the namespace of the action being requested. Currently, there is no distinction between no namespace and all namespaces", + "description": "namespace is the namespace of the action being requested. Currently, there is no distinction between no namespace and all namespaces", "type": "string" }, "path": { "default": "", - "description": "Path is the path of a non resource URL", + "description": "path is the path of a non resource URL", "type": "string" }, "resource": { "default": "", - "description": "Resource is one of the existing resource types", + "description": "resource is one of the existing resource types", "type": "string" }, "resourceAPIGroup": { @@ -5611,12 +5620,12 @@ }, "resourceName": { "default": "", - "description": "ResourceName is the name of the resource being requested for a \"get\" or deleted for a \"delete\"", + "description": "resourceName is the name of the resource being requested for a \"get\" or deleted for a \"delete\"", "type": "string" }, "verb": { "default": "", - "description": "Verb is one of: get, list, watch, create, update, delete", + "description": "verb is one of: get, list, watch, create, update, delete", "type": "string" } }, @@ -5653,10 +5662,10 @@ "$ref": "#/components/schemas/io.k8s.apimachinery.pkg.runtime.RawExtension" } ], - "description": "Content is the actual content of the request for create and update" + "description": "content is the actual content of the request for create and update" }, "groups": { - "description": "Groups is optional. Groups is the list of groups to which the User belongs.", + "description": "groups is optional. Groups is the list of groups to which the User belongs.", "items": { "default": "", "type": "string" @@ -5665,26 +5674,35 @@ }, "isNonResourceURL": { "default": false, - "description": "IsNonResourceURL is true if this is a request for a non-resource URL (outside of the resource hierarchy)", + "description": "isNonResourceURL is true if this is a request for a non-resource URL (outside of the resource hierarchy)", "type": "boolean" }, "kind": { "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", "type": "string" }, + "metadata": { + "allOf": [ + { + "$ref": "#/components/schemas/io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta" + } + ], + "default": {}, + "description": "metadata is the standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata" + }, "namespace": { "default": "", - "description": "Namespace is the namespace of the action being requested. Currently, there is no distinction between no namespace and all namespaces", + "description": "namespace is the namespace of the action being requested. Currently, there is no distinction between no namespace and all namespaces", "type": "string" }, "path": { "default": "", - "description": "Path is the path of a non resource URL", + "description": "path is the path of a non resource URL", "type": "string" }, "resource": { "default": "", - "description": "Resource is one of the existing resource types", + "description": "resource is one of the existing resource types", "type": "string" }, "resourceAPIGroup": { @@ -5699,11 +5717,11 @@ }, "resourceName": { "default": "", - "description": "ResourceName is the name of the resource being requested for a \"get\" or deleted for a \"delete\"", + "description": "resourceName is the name of the resource being requested for a \"get\" or deleted for a \"delete\"", "type": "string" }, "scopes": { - "description": "Scopes to use for the evaluation. Empty means \"use the unscoped (full) permissions of the user/groups\". Nil for a self-SAR, means \"use the scopes on this request\". Nil for a regular SAR, means the same as empty.", + "description": "scopes to use for the evaluation. Empty means \"use the unscoped (full) permissions of the user/groups\". Nil for a self-SAR, means \"use the scopes on this request\". Nil for a regular SAR, means the same as empty.", "items": { "default": "", "type": "string" @@ -5712,12 +5730,12 @@ }, "user": { "default": "", - "description": "User is optional. If both User and Groups are empty, the current authenticated user is used.", + "description": "user is optional. If both User and Groups are empty, the current authenticated user is used.", "type": "string" }, "verb": { "default": "", - "description": "Verb is one of: get, list, watch, create, update, delete", + "description": "verb is one of: get, list, watch, create, update, delete", "type": "string" } }, @@ -5757,30 +5775,39 @@ "$ref": "#/components/schemas/io.k8s.apimachinery.pkg.runtime.RawExtension" } ], - "description": "Content is the actual content of the request for create and update" + "description": "content is the actual content of the request for create and update" }, "isNonResourceURL": { "default": false, - "description": "IsNonResourceURL is true if this is a request for a non-resource URL (outside of the resource hierarchy)", + "description": "isNonResourceURL is true if this is a request for a non-resource URL (outside of the resource hierarchy)", "type": "boolean" }, "kind": { "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", "type": "string" }, + "metadata": { + "allOf": [ + { + "$ref": "#/components/schemas/io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta" + } + ], + "default": {}, + "description": "metadata is the standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata" + }, "namespace": { "default": "", - "description": "Namespace is the namespace of the action being requested. Currently, there is no distinction between no namespace and all namespaces", + "description": "namespace is the namespace of the action being requested. Currently, there is no distinction between no namespace and all namespaces", "type": "string" }, "path": { "default": "", - "description": "Path is the path of a non resource URL", + "description": "path is the path of a non resource URL", "type": "string" }, "resource": { "default": "", - "description": "Resource is one of the existing resource types", + "description": "resource is one of the existing resource types", "type": "string" }, "resourceAPIGroup": { @@ -5795,12 +5822,12 @@ }, "resourceName": { "default": "", - "description": "ResourceName is the name of the resource being requested for a \"get\" or deleted for a \"delete\"", + "description": "resourceName is the name of the resource being requested for a \"get\" or deleted for a \"delete\"", "type": "string" }, "verb": { "default": "", - "description": "Verb is one of: get, list, watch, create, update, delete", + "description": "verb is one of: get, list, watch, create, update, delete", "type": "string" } }, @@ -5845,7 +5872,7 @@ "description": "metadata is the standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata" }, "rules": { - "description": "Rules holds all the PolicyRules for this Role", + "description": "rules holds all the PolicyRules for this Role", "items": { "allOf": [ { @@ -5878,7 +5905,7 @@ "type": "string" }, "groupNames": { - "description": "GroupNames holds all the groups directly bound to the role. This field should only be specified when supporting legacy clients and servers. See Subjects for further details.", + "description": "groupNames holds all the groups directly bound to the role. This field should only be specified when supporting legacy clients and servers. See Subjects for further details.", "items": { "default": "", "type": "string" @@ -5905,10 +5932,10 @@ } ], "default": {}, - "description": "RoleRef can only reference the current namespace and the global namespace. If the RoleRef cannot be resolved, the Authorizer must return an error. Since Policy is a singleton, this is sufficient knowledge to locate a role." + "description": "roleRef can only reference the current namespace and the global namespace. If the RoleRef cannot be resolved, the Authorizer must return an error. Since Policy is a singleton, this is sufficient knowledge to locate a role." }, "subjects": { - "description": "Subjects hold object references to authorize with this rule. This field is ignored if UserNames or GroupNames are specified to support legacy clients and servers. Thus newer clients that do not need to support backwards compatibility should send only fully qualified Subjects and should omit the UserNames and GroupNames fields. Clients that need to support backwards compatibility can use this field to build the UserNames and GroupNames.", + "description": "subjects hold object references to authorize with this rule. This field is ignored if UserNames or GroupNames are specified to support legacy clients and servers. Thus newer clients that do not need to support backwards compatibility should send only fully qualified Subjects and should omit the UserNames and GroupNames fields. Clients that need to support backwards compatibility can use this field to build the UserNames and GroupNames.", "items": { "allOf": [ { @@ -5920,7 +5947,7 @@ "type": "array" }, "userNames": { - "description": "UserNames holds all the usernames directly bound to the role. This field should only be specified when supporting legacy clients and servers. See Subjects for further details.", + "description": "userNames holds all the usernames directly bound to the role. This field should only be specified when supporting legacy clients and servers. See Subjects for further details.", "items": { "default": "", "type": "string" @@ -5950,7 +5977,7 @@ "type": "string" }, "items": { - "description": "Items is a list of RoleBindings", + "description": "items is a list of RoleBindings", "items": { "allOf": [ { @@ -6242,7 +6269,7 @@ "type": "string" }, "items": { - "description": "Items is a list of Roles", + "description": "items is a list of Roles", "items": { "allOf": [ { @@ -6291,6 +6318,15 @@ "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", "type": "string" }, + "metadata": { + "allOf": [ + { + "$ref": "#/components/schemas/io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta" + } + ], + "default": {}, + "description": "metadata is the standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata" + }, "spec": { "allOf": [ { @@ -6298,7 +6334,7 @@ } ], "default": {}, - "description": "Spec adds information about how to conduct the check" + "description": "spec adds information about how to conduct the check" }, "status": { "allOf": [ @@ -6307,7 +6343,7 @@ } ], "default": {}, - "description": "Status is completed by the server to tell which permissions you have" + "description": "status is completed by the server to tell which permissions you have" } }, "required": [ @@ -6336,7 +6372,7 @@ "$ref": "#/components/schemas/io.k8s.apimachinery.pkg.runtime.RawExtension" } ], - "description": "Content is the actual content of the request for create and update" + "description": "content is the actual content of the request for create and update" }, "groups": { "description": "GroupsSlice is optional. Groups is the list of groups to which the User belongs.", @@ -6348,26 +6384,35 @@ }, "isNonResourceURL": { "default": false, - "description": "IsNonResourceURL is true if this is a request for a non-resource URL (outside of the resource hierarchy)", + "description": "isNonResourceURL is true if this is a request for a non-resource URL (outside of the resource hierarchy)", "type": "boolean" }, "kind": { "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", "type": "string" }, + "metadata": { + "allOf": [ + { + "$ref": "#/components/schemas/io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta" + } + ], + "default": {}, + "description": "metadata is the standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata" + }, "namespace": { "default": "", - "description": "Namespace is the namespace of the action being requested. Currently, there is no distinction between no namespace and all namespaces", + "description": "namespace is the namespace of the action being requested. Currently, there is no distinction between no namespace and all namespaces", "type": "string" }, "path": { "default": "", - "description": "Path is the path of a non resource URL", + "description": "path is the path of a non resource URL", "type": "string" }, "resource": { "default": "", - "description": "Resource is one of the existing resource types", + "description": "resource is one of the existing resource types", "type": "string" }, "resourceAPIGroup": { @@ -6382,11 +6427,11 @@ }, "resourceName": { "default": "", - "description": "ResourceName is the name of the resource being requested for a \"get\" or deleted for a \"delete\"", + "description": "resourceName is the name of the resource being requested for a \"get\" or deleted for a \"delete\"", "type": "string" }, "scopes": { - "description": "Scopes to use for the evaluation. Empty means \"use the unscoped (full) permissions of the user/groups\". Nil for a self-SAR, means \"use the scopes on this request\". Nil for a regular SAR, means the same as empty.", + "description": "scopes to use for the evaluation. Empty means \"use the unscoped (full) permissions of the user/groups\". Nil for a self-SAR, means \"use the scopes on this request\". Nil for a regular SAR, means the same as empty.", "items": { "default": "", "type": "string" @@ -6395,12 +6440,12 @@ }, "user": { "default": "", - "description": "User is optional. If both User and Groups are empty, the current authenticated user is used.", + "description": "user is optional. If both User and Groups are empty, the current authenticated user is used.", "type": "string" }, "verb": { "default": "", - "description": "Verb is one of: get, list, watch, create, update, delete", + "description": "verb is one of: get, list, watch, create, update, delete", "type": "string" } }, @@ -6438,6 +6483,15 @@ "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", "type": "string" }, + "metadata": { + "allOf": [ + { + "$ref": "#/components/schemas/io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta" + } + ], + "default": {}, + "description": "metadata is the standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata" + }, "spec": { "allOf": [ { @@ -6445,7 +6499,7 @@ } ], "default": {}, - "description": "Spec adds information about how to conduct the check" + "description": "spec adds information about how to conduct the check" }, "status": { "allOf": [ @@ -6454,7 +6508,7 @@ } ], "default": {}, - "description": "Status is completed by the server to tell which permissions you have" + "description": "status is completed by the server to tell which permissions you have" } }, "required": [ @@ -7991,7 +8045,7 @@ "$ref": "#/components/schemas/com.github.openshift.api.build.v1.DockerStrategyOptions" } ], - "description": "DockerStrategyOptions contains additional docker-strategy specific options for the build" + "description": "dockerStrategyOptions contains additional docker-strategy specific options for the build" }, "env": { "description": "env contains additional environment variables you want to pass into a builder container.", @@ -8045,7 +8099,7 @@ "$ref": "#/components/schemas/com.github.openshift.api.build.v1.SourceStrategyOptions" } ], - "description": "SourceStrategyOptions contains additional source-strategy specific options for the build" + "description": "sourceStrategyOptions contains additional source-strategy specific options for the build" }, "triggeredBy": { "description": "triggeredBy describes which triggers started the most recent update to the build configuration and contains information about those triggers.", @@ -16614,6 +16668,27 @@ "failureDomainLabel": { "type": "string" }, + "floatingMon": { + "minProperties": 2, + "properties": { + "configmapName": { + "maxLength": 253, + "minLength": 1, + "type": "string" + }, + "name": { + "maxLength": 1, + "minLength": 1, + "pattern": "^[a-z]$", + "type": "string" + } + }, + "required": [ + "configmapName", + "name" + ], + "type": "object" + }, "stretchCluster": { "properties": { "failureDomainLabel": { @@ -17200,6 +17275,12 @@ "format": "int64", "type": "integer" }, + "port": { + "format": "int32", + "maximum": 65535, + "minimum": 1, + "type": "integer" + }, "statsPeriodSeconds": { "default": 5, "format": "int64", @@ -23934,6 +24015,17 @@ } ] }, + "csiMetadataRadosNamespace": { + "maxLength": 1024, + "minLength": 1, + "type": "string", + "x-kubernetes-validations": [ + { + "message": "CSIMetadataRadosNamespace is immutable", + "rule": "self == oldSelf" + } + ] + }, "dataPoolName": { "type": "string" }, @@ -29893,6 +29985,12 @@ "type": "string" }, "type": "object" + }, + "labels": { + "additionalProperties": { + "type": "string" + }, + "type": "object" } }, "type": "object" @@ -30473,6 +30571,14 @@ "security": { "nullable": true, "properties": { + "ciphers": { + "items": { + "type": "string" + }, + "maxItems": 1000, + "minItems": 0, + "type": "array" + }, "keyRotation": { "nullable": true, "properties": { @@ -30519,6 +30625,41 @@ } }, "type": "object" + }, + "sslOptions": { + "properties": { + "defaultWorkarounds": { + "type": "boolean" + }, + "noCompression": { + "type": "boolean" + }, + "singleDiffieHellmanUse": { + "type": "boolean" + }, + "sslv2": { + "type": "boolean" + }, + "sslv3": { + "type": "boolean" + }, + "tlsv1_0": { + "type": "boolean" + }, + "tlsv1_1": { + "type": "boolean" + }, + "tlsv1_2": { + "type": "boolean" + } + }, + "type": "object" + }, + "tlsGroups": { + "items": { + "type": "string" + }, + "type": "array" } }, "type": "object" @@ -30585,6 +30726,7 @@ ], "type": "object" }, + "maxItems": 10, "type": "array" } }, @@ -30732,8 +30874,115 @@ } ] }, - "ceph.rook.io/v1/CephObjectStoreList": { - "description": "CephObjectStoreList is a list of CephObjectStore", + "ceph.rook.io/v1/CephObjectStoreAccount": { + "description": "", + "namespaced": true, + "properties": { + "apiVersion": { + "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources", + "type": "string" + }, + "kind": { + "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", + "type": "string" + }, + "metadata": { + "allOf": [ + { + "$ref": "#/components/schemas/io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta" + } + ], + "description": "Standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata" + }, + "spec": { + "properties": { + "accountID": { + "maxLength": 20, + "minLength": 20, + "pattern": "^RGW\\d{17}$", + "type": "string", + "x-kubernetes-validations": [ + { + "message": "accountID is immutable", + "rule": "self == oldSelf" + } + ] + }, + "name": { + "maxLength": 2048, + "minLength": 1, + "pattern": "^[a-zA-Z0-9 ._-]+$", + "type": "string" + }, + "rootUser": { + "properties": { + "displayName": { + "maxLength": 64, + "minLength": 1, + "pattern": "^[\\w+=,.@-]+$", + "type": "string" + }, + "skipCreate": { + "type": "boolean" + } + }, + "type": "object" + }, + "store": { + "maxLength": 253, + "minLength": 1, + "type": "string", + "x-kubernetes-validations": [ + { + "message": "store is immutable", + "rule": "self == oldSelf" + } + ] + } + }, + "required": [ + "store" + ], + "type": "object" + }, + "status": { + "properties": { + "accountID": { + "maxLength": 20, + "minLength": 20, + "type": "string" + }, + "observedGeneration": { + "format": "int64", + "type": "integer" + }, + "phase": { + "type": "string" + }, + "rootAccountSecretName": { + "maxLength": 253, + "minLength": 1, + "type": "string" + } + }, + "type": "object" + } + }, + "required": [ + "metadata", + "spec" + ], + "type": "object", + "x-kubernetes-group-version-kind": [ + { + "group": "ceph.rook.io", + "kind": "CephObjectStoreAccount", + "version": "v1" + } + ] + }, + "ceph.rook.io/v1/CephObjectStoreAccountList": { + "description": "CephObjectStoreAccountList is a list of CephObjectStoreAccount", "namespaced": true, "properties": { "apiVersion": { @@ -30741,9 +30990,49 @@ "type": "string" }, "items": { - "description": "List of cephobjectstores. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md", + "description": "List of cephobjectstoreaccounts. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md", "items": { - "$ref": "#/components/schemas/io.rook.ceph.v1.CephObjectStore" + "$ref": "#/components/schemas/io.rook.ceph.v1.CephObjectStoreAccount" + }, + "type": "array" + }, + "kind": { + "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", + "type": "string" + }, + "metadata": { + "allOf": [ + { + "$ref": "#/components/schemas/io.k8s.apimachinery.pkg.apis.meta.v1.ListMeta" + } + ], + "description": "Standard list metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + } + }, + "required": [ + "items" + ], + "type": "object", + "x-kubernetes-group-version-kind": [ + { + "group": "ceph.rook.io", + "kind": "CephObjectStoreAccountList", + "version": "v1" + } + ] + }, + "ceph.rook.io/v1/CephObjectStoreList": { + "description": "CephObjectStoreList is a list of CephObjectStore", + "namespaced": true, + "properties": { + "apiVersion": { + "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources", + "type": "string" + }, + "items": { + "description": "List of cephobjectstores. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md", + "items": { + "$ref": "#/components/schemas/io.rook.ceph.v1.CephObjectStore" }, "type": "array" }, @@ -30794,6 +31083,26 @@ }, "spec": { "properties": { + "accountRef": { + "properties": { + "name": { + "maxLength": 2048, + "minLength": 1, + "pattern": "^[a-zA-Z0-9 ._-]+$", + "type": "string" + } + }, + "required": [ + "name" + ], + "type": "object", + "x-kubernetes-validations": [ + { + "message": "accountRef is immutable", + "rule": "self == oldSelf" + } + ] + }, "capabilities": { "nullable": true, "properties": { @@ -31631,6 +31940,7 @@ ], "type": "object" }, + "maxItems": 10, "type": "array" } }, @@ -33460,161 +33770,6 @@ } ] }, - "cloud.network.openshift.io/v1/CloudPrivateIPConfig": { - "description": "CloudPrivateIPConfig performs an assignment of a private IP address to the\nprimary NIC associated with cloud VMs. This is done by specifying the IP and\nKubernetes node which the IP should be assigned to. This CRD is intended to\nbe used by the network plugin which manages the cluster network. The spec\nside represents the desired state requested by the network plugin, and the\nstatus side represents the current state that this CRD's controller has\nexecuted. No users will have permission to modify it, and if a cluster-admin\ndecides to edit it for some reason, their changes will be overwritten the\nnext time the network plugin reconciles the object. Note: the CR's name\nmust specify the requested private IP address (can be IPv4 or IPv6).\n\nCompatibility level 1: Stable within a major release for a minimum of 12 months or 3 minor releases (whichever is longer).", - "namespaced": false, - "properties": { - "apiVersion": { - "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources", - "type": "string" - }, - "kind": { - "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", - "type": "string" - }, - "metadata": { - "allOf": [ - { - "$ref": "#/components/schemas/io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta" - } - ], - "description": "Standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata" - }, - "spec": { - "description": "spec is the definition of the desired private IP request.", - "properties": { - "node": { - "description": "node is the node name, as specified by the Kubernetes field: node.metadata.name", - "type": "string" - } - }, - "type": "object" - }, - "status": { - "description": "status is the observed status of the desired private IP request. Read-only.", - "properties": { - "conditions": { - "description": "condition is the assignment condition of the private IP and its status", - "items": { - "description": "Condition contains details for one aspect of the current state of this API Resource.", - "properties": { - "lastTransitionTime": { - "description": "lastTransitionTime is the last time the condition transitioned from one status to another.\nThis should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable.", - "format": "date-time", - "type": "string" - }, - "message": { - "description": "message is a human readable message indicating details about the transition.\nThis may be an empty string.", - "maxLength": 32768, - "type": "string" - }, - "observedGeneration": { - "description": "observedGeneration represents the .metadata.generation that the condition was set based upon.\nFor instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date\nwith respect to the current state of the instance.", - "format": "int64", - "minimum": 0, - "type": "integer" - }, - "reason": { - "description": "reason contains a programmatic identifier indicating the reason for the condition's last transition.\nProducers of specific condition types may define expected values and meanings for this field,\nand whether the values are considered a guaranteed API.\nThe value should be a CamelCase string.\nThis field may not be empty.", - "maxLength": 1024, - "minLength": 1, - "pattern": "^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$", - "type": "string" - }, - "status": { - "description": "status of the condition, one of True, False, Unknown.", - "enum": [ - "True", - "False", - "Unknown" - ], - "type": "string" - }, - "type": { - "description": "type of condition in CamelCase or in foo.example.com/CamelCase.", - "maxLength": 316, - "pattern": "^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$", - "type": "string" - } - }, - "required": [ - "lastTransitionTime", - "message", - "reason", - "status", - "type" - ], - "type": "object" - }, - "type": "array", - "x-kubernetes-list-map-keys": [ - "type" - ], - "x-kubernetes-list-type": "map" - }, - "node": { - "description": "node is the node name, as specified by the Kubernetes field: node.metadata.name", - "type": "string" - } - }, - "required": [ - "conditions" - ], - "type": "object" - } - }, - "required": [ - "spec" - ], - "type": "object", - "x-kubernetes-group-version-kind": [ - { - "group": "cloud.network.openshift.io", - "kind": "CloudPrivateIPConfig", - "version": "v1" - } - ] - }, - "cloud.network.openshift.io/v1/CloudPrivateIPConfigList": { - "description": "CloudPrivateIPConfigList is a list of CloudPrivateIPConfig", - "namespaced": true, - "properties": { - "apiVersion": { - "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources", - "type": "string" - }, - "items": { - "description": "List of cloudprivateipconfigs. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md", - "items": { - "$ref": "#/components/schemas/io.openshift.network.cloud.v1.CloudPrivateIPConfig" - }, - "type": "array" - }, - "kind": { - "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", - "type": "string" - }, - "metadata": { - "allOf": [ - { - "$ref": "#/components/schemas/io.k8s.apimachinery.pkg.apis.meta.v1.ListMeta" - } - ], - "description": "Standard list metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" - } - }, - "required": [ - "items" - ], - "type": "object", - "x-kubernetes-group-version-kind": [ - { - "group": "cloud.network.openshift.io", - "kind": "CloudPrivateIPConfigList", - "version": "v1" - } - ] - }, "cloudcredential.openshift.io/v1/CredentialsRequest": { "description": "CredentialsRequest is the Schema for the credentialsrequests API", "namespaced": true, @@ -34354,7 +34509,7 @@ "type": "string" }, "prefix": { - "description": "prefix is an optional field that configures the prefix that will be applied to the cluster identity attribute during the process of mapping JWT claims to cluster identity attributes.\n\nWhen omitted (\"\"), no prefix is applied to the cluster identity attribute.\n\nExample: if `prefix` is set to \"myoidc:\" and the `claim` in JWT contains an array of strings \"a\", \"b\" and \"c\", the mapping will result in an array of string \"myoidc:a\", \"myoidc:b\" and \"myoidc:c\".", + "description": "prefix is an optional field that configures the prefix that will be applied to the cluster identity attribute during the process of mapping JWT claims to cluster identity attributes.\n\nWhen omitted or set to an empty string (\"\"), no prefix is applied to the cluster identity attribute.\nMust not be set to a non-empty value when expression is set.\n\nExample: if `prefix` is set to \"myoidc:\" and the `claim` in JWT contains an array of strings \"a\", \"b\" and \"c\", the mapping will result in an array of string \"myoidc:a\", \"myoidc:b\" and \"myoidc:c\".", "type": "string" } }, @@ -34414,7 +34569,7 @@ "type": "object" }, "prefixPolicy": { - "description": "prefixPolicy is an optional field that configures how a prefix should be applied to the value of the JWT claim specified in the 'claim' field.\n\nAllowed values are 'Prefix', 'NoPrefix', and omitted (not provided or an empty string).\n\nWhen set to 'Prefix', the value specified in the prefix field will be prepended to the value of the JWT claim.\n\nThe prefix field must be set when prefixPolicy is 'Prefix'.\n\nWhen set to 'NoPrefix', no prefix will be prepended to the value of the JWT claim.\n\nWhen omitted, this means no opinion and the platform is left to choose any prefixes that are applied which is subject to change over time.\nCurrently, the platform prepends `{issuerURL}#` to the value of the JWT claim when the claim is not 'email'.\n\nAs an example, consider the following scenario:\n\n `prefix` is unset, `issuerURL` is set to `https://myoidc.tld`,\n the JWT claims include \"username\":\"userA\" and \"email\":\"userA@myoidc.tld\",\n and `claim` is set to:\n - \"username\": the mapped value will be \"https://myoidc.tld#userA\"\n - \"email\": the mapped value will be \"userA@myoidc.tld\"", + "description": "prefixPolicy is an optional field that configures how a prefix should be applied to the value of the JWT claim specified in the 'claim' field.\n\nAllowed values are 'Prefix', 'NoPrefix', and omitted (not provided or an empty string).\n\nWhen set to 'Prefix', the value specified in the prefix field will be prepended to the value of the JWT claim.\nThe prefix field must be set when prefixPolicy is 'Prefix'.\nMust not be set to 'Prefix' when expression is set.\nWhen set to 'NoPrefix', no prefix will be prepended to the value of the JWT claim.\nWhen omitted, this means no opinion and the platform is left to choose any prefixes that are applied which is subject to change over time.\nCurrently, the platform prepends `{issuerURL}#` to the value of the JWT claim when the claim is not 'email'.\n\nAs an example, consider the following scenario:\n\n `prefix` is unset, `issuerURL` is set to `https://myoidc.tld`,\n the JWT claims include \"username\":\"userA\" and \"email\":\"userA@myoidc.tld\",\n and `claim` is set to:\n - \"username\": the mapped value will be \"https://myoidc.tld#userA\"\n - \"email\": the mapped value will be \"userA@myoidc.tld\"", "enum": [ "", "NoPrefix", @@ -36864,9 +37019,14 @@ "description": "aws contains DNS configuration specific to the Amazon Web Services cloud provider.", "properties": { "privateZoneIAMRole": { - "description": "privateZoneIAMRole contains the ARN of an IAM role that should be assumed when performing\noperations on the cluster's private hosted zone specified in the cluster DNS config.\nWhen left empty, no role should be assumed.", - "pattern": "^arn:(aws|aws-cn|aws-us-gov):iam::[0-9]{12}:role\\/.*$", - "type": "string" + "description": "privateZoneIAMRole contains the ARN of an IAM role that should be assumed when performing\noperations on the cluster's private hosted zone specified in the cluster DNS config.\nWhen left empty, no role should be assumed.\n\nThe ARN must follow the format: arn::iam:::role/, where:\n is the AWS partition (aws, aws-cn, aws-us-gov, or aws-eusc),\n is a 12-digit numeric identifier for the AWS account,\n is the IAM role name.", + "type": "string", + "x-kubernetes-validations": [ + { + "message": "privateZoneIAMRole must be a valid AWS IAM role ARN in the format: arn::iam:::role/", + "rule": "matches(self, '^arn:(aws|aws-cn|aws-us-gov):iam::[0-9]{12}:role/.*$')" + } + ] } }, "type": "object" @@ -39068,7 +39228,17 @@ "topology", "zone" ], - "type": "object" + "type": "object", + "x-kubernetes-validations": [ + { + "message": "when zoneAffinity type is HostGroup, regionAffinity type must be ComputeCluster", + "rule": "has(self.zoneAffinity) && self.zoneAffinity.type == 'HostGroup' ? has(self.regionAffinity) && self.regionAffinity.type == 'ComputeCluster' : true" + }, + { + "message": "when zoneAffinity type is ComputeCluster, regionAffinity type must be Datacenter", + "rule": "has(self.zoneAffinity) && self.zoneAffinity.type == 'ComputeCluster' ? has(self.regionAffinity) && self.regionAffinity.type == 'Datacenter' : true" + } + ] }, "type": "array", "x-kubernetes-list-map-keys": [ @@ -39282,11 +39452,12 @@ }, "controlPlaneTopology": { "default": "HighlyAvailable", - "description": "controlPlaneTopology expresses the expectations for operands that normally run on control nodes.\nThe default is 'HighlyAvailable', which represents the behavior operators have in a \"normal\" cluster.\nThe 'SingleReplica' mode will be used in single-node deployments\nand the operators should not configure the operand for highly-available operation\nThe 'External' mode indicates that the control plane is hosted externally to the cluster and that\nits components are not visible within the cluster.", + "description": "controlPlaneTopology expresses the expectations for operands that normally run on control nodes.\nThe default is 'HighlyAvailable', which represents the behavior operators have in a \"normal\" cluster.\nThe 'SingleReplica' mode will be used in single-node deployments\nand the operators should not configure the operand for highly-available operation\nThe 'External' mode indicates that the control plane is hosted externally to the cluster and that\nits components are not visible within the cluster.\nThe 'HighlyAvailableArbiter' mode indicates that the control plane will consist of 2 control-plane nodes\nthat run conventional services and 1 smaller sized arbiter node that runs a bare minimum of services to maintain quorum.", "enum": [ "HighlyAvailable", "HighlyAvailableArbiter", "SingleReplica", + "DualReplica", "External" ], "type": "string" @@ -39471,6 +39642,99 @@ "description": "armEndpoint specifies a URL to use for resource management in non-soverign clouds such as Azure Stack.", "type": "string" }, + "cloudLoadBalancerConfig": { + "default": { + "dnsType": "PlatformDefault" + }, + "description": "cloudLoadBalancerConfig holds configuration related to DNS and cloud\nload balancers. It allows configuration of in-cluster DNS as an alternative\nto the platform default DNS implementation.\nWhen using the ClusterHosted DNS type, Load Balancer IP addresses\nmust be provided for the API and internal API load balancers as well as the\ningress load balancer.", + "properties": { + "clusterHosted": { + "description": "clusterHosted holds the IP addresses of API, API-Int and Ingress Load\nBalancers on Cloud Platforms. The DNS solution hosted within the cluster\nuse these IP addresses to provide resolution for API, API-Int and Ingress\nservices.", + "properties": { + "apiIntLoadBalancerIPs": { + "description": "apiIntLoadBalancerIPs holds Load Balancer IPs for the internal API service.\nThese Load Balancer IP addresses can be IPv4 and/or IPv6 addresses.\nEntries in the apiIntLoadBalancerIPs must be unique.\nA maximum of 16 IP addresses are permitted.", + "format": "ip", + "items": { + "description": "IP is an IP address (for example, \"10.0.0.0\" or \"fd00::\").", + "maxLength": 39, + "minLength": 1, + "type": "string", + "x-kubernetes-validations": [ + { + "message": "value must be a valid IP address", + "rule": "isIP(self)" + } + ] + }, + "maxItems": 16, + "type": "array", + "x-kubernetes-list-type": "set" + }, + "apiLoadBalancerIPs": { + "description": "apiLoadBalancerIPs holds Load Balancer IPs for the API service.\nThese Load Balancer IP addresses can be IPv4 and/or IPv6 addresses.\nCould be empty for private clusters.\nEntries in the apiLoadBalancerIPs must be unique.\nA maximum of 16 IP addresses are permitted.", + "format": "ip", + "items": { + "description": "IP is an IP address (for example, \"10.0.0.0\" or \"fd00::\").", + "maxLength": 39, + "minLength": 1, + "type": "string", + "x-kubernetes-validations": [ + { + "message": "value must be a valid IP address", + "rule": "isIP(self)" + } + ] + }, + "maxItems": 16, + "type": "array", + "x-kubernetes-list-type": "set" + }, + "ingressLoadBalancerIPs": { + "description": "ingressLoadBalancerIPs holds IPs for Ingress Load Balancers.\nThese Load Balancer IP addresses can be IPv4 and/or IPv6 addresses.\nEntries in the ingressLoadBalancerIPs must be unique.\nA maximum of 16 IP addresses are permitted.", + "format": "ip", + "items": { + "description": "IP is an IP address (for example, \"10.0.0.0\" or \"fd00::\").", + "maxLength": 39, + "minLength": 1, + "type": "string", + "x-kubernetes-validations": [ + { + "message": "value must be a valid IP address", + "rule": "isIP(self)" + } + ] + }, + "maxItems": 16, + "type": "array", + "x-kubernetes-list-type": "set" + } + }, + "type": "object" + }, + "dnsType": { + "default": "PlatformDefault", + "description": "dnsType indicates the type of DNS solution in use within the cluster. Its default value of\n`PlatformDefault` indicates that the cluster's DNS is the default provided by the cloud platform.\nIt can be set to `ClusterHosted` to bypass the configuration of the cloud default DNS. In this mode,\nthe cluster needs to provide a self-hosted DNS solution for the cluster's installation to succeed.\nThe cluster's use of the cloud's Load Balancers is unaffected by this setting.\nThe value is immutable after it has been set at install time.\nCurrently, there is no way for the customer to add additional DNS entries into the cluster hosted DNS.\nEnabling this functionality allows the user to start their own DNS solution outside the cluster after\ninstallation is complete. The customer would be responsible for configuring this custom DNS solution,\nand it can be run in addition to the in-cluster DNS solution.", + "enum": [ + "ClusterHosted", + "PlatformDefault" + ], + "type": "string", + "x-kubernetes-validations": [ + { + "message": "dnsType is immutable", + "rule": "oldSelf == '' || self == oldSelf" + } + ] + } + }, + "type": "object", + "x-kubernetes-validations": [ + { + "message": "clusterHosted is permitted only when dnsType is ClusterHosted", + "rule": "has(self.dnsType) && self.dnsType != 'ClusterHosted' ? !has(self.clusterHosted) : true" + } + ] + }, "cloudName": { "description": "cloudName is the name of the Azure cloud environment which can be used to configure the Azure SDK\nwith the appropriate Azure API endpoints.\nIf empty, the value is equal to `AzurePublicCloud`.", "enum": [ @@ -44186,21 +44450,11 @@ "type": "object" }, "type": { - "allOf": [ - { - "enum": [ - "GitImport", - "ContainerImport" - ] - }, - { - "enum": [ - "GitImport", - "ContainerImport" - ] - } - ], "description": "type of the sample, currently supported: \"GitImport\";\"ContainerImport\"", + "enum": [ + "GitImport", + "ContainerImport" + ], "type": "string" } }, @@ -80469,346 +80723,348 @@ }, "type": "object" }, - "uninstallStrategy": { - "default": "BlockUninstallIfWorkloadsExist", - "description": "UninstallStrategy defines how to proceed on uninstall when workloads (VirtualMachines, DataVolumes) still exist.\nBlockUninstallIfWorkloadsExist will prevent the CR from being removed when workloads still exist.\nBlockUninstallIfWorkloadsExist is the safest choice to protect your workloads from accidental data loss, so it's strongly advised.\nRemoveWorkloads will cause all the workloads to be cascading deleted on uninstallation.\nWARNING: please notice that RemoveWorkloads will cause your workloads to be deleted as soon as this CR will be, even accidentally, deleted.\nPlease correctly consider the implications of this option before setting it.\nBlockUninstallIfWorkloadsExist is the default behavior.", - "enum": [ - "RemoveWorkloads", - "BlockUninstallIfWorkloadsExist" - ], - "type": "string" - } - }, - "type": "object" - }, - "featureGates": { - "description": "FeatureGates is a set of optional feature gates to enable or disable new\nfeatures that are not generally available yet.\nAdd a new FeatureGate Object to this set, to enable a feature that is\ndisabled by default, or to disable a feature that is enabled by default.\n\nA feature gate may be in the following phases:\n* alpha: the feature is in dev-preview. It is disabled by default, but can\n be enabled.\n* beta: the feature gate is in tech-preview. It is enabled by default, but\n can be disabled.\n* GA: the feature is graduated and is always enabled. There is no way to\n disable it.\n* deprecated: the feature is no longer supported. There is no way to enable\n it\n\nFeature-Gate list:\n* decentralizedLiveMigration:\n DecentralizedLiveMigration enables the decentralized live migration\n (cross-cluster migration) feature. This feature allows live migration of\n VirtualMachineInstances between different clusters. This feature is in\n Developer Preview.\n Phase: beta\n\n* videoConfig:\n VideoConfig allows users to configure video device types for their virtual\n machines. This can be useful for workloads that require specific video\n capabilities or architectures. Note: This feature is in Tech Preview.\n Phase: beta\n\n* alignCPUs:\n Enable KubeVirt to request up to two additional dedicated CPUs in order to\n complete the total CPU count to an even parity when using emulator thread\n isolation. Note: this feature is in Developer Preview.\n Phase: alpha\n\n* containerPathVolumes:\n ContainerPathVolumes enables the use of container paths as volumes in\n KubeVirt. This allows VMs to access files and directories from the\n virt-launcher pod's filesystem via virtiofs.\n Phase: alpha\n\n* declarativeHotplugVolumes:\n DeclarativeHotplugVolumes enables the use of the declarative volume\n hotplug feature in KubeVirt. When set to true, the\n \"DeclarativeHotplugVolumes\" feature gate is enabled instead of\n \"HotplugVolumes\". When set to false or nil, the \"HotplugVolumes\" feature\n gate is enabled (default behavior). This feature is in Developer Preview.\n Phase: alpha\n\n* deployKubeSecondaryDNS:\n Deploy KubeSecondaryDNS by CNAO\n Phase: alpha\n\n* disableMDevConfiguration:\n Disable mediated devices handling on KubeVirt\n Phase: alpha\n\n* downwardMetrics:\n Allow to expose a limited set of host metrics to guests.\n Phase: alpha\n\n* enableMultiArchBootImageImport:\n EnableMultiArchBootImageImport allows the HCO to run on heterogeneous\n clusters with different CPU architectures. Setting this field to true will\n allow the HCO to create Golden Images for different CPU architectures.\n This feature is in Developer Preview.\n Phase: alpha\n\n* incrementalBackup:\n IncrementalBackup enables changed block tracking backups and incremental\n backups using QEMU capabilities in KubeVirt. When enabled, this also\n enables the UtilityVolumes feature gate in the KubeVirt CR. Note: This\n feature is in Tech Preview.\n Phase: alpha\n\n* objectGraph:\n ObjectGraph enables the ObjectGraph VM and VMI subresource in KubeVirt.\n This subresource returns a structured list of k8s objects that are related\n to the specified VM or VMI, enabling better dependency tracking. Note:\n This feature is in Developer Preview.\n Phase: alpha\n\n* persistentReservation:\n Enable persistent reservation of a LUN through the SCSI Persistent Reserve\n commands on Kubevirt. In order to issue privileged SCSI ioctls, the VM\n requires activation of the persistent reservation flag. Once this feature\n gate is enabled, then the additional container with the qemu-pr-helper is\n deployed inside the virt-handler pod. Enabling (or removing) the feature\n gate causes the redeployment of the virt-handler pod.\n Phase: alpha\n\n* autoResourceLimits:\n Deprecated: this feature gate is ignored.\n Phase: deprecated\n\n* deployKubevirtIpamController:\n Deprecated: this feature gate is ignored.\n Phase: deprecated\n\n* deployTektonTaskResources:\n Deprecated: This feature gate is ignored.\n Phase: deprecated\n\n* deployVmConsoleProxy:\n Deprecated: This feature gate is ignored. Use spec.deployVmConsoleProxy\n instead\n Phase: deprecated\n\n* enableApplicationAwareQuota:\n Deprecated: This field is ignored and will be removed on the next version\n of the API. Use spec.enableApplicationAwareQuota instead\n Phase: deprecated\n\n* enableCommonBootImageImport:\n Deprecated: This feature gate is ignored. Use\n spec.enableCommonBootImageImport instead\n Phase: deprecated\n\n* enableManagedTenantQuota:\n Deprecated: This feature gate is ignored.\n Phase: deprecated\n\n* nonRoot:\n Deprecated: This feature gate is ignored.\n Phase: deprecated\n\n* primaryUserDefinedNetworkBinding:\n Deprecated: this feature gate is ignored.\n Phase: deprecated\n\n* withHostPassthroughCPU:\n Deprecated: This feature gate is ignored\n Phase: deprecated", - "items": { - "description": "FeatureGate is an optional feature gate to enable or disable a new feature that is not generally available yet.", - "properties": { - "name": { - "description": "Name is the feature gate name", - "type": "string" - }, - "state": { - "description": "State determines if the feature gate is Enabled, or Disabled. The default value is Enabled.", - "enum": [ - "Enabled", - "Disabled" - ], - "type": "string" - } - }, - "required": [ - "name" - ], - "type": "object" - }, - "type": "array" - }, - "networking": { - "description": "Networking contains all the configurations for networking", - "properties": { - "kubeMacPoolConfiguration": { - "description": "KubeMacPoolConfiguration holds kubemacpool MAC address range configuration.", + "nodePlacements": { + "description": "NodePlacements defines the node scheduling configuration for infrastructure or workload entities", "properties": { - "rangeEnd": { - "description": "RangeEnd defines the last MAC address in the kubemacpool range.\nThe MAC address format should be AA:BB:CC:DD:EE:FF.", - "pattern": "^([0-9a-fA-F]{2}:){5}[0-9a-fA-F]{2}$", - "type": "string" - }, - "rangeStart": { - "description": "RangeStart defines the first MAC address in the kubemacpool range.\nThe MAC address format should be AA:BB:CC:DD:EE:FF.", - "pattern": "^([0-9a-fA-F]{2}:){5}[0-9a-fA-F]{2}$", - "type": "string" - } - }, - "type": "object", - "x-kubernetes-validations": [ - { - "message": "both rangeStart and rangeEnd must be configured together, or both omitted", - "rule": "(has(self.rangeStart) && has(self.rangeEnd)) || (!has(self.rangeStart) && !has(self.rangeEnd))" - } - ] - }, - "kubeSecondaryDNSNameServerIP": { - "description": "KubeSecondaryDNSNameServerIP defines name server IP used by KubeSecondaryDNS", - "type": "string" - }, - "networkBinding": { - "additionalProperties": { - "properties": { - "computeResourceOverhead": { - "description": "ComputeResourceOverhead specifies the resource overhead that should be added to the compute container when using the binding.\nversion: v1alphav1", - "properties": { - "limits": { - "additionalProperties": { - "anyOf": [ - { - "type": "integer" - }, - { - "type": "string" - } - ], - "pattern": "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$", - "x-kubernetes-int-or-string": true - }, - "description": "Limits describes the maximum amount of compute resources allowed.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/", - "type": "object" - }, - "requests": { - "additionalProperties": { - "anyOf": [ - { - "type": "integer" - }, - { - "type": "string" - } - ], - "pattern": "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$", - "x-kubernetes-int-or-string": true - }, - "description": "Requests describes the minimum amount of compute resources required.\nIf Requests is omitted for a container, it defaults to Limits if that is explicitly specified,\notherwise to an implementation-defined value. Requests cannot exceed Limits.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/", - "type": "object" - } - }, - "type": "object" - }, - "domainAttachmentType": { - "description": "DomainAttachmentType is a standard domain network attachment method kubevirt supports.\nSupported values: \"tap\", \"managedTap\" (since v1.4).\nThe standard domain attachment can be used instead or in addition to the sidecarImage.\nversion: 1alphav1", - "type": "string" - }, - "downwardAPI": { - "description": "DownwardAPI specifies what kind of data should be exposed to the binding plugin sidecar.\nSupported values: \"device-info\"\nversion: v1alphav1", - "type": "string" - }, - "migration": { - "description": "Migration means the VM using the plugin can be safely migrated\nversion: 1alphav1", - "properties": { - "method": { - "description": "Method defines a pre-defined migration methodology\nversion: 1alphav1", - "type": "string" - } - }, - "type": "object" - }, - "networkAttachmentDefinition": { - "description": "NetworkAttachmentDefinition references to a NetworkAttachmentDefinition CR object.\nFormat: , /.\nIf namespace is not specified, VMI namespace is assumed.\nversion: 1alphav1", - "type": "string" - }, - "sidecarImage": { - "description": "SidecarImage references a container image that runs in the virt-launcher pod.\nThe sidecar handles (libvirt) domain configuration and optional services.\nversion: 1alphav1", - "type": "string" - } - }, - "type": "object" - }, - "description": "NetworkBinding defines the network binding plugins.\nThose bindings can be used when defining virtual machine interfaces.", - "type": "object" - } - }, - "type": "object" - }, - "nodePlacements": { - "description": "NodePlacements defines the node scheduling configuration for infrastructure or workload entities", - "properties": { - "infra": { - "description": "Infra describes node scheduling configuration for infrastructure entities", - "properties": { - "affinity": { - "description": "affinity enables pod affinity/anti-affinity placement expanding the types of constraints\nthat can be expressed with nodeSelector.\naffinity is going to be applied to the relevant kind of pods in parallel with nodeSelector\nSee https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#affinity-and-anti-affinity", + "infra": { + "description": "Infra describes node scheduling configuration for infrastructure entities", "properties": { - "nodeAffinity": { - "description": "Describes node affinity scheduling rules for the pod.", + "affinity": { + "description": "affinity enables pod affinity/anti-affinity placement expanding the types of constraints\nthat can be expressed with nodeSelector.\naffinity is going to be applied to the relevant kind of pods in parallel with nodeSelector\nSee https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#affinity-and-anti-affinity", "properties": { - "preferredDuringSchedulingIgnoredDuringExecution": { - "description": "The scheduler will prefer to schedule pods to nodes that satisfy\nthe affinity expressions specified by this field, but it may choose\na node that violates one or more of the expressions. The node that is\nmost preferred is the one with the greatest sum of weights, i.e.\nfor each node that meets all of the scheduling requirements (resource\nrequest, requiredDuringScheduling affinity expressions, etc.),\ncompute a sum by iterating through the elements of this field and adding\n\"weight\" to the sum if the node matches the corresponding matchExpressions; the\nnode(s) with the highest sum are the most preferred.", - "items": { - "description": "An empty preferred scheduling term matches all objects with implicit weight 0\n(i.e. it's a no-op). A null preferred scheduling term matches no objects (i.e. is also a no-op).", - "properties": { - "preference": { - "description": "A node selector term, associated with the corresponding weight.", + "nodeAffinity": { + "description": "Describes node affinity scheduling rules for the pod.", + "properties": { + "preferredDuringSchedulingIgnoredDuringExecution": { + "description": "The scheduler will prefer to schedule pods to nodes that satisfy\nthe affinity expressions specified by this field, but it may choose\na node that violates one or more of the expressions. The node that is\nmost preferred is the one with the greatest sum of weights, i.e.\nfor each node that meets all of the scheduling requirements (resource\nrequest, requiredDuringScheduling affinity expressions, etc.),\ncompute a sum by iterating through the elements of this field and adding\n\"weight\" to the sum if the node matches the corresponding matchExpressions; the\nnode(s) with the highest sum are the most preferred.", + "items": { + "description": "An empty preferred scheduling term matches all objects with implicit weight 0\n(i.e. it's a no-op). A null preferred scheduling term matches no objects (i.e. is also a no-op).", "properties": { - "matchExpressions": { - "description": "A list of node selector requirements by node's labels.", - "items": { - "description": "A node selector requirement is a selector that contains values, a key, and an operator\nthat relates the key and values.", - "properties": { - "key": { - "description": "The label key that the selector applies to.", - "type": "string" - }, - "operator": { - "description": "Represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt.", - "type": "string" - }, - "values": { - "description": "An array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. If the operator is Gt or Lt, the values\narray must have a single element, which will be interpreted as an integer.\nThis array is replaced during a strategic merge patch.", - "items": { - "type": "string" + "preference": { + "description": "A node selector term, associated with the corresponding weight.", + "properties": { + "matchExpressions": { + "description": "A list of node selector requirements by node's labels.", + "items": { + "description": "A node selector requirement is a selector that contains values, a key, and an operator\nthat relates the key and values.", + "properties": { + "key": { + "description": "The label key that the selector applies to.", + "type": "string" + }, + "operator": { + "description": "Represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt.", + "type": "string" + }, + "values": { + "description": "An array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. If the operator is Gt or Lt, the values\narray must have a single element, which will be interpreted as an integer.\nThis array is replaced during a strategic merge patch.", + "items": { + "type": "string" + }, + "type": "array", + "x-kubernetes-list-type": "atomic" + } }, - "type": "array", - "x-kubernetes-list-type": "atomic" - } - }, - "required": [ - "key", - "operator" - ], - "type": "object" - }, - "type": "array", - "x-kubernetes-list-type": "atomic" - }, - "matchFields": { - "description": "A list of node selector requirements by node's fields.", - "items": { - "description": "A node selector requirement is a selector that contains values, a key, and an operator\nthat relates the key and values.", - "properties": { - "key": { - "description": "The label key that the selector applies to.", - "type": "string" - }, - "operator": { - "description": "Represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt.", - "type": "string" + "required": [ + "key", + "operator" + ], + "type": "object" }, - "values": { - "description": "An array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. If the operator is Gt or Lt, the values\narray must have a single element, which will be interpreted as an integer.\nThis array is replaced during a strategic merge patch.", - "items": { - "type": "string" - }, - "type": "array", - "x-kubernetes-list-type": "atomic" - } + "type": "array", + "x-kubernetes-list-type": "atomic" }, - "required": [ - "key", - "operator" - ], - "type": "object" + "matchFields": { + "description": "A list of node selector requirements by node's fields.", + "items": { + "description": "A node selector requirement is a selector that contains values, a key, and an operator\nthat relates the key and values.", + "properties": { + "key": { + "description": "The label key that the selector applies to.", + "type": "string" + }, + "operator": { + "description": "Represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt.", + "type": "string" + }, + "values": { + "description": "An array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. If the operator is Gt or Lt, the values\narray must have a single element, which will be interpreted as an integer.\nThis array is replaced during a strategic merge patch.", + "items": { + "type": "string" + }, + "type": "array", + "x-kubernetes-list-type": "atomic" + } + }, + "required": [ + "key", + "operator" + ], + "type": "object" + }, + "type": "array", + "x-kubernetes-list-type": "atomic" + } }, - "type": "array", - "x-kubernetes-list-type": "atomic" + "type": "object", + "x-kubernetes-map-type": "atomic" + }, + "weight": { + "description": "Weight associated with matching the corresponding nodeSelectorTerm, in the range 1-100.", + "format": "int32", + "type": "integer" } }, - "type": "object", - "x-kubernetes-map-type": "atomic" + "required": [ + "preference", + "weight" + ], + "type": "object" }, - "weight": { - "description": "Weight associated with matching the corresponding nodeSelectorTerm, in the range 1-100.", - "format": "int32", - "type": "integer" - } + "type": "array", + "x-kubernetes-list-type": "atomic" }, - "required": [ - "preference", - "weight" - ], - "type": "object" + "requiredDuringSchedulingIgnoredDuringExecution": { + "description": "If the affinity requirements specified by this field are not met at\nscheduling time, the pod will not be scheduled onto the node.\nIf the affinity requirements specified by this field cease to be met\nat some point during pod execution (e.g. due to an update), the system\nmay or may not try to eventually evict the pod from its node.", + "properties": { + "nodeSelectorTerms": { + "description": "Required. A list of node selector terms. The terms are ORed.", + "items": { + "description": "A null or empty node selector term matches no objects. The requirements of\nthem are ANDed.\nThe TopologySelectorTerm type implements a subset of the NodeSelectorTerm.", + "properties": { + "matchExpressions": { + "description": "A list of node selector requirements by node's labels.", + "items": { + "description": "A node selector requirement is a selector that contains values, a key, and an operator\nthat relates the key and values.", + "properties": { + "key": { + "description": "The label key that the selector applies to.", + "type": "string" + }, + "operator": { + "description": "Represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt.", + "type": "string" + }, + "values": { + "description": "An array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. If the operator is Gt or Lt, the values\narray must have a single element, which will be interpreted as an integer.\nThis array is replaced during a strategic merge patch.", + "items": { + "type": "string" + }, + "type": "array", + "x-kubernetes-list-type": "atomic" + } + }, + "required": [ + "key", + "operator" + ], + "type": "object" + }, + "type": "array", + "x-kubernetes-list-type": "atomic" + }, + "matchFields": { + "description": "A list of node selector requirements by node's fields.", + "items": { + "description": "A node selector requirement is a selector that contains values, a key, and an operator\nthat relates the key and values.", + "properties": { + "key": { + "description": "The label key that the selector applies to.", + "type": "string" + }, + "operator": { + "description": "Represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt.", + "type": "string" + }, + "values": { + "description": "An array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. If the operator is Gt or Lt, the values\narray must have a single element, which will be interpreted as an integer.\nThis array is replaced during a strategic merge patch.", + "items": { + "type": "string" + }, + "type": "array", + "x-kubernetes-list-type": "atomic" + } + }, + "required": [ + "key", + "operator" + ], + "type": "object" + }, + "type": "array", + "x-kubernetes-list-type": "atomic" + } + }, + "type": "object", + "x-kubernetes-map-type": "atomic" + }, + "type": "array", + "x-kubernetes-list-type": "atomic" + } + }, + "required": [ + "nodeSelectorTerms" + ], + "type": "object", + "x-kubernetes-map-type": "atomic" + } }, - "type": "array", - "x-kubernetes-list-type": "atomic" + "type": "object" }, - "requiredDuringSchedulingIgnoredDuringExecution": { - "description": "If the affinity requirements specified by this field are not met at\nscheduling time, the pod will not be scheduled onto the node.\nIf the affinity requirements specified by this field cease to be met\nat some point during pod execution (e.g. due to an update), the system\nmay or may not try to eventually evict the pod from its node.", + "podAffinity": { + "description": "Describes pod affinity scheduling rules (e.g. co-locate this pod in the same node, zone, etc. as some other pod(s)).", "properties": { - "nodeSelectorTerms": { - "description": "Required. A list of node selector terms. The terms are ORed.", + "preferredDuringSchedulingIgnoredDuringExecution": { + "description": "The scheduler will prefer to schedule pods to nodes that satisfy\nthe affinity expressions specified by this field, but it may choose\na node that violates one or more of the expressions. The node that is\nmost preferred is the one with the greatest sum of weights, i.e.\nfor each node that meets all of the scheduling requirements (resource\nrequest, requiredDuringScheduling affinity expressions, etc.),\ncompute a sum by iterating through the elements of this field and adding\n\"weight\" to the sum if the node has pods which matches the corresponding podAffinityTerm; the\nnode(s) with the highest sum are the most preferred.", "items": { - "description": "A null or empty node selector term matches no objects. The requirements of\nthem are ANDed.\nThe TopologySelectorTerm type implements a subset of the NodeSelectorTerm.", + "description": "The weights of all of the matched WeightedPodAffinityTerm fields are added per-node to find the most preferred node(s)", "properties": { - "matchExpressions": { - "description": "A list of node selector requirements by node's labels.", - "items": { - "description": "A node selector requirement is a selector that contains values, a key, and an operator\nthat relates the key and values.", - "properties": { - "key": { - "description": "The label key that the selector applies to.", - "type": "string" + "podAffinityTerm": { + "description": "Required. A pod affinity term, associated with the corresponding weight.", + "properties": { + "labelSelector": { + "description": "A label query over a set of resources, in this case pods.\nIf it's null, this PodAffinityTerm matches with no Pods.", + "properties": { + "matchExpressions": { + "description": "matchExpressions is a list of label selector requirements. The requirements are ANDed.", + "items": { + "description": "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values.", + "properties": { + "key": { + "description": "key is the label key that the selector applies to.", + "type": "string" + }, + "operator": { + "description": "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist.", + "type": "string" + }, + "values": { + "description": "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch.", + "items": { + "type": "string" + }, + "type": "array", + "x-kubernetes-list-type": "atomic" + } + }, + "required": [ + "key", + "operator" + ], + "type": "object" + }, + "type": "array", + "x-kubernetes-list-type": "atomic" + }, + "matchLabels": { + "additionalProperties": { + "type": "string" + }, + "description": "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed.", + "type": "object" + } }, - "operator": { - "description": "Represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt.", + "type": "object", + "x-kubernetes-map-type": "atomic" + }, + "matchLabelKeys": { + "description": "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set.", + "items": { "type": "string" }, - "values": { - "description": "An array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. If the operator is Gt or Lt, the values\narray must have a single element, which will be interpreted as an integer.\nThis array is replaced during a strategic merge patch.", - "items": { - "type": "string" - }, - "type": "array", - "x-kubernetes-list-type": "atomic" - } + "type": "array", + "x-kubernetes-list-type": "atomic" }, - "required": [ - "key", - "operator" - ], - "type": "object" - }, - "type": "array", - "x-kubernetes-list-type": "atomic" - }, - "matchFields": { - "description": "A list of node selector requirements by node's fields.", - "items": { - "description": "A node selector requirement is a selector that contains values, a key, and an operator\nthat relates the key and values.", - "properties": { - "key": { - "description": "The label key that the selector applies to.", + "mismatchLabelKeys": { + "description": "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set.", + "items": { "type": "string" }, - "operator": { - "description": "Represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt.", + "type": "array", + "x-kubernetes-list-type": "atomic" + }, + "namespaceSelector": { + "description": "A label query over the set of namespaces that the term applies to.\nThe term is applied to the union of the namespaces selected by this field\nand the ones listed in the namespaces field.\nnull selector and null or empty namespaces list means \"this pod's namespace\".\nAn empty selector ({}) matches all namespaces.", + "properties": { + "matchExpressions": { + "description": "matchExpressions is a list of label selector requirements. The requirements are ANDed.", + "items": { + "description": "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values.", + "properties": { + "key": { + "description": "key is the label key that the selector applies to.", + "type": "string" + }, + "operator": { + "description": "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist.", + "type": "string" + }, + "values": { + "description": "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch.", + "items": { + "type": "string" + }, + "type": "array", + "x-kubernetes-list-type": "atomic" + } + }, + "required": [ + "key", + "operator" + ], + "type": "object" + }, + "type": "array", + "x-kubernetes-list-type": "atomic" + }, + "matchLabels": { + "additionalProperties": { + "type": "string" + }, + "description": "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed.", + "type": "object" + } + }, + "type": "object", + "x-kubernetes-map-type": "atomic" + }, + "namespaces": { + "description": "namespaces specifies a static list of namespace names that the term applies to.\nThe term is applied to the union of the namespaces listed in this field\nand the ones selected by namespaceSelector.\nnull or empty namespaces list and null namespaceSelector means \"this pod's namespace\".", + "items": { "type": "string" }, - "values": { - "description": "An array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. If the operator is Gt or Lt, the values\narray must have a single element, which will be interpreted as an integer.\nThis array is replaced during a strategic merge patch.", - "items": { - "type": "string" - }, - "type": "array", - "x-kubernetes-list-type": "atomic" - } + "type": "array", + "x-kubernetes-list-type": "atomic" }, - "required": [ - "key", - "operator" - ], - "type": "object" + "topologyKey": { + "description": "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching\nthe labelSelector in the specified namespaces, where co-located is defined as running on a node\nwhose value of the label with key topologyKey matches that of any node on which any of the\nselected pods is running.\nEmpty topologyKey is not allowed.", + "type": "string" + } }, - "type": "array", - "x-kubernetes-list-type": "atomic" + "required": [ + "topologyKey" + ], + "type": "object" + }, + "weight": { + "description": "weight associated with matching the corresponding podAffinityTerm,\nin the range 1-100.", + "format": "int32", + "type": "integer" } }, - "type": "object", - "x-kubernetes-map-type": "atomic" + "required": [ + "podAffinityTerm", + "weight" + ], + "type": "object" }, "type": "array", "x-kubernetes-list-type": "atomic" - } - }, - "required": [ - "nodeSelectorTerms" - ], - "type": "object", - "x-kubernetes-map-type": "atomic" - } - }, - "type": "object" - }, - "podAffinity": { - "description": "Describes pod affinity scheduling rules (e.g. co-locate this pod in the same node, zone, etc. as some other pod(s)).", - "properties": { - "preferredDuringSchedulingIgnoredDuringExecution": { - "description": "The scheduler will prefer to schedule pods to nodes that satisfy\nthe affinity expressions specified by this field, but it may choose\na node that violates one or more of the expressions. The node that is\nmost preferred is the one with the greatest sum of weights, i.e.\nfor each node that meets all of the scheduling requirements (resource\nrequest, requiredDuringScheduling affinity expressions, etc.),\ncompute a sum by iterating through the elements of this field and adding\n\"weight\" to the sum if the node has pods which matches the corresponding podAffinityTerm; the\nnode(s) with the highest sum are the most preferred.", - "items": { - "description": "The weights of all of the matched WeightedPodAffinityTerm fields are added per-node to find the most preferred node(s)", - "properties": { - "podAffinityTerm": { - "description": "Required. A pod affinity term, associated with the corresponding weight.", + }, + "requiredDuringSchedulingIgnoredDuringExecution": { + "description": "If the affinity requirements specified by this field are not met at\nscheduling time, the pod will not be scheduled onto the node.\nIf the affinity requirements specified by this field cease to be met\nat some point during pod execution (e.g. due to a pod label update), the\nsystem may or may not try to eventually evict the pod from its node.\nWhen there are multiple elements, the lists of nodes corresponding to each\npodAffinityTerm are intersected, i.e. all terms must be satisfied.", + "items": { + "description": "Defines a set of pods (namely those matching the labelSelector\nrelative to the given namespace(s)) that this pod should be\nco-located (affinity) or not co-located (anti-affinity) with,\nwhere co-located is defined as running on a node whose value of\nthe label with key matches that of any node on which\na pod of the set of pods is running", "properties": { "labelSelector": { "description": "A label query over a set of resources, in this case pods.\nIf it's null, this PodAffinityTerm matches with no Pods.", @@ -80934,166 +81190,166 @@ ], "type": "object" }, - "weight": { - "description": "weight associated with matching the corresponding podAffinityTerm,\nin the range 1-100.", - "format": "int32", - "type": "integer" - } - }, - "required": [ - "podAffinityTerm", - "weight" - ], - "type": "object" + "type": "array", + "x-kubernetes-list-type": "atomic" + } }, - "type": "array", - "x-kubernetes-list-type": "atomic" + "type": "object" }, - "requiredDuringSchedulingIgnoredDuringExecution": { - "description": "If the affinity requirements specified by this field are not met at\nscheduling time, the pod will not be scheduled onto the node.\nIf the affinity requirements specified by this field cease to be met\nat some point during pod execution (e.g. due to a pod label update), the\nsystem may or may not try to eventually evict the pod from its node.\nWhen there are multiple elements, the lists of nodes corresponding to each\npodAffinityTerm are intersected, i.e. all terms must be satisfied.", - "items": { - "description": "Defines a set of pods (namely those matching the labelSelector\nrelative to the given namespace(s)) that this pod should be\nco-located (affinity) or not co-located (anti-affinity) with,\nwhere co-located is defined as running on a node whose value of\nthe label with key matches that of any node on which\na pod of the set of pods is running", - "properties": { - "labelSelector": { - "description": "A label query over a set of resources, in this case pods.\nIf it's null, this PodAffinityTerm matches with no Pods.", + "podAntiAffinity": { + "description": "Describes pod anti-affinity scheduling rules (e.g. avoid putting this pod in the same node, zone, etc. as some other pod(s)).", + "properties": { + "preferredDuringSchedulingIgnoredDuringExecution": { + "description": "The scheduler will prefer to schedule pods to nodes that satisfy\nthe anti-affinity expressions specified by this field, but it may choose\na node that violates one or more of the expressions. The node that is\nmost preferred is the one with the greatest sum of weights, i.e.\nfor each node that meets all of the scheduling requirements (resource\nrequest, requiredDuringScheduling anti-affinity expressions, etc.),\ncompute a sum by iterating through the elements of this field and subtracting\n\"weight\" from the sum if the node has pods which matches the corresponding podAffinityTerm; the\nnode(s) with the highest sum are the most preferred.", + "items": { + "description": "The weights of all of the matched WeightedPodAffinityTerm fields are added per-node to find the most preferred node(s)", "properties": { - "matchExpressions": { - "description": "matchExpressions is a list of label selector requirements. The requirements are ANDed.", - "items": { - "description": "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values.", - "properties": { - "key": { - "description": "key is the label key that the selector applies to.", - "type": "string" + "podAffinityTerm": { + "description": "Required. A pod affinity term, associated with the corresponding weight.", + "properties": { + "labelSelector": { + "description": "A label query over a set of resources, in this case pods.\nIf it's null, this PodAffinityTerm matches with no Pods.", + "properties": { + "matchExpressions": { + "description": "matchExpressions is a list of label selector requirements. The requirements are ANDed.", + "items": { + "description": "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values.", + "properties": { + "key": { + "description": "key is the label key that the selector applies to.", + "type": "string" + }, + "operator": { + "description": "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist.", + "type": "string" + }, + "values": { + "description": "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch.", + "items": { + "type": "string" + }, + "type": "array", + "x-kubernetes-list-type": "atomic" + } + }, + "required": [ + "key", + "operator" + ], + "type": "object" + }, + "type": "array", + "x-kubernetes-list-type": "atomic" + }, + "matchLabels": { + "additionalProperties": { + "type": "string" + }, + "description": "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed.", + "type": "object" + } }, - "operator": { - "description": "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist.", + "type": "object", + "x-kubernetes-map-type": "atomic" + }, + "matchLabelKeys": { + "description": "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set.", + "items": { "type": "string" }, - "values": { - "description": "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch.", - "items": { - "type": "string" - }, - "type": "array", - "x-kubernetes-list-type": "atomic" - } + "type": "array", + "x-kubernetes-list-type": "atomic" }, - "required": [ - "key", - "operator" - ], - "type": "object" - }, - "type": "array", - "x-kubernetes-list-type": "atomic" - }, - "matchLabels": { - "additionalProperties": { - "type": "string" - }, - "description": "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed.", - "type": "object" - } - }, - "type": "object", - "x-kubernetes-map-type": "atomic" - }, - "matchLabelKeys": { - "description": "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set.", - "items": { - "type": "string" - }, - "type": "array", - "x-kubernetes-list-type": "atomic" - }, - "mismatchLabelKeys": { - "description": "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set.", - "items": { - "type": "string" - }, - "type": "array", - "x-kubernetes-list-type": "atomic" - }, - "namespaceSelector": { - "description": "A label query over the set of namespaces that the term applies to.\nThe term is applied to the union of the namespaces selected by this field\nand the ones listed in the namespaces field.\nnull selector and null or empty namespaces list means \"this pod's namespace\".\nAn empty selector ({}) matches all namespaces.", - "properties": { - "matchExpressions": { - "description": "matchExpressions is a list of label selector requirements. The requirements are ANDed.", - "items": { - "description": "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values.", - "properties": { - "key": { - "description": "key is the label key that the selector applies to.", + "mismatchLabelKeys": { + "description": "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set.", + "items": { "type": "string" }, - "operator": { - "description": "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist.", + "type": "array", + "x-kubernetes-list-type": "atomic" + }, + "namespaceSelector": { + "description": "A label query over the set of namespaces that the term applies to.\nThe term is applied to the union of the namespaces selected by this field\nand the ones listed in the namespaces field.\nnull selector and null or empty namespaces list means \"this pod's namespace\".\nAn empty selector ({}) matches all namespaces.", + "properties": { + "matchExpressions": { + "description": "matchExpressions is a list of label selector requirements. The requirements are ANDed.", + "items": { + "description": "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values.", + "properties": { + "key": { + "description": "key is the label key that the selector applies to.", + "type": "string" + }, + "operator": { + "description": "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist.", + "type": "string" + }, + "values": { + "description": "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch.", + "items": { + "type": "string" + }, + "type": "array", + "x-kubernetes-list-type": "atomic" + } + }, + "required": [ + "key", + "operator" + ], + "type": "object" + }, + "type": "array", + "x-kubernetes-list-type": "atomic" + }, + "matchLabels": { + "additionalProperties": { + "type": "string" + }, + "description": "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed.", + "type": "object" + } + }, + "type": "object", + "x-kubernetes-map-type": "atomic" + }, + "namespaces": { + "description": "namespaces specifies a static list of namespace names that the term applies to.\nThe term is applied to the union of the namespaces listed in this field\nand the ones selected by namespaceSelector.\nnull or empty namespaces list and null namespaceSelector means \"this pod's namespace\".", + "items": { "type": "string" }, - "values": { - "description": "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch.", - "items": { - "type": "string" - }, - "type": "array", - "x-kubernetes-list-type": "atomic" - } + "type": "array", + "x-kubernetes-list-type": "atomic" }, - "required": [ - "key", - "operator" - ], - "type": "object" - }, - "type": "array", - "x-kubernetes-list-type": "atomic" - }, - "matchLabels": { - "additionalProperties": { - "type": "string" + "topologyKey": { + "description": "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching\nthe labelSelector in the specified namespaces, where co-located is defined as running on a node\nwhose value of the label with key topologyKey matches that of any node on which any of the\nselected pods is running.\nEmpty topologyKey is not allowed.", + "type": "string" + } }, - "description": "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed.", + "required": [ + "topologyKey" + ], "type": "object" + }, + "weight": { + "description": "weight associated with matching the corresponding podAffinityTerm,\nin the range 1-100.", + "format": "int32", + "type": "integer" } }, - "type": "object", - "x-kubernetes-map-type": "atomic" - }, - "namespaces": { - "description": "namespaces specifies a static list of namespace names that the term applies to.\nThe term is applied to the union of the namespaces listed in this field\nand the ones selected by namespaceSelector.\nnull or empty namespaces list and null namespaceSelector means \"this pod's namespace\".", - "items": { - "type": "string" - }, - "type": "array", - "x-kubernetes-list-type": "atomic" + "required": [ + "podAffinityTerm", + "weight" + ], + "type": "object" }, - "topologyKey": { - "description": "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching\nthe labelSelector in the specified namespaces, where co-located is defined as running on a node\nwhose value of the label with key topologyKey matches that of any node on which any of the\nselected pods is running.\nEmpty topologyKey is not allowed.", - "type": "string" - } + "type": "array", + "x-kubernetes-list-type": "atomic" }, - "required": [ - "topologyKey" - ], - "type": "object" - }, - "type": "array", - "x-kubernetes-list-type": "atomic" - } - }, - "type": "object" - }, - "podAntiAffinity": { - "description": "Describes pod anti-affinity scheduling rules (e.g. avoid putting this pod in the same node, zone, etc. as some other pod(s)).", - "properties": { - "preferredDuringSchedulingIgnoredDuringExecution": { - "description": "The scheduler will prefer to schedule pods to nodes that satisfy\nthe anti-affinity expressions specified by this field, but it may choose\na node that violates one or more of the expressions. The node that is\nmost preferred is the one with the greatest sum of weights, i.e.\nfor each node that meets all of the scheduling requirements (resource\nrequest, requiredDuringScheduling anti-affinity expressions, etc.),\ncompute a sum by iterating through the elements of this field and subtracting\n\"weight\" from the sum if the node has pods which matches the corresponding podAffinityTerm; the\nnode(s) with the highest sum are the most preferred.", - "items": { - "description": "The weights of all of the matched WeightedPodAffinityTerm fields are added per-node to find the most preferred node(s)", - "properties": { - "podAffinityTerm": { - "description": "Required. A pod affinity term, associated with the corresponding weight.", + "requiredDuringSchedulingIgnoredDuringExecution": { + "description": "If the anti-affinity requirements specified by this field are not met at\nscheduling time, the pod will not be scheduled onto the node.\nIf the anti-affinity requirements specified by this field cease to be met\nat some point during pod execution (e.g. due to a pod label update), the\nsystem may or may not try to eventually evict the pod from its node.\nWhen there are multiple elements, the lists of nodes corresponding to each\npodAffinityTerm are intersected, i.e. all terms must be satisfied.", + "items": { + "description": "Defines a set of pods (namely those matching the labelSelector\nrelative to the given namespace(s)) that this pod should be\nco-located (affinity) or not co-located (anti-affinity) with,\nwhere co-located is defined as running on a node whose value of\nthe label with key matches that of any node on which\na pod of the set of pods is running", "properties": { "labelSelector": { "description": "A label query over a set of resources, in this case pods.\nIf it's null, this PodAffinityTerm matches with no Pods.", @@ -81219,395 +81475,395 @@ ], "type": "object" }, - "weight": { - "description": "weight associated with matching the corresponding podAffinityTerm,\nin the range 1-100.", - "format": "int32", - "type": "integer" - } - }, - "required": [ - "podAffinityTerm", - "weight" - ], - "type": "object" - }, - "type": "array", - "x-kubernetes-list-type": "atomic" - }, - "requiredDuringSchedulingIgnoredDuringExecution": { - "description": "If the anti-affinity requirements specified by this field are not met at\nscheduling time, the pod will not be scheduled onto the node.\nIf the anti-affinity requirements specified by this field cease to be met\nat some point during pod execution (e.g. due to a pod label update), the\nsystem may or may not try to eventually evict the pod from its node.\nWhen there are multiple elements, the lists of nodes corresponding to each\npodAffinityTerm are intersected, i.e. all terms must be satisfied.", - "items": { - "description": "Defines a set of pods (namely those matching the labelSelector\nrelative to the given namespace(s)) that this pod should be\nco-located (affinity) or not co-located (anti-affinity) with,\nwhere co-located is defined as running on a node whose value of\nthe label with key matches that of any node on which\na pod of the set of pods is running", - "properties": { - "labelSelector": { - "description": "A label query over a set of resources, in this case pods.\nIf it's null, this PodAffinityTerm matches with no Pods.", - "properties": { - "matchExpressions": { - "description": "matchExpressions is a list of label selector requirements. The requirements are ANDed.", - "items": { - "description": "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values.", - "properties": { - "key": { - "description": "key is the label key that the selector applies to.", - "type": "string" - }, - "operator": { - "description": "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist.", - "type": "string" - }, - "values": { - "description": "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch.", - "items": { - "type": "string" - }, - "type": "array", - "x-kubernetes-list-type": "atomic" - } - }, - "required": [ - "key", - "operator" - ], - "type": "object" - }, - "type": "array", - "x-kubernetes-list-type": "atomic" - }, - "matchLabels": { - "additionalProperties": { - "type": "string" - }, - "description": "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed.", - "type": "object" - } - }, - "type": "object", - "x-kubernetes-map-type": "atomic" - }, - "matchLabelKeys": { - "description": "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set.", - "items": { - "type": "string" - }, - "type": "array", - "x-kubernetes-list-type": "atomic" - }, - "mismatchLabelKeys": { - "description": "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set.", - "items": { - "type": "string" - }, - "type": "array", - "x-kubernetes-list-type": "atomic" - }, - "namespaceSelector": { - "description": "A label query over the set of namespaces that the term applies to.\nThe term is applied to the union of the namespaces selected by this field\nand the ones listed in the namespaces field.\nnull selector and null or empty namespaces list means \"this pod's namespace\".\nAn empty selector ({}) matches all namespaces.", - "properties": { - "matchExpressions": { - "description": "matchExpressions is a list of label selector requirements. The requirements are ANDed.", - "items": { - "description": "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values.", - "properties": { - "key": { - "description": "key is the label key that the selector applies to.", - "type": "string" - }, - "operator": { - "description": "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist.", - "type": "string" - }, - "values": { - "description": "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch.", - "items": { - "type": "string" - }, - "type": "array", - "x-kubernetes-list-type": "atomic" - } - }, - "required": [ - "key", - "operator" - ], - "type": "object" - }, - "type": "array", - "x-kubernetes-list-type": "atomic" - }, - "matchLabels": { - "additionalProperties": { - "type": "string" - }, - "description": "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed.", - "type": "object" - } - }, - "type": "object", - "x-kubernetes-map-type": "atomic" - }, - "namespaces": { - "description": "namespaces specifies a static list of namespace names that the term applies to.\nThe term is applied to the union of the namespaces listed in this field\nand the ones selected by namespaceSelector.\nnull or empty namespaces list and null namespaceSelector means \"this pod's namespace\".", - "items": { - "type": "string" - }, - "type": "array", - "x-kubernetes-list-type": "atomic" - }, - "topologyKey": { - "description": "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching\nthe labelSelector in the specified namespaces, where co-located is defined as running on a node\nwhose value of the label with key topologyKey matches that of any node on which any of the\nselected pods is running.\nEmpty topologyKey is not allowed.", - "type": "string" - } - }, - "required": [ - "topologyKey" - ], - "type": "object" + "type": "array", + "x-kubernetes-list-type": "atomic" + } }, - "type": "array", - "x-kubernetes-list-type": "atomic" + "type": "object" } }, "type": "object" - } - }, - "type": "object" - }, - "nodeSelector": { - "additionalProperties": { - "type": "string" - }, - "description": "nodeSelector is the node selector applied to the relevant kind of pods\nIt specifies a map of key-value pairs: for the pod to be eligible to run on a node,\nthe node must have each of the indicated key-value pairs as labels\n(it can have additional labels as well).\nSee https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#nodeselector", - "type": "object" - }, - "tolerations": { - "description": "tolerations is a list of tolerations applied to the relevant kind of pods\nSee https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/ for more info.\nThese are additional tolerations other than default ones.", - "items": { - "description": "The pod this Toleration is attached to tolerates any taint that matches\nthe triple using the matching operator .", - "properties": { - "effect": { - "description": "Effect indicates the taint effect to match. Empty means match all taint effects.\nWhen specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute.", - "type": "string" - }, - "key": { - "description": "Key is the taint key that the toleration applies to. Empty means match all taint keys.\nIf the key is empty, operator must be Exists; this combination means to match all values and all keys.", - "type": "string" - }, - "operator": { - "description": "Operator represents a key's relationship to the value.\nValid operators are Exists, Equal, Lt, and Gt. Defaults to Equal.\nExists is equivalent to wildcard for value, so that a pod can\ntolerate all taints of a particular category.\nLt and Gt perform numeric comparisons (requires feature gate TaintTolerationComparisonOperators).", + }, + "nodeSelector": { + "additionalProperties": { "type": "string" }, - "tolerationSeconds": { - "description": "TolerationSeconds represents the period of time the toleration (which must be\nof effect NoExecute, otherwise this field is ignored) tolerates the taint. By default,\nit is not set, which means tolerate the taint forever (do not evict). Zero and\nnegative values will be treated as 0 (evict immediately) by the system.", - "format": "int64", - "type": "integer" - }, - "value": { - "description": "Value is the taint value the toleration matches to.\nIf the operator is Exists, the value should be empty, otherwise just a regular string.", - "type": "string" - } + "description": "nodeSelector is the node selector applied to the relevant kind of pods\nIt specifies a map of key-value pairs: for the pod to be eligible to run on a node,\nthe node must have each of the indicated key-value pairs as labels\n(it can have additional labels as well).\nSee https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#nodeselector", + "type": "object" }, - "type": "object" + "tolerations": { + "description": "tolerations is a list of tolerations applied to the relevant kind of pods\nSee https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/ for more info.\nThese are additional tolerations other than default ones.", + "items": { + "description": "The pod this Toleration is attached to tolerates any taint that matches\nthe triple using the matching operator .", + "properties": { + "effect": { + "description": "Effect indicates the taint effect to match. Empty means match all taint effects.\nWhen specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute.", + "type": "string" + }, + "key": { + "description": "Key is the taint key that the toleration applies to. Empty means match all taint keys.\nIf the key is empty, operator must be Exists; this combination means to match all values and all keys.", + "type": "string" + }, + "operator": { + "description": "Operator represents a key's relationship to the value.\nValid operators are Exists, Equal, Lt, and Gt. Defaults to Equal.\nExists is equivalent to wildcard for value, so that a pod can\ntolerate all taints of a particular category.\nLt and Gt perform numeric comparisons (requires feature gate TaintTolerationComparisonOperators).", + "type": "string" + }, + "tolerationSeconds": { + "description": "TolerationSeconds represents the period of time the toleration (which must be\nof effect NoExecute, otherwise this field is ignored) tolerates the taint. By default,\nit is not set, which means tolerate the taint forever (do not evict). Zero and\nnegative values will be treated as 0 (evict immediately) by the system.", + "format": "int64", + "type": "integer" + }, + "value": { + "description": "Value is the taint value the toleration matches to.\nIf the operator is Exists, the value should be empty, otherwise just a regular string.", + "type": "string" + } + }, + "type": "object" + }, + "type": "array" + } }, - "type": "array" - } - }, - "type": "object" - }, - "workload": { - "description": "Workload describes node scheduling configuration for workload entities", - "properties": { - "affinity": { - "description": "affinity enables pod affinity/anti-affinity placement expanding the types of constraints\nthat can be expressed with nodeSelector.\naffinity is going to be applied to the relevant kind of pods in parallel with nodeSelector\nSee https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#affinity-and-anti-affinity", + "type": "object" + }, + "workload": { + "description": "Workload describes node scheduling configuration for workload entities", "properties": { - "nodeAffinity": { - "description": "Describes node affinity scheduling rules for the pod.", + "affinity": { + "description": "affinity enables pod affinity/anti-affinity placement expanding the types of constraints\nthat can be expressed with nodeSelector.\naffinity is going to be applied to the relevant kind of pods in parallel with nodeSelector\nSee https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#affinity-and-anti-affinity", "properties": { - "preferredDuringSchedulingIgnoredDuringExecution": { - "description": "The scheduler will prefer to schedule pods to nodes that satisfy\nthe affinity expressions specified by this field, but it may choose\na node that violates one or more of the expressions. The node that is\nmost preferred is the one with the greatest sum of weights, i.e.\nfor each node that meets all of the scheduling requirements (resource\nrequest, requiredDuringScheduling affinity expressions, etc.),\ncompute a sum by iterating through the elements of this field and adding\n\"weight\" to the sum if the node matches the corresponding matchExpressions; the\nnode(s) with the highest sum are the most preferred.", - "items": { - "description": "An empty preferred scheduling term matches all objects with implicit weight 0\n(i.e. it's a no-op). A null preferred scheduling term matches no objects (i.e. is also a no-op).", - "properties": { - "preference": { - "description": "A node selector term, associated with the corresponding weight.", + "nodeAffinity": { + "description": "Describes node affinity scheduling rules for the pod.", + "properties": { + "preferredDuringSchedulingIgnoredDuringExecution": { + "description": "The scheduler will prefer to schedule pods to nodes that satisfy\nthe affinity expressions specified by this field, but it may choose\na node that violates one or more of the expressions. The node that is\nmost preferred is the one with the greatest sum of weights, i.e.\nfor each node that meets all of the scheduling requirements (resource\nrequest, requiredDuringScheduling affinity expressions, etc.),\ncompute a sum by iterating through the elements of this field and adding\n\"weight\" to the sum if the node matches the corresponding matchExpressions; the\nnode(s) with the highest sum are the most preferred.", + "items": { + "description": "An empty preferred scheduling term matches all objects with implicit weight 0\n(i.e. it's a no-op). A null preferred scheduling term matches no objects (i.e. is also a no-op).", "properties": { - "matchExpressions": { - "description": "A list of node selector requirements by node's labels.", - "items": { - "description": "A node selector requirement is a selector that contains values, a key, and an operator\nthat relates the key and values.", - "properties": { - "key": { - "description": "The label key that the selector applies to.", - "type": "string" - }, - "operator": { - "description": "Represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt.", - "type": "string" - }, - "values": { - "description": "An array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. If the operator is Gt or Lt, the values\narray must have a single element, which will be interpreted as an integer.\nThis array is replaced during a strategic merge patch.", - "items": { - "type": "string" + "preference": { + "description": "A node selector term, associated with the corresponding weight.", + "properties": { + "matchExpressions": { + "description": "A list of node selector requirements by node's labels.", + "items": { + "description": "A node selector requirement is a selector that contains values, a key, and an operator\nthat relates the key and values.", + "properties": { + "key": { + "description": "The label key that the selector applies to.", + "type": "string" + }, + "operator": { + "description": "Represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt.", + "type": "string" + }, + "values": { + "description": "An array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. If the operator is Gt or Lt, the values\narray must have a single element, which will be interpreted as an integer.\nThis array is replaced during a strategic merge patch.", + "items": { + "type": "string" + }, + "type": "array", + "x-kubernetes-list-type": "atomic" + } }, - "type": "array", - "x-kubernetes-list-type": "atomic" - } - }, - "required": [ - "key", - "operator" - ], - "type": "object" - }, - "type": "array", - "x-kubernetes-list-type": "atomic" - }, - "matchFields": { - "description": "A list of node selector requirements by node's fields.", - "items": { - "description": "A node selector requirement is a selector that contains values, a key, and an operator\nthat relates the key and values.", - "properties": { - "key": { - "description": "The label key that the selector applies to.", - "type": "string" - }, - "operator": { - "description": "Represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt.", - "type": "string" + "required": [ + "key", + "operator" + ], + "type": "object" }, - "values": { - "description": "An array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. If the operator is Gt or Lt, the values\narray must have a single element, which will be interpreted as an integer.\nThis array is replaced during a strategic merge patch.", - "items": { - "type": "string" - }, - "type": "array", - "x-kubernetes-list-type": "atomic" - } + "type": "array", + "x-kubernetes-list-type": "atomic" }, - "required": [ - "key", - "operator" - ], - "type": "object" + "matchFields": { + "description": "A list of node selector requirements by node's fields.", + "items": { + "description": "A node selector requirement is a selector that contains values, a key, and an operator\nthat relates the key and values.", + "properties": { + "key": { + "description": "The label key that the selector applies to.", + "type": "string" + }, + "operator": { + "description": "Represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt.", + "type": "string" + }, + "values": { + "description": "An array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. If the operator is Gt or Lt, the values\narray must have a single element, which will be interpreted as an integer.\nThis array is replaced during a strategic merge patch.", + "items": { + "type": "string" + }, + "type": "array", + "x-kubernetes-list-type": "atomic" + } + }, + "required": [ + "key", + "operator" + ], + "type": "object" + }, + "type": "array", + "x-kubernetes-list-type": "atomic" + } }, - "type": "array", - "x-kubernetes-list-type": "atomic" + "type": "object", + "x-kubernetes-map-type": "atomic" + }, + "weight": { + "description": "Weight associated with matching the corresponding nodeSelectorTerm, in the range 1-100.", + "format": "int32", + "type": "integer" } }, - "type": "object", - "x-kubernetes-map-type": "atomic" + "required": [ + "preference", + "weight" + ], + "type": "object" }, - "weight": { - "description": "Weight associated with matching the corresponding nodeSelectorTerm, in the range 1-100.", - "format": "int32", - "type": "integer" - } + "type": "array", + "x-kubernetes-list-type": "atomic" }, - "required": [ - "preference", - "weight" - ], - "type": "object" + "requiredDuringSchedulingIgnoredDuringExecution": { + "description": "If the affinity requirements specified by this field are not met at\nscheduling time, the pod will not be scheduled onto the node.\nIf the affinity requirements specified by this field cease to be met\nat some point during pod execution (e.g. due to an update), the system\nmay or may not try to eventually evict the pod from its node.", + "properties": { + "nodeSelectorTerms": { + "description": "Required. A list of node selector terms. The terms are ORed.", + "items": { + "description": "A null or empty node selector term matches no objects. The requirements of\nthem are ANDed.\nThe TopologySelectorTerm type implements a subset of the NodeSelectorTerm.", + "properties": { + "matchExpressions": { + "description": "A list of node selector requirements by node's labels.", + "items": { + "description": "A node selector requirement is a selector that contains values, a key, and an operator\nthat relates the key and values.", + "properties": { + "key": { + "description": "The label key that the selector applies to.", + "type": "string" + }, + "operator": { + "description": "Represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt.", + "type": "string" + }, + "values": { + "description": "An array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. If the operator is Gt or Lt, the values\narray must have a single element, which will be interpreted as an integer.\nThis array is replaced during a strategic merge patch.", + "items": { + "type": "string" + }, + "type": "array", + "x-kubernetes-list-type": "atomic" + } + }, + "required": [ + "key", + "operator" + ], + "type": "object" + }, + "type": "array", + "x-kubernetes-list-type": "atomic" + }, + "matchFields": { + "description": "A list of node selector requirements by node's fields.", + "items": { + "description": "A node selector requirement is a selector that contains values, a key, and an operator\nthat relates the key and values.", + "properties": { + "key": { + "description": "The label key that the selector applies to.", + "type": "string" + }, + "operator": { + "description": "Represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt.", + "type": "string" + }, + "values": { + "description": "An array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. If the operator is Gt or Lt, the values\narray must have a single element, which will be interpreted as an integer.\nThis array is replaced during a strategic merge patch.", + "items": { + "type": "string" + }, + "type": "array", + "x-kubernetes-list-type": "atomic" + } + }, + "required": [ + "key", + "operator" + ], + "type": "object" + }, + "type": "array", + "x-kubernetes-list-type": "atomic" + } + }, + "type": "object", + "x-kubernetes-map-type": "atomic" + }, + "type": "array", + "x-kubernetes-list-type": "atomic" + } + }, + "required": [ + "nodeSelectorTerms" + ], + "type": "object", + "x-kubernetes-map-type": "atomic" + } }, - "type": "array", - "x-kubernetes-list-type": "atomic" + "type": "object" }, - "requiredDuringSchedulingIgnoredDuringExecution": { - "description": "If the affinity requirements specified by this field are not met at\nscheduling time, the pod will not be scheduled onto the node.\nIf the affinity requirements specified by this field cease to be met\nat some point during pod execution (e.g. due to an update), the system\nmay or may not try to eventually evict the pod from its node.", + "podAffinity": { + "description": "Describes pod affinity scheduling rules (e.g. co-locate this pod in the same node, zone, etc. as some other pod(s)).", "properties": { - "nodeSelectorTerms": { - "description": "Required. A list of node selector terms. The terms are ORed.", + "preferredDuringSchedulingIgnoredDuringExecution": { + "description": "The scheduler will prefer to schedule pods to nodes that satisfy\nthe affinity expressions specified by this field, but it may choose\na node that violates one or more of the expressions. The node that is\nmost preferred is the one with the greatest sum of weights, i.e.\nfor each node that meets all of the scheduling requirements (resource\nrequest, requiredDuringScheduling affinity expressions, etc.),\ncompute a sum by iterating through the elements of this field and adding\n\"weight\" to the sum if the node has pods which matches the corresponding podAffinityTerm; the\nnode(s) with the highest sum are the most preferred.", "items": { - "description": "A null or empty node selector term matches no objects. The requirements of\nthem are ANDed.\nThe TopologySelectorTerm type implements a subset of the NodeSelectorTerm.", + "description": "The weights of all of the matched WeightedPodAffinityTerm fields are added per-node to find the most preferred node(s)", "properties": { - "matchExpressions": { - "description": "A list of node selector requirements by node's labels.", - "items": { - "description": "A node selector requirement is a selector that contains values, a key, and an operator\nthat relates the key and values.", - "properties": { - "key": { - "description": "The label key that the selector applies to.", - "type": "string" + "podAffinityTerm": { + "description": "Required. A pod affinity term, associated with the corresponding weight.", + "properties": { + "labelSelector": { + "description": "A label query over a set of resources, in this case pods.\nIf it's null, this PodAffinityTerm matches with no Pods.", + "properties": { + "matchExpressions": { + "description": "matchExpressions is a list of label selector requirements. The requirements are ANDed.", + "items": { + "description": "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values.", + "properties": { + "key": { + "description": "key is the label key that the selector applies to.", + "type": "string" + }, + "operator": { + "description": "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist.", + "type": "string" + }, + "values": { + "description": "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch.", + "items": { + "type": "string" + }, + "type": "array", + "x-kubernetes-list-type": "atomic" + } + }, + "required": [ + "key", + "operator" + ], + "type": "object" + }, + "type": "array", + "x-kubernetes-list-type": "atomic" + }, + "matchLabels": { + "additionalProperties": { + "type": "string" + }, + "description": "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed.", + "type": "object" + } }, - "operator": { - "description": "Represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt.", + "type": "object", + "x-kubernetes-map-type": "atomic" + }, + "matchLabelKeys": { + "description": "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set.", + "items": { "type": "string" }, - "values": { - "description": "An array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. If the operator is Gt or Lt, the values\narray must have a single element, which will be interpreted as an integer.\nThis array is replaced during a strategic merge patch.", - "items": { - "type": "string" - }, - "type": "array", - "x-kubernetes-list-type": "atomic" - } + "type": "array", + "x-kubernetes-list-type": "atomic" }, - "required": [ - "key", - "operator" - ], - "type": "object" - }, - "type": "array", - "x-kubernetes-list-type": "atomic" - }, - "matchFields": { - "description": "A list of node selector requirements by node's fields.", - "items": { - "description": "A node selector requirement is a selector that contains values, a key, and an operator\nthat relates the key and values.", - "properties": { - "key": { - "description": "The label key that the selector applies to.", + "mismatchLabelKeys": { + "description": "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set.", + "items": { "type": "string" }, - "operator": { - "description": "Represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt.", + "type": "array", + "x-kubernetes-list-type": "atomic" + }, + "namespaceSelector": { + "description": "A label query over the set of namespaces that the term applies to.\nThe term is applied to the union of the namespaces selected by this field\nand the ones listed in the namespaces field.\nnull selector and null or empty namespaces list means \"this pod's namespace\".\nAn empty selector ({}) matches all namespaces.", + "properties": { + "matchExpressions": { + "description": "matchExpressions is a list of label selector requirements. The requirements are ANDed.", + "items": { + "description": "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values.", + "properties": { + "key": { + "description": "key is the label key that the selector applies to.", + "type": "string" + }, + "operator": { + "description": "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist.", + "type": "string" + }, + "values": { + "description": "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch.", + "items": { + "type": "string" + }, + "type": "array", + "x-kubernetes-list-type": "atomic" + } + }, + "required": [ + "key", + "operator" + ], + "type": "object" + }, + "type": "array", + "x-kubernetes-list-type": "atomic" + }, + "matchLabels": { + "additionalProperties": { + "type": "string" + }, + "description": "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed.", + "type": "object" + } + }, + "type": "object", + "x-kubernetes-map-type": "atomic" + }, + "namespaces": { + "description": "namespaces specifies a static list of namespace names that the term applies to.\nThe term is applied to the union of the namespaces listed in this field\nand the ones selected by namespaceSelector.\nnull or empty namespaces list and null namespaceSelector means \"this pod's namespace\".", + "items": { "type": "string" }, - "values": { - "description": "An array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. If the operator is Gt or Lt, the values\narray must have a single element, which will be interpreted as an integer.\nThis array is replaced during a strategic merge patch.", - "items": { - "type": "string" - }, - "type": "array", - "x-kubernetes-list-type": "atomic" - } + "type": "array", + "x-kubernetes-list-type": "atomic" }, - "required": [ - "key", - "operator" - ], - "type": "object" + "topologyKey": { + "description": "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching\nthe labelSelector in the specified namespaces, where co-located is defined as running on a node\nwhose value of the label with key topologyKey matches that of any node on which any of the\nselected pods is running.\nEmpty topologyKey is not allowed.", + "type": "string" + } }, - "type": "array", - "x-kubernetes-list-type": "atomic" + "required": [ + "topologyKey" + ], + "type": "object" + }, + "weight": { + "description": "weight associated with matching the corresponding podAffinityTerm,\nin the range 1-100.", + "format": "int32", + "type": "integer" } }, - "type": "object", - "x-kubernetes-map-type": "atomic" + "required": [ + "podAffinityTerm", + "weight" + ], + "type": "object" }, "type": "array", "x-kubernetes-list-type": "atomic" - } - }, - "required": [ - "nodeSelectorTerms" - ], - "type": "object", - "x-kubernetes-map-type": "atomic" - } - }, - "type": "object" - }, - "podAffinity": { - "description": "Describes pod affinity scheduling rules (e.g. co-locate this pod in the same node, zone, etc. as some other pod(s)).", - "properties": { - "preferredDuringSchedulingIgnoredDuringExecution": { - "description": "The scheduler will prefer to schedule pods to nodes that satisfy\nthe affinity expressions specified by this field, but it may choose\na node that violates one or more of the expressions. The node that is\nmost preferred is the one with the greatest sum of weights, i.e.\nfor each node that meets all of the scheduling requirements (resource\nrequest, requiredDuringScheduling affinity expressions, etc.),\ncompute a sum by iterating through the elements of this field and adding\n\"weight\" to the sum if the node has pods which matches the corresponding podAffinityTerm; the\nnode(s) with the highest sum are the most preferred.", - "items": { - "description": "The weights of all of the matched WeightedPodAffinityTerm fields are added per-node to find the most preferred node(s)", - "properties": { - "podAffinityTerm": { - "description": "Required. A pod affinity term, associated with the corresponding weight.", + }, + "requiredDuringSchedulingIgnoredDuringExecution": { + "description": "If the affinity requirements specified by this field are not met at\nscheduling time, the pod will not be scheduled onto the node.\nIf the affinity requirements specified by this field cease to be met\nat some point during pod execution (e.g. due to a pod label update), the\nsystem may or may not try to eventually evict the pod from its node.\nWhen there are multiple elements, the lists of nodes corresponding to each\npodAffinityTerm are intersected, i.e. all terms must be satisfied.", + "items": { + "description": "Defines a set of pods (namely those matching the labelSelector\nrelative to the given namespace(s)) that this pod should be\nco-located (affinity) or not co-located (anti-affinity) with,\nwhere co-located is defined as running on a node whose value of\nthe label with key matches that of any node on which\na pod of the set of pods is running", "properties": { "labelSelector": { "description": "A label query over a set of resources, in this case pods.\nIf it's null, this PodAffinityTerm matches with no Pods.", @@ -81733,166 +81989,166 @@ ], "type": "object" }, - "weight": { - "description": "weight associated with matching the corresponding podAffinityTerm,\nin the range 1-100.", - "format": "int32", - "type": "integer" - } - }, - "required": [ - "podAffinityTerm", - "weight" - ], - "type": "object" + "type": "array", + "x-kubernetes-list-type": "atomic" + } }, - "type": "array", - "x-kubernetes-list-type": "atomic" + "type": "object" }, - "requiredDuringSchedulingIgnoredDuringExecution": { - "description": "If the affinity requirements specified by this field are not met at\nscheduling time, the pod will not be scheduled onto the node.\nIf the affinity requirements specified by this field cease to be met\nat some point during pod execution (e.g. due to a pod label update), the\nsystem may or may not try to eventually evict the pod from its node.\nWhen there are multiple elements, the lists of nodes corresponding to each\npodAffinityTerm are intersected, i.e. all terms must be satisfied.", - "items": { - "description": "Defines a set of pods (namely those matching the labelSelector\nrelative to the given namespace(s)) that this pod should be\nco-located (affinity) or not co-located (anti-affinity) with,\nwhere co-located is defined as running on a node whose value of\nthe label with key matches that of any node on which\na pod of the set of pods is running", - "properties": { - "labelSelector": { - "description": "A label query over a set of resources, in this case pods.\nIf it's null, this PodAffinityTerm matches with no Pods.", + "podAntiAffinity": { + "description": "Describes pod anti-affinity scheduling rules (e.g. avoid putting this pod in the same node, zone, etc. as some other pod(s)).", + "properties": { + "preferredDuringSchedulingIgnoredDuringExecution": { + "description": "The scheduler will prefer to schedule pods to nodes that satisfy\nthe anti-affinity expressions specified by this field, but it may choose\na node that violates one or more of the expressions. The node that is\nmost preferred is the one with the greatest sum of weights, i.e.\nfor each node that meets all of the scheduling requirements (resource\nrequest, requiredDuringScheduling anti-affinity expressions, etc.),\ncompute a sum by iterating through the elements of this field and subtracting\n\"weight\" from the sum if the node has pods which matches the corresponding podAffinityTerm; the\nnode(s) with the highest sum are the most preferred.", + "items": { + "description": "The weights of all of the matched WeightedPodAffinityTerm fields are added per-node to find the most preferred node(s)", "properties": { - "matchExpressions": { - "description": "matchExpressions is a list of label selector requirements. The requirements are ANDed.", - "items": { - "description": "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values.", - "properties": { - "key": { - "description": "key is the label key that the selector applies to.", + "podAffinityTerm": { + "description": "Required. A pod affinity term, associated with the corresponding weight.", + "properties": { + "labelSelector": { + "description": "A label query over a set of resources, in this case pods.\nIf it's null, this PodAffinityTerm matches with no Pods.", + "properties": { + "matchExpressions": { + "description": "matchExpressions is a list of label selector requirements. The requirements are ANDed.", + "items": { + "description": "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values.", + "properties": { + "key": { + "description": "key is the label key that the selector applies to.", + "type": "string" + }, + "operator": { + "description": "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist.", + "type": "string" + }, + "values": { + "description": "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch.", + "items": { + "type": "string" + }, + "type": "array", + "x-kubernetes-list-type": "atomic" + } + }, + "required": [ + "key", + "operator" + ], + "type": "object" + }, + "type": "array", + "x-kubernetes-list-type": "atomic" + }, + "matchLabels": { + "additionalProperties": { + "type": "string" + }, + "description": "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed.", + "type": "object" + } + }, + "type": "object", + "x-kubernetes-map-type": "atomic" + }, + "matchLabelKeys": { + "description": "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set.", + "items": { "type": "string" }, - "operator": { - "description": "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist.", + "type": "array", + "x-kubernetes-list-type": "atomic" + }, + "mismatchLabelKeys": { + "description": "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set.", + "items": { "type": "string" }, - "values": { - "description": "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch.", - "items": { - "type": "string" - }, - "type": "array", - "x-kubernetes-list-type": "atomic" - } + "type": "array", + "x-kubernetes-list-type": "atomic" }, - "required": [ - "key", - "operator" - ], - "type": "object" - }, - "type": "array", - "x-kubernetes-list-type": "atomic" - }, - "matchLabels": { - "additionalProperties": { - "type": "string" - }, - "description": "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed.", - "type": "object" - } - }, - "type": "object", - "x-kubernetes-map-type": "atomic" - }, - "matchLabelKeys": { - "description": "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set.", - "items": { - "type": "string" - }, - "type": "array", - "x-kubernetes-list-type": "atomic" - }, - "mismatchLabelKeys": { - "description": "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set.", - "items": { - "type": "string" - }, - "type": "array", - "x-kubernetes-list-type": "atomic" - }, - "namespaceSelector": { - "description": "A label query over the set of namespaces that the term applies to.\nThe term is applied to the union of the namespaces selected by this field\nand the ones listed in the namespaces field.\nnull selector and null or empty namespaces list means \"this pod's namespace\".\nAn empty selector ({}) matches all namespaces.", - "properties": { - "matchExpressions": { - "description": "matchExpressions is a list of label selector requirements. The requirements are ANDed.", - "items": { - "description": "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values.", - "properties": { - "key": { - "description": "key is the label key that the selector applies to.", - "type": "string" + "namespaceSelector": { + "description": "A label query over the set of namespaces that the term applies to.\nThe term is applied to the union of the namespaces selected by this field\nand the ones listed in the namespaces field.\nnull selector and null or empty namespaces list means \"this pod's namespace\".\nAn empty selector ({}) matches all namespaces.", + "properties": { + "matchExpressions": { + "description": "matchExpressions is a list of label selector requirements. The requirements are ANDed.", + "items": { + "description": "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values.", + "properties": { + "key": { + "description": "key is the label key that the selector applies to.", + "type": "string" + }, + "operator": { + "description": "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist.", + "type": "string" + }, + "values": { + "description": "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch.", + "items": { + "type": "string" + }, + "type": "array", + "x-kubernetes-list-type": "atomic" + } + }, + "required": [ + "key", + "operator" + ], + "type": "object" + }, + "type": "array", + "x-kubernetes-list-type": "atomic" + }, + "matchLabels": { + "additionalProperties": { + "type": "string" + }, + "description": "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed.", + "type": "object" + } }, - "operator": { - "description": "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist.", + "type": "object", + "x-kubernetes-map-type": "atomic" + }, + "namespaces": { + "description": "namespaces specifies a static list of namespace names that the term applies to.\nThe term is applied to the union of the namespaces listed in this field\nand the ones selected by namespaceSelector.\nnull or empty namespaces list and null namespaceSelector means \"this pod's namespace\".", + "items": { "type": "string" }, - "values": { - "description": "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch.", - "items": { - "type": "string" - }, - "type": "array", - "x-kubernetes-list-type": "atomic" - } + "type": "array", + "x-kubernetes-list-type": "atomic" }, - "required": [ - "key", - "operator" - ], - "type": "object" - }, - "type": "array", - "x-kubernetes-list-type": "atomic" - }, - "matchLabels": { - "additionalProperties": { - "type": "string" + "topologyKey": { + "description": "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching\nthe labelSelector in the specified namespaces, where co-located is defined as running on a node\nwhose value of the label with key topologyKey matches that of any node on which any of the\nselected pods is running.\nEmpty topologyKey is not allowed.", + "type": "string" + } }, - "description": "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed.", + "required": [ + "topologyKey" + ], "type": "object" + }, + "weight": { + "description": "weight associated with matching the corresponding podAffinityTerm,\nin the range 1-100.", + "format": "int32", + "type": "integer" } }, - "type": "object", - "x-kubernetes-map-type": "atomic" - }, - "namespaces": { - "description": "namespaces specifies a static list of namespace names that the term applies to.\nThe term is applied to the union of the namespaces listed in this field\nand the ones selected by namespaceSelector.\nnull or empty namespaces list and null namespaceSelector means \"this pod's namespace\".", - "items": { - "type": "string" - }, - "type": "array", - "x-kubernetes-list-type": "atomic" + "required": [ + "podAffinityTerm", + "weight" + ], + "type": "object" }, - "topologyKey": { - "description": "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching\nthe labelSelector in the specified namespaces, where co-located is defined as running on a node\nwhose value of the label with key topologyKey matches that of any node on which any of the\nselected pods is running.\nEmpty topologyKey is not allowed.", - "type": "string" - } + "type": "array", + "x-kubernetes-list-type": "atomic" }, - "required": [ - "topologyKey" - ], - "type": "object" - }, - "type": "array", - "x-kubernetes-list-type": "atomic" - } - }, - "type": "object" - }, - "podAntiAffinity": { - "description": "Describes pod anti-affinity scheduling rules (e.g. avoid putting this pod in the same node, zone, etc. as some other pod(s)).", - "properties": { - "preferredDuringSchedulingIgnoredDuringExecution": { - "description": "The scheduler will prefer to schedule pods to nodes that satisfy\nthe anti-affinity expressions specified by this field, but it may choose\na node that violates one or more of the expressions. The node that is\nmost preferred is the one with the greatest sum of weights, i.e.\nfor each node that meets all of the scheduling requirements (resource\nrequest, requiredDuringScheduling anti-affinity expressions, etc.),\ncompute a sum by iterating through the elements of this field and subtracting\n\"weight\" from the sum if the node has pods which matches the corresponding podAffinityTerm; the\nnode(s) with the highest sum are the most preferred.", - "items": { - "description": "The weights of all of the matched WeightedPodAffinityTerm fields are added per-node to find the most preferred node(s)", - "properties": { - "podAffinityTerm": { - "description": "Required. A pod affinity term, associated with the corresponding weight.", + "requiredDuringSchedulingIgnoredDuringExecution": { + "description": "If the anti-affinity requirements specified by this field are not met at\nscheduling time, the pod will not be scheduled onto the node.\nIf the anti-affinity requirements specified by this field cease to be met\nat some point during pod execution (e.g. due to a pod label update), the\nsystem may or may not try to eventually evict the pod from its node.\nWhen there are multiple elements, the lists of nodes corresponding to each\npodAffinityTerm are intersected, i.e. all terms must be satisfied.", + "items": { + "description": "Defines a set of pods (namely those matching the labelSelector\nrelative to the given namespace(s)) that this pod should be\nco-located (affinity) or not co-located (anti-affinity) with,\nwhere co-located is defined as running on a node whose value of\nthe label with key matches that of any node on which\na pod of the set of pods is running", "properties": { "labelSelector": { "description": "A label query over a set of resources, in this case pods.\nIf it's null, this PodAffinityTerm matches with no Pods.", @@ -82018,198 +82274,196 @@ ], "type": "object" }, - "weight": { - "description": "weight associated with matching the corresponding podAffinityTerm,\nin the range 1-100.", - "format": "int32", - "type": "integer" - } - }, - "required": [ - "podAffinityTerm", - "weight" - ], - "type": "object" - }, - "type": "array", - "x-kubernetes-list-type": "atomic" - }, - "requiredDuringSchedulingIgnoredDuringExecution": { - "description": "If the anti-affinity requirements specified by this field are not met at\nscheduling time, the pod will not be scheduled onto the node.\nIf the anti-affinity requirements specified by this field cease to be met\nat some point during pod execution (e.g. due to a pod label update), the\nsystem may or may not try to eventually evict the pod from its node.\nWhen there are multiple elements, the lists of nodes corresponding to each\npodAffinityTerm are intersected, i.e. all terms must be satisfied.", - "items": { - "description": "Defines a set of pods (namely those matching the labelSelector\nrelative to the given namespace(s)) that this pod should be\nco-located (affinity) or not co-located (anti-affinity) with,\nwhere co-located is defined as running on a node whose value of\nthe label with key matches that of any node on which\na pod of the set of pods is running", - "properties": { - "labelSelector": { - "description": "A label query over a set of resources, in this case pods.\nIf it's null, this PodAffinityTerm matches with no Pods.", - "properties": { - "matchExpressions": { - "description": "matchExpressions is a list of label selector requirements. The requirements are ANDed.", - "items": { - "description": "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values.", - "properties": { - "key": { - "description": "key is the label key that the selector applies to.", - "type": "string" - }, - "operator": { - "description": "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist.", - "type": "string" - }, - "values": { - "description": "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch.", - "items": { - "type": "string" - }, - "type": "array", - "x-kubernetes-list-type": "atomic" - } - }, - "required": [ - "key", - "operator" - ], - "type": "object" - }, - "type": "array", - "x-kubernetes-list-type": "atomic" - }, - "matchLabels": { - "additionalProperties": { - "type": "string" - }, - "description": "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed.", - "type": "object" - } - }, - "type": "object", - "x-kubernetes-map-type": "atomic" - }, - "matchLabelKeys": { - "description": "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set.", - "items": { - "type": "string" - }, - "type": "array", - "x-kubernetes-list-type": "atomic" - }, - "mismatchLabelKeys": { - "description": "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set.", - "items": { - "type": "string" - }, - "type": "array", - "x-kubernetes-list-type": "atomic" - }, - "namespaceSelector": { - "description": "A label query over the set of namespaces that the term applies to.\nThe term is applied to the union of the namespaces selected by this field\nand the ones listed in the namespaces field.\nnull selector and null or empty namespaces list means \"this pod's namespace\".\nAn empty selector ({}) matches all namespaces.", - "properties": { - "matchExpressions": { - "description": "matchExpressions is a list of label selector requirements. The requirements are ANDed.", - "items": { - "description": "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values.", - "properties": { - "key": { - "description": "key is the label key that the selector applies to.", - "type": "string" - }, - "operator": { - "description": "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist.", - "type": "string" - }, - "values": { - "description": "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch.", - "items": { - "type": "string" - }, - "type": "array", - "x-kubernetes-list-type": "atomic" - } - }, - "required": [ - "key", - "operator" - ], - "type": "object" - }, - "type": "array", - "x-kubernetes-list-type": "atomic" - }, - "matchLabels": { - "additionalProperties": { - "type": "string" - }, - "description": "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed.", - "type": "object" - } - }, - "type": "object", - "x-kubernetes-map-type": "atomic" - }, - "namespaces": { - "description": "namespaces specifies a static list of namespace names that the term applies to.\nThe term is applied to the union of the namespaces listed in this field\nand the ones selected by namespaceSelector.\nnull or empty namespaces list and null namespaceSelector means \"this pod's namespace\".", - "items": { - "type": "string" - }, - "type": "array", - "x-kubernetes-list-type": "atomic" - }, - "topologyKey": { - "description": "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching\nthe labelSelector in the specified namespaces, where co-located is defined as running on a node\nwhose value of the label with key topologyKey matches that of any node on which any of the\nselected pods is running.\nEmpty topologyKey is not allowed.", - "type": "string" - } - }, - "required": [ - "topologyKey" - ], - "type": "object" + "type": "array", + "x-kubernetes-list-type": "atomic" + } }, - "type": "array", - "x-kubernetes-list-type": "atomic" + "type": "object" } }, "type": "object" + }, + "nodeSelector": { + "additionalProperties": { + "type": "string" + }, + "description": "nodeSelector is the node selector applied to the relevant kind of pods\nIt specifies a map of key-value pairs: for the pod to be eligible to run on a node,\nthe node must have each of the indicated key-value pairs as labels\n(it can have additional labels as well).\nSee https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#nodeselector", + "type": "object" + }, + "tolerations": { + "description": "tolerations is a list of tolerations applied to the relevant kind of pods\nSee https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/ for more info.\nThese are additional tolerations other than default ones.", + "items": { + "description": "The pod this Toleration is attached to tolerates any taint that matches\nthe triple using the matching operator .", + "properties": { + "effect": { + "description": "Effect indicates the taint effect to match. Empty means match all taint effects.\nWhen specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute.", + "type": "string" + }, + "key": { + "description": "Key is the taint key that the toleration applies to. Empty means match all taint keys.\nIf the key is empty, operator must be Exists; this combination means to match all values and all keys.", + "type": "string" + }, + "operator": { + "description": "Operator represents a key's relationship to the value.\nValid operators are Exists, Equal, Lt, and Gt. Defaults to Equal.\nExists is equivalent to wildcard for value, so that a pod can\ntolerate all taints of a particular category.\nLt and Gt perform numeric comparisons (requires feature gate TaintTolerationComparisonOperators).", + "type": "string" + }, + "tolerationSeconds": { + "description": "TolerationSeconds represents the period of time the toleration (which must be\nof effect NoExecute, otherwise this field is ignored) tolerates the taint. By default,\nit is not set, which means tolerate the taint forever (do not evict). Zero and\nnegative values will be treated as 0 (evict immediately) by the system.", + "format": "int64", + "type": "integer" + }, + "value": { + "description": "Value is the taint value the toleration matches to.\nIf the operator is Exists, the value should be empty, otherwise just a regular string.", + "type": "string" + } + }, + "type": "object" + }, + "type": "array" } }, "type": "object" + } + }, + "type": "object" + }, + "uninstallStrategy": { + "default": "BlockUninstallIfWorkloadsExist", + "description": "UninstallStrategy defines how to proceed on uninstall when workloads (VirtualMachines, DataVolumes) still exist.\nBlockUninstallIfWorkloadsExist will prevent the CR from being removed when workloads still exist.\nBlockUninstallIfWorkloadsExist is the safest choice to protect your workloads from accidental data loss, so it's strongly advised.\nRemoveWorkloads will cause all the workloads to be cascading deleted on uninstallation.\nWARNING: please notice that RemoveWorkloads will cause your workloads to be deleted as soon as this CR will be, even accidentally, deleted.\nPlease correctly consider the implications of this option before setting it.\nBlockUninstallIfWorkloadsExist is the default behavior.", + "enum": [ + "RemoveWorkloads", + "BlockUninstallIfWorkloadsExist" + ], + "type": "string" + } + }, + "type": "object" + }, + "featureGates": { + "description": "FeatureGates is a set of optional feature gates to enable or disable new\nfeatures that are not generally available yet.\nAdd a new FeatureGate Object to this set, to enable a feature that is\ndisabled by default, or to disable a feature that is enabled by default.\n\nA feature gate may be in the following phases:\n* alpha: the feature is in dev-preview. It is disabled by default, but can\n be enabled.\n* beta: the feature gate is in tech-preview. It is enabled by default, but\n can be disabled.\n* GA: the feature is graduated and is always enabled. There is no way to\n disable it.\n* deprecated: the feature is no longer supported. There is no way to enable\n it\n\nFeature-Gate list:\n* decentralizedLiveMigration:\n DecentralizedLiveMigration enables the decentralized live migration\n (cross-cluster migration) feature. This feature allows live migration of\n VirtualMachineInstances between different clusters. This feature is in\n Developer Preview.\n Phase: beta\n\n* videoConfig:\n VideoConfig allows users to configure video device types for their virtual\n machines. This can be useful for workloads that require specific video\n capabilities or architectures. Note: This feature is in Tech Preview.\n Phase: beta\n\n* alignCPUs:\n Enable KubeVirt to request up to two additional dedicated CPUs in order to\n complete the total CPU count to an even parity when using emulator thread\n isolation. Note: this feature is in Developer Preview.\n Phase: alpha\n\n* containerPathVolumes:\n ContainerPathVolumes enables the use of container paths as volumes in\n KubeVirt. This allows VMs to access files and directories from the\n virt-launcher pod's filesystem via virtiofs.\n Phase: alpha\n\n* declarativeHotplugVolumes:\n DeclarativeHotplugVolumes enables the use of the declarative volume\n hotplug feature in KubeVirt. When set to true, the\n \"DeclarativeHotplugVolumes\" feature gate is enabled instead of\n \"HotplugVolumes\". When set to false or nil, the \"HotplugVolumes\" feature\n gate is enabled (default behavior). This feature is in Developer Preview.\n Phase: alpha\n\n* deployKubeSecondaryDNS:\n Deploy KubeSecondaryDNS by CNAO\n Phase: alpha\n\n* disableMDevConfiguration:\n Disable mediated devices handling on KubeVirt\n Phase: alpha\n\n* downwardMetrics:\n Allow to expose a limited set of host metrics to guests.\n Phase: alpha\n\n* enableMultiArchBootImageImport:\n EnableMultiArchBootImageImport allows the HCO to run on heterogeneous\n clusters with different CPU architectures. Setting this field to true will\n allow the HCO to create Golden Images for different CPU architectures.\n This feature is in Developer Preview.\n Phase: alpha\n\n* incrementalBackup:\n IncrementalBackup enables changed block tracking backups and incremental\n backups using QEMU capabilities in KubeVirt. When enabled, this also\n enables the UtilityVolumes feature gate in the KubeVirt CR. Note: This\n feature is in Tech Preview.\n Phase: alpha\n\n* objectGraph:\n ObjectGraph enables the ObjectGraph VM and VMI subresource in KubeVirt.\n This subresource returns a structured list of k8s objects that are related\n to the specified VM or VMI, enabling better dependency tracking. Note:\n This feature is in Developer Preview.\n Phase: alpha\n\n* persistentReservation:\n Enable persistent reservation of a LUN through the SCSI Persistent Reserve\n commands on Kubevirt. In order to issue privileged SCSI ioctls, the VM\n requires activation of the persistent reservation flag. Once this feature\n gate is enabled, then the additional container with the qemu-pr-helper is\n deployed inside the virt-handler pod. Enabling (or removing) the feature\n gate causes the redeployment of the virt-handler pod.\n Phase: alpha\n\n* autoResourceLimits:\n Deprecated: this feature gate is ignored.\n Phase: deprecated\n\n* deployKubevirtIpamController:\n Deprecated: this feature gate is ignored.\n Phase: deprecated\n\n* deployTektonTaskResources:\n Deprecated: This feature gate is ignored.\n Phase: deprecated\n\n* deployVmConsoleProxy:\n Deprecated: This feature gate is ignored. Use spec.deployVmConsoleProxy\n instead\n Phase: deprecated\n\n* enableApplicationAwareQuota:\n Deprecated: This field is ignored and will be removed on the next version\n of the API. Use spec.enableApplicationAwareQuota instead\n Phase: deprecated\n\n* enableCommonBootImageImport:\n Deprecated: This feature gate is ignored. Use\n spec.enableCommonBootImageImport instead\n Phase: deprecated\n\n* enableManagedTenantQuota:\n Deprecated: This feature gate is ignored.\n Phase: deprecated\n\n* nonRoot:\n Deprecated: This feature gate is ignored.\n Phase: deprecated\n\n* primaryUserDefinedNetworkBinding:\n Deprecated: this feature gate is ignored.\n Phase: deprecated\n\n* withHostPassthroughCPU:\n Deprecated: This feature gate is ignored\n Phase: deprecated", + "items": { + "description": "FeatureGate is an optional feature gate to enable or disable a new feature that is not generally available yet.", + "properties": { + "name": { + "description": "Name is the feature gate name", + "type": "string" + }, + "state": { + "description": "State determines if the feature gate is Enabled, or Disabled. The default value is Enabled.", + "enum": [ + "Enabled", + "Disabled" + ], + "type": "string" + } + }, + "required": [ + "name" + ], + "type": "object" + }, + "type": "array" + }, + "networking": { + "description": "Networking contains all the configurations for networking", + "properties": { + "kubeMacPoolConfiguration": { + "description": "KubeMacPoolConfiguration holds kubemacpool MAC address range configuration.", + "properties": { + "rangeEnd": { + "description": "RangeEnd defines the last MAC address in the kubemacpool range.\nThe MAC address format should be AA:BB:CC:DD:EE:FF.", + "pattern": "^([0-9a-fA-F]{2}:){5}[0-9a-fA-F]{2}$", + "type": "string" }, - "nodeSelector": { - "additionalProperties": { + "rangeStart": { + "description": "RangeStart defines the first MAC address in the kubemacpool range.\nThe MAC address format should be AA:BB:CC:DD:EE:FF.", + "pattern": "^([0-9a-fA-F]{2}:){5}[0-9a-fA-F]{2}$", + "type": "string" + } + }, + "type": "object", + "x-kubernetes-validations": [ + { + "message": "both rangeStart and rangeEnd must be configured together, or both omitted", + "rule": "(has(self.rangeStart) && has(self.rangeEnd)) || (!has(self.rangeStart) && !has(self.rangeEnd))" + } + ] + }, + "kubeSecondaryDNSNameServerIP": { + "description": "KubeSecondaryDNSNameServerIP defines name server IP used by KubeSecondaryDNS", + "type": "string" + }, + "networkBinding": { + "additionalProperties": { + "properties": { + "computeResourceOverhead": { + "description": "ComputeResourceOverhead specifies the resource overhead that should be added to the compute container when using the binding.\nversion: v1alphav1", + "properties": { + "limits": { + "additionalProperties": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "string" + } + ], + "pattern": "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$", + "x-kubernetes-int-or-string": true + }, + "description": "Limits describes the maximum amount of compute resources allowed.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/", + "type": "object" + }, + "requests": { + "additionalProperties": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "string" + } + ], + "pattern": "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$", + "x-kubernetes-int-or-string": true + }, + "description": "Requests describes the minimum amount of compute resources required.\nIf Requests is omitted for a container, it defaults to Limits if that is explicitly specified,\notherwise to an implementation-defined value. Requests cannot exceed Limits.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/", + "type": "object" + } + }, + "type": "object" + }, + "domainAttachmentType": { + "description": "DomainAttachmentType is a standard domain network attachment method kubevirt supports.\nSupported values: \"tap\", \"managedTap\" (since v1.4).\nThe standard domain attachment can be used instead or in addition to the sidecarImage.\nversion: 1alphav1", "type": "string" }, - "description": "nodeSelector is the node selector applied to the relevant kind of pods\nIt specifies a map of key-value pairs: for the pod to be eligible to run on a node,\nthe node must have each of the indicated key-value pairs as labels\n(it can have additional labels as well).\nSee https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#nodeselector", - "type": "object" - }, - "tolerations": { - "description": "tolerations is a list of tolerations applied to the relevant kind of pods\nSee https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/ for more info.\nThese are additional tolerations other than default ones.", - "items": { - "description": "The pod this Toleration is attached to tolerates any taint that matches\nthe triple using the matching operator .", + "downwardAPI": { + "description": "DownwardAPI specifies what kind of data should be exposed to the binding plugin sidecar.\nSupported values: \"device-info\"\nversion: v1alphav1", + "type": "string" + }, + "migration": { + "description": "Migration means the VM using the plugin can be safely migrated\nversion: 1alphav1", "properties": { - "effect": { - "description": "Effect indicates the taint effect to match. Empty means match all taint effects.\nWhen specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute.", - "type": "string" - }, - "key": { - "description": "Key is the taint key that the toleration applies to. Empty means match all taint keys.\nIf the key is empty, operator must be Exists; this combination means to match all values and all keys.", - "type": "string" - }, - "operator": { - "description": "Operator represents a key's relationship to the value.\nValid operators are Exists, Equal, Lt, and Gt. Defaults to Equal.\nExists is equivalent to wildcard for value, so that a pod can\ntolerate all taints of a particular category.\nLt and Gt perform numeric comparisons (requires feature gate TaintTolerationComparisonOperators).", - "type": "string" - }, - "tolerationSeconds": { - "description": "TolerationSeconds represents the period of time the toleration (which must be\nof effect NoExecute, otherwise this field is ignored) tolerates the taint. By default,\nit is not set, which means tolerate the taint forever (do not evict). Zero and\nnegative values will be treated as 0 (evict immediately) by the system.", - "format": "int64", - "type": "integer" - }, - "value": { - "description": "Value is the taint value the toleration matches to.\nIf the operator is Exists, the value should be empty, otherwise just a regular string.", + "method": { + "description": "Method defines a pre-defined migration methodology\nversion: 1alphav1", "type": "string" } }, "type": "object" }, - "type": "array" - } + "networkAttachmentDefinition": { + "description": "NetworkAttachmentDefinition references to a NetworkAttachmentDefinition CR object.\nFormat: , /.\nIf namespace is not specified, VMI namespace is assumed.\nversion: 1alphav1", + "type": "string" + }, + "sidecarImage": { + "description": "SidecarImage references a container image that runs in the virt-launcher pod.\nThe sidecar handles (libvirt) domain configuration and optional services.\nversion: 1alphav1", + "type": "string" + } + }, + "type": "object" }, + "description": "NetworkBinding defines the network binding plugins.\nThose bindings can be used when defining virtual machine interfaces.", "type": "object" } }, @@ -82519,6 +82773,102 @@ "type": "object", "x-kubernetes-map-type": "atomic" }, + "changedBlockTrackingLabelSelectors": { + "description": "ChangedBlockTrackingLabelSelectors defines label selectors. VMs matching these selectors will have changed\nblock tracking enabled. Enabling changed block tracking is mandatory for performing incremental backups.", + "properties": { + "namespaceLabelSelector": { + "description": "NamespaceSelector will enable changedBlockTracking on all VMs running inside namespaces that match the label selector.", + "properties": { + "matchExpressions": { + "description": "matchExpressions is a list of label selector requirements. The requirements are ANDed.", + "items": { + "description": "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values.", + "properties": { + "key": { + "description": "key is the label key that the selector applies to.", + "type": "string" + }, + "operator": { + "description": "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist.", + "type": "string" + }, + "values": { + "description": "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch.", + "items": { + "type": "string" + }, + "type": "array", + "x-kubernetes-list-type": "atomic" + } + }, + "required": [ + "key", + "operator" + ], + "type": "object" + }, + "type": "array", + "x-kubernetes-list-type": "atomic" + }, + "matchLabels": { + "additionalProperties": { + "type": "string" + }, + "description": "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed.", + "type": "object" + } + }, + "type": "object", + "x-kubernetes-map-type": "atomic" + }, + "virtualMachineLabelSelector": { + "description": "VirtualMachineSelector will enable changedBlockTracking on all VMs that match the label selector.", + "properties": { + "matchExpressions": { + "description": "matchExpressions is a list of label selector requirements. The requirements are ANDed.", + "items": { + "description": "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values.", + "properties": { + "key": { + "description": "key is the label key that the selector applies to.", + "type": "string" + }, + "operator": { + "description": "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist.", + "type": "string" + }, + "values": { + "description": "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch.", + "items": { + "type": "string" + }, + "type": "array", + "x-kubernetes-list-type": "atomic" + } + }, + "required": [ + "key", + "operator" + ], + "type": "object" + }, + "type": "array", + "x-kubernetes-list-type": "atomic" + }, + "matchLabels": { + "additionalProperties": { + "type": "string" + }, + "description": "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed.", + "type": "object" + } + }, + "type": "object", + "x-kubernetes-map-type": "atomic" + } + }, + "type": "object" + }, "evictionStrategy": { "description": "EvictionStrategy defines at the cluster level if the VirtualMachineInstance should be\nmigrated instead of shut-off in case of a node drain. If the VirtualMachineInstance specific\nfield is set it overrides the cluster level one.\nAllowed values:\n- `None` no eviction strategy at cluster level.\n- `LiveMigrate` migrate the VM on eviction; a not live migratable VM with no specific strategy will block the drain of the node util manually evicted.\n- `LiveMigrateIfPossible` migrate the VM on eviction if live migration is possible, otherwise directly evict.\n- `External` block the drain, track eviction and notify an external controller.\nDefaults to LiveMigrate with multiple worker nodes, None on single worker clusters.", "enum": [ @@ -85094,6 +85444,102 @@ }, "type": "object" }, + "changedBlockTrackingLabelSelectors": { + "description": "ChangedBlockTrackingLabelSelectors defines label selectors. VMs matching these selectors will have changed\nblock tracking enabled. Enabling changed block tracking is mandatory for performing incremental backups.", + "properties": { + "namespaceLabelSelector": { + "description": "NamespaceSelector will enable changedBlockTracking on all VMs running inside namespaces that match the label selector.", + "properties": { + "matchExpressions": { + "description": "matchExpressions is a list of label selector requirements. The requirements are ANDed.", + "items": { + "description": "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values.", + "properties": { + "key": { + "description": "key is the label key that the selector applies to.", + "type": "string" + }, + "operator": { + "description": "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist.", + "type": "string" + }, + "values": { + "description": "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch.", + "items": { + "type": "string" + }, + "type": "array", + "x-kubernetes-list-type": "atomic" + } + }, + "required": [ + "key", + "operator" + ], + "type": "object" + }, + "type": "array", + "x-kubernetes-list-type": "atomic" + }, + "matchLabels": { + "additionalProperties": { + "type": "string" + }, + "description": "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed.", + "type": "object" + } + }, + "type": "object", + "x-kubernetes-map-type": "atomic" + }, + "virtualMachineLabelSelector": { + "description": "VirtualMachineSelector will enable changedBlockTracking on all VMs that match the label selector.", + "properties": { + "matchExpressions": { + "description": "matchExpressions is a list of label selector requirements. The requirements are ANDed.", + "items": { + "description": "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values.", + "properties": { + "key": { + "description": "key is the label key that the selector applies to.", + "type": "string" + }, + "operator": { + "description": "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist.", + "type": "string" + }, + "values": { + "description": "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch.", + "items": { + "type": "string" + }, + "type": "array", + "x-kubernetes-list-type": "atomic" + } + }, + "required": [ + "key", + "operator" + ], + "type": "object" + }, + "type": "array", + "x-kubernetes-list-type": "atomic" + }, + "matchLabels": { + "additionalProperties": { + "type": "string" + }, + "description": "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed.", + "type": "object" + } + }, + "type": "object", + "x-kubernetes-map-type": "atomic" + } + }, + "type": "object" + }, "commonBootImageNamespace": { "description": "CommonBootImageNamespace override the default namespace of the common boot images, in order to hide them.\n\nIf not set, HCO won't set any namespace, letting SSP to use the default. If set, use the namespace to create the\nDataImportCronTemplates and the common image streams, with this namespace. This field is not set by default.", "type": "string" @@ -90242,10 +90688,6 @@ }, "type": "object" }, - "snapshotPath": { - "description": "the path used to store snapshot volumes", - "type": "string" - }, "snapshotProvider": { "description": "SnapshotProvider defines the snapshot type, currently only reflink supported", "type": "string" @@ -91341,7 +91783,7 @@ ] }, "image.openshift.io/v1/Image": { - "description": "Image is an immutable representation of a container image and metadata at a point in time. Images are named by taking a hash of their contents (metadata and content) and any change in format, content, or metadata results in a new name. The images resource is primarily for use by cluster administrators and integrations like the cluster image registry - end users instead access images via the imagestreamtags or imagestreamimages resources. While image metadata is stored in the API, any integration that implements the container image registry API must provide its own storage for the raw manifest data, image config, and layer contents.\n\nCompatibility level 1: Stable within a major release for a minimum of 12 months or 3 minor releases (whichever is longer).", + "description": "Image is an immutable representation of a container image and its metadata at a point in time. Images are named by taking a hash of their contents (metadata and content) and any change in format, content, or metadata results in a new name. The images resource is primarily for use by cluster administrators and integrations like the cluster image registry - end users, instead, access images via the imagestreamtags or imagestreamimages resources. While image metadata is stored in the API, any integration that implements the container image registry API must provide its own storage for the raw manifest data, image config, and layer contents.\n\nCompatibility level 1: Stable within a major release for a minimum of 12 months or 3 minor releases (whichever is longer).", "namespaced": false, "properties": { "apiVersion": { @@ -91349,11 +91791,11 @@ "type": "string" }, "dockerImageConfig": { - "description": "DockerImageConfig is a JSON blob that the runtime uses to set up the container. This is a part of manifest schema v2. Will not be set when the image represents a manifest list.", + "description": "dockerImageConfig is a JSON blob that the runtime uses to set up the container. This is a part of manifest schema v2. Will not be set when the image represents a manifest list.", "type": "string" }, "dockerImageLayers": { - "description": "DockerImageLayers represents the layers in the image. May not be set if the image does not define that data or if the image represents a manifest list.", + "description": "dockerImageLayers represents the layers in the image. May not be set if the image does not define that data or if the image represents a manifest list.", "items": { "allOf": [ { @@ -91365,15 +91807,15 @@ "type": "array" }, "dockerImageManifest": { - "description": "DockerImageManifest is the raw JSON of the manifest", + "description": "dockerImageManifest is the raw JSON of the manifest", "type": "string" }, "dockerImageManifestMediaType": { - "description": "DockerImageManifestMediaType specifies the mediaType of manifest. This is a part of manifest schema v2.", + "description": "dockerImageManifestMediaType specifies the mediaType of manifest. This is a part of manifest schema v2.", "type": "string" }, "dockerImageManifests": { - "description": "DockerImageManifests holds information about sub-manifests when the image represents a manifest list. When this field is present, no DockerImageLayers should be specified.", + "description": "dockerImageManifests holds information about sub-manifests when the image represents a manifest list. When this field is present, no DockerImageLayers should be specified.", "items": { "allOf": [ { @@ -91390,19 +91832,19 @@ "$ref": "#/components/schemas/io.k8s.apimachinery.pkg.runtime.RawExtension" } ], - "description": "DockerImageMetadata contains metadata about this image", + "description": "dockerImageMetadata contains metadata about this image", "x-kubernetes-patch-strategy": "replace" }, "dockerImageMetadataVersion": { - "description": "DockerImageMetadataVersion conveys the version of the object, which if empty defaults to \"1.0\"", + "description": "dockerImageMetadataVersion conveys the version of the object, which if empty defaults to \"1.0\"", "type": "string" }, "dockerImageReference": { - "description": "DockerImageReference is the string that can be used to pull this image.", + "description": "dockerImageReference is the string that can be used to pull this image.", "type": "string" }, "dockerImageSignatures": { - "description": "DockerImageSignatures provides the signatures as opaque blobs. This is a part of manifest schema v1.", + "description": "dockerImageSignatures provides the signatures as opaque blobs. This is a part of manifest schema v1.", "items": { "format": "byte", "type": "string" @@ -91423,7 +91865,7 @@ "description": "metadata is the standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata" }, "signatures": { - "description": "Signatures holds all signatures of the image.", + "description": "signatures holds all signatures of the image.", "items": { "allOf": [ { @@ -91456,7 +91898,7 @@ "type": "string" }, "items": { - "description": "Items is a list of images", + "description": "items is a list of images", "items": { "allOf": [ { @@ -91502,7 +91944,7 @@ "type": "string" }, "conditions": { - "description": "Conditions represent the latest available observations of a signature's current state.", + "description": "conditions represent the latest available observations of a signature's current state.", "items": { "allOf": [ { @@ -91616,7 +92058,7 @@ } ], "default": {}, - "description": "Spec describes the desired state of this stream" + "description": "spec describes the desired state of this stream" }, "status": { "allOf": [ @@ -91625,7 +92067,7 @@ } ], "default": {}, - "description": "Status describes the current state of this stream" + "description": "status describes the current state of this stream" } }, "required": [], @@ -91653,7 +92095,7 @@ } ], "default": {}, - "description": "Image associated with the ImageStream and image name." + "description": "image associated with the ImageStream and image name." }, "kind": { "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", @@ -91709,7 +92151,7 @@ } ], "default": {}, - "description": "Spec is a description of the images that the user wishes to import" + "description": "spec is a description of the images that the user wishes to import" }, "status": { "allOf": [ @@ -91718,7 +92160,7 @@ } ], "default": {}, - "description": "Status is the result of importing the image" + "description": "status is the result of importing the image" } }, "required": [ @@ -91802,7 +92244,7 @@ "type": "string" }, "items": { - "description": "Items is a list of imageStreams", + "description": "items is a list of imageStreams", "items": { "allOf": [ { @@ -91854,7 +92296,7 @@ } ], "default": {}, - "description": "Image is a container image." + "description": "image is a container image." }, "kind": { "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", @@ -91871,7 +92313,7 @@ }, "tag": { "default": "", - "description": "Tag is a string value this image can be located with inside the stream.", + "description": "tag is a string value this image can be located with inside the stream.", "type": "string" } }, @@ -91978,7 +92420,7 @@ "type": "string" }, "items": { - "description": "Items is the list of image stream tags", + "description": "items is the list of image stream tags", "items": { "allOf": [ { @@ -92016,7 +92458,7 @@ ] }, "image.openshift.io/v1/ImageTag": { - "description": "ImageTag represents a single tag within an image stream and includes the spec, the status history, and the currently referenced image (if any) of the provided tag. This type replaces the ImageStreamTag by providing a full view of the tag. ImageTags are returned for every spec or status tag present on the image stream. If no tag exists in either form a not found error will be returned by the API. A create operation will succeed if no spec tag has already been defined and the spec field is set. Delete will remove both spec and status elements from the image stream.\n\nCompatibility level 1: Stable within a major release for a minimum of 12 months or 3 minor releases (whichever is longer).", + "description": "ImageTag represents a single tag within an image stream and includes the spec, the status history, and the currently referenced image (if any) of the provided tag. This type replaces the ImageStreamTag by providing a full view of the tag. ImageTags are returned for every spec or status tag present on the image stream. If no tag exists in either form, a not found error will be returned by the API. A create operation will succeed if no spec tag has already been defined and the spec field is set. Delete will remove both spec and status elements from the image stream.\n\nCompatibility level 1: Stable within a major release for a minimum of 12 months or 3 minor releases (whichever is longer).", "namespaced": true, "properties": { "apiVersion": { @@ -92084,7 +92526,7 @@ "type": "string" }, "items": { - "description": "Items is the list of image stream tags", + "description": "items is the list of image stream tags", "items": { "allOf": [ { @@ -93559,7 +94001,7 @@ "type": "string" }, "operator": { - "description": "Operator represents a key's relationship to the value.\nValid operators are Exists and Equal. Defaults to Equal.\nExists is equivalent to wildcard for value, so that a pod can\ntolerate all taints of a particular category.", + "description": "Operator represents a key's relationship to the value.\nValid operators are Exists, Equal, Lt, and Gt. Defaults to Equal.\nExists is equivalent to wildcard for value, so that a pod can\ntolerate all taints of a particular category.\nLt and Gt perform numeric comparisons (requires feature gate TaintTolerationComparisonOperators).", "type": "string" }, "tolerationSeconds": { @@ -95124,7 +95566,7 @@ "type": "string" }, "operator": { - "description": "Operator represents a key's relationship to the value.\nValid operators are Exists and Equal. Defaults to Equal.\nExists is equivalent to wildcard for value, so that a pod can\ntolerate all taints of a particular category.", + "description": "Operator represents a key's relationship to the value.\nValid operators are Exists, Equal, Lt, and Gt. Defaults to Equal.\nExists is equivalent to wildcard for value, so that a pod can\ntolerate all taints of a particular category.\nLt and Gt perform numeric comparisons (requires feature gate TaintTolerationComparisonOperators).", "type": "string" }, "tolerationSeconds": { @@ -95549,7 +95991,7 @@ "type": "integer" }, "recordType": { - "description": "recordType is the DNS record type. For example, \"A\" or \"CNAME\".", + "description": "recordType is the DNS record type. For example, \"A\", \"AAAA\", or \"CNAME\".", "enum": [ "CNAME", "A" @@ -95562,7 +96004,8 @@ "type": "string" }, "minItems": 1, - "type": "array" + "type": "array", + "x-kubernetes-list-type": "atomic" } }, "required": [ @@ -95617,7 +96060,8 @@ ], "type": "object" }, - "type": "array" + "type": "array", + "x-kubernetes-list-type": "atomic" }, "dnsZone": { "description": "dnsZone is the zone where the record is published.", @@ -95639,7 +96083,8 @@ }, "type": "object" }, - "type": "array" + "type": "array", + "x-kubernetes-list-type": "atomic" } }, "type": "object" @@ -101032,6 +101477,14 @@ "additionalProperties": true, "type": "object" }, + "io.velero.v1.ServerStatusRequest": { + "additionalProperties": true, + "type": "object" + }, + "io.velero.v1.ServerStatusRequestList": { + "additionalProperties": true, + "type": "object" + }, "ipam.cluster.x-k8s.io/v1alpha1/IPAddress": { "description": "IPAddress is the Schema for the ipaddress API.", "namespaced": false, @@ -110441,7 +110894,7 @@ "type": "integer" }, "guestAgentPing": { - "description": "GuestAgentPing contacts the qemu-guest-agent for availability checks.", + "description": "GuestAgentPing contacts the qemu-guest-agent for availability checks.\nProbe failures are automatically suppressed when the guest agent is\nunreachable for a non-fault reason: during live migration (guest paused\non one pod while memory is transferred) and whenever the VM is paused\nfor an intentional or transient reason such as a user pause, snapshot,\nsave, or dump. Failures are not suppressed when the VM is paused due to\na fault (IO error, crash, or postcopy failure).", "type": "object" }, "httpGet": { @@ -110631,7 +111084,7 @@ "type": "integer" }, "guestAgentPing": { - "description": "GuestAgentPing contacts the qemu-guest-agent for availability checks.", + "description": "GuestAgentPing contacts the qemu-guest-agent for availability checks.\nProbe failures are automatically suppressed when the guest agent is\nunreachable for a non-fault reason: during live migration (guest paused\non one pod while memory is transferred) and whenever the VM is paused\nfor an intentional or transient reason such as a user pause, snapshot,\nsave, or dump. Failures are not suppressed when the VM is paused due to\na fault (IO error, crash, or postcopy failure).", "type": "object" }, "httpGet": { @@ -114462,7 +114915,7 @@ "type": "integer" }, "guestAgentPing": { - "description": "GuestAgentPing contacts the qemu-guest-agent for availability checks.", + "description": "GuestAgentPing contacts the qemu-guest-agent for availability checks.\nProbe failures are automatically suppressed when the guest agent is\nunreachable for a non-fault reason: during live migration (guest paused\non one pod while memory is transferred) and whenever the VM is paused\nfor an intentional or transient reason such as a user pause, snapshot,\nsave, or dump. Failures are not suppressed when the VM is paused due to\na fault (IO error, crash, or postcopy failure).", "type": "object" }, "httpGet": { @@ -114652,7 +115105,7 @@ "type": "integer" }, "guestAgentPing": { - "description": "GuestAgentPing contacts the qemu-guest-agent for availability checks.", + "description": "GuestAgentPing contacts the qemu-guest-agent for availability checks.\nProbe failures are automatically suppressed when the guest agent is\nunreachable for a non-fault reason: during live migration (guest paused\non one pod while memory is transferred) and whenever the VM is paused\nfor an intentional or transient reason such as a user pause, snapshot,\nsave, or dump. Failures are not suppressed when the VM is paused due to\na fault (IO error, crash, or postcopy failure).", "type": "object" }, "httpGet": { @@ -120860,7 +121313,7 @@ "type": "integer" }, "guestAgentPing": { - "description": "GuestAgentPing contacts the qemu-guest-agent for availability checks.", + "description": "GuestAgentPing contacts the qemu-guest-agent for availability checks.\nProbe failures are automatically suppressed when the guest agent is\nunreachable for a non-fault reason: during live migration (guest paused\non one pod while memory is transferred) and whenever the VM is paused\nfor an intentional or transient reason such as a user pause, snapshot,\nsave, or dump. Failures are not suppressed when the VM is paused due to\na fault (IO error, crash, or postcopy failure).", "type": "object" }, "httpGet": { @@ -121050,7 +121503,7 @@ "type": "integer" }, "guestAgentPing": { - "description": "GuestAgentPing contacts the qemu-guest-agent for availability checks.", + "description": "GuestAgentPing contacts the qemu-guest-agent for availability checks.\nProbe failures are automatically suppressed when the guest agent is\nunreachable for a non-fault reason: during live migration (guest paused\non one pod while memory is transferred) and whenever the VM is paused\nfor an intentional or transient reason such as a user pause, snapshot,\nsave, or dump. Failures are not suppressed when the VM is paused due to\na fault (IO error, crash, or postcopy failure).", "type": "object" }, "httpGet": { @@ -128193,7 +128646,7 @@ "type": "integer" }, "guestAgentPing": { - "description": "GuestAgentPing contacts the qemu-guest-agent for availability checks.", + "description": "GuestAgentPing contacts the qemu-guest-agent for availability checks.\nProbe failures are automatically suppressed when the guest agent is\nunreachable for a non-fault reason: during live migration (guest paused\non one pod while memory is transferred) and whenever the VM is paused\nfor an intentional or transient reason such as a user pause, snapshot,\nsave, or dump. Failures are not suppressed when the VM is paused due to\na fault (IO error, crash, or postcopy failure).", "type": "object" }, "httpGet": { @@ -128383,7 +128836,7 @@ "type": "integer" }, "guestAgentPing": { - "description": "GuestAgentPing contacts the qemu-guest-agent for availability checks.", + "description": "GuestAgentPing contacts the qemu-guest-agent for availability checks.\nProbe failures are automatically suppressed when the guest agent is\nunreachable for a non-fault reason: during live migration (guest paused\non one pod while memory is transferred) and whenever the VM is paused\nfor an intentional or transient reason such as a user pause, snapshot,\nsave, or dump. Failures are not suppressed when the VM is paused due to\na fault (IO error, crash, or postcopy failure).", "type": "object" }, "httpGet": { @@ -132214,7 +132667,7 @@ "type": "integer" }, "guestAgentPing": { - "description": "GuestAgentPing contacts the qemu-guest-agent for availability checks.", + "description": "GuestAgentPing contacts the qemu-guest-agent for availability checks.\nProbe failures are automatically suppressed when the guest agent is\nunreachable for a non-fault reason: during live migration (guest paused\non one pod while memory is transferred) and whenever the VM is paused\nfor an intentional or transient reason such as a user pause, snapshot,\nsave, or dump. Failures are not suppressed when the VM is paused due to\na fault (IO error, crash, or postcopy failure).", "type": "object" }, "httpGet": { @@ -132404,7 +132857,7 @@ "type": "integer" }, "guestAgentPing": { - "description": "GuestAgentPing contacts the qemu-guest-agent for availability checks.", + "description": "GuestAgentPing contacts the qemu-guest-agent for availability checks.\nProbe failures are automatically suppressed when the guest agent is\nunreachable for a non-fault reason: during live migration (guest paused\non one pod while memory is transferred) and whenever the VM is paused\nfor an intentional or transient reason such as a user pause, snapshot,\nsave, or dump. Failures are not suppressed when the VM is paused due to\na fault (IO error, crash, or postcopy failure).", "type": "object" }, "httpGet": { @@ -138612,7 +139065,7 @@ "type": "integer" }, "guestAgentPing": { - "description": "GuestAgentPing contacts the qemu-guest-agent for availability checks.", + "description": "GuestAgentPing contacts the qemu-guest-agent for availability checks.\nProbe failures are automatically suppressed when the guest agent is\nunreachable for a non-fault reason: during live migration (guest paused\non one pod while memory is transferred) and whenever the VM is paused\nfor an intentional or transient reason such as a user pause, snapshot,\nsave, or dump. Failures are not suppressed when the VM is paused due to\na fault (IO error, crash, or postcopy failure).", "type": "object" }, "httpGet": { @@ -138802,7 +139255,7 @@ "type": "integer" }, "guestAgentPing": { - "description": "GuestAgentPing contacts the qemu-guest-agent for availability checks.", + "description": "GuestAgentPing contacts the qemu-guest-agent for availability checks.\nProbe failures are automatically suppressed when the guest agent is\nunreachable for a non-fault reason: during live migration (guest paused\non one pod while memory is transferred) and whenever the VM is paused\nfor an intentional or transient reason such as a user pause, snapshot,\nsave, or dump. Failures are not suppressed when the VM is paused due to\na fault (IO error, crash, or postcopy failure).", "type": "object" }, "httpGet": { @@ -143183,9 +143636,14 @@ "description": "aws contains DNS configuration specific to the Amazon Web Services cloud provider.", "properties": { "privateZoneIAMRole": { - "description": "privateZoneIAMRole contains the ARN of an IAM role that should be assumed when performing\noperations on the cluster's private hosted zone specified in the cluster DNS config.\nWhen left empty, no role should be assumed.", - "pattern": "^arn:(aws|aws-cn|aws-us-gov):iam::[0-9]{12}:role\\/.*$", - "type": "string" + "description": "privateZoneIAMRole contains the ARN of an IAM role that should be assumed when performing\noperations on the cluster's private hosted zone specified in the cluster DNS config.\nWhen left empty, no role should be assumed.\n\nThe ARN must follow the format: arn::iam:::role/, where:\n is the AWS partition (aws, aws-cn, aws-us-gov, or aws-eusc),\n is a 12-digit numeric identifier for the AWS account,\n is the IAM role name.", + "type": "string", + "x-kubernetes-validations": [ + { + "message": "privateZoneIAMRole must be a valid AWS IAM role ARN in the format: arn::iam:::role/", + "rule": "matches(self, '^arn:(aws|aws-cn|aws-us-gov):iam::[0-9]{12}:role/.*$')" + } + ] } }, "type": "object" @@ -144069,7 +144527,17 @@ "topology", "zone" ], - "type": "object" + "type": "object", + "x-kubernetes-validations": [ + { + "message": "when zoneAffinity type is HostGroup, regionAffinity type must be ComputeCluster", + "rule": "has(self.zoneAffinity) && self.zoneAffinity.type == 'HostGroup' ? has(self.regionAffinity) && self.regionAffinity.type == 'ComputeCluster' : true" + }, + { + "message": "when zoneAffinity type is ComputeCluster, regionAffinity type must be Datacenter", + "rule": "has(self.zoneAffinity) && self.zoneAffinity.type == 'ComputeCluster' ? has(self.regionAffinity) && self.regionAffinity.type == 'Datacenter' : true" + } + ] }, "type": "array", "x-kubernetes-list-map-keys": [ @@ -144268,11 +144736,12 @@ }, "controlPlaneTopology": { "default": "HighlyAvailable", - "description": "controlPlaneTopology expresses the expectations for operands that normally run on control nodes.\nThe default is 'HighlyAvailable', which represents the behavior operators have in a \"normal\" cluster.\nThe 'SingleReplica' mode will be used in single-node deployments\nand the operators should not configure the operand for highly-available operation\nThe 'External' mode indicates that the control plane is hosted externally to the cluster and that\nits components are not visible within the cluster.", + "description": "controlPlaneTopology expresses the expectations for operands that normally run on control nodes.\nThe default is 'HighlyAvailable', which represents the behavior operators have in a \"normal\" cluster.\nThe 'SingleReplica' mode will be used in single-node deployments\nand the operators should not configure the operand for highly-available operation\nThe 'External' mode indicates that the control plane is hosted externally to the cluster and that\nits components are not visible within the cluster.\nThe 'HighlyAvailableArbiter' mode indicates that the control plane will consist of 2 control-plane nodes\nthat run conventional services and 1 smaller sized arbiter node that runs a bare minimum of services to maintain quorum.", "enum": [ "HighlyAvailable", "HighlyAvailableArbiter", "SingleReplica", + "DualReplica", "External" ], "type": "string" @@ -144457,6 +144926,99 @@ "description": "armEndpoint specifies a URL to use for resource management in non-soverign clouds such as Azure Stack.", "type": "string" }, + "cloudLoadBalancerConfig": { + "default": { + "dnsType": "PlatformDefault" + }, + "description": "cloudLoadBalancerConfig holds configuration related to DNS and cloud\nload balancers. It allows configuration of in-cluster DNS as an alternative\nto the platform default DNS implementation.\nWhen using the ClusterHosted DNS type, Load Balancer IP addresses\nmust be provided for the API and internal API load balancers as well as the\ningress load balancer.", + "properties": { + "clusterHosted": { + "description": "clusterHosted holds the IP addresses of API, API-Int and Ingress Load\nBalancers on Cloud Platforms. The DNS solution hosted within the cluster\nuse these IP addresses to provide resolution for API, API-Int and Ingress\nservices.", + "properties": { + "apiIntLoadBalancerIPs": { + "description": "apiIntLoadBalancerIPs holds Load Balancer IPs for the internal API service.\nThese Load Balancer IP addresses can be IPv4 and/or IPv6 addresses.\nEntries in the apiIntLoadBalancerIPs must be unique.\nA maximum of 16 IP addresses are permitted.", + "format": "ip", + "items": { + "description": "IP is an IP address (for example, \"10.0.0.0\" or \"fd00::\").", + "maxLength": 39, + "minLength": 1, + "type": "string", + "x-kubernetes-validations": [ + { + "message": "value must be a valid IP address", + "rule": "isIP(self)" + } + ] + }, + "maxItems": 16, + "type": "array", + "x-kubernetes-list-type": "set" + }, + "apiLoadBalancerIPs": { + "description": "apiLoadBalancerIPs holds Load Balancer IPs for the API service.\nThese Load Balancer IP addresses can be IPv4 and/or IPv6 addresses.\nCould be empty for private clusters.\nEntries in the apiLoadBalancerIPs must be unique.\nA maximum of 16 IP addresses are permitted.", + "format": "ip", + "items": { + "description": "IP is an IP address (for example, \"10.0.0.0\" or \"fd00::\").", + "maxLength": 39, + "minLength": 1, + "type": "string", + "x-kubernetes-validations": [ + { + "message": "value must be a valid IP address", + "rule": "isIP(self)" + } + ] + }, + "maxItems": 16, + "type": "array", + "x-kubernetes-list-type": "set" + }, + "ingressLoadBalancerIPs": { + "description": "ingressLoadBalancerIPs holds IPs for Ingress Load Balancers.\nThese Load Balancer IP addresses can be IPv4 and/or IPv6 addresses.\nEntries in the ingressLoadBalancerIPs must be unique.\nA maximum of 16 IP addresses are permitted.", + "format": "ip", + "items": { + "description": "IP is an IP address (for example, \"10.0.0.0\" or \"fd00::\").", + "maxLength": 39, + "minLength": 1, + "type": "string", + "x-kubernetes-validations": [ + { + "message": "value must be a valid IP address", + "rule": "isIP(self)" + } + ] + }, + "maxItems": 16, + "type": "array", + "x-kubernetes-list-type": "set" + } + }, + "type": "object" + }, + "dnsType": { + "default": "PlatformDefault", + "description": "dnsType indicates the type of DNS solution in use within the cluster. Its default value of\n`PlatformDefault` indicates that the cluster's DNS is the default provided by the cloud platform.\nIt can be set to `ClusterHosted` to bypass the configuration of the cloud default DNS. In this mode,\nthe cluster needs to provide a self-hosted DNS solution for the cluster's installation to succeed.\nThe cluster's use of the cloud's Load Balancers is unaffected by this setting.\nThe value is immutable after it has been set at install time.\nCurrently, there is no way for the customer to add additional DNS entries into the cluster hosted DNS.\nEnabling this functionality allows the user to start their own DNS solution outside the cluster after\ninstallation is complete. The customer would be responsible for configuring this custom DNS solution,\nand it can be run in addition to the in-cluster DNS solution.", + "enum": [ + "ClusterHosted", + "PlatformDefault" + ], + "type": "string", + "x-kubernetes-validations": [ + { + "message": "dnsType is immutable", + "rule": "oldSelf == '' || self == oldSelf" + } + ] + } + }, + "type": "object", + "x-kubernetes-validations": [ + { + "message": "clusterHosted is permitted only when dnsType is ClusterHosted", + "rule": "has(self.dnsType) && self.dnsType != 'ClusterHosted' ? !has(self.clusterHosted) : true" + } + ] + }, "cloudName": { "description": "cloudName is the name of the Azure cloud environment which can be used to configure the Azure SDK\nwith the appropriate Azure API endpoints.\nIf empty, the value is equal to `AzurePublicCloud`.", "enum": [ @@ -145763,19 +146325,23 @@ "description": "spec contains the desired kubelet configuration.", "properties": { "autoSizingReserved": { + "description": "autoSizingReserved controls whether system-reserved CPU and memory are automatically\ncalculated based on each node's installed capacity. When set to true, this prevents node failure\nfrom resource starvation of system components (kubelet, CRI-O) without manual configuration.\nWhen omitted, this means the user has no opinion and the platform is left to choose a reasonable default,\nwhich is subject to change over time. The current default is true for worker nodes and false for control plane nodes.\nWhen set to false, automatic resource reservation is disabled and manual settings must be configured.", "type": "boolean" }, "kubeletConfig": { - "description": "kubeletConfig fields are defined in kubernetes upstream. Please refer to the types defined in the version/commit used by\nOpenShift of the upstream kubernetes. It's important to note that, since the fields of the kubelet configuration are directly fetched from\nupstream the validation of those values is handled directly by the kubelet. Please refer to the upstream version of the relevant kubernetes\nfor the valid values of these fields. Invalid values of the kubelet configuration fields may render cluster nodes unusable.", + "description": "kubeletConfig contains upstream Kubernetes kubelet configuration fields.\nValues are validated by the kubelet itself. Invalid values may render nodes unusable.\nRefer to OpenShift documentation for the Kubernetes version corresponding to your\nOpenShift release to find valid kubelet configuration options.", "type": "object", "x-kubernetes-preserve-unknown-fields": true }, "logLevel": { + "description": "logLevel sets the kubelet log verbosity, controlling the amount of detail in kubelet logs.\nValid values range from 0 (minimal logging) to 10 (maximum verbosity with trace-level detail).\nHigher log levels may impact node performance. When omitted, the platform chooses a reasonable default,\nwhich is subject to change over time. The current default is 2 (standard informational logging).", "format": "int32", + "maximum": 10, + "minimum": 0, "type": "integer" }, "machineConfigPoolSelector": { - "description": "machineConfigPoolSelector selects which pools the KubeletConfig shoud apply to.\nA nil selector will result in no pools being selected.", + "description": "machineConfigPoolSelector selects which pools the KubeletConfig should apply to.\nWhen omitted or set to an empty selector {}, no pools are selected, which is equivalent\nto not matching any MachineConfigPool.", "properties": { "matchExpressions": { "description": "matchExpressions is a list of label selector requirements. The requirements are ANDed.", @@ -145820,7 +146386,7 @@ "x-kubernetes-map-type": "atomic" }, "tlsSecurityProfile": { - "description": "If unset, the default is based on the apiservers.config.openshift.io/cluster resource.\nNote that only Old and Intermediate profiles are currently supported, and\nthe maximum available minTLSVersion is VersionTLS12.", + "description": "tlsSecurityProfile configures TLS settings for the kubelet.\nWhen omitted, the TLS configuration defaults to the value from apiservers.config.openshift.io/cluster.\nWhen specified, the type field can be set to either \"Old\", \"Intermediate\", \"Modern\", \"Custom\" or omitted for backward compatibility.", "properties": { "custom": { "description": "custom is a user-defined TLS security profile. Be extremely careful using a custom\nprofile as invalid configurations can be catastrophic. An example custom profile\nlooks like this:\n\n minTLSVersion: VersionTLS11\n ciphers:\n - ECDHE-ECDSA-CHACHA20-POLY1305\n - ECDHE-RSA-CHACHA20-POLY1305\n - ECDHE-RSA-AES128-GCM-SHA256\n - ECDHE-ECDSA-AES128-GCM-SHA256", @@ -146185,7 +146751,7 @@ "description": "status describes the last observed state of this machine config node.", "properties": { "conditions": { - "description": "conditions represent the observations of a machine config node's current state. Valid types are:\nUpdatePrepared, UpdateExecuted, UpdatePostActionComplete, UpdateComplete, Updated, Resumed,\nDrained, AppliedFilesAndOS, Cordoned, Uncordoned, RebootedNode, NodeDegraded, PinnedImageSetsProgressing,\nand PinnedImageSetsDegraded.\nThe following types are only available when the ImageModeStatusReporting feature gate is enabled: ImagePulledFromRegistry,\nAppliedOSImage, AppliedFiles", + "description": "conditions represent the observations of a machine config node's current state. Valid types are:\nUpdatePrepared, UpdateExecuted, UpdatePostActionComplete, UpdateComplete, Updated, Resumed,\nDrained, AppliedFilesAndOS, Cordoned, Uncordoned, RebootedNode, NodeDegraded, PinnedImageSetsProgressing,\nand PinnedImageSetsDegraded.\nThe following types are only available when the ImageModeStatusReporting feature gate is enabled: ImagePulledFromRegistry,\nAppliedOSImage, AppliedFiles\nThe following types are only available when the NoRegistryClusterInstall feature gate is enabled: InternalReleaseImageDegraded", "items": { "description": "Condition contains details for one aspect of the current state of this API Resource.", "properties": { @@ -150705,6 +151271,10 @@ "description": "ProvisioningNetworkCIDR is the network on which the\nbaremetal nodes are provisioned. The provisioningIP and the\nIPs in the dhcpRange all come from within this network. When using IPv6\nand in a network managed by the Baremetal IPI solution this cannot be a\nnetwork larger than a /64.", "type": "string" }, + "provisioningNetworkGateway": { + "description": "ProvisioningNetworkGateway is the IP address of the default gateway\nfor the provisioning network. This gateway is provided to baremetal\nhosts via DHCP to enable routing to external networks during\ninspection and provisioning. This field is optional and only\nused when ProvisioningNetwork is set to Managed. The gateway IP\nmust be within the ProvisioningNetworkCIDR but outside of the\nProvisioningDHCPRange and must not be the same as ProvisioningIP.", + "type": "string" + }, "provisioningOSDownloadURL": { "description": "ProvisioningOSDownloadURL is the location from which the OS\nImage used to boot baremetal host machines can be downloaded\nby the metal3 cluster.", "type": "string" @@ -152808,7 +153378,7 @@ "type": "string", "x-kubernetes-validations": [ { - "message": "retentionPolicy is immutable", + "message": "retentionPolicy value cannot be changed once set", "rule": "self == oldSelf" } ] @@ -152820,9 +153390,9 @@ "properties": { "name": { "description": "The name of the virtual machine to migrate.", - "maxLength": 63, + "maxLength": 253, "minLength": 1, - "pattern": "^[a-z]([-a-z0-9]*[a-z0-9])?$", + "pattern": "^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$", "type": "string" }, "targetMigrationPVCs": { @@ -152849,9 +153419,9 @@ }, "name": { "description": "The name of the destination PVC. If not provided, the PVC will be named after the source PVC with a \"-mig-xxxx\" suffix.", - "maxLength": 63, + "maxLength": 253, "minLength": 1, - "pattern": "^[a-z]([-a-z0-9]*[a-z0-9])?$", + "pattern": "^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$", "type": "string" }, "storageClassName": { @@ -152890,14 +153460,24 @@ ], "type": "object" }, - "type": "array" + "type": "array", + "x-kubernetes-list-map-keys": [ + "name" + ], + "x-kubernetes-list-type": "map" } }, "required": [ "name", "virtualMachines" ], - "type": "object" + "type": "object", + "x-kubernetes-validations": [ + { + "message": "retentionPolicy cannot be removed once set", + "rule": "!has(oldSelf.retentionPolicy) || has(self.retentionPolicy)" + } + ] }, "type": "array", "x-kubernetes-list-map-keys": [ @@ -152915,7 +153495,7 @@ "type": "string", "x-kubernetes-validations": [ { - "message": "retentionPolicy is immutable", + "message": "retentionPolicy value cannot be changed once set", "rule": "self == oldSelf" } ] @@ -152924,7 +153504,13 @@ "required": [ "namespaces" ], - "type": "object" + "type": "object", + "x-kubernetes-validations": [ + { + "message": "retentionPolicy cannot be removed once set", + "rule": "!has(oldSelf.retentionPolicy) || has(self.retentionPolicy)" + } + ] }, "status": { "description": "MultiNamespaceVirtualMachineStorageMigrationPlanStatus defines the observed state of MultiNamespaceVirtualMachineStorageMigrationPlan", @@ -152975,9 +153561,9 @@ "properties": { "name": { "description": "The name of the virtual machine to migrate.", - "maxLength": 63, + "maxLength": 253, "minLength": 1, - "pattern": "^[a-z]([-a-z0-9]*[a-z0-9])?$", + "pattern": "^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$", "type": "string" }, "sourcePVCs": { @@ -153336,9 +153922,9 @@ }, "name": { "description": "The name of the destination PVC. If not provided, the PVC will be named after the source PVC with a \"-mig-xxxx\" suffix.", - "maxLength": 63, + "maxLength": 253, "minLength": 1, - "pattern": "^[a-z]([-a-z0-9]*[a-z0-9])?$", + "pattern": "^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$", "type": "string" }, "storageClassName": { @@ -153425,9 +154011,9 @@ "properties": { "name": { "description": "The name of the virtual machine to migrate.", - "maxLength": 63, + "maxLength": 253, "minLength": 1, - "pattern": "^[a-z]([-a-z0-9]*[a-z0-9])?$", + "pattern": "^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$", "type": "string" }, "sourcePVCs": { @@ -153786,9 +154372,9 @@ }, "name": { "description": "The name of the destination PVC. If not provided, the PVC will be named after the source PVC with a \"-mig-xxxx\" suffix.", - "maxLength": 63, + "maxLength": 253, "minLength": 1, - "pattern": "^[a-z]([-a-z0-9]*[a-z0-9])?$", + "pattern": "^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$", "type": "string" }, "storageClassName": { @@ -153837,9 +154423,9 @@ "properties": { "name": { "description": "The name of the virtual machine to migrate.", - "maxLength": 63, + "maxLength": 253, "minLength": 1, - "pattern": "^[a-z]([-a-z0-9]*[a-z0-9])?$", + "pattern": "^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$", "type": "string" }, "sourcePVCs": { @@ -154198,9 +154784,9 @@ }, "name": { "description": "The name of the destination PVC. If not provided, the PVC will be named after the source PVC with a \"-mig-xxxx\" suffix.", - "maxLength": 63, + "maxLength": 253, "minLength": 1, - "pattern": "^[a-z]([-a-z0-9]*[a-z0-9])?$", + "pattern": "^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$", "type": "string" }, "storageClassName": { @@ -154249,9 +154835,9 @@ "properties": { "name": { "description": "The name of the virtual machine to migrate.", - "maxLength": 63, + "maxLength": 253, "minLength": 1, - "pattern": "^[a-z]([-a-z0-9]*[a-z0-9])?$", + "pattern": "^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$", "type": "string" }, "sourcePVCs": { @@ -154610,9 +155196,9 @@ }, "name": { "description": "The name of the destination PVC. If not provided, the PVC will be named after the source PVC with a \"-mig-xxxx\" suffix.", - "maxLength": 63, + "maxLength": 253, "minLength": 1, - "pattern": "^[a-z]([-a-z0-9]*[a-z0-9])?$", + "pattern": "^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$", "type": "string" }, "storageClassName": { @@ -154665,9 +155251,9 @@ "properties": { "name": { "description": "The name of the virtual machine to migrate.", - "maxLength": 63, + "maxLength": 253, "minLength": 1, - "pattern": "^[a-z]([-a-z0-9]*[a-z0-9])?$", + "pattern": "^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$", "type": "string" }, "sourcePVCs": { @@ -155026,9 +155612,9 @@ }, "name": { "description": "The name of the destination PVC. If not provided, the PVC will be named after the source PVC with a \"-mig-xxxx\" suffix.", - "maxLength": 63, + "maxLength": 253, "minLength": 1, - "pattern": "^[a-z]([-a-z0-9]*[a-z0-9])?$", + "pattern": "^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$", "type": "string" }, "storageClassName": { @@ -155370,7 +155956,7 @@ "type": "string", "x-kubernetes-validations": [ { - "message": "retentionPolicy is immutable", + "message": "retentionPolicy value cannot be changed once set", "rule": "self == oldSelf" } ] @@ -155382,9 +155968,9 @@ "properties": { "name": { "description": "The name of the virtual machine to migrate.", - "maxLength": 63, + "maxLength": 253, "minLength": 1, - "pattern": "^[a-z]([-a-z0-9]*[a-z0-9])?$", + "pattern": "^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$", "type": "string" }, "targetMigrationPVCs": { @@ -155411,9 +155997,9 @@ }, "name": { "description": "The name of the destination PVC. If not provided, the PVC will be named after the source PVC with a \"-mig-xxxx\" suffix.", - "maxLength": 63, + "maxLength": 253, "minLength": 1, - "pattern": "^[a-z]([-a-z0-9]*[a-z0-9])?$", + "pattern": "^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$", "type": "string" }, "storageClassName": { @@ -155452,13 +156038,23 @@ ], "type": "object" }, - "type": "array" + "type": "array", + "x-kubernetes-list-map-keys": [ + "name" + ], + "x-kubernetes-list-type": "map" } }, "required": [ "virtualMachines" ], - "type": "object" + "type": "object", + "x-kubernetes-validations": [ + { + "message": "retentionPolicy cannot be removed once set", + "rule": "!has(oldSelf.retentionPolicy) || has(self.retentionPolicy)" + } + ] }, "status": { "description": "VirtualMachineStorageMigrationPlanStatus defines the observed state of VirtualMachineStorageMigrationPlan", @@ -155470,9 +156066,9 @@ "properties": { "name": { "description": "The name of the virtual machine to migrate.", - "maxLength": 63, + "maxLength": 253, "minLength": 1, - "pattern": "^[a-z]([-a-z0-9]*[a-z0-9])?$", + "pattern": "^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$", "type": "string" }, "sourcePVCs": { @@ -155831,9 +156427,9 @@ }, "name": { "description": "The name of the destination PVC. If not provided, the PVC will be named after the source PVC with a \"-mig-xxxx\" suffix.", - "maxLength": 63, + "maxLength": 253, "minLength": 1, - "pattern": "^[a-z]([-a-z0-9]*[a-z0-9])?$", + "pattern": "^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$", "type": "string" }, "storageClassName": { @@ -155920,9 +156516,9 @@ "properties": { "name": { "description": "The name of the virtual machine to migrate.", - "maxLength": 63, + "maxLength": 253, "minLength": 1, - "pattern": "^[a-z]([-a-z0-9]*[a-z0-9])?$", + "pattern": "^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$", "type": "string" }, "sourcePVCs": { @@ -156281,9 +156877,9 @@ }, "name": { "description": "The name of the destination PVC. If not provided, the PVC will be named after the source PVC with a \"-mig-xxxx\" suffix.", - "maxLength": 63, + "maxLength": 253, "minLength": 1, - "pattern": "^[a-z]([-a-z0-9]*[a-z0-9])?$", + "pattern": "^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$", "type": "string" }, "storageClassName": { @@ -156332,9 +156928,9 @@ "properties": { "name": { "description": "The name of the virtual machine to migrate.", - "maxLength": 63, + "maxLength": 253, "minLength": 1, - "pattern": "^[a-z]([-a-z0-9]*[a-z0-9])?$", + "pattern": "^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$", "type": "string" }, "sourcePVCs": { @@ -156693,9 +157289,9 @@ }, "name": { "description": "The name of the destination PVC. If not provided, the PVC will be named after the source PVC with a \"-mig-xxxx\" suffix.", - "maxLength": 63, + "maxLength": 253, "minLength": 1, - "pattern": "^[a-z]([-a-z0-9]*[a-z0-9])?$", + "pattern": "^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$", "type": "string" }, "storageClassName": { @@ -156744,9 +157340,9 @@ "properties": { "name": { "description": "The name of the virtual machine to migrate.", - "maxLength": 63, + "maxLength": 253, "minLength": 1, - "pattern": "^[a-z]([-a-z0-9]*[a-z0-9])?$", + "pattern": "^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$", "type": "string" }, "sourcePVCs": { @@ -157105,9 +157701,9 @@ }, "name": { "description": "The name of the destination PVC. If not provided, the PVC will be named after the source PVC with a \"-mig-xxxx\" suffix.", - "maxLength": 63, + "maxLength": 253, "minLength": 1, - "pattern": "^[a-z]([-a-z0-9]*[a-z0-9])?$", + "pattern": "^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$", "type": "string" }, "storageClassName": { @@ -157156,9 +157752,9 @@ "properties": { "name": { "description": "The name of the virtual machine to migrate.", - "maxLength": 63, + "maxLength": 253, "minLength": 1, - "pattern": "^[a-z]([-a-z0-9]*[a-z0-9])?$", + "pattern": "^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$", "type": "string" }, "sourcePVCs": { @@ -157517,9 +158113,9 @@ }, "name": { "description": "The name of the destination PVC. If not provided, the PVC will be named after the source PVC with a \"-mig-xxxx\" suffix.", - "maxLength": 63, + "maxLength": 253, "minLength": 1, - "pattern": "^[a-z]([-a-z0-9]*[a-z0-9])?$", + "pattern": "^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$", "type": "string" }, "storageClassName": { @@ -159379,6 +159975,10 @@ "description": "authUsername represents SMTP Auth using CRAM-MD5, LOGIN and PLAIN. If empty, Alertmanager doesn't authenticate to the SMTP server.", "type": "string" }, + "forceImplicitTLS": { + "description": "forceImplicitTLS defines whether to force use of implicit TLS (direct TLS connection) for better security.\ntrue: force use of implicit TLS (direct TLS connection on any port)\nfalse: force disable implicit TLS (use explicit TLS/STARTTLS if required)\nnil (default): auto-detect based on port (465=implicit, other=explicit) for backward compatibility\nIt requires Alertmanager >= v0.31.0.", + "type": "boolean" + }, "from": { "description": "from defines the default SMTP From header field.", "type": "string" @@ -160126,7 +160726,7 @@ "type": "string" }, "containers": { - "description": "containers allows injecting additional containers. This is meant to\nallow adding an authentication proxy to an Alertmanager pod.\nContainers described here modify an operator generated container if they\nshare the same name and modifications are done via a strategic merge\npatch. The current container names are: `alertmanager` and\n`config-reloader`. Overriding containers is entirely outside the scope\nof what the maintainers will support and by doing so, you accept that\nthis behaviour may break at any time without notice.", + "description": "containers allows injecting additional containers or modifying operator\ngenerated containers. This can be used to allow adding an authentication\nproxy to the Pods or to change the behavior of an operator generated\ncontainer. Containers described here modify an operator generated\ncontainer if they share the same name and modifications are done via a\nstrategic merge patch.\n\nThe names of containers managed by the operator are:\n* `alertmanager`\n* `config-reloader`\n* `thanos-sidecar`\n\nOverriding containers which are managed by the operator require careful\ntesting, especially when upgrading to a new version of the operator.", "items": { "description": "A single application container that you want to run within a pod.", "properties": { @@ -160942,7 +161542,7 @@ "type": "object" }, "resizePolicy": { - "description": "Resources resize policy for the container.", + "description": "Resources resize policy for the container.\nThis field cannot be set on ephemeral containers.", "items": { "description": "ContainerResizePolicy represents resource resize policy for the container.", "properties": { @@ -161610,7 +162210,7 @@ "type": "array" }, "initContainers": { - "description": "initContainers allows adding initContainers to the pod definition. Those can be used to e.g.\nfetch secrets for injection into the Alertmanager configuration from external sources. Any\nerrors during the execution of an initContainer will lead to a restart of the Pod. More info: https://kubernetes.io/docs/concepts/workloads/pods/init-containers/\nInitContainers described here modify an operator\ngenerated init containers if they share the same name and modifications are\ndone via a strategic merge patch. The current init container name is:\n`init-config-reloader`. Overriding init containers is entirely outside the\nscope of what the maintainers will support and by doing so, you accept that\nthis behaviour may break at any time without notice.", + "description": "initContainers allows injecting initContainers to the Pod definition. Those\ncan be used to e.g. fetch secrets for injection into the Prometheus\nconfiguration from external sources. Any errors during the execution of\nan initContainer will lead to a restart of the Pod. More info:\nhttps://kubernetes.io/docs/concepts/workloads/pods/init-containers/\nInitContainers described here modify an operator generated init\ncontainers if they share the same name and modifications are done via a\nstrategic merge patch.\n\nThe names of init container name managed by the operator are:\n* `init-config-reloader`.\n\nOverriding init containers which are managed by the operator require\ncareful testing, especially when upgrading to a new version of the\noperator.", "items": { "description": "A single application container that you want to run within a pod.", "properties": { @@ -162426,7 +163026,7 @@ "type": "object" }, "resizePolicy": { - "description": "Resources resize policy for the container.", + "description": "Resources resize policy for the container.\nThis field cannot be set on ephemeral containers.", "items": { "description": "ContainerResizePolicy represents resource resize policy for the container.", "properties": { @@ -163138,6 +163738,11 @@ "description": "routePrefix Alertmanager registers HTTP handlers for. This is useful,\nif using ExternalURL and a proxy is rewriting HTTP routes of a request,\nand the actual ExternalURL is still true, but the server serves requests\nunder a different route prefix. For example for use with `kubectl proxy`.", "type": "string" }, + "schedulerName": { + "description": "schedulerName defines the scheduler to use for Pod scheduling. If not specified, the default scheduler is used.", + "minLength": 1, + "type": "string" + }, "secrets": { "description": "secrets is a list of Secrets in the same namespace as the Alertmanager\nobject, which shall be mounted into the Alertmanager Pods.\nEach Secret is added to the StatefulSet definition as a volume named `secret-`.\nThe Secrets are mounted into `/etc/alertmanager/secrets/` in the 'alertmanager' container.", "items": { @@ -163406,7 +164011,7 @@ "type": "object" }, "resources": { - "description": "resources represents the minimum resources the volume should have.\nIf RecoverVolumeExpansionFailure feature is enabled users are allowed to specify resource requirements\nthat are lower than previous value but must still be higher than capacity recorded in the\nstatus field of the claim.\nMore info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources", + "description": "resources represents the minimum resources the volume should have.\nUsers are allowed to specify resource requirements\nthat are lower than previous value but must still be higher than capacity recorded in the\nstatus field of the claim.\nMore info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources", "properties": { "limits": { "additionalProperties": { @@ -163612,7 +164217,7 @@ "type": "object" }, "resources": { - "description": "resources represents the minimum resources the volume should have.\nIf RecoverVolumeExpansionFailure feature is enabled users are allowed to specify resource requirements\nthat are lower than previous value but must still be higher than capacity recorded in the\nstatus field of the claim.\nMore info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources", + "description": "resources represents the minimum resources the volume should have.\nUsers are allowed to specify resource requirements\nthat are lower than previous value but must still be higher than capacity recorded in the\nstatus field of the claim.\nMore info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources", "properties": { "limits": { "additionalProperties": { @@ -163729,7 +164334,7 @@ "description": "When a controller receives persistentvolume claim update with ClaimResourceStatus for a resource\nthat it does not recognizes, then it should ignore that update and let other controllers\nhandle it.", "type": "string" }, - "description": "allocatedResourceStatuses stores status of resource being resized for the given PVC.\nKey names follow standard Kubernetes label syntax. Valid values are either:\n\t* Un-prefixed keys:\n\t\t- storage - the capacity of the volume.\n\t* Custom resources must use implementation-defined prefixed names such as \"example.com/my-custom-resource\"\nApart from above values - keys that are unprefixed or have kubernetes.io prefix are considered\nreserved and hence may not be used.\n\nClaimResourceStatus can be in any of following states:\n\t- ControllerResizeInProgress:\n\t\tState set when resize controller starts resizing the volume in control-plane.\n\t- ControllerResizeFailed:\n\t\tState set when resize has failed in resize controller with a terminal error.\n\t- NodeResizePending:\n\t\tState set when resize controller has finished resizing the volume but further resizing of\n\t\tvolume is needed on the node.\n\t- NodeResizeInProgress:\n\t\tState set when kubelet starts resizing the volume.\n\t- NodeResizeFailed:\n\t\tState set when resizing has failed in kubelet with a terminal error. Transient errors don't set\n\t\tNodeResizeFailed.\nFor example: if expanding a PVC for more capacity - this field can be one of the following states:\n\t- pvc.status.allocatedResourceStatus['storage'] = \"ControllerResizeInProgress\"\n - pvc.status.allocatedResourceStatus['storage'] = \"ControllerResizeFailed\"\n - pvc.status.allocatedResourceStatus['storage'] = \"NodeResizePending\"\n - pvc.status.allocatedResourceStatus['storage'] = \"NodeResizeInProgress\"\n - pvc.status.allocatedResourceStatus['storage'] = \"NodeResizeFailed\"\nWhen this field is not set, it means that no resize operation is in progress for the given PVC.\n\nA controller that receives PVC update with previously unknown resourceName or ClaimResourceStatus\nshould ignore the update for the purpose it was designed. For example - a controller that\nonly is responsible for resizing capacity of the volume, should ignore PVC updates that change other valid\nresources associated with PVC.\n\nThis is an alpha field and requires enabling RecoverVolumeExpansionFailure feature.", + "description": "allocatedResourceStatuses stores status of resource being resized for the given PVC.\nKey names follow standard Kubernetes label syntax. Valid values are either:\n\t* Un-prefixed keys:\n\t\t- storage - the capacity of the volume.\n\t* Custom resources must use implementation-defined prefixed names such as \"example.com/my-custom-resource\"\nApart from above values - keys that are unprefixed or have kubernetes.io prefix are considered\nreserved and hence may not be used.\n\nClaimResourceStatus can be in any of following states:\n\t- ControllerResizeInProgress:\n\t\tState set when resize controller starts resizing the volume in control-plane.\n\t- ControllerResizeFailed:\n\t\tState set when resize has failed in resize controller with a terminal error.\n\t- NodeResizePending:\n\t\tState set when resize controller has finished resizing the volume but further resizing of\n\t\tvolume is needed on the node.\n\t- NodeResizeInProgress:\n\t\tState set when kubelet starts resizing the volume.\n\t- NodeResizeFailed:\n\t\tState set when resizing has failed in kubelet with a terminal error. Transient errors don't set\n\t\tNodeResizeFailed.\nFor example: if expanding a PVC for more capacity - this field can be one of the following states:\n\t- pvc.status.allocatedResourceStatus['storage'] = \"ControllerResizeInProgress\"\n - pvc.status.allocatedResourceStatus['storage'] = \"ControllerResizeFailed\"\n - pvc.status.allocatedResourceStatus['storage'] = \"NodeResizePending\"\n - pvc.status.allocatedResourceStatus['storage'] = \"NodeResizeInProgress\"\n - pvc.status.allocatedResourceStatus['storage'] = \"NodeResizeFailed\"\nWhen this field is not set, it means that no resize operation is in progress for the given PVC.\n\nA controller that receives PVC update with previously unknown resourceName or ClaimResourceStatus\nshould ignore the update for the purpose it was designed. For example - a controller that\nonly is responsible for resizing capacity of the volume, should ignore PVC updates that change other valid\nresources associated with PVC.", "type": "object", "x-kubernetes-map-type": "granular" }, @@ -163746,7 +164351,7 @@ "pattern": "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$", "x-kubernetes-int-or-string": true }, - "description": "allocatedResources tracks the resources allocated to a PVC including its capacity.\nKey names follow standard Kubernetes label syntax. Valid values are either:\n\t* Un-prefixed keys:\n\t\t- storage - the capacity of the volume.\n\t* Custom resources must use implementation-defined prefixed names such as \"example.com/my-custom-resource\"\nApart from above values - keys that are unprefixed or have kubernetes.io prefix are considered\nreserved and hence may not be used.\n\nCapacity reported here may be larger than the actual capacity when a volume expansion operation\nis requested.\nFor storage quota, the larger value from allocatedResources and PVC.spec.resources is used.\nIf allocatedResources is not set, PVC.spec.resources alone is used for quota calculation.\nIf a volume expansion capacity request is lowered, allocatedResources is only\nlowered if there are no expansion operations in progress and if the actual volume capacity\nis equal or lower than the requested capacity.\n\nA controller that receives PVC update with previously unknown resourceName\nshould ignore the update for the purpose it was designed. For example - a controller that\nonly is responsible for resizing capacity of the volume, should ignore PVC updates that change other valid\nresources associated with PVC.\n\nThis is an alpha field and requires enabling RecoverVolumeExpansionFailure feature.", + "description": "allocatedResources tracks the resources allocated to a PVC including its capacity.\nKey names follow standard Kubernetes label syntax. Valid values are either:\n\t* Un-prefixed keys:\n\t\t- storage - the capacity of the volume.\n\t* Custom resources must use implementation-defined prefixed names such as \"example.com/my-custom-resource\"\nApart from above values - keys that are unprefixed or have kubernetes.io prefix are considered\nreserved and hence may not be used.\n\nCapacity reported here may be larger than the actual capacity when a volume expansion operation\nis requested.\nFor storage quota, the larger value from allocatedResources and PVC.spec.resources is used.\nIf allocatedResources is not set, PVC.spec.resources alone is used for quota calculation.\nIf a volume expansion capacity request is lowered, allocatedResources is only\nlowered if there are no expansion operations in progress and if the actual volume capacity\nis equal or lower than the requested capacity.\n\nA controller that receives PVC update with previously unknown resourceName\nshould ignore the update for the purpose it was designed. For example - a controller that\nonly is responsible for resizing capacity of the volume, should ignore PVC updates that change other valid\nresources associated with PVC.", "type": "object" }, "capacity": { @@ -163867,7 +164472,7 @@ "type": "string" }, "operator": { - "description": "Operator represents a key's relationship to the value.\nValid operators are Exists and Equal. Defaults to Equal.\nExists is equivalent to wildcard for value, so that a pod can\ntolerate all taints of a particular category.", + "description": "Operator represents a key's relationship to the value.\nValid operators are Exists, Equal, Lt, and Gt. Defaults to Equal.\nExists is equivalent to wildcard for value, so that a pod can\ntolerate all taints of a particular category.\nLt and Gt perform numeric comparisons (requires feature gate TaintTolerationComparisonOperators).", "type": "string" }, "tolerationSeconds": { @@ -164498,7 +165103,7 @@ "type": "object" }, "resources": { - "description": "resources represents the minimum resources the volume should have.\nIf RecoverVolumeExpansionFailure feature is enabled users are allowed to specify resource requirements\nthat are lower than previous value but must still be higher than capacity recorded in the\nstatus field of the claim.\nMore info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources", + "description": "resources represents the minimum resources the volume should have.\nUsers are allowed to specify resource requirements\nthat are lower than previous value but must still be higher than capacity recorded in the\nstatus field of the claim.\nMore info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources", "properties": { "limits": { "additionalProperties": { @@ -165179,6 +165784,13 @@ "signerName": { "description": "Kubelet's generated CSRs will be addressed to this signer.", "type": "string" + }, + "userAnnotations": { + "additionalProperties": { + "type": "string" + }, + "description": "userAnnotations allow pod authors to pass additional information to\nthe signer implementation. Kubernetes does not restrict or validate this\nmetadata in any way.\n\nThese values are copied verbatim into the `spec.unverifiedUserAnnotations` field of\nthe PodCertificateRequest objects that Kubelet creates.\n\nEntries are subject to the same validation as object metadata annotations,\nwith the addition that all keys must be domain-prefixed. No restrictions\nare placed on values, except an overall size limitation on the entire field.\n\nSigners should document the keys and values they support. Signers should\ndeny requests that contain keys they do not recognize.", + "type": "object" } }, "required": [ @@ -170232,7 +170844,7 @@ "type": "array" }, "containers": { - "description": "containers allows injecting additional containers or modifying operator\ngenerated containers. This can be used to allow adding an authentication\nproxy to the Pods or to change the behavior of an operator generated\ncontainer. Containers described here modify an operator generated\ncontainer if they share the same name and modifications are done via a\nstrategic merge patch.\n\nThe names of containers managed by the operator are:\n* `prometheus`\n* `config-reloader`\n* `thanos-sidecar`\n\nOverriding containers is entirely outside the scope of what the\nmaintainers will support and by doing so, you accept that this behaviour\nmay break at any time without notice.", + "description": "containers allows injecting additional containers or modifying operator\ngenerated containers. This can be used to allow adding an authentication\nproxy to the Pods or to change the behavior of an operator generated\ncontainer. Containers described here modify an operator generated\ncontainer if they share the same name and modifications are done via a\nstrategic merge patch.\n\nThe names of containers managed by the operator are:\n* `prometheus`\n* `config-reloader`\n* `thanos-sidecar`\n\nOverriding containers which are managed by the operator require careful\ntesting, especially when upgrading to a new version of the operator.", "items": { "description": "A single application container that you want to run within a pod.", "properties": { @@ -171048,7 +171660,7 @@ "type": "object" }, "resizePolicy": { - "description": "Resources resize policy for the container.", + "description": "Resources resize policy for the container.\nThis field cannot be set on ephemeral containers.", "items": { "description": "ContainerResizePolicy represents resource resize policy for the container.", "properties": { @@ -171843,7 +172455,7 @@ "type": "array" }, "initContainers": { - "description": "initContainers allows injecting initContainers to the Pod definition. Those\ncan be used to e.g. fetch secrets for injection into the Prometheus\nconfiguration from external sources. Any errors during the execution of\nan initContainer will lead to a restart of the Pod. More info:\nhttps://kubernetes.io/docs/concepts/workloads/pods/init-containers/\nInitContainers described here modify an operator generated init\ncontainers if they share the same name and modifications are done via a\nstrategic merge patch.\n\nThe names of init container name managed by the operator are:\n* `init-config-reloader`.\n\nOverriding init containers is entirely outside the scope of what the\nmaintainers will support and by doing so, you accept that this behaviour\nmay break at any time without notice.", + "description": "initContainers allows injecting initContainers to the Pod definition. Those\ncan be used to e.g. fetch secrets for injection into the Prometheus\nconfiguration from external sources. Any errors during the execution of\nan initContainer will lead to a restart of the Pod. More info:\nhttps://kubernetes.io/docs/concepts/workloads/pods/init-containers/\nInitContainers described here modify an operator generated init\ncontainers if they share the same name and modifications are done via a\nstrategic merge patch.\n\nThe names of init container name managed by the operator are:\n* `init-config-reloader`.\n\nOverriding init containers which are managed by the operator require\ncareful testing, especially when upgrading to a new version of the\noperator.", "items": { "description": "A single application container that you want to run within a pod.", "properties": { @@ -172659,7 +173271,7 @@ "type": "object" }, "resizePolicy": { - "description": "Resources resize policy for the container.", + "description": "Resources resize policy for the container.\nThis field cannot be set on ephemeral containers.", "items": { "description": "ContainerResizePolicy represents resource resize policy for the container.", "properties": { @@ -175227,8 +175839,8 @@ "type": "object" }, "url": { - "description": "url defines the URL of the endpoint to send samples to.", - "minLength": 1, + "description": "url defines the URL of the endpoint to send samples to.\n\nIt must use the HTTP or HTTPS scheme.", + "pattern": "^(http|https)://.+$", "type": "string" }, "writeRelabelConfigs": { @@ -175542,6 +176154,11 @@ "format": "int64", "type": "integer" }, + "schedulerName": { + "description": "schedulerName defines the scheduler to use for Pod scheduling. If not specified, the default scheduler is used.", + "minLength": 1, + "type": "string" + }, "scrapeClasses": { "description": "scrapeClasses defines the list of scrape classes to expose to scraping objects such as\nPodMonitors, ServiceMonitors, Probes and ScrapeConfigs.\n\nThis is an *experimental feature*, it may change in any upcoming release\nin a breaking way.", "items": { @@ -176464,7 +177081,7 @@ "type": "object" }, "resources": { - "description": "resources represents the minimum resources the volume should have.\nIf RecoverVolumeExpansionFailure feature is enabled users are allowed to specify resource requirements\nthat are lower than previous value but must still be higher than capacity recorded in the\nstatus field of the claim.\nMore info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources", + "description": "resources represents the minimum resources the volume should have.\nUsers are allowed to specify resource requirements\nthat are lower than previous value but must still be higher than capacity recorded in the\nstatus field of the claim.\nMore info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources", "properties": { "limits": { "additionalProperties": { @@ -176670,7 +177287,7 @@ "type": "object" }, "resources": { - "description": "resources represents the minimum resources the volume should have.\nIf RecoverVolumeExpansionFailure feature is enabled users are allowed to specify resource requirements\nthat are lower than previous value but must still be higher than capacity recorded in the\nstatus field of the claim.\nMore info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources", + "description": "resources represents the minimum resources the volume should have.\nUsers are allowed to specify resource requirements\nthat are lower than previous value but must still be higher than capacity recorded in the\nstatus field of the claim.\nMore info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources", "properties": { "limits": { "additionalProperties": { @@ -176787,7 +177404,7 @@ "description": "When a controller receives persistentvolume claim update with ClaimResourceStatus for a resource\nthat it does not recognizes, then it should ignore that update and let other controllers\nhandle it.", "type": "string" }, - "description": "allocatedResourceStatuses stores status of resource being resized for the given PVC.\nKey names follow standard Kubernetes label syntax. Valid values are either:\n\t* Un-prefixed keys:\n\t\t- storage - the capacity of the volume.\n\t* Custom resources must use implementation-defined prefixed names such as \"example.com/my-custom-resource\"\nApart from above values - keys that are unprefixed or have kubernetes.io prefix are considered\nreserved and hence may not be used.\n\nClaimResourceStatus can be in any of following states:\n\t- ControllerResizeInProgress:\n\t\tState set when resize controller starts resizing the volume in control-plane.\n\t- ControllerResizeFailed:\n\t\tState set when resize has failed in resize controller with a terminal error.\n\t- NodeResizePending:\n\t\tState set when resize controller has finished resizing the volume but further resizing of\n\t\tvolume is needed on the node.\n\t- NodeResizeInProgress:\n\t\tState set when kubelet starts resizing the volume.\n\t- NodeResizeFailed:\n\t\tState set when resizing has failed in kubelet with a terminal error. Transient errors don't set\n\t\tNodeResizeFailed.\nFor example: if expanding a PVC for more capacity - this field can be one of the following states:\n\t- pvc.status.allocatedResourceStatus['storage'] = \"ControllerResizeInProgress\"\n - pvc.status.allocatedResourceStatus['storage'] = \"ControllerResizeFailed\"\n - pvc.status.allocatedResourceStatus['storage'] = \"NodeResizePending\"\n - pvc.status.allocatedResourceStatus['storage'] = \"NodeResizeInProgress\"\n - pvc.status.allocatedResourceStatus['storage'] = \"NodeResizeFailed\"\nWhen this field is not set, it means that no resize operation is in progress for the given PVC.\n\nA controller that receives PVC update with previously unknown resourceName or ClaimResourceStatus\nshould ignore the update for the purpose it was designed. For example - a controller that\nonly is responsible for resizing capacity of the volume, should ignore PVC updates that change other valid\nresources associated with PVC.\n\nThis is an alpha field and requires enabling RecoverVolumeExpansionFailure feature.", + "description": "allocatedResourceStatuses stores status of resource being resized for the given PVC.\nKey names follow standard Kubernetes label syntax. Valid values are either:\n\t* Un-prefixed keys:\n\t\t- storage - the capacity of the volume.\n\t* Custom resources must use implementation-defined prefixed names such as \"example.com/my-custom-resource\"\nApart from above values - keys that are unprefixed or have kubernetes.io prefix are considered\nreserved and hence may not be used.\n\nClaimResourceStatus can be in any of following states:\n\t- ControllerResizeInProgress:\n\t\tState set when resize controller starts resizing the volume in control-plane.\n\t- ControllerResizeFailed:\n\t\tState set when resize has failed in resize controller with a terminal error.\n\t- NodeResizePending:\n\t\tState set when resize controller has finished resizing the volume but further resizing of\n\t\tvolume is needed on the node.\n\t- NodeResizeInProgress:\n\t\tState set when kubelet starts resizing the volume.\n\t- NodeResizeFailed:\n\t\tState set when resizing has failed in kubelet with a terminal error. Transient errors don't set\n\t\tNodeResizeFailed.\nFor example: if expanding a PVC for more capacity - this field can be one of the following states:\n\t- pvc.status.allocatedResourceStatus['storage'] = \"ControllerResizeInProgress\"\n - pvc.status.allocatedResourceStatus['storage'] = \"ControllerResizeFailed\"\n - pvc.status.allocatedResourceStatus['storage'] = \"NodeResizePending\"\n - pvc.status.allocatedResourceStatus['storage'] = \"NodeResizeInProgress\"\n - pvc.status.allocatedResourceStatus['storage'] = \"NodeResizeFailed\"\nWhen this field is not set, it means that no resize operation is in progress for the given PVC.\n\nA controller that receives PVC update with previously unknown resourceName or ClaimResourceStatus\nshould ignore the update for the purpose it was designed. For example - a controller that\nonly is responsible for resizing capacity of the volume, should ignore PVC updates that change other valid\nresources associated with PVC.", "type": "object", "x-kubernetes-map-type": "granular" }, @@ -176804,7 +177421,7 @@ "pattern": "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$", "x-kubernetes-int-or-string": true }, - "description": "allocatedResources tracks the resources allocated to a PVC including its capacity.\nKey names follow standard Kubernetes label syntax. Valid values are either:\n\t* Un-prefixed keys:\n\t\t- storage - the capacity of the volume.\n\t* Custom resources must use implementation-defined prefixed names such as \"example.com/my-custom-resource\"\nApart from above values - keys that are unprefixed or have kubernetes.io prefix are considered\nreserved and hence may not be used.\n\nCapacity reported here may be larger than the actual capacity when a volume expansion operation\nis requested.\nFor storage quota, the larger value from allocatedResources and PVC.spec.resources is used.\nIf allocatedResources is not set, PVC.spec.resources alone is used for quota calculation.\nIf a volume expansion capacity request is lowered, allocatedResources is only\nlowered if there are no expansion operations in progress and if the actual volume capacity\nis equal or lower than the requested capacity.\n\nA controller that receives PVC update with previously unknown resourceName\nshould ignore the update for the purpose it was designed. For example - a controller that\nonly is responsible for resizing capacity of the volume, should ignore PVC updates that change other valid\nresources associated with PVC.\n\nThis is an alpha field and requires enabling RecoverVolumeExpansionFailure feature.", + "description": "allocatedResources tracks the resources allocated to a PVC including its capacity.\nKey names follow standard Kubernetes label syntax. Valid values are either:\n\t* Un-prefixed keys:\n\t\t- storage - the capacity of the volume.\n\t* Custom resources must use implementation-defined prefixed names such as \"example.com/my-custom-resource\"\nApart from above values - keys that are unprefixed or have kubernetes.io prefix are considered\nreserved and hence may not be used.\n\nCapacity reported here may be larger than the actual capacity when a volume expansion operation\nis requested.\nFor storage quota, the larger value from allocatedResources and PVC.spec.resources is used.\nIf allocatedResources is not set, PVC.spec.resources alone is used for quota calculation.\nIf a volume expansion capacity request is lowered, allocatedResources is only\nlowered if there are no expansion operations in progress and if the actual volume capacity\nis equal or lower than the requested capacity.\n\nA controller that receives PVC update with previously unknown resourceName\nshould ignore the update for the purpose it was designed. For example - a controller that\nonly is responsible for resizing capacity of the volume, should ignore PVC updates that change other valid\nresources associated with PVC.", "type": "object" }, "capacity": { @@ -176966,7 +177583,7 @@ "type": "boolean" }, "grpcServerTlsConfig": { - "description": "grpcServerTlsConfig defines the TLS parameters for the gRPC server providing the StoreAPI.\n\nNote: Currently only the `caFile`, `certFile`, and `keyFile` fields are supported.", + "description": "grpcServerTlsConfig defines the TLS parameters for the gRPC server providing the StoreAPI.\n\nNote: Currently only the `minVersion`, `caFile`, `certFile`, and `keyFile` fields are supported.", "properties": { "ca": { "description": "ca defines the Certificate authority used when verifying server certificates.", @@ -177367,7 +177984,7 @@ "type": "string" }, "operator": { - "description": "Operator represents a key's relationship to the value.\nValid operators are Exists and Equal. Defaults to Equal.\nExists is equivalent to wildcard for value, so that a pod can\ntolerate all taints of a particular category.", + "description": "Operator represents a key's relationship to the value.\nValid operators are Exists, Equal, Lt, and Gt. Defaults to Equal.\nExists is equivalent to wildcard for value, so that a pod can\ntolerate all taints of a particular category.\nLt and Gt perform numeric comparisons (requires feature gate TaintTolerationComparisonOperators).", "type": "string" }, "tolerationSeconds": { @@ -178250,7 +178867,7 @@ "type": "object" }, "resources": { - "description": "resources represents the minimum resources the volume should have.\nIf RecoverVolumeExpansionFailure feature is enabled users are allowed to specify resource requirements\nthat are lower than previous value but must still be higher than capacity recorded in the\nstatus field of the claim.\nMore info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources", + "description": "resources represents the minimum resources the volume should have.\nUsers are allowed to specify resource requirements\nthat are lower than previous value but must still be higher than capacity recorded in the\nstatus field of the claim.\nMore info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources", "properties": { "limits": { "additionalProperties": { @@ -178931,6 +179548,13 @@ "signerName": { "description": "Kubelet's generated CSRs will be addressed to this signer.", "type": "string" + }, + "userAnnotations": { + "additionalProperties": { + "type": "string" + }, + "description": "userAnnotations allow pod authors to pass additional information to\nthe signer implementation. Kubernetes does not restrict or validate this\nmetadata in any way.\n\nThese values are copied verbatim into the `spec.unverifiedUserAnnotations` field of\nthe PodCertificateRequest objects that Kubelet creates.\n\nEntries are subject to the same validation as object metadata annotations,\nwith the addition that all keys must be domain-prefixed. No restrictions\nare placed on values, except an overall size limitation on the entire field.\n\nSigners should document the keys and values they support. Signers should\ndeny requests that contain keys they do not recognize.", + "type": "object" } }, "required": [ @@ -182117,7 +182741,7 @@ "type": "array" }, "containers": { - "description": "containers allows injecting additional containers or modifying operator generated\ncontainers. This can be used to allow adding an authentication proxy to a ThanosRuler pod or\nto change the behavior of an operator generated container. Containers described here modify\nan operator generated container if they share the same name and modifications are done via a\nstrategic merge patch. The current container names are: `thanos-ruler` and `config-reloader`.\nOverriding containers is entirely outside the scope of what the maintainers will support and by doing\nso, you accept that this behaviour may break at any time without notice.", + "description": "containers allows injecting additional containers or modifying operator\ngenerated containers. This can be used to allow adding an authentication\nproxy to the Pods or to change the behavior of an operator generated\ncontainer. Containers described here modify an operator generated\ncontainer if they share the same name and modifications are done via a\nstrategic merge patch.\n\nThe names of containers managed by the operator are:\n* `thanos-ruler`\n* `config-reloader`\n\nOverriding containers which are managed by the operator require careful\ntesting, especially when upgrading to a new version of the operator.", "items": { "description": "A single application container that you want to run within a pod.", "properties": { @@ -182933,7 +183557,7 @@ "type": "object" }, "resizePolicy": { - "description": "Resources resize policy for the container.", + "description": "Resources resize policy for the container.\nThis field cannot be set on ephemeral containers.", "items": { "description": "ContainerResizePolicy represents resource resize policy for the container.", "properties": { @@ -183584,7 +184208,7 @@ "type": "string" }, "grpcServerTlsConfig": { - "description": "grpcServerTlsConfig defines the gRPC server from which Thanos Querier reads\nrecorded rule data.\nNote: Currently only the CAFile, CertFile, and KeyFile fields are supported.\nMaps to the '--grpc-server-tls-*' CLI args.", + "description": "grpcServerTlsConfig defines the gRPC server from which Thanos Querier reads\nrecorded rule data.\n\nNote: Currently only the `minVersion`, `caFile`, `certFile`, and `keyFile` fields are supported.", "properties": { "ca": { "description": "ca defines the Certificate authority used when verifying server certificates.", @@ -183820,7 +184444,7 @@ "type": "array" }, "initContainers": { - "description": "initContainers allows adding initContainers to the pod definition. Those can be used to e.g.\nfetch secrets for injection into the ThanosRuler configuration from external sources. Any\nerrors during the execution of an initContainer will lead to a restart of the Pod.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/init-containers/\nUsing initContainers for any use case other then secret fetching is entirely outside the scope\nof what the maintainers will support and by doing so, you accept that this behaviour may break\nat any time without notice.", + "description": "initContainers allows injecting initContainers to the Pod definition.\nThose can be used to e.g. fetch secrets for injection into the\nconfiguration from external sources. Any errors during the execution of\nan initContainer will lead to a restart of the Pod. More info:\nhttps://kubernetes.io/docs/concepts/workloads/pods/init-containers/", "items": { "description": "A single application container that you want to run within a pod.", "properties": { @@ -184636,7 +185260,7 @@ "type": "object" }, "resizePolicy": { - "description": "Resources resize policy for the container.", + "description": "Resources resize policy for the container.\nThis field cannot be set on ephemeral containers.", "items": { "description": "ContainerResizePolicy represents resource resize policy for the container.", "properties": { @@ -186245,8 +186869,8 @@ "type": "object" }, "url": { - "description": "url defines the URL of the endpoint to send samples to.", - "minLength": 1, + "description": "url defines the URL of the endpoint to send samples to.\n\nIt must use the HTTP or HTTPS scheme.", + "pattern": "^(http|https)://.+$", "type": "string" }, "writeRelabelConfigs": { @@ -186519,6 +187143,11 @@ "type": "object", "x-kubernetes-map-type": "atomic" }, + "schedulerName": { + "description": "schedulerName defines the scheduler to use for Pod scheduling. If not specified, the default scheduler is used.", + "minLength": 1, + "type": "string" + }, "securityContext": { "description": "securityContext defines the pod-level security attributes and common container settings.\nThis defaults to the default PodSecurityContext.", "properties": { @@ -186776,7 +187405,7 @@ "type": "object" }, "resources": { - "description": "resources represents the minimum resources the volume should have.\nIf RecoverVolumeExpansionFailure feature is enabled users are allowed to specify resource requirements\nthat are lower than previous value but must still be higher than capacity recorded in the\nstatus field of the claim.\nMore info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources", + "description": "resources represents the minimum resources the volume should have.\nUsers are allowed to specify resource requirements\nthat are lower than previous value but must still be higher than capacity recorded in the\nstatus field of the claim.\nMore info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources", "properties": { "limits": { "additionalProperties": { @@ -186982,7 +187611,7 @@ "type": "object" }, "resources": { - "description": "resources represents the minimum resources the volume should have.\nIf RecoverVolumeExpansionFailure feature is enabled users are allowed to specify resource requirements\nthat are lower than previous value but must still be higher than capacity recorded in the\nstatus field of the claim.\nMore info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources", + "description": "resources represents the minimum resources the volume should have.\nUsers are allowed to specify resource requirements\nthat are lower than previous value but must still be higher than capacity recorded in the\nstatus field of the claim.\nMore info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources", "properties": { "limits": { "additionalProperties": { @@ -187099,7 +187728,7 @@ "description": "When a controller receives persistentvolume claim update with ClaimResourceStatus for a resource\nthat it does not recognizes, then it should ignore that update and let other controllers\nhandle it.", "type": "string" }, - "description": "allocatedResourceStatuses stores status of resource being resized for the given PVC.\nKey names follow standard Kubernetes label syntax. Valid values are either:\n\t* Un-prefixed keys:\n\t\t- storage - the capacity of the volume.\n\t* Custom resources must use implementation-defined prefixed names such as \"example.com/my-custom-resource\"\nApart from above values - keys that are unprefixed or have kubernetes.io prefix are considered\nreserved and hence may not be used.\n\nClaimResourceStatus can be in any of following states:\n\t- ControllerResizeInProgress:\n\t\tState set when resize controller starts resizing the volume in control-plane.\n\t- ControllerResizeFailed:\n\t\tState set when resize has failed in resize controller with a terminal error.\n\t- NodeResizePending:\n\t\tState set when resize controller has finished resizing the volume but further resizing of\n\t\tvolume is needed on the node.\n\t- NodeResizeInProgress:\n\t\tState set when kubelet starts resizing the volume.\n\t- NodeResizeFailed:\n\t\tState set when resizing has failed in kubelet with a terminal error. Transient errors don't set\n\t\tNodeResizeFailed.\nFor example: if expanding a PVC for more capacity - this field can be one of the following states:\n\t- pvc.status.allocatedResourceStatus['storage'] = \"ControllerResizeInProgress\"\n - pvc.status.allocatedResourceStatus['storage'] = \"ControllerResizeFailed\"\n - pvc.status.allocatedResourceStatus['storage'] = \"NodeResizePending\"\n - pvc.status.allocatedResourceStatus['storage'] = \"NodeResizeInProgress\"\n - pvc.status.allocatedResourceStatus['storage'] = \"NodeResizeFailed\"\nWhen this field is not set, it means that no resize operation is in progress for the given PVC.\n\nA controller that receives PVC update with previously unknown resourceName or ClaimResourceStatus\nshould ignore the update for the purpose it was designed. For example - a controller that\nonly is responsible for resizing capacity of the volume, should ignore PVC updates that change other valid\nresources associated with PVC.\n\nThis is an alpha field and requires enabling RecoverVolumeExpansionFailure feature.", + "description": "allocatedResourceStatuses stores status of resource being resized for the given PVC.\nKey names follow standard Kubernetes label syntax. Valid values are either:\n\t* Un-prefixed keys:\n\t\t- storage - the capacity of the volume.\n\t* Custom resources must use implementation-defined prefixed names such as \"example.com/my-custom-resource\"\nApart from above values - keys that are unprefixed or have kubernetes.io prefix are considered\nreserved and hence may not be used.\n\nClaimResourceStatus can be in any of following states:\n\t- ControllerResizeInProgress:\n\t\tState set when resize controller starts resizing the volume in control-plane.\n\t- ControllerResizeFailed:\n\t\tState set when resize has failed in resize controller with a terminal error.\n\t- NodeResizePending:\n\t\tState set when resize controller has finished resizing the volume but further resizing of\n\t\tvolume is needed on the node.\n\t- NodeResizeInProgress:\n\t\tState set when kubelet starts resizing the volume.\n\t- NodeResizeFailed:\n\t\tState set when resizing has failed in kubelet with a terminal error. Transient errors don't set\n\t\tNodeResizeFailed.\nFor example: if expanding a PVC for more capacity - this field can be one of the following states:\n\t- pvc.status.allocatedResourceStatus['storage'] = \"ControllerResizeInProgress\"\n - pvc.status.allocatedResourceStatus['storage'] = \"ControllerResizeFailed\"\n - pvc.status.allocatedResourceStatus['storage'] = \"NodeResizePending\"\n - pvc.status.allocatedResourceStatus['storage'] = \"NodeResizeInProgress\"\n - pvc.status.allocatedResourceStatus['storage'] = \"NodeResizeFailed\"\nWhen this field is not set, it means that no resize operation is in progress for the given PVC.\n\nA controller that receives PVC update with previously unknown resourceName or ClaimResourceStatus\nshould ignore the update for the purpose it was designed. For example - a controller that\nonly is responsible for resizing capacity of the volume, should ignore PVC updates that change other valid\nresources associated with PVC.", "type": "object", "x-kubernetes-map-type": "granular" }, @@ -187116,7 +187745,7 @@ "pattern": "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$", "x-kubernetes-int-or-string": true }, - "description": "allocatedResources tracks the resources allocated to a PVC including its capacity.\nKey names follow standard Kubernetes label syntax. Valid values are either:\n\t* Un-prefixed keys:\n\t\t- storage - the capacity of the volume.\n\t* Custom resources must use implementation-defined prefixed names such as \"example.com/my-custom-resource\"\nApart from above values - keys that are unprefixed or have kubernetes.io prefix are considered\nreserved and hence may not be used.\n\nCapacity reported here may be larger than the actual capacity when a volume expansion operation\nis requested.\nFor storage quota, the larger value from allocatedResources and PVC.spec.resources is used.\nIf allocatedResources is not set, PVC.spec.resources alone is used for quota calculation.\nIf a volume expansion capacity request is lowered, allocatedResources is only\nlowered if there are no expansion operations in progress and if the actual volume capacity\nis equal or lower than the requested capacity.\n\nA controller that receives PVC update with previously unknown resourceName\nshould ignore the update for the purpose it was designed. For example - a controller that\nonly is responsible for resizing capacity of the volume, should ignore PVC updates that change other valid\nresources associated with PVC.\n\nThis is an alpha field and requires enabling RecoverVolumeExpansionFailure feature.", + "description": "allocatedResources tracks the resources allocated to a PVC including its capacity.\nKey names follow standard Kubernetes label syntax. Valid values are either:\n\t* Un-prefixed keys:\n\t\t- storage - the capacity of the volume.\n\t* Custom resources must use implementation-defined prefixed names such as \"example.com/my-custom-resource\"\nApart from above values - keys that are unprefixed or have kubernetes.io prefix are considered\nreserved and hence may not be used.\n\nCapacity reported here may be larger than the actual capacity when a volume expansion operation\nis requested.\nFor storage quota, the larger value from allocatedResources and PVC.spec.resources is used.\nIf allocatedResources is not set, PVC.spec.resources alone is used for quota calculation.\nIf a volume expansion capacity request is lowered, allocatedResources is only\nlowered if there are no expansion operations in progress and if the actual volume capacity\nis equal or lower than the requested capacity.\n\nA controller that receives PVC update with previously unknown resourceName\nshould ignore the update for the purpose it was designed. For example - a controller that\nonly is responsible for resizing capacity of the volume, should ignore PVC updates that change other valid\nresources associated with PVC.", "type": "object" }, "capacity": { @@ -187233,7 +187862,7 @@ "type": "string" }, "operator": { - "description": "Operator represents a key's relationship to the value.\nValid operators are Exists and Equal. Defaults to Equal.\nExists is equivalent to wildcard for value, so that a pod can\ntolerate all taints of a particular category.", + "description": "Operator represents a key's relationship to the value.\nValid operators are Exists, Equal, Lt, and Gt. Defaults to Equal.\nExists is equivalent to wildcard for value, so that a pod can\ntolerate all taints of a particular category.\nLt and Gt perform numeric comparisons (requires feature gate TaintTolerationComparisonOperators).", "type": "string" }, "tolerationSeconds": { @@ -187891,7 +188520,7 @@ "type": "object" }, "resources": { - "description": "resources represents the minimum resources the volume should have.\nIf RecoverVolumeExpansionFailure feature is enabled users are allowed to specify resource requirements\nthat are lower than previous value but must still be higher than capacity recorded in the\nstatus field of the claim.\nMore info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources", + "description": "resources represents the minimum resources the volume should have.\nUsers are allowed to specify resource requirements\nthat are lower than previous value but must still be higher than capacity recorded in the\nstatus field of the claim.\nMore info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources", "properties": { "limits": { "additionalProperties": { @@ -188572,6 +189201,13 @@ "signerName": { "description": "Kubelet's generated CSRs will be addressed to this signer.", "type": "string" + }, + "userAnnotations": { + "additionalProperties": { + "type": "string" + }, + "description": "userAnnotations allow pod authors to pass additional information to\nthe signer implementation. Kubernetes does not restrict or validate this\nmetadata in any way.\n\nThese values are copied verbatim into the `spec.unverifiedUserAnnotations` field of\nthe PodCertificateRequest objects that Kubelet creates.\n\nEntries are subject to the same validation as object metadata annotations,\nwith the addition that all keys must be domain-prefixed. No restrictions\nare placed on values, except an overall size limitation on the entire field.\n\nSigners should document the keys and values they support. Signers should\ndeny requests that contain keys they do not recognize.", + "type": "object" } }, "required": [ @@ -190270,6 +190906,10 @@ "minLength": 1, "type": "string" }, + "forceImplicitTLS": { + "description": "forceImplicitTLS defines whether to force use of implicit TLS (direct TLS connection) for better security.\ntrue: force use of implicit TLS (direct TLS connection on any port)\nfalse: force disable implicit TLS (use explicit TLS/STARTTLS if required)\nnil (default): auto-detect based on port (465=implicit, other=explicit) for backward compatibility\nIt requires Alertmanager >= v0.31.0.", + "type": "boolean" + }, "from": { "description": "from defines the sender address for email notifications.\nThis appears as the \"From\" field in the email header.", "minLength": 1, @@ -195896,6 +196536,11 @@ "description": "linkNames enables automatic linking of channel names and usernames in the message.\nWhen true, @channel and @username will be converted to clickable links.", "type": "boolean" }, + "messageText": { + "description": "messageText defines text content of the Slack message.\nIf set, this is sent as the top-level 'text' field in the Slack payload.\nIt requires Alertmanager >= v0.31.0.", + "minLength": 1, + "type": "string" + }, "mrkdwnIn": { "description": "mrkdwnIn defines which fields should be parsed as Slack markdown.\nValid values include \"pretext\", \"text\", and \"fields\".", "items": { @@ -201393,6 +202038,10 @@ "minLength": 1, "type": "string" }, + "forceImplicitTLS": { + "description": "forceImplicitTLS defines whether to force use of implicit TLS (direct TLS connection) for better security.\ntrue: force use of implicit TLS (direct TLS connection on any port)\nfalse: force disable implicit TLS (use explicit TLS/STARTTLS if required)\nnil (default): auto-detect based on port (465=implicit, other=explicit) for backward compatibility\nIt requires Alertmanager >= v0.31.0.", + "type": "boolean" + }, "from": { "description": "from defines the sender address for email notifications.\nThis appears as the \"From\" field in the email header.", "minLength": 1, @@ -206962,6 +207611,11 @@ "description": "linkNames enables automatic linking of channel names and usernames in the message.\nWhen true, @channel and @username will be converted to clickable links.", "type": "boolean" }, + "messageText": { + "description": "messageText defines text content of the Slack message.\nIf set, this is sent as the top-level 'text' field in the Slack payload.\nIt requires Alertmanager >= v0.31.0.", + "minLength": 1, + "type": "string" + }, "mrkdwnIn": { "description": "mrkdwnIn defines which fields should be parsed as Slack markdown.\nValid values include \"pretext\", \"text\", and \"fields\".", "items": { @@ -222048,7 +222702,7 @@ "type": "string" }, "dbPriorityClassName": { - "description": "DBPriorityClassName (optional) overrides the priority class for the db pod", + "description": "DBPriorityClassName (optional) overrides the priority class for the db pod.\nTakes effect on next pod restart (e.g. upgrade, node drain, crash); does not trigger a rolling restart of CNPG-managed pods.\nTo apply immediately, restart the DB pods manually after reviewing CNPG documentation.\nhttps://cloudnative-pg.io/docs", "type": "string" }, "dbResources": { @@ -222803,6 +223457,13 @@ "type": "string" }, "type": "array" + }, + "vectors": { + "description": "Vectors is a list of subnets that will be allowed to access the Noobaa Vectors service", + "items": { + "type": "string" + }, + "type": "array" } }, "type": "object" @@ -222899,24 +223560,13 @@ "tlsGroups": { "description": "TLSGroups is used to specify the key exchange groups for the TLS\nhandshake.", "items": { - "description": "TLSGroup represents a supported TLS key exchange group.\nFollows the OpenShift API TLSCurvePreferences definition (openshift/api#2583).", - "enum": [ - "X25519", - "secp256r1", - "secp384r1", - "secp521r1", - "X25519MLKEM768" - ], + "description": "TLSGroup represents a supported TLS key exchange group.\nFollows the openshift storage API TLSGroup definition. see https://github.com/red-hat-storage/ocs-tls-profiles", "type": "string" }, "type": "array" }, "tlsMinVersion": { "description": "TLSMinVersion is used to specify the minimal version of the TLS protocol\nthat is negotiated during the TLS handshake.", - "enum": [ - "VersionTLS12", - "VersionTLS13" - ], "nullable": true, "type": "string" } @@ -222961,7 +223611,7 @@ "type": "string" }, "operator": { - "description": "Operator represents a key's relationship to the value.\nValid operators are Exists and Equal. Defaults to Equal.\nExists is equivalent to wildcard for value, so that a pod can\ntolerate all taints of a particular category.", + "description": "Operator represents a key's relationship to the value.\nValid operators are Exists, Equal, Lt, and Gt. Defaults to Equal.\nExists is equivalent to wildcard for value, so that a pod can\ntolerate all taints of a particular category.\nLt and Gt perform numeric comparisons (requires feature gate TaintTolerationComparisonOperators).", "type": "string" }, "tolerationSeconds": { @@ -223451,6 +224101,54 @@ } }, "type": "object" + }, + "serviceVectors": { + "description": "ServiceStatus is the status info and network addresses of a service", + "properties": { + "externalDNS": { + "description": "ExternalDNS are external public addresses for the service", + "items": { + "type": "string" + }, + "type": "array" + }, + "externalIP": { + "description": "ExternalIP are external public addresses for the service\nLoadBalancerPorts such as AWS ELB provide public address and load balancing for the service\nIngressPorts are manually created public addresses for the service\nhttps://kubernetes.io/docs/concepts/services-networking/service/#external-ips\nhttps://kubernetes.io/docs/concepts/services-networking/service/#loadbalancer\nhttps://kubernetes.io/docs/concepts/services-networking/ingress/", + "items": { + "type": "string" + }, + "type": "array" + }, + "internalDNS": { + "description": "InternalDNS are internal addresses of the service inside the cluster", + "items": { + "type": "string" + }, + "type": "array" + }, + "internalIP": { + "description": "InternalIP are internal addresses of the service inside the cluster\nhttps://kubernetes.io/docs/concepts/services-networking/service/#publishing-services-service-types", + "items": { + "type": "string" + }, + "type": "array" + }, + "nodePorts": { + "description": "NodePorts are the most basic network available.\nNodePorts use the networks available on the hosts of kubernetes nodes.\nThis generally works from within a pod, and from the internal\nnetwork of the nodes, but may fail from public network.\nhttps://kubernetes.io/docs/concepts/services-networking/service/#nodeport", + "items": { + "type": "string" + }, + "type": "array" + }, + "podPorts": { + "description": "PodPorts are the second most basic network address.\nEvery pod has an IP in the cluster and the pods network is a mesh\nso the operator running inside a pod in the cluster can use this address.\nNote: pod IPs are not guaranteed to persist over restarts, so should be rediscovered.\nNote2: when running the operator outside of the cluster, pod IP is not accessible.", + "items": { + "type": "string" + }, + "type": "array" + } + }, + "type": "object" } }, "required": [ @@ -223719,594 +224417,9 @@ } ] }, - "oauth.openshift.io/v1/OAuthAccessToken": { - "description": "OAuthAccessToken describes an OAuth access token. The name of a token must be prefixed with a `sha256~` string, must not contain \"/\" or \"%\" characters and must be at least 32 characters long.\n\nThe name of the token is constructed from the actual token by sha256-hashing it and using URL-safe unpadded base64-encoding (as described in RFC4648) on the hashed result.\n\nCompatibility level 1: Stable within a major release for a minimum of 12 months or 3 minor releases (whichever is longer).", - "namespaced": false, - "properties": { - "apiVersion": { - "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources", - "type": "string" - }, - "authorizeToken": { - "description": "authorizeToken contains the token that authorized this token", - "type": "string" - }, - "clientName": { - "description": "clientName references the client that created this token.", - "type": "string" - }, - "expiresIn": { - "description": "expiresIn is the seconds from CreationTime before this token expires.", - "format": "int64", - "type": "integer" - }, - "inactivityTimeoutSeconds": { - "description": "inactivityTimeoutSeconds is the value in seconds, from the CreationTimestamp, after which this token can no longer be used. The value is automatically incremented when the token is used.", - "format": "int32", - "type": "integer" - }, - "kind": { - "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", - "type": "string" - }, - "metadata": { - "allOf": [ - { - "$ref": "#/components/schemas/io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta" - } - ], - "default": {}, - "description": "metadata is the standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata" - }, - "redirectURI": { - "description": "redirectURI is the redirection associated with the token.", - "type": "string" - }, - "refreshToken": { - "description": "refreshToken is the value by which this token can be renewed. Can be blank.", - "type": "string" - }, - "scopes": { - "description": "scopes is an array of the requested scopes.", - "items": { - "default": "", - "type": "string" - }, - "type": "array" - }, - "userName": { - "description": "userName is the user name associated with this token", - "type": "string" - }, - "userUID": { - "description": "userUID is the unique UID associated with this token", - "type": "string" - } - }, - "required": [], - "type": "object", - "x-kubernetes-group-version-kind": [ - { - "group": "oauth.openshift.io", - "kind": "OAuthAccessToken", - "version": "v1" - } - ] - }, - "oauth.openshift.io/v1/OAuthAccessTokenList": { - "description": "OAuthAccessTokenList is a collection of OAuth access tokens\n\nCompatibility level 1: Stable within a major release for a minimum of 12 months or 3 minor releases (whichever is longer).", - "namespaced": true, - "properties": { - "apiVersion": { - "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources", - "type": "string" - }, - "items": { - "description": "items is the list of OAuth access tokens", - "items": { - "allOf": [ - { - "$ref": "#/components/schemas/com.github.openshift.api.oauth.v1.OAuthAccessToken" - } - ], - "default": {} - }, - "type": "array" - }, - "kind": { - "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", - "type": "string" - }, - "metadata": { - "allOf": [ - { - "$ref": "#/components/schemas/io.k8s.apimachinery.pkg.apis.meta.v1.ListMeta" - } - ], - "default": {}, - "description": "metadata is the standard list's metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata" - } - }, - "required": [ - "items" - ], - "type": "object", - "x-kubernetes-group-version-kind": [ - { - "group": "oauth.openshift.io", - "kind": "OAuthAccessTokenList", - "version": "v1" - } - ] - }, - "oauth.openshift.io/v1/OAuthAuthorizeToken": { - "description": "OAuthAuthorizeToken describes an OAuth authorization token\n\nCompatibility level 1: Stable within a major release for a minimum of 12 months or 3 minor releases (whichever is longer).", - "namespaced": false, - "properties": { - "apiVersion": { - "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources", - "type": "string" - }, - "clientName": { - "description": "clientName references the client that created this token.", - "type": "string" - }, - "codeChallenge": { - "description": "codeChallenge is the optional code_challenge associated with this authorization code, as described in rfc7636", - "type": "string" - }, - "codeChallengeMethod": { - "description": "codeChallengeMethod is the optional code_challenge_method associated with this authorization code, as described in rfc7636", - "type": "string" - }, - "expiresIn": { - "description": "expiresIn is the seconds from CreationTime before this token expires.", - "format": "int64", - "type": "integer" - }, - "kind": { - "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", - "type": "string" - }, - "metadata": { - "allOf": [ - { - "$ref": "#/components/schemas/io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta" - } - ], - "default": {}, - "description": "metadata is the standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata" - }, - "redirectURI": { - "description": "redirectURI is the redirection associated with the token.", - "type": "string" - }, - "scopes": { - "description": "scopes is an array of the requested scopes.", - "items": { - "default": "", - "type": "string" - }, - "type": "array" - }, - "state": { - "description": "state data from request", - "type": "string" - }, - "userName": { - "description": "userName is the user name associated with this token", - "type": "string" - }, - "userUID": { - "description": "userUID is the unique UID associated with this token. UserUID and UserName must both match for this token to be valid.", - "type": "string" - } - }, - "required": [], - "type": "object", - "x-kubernetes-group-version-kind": [ - { - "group": "oauth.openshift.io", - "kind": "OAuthAuthorizeToken", - "version": "v1" - } - ] - }, - "oauth.openshift.io/v1/OAuthAuthorizeTokenList": { - "description": "OAuthAuthorizeTokenList is a collection of OAuth authorization tokens\n\nCompatibility level 1: Stable within a major release for a minimum of 12 months or 3 minor releases (whichever is longer).", - "namespaced": true, - "properties": { - "apiVersion": { - "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources", - "type": "string" - }, - "items": { - "description": "items is the list of OAuth authorization tokens", - "items": { - "allOf": [ - { - "$ref": "#/components/schemas/com.github.openshift.api.oauth.v1.OAuthAuthorizeToken" - } - ], - "default": {} - }, - "type": "array" - }, - "kind": { - "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", - "type": "string" - }, - "metadata": { - "allOf": [ - { - "$ref": "#/components/schemas/io.k8s.apimachinery.pkg.apis.meta.v1.ListMeta" - } - ], - "default": {}, - "description": "metadata is the standard list's metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata" - } - }, - "required": [ - "items" - ], - "type": "object", - "x-kubernetes-group-version-kind": [ - { - "group": "oauth.openshift.io", - "kind": "OAuthAuthorizeTokenList", - "version": "v1" - } - ] - }, - "oauth.openshift.io/v1/OAuthClient": { - "description": "OAuthClient describes an OAuth client\n\nCompatibility level 1: Stable within a major release for a minimum of 12 months or 3 minor releases (whichever is longer).", - "namespaced": false, - "properties": { - "accessTokenInactivityTimeoutSeconds": { - "description": "accessTokenInactivityTimeoutSeconds overrides the default token inactivity timeout for tokens granted to this client. The value represents the maximum amount of time that can occur between consecutive uses of the token. Tokens become invalid if they are not used within this temporal window. The user will need to acquire a new token to regain access once a token times out. This value needs to be set only if the default set in configuration is not appropriate for this client. Valid values are: - 0: Tokens for this client never time out - X: Tokens time out if there is no activity for X seconds The current minimum allowed value for X is 300 (5 minutes)\n\nWARNING: existing tokens' timeout will not be affected (lowered) by changing this value", - "format": "int32", - "type": "integer" - }, - "accessTokenMaxAgeSeconds": { - "description": "accessTokenMaxAgeSeconds overrides the default access token max age for tokens granted to this client. 0 means no expiration.", - "format": "int32", - "type": "integer" - }, - "additionalSecrets": { - "description": "additionalSecrets holds other secrets that may be used to identify the client. This is useful for rotation and for service account token validation", - "items": { - "default": "", - "type": "string" - }, - "type": "array" - }, - "apiVersion": { - "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources", - "type": "string" - }, - "grantMethod": { - "description": "grantMethod is a required field which determines how to handle grants for this client. Valid grant handling methods are:\n - auto: always approves grant requests, useful for trusted clients\n - prompt: prompts the end user for approval of grant requests, useful for third-party clients", - "type": "string" - }, - "kind": { - "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", - "type": "string" - }, - "metadata": { - "allOf": [ - { - "$ref": "#/components/schemas/io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta" - } - ], - "default": {}, - "description": "metadata is the standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata" - }, - "redirectURIs": { - "description": "redirectURIs is the valid redirection URIs associated with a client", - "items": { - "default": "", - "type": "string" - }, - "type": "array", - "x-kubernetes-patch-strategy": "merge" - }, - "respondWithChallenges": { - "description": "respondWithChallenges indicates whether the client wants authentication needed responses made in the form of challenges instead of redirects", - "type": "boolean" - }, - "scopeRestrictions": { - "description": "scopeRestrictions describes which scopes this client can request. Each requested scope is checked against each restriction. If any restriction matches, then the scope is allowed. If no restriction matches, then the scope is denied.", - "items": { - "allOf": [ - { - "$ref": "#/components/schemas/com.github.openshift.api.oauth.v1.ScopeRestriction" - } - ], - "default": {} - }, - "type": "array" - }, - "secret": { - "description": "secret is the unique secret associated with a client", - "type": "string" - } - }, - "required": [], - "type": "object", - "x-kubernetes-group-version-kind": [ - { - "group": "oauth.openshift.io", - "kind": "OAuthClient", - "version": "v1" - } - ] - }, - "oauth.openshift.io/v1/OAuthClientAuthorization": { - "description": "OAuthClientAuthorization describes an authorization created by an OAuth client\n\nCompatibility level 1: Stable within a major release for a minimum of 12 months or 3 minor releases (whichever is longer).", - "namespaced": false, - "properties": { - "apiVersion": { - "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources", - "type": "string" - }, - "clientName": { - "description": "clientName references the client that created this authorization", - "type": "string" - }, - "kind": { - "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", - "type": "string" - }, - "metadata": { - "allOf": [ - { - "$ref": "#/components/schemas/io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta" - } - ], - "default": {}, - "description": "metadata is the standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata" - }, - "scopes": { - "description": "scopes is an array of the granted scopes.", - "items": { - "default": "", - "type": "string" - }, - "type": "array" - }, - "userName": { - "description": "userName is the user name that authorized this client", - "type": "string" - }, - "userUID": { - "description": "userUID is the unique UID associated with this authorization. UserUID and UserName must both match for this authorization to be valid.", - "type": "string" - } - }, - "required": [], - "type": "object", - "x-kubernetes-group-version-kind": [ - { - "group": "oauth.openshift.io", - "kind": "OAuthClientAuthorization", - "version": "v1" - } - ] - }, - "oauth.openshift.io/v1/OAuthClientAuthorizationList": { - "description": "OAuthClientAuthorizationList is a collection of OAuth client authorizations\n\nCompatibility level 1: Stable within a major release for a minimum of 12 months or 3 minor releases (whichever is longer).", + "oadp.openshift.io/v1alpha1/CloudStorage": { + "description": "The CloudStorage API automates the creation of a bucket for object storage.", "namespaced": true, - "properties": { - "apiVersion": { - "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources", - "type": "string" - }, - "items": { - "description": "items is the list of OAuth client authorizations", - "items": { - "allOf": [ - { - "$ref": "#/components/schemas/com.github.openshift.api.oauth.v1.OAuthClientAuthorization" - } - ], - "default": {} - }, - "type": "array" - }, - "kind": { - "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", - "type": "string" - }, - "metadata": { - "allOf": [ - { - "$ref": "#/components/schemas/io.k8s.apimachinery.pkg.apis.meta.v1.ListMeta" - } - ], - "default": {}, - "description": "metadata is the standard list's metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata" - } - }, - "required": [ - "items" - ], - "type": "object", - "x-kubernetes-group-version-kind": [ - { - "group": "oauth.openshift.io", - "kind": "OAuthClientAuthorizationList", - "version": "v1" - } - ] - }, - "oauth.openshift.io/v1/OAuthClientList": { - "description": "OAuthClientList is a collection of OAuth clients\n\nCompatibility level 1: Stable within a major release for a minimum of 12 months or 3 minor releases (whichever is longer).", - "namespaced": true, - "properties": { - "apiVersion": { - "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources", - "type": "string" - }, - "items": { - "description": "items is the list of OAuth clients", - "items": { - "allOf": [ - { - "$ref": "#/components/schemas/com.github.openshift.api.oauth.v1.OAuthClient" - } - ], - "default": {} - }, - "type": "array" - }, - "kind": { - "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", - "type": "string" - }, - "metadata": { - "allOf": [ - { - "$ref": "#/components/schemas/io.k8s.apimachinery.pkg.apis.meta.v1.ListMeta" - } - ], - "default": {}, - "description": "metadata is the standard list's metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata" - } - }, - "required": [ - "items" - ], - "type": "object", - "x-kubernetes-group-version-kind": [ - { - "group": "oauth.openshift.io", - "kind": "OAuthClientList", - "version": "v1" - } - ] - }, - "oauth.openshift.io/v1/UserOAuthAccessToken": { - "description": "UserOAuthAccessToken is a virtual resource to mirror OAuthAccessTokens to the user the access token was issued for", - "namespaced": false, - "properties": { - "apiVersion": { - "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources", - "type": "string" - }, - "authorizeToken": { - "description": "authorizeToken contains the token that authorized this token", - "type": "string" - }, - "clientName": { - "description": "clientName references the client that created this token.", - "type": "string" - }, - "expiresIn": { - "description": "expiresIn is the seconds from CreationTime before this token expires.", - "format": "int64", - "type": "integer" - }, - "inactivityTimeoutSeconds": { - "description": "inactivityTimeoutSeconds is the value in seconds, from the CreationTimestamp, after which this token can no longer be used. The value is automatically incremented when the token is used.", - "format": "int32", - "type": "integer" - }, - "kind": { - "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", - "type": "string" - }, - "metadata": { - "allOf": [ - { - "$ref": "#/components/schemas/io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta" - } - ], - "default": {}, - "description": "metadata is the standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata" - }, - "redirectURI": { - "description": "redirectURI is the redirection associated with the token.", - "type": "string" - }, - "refreshToken": { - "description": "refreshToken is the value by which this token can be renewed. Can be blank.", - "type": "string" - }, - "scopes": { - "description": "scopes is an array of the requested scopes.", - "items": { - "default": "", - "type": "string" - }, - "type": "array" - }, - "userName": { - "description": "userName is the user name associated with this token", - "type": "string" - }, - "userUID": { - "description": "userUID is the unique UID associated with this token", - "type": "string" - } - }, - "required": [], - "type": "object", - "x-kubernetes-group-version-kind": [ - { - "group": "oauth.openshift.io", - "kind": "UserOAuthAccessToken", - "version": "v1" - } - ] - }, - "oauth.openshift.io/v1/UserOAuthAccessTokenList": { - "description": "UserOAuthAccessTokenList is a collection of access tokens issued on behalf of the requesting user\n\nCompatibility level 1: Stable within a major release for a minimum of 12 months or 3 minor releases (whichever is longer).", - "namespaced": true, - "properties": { - "apiVersion": { - "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources", - "type": "string" - }, - "items": { - "items": { - "allOf": [ - { - "$ref": "#/components/schemas/com.github.openshift.api.oauth.v1.UserOAuthAccessToken" - } - ], - "default": {} - }, - "type": "array" - }, - "kind": { - "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", - "type": "string" - }, - "metadata": { - "allOf": [ - { - "$ref": "#/components/schemas/io.k8s.apimachinery.pkg.apis.meta.v1.ListMeta" - } - ], - "default": {}, - "description": "metadata is the standard list's metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata" - } - }, - "required": [ - "items" - ], - "type": "object", - "x-kubernetes-group-version-kind": [ - { - "group": "oauth.openshift.io", - "kind": "UserOAuthAccessTokenList", - "version": "v1" - } - ] - }, - "objectbucket.io/v1alpha1/ObjectBucket": { - "description": "", - "namespaced": false, "properties": { "apiVersion": { "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources", @@ -224325,178 +224438,158 @@ "description": "Standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata" }, "spec": { - "description": "Specification of the desired behavior of the bucket.", "properties": { - "additionalState": { + "config": { "additionalProperties": { "type": "string" }, - "description": "additionalState gives providers a location to set proprietary config values (tenant, namespace, etc)", - "type": "object" - }, - "claimRef": { - "description": "ObjectReference to ObjectBucketClaim", + "description": "config is provider-specific configuration options", "type": "object" }, - "endpoint": { - "description": "Endpoint contains all connection relevant data that an app may require for accessing the bucket", + "creationSecret": { + "description": "creationSecret is the secret that is needed to be used while creating the bucket.", "properties": { - "additionalConfig": { - "additionalProperties": { - "type": "string" - }, - "description": "AdditionalConfig gives providers a location to set proprietary config values (tenant, namespace, etc)", - "type": "object" - }, - "bucketHost": { - "description": "Bucket address hostname", - "type": "string" - }, - "bucketName": { - "description": "Bucket name", + "key": { + "description": "The key of the secret to select from. Must be a valid secret key.", "type": "string" }, - "bucketPort": { - "description": "Bucket address port", - "type": "integer" - }, - "region": { - "description": "Bucket region", + "name": { + "default": "", + "description": "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names", "type": "string" }, - "subRegion": { - "description": "Bucket sub-region", - "type": "string" + "optional": { + "description": "Specify whether the Secret or its key must be defined", + "type": "boolean" } }, - "type": "object" + "required": [ + "key" + ], + "type": "object", + "x-kubernetes-map-type": "atomic" }, - "reclaimPolicy": { - "description": "Describes a policy for end-of-life maintenance of ObjectBucket.", + "enableSharedConfig": { + "description": "enableSharedConfig enable the use of shared config loading for AWS Buckets", + "type": "boolean" + }, + "name": { + "description": "name is the name requested for the bucket (aws, gcp) or container (azure)", + "type": "string" + }, + "provider": { + "description": "provider is the provider of the cloud storage", "enum": [ - "Delete", - "Retain", - "Recycle" + "aws", + "azure", + "gcp" ], "type": "string" }, - "storageClassName": { - "description": "StorageClass names the StorageClass object representing the desired provisioner and parameters", + "region": { + "description": "region for the bucket to be in, will be us-east-1 if not set.", "type": "string" + }, + "tags": { + "additionalProperties": { + "type": "string" + }, + "description": "tags for the bucket", + "type": "object" } }, "required": [ - "storageClassName" + "creationSecret", + "name", + "provider" ], "type": "object" }, "status": { - "description": "Most recently observed status of the bucket.", "properties": { - "phase": { - "description": "ObjectBucketStatusPhase is set by the controller to save the state of the provisioning process", - "enum": [ - "Bound", - "Released", - "Failed" - ], - "type": "string" - } - }, - "type": "object" - } - }, - "required": [], - "type": "object", - "x-kubernetes-group-version-kind": [ - { - "group": "objectbucket.io", - "kind": "ObjectBucket", - "version": "v1alpha1" - } - ] - }, - "objectbucket.io/v1alpha1/ObjectBucketClaim": { - "description": "", - "namespaced": true, - "properties": { - "apiVersion": { - "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources", - "type": "string" - }, - "kind": { - "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", - "type": "string" - }, - "metadata": { - "allOf": [ - { - "$ref": "#/components/schemas/io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta" - } - ], - "description": "Standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata" - }, - "spec": { - "description": "Specification of the desired behavior of the claim.", - "properties": { - "additionalConfig": { - "additionalProperties": { - "type": "string" + "conditions": { + "description": "Conditions represent the latest available observations of the CloudStorage's current state", + "items": { + "description": "Condition contains details for one aspect of the current state of this API Resource.", + "properties": { + "lastTransitionTime": { + "description": "lastTransitionTime is the last time the condition transitioned from one status to another.\nThis should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable.", + "format": "date-time", + "type": "string" + }, + "message": { + "description": "message is a human readable message indicating details about the transition.\nThis may be an empty string.", + "maxLength": 32768, + "type": "string" + }, + "observedGeneration": { + "description": "observedGeneration represents the .metadata.generation that the condition was set based upon.\nFor instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date\nwith respect to the current state of the instance.", + "format": "int64", + "minimum": 0, + "type": "integer" + }, + "reason": { + "description": "reason contains a programmatic identifier indicating the reason for the condition's last transition.\nProducers of specific condition types may define expected values and meanings for this field,\nand whether the values are considered a guaranteed API.\nThe value should be a CamelCase string.\nThis field may not be empty.", + "maxLength": 1024, + "minLength": 1, + "pattern": "^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$", + "type": "string" + }, + "status": { + "description": "status of the condition, one of True, False, Unknown.", + "enum": [ + "True", + "False", + "Unknown" + ], + "type": "string" + }, + "type": { + "description": "type of condition in CamelCase or in foo.example.com/CamelCase.", + "maxLength": 316, + "pattern": "^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$", + "type": "string" + } + }, + "required": [ + "lastTransitionTime", + "message", + "reason", + "status", + "type" + ], + "type": "object" }, - "description": "AdditionalConfig gives providers a location to set proprietary config values (tenant, namespace, etc)", - "type": "object" - }, - "bucketName": { - "description": "BucketName (not recommended) the name of the bucket. Caution! In-store bucket names may collide across namespaces. If you define the name yourself, try to make it as unique as possible.", - "type": "string" - }, - "generateBucketName": { - "description": "GenerateBucketName (recommended) a prefix for a bucket name to be followed by a hyphen and 5 random characters. Protects against in-store name collisions.", - "type": "string" + "type": "array" }, - "objectBucketName": { - "description": "ObjectBucketName is the name of the object bucket resource. This is the authoritative determination for binding.", + "lastSyncTimestamp": { + "description": "LastSyncTimestamp is the last time the contents of the CloudStorage was synced", + "format": "date-time", "type": "string" }, - "storageClassName": { - "description": "StorageClass names the StorageClass object representing the desired provisioner and parameters", + "name": { + "description": "Name is the name requested for the bucket (aws, gcp) or container (azure)", "type": "string" } }, "required": [ - "storageClassName" + "name" ], "type": "object" - }, - "status": { - "description": "Most recently observed status of the claim.", - "properties": { - "phase": { - "description": "ObjectBucketClaimStatusPhase is set by the controller to save the state of the provisioning process", - "enum": [ - "Pending", - "Bound", - "Released", - "Failed" - ], - "type": "string" - } - }, - "type": "object" } }, "required": [], "type": "object", "x-kubernetes-group-version-kind": [ { - "group": "objectbucket.io", - "kind": "ObjectBucketClaim", + "group": "oadp.openshift.io", + "kind": "CloudStorage", "version": "v1alpha1" } ] }, - "objectbucket.io/v1alpha1/ObjectBucketClaimList": { - "description": "ObjectBucketClaimList is a list of ObjectBucketClaim", + "oadp.openshift.io/v1alpha1/CloudStorageList": { + "description": "CloudStorageList is a list of CloudStorage", "namespaced": true, "properties": { "apiVersion": { @@ -224504,9 +224597,8079 @@ "type": "string" }, "items": { - "description": "List of objectbucketclaims. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md", + "description": "List of cloudstorages. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md", "items": { - "$ref": "#/components/schemas/io.objectbucket.v1alpha1.ObjectBucketClaim" + "$ref": "#/components/schemas/io.openshift.oadp.v1alpha1.CloudStorage" + }, + "type": "array" + }, + "kind": { + "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", + "type": "string" + }, + "metadata": { + "allOf": [ + { + "$ref": "#/components/schemas/io.k8s.apimachinery.pkg.apis.meta.v1.ListMeta" + } + ], + "description": "Standard list metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + } + }, + "required": [ + "items" + ], + "type": "object", + "x-kubernetes-group-version-kind": [ + { + "group": "oadp.openshift.io", + "kind": "CloudStorageList", + "version": "v1alpha1" + } + ] + }, + "oadp.openshift.io/v1alpha1/DataProtectionApplication": { + "description": "DataProtectionApplication represents configuration to install a data protection\napplication to safely backup and restore, perform disaster recovery and migrate\nKubernetes cluster resources and persistent volumes.", + "namespaced": true, + "properties": { + "apiVersion": { + "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources", + "type": "string" + }, + "kind": { + "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", + "type": "string" + }, + "metadata": { + "allOf": [ + { + "$ref": "#/components/schemas/io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta" + } + ], + "description": "Standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata" + }, + "spec": { + "description": "DataProtectionApplicationSpec defines the desired state of Velero", + "properties": { + "backupImages": { + "description": "backupImages is used to specify whether you want to deploy a registry for enabling backup and restore of images", + "type": "boolean" + }, + "backupLocations": { + "description": "backupLocations defines the list of desired configuration to use for BackupStorageLocations", + "items": { + "description": "BackupLocation defines the configuration for the DPA backup storage", + "properties": { + "bucket": { + "description": "CloudStorageLocation defines BackupStorageLocation using bucket referenced by CloudStorage CR.", + "properties": { + "backupSyncPeriod": { + "description": "backupSyncPeriod defines how frequently to sync backup API objects from object storage. A value of 0 disables sync.", + "nullable": true, + "type": "string" + }, + "caCert": { + "description": "CACert defines a CA bundle to use when verifying TLS connections to the provider.", + "format": "byte", + "type": "string" + }, + "cloudStorageRef": { + "description": "LocalObjectReference contains enough information to let you locate the\nreferenced object inside the same namespace.", + "properties": { + "name": { + "default": "", + "description": "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names", + "type": "string" + } + }, + "type": "object", + "x-kubernetes-map-type": "atomic" + }, + "config": { + "additionalProperties": { + "type": "string" + }, + "description": "config is for provider-specific configuration fields.", + "type": "object" + }, + "credential": { + "description": "credential contains the credential information intended to be used with this location", + "properties": { + "key": { + "description": "The key of the secret to select from. Must be a valid secret key.", + "type": "string" + }, + "name": { + "default": "", + "description": "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names", + "type": "string" + }, + "optional": { + "description": "Specify whether the Secret or its key must be defined", + "type": "boolean" + } + }, + "required": [ + "key" + ], + "type": "object", + "x-kubernetes-map-type": "atomic" + }, + "default": { + "description": "default indicates this location is the default backup storage location.", + "type": "boolean" + }, + "prefix": { + "description": "Prefix is the path inside a bucket to use for Velero storage. Optional.", + "type": "string" + } + }, + "required": [ + "cloudStorageRef" + ], + "type": "object" + }, + "name": { + "type": "string" + }, + "velero": { + "description": "BackupStorageLocationSpec defines the desired state of a Velero BackupStorageLocation", + "properties": { + "accessMode": { + "description": "AccessMode defines the permissions for the backup storage location.", + "enum": [ + "ReadOnly", + "ReadWrite" + ], + "type": "string" + }, + "backupSyncPeriod": { + "description": "BackupSyncPeriod defines how frequently to sync backup API objects from object storage. A value of 0 disables sync.", + "nullable": true, + "type": "string" + }, + "config": { + "additionalProperties": { + "type": "string" + }, + "description": "Config is for provider-specific configuration fields.", + "type": "object" + }, + "credential": { + "description": "Credential contains the credential information intended to be used with this location", + "properties": { + "key": { + "description": "The key of the secret to select from. Must be a valid secret key.", + "type": "string" + }, + "name": { + "default": "", + "description": "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names", + "type": "string" + }, + "optional": { + "description": "Specify whether the Secret or its key must be defined", + "type": "boolean" + } + }, + "required": [ + "key" + ], + "type": "object", + "x-kubernetes-map-type": "atomic" + }, + "default": { + "description": "Default indicates this location is the default backup storage location.", + "type": "boolean" + }, + "objectStorage": { + "description": "ObjectStorageLocation specifies the settings necessary to connect to a provider's object storage.", + "properties": { + "bucket": { + "description": "Bucket is the bucket to use for object storage.", + "type": "string" + }, + "caCert": { + "description": "CACert defines a CA bundle to use when verifying TLS connections to the provider.\nDeprecated: Use CACertRef instead.", + "format": "byte", + "type": "string" + }, + "caCertRef": { + "description": "CACertRef is a reference to a Secret containing the CA certificate bundle to use\nwhen verifying TLS connections to the provider. The Secret must be in the same\nnamespace as the BackupStorageLocation.", + "properties": { + "key": { + "description": "The key of the secret to select from. Must be a valid secret key.", + "type": "string" + }, + "name": { + "default": "", + "description": "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names", + "type": "string" + }, + "optional": { + "description": "Specify whether the Secret or its key must be defined", + "type": "boolean" + } + }, + "required": [ + "key" + ], + "type": "object", + "x-kubernetes-map-type": "atomic" + }, + "prefix": { + "description": "Prefix is the path inside a bucket to use for Velero storage. Optional.", + "type": "string" + } + }, + "required": [ + "bucket" + ], + "type": "object" + }, + "provider": { + "description": "Provider is the provider of the backup storage.", + "type": "string" + }, + "validationFrequency": { + "description": "ValidationFrequency defines how frequently to validate the corresponding object storage. A value of 0 disables validation.", + "nullable": true, + "type": "string" + } + }, + "required": [ + "objectStorage", + "provider" + ], + "type": "object" + } + }, + "type": "object" + }, + "type": "array" + }, + "configuration": { + "description": "configuration is used to configure the data protection application's server config", + "properties": { + "kubevirtDatamover": { + "description": "KubevirtDatamover configures the kubevirt-datamover-controller for VM backup/restore.", + "properties": { + "maxIncrementalBackups": { + "description": "MaxIncrementalBackups is the maximum number of incremental backups per VM\nbefore forcing a full backup. 0 means unlimited (default behavior).\nCan be overridden per-VM via the kubevirt-datamover.io/max-incremental-backups\nannotation on the VirtualMachine CR.", + "format": "int32", + "minimum": 0, + "type": "integer" + } + }, + "type": "object" + }, + "nodeAgent": { + "description": "NodeAgent is needed to allow selection between kopia or restic", + "properties": { + "backupPVC": { + "additionalProperties": { + "properties": { + "annotations": { + "additionalProperties": { + "type": "string" + }, + "description": "Annotations permits setting annotations for the backupPVC", + "type": "object" + }, + "readOnly": { + "description": "ReadOnly sets the backupPVC's access mode as read only", + "type": "boolean" + }, + "spcNoRelabeling": { + "description": "SPCNoRelabeling sets Spec.SecurityContext.SELinux.Type to \"spc_t\" for the pod mounting the backupPVC\nignored if ReadOnly is false", + "type": "boolean" + }, + "storageClass": { + "description": "StorageClass is the name of storage class to be used by the backupPVC", + "type": "string" + } + }, + "type": "object" + }, + "description": "BackupPVCConfig is the config for backupPVC (intermediate PVC) of snapshot data movement", + "type": "object" + }, + "cacheLimitMB": { + "description": "CacheLimitMB specifies the size limit(in MB) for the local data cache", + "format": "int64", + "minimum": 0, + "type": "integer" + }, + "cachePVC": { + "description": "CachePVCConfig configures a dedicated PVC for Kopia repository cache during restore operations.\nWhen set, cache data is stored on a provisioned PVC instead of the pod's root filesystem,\npreventing ephemeral storage exhaustion on nodes during concurrent restores.\nIf storageClass is omitted, the cluster's default StorageClass is used.", + "properties": { + "residentThresholdInMB": { + "description": "ResidentThresholdInMB specifies the minimum size of the backup data to create cache PVC", + "format": "int64", + "type": "integer" + }, + "storageClass": { + "description": "StorageClass specifies the storage class for cache PVC", + "type": "string" + } + }, + "type": "object" + }, + "dataMoverPrepareTimeout": { + "description": "How long to wait for preparing a DataUpload/DataDownload. Default is 30 minutes.", + "type": "string" + }, + "enable": { + "description": "enable defines a boolean pointer whether we want the daemonset to\nexist or not", + "type": "boolean" + }, + "fullMaintenanceInterval": { + "description": "fullMaintenanceInterval determines the time between kopia full maintenance operations.\nnormalGC: 24 hours\nfastGC: 12 hours\neagerGC: 6 hours", + "enum": [ + "normalGC", + "fastGC", + "eagerGC" + ], + "type": "string" + }, + "loadAffinity": { + "description": "LoadAffinity is the config for data path load affinity.", + "items": { + "description": "LoadAffinity is the config for data path load affinity.\nUsed by the Node-Agent, that needs to match the DataMover and the RepositoryMaintenance pods.", + "properties": { + "nodeSelector": { + "description": "NodeSelector specifies the label selector to match nodes", + "properties": { + "matchExpressions": { + "description": "matchExpressions is a list of label selector requirements. The requirements are ANDed.", + "items": { + "description": "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values.", + "properties": { + "key": { + "description": "key is the label key that the selector applies to.", + "type": "string" + }, + "operator": { + "description": "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist.", + "type": "string" + }, + "values": { + "description": "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch.", + "items": { + "type": "string" + }, + "type": "array", + "x-kubernetes-list-type": "atomic" + } + }, + "required": [ + "key", + "operator" + ], + "type": "object" + }, + "type": "array", + "x-kubernetes-list-type": "atomic" + }, + "matchLabels": { + "additionalProperties": { + "type": "string" + }, + "description": "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed.", + "type": "object" + } + }, + "type": "object", + "x-kubernetes-map-type": "atomic" + }, + "storageClass": { + "description": "StorageClass specifies the storage class to which this LoadAffinity rule applies.\nIf empty, the affinity applies globally to all data mover operations.\nIf set, the affinity applies only to data mover operations using this specific StorageClass.", + "type": "string" + } + }, + "type": "object" + }, + "type": "array" + }, + "loadConcurrency": { + "description": "LoadConcurrency is the config for data path load concurrency per node.", + "properties": { + "globalConfig": { + "description": "GlobalConfig specifies the concurrency number to all nodes for which per-node config is not specified", + "type": "integer" + }, + "perNodeConfig": { + "description": "PerNodeConfig specifies the concurrency number to nodes matched by rules", + "items": { + "description": "RuledConfigs is the config for data path load concurrency per node.", + "properties": { + "nodeSelector": { + "description": "NodeSelector specifies the label selector to match nodes", + "properties": { + "matchExpressions": { + "description": "matchExpressions is a list of label selector requirements. The requirements are ANDed.", + "items": { + "description": "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values.", + "properties": { + "key": { + "description": "key is the label key that the selector applies to.", + "type": "string" + }, + "operator": { + "description": "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist.", + "type": "string" + }, + "values": { + "description": "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch.", + "items": { + "type": "string" + }, + "type": "array", + "x-kubernetes-list-type": "atomic" + } + }, + "required": [ + "key", + "operator" + ], + "type": "object" + }, + "type": "array", + "x-kubernetes-list-type": "atomic" + }, + "matchLabels": { + "additionalProperties": { + "type": "string" + }, + "description": "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed.", + "type": "object" + } + }, + "type": "object", + "x-kubernetes-map-type": "atomic" + }, + "number": { + "description": "Number specifies the number value associated to the matched nodes", + "type": "integer" + } + }, + "required": [ + "nodeSelector", + "number" + ], + "type": "object" + }, + "type": "array" + }, + "prepareQueueLength": { + "description": "PrepareQueueLength specifies the max number of loads that are under expose", + "type": "integer" + } + }, + "type": "object" + }, + "podAnnotations": { + "additionalProperties": { + "type": "string" + }, + "description": "PodAnnotations are annotations to be added to pods created by node-agent, i.e., data mover pods.", + "type": "object" + }, + "podConfig": { + "description": "Pod specific configuration", + "properties": { + "annotations": { + "additionalProperties": { + "type": "string" + }, + "description": "annotations to add to pods", + "type": "object" + }, + "env": { + "description": "env defines the list of environment variables to be supplied to podSpec", + "items": { + "description": "EnvVar represents an environment variable present in a Container.", + "properties": { + "name": { + "description": "Name of the environment variable. Must be a C_IDENTIFIER.", + "type": "string" + }, + "value": { + "description": "Variable references $(VAR_NAME) are expanded\nusing the previously defined environment variables in the container and\nany service environment variables. If a variable cannot be resolved,\nthe reference in the input string will be unchanged. Double $$ are reduced\nto a single $, which allows for escaping the $(VAR_NAME) syntax: i.e.\n\"$$(VAR_NAME)\" will produce the string literal \"$(VAR_NAME)\".\nEscaped references will never be expanded, regardless of whether the variable\nexists or not.\nDefaults to \"\".", + "type": "string" + }, + "valueFrom": { + "description": "Source for the environment variable's value. Cannot be used if value is not empty.", + "properties": { + "configMapKeyRef": { + "description": "Selects a key of a ConfigMap.", + "properties": { + "key": { + "description": "The key to select.", + "type": "string" + }, + "name": { + "default": "", + "description": "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names", + "type": "string" + }, + "optional": { + "description": "Specify whether the ConfigMap or its key must be defined", + "type": "boolean" + } + }, + "required": [ + "key" + ], + "type": "object", + "x-kubernetes-map-type": "atomic" + }, + "fieldRef": { + "description": "Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`,\nspec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs.", + "properties": { + "apiVersion": { + "description": "Version of the schema the FieldPath is written in terms of, defaults to \"v1\".", + "type": "string" + }, + "fieldPath": { + "description": "Path of the field to select in the specified API version.", + "type": "string" + } + }, + "required": [ + "fieldPath" + ], + "type": "object", + "x-kubernetes-map-type": "atomic" + }, + "resourceFieldRef": { + "description": "Selects a resource of the container: only resources limits and requests\n(limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported.", + "properties": { + "containerName": { + "description": "Container name: required for volumes, optional for env vars", + "type": "string" + }, + "divisor": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "string" + } + ], + "description": "Specifies the output format of the exposed resources, defaults to \"1\"", + "pattern": "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$", + "x-kubernetes-int-or-string": true + }, + "resource": { + "description": "Required: resource to select", + "type": "string" + } + }, + "required": [ + "resource" + ], + "type": "object", + "x-kubernetes-map-type": "atomic" + }, + "secretKeyRef": { + "description": "Selects a key of a secret in the pod's namespace", + "properties": { + "key": { + "description": "The key of the secret to select from. Must be a valid secret key.", + "type": "string" + }, + "name": { + "default": "", + "description": "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names", + "type": "string" + }, + "optional": { + "description": "Specify whether the Secret or its key must be defined", + "type": "boolean" + } + }, + "required": [ + "key" + ], + "type": "object", + "x-kubernetes-map-type": "atomic" + } + }, + "type": "object" + } + }, + "required": [ + "name" + ], + "type": "object" + }, + "type": "array" + }, + "labels": { + "additionalProperties": { + "type": "string" + }, + "description": "labels to add to pods", + "type": "object" + }, + "nodeSelector": { + "additionalProperties": { + "type": "string" + }, + "description": "nodeSelector defines the nodeSelector to be supplied to podSpec", + "type": "object" + }, + "priorityClassName": { + "description": "priorityClassName defines the PriorityClass name to be applied to the pod", + "type": "string" + }, + "resourceAllocations": { + "description": "resourceAllocations defines the CPU, Memory and ephemeral-storage resource allocations for the Pod", + "nullable": true, + "properties": { + "claims": { + "description": "Claims lists the names of resources, defined in spec.resourceClaims,\nthat are used by this container.\n\nThis is an alpha field and requires enabling the\nDynamicResourceAllocation feature gate.\n\nThis field is immutable. It can only be set for containers.", + "items": { + "description": "ResourceClaim references one entry in PodSpec.ResourceClaims.", + "properties": { + "name": { + "description": "Name must match the name of one entry in pod.spec.resourceClaims of\nthe Pod where this field is used. It makes that resource available\ninside a container.", + "type": "string" + }, + "request": { + "description": "Request is the name chosen for a request in the referenced claim.\nIf empty, everything from the claim is made available, otherwise\nonly the result of this request.", + "type": "string" + } + }, + "required": [ + "name" + ], + "type": "object" + }, + "type": "array", + "x-kubernetes-list-map-keys": [ + "name" + ], + "x-kubernetes-list-type": "map" + }, + "limits": { + "additionalProperties": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "string" + } + ], + "pattern": "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$", + "x-kubernetes-int-or-string": true + }, + "description": "Limits describes the maximum amount of compute resources allowed.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/", + "type": "object" + }, + "requests": { + "additionalProperties": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "string" + } + ], + "pattern": "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$", + "x-kubernetes-int-or-string": true + }, + "description": "Requests describes the minimum amount of compute resources required.\nIf Requests is omitted for a container, it defaults to Limits if that is explicitly specified,\notherwise to an implementation-defined value. Requests cannot exceed Limits.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/", + "type": "object" + } + }, + "type": "object" + }, + "tolerations": { + "description": "tolerations defines the list of tolerations to be applied to daemonset", + "items": { + "description": "The pod this Toleration is attached to tolerates any taint that matches\nthe triple using the matching operator .", + "properties": { + "effect": { + "description": "Effect indicates the taint effect to match. Empty means match all taint effects.\nWhen specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute.", + "type": "string" + }, + "key": { + "description": "Key is the taint key that the toleration applies to. Empty means match all taint keys.\nIf the key is empty, operator must be Exists; this combination means to match all values and all keys.", + "type": "string" + }, + "operator": { + "description": "Operator represents a key's relationship to the value.\nValid operators are Exists and Equal. Defaults to Equal.\nExists is equivalent to wildcard for value, so that a pod can\ntolerate all taints of a particular category.", + "type": "string" + }, + "tolerationSeconds": { + "description": "TolerationSeconds represents the period of time the toleration (which must be\nof effect NoExecute, otherwise this field is ignored) tolerates the taint. By default,\nit is not set, which means tolerate the taint forever (do not evict). Zero and\nnegative values will be treated as 0 (evict immediately) by the system.", + "format": "int64", + "type": "integer" + }, + "value": { + "description": "Value is the taint value the toleration matches to.\nIf the operator is Exists, the value should be empty, otherwise just a regular string.", + "type": "string" + } + }, + "type": "object" + }, + "type": "array" + } + }, + "type": "object" + }, + "podLabels": { + "additionalProperties": { + "type": "string" + }, + "description": "PodLabels are labels to be added to pods created by node-agent, i.e., data mover pods.", + "type": "object" + }, + "podResources": { + "description": "PodResources is the resource config for various types of pods launched by node-agent, i.e., data mover pods.", + "properties": { + "cpuLimit": { + "type": "string" + }, + "cpuRequest": { + "type": "string" + }, + "ephemeralStorageLimit": { + "type": "string" + }, + "ephemeralStorageRequest": { + "type": "string" + }, + "memoryLimit": { + "type": "string" + }, + "memoryRequest": { + "type": "string" + } + }, + "type": "object" + }, + "resourceTimeout": { + "description": "How long to wait for resource processes which are not covered by other specific timeout parameters. Default is 10 minutes.", + "type": "string" + }, + "restorePVC": { + "description": "RestoreVCConfig is the config for restorePVC (intermediate PVC) of generic restore", + "properties": { + "ignoreDelayBinding": { + "description": "IgnoreDelayBinding indicates to ignore delay binding the restorePVC when it is in WaitForFirstConsumer mode", + "type": "boolean" + } + }, + "type": "object" + }, + "supplementalGroups": { + "description": "supplementalGroups defines the linux groups to be applied to the NodeAgent Pod", + "items": { + "format": "int64", + "type": "integer" + }, + "type": "array" + }, + "timeout": { + "description": "timeout defines the NodeAgent timeout, default value is 1h", + "type": "string" + }, + "uploaderType": { + "description": "The type of uploader to transfer the data of pod volumes, the supported values are 'restic' or 'kopia'", + "enum": [ + "restic", + "kopia" + ], + "type": "string" + } + }, + "required": [ + "uploaderType" + ], + "type": "object" + }, + "repositoryMaintenance": { + "additionalProperties": { + "properties": { + "loadAffinity": { + "description": "LoadAffinity is the config for data path load affinity.", + "items": { + "description": "LoadAffinity is the config for data path load affinity.\nUsed by the Node-Agent, that needs to match the DataMover and the RepositoryMaintenance pods.", + "properties": { + "nodeSelector": { + "description": "NodeSelector specifies the label selector to match nodes", + "properties": { + "matchExpressions": { + "description": "matchExpressions is a list of label selector requirements. The requirements are ANDed.", + "items": { + "description": "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values.", + "properties": { + "key": { + "description": "key is the label key that the selector applies to.", + "type": "string" + }, + "operator": { + "description": "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist.", + "type": "string" + }, + "values": { + "description": "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch.", + "items": { + "type": "string" + }, + "type": "array", + "x-kubernetes-list-type": "atomic" + } + }, + "required": [ + "key", + "operator" + ], + "type": "object" + }, + "type": "array", + "x-kubernetes-list-type": "atomic" + }, + "matchLabels": { + "additionalProperties": { + "type": "string" + }, + "description": "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed.", + "type": "object" + } + }, + "type": "object", + "x-kubernetes-map-type": "atomic" + }, + "storageClass": { + "description": "StorageClass specifies the storage class to which this LoadAffinity rule applies.\nIf empty, the affinity applies globally to all data mover operations.\nIf set, the affinity applies only to data mover operations using this specific StorageClass.", + "type": "string" + } + }, + "type": "object" + }, + "type": "array" + }, + "podAnnotations": { + "additionalProperties": { + "type": "string" + }, + "description": "PodAnnotations are annotations to be added to maintenance job pods.\nThis is only read from the global configuration, not per-repository.", + "type": "object" + }, + "podLabels": { + "additionalProperties": { + "type": "string" + }, + "description": "PodLabels are labels to be added to maintenance job pods.\nThis is only read from the global configuration, not per-repository.", + "type": "object" + }, + "podResources": { + "description": "PodResources is the config for the CPU and memory resources setting.", + "properties": { + "cpuLimit": { + "type": "string" + }, + "cpuRequest": { + "type": "string" + }, + "ephemeralStorageLimit": { + "type": "string" + }, + "ephemeralStorageRequest": { + "type": "string" + }, + "memoryLimit": { + "type": "string" + }, + "memoryRequest": { + "type": "string" + } + }, + "type": "object" + } + }, + "type": "object" + }, + "description": "RepositoryMaintenance maps a BackupRepository identifier to its configuration.\nKeys can be:\n - \"global\" : Applies to all repositories without specific config.\n - \"\" : The namespace of the BackupRepository.\n - \"\" : The specific BackupRepository name referencing the BSL.\n - \"\" : Either \"kopia\" or \"restic\".", + "type": "object" + }, + "restic": { + "description": "(do not use warning) restic field is for backwards compatibility and\nwill be removed in the future. Use nodeAgent field instead", + "properties": { + "enable": { + "description": "enable defines a boolean pointer whether we want the daemonset to\nexist or not", + "type": "boolean" + }, + "podConfig": { + "description": "Pod specific configuration", + "properties": { + "annotations": { + "additionalProperties": { + "type": "string" + }, + "description": "annotations to add to pods", + "type": "object" + }, + "env": { + "description": "env defines the list of environment variables to be supplied to podSpec", + "items": { + "description": "EnvVar represents an environment variable present in a Container.", + "properties": { + "name": { + "description": "Name of the environment variable. Must be a C_IDENTIFIER.", + "type": "string" + }, + "value": { + "description": "Variable references $(VAR_NAME) are expanded\nusing the previously defined environment variables in the container and\nany service environment variables. If a variable cannot be resolved,\nthe reference in the input string will be unchanged. Double $$ are reduced\nto a single $, which allows for escaping the $(VAR_NAME) syntax: i.e.\n\"$$(VAR_NAME)\" will produce the string literal \"$(VAR_NAME)\".\nEscaped references will never be expanded, regardless of whether the variable\nexists or not.\nDefaults to \"\".", + "type": "string" + }, + "valueFrom": { + "description": "Source for the environment variable's value. Cannot be used if value is not empty.", + "properties": { + "configMapKeyRef": { + "description": "Selects a key of a ConfigMap.", + "properties": { + "key": { + "description": "The key to select.", + "type": "string" + }, + "name": { + "default": "", + "description": "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names", + "type": "string" + }, + "optional": { + "description": "Specify whether the ConfigMap or its key must be defined", + "type": "boolean" + } + }, + "required": [ + "key" + ], + "type": "object", + "x-kubernetes-map-type": "atomic" + }, + "fieldRef": { + "description": "Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`,\nspec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs.", + "properties": { + "apiVersion": { + "description": "Version of the schema the FieldPath is written in terms of, defaults to \"v1\".", + "type": "string" + }, + "fieldPath": { + "description": "Path of the field to select in the specified API version.", + "type": "string" + } + }, + "required": [ + "fieldPath" + ], + "type": "object", + "x-kubernetes-map-type": "atomic" + }, + "resourceFieldRef": { + "description": "Selects a resource of the container: only resources limits and requests\n(limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported.", + "properties": { + "containerName": { + "description": "Container name: required for volumes, optional for env vars", + "type": "string" + }, + "divisor": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "string" + } + ], + "description": "Specifies the output format of the exposed resources, defaults to \"1\"", + "pattern": "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$", + "x-kubernetes-int-or-string": true + }, + "resource": { + "description": "Required: resource to select", + "type": "string" + } + }, + "required": [ + "resource" + ], + "type": "object", + "x-kubernetes-map-type": "atomic" + }, + "secretKeyRef": { + "description": "Selects a key of a secret in the pod's namespace", + "properties": { + "key": { + "description": "The key of the secret to select from. Must be a valid secret key.", + "type": "string" + }, + "name": { + "default": "", + "description": "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names", + "type": "string" + }, + "optional": { + "description": "Specify whether the Secret or its key must be defined", + "type": "boolean" + } + }, + "required": [ + "key" + ], + "type": "object", + "x-kubernetes-map-type": "atomic" + } + }, + "type": "object" + } + }, + "required": [ + "name" + ], + "type": "object" + }, + "type": "array" + }, + "labels": { + "additionalProperties": { + "type": "string" + }, + "description": "labels to add to pods", + "type": "object" + }, + "nodeSelector": { + "additionalProperties": { + "type": "string" + }, + "description": "nodeSelector defines the nodeSelector to be supplied to podSpec", + "type": "object" + }, + "priorityClassName": { + "description": "priorityClassName defines the PriorityClass name to be applied to the pod", + "type": "string" + }, + "resourceAllocations": { + "description": "resourceAllocations defines the CPU, Memory and ephemeral-storage resource allocations for the Pod", + "nullable": true, + "properties": { + "claims": { + "description": "Claims lists the names of resources, defined in spec.resourceClaims,\nthat are used by this container.\n\nThis is an alpha field and requires enabling the\nDynamicResourceAllocation feature gate.\n\nThis field is immutable. It can only be set for containers.", + "items": { + "description": "ResourceClaim references one entry in PodSpec.ResourceClaims.", + "properties": { + "name": { + "description": "Name must match the name of one entry in pod.spec.resourceClaims of\nthe Pod where this field is used. It makes that resource available\ninside a container.", + "type": "string" + }, + "request": { + "description": "Request is the name chosen for a request in the referenced claim.\nIf empty, everything from the claim is made available, otherwise\nonly the result of this request.", + "type": "string" + } + }, + "required": [ + "name" + ], + "type": "object" + }, + "type": "array", + "x-kubernetes-list-map-keys": [ + "name" + ], + "x-kubernetes-list-type": "map" + }, + "limits": { + "additionalProperties": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "string" + } + ], + "nullable": true, + "pattern": "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$", + "x-kubernetes-int-or-string": true + }, + "description": "Limits describes the maximum amount of compute resources allowed.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/", + "nullable": true, + "type": "object" + }, + "requests": { + "additionalProperties": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "string" + } + ], + "nullable": true, + "pattern": "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$", + "x-kubernetes-int-or-string": true + }, + "description": "Requests describes the minimum amount of compute resources required.\nIf Requests is omitted for a container, it defaults to Limits if that is explicitly specified,\notherwise to an implementation-defined value. Requests cannot exceed Limits.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/", + "nullable": true, + "type": "object" + } + }, + "type": "object" + }, + "tolerations": { + "description": "tolerations defines the list of tolerations to be applied to daemonset", + "items": { + "description": "The pod this Toleration is attached to tolerates any taint that matches\nthe triple using the matching operator .", + "properties": { + "effect": { + "description": "Effect indicates the taint effect to match. Empty means match all taint effects.\nWhen specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute.", + "type": "string" + }, + "key": { + "description": "Key is the taint key that the toleration applies to. Empty means match all taint keys.\nIf the key is empty, operator must be Exists; this combination means to match all values and all keys.", + "type": "string" + }, + "operator": { + "description": "Operator represents a key's relationship to the value.\nValid operators are Exists and Equal. Defaults to Equal.\nExists is equivalent to wildcard for value, so that a pod can\ntolerate all taints of a particular category.", + "type": "string" + }, + "tolerationSeconds": { + "description": "TolerationSeconds represents the period of time the toleration (which must be\nof effect NoExecute, otherwise this field is ignored) tolerates the taint. By default,\nit is not set, which means tolerate the taint forever (do not evict). Zero and\nnegative values will be treated as 0 (evict immediately) by the system.", + "format": "int64", + "type": "integer" + }, + "value": { + "description": "Value is the taint value the toleration matches to.\nIf the operator is Exists, the value should be empty, otherwise just a regular string.", + "type": "string" + } + }, + "type": "object" + }, + "type": "array" + } + }, + "type": "object" + }, + "supplementalGroups": { + "description": "supplementalGroups defines the linux groups to be applied to the NodeAgent Pod", + "items": { + "format": "int64", + "type": "integer" + }, + "type": "array" + }, + "timeout": { + "description": "timeout defines the NodeAgent timeout, default value is 1h", + "type": "string" + } + }, + "type": "object" + }, + "velero": { + "properties": { + "args": { + "description": "Velero args are settings to customize velero server arguments. Overrides values in other fields.", + "properties": { + "add_dir_header": { + "description": "If true, adds the file directory to the header of the log messages", + "type": "boolean" + }, + "alsologtostderr": { + "description": "log to standard error as well as files (no effect when -logtostderr=true)", + "type": "boolean" + }, + "backup-sync-period": { + "description": "How often (in nanoseconds) to ensure all Velero backups in object storage exist as Backup API objects in the cluster. This is the default sync period if none is explicitly specified for a backup storage location.", + "format": "int64", + "type": "integer" + }, + "client-burst": { + "description": "Maximum number of requests by the server to the Kubernetes API in a short period of time.", + "type": "integer" + }, + "client-page-size": { + "description": "Page size of requests by the server to the Kubernetes API when listing objects during a backup. Set to 0 to disable paging.", + "type": "integer" + }, + "client-qps": { + "description": "Maximum number of requests per second by the server to the Kubernetes API once the burst limit has been reached.\nthis will be validated as a valid float32", + "type": "string" + }, + "colorized": { + "description": "Show colored output in TTY", + "type": "boolean" + }, + "default-backup-ttl": { + "description": "How long (in nanoseconds) to wait by default before backups can be garbage collected. (default is 720 hours)", + "format": "int64", + "type": "integer" + }, + "default-item-operation-timeout": { + "description": "How long (in nanoseconds) to wait on asynchronous BackupItemActions and RestoreItemActions to complete before timing out. (default is 1 hour)", + "format": "int64", + "type": "integer" + }, + "default-repo-maintain-frequency": { + "description": "How often (in nanoseconds) 'maintain' is run for backup repositories by default.", + "format": "int64", + "type": "integer" + }, + "default-volumes-to-fs-backup": { + "description": "Backup all volumes with pod volume file system backup by default.", + "type": "boolean" + }, + "disabled-controllers": { + "description": "List of controllers to disable on startup. Valid values are backup,backup-operations,backup-deletion,backup-finalizer,backup-sync,download-request,gc,backup-repo,restore,restore-operations,schedule,server-status-request", + "enum": [ + "backup", + "backup-operations", + "backup-deletion", + "backup-finalizer", + "backup-sync", + "download-request", + "gc", + "backup-repo", + "restore", + "restore-operations", + "schedule", + "server-status-request" + ], + "items": { + "type": "string" + }, + "type": "array" + }, + "fs-backup-timeout": { + "description": "How long (in nanoseconds) pod volume file system backups/restores should be allowed to run before timing out. (default is 4 hours)", + "format": "int64", + "type": "integer" + }, + "garbage-collection-frequency": { + "description": "How often (in nanoseconds) garbage collection checks for expired backups. (default is 1 hour)", + "format": "int64", + "type": "integer" + }, + "item-operation-sync-frequency": { + "description": "How often (in nanoseconds) to check status on backup/restore operations after backup/restore processing.", + "format": "int64", + "type": "integer" + }, + "log-format": { + "description": "The format for log output. Valid values are text, json. (default text)", + "enum": [ + "text", + "json" + ], + "type": "string" + }, + "log_backtrace_at": { + "description": "when logging hits line file:N, emit a stack trace", + "type": "string" + }, + "log_dir": { + "description": "If non-empty, write log files in this directory (no effect when -logtostderr=true)", + "type": "string" + }, + "log_file": { + "description": "If non-empty, use this log file (no effect when -logtostderr=true)", + "type": "string" + }, + "log_file_max_size": { + "description": "Defines the maximum size a log file can grow to (no effect when -logtostderr=true). Unit is megabytes. If the value is 0, the maximum file size is unlimited. (default 1800)", + "format": "int64", + "minimum": 0, + "type": "integer" + }, + "logtostderr": { + "description": "Boolean flags. Not handled atomically because the flag.Value interface\ndoes not let us avoid the =true, and that shorthand is necessary for\ncompatibility. TODO: does this matter enough to fix? Seems unlikely.", + "type": "boolean" + }, + "max-concurrent-k8s-connections": { + "description": "Max concurrent connections number that Velero can create with kube-apiserver. Default is 30. (default 30)", + "type": "integer" + }, + "metrics-address": { + "description": "The address to expose prometheus metrics", + "type": "string" + }, + "one_output": { + "description": "If true, only write logs to their native severity level (vs also writing to each lower severity level; no effect when -logtostderr=true)", + "type": "boolean" + }, + "profiler-address": { + "description": "The address to expose the pprof profiler.", + "type": "string" + }, + "resource-timeout": { + "description": "How long (in nanoseconds) to wait for resource processes which are not covered by other specific timeout parameters. (default is 10 minutes)", + "format": "int64", + "type": "integer" + }, + "restore-resource-priorities": { + "description": "Desired order of resource restores, the priority list contains two parts which are split by \"-\" element. The resources before \"-\" element are restored first as high priorities, the resources after \"-\" element are restored last as low priorities, and any resource not in the list will be restored alphabetically between the high and low priorities. (default securitycontextconstraints,customresourcedefinitions,klusterletconfigs.config.open-cluster-management.io,managedcluster.cluster.open-cluster-management.io,namespaces,roles,rolebindings,clusterrolebindings,klusterletaddonconfig.agent.open-cluster-management.io,managedclusteraddon.addon.open-cluster-management.io,storageclasses,volumesnapshotclass.snapshot.storage.k8s.io,volumesnapshotcontents.snapshot.storage.k8s.io,volumesnapshots.snapshot.storage.k8s.io,datauploads.velero.io,persistentvolumes,persistentvolumeclaims,serviceaccounts,secrets,configmaps,limitranges,pods,replicasets.apps,clusterclasses.cluster.x-k8s.io,endpoints,services,-,clusterbootstraps.run.tanzu.vmware.com,clusters.cluster.x-k8s.io,clusterresourcesets.addons.cluster.x-k8s.io)", + "type": "string" + }, + "skip_headers": { + "description": "If true, avoid header prefixes in the log messages", + "type": "boolean" + }, + "skip_log_headers": { + "description": "If true, avoid headers when opening log files (no effect when -logtostderr=true)", + "type": "boolean" + }, + "stderrthreshold": { + "description": "logs at or above this threshold go to stderr when writing to files and stderr (no effect when -logtostderr=true or -alsologtostderr=false) (default 2)", + "type": "integer" + }, + "store-validation-frequency": { + "description": "How often (in nanoseconds) to verify if the storage is valid. Optional. Set this to `0` to disable sync. (default is 1 minute)", + "format": "int64", + "type": "integer" + }, + "terminating-resource-timeout": { + "description": "How long (in nanoseconds) to wait on persistent volumes and namespaces to terminate during a restore before timing out.", + "format": "int64", + "type": "integer" + }, + "v": { + "description": "number for the log level verbosity", + "type": "integer" + }, + "vmodule": { + "description": "comma-separated list of pattern=N settings for file-filtered logging", + "type": "string" + } + }, + "type": "object" + }, + "client-burst": { + "description": "maximum number of requests by the server to the Kubernetes API in a short period of time. (default 100)", + "type": "integer" + }, + "client-qps": { + "description": "maximum number of requests per second by the server to the Kubernetes API once the burst limit has been reached. (default 100)", + "type": "integer" + }, + "concurrentBackups": { + "description": "Number of backups to process at the same time. Only backups which do not have any namespaces\nin common will run at the same time. Default is 1.", + "type": "integer" + }, + "customPlugins": { + "description": "customPlugins defines the custom plugin to be installed with Velero", + "items": { + "properties": { + "image": { + "type": "string" + }, + "name": { + "type": "string" + } + }, + "required": [ + "image", + "name" + ], + "type": "object" + }, + "type": "array" + }, + "defaultItemOperationTimeout": { + "description": "How long to wait on asynchronous BackupItemActions and RestoreItemActions to complete before timing out. Default value is 1h.", + "type": "string" + }, + "defaultPlugins": { + "items": { + "enum": [ + "aws", + "legacy-aws", + "gcp", + "azure", + "csi", + "vsm", + "openshift", + "kubevirt", + "kubevirt-datamover", + "hypershift" + ], + "type": "string" + }, + "type": "array" + }, + "defaultSnapshotMoveData": { + "description": "Specify whether CSI snapshot data should be moved to backup storage by default", + "type": "boolean" + }, + "defaultVolumesToFSBackup": { + "description": "Deprecated: Use defaultVolumesToFsBackup instead (matches Velero backup spec).", + "type": "boolean" + }, + "defaultVolumesToFsBackup": { + "description": "Use pod volume file system backup by default for volumes.\nMatches backup.spec.defaultVolumesToFsBackup in Velero API.", + "type": "boolean" + }, + "disableCSISnapshotEarlyFrequentPolling": { + "description": "set DisableCSISnapshotEarlyFrequentPolling to true to omit\nthe 1-second polling interval for the first 10 seconds while waiting\nfor the snaphandle", + "type": "boolean" + }, + "disableFsBackup": { + "default": false, + "description": "DisableFsBackup determines whether the NodeAgent should disable file system backup.\nWhen set to true, the NodeAgent runs in non-privileged mode.\nDefaults to false.", + "type": "boolean" + }, + "disableInformerCache": { + "description": "Disable informer cache for Get calls on restore. With this enabled, it will speed up restore in cases where there are backup resources which already exist in the cluster, but for very large clusters this will increase velero memory usage. Default is false.", + "type": "boolean" + }, + "featureFlags": { + "description": "featureFlags defines the list of features to enable for Velero instance", + "items": { + "type": "string" + }, + "type": "array" + }, + "itemBlockWorkerCount": { + "description": "Number of workers in worker pool for processing item backup. This will allow multiple items within\na Velero backup to be backed up at the same time which may improve performance for backups with\na large number of items. Workers are per backup if concurrent backups are enabled. Default is 1.", + "type": "integer" + }, + "itemOperationSyncFrequency": { + "description": "How often to check status on async backup/restore operations after backup processing. Default value is 2m.", + "type": "string" + }, + "loadAffinity": { + "description": "LoadAffinityConfig is the config for data path load affinity.", + "items": { + "description": "LoadAffinity is the config for data path load affinity.\nUsed by the Node-Agent, that needs to match the DataMover and the RepositoryMaintenance pods.", + "properties": { + "nodeSelector": { + "description": "NodeSelector specifies the label selector to match nodes", + "properties": { + "matchExpressions": { + "description": "matchExpressions is a list of label selector requirements. The requirements are ANDed.", + "items": { + "description": "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values.", + "properties": { + "key": { + "description": "key is the label key that the selector applies to.", + "type": "string" + }, + "operator": { + "description": "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist.", + "type": "string" + }, + "values": { + "description": "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch.", + "items": { + "type": "string" + }, + "type": "array", + "x-kubernetes-list-type": "atomic" + } + }, + "required": [ + "key", + "operator" + ], + "type": "object" + }, + "type": "array", + "x-kubernetes-list-type": "atomic" + }, + "matchLabels": { + "additionalProperties": { + "type": "string" + }, + "description": "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed.", + "type": "object" + } + }, + "type": "object", + "x-kubernetes-map-type": "atomic" + }, + "storageClass": { + "description": "StorageClass specifies the storage class to which this LoadAffinity rule applies.\nIf empty, the affinity applies globally to all data mover operations.\nIf set, the affinity applies only to data mover operations using this specific StorageClass.", + "type": "string" + } + }, + "type": "object" + }, + "type": "array" + }, + "logLevel": { + "description": "Velero server's log level (use debug for the most logging, leave unset for velero default)", + "enum": [ + "trace", + "debug", + "info", + "warning", + "error", + "fatal", + "panic" + ], + "type": "string" + }, + "noDefaultBackupLocation": { + "description": "If you need to install Velero without a default backup storage location noDefaultBackupLocation flag is required for confirmation", + "type": "boolean" + }, + "podConfig": { + "description": "Pod specific configuration", + "properties": { + "annotations": { + "additionalProperties": { + "type": "string" + }, + "description": "annotations to add to pods", + "type": "object" + }, + "env": { + "description": "env defines the list of environment variables to be supplied to podSpec", + "items": { + "description": "EnvVar represents an environment variable present in a Container.", + "properties": { + "name": { + "description": "Name of the environment variable. Must be a C_IDENTIFIER.", + "type": "string" + }, + "value": { + "description": "Variable references $(VAR_NAME) are expanded\nusing the previously defined environment variables in the container and\nany service environment variables. If a variable cannot be resolved,\nthe reference in the input string will be unchanged. Double $$ are reduced\nto a single $, which allows for escaping the $(VAR_NAME) syntax: i.e.\n\"$$(VAR_NAME)\" will produce the string literal \"$(VAR_NAME)\".\nEscaped references will never be expanded, regardless of whether the variable\nexists or not.\nDefaults to \"\".", + "type": "string" + }, + "valueFrom": { + "description": "Source for the environment variable's value. Cannot be used if value is not empty.", + "properties": { + "configMapKeyRef": { + "description": "Selects a key of a ConfigMap.", + "properties": { + "key": { + "description": "The key to select.", + "type": "string" + }, + "name": { + "default": "", + "description": "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names", + "type": "string" + }, + "optional": { + "description": "Specify whether the ConfigMap or its key must be defined", + "type": "boolean" + } + }, + "required": [ + "key" + ], + "type": "object", + "x-kubernetes-map-type": "atomic" + }, + "fieldRef": { + "description": "Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`,\nspec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs.", + "properties": { + "apiVersion": { + "description": "Version of the schema the FieldPath is written in terms of, defaults to \"v1\".", + "type": "string" + }, + "fieldPath": { + "description": "Path of the field to select in the specified API version.", + "type": "string" + } + }, + "required": [ + "fieldPath" + ], + "type": "object", + "x-kubernetes-map-type": "atomic" + }, + "resourceFieldRef": { + "description": "Selects a resource of the container: only resources limits and requests\n(limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported.", + "properties": { + "containerName": { + "description": "Container name: required for volumes, optional for env vars", + "type": "string" + }, + "divisor": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "string" + } + ], + "description": "Specifies the output format of the exposed resources, defaults to \"1\"", + "pattern": "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$", + "x-kubernetes-int-or-string": true + }, + "resource": { + "description": "Required: resource to select", + "type": "string" + } + }, + "required": [ + "resource" + ], + "type": "object", + "x-kubernetes-map-type": "atomic" + }, + "secretKeyRef": { + "description": "Selects a key of a secret in the pod's namespace", + "properties": { + "key": { + "description": "The key of the secret to select from. Must be a valid secret key.", + "type": "string" + }, + "name": { + "default": "", + "description": "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names", + "type": "string" + }, + "optional": { + "description": "Specify whether the Secret or its key must be defined", + "type": "boolean" + } + }, + "required": [ + "key" + ], + "type": "object", + "x-kubernetes-map-type": "atomic" + } + }, + "type": "object" + } + }, + "required": [ + "name" + ], + "type": "object" + }, + "type": "array" + }, + "labels": { + "additionalProperties": { + "type": "string" + }, + "description": "labels to add to pods", + "type": "object" + }, + "nodeSelector": { + "additionalProperties": { + "type": "string" + }, + "description": "nodeSelector defines the nodeSelector to be supplied to podSpec", + "type": "object" + }, + "priorityClassName": { + "description": "priorityClassName defines the PriorityClass name to be applied to the pod", + "type": "string" + }, + "resourceAllocations": { + "description": "resourceAllocations defines the CPU, Memory and ephemeral-storage resource allocations for the Pod", + "nullable": true, + "properties": { + "claims": { + "description": "Claims lists the names of resources, defined in spec.resourceClaims,\nthat are used by this container.\n\nThis is an alpha field and requires enabling the\nDynamicResourceAllocation feature gate.\n\nThis field is immutable. It can only be set for containers.", + "items": { + "description": "ResourceClaim references one entry in PodSpec.ResourceClaims.", + "properties": { + "name": { + "description": "Name must match the name of one entry in pod.spec.resourceClaims of\nthe Pod where this field is used. It makes that resource available\ninside a container.", + "type": "string" + }, + "request": { + "description": "Request is the name chosen for a request in the referenced claim.\nIf empty, everything from the claim is made available, otherwise\nonly the result of this request.", + "type": "string" + } + }, + "required": [ + "name" + ], + "type": "object" + }, + "type": "array", + "x-kubernetes-list-map-keys": [ + "name" + ], + "x-kubernetes-list-type": "map" + }, + "limits": { + "additionalProperties": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "string" + } + ], + "nullable": true, + "pattern": "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$", + "x-kubernetes-int-or-string": true + }, + "description": "Limits describes the maximum amount of compute resources allowed.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/", + "nullable": true, + "type": "object" + }, + "requests": { + "additionalProperties": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "string" + } + ], + "nullable": true, + "pattern": "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$", + "x-kubernetes-int-or-string": true + }, + "description": "Requests describes the minimum amount of compute resources required.\nIf Requests is omitted for a container, it defaults to Limits if that is explicitly specified,\notherwise to an implementation-defined value. Requests cannot exceed Limits.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/", + "nullable": true, + "type": "object" + } + }, + "type": "object" + }, + "tolerations": { + "description": "tolerations defines the list of tolerations to be applied to daemonset", + "items": { + "description": "The pod this Toleration is attached to tolerates any taint that matches\nthe triple using the matching operator .", + "properties": { + "effect": { + "description": "Effect indicates the taint effect to match. Empty means match all taint effects.\nWhen specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute.", + "type": "string" + }, + "key": { + "description": "Key is the taint key that the toleration applies to. Empty means match all taint keys.\nIf the key is empty, operator must be Exists; this combination means to match all values and all keys.", + "type": "string" + }, + "operator": { + "description": "Operator represents a key's relationship to the value.\nValid operators are Exists and Equal. Defaults to Equal.\nExists is equivalent to wildcard for value, so that a pod can\ntolerate all taints of a particular category.", + "type": "string" + }, + "tolerationSeconds": { + "description": "TolerationSeconds represents the period of time the toleration (which must be\nof effect NoExecute, otherwise this field is ignored) tolerates the taint. By default,\nit is not set, which means tolerate the taint forever (do not evict). Zero and\nnegative values will be treated as 0 (evict immediately) by the system.", + "format": "int64", + "type": "integer" + }, + "value": { + "description": "Value is the taint value the toleration matches to.\nIf the operator is Exists, the value should be empty, otherwise just a regular string.", + "type": "string" + } + }, + "type": "object" + }, + "type": "array" + } + }, + "type": "object" + }, + "resourceTimeout": { + "description": "resourceTimeout defines how long to wait for several Velero resources before timeout occurs,\nsuch as Velero CRD availability, volumeSnapshot deletion, and repo availability.\nDefault is 10m", + "type": "string" + }, + "restoreResourcesVersionPriority": { + "description": "restoreResourceVersionPriority represents a configmap that will be created if defined for use in conjunction with EnableAPIGroupVersions feature flag\nDefining this field automatically add EnableAPIGroupVersions to the velero server feature flag", + "type": "string" + } + }, + "type": "object" + } + }, + "type": "object" + }, + "features": { + "description": "features defines the configuration for the DPA to enable the OADP tech preview features", + "properties": { + "dataMover": { + "description": "(do not use warning) dataMover is for backwards compatibility and\nwill be removed in the future. Use Velero Built-in Data Mover instead", + "properties": { + "credentialName": { + "description": "User supplied Restic Secret name", + "type": "string" + }, + "enable": { + "description": "enable flag is used to specify whether you want to deploy the volume snapshot mover controller", + "type": "boolean" + }, + "maxConcurrentBackupVolumes": { + "description": "the number of batched volumeSnapshotBackups that can be inProgress at once, default value is 10", + "type": "string" + }, + "maxConcurrentRestoreVolumes": { + "description": "the number of batched volumeSnapshotRestores that can be inProgress at once, default value is 10", + "type": "string" + }, + "pruneInterval": { + "description": "defines how often (in days) to prune the datamover snapshots from the repository", + "type": "string" + }, + "schedule": { + "description": "schedule is a cronspec (https://en.wikipedia.org/wiki/Cron#Overview) that\ncan be used to schedule datamover(volsync) synchronization to occur at regular, time-based\nintervals. For example, in order to enforce datamover SnapshotRetainPolicy at a regular interval you need to\nspecify this Schedule trigger as a cron expression, by default the trigger is a manual trigger. For more details\non Volsync triggers, refer: https://volsync.readthedocs.io/en/stable/usage/triggers.html", + "pattern": "^(\\d+|\\*)(/\\d+)?(\\s+(\\d+|\\*)(/\\d+)?){4}$", + "type": "string" + }, + "snapshotRetainPolicy": { + "description": "defines the parameters that can be specified for retention of datamover snapshots", + "properties": { + "daily": { + "description": "Daily defines the number of snapshots to be kept daily", + "type": "string" + }, + "hourly": { + "description": "Hourly defines the number of snapshots to be kept hourly", + "type": "string" + }, + "monthly": { + "description": "Monthly defines the number of snapshots to be kept monthly", + "type": "string" + }, + "weekly": { + "description": "Weekly defines the number of snapshots to be kept weekly", + "type": "string" + }, + "within": { + "description": "Within defines the number of snapshots to be kept Within the given time period", + "type": "string" + }, + "yearly": { + "description": "Yearly defines the number of snapshots to be kept yearly", + "type": "string" + } + }, + "type": "object" + }, + "timeout": { + "description": "User supplied timeout to be used for VolumeSnapshotBackup and VolumeSnapshotRestore to complete, default value is 10m", + "type": "string" + }, + "volumeOptionsForStorageClasses": { + "additionalProperties": { + "properties": { + "destinationVolumeOptions": { + "description": "VolumeOptions defines configurations for VolSync options", + "properties": { + "accessMode": { + "description": "accessMode can be used to override the accessMode of the source or\ndestination PVC", + "type": "string" + }, + "cacheAccessMode": { + "description": "cacheAccessMode is the access mode to be used to provision the cache volume", + "type": "string" + }, + "cacheCapacity": { + "description": "cacheCapacity determines the size of the restic metadata cache volume", + "type": "string" + }, + "cacheStorageClassName": { + "description": "cacheStorageClassName is the storageClass that should be used when provisioning\nthe data mover cache volume", + "type": "string" + }, + "storageClassName": { + "description": "storageClassName can be used to override the StorageClass of the source\nor destination PVC", + "type": "string" + } + }, + "type": "object" + }, + "sourceVolumeOptions": { + "description": "VolumeOptions defines configurations for VolSync options", + "properties": { + "accessMode": { + "description": "accessMode can be used to override the accessMode of the source or\ndestination PVC", + "type": "string" + }, + "cacheAccessMode": { + "description": "cacheAccessMode is the access mode to be used to provision the cache volume", + "type": "string" + }, + "cacheCapacity": { + "description": "cacheCapacity determines the size of the restic metadata cache volume", + "type": "string" + }, + "cacheStorageClassName": { + "description": "cacheStorageClassName is the storageClass that should be used when provisioning\nthe data mover cache volume", + "type": "string" + }, + "storageClassName": { + "description": "storageClassName can be used to override the StorageClass of the source\nor destination PVC", + "type": "string" + } + }, + "type": "object" + } + }, + "type": "object" + }, + "description": "defines configurations for data mover volume options for a storageClass", + "type": "object" + } + }, + "type": "object" + } + }, + "type": "object" + }, + "imagePullPolicy": { + "description": "which imagePullPolicy to use in all container images used by OADP.\nBy default, for images with sha256 or sha512 digest, OADP uses IfNotPresent and uses Always for all other images.", + "enum": [ + "Always", + "IfNotPresent", + "Never" + ], + "type": "string" + }, + "logFormat": { + "default": "text", + "description": "The format for log output. Valid values are text, json. (default text)", + "enum": [ + "text", + "json" + ], + "type": "string" + }, + "nonAdmin": { + "description": "nonAdmin defines the configuration for the DPA to enable backup and restore operations for non-admin users", + "properties": { + "backupSyncPeriod": { + "description": "BackupSyncPeriod specifies the interval at which backups from the OADP namespace are synchronized with non-admin namespaces.\nA value of 0 disables sync.\nBy default 2m", + "type": "string" + }, + "enable": { + "description": "Enables non admin feature, by default is disabled", + "type": "boolean" + }, + "enforceBSLSpec": { + "description": "which backupstoragelocation spec field values to enforce", + "properties": { + "accessMode": { + "description": "AccessMode defines the permissions for the backup storage location.", + "enum": [ + "ReadOnly", + "ReadWrite" + ], + "type": "string" + }, + "backupSyncPeriod": { + "description": "BackupSyncPeriod defines how frequently to sync backup API objects from object storage. A value of 0 disables sync.", + "nullable": true, + "type": "string" + }, + "config": { + "additionalProperties": { + "type": "string" + }, + "description": "Config is for provider-specific configuration fields.", + "type": "object" + }, + "credential": { + "description": "Credential contains the credential information intended to be used with this location", + "properties": { + "key": { + "description": "The key of the secret to select from. Must be a valid secret key.", + "type": "string" + }, + "name": { + "default": "", + "description": "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names", + "type": "string" + }, + "optional": { + "description": "Specify whether the Secret or its key must be defined", + "type": "boolean" + } + }, + "required": [ + "key" + ], + "type": "object", + "x-kubernetes-map-type": "atomic" + }, + "objectStorage": { + "description": "ObjectStorageLocation defines the enforced values for the Velero ObjectStorageLocation", + "nullable": true, + "properties": { + "bucket": { + "description": "Bucket is the bucket to use for object storage.", + "type": "string" + }, + "caCert": { + "description": "CACert defines a CA bundle to use when verifying TLS connections to the provider.", + "format": "byte", + "type": "string" + }, + "prefix": { + "description": "Prefix is the path inside a bucket to use for Velero storage. Optional.", + "type": "string" + } + }, + "type": "object" + }, + "provider": { + "description": "Provider is the provider of the backup storage.", + "type": "string" + }, + "validationFrequency": { + "description": "ValidationFrequency defines how frequently to validate the corresponding object storage. A value of 0 disables validation.", + "nullable": true, + "type": "string" + } + }, + "type": "object" + }, + "enforceBackupSpec": { + "description": "which bakup spec field values to enforce", + "properties": { + "csiSnapshotTimeout": { + "description": "CSISnapshotTimeout specifies the time used to wait for CSI VolumeSnapshot status turns to\nReadyToUse during creation, before returning error as timeout.\nThe default value is 10 minute.", + "type": "string" + }, + "datamover": { + "description": "DataMover specifies the data mover to be used by the backup.\nIf DataMover is \"\" or \"velero\", the built-in data mover will be used.", + "type": "string" + }, + "defaultVolumesToFsBackup": { + "description": "DefaultVolumesToFsBackup specifies whether pod volume file system backup should be used\nfor all volumes by default.", + "nullable": true, + "type": "boolean" + }, + "defaultVolumesToRestic": { + "description": "DefaultVolumesToRestic specifies whether restic should be used to take a\nbackup of all pod volumes by default.\n\nDeprecated: this field is no longer used and will be removed entirely in future. Use DefaultVolumesToFsBackup instead.", + "nullable": true, + "type": "boolean" + }, + "excludedClusterScopedResources": { + "description": "ExcludedClusterScopedResources is a slice of cluster-scoped\nresource type names to exclude from the backup.\nIf set to \"*\", all cluster-scoped resource types are excluded.\nThe default value is empty.", + "items": { + "type": "string" + }, + "nullable": true, + "type": "array" + }, + "excludedNamespaceScopedResources": { + "description": "ExcludedNamespaceScopedResources is a slice of namespace-scoped\nresource type names to exclude from the backup.\nIf set to \"*\", all namespace-scoped resource types are excluded.\nThe default value is empty.", + "items": { + "type": "string" + }, + "nullable": true, + "type": "array" + }, + "excludedNamespaces": { + "description": "ExcludedNamespaces contains a list of namespaces that are not\nincluded in the backup.", + "items": { + "type": "string" + }, + "nullable": true, + "type": "array" + }, + "excludedResources": { + "description": "ExcludedResources is a slice of resource names that are not\nincluded in the backup.", + "items": { + "type": "string" + }, + "nullable": true, + "type": "array" + }, + "hooks": { + "description": "Hooks represent custom behaviors that should be executed at different phases of the backup.", + "properties": { + "resources": { + "description": "Resources are hooks that should be executed when backing up individual instances of a resource.", + "items": { + "description": "BackupResourceHookSpec defines one or more BackupResourceHooks that should be executed based on\nthe rules defined for namespaces, resources, and label selector.", + "properties": { + "excludedNamespaces": { + "description": "ExcludedNamespaces specifies the namespaces to which this hook spec does not apply.", + "items": { + "type": "string" + }, + "nullable": true, + "type": "array" + }, + "excludedResources": { + "description": "ExcludedResources specifies the resources to which this hook spec does not apply.", + "items": { + "type": "string" + }, + "nullable": true, + "type": "array" + }, + "includedNamespaces": { + "description": "IncludedNamespaces specifies the namespaces to which this hook spec applies. If empty, it applies\nto all namespaces.", + "items": { + "type": "string" + }, + "nullable": true, + "type": "array" + }, + "includedResources": { + "description": "IncludedResources specifies the resources to which this hook spec applies. If empty, it applies\nto all resources.", + "items": { + "type": "string" + }, + "nullable": true, + "type": "array" + }, + "labelSelector": { + "description": "LabelSelector, if specified, filters the resources to which this hook spec applies.", + "nullable": true, + "properties": { + "matchExpressions": { + "description": "matchExpressions is a list of label selector requirements. The requirements are ANDed.", + "items": { + "description": "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values.", + "properties": { + "key": { + "description": "key is the label key that the selector applies to.", + "type": "string" + }, + "operator": { + "description": "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist.", + "type": "string" + }, + "values": { + "description": "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch.", + "items": { + "type": "string" + }, + "type": "array", + "x-kubernetes-list-type": "atomic" + } + }, + "required": [ + "key", + "operator" + ], + "type": "object" + }, + "type": "array", + "x-kubernetes-list-type": "atomic" + }, + "matchLabels": { + "additionalProperties": { + "type": "string" + }, + "description": "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed.", + "type": "object" + } + }, + "type": "object", + "x-kubernetes-map-type": "atomic" + }, + "name": { + "description": "Name is the name of this hook.", + "type": "string" + }, + "post": { + "description": "PostHooks is a list of BackupResourceHooks to execute after storing the item in the backup.\nThese are executed after all \"additional items\" from item actions are processed.", + "items": { + "description": "BackupResourceHook defines a hook for a resource.", + "properties": { + "exec": { + "description": "Exec defines an exec hook.", + "properties": { + "command": { + "description": "Command is the command and arguments to execute.", + "items": { + "type": "string" + }, + "minItems": 1, + "type": "array" + }, + "container": { + "description": "Container is the container in the pod where the command should be executed. If not specified,\nthe pod's first container is used.", + "type": "string" + }, + "onError": { + "description": "OnError specifies how Velero should behave if it encounters an error executing this hook.", + "enum": [ + "Continue", + "Fail" + ], + "type": "string" + }, + "timeout": { + "description": "Timeout defines the maximum amount of time Velero should wait for the hook to complete before\nconsidering the execution a failure.", + "type": "string" + } + }, + "required": [ + "command" + ], + "type": "object" + } + }, + "required": [ + "exec" + ], + "type": "object" + }, + "type": "array" + }, + "pre": { + "description": "PreHooks is a list of BackupResourceHooks to execute prior to storing the item in the backup.\nThese are executed before any \"additional items\" from item actions are processed.", + "items": { + "description": "BackupResourceHook defines a hook for a resource.", + "properties": { + "exec": { + "description": "Exec defines an exec hook.", + "properties": { + "command": { + "description": "Command is the command and arguments to execute.", + "items": { + "type": "string" + }, + "minItems": 1, + "type": "array" + }, + "container": { + "description": "Container is the container in the pod where the command should be executed. If not specified,\nthe pod's first container is used.", + "type": "string" + }, + "onError": { + "description": "OnError specifies how Velero should behave if it encounters an error executing this hook.", + "enum": [ + "Continue", + "Fail" + ], + "type": "string" + }, + "timeout": { + "description": "Timeout defines the maximum amount of time Velero should wait for the hook to complete before\nconsidering the execution a failure.", + "type": "string" + } + }, + "required": [ + "command" + ], + "type": "object" + } + }, + "required": [ + "exec" + ], + "type": "object" + }, + "type": "array" + } + }, + "required": [ + "name" + ], + "type": "object" + }, + "nullable": true, + "type": "array" + } + }, + "type": "object" + }, + "includeClusterResources": { + "description": "IncludeClusterResources specifies whether cluster-scoped resources\nshould be included for consideration in the backup.", + "nullable": true, + "type": "boolean" + }, + "includedClusterScopedResources": { + "description": "IncludedClusterScopedResources is a slice of cluster-scoped\nresource type names to include in the backup.\nIf set to \"*\", all cluster-scoped resource types are included.\nThe default value is empty, which means only related\ncluster-scoped resources are included.", + "items": { + "type": "string" + }, + "nullable": true, + "type": "array" + }, + "includedNamespaceScopedResources": { + "description": "IncludedNamespaceScopedResources is a slice of namespace-scoped\nresource type names to include in the backup.\nThe default value is \"*\".", + "items": { + "type": "string" + }, + "nullable": true, + "type": "array" + }, + "includedNamespaces": { + "description": "IncludedNamespaces is a slice of namespace names to include objects\nfrom. If empty, all namespaces are included.", + "items": { + "type": "string" + }, + "nullable": true, + "type": "array" + }, + "includedResources": { + "description": "IncludedResources is a slice of resource names to include\nin the backup. If empty, all resources are included.", + "items": { + "type": "string" + }, + "nullable": true, + "type": "array" + }, + "itemOperationTimeout": { + "description": "ItemOperationTimeout specifies the time used to wait for asynchronous BackupItemAction operations\nThe default value is 4 hour.", + "type": "string" + }, + "labelSelector": { + "description": "LabelSelector is a metav1.LabelSelector to filter with\nwhen adding individual objects to the backup. If empty\nor nil, all objects are included. Optional.", + "nullable": true, + "properties": { + "matchExpressions": { + "description": "matchExpressions is a list of label selector requirements. The requirements are ANDed.", + "items": { + "description": "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values.", + "properties": { + "key": { + "description": "key is the label key that the selector applies to.", + "type": "string" + }, + "operator": { + "description": "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist.", + "type": "string" + }, + "values": { + "description": "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch.", + "items": { + "type": "string" + }, + "type": "array", + "x-kubernetes-list-type": "atomic" + } + }, + "required": [ + "key", + "operator" + ], + "type": "object" + }, + "type": "array", + "x-kubernetes-list-type": "atomic" + }, + "matchLabels": { + "additionalProperties": { + "type": "string" + }, + "description": "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed.", + "type": "object" + } + }, + "type": "object", + "x-kubernetes-map-type": "atomic" + }, + "metadata": { + "properties": { + "labels": { + "additionalProperties": { + "type": "string" + }, + "type": "object" + } + }, + "type": "object" + }, + "orLabelSelectors": { + "description": "OrLabelSelectors is list of metav1.LabelSelector to filter with\nwhen adding individual objects to the backup. If multiple provided\nthey will be joined by the OR operator. LabelSelector as well as\nOrLabelSelectors cannot co-exist in backup request, only one of them\ncan be used.", + "items": { + "description": "A label selector is a label query over a set of resources. The result of matchLabels and\nmatchExpressions are ANDed. An empty label selector matches all objects. A null\nlabel selector matches no objects.", + "properties": { + "matchExpressions": { + "description": "matchExpressions is a list of label selector requirements. The requirements are ANDed.", + "items": { + "description": "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values.", + "properties": { + "key": { + "description": "key is the label key that the selector applies to.", + "type": "string" + }, + "operator": { + "description": "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist.", + "type": "string" + }, + "values": { + "description": "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch.", + "items": { + "type": "string" + }, + "type": "array", + "x-kubernetes-list-type": "atomic" + } + }, + "required": [ + "key", + "operator" + ], + "type": "object" + }, + "type": "array", + "x-kubernetes-list-type": "atomic" + }, + "matchLabels": { + "additionalProperties": { + "type": "string" + }, + "description": "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed.", + "type": "object" + } + }, + "type": "object", + "x-kubernetes-map-type": "atomic" + }, + "nullable": true, + "type": "array" + }, + "orderedResources": { + "additionalProperties": { + "type": "string" + }, + "description": "OrderedResources specifies the backup order of resources of specific Kind.\nThe map key is the resource name and value is a list of object names separated by commas.\nEach resource name has format \"namespace/objectname\". For cluster resources, simply use \"objectname\".", + "nullable": true, + "type": "object" + }, + "resourcePolicy": { + "description": "ResourcePolicy specifies the referenced resource policies that backup should follow", + "properties": { + "apiGroup": { + "description": "APIGroup is the group for the resource being referenced.\nIf APIGroup is not specified, the specified Kind must be in the core API group.\nFor any other third-party types, APIGroup is required.", + "type": "string" + }, + "kind": { + "description": "Kind is the type of resource being referenced", + "type": "string" + }, + "name": { + "description": "Name is the name of resource being referenced", + "type": "string" + } + }, + "required": [ + "kind", + "name" + ], + "type": "object", + "x-kubernetes-map-type": "atomic" + }, + "snapshotMoveData": { + "description": "SnapshotMoveData specifies whether snapshot data should be moved", + "nullable": true, + "type": "boolean" + }, + "snapshotVolumes": { + "description": "SnapshotVolumes specifies whether to take snapshots\nof any PV's referenced in the set of objects included\nin the Backup.", + "nullable": true, + "type": "boolean" + }, + "storageLocation": { + "description": "StorageLocation is a string containing the name of a BackupStorageLocation where the backup should be stored.", + "type": "string" + }, + "ttl": { + "description": "TTL is a time.Duration-parseable string describing how long\nthe Backup should be retained for.", + "type": "string" + }, + "uploaderConfig": { + "description": "UploaderConfig specifies the configuration for the uploader.", + "nullable": true, + "properties": { + "parallelFilesUpload": { + "description": "ParallelFilesUpload is the number of files parallel uploads to perform when using the uploader.", + "type": "integer" + } + }, + "type": "object" + }, + "volumeGroupSnapshotLabelKey": { + "description": "VolumeGroupSnapshotLabelKey specifies the label key to group PVCs under a VGS.", + "type": "string" + }, + "volumeSnapshotLocations": { + "description": "VolumeSnapshotLocations is a list containing names of VolumeSnapshotLocations associated with this backup.", + "items": { + "type": "string" + }, + "type": "array" + } + }, + "type": "object" + }, + "enforceRestoreSpec": { + "description": "which restore spec field values to enforce", + "properties": { + "backupName": { + "description": "BackupName is the unique name of the Velero backup to restore\nfrom.", + "type": "string" + }, + "excludedNamespaces": { + "description": "ExcludedNamespaces contains a list of namespaces that are not\nincluded in the restore.", + "items": { + "type": "string" + }, + "nullable": true, + "type": "array" + }, + "excludedResources": { + "description": "ExcludedResources is a slice of resource names that are not\nincluded in the restore.", + "items": { + "type": "string" + }, + "nullable": true, + "type": "array" + }, + "existingResourcePolicy": { + "description": "ExistingResourcePolicy specifies the restore behavior for the Kubernetes resource to be restored", + "nullable": true, + "type": "string" + }, + "hooks": { + "description": "Hooks represent custom behaviors that should be executed during or post restore.", + "properties": { + "resources": { + "items": { + "description": "RestoreResourceHookSpec defines one or more RestoreResrouceHooks that should be executed based on\nthe rules defined for namespaces, resources, and label selector.", + "properties": { + "excludedNamespaces": { + "description": "ExcludedNamespaces specifies the namespaces to which this hook spec does not apply.", + "items": { + "type": "string" + }, + "nullable": true, + "type": "array" + }, + "excludedResources": { + "description": "ExcludedResources specifies the resources to which this hook spec does not apply.", + "items": { + "type": "string" + }, + "nullable": true, + "type": "array" + }, + "includedNamespaces": { + "description": "IncludedNamespaces specifies the namespaces to which this hook spec applies. If empty, it applies\nto all namespaces.", + "items": { + "type": "string" + }, + "nullable": true, + "type": "array" + }, + "includedResources": { + "description": "IncludedResources specifies the resources to which this hook spec applies. If empty, it applies\nto all resources.", + "items": { + "type": "string" + }, + "nullable": true, + "type": "array" + }, + "labelSelector": { + "description": "LabelSelector, if specified, filters the resources to which this hook spec applies.", + "nullable": true, + "properties": { + "matchExpressions": { + "description": "matchExpressions is a list of label selector requirements. The requirements are ANDed.", + "items": { + "description": "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values.", + "properties": { + "key": { + "description": "key is the label key that the selector applies to.", + "type": "string" + }, + "operator": { + "description": "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist.", + "type": "string" + }, + "values": { + "description": "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch.", + "items": { + "type": "string" + }, + "type": "array", + "x-kubernetes-list-type": "atomic" + } + }, + "required": [ + "key", + "operator" + ], + "type": "object" + }, + "type": "array", + "x-kubernetes-list-type": "atomic" + }, + "matchLabels": { + "additionalProperties": { + "type": "string" + }, + "description": "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed.", + "type": "object" + } + }, + "type": "object", + "x-kubernetes-map-type": "atomic" + }, + "name": { + "description": "Name is the name of this hook.", + "type": "string" + }, + "postHooks": { + "description": "PostHooks is a list of RestoreResourceHooks to execute during and after restoring a resource.", + "items": { + "description": "RestoreResourceHook defines a restore hook for a resource.", + "properties": { + "exec": { + "description": "Exec defines an exec restore hook.", + "properties": { + "command": { + "description": "Command is the command and arguments to execute from within a container after a pod has been restored.", + "items": { + "type": "string" + }, + "minItems": 1, + "type": "array" + }, + "container": { + "description": "Container is the container in the pod where the command should be executed. If not specified,\nthe pod's first container is used.", + "type": "string" + }, + "execTimeout": { + "description": "ExecTimeout defines the maximum amount of time Velero should wait for the hook to complete before\nconsidering the execution a failure.", + "type": "string" + }, + "onError": { + "description": "OnError specifies how Velero should behave if it encounters an error executing this hook.", + "enum": [ + "Continue", + "Fail" + ], + "type": "string" + }, + "waitForReady": { + "description": "WaitForReady ensures command will be launched when container is Ready instead of Running.", + "nullable": true, + "type": "boolean" + }, + "waitTimeout": { + "description": "WaitTimeout defines the maximum amount of time Velero should wait for the container to be Ready\nbefore attempting to run the command.", + "type": "string" + } + }, + "required": [ + "command" + ], + "type": "object" + }, + "init": { + "description": "Init defines an init restore hook.", + "properties": { + "initContainers": { + "description": "InitContainers is list of init containers to be added to a pod during its restore.", + "items": { + "type": "object", + "x-kubernetes-preserve-unknown-fields": true + }, + "type": "array", + "x-kubernetes-preserve-unknown-fields": true + }, + "timeout": { + "description": "Timeout defines the maximum amount of time Velero should wait for the initContainers to complete.", + "type": "string" + } + }, + "type": "object" + } + }, + "type": "object" + }, + "type": "array" + } + }, + "required": [ + "name" + ], + "type": "object" + }, + "type": "array" + } + }, + "type": "object" + }, + "includeClusterResources": { + "description": "IncludeClusterResources specifies whether cluster-scoped resources\nshould be included for consideration in the restore. If null, defaults\nto true.", + "nullable": true, + "type": "boolean" + }, + "includedNamespaces": { + "description": "IncludedNamespaces is a slice of namespace names to include objects\nfrom. If empty, all namespaces are included.", + "items": { + "type": "string" + }, + "nullable": true, + "type": "array" + }, + "includedResources": { + "description": "IncludedResources is a slice of resource names to include\nin the restore. If empty, all resources in the backup are included.", + "items": { + "type": "string" + }, + "nullable": true, + "type": "array" + }, + "itemOperationTimeout": { + "description": "ItemOperationTimeout specifies the time used to wait for RestoreItemAction operations\nThe default value is 4 hour.", + "type": "string" + }, + "labelSelector": { + "description": "LabelSelector is a metav1.LabelSelector to filter with\nwhen restoring individual objects from the backup. If empty\nor nil, all objects are included. Optional.", + "nullable": true, + "properties": { + "matchExpressions": { + "description": "matchExpressions is a list of label selector requirements. The requirements are ANDed.", + "items": { + "description": "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values.", + "properties": { + "key": { + "description": "key is the label key that the selector applies to.", + "type": "string" + }, + "operator": { + "description": "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist.", + "type": "string" + }, + "values": { + "description": "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch.", + "items": { + "type": "string" + }, + "type": "array", + "x-kubernetes-list-type": "atomic" + } + }, + "required": [ + "key", + "operator" + ], + "type": "object" + }, + "type": "array", + "x-kubernetes-list-type": "atomic" + }, + "matchLabels": { + "additionalProperties": { + "type": "string" + }, + "description": "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed.", + "type": "object" + } + }, + "type": "object", + "x-kubernetes-map-type": "atomic" + }, + "namespaceMapping": { + "additionalProperties": { + "type": "string" + }, + "description": "NamespaceMapping is a map of source namespace names\nto target namespace names to restore into. Any source\nnamespaces not included in the map will be restored into\nnamespaces of the same name.", + "type": "object" + }, + "orLabelSelectors": { + "description": "OrLabelSelectors is list of metav1.LabelSelector to filter with\nwhen restoring individual objects from the backup. If multiple provided\nthey will be joined by the OR operator. LabelSelector as well as\nOrLabelSelectors cannot co-exist in restore request, only one of them\ncan be used", + "items": { + "description": "A label selector is a label query over a set of resources. The result of matchLabels and\nmatchExpressions are ANDed. An empty label selector matches all objects. A null\nlabel selector matches no objects.", + "properties": { + "matchExpressions": { + "description": "matchExpressions is a list of label selector requirements. The requirements are ANDed.", + "items": { + "description": "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values.", + "properties": { + "key": { + "description": "key is the label key that the selector applies to.", + "type": "string" + }, + "operator": { + "description": "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist.", + "type": "string" + }, + "values": { + "description": "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch.", + "items": { + "type": "string" + }, + "type": "array", + "x-kubernetes-list-type": "atomic" + } + }, + "required": [ + "key", + "operator" + ], + "type": "object" + }, + "type": "array", + "x-kubernetes-list-type": "atomic" + }, + "matchLabels": { + "additionalProperties": { + "type": "string" + }, + "description": "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed.", + "type": "object" + } + }, + "type": "object", + "x-kubernetes-map-type": "atomic" + }, + "nullable": true, + "type": "array" + }, + "preserveNodePorts": { + "description": "PreserveNodePorts specifies whether to restore old nodePorts from backup.", + "nullable": true, + "type": "boolean" + }, + "resourceModifier": { + "description": "ResourceModifier specifies the reference to JSON resource patches that should be applied to resources before restoration.", + "nullable": true, + "properties": { + "apiGroup": { + "description": "APIGroup is the group for the resource being referenced.\nIf APIGroup is not specified, the specified Kind must be in the core API group.\nFor any other third-party types, APIGroup is required.", + "type": "string" + }, + "kind": { + "description": "Kind is the type of resource being referenced", + "type": "string" + }, + "name": { + "description": "Name is the name of resource being referenced", + "type": "string" + } + }, + "required": [ + "kind", + "name" + ], + "type": "object", + "x-kubernetes-map-type": "atomic" + }, + "restorePVs": { + "description": "RestorePVs specifies whether to restore all included\nPVs from snapshot", + "nullable": true, + "type": "boolean" + }, + "restoreStatus": { + "description": "RestoreStatus specifies which resources we should restore the status\nfield. If nil, no objects are included. Optional.", + "nullable": true, + "properties": { + "excludedResources": { + "description": "ExcludedResources specifies the resources to which will not restore the status.", + "items": { + "type": "string" + }, + "nullable": true, + "type": "array" + }, + "includedResources": { + "description": "IncludedResources specifies the resources to which will restore the status.\nIf empty, it applies to all resources.", + "items": { + "type": "string" + }, + "nullable": true, + "type": "array" + } + }, + "type": "object" + }, + "scheduleName": { + "description": "ScheduleName is the unique name of the Velero schedule to restore\nfrom. If specified, and BackupName is empty, Velero will restore\nfrom the most recent successful backup created from this schedule.", + "type": "string" + }, + "uploaderConfig": { + "description": "UploaderConfig specifies the configuration for the restore.", + "nullable": true, + "properties": { + "parallelFilesDownload": { + "description": "ParallelFilesDownload is the concurrency number setting for restore.", + "type": "integer" + }, + "writeSparseFiles": { + "description": "WriteSparseFiles is a flag to indicate whether write files sparsely or not.", + "nullable": true, + "type": "boolean" + } + }, + "type": "object" + } + }, + "type": "object" + }, + "garbageCollectionPeriod": { + "description": "GarbageCollectionPeriod defines how frequently to look for possible leftover non admin related objects in OADP namespace.\nA value of 0 disables garbage collection.\nBy default 24h", + "type": "string" + }, + "requireApprovalForBSL": { + "description": "RequireApprovalForBSL specifies whether cluster administrator approval is required\nfor creating Velero BackupStorageLocation (BSL) resources.\n- If set to false, all NonAdminBackupStorageLocationApproval CRDs will be automatically approved,\n including those that were previously pending or rejected.\n- If set to true, any existing BackupStorageLocation CRDs that lack the necessary approvals may be deleted,\n leaving the associated NonAdminBackup objects non-restorable until approval is granted.\nDefaults to false", + "type": "boolean" + } + }, + "type": "object" + }, + "podAnnotations": { + "additionalProperties": { + "type": "string" + }, + "description": "add annotations to pods deployed by operator\nDeprecated: Use PodConfig instead", + "type": "object" + }, + "podDnsConfig": { + "description": "podDnsConfig defines the DNS parameters of a pod in addition to\nthose generated from DNSPolicy.\nhttps://kubernetes.io/docs/concepts/services-networking/dns-pod-service/#pod-dns-config", + "properties": { + "nameservers": { + "description": "A list of DNS name server IP addresses.\nThis will be appended to the base nameservers generated from DNSPolicy.\nDuplicated nameservers will be removed.", + "items": { + "type": "string" + }, + "type": "array", + "x-kubernetes-list-type": "atomic" + }, + "options": { + "description": "A list of DNS resolver options.\nThis will be merged with the base options generated from DNSPolicy.\nDuplicated entries will be removed. Resolution options given in Options\nwill override those that appear in the base DNSPolicy.", + "items": { + "description": "PodDNSConfigOption defines DNS resolver options of a pod.", + "properties": { + "name": { + "description": "Name is this DNS resolver option's name.\nRequired.", + "type": "string" + }, + "value": { + "description": "Value is this DNS resolver option's value.", + "type": "string" + } + }, + "type": "object" + }, + "type": "array", + "x-kubernetes-list-type": "atomic" + }, + "searches": { + "description": "A list of DNS search domains for host-name lookup.\nThis will be appended to the base search paths generated from DNSPolicy.\nDuplicated search paths will be removed.", + "items": { + "type": "string" + }, + "type": "array", + "x-kubernetes-list-type": "atomic" + } + }, + "type": "object" + }, + "podDnsPolicy": { + "description": "podDnsPolicy defines how a pod's DNS will be configured.\nhttps://kubernetes.io/docs/concepts/services-networking/dns-pod-service/#pod-s-dns-policy", + "type": "string" + }, + "resourceAnnotations": { + "additionalProperties": { + "type": "string" + }, + "description": "resourceAnnotations defines annotations that will be applied to all resources managed by the DPA.\nUseful for GitOps tools like ArgoCD (e.g., argocd.argoproj.io/ignore-resource-updates: 'true').", + "type": "object" + }, + "resourceLabels": { + "additionalProperties": { + "type": "string" + }, + "description": "resourceLabels defines labels that will be applied to all resources managed by the DPA.\nThese labels are merged with OADP-required labels. User-provided labels cannot override\ncore operator labels (app.kubernetes.io/*, openshift.io/oadp).", + "type": "object" + }, + "snapshotLocations": { + "description": "snapshotLocations defines the list of desired configuration to use for VolumeSnapshotLocations", + "items": { + "description": "SnapshotLocation defines the configuration for the DPA snapshot store", + "properties": { + "name": { + "type": "string" + }, + "velero": { + "description": "VolumeSnapshotLocationSpec defines the specification for a Velero VolumeSnapshotLocation.", + "properties": { + "config": { + "additionalProperties": { + "type": "string" + }, + "description": "Config is for provider-specific configuration fields.", + "type": "object" + }, + "credential": { + "description": "Credential contains the credential information intended to be used with this location", + "properties": { + "key": { + "description": "The key of the secret to select from. Must be a valid secret key.", + "type": "string" + }, + "name": { + "default": "", + "description": "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names", + "type": "string" + }, + "optional": { + "description": "Specify whether the Secret or its key must be defined", + "type": "boolean" + } + }, + "required": [ + "key" + ], + "type": "object", + "x-kubernetes-map-type": "atomic" + }, + "provider": { + "description": "Provider is the provider of the volume storage.", + "type": "string" + } + }, + "required": [ + "provider" + ], + "type": "object" + } + }, + "required": [ + "velero" + ], + "type": "object" + }, + "type": "array" + }, + "unsupportedOverrides": { + "additionalProperties": { + "type": "string" + }, + "description": "unsupportedOverrides can be used to override images used in deployments.\nAvailable keys are:\n - veleroImageFqin\n - awsPluginImageFqin\n - legacyAWSPluginImageFqin\n - openshiftPluginImageFqin\n - azurePluginImageFqin\n - gcpPluginImageFqin\n - kubevirtPluginImageFqin\n - kubevirtDatamoverPluginImageFqin\n - kubevirtDatamoverControllerImageFqin\n - hypershiftPluginImageFqin\n - nonAdminControllerImageFqin\n - vmFileRestoreControllerImageFqin\n - vmFileRestoreAccessImageFqin\n - vmFileRestoreSSHImageFqin\n - vmFileRestoreBrowserImageFqin\n - operator-type\n - tech-preview-ack", + "type": "object" + }, + "vmFileRestore": { + "description": "vmFileRestore defines the configuration for the DPA to enable VM file restore feature", + "properties": { + "enable": { + "description": "Enable flag to deploy VM file restore controller\nBy default is disabled", + "type": "boolean" + }, + "resources": { + "description": "Resource requirements for the VM file restore controller", + "properties": { + "claims": { + "description": "Claims lists the names of resources, defined in spec.resourceClaims,\nthat are used by this container.\n\nThis is an alpha field and requires enabling the\nDynamicResourceAllocation feature gate.\n\nThis field is immutable. It can only be set for containers.", + "items": { + "description": "ResourceClaim references one entry in PodSpec.ResourceClaims.", + "properties": { + "name": { + "description": "Name must match the name of one entry in pod.spec.resourceClaims of\nthe Pod where this field is used. It makes that resource available\ninside a container.", + "type": "string" + }, + "request": { + "description": "Request is the name chosen for a request in the referenced claim.\nIf empty, everything from the claim is made available, otherwise\nonly the result of this request.", + "type": "string" + } + }, + "required": [ + "name" + ], + "type": "object" + }, + "type": "array", + "x-kubernetes-list-map-keys": [ + "name" + ], + "x-kubernetes-list-type": "map" + }, + "limits": { + "additionalProperties": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "string" + } + ], + "pattern": "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$", + "x-kubernetes-int-or-string": true + }, + "description": "Limits describes the maximum amount of compute resources allowed.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/", + "type": "object" + }, + "requests": { + "additionalProperties": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "string" + } + ], + "pattern": "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$", + "x-kubernetes-int-or-string": true + }, + "description": "Requests describes the minimum amount of compute resources required.\nIf Requests is omitted for a container, it defaults to Limits if that is explicitly specified,\notherwise to an implementation-defined value. Requests cannot exceed Limits.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/", + "type": "object" + } + }, + "type": "object" + } + }, + "type": "object" + } + }, + "required": [ + "configuration" + ], + "type": "object" + }, + "status": { + "description": "DataProtectionApplicationStatus defines the observed state of DataProtectionApplication", + "properties": { + "conditions": { + "description": "Conditions defines the observed state of DataProtectionApplication", + "items": { + "description": "Condition contains details for one aspect of the current state of this API Resource.", + "properties": { + "lastTransitionTime": { + "description": "lastTransitionTime is the last time the condition transitioned from one status to another.\nThis should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable.", + "format": "date-time", + "type": "string" + }, + "message": { + "description": "message is a human readable message indicating details about the transition.\nThis may be an empty string.", + "maxLength": 32768, + "type": "string" + }, + "observedGeneration": { + "description": "observedGeneration represents the .metadata.generation that the condition was set based upon.\nFor instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date\nwith respect to the current state of the instance.", + "format": "int64", + "minimum": 0, + "type": "integer" + }, + "reason": { + "description": "reason contains a programmatic identifier indicating the reason for the condition's last transition.\nProducers of specific condition types may define expected values and meanings for this field,\nand whether the values are considered a guaranteed API.\nThe value should be a CamelCase string.\nThis field may not be empty.", + "maxLength": 1024, + "minLength": 1, + "pattern": "^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$", + "type": "string" + }, + "status": { + "description": "status of the condition, one of True, False, Unknown.", + "enum": [ + "True", + "False", + "Unknown" + ], + "type": "string" + }, + "type": { + "description": "type of condition in CamelCase or in foo.example.com/CamelCase.", + "maxLength": 316, + "pattern": "^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$", + "type": "string" + } + }, + "required": [ + "lastTransitionTime", + "message", + "reason", + "status", + "type" + ], + "type": "object" + }, + "type": "array" + } + }, + "type": "object" + } + }, + "required": [], + "type": "object", + "x-kubernetes-group-version-kind": [ + { + "group": "oadp.openshift.io", + "kind": "DataProtectionApplication", + "version": "v1alpha1" + } + ] + }, + "oadp.openshift.io/v1alpha1/DataProtectionApplicationList": { + "description": "DataProtectionApplicationList is a list of DataProtectionApplication", + "namespaced": true, + "properties": { + "apiVersion": { + "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources", + "type": "string" + }, + "items": { + "description": "List of dataprotectionapplications. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md", + "items": { + "$ref": "#/components/schemas/io.openshift.oadp.v1alpha1.DataProtectionApplication" + }, + "type": "array" + }, + "kind": { + "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", + "type": "string" + }, + "metadata": { + "allOf": [ + { + "$ref": "#/components/schemas/io.k8s.apimachinery.pkg.apis.meta.v1.ListMeta" + } + ], + "description": "Standard list metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + } + }, + "required": [ + "items" + ], + "type": "object", + "x-kubernetes-group-version-kind": [ + { + "group": "oadp.openshift.io", + "kind": "DataProtectionApplicationList", + "version": "v1alpha1" + } + ] + }, + "oadp.openshift.io/v1alpha1/DataProtectionTest": { + "description": "DataProtectionTest is the Schema for the dataprotectiontests API", + "namespaced": true, + "properties": { + "apiVersion": { + "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources", + "type": "string" + }, + "kind": { + "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", + "type": "string" + }, + "metadata": { + "allOf": [ + { + "$ref": "#/components/schemas/io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta" + } + ], + "description": "Standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata" + }, + "spec": { + "description": "DataProtectionTestSpec defines the desired tests to perform.", + "properties": { + "backupLocationName": { + "description": "backupLocationName specifies the name the Velero BackupStorageLocation (BSL) to test against.", + "type": "string" + }, + "backupLocationSpec": { + "description": "backupLocationSpec is an inline copy of the BSL spec to use during testing.", + "properties": { + "accessMode": { + "description": "AccessMode defines the permissions for the backup storage location.", + "enum": [ + "ReadOnly", + "ReadWrite" + ], + "type": "string" + }, + "backupSyncPeriod": { + "description": "BackupSyncPeriod defines how frequently to sync backup API objects from object storage. A value of 0 disables sync.", + "nullable": true, + "type": "string" + }, + "config": { + "additionalProperties": { + "type": "string" + }, + "description": "Config is for provider-specific configuration fields.", + "type": "object" + }, + "credential": { + "description": "Credential contains the credential information intended to be used with this location", + "properties": { + "key": { + "description": "The key of the secret to select from. Must be a valid secret key.", + "type": "string" + }, + "name": { + "default": "", + "description": "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names", + "type": "string" + }, + "optional": { + "description": "Specify whether the Secret or its key must be defined", + "type": "boolean" + } + }, + "required": [ + "key" + ], + "type": "object", + "x-kubernetes-map-type": "atomic" + }, + "default": { + "description": "Default indicates this location is the default backup storage location.", + "type": "boolean" + }, + "objectStorage": { + "description": "ObjectStorageLocation specifies the settings necessary to connect to a provider's object storage.", + "properties": { + "bucket": { + "description": "Bucket is the bucket to use for object storage.", + "type": "string" + }, + "caCert": { + "description": "CACert defines a CA bundle to use when verifying TLS connections to the provider.\nDeprecated: Use CACertRef instead.", + "format": "byte", + "type": "string" + }, + "caCertRef": { + "description": "CACertRef is a reference to a Secret containing the CA certificate bundle to use\nwhen verifying TLS connections to the provider. The Secret must be in the same\nnamespace as the BackupStorageLocation.", + "properties": { + "key": { + "description": "The key of the secret to select from. Must be a valid secret key.", + "type": "string" + }, + "name": { + "default": "", + "description": "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names", + "type": "string" + }, + "optional": { + "description": "Specify whether the Secret or its key must be defined", + "type": "boolean" + } + }, + "required": [ + "key" + ], + "type": "object", + "x-kubernetes-map-type": "atomic" + }, + "prefix": { + "description": "Prefix is the path inside a bucket to use for Velero storage. Optional.", + "type": "string" + } + }, + "required": [ + "bucket" + ], + "type": "object" + }, + "provider": { + "description": "Provider is the provider of the backup storage.", + "type": "string" + }, + "validationFrequency": { + "description": "ValidationFrequency defines how frequently to validate the corresponding object storage. A value of 0 disables validation.", + "nullable": true, + "type": "string" + } + }, + "required": [ + "objectStorage", + "provider" + ], + "type": "object" + }, + "csiVolumeSnapshotTestConfigs": { + "description": "csiVolumeSnapshotTestConfigs defines one or more CSI VolumeSnapshot tests to perform.", + "items": { + "description": "CSIVolumeSnapshotTestConfig contains config for performing a CSI VolumeSnapshot test.", + "properties": { + "snapshotClassName": { + "description": "snapshotClassName specifies the CSI snapshot class to use.", + "type": "string" + }, + "timeout": { + "description": "timeout specifies how long to wait for the snapshot to become ready, e.g., \"60s\"", + "type": "string" + }, + "volumeSnapshotSource": { + "description": "volumeSnapshotSource defines the PVC to snapshot.", + "properties": { + "persistentVolumeClaimName": { + "description": "persistentVolumeClaimName is the name of the PVC to snapshot.", + "type": "string" + }, + "persistentVolumeClaimNamespace": { + "description": "persistentVolumeClaimNamespace is the namespace of the PVC.", + "type": "string" + } + }, + "type": "object" + } + }, + "type": "object" + }, + "type": "array" + }, + "forceRun": { + "default": false, + "description": "forceRun will re-trigger the DPT even if it already completed", + "type": "boolean" + }, + "skipTLSVerify": { + "default": false, + "description": "skipTLSVerify controls whether to bypass TLS certificate validation", + "type": "boolean" + }, + "uploadSpeedTestConfig": { + "description": "uploadSpeedTestConfig specifies parameters for an object storage upload speed test.", + "properties": { + "fileSize": { + "description": "fileSize is the size of data to upload, e.g., \"100MB\".", + "type": "string" + }, + "timeout": { + "description": "timeout defines the maximum duration for the upload test, e.g., \"60s\".", + "type": "string" + } + }, + "type": "object" + } + }, + "type": "object" + }, + "status": { + "description": "DataProtectionTestStatus represents the observed results of the tests.", + "properties": { + "bucketMetadata": { + "description": "bucketMetadata reports the encryption and versioning status of the target bucket.", + "properties": { + "encryptionAlgorithm": { + "description": "encryptionAlgorithm reports the encryption method (AES256, aws:kms, or \"None\").", + "type": "string" + }, + "errorMessage": { + "description": "errorMessage contains details of any failure to fetch bucket metadata.", + "type": "string" + }, + "versioningStatus": { + "description": "versioningStatus indicates whether bucket versioning is Enabled, Suspended, or None.", + "type": "string" + } + }, + "type": "object" + }, + "errorMessage": { + "description": "errorMessage contains details of any DPT failure", + "type": "string" + }, + "lastTested": { + "description": "lastTested is the timestamp when the test was last run.", + "format": "date-time", + "type": "string" + }, + "phase": { + "description": "phase indicates phase of the DataProtectionTest - Complete, Failed", + "type": "string" + }, + "s3Vendor": { + "description": "s3Vendor indicates the detected s3 vendor name from the storage endpoint if applicable (e.g., AWS, MinIO).", + "type": "string" + }, + "snapshotSummary": { + "description": "snapshot test pass/fail summary", + "type": "string" + }, + "snapshotTests": { + "description": "snapshotTests contains results for each snapshot tested PVC.", + "items": { + "description": "SnapshotTestStatus holds the result for an individual PVC snapshot test.", + "properties": { + "errorMessage": { + "description": "errorMessage contains details of any snapshot failure.", + "type": "string" + }, + "persistentVolumeClaimName": { + "description": "persistentVolumeClaimName of the tested PVC.", + "type": "string" + }, + "persistentVolumeClaimNamespace": { + "description": "persistentVolumeClaimNamespace of the tested PVC.", + "type": "string" + }, + "readyDuration": { + "description": "readyDuration is the time it took for the snapshot to become ReadyToUse.", + "type": "string" + }, + "status": { + "description": "status indicates snapshot readiness (\"Ready\", \"Failed\").", + "type": "string" + } + }, + "type": "object" + }, + "type": "array" + }, + "uploadTest": { + "description": "uploadTest contains results of the object storage upload test.", + "properties": { + "duration": { + "description": "duration is the time taken to upload the test file.", + "type": "string" + }, + "errorMessage": { + "description": "errorMessage contains details of any upload failure.", + "type": "string" + }, + "speedMbps": { + "description": "speedMbps is the calculated upload speed.", + "format": "int64", + "type": "integer" + }, + "success": { + "description": "success indicates if the upload succeeded.", + "type": "boolean" + } + }, + "type": "object" + } + }, + "type": "object" + } + }, + "required": [], + "type": "object", + "x-kubernetes-group-version-kind": [ + { + "group": "oadp.openshift.io", + "kind": "DataProtectionTest", + "version": "v1alpha1" + } + ] + }, + "oadp.openshift.io/v1alpha1/DataProtectionTestList": { + "description": "DataProtectionTestList is a list of DataProtectionTest", + "namespaced": true, + "properties": { + "apiVersion": { + "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources", + "type": "string" + }, + "items": { + "description": "List of dataprotectiontests. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md", + "items": { + "$ref": "#/components/schemas/io.openshift.oadp.v1alpha1.DataProtectionTest" + }, + "type": "array" + }, + "kind": { + "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", + "type": "string" + }, + "metadata": { + "allOf": [ + { + "$ref": "#/components/schemas/io.k8s.apimachinery.pkg.apis.meta.v1.ListMeta" + } + ], + "description": "Standard list metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + } + }, + "required": [ + "items" + ], + "type": "object", + "x-kubernetes-group-version-kind": [ + { + "group": "oadp.openshift.io", + "kind": "DataProtectionTestList", + "version": "v1alpha1" + } + ] + }, + "oadp.openshift.io/v1alpha1/NonAdminBackup": { + "description": "NonAdminBackup is the Schema for the nonadminbackups API", + "namespaced": true, + "properties": { + "apiVersion": { + "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources", + "type": "string" + }, + "kind": { + "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", + "type": "string" + }, + "metadata": { + "allOf": [ + { + "$ref": "#/components/schemas/io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta" + } + ], + "description": "Standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata" + }, + "spec": { + "description": "NonAdminBackupSpec defines the desired state of NonAdminBackup", + "properties": { + "backupSpec": { + "description": "BackupSpec defines the specification for a Velero backup.", + "properties": { + "csiSnapshotTimeout": { + "description": "CSISnapshotTimeout specifies the time used to wait for CSI VolumeSnapshot status turns to\nReadyToUse during creation, before returning error as timeout.\nThe default value is 10 minute.", + "type": "string" + }, + "datamover": { + "description": "DataMover specifies the data mover to be used by the backup.\nIf DataMover is \"\" or \"velero\", the built-in data mover will be used.", + "type": "string" + }, + "defaultVolumesToFsBackup": { + "description": "DefaultVolumesToFsBackup specifies whether pod volume file system backup should be used\nfor all volumes by default.", + "nullable": true, + "type": "boolean" + }, + "defaultVolumesToRestic": { + "description": "DefaultVolumesToRestic specifies whether restic should be used to take a\nbackup of all pod volumes by default.\n\nDeprecated: this field is no longer used and will be removed entirely in future. Use DefaultVolumesToFsBackup instead.", + "nullable": true, + "type": "boolean" + }, + "excludedClusterScopedResources": { + "description": "ExcludedClusterScopedResources is a slice of cluster-scoped\nresource type names to exclude from the backup.\nIf set to \"*\", all cluster-scoped resource types are excluded.\nThe default value is empty.", + "items": { + "type": "string" + }, + "nullable": true, + "type": "array" + }, + "excludedNamespaceScopedResources": { + "description": "ExcludedNamespaceScopedResources is a slice of namespace-scoped\nresource type names to exclude from the backup.\nIf set to \"*\", all namespace-scoped resource types are excluded.\nThe default value is empty.", + "items": { + "type": "string" + }, + "nullable": true, + "type": "array" + }, + "excludedNamespaces": { + "description": "ExcludedNamespaces contains a list of namespaces that are not\nincluded in the backup.", + "items": { + "type": "string" + }, + "nullable": true, + "type": "array" + }, + "excludedResources": { + "description": "ExcludedResources is a slice of resource names that are not\nincluded in the backup.", + "items": { + "type": "string" + }, + "nullable": true, + "type": "array" + }, + "hooks": { + "description": "Hooks represent custom behaviors that should be executed at different phases of the backup.", + "properties": { + "resources": { + "description": "Resources are hooks that should be executed when backing up individual instances of a resource.", + "items": { + "description": "BackupResourceHookSpec defines one or more BackupResourceHooks that should be executed based on\nthe rules defined for namespaces, resources, and label selector.", + "properties": { + "excludedNamespaces": { + "description": "ExcludedNamespaces specifies the namespaces to which this hook spec does not apply.", + "items": { + "type": "string" + }, + "nullable": true, + "type": "array" + }, + "excludedResources": { + "description": "ExcludedResources specifies the resources to which this hook spec does not apply.", + "items": { + "type": "string" + }, + "nullable": true, + "type": "array" + }, + "includedNamespaces": { + "description": "IncludedNamespaces specifies the namespaces to which this hook spec applies. If empty, it applies\nto all namespaces.", + "items": { + "type": "string" + }, + "nullable": true, + "type": "array" + }, + "includedResources": { + "description": "IncludedResources specifies the resources to which this hook spec applies. If empty, it applies\nto all resources.", + "items": { + "type": "string" + }, + "nullable": true, + "type": "array" + }, + "labelSelector": { + "description": "LabelSelector, if specified, filters the resources to which this hook spec applies.", + "nullable": true, + "properties": { + "matchExpressions": { + "description": "matchExpressions is a list of label selector requirements. The requirements are ANDed.", + "items": { + "description": "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values.", + "properties": { + "key": { + "description": "key is the label key that the selector applies to.", + "type": "string" + }, + "operator": { + "description": "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist.", + "type": "string" + }, + "values": { + "description": "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch.", + "items": { + "type": "string" + }, + "type": "array", + "x-kubernetes-list-type": "atomic" + } + }, + "required": [ + "key", + "operator" + ], + "type": "object" + }, + "type": "array", + "x-kubernetes-list-type": "atomic" + }, + "matchLabels": { + "additionalProperties": { + "type": "string" + }, + "description": "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed.", + "type": "object" + } + }, + "type": "object", + "x-kubernetes-map-type": "atomic" + }, + "name": { + "description": "Name is the name of this hook.", + "type": "string" + }, + "post": { + "description": "PostHooks is a list of BackupResourceHooks to execute after storing the item in the backup.\nThese are executed after all \"additional items\" from item actions are processed.", + "items": { + "description": "BackupResourceHook defines a hook for a resource.", + "properties": { + "exec": { + "description": "Exec defines an exec hook.", + "properties": { + "command": { + "description": "Command is the command and arguments to execute.", + "items": { + "type": "string" + }, + "minItems": 1, + "type": "array" + }, + "container": { + "description": "Container is the container in the pod where the command should be executed. If not specified,\nthe pod's first container is used.", + "type": "string" + }, + "onError": { + "description": "OnError specifies how Velero should behave if it encounters an error executing this hook.", + "enum": [ + "Continue", + "Fail" + ], + "type": "string" + }, + "timeout": { + "description": "Timeout defines the maximum amount of time Velero should wait for the hook to complete before\nconsidering the execution a failure.", + "type": "string" + } + }, + "required": [ + "command" + ], + "type": "object" + } + }, + "required": [ + "exec" + ], + "type": "object" + }, + "type": "array" + }, + "pre": { + "description": "PreHooks is a list of BackupResourceHooks to execute prior to storing the item in the backup.\nThese are executed before any \"additional items\" from item actions are processed.", + "items": { + "description": "BackupResourceHook defines a hook for a resource.", + "properties": { + "exec": { + "description": "Exec defines an exec hook.", + "properties": { + "command": { + "description": "Command is the command and arguments to execute.", + "items": { + "type": "string" + }, + "minItems": 1, + "type": "array" + }, + "container": { + "description": "Container is the container in the pod where the command should be executed. If not specified,\nthe pod's first container is used.", + "type": "string" + }, + "onError": { + "description": "OnError specifies how Velero should behave if it encounters an error executing this hook.", + "enum": [ + "Continue", + "Fail" + ], + "type": "string" + }, + "timeout": { + "description": "Timeout defines the maximum amount of time Velero should wait for the hook to complete before\nconsidering the execution a failure.", + "type": "string" + } + }, + "required": [ + "command" + ], + "type": "object" + } + }, + "required": [ + "exec" + ], + "type": "object" + }, + "type": "array" + } + }, + "required": [ + "name" + ], + "type": "object" + }, + "nullable": true, + "type": "array" + } + }, + "type": "object" + }, + "includeClusterResources": { + "description": "IncludeClusterResources specifies whether cluster-scoped resources\nshould be included for consideration in the backup.", + "nullable": true, + "type": "boolean" + }, + "includedClusterScopedResources": { + "description": "IncludedClusterScopedResources is a slice of cluster-scoped\nresource type names to include in the backup.\nIf set to \"*\", all cluster-scoped resource types are included.\nThe default value is empty, which means only related\ncluster-scoped resources are included.", + "items": { + "type": "string" + }, + "nullable": true, + "type": "array" + }, + "includedNamespaceScopedResources": { + "description": "IncludedNamespaceScopedResources is a slice of namespace-scoped\nresource type names to include in the backup.\nThe default value is \"*\".", + "items": { + "type": "string" + }, + "nullable": true, + "type": "array" + }, + "includedNamespaces": { + "description": "IncludedNamespaces is a slice of namespace names to include objects\nfrom. If empty, all namespaces are included.", + "items": { + "type": "string" + }, + "nullable": true, + "type": "array" + }, + "includedResources": { + "description": "IncludedResources is a slice of resource names to include\nin the backup. If empty, all resources are included.", + "items": { + "type": "string" + }, + "nullable": true, + "type": "array" + }, + "itemOperationTimeout": { + "description": "ItemOperationTimeout specifies the time used to wait for asynchronous BackupItemAction operations\nThe default value is 4 hour.", + "type": "string" + }, + "labelSelector": { + "description": "LabelSelector is a metav1.LabelSelector to filter with\nwhen adding individual objects to the backup. If empty\nor nil, all objects are included. Optional.", + "nullable": true, + "properties": { + "matchExpressions": { + "description": "matchExpressions is a list of label selector requirements. The requirements are ANDed.", + "items": { + "description": "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values.", + "properties": { + "key": { + "description": "key is the label key that the selector applies to.", + "type": "string" + }, + "operator": { + "description": "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist.", + "type": "string" + }, + "values": { + "description": "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch.", + "items": { + "type": "string" + }, + "type": "array", + "x-kubernetes-list-type": "atomic" + } + }, + "required": [ + "key", + "operator" + ], + "type": "object" + }, + "type": "array", + "x-kubernetes-list-type": "atomic" + }, + "matchLabels": { + "additionalProperties": { + "type": "string" + }, + "description": "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed.", + "type": "object" + } + }, + "type": "object", + "x-kubernetes-map-type": "atomic" + }, + "metadata": { + "properties": { + "labels": { + "additionalProperties": { + "type": "string" + }, + "type": "object" + } + }, + "type": "object" + }, + "orLabelSelectors": { + "description": "OrLabelSelectors is list of metav1.LabelSelector to filter with\nwhen adding individual objects to the backup. If multiple provided\nthey will be joined by the OR operator. LabelSelector as well as\nOrLabelSelectors cannot co-exist in backup request, only one of them\ncan be used.", + "items": { + "description": "A label selector is a label query over a set of resources. The result of matchLabels and\nmatchExpressions are ANDed. An empty label selector matches all objects. A null\nlabel selector matches no objects.", + "properties": { + "matchExpressions": { + "description": "matchExpressions is a list of label selector requirements. The requirements are ANDed.", + "items": { + "description": "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values.", + "properties": { + "key": { + "description": "key is the label key that the selector applies to.", + "type": "string" + }, + "operator": { + "description": "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist.", + "type": "string" + }, + "values": { + "description": "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch.", + "items": { + "type": "string" + }, + "type": "array", + "x-kubernetes-list-type": "atomic" + } + }, + "required": [ + "key", + "operator" + ], + "type": "object" + }, + "type": "array", + "x-kubernetes-list-type": "atomic" + }, + "matchLabels": { + "additionalProperties": { + "type": "string" + }, + "description": "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed.", + "type": "object" + } + }, + "type": "object", + "x-kubernetes-map-type": "atomic" + }, + "nullable": true, + "type": "array" + }, + "orderedResources": { + "additionalProperties": { + "type": "string" + }, + "description": "OrderedResources specifies the backup order of resources of specific Kind.\nThe map key is the resource name and value is a list of object names separated by commas.\nEach resource name has format \"namespace/objectname\". For cluster resources, simply use \"objectname\".", + "nullable": true, + "type": "object" + }, + "resourcePolicy": { + "description": "ResourcePolicy specifies the referenced resource policies that backup should follow", + "properties": { + "apiGroup": { + "description": "APIGroup is the group for the resource being referenced.\nIf APIGroup is not specified, the specified Kind must be in the core API group.\nFor any other third-party types, APIGroup is required.", + "type": "string" + }, + "kind": { + "description": "Kind is the type of resource being referenced", + "type": "string" + }, + "name": { + "description": "Name is the name of resource being referenced", + "type": "string" + } + }, + "required": [ + "kind", + "name" + ], + "type": "object", + "x-kubernetes-map-type": "atomic" + }, + "snapshotMoveData": { + "description": "SnapshotMoveData specifies whether snapshot data should be moved", + "nullable": true, + "type": "boolean" + }, + "snapshotVolumes": { + "description": "SnapshotVolumes specifies whether to take snapshots\nof any PV's referenced in the set of objects included\nin the Backup.", + "nullable": true, + "type": "boolean" + }, + "storageLocation": { + "description": "StorageLocation is a string containing the name of a BackupStorageLocation where the backup should be stored.", + "type": "string" + }, + "ttl": { + "description": "TTL is a time.Duration-parseable string describing how long\nthe Backup should be retained for.", + "type": "string" + }, + "uploaderConfig": { + "description": "UploaderConfig specifies the configuration for the uploader.", + "nullable": true, + "properties": { + "parallelFilesUpload": { + "description": "ParallelFilesUpload is the number of files parallel uploads to perform when using the uploader.", + "type": "integer" + } + }, + "type": "object" + }, + "volumeGroupSnapshotLabelKey": { + "description": "VolumeGroupSnapshotLabelKey specifies the label key to group PVCs under a VGS.", + "type": "string" + }, + "volumeSnapshotLocations": { + "description": "VolumeSnapshotLocations is a list containing names of VolumeSnapshotLocations associated with this backup.", + "items": { + "type": "string" + }, + "type": "array" + } + }, + "type": "object" + }, + "deleteBackup": { + "description": "DeleteBackup removes the NonAdminBackup and its associated NonAdminRestores and VeleroBackup from the cluster,\nas well as the corresponding data in object storage", + "type": "boolean" + } + }, + "required": [ + "backupSpec" + ], + "type": "object" + }, + "status": { + "description": "NonAdminBackupStatus defines the observed state of NonAdminBackup", + "properties": { + "conditions": { + "items": { + "description": "Condition contains details for one aspect of the current state of this API Resource.", + "properties": { + "lastTransitionTime": { + "description": "lastTransitionTime is the last time the condition transitioned from one status to another.\nThis should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable.", + "format": "date-time", + "type": "string" + }, + "message": { + "description": "message is a human readable message indicating details about the transition.\nThis may be an empty string.", + "maxLength": 32768, + "type": "string" + }, + "observedGeneration": { + "description": "observedGeneration represents the .metadata.generation that the condition was set based upon.\nFor instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date\nwith respect to the current state of the instance.", + "format": "int64", + "minimum": 0, + "type": "integer" + }, + "reason": { + "description": "reason contains a programmatic identifier indicating the reason for the condition's last transition.\nProducers of specific condition types may define expected values and meanings for this field,\nand whether the values are considered a guaranteed API.\nThe value should be a CamelCase string.\nThis field may not be empty.", + "maxLength": 1024, + "minLength": 1, + "pattern": "^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$", + "type": "string" + }, + "status": { + "description": "status of the condition, one of True, False, Unknown.", + "enum": [ + "True", + "False", + "Unknown" + ], + "type": "string" + }, + "type": { + "description": "type of condition in CamelCase or in foo.example.com/CamelCase.", + "maxLength": 316, + "pattern": "^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$", + "type": "string" + } + }, + "required": [ + "lastTransitionTime", + "message", + "reason", + "status", + "type" + ], + "type": "object" + }, + "type": "array" + }, + "dataMoverDataUploads": { + "description": "DataMoverDataUploads contains information of the related Velero DataUpload objects.", + "properties": { + "accepted": { + "description": "number of DataUploads related to this NonAdminBackup's Backup in phase Accepted", + "type": "integer" + }, + "canceled": { + "description": "number of DataUploads related to this NonAdminBackup's Backup in phase Canceled", + "type": "integer" + }, + "canceling": { + "description": "number of DataUploads related to this NonAdminBackup's Backup in phase Canceling", + "type": "integer" + }, + "completed": { + "description": "number of DataUploads related to this NonAdminBackup's Backup in phase Completed", + "type": "integer" + }, + "failed": { + "description": "number of DataUploads related to this NonAdminBackup's Backup in phase Failed", + "type": "integer" + }, + "inProgress": { + "description": "number of DataUploads related to this NonAdminBackup's Backup in phase InProgress", + "type": "integer" + }, + "new": { + "description": "number of DataUploads related to this NonAdminBackup's Backup in phase New", + "type": "integer" + }, + "prepared": { + "description": "number of DataUploads related to this NonAdminBackup's Backup in phase Prepared", + "type": "integer" + }, + "total": { + "description": "number of DataUploads related to this NonAdminBackup's Backup", + "type": "integer" + } + }, + "type": "object" + }, + "fileSystemPodVolumeBackups": { + "description": "FileSystemPodVolumeBackups contains information of the related Velero PodVolumeBackup objects.", + "properties": { + "completed": { + "description": "number of PodVolumeBackups related to this NonAdminBackup's Backup in phase Completed", + "type": "integer" + }, + "failed": { + "description": "number of PodVolumeBackups related to this NonAdminBackup's Backup in phase Failed", + "type": "integer" + }, + "inProgress": { + "description": "number of PodVolumeBackups related to this NonAdminBackup's Backup in phase InProgress", + "type": "integer" + }, + "new": { + "description": "number of PodVolumeBackups related to this NonAdminBackup's Backup in phase New", + "type": "integer" + }, + "total": { + "description": "number of PodVolumeBackups related to this NonAdminBackup's Backup", + "type": "integer" + } + }, + "type": "object" + }, + "phase": { + "description": "phase is a simple one high-level summary of the lifecycle of an NonAdminBackup.", + "enum": [ + "New", + "BackingOff", + "Created", + "Deleting" + ], + "type": "string" + }, + "queueInfo": { + "description": "queueInfo is used to estimate how many backups are scheduled before the given VeleroBackup in the OADP namespace.\nThis number is not guaranteed to be accurate, but it should be close. It's inaccurate for cases when\nVelero pod is not running or being restarted after Backup object were created.\nIt counts only VeleroBackups that are still subject to be handled by OADP/Velero.", + "properties": { + "estimatedQueuePosition": { + "description": "estimatedQueuePosition is the number of operations ahead in the queue (0 if not queued)", + "type": "integer" + } + }, + "required": [ + "estimatedQueuePosition" + ], + "type": "object" + }, + "veleroBackup": { + "description": "VeleroBackup contains information of the related Velero backup object.", + "properties": { + "nacuuid": { + "description": "nacuuid references the Velero Backup object by it's label containing same NACUUID.", + "type": "string" + }, + "name": { + "description": "references the Velero Backup object by it's name.", + "type": "string" + }, + "namespace": { + "description": "namespace references the Namespace in which Velero backup exists.", + "type": "string" + }, + "spec": { + "description": "spec captures the current spec of the Velero backup.", + "properties": { + "csiSnapshotTimeout": { + "description": "CSISnapshotTimeout specifies the time used to wait for CSI VolumeSnapshot status turns to\nReadyToUse during creation, before returning error as timeout.\nThe default value is 10 minute.", + "type": "string" + }, + "datamover": { + "description": "DataMover specifies the data mover to be used by the backup.\nIf DataMover is \"\" or \"velero\", the built-in data mover will be used.", + "type": "string" + }, + "defaultVolumesToFsBackup": { + "description": "DefaultVolumesToFsBackup specifies whether pod volume file system backup should be used\nfor all volumes by default.", + "nullable": true, + "type": "boolean" + }, + "defaultVolumesToRestic": { + "description": "DefaultVolumesToRestic specifies whether restic should be used to take a\nbackup of all pod volumes by default.\n\nDeprecated: this field is no longer used and will be removed entirely in future. Use DefaultVolumesToFsBackup instead.", + "nullable": true, + "type": "boolean" + }, + "excludedClusterScopedResources": { + "description": "ExcludedClusterScopedResources is a slice of cluster-scoped\nresource type names to exclude from the backup.\nIf set to \"*\", all cluster-scoped resource types are excluded.\nThe default value is empty.", + "items": { + "type": "string" + }, + "nullable": true, + "type": "array" + }, + "excludedNamespaceScopedResources": { + "description": "ExcludedNamespaceScopedResources is a slice of namespace-scoped\nresource type names to exclude from the backup.\nIf set to \"*\", all namespace-scoped resource types are excluded.\nThe default value is empty.", + "items": { + "type": "string" + }, + "nullable": true, + "type": "array" + }, + "excludedNamespaces": { + "description": "ExcludedNamespaces contains a list of namespaces that are not\nincluded in the backup.", + "items": { + "type": "string" + }, + "nullable": true, + "type": "array" + }, + "excludedResources": { + "description": "ExcludedResources is a slice of resource names that are not\nincluded in the backup.", + "items": { + "type": "string" + }, + "nullable": true, + "type": "array" + }, + "hooks": { + "description": "Hooks represent custom behaviors that should be executed at different phases of the backup.", + "properties": { + "resources": { + "description": "Resources are hooks that should be executed when backing up individual instances of a resource.", + "items": { + "description": "BackupResourceHookSpec defines one or more BackupResourceHooks that should be executed based on\nthe rules defined for namespaces, resources, and label selector.", + "properties": { + "excludedNamespaces": { + "description": "ExcludedNamespaces specifies the namespaces to which this hook spec does not apply.", + "items": { + "type": "string" + }, + "nullable": true, + "type": "array" + }, + "excludedResources": { + "description": "ExcludedResources specifies the resources to which this hook spec does not apply.", + "items": { + "type": "string" + }, + "nullable": true, + "type": "array" + }, + "includedNamespaces": { + "description": "IncludedNamespaces specifies the namespaces to which this hook spec applies. If empty, it applies\nto all namespaces.", + "items": { + "type": "string" + }, + "nullable": true, + "type": "array" + }, + "includedResources": { + "description": "IncludedResources specifies the resources to which this hook spec applies. If empty, it applies\nto all resources.", + "items": { + "type": "string" + }, + "nullable": true, + "type": "array" + }, + "labelSelector": { + "description": "LabelSelector, if specified, filters the resources to which this hook spec applies.", + "nullable": true, + "properties": { + "matchExpressions": { + "description": "matchExpressions is a list of label selector requirements. The requirements are ANDed.", + "items": { + "description": "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values.", + "properties": { + "key": { + "description": "key is the label key that the selector applies to.", + "type": "string" + }, + "operator": { + "description": "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist.", + "type": "string" + }, + "values": { + "description": "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch.", + "items": { + "type": "string" + }, + "type": "array", + "x-kubernetes-list-type": "atomic" + } + }, + "required": [ + "key", + "operator" + ], + "type": "object" + }, + "type": "array", + "x-kubernetes-list-type": "atomic" + }, + "matchLabels": { + "additionalProperties": { + "type": "string" + }, + "description": "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed.", + "type": "object" + } + }, + "type": "object", + "x-kubernetes-map-type": "atomic" + }, + "name": { + "description": "Name is the name of this hook.", + "type": "string" + }, + "post": { + "description": "PostHooks is a list of BackupResourceHooks to execute after storing the item in the backup.\nThese are executed after all \"additional items\" from item actions are processed.", + "items": { + "description": "BackupResourceHook defines a hook for a resource.", + "properties": { + "exec": { + "description": "Exec defines an exec hook.", + "properties": { + "command": { + "description": "Command is the command and arguments to execute.", + "items": { + "type": "string" + }, + "minItems": 1, + "type": "array" + }, + "container": { + "description": "Container is the container in the pod where the command should be executed. If not specified,\nthe pod's first container is used.", + "type": "string" + }, + "onError": { + "description": "OnError specifies how Velero should behave if it encounters an error executing this hook.", + "enum": [ + "Continue", + "Fail" + ], + "type": "string" + }, + "timeout": { + "description": "Timeout defines the maximum amount of time Velero should wait for the hook to complete before\nconsidering the execution a failure.", + "type": "string" + } + }, + "required": [ + "command" + ], + "type": "object" + } + }, + "required": [ + "exec" + ], + "type": "object" + }, + "type": "array" + }, + "pre": { + "description": "PreHooks is a list of BackupResourceHooks to execute prior to storing the item in the backup.\nThese are executed before any \"additional items\" from item actions are processed.", + "items": { + "description": "BackupResourceHook defines a hook for a resource.", + "properties": { + "exec": { + "description": "Exec defines an exec hook.", + "properties": { + "command": { + "description": "Command is the command and arguments to execute.", + "items": { + "type": "string" + }, + "minItems": 1, + "type": "array" + }, + "container": { + "description": "Container is the container in the pod where the command should be executed. If not specified,\nthe pod's first container is used.", + "type": "string" + }, + "onError": { + "description": "OnError specifies how Velero should behave if it encounters an error executing this hook.", + "enum": [ + "Continue", + "Fail" + ], + "type": "string" + }, + "timeout": { + "description": "Timeout defines the maximum amount of time Velero should wait for the hook to complete before\nconsidering the execution a failure.", + "type": "string" + } + }, + "required": [ + "command" + ], + "type": "object" + } + }, + "required": [ + "exec" + ], + "type": "object" + }, + "type": "array" + } + }, + "required": [ + "name" + ], + "type": "object" + }, + "nullable": true, + "type": "array" + } + }, + "type": "object" + }, + "includeClusterResources": { + "description": "IncludeClusterResources specifies whether cluster-scoped resources\nshould be included for consideration in the backup.", + "nullable": true, + "type": "boolean" + }, + "includedClusterScopedResources": { + "description": "IncludedClusterScopedResources is a slice of cluster-scoped\nresource type names to include in the backup.\nIf set to \"*\", all cluster-scoped resource types are included.\nThe default value is empty, which means only related\ncluster-scoped resources are included.", + "items": { + "type": "string" + }, + "nullable": true, + "type": "array" + }, + "includedNamespaceScopedResources": { + "description": "IncludedNamespaceScopedResources is a slice of namespace-scoped\nresource type names to include in the backup.\nThe default value is \"*\".", + "items": { + "type": "string" + }, + "nullable": true, + "type": "array" + }, + "includedNamespaces": { + "description": "IncludedNamespaces is a slice of namespace names to include objects\nfrom. If empty, all namespaces are included.", + "items": { + "type": "string" + }, + "nullable": true, + "type": "array" + }, + "includedResources": { + "description": "IncludedResources is a slice of resource names to include\nin the backup. If empty, all resources are included.", + "items": { + "type": "string" + }, + "nullable": true, + "type": "array" + }, + "itemOperationTimeout": { + "description": "ItemOperationTimeout specifies the time used to wait for asynchronous BackupItemAction operations\nThe default value is 4 hour.", + "type": "string" + }, + "labelSelector": { + "description": "LabelSelector is a metav1.LabelSelector to filter with\nwhen adding individual objects to the backup. If empty\nor nil, all objects are included. Optional.", + "nullable": true, + "properties": { + "matchExpressions": { + "description": "matchExpressions is a list of label selector requirements. The requirements are ANDed.", + "items": { + "description": "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values.", + "properties": { + "key": { + "description": "key is the label key that the selector applies to.", + "type": "string" + }, + "operator": { + "description": "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist.", + "type": "string" + }, + "values": { + "description": "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch.", + "items": { + "type": "string" + }, + "type": "array", + "x-kubernetes-list-type": "atomic" + } + }, + "required": [ + "key", + "operator" + ], + "type": "object" + }, + "type": "array", + "x-kubernetes-list-type": "atomic" + }, + "matchLabels": { + "additionalProperties": { + "type": "string" + }, + "description": "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed.", + "type": "object" + } + }, + "type": "object", + "x-kubernetes-map-type": "atomic" + }, + "metadata": { + "properties": { + "labels": { + "additionalProperties": { + "type": "string" + }, + "type": "object" + } + }, + "type": "object" + }, + "orLabelSelectors": { + "description": "OrLabelSelectors is list of metav1.LabelSelector to filter with\nwhen adding individual objects to the backup. If multiple provided\nthey will be joined by the OR operator. LabelSelector as well as\nOrLabelSelectors cannot co-exist in backup request, only one of them\ncan be used.", + "items": { + "description": "A label selector is a label query over a set of resources. The result of matchLabels and\nmatchExpressions are ANDed. An empty label selector matches all objects. A null\nlabel selector matches no objects.", + "properties": { + "matchExpressions": { + "description": "matchExpressions is a list of label selector requirements. The requirements are ANDed.", + "items": { + "description": "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values.", + "properties": { + "key": { + "description": "key is the label key that the selector applies to.", + "type": "string" + }, + "operator": { + "description": "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist.", + "type": "string" + }, + "values": { + "description": "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch.", + "items": { + "type": "string" + }, + "type": "array", + "x-kubernetes-list-type": "atomic" + } + }, + "required": [ + "key", + "operator" + ], + "type": "object" + }, + "type": "array", + "x-kubernetes-list-type": "atomic" + }, + "matchLabels": { + "additionalProperties": { + "type": "string" + }, + "description": "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed.", + "type": "object" + } + }, + "type": "object", + "x-kubernetes-map-type": "atomic" + }, + "nullable": true, + "type": "array" + }, + "orderedResources": { + "additionalProperties": { + "type": "string" + }, + "description": "OrderedResources specifies the backup order of resources of specific Kind.\nThe map key is the resource name and value is a list of object names separated by commas.\nEach resource name has format \"namespace/objectname\". For cluster resources, simply use \"objectname\".", + "nullable": true, + "type": "object" + }, + "resourcePolicy": { + "description": "ResourcePolicy specifies the referenced resource policies that backup should follow", + "properties": { + "apiGroup": { + "description": "APIGroup is the group for the resource being referenced.\nIf APIGroup is not specified, the specified Kind must be in the core API group.\nFor any other third-party types, APIGroup is required.", + "type": "string" + }, + "kind": { + "description": "Kind is the type of resource being referenced", + "type": "string" + }, + "name": { + "description": "Name is the name of resource being referenced", + "type": "string" + } + }, + "required": [ + "kind", + "name" + ], + "type": "object", + "x-kubernetes-map-type": "atomic" + }, + "snapshotMoveData": { + "description": "SnapshotMoveData specifies whether snapshot data should be moved", + "nullable": true, + "type": "boolean" + }, + "snapshotVolumes": { + "description": "SnapshotVolumes specifies whether to take snapshots\nof any PV's referenced in the set of objects included\nin the Backup.", + "nullable": true, + "type": "boolean" + }, + "storageLocation": { + "description": "StorageLocation is a string containing the name of a BackupStorageLocation where the backup should be stored.", + "type": "string" + }, + "ttl": { + "description": "TTL is a time.Duration-parseable string describing how long\nthe Backup should be retained for.", + "type": "string" + }, + "uploaderConfig": { + "description": "UploaderConfig specifies the configuration for the uploader.", + "nullable": true, + "properties": { + "parallelFilesUpload": { + "description": "ParallelFilesUpload is the number of files parallel uploads to perform when using the uploader.", + "type": "integer" + } + }, + "type": "object" + }, + "volumeGroupSnapshotLabelKey": { + "description": "VolumeGroupSnapshotLabelKey specifies the label key to group PVCs under a VGS.", + "type": "string" + }, + "volumeSnapshotLocations": { + "description": "VolumeSnapshotLocations is a list containing names of VolumeSnapshotLocations associated with this backup.", + "items": { + "type": "string" + }, + "type": "array" + } + }, + "type": "object" + }, + "status": { + "description": "status captures the current status of the Velero backup.", + "properties": { + "backupItemOperationsAttempted": { + "description": "BackupItemOperationsAttempted is the total number of attempted\nasync BackupItemAction operations for this backup.", + "type": "integer" + }, + "backupItemOperationsCompleted": { + "description": "BackupItemOperationsCompleted is the total number of successfully completed\nasync BackupItemAction operations for this backup.", + "type": "integer" + }, + "backupItemOperationsFailed": { + "description": "BackupItemOperationsFailed is the total number of async\nBackupItemAction operations for this backup which ended with an error.", + "type": "integer" + }, + "completionTimestamp": { + "description": "CompletionTimestamp records the time a backup was completed.\nCompletion time is recorded even on failed backups.\nCompletion time is recorded before uploading the backup object.\nThe server's time is used for CompletionTimestamps", + "format": "date-time", + "nullable": true, + "type": "string" + }, + "csiVolumeSnapshotsAttempted": { + "description": "CSIVolumeSnapshotsAttempted is the total number of attempted\nCSI VolumeSnapshots for this backup.", + "type": "integer" + }, + "csiVolumeSnapshotsCompleted": { + "description": "CSIVolumeSnapshotsCompleted is the total number of successfully\ncompleted CSI VolumeSnapshots for this backup.", + "type": "integer" + }, + "errors": { + "description": "Errors is a count of all error messages that were generated during\nexecution of the backup. The actual errors are in the backup's log\nfile in object storage.", + "type": "integer" + }, + "expiration": { + "description": "Expiration is when this Backup is eligible for garbage-collection.", + "format": "date-time", + "nullable": true, + "type": "string" + }, + "failureReason": { + "description": "FailureReason is an error that caused the entire backup to fail.", + "type": "string" + }, + "formatVersion": { + "description": "FormatVersion is the backup format version, including major, minor, and patch version.", + "type": "string" + }, + "hookStatus": { + "description": "HookStatus contains information about the status of the hooks.", + "nullable": true, + "properties": { + "hooksAttempted": { + "description": "HooksAttempted is the total number of attempted hooks\nSpecifically, HooksAttempted represents the number of hooks that failed to execute\nand the number of hooks that executed successfully.", + "type": "integer" + }, + "hooksFailed": { + "description": "HooksFailed is the total number of hooks which ended with an error", + "type": "integer" + } + }, + "type": "object" + }, + "phase": { + "description": "Phase is the current state of the Backup.", + "enum": [ + "New", + "Queued", + "ReadyToStart", + "FailedValidation", + "InProgress", + "WaitingForPluginOperations", + "WaitingForPluginOperationsPartiallyFailed", + "Finalizing", + "FinalizingPartiallyFailed", + "Completed", + "PartiallyFailed", + "Failed", + "Deleting" + ], + "type": "string" + }, + "progress": { + "description": "Progress contains information about the backup's execution progress. Note\nthat this information is best-effort only -- if Velero fails to update it\nduring a backup for any reason, it may be inaccurate/stale.", + "nullable": true, + "properties": { + "itemsBackedUp": { + "description": "ItemsBackedUp is the number of items that have actually been written to the\nbackup tarball so far.", + "type": "integer" + }, + "totalItems": { + "description": "TotalItems is the total number of items to be backed up. This number may change\nthroughout the execution of the backup due to plugins that return additional related\nitems to back up, the velero.io/exclude-from-backup label, and various other\nfilters that happen as items are processed.", + "type": "integer" + } + }, + "type": "object" + }, + "queuePosition": { + "description": "QueuePosition is the position of the backup in the queue.\nOnly relevant when Phase is \"Queued\"", + "type": "integer" + }, + "startTimestamp": { + "description": "StartTimestamp records the time a backup was started.\nSeparate from CreationTimestamp, since that value changes\non restores.\nThe server's time is used for StartTimestamps", + "format": "date-time", + "nullable": true, + "type": "string" + }, + "validationErrors": { + "description": "ValidationErrors is a slice of all validation errors (if\napplicable).", + "items": { + "type": "string" + }, + "nullable": true, + "type": "array" + }, + "version": { + "description": "Version is the backup format major version.\nDeprecated: Please see FormatVersion", + "type": "integer" + }, + "volumeSnapshotsAttempted": { + "description": "VolumeSnapshotsAttempted is the total number of attempted\nvolume snapshots for this backup.", + "type": "integer" + }, + "volumeSnapshotsCompleted": { + "description": "VolumeSnapshotsCompleted is the total number of successfully\ncompleted volume snapshots for this backup.", + "type": "integer" + }, + "warnings": { + "description": "Warnings is a count of all warning messages that were generated during\nexecution of the backup. The actual warnings are in the backup's log\nfile in object storage.", + "type": "integer" + } + }, + "type": "object" + } + }, + "type": "object" + }, + "veleroDeleteBackupRequest": { + "description": "VeleroDeleteBackupRequest contains information of the related Velero delete backup request object.", + "properties": { + "nacuuid": { + "description": "nacuuid references the Velero delete backup request object by it's label containing same NACUUID.", + "type": "string" + }, + "name": { + "description": "name references the Velero delete backup request object by it's name.", + "type": "string" + }, + "namespace": { + "description": "namespace references the Namespace in which Velero delete backup request exists.", + "type": "string" + }, + "status": { + "description": "status captures the current status of the Velero delete backup request.", + "properties": { + "errors": { + "description": "Errors contains any errors that were encountered during the deletion process.", + "items": { + "type": "string" + }, + "nullable": true, + "type": "array" + }, + "phase": { + "description": "Phase is the current state of the DeleteBackupRequest.", + "enum": [ + "New", + "InProgress", + "Processed" + ], + "type": "string" + } + }, + "type": "object" + } + }, + "type": "object" + } + }, + "type": "object" + } + }, + "required": [], + "type": "object", + "x-kubernetes-group-version-kind": [ + { + "group": "oadp.openshift.io", + "kind": "NonAdminBackup", + "version": "v1alpha1" + } + ] + }, + "oadp.openshift.io/v1alpha1/NonAdminBackupList": { + "description": "NonAdminBackupList is a list of NonAdminBackup", + "namespaced": true, + "properties": { + "apiVersion": { + "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources", + "type": "string" + }, + "items": { + "description": "List of nonadminbackups. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md", + "items": { + "$ref": "#/components/schemas/io.openshift.oadp.v1alpha1.NonAdminBackup" + }, + "type": "array" + }, + "kind": { + "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", + "type": "string" + }, + "metadata": { + "allOf": [ + { + "$ref": "#/components/schemas/io.k8s.apimachinery.pkg.apis.meta.v1.ListMeta" + } + ], + "description": "Standard list metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + } + }, + "required": [ + "items" + ], + "type": "object", + "x-kubernetes-group-version-kind": [ + { + "group": "oadp.openshift.io", + "kind": "NonAdminBackupList", + "version": "v1alpha1" + } + ] + }, + "oadp.openshift.io/v1alpha1/NonAdminBackupStorageLocation": { + "description": "NonAdminBackupStorageLocation is the Schema for the nonadminbackupstoragelocations API", + "namespaced": true, + "properties": { + "apiVersion": { + "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources", + "type": "string" + }, + "kind": { + "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", + "type": "string" + }, + "metadata": { + "allOf": [ + { + "$ref": "#/components/schemas/io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta" + } + ], + "description": "Standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata" + }, + "spec": { + "description": "NonAdminBackupStorageLocationSpec defines the desired state of NonAdminBackupStorageLocation", + "properties": { + "backupStorageLocationSpec": { + "description": "BackupStorageLocationSpec defines the desired state of a Velero BackupStorageLocation", + "properties": { + "accessMode": { + "description": "AccessMode defines the permissions for the backup storage location.", + "enum": [ + "ReadOnly", + "ReadWrite" + ], + "type": "string" + }, + "backupSyncPeriod": { + "description": "BackupSyncPeriod defines how frequently to sync backup API objects from object storage. A value of 0 disables sync.", + "nullable": true, + "type": "string" + }, + "config": { + "additionalProperties": { + "type": "string" + }, + "description": "Config is for provider-specific configuration fields.", + "type": "object" + }, + "credential": { + "description": "Credential contains the credential information intended to be used with this location", + "properties": { + "key": { + "description": "The key of the secret to select from. Must be a valid secret key.", + "type": "string" + }, + "name": { + "default": "", + "description": "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names", + "type": "string" + }, + "optional": { + "description": "Specify whether the Secret or its key must be defined", + "type": "boolean" + } + }, + "required": [ + "key" + ], + "type": "object", + "x-kubernetes-map-type": "atomic" + }, + "default": { + "description": "Default indicates this location is the default backup storage location.", + "type": "boolean" + }, + "objectStorage": { + "description": "ObjectStorageLocation specifies the settings necessary to connect to a provider's object storage.", + "properties": { + "bucket": { + "description": "Bucket is the bucket to use for object storage.", + "type": "string" + }, + "caCert": { + "description": "CACert defines a CA bundle to use when verifying TLS connections to the provider.", + "format": "byte", + "type": "string" + }, + "prefix": { + "description": "Prefix is the path inside a bucket to use for Velero storage. Optional.", + "type": "string" + } + }, + "required": [ + "bucket" + ], + "type": "object" + }, + "provider": { + "description": "Provider is the provider of the backup storage.", + "type": "string" + }, + "validationFrequency": { + "description": "ValidationFrequency defines how frequently to validate the corresponding object storage. A value of 0 disables validation.", + "nullable": true, + "type": "string" + } + }, + "required": [ + "objectStorage", + "provider" + ], + "type": "object" + } + }, + "required": [ + "backupStorageLocationSpec" + ], + "type": "object" + }, + "status": { + "description": "NonAdminBackupStorageLocationStatus defines the observed state of NonAdminBackupStorageLocation", + "properties": { + "conditions": { + "items": { + "description": "Condition contains details for one aspect of the current state of this API Resource.", + "properties": { + "lastTransitionTime": { + "description": "lastTransitionTime is the last time the condition transitioned from one status to another.\nThis should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable.", + "format": "date-time", + "type": "string" + }, + "message": { + "description": "message is a human readable message indicating details about the transition.\nThis may be an empty string.", + "maxLength": 32768, + "type": "string" + }, + "observedGeneration": { + "description": "observedGeneration represents the .metadata.generation that the condition was set based upon.\nFor instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date\nwith respect to the current state of the instance.", + "format": "int64", + "minimum": 0, + "type": "integer" + }, + "reason": { + "description": "reason contains a programmatic identifier indicating the reason for the condition's last transition.\nProducers of specific condition types may define expected values and meanings for this field,\nand whether the values are considered a guaranteed API.\nThe value should be a CamelCase string.\nThis field may not be empty.", + "maxLength": 1024, + "minLength": 1, + "pattern": "^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$", + "type": "string" + }, + "status": { + "description": "status of the condition, one of True, False, Unknown.", + "enum": [ + "True", + "False", + "Unknown" + ], + "type": "string" + }, + "type": { + "description": "type of condition in CamelCase or in foo.example.com/CamelCase.", + "maxLength": 316, + "pattern": "^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$", + "type": "string" + } + }, + "required": [ + "lastTransitionTime", + "message", + "reason", + "status", + "type" + ], + "type": "object" + }, + "type": "array" + }, + "phase": { + "description": "phase is a simple one high-level summary of the lifecycle of an NonAdminBackupStorageLocation.", + "enum": [ + "New", + "BackingOff", + "Created", + "Deleting" + ], + "type": "string" + }, + "veleroBackupStorageLocation": { + "description": "VeleroBackupStorageLocation contains information of the related Velero backup object.", + "properties": { + "nacuuid": { + "description": "nacuuid references the Velero BackupStorageLocation object by it's label containing same NACUUID.", + "type": "string" + }, + "name": { + "description": "references the Velero BackupStorageLocation object by it's name.", + "type": "string" + }, + "namespace": { + "description": "namespace references the Namespace in which Velero backup storage location exists.", + "type": "string" + }, + "status": { + "description": "status captures the current status of the Velero backup storage location.", + "properties": { + "accessMode": { + "description": "AccessMode is an unused field.\n\nDeprecated: there is now an AccessMode field on the Spec and this field\nwill be removed entirely as of v2.0.", + "enum": [ + "ReadOnly", + "ReadWrite" + ], + "type": "string" + }, + "lastSyncedRevision": { + "description": "LastSyncedRevision is the value of the `metadata/revision` file in the backup\nstorage location the last time the BSL's contents were synced into the cluster.\n\nDeprecated: this field is no longer updated or used for detecting changes to\nthe location's contents and will be removed entirely in v2.0.", + "type": "string" + }, + "lastSyncedTime": { + "description": "LastSyncedTime is the last time the contents of the location were synced into\nthe cluster.", + "format": "date-time", + "nullable": true, + "type": "string" + }, + "lastValidationTime": { + "description": "LastValidationTime is the last time the backup store location was validated\nthe cluster.", + "format": "date-time", + "nullable": true, + "type": "string" + }, + "message": { + "description": "Message is a message about the backup storage location's status.", + "type": "string" + }, + "phase": { + "description": "Phase is the current state of the BackupStorageLocation.", + "enum": [ + "Available", + "Unavailable" + ], + "type": "string" + } + }, + "type": "object" + } + }, + "type": "object" + } + }, + "type": "object" + } + }, + "required": [], + "type": "object", + "x-kubernetes-group-version-kind": [ + { + "group": "oadp.openshift.io", + "kind": "NonAdminBackupStorageLocation", + "version": "v1alpha1" + } + ] + }, + "oadp.openshift.io/v1alpha1/NonAdminBackupStorageLocationList": { + "description": "NonAdminBackupStorageLocationList is a list of NonAdminBackupStorageLocation", + "namespaced": true, + "properties": { + "apiVersion": { + "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources", + "type": "string" + }, + "items": { + "description": "List of nonadminbackupstoragelocations. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md", + "items": { + "$ref": "#/components/schemas/io.openshift.oadp.v1alpha1.NonAdminBackupStorageLocation" + }, + "type": "array" + }, + "kind": { + "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", + "type": "string" + }, + "metadata": { + "allOf": [ + { + "$ref": "#/components/schemas/io.k8s.apimachinery.pkg.apis.meta.v1.ListMeta" + } + ], + "description": "Standard list metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + } + }, + "required": [ + "items" + ], + "type": "object", + "x-kubernetes-group-version-kind": [ + { + "group": "oadp.openshift.io", + "kind": "NonAdminBackupStorageLocationList", + "version": "v1alpha1" + } + ] + }, + "oadp.openshift.io/v1alpha1/NonAdminBackupStorageLocationRequest": { + "description": "NonAdminBackupStorageLocationRequest is the Schema for the nonadminbackupstoragelocationrequests API", + "namespaced": true, + "properties": { + "apiVersion": { + "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources", + "type": "string" + }, + "kind": { + "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", + "type": "string" + }, + "metadata": { + "allOf": [ + { + "$ref": "#/components/schemas/io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta" + } + ], + "description": "Standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata" + }, + "spec": { + "description": "NonAdminBackupStorageLocationRequestSpec defines the desired state of NonAdminBackupStorageLocationRequest", + "properties": { + "approvalDecision": { + "description": "approvalDecision is the decision of the cluster admin on the Requested NonAdminBackupStorageLocation creation.\nThe value may be set to either approve or reject.", + "enum": [ + "approve", + "reject", + "pending" + ], + "type": "string" + } + }, + "type": "object" + }, + "status": { + "description": "NonAdminBackupStorageLocationRequestStatus defines the observed state of NonAdminBackupStorageLocationRequest", + "properties": { + "nonAdminBackupStorageLocation": { + "description": "nonAdminBackupStorageLocation contains information of the NonAdminBackupStorageLocation object that triggered NonAdminBSLRequest", + "properties": { + "nacuuid": { + "description": "nacuuid references the NonAdminBackupStorageLocation object by it's label containing same NACUUID.", + "type": "string" + }, + "name": { + "description": "name references the NonAdminBackupStorageLocation object by it's name.", + "type": "string" + }, + "namespace": { + "description": "namespace references the Namespace in which NonAdminBackupStorageLocation exists.", + "type": "string" + }, + "requestedSpec": { + "description": "requestedSpec contains the requested Velero BackupStorageLocation spec from the NonAdminBackupStorageLocation", + "properties": { + "accessMode": { + "description": "AccessMode defines the permissions for the backup storage location.", + "enum": [ + "ReadOnly", + "ReadWrite" + ], + "type": "string" + }, + "backupSyncPeriod": { + "description": "BackupSyncPeriod defines how frequently to sync backup API objects from object storage. A value of 0 disables sync.", + "nullable": true, + "type": "string" + }, + "config": { + "additionalProperties": { + "type": "string" + }, + "description": "Config is for provider-specific configuration fields.", + "type": "object" + }, + "credential": { + "description": "Credential contains the credential information intended to be used with this location", + "properties": { + "key": { + "description": "The key of the secret to select from. Must be a valid secret key.", + "type": "string" + }, + "name": { + "default": "", + "description": "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names", + "type": "string" + }, + "optional": { + "description": "Specify whether the Secret or its key must be defined", + "type": "boolean" + } + }, + "required": [ + "key" + ], + "type": "object", + "x-kubernetes-map-type": "atomic" + }, + "default": { + "description": "Default indicates this location is the default backup storage location.", + "type": "boolean" + }, + "objectStorage": { + "description": "ObjectStorageLocation specifies the settings necessary to connect to a provider's object storage.", + "properties": { + "bucket": { + "description": "Bucket is the bucket to use for object storage.", + "type": "string" + }, + "caCert": { + "description": "CACert defines a CA bundle to use when verifying TLS connections to the provider.", + "format": "byte", + "type": "string" + }, + "prefix": { + "description": "Prefix is the path inside a bucket to use for Velero storage. Optional.", + "type": "string" + } + }, + "required": [ + "bucket" + ], + "type": "object" + }, + "provider": { + "description": "Provider is the provider of the backup storage.", + "type": "string" + }, + "validationFrequency": { + "description": "ValidationFrequency defines how frequently to validate the corresponding object storage. A value of 0 disables validation.", + "nullable": true, + "type": "string" + } + }, + "required": [ + "objectStorage", + "provider" + ], + "type": "object" + } + }, + "required": [ + "requestedSpec" + ], + "type": "object" + }, + "phase": { + "description": "phase represents the current state of the NonAdminBSLRequest. It can be either Pending, Approved or Rejected.", + "enum": [ + "Pending", + "Approved", + "Rejected" + ], + "type": "string" + } + }, + "type": "object" + } + }, + "required": [], + "type": "object", + "x-kubernetes-group-version-kind": [ + { + "group": "oadp.openshift.io", + "kind": "NonAdminBackupStorageLocationRequest", + "version": "v1alpha1" + } + ] + }, + "oadp.openshift.io/v1alpha1/NonAdminBackupStorageLocationRequestList": { + "description": "NonAdminBackupStorageLocationRequestList is a list of NonAdminBackupStorageLocationRequest", + "namespaced": true, + "properties": { + "apiVersion": { + "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources", + "type": "string" + }, + "items": { + "description": "List of nonadminbackupstoragelocationrequests. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md", + "items": { + "$ref": "#/components/schemas/io.openshift.oadp.v1alpha1.NonAdminBackupStorageLocationRequest" + }, + "type": "array" + }, + "kind": { + "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", + "type": "string" + }, + "metadata": { + "allOf": [ + { + "$ref": "#/components/schemas/io.k8s.apimachinery.pkg.apis.meta.v1.ListMeta" + } + ], + "description": "Standard list metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + } + }, + "required": [ + "items" + ], + "type": "object", + "x-kubernetes-group-version-kind": [ + { + "group": "oadp.openshift.io", + "kind": "NonAdminBackupStorageLocationRequestList", + "version": "v1alpha1" + } + ] + }, + "oadp.openshift.io/v1alpha1/NonAdminDownloadRequest": { + "description": "NonAdminDownloadRequest is the Schema for the nonadmindownloadrequests API.", + "namespaced": true, + "properties": { + "apiVersion": { + "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources", + "type": "string" + }, + "kind": { + "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", + "type": "string" + }, + "metadata": { + "allOf": [ + { + "$ref": "#/components/schemas/io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta" + } + ], + "description": "Standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata" + }, + "spec": { + "description": "NonAdminDownloadRequestSpec defines the desired state of NonAdminDownloadRequest.\nMirrors velero DownloadRequestSpec to allow non admins to download information for a non admin backup/restore", + "properties": { + "target": { + "description": "Target is what to download (e.g. logs for a backup).", + "properties": { + "kind": { + "description": "Kind is the type of file to download.", + "enum": [ + "BackupLog", + "BackupContents", + "BackupVolumeSnapshots", + "BackupItemOperations", + "BackupResourceList", + "BackupResults", + "RestoreLog", + "RestoreResults", + "RestoreResourceList", + "RestoreItemOperations", + "CSIBackupVolumeSnapshots", + "CSIBackupVolumeSnapshotContents", + "BackupVolumeInfos", + "RestoreVolumeInfo" + ], + "type": "string" + }, + "name": { + "description": "Name is the name of the Kubernetes resource with which the file is associated.", + "type": "string" + } + }, + "required": [ + "kind", + "name" + ], + "type": "object" + } + }, + "required": [ + "target" + ], + "type": "object" + }, + "status": { + "description": "NonAdminDownloadRequestStatus defines the observed state of NonAdminDownloadRequest.", + "properties": { + "conditions": { + "items": { + "description": "Condition contains details for one aspect of the current state of this API Resource.", + "properties": { + "lastTransitionTime": { + "description": "lastTransitionTime is the last time the condition transitioned from one status to another.\nThis should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable.", + "format": "date-time", + "type": "string" + }, + "message": { + "description": "message is a human readable message indicating details about the transition.\nThis may be an empty string.", + "maxLength": 32768, + "type": "string" + }, + "observedGeneration": { + "description": "observedGeneration represents the .metadata.generation that the condition was set based upon.\nFor instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date\nwith respect to the current state of the instance.", + "format": "int64", + "minimum": 0, + "type": "integer" + }, + "reason": { + "description": "reason contains a programmatic identifier indicating the reason for the condition's last transition.\nProducers of specific condition types may define expected values and meanings for this field,\nand whether the values are considered a guaranteed API.\nThe value should be a CamelCase string.\nThis field may not be empty.", + "maxLength": 1024, + "minLength": 1, + "pattern": "^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$", + "type": "string" + }, + "status": { + "description": "status of the condition, one of True, False, Unknown.", + "enum": [ + "True", + "False", + "Unknown" + ], + "type": "string" + }, + "type": { + "description": "type of condition in CamelCase or in foo.example.com/CamelCase.", + "maxLength": 316, + "pattern": "^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$", + "type": "string" + } + }, + "required": [ + "lastTransitionTime", + "message", + "reason", + "status", + "type" + ], + "type": "object" + }, + "type": "array" + }, + "phase": { + "description": "phase is a simple one high-level summary of the lifecycle of an NonAdminDownloadRequest", + "enum": [ + "New", + "BackingOff", + "Created", + "Deleting" + ], + "type": "string" + }, + "velero": { + "description": "VeleroDownloadRequest represents VeleroDownloadRequest", + "properties": { + "status": { + "description": "VeleroDownloadRequestStatus represents VeleroDownloadRequestStatus", + "properties": { + "downloadURL": { + "description": "DownloadURL contains the pre-signed URL for the target file.", + "type": "string" + }, + "expiration": { + "description": "Expiration is when this DownloadRequest expires and can be deleted by the system.", + "format": "date-time", + "nullable": true, + "type": "string" + }, + "phase": { + "description": "Phase is the current state of the DownloadRequest.", + "enum": [ + "New", + "Processed" + ], + "type": "string" + } + }, + "type": "object" + } + }, + "type": "object" + } + }, + "type": "object" + } + }, + "required": [], + "type": "object", + "x-kubernetes-group-version-kind": [ + { + "group": "oadp.openshift.io", + "kind": "NonAdminDownloadRequest", + "version": "v1alpha1" + } + ] + }, + "oadp.openshift.io/v1alpha1/NonAdminDownloadRequestList": { + "description": "NonAdminDownloadRequestList is a list of NonAdminDownloadRequest", + "namespaced": true, + "properties": { + "apiVersion": { + "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources", + "type": "string" + }, + "items": { + "description": "List of nonadmindownloadrequests. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md", + "items": { + "$ref": "#/components/schemas/io.openshift.oadp.v1alpha1.NonAdminDownloadRequest" + }, + "type": "array" + }, + "kind": { + "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", + "type": "string" + }, + "metadata": { + "allOf": [ + { + "$ref": "#/components/schemas/io.k8s.apimachinery.pkg.apis.meta.v1.ListMeta" + } + ], + "description": "Standard list metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + } + }, + "required": [ + "items" + ], + "type": "object", + "x-kubernetes-group-version-kind": [ + { + "group": "oadp.openshift.io", + "kind": "NonAdminDownloadRequestList", + "version": "v1alpha1" + } + ] + }, + "oadp.openshift.io/v1alpha1/NonAdminRestore": { + "description": "NonAdminRestore is the Schema for the nonadminrestores API", + "namespaced": true, + "properties": { + "apiVersion": { + "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources", + "type": "string" + }, + "kind": { + "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", + "type": "string" + }, + "metadata": { + "allOf": [ + { + "$ref": "#/components/schemas/io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta" + } + ], + "description": "Standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata" + }, + "spec": { + "description": "NonAdminRestoreSpec defines the desired state of NonAdminRestore", + "properties": { + "restoreSpec": { + "description": "restoreSpec defines the specification for a Velero restore.", + "properties": { + "backupName": { + "description": "BackupName is the unique name of the Velero backup to restore\nfrom.", + "type": "string" + }, + "excludedNamespaces": { + "description": "ExcludedNamespaces contains a list of namespaces that are not\nincluded in the restore.", + "items": { + "type": "string" + }, + "nullable": true, + "type": "array" + }, + "excludedResources": { + "description": "ExcludedResources is a slice of resource names that are not\nincluded in the restore.", + "items": { + "type": "string" + }, + "nullable": true, + "type": "array" + }, + "existingResourcePolicy": { + "description": "ExistingResourcePolicy specifies the restore behavior for the Kubernetes resource to be restored", + "nullable": true, + "type": "string" + }, + "hooks": { + "description": "Hooks represent custom behaviors that should be executed during or post restore.", + "properties": { + "resources": { + "items": { + "description": "RestoreResourceHookSpec defines one or more RestoreResrouceHooks that should be executed based on\nthe rules defined for namespaces, resources, and label selector.", + "properties": { + "excludedNamespaces": { + "description": "ExcludedNamespaces specifies the namespaces to which this hook spec does not apply.", + "items": { + "type": "string" + }, + "nullable": true, + "type": "array" + }, + "excludedResources": { + "description": "ExcludedResources specifies the resources to which this hook spec does not apply.", + "items": { + "type": "string" + }, + "nullable": true, + "type": "array" + }, + "includedNamespaces": { + "description": "IncludedNamespaces specifies the namespaces to which this hook spec applies. If empty, it applies\nto all namespaces.", + "items": { + "type": "string" + }, + "nullable": true, + "type": "array" + }, + "includedResources": { + "description": "IncludedResources specifies the resources to which this hook spec applies. If empty, it applies\nto all resources.", + "items": { + "type": "string" + }, + "nullable": true, + "type": "array" + }, + "labelSelector": { + "description": "LabelSelector, if specified, filters the resources to which this hook spec applies.", + "nullable": true, + "properties": { + "matchExpressions": { + "description": "matchExpressions is a list of label selector requirements. The requirements are ANDed.", + "items": { + "description": "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values.", + "properties": { + "key": { + "description": "key is the label key that the selector applies to.", + "type": "string" + }, + "operator": { + "description": "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist.", + "type": "string" + }, + "values": { + "description": "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch.", + "items": { + "type": "string" + }, + "type": "array", + "x-kubernetes-list-type": "atomic" + } + }, + "required": [ + "key", + "operator" + ], + "type": "object" + }, + "type": "array", + "x-kubernetes-list-type": "atomic" + }, + "matchLabels": { + "additionalProperties": { + "type": "string" + }, + "description": "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed.", + "type": "object" + } + }, + "type": "object", + "x-kubernetes-map-type": "atomic" + }, + "name": { + "description": "Name is the name of this hook.", + "type": "string" + }, + "postHooks": { + "description": "PostHooks is a list of RestoreResourceHooks to execute during and after restoring a resource.", + "items": { + "description": "RestoreResourceHook defines a restore hook for a resource.", + "properties": { + "exec": { + "description": "Exec defines an exec restore hook.", + "properties": { + "command": { + "description": "Command is the command and arguments to execute from within a container after a pod has been restored.", + "items": { + "type": "string" + }, + "minItems": 1, + "type": "array" + }, + "container": { + "description": "Container is the container in the pod where the command should be executed. If not specified,\nthe pod's first container is used.", + "type": "string" + }, + "execTimeout": { + "description": "ExecTimeout defines the maximum amount of time Velero should wait for the hook to complete before\nconsidering the execution a failure.", + "type": "string" + }, + "onError": { + "description": "OnError specifies how Velero should behave if it encounters an error executing this hook.", + "enum": [ + "Continue", + "Fail" + ], + "type": "string" + }, + "waitForReady": { + "description": "WaitForReady ensures command will be launched when container is Ready instead of Running.", + "nullable": true, + "type": "boolean" + }, + "waitTimeout": { + "description": "WaitTimeout defines the maximum amount of time Velero should wait for the container to be Ready\nbefore attempting to run the command.", + "type": "string" + } + }, + "required": [ + "command" + ], + "type": "object" + }, + "init": { + "description": "Init defines an init restore hook.", + "properties": { + "initContainers": { + "description": "InitContainers is list of init containers to be added to a pod during its restore.", + "items": { + "type": "object", + "x-kubernetes-preserve-unknown-fields": true + }, + "type": "array", + "x-kubernetes-preserve-unknown-fields": true + }, + "timeout": { + "description": "Timeout defines the maximum amount of time Velero should wait for the initContainers to complete.", + "type": "string" + } + }, + "type": "object" + } + }, + "type": "object" + }, + "type": "array" + } + }, + "required": [ + "name" + ], + "type": "object" + }, + "type": "array" + } + }, + "type": "object" + }, + "includeClusterResources": { + "description": "IncludeClusterResources specifies whether cluster-scoped resources\nshould be included for consideration in the restore. If null, defaults\nto true.", + "nullable": true, + "type": "boolean" + }, + "includedNamespaces": { + "description": "IncludedNamespaces is a slice of namespace names to include objects\nfrom. If empty, all namespaces are included.", + "items": { + "type": "string" + }, + "nullable": true, + "type": "array" + }, + "includedResources": { + "description": "IncludedResources is a slice of resource names to include\nin the restore. If empty, all resources in the backup are included.", + "items": { + "type": "string" + }, + "nullable": true, + "type": "array" + }, + "itemOperationTimeout": { + "description": "ItemOperationTimeout specifies the time used to wait for RestoreItemAction operations\nThe default value is 4 hour.", + "type": "string" + }, + "labelSelector": { + "description": "LabelSelector is a metav1.LabelSelector to filter with\nwhen restoring individual objects from the backup. If empty\nor nil, all objects are included. Optional.", + "nullable": true, + "properties": { + "matchExpressions": { + "description": "matchExpressions is a list of label selector requirements. The requirements are ANDed.", + "items": { + "description": "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values.", + "properties": { + "key": { + "description": "key is the label key that the selector applies to.", + "type": "string" + }, + "operator": { + "description": "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist.", + "type": "string" + }, + "values": { + "description": "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch.", + "items": { + "type": "string" + }, + "type": "array", + "x-kubernetes-list-type": "atomic" + } + }, + "required": [ + "key", + "operator" + ], + "type": "object" + }, + "type": "array", + "x-kubernetes-list-type": "atomic" + }, + "matchLabels": { + "additionalProperties": { + "type": "string" + }, + "description": "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed.", + "type": "object" + } + }, + "type": "object", + "x-kubernetes-map-type": "atomic" + }, + "namespaceMapping": { + "additionalProperties": { + "type": "string" + }, + "description": "NamespaceMapping is a map of source namespace names\nto target namespace names to restore into. Any source\nnamespaces not included in the map will be restored into\nnamespaces of the same name.", + "type": "object" + }, + "orLabelSelectors": { + "description": "OrLabelSelectors is list of metav1.LabelSelector to filter with\nwhen restoring individual objects from the backup. If multiple provided\nthey will be joined by the OR operator. LabelSelector as well as\nOrLabelSelectors cannot co-exist in restore request, only one of them\ncan be used", + "items": { + "description": "A label selector is a label query over a set of resources. The result of matchLabels and\nmatchExpressions are ANDed. An empty label selector matches all objects. A null\nlabel selector matches no objects.", + "properties": { + "matchExpressions": { + "description": "matchExpressions is a list of label selector requirements. The requirements are ANDed.", + "items": { + "description": "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values.", + "properties": { + "key": { + "description": "key is the label key that the selector applies to.", + "type": "string" + }, + "operator": { + "description": "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist.", + "type": "string" + }, + "values": { + "description": "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch.", + "items": { + "type": "string" + }, + "type": "array", + "x-kubernetes-list-type": "atomic" + } + }, + "required": [ + "key", + "operator" + ], + "type": "object" + }, + "type": "array", + "x-kubernetes-list-type": "atomic" + }, + "matchLabels": { + "additionalProperties": { + "type": "string" + }, + "description": "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed.", + "type": "object" + } + }, + "type": "object", + "x-kubernetes-map-type": "atomic" + }, + "nullable": true, + "type": "array" + }, + "preserveNodePorts": { + "description": "PreserveNodePorts specifies whether to restore old nodePorts from backup.", + "nullable": true, + "type": "boolean" + }, + "resourceModifier": { + "description": "ResourceModifier specifies the reference to JSON resource patches that should be applied to resources before restoration.", + "nullable": true, + "properties": { + "apiGroup": { + "description": "APIGroup is the group for the resource being referenced.\nIf APIGroup is not specified, the specified Kind must be in the core API group.\nFor any other third-party types, APIGroup is required.", + "type": "string" + }, + "kind": { + "description": "Kind is the type of resource being referenced", + "type": "string" + }, + "name": { + "description": "Name is the name of resource being referenced", + "type": "string" + } + }, + "required": [ + "kind", + "name" + ], + "type": "object", + "x-kubernetes-map-type": "atomic" + }, + "restorePVs": { + "description": "RestorePVs specifies whether to restore all included\nPVs from snapshot", + "nullable": true, + "type": "boolean" + }, + "restoreStatus": { + "description": "RestoreStatus specifies which resources we should restore the status\nfield. If nil, no objects are included. Optional.", + "nullable": true, + "properties": { + "excludedResources": { + "description": "ExcludedResources specifies the resources to which will not restore the status.", + "items": { + "type": "string" + }, + "nullable": true, + "type": "array" + }, + "includedResources": { + "description": "IncludedResources specifies the resources to which will restore the status.\nIf empty, it applies to all resources.", + "items": { + "type": "string" + }, + "nullable": true, + "type": "array" + } + }, + "type": "object" + }, + "scheduleName": { + "description": "ScheduleName is the unique name of the Velero schedule to restore\nfrom. If specified, and BackupName is empty, Velero will restore\nfrom the most recent successful backup created from this schedule.", + "type": "string" + }, + "uploaderConfig": { + "description": "UploaderConfig specifies the configuration for the restore.", + "nullable": true, + "properties": { + "parallelFilesDownload": { + "description": "ParallelFilesDownload is the concurrency number setting for restore.", + "type": "integer" + }, + "writeSparseFiles": { + "description": "WriteSparseFiles is a flag to indicate whether write files sparsely or not.", + "nullable": true, + "type": "boolean" + } + }, + "type": "object" + } + }, + "type": "object" + } + }, + "required": [ + "restoreSpec" + ], + "type": "object" + }, + "status": { + "description": "NonAdminRestoreStatus defines the observed state of NonAdminRestore", + "properties": { + "conditions": { + "items": { + "description": "Condition contains details for one aspect of the current state of this API Resource.", + "properties": { + "lastTransitionTime": { + "description": "lastTransitionTime is the last time the condition transitioned from one status to another.\nThis should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable.", + "format": "date-time", + "type": "string" + }, + "message": { + "description": "message is a human readable message indicating details about the transition.\nThis may be an empty string.", + "maxLength": 32768, + "type": "string" + }, + "observedGeneration": { + "description": "observedGeneration represents the .metadata.generation that the condition was set based upon.\nFor instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date\nwith respect to the current state of the instance.", + "format": "int64", + "minimum": 0, + "type": "integer" + }, + "reason": { + "description": "reason contains a programmatic identifier indicating the reason for the condition's last transition.\nProducers of specific condition types may define expected values and meanings for this field,\nand whether the values are considered a guaranteed API.\nThe value should be a CamelCase string.\nThis field may not be empty.", + "maxLength": 1024, + "minLength": 1, + "pattern": "^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$", + "type": "string" + }, + "status": { + "description": "status of the condition, one of True, False, Unknown.", + "enum": [ + "True", + "False", + "Unknown" + ], + "type": "string" + }, + "type": { + "description": "type of condition in CamelCase or in foo.example.com/CamelCase.", + "maxLength": 316, + "pattern": "^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$", + "type": "string" + } + }, + "required": [ + "lastTransitionTime", + "message", + "reason", + "status", + "type" + ], + "type": "object" + }, + "type": "array" + }, + "dataMoverDataDownloads": { + "description": "DataMoverDataDownloads contains information of the related Velero DataDownload objects.", + "properties": { + "accepted": { + "description": "number of DataDownloads related to this NonAdminRestore's Restore in phase Accepted", + "type": "integer" + }, + "canceled": { + "description": "number of DataDownloads related to this NonAdminRestore's Restore in phase Canceled", + "type": "integer" + }, + "canceling": { + "description": "number of DataDownloads related to this NonAdminRestore's Restore in phase Canceling", + "type": "integer" + }, + "completed": { + "description": "number of DataDownloads related to this NonAdminRestore's Restore in phase Completed", + "type": "integer" + }, + "failed": { + "description": "number of DataDownloads related to this NonAdminRestore's Restore in phase Failed", + "type": "integer" + }, + "inProgress": { + "description": "number of DataDownloads related to this NonAdminRestore's Restore in phase InProgress", + "type": "integer" + }, + "new": { + "description": "number of DataDownloads related to this NonAdminRestore's Restore in phase New", + "type": "integer" + }, + "prepared": { + "description": "number of DataDownloads related to this NonAdminRestore's Restore in phase Prepared", + "type": "integer" + }, + "total": { + "description": "number of DataDownloads related to this NonAdminRestore's Restore", + "type": "integer" + } + }, + "type": "object" + }, + "fileSystemPodVolumeRestores": { + "description": "FileSystemPodVolumeRestores contains information of the related Velero PodVolumeRestore objects.", + "properties": { + "completed": { + "description": "number of PodVolumeRestores related to this NonAdminRestore's Restore in phase Completed", + "type": "integer" + }, + "failed": { + "description": "number of PodVolumeRestores related to this NonAdminRestore's Restore in phase Failed", + "type": "integer" + }, + "inProgress": { + "description": "number of PodVolumeRestores related to this NonAdminRestore's Restore in phase InProgress", + "type": "integer" + }, + "new": { + "description": "number of PodVolumeRestores related to this NonAdminRestore's Restore in phase New", + "type": "integer" + }, + "total": { + "description": "number of PodVolumeRestores related to this NonAdminRestore's Restore", + "type": "integer" + } + }, + "type": "object" + }, + "phase": { + "description": "phase is a simple one high-level summary of the lifecycle of an NonAdminRestore.", + "enum": [ + "New", + "BackingOff", + "Created", + "Deleting" + ], + "type": "string" + }, + "queueInfo": { + "description": "queueInfo is used to estimate how many restores are scheduled before the given VeleroRestore in the OADP namespace.\nThis number is not guaranteed to be accurate, but it should be close. It's inaccurate for cases when\nVelero pod is not running or being restarted after Restore object were created.\nIt counts only VeleroRestores that are still subject to be handled by OADP/Velero.", + "properties": { + "estimatedQueuePosition": { + "description": "estimatedQueuePosition is the number of operations ahead in the queue (0 if not queued)", + "type": "integer" + } + }, + "required": [ + "estimatedQueuePosition" + ], + "type": "object" + }, + "veleroRestore": { + "description": "VeleroRestore contains information of the related Velero restore object.", + "properties": { + "nacuuid": { + "description": "nacuuid references the Velero Restore object by it's label containing same NACUUID.", + "type": "string" + }, + "name": { + "description": "references the Velero Restore object by it's name.", + "type": "string" + }, + "namespace": { + "description": "namespace references the Namespace in which Velero Restore exists.", + "type": "string" + }, + "status": { + "description": "status captures the current status of the Velero restore.", + "properties": { + "completionTimestamp": { + "description": "CompletionTimestamp records the time the restore operation was completed.\nCompletion time is recorded even on failed restore.\nThe server's time is used for StartTimestamps", + "format": "date-time", + "nullable": true, + "type": "string" + }, + "errors": { + "description": "Errors is a count of all error messages that were generated during\nexecution of the restore. The actual errors are stored in object storage.", + "type": "integer" + }, + "failureReason": { + "description": "FailureReason is an error that caused the entire restore to fail.", + "type": "string" + }, + "hookStatus": { + "description": "HookStatus contains information about the status of the hooks.", + "nullable": true, + "properties": { + "hooksAttempted": { + "description": "HooksAttempted is the total number of attempted hooks\nSpecifically, HooksAttempted represents the number of hooks that failed to execute\nand the number of hooks that executed successfully.", + "type": "integer" + }, + "hooksFailed": { + "description": "HooksFailed is the total number of hooks which ended with an error", + "type": "integer" + } + }, + "type": "object" + }, + "phase": { + "description": "Phase is the current state of the Restore", + "enum": [ + "New", + "FailedValidation", + "InProgress", + "WaitingForPluginOperations", + "WaitingForPluginOperationsPartiallyFailed", + "Completed", + "PartiallyFailed", + "Failed", + "Finalizing", + "FinalizingPartiallyFailed" + ], + "type": "string" + }, + "progress": { + "description": "Progress contains information about the restore's execution progress. Note\nthat this information is best-effort only -- if Velero fails to update it\nduring a restore for any reason, it may be inaccurate/stale.", + "nullable": true, + "properties": { + "itemsRestored": { + "description": "ItemsRestored is the number of items that have actually been restored so far", + "type": "integer" + }, + "totalItems": { + "description": "TotalItems is the total number of items to be restored. This number may change\nthroughout the execution of the restore due to plugins that return additional related\nitems to restore", + "type": "integer" + } + }, + "type": "object" + }, + "restoreItemOperationsAttempted": { + "description": "RestoreItemOperationsAttempted is the total number of attempted\nasync RestoreItemAction operations for this restore.", + "type": "integer" + }, + "restoreItemOperationsCompleted": { + "description": "RestoreItemOperationsCompleted is the total number of successfully completed\nasync RestoreItemAction operations for this restore.", + "type": "integer" + }, + "restoreItemOperationsFailed": { + "description": "RestoreItemOperationsFailed is the total number of async\nRestoreItemAction operations for this restore which ended with an error.", + "type": "integer" + }, + "startTimestamp": { + "description": "StartTimestamp records the time the restore operation was started.\nThe server's time is used for StartTimestamps", + "format": "date-time", + "nullable": true, + "type": "string" + }, + "validationErrors": { + "description": "ValidationErrors is a slice of all validation errors (if\napplicable)", + "items": { + "type": "string" + }, + "nullable": true, + "type": "array" + }, + "warnings": { + "description": "Warnings is a count of all warning messages that were generated during\nexecution of the restore. The actual warnings are stored in object storage.", + "type": "integer" + } + }, + "type": "object" + } + }, + "type": "object" + } + }, + "type": "object" + } + }, + "required": [], + "type": "object", + "x-kubernetes-group-version-kind": [ + { + "group": "oadp.openshift.io", + "kind": "NonAdminRestore", + "version": "v1alpha1" + } + ] + }, + "oadp.openshift.io/v1alpha1/NonAdminRestoreList": { + "description": "NonAdminRestoreList is a list of NonAdminRestore", + "namespaced": true, + "properties": { + "apiVersion": { + "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources", + "type": "string" + }, + "items": { + "description": "List of nonadminrestores. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md", + "items": { + "$ref": "#/components/schemas/io.openshift.oadp.v1alpha1.NonAdminRestore" + }, + "type": "array" + }, + "kind": { + "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", + "type": "string" + }, + "metadata": { + "allOf": [ + { + "$ref": "#/components/schemas/io.k8s.apimachinery.pkg.apis.meta.v1.ListMeta" + } + ], + "description": "Standard list metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + } + }, + "required": [ + "items" + ], + "type": "object", + "x-kubernetes-group-version-kind": [ + { + "group": "oadp.openshift.io", + "kind": "NonAdminRestoreList", + "version": "v1alpha1" + } + ] + }, + "oadp.openshift.io/v1alpha1/VirtualMachineBackupsDiscovery": { + "description": "VirtualMachineBackupsDiscovery is the Schema for the virtualmachinebackupsdiscoveries API", + "namespaced": true, + "properties": { + "apiVersion": { + "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources", + "type": "string" + }, + "kind": { + "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", + "type": "string" + }, + "metadata": { + "allOf": [ + { + "$ref": "#/components/schemas/io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta" + } + ], + "description": "Standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata" + }, + "spec": { + "description": "spec defines the desired state of VirtualMachineBackupsDiscovery", + "properties": { + "endTime": { + "description": "Only include backups created before this time (optional time range filtering).\nSupports both date-only (YYYY-MM-DD) and full RFC3339 (YYYY-MM-DDTHH:MM:SSZ) formats.\nDate-only format defaults to end of day (23:59:59Z).", + "type": "string" + }, + "requestedBackups": { + "description": "Specific backup names to include in addition to any time-based filtering.\nIf specified, these backups will be included even if they fall outside the time range.", + "items": { + "type": "string" + }, + "type": "array" + }, + "startTime": { + "description": "Only include backups created after this time (optional time range filtering).\nSupports both date-only (YYYY-MM-DD) and full RFC3339 (YYYY-MM-DDTHH:MM:SSZ) formats.\nDate-only format defaults to start of day (00:00:00Z).", + "type": "string" + }, + "virtualMachineName": { + "description": "Name of the VirtualMachine to discover backups for.", + "minLength": 1, + "type": "string" + }, + "virtualMachineNamespace": { + "description": "Namespace where the VirtualMachine is located.", + "minLength": 1, + "type": "string" + } + }, + "required": [ + "virtualMachineName", + "virtualMachineNamespace" + ], + "type": "object" + }, + "status": { + "description": "status defines the observed state of VirtualMachineBackupsDiscovery", + "properties": { + "backupDiscoveryProgress": { + "description": "Detailed discovery progress for each candidate backup.", + "items": { + "description": "BackupDiscoveryProgress contains detailed information about backup discovery progress", + "properties": { + "createdAt": { + "description": "When the backup was taken (from backup.status.completionTimestamp).\nFor synced backups, this reflects when the backup actually completed, not when it was imported.", + "format": "date-time", + "type": "string" + }, + "lastUpdated": { + "description": "When this backup's discovery status was last updated.", + "format": "date-time", + "type": "string" + }, + "message": { + "description": "Human-readable message about the discovery status.", + "maxLength": 1024, + "type": "string" + }, + "name": { + "description": "Name of the backup resource.", + "type": "string" + }, + "namespace": { + "description": "Namespace is the namespace of the backup resource", + "type": "string" + }, + "pvcs": { + "description": "PVCs contains the list of PVCs available in this backup\nFor a given VM\nThis field is populated during file restore processing", + "items": { + "description": "PVCInfo represents a PVC from a backup and all restores associated with it.\nThe combination of PVCUID + PVCName ensures uniqueness across multiple backups.", + "properties": { + "pvcName": { + "description": "Name of the PVC at the time of the backup", + "type": "string" + }, + "pvcNamespace": { + "description": "Namespace of the PVC at the time of the backup", + "type": "string" + }, + "pvcUID": { + "description": "UID of the PVC at the time of the backup", + "type": "string" + }, + "size": { + "description": "Size of the PVC in human-readable format (e.g., \"5Gi\", \"30Gi\")", + "type": "string" + } + }, + "required": [ + "pvcName", + "pvcNamespace", + "pvcUID" + ], + "type": "object" + }, + "type": "array" + }, + "status": { + "description": "Current status of backup discovery for this backup.", + "enum": [ + "New", + "InProgress", + "Completed", + "Skipped", + "Failed" + ], + "type": "string" + } + }, + "required": [ + "name", + "namespace", + "status" + ], + "type": "object" + }, + "type": "array" + }, + "conditions": { + "description": "Conditions represent the current state of the VirtualMachineBackupsDiscovery resource.\nThis is the PRIMARY source of truth for resource state.\nEach condition has a unique type and reflects the status of a specific aspect of the resource.\n\nStandard condition types for this resource (defined in types package):\n- types.ConditionTypeProgressing: Discovery is actively running\n- types.ConditionTypeAvailable: Valid backups are available for use\n- types.ConditionTypeDegraded: Partial failures occurred (may still be usable)\n- types.ConditionTypeReady: Summary condition (resource is usable)\n\nThe status of each condition is one of True, False, or Unknown.", + "items": { + "description": "Condition contains details for one aspect of the current state of this API Resource.", + "properties": { + "lastTransitionTime": { + "description": "lastTransitionTime is the last time the condition transitioned from one status to another.\nThis should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable.", + "format": "date-time", + "type": "string" + }, + "message": { + "description": "message is a human readable message indicating details about the transition.\nThis may be an empty string.", + "maxLength": 32768, + "type": "string" + }, + "observedGeneration": { + "description": "observedGeneration represents the .metadata.generation that the condition was set based upon.\nFor instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date\nwith respect to the current state of the instance.", + "format": "int64", + "minimum": 0, + "type": "integer" + }, + "reason": { + "description": "reason contains a programmatic identifier indicating the reason for the condition's last transition.\nProducers of specific condition types may define expected values and meanings for this field,\nand whether the values are considered a guaranteed API.\nThe value should be a CamelCase string.\nThis field may not be empty.", + "maxLength": 1024, + "minLength": 1, + "pattern": "^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$", + "type": "string" + }, + "status": { + "description": "status of the condition, one of True, False, Unknown.", + "enum": [ + "True", + "False", + "Unknown" + ], + "type": "string" + }, + "type": { + "description": "type of condition in CamelCase or in foo.example.com/CamelCase.", + "maxLength": 316, + "pattern": "^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$", + "type": "string" + } + }, + "required": [ + "lastTransitionTime", + "message", + "reason", + "status", + "type" + ], + "type": "object" + }, + "type": "array", + "x-kubernetes-list-map-keys": [ + "type" + ], + "x-kubernetes-list-type": "map" + }, + "discoveryStats": { + "description": "Summary statistics about the backup discovery process.", + "properties": { + "completed": { + "minimum": 0, + "type": "integer" + }, + "completionTime": { + "format": "date-time", + "type": "string" + }, + "failed": { + "minimum": 0, + "type": "integer" + }, + "inProgress": { + "minimum": 0, + "type": "integer" + }, + "pending": { + "minimum": 0, + "type": "integer" + }, + "skipped": { + "minimum": 0, + "type": "integer" + }, + "startTime": { + "format": "date-time", + "type": "string" + }, + "totalCandidates": { + "minimum": 0, + "type": "integer" + } + }, + "required": [ + "completed", + "failed", + "inProgress", + "pending", + "skipped", + "totalCandidates" + ], + "type": "object" + }, + "invalidBackups": { + "description": "Requested backups that don't contain the VM (only populated when RequestedBackups is used).", + "items": { + "description": "InvalidBackupInfo contains information about a backup that doesn't contain the VM", + "properties": { + "createdAt": { + "description": "When the backup was taken (from backup.status.completionTimestamp).\nFor synced backups, this reflects when the backup actually completed, not when it was imported.", + "format": "date-time", + "type": "string" + }, + "name": { + "description": "Name of the backup resource.", + "type": "string" + }, + "namespace": { + "description": "Namespace is the namespace of the backup resource", + "type": "string" + }, + "pvcs": { + "description": "PVCs contains the list of PVCs available in this backup\nFor a given VM\nThis field is populated during file restore processing", + "items": { + "description": "PVCInfo represents a PVC from a backup and all restores associated with it.\nThe combination of PVCUID + PVCName ensures uniqueness across multiple backups.", + "properties": { + "pvcName": { + "description": "Name of the PVC at the time of the backup", + "type": "string" + }, + "pvcNamespace": { + "description": "Namespace of the PVC at the time of the backup", + "type": "string" + }, + "pvcUID": { + "description": "UID of the PVC at the time of the backup", + "type": "string" + }, + "size": { + "description": "Size of the PVC in human-readable format (e.g., \"5Gi\", \"30Gi\")", + "type": "string" + } + }, + "required": [ + "pvcName", + "pvcNamespace", + "pvcUID" + ], + "type": "object" + }, + "type": "array" + }, + "reason": { + "description": "Reason why this backup doesn't contain the VM or couldn't be processed.", + "maxLength": 1024, + "type": "string" + } + }, + "required": [ + "name", + "namespace" + ], + "type": "object" + }, + "type": "array" + }, + "observedGeneration": { + "description": "ObservedGeneration represents the .metadata.generation that the status was set based upon.\nFor instance, if .metadata.generation is currently 12, but the .status.observedGeneration is 9,\nthe status is out of date with respect to the current state of the instance.\n\nIMPORTANT: Controllers must set this at the START of reconciliation, not at the end.\nThis prevents race conditions where clients see updated conditions but stale observedGeneration.", + "format": "int64", + "type": "integer" + }, + "phase": { + "description": "Phase indicates the overall phase of the backup discovery operation.\nDerived from conditions for human readability. Matches Velero's phase model.\nAutomation should rely on conditions, not phase.", + "enum": [ + "New", + "InProgress", + "Completed", + "PartiallyFailed", + "Failed" + ], + "type": "string" + }, + "validBackups": { + "description": "Backups that contain the specified virtual machine and are ready for file serving.", + "items": { + "description": "VeleroBackupInfo contains information about a discovered backup", + "properties": { + "createdAt": { + "description": "When the backup was taken (from backup.status.completionTimestamp).\nFor synced backups, this reflects when the backup actually completed, not when it was imported.", + "format": "date-time", + "type": "string" + }, + "name": { + "description": "Name of the backup resource.", + "type": "string" + }, + "namespace": { + "description": "Namespace is the namespace of the backup resource", + "type": "string" + }, + "pvcs": { + "description": "PVCs contains the list of PVCs available in this backup\nFor a given VM\nThis field is populated during file restore processing", + "items": { + "description": "PVCInfo represents a PVC from a backup and all restores associated with it.\nThe combination of PVCUID + PVCName ensures uniqueness across multiple backups.", + "properties": { + "pvcName": { + "description": "Name of the PVC at the time of the backup", + "type": "string" + }, + "pvcNamespace": { + "description": "Namespace of the PVC at the time of the backup", + "type": "string" + }, + "pvcUID": { + "description": "UID of the PVC at the time of the backup", + "type": "string" + }, + "size": { + "description": "Size of the PVC in human-readable format (e.g., \"5Gi\", \"30Gi\")", + "type": "string" + } + }, + "required": [ + "pvcName", + "pvcNamespace", + "pvcUID" + ], + "type": "object" + }, + "type": "array" + } + }, + "required": [ + "name", + "namespace" + ], + "type": "object" + }, + "type": "array" + } + }, + "type": "object" + } + }, + "required": [ + "spec" + ], + "type": "object", + "x-kubernetes-group-version-kind": [ + { + "group": "oadp.openshift.io", + "kind": "VirtualMachineBackupsDiscovery", + "version": "v1alpha1" + } + ] + }, + "oadp.openshift.io/v1alpha1/VirtualMachineBackupsDiscoveryList": { + "description": "VirtualMachineBackupsDiscoveryList is a list of VirtualMachineBackupsDiscovery", + "namespaced": true, + "properties": { + "apiVersion": { + "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources", + "type": "string" + }, + "items": { + "description": "List of virtualmachinebackupsdiscoveries. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md", + "items": { + "$ref": "#/components/schemas/io.openshift.oadp.v1alpha1.VirtualMachineBackupsDiscovery" + }, + "type": "array" + }, + "kind": { + "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", + "type": "string" + }, + "metadata": { + "allOf": [ + { + "$ref": "#/components/schemas/io.k8s.apimachinery.pkg.apis.meta.v1.ListMeta" + } + ], + "description": "Standard list metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + } + }, + "required": [ + "items" + ], + "type": "object", + "x-kubernetes-group-version-kind": [ + { + "group": "oadp.openshift.io", + "kind": "VirtualMachineBackupsDiscoveryList", + "version": "v1alpha1" + } + ] + }, + "oadp.openshift.io/v1alpha1/VirtualMachineFileRestore": { + "description": "VirtualMachineFileRestore is the Schema for the virtualmachinefilerestores API", + "namespaced": true, + "properties": { + "apiVersion": { + "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources", + "type": "string" + }, + "kind": { + "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", + "type": "string" + }, + "metadata": { + "allOf": [ + { + "$ref": "#/components/schemas/io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta" + } + ], + "description": "Standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata" + }, + "spec": { + "description": "spec defines the desired state of VirtualMachineFileRestore", + "properties": { + "backupsDiscoveryRef": { + "description": "Reference to the VirtualMachineBackupsDiscovery resource in the same namespace\nthat contains the discovered backups to serve files from.", + "minLength": 1, + "type": "string" + }, + "fileAccess": { + "description": "FileAccess defines which file access methods are enabled for this restore.\nIf not specified, defaults to HTTP file browser only.", + "properties": { + "fileBrowser": { + "description": "FileBrowser enables HTTPS web-based file browser access\nIf present (non-nil), FileBrowser access is enabled", + "properties": { + "credentialsSecretRef": { + "description": "CredentialsSecretRef references a Secret containing FileBrowser credentials.\nThe Secret must have a \"password\" key and optionally a \"username\" key.\nIf \"username\" is not provided in the Secret, it defaults to \"oadp\".\nIf CredentialsSecretRef is not specified, the controller generates both\nusername (defaults to \"oadp\") and password, storing them in a Secret\nin the temporary restore namespace.", + "properties": { + "name": { + "description": "Name of the Secret", + "minLength": 1, + "type": "string" + }, + "namespace": { + "description": "Namespace where the Secret is located.\nDefaults to the OADP namespace when not specified.\nNote: Secrets outside TemporaryRestoreNamespace are automatically\ncopied to that namespace for mounting in the serving pod.", + "type": "string" + } + }, + "required": [ + "name" + ], + "type": "object" + }, + "exposeExternally": { + "description": "ExposeExternally enables creation of an OpenShift Route for the FileBrowser service.\nWhen enabled, creates a Route with reencrypt TLS termination for external HTTPS access.\nOnly effective on OpenShift clusters.", + "type": "boolean" + } + }, + "type": "object" + }, + "ssh": { + "description": "SSH provides read-only access to restored files via chrooted OpenSSH.\nSupports SFTP, SCP, and rsync for file transfer only (no interactive shell access).\nThe SSH server runs in a chroot environment for security isolation.", + "properties": { + "credentialsSecretRef": { + "description": "CredentialsSecretRef references a Secret containing SSH authentication credentials.\nThe Secret must have an \"authorized_keys\" key for SSH key-based authentication.\nThe \"username\" key is optional and defaults to \"oadp\" if not provided.\nNote: Only SSH key-based authentication is supported; password authentication is not available.\nTakes precedence over inline Username and PublicKey fields.", + "properties": { + "name": { + "description": "Name of the Secret", + "minLength": 1, + "type": "string" + }, + "namespace": { + "description": "Namespace where the Secret is located.\nDefaults to the OADP namespace when not specified.\nNote: Secrets outside TemporaryRestoreNamespace are automatically\ncopied to that namespace for mounting in the serving pod.", + "type": "string" + } + }, + "required": [ + "name" + ], + "type": "object" + }, + "publicKey": { + "description": "PublicKey for SSH key-based authentication\nPublic keys are not sensitive and can be specified inline\nIf both PublicKey and CredentialsSecretRef are empty, controller generates keypair", + "type": "string" + }, + "username": { + "description": "Username for SSH access\nDefaults to \"oadp\" if not specified", + "type": "string" + } + }, + "type": "object" + } + }, + "type": "object", + "x-kubernetes-validations": [ + { + "message": "At least one of ssh or fileBrowser must be specified", + "rule": "has(self.ssh) || has(self.fileBrowser)" + } + ] + }, + "namespacePrefix": { + "description": "NamespacePrefix specifies a prefix for automatically generated temporary namespaces.\nOnly used when RestoreNamespace is not specified.\nIf not specified, the generated namespace name will use the VM's namespace-name format.\nThe final namespace name will be: ---", + "type": "string" + }, + "restoreNamespace": { + "description": "RestoreNamespace specifies an existing namespace where file serving resources will be created.\nIf not specified, a temporary namespace will be created automatically.\nThe namespace must exist and be accessible to the controller.", + "type": "string" + }, + "selectedBackups": { + "description": "Specific backup names to serve files from, selected from the discovery results.\nIf not specified, all valid backups from the discovery will be used for file serving.\nAll specified backup names must exist in the ValidBackups list of the referenced discovery.", + "items": { + "type": "string" + }, + "type": "array" + } + }, + "required": [ + "backupsDiscoveryRef" + ], + "type": "object" + }, + "status": { + "description": "status defines the observed state of VirtualMachineFileRestore", + "properties": { + "conditions": { + "description": "Conditions represent the current state of the VirtualMachineFileRestore resource.\nThis is the PRIMARY source of truth for resource state.\nEach condition has a unique type and reflects the status of a specific aspect of the resource.\n\nStandard condition types for this resource (defined in types package):\n- types.ConditionTypeProgressing: Restore is actively running\n- types.ConditionTypeAvailable: File serving resources are ready and accessible\n- types.ConditionTypeDegraded: Partial failures occurred (may still be usable)\n- types.ConditionTypeReady: Summary condition (resource is usable)\n\nThe status of each condition is one of True, False, or Unknown.", + "items": { + "description": "Condition contains details for one aspect of the current state of this API Resource.", + "properties": { + "lastTransitionTime": { + "description": "lastTransitionTime is the last time the condition transitioned from one status to another.\nThis should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable.", + "format": "date-time", + "type": "string" + }, + "message": { + "description": "message is a human readable message indicating details about the transition.\nThis may be an empty string.", + "maxLength": 32768, + "type": "string" + }, + "observedGeneration": { + "description": "observedGeneration represents the .metadata.generation that the condition was set based upon.\nFor instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date\nwith respect to the current state of the instance.", + "format": "int64", + "minimum": 0, + "type": "integer" + }, + "reason": { + "description": "reason contains a programmatic identifier indicating the reason for the condition's last transition.\nProducers of specific condition types may define expected values and meanings for this field,\nand whether the values are considered a guaranteed API.\nThe value should be a CamelCase string.\nThis field may not be empty.", + "maxLength": 1024, + "minLength": 1, + "pattern": "^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$", + "type": "string" + }, + "status": { + "description": "status of the condition, one of True, False, Unknown.", + "enum": [ + "True", + "False", + "Unknown" + ], + "type": "string" + }, + "type": { + "description": "type of condition in CamelCase or in foo.example.com/CamelCase.", + "maxLength": 316, + "pattern": "^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$", + "type": "string" + } + }, + "required": [ + "lastTransitionTime", + "message", + "reason", + "status", + "type" + ], + "type": "object" + }, + "type": "array", + "x-kubernetes-list-map-keys": [ + "type" + ], + "x-kubernetes-list-type": "map" + }, + "createdNamespace": { + "description": "CreatedNamespace contains information about the namespace used for file serving.\nThis will be set to the specified RestoreNamespace or the name of the auto-generated temporary namespace.", + "type": "string" + }, + "fileServingInfo": { + "description": "Information about the file serving resources that have been created.", + "properties": { + "fileBrowser": { + "description": "FileBrowser contains HTTPS file browser access information, if enabled.", + "properties": { + "clusterAccess": { + "description": "ClusterAccess provides the internal HTTPS URL, usable from within the cluster network.\nExample: \"https://vmfr-browser.restore-tmp.svc.cluster.local\"", + "type": "string" + }, + "credentialsSecretRef": { + "description": "CredentialsSecretRef references a Secret containing login credentials for the file browser:\n- \"username\"\n- \"password\"\nIf not specified, the controller creates and manages this Secret automatically.", + "properties": { + "name": { + "description": "Name of the Secret", + "minLength": 1, + "type": "string" + }, + "namespace": { + "description": "Namespace where the Secret is located.\nDefaults to the OADP namespace when not specified.\nNote: Secrets outside TemporaryRestoreNamespace are automatically\ncopied to that namespace for mounting in the serving pod.", + "type": "string" + } + }, + "required": [ + "name" + ], + "type": "object" + }, + "publicAccess": { + "description": "PublicAccess provides the external HTTPS URL, if exposed via Route or Ingress.\nExample: \"https://restore-files.apps.example.com\"", + "type": "string" + } + }, + "type": "object" + }, + "ssh": { + "description": "SSH contains SSH/SFTP/SCP/rsync access information, if enabled.", + "properties": { + "clusterAccess": { + "description": "ClusterAccess provides the internal SSH endpoint, accessible within the cluster\nor from environments connected to the cluster network (e.g. via VPN, oc port-forward).\nSSH is only exposed within the cluster for security reasons.\nUse 'oc port-forward' or 'kubectl port-forward' for external access.\nExample: \"ssh://vmfr-ssh.restore-tmp.svc.cluster.local:22\"", + "type": "string" + }, + "credentialsSecretRef": { + "description": "CredentialsSecretRef references a Secret containing SSH connection details:\n- \"username\"\n- \"authorized_keys\"\n- optionally \"privateKey\"\nThe Secret is created or referenced by the controller.", + "properties": { + "name": { + "description": "Name of the Secret", + "minLength": 1, + "type": "string" + }, + "namespace": { + "description": "Namespace where the Secret is located.\nDefaults to the OADP namespace when not specified.\nNote: Secrets outside TemporaryRestoreNamespace are automatically\ncopied to that namespace for mounting in the serving pod.", + "type": "string" + } + }, + "required": [ + "name" + ], + "type": "object" + } + }, + "type": "object" + } + }, + "type": "object" + }, + "observedGeneration": { + "description": "ObservedGeneration is the most recent generation observed by the controller.\nIMPORTANT: Controllers must set this at the START of reconciliation, not at the end.\nThis prevents race conditions where clients see updated conditions but stale observedGeneration.", + "format": "int64", + "type": "integer" + }, + "phase": { + "description": "Phase indicates the overall phase of the file restore operation.\nDerived from conditions for human readability. Matches Velero's phase model.\nAutomation should rely on conditions, not phase.", + "enum": [ + "New", + "InProgress", + "Completed", + "PartiallyFailed", + "Failed", + "Deleting" + ], + "type": "string" + }, + "pvcRestores": { + "description": "PVCRestores contains PVC-grouped restore information showing which backups each PVC was restored from.\nThis provides a user-friendly view of the restoration data organized by PVC.", + "items": { + "description": "PVCRestoreInfo combines PVC metadata with restores.\nPVC metadata is inlined for simplicity in JSON output.", + "properties": { + "pvcName": { + "description": "Name of the PVC at the time of the backup", + "type": "string" + }, + "pvcNamespace": { + "description": "Namespace of the PVC at the time of the backup", + "type": "string" + }, + "pvcUID": { + "description": "UID of the PVC at the time of the backup", + "type": "string" + }, + "restores": { + "description": "Restores contains all backup restores for this PVC", + "items": { + "description": "RestoreInfo contains information about a specific restore of a PVC from a backup.", + "properties": { + "completedAt": { + "description": "When the Velero Restore completed", + "format": "date-time", + "type": "string" + }, + "createdAt": { + "description": "When the Velero Restore object was created", + "format": "date-time", + "type": "string" + }, + "failureReason": { + "description": "Reason for failure if the restore failed", + "type": "string" + }, + "phase": { + "description": "Phase of the Velero Restore object", + "enum": [ + "New", + "FailedValidation", + "InProgress", + "WaitingForPluginOperations", + "WaitingForPluginOperationsPartiallyFailed", + "Completed", + "PartiallyFailed", + "Failed", + "Finalizing", + "FinalizingPartiallyFailed" + ], + "type": "string" + }, + "state": { + "description": "State indicates the compatibility and processing state of this backup\nValues: \"available\", \"backup-deleted\", \"backup-missing\", \"unsupported-plugin\", \"extraction-failed\", \"processing\", \"failed\"", + "type": "string" + }, + "timestamp": { + "description": "Timestamp indicates when the backup was created", + "format": "date-time", + "type": "string" + }, + "veleroBackupName": { + "description": "Name of the backup this restore came from", + "type": "string" + }, + "veleroBackupNamespace": { + "description": "Namespace of the backup this restore came from", + "type": "string" + }, + "veleroRestoreName": { + "description": "Name of the Velero Restore object", + "type": "string" + }, + "veleroRestoreNamespace": { + "description": "Namespace of the Velero Restore object", + "type": "string" + } + }, + "required": [ + "veleroBackupName", + "veleroBackupNamespace" + ], + "type": "object" + }, + "type": "array" + }, + "size": { + "description": "Size of the PVC in human-readable format (e.g., \"5Gi\", \"30Gi\")", + "type": "string" + } + }, + "required": [ + "pvcName", + "pvcNamespace", + "pvcUID" + ], + "type": "object" + }, + "type": "array" + } + }, + "type": "object" + } + }, + "required": [ + "spec" + ], + "type": "object", + "x-kubernetes-group-version-kind": [ + { + "group": "oadp.openshift.io", + "kind": "VirtualMachineFileRestore", + "version": "v1alpha1" + } + ] + }, + "oadp.openshift.io/v1alpha1/VirtualMachineFileRestoreList": { + "description": "VirtualMachineFileRestoreList is a list of VirtualMachineFileRestore", + "namespaced": true, + "properties": { + "apiVersion": { + "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources", + "type": "string" + }, + "items": { + "description": "List of virtualmachinefilerestores. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md", + "items": { + "$ref": "#/components/schemas/io.openshift.oadp.v1alpha1.VirtualMachineFileRestore" + }, + "type": "array" + }, + "kind": { + "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", + "type": "string" + }, + "metadata": { + "allOf": [ + { + "$ref": "#/components/schemas/io.k8s.apimachinery.pkg.apis.meta.v1.ListMeta" + } + ], + "description": "Standard list metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + } + }, + "required": [ + "items" + ], + "type": "object", + "x-kubernetes-group-version-kind": [ + { + "group": "oadp.openshift.io", + "kind": "VirtualMachineFileRestoreList", + "version": "v1alpha1" + } + ] + }, + "oauth.openshift.io/v1/OAuthAccessToken": { + "description": "OAuthAccessToken describes an OAuth access token. The name of a token must be prefixed with a `sha256~` string, must not contain \"/\" or \"%\" characters and must be at least 32 characters long.\n\nThe name of the token is constructed from the actual token by sha256-hashing it and using URL-safe unpadded base64-encoding (as described in RFC4648) on the hashed result.\n\nCompatibility level 1: Stable within a major release for a minimum of 12 months or 3 minor releases (whichever is longer).", + "namespaced": false, + "properties": { + "apiVersion": { + "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources", + "type": "string" + }, + "authorizeToken": { + "description": "authorizeToken contains the token that authorized this token", + "type": "string" + }, + "clientName": { + "description": "clientName references the client that created this token.", + "type": "string" + }, + "expiresIn": { + "description": "expiresIn is the seconds from CreationTime before this token expires.", + "format": "int64", + "type": "integer" + }, + "inactivityTimeoutSeconds": { + "description": "inactivityTimeoutSeconds is the value in seconds, from the CreationTimestamp, after which this token can no longer be used. The value is automatically incremented when the token is used.", + "format": "int32", + "type": "integer" + }, + "kind": { + "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", + "type": "string" + }, + "metadata": { + "allOf": [ + { + "$ref": "#/components/schemas/io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta" + } + ], + "default": {}, + "description": "metadata is the standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata" + }, + "redirectURI": { + "description": "redirectURI is the redirection associated with the token.", + "type": "string" + }, + "refreshToken": { + "description": "refreshToken is the value by which this token can be renewed. Can be blank.", + "type": "string" + }, + "scopes": { + "description": "scopes is an array of the requested scopes.", + "items": { + "default": "", + "type": "string" + }, + "type": "array" + }, + "userName": { + "description": "userName is the user name associated with this token", + "type": "string" + }, + "userUID": { + "description": "userUID is the unique UID associated with this token", + "type": "string" + } + }, + "required": [], + "type": "object", + "x-kubernetes-group-version-kind": [ + { + "group": "oauth.openshift.io", + "kind": "OAuthAccessToken", + "version": "v1" + } + ] + }, + "oauth.openshift.io/v1/OAuthAccessTokenList": { + "description": "OAuthAccessTokenList is a collection of OAuth access tokens\n\nCompatibility level 1: Stable within a major release for a minimum of 12 months or 3 minor releases (whichever is longer).", + "namespaced": true, + "properties": { + "apiVersion": { + "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources", + "type": "string" + }, + "items": { + "description": "items is the list of OAuth access tokens", + "items": { + "allOf": [ + { + "$ref": "#/components/schemas/com.github.openshift.api.oauth.v1.OAuthAccessToken" + } + ], + "default": {} + }, + "type": "array" + }, + "kind": { + "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", + "type": "string" + }, + "metadata": { + "allOf": [ + { + "$ref": "#/components/schemas/io.k8s.apimachinery.pkg.apis.meta.v1.ListMeta" + } + ], + "default": {}, + "description": "metadata is the standard list's metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata" + } + }, + "required": [ + "items" + ], + "type": "object", + "x-kubernetes-group-version-kind": [ + { + "group": "oauth.openshift.io", + "kind": "OAuthAccessTokenList", + "version": "v1" + } + ] + }, + "oauth.openshift.io/v1/OAuthAuthorizeToken": { + "description": "OAuthAuthorizeToken describes an OAuth authorization token\n\nCompatibility level 1: Stable within a major release for a minimum of 12 months or 3 minor releases (whichever is longer).", + "namespaced": false, + "properties": { + "apiVersion": { + "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources", + "type": "string" + }, + "clientName": { + "description": "clientName references the client that created this token.", + "type": "string" + }, + "codeChallenge": { + "description": "codeChallenge is the optional code_challenge associated with this authorization code, as described in rfc7636", + "type": "string" + }, + "codeChallengeMethod": { + "description": "codeChallengeMethod is the optional code_challenge_method associated with this authorization code, as described in rfc7636", + "type": "string" + }, + "expiresIn": { + "description": "expiresIn is the seconds from CreationTime before this token expires.", + "format": "int64", + "type": "integer" + }, + "kind": { + "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", + "type": "string" + }, + "metadata": { + "allOf": [ + { + "$ref": "#/components/schemas/io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta" + } + ], + "default": {}, + "description": "metadata is the standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata" + }, + "redirectURI": { + "description": "redirectURI is the redirection associated with the token.", + "type": "string" + }, + "scopes": { + "description": "scopes is an array of the requested scopes.", + "items": { + "default": "", + "type": "string" + }, + "type": "array" + }, + "state": { + "description": "state data from request", + "type": "string" + }, + "userName": { + "description": "userName is the user name associated with this token", + "type": "string" + }, + "userUID": { + "description": "userUID is the unique UID associated with this token. UserUID and UserName must both match for this token to be valid.", + "type": "string" + } + }, + "required": [], + "type": "object", + "x-kubernetes-group-version-kind": [ + { + "group": "oauth.openshift.io", + "kind": "OAuthAuthorizeToken", + "version": "v1" + } + ] + }, + "oauth.openshift.io/v1/OAuthAuthorizeTokenList": { + "description": "OAuthAuthorizeTokenList is a collection of OAuth authorization tokens\n\nCompatibility level 1: Stable within a major release for a minimum of 12 months or 3 minor releases (whichever is longer).", + "namespaced": true, + "properties": { + "apiVersion": { + "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources", + "type": "string" + }, + "items": { + "description": "items is the list of OAuth authorization tokens", + "items": { + "allOf": [ + { + "$ref": "#/components/schemas/com.github.openshift.api.oauth.v1.OAuthAuthorizeToken" + } + ], + "default": {} + }, + "type": "array" + }, + "kind": { + "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", + "type": "string" + }, + "metadata": { + "allOf": [ + { + "$ref": "#/components/schemas/io.k8s.apimachinery.pkg.apis.meta.v1.ListMeta" + } + ], + "default": {}, + "description": "metadata is the standard list's metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata" + } + }, + "required": [ + "items" + ], + "type": "object", + "x-kubernetes-group-version-kind": [ + { + "group": "oauth.openshift.io", + "kind": "OAuthAuthorizeTokenList", + "version": "v1" + } + ] + }, + "oauth.openshift.io/v1/OAuthClient": { + "description": "OAuthClient describes an OAuth client\n\nCompatibility level 1: Stable within a major release for a minimum of 12 months or 3 minor releases (whichever is longer).", + "namespaced": false, + "properties": { + "accessTokenInactivityTimeoutSeconds": { + "description": "accessTokenInactivityTimeoutSeconds overrides the default token inactivity timeout for tokens granted to this client. The value represents the maximum amount of time that can occur between consecutive uses of the token. Tokens become invalid if they are not used within this temporal window. The user will need to acquire a new token to regain access once a token times out. This value needs to be set only if the default set in configuration is not appropriate for this client. Valid values are: - 0: Tokens for this client never time out - X: Tokens time out if there is no activity for X seconds The current minimum allowed value for X is 300 (5 minutes)\n\nWARNING: existing tokens' timeout will not be affected (lowered) by changing this value", + "format": "int32", + "type": "integer" + }, + "accessTokenMaxAgeSeconds": { + "description": "accessTokenMaxAgeSeconds overrides the default access token max age for tokens granted to this client. 0 means no expiration.", + "format": "int32", + "type": "integer" + }, + "additionalSecrets": { + "description": "additionalSecrets holds other secrets that may be used to identify the client. This is useful for rotation and for service account token validation", + "items": { + "default": "", + "type": "string" + }, + "type": "array" + }, + "apiVersion": { + "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources", + "type": "string" + }, + "grantMethod": { + "description": "grantMethod is a required field which determines how to handle grants for this client. Valid grant handling methods are:\n - auto: always approves grant requests, useful for trusted clients\n - prompt: prompts the end user for approval of grant requests, useful for third-party clients", + "type": "string" + }, + "kind": { + "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", + "type": "string" + }, + "metadata": { + "allOf": [ + { + "$ref": "#/components/schemas/io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta" + } + ], + "default": {}, + "description": "metadata is the standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata" + }, + "redirectURIs": { + "description": "redirectURIs is the valid redirection URIs associated with a client", + "items": { + "default": "", + "type": "string" + }, + "type": "array", + "x-kubernetes-patch-strategy": "merge" + }, + "respondWithChallenges": { + "description": "respondWithChallenges indicates whether the client wants authentication needed responses made in the form of challenges instead of redirects", + "type": "boolean" + }, + "scopeRestrictions": { + "description": "scopeRestrictions describes which scopes this client can request. Each requested scope is checked against each restriction. If any restriction matches, then the scope is allowed. If no restriction matches, then the scope is denied.", + "items": { + "allOf": [ + { + "$ref": "#/components/schemas/com.github.openshift.api.oauth.v1.ScopeRestriction" + } + ], + "default": {} + }, + "type": "array" + }, + "secret": { + "description": "secret is the unique secret associated with a client", + "type": "string" + } + }, + "required": [], + "type": "object", + "x-kubernetes-group-version-kind": [ + { + "group": "oauth.openshift.io", + "kind": "OAuthClient", + "version": "v1" + } + ] + }, + "oauth.openshift.io/v1/OAuthClientAuthorization": { + "description": "OAuthClientAuthorization describes an authorization created by an OAuth client\n\nCompatibility level 1: Stable within a major release for a minimum of 12 months or 3 minor releases (whichever is longer).", + "namespaced": false, + "properties": { + "apiVersion": { + "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources", + "type": "string" + }, + "clientName": { + "description": "clientName references the client that created this authorization", + "type": "string" + }, + "kind": { + "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", + "type": "string" + }, + "metadata": { + "allOf": [ + { + "$ref": "#/components/schemas/io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta" + } + ], + "default": {}, + "description": "metadata is the standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata" + }, + "scopes": { + "description": "scopes is an array of the granted scopes.", + "items": { + "default": "", + "type": "string" + }, + "type": "array" + }, + "userName": { + "description": "userName is the user name that authorized this client", + "type": "string" + }, + "userUID": { + "description": "userUID is the unique UID associated with this authorization. UserUID and UserName must both match for this authorization to be valid.", + "type": "string" + } + }, + "required": [], + "type": "object", + "x-kubernetes-group-version-kind": [ + { + "group": "oauth.openshift.io", + "kind": "OAuthClientAuthorization", + "version": "v1" + } + ] + }, + "oauth.openshift.io/v1/OAuthClientAuthorizationList": { + "description": "OAuthClientAuthorizationList is a collection of OAuth client authorizations\n\nCompatibility level 1: Stable within a major release for a minimum of 12 months or 3 minor releases (whichever is longer).", + "namespaced": true, + "properties": { + "apiVersion": { + "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources", + "type": "string" + }, + "items": { + "description": "items is the list of OAuth client authorizations", + "items": { + "allOf": [ + { + "$ref": "#/components/schemas/com.github.openshift.api.oauth.v1.OAuthClientAuthorization" + } + ], + "default": {} + }, + "type": "array" + }, + "kind": { + "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", + "type": "string" + }, + "metadata": { + "allOf": [ + { + "$ref": "#/components/schemas/io.k8s.apimachinery.pkg.apis.meta.v1.ListMeta" + } + ], + "default": {}, + "description": "metadata is the standard list's metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata" + } + }, + "required": [ + "items" + ], + "type": "object", + "x-kubernetes-group-version-kind": [ + { + "group": "oauth.openshift.io", + "kind": "OAuthClientAuthorizationList", + "version": "v1" + } + ] + }, + "oauth.openshift.io/v1/OAuthClientList": { + "description": "OAuthClientList is a collection of OAuth clients\n\nCompatibility level 1: Stable within a major release for a minimum of 12 months or 3 minor releases (whichever is longer).", + "namespaced": true, + "properties": { + "apiVersion": { + "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources", + "type": "string" + }, + "items": { + "description": "items is the list of OAuth clients", + "items": { + "allOf": [ + { + "$ref": "#/components/schemas/com.github.openshift.api.oauth.v1.OAuthClient" + } + ], + "default": {} + }, + "type": "array" + }, + "kind": { + "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", + "type": "string" + }, + "metadata": { + "allOf": [ + { + "$ref": "#/components/schemas/io.k8s.apimachinery.pkg.apis.meta.v1.ListMeta" + } + ], + "default": {}, + "description": "metadata is the standard list's metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata" + } + }, + "required": [ + "items" + ], + "type": "object", + "x-kubernetes-group-version-kind": [ + { + "group": "oauth.openshift.io", + "kind": "OAuthClientList", + "version": "v1" + } + ] + }, + "oauth.openshift.io/v1/UserOAuthAccessToken": { + "description": "UserOAuthAccessToken is a virtual resource to mirror OAuthAccessTokens to the user the access token was issued for", + "namespaced": false, + "properties": { + "apiVersion": { + "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources", + "type": "string" + }, + "authorizeToken": { + "description": "authorizeToken contains the token that authorized this token", + "type": "string" + }, + "clientName": { + "description": "clientName references the client that created this token.", + "type": "string" + }, + "expiresIn": { + "description": "expiresIn is the seconds from CreationTime before this token expires.", + "format": "int64", + "type": "integer" + }, + "inactivityTimeoutSeconds": { + "description": "inactivityTimeoutSeconds is the value in seconds, from the CreationTimestamp, after which this token can no longer be used. The value is automatically incremented when the token is used.", + "format": "int32", + "type": "integer" + }, + "kind": { + "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", + "type": "string" + }, + "metadata": { + "allOf": [ + { + "$ref": "#/components/schemas/io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta" + } + ], + "default": {}, + "description": "metadata is the standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata" + }, + "redirectURI": { + "description": "redirectURI is the redirection associated with the token.", + "type": "string" + }, + "refreshToken": { + "description": "refreshToken is the value by which this token can be renewed. Can be blank.", + "type": "string" + }, + "scopes": { + "description": "scopes is an array of the requested scopes.", + "items": { + "default": "", + "type": "string" + }, + "type": "array" + }, + "userName": { + "description": "userName is the user name associated with this token", + "type": "string" + }, + "userUID": { + "description": "userUID is the unique UID associated with this token", + "type": "string" + } + }, + "required": [], + "type": "object", + "x-kubernetes-group-version-kind": [ + { + "group": "oauth.openshift.io", + "kind": "UserOAuthAccessToken", + "version": "v1" + } + ] + }, + "oauth.openshift.io/v1/UserOAuthAccessTokenList": { + "description": "UserOAuthAccessTokenList is a collection of access tokens issued on behalf of the requesting user\n\nCompatibility level 1: Stable within a major release for a minimum of 12 months or 3 minor releases (whichever is longer).", + "namespaced": true, + "properties": { + "apiVersion": { + "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources", + "type": "string" + }, + "items": { + "items": { + "allOf": [ + { + "$ref": "#/components/schemas/com.github.openshift.api.oauth.v1.UserOAuthAccessToken" + } + ], + "default": {} + }, + "type": "array" + }, + "kind": { + "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", + "type": "string" + }, + "metadata": { + "allOf": [ + { + "$ref": "#/components/schemas/io.k8s.apimachinery.pkg.apis.meta.v1.ListMeta" + } + ], + "default": {}, + "description": "metadata is the standard list's metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata" + } + }, + "required": [ + "items" + ], + "type": "object", + "x-kubernetes-group-version-kind": [ + { + "group": "oauth.openshift.io", + "kind": "UserOAuthAccessTokenList", + "version": "v1" + } + ] + }, + "objectbucket.io/v1alpha1/ObjectBucket": { + "description": "", + "namespaced": false, + "properties": { + "apiVersion": { + "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources", + "type": "string" + }, + "kind": { + "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", + "type": "string" + }, + "metadata": { + "allOf": [ + { + "$ref": "#/components/schemas/io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta" + } + ], + "description": "Standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata" + }, + "spec": { + "description": "Specification of the desired behavior of the bucket.", + "properties": { + "additionalState": { + "additionalProperties": { + "type": "string" + }, + "description": "additionalState gives providers a location to set proprietary config values (tenant, namespace, etc)", + "type": "object" + }, + "claimRef": { + "description": "ObjectReference to ObjectBucketClaim", + "type": "object" + }, + "endpoint": { + "description": "Endpoint contains all connection relevant data that an app may require for accessing the bucket", + "properties": { + "additionalConfig": { + "additionalProperties": { + "type": "string" + }, + "description": "AdditionalConfig gives providers a location to set proprietary config values (tenant, namespace, etc)", + "type": "object" + }, + "bucketHost": { + "description": "Bucket address hostname", + "type": "string" + }, + "bucketName": { + "description": "Bucket name", + "type": "string" + }, + "bucketPort": { + "description": "Bucket address port", + "type": "integer" + }, + "region": { + "description": "Bucket region", + "type": "string" + }, + "subRegion": { + "description": "Bucket sub-region", + "type": "string" + } + }, + "type": "object" + }, + "reclaimPolicy": { + "description": "Describes a policy for end-of-life maintenance of ObjectBucket.", + "enum": [ + "Delete", + "Retain", + "Recycle" + ], + "type": "string" + }, + "storageClassName": { + "description": "StorageClass names the StorageClass object representing the desired provisioner and parameters", + "type": "string" + } + }, + "required": [ + "storageClassName" + ], + "type": "object" + }, + "status": { + "description": "Most recently observed status of the bucket.", + "properties": { + "phase": { + "description": "ObjectBucketStatusPhase is set by the controller to save the state of the provisioning process", + "enum": [ + "Bound", + "Released", + "Failed" + ], + "type": "string" + } + }, + "type": "object" + } + }, + "required": [], + "type": "object", + "x-kubernetes-group-version-kind": [ + { + "group": "objectbucket.io", + "kind": "ObjectBucket", + "version": "v1alpha1" + } + ] + }, + "objectbucket.io/v1alpha1/ObjectBucketClaim": { + "description": "", + "namespaced": true, + "properties": { + "apiVersion": { + "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources", + "type": "string" + }, + "kind": { + "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", + "type": "string" + }, + "metadata": { + "allOf": [ + { + "$ref": "#/components/schemas/io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta" + } + ], + "description": "Standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata" + }, + "spec": { + "description": "Specification of the desired behavior of the claim.", + "properties": { + "additionalConfig": { + "additionalProperties": { + "type": "string" + }, + "description": "AdditionalConfig gives providers a location to set proprietary config values (tenant, namespace, etc)", + "type": "object" + }, + "bucketName": { + "description": "BucketName (not recommended) the name of the bucket. Caution! In-store bucket names may collide across namespaces. If you define the name yourself, try to make it as unique as possible.", + "type": "string" + }, + "generateBucketName": { + "description": "GenerateBucketName (recommended) a prefix for a bucket name to be followed by a hyphen and 5 random characters. Protects against in-store name collisions.", + "type": "string" + }, + "objectBucketName": { + "description": "ObjectBucketName is the name of the object bucket resource. This is the authoritative determination for binding.", + "type": "string" + }, + "storageClassName": { + "description": "StorageClass names the StorageClass object representing the desired provisioner and parameters", + "type": "string" + } + }, + "required": [ + "storageClassName" + ], + "type": "object" + }, + "status": { + "description": "Most recently observed status of the claim.", + "properties": { + "phase": { + "description": "ObjectBucketClaimStatusPhase is set by the controller to save the state of the provisioning process", + "enum": [ + "Pending", + "Bound", + "Released", + "Failed" + ], + "type": "string" + } + }, + "type": "object" + } + }, + "required": [], + "type": "object", + "x-kubernetes-group-version-kind": [ + { + "group": "objectbucket.io", + "kind": "ObjectBucketClaim", + "version": "v1alpha1" + } + ] + }, + "objectbucket.io/v1alpha1/ObjectBucketClaimList": { + "description": "ObjectBucketClaimList is a list of ObjectBucketClaim", + "namespaced": true, + "properties": { + "apiVersion": { + "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources", + "type": "string" + }, + "items": { + "description": "List of objectbucketclaims. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md", + "items": { + "$ref": "#/components/schemas/io.objectbucket.v1alpha1.ObjectBucketClaim" }, "type": "array" }, @@ -225110,7 +233273,7 @@ "type": "object" }, "resources": { - "description": "resources represents the minimum resources the volume should have.\nIf RecoverVolumeExpansionFailure feature is enabled users are allowed to specify resource requirements\nthat are lower than previous value but must still be higher than capacity recorded in the\nstatus field of the claim.\nMore info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources", + "description": "resources represents the minimum resources the volume should have.\nUsers are allowed to specify resource requirements\nthat are lower than previous value but must still be higher than capacity recorded in the\nstatus field of the claim.\nMore info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources", "properties": { "limits": { "additionalProperties": { @@ -225227,7 +233390,7 @@ "description": "When a controller receives persistentvolume claim update with ClaimResourceStatus for a resource\nthat it does not recognizes, then it should ignore that update and let other controllers\nhandle it.", "type": "string" }, - "description": "allocatedResourceStatuses stores status of resource being resized for the given PVC.\nKey names follow standard Kubernetes label syntax. Valid values are either:\n\t* Un-prefixed keys:\n\t\t- storage - the capacity of the volume.\n\t* Custom resources must use implementation-defined prefixed names such as \"example.com/my-custom-resource\"\nApart from above values - keys that are unprefixed or have kubernetes.io prefix are considered\nreserved and hence may not be used.\n\nClaimResourceStatus can be in any of following states:\n\t- ControllerResizeInProgress:\n\t\tState set when resize controller starts resizing the volume in control-plane.\n\t- ControllerResizeFailed:\n\t\tState set when resize has failed in resize controller with a terminal error.\n\t- NodeResizePending:\n\t\tState set when resize controller has finished resizing the volume but further resizing of\n\t\tvolume is needed on the node.\n\t- NodeResizeInProgress:\n\t\tState set when kubelet starts resizing the volume.\n\t- NodeResizeFailed:\n\t\tState set when resizing has failed in kubelet with a terminal error. Transient errors don't set\n\t\tNodeResizeFailed.\nFor example: if expanding a PVC for more capacity - this field can be one of the following states:\n\t- pvc.status.allocatedResourceStatus['storage'] = \"ControllerResizeInProgress\"\n - pvc.status.allocatedResourceStatus['storage'] = \"ControllerResizeFailed\"\n - pvc.status.allocatedResourceStatus['storage'] = \"NodeResizePending\"\n - pvc.status.allocatedResourceStatus['storage'] = \"NodeResizeInProgress\"\n - pvc.status.allocatedResourceStatus['storage'] = \"NodeResizeFailed\"\nWhen this field is not set, it means that no resize operation is in progress for the given PVC.\n\nA controller that receives PVC update with previously unknown resourceName or ClaimResourceStatus\nshould ignore the update for the purpose it was designed. For example - a controller that\nonly is responsible for resizing capacity of the volume, should ignore PVC updates that change other valid\nresources associated with PVC.\n\nThis is an alpha field and requires enabling RecoverVolumeExpansionFailure feature.", + "description": "allocatedResourceStatuses stores status of resource being resized for the given PVC.\nKey names follow standard Kubernetes label syntax. Valid values are either:\n\t* Un-prefixed keys:\n\t\t- storage - the capacity of the volume.\n\t* Custom resources must use implementation-defined prefixed names such as \"example.com/my-custom-resource\"\nApart from above values - keys that are unprefixed or have kubernetes.io prefix are considered\nreserved and hence may not be used.\n\nClaimResourceStatus can be in any of following states:\n\t- ControllerResizeInProgress:\n\t\tState set when resize controller starts resizing the volume in control-plane.\n\t- ControllerResizeFailed:\n\t\tState set when resize has failed in resize controller with a terminal error.\n\t- NodeResizePending:\n\t\tState set when resize controller has finished resizing the volume but further resizing of\n\t\tvolume is needed on the node.\n\t- NodeResizeInProgress:\n\t\tState set when kubelet starts resizing the volume.\n\t- NodeResizeFailed:\n\t\tState set when resizing has failed in kubelet with a terminal error. Transient errors don't set\n\t\tNodeResizeFailed.\nFor example: if expanding a PVC for more capacity - this field can be one of the following states:\n\t- pvc.status.allocatedResourceStatus['storage'] = \"ControllerResizeInProgress\"\n - pvc.status.allocatedResourceStatus['storage'] = \"ControllerResizeFailed\"\n - pvc.status.allocatedResourceStatus['storage'] = \"NodeResizePending\"\n - pvc.status.allocatedResourceStatus['storage'] = \"NodeResizeInProgress\"\n - pvc.status.allocatedResourceStatus['storage'] = \"NodeResizeFailed\"\nWhen this field is not set, it means that no resize operation is in progress for the given PVC.\n\nA controller that receives PVC update with previously unknown resourceName or ClaimResourceStatus\nshould ignore the update for the purpose it was designed. For example - a controller that\nonly is responsible for resizing capacity of the volume, should ignore PVC updates that change other valid\nresources associated with PVC.", "type": "object", "x-kubernetes-map-type": "granular" }, @@ -225244,7 +233407,7 @@ "pattern": "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$", "x-kubernetes-int-or-string": true }, - "description": "allocatedResources tracks the resources allocated to a PVC including its capacity.\nKey names follow standard Kubernetes label syntax. Valid values are either:\n\t* Un-prefixed keys:\n\t\t- storage - the capacity of the volume.\n\t* Custom resources must use implementation-defined prefixed names such as \"example.com/my-custom-resource\"\nApart from above values - keys that are unprefixed or have kubernetes.io prefix are considered\nreserved and hence may not be used.\n\nCapacity reported here may be larger than the actual capacity when a volume expansion operation\nis requested.\nFor storage quota, the larger value from allocatedResources and PVC.spec.resources is used.\nIf allocatedResources is not set, PVC.spec.resources alone is used for quota calculation.\nIf a volume expansion capacity request is lowered, allocatedResources is only\nlowered if there are no expansion operations in progress and if the actual volume capacity\nis equal or lower than the requested capacity.\n\nA controller that receives PVC update with previously unknown resourceName\nshould ignore the update for the purpose it was designed. For example - a controller that\nonly is responsible for resizing capacity of the volume, should ignore PVC updates that change other valid\nresources associated with PVC.\n\nThis is an alpha field and requires enabling RecoverVolumeExpansionFailure feature.", + "description": "allocatedResources tracks the resources allocated to a PVC including its capacity.\nKey names follow standard Kubernetes label syntax. Valid values are either:\n\t* Un-prefixed keys:\n\t\t- storage - the capacity of the volume.\n\t* Custom resources must use implementation-defined prefixed names such as \"example.com/my-custom-resource\"\nApart from above values - keys that are unprefixed or have kubernetes.io prefix are considered\nreserved and hence may not be used.\n\nCapacity reported here may be larger than the actual capacity when a volume expansion operation\nis requested.\nFor storage quota, the larger value from allocatedResources and PVC.spec.resources is used.\nIf allocatedResources is not set, PVC.spec.resources alone is used for quota calculation.\nIf a volume expansion capacity request is lowered, allocatedResources is only\nlowered if there are no expansion operations in progress and if the actual volume capacity\nis equal or lower than the requested capacity.\n\nA controller that receives PVC update with previously unknown resourceName\nshould ignore the update for the purpose it was designed. For example - a controller that\nonly is responsible for resizing capacity of the volume, should ignore PVC updates that change other valid\nresources associated with PVC.", "type": "object" }, "capacity": { @@ -225485,7 +233648,7 @@ "type": "boolean" }, "hostNetwork": { - "description": "HostNetwork defaults to false", + "description": "HostNetwork defaults to false.\nDeprecated: This field is deprecated and will be removed in a future release.\nUse spec.network.hostNetwork instead.", "type": "boolean" }, "labelSelector": { @@ -227308,7 +235471,7 @@ "type": "object" }, "resources": { - "description": "resources represents the minimum resources the volume should have.\nIf RecoverVolumeExpansionFailure feature is enabled users are allowed to specify resource requirements\nthat are lower than previous value but must still be higher than capacity recorded in the\nstatus field of the claim.\nMore info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources", + "description": "resources represents the minimum resources the volume should have.\nUsers are allowed to specify resource requirements\nthat are lower than previous value but must still be higher than capacity recorded in the\nstatus field of the claim.\nMore info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources", "properties": { "limits": { "additionalProperties": { @@ -227425,7 +235588,7 @@ "description": "When a controller receives persistentvolume claim update with ClaimResourceStatus for a resource\nthat it does not recognizes, then it should ignore that update and let other controllers\nhandle it.", "type": "string" }, - "description": "allocatedResourceStatuses stores status of resource being resized for the given PVC.\nKey names follow standard Kubernetes label syntax. Valid values are either:\n\t* Un-prefixed keys:\n\t\t- storage - the capacity of the volume.\n\t* Custom resources must use implementation-defined prefixed names such as \"example.com/my-custom-resource\"\nApart from above values - keys that are unprefixed or have kubernetes.io prefix are considered\nreserved and hence may not be used.\n\nClaimResourceStatus can be in any of following states:\n\t- ControllerResizeInProgress:\n\t\tState set when resize controller starts resizing the volume in control-plane.\n\t- ControllerResizeFailed:\n\t\tState set when resize has failed in resize controller with a terminal error.\n\t- NodeResizePending:\n\t\tState set when resize controller has finished resizing the volume but further resizing of\n\t\tvolume is needed on the node.\n\t- NodeResizeInProgress:\n\t\tState set when kubelet starts resizing the volume.\n\t- NodeResizeFailed:\n\t\tState set when resizing has failed in kubelet with a terminal error. Transient errors don't set\n\t\tNodeResizeFailed.\nFor example: if expanding a PVC for more capacity - this field can be one of the following states:\n\t- pvc.status.allocatedResourceStatus['storage'] = \"ControllerResizeInProgress\"\n - pvc.status.allocatedResourceStatus['storage'] = \"ControllerResizeFailed\"\n - pvc.status.allocatedResourceStatus['storage'] = \"NodeResizePending\"\n - pvc.status.allocatedResourceStatus['storage'] = \"NodeResizeInProgress\"\n - pvc.status.allocatedResourceStatus['storage'] = \"NodeResizeFailed\"\nWhen this field is not set, it means that no resize operation is in progress for the given PVC.\n\nA controller that receives PVC update with previously unknown resourceName or ClaimResourceStatus\nshould ignore the update for the purpose it was designed. For example - a controller that\nonly is responsible for resizing capacity of the volume, should ignore PVC updates that change other valid\nresources associated with PVC.\n\nThis is an alpha field and requires enabling RecoverVolumeExpansionFailure feature.", + "description": "allocatedResourceStatuses stores status of resource being resized for the given PVC.\nKey names follow standard Kubernetes label syntax. Valid values are either:\n\t* Un-prefixed keys:\n\t\t- storage - the capacity of the volume.\n\t* Custom resources must use implementation-defined prefixed names such as \"example.com/my-custom-resource\"\nApart from above values - keys that are unprefixed or have kubernetes.io prefix are considered\nreserved and hence may not be used.\n\nClaimResourceStatus can be in any of following states:\n\t- ControllerResizeInProgress:\n\t\tState set when resize controller starts resizing the volume in control-plane.\n\t- ControllerResizeFailed:\n\t\tState set when resize has failed in resize controller with a terminal error.\n\t- NodeResizePending:\n\t\tState set when resize controller has finished resizing the volume but further resizing of\n\t\tvolume is needed on the node.\n\t- NodeResizeInProgress:\n\t\tState set when kubelet starts resizing the volume.\n\t- NodeResizeFailed:\n\t\tState set when resizing has failed in kubelet with a terminal error. Transient errors don't set\n\t\tNodeResizeFailed.\nFor example: if expanding a PVC for more capacity - this field can be one of the following states:\n\t- pvc.status.allocatedResourceStatus['storage'] = \"ControllerResizeInProgress\"\n - pvc.status.allocatedResourceStatus['storage'] = \"ControllerResizeFailed\"\n - pvc.status.allocatedResourceStatus['storage'] = \"NodeResizePending\"\n - pvc.status.allocatedResourceStatus['storage'] = \"NodeResizeInProgress\"\n - pvc.status.allocatedResourceStatus['storage'] = \"NodeResizeFailed\"\nWhen this field is not set, it means that no resize operation is in progress for the given PVC.\n\nA controller that receives PVC update with previously unknown resourceName or ClaimResourceStatus\nshould ignore the update for the purpose it was designed. For example - a controller that\nonly is responsible for resizing capacity of the volume, should ignore PVC updates that change other valid\nresources associated with PVC.", "type": "object", "x-kubernetes-map-type": "granular" }, @@ -227442,7 +235605,7 @@ "pattern": "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$", "x-kubernetes-int-or-string": true }, - "description": "allocatedResources tracks the resources allocated to a PVC including its capacity.\nKey names follow standard Kubernetes label syntax. Valid values are either:\n\t* Un-prefixed keys:\n\t\t- storage - the capacity of the volume.\n\t* Custom resources must use implementation-defined prefixed names such as \"example.com/my-custom-resource\"\nApart from above values - keys that are unprefixed or have kubernetes.io prefix are considered\nreserved and hence may not be used.\n\nCapacity reported here may be larger than the actual capacity when a volume expansion operation\nis requested.\nFor storage quota, the larger value from allocatedResources and PVC.spec.resources is used.\nIf allocatedResources is not set, PVC.spec.resources alone is used for quota calculation.\nIf a volume expansion capacity request is lowered, allocatedResources is only\nlowered if there are no expansion operations in progress and if the actual volume capacity\nis equal or lower than the requested capacity.\n\nA controller that receives PVC update with previously unknown resourceName\nshould ignore the update for the purpose it was designed. For example - a controller that\nonly is responsible for resizing capacity of the volume, should ignore PVC updates that change other valid\nresources associated with PVC.\n\nThis is an alpha field and requires enabling RecoverVolumeExpansionFailure feature.", + "description": "allocatedResources tracks the resources allocated to a PVC including its capacity.\nKey names follow standard Kubernetes label syntax. Valid values are either:\n\t* Un-prefixed keys:\n\t\t- storage - the capacity of the volume.\n\t* Custom resources must use implementation-defined prefixed names such as \"example.com/my-custom-resource\"\nApart from above values - keys that are unprefixed or have kubernetes.io prefix are considered\nreserved and hence may not be used.\n\nCapacity reported here may be larger than the actual capacity when a volume expansion operation\nis requested.\nFor storage quota, the larger value from allocatedResources and PVC.spec.resources is used.\nIf allocatedResources is not set, PVC.spec.resources alone is used for quota calculation.\nIf a volume expansion capacity request is lowered, allocatedResources is only\nlowered if there are no expansion operations in progress and if the actual volume capacity\nis equal or lower than the requested capacity.\n\nA controller that receives PVC update with previously unknown resourceName\nshould ignore the update for the purpose it was designed. For example - a controller that\nonly is responsible for resizing capacity of the volume, should ignore PVC updates that change other valid\nresources associated with PVC.", "type": "object" }, "capacity": { @@ -227794,6 +235957,10 @@ "disableRoute": { "type": "boolean" }, + "enableSTS": { + "description": "Enables STS authentication for RGW", + "type": "boolean" + }, "gatewayInstances": { "type": "integer" }, @@ -228201,7 +236368,7 @@ "type": "object" }, "resources": { - "description": "resources represents the minimum resources the volume should have.\nIf RecoverVolumeExpansionFailure feature is enabled users are allowed to specify resource requirements\nthat are lower than previous value but must still be higher than capacity recorded in the\nstatus field of the claim.\nMore info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources", + "description": "resources represents the minimum resources the volume should have.\nUsers are allowed to specify resource requirements\nthat are lower than previous value but must still be higher than capacity recorded in the\nstatus field of the claim.\nMore info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources", "properties": { "limits": { "additionalProperties": { @@ -228318,7 +236485,7 @@ "description": "When a controller receives persistentvolume claim update with ClaimResourceStatus for a resource\nthat it does not recognizes, then it should ignore that update and let other controllers\nhandle it.", "type": "string" }, - "description": "allocatedResourceStatuses stores status of resource being resized for the given PVC.\nKey names follow standard Kubernetes label syntax. Valid values are either:\n\t* Un-prefixed keys:\n\t\t- storage - the capacity of the volume.\n\t* Custom resources must use implementation-defined prefixed names such as \"example.com/my-custom-resource\"\nApart from above values - keys that are unprefixed or have kubernetes.io prefix are considered\nreserved and hence may not be used.\n\nClaimResourceStatus can be in any of following states:\n\t- ControllerResizeInProgress:\n\t\tState set when resize controller starts resizing the volume in control-plane.\n\t- ControllerResizeFailed:\n\t\tState set when resize has failed in resize controller with a terminal error.\n\t- NodeResizePending:\n\t\tState set when resize controller has finished resizing the volume but further resizing of\n\t\tvolume is needed on the node.\n\t- NodeResizeInProgress:\n\t\tState set when kubelet starts resizing the volume.\n\t- NodeResizeFailed:\n\t\tState set when resizing has failed in kubelet with a terminal error. Transient errors don't set\n\t\tNodeResizeFailed.\nFor example: if expanding a PVC for more capacity - this field can be one of the following states:\n\t- pvc.status.allocatedResourceStatus['storage'] = \"ControllerResizeInProgress\"\n - pvc.status.allocatedResourceStatus['storage'] = \"ControllerResizeFailed\"\n - pvc.status.allocatedResourceStatus['storage'] = \"NodeResizePending\"\n - pvc.status.allocatedResourceStatus['storage'] = \"NodeResizeInProgress\"\n - pvc.status.allocatedResourceStatus['storage'] = \"NodeResizeFailed\"\nWhen this field is not set, it means that no resize operation is in progress for the given PVC.\n\nA controller that receives PVC update with previously unknown resourceName or ClaimResourceStatus\nshould ignore the update for the purpose it was designed. For example - a controller that\nonly is responsible for resizing capacity of the volume, should ignore PVC updates that change other valid\nresources associated with PVC.\n\nThis is an alpha field and requires enabling RecoverVolumeExpansionFailure feature.", + "description": "allocatedResourceStatuses stores status of resource being resized for the given PVC.\nKey names follow standard Kubernetes label syntax. Valid values are either:\n\t* Un-prefixed keys:\n\t\t- storage - the capacity of the volume.\n\t* Custom resources must use implementation-defined prefixed names such as \"example.com/my-custom-resource\"\nApart from above values - keys that are unprefixed or have kubernetes.io prefix are considered\nreserved and hence may not be used.\n\nClaimResourceStatus can be in any of following states:\n\t- ControllerResizeInProgress:\n\t\tState set when resize controller starts resizing the volume in control-plane.\n\t- ControllerResizeFailed:\n\t\tState set when resize has failed in resize controller with a terminal error.\n\t- NodeResizePending:\n\t\tState set when resize controller has finished resizing the volume but further resizing of\n\t\tvolume is needed on the node.\n\t- NodeResizeInProgress:\n\t\tState set when kubelet starts resizing the volume.\n\t- NodeResizeFailed:\n\t\tState set when resizing has failed in kubelet with a terminal error. Transient errors don't set\n\t\tNodeResizeFailed.\nFor example: if expanding a PVC for more capacity - this field can be one of the following states:\n\t- pvc.status.allocatedResourceStatus['storage'] = \"ControllerResizeInProgress\"\n - pvc.status.allocatedResourceStatus['storage'] = \"ControllerResizeFailed\"\n - pvc.status.allocatedResourceStatus['storage'] = \"NodeResizePending\"\n - pvc.status.allocatedResourceStatus['storage'] = \"NodeResizeInProgress\"\n - pvc.status.allocatedResourceStatus['storage'] = \"NodeResizeFailed\"\nWhen this field is not set, it means that no resize operation is in progress for the given PVC.\n\nA controller that receives PVC update with previously unknown resourceName or ClaimResourceStatus\nshould ignore the update for the purpose it was designed. For example - a controller that\nonly is responsible for resizing capacity of the volume, should ignore PVC updates that change other valid\nresources associated with PVC.", "type": "object", "x-kubernetes-map-type": "granular" }, @@ -228335,7 +236502,7 @@ "pattern": "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$", "x-kubernetes-int-or-string": true }, - "description": "allocatedResources tracks the resources allocated to a PVC including its capacity.\nKey names follow standard Kubernetes label syntax. Valid values are either:\n\t* Un-prefixed keys:\n\t\t- storage - the capacity of the volume.\n\t* Custom resources must use implementation-defined prefixed names such as \"example.com/my-custom-resource\"\nApart from above values - keys that are unprefixed or have kubernetes.io prefix are considered\nreserved and hence may not be used.\n\nCapacity reported here may be larger than the actual capacity when a volume expansion operation\nis requested.\nFor storage quota, the larger value from allocatedResources and PVC.spec.resources is used.\nIf allocatedResources is not set, PVC.spec.resources alone is used for quota calculation.\nIf a volume expansion capacity request is lowered, allocatedResources is only\nlowered if there are no expansion operations in progress and if the actual volume capacity\nis equal or lower than the requested capacity.\n\nA controller that receives PVC update with previously unknown resourceName\nshould ignore the update for the purpose it was designed. For example - a controller that\nonly is responsible for resizing capacity of the volume, should ignore PVC updates that change other valid\nresources associated with PVC.\n\nThis is an alpha field and requires enabling RecoverVolumeExpansionFailure feature.", + "description": "allocatedResources tracks the resources allocated to a PVC including its capacity.\nKey names follow standard Kubernetes label syntax. Valid values are either:\n\t* Un-prefixed keys:\n\t\t- storage - the capacity of the volume.\n\t* Custom resources must use implementation-defined prefixed names such as \"example.com/my-custom-resource\"\nApart from above values - keys that are unprefixed or have kubernetes.io prefix are considered\nreserved and hence may not be used.\n\nCapacity reported here may be larger than the actual capacity when a volume expansion operation\nis requested.\nFor storage quota, the larger value from allocatedResources and PVC.spec.resources is used.\nIf allocatedResources is not set, PVC.spec.resources alone is used for quota calculation.\nIf a volume expansion capacity request is lowered, allocatedResources is only\nlowered if there are no expansion operations in progress and if the actual volume capacity\nis equal or lower than the requested capacity.\n\nA controller that receives PVC update with previously unknown resourceName\nshould ignore the update for the purpose it was designed. For example - a controller that\nonly is responsible for resizing capacity of the volume, should ignore PVC updates that change other valid\nresources associated with PVC.", "type": "object" }, "capacity": { @@ -228436,6 +236603,33 @@ "description": "DisableBlackboxExporter disables deployment of Blackbox Exporter for network health checks", "type": "boolean" }, + "excludedAlerts": { + "description": "ExcludedAlerts lists alerts to exclude from ODF health score calculation.\nAlerts still fire in Prometheus but are excluded from health score.", + "items": { + "description": "ExcludedAlert represents an alert that has been excluded", + "properties": { + "alertName": { + "description": "AlertName is the name of the alert to exclude", + "type": "string" + }, + "excludedAt": { + "description": "ExcludedAt is the timestamp when the alert was excluded", + "format": "date-time", + "type": "string" + }, + "severity": { + "description": "Severity is the severity of the alert to exclude. Valid\nvalues are \"critical\", \"warning\", and \"info\".", + "type": "string" + } + }, + "required": [ + "alertName", + "excludedAt" + ], + "type": "object" + }, + "type": "array" + }, "labels": { "additionalProperties": { "type": "string" @@ -228457,6 +236651,7 @@ "properties": { "schedule": { "description": "Schedule the schedule for the database backup in cron format.", + "pattern": "^((((\\d+,)+\\d+|(\\d+(\\/|-|#)\\d+)|\\d+L?|\\*(\\/\\d+)?|L(-\\d+)?|\\?|[A-Z]{3}(-[A-Z]{3})?) ?){5,7})|(@(annually|yearly|monthly|weekly|daily|hourly|reboot))|(@every (\\d+(ns|us|\u00b5s|ms|s|m|h))+)$", "type": "string" }, "volumeSnapshot": { @@ -229666,7 +237861,7 @@ "type": "string" }, "operator": { - "description": "Operator represents a key's relationship to the value.\nValid operators are Exists and Equal. Defaults to Equal.\nExists is equivalent to wildcard for value, so that a pod can\ntolerate all taints of a particular category.", + "description": "Operator represents a key's relationship to the value.\nValid operators are Exists, Equal, Lt, and Gt. Defaults to Equal.\nExists is equivalent to wildcard for value, so that a pod can\ntolerate all taints of a particular category.\nLt and Gt perform numeric comparisons (requires feature gate TaintTolerationComparisonOperators).", "type": "string" }, "tolerationSeconds": { @@ -229996,7 +238191,7 @@ "type": "object" }, "resources": { - "description": "resources represents the minimum resources the volume should have.\nIf RecoverVolumeExpansionFailure feature is enabled users are allowed to specify resource requirements\nthat are lower than previous value but must still be higher than capacity recorded in the\nstatus field of the claim.\nMore info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources", + "description": "resources represents the minimum resources the volume should have.\nUsers are allowed to specify resource requirements\nthat are lower than previous value but must still be higher than capacity recorded in the\nstatus field of the claim.\nMore info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources", "properties": { "limits": { "additionalProperties": { @@ -230113,7 +238308,7 @@ "description": "When a controller receives persistentvolume claim update with ClaimResourceStatus for a resource\nthat it does not recognizes, then it should ignore that update and let other controllers\nhandle it.", "type": "string" }, - "description": "allocatedResourceStatuses stores status of resource being resized for the given PVC.\nKey names follow standard Kubernetes label syntax. Valid values are either:\n\t* Un-prefixed keys:\n\t\t- storage - the capacity of the volume.\n\t* Custom resources must use implementation-defined prefixed names such as \"example.com/my-custom-resource\"\nApart from above values - keys that are unprefixed or have kubernetes.io prefix are considered\nreserved and hence may not be used.\n\nClaimResourceStatus can be in any of following states:\n\t- ControllerResizeInProgress:\n\t\tState set when resize controller starts resizing the volume in control-plane.\n\t- ControllerResizeFailed:\n\t\tState set when resize has failed in resize controller with a terminal error.\n\t- NodeResizePending:\n\t\tState set when resize controller has finished resizing the volume but further resizing of\n\t\tvolume is needed on the node.\n\t- NodeResizeInProgress:\n\t\tState set when kubelet starts resizing the volume.\n\t- NodeResizeFailed:\n\t\tState set when resizing has failed in kubelet with a terminal error. Transient errors don't set\n\t\tNodeResizeFailed.\nFor example: if expanding a PVC for more capacity - this field can be one of the following states:\n\t- pvc.status.allocatedResourceStatus['storage'] = \"ControllerResizeInProgress\"\n - pvc.status.allocatedResourceStatus['storage'] = \"ControllerResizeFailed\"\n - pvc.status.allocatedResourceStatus['storage'] = \"NodeResizePending\"\n - pvc.status.allocatedResourceStatus['storage'] = \"NodeResizeInProgress\"\n - pvc.status.allocatedResourceStatus['storage'] = \"NodeResizeFailed\"\nWhen this field is not set, it means that no resize operation is in progress for the given PVC.\n\nA controller that receives PVC update with previously unknown resourceName or ClaimResourceStatus\nshould ignore the update for the purpose it was designed. For example - a controller that\nonly is responsible for resizing capacity of the volume, should ignore PVC updates that change other valid\nresources associated with PVC.\n\nThis is an alpha field and requires enabling RecoverVolumeExpansionFailure feature.", + "description": "allocatedResourceStatuses stores status of resource being resized for the given PVC.\nKey names follow standard Kubernetes label syntax. Valid values are either:\n\t* Un-prefixed keys:\n\t\t- storage - the capacity of the volume.\n\t* Custom resources must use implementation-defined prefixed names such as \"example.com/my-custom-resource\"\nApart from above values - keys that are unprefixed or have kubernetes.io prefix are considered\nreserved and hence may not be used.\n\nClaimResourceStatus can be in any of following states:\n\t- ControllerResizeInProgress:\n\t\tState set when resize controller starts resizing the volume in control-plane.\n\t- ControllerResizeFailed:\n\t\tState set when resize has failed in resize controller with a terminal error.\n\t- NodeResizePending:\n\t\tState set when resize controller has finished resizing the volume but further resizing of\n\t\tvolume is needed on the node.\n\t- NodeResizeInProgress:\n\t\tState set when kubelet starts resizing the volume.\n\t- NodeResizeFailed:\n\t\tState set when resizing has failed in kubelet with a terminal error. Transient errors don't set\n\t\tNodeResizeFailed.\nFor example: if expanding a PVC for more capacity - this field can be one of the following states:\n\t- pvc.status.allocatedResourceStatus['storage'] = \"ControllerResizeInProgress\"\n - pvc.status.allocatedResourceStatus['storage'] = \"ControllerResizeFailed\"\n - pvc.status.allocatedResourceStatus['storage'] = \"NodeResizePending\"\n - pvc.status.allocatedResourceStatus['storage'] = \"NodeResizeInProgress\"\n - pvc.status.allocatedResourceStatus['storage'] = \"NodeResizeFailed\"\nWhen this field is not set, it means that no resize operation is in progress for the given PVC.\n\nA controller that receives PVC update with previously unknown resourceName or ClaimResourceStatus\nshould ignore the update for the purpose it was designed. For example - a controller that\nonly is responsible for resizing capacity of the volume, should ignore PVC updates that change other valid\nresources associated with PVC.", "type": "object", "x-kubernetes-map-type": "granular" }, @@ -230130,7 +238325,7 @@ "pattern": "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$", "x-kubernetes-int-or-string": true }, - "description": "allocatedResources tracks the resources allocated to a PVC including its capacity.\nKey names follow standard Kubernetes label syntax. Valid values are either:\n\t* Un-prefixed keys:\n\t\t- storage - the capacity of the volume.\n\t* Custom resources must use implementation-defined prefixed names such as \"example.com/my-custom-resource\"\nApart from above values - keys that are unprefixed or have kubernetes.io prefix are considered\nreserved and hence may not be used.\n\nCapacity reported here may be larger than the actual capacity when a volume expansion operation\nis requested.\nFor storage quota, the larger value from allocatedResources and PVC.spec.resources is used.\nIf allocatedResources is not set, PVC.spec.resources alone is used for quota calculation.\nIf a volume expansion capacity request is lowered, allocatedResources is only\nlowered if there are no expansion operations in progress and if the actual volume capacity\nis equal or lower than the requested capacity.\n\nA controller that receives PVC update with previously unknown resourceName\nshould ignore the update for the purpose it was designed. For example - a controller that\nonly is responsible for resizing capacity of the volume, should ignore PVC updates that change other valid\nresources associated with PVC.\n\nThis is an alpha field and requires enabling RecoverVolumeExpansionFailure feature.", + "description": "allocatedResources tracks the resources allocated to a PVC including its capacity.\nKey names follow standard Kubernetes label syntax. Valid values are either:\n\t* Un-prefixed keys:\n\t\t- storage - the capacity of the volume.\n\t* Custom resources must use implementation-defined prefixed names such as \"example.com/my-custom-resource\"\nApart from above values - keys that are unprefixed or have kubernetes.io prefix are considered\nreserved and hence may not be used.\n\nCapacity reported here may be larger than the actual capacity when a volume expansion operation\nis requested.\nFor storage quota, the larger value from allocatedResources and PVC.spec.resources is used.\nIf allocatedResources is not set, PVC.spec.resources alone is used for quota calculation.\nIf a volume expansion capacity request is lowered, allocatedResources is only\nlowered if there are no expansion operations in progress and if the actual volume capacity\nis equal or lower than the requested capacity.\n\nA controller that receives PVC update with previously unknown resourceName\nshould ignore the update for the purpose it was designed. For example - a controller that\nonly is responsible for resizing capacity of the volume, should ignore PVC updates that change other valid\nresources associated with PVC.", "type": "object" }, "capacity": { @@ -230352,7 +238547,7 @@ "type": "object" }, "resources": { - "description": "resources represents the minimum resources the volume should have.\nIf RecoverVolumeExpansionFailure feature is enabled users are allowed to specify resource requirements\nthat are lower than previous value but must still be higher than capacity recorded in the\nstatus field of the claim.\nMore info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources", + "description": "resources represents the minimum resources the volume should have.\nUsers are allowed to specify resource requirements\nthat are lower than previous value but must still be higher than capacity recorded in the\nstatus field of the claim.\nMore info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources", "properties": { "limits": { "additionalProperties": { @@ -230469,7 +238664,7 @@ "description": "When a controller receives persistentvolume claim update with ClaimResourceStatus for a resource\nthat it does not recognizes, then it should ignore that update and let other controllers\nhandle it.", "type": "string" }, - "description": "allocatedResourceStatuses stores status of resource being resized for the given PVC.\nKey names follow standard Kubernetes label syntax. Valid values are either:\n\t* Un-prefixed keys:\n\t\t- storage - the capacity of the volume.\n\t* Custom resources must use implementation-defined prefixed names such as \"example.com/my-custom-resource\"\nApart from above values - keys that are unprefixed or have kubernetes.io prefix are considered\nreserved and hence may not be used.\n\nClaimResourceStatus can be in any of following states:\n\t- ControllerResizeInProgress:\n\t\tState set when resize controller starts resizing the volume in control-plane.\n\t- ControllerResizeFailed:\n\t\tState set when resize has failed in resize controller with a terminal error.\n\t- NodeResizePending:\n\t\tState set when resize controller has finished resizing the volume but further resizing of\n\t\tvolume is needed on the node.\n\t- NodeResizeInProgress:\n\t\tState set when kubelet starts resizing the volume.\n\t- NodeResizeFailed:\n\t\tState set when resizing has failed in kubelet with a terminal error. Transient errors don't set\n\t\tNodeResizeFailed.\nFor example: if expanding a PVC for more capacity - this field can be one of the following states:\n\t- pvc.status.allocatedResourceStatus['storage'] = \"ControllerResizeInProgress\"\n - pvc.status.allocatedResourceStatus['storage'] = \"ControllerResizeFailed\"\n - pvc.status.allocatedResourceStatus['storage'] = \"NodeResizePending\"\n - pvc.status.allocatedResourceStatus['storage'] = \"NodeResizeInProgress\"\n - pvc.status.allocatedResourceStatus['storage'] = \"NodeResizeFailed\"\nWhen this field is not set, it means that no resize operation is in progress for the given PVC.\n\nA controller that receives PVC update with previously unknown resourceName or ClaimResourceStatus\nshould ignore the update for the purpose it was designed. For example - a controller that\nonly is responsible for resizing capacity of the volume, should ignore PVC updates that change other valid\nresources associated with PVC.\n\nThis is an alpha field and requires enabling RecoverVolumeExpansionFailure feature.", + "description": "allocatedResourceStatuses stores status of resource being resized for the given PVC.\nKey names follow standard Kubernetes label syntax. Valid values are either:\n\t* Un-prefixed keys:\n\t\t- storage - the capacity of the volume.\n\t* Custom resources must use implementation-defined prefixed names such as \"example.com/my-custom-resource\"\nApart from above values - keys that are unprefixed or have kubernetes.io prefix are considered\nreserved and hence may not be used.\n\nClaimResourceStatus can be in any of following states:\n\t- ControllerResizeInProgress:\n\t\tState set when resize controller starts resizing the volume in control-plane.\n\t- ControllerResizeFailed:\n\t\tState set when resize has failed in resize controller with a terminal error.\n\t- NodeResizePending:\n\t\tState set when resize controller has finished resizing the volume but further resizing of\n\t\tvolume is needed on the node.\n\t- NodeResizeInProgress:\n\t\tState set when kubelet starts resizing the volume.\n\t- NodeResizeFailed:\n\t\tState set when resizing has failed in kubelet with a terminal error. Transient errors don't set\n\t\tNodeResizeFailed.\nFor example: if expanding a PVC for more capacity - this field can be one of the following states:\n\t- pvc.status.allocatedResourceStatus['storage'] = \"ControllerResizeInProgress\"\n - pvc.status.allocatedResourceStatus['storage'] = \"ControllerResizeFailed\"\n - pvc.status.allocatedResourceStatus['storage'] = \"NodeResizePending\"\n - pvc.status.allocatedResourceStatus['storage'] = \"NodeResizeInProgress\"\n - pvc.status.allocatedResourceStatus['storage'] = \"NodeResizeFailed\"\nWhen this field is not set, it means that no resize operation is in progress for the given PVC.\n\nA controller that receives PVC update with previously unknown resourceName or ClaimResourceStatus\nshould ignore the update for the purpose it was designed. For example - a controller that\nonly is responsible for resizing capacity of the volume, should ignore PVC updates that change other valid\nresources associated with PVC.", "type": "object", "x-kubernetes-map-type": "granular" }, @@ -230486,7 +238681,7 @@ "pattern": "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$", "x-kubernetes-int-or-string": true }, - "description": "allocatedResources tracks the resources allocated to a PVC including its capacity.\nKey names follow standard Kubernetes label syntax. Valid values are either:\n\t* Un-prefixed keys:\n\t\t- storage - the capacity of the volume.\n\t* Custom resources must use implementation-defined prefixed names such as \"example.com/my-custom-resource\"\nApart from above values - keys that are unprefixed or have kubernetes.io prefix are considered\nreserved and hence may not be used.\n\nCapacity reported here may be larger than the actual capacity when a volume expansion operation\nis requested.\nFor storage quota, the larger value from allocatedResources and PVC.spec.resources is used.\nIf allocatedResources is not set, PVC.spec.resources alone is used for quota calculation.\nIf a volume expansion capacity request is lowered, allocatedResources is only\nlowered if there are no expansion operations in progress and if the actual volume capacity\nis equal or lower than the requested capacity.\n\nA controller that receives PVC update with previously unknown resourceName\nshould ignore the update for the purpose it was designed. For example - a controller that\nonly is responsible for resizing capacity of the volume, should ignore PVC updates that change other valid\nresources associated with PVC.\n\nThis is an alpha field and requires enabling RecoverVolumeExpansionFailure feature.", + "description": "allocatedResources tracks the resources allocated to a PVC including its capacity.\nKey names follow standard Kubernetes label syntax. Valid values are either:\n\t* Un-prefixed keys:\n\t\t- storage - the capacity of the volume.\n\t* Custom resources must use implementation-defined prefixed names such as \"example.com/my-custom-resource\"\nApart from above values - keys that are unprefixed or have kubernetes.io prefix are considered\nreserved and hence may not be used.\n\nCapacity reported here may be larger than the actual capacity when a volume expansion operation\nis requested.\nFor storage quota, the larger value from allocatedResources and PVC.spec.resources is used.\nIf allocatedResources is not set, PVC.spec.resources alone is used for quota calculation.\nIf a volume expansion capacity request is lowered, allocatedResources is only\nlowered if there are no expansion operations in progress and if the actual volume capacity\nis equal or lower than the requested capacity.\n\nA controller that receives PVC update with previously unknown resourceName\nshould ignore the update for the purpose it was designed. For example - a controller that\nonly is responsible for resizing capacity of the volume, should ignore PVC updates that change other valid\nresources associated with PVC.", "type": "object" }, "capacity": { @@ -231349,7 +239544,7 @@ "type": "string" }, "operator": { - "description": "Operator represents a key's relationship to the value.\nValid operators are Exists and Equal. Defaults to Equal.\nExists is equivalent to wildcard for value, so that a pod can\ntolerate all taints of a particular category.", + "description": "Operator represents a key's relationship to the value.\nValid operators are Exists, Equal, Lt, and Gt. Defaults to Equal.\nExists is equivalent to wildcard for value, so that a pod can\ntolerate all taints of a particular category.\nLt and Gt perform numeric comparisons (requires feature gate TaintTolerationComparisonOperators).", "type": "string" }, "tolerationSeconds": { @@ -232233,7 +240428,7 @@ "type": "string" }, "operator": { - "description": "Operator represents a key's relationship to the value.\nValid operators are Exists and Equal. Defaults to Equal.\nExists is equivalent to wildcard for value, so that a pod can\ntolerate all taints of a particular category.", + "description": "Operator represents a key's relationship to the value.\nValid operators are Exists, Equal, Lt, and Gt. Defaults to Equal.\nExists is equivalent to wildcard for value, so that a pod can\ntolerate all taints of a particular category.\nLt and Gt perform numeric comparisons (requires feature gate TaintTolerationComparisonOperators).", "type": "string" }, "tolerationSeconds": { @@ -232522,7 +240717,7 @@ "type": "object" }, "resources": { - "description": "resources represents the minimum resources the volume should have.\nIf RecoverVolumeExpansionFailure feature is enabled users are allowed to specify resource requirements\nthat are lower than previous value but must still be higher than capacity recorded in the\nstatus field of the claim.\nMore info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources", + "description": "resources represents the minimum resources the volume should have.\nUsers are allowed to specify resource requirements\nthat are lower than previous value but must still be higher than capacity recorded in the\nstatus field of the claim.\nMore info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources", "properties": { "limits": { "additionalProperties": { @@ -232639,7 +240834,7 @@ "description": "When a controller receives persistentvolume claim update with ClaimResourceStatus for a resource\nthat it does not recognizes, then it should ignore that update and let other controllers\nhandle it.", "type": "string" }, - "description": "allocatedResourceStatuses stores status of resource being resized for the given PVC.\nKey names follow standard Kubernetes label syntax. Valid values are either:\n\t* Un-prefixed keys:\n\t\t- storage - the capacity of the volume.\n\t* Custom resources must use implementation-defined prefixed names such as \"example.com/my-custom-resource\"\nApart from above values - keys that are unprefixed or have kubernetes.io prefix are considered\nreserved and hence may not be used.\n\nClaimResourceStatus can be in any of following states:\n\t- ControllerResizeInProgress:\n\t\tState set when resize controller starts resizing the volume in control-plane.\n\t- ControllerResizeFailed:\n\t\tState set when resize has failed in resize controller with a terminal error.\n\t- NodeResizePending:\n\t\tState set when resize controller has finished resizing the volume but further resizing of\n\t\tvolume is needed on the node.\n\t- NodeResizeInProgress:\n\t\tState set when kubelet starts resizing the volume.\n\t- NodeResizeFailed:\n\t\tState set when resizing has failed in kubelet with a terminal error. Transient errors don't set\n\t\tNodeResizeFailed.\nFor example: if expanding a PVC for more capacity - this field can be one of the following states:\n\t- pvc.status.allocatedResourceStatus['storage'] = \"ControllerResizeInProgress\"\n - pvc.status.allocatedResourceStatus['storage'] = \"ControllerResizeFailed\"\n - pvc.status.allocatedResourceStatus['storage'] = \"NodeResizePending\"\n - pvc.status.allocatedResourceStatus['storage'] = \"NodeResizeInProgress\"\n - pvc.status.allocatedResourceStatus['storage'] = \"NodeResizeFailed\"\nWhen this field is not set, it means that no resize operation is in progress for the given PVC.\n\nA controller that receives PVC update with previously unknown resourceName or ClaimResourceStatus\nshould ignore the update for the purpose it was designed. For example - a controller that\nonly is responsible for resizing capacity of the volume, should ignore PVC updates that change other valid\nresources associated with PVC.\n\nThis is an alpha field and requires enabling RecoverVolumeExpansionFailure feature.", + "description": "allocatedResourceStatuses stores status of resource being resized for the given PVC.\nKey names follow standard Kubernetes label syntax. Valid values are either:\n\t* Un-prefixed keys:\n\t\t- storage - the capacity of the volume.\n\t* Custom resources must use implementation-defined prefixed names such as \"example.com/my-custom-resource\"\nApart from above values - keys that are unprefixed or have kubernetes.io prefix are considered\nreserved and hence may not be used.\n\nClaimResourceStatus can be in any of following states:\n\t- ControllerResizeInProgress:\n\t\tState set when resize controller starts resizing the volume in control-plane.\n\t- ControllerResizeFailed:\n\t\tState set when resize has failed in resize controller with a terminal error.\n\t- NodeResizePending:\n\t\tState set when resize controller has finished resizing the volume but further resizing of\n\t\tvolume is needed on the node.\n\t- NodeResizeInProgress:\n\t\tState set when kubelet starts resizing the volume.\n\t- NodeResizeFailed:\n\t\tState set when resizing has failed in kubelet with a terminal error. Transient errors don't set\n\t\tNodeResizeFailed.\nFor example: if expanding a PVC for more capacity - this field can be one of the following states:\n\t- pvc.status.allocatedResourceStatus['storage'] = \"ControllerResizeInProgress\"\n - pvc.status.allocatedResourceStatus['storage'] = \"ControllerResizeFailed\"\n - pvc.status.allocatedResourceStatus['storage'] = \"NodeResizePending\"\n - pvc.status.allocatedResourceStatus['storage'] = \"NodeResizeInProgress\"\n - pvc.status.allocatedResourceStatus['storage'] = \"NodeResizeFailed\"\nWhen this field is not set, it means that no resize operation is in progress for the given PVC.\n\nA controller that receives PVC update with previously unknown resourceName or ClaimResourceStatus\nshould ignore the update for the purpose it was designed. For example - a controller that\nonly is responsible for resizing capacity of the volume, should ignore PVC updates that change other valid\nresources associated with PVC.", "type": "object", "x-kubernetes-map-type": "granular" }, @@ -232656,7 +240851,7 @@ "pattern": "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$", "x-kubernetes-int-or-string": true }, - "description": "allocatedResources tracks the resources allocated to a PVC including its capacity.\nKey names follow standard Kubernetes label syntax. Valid values are either:\n\t* Un-prefixed keys:\n\t\t- storage - the capacity of the volume.\n\t* Custom resources must use implementation-defined prefixed names such as \"example.com/my-custom-resource\"\nApart from above values - keys that are unprefixed or have kubernetes.io prefix are considered\nreserved and hence may not be used.\n\nCapacity reported here may be larger than the actual capacity when a volume expansion operation\nis requested.\nFor storage quota, the larger value from allocatedResources and PVC.spec.resources is used.\nIf allocatedResources is not set, PVC.spec.resources alone is used for quota calculation.\nIf a volume expansion capacity request is lowered, allocatedResources is only\nlowered if there are no expansion operations in progress and if the actual volume capacity\nis equal or lower than the requested capacity.\n\nA controller that receives PVC update with previously unknown resourceName\nshould ignore the update for the purpose it was designed. For example - a controller that\nonly is responsible for resizing capacity of the volume, should ignore PVC updates that change other valid\nresources associated with PVC.\n\nThis is an alpha field and requires enabling RecoverVolumeExpansionFailure feature.", + "description": "allocatedResources tracks the resources allocated to a PVC including its capacity.\nKey names follow standard Kubernetes label syntax. Valid values are either:\n\t* Un-prefixed keys:\n\t\t- storage - the capacity of the volume.\n\t* Custom resources must use implementation-defined prefixed names such as \"example.com/my-custom-resource\"\nApart from above values - keys that are unprefixed or have kubernetes.io prefix are considered\nreserved and hence may not be used.\n\nCapacity reported here may be larger than the actual capacity when a volume expansion operation\nis requested.\nFor storage quota, the larger value from allocatedResources and PVC.spec.resources is used.\nIf allocatedResources is not set, PVC.spec.resources alone is used for quota calculation.\nIf a volume expansion capacity request is lowered, allocatedResources is only\nlowered if there are no expansion operations in progress and if the actual volume capacity\nis equal or lower than the requested capacity.\n\nA controller that receives PVC update with previously unknown resourceName\nshould ignore the update for the purpose it was designed. For example - a controller that\nonly is responsible for resizing capacity of the volume, should ignore PVC updates that change other valid\nresources associated with PVC.", "type": "object" }, "capacity": { @@ -233127,6 +241322,194 @@ } ] }, + "ocs.openshift.io/v1/TLSProfile": { + "description": "TLSProfile is the Schema for the tlsprofiles API.\nIt allows administrators to configure TLS settings (protocol versions, ciphers, groups)\nin a centralized way.", + "namespaced": true, + "properties": { + "apiVersion": { + "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources", + "type": "string" + }, + "kind": { + "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", + "type": "string" + }, + "metadata": { + "allOf": [ + { + "$ref": "#/components/schemas/io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta" + } + ], + "description": "Standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata" + }, + "spec": { + "description": "Spec defines the desired TLS configuration rules.\nWARNING: On FIPS-enabled clusters, restrict ciphers to AES-GCM variants and groups to\nclassical NIST curves (secp256r1, secp384r1, secp521r1). ChaCha20-Poly1305 ciphers and\nhybrid post-quantum groups are not FIPS 140-2 approved. [Apr 2026]", + "properties": { + "rules": { + "description": "Rules is a list of TLS configuration rules.\nWhen multiple rules match a component, the most specific selector wins.", + "items": { + "description": "TLSProfileRules pairs a selector with a TLS configuration.", + "properties": { + "config": { + "description": "Config is the TLS configuration to apply to the selected components.", + "properties": { + "ciphers": { + "description": "Ciphers is the list of IANA cipher suite names to enable, in preference order.", + "items": { + "description": "TLSCipherSuite is an IANA TLS cipher suite name.\nTLS 1.2 ciphers are configurable in both Go and OpenSSL servers.\nTLS 1.3 ciphers are configurable in OpenSSL only; Go selects TLS 1.3 ciphers automatically.\nNote: ChaCha20-Poly1305 ciphers are not FIPS 140-2 approved - do not use them on FIPS-enabled clusters.", + "enum": [ + "TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256", + "TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384", + "TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256", + "TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256", + "TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384", + "TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256", + "TLS_AES_128_GCM_SHA256", + "TLS_AES_256_GCM_SHA384", + "TLS_CHACHA20_POLY1305_SHA256" + ], + "type": "string" + }, + "maxItems": 20, + "minItems": 1, + "type": "array", + "x-kubernetes-list-type": "set" + }, + "groups": { + "description": "Groups is the list of key exchange groups to enable, in preference order.", + "items": { + "description": "TLSGroupName is a TLS key exchange group name.\nClassical groups (secp256r1, secp384r1, secp521r1, X25519) are valid for TLS 1.2 and TLS 1.3.\nHybrid post-quantum groups (X25519MLKEM768, SecP256r1MLKEM768, SecP384r1MLKEM1024) are valid for TLS 1.3 only.\nNote: Hybrid post-quantum groups are not FIPS 140-2 approved - do not use them on FIPS-enabled clusters.", + "enum": [ + "secp256r1", + "secp384r1", + "secp521r1", + "X25519", + "X25519MLKEM768", + "SecP256r1MLKEM768", + "SecP384r1MLKEM1024" + ], + "type": "string" + }, + "maxItems": 20, + "minItems": 1, + "type": "array", + "x-kubernetes-list-type": "set" + }, + "version": { + "description": "Version specifies the minimum and maximum TLS protocol version.", + "enum": [ + "TLSv1.2", + "TLSv1.3" + ], + "type": "string" + } + }, + "required": [ + "ciphers", + "groups", + "version" + ], + "type": "object", + "x-kubernetes-validations": [ + { + "message": "TLS 1.3 ciphers are not valid for TLSv1.2", + "rule": "self.version != 'TLSv1.2' || !self.ciphers.exists(c, c in ['TLS_AES_128_GCM_SHA256','TLS_AES_256_GCM_SHA384','TLS_CHACHA20_POLY1305_SHA256'])" + }, + { + "message": "TLS 1.2 ciphers are not valid for TLSv1.3", + "rule": "self.version != 'TLSv1.3' || !self.ciphers.exists(c, c in ['TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256','TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384','TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256','TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256','TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384','TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256'])" + }, + { + "message": "hybrid post-quantum groups are not valid for TLSv1.2", + "rule": "self.version != 'TLSv1.2' || !self.groups.exists(g, g in ['X25519MLKEM768','SecP256r1MLKEM768','SecP384r1MLKEM1024'])" + } + ] + }, + "selectors": { + "description": "Selectors identifies the components this rule applies to.\nExamples:\n \"example.io/s3\" - Matches the S3 server under example.io\n \"example.io\" - Matches all servers under example.io\n \"*.example.io/s3\" - Matches the S3 server under any subdomain of example.io\n \"*.example.io\" - Matches all servers under any subdomain of example.io\n \"*/s3\" - Matches the S3 server under any domain\n \"*\" - Matches all servers under any domain", + "items": { + "description": "Selector is a selector pattern identifying which components a TLS rule applies to.\nResolution order (most specific wins):\n 1. \"/\" - match a server under exact domain\n 2. \"\" - match all servers under exact domain\n 3. \"*./\" - match a server under domain\n 4. \"*.\" - match all servers under domain\n 5. \"*/\" - match a server under any domain\n 6. \"*\" - matches everything", + "pattern": "^(\\*|(([a-zA-Z0-9][-]?)*[a-zA-Z0-9]))(\\.([a-zA-Z0-9][-]?)*[a-zA-Z0-9])*(\\/[a-zA-Z0-9_-]+)?$", + "type": "string" + }, + "maxItems": 20, + "minItems": 1, + "type": "array" + } + }, + "required": [ + "config", + "selectors" + ], + "type": "object" + }, + "maxItems": 20, + "minItems": 1, + "type": "array" + } + }, + "required": [ + "rules" + ], + "type": "object" + }, + "status": { + "type": "object" + } + }, + "required": [ + "metadata", + "spec" + ], + "type": "object", + "x-kubernetes-group-version-kind": [ + { + "group": "ocs.openshift.io", + "kind": "TLSProfile", + "version": "v1" + } + ] + }, + "ocs.openshift.io/v1/TLSProfileList": { + "description": "TLSProfileList is a list of TLSProfile", + "namespaced": true, + "properties": { + "apiVersion": { + "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources", + "type": "string" + }, + "items": { + "description": "List of tlsprofiles. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md", + "items": { + "$ref": "#/components/schemas/io.openshift.ocs.v1.TLSProfile" + }, + "type": "array" + }, + "kind": { + "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", + "type": "string" + }, + "metadata": { + "allOf": [ + { + "$ref": "#/components/schemas/io.k8s.apimachinery.pkg.apis.meta.v1.ListMeta" + } + ], + "description": "Standard list metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + } + }, + "required": [ + "items" + ], + "type": "object", + "x-kubernetes-group-version-kind": [ + { + "group": "ocs.openshift.io", + "kind": "TLSProfileList", + "version": "v1" + } + ] + }, "ocs.openshift.io/v1alpha1/StorageClient": { "description": "StorageClient is the Schema for the storageclients API", "namespaced": false, @@ -233488,6 +241871,16 @@ "description": "Information of storage client received from consumer", "nullable": true, "properties": { + "cephFsPvCount": { + "description": "CephFsPvCount is the number of CephFS PVs on the connected client", + "format": "int32", + "type": "integer" + }, + "cephFsVolumeSnapshotContentCount": { + "description": "CephFsVolumeSnapshotContentCount is the number of CephFS VolumeSnapshotContents on the connected client", + "format": "int32", + "type": "integer" + }, "clientId": { "description": "ID is the k8s UID of connected storageclient", "type": "string" @@ -234227,9 +242620,9 @@ "description": "status is an optional field that defines the observed state of the ClusterExtension.", "properties": { "activeRevisions": { - "description": "activeRevisions holds a list of currently active (non-archived) ClusterExtensionRevisions,\nincluding both installed and rolling out revisions.", + "description": "activeRevisions holds a list of currently active (non-archived) ClusterObjectSets,\nincluding both installed and rolling out revisions.", "items": { - "description": "RevisionStatus defines the observed state of a ClusterExtensionRevision.", + "description": "RevisionStatus defines the observed state of a ClusterObjectSet.", "properties": { "conditions": { "description": "conditions optionally expose Progressing and Available condition of the revision,\nin case when it is not yet marked as successfully installed (condition Succeeded is not set to True).\nGiven that a ClusterExtension should remain available during upgrades, an observer may use these conditions\nto get more insights about reasons for its current state.", @@ -234291,7 +242684,7 @@ "x-kubernetes-list-type": "map" }, "name": { - "description": "name of the ClusterExtensionRevision resource", + "description": "name of the ClusterObjectSet resource", "type": "string" } }, @@ -234307,7 +242700,7 @@ "x-kubernetes-list-type": "map" }, "conditions": { - "description": "conditions represents the current state of the ClusterExtension.\n\nThe set of condition types which apply to all spec.source variations are Installed and Progressing.\n\nThe Installed condition represents whether the bundle has been installed for this ClusterExtension:\n - When Installed is True and the Reason is Succeeded, the bundle has been successfully installed.\n - When Installed is False and the Reason is Failed, the bundle has failed to install.\n\nThe Progressing condition represents whether or not the ClusterExtension is advancing towards a new state.\nWhen Progressing is True and the Reason is Succeeded, the ClusterExtension is making progress towards a new state.\nWhen Progressing is True and the Reason is Retrying, the ClusterExtension has encountered an error that could be resolved on subsequent reconciliation attempts.\nWhen Progressing is False and the Reason is Blocked, the ClusterExtension has encountered an error that requires manual intervention for recovery.\n\nWhen Progressing is True and Reason is RollingOut, the ClusterExtension has one or more ClusterExtensionRevisions in active roll out.\n\nWhen the ClusterExtension is sourced from a catalog, it surfaces deprecation conditions based on catalog metadata.\nThese are indications from a package owner to guide users away from a particular package, channel, or bundle:\n - BundleDeprecated is True if the installed bundle is marked deprecated, False if not deprecated, or Unknown if no bundle is installed yet or if catalog data is unavailable.\n - ChannelDeprecated is True if any requested channel is marked deprecated, False if not deprecated, or Unknown if catalog data is unavailable.\n - PackageDeprecated is True if the requested package is marked deprecated, False if not deprecated, or Unknown if catalog data is unavailable.\n - Deprecated is a rollup condition that is True when any deprecation exists, False when none exist, or Unknown when catalog data is unavailable.", + "description": "conditions represents the current state of the ClusterExtension.\n\nThe set of condition types which apply to all spec.source variations are Installed and Progressing.\n\nThe Installed condition represents whether the bundle has been installed for this ClusterExtension:\n - When Installed is True and the Reason is Succeeded, the bundle has been successfully installed.\n - When Installed is False and the Reason is Failed, the bundle has failed to install.\n\nThe Progressing condition represents whether or not the ClusterExtension is advancing towards a new state.\nWhen Progressing is True and the Reason is Succeeded, the ClusterExtension is making progress towards a new state.\nWhen Progressing is True and the Reason is Retrying, the ClusterExtension has encountered an error that could be resolved on subsequent reconciliation attempts.\nWhen Progressing is False and the Reason is Blocked, the ClusterExtension has encountered an error that requires manual intervention for recovery.\n\nWhen Progressing is True and Reason is RollingOut, the ClusterExtension has one or more ClusterObjectSets in active roll out.\n\nWhen the ClusterExtension is sourced from a catalog, it surfaces deprecation conditions based on catalog metadata.\nThese are indications from a package owner to guide users away from a particular package, channel, or bundle:\n - BundleDeprecated is True if the installed bundle is marked deprecated, False if not deprecated, or Unknown if no bundle is installed yet or if catalog data is unavailable.\n - ChannelDeprecated is True if any requested channel is marked deprecated, False if not deprecated, or Unknown if catalog data is unavailable.\n - PackageDeprecated is True if the requested package is marked deprecated, False if not deprecated, or Unknown if catalog data is unavailable.\n - Deprecated is a rollup condition that is True when any deprecation exists, False when none exist, or Unknown when catalog data is unavailable.", "items": { "description": "Condition contains details for one aspect of the current state of this API Resource.", "properties": { @@ -235277,9 +243670,14 @@ "type": "object" }, "kmsKeyARN": { - "description": "kmsKeyARN sets the cluster default storage class to encrypt volumes with a user-defined KMS key,\nrather than the default KMS key used by AWS.\nThe value may be either the ARN or Alias ARN of a KMS key.", - "pattern": "^arn:(aws|aws-cn|aws-us-gov|aws-iso|aws-iso-b|aws-iso-e|aws-iso-f):kms:[a-z0-9-]+:[0-9]{12}:(key|alias)\\/.*$", - "type": "string" + "description": "kmsKeyARN sets the cluster default storage class to encrypt volumes with a user-defined KMS key,\nrather than the default KMS key used by AWS.\nThe value may be either the ARN or Alias ARN of a KMS key.\n\nThe ARN must follow the format: arn::kms:::(key|alias)/, where:\n is the AWS partition (aws, aws-cn, aws-us-gov, aws-iso, aws-iso-b, aws-iso-e, aws-iso-f, or aws-eusc),\n is the AWS region,\n is a 12-digit numeric identifier for the AWS account,\n is the KMS key ID or alias name.", + "type": "string", + "x-kubernetes-validations": [ + { + "message": "kmsKeyARN must be a valid AWS KMS key ARN in the format: arn::kms:::(key|alias)/", + "rule": "matches(self, '^arn:(aws|aws-cn|aws-us-gov|aws-iso|aws-iso-b|aws-iso-e|aws-iso-f):kms:[a-z0-9-]+:[0-9]{12}:(key|alias)/.*$')" + } + ] } }, "type": "object" @@ -238912,7 +247310,7 @@ "type": "string" }, "operator": { - "description": "Operator represents a key's relationship to the value.\nValid operators are Exists and Equal. Defaults to Equal.\nExists is equivalent to wildcard for value, so that a pod can\ntolerate all taints of a particular category.", + "description": "Operator represents a key's relationship to the value.\nValid operators are Exists, Equal, Lt, and Gt. Defaults to Equal.\nExists is equivalent to wildcard for value, so that a pod can\ntolerate all taints of a particular category.\nLt and Gt perform numeric comparisons (requires feature gate TaintTolerationComparisonOperators).", "type": "string" }, "tolerationSeconds": { @@ -239009,11 +247407,11 @@ "description": "tlsSecurityProfile specifies settings for TLS connections for ingresscontrollers.\n\nIf unset, the default is based on the apiservers.config.openshift.io/cluster resource.\n\nNote that when using the Old, Intermediate, and Modern profile types, the effective\nprofile configuration is subject to change between releases. For example, given\na specification to use the Intermediate profile deployed on release X.Y.Z, an upgrade\nto release X.Y.Z+1 may cause a new profile configuration to be applied to the ingress\ncontroller, resulting in a rollout.", "properties": { "custom": { - "description": "custom is a user-defined TLS security profile. Be extremely careful using a custom\nprofile as invalid configurations can be catastrophic. An example custom profile\nlooks like this:\n\n ciphers:\n\n - ECDHE-ECDSA-CHACHA20-POLY1305\n\n - ECDHE-RSA-CHACHA20-POLY1305\n\n - ECDHE-RSA-AES128-GCM-SHA256\n\n - ECDHE-ECDSA-AES128-GCM-SHA256\n\n minTLSVersion: VersionTLS11", + "description": "custom is a user-defined TLS security profile. Be extremely careful using a custom\nprofile as invalid configurations can be catastrophic. An example custom profile\nlooks like this:\n\n minTLSVersion: VersionTLS11\n ciphers:\n - ECDHE-ECDSA-CHACHA20-POLY1305\n - ECDHE-RSA-CHACHA20-POLY1305\n - ECDHE-RSA-AES128-GCM-SHA256\n - ECDHE-ECDSA-AES128-GCM-SHA256", "nullable": true, "properties": { "ciphers": { - "description": "ciphers is used to specify the cipher algorithms that are negotiated\nduring the TLS handshake. Operators may remove entries their operands\ndo not support. For example, to use DES-CBC3-SHA (yaml):\n\n ciphers:\n - DES-CBC3-SHA", + "description": "ciphers is used to specify the cipher algorithms that are negotiated\nduring the TLS handshake. Operators may remove entries that their operands\ndo not support. For example, to use only ECDHE-RSA-AES128-GCM-SHA256 (yaml):\n\n ciphers:\n - ECDHE-RSA-AES128-GCM-SHA256\n\nTLS 1.3 cipher suites (e.g. TLS_AES_128_GCM_SHA256) are not configurable\nand are always enabled when TLS 1.3 is negotiated.", "items": { "type": "string" }, @@ -239021,7 +247419,7 @@ "x-kubernetes-list-type": "atomic" }, "minTLSVersion": { - "description": "minTLSVersion is used to specify the minimal version of the TLS protocol\nthat is negotiated during the TLS handshake. For example, to use TLS\nversions 1.1, 1.2 and 1.3 (yaml):\n\n minTLSVersion: VersionTLS11\n\nNOTE: currently the highest minTLSVersion allowed is VersionTLS12", + "description": "minTLSVersion is used to specify the minimal version of the TLS protocol\nthat is negotiated during the TLS handshake. For example, to use TLS\nversions 1.1, 1.2 and 1.3 (yaml):\n\n minTLSVersion: VersionTLS11", "enum": [ "VersionTLS10", "VersionTLS11", @@ -239034,22 +247432,22 @@ "type": "object" }, "intermediate": { - "description": "intermediate is a TLS security profile based on:\n\nhttps://wiki.mozilla.org/Security/Server_Side_TLS#Intermediate_compatibility_.28recommended.29\n\nand looks like this (yaml):\n\n ciphers:\n\n - TLS_AES_128_GCM_SHA256\n\n - TLS_AES_256_GCM_SHA384\n\n - TLS_CHACHA20_POLY1305_SHA256\n\n - ECDHE-ECDSA-AES128-GCM-SHA256\n\n - ECDHE-RSA-AES128-GCM-SHA256\n\n - ECDHE-ECDSA-AES256-GCM-SHA384\n\n - ECDHE-RSA-AES256-GCM-SHA384\n\n - ECDHE-ECDSA-CHACHA20-POLY1305\n\n - ECDHE-RSA-CHACHA20-POLY1305\n\n - DHE-RSA-AES128-GCM-SHA256\n\n - DHE-RSA-AES256-GCM-SHA384\n\n minTLSVersion: VersionTLS12", + "description": "intermediate is a TLS profile for use when you do not need compatibility with\nlegacy clients and want to remain highly secure while being compatible with\nmost clients currently in use.\n\nThis profile is equivalent to a Custom profile specified as:\n minTLSVersion: VersionTLS12\n ciphers:\n - TLS_AES_128_GCM_SHA256\n - TLS_AES_256_GCM_SHA384\n - TLS_CHACHA20_POLY1305_SHA256\n - ECDHE-ECDSA-AES128-GCM-SHA256\n - ECDHE-RSA-AES128-GCM-SHA256\n - ECDHE-ECDSA-AES256-GCM-SHA384\n - ECDHE-RSA-AES256-GCM-SHA384\n - ECDHE-ECDSA-CHACHA20-POLY1305\n - ECDHE-RSA-CHACHA20-POLY1305", "nullable": true, "type": "object" }, "modern": { - "description": "modern is a TLS security profile based on:\n\nhttps://wiki.mozilla.org/Security/Server_Side_TLS#Modern_compatibility\n\nand looks like this (yaml):\n\n ciphers:\n\n - TLS_AES_128_GCM_SHA256\n\n - TLS_AES_256_GCM_SHA384\n\n - TLS_CHACHA20_POLY1305_SHA256\n\n minTLSVersion: VersionTLS13", + "description": "modern is a TLS security profile for use with clients that support TLS 1.3 and\ndo not need backward compatibility for older clients.\n\nThis profile is equivalent to a Custom profile specified as:\n minTLSVersion: VersionTLS13\n ciphers:\n - TLS_AES_128_GCM_SHA256\n - TLS_AES_256_GCM_SHA384\n - TLS_CHACHA20_POLY1305_SHA256", "nullable": true, "type": "object" }, "old": { - "description": "old is a TLS security profile based on:\n\nhttps://wiki.mozilla.org/Security/Server_Side_TLS#Old_backward_compatibility\n\nand looks like this (yaml):\n\n ciphers:\n\n - TLS_AES_128_GCM_SHA256\n\n - TLS_AES_256_GCM_SHA384\n\n - TLS_CHACHA20_POLY1305_SHA256\n\n - ECDHE-ECDSA-AES128-GCM-SHA256\n\n - ECDHE-RSA-AES128-GCM-SHA256\n\n - ECDHE-ECDSA-AES256-GCM-SHA384\n\n - ECDHE-RSA-AES256-GCM-SHA384\n\n - ECDHE-ECDSA-CHACHA20-POLY1305\n\n - ECDHE-RSA-CHACHA20-POLY1305\n\n - DHE-RSA-AES128-GCM-SHA256\n\n - DHE-RSA-AES256-GCM-SHA384\n\n - DHE-RSA-CHACHA20-POLY1305\n\n - ECDHE-ECDSA-AES128-SHA256\n\n - ECDHE-RSA-AES128-SHA256\n\n - ECDHE-ECDSA-AES128-SHA\n\n - ECDHE-RSA-AES128-SHA\n\n - ECDHE-ECDSA-AES256-SHA384\n\n - ECDHE-RSA-AES256-SHA384\n\n - ECDHE-ECDSA-AES256-SHA\n\n - ECDHE-RSA-AES256-SHA\n\n - DHE-RSA-AES128-SHA256\n\n - DHE-RSA-AES256-SHA256\n\n - AES128-GCM-SHA256\n\n - AES256-GCM-SHA384\n\n - AES128-SHA256\n\n - AES256-SHA256\n\n - AES128-SHA\n\n - AES256-SHA\n\n - DES-CBC3-SHA\n\n minTLSVersion: VersionTLS10", + "description": "old is a TLS profile for use when services need to be accessed by very old\nclients or libraries and should be used only as a last resort.\n\nThis profile is equivalent to a Custom profile specified as:\n minTLSVersion: VersionTLS10\n ciphers:\n - TLS_AES_128_GCM_SHA256\n - TLS_AES_256_GCM_SHA384\n - TLS_CHACHA20_POLY1305_SHA256\n - ECDHE-ECDSA-AES128-GCM-SHA256\n - ECDHE-RSA-AES128-GCM-SHA256\n - ECDHE-ECDSA-AES256-GCM-SHA384\n - ECDHE-RSA-AES256-GCM-SHA384\n - ECDHE-ECDSA-CHACHA20-POLY1305\n - ECDHE-RSA-CHACHA20-POLY1305\n - ECDHE-ECDSA-AES128-SHA256\n - ECDHE-RSA-AES128-SHA256\n - ECDHE-ECDSA-AES128-SHA\n - ECDHE-RSA-AES128-SHA\n - ECDHE-ECDSA-AES256-SHA\n - ECDHE-RSA-AES256-SHA\n - AES128-GCM-SHA256\n - AES256-GCM-SHA384\n - AES128-SHA256\n - AES128-SHA\n - AES256-SHA\n - DES-CBC3-SHA", "nullable": true, "type": "object" }, "type": { - "description": "type is one of Old, Intermediate, Modern or Custom. Custom provides\nthe ability to specify individual TLS security profile parameters.\nOld, Intermediate and Modern are TLS security profiles based on:\n\nhttps://wiki.mozilla.org/Security/Server_Side_TLS#Recommended_configurations\n\nThe profiles are intent based, so they may change over time as new ciphers are developed and existing ciphers\nare found to be insecure. Depending on precisely which ciphers are available to a process, the list may be\nreduced.\n\nNote that the Modern profile is currently not supported because it is not\nyet well adopted by common software libraries.", + "description": "type is one of Old, Intermediate, Modern or Custom. Custom provides the\nability to specify individual TLS security profile parameters.\n\nThe profiles are based on version 5.7 of the Mozilla Server Side TLS\nconfiguration guidelines. The cipher lists consist of the configuration's\n\"ciphersuites\" followed by the Go-specific \"ciphers\" from the guidelines.\nSee: https://ssl-config.mozilla.org/guidelines/5.7.json\n\nThe profiles are intent based, so they may change over time as new ciphers are\ndeveloped and existing ciphers are found to be insecure. Depending on\nprecisely which ciphers are available to a process, the list may be reduced.", "enum": [ "Old", "Intermediate", @@ -239758,7 +248156,7 @@ "description": "tlsProfile is the TLS connection configuration that is in effect.", "properties": { "ciphers": { - "description": "ciphers is used to specify the cipher algorithms that are negotiated\nduring the TLS handshake. Operators may remove entries their operands\ndo not support. For example, to use DES-CBC3-SHA (yaml):\n\n ciphers:\n - DES-CBC3-SHA", + "description": "ciphers is used to specify the cipher algorithms that are negotiated\nduring the TLS handshake. Operators may remove entries that their operands\ndo not support. For example, to use only ECDHE-RSA-AES128-GCM-SHA256 (yaml):\n\n ciphers:\n - ECDHE-RSA-AES128-GCM-SHA256\n\nTLS 1.3 cipher suites (e.g. TLS_AES_128_GCM_SHA256) are not configurable\nand are always enabled when TLS 1.3 is negotiated.", "items": { "type": "string" }, @@ -239766,7 +248164,7 @@ "x-kubernetes-list-type": "atomic" }, "minTLSVersion": { - "description": "minTLSVersion is used to specify the minimal version of the TLS protocol\nthat is negotiated during the TLS handshake. For example, to use TLS\nversions 1.1, 1.2 and 1.3 (yaml):\n\n minTLSVersion: VersionTLS11\n\nNOTE: currently the highest minTLSVersion allowed is VersionTLS12", + "description": "minTLSVersion is used to specify the minimal version of the TLS protocol\nthat is negotiated during the TLS handshake. For example, to use TLS\nversions 1.1, 1.2 and 1.3 (yaml):\n\n minTLSVersion: VersionTLS11", "enum": [ "VersionTLS10", "VersionTLS11", @@ -240210,6 +248608,13 @@ "spec": { "description": "spec is the specification of the desired behavior of the Kubernetes API Server", "properties": { + "eventTTLMinutes": { + "description": "eventTTLMinutes specifies the amount of time that the events are stored before being deleted.\nThe TTL is allowed between 5 minutes minimum up to a maximum of 180 minutes (3 hours).\n\nLowering this value will reduce the storage required in etcd. Note that this setting will only apply\nto new events being created and will not update existing events.\n\nWhen omitted this means no opinion, and the platform is left to choose a reasonable default, which is subject to change over time.\nThe current default value is 3h (180 minutes).", + "format": "int32", + "maximum": 180, + "minimum": 5, + "type": "integer" + }, "failedRevisionLimit": { "description": "failedRevisionLimit is the number of failed static pod installer revisions to keep on disk and in the api\n-1 = unlimited, 0 or unset = 5 (default)", "format": "int32", @@ -243659,13 +252064,13 @@ }, "type": "object", "x-kubernetes-validations": [ - { - "message": "Route advertisements cannot be Enabled if 'FRR' routing capability provider is not available", - "rule": "(has(self.additionalRoutingCapabilities) && ('FRR' in self.additionalRoutingCapabilities.providers)) || !has(self.defaultNetwork) || !has(self.defaultNetwork.ovnKubernetesConfig) || !has(self.defaultNetwork.ovnKubernetesConfig.routeAdvertisements) || self.defaultNetwork.ovnKubernetesConfig.routeAdvertisements != 'Enabled'" - }, { "message": "invalid value for IPForwarding, valid values are 'Restricted' or 'Global'", "rule": "!has(self.defaultNetwork) || !has(self.defaultNetwork.ovnKubernetesConfig) || !has(self.defaultNetwork.ovnKubernetesConfig.gatewayConfig) || !has(self.defaultNetwork.ovnKubernetesConfig.gatewayConfig.ipForwarding) || self.defaultNetwork.ovnKubernetesConfig.gatewayConfig.ipForwarding == oldSelf.defaultNetwork.ovnKubernetesConfig.gatewayConfig.ipForwarding || self.defaultNetwork.ovnKubernetesConfig.gatewayConfig.ipForwarding == 'Restricted' || self.defaultNetwork.ovnKubernetesConfig.gatewayConfig.ipForwarding == 'Global'" + }, + { + "message": "Route advertisements cannot be Enabled if 'FRR' routing capability provider is not available", + "rule": "(has(self.additionalRoutingCapabilities) && ('FRR' in self.additionalRoutingCapabilities.providers)) || !has(self.defaultNetwork) || !has(self.defaultNetwork.ovnKubernetesConfig) || !has(self.defaultNetwork.ovnKubernetesConfig.routeAdvertisements) || self.defaultNetwork.ovnKubernetesConfig.routeAdvertisements != 'Enabled'" } ] }, @@ -265637,7 +274042,7 @@ "type": "integer" }, "guestAgentPing": { - "description": "GuestAgentPing contacts the qemu-guest-agent for availability checks.", + "description": "GuestAgentPing contacts the qemu-guest-agent for availability checks.\nProbe failures are automatically suppressed when the guest agent is\nunreachable for a non-fault reason: during live migration (guest paused\non one pod while memory is transferred) and whenever the VM is paused\nfor an intentional or transient reason such as a user pause, snapshot,\nsave, or dump. Failures are not suppressed when the VM is paused due to\na fault (IO error, crash, or postcopy failure).", "type": "object" }, "httpGet": { @@ -265827,7 +274232,7 @@ "type": "integer" }, "guestAgentPing": { - "description": "GuestAgentPing contacts the qemu-guest-agent for availability checks.", + "description": "GuestAgentPing contacts the qemu-guest-agent for availability checks.\nProbe failures are automatically suppressed when the guest agent is\nunreachable for a non-fault reason: during live migration (guest paused\non one pod while memory is transferred) and whenever the VM is paused\nfor an intentional or transient reason such as a user pause, snapshot,\nsave, or dump. Failures are not suppressed when the VM is paused due to\na fault (IO error, crash, or postcopy failure).", "type": "object" }, "httpGet": { @@ -270111,7 +278516,7 @@ "type": "integer" }, "guestAgentPing": { - "description": "GuestAgentPing contacts the qemu-guest-agent for availability checks.", + "description": "GuestAgentPing contacts the qemu-guest-agent for availability checks.\nProbe failures are automatically suppressed when the guest agent is\nunreachable for a non-fault reason: during live migration (guest paused\non one pod while memory is transferred) and whenever the VM is paused\nfor an intentional or transient reason such as a user pause, snapshot,\nsave, or dump. Failures are not suppressed when the VM is paused due to\na fault (IO error, crash, or postcopy failure).", "type": "object" }, "httpGet": { @@ -270301,7 +278706,7 @@ "type": "integer" }, "guestAgentPing": { - "description": "GuestAgentPing contacts the qemu-guest-agent for availability checks.", + "description": "GuestAgentPing contacts the qemu-guest-agent for availability checks.\nProbe failures are automatically suppressed when the guest agent is\nunreachable for a non-fault reason: during live migration (guest paused\non one pod while memory is transferred) and whenever the VM is paused\nfor an intentional or transient reason such as a user pause, snapshot,\nsave, or dump. Failures are not suppressed when the VM is paused due to\na fault (IO error, crash, or postcopy failure).", "type": "object" }, "httpGet": { @@ -286263,7 +294668,7 @@ } ], "default": {}, - "description": "Spec defines the behavior of the Namespace." + "description": "spec defines the behavior of the Namespace." }, "status": { "allOf": [ @@ -286272,7 +294677,7 @@ } ], "default": {}, - "description": "Status describes the current status of a Namespace" + "description": "status describes the current status of a Namespace" } }, "required": [], @@ -286294,7 +294699,7 @@ "type": "string" }, "items": { - "description": "Items is the list of projects", + "description": "items is the list of projects", "items": { "allOf": [ { @@ -286340,11 +294745,11 @@ "type": "string" }, "description": { - "description": "Description is the description to apply to a project", + "description": "description is the description to apply to a project", "type": "string" }, "displayName": { - "description": "DisplayName is the display name to apply to a project", + "description": "displayName is the display name to apply to a project", "type": "string" }, "kind": { @@ -286399,7 +294804,7 @@ } ], "default": {}, - "description": "Spec defines the desired quota" + "description": "spec defines the desired quota" }, "status": { "allOf": [ @@ -286408,7 +294813,7 @@ } ], "default": {}, - "description": "Status defines the actual enforced quota and its current usage" + "description": "status defines the actual enforced quota and its current usage" } }, "required": [ @@ -286433,7 +294838,7 @@ "type": "string" }, "items": { - "description": "Items is a list of AppliedClusterResourceQuota", + "description": "items is a list of AppliedClusterResourceQuota", "items": { "allOf": [ { @@ -289332,7 +297737,7 @@ ] }, "samples.operator.openshift.io/v1/Config": { - "description": "Config contains the configuration and detailed condition status for the Samples Operator. \n Compatibility level 1: Stable within a major release for a minimum of 12 months or 3 minor releases (whichever is longer).", + "description": "Config contains the configuration and detailed condition status for the Samples Operator.\n\nCompatibility level 1: Stable within a major release for a minimum of 12 months or 3 minor releases (whichever is longer).", "namespaced": false, "properties": { "apiVersion": { @@ -289352,33 +297757,51 @@ "description": "Standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata" }, "spec": { - "description": "ConfigSpec contains the desired configuration and state for the Samples Operator, controlling various behavior around the imagestreams and templates it creates/updates in the openshift namespace.", + "description": "ConfigSpec contains the desired configuration and state for the Samples Operator, controlling\nvarious behavior around the imagestreams and templates it creates/updates in the\nopenshift namespace.", "properties": { "architectures": { - "description": "architectures determine which hardware architecture(s) to install, where x86_64, ppc64le, and s390x are the only supported choices currently.", + "description": "architectures determine which hardware architecture(s) to install, where x86_64, ppc64le, and s390x are the only\nsupported choices currently.", "items": { "type": "string" }, "type": "array" }, "managementState": { - "description": "managementState is top level on/off type of switch for all operators. When \"Managed\", this operator processes config and manipulates the samples accordingly. When \"Unmanaged\", this operator ignores any updates to the resources it watches. When \"Removed\", it reacts that same wasy as it does if the Config object is deleted, meaning any ImageStreams or Templates it manages (i.e. it honors the skipped lists) and the registry secret are deleted, along with the ConfigMap in the operator's namespace that represents the last config used to manipulate the samples,", + "description": "managementState is top level on/off type of switch for all operators.\nWhen \"Managed\", this operator processes config and manipulates the samples accordingly.\nWhen \"Unmanaged\", this operator ignores any updates to the resources it watches.\nWhen \"Removed\", it reacts that same wasy as it does if the Config object\nis deleted, meaning any ImageStreams or Templates it manages (i.e. it honors the skipped\nlists) and the registry secret are deleted, along with the ConfigMap in the operator's\nnamespace that represents the last config used to manipulate the samples,", "pattern": "^(Managed|Unmanaged|Force|Removed)$", "type": "string" }, "samplesRegistry": { - "description": "samplesRegistry allows for the specification of which registry is accessed by the ImageStreams for their image content. Defaults on the content in https://github.com/openshift/library that are pulled into this github repository, but based on our pulling only ocp content it typically defaults to registry.redhat.io.", + "description": "samplesRegistry allows for the specification of which registry is accessed\nby the ImageStreams for their image content. Defaults on the content in https://github.com/openshift/library\nthat are pulled into this github repository, but based on our pulling only ocp content it typically\ndefaults to registry.redhat.io.", "type": "string" }, + "skippedHelmCharts": { + "description": "skippedHelmCharts specifies names of helm charts that should NOT be\nmanaged. Admins can use this to allow them to delete content\nthey don\u2019t want. They will still have to MANUALLY DELETE the\ncontent but the operator will not recreate(or update) anything\nlisted here. Few examples of the name of helmcharts which can be skipped are\n'redhat-redhat-perl-imagestreams','redhat-redhat-nodejs-imagestreams','redhat-nginx-imagestreams',\n'redhat-redhat-ruby-imagestreams','redhat-redhat-python-imagestreams','redhat-redhat-php-imagestreams',\n'redhat-httpd-imagestreams','redhat-redhat-dotnet-imagestreams'. Rest of the names can be obtained from\nopenshift console --> helmcharts -->installed helmcharts. This will display the list of all the\n12 helmcharts(of imagestreams)being installed by Samples Operator. The skippedHelmCharts must be a\nvalid Kubernetes resource name. May contain only lowercase alphanumeric characters, hyphens and periods,\nand each period separated segment must begin and end with an alphanumeric character. It must be non-empty\nand at most 253 characters in length", + "items": { + "description": "HelmChartName is a string alias that is used to represent the name of a helm chart.", + "maxLength": 253, + "minLength": 1, + "type": "string" + }, + "maxItems": 16, + "type": "array", + "x-kubernetes-list-type": "set", + "x-kubernetes-validations": [ + { + "message": "skippedHelmCharts must be a valid Kubernetes resource name. May contain only lowercase alphanumeric characters, hyphens and periods, and each period separated segment must begin and end with an alphanumeric character", + "rule": "self.all(x, x.matches('^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\\\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$'))" + } + ] + }, "skippedImagestreams": { - "description": "skippedImagestreams specifies names of image streams that should NOT be created/updated. Admins can use this to allow them to delete content they don\u2019t want. They will still have to manually delete the content but the operator will not recreate(or update) anything listed here.", + "description": "skippedImagestreams specifies names of image streams that should NOT be\ncreated/updated. Admins can use this to allow them to delete content\nthey don\u2019t want. They will still have to manually delete the\ncontent but the operator will not recreate(or update) anything\nlisted here.", "items": { "type": "string" }, "type": "array" }, "skippedTemplates": { - "description": "skippedTemplates specifies names of templates that should NOT be created/updated. Admins can use this to allow them to delete content they don\u2019t want. They will still have to manually delete the content but the operator will not recreate(or update) anything listed here.", + "description": "skippedTemplates specifies names of templates that should NOT be\ncreated/updated. Admins can use this to allow them to delete content\nthey don\u2019t want. They will still have to manually delete the\ncontent but the operator will not recreate(or update) anything\nlisted here.", "items": { "type": "string" }, @@ -289388,19 +297811,19 @@ "type": "object" }, "status": { - "description": "ConfigStatus contains the actual configuration in effect, as well as various details that describe the state of the Samples Operator.", + "description": "ConfigStatus contains the actual configuration in effect, as well as various details\nthat describe the state of the Samples Operator.", "properties": { "architectures": { - "description": "architectures determine which hardware architecture(s) to install, where x86_64 and ppc64le are the supported choices.", + "description": "architectures determine which hardware architecture(s) to install, where x86_64 and ppc64le are the\nsupported choices.", "items": { "type": "string" }, "type": "array" }, "conditions": { - "description": "conditions represents the available maintenance status of the sample imagestreams and templates.", + "description": "conditions represents the available maintenance status of the sample\nimagestreams and templates.", "items": { - "description": "ConfigCondition captures various conditions of the Config as entries are processed.", + "description": "ConfigCondition captures various conditions of the Config\nas entries are processed.", "properties": { "lastTransitionTime": { "description": "lastTransitionTime is the last time the condition transitioned from one status to another.", @@ -289438,23 +297861,23 @@ "type": "array" }, "managementState": { - "description": "managementState reflects the current operational status of the on/off switch for the operator. This operator compares the ManagementState as part of determining that we are turning the operator back on (i.e. \"Managed\") when it was previously \"Unmanaged\".", + "description": "managementState reflects the current operational status of the on/off switch for\nthe operator. This operator compares the ManagementState as part of determining that we are turning\nthe operator back on (i.e. \"Managed\") when it was previously \"Unmanaged\".", "pattern": "^(Managed|Unmanaged|Force|Removed)$", "type": "string" }, "samplesRegistry": { - "description": "samplesRegistry allows for the specification of which registry is accessed by the ImageStreams for their image content. Defaults on the content in https://github.com/openshift/library that are pulled into this github repository, but based on our pulling only ocp content it typically defaults to registry.redhat.io.", + "description": "samplesRegistry allows for the specification of which registry is accessed\nby the ImageStreams for their image content. Defaults on the content in https://github.com/openshift/library\nthat are pulled into this github repository, but based on our pulling only ocp content it typically\ndefaults to registry.redhat.io.", "type": "string" }, "skippedImagestreams": { - "description": "skippedImagestreams specifies names of image streams that should NOT be created/updated. Admins can use this to allow them to delete content they don\u2019t want. They will still have to manually delete the content but the operator will not recreate(or update) anything listed here.", + "description": "skippedImagestreams specifies names of image streams that should NOT be\ncreated/updated. Admins can use this to allow them to delete content\nthey don\u2019t want. They will still have to manually delete the\ncontent but the operator will not recreate(or update) anything\nlisted here.", "items": { "type": "string" }, "type": "array" }, "skippedTemplates": { - "description": "skippedTemplates specifies names of templates that should NOT be created/updated. Admins can use this to allow them to delete content they don\u2019t want. They will still have to manually delete the content but the operator will not recreate(or update) anything listed here.", + "description": "skippedTemplates specifies names of templates that should NOT be\ncreated/updated. Admins can use this to allow them to delete content\nthey don\u2019t want. They will still have to manually delete the\ncontent but the operator will not recreate(or update) anything\nlisted here.", "items": { "type": "string" }, @@ -289714,6 +298137,15 @@ "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", "type": "string" }, + "metadata": { + "allOf": [ + { + "$ref": "#/components/schemas/io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta" + } + ], + "default": {}, + "description": "metadata is the standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata" + }, "spec": { "allOf": [ { @@ -289757,6 +298189,15 @@ "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", "type": "string" }, + "metadata": { + "allOf": [ + { + "$ref": "#/components/schemas/io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta" + } + ], + "default": {}, + "description": "metadata is the standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata" + }, "spec": { "allOf": [ { @@ -289800,6 +298241,15 @@ "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", "type": "string" }, + "metadata": { + "allOf": [ + { + "$ref": "#/components/schemas/io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta" + } + ], + "default": {}, + "description": "metadata is the standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata" + }, "spec": { "allOf": [ { @@ -293740,7 +302190,7 @@ "type": "integer" }, "guestAgentPing": { - "description": "GuestAgentPing contacts the qemu-guest-agent for availability checks.", + "description": "GuestAgentPing contacts the qemu-guest-agent for availability checks.\nProbe failures are automatically suppressed when the guest agent is\nunreachable for a non-fault reason: during live migration (guest paused\non one pod while memory is transferred) and whenever the VM is paused\nfor an intentional or transient reason such as a user pause, snapshot,\nsave, or dump. Failures are not suppressed when the VM is paused due to\na fault (IO error, crash, or postcopy failure).", "type": "object" }, "httpGet": { @@ -293930,7 +302380,7 @@ "type": "integer" }, "guestAgentPing": { - "description": "GuestAgentPing contacts the qemu-guest-agent for availability checks.", + "description": "GuestAgentPing contacts the qemu-guest-agent for availability checks.\nProbe failures are automatically suppressed when the guest agent is\nunreachable for a non-fault reason: during live migration (guest paused\non one pod while memory is transferred) and whenever the VM is paused\nfor an intentional or transient reason such as a user pause, snapshot,\nsave, or dump. Failures are not suppressed when the VM is paused due to\na fault (IO error, crash, or postcopy failure).", "type": "object" }, "httpGet": { @@ -299280,7 +307730,7 @@ "type": "integer" }, "guestAgentPing": { - "description": "GuestAgentPing contacts the qemu-guest-agent for availability checks.", + "description": "GuestAgentPing contacts the qemu-guest-agent for availability checks.\nProbe failures are automatically suppressed when the guest agent is\nunreachable for a non-fault reason: during live migration (guest paused\non one pod while memory is transferred) and whenever the VM is paused\nfor an intentional or transient reason such as a user pause, snapshot,\nsave, or dump. Failures are not suppressed when the VM is paused due to\na fault (IO error, crash, or postcopy failure).", "type": "object" }, "httpGet": { @@ -299470,7 +307920,7 @@ "type": "integer" }, "guestAgentPing": { - "description": "GuestAgentPing contacts the qemu-guest-agent for availability checks.", + "description": "GuestAgentPing contacts the qemu-guest-agent for availability checks.\nProbe failures are automatically suppressed when the guest agent is\nunreachable for a non-fault reason: during live migration (guest paused\non one pod while memory is transferred) and whenever the VM is paused\nfor an intentional or transient reason such as a user pause, snapshot,\nsave, or dump. Failures are not suppressed when the VM is paused due to\na fault (IO error, crash, or postcopy failure).", "type": "object" }, "httpGet": { @@ -305434,105 +313884,1220 @@ "tlsSecurityProfile": { "description": "TLSSecurityProfile is a configuration for the TLS.", "properties": { - "custom": { - "description": "custom is a user-defined TLS security profile. Be extremely careful using a custom\nprofile as invalid configurations can be catastrophic. An example custom profile\nlooks like this:\n\n ciphers:\n\n - ECDHE-ECDSA-CHACHA20-POLY1305\n\n - ECDHE-RSA-CHACHA20-POLY1305\n\n - ECDHE-RSA-AES128-GCM-SHA256\n\n - ECDHE-ECDSA-AES128-GCM-SHA256\n\n minTLSVersion: VersionTLS11", - "nullable": true, + "custom": { + "description": "custom is a user-defined TLS security profile. Be extremely careful using a custom\nprofile as invalid configurations can be catastrophic. An example custom profile\nlooks like this:\n\n ciphers:\n\n - ECDHE-ECDSA-CHACHA20-POLY1305\n\n - ECDHE-RSA-CHACHA20-POLY1305\n\n - ECDHE-RSA-AES128-GCM-SHA256\n\n - ECDHE-ECDSA-AES128-GCM-SHA256\n\n minTLSVersion: VersionTLS11", + "nullable": true, + "properties": { + "ciphers": { + "description": "ciphers is used to specify the cipher algorithms that are negotiated\nduring the TLS handshake. Operators may remove entries their operands\ndo not support. For example, to use DES-CBC3-SHA (yaml):\n\n ciphers:\n - DES-CBC3-SHA", + "items": { + "type": "string" + }, + "type": "array", + "x-kubernetes-list-type": "atomic" + }, + "minTLSVersion": { + "description": "minTLSVersion is used to specify the minimal version of the TLS protocol\nthat is negotiated during the TLS handshake. For example, to use TLS\nversions 1.1, 1.2 and 1.3 (yaml):\n\n minTLSVersion: VersionTLS11\n\nNOTE: currently the highest minTLSVersion allowed is VersionTLS12", + "enum": [ + "VersionTLS10", + "VersionTLS11", + "VersionTLS12", + "VersionTLS13" + ], + "type": "string" + } + }, + "type": "object" + }, + "intermediate": { + "description": "intermediate is a TLS security profile based on:\n\nhttps://wiki.mozilla.org/Security/Server_Side_TLS#Intermediate_compatibility_.28recommended.29\n\nand looks like this (yaml):\n\n ciphers:\n\n - TLS_AES_128_GCM_SHA256\n\n - TLS_AES_256_GCM_SHA384\n\n - TLS_CHACHA20_POLY1305_SHA256\n\n - ECDHE-ECDSA-AES128-GCM-SHA256\n\n - ECDHE-RSA-AES128-GCM-SHA256\n\n - ECDHE-ECDSA-AES256-GCM-SHA384\n\n - ECDHE-RSA-AES256-GCM-SHA384\n\n - ECDHE-ECDSA-CHACHA20-POLY1305\n\n - ECDHE-RSA-CHACHA20-POLY1305\n\n - DHE-RSA-AES128-GCM-SHA256\n\n - DHE-RSA-AES256-GCM-SHA384\n\n minTLSVersion: VersionTLS12", + "nullable": true, + "type": "object" + }, + "modern": { + "description": "modern is a TLS security profile based on:\n\nhttps://wiki.mozilla.org/Security/Server_Side_TLS#Modern_compatibility\n\nand looks like this (yaml):\n\n ciphers:\n\n - TLS_AES_128_GCM_SHA256\n\n - TLS_AES_256_GCM_SHA384\n\n - TLS_CHACHA20_POLY1305_SHA256\n\n minTLSVersion: VersionTLS13", + "nullable": true, + "type": "object" + }, + "old": { + "description": "old is a TLS security profile based on:\n\nhttps://wiki.mozilla.org/Security/Server_Side_TLS#Old_backward_compatibility\n\nand looks like this (yaml):\n\n ciphers:\n\n - TLS_AES_128_GCM_SHA256\n\n - TLS_AES_256_GCM_SHA384\n\n - TLS_CHACHA20_POLY1305_SHA256\n\n - ECDHE-ECDSA-AES128-GCM-SHA256\n\n - ECDHE-RSA-AES128-GCM-SHA256\n\n - ECDHE-ECDSA-AES256-GCM-SHA384\n\n - ECDHE-RSA-AES256-GCM-SHA384\n\n - ECDHE-ECDSA-CHACHA20-POLY1305\n\n - ECDHE-RSA-CHACHA20-POLY1305\n\n - DHE-RSA-AES128-GCM-SHA256\n\n - DHE-RSA-AES256-GCM-SHA384\n\n - DHE-RSA-CHACHA20-POLY1305\n\n - ECDHE-ECDSA-AES128-SHA256\n\n - ECDHE-RSA-AES128-SHA256\n\n - ECDHE-ECDSA-AES128-SHA\n\n - ECDHE-RSA-AES128-SHA\n\n - ECDHE-ECDSA-AES256-SHA384\n\n - ECDHE-RSA-AES256-SHA384\n\n - ECDHE-ECDSA-AES256-SHA\n\n - ECDHE-RSA-AES256-SHA\n\n - DHE-RSA-AES128-SHA256\n\n - DHE-RSA-AES256-SHA256\n\n - AES128-GCM-SHA256\n\n - AES256-GCM-SHA384\n\n - AES128-SHA256\n\n - AES256-SHA256\n\n - AES128-SHA\n\n - AES256-SHA\n\n - DES-CBC3-SHA\n\n minTLSVersion: VersionTLS10", + "nullable": true, + "type": "object" + }, + "type": { + "description": "type is one of Old, Intermediate, Modern or Custom. Custom provides\nthe ability to specify individual TLS security profile parameters.\nOld, Intermediate and Modern are TLS security profiles based on:\n\nhttps://wiki.mozilla.org/Security/Server_Side_TLS#Recommended_configurations\n\nThe profiles are intent based, so they may change over time as new ciphers are developed and existing ciphers\nare found to be insecure. Depending on precisely which ciphers are available to a process, the list may be\nreduced.\n\nNote that the Modern profile is currently not supported because it is not\nyet well adopted by common software libraries.", + "enum": [ + "Old", + "Intermediate", + "Modern", + "Custom" + ], + "type": "string" + } + }, + "type": "object" + }, + "tokenGenerationService": { + "description": "TokenGenerationService configures the service for generating tokens to access VNC for a VM.", + "properties": { + "enabled": { + "type": "boolean" + } + }, + "type": "object" + } + }, + "required": [ + "commonTemplates" + ], + "type": "object" + }, + "status": { + "description": "SSPStatus defines the observed state of SSP", + "properties": { + "conditions": { + "description": "A list of current conditions of the resource", + "items": { + "description": "Condition represents the state of the operator's\nreconciliation functionality.", + "properties": { + "lastHeartbeatTime": { + "format": "date-time", + "type": "string" + }, + "lastTransitionTime": { + "format": "date-time", + "type": "string" + }, + "message": { + "type": "string" + }, + "reason": { + "type": "string" + }, + "status": { + "type": "string" + }, + "type": { + "description": "ConditionType is the state of the operator's reconciliation functionality.", + "type": "string" + } + }, + "required": [ + "status", + "type" + ], + "type": "object" + }, + "type": "array" + }, + "observedGeneration": { + "description": "ObservedGeneration is the latest generation observed by the operator.", + "format": "int64", + "type": "integer" + }, + "observedVersion": { + "description": "The observed version of the resource", + "type": "string" + }, + "operatorVersion": { + "description": "The version of the resource as defined by the operator", + "type": "string" + }, + "paused": { + "description": "Paused is true when the operator notices paused annotation.", + "type": "boolean" + }, + "phase": { + "description": "Phase is the current phase of the deployment", + "type": "string" + }, + "targetVersion": { + "description": "The desired version of the resource", + "type": "string" + } + }, + "type": "object" + } + }, + "required": [], + "type": "object", + "x-kubernetes-group-version-kind": [ + { + "group": "ssp.kubevirt.io", + "kind": "SSP", + "version": "v1beta3" + } + ] + }, + "ssp.kubevirt.io/v1beta3/SSPList": { + "description": "SSPList is a list of SSP", + "namespaced": true, + "properties": { + "apiVersion": { + "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources", + "type": "string" + }, + "items": { + "description": "List of ssps. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md", + "items": { + "$ref": "#/components/schemas/io.kubevirt.ssp.v1beta3.SSP" + }, + "type": "array" + }, + "kind": { + "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", + "type": "string" + }, + "metadata": { + "allOf": [ + { + "$ref": "#/components/schemas/io.k8s.apimachinery.pkg.apis.meta.v1.ListMeta" + } + ], + "description": "Standard list metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + } + }, + "required": [ + "items" + ], + "type": "object", + "x-kubernetes-group-version-kind": [ + { + "group": "ssp.kubevirt.io", + "kind": "SSPList", + "version": "v1beta3" + } + ] + }, + "storage.k8s.io/v1/CSIDriver": { + "description": "CSIDriver captures information about a Container Storage Interface (CSI) volume driver deployed on the cluster. Kubernetes attach detach controller uses this object to determine whether attach is required. Kubelet uses this object to determine whether pod information needs to be passed on mount. CSIDriver objects are non-namespaced.", + "namespaced": false, + "properties": { + "apiVersion": { + "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources", + "type": "string" + }, + "kind": { + "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", + "type": "string" + }, + "metadata": { + "allOf": [ + { + "$ref": "#/components/schemas/io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta" + } + ], + "default": {}, + "description": "Standard object metadata. metadata.Name indicates the name of the CSI driver that this object refers to; it MUST be the same name returned by the CSI GetPluginName() call for that driver. The driver name must be 63 characters or less, beginning and ending with an alphanumeric character ([a-z0-9A-Z]) with dashes (-), dots (.), and alphanumerics between. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata" + }, + "spec": { + "allOf": [ + { + "$ref": "#/components/schemas/io.k8s.api.storage.v1.CSIDriverSpec" + } + ], + "default": {}, + "description": "spec represents the specification of the CSI Driver." + } + }, + "required": [ + "spec" + ], + "type": "object", + "x-kubernetes-group-version-kind": [ + { + "group": "storage.k8s.io", + "kind": "CSIDriver", + "version": "v1" + } + ] + }, + "storage.k8s.io/v1/CSIDriverList": { + "description": "CSIDriverList is a collection of CSIDriver objects.", + "namespaced": true, + "properties": { + "apiVersion": { + "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources", + "type": "string" + }, + "items": { + "description": "items is the list of CSIDriver", + "items": { + "allOf": [ + { + "$ref": "#/components/schemas/io.k8s.api.storage.v1.CSIDriver" + } + ], + "default": {} + }, + "type": "array" + }, + "kind": { + "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", + "type": "string" + }, + "metadata": { + "allOf": [ + { + "$ref": "#/components/schemas/io.k8s.apimachinery.pkg.apis.meta.v1.ListMeta" + } + ], + "default": {}, + "description": "Standard list metadata More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata" + } + }, + "required": [ + "items" + ], + "type": "object", + "x-kubernetes-group-version-kind": [ + { + "group": "storage.k8s.io", + "kind": "CSIDriverList", + "version": "v1" + } + ] + }, + "storage.k8s.io/v1/CSINode": { + "description": "CSINode holds information about all CSI drivers installed on a node. CSI drivers do not need to create the CSINode object directly. As long as they use the node-driver-registrar sidecar container, the kubelet will automatically populate the CSINode object for the CSI driver as part of kubelet plugin registration. CSINode has the same name as a node. If the object is missing, it means either there are no CSI Drivers available on the node, or the Kubelet version is low enough that it doesn't create this object. CSINode has an OwnerReference that points to the corresponding node object.", + "namespaced": false, + "properties": { + "apiVersion": { + "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources", + "type": "string" + }, + "kind": { + "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", + "type": "string" + }, + "metadata": { + "allOf": [ + { + "$ref": "#/components/schemas/io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta" + } + ], + "default": {}, + "description": "Standard object's metadata. metadata.name must be the Kubernetes node name." + }, + "spec": { + "allOf": [ + { + "$ref": "#/components/schemas/io.k8s.api.storage.v1.CSINodeSpec" + } + ], + "default": {}, + "description": "spec is the specification of CSINode" + } + }, + "required": [ + "spec" + ], + "type": "object", + "x-kubernetes-group-version-kind": [ + { + "group": "storage.k8s.io", + "kind": "CSINode", + "version": "v1" + } + ] + }, + "storage.k8s.io/v1/CSINodeList": { + "description": "CSINodeList is a collection of CSINode objects.", + "namespaced": true, + "properties": { + "apiVersion": { + "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources", + "type": "string" + }, + "items": { + "description": "items is the list of CSINode", + "items": { + "allOf": [ + { + "$ref": "#/components/schemas/io.k8s.api.storage.v1.CSINode" + } + ], + "default": {} + }, + "type": "array" + }, + "kind": { + "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", + "type": "string" + }, + "metadata": { + "allOf": [ + { + "$ref": "#/components/schemas/io.k8s.apimachinery.pkg.apis.meta.v1.ListMeta" + } + ], + "default": {}, + "description": "Standard list metadata More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata" + } + }, + "required": [ + "items" + ], + "type": "object", + "x-kubernetes-group-version-kind": [ + { + "group": "storage.k8s.io", + "kind": "CSINodeList", + "version": "v1" + } + ] + }, + "storage.k8s.io/v1/CSIStorageCapacity": { + "description": "CSIStorageCapacity stores the result of one CSI GetCapacity call. For a given StorageClass, this describes the available capacity in a particular topology segment. This can be used when considering where to instantiate new PersistentVolumes.\n\nFor example this can express things like: - StorageClass \"standard\" has \"1234 GiB\" available in \"topology.kubernetes.io/zone=us-east1\" - StorageClass \"localssd\" has \"10 GiB\" available in \"kubernetes.io/hostname=knode-abc123\"\n\nThe following three cases all imply that no capacity is available for a certain combination: - no object exists with suitable topology and storage class name - such an object exists, but the capacity is unset - such an object exists, but the capacity is zero\n\nThe producer of these objects can decide which approach is more suitable.\n\nThey are consumed by the kube-scheduler when a CSI driver opts into capacity-aware scheduling with CSIDriverSpec.StorageCapacity. The scheduler compares the MaximumVolumeSize against the requested size of pending volumes to filter out unsuitable nodes. If MaximumVolumeSize is unset, it falls back to a comparison against the less precise Capacity. If that is also unset, the scheduler assumes that capacity is insufficient and tries some other node.", + "namespaced": true, + "properties": { + "apiVersion": { + "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources", + "type": "string" + }, + "capacity": { + "allOf": [ + { + "$ref": "#/components/schemas/io.k8s.apimachinery.pkg.api.resource.Quantity" + } + ], + "description": "capacity is the value reported by the CSI driver in its GetCapacityResponse for a GetCapacityRequest with topology and parameters that match the previous fields.\n\nThe semantic is currently (CSI spec 1.2) defined as: The available capacity, in bytes, of the storage that can be used to provision volumes. If not set, that information is currently unavailable." + }, + "kind": { + "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", + "type": "string" + }, + "maximumVolumeSize": { + "allOf": [ + { + "$ref": "#/components/schemas/io.k8s.apimachinery.pkg.api.resource.Quantity" + } + ], + "description": "maximumVolumeSize is the value reported by the CSI driver in its GetCapacityResponse for a GetCapacityRequest with topology and parameters that match the previous fields.\n\nThis is defined since CSI spec 1.4.0 as the largest size that may be used in a CreateVolumeRequest.capacity_range.required_bytes field to create a volume with the same parameters as those in GetCapacityRequest. The corresponding value in the Kubernetes API is ResourceRequirements.Requests in a volume claim." + }, + "metadata": { + "allOf": [ + { + "$ref": "#/components/schemas/io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta" + } + ], + "default": {}, + "description": "Standard object's metadata. The name has no particular meaning. It must be a DNS subdomain (dots allowed, 253 characters). To ensure that there are no conflicts with other CSI drivers on the cluster, the recommendation is to use csisc-, a generated name, or a reverse-domain name which ends with the unique CSI driver name.\n\nObjects are namespaced.\n\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata" + }, + "nodeTopology": { + "allOf": [ + { + "$ref": "#/components/schemas/io.k8s.apimachinery.pkg.apis.meta.v1.LabelSelector" + } + ], + "description": "nodeTopology defines which nodes have access to the storage for which capacity was reported. If not set, the storage is not accessible from any node in the cluster. If empty, the storage is accessible from all nodes. This field is immutable." + }, + "storageClassName": { + "default": "", + "description": "storageClassName represents the name of the StorageClass that the reported capacity applies to. It must meet the same requirements as the name of a StorageClass object (non-empty, DNS subdomain). If that object no longer exists, the CSIStorageCapacity object is obsolete and should be removed by its creator. This field is immutable.", + "type": "string" + } + }, + "required": [ + "storageClassName" + ], + "type": "object", + "x-kubernetes-group-version-kind": [ + { + "group": "storage.k8s.io", + "kind": "CSIStorageCapacity", + "version": "v1" + } + ] + }, + "storage.k8s.io/v1/CSIStorageCapacityList": { + "description": "CSIStorageCapacityList is a collection of CSIStorageCapacity objects.", + "namespaced": true, + "properties": { + "apiVersion": { + "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources", + "type": "string" + }, + "items": { + "description": "items is the list of CSIStorageCapacity objects.", + "items": { + "allOf": [ + { + "$ref": "#/components/schemas/io.k8s.api.storage.v1.CSIStorageCapacity" + } + ], + "default": {} + }, + "type": "array" + }, + "kind": { + "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", + "type": "string" + }, + "metadata": { + "allOf": [ + { + "$ref": "#/components/schemas/io.k8s.apimachinery.pkg.apis.meta.v1.ListMeta" + } + ], + "default": {}, + "description": "Standard list metadata More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata" + } + }, + "required": [ + "items" + ], + "type": "object", + "x-kubernetes-group-version-kind": [ + { + "group": "storage.k8s.io", + "kind": "CSIStorageCapacityList", + "version": "v1" + } + ] + }, + "storage.k8s.io/v1/StorageClass": { + "description": "StorageClass describes the parameters for a class of storage for which PersistentVolumes can be dynamically provisioned.\n\nStorageClasses are non-namespaced; the name of the storage class according to etcd is in ObjectMeta.Name.", + "namespaced": false, + "properties": { + "allowVolumeExpansion": { + "description": "allowVolumeExpansion shows whether the storage class allow volume expand.", + "type": "boolean" + }, + "allowedTopologies": { + "description": "allowedTopologies restrict the node topologies where volumes can be dynamically provisioned. Each volume plugin defines its own supported topology specifications. An empty TopologySelectorTerm list means there is no topology restriction. This field is only honored by servers that enable the VolumeScheduling feature.", + "items": { + "allOf": [ + { + "$ref": "#/components/schemas/io.k8s.api.core.v1.TopologySelectorTerm" + } + ], + "default": {} + }, + "type": "array", + "x-kubernetes-list-type": "atomic" + }, + "apiVersion": { + "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources", + "type": "string" + }, + "kind": { + "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", + "type": "string" + }, + "metadata": { + "allOf": [ + { + "$ref": "#/components/schemas/io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta" + } + ], + "default": {}, + "description": "Standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata" + }, + "mountOptions": { + "description": "mountOptions controls the mountOptions for dynamically provisioned PersistentVolumes of this storage class. e.g. [\"ro\", \"soft\"]. Not validated - mount of the PVs will simply fail if one is invalid.", + "items": { + "default": "", + "type": "string" + }, + "type": "array", + "x-kubernetes-list-type": "atomic" + }, + "parameters": { + "additionalProperties": { + "default": "", + "type": "string" + }, + "description": "parameters holds the parameters for the provisioner that should create volumes of this storage class.", + "type": "object" + }, + "provisioner": { + "default": "", + "description": "provisioner indicates the type of the provisioner.", + "type": "string" + }, + "reclaimPolicy": { + "description": "reclaimPolicy controls the reclaimPolicy for dynamically provisioned PersistentVolumes of this storage class. Defaults to Delete.\n\nPossible enum values:\n - `\"Delete\"` means the volume will be deleted from Kubernetes on release from its claim. The volume plugin must support Deletion.\n - `\"Recycle\"` means the volume will be recycled back into the pool of unbound persistent volumes on release from its claim. The volume plugin must support Recycling.\n - `\"Retain\"` means the volume will be left in its current phase (Released) for manual reclamation by the administrator. The default policy is Retain.", + "enum": [ + "Delete", + "Recycle", + "Retain" + ], + "type": "string" + }, + "volumeBindingMode": { + "description": "volumeBindingMode indicates how PersistentVolumeClaims should be provisioned and bound. When unset, VolumeBindingImmediate is used. This field is only honored by servers that enable the VolumeScheduling feature.\n\nPossible enum values:\n - `\"Immediate\"` indicates that PersistentVolumeClaims should be immediately provisioned and bound. This is the default mode.\n - `\"WaitForFirstConsumer\"` indicates that PersistentVolumeClaims should not be provisioned and bound until the first Pod is created that references the PeristentVolumeClaim. The volume provisioning and binding will occur during Pod scheduing.", + "enum": [ + "Immediate", + "WaitForFirstConsumer" + ], + "type": "string" + } + }, + "required": [ + "provisioner" + ], + "type": "object", + "x-kubernetes-group-version-kind": [ + { + "group": "storage.k8s.io", + "kind": "StorageClass", + "version": "v1" + } + ] + }, + "storage.k8s.io/v1/StorageClassList": { + "description": "StorageClassList is a collection of storage classes.", + "namespaced": true, + "properties": { + "apiVersion": { + "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources", + "type": "string" + }, + "items": { + "description": "items is the list of StorageClasses", + "items": { + "allOf": [ + { + "$ref": "#/components/schemas/io.k8s.api.storage.v1.StorageClass" + } + ], + "default": {} + }, + "type": "array" + }, + "kind": { + "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", + "type": "string" + }, + "metadata": { + "allOf": [ + { + "$ref": "#/components/schemas/io.k8s.apimachinery.pkg.apis.meta.v1.ListMeta" + } + ], + "default": {}, + "description": "Standard list metadata More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata" + } + }, + "required": [ + "items" + ], + "type": "object", + "x-kubernetes-group-version-kind": [ + { + "group": "storage.k8s.io", + "kind": "StorageClassList", + "version": "v1" + } + ] + }, + "storage.k8s.io/v1/VolumeAttachment": { + "description": "VolumeAttachment captures the intent to attach or detach the specified volume to/from the specified node.\n\nVolumeAttachment objects are non-namespaced.", + "namespaced": false, + "properties": { + "apiVersion": { + "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources", + "type": "string" + }, + "kind": { + "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", + "type": "string" + }, + "metadata": { + "allOf": [ + { + "$ref": "#/components/schemas/io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta" + } + ], + "default": {}, + "description": "Standard object metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata" + }, + "spec": { + "allOf": [ + { + "$ref": "#/components/schemas/io.k8s.api.storage.v1.VolumeAttachmentSpec" + } + ], + "default": {}, + "description": "spec represents specification of the desired attach/detach volume behavior. Populated by the Kubernetes system." + }, + "status": { + "allOf": [ + { + "$ref": "#/components/schemas/io.k8s.api.storage.v1.VolumeAttachmentStatus" + } + ], + "default": {}, + "description": "status represents status of the VolumeAttachment request. Populated by the entity completing the attach or detach operation, i.e. the external-attacher." + } + }, + "required": [ + "spec" + ], + "type": "object", + "x-kubernetes-group-version-kind": [ + { + "group": "storage.k8s.io", + "kind": "VolumeAttachment", + "version": "v1" + } + ] + }, + "storage.k8s.io/v1/VolumeAttachmentList": { + "description": "VolumeAttachmentList is a collection of VolumeAttachment objects.", + "namespaced": true, + "properties": { + "apiVersion": { + "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources", + "type": "string" + }, + "items": { + "description": "items is the list of VolumeAttachments", + "items": { + "allOf": [ + { + "$ref": "#/components/schemas/io.k8s.api.storage.v1.VolumeAttachment" + } + ], + "default": {} + }, + "type": "array" + }, + "kind": { + "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", + "type": "string" + }, + "metadata": { + "allOf": [ + { + "$ref": "#/components/schemas/io.k8s.apimachinery.pkg.apis.meta.v1.ListMeta" + } + ], + "default": {}, + "description": "Standard list metadata More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata" + } + }, + "required": [ + "items" + ], + "type": "object", + "x-kubernetes-group-version-kind": [ + { + "group": "storage.k8s.io", + "kind": "VolumeAttachmentList", + "version": "v1" + } + ] + }, + "storage.k8s.io/v1/VolumeAttributesClass": { + "description": "VolumeAttributesClass represents a specification of mutable volume attributes defined by the CSI driver. The class can be specified during dynamic provisioning of PersistentVolumeClaims, and changed in the PersistentVolumeClaim spec after provisioning.", + "namespaced": false, + "properties": { + "apiVersion": { + "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources", + "type": "string" + }, + "driverName": { + "default": "", + "description": "Name of the CSI driver This field is immutable.", + "type": "string" + }, + "kind": { + "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", + "type": "string" + }, + "metadata": { + "allOf": [ + { + "$ref": "#/components/schemas/io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta" + } + ], + "default": {}, + "description": "Standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata" + }, + "parameters": { + "additionalProperties": { + "default": "", + "type": "string" + }, + "description": "parameters hold volume attributes defined by the CSI driver. These values are opaque to the Kubernetes and are passed directly to the CSI driver. The underlying storage provider supports changing these attributes on an existing volume, however the parameters field itself is immutable. To invoke a volume update, a new VolumeAttributesClass should be created with new parameters, and the PersistentVolumeClaim should be updated to reference the new VolumeAttributesClass.\n\nThis field is required and must contain at least one key/value pair. The keys cannot be empty, and the maximum number of parameters is 512, with a cumulative max size of 256K. If the CSI driver rejects invalid parameters, the target PersistentVolumeClaim will be set to an \"Infeasible\" state in the modifyVolumeStatus field.", + "type": "object" + } + }, + "required": [ + "driverName" + ], + "type": "object", + "x-kubernetes-group-version-kind": [ + { + "group": "storage.k8s.io", + "kind": "VolumeAttributesClass", + "version": "v1" + } + ] + }, + "storage.k8s.io/v1/VolumeAttributesClassList": { + "description": "VolumeAttributesClassList is a collection of VolumeAttributesClass objects.", + "namespaced": true, + "properties": { + "apiVersion": { + "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources", + "type": "string" + }, + "items": { + "description": "items is the list of VolumeAttributesClass objects.", + "items": { + "allOf": [ + { + "$ref": "#/components/schemas/io.k8s.api.storage.v1.VolumeAttributesClass" + } + ], + "default": {} + }, + "type": "array" + }, + "kind": { + "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", + "type": "string" + }, + "metadata": { + "allOf": [ + { + "$ref": "#/components/schemas/io.k8s.apimachinery.pkg.apis.meta.v1.ListMeta" + } + ], + "default": {}, + "description": "Standard list metadata More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata" + } + }, + "required": [ + "items" + ], + "type": "object", + "x-kubernetes-group-version-kind": [ + { + "group": "storage.k8s.io", + "kind": "VolumeAttributesClassList", + "version": "v1" + } + ] + }, + "template.openshift.io/v1/BrokerTemplateInstance": { + "description": "BrokerTemplateInstance holds the service broker-related state associated with a TemplateInstance. BrokerTemplateInstance is part of an experimental API.\n\nCompatibility level 1: Stable within a major release for a minimum of 12 months or 3 minor releases (whichever is longer).", + "namespaced": false, + "properties": { + "apiVersion": { + "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources", + "type": "string" + }, + "kind": { + "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", + "type": "string" + }, + "metadata": { + "allOf": [ + { + "$ref": "#/components/schemas/io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta" + } + ], + "default": {}, + "description": "metadata is the standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata" + }, + "spec": { + "allOf": [ + { + "$ref": "#/components/schemas/com.github.openshift.api.template.v1.BrokerTemplateInstanceSpec" + } + ], + "default": {}, + "description": "spec describes the state of this BrokerTemplateInstance." + } + }, + "required": [ + "spec" + ], + "type": "object", + "x-kubernetes-group-version-kind": [ + { + "group": "template.openshift.io", + "kind": "BrokerTemplateInstance", + "version": "v1" + } + ] + }, + "template.openshift.io/v1/BrokerTemplateInstanceList": { + "description": "BrokerTemplateInstanceList is a list of BrokerTemplateInstance objects.\n\nCompatibility level 1: Stable within a major release for a minimum of 12 months or 3 minor releases (whichever is longer).", + "namespaced": true, + "properties": { + "apiVersion": { + "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources", + "type": "string" + }, + "items": { + "description": "items is a list of BrokerTemplateInstances", + "items": { + "allOf": [ + { + "$ref": "#/components/schemas/com.github.openshift.api.template.v1.BrokerTemplateInstance" + } + ], + "default": {} + }, + "type": "array" + }, + "kind": { + "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", + "type": "string" + }, + "metadata": { + "allOf": [ + { + "$ref": "#/components/schemas/io.k8s.apimachinery.pkg.apis.meta.v1.ListMeta" + } + ], + "default": {}, + "description": "metadata is the standard list's metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata" + } + }, + "required": [ + "items" + ], + "type": "object", + "x-kubernetes-group-version-kind": [ + { + "group": "template.openshift.io", + "kind": "BrokerTemplateInstanceList", + "version": "v1" + } + ] + }, + "template.openshift.io/v1/Template": { + "description": "Template contains the inputs needed to produce a Config.\n\nCompatibility level 1: Stable within a major release for a minimum of 12 months or 3 minor releases (whichever is longer).", + "namespaced": true, + "properties": { + "apiVersion": { + "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources", + "type": "string" + }, + "kind": { + "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", + "type": "string" + }, + "labels": { + "additionalProperties": { + "default": "", + "type": "string" + }, + "description": "labels is a optional set of labels that are applied to every object during the Template to Config transformation.", + "type": "object" + }, + "message": { + "description": "message is an optional instructional message that will be displayed when this template is instantiated. This field should inform the user how to utilize the newly created resources. Parameter substitution will be performed on the message before being displayed so that generated credentials and other parameters can be included in the output.", + "type": "string" + }, + "metadata": { + "allOf": [ + { + "$ref": "#/components/schemas/io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta" + } + ], + "default": {}, + "description": "metadata is the standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata" + }, + "objects": { + "description": "objects is an array of resources to include in this template. If a namespace value is hardcoded in the object, it will be removed during template instantiation, however if the namespace value is, or contains, a ${PARAMETER_REFERENCE}, the resolved value after parameter substitution will be respected and the object will be created in that namespace.", + "items": { + "$ref": "#/components/schemas/io.k8s.apimachinery.pkg.runtime.RawExtension" + }, + "type": "array" + }, + "parameters": { + "description": "parameters is an optional array of Parameters used during the Template to Config transformation.", + "items": { + "allOf": [ + { + "$ref": "#/components/schemas/com.github.openshift.api.template.v1.Parameter" + } + ], + "default": {} + }, + "type": "array" + } + }, + "required": [ + "objects" + ], + "type": "object", + "x-kubernetes-group-version-kind": [ + { + "group": "template.openshift.io", + "kind": "Template", + "version": "v1" + } + ] + }, + "template.openshift.io/v1/TemplateInstance": { + "description": "TemplateInstance requests and records the instantiation of a Template. TemplateInstance is part of an experimental API.\n\nCompatibility level 1: Stable within a major release for a minimum of 12 months or 3 minor releases (whichever is longer).", + "namespaced": true, + "properties": { + "apiVersion": { + "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources", + "type": "string" + }, + "kind": { + "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", + "type": "string" + }, + "metadata": { + "allOf": [ + { + "$ref": "#/components/schemas/io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta" + } + ], + "default": {}, + "description": "metadata is the standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata" + }, + "spec": { + "allOf": [ + { + "$ref": "#/components/schemas/com.github.openshift.api.template.v1.TemplateInstanceSpec" + } + ], + "default": {}, + "description": "spec describes the desired state of this TemplateInstance." + }, + "status": { + "allOf": [ + { + "$ref": "#/components/schemas/com.github.openshift.api.template.v1.TemplateInstanceStatus" + } + ], + "default": {}, + "description": "status describes the current state of this TemplateInstance." + } + }, + "required": [ + "spec" + ], + "type": "object", + "x-kubernetes-group-version-kind": [ + { + "group": "template.openshift.io", + "kind": "TemplateInstance", + "version": "v1" + } + ] + }, + "template.openshift.io/v1/TemplateInstanceList": { + "description": "TemplateInstanceList is a list of TemplateInstance objects.\n\nCompatibility level 1: Stable within a major release for a minimum of 12 months or 3 minor releases (whichever is longer).", + "namespaced": true, + "properties": { + "apiVersion": { + "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources", + "type": "string" + }, + "items": { + "description": "items is a list of Templateinstances", + "items": { + "allOf": [ + { + "$ref": "#/components/schemas/com.github.openshift.api.template.v1.TemplateInstance" + } + ], + "default": {} + }, + "type": "array" + }, + "kind": { + "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", + "type": "string" + }, + "metadata": { + "allOf": [ + { + "$ref": "#/components/schemas/io.k8s.apimachinery.pkg.apis.meta.v1.ListMeta" + } + ], + "default": {}, + "description": "metadata is the standard list's metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata" + } + }, + "required": [ + "items" + ], + "type": "object", + "x-kubernetes-group-version-kind": [ + { + "group": "template.openshift.io", + "kind": "TemplateInstanceList", + "version": "v1" + } + ] + }, + "template.openshift.io/v1/TemplateList": { + "description": "TemplateList is a list of Template objects.\n\nCompatibility level 1: Stable within a major release for a minimum of 12 months or 3 minor releases (whichever is longer).", + "namespaced": true, + "properties": { + "apiVersion": { + "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources", + "type": "string" + }, + "items": { + "description": "items is a list of templates", + "items": { + "allOf": [ + { + "$ref": "#/components/schemas/com.github.openshift.api.template.v1.Template" + } + ], + "default": {} + }, + "type": "array" + }, + "kind": { + "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", + "type": "string" + }, + "metadata": { + "allOf": [ + { + "$ref": "#/components/schemas/io.k8s.apimachinery.pkg.apis.meta.v1.ListMeta" + } + ], + "default": {}, + "description": "metadata is the standard list's metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata" + } + }, + "required": [ + "items" + ], + "type": "object", + "x-kubernetes-group-version-kind": [ + { + "group": "template.openshift.io", + "kind": "TemplateList", + "version": "v1" + } + ] + }, + "tuned.openshift.io/v1/Profile": { + "description": "Profile is a specification for a Profile resource.", + "namespaced": true, + "properties": { + "apiVersion": { + "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources", + "type": "string" + }, + "kind": { + "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", + "type": "string" + }, + "metadata": { + "allOf": [ + { + "$ref": "#/components/schemas/io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta" + } + ], + "description": "Standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata" + }, + "spec": { + "properties": { + "config": { + "properties": { + "debug": { + "description": "option to debug TuneD daemon execution", + "type": "boolean" + }, + "providerName": { + "description": "Name of the cloud provider as taken from the Node providerID: ://", + "type": "string" + }, + "tunedConfig": { + "description": "Global configuration for the TuneD daemon as defined in tuned-main.conf", "properties": { - "ciphers": { - "description": "ciphers is used to specify the cipher algorithms that are negotiated\nduring the TLS handshake. Operators may remove entries their operands\ndo not support. For example, to use DES-CBC3-SHA (yaml):\n\n ciphers:\n - DES-CBC3-SHA", - "items": { - "type": "string" - }, - "type": "array", - "x-kubernetes-list-type": "atomic" - }, - "minTLSVersion": { - "description": "minTLSVersion is used to specify the minimal version of the TLS protocol\nthat is negotiated during the TLS handshake. For example, to use TLS\nversions 1.1, 1.2 and 1.3 (yaml):\n\n minTLSVersion: VersionTLS11\n\nNOTE: currently the highest minTLSVersion allowed is VersionTLS12", - "enum": [ - "VersionTLS10", - "VersionTLS11", - "VersionTLS12", - "VersionTLS13" - ], - "type": "string" + "reapply_sysctl": { + "description": "turn reapply_sysctl functionality on/off for the TuneD daemon: true/false", + "type": "boolean" } }, "type": "object" }, - "intermediate": { - "description": "intermediate is a TLS security profile based on:\n\nhttps://wiki.mozilla.org/Security/Server_Side_TLS#Intermediate_compatibility_.28recommended.29\n\nand looks like this (yaml):\n\n ciphers:\n\n - TLS_AES_128_GCM_SHA256\n\n - TLS_AES_256_GCM_SHA384\n\n - TLS_CHACHA20_POLY1305_SHA256\n\n - ECDHE-ECDSA-AES128-GCM-SHA256\n\n - ECDHE-RSA-AES128-GCM-SHA256\n\n - ECDHE-ECDSA-AES256-GCM-SHA384\n\n - ECDHE-RSA-AES256-GCM-SHA384\n\n - ECDHE-ECDSA-CHACHA20-POLY1305\n\n - ECDHE-RSA-CHACHA20-POLY1305\n\n - DHE-RSA-AES128-GCM-SHA256\n\n - DHE-RSA-AES256-GCM-SHA384\n\n minTLSVersion: VersionTLS12", - "nullable": true, - "type": "object" - }, - "modern": { - "description": "modern is a TLS security profile based on:\n\nhttps://wiki.mozilla.org/Security/Server_Side_TLS#Modern_compatibility\n\nand looks like this (yaml):\n\n ciphers:\n\n - TLS_AES_128_GCM_SHA256\n\n - TLS_AES_256_GCM_SHA384\n\n - TLS_CHACHA20_POLY1305_SHA256\n\n minTLSVersion: VersionTLS13", - "nullable": true, - "type": "object" - }, - "old": { - "description": "old is a TLS security profile based on:\n\nhttps://wiki.mozilla.org/Security/Server_Side_TLS#Old_backward_compatibility\n\nand looks like this (yaml):\n\n ciphers:\n\n - TLS_AES_128_GCM_SHA256\n\n - TLS_AES_256_GCM_SHA384\n\n - TLS_CHACHA20_POLY1305_SHA256\n\n - ECDHE-ECDSA-AES128-GCM-SHA256\n\n - ECDHE-RSA-AES128-GCM-SHA256\n\n - ECDHE-ECDSA-AES256-GCM-SHA384\n\n - ECDHE-RSA-AES256-GCM-SHA384\n\n - ECDHE-ECDSA-CHACHA20-POLY1305\n\n - ECDHE-RSA-CHACHA20-POLY1305\n\n - DHE-RSA-AES128-GCM-SHA256\n\n - DHE-RSA-AES256-GCM-SHA384\n\n - DHE-RSA-CHACHA20-POLY1305\n\n - ECDHE-ECDSA-AES128-SHA256\n\n - ECDHE-RSA-AES128-SHA256\n\n - ECDHE-ECDSA-AES128-SHA\n\n - ECDHE-RSA-AES128-SHA\n\n - ECDHE-ECDSA-AES256-SHA384\n\n - ECDHE-RSA-AES256-SHA384\n\n - ECDHE-ECDSA-AES256-SHA\n\n - ECDHE-RSA-AES256-SHA\n\n - DHE-RSA-AES128-SHA256\n\n - DHE-RSA-AES256-SHA256\n\n - AES128-GCM-SHA256\n\n - AES256-GCM-SHA384\n\n - AES128-SHA256\n\n - AES256-SHA256\n\n - AES128-SHA\n\n - AES256-SHA\n\n - DES-CBC3-SHA\n\n minTLSVersion: VersionTLS10", - "nullable": true, - "type": "object" - }, - "type": { - "description": "type is one of Old, Intermediate, Modern or Custom. Custom provides\nthe ability to specify individual TLS security profile parameters.\nOld, Intermediate and Modern are TLS security profiles based on:\n\nhttps://wiki.mozilla.org/Security/Server_Side_TLS#Recommended_configurations\n\nThe profiles are intent based, so they may change over time as new ciphers are developed and existing ciphers\nare found to be insecure. Depending on precisely which ciphers are available to a process, the list may be\nreduced.\n\nNote that the Modern profile is currently not supported because it is not\nyet well adopted by common software libraries.", - "enum": [ - "Old", - "Intermediate", - "Modern", - "Custom" - ], + "tunedProfile": { + "description": "TuneD profile to apply", "type": "string" + }, + "verbosity": { + "description": "klog logging verbosity", + "type": "integer" } }, + "required": [ + "tunedProfile" + ], "type": "object" }, - "tokenGenerationService": { - "description": "TokenGenerationService configures the service for generating tokens to access VNC for a VM.", - "properties": { - "enabled": { - "type": "boolean" - } + "profile": { + "description": "Tuned profiles.", + "items": { + "description": "A Tuned profile.", + "properties": { + "data": { + "description": "Specification of the Tuned profile to be consumed by the Tuned daemon.", + "type": "string" + }, + "name": { + "description": "Name of the Tuned profile to be used in the recommend section.", + "minLength": 1, + "type": "string" + } + }, + "required": [ + "data", + "name" + ], + "type": "object" }, - "type": "object" + "type": "array" } }, "required": [ - "commonTemplates" + "config" ], "type": "object" }, "status": { - "description": "SSPStatus defines the observed state of SSP", + "description": "ProfileStatus is the status for a Profile resource; the status is for internal use only\nand its fields may be changed/removed in the future.", "properties": { "conditions": { - "description": "A list of current conditions of the resource", + "description": "conditions represents the state of the per-node Profile application", "items": { - "description": "Condition represents the state of the operator's\nreconciliation functionality.", + "description": "StatusCondition represents a partial state of the per-node Profile application.", "properties": { - "lastHeartbeatTime": { - "format": "date-time", - "type": "string" - }, "lastTransitionTime": { + "description": "lastTransitionTime is the time of the last update to the current status property.", "format": "date-time", "type": "string" }, "message": { + "description": "message provides additional information about the current condition.\nThis is only to be consumed by humans.", "type": "string" }, "reason": { + "description": "reason is the CamelCase reason for the condition's current status.", "type": "string" }, "status": { + "description": "status of the condition, one of True, False, Unknown.", "type": "string" }, "type": { - "description": "ConditionType is the state of the operator's reconciliation functionality.", + "description": "type specifies the aspect reported by this condition.", "type": "string" } }, "required": [ + "lastTransitionTime", "status", "type" ], @@ -305541,31 +315106,18 @@ "type": "array" }, "observedGeneration": { - "description": "ObservedGeneration is the latest generation observed by the operator.", + "description": "If set, this represents the .metadata.generation that the conditions were set based upon.", "format": "int64", "type": "integer" }, - "observedVersion": { - "description": "The observed version of the resource", - "type": "string" - }, - "operatorVersion": { - "description": "The version of the resource as defined by the operator", - "type": "string" - }, - "paused": { - "description": "Paused is true when the operator notices paused annotation.", - "type": "boolean" - }, - "phase": { - "description": "Phase is the current phase of the deployment", - "type": "string" - }, - "targetVersion": { - "description": "The desired version of the resource", + "tunedProfile": { + "description": "the current profile in use by the Tuned daemon", "type": "string" } }, + "required": [ + "tunedProfile" + ], "type": "object" } }, @@ -305573,14 +315125,14 @@ "type": "object", "x-kubernetes-group-version-kind": [ { - "group": "ssp.kubevirt.io", - "kind": "SSP", - "version": "v1beta3" + "group": "tuned.openshift.io", + "kind": "Profile", + "version": "v1" } ] }, - "ssp.kubevirt.io/v1beta3/SSPList": { - "description": "SSPList is a list of SSP", + "tuned.openshift.io/v1/ProfileList": { + "description": "ProfileList is a list of Profile", "namespaced": true, "properties": { "apiVersion": { @@ -305588,9 +315140,9 @@ "type": "string" }, "items": { - "description": "List of ssps. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md", + "description": "List of profiles. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md", "items": { - "$ref": "#/components/schemas/io.kubevirt.ssp.v1beta3.SSP" + "$ref": "#/components/schemas/io.openshift.tuned.v1.Profile" }, "type": "array" }, @@ -305613,15 +315165,15 @@ "type": "object", "x-kubernetes-group-version-kind": [ { - "group": "ssp.kubevirt.io", - "kind": "SSPList", - "version": "v1beta3" + "group": "tuned.openshift.io", + "kind": "ProfileList", + "version": "v1" } ] }, - "storage.k8s.io/v1/CSIDriver": { - "description": "CSIDriver captures information about a Container Storage Interface (CSI) volume driver deployed on the cluster. Kubernetes attach detach controller uses this object to determine whether attach is required. Kubelet uses this object to determine whether pod information needs to be passed on mount. CSIDriver objects are non-namespaced.", - "namespaced": false, + "tuned.openshift.io/v1/Tuned": { + "description": "Tuned is a collection of rules that allows cluster-wide deployment\nof node-level sysctls and more flexibility to add custom tuning\nspecified by user needs. These rules are translated and passed to all\ncontainerized Tuned daemons running in the cluster in the format that\nthe daemons understand. The responsibility for applying the node-level\ntuning then lies with the containerized Tuned daemons. More info:\nhttps://github.com/openshift/cluster-node-tuning-operator", + "namespaced": true, "properties": { "apiVersion": { "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources", @@ -305637,33 +315189,272 @@ "$ref": "#/components/schemas/io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta" } ], - "default": {}, - "description": "Standard object metadata. metadata.Name indicates the name of the CSI driver that this object refers to; it MUST be the same name returned by the CSI GetPluginName() call for that driver. The driver name must be 63 characters or less, beginning and ending with an alphanumeric character ([a-z0-9A-Z]) with dashes (-), dots (.), and alphanumerics between. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata" + "description": "Standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata" }, "spec": { + "description": "spec is the specification of the desired behavior of Tuned. More info:\nhttps://git.k8s.io/community/contributors/devel/api-conventions.md#spec-and-status", + "properties": { + "managementState": { + "description": "managementState indicates whether the registry instance represented\nby this config instance is under operator management or not. Valid\nvalues are Force, Managed, Unmanaged, and Removed.", + "pattern": "^(Managed|Unmanaged|Force|Removed)$", + "type": "string" + }, + "profile": { + "description": "Tuned profiles.", + "items": { + "description": "A Tuned profile.", + "properties": { + "data": { + "description": "Specification of the Tuned profile to be consumed by the Tuned daemon.", + "type": "string" + }, + "name": { + "description": "Name of the Tuned profile to be used in the recommend section.", + "minLength": 1, + "type": "string" + } + }, + "required": [ + "data", + "name" + ], + "type": "object" + }, + "type": "array" + }, + "recommend": { + "description": "Selection logic for all Tuned profiles.", + "items": { + "description": "Selection logic for a single Tuned profile.", + "properties": { + "machineConfigLabels": { + "additionalProperties": { + "type": "string" + }, + "description": "MachineConfigLabels specifies the labels for a MachineConfig. The MachineConfig is created\nautomatically to apply additional host settings (e.g. kernel boot parameters) profile 'Profile'\nneeds and can only be applied by creating a MachineConfig. This involves finding all\nMachineConfigPools with machineConfigSelector matching the MachineConfigLabels and setting the\nprofile 'Profile' on all nodes that match the MachineConfigPools' nodeSelectors.", + "type": "object" + }, + "match": { + "description": "Rules governing application of a Tuned profile connected by logical OR operator.", + "items": { + "description": "Rules governing application of a Tuned profile.", + "properties": { + "label": { + "description": "Node or Pod label name.", + "type": "string" + }, + "match": { + "description": "Additional rules governing application of the tuned profile connected by logical AND operator.", + "items": { + "type": "object", + "x-kubernetes-preserve-unknown-fields": true + }, + "type": "array" + }, + "type": { + "description": "Match type: [node/pod]. If omitted, \"node\" is assumed.", + "enum": [ + "node", + "pod" + ], + "type": "string" + }, + "value": { + "description": "Node or Pod label value. If omitted, the presence of label name is enough to match.", + "type": "string" + } + }, + "required": [ + "label" + ], + "type": "object" + }, + "type": "array" + }, + "operand": { + "description": "Optional operand configuration.", + "properties": { + "debug": { + "description": "turn debugging on/off for the TuneD daemon: true/false (default is false)", + "type": "boolean" + }, + "tunedConfig": { + "description": "Global configuration for the TuneD daemon as defined in tuned-main.conf", + "properties": { + "reapply_sysctl": { + "description": "turn reapply_sysctl functionality on/off for the TuneD daemon: true/false", + "type": "boolean" + } + }, + "type": "object" + }, + "verbosity": { + "description": "klog logging verbosity", + "type": "integer" + } + }, + "type": "object" + }, + "priority": { + "description": "Tuned profile priority. Highest priority is 0.", + "format": "int64", + "minimum": 0, + "type": "integer" + }, + "profile": { + "description": "Name of the Tuned profile to recommend.", + "minLength": 1, + "type": "string" + } + }, + "required": [ + "priority", + "profile" + ], + "type": "object" + }, + "type": "array" + } + }, + "type": "object" + }, + "status": { + "description": "TunedStatus is the status for a Tuned resource.", + "properties": { + "conditions": { + "description": "conditions represents the state of the Tuned profile", + "items": { + "description": "StatusCondition represents a partial state of the per-node Profile application.", + "properties": { + "lastTransitionTime": { + "description": "lastTransitionTime is the time of the last update to the current status property.", + "format": "date-time", + "type": "string" + }, + "message": { + "description": "message provides additional information about the current condition.\nThis is only to be consumed by humans.", + "type": "string" + }, + "reason": { + "description": "reason is the CamelCase reason for the condition's current status.", + "type": "string" + }, + "status": { + "description": "status of the condition, one of True, False, Unknown.", + "type": "string" + }, + "type": { + "description": "type specifies the aspect reported by this condition.", + "type": "string" + } + }, + "required": [ + "lastTransitionTime", + "status", + "type" + ], + "type": "object" + }, + "type": "array" + } + }, + "type": "object" + } + }, + "required": [], + "type": "object", + "x-kubernetes-group-version-kind": [ + { + "group": "tuned.openshift.io", + "kind": "Tuned", + "version": "v1" + } + ] + }, + "tuned.openshift.io/v1/TunedList": { + "description": "TunedList is a list of Tuned", + "namespaced": true, + "properties": { + "apiVersion": { + "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources", + "type": "string" + }, + "items": { + "description": "List of tuneds. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md", + "items": { + "$ref": "#/components/schemas/io.openshift.tuned.v1.Tuned" + }, + "type": "array" + }, + "kind": { + "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", + "type": "string" + }, + "metadata": { "allOf": [ { - "$ref": "#/components/schemas/io.k8s.api.storage.v1.CSIDriverSpec" + "$ref": "#/components/schemas/io.k8s.apimachinery.pkg.apis.meta.v1.ListMeta" + } + ], + "description": "Standard list metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + } + }, + "required": [ + "items" + ], + "type": "object", + "x-kubernetes-group-version-kind": [ + { + "group": "tuned.openshift.io", + "kind": "TunedList", + "version": "v1" + } + ] + }, + "user.openshift.io/v1/Group": { + "description": "Group represents a referenceable set of Users\n\nCompatibility level 1: Stable within a major release for a minimum of 12 months or 3 minor releases (whichever is longer).", + "namespaced": false, + "properties": { + "apiVersion": { + "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources", + "type": "string" + }, + "kind": { + "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", + "type": "string" + }, + "metadata": { + "allOf": [ + { + "$ref": "#/components/schemas/io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta" } ], "default": {}, - "description": "spec represents the specification of the CSI Driver." + "description": "metadata is the standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata" + }, + "users": { + "description": "users is the list of users in this group.", + "items": { + "default": "", + "type": "string" + }, + "type": "array" } }, "required": [ - "spec" + "users" ], "type": "object", "x-kubernetes-group-version-kind": [ { - "group": "storage.k8s.io", - "kind": "CSIDriver", + "group": "user.openshift.io", + "kind": "Group", "version": "v1" } ] }, - "storage.k8s.io/v1/CSIDriverList": { - "description": "CSIDriverList is a collection of CSIDriver objects.", + "user.openshift.io/v1/GroupList": { + "description": "GroupList is a collection of Groups\n\nCompatibility level 1: Stable within a major release for a minimum of 12 months or 3 minor releases (whichever is longer).", "namespaced": true, "properties": { "apiVersion": { @@ -305671,11 +315462,11 @@ "type": "string" }, "items": { - "description": "items is the list of CSIDriver", + "description": "items is the list of groups", "items": { "allOf": [ { - "$ref": "#/components/schemas/io.k8s.api.storage.v1.CSIDriver" + "$ref": "#/components/schemas/com.github.openshift.api.user.v1.Group" } ], "default": {} @@ -305693,7 +315484,7 @@ } ], "default": {}, - "description": "Standard list metadata More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata" + "description": "metadata is the standard list's metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata" } }, "required": [ @@ -305702,20 +315493,28 @@ "type": "object", "x-kubernetes-group-version-kind": [ { - "group": "storage.k8s.io", - "kind": "CSIDriverList", + "group": "user.openshift.io", + "kind": "GroupList", "version": "v1" } ] }, - "storage.k8s.io/v1/CSINode": { - "description": "CSINode holds information about all CSI drivers installed on a node. CSI drivers do not need to create the CSINode object directly. As long as they use the node-driver-registrar sidecar container, the kubelet will automatically populate the CSINode object for the CSI driver as part of kubelet plugin registration. CSINode has the same name as a node. If the object is missing, it means either there are no CSI Drivers available on the node, or the Kubelet version is low enough that it doesn't create this object. CSINode has an OwnerReference that points to the corresponding node object.", + "user.openshift.io/v1/Identity": { + "description": "Identity records a successful authentication of a user with an identity provider. The information about the source of authentication is stored on the identity, and the identity is then associated with a single user object. Multiple identities can reference a single user. Information retrieved from the authentication provider is stored in the extra field using a schema determined by the provider.\n\nCompatibility level 1: Stable within a major release for a minimum of 12 months or 3 minor releases (whichever is longer).", "namespaced": false, "properties": { "apiVersion": { "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources", "type": "string" }, + "extra": { + "additionalProperties": { + "default": "", + "type": "string" + }, + "description": "extra holds extra information about this identity", + "type": "object" + }, "kind": { "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", "type": "string" @@ -305727,32 +315526,44 @@ } ], "default": {}, - "description": "Standard object's metadata. metadata.name must be the Kubernetes node name." + "description": "metadata is the standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata" }, - "spec": { + "providerName": { + "default": "", + "description": "providerName is the source of identity information", + "type": "string" + }, + "providerUserName": { + "default": "", + "description": "providerUserName uniquely represents this identity in the scope of the provider", + "type": "string" + }, + "user": { "allOf": [ { - "$ref": "#/components/schemas/io.k8s.api.storage.v1.CSINodeSpec" + "$ref": "#/components/schemas/io.k8s.api.core.v1.ObjectReference" } ], "default": {}, - "description": "spec is the specification of CSINode" + "description": "user is a reference to the user this identity is associated with Both Name and UID must be set" } }, "required": [ - "spec" + "providerName", + "providerUserName", + "user" ], "type": "object", "x-kubernetes-group-version-kind": [ { - "group": "storage.k8s.io", - "kind": "CSINode", + "group": "user.openshift.io", + "kind": "Identity", "version": "v1" } ] }, - "storage.k8s.io/v1/CSINodeList": { - "description": "CSINodeList is a collection of CSINode objects.", + "user.openshift.io/v1/IdentityList": { + "description": "IdentityList is a collection of Identities\n\nCompatibility level 1: Stable within a major release for a minimum of 12 months or 3 minor releases (whichever is longer).", "namespaced": true, "properties": { "apiVersion": { @@ -305760,11 +315571,11 @@ "type": "string" }, "items": { - "description": "items is the list of CSINode", + "description": "items is the list of identities", "items": { "allOf": [ { - "$ref": "#/components/schemas/io.k8s.api.storage.v1.CSINode" + "$ref": "#/components/schemas/com.github.openshift.api.user.v1.Identity" } ], "default": {} @@ -305782,7 +315593,7 @@ } ], "default": {}, - "description": "Standard list metadata More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata" + "description": "metadata is the standard list's metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata" } }, "required": [ @@ -305791,39 +315602,86 @@ "type": "object", "x-kubernetes-group-version-kind": [ { - "group": "storage.k8s.io", - "kind": "CSINodeList", + "group": "user.openshift.io", + "kind": "IdentityList", "version": "v1" } ] }, - "storage.k8s.io/v1/CSIStorageCapacity": { - "description": "CSIStorageCapacity stores the result of one CSI GetCapacity call. For a given StorageClass, this describes the available capacity in a particular topology segment. This can be used when considering where to instantiate new PersistentVolumes.\n\nFor example this can express things like: - StorageClass \"standard\" has \"1234 GiB\" available in \"topology.kubernetes.io/zone=us-east1\" - StorageClass \"localssd\" has \"10 GiB\" available in \"kubernetes.io/hostname=knode-abc123\"\n\nThe following three cases all imply that no capacity is available for a certain combination: - no object exists with suitable topology and storage class name - such an object exists, but the capacity is unset - such an object exists, but the capacity is zero\n\nThe producer of these objects can decide which approach is more suitable.\n\nThey are consumed by the kube-scheduler when a CSI driver opts into capacity-aware scheduling with CSIDriverSpec.StorageCapacity. The scheduler compares the MaximumVolumeSize against the requested size of pending volumes to filter out unsuitable nodes. If MaximumVolumeSize is unset, it falls back to a comparison against the less precise Capacity. If that is also unset, the scheduler assumes that capacity is insufficient and tries some other node.", - "namespaced": true, + "user.openshift.io/v1/User": { + "description": "Upon log in, every user of the system receives a User and Identity resource. Administrators may directly manipulate the attributes of the users for their own tracking, or set groups via the API. The user name is unique and is chosen based on the value provided by the identity provider - if a user already exists with the incoming name, the user name may have a number appended to it depending on the configuration of the system.\n\nCompatibility level 1: Stable within a major release for a minimum of 12 months or 3 minor releases (whichever is longer).", + "namespaced": false, "properties": { "apiVersion": { "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources", "type": "string" }, - "capacity": { + "fullName": { + "description": "fullName is the full name of user", + "type": "string" + }, + "groups": { + "description": "groups specifies group names this user is a member of. This field is deprecated and will be removed in a future release. Instead, create a Group object containing the name of this User.", + "items": { + "default": "", + "type": "string" + }, + "type": "array" + }, + "identities": { + "description": "identities are the identities associated with this user", + "items": { + "default": "", + "type": "string" + }, + "type": "array" + }, + "kind": { + "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", + "type": "string" + }, + "metadata": { "allOf": [ { - "$ref": "#/components/schemas/io.k8s.apimachinery.pkg.api.resource.Quantity" + "$ref": "#/components/schemas/io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta" } ], - "description": "capacity is the value reported by the CSI driver in its GetCapacityResponse for a GetCapacityRequest with topology and parameters that match the previous fields.\n\nThe semantic is currently (CSI spec 1.2) defined as: The available capacity, in bytes, of the storage that can be used to provision volumes. If not set, that information is currently unavailable." - }, - "kind": { - "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", + "default": {}, + "description": "metadata is the standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata" + } + }, + "required": [ + "groups" + ], + "type": "object", + "x-kubernetes-group-version-kind": [ + { + "group": "user.openshift.io", + "kind": "User", + "version": "v1" + } + ] + }, + "user.openshift.io/v1/UserIdentityMapping": { + "description": "UserIdentityMapping maps a user to an identity\n\nCompatibility level 1: Stable within a major release for a minimum of 12 months or 3 minor releases (whichever is longer).", + "namespaced": false, + "properties": { + "apiVersion": { + "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources", "type": "string" }, - "maximumVolumeSize": { + "identity": { "allOf": [ { - "$ref": "#/components/schemas/io.k8s.apimachinery.pkg.api.resource.Quantity" + "$ref": "#/components/schemas/io.k8s.api.core.v1.ObjectReference" } ], - "description": "maximumVolumeSize is the value reported by the CSI driver in its GetCapacityResponse for a GetCapacityRequest with topology and parameters that match the previous fields.\n\nThis is defined since CSI spec 1.4.0 as the largest size that may be used in a CreateVolumeRequest.capacity_range.required_bytes field to create a volume with the same parameters as those in GetCapacityRequest. The corresponding value in the Kubernetes API is ResourceRequirements.Requests in a volume claim." + "default": {}, + "description": "identity is a reference to an identity" + }, + "kind": { + "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", + "type": "string" }, "metadata": { "allOf": [ @@ -305832,36 +315690,30 @@ } ], "default": {}, - "description": "Standard object's metadata. The name has no particular meaning. It must be a DNS subdomain (dots allowed, 253 characters). To ensure that there are no conflicts with other CSI drivers on the cluster, the recommendation is to use csisc-, a generated name, or a reverse-domain name which ends with the unique CSI driver name.\n\nObjects are namespaced.\n\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata" + "description": "metadata is the standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata" }, - "nodeTopology": { + "user": { "allOf": [ { - "$ref": "#/components/schemas/io.k8s.apimachinery.pkg.apis.meta.v1.LabelSelector" + "$ref": "#/components/schemas/io.k8s.api.core.v1.ObjectReference" } ], - "description": "nodeTopology defines which nodes have access to the storage for which capacity was reported. If not set, the storage is not accessible from any node in the cluster. If empty, the storage is accessible from all nodes. This field is immutable." - }, - "storageClassName": { - "default": "", - "description": "storageClassName represents the name of the StorageClass that the reported capacity applies to. It must meet the same requirements as the name of a StorageClass object (non-empty, DNS subdomain). If that object no longer exists, the CSIStorageCapacity object is obsolete and should be removed by its creator. This field is immutable.", - "type": "string" + "default": {}, + "description": "user is a reference to a user" } }, - "required": [ - "storageClassName" - ], + "required": [], "type": "object", "x-kubernetes-group-version-kind": [ { - "group": "storage.k8s.io", - "kind": "CSIStorageCapacity", + "group": "user.openshift.io", + "kind": "UserIdentityMapping", "version": "v1" } ] }, - "storage.k8s.io/v1/CSIStorageCapacityList": { - "description": "CSIStorageCapacityList is a collection of CSIStorageCapacity objects.", + "user.openshift.io/v1/UserList": { + "description": "UserList is a collection of Users\n\nCompatibility level 1: Stable within a major release for a minimum of 12 months or 3 minor releases (whichever is longer).", "namespaced": true, "properties": { "apiVersion": { @@ -305869,11 +315721,11 @@ "type": "string" }, "items": { - "description": "items is the list of CSIStorageCapacity objects.", + "description": "items is the list of users", "items": { "allOf": [ { - "$ref": "#/components/schemas/io.k8s.api.storage.v1.CSIStorageCapacity" + "$ref": "#/components/schemas/com.github.openshift.api.user.v1.User" } ], "default": {} @@ -305891,35 +315743,187 @@ } ], "default": {}, - "description": "Standard list metadata More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata" + "description": "metadata is the standard list's metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata" + } + }, + "required": [ + "items" + ], + "type": "object", + "x-kubernetes-group-version-kind": [ + { + "group": "user.openshift.io", + "kind": "UserList", + "version": "v1" + } + ] + }, + "v1/APIGroup": { + "description": "APIGroup contains the name, the supported versions, and the preferred version of a group.", + "namespaced": true, + "properties": { + "apiVersion": { + "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources", + "type": "string" + }, + "kind": { + "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", + "type": "string" + }, + "name": { + "default": "", + "description": "name is the name of the group.", + "type": "string" + }, + "preferredVersion": { + "allOf": [ + { + "$ref": "#/components/schemas/io.k8s.apimachinery.pkg.apis.meta.v1.GroupVersionForDiscovery" + } + ], + "default": {}, + "description": "preferredVersion is the version preferred by the API server, which probably is the storage version." + }, + "serverAddressByClientCIDRs": { + "description": "a map of client CIDR to server address that is serving this group. This is to help clients reach servers in the most network-efficient way possible. Clients can use the appropriate server address as per the CIDR that they match. In case of multiple matches, clients should use the longest matching CIDR. The server returns only those CIDRs that it thinks that the client can match. For example: the master will return an internal IP CIDR only, if the client reaches the server using an internal IP. Server looks at X-Forwarded-For header or X-Real-Ip header or request.RemoteAddr (in that order) to get the client IP.", + "items": { + "allOf": [ + { + "$ref": "#/components/schemas/io.k8s.apimachinery.pkg.apis.meta.v1.ServerAddressByClientCIDR" + } + ], + "default": {} + }, + "type": "array", + "x-kubernetes-list-type": "atomic" + }, + "versions": { + "description": "versions are the versions supported in this group.", + "items": { + "allOf": [ + { + "$ref": "#/components/schemas/io.k8s.apimachinery.pkg.apis.meta.v1.GroupVersionForDiscovery" + } + ], + "default": {} + }, + "type": "array", + "x-kubernetes-list-type": "atomic" + } + }, + "required": [ + "name", + "versions" + ], + "type": "object", + "x-kubernetes-group-version-kind": [ + { + "group": "", + "kind": "APIGroup", + "version": "v1" + } + ] + }, + "v1/APIGroupList": { + "description": "APIGroupList is a list of APIGroup, to allow clients to discover the API at /apis.", + "namespaced": true, + "properties": { + "apiVersion": { + "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources", + "type": "string" + }, + "groups": { + "description": "groups is a list of APIGroup.", + "items": { + "allOf": [ + { + "$ref": "#/components/schemas/io.k8s.apimachinery.pkg.apis.meta.v1.APIGroup" + } + ], + "default": {} + }, + "type": "array", + "x-kubernetes-list-type": "atomic" + }, + "kind": { + "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", + "type": "string" + } + }, + "required": [ + "groups" + ], + "type": "object", + "x-kubernetes-group-version-kind": [ + { + "group": "", + "kind": "APIGroupList", + "version": "v1" + } + ] + }, + "v1/APIResourceList": { + "description": "APIResourceList is a list of APIResource, it is used to expose the name of the resources supported in a specific group and version, and if the resource is namespaced.", + "namespaced": true, + "properties": { + "apiVersion": { + "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources", + "type": "string" + }, + "groupVersion": { + "default": "", + "description": "groupVersion is the group and version this APIResourceList is for.", + "type": "string" + }, + "kind": { + "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", + "type": "string" + }, + "resources": { + "description": "resources contains the name of the resources and if they are namespaced.", + "items": { + "allOf": [ + { + "$ref": "#/components/schemas/io.k8s.apimachinery.pkg.apis.meta.v1.APIResource" + } + ], + "default": {} + }, + "type": "array", + "x-kubernetes-list-type": "atomic" } }, "required": [ - "items" + "groupVersion", + "resources" ], "type": "object", "x-kubernetes-group-version-kind": [ { - "group": "storage.k8s.io", - "kind": "CSIStorageCapacityList", + "group": "", + "kind": "APIResourceList", "version": "v1" } ] }, - "storage.k8s.io/v1/StorageClass": { - "description": "StorageClass describes the parameters for a class of storage for which PersistentVolumes can be dynamically provisioned.\n\nStorageClasses are non-namespaced; the name of the storage class according to etcd is in ObjectMeta.Name.", - "namespaced": false, + "v1/APIVersions": { + "description": "APIVersions lists the versions that are available, to allow clients to discover the API at /api, which is the root path of the legacy v1 API.", + "namespaced": true, "properties": { - "allowVolumeExpansion": { - "description": "allowVolumeExpansion shows whether the storage class allow volume expand.", - "type": "boolean" + "apiVersion": { + "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources", + "type": "string" }, - "allowedTopologies": { - "description": "allowedTopologies restrict the node topologies where volumes can be dynamically provisioned. Each volume plugin defines its own supported topology specifications. An empty TopologySelectorTerm list means there is no topology restriction. This field is only honored by servers that enable the VolumeScheduling feature.", + "kind": { + "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", + "type": "string" + }, + "serverAddressByClientCIDRs": { + "description": "a map of client CIDR to server address that is serving this group. This is to help clients reach servers in the most network-efficient way possible. Clients can use the appropriate server address as per the CIDR that they match. In case of multiple matches, clients should use the longest matching CIDR. The server returns only those CIDRs that it thinks that the client can match. For example: the master will return an internal IP CIDR only, if the client reaches the server using an internal IP. Server looks at X-Forwarded-For header or X-Real-Ip header or request.RemoteAddr (in that order) to get the client IP.", "items": { "allOf": [ { - "$ref": "#/components/schemas/io.k8s.api.core.v1.TopologySelectorTerm" + "$ref": "#/components/schemas/io.k8s.apimachinery.pkg.apis.meta.v1.ServerAddressByClientCIDR" } ], "default": {} @@ -305927,95 +315931,37 @@ "type": "array", "x-kubernetes-list-type": "atomic" }, - "apiVersion": { - "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources", - "type": "string" - }, - "kind": { - "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", - "type": "string" - }, - "metadata": { - "allOf": [ - { - "$ref": "#/components/schemas/io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta" - } - ], - "default": {}, - "description": "Standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata" - }, - "mountOptions": { - "description": "mountOptions controls the mountOptions for dynamically provisioned PersistentVolumes of this storage class. e.g. [\"ro\", \"soft\"]. Not validated - mount of the PVs will simply fail if one is invalid.", + "versions": { + "description": "versions are the api versions that are available.", "items": { "default": "", "type": "string" }, "type": "array", "x-kubernetes-list-type": "atomic" - }, - "parameters": { - "additionalProperties": { - "default": "", - "type": "string" - }, - "description": "parameters holds the parameters for the provisioner that should create volumes of this storage class.", - "type": "object" - }, - "provisioner": { - "default": "", - "description": "provisioner indicates the type of the provisioner.", - "type": "string" - }, - "reclaimPolicy": { - "description": "reclaimPolicy controls the reclaimPolicy for dynamically provisioned PersistentVolumes of this storage class. Defaults to Delete.\n\nPossible enum values:\n - `\"Delete\"` means the volume will be deleted from Kubernetes on release from its claim. The volume plugin must support Deletion.\n - `\"Recycle\"` means the volume will be recycled back into the pool of unbound persistent volumes on release from its claim. The volume plugin must support Recycling.\n - `\"Retain\"` means the volume will be left in its current phase (Released) for manual reclamation by the administrator. The default policy is Retain.", - "enum": [ - "Delete", - "Recycle", - "Retain" - ], - "type": "string" - }, - "volumeBindingMode": { - "description": "volumeBindingMode indicates how PersistentVolumeClaims should be provisioned and bound. When unset, VolumeBindingImmediate is used. This field is only honored by servers that enable the VolumeScheduling feature.\n\nPossible enum values:\n - `\"Immediate\"` indicates that PersistentVolumeClaims should be immediately provisioned and bound. This is the default mode.\n - `\"WaitForFirstConsumer\"` indicates that PersistentVolumeClaims should not be provisioned and bound until the first Pod is created that references the PeristentVolumeClaim. The volume provisioning and binding will occur during Pod scheduing.", - "enum": [ - "Immediate", - "WaitForFirstConsumer" - ], - "type": "string" } }, "required": [ - "provisioner" + "versions", + "serverAddressByClientCIDRs" ], "type": "object", "x-kubernetes-group-version-kind": [ { - "group": "storage.k8s.io", - "kind": "StorageClass", + "group": "", + "kind": "APIVersions", "version": "v1" } ] }, - "storage.k8s.io/v1/StorageClassList": { - "description": "StorageClassList is a collection of storage classes.", + "v1/Binding": { + "description": "Binding ties one object to another; for example, a pod is bound to a node by a scheduler.", "namespaced": true, "properties": { "apiVersion": { "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources", "type": "string" }, - "items": { - "description": "items is the list of StorageClasses", - "items": { - "allOf": [ - { - "$ref": "#/components/schemas/io.k8s.api.storage.v1.StorageClass" - } - ], - "default": {} - }, - "type": "array" - }, "kind": { "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", "type": "string" @@ -306023,33 +315969,60 @@ "metadata": { "allOf": [ { - "$ref": "#/components/schemas/io.k8s.apimachinery.pkg.apis.meta.v1.ListMeta" + "$ref": "#/components/schemas/io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta" } ], "default": {}, - "description": "Standard list metadata More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata" + "description": "Standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata" + }, + "target": { + "allOf": [ + { + "$ref": "#/components/schemas/io.k8s.api.core.v1.ObjectReference" + } + ], + "default": {}, + "description": "The target object that you want to bind to the standard object." } }, "required": [ - "items" + "target" ], "type": "object", "x-kubernetes-group-version-kind": [ { - "group": "storage.k8s.io", - "kind": "StorageClassList", + "group": "", + "kind": "Binding", "version": "v1" } ] }, - "storage.k8s.io/v1/VolumeAttachment": { - "description": "VolumeAttachment captures the intent to attach or detach the specified volume to/from the specified node.\n\nVolumeAttachment objects are non-namespaced.", + "v1/ComponentStatus": { + "description": "ComponentStatus (and ComponentStatusList) holds the cluster validation info. Deprecated: This API is deprecated in v1.19+", "namespaced": false, "properties": { "apiVersion": { "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources", "type": "string" }, + "conditions": { + "description": "List of component conditions observed", + "items": { + "allOf": [ + { + "$ref": "#/components/schemas/io.k8s.api.core.v1.ComponentCondition" + } + ], + "default": {} + }, + "type": "array", + "x-kubernetes-list-map-keys": [ + "type" + ], + "x-kubernetes-list-type": "map", + "x-kubernetes-patch-merge-key": "type", + "x-kubernetes-patch-strategy": "merge" + }, "kind": { "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", "type": "string" @@ -306061,41 +316034,21 @@ } ], "default": {}, - "description": "Standard object metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata" - }, - "spec": { - "allOf": [ - { - "$ref": "#/components/schemas/io.k8s.api.storage.v1.VolumeAttachmentSpec" - } - ], - "default": {}, - "description": "spec represents specification of the desired attach/detach volume behavior. Populated by the Kubernetes system." - }, - "status": { - "allOf": [ - { - "$ref": "#/components/schemas/io.k8s.api.storage.v1.VolumeAttachmentStatus" - } - ], - "default": {}, - "description": "status represents status of the VolumeAttachment request. Populated by the entity completing the attach or detach operation, i.e. the external-attacher." + "description": "Standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata" } }, - "required": [ - "spec" - ], + "required": [], "type": "object", "x-kubernetes-group-version-kind": [ { - "group": "storage.k8s.io", - "kind": "VolumeAttachment", + "group": "", + "kind": "ComponentStatus", "version": "v1" } ] }, - "storage.k8s.io/v1/VolumeAttachmentList": { - "description": "VolumeAttachmentList is a collection of VolumeAttachment objects.", + "v1/ComponentStatusList": { + "description": "Status of all the conditions for the component as a list of ComponentStatus objects. Deprecated: This API is deprecated in v1.19+", "namespaced": true, "properties": { "apiVersion": { @@ -306103,11 +316056,11 @@ "type": "string" }, "items": { - "description": "items is the list of VolumeAttachments", + "description": "List of ComponentStatus objects.", "items": { "allOf": [ { - "$ref": "#/components/schemas/io.k8s.api.storage.v1.VolumeAttachment" + "$ref": "#/components/schemas/io.k8s.api.core.v1.ComponentStatus" } ], "default": {} @@ -306125,7 +316078,7 @@ } ], "default": {}, - "description": "Standard list metadata More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata" + "description": "Standard list metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" } }, "required": [ @@ -306134,24 +316087,39 @@ "type": "object", "x-kubernetes-group-version-kind": [ { - "group": "storage.k8s.io", - "kind": "VolumeAttachmentList", + "group": "", + "kind": "ComponentStatusList", "version": "v1" } ] }, - "storage.k8s.io/v1/VolumeAttributesClass": { - "description": "VolumeAttributesClass represents a specification of mutable volume attributes defined by the CSI driver. The class can be specified during dynamic provisioning of PersistentVolumeClaims, and changed in the PersistentVolumeClaim spec after provisioning.", - "namespaced": false, + "v1/ConfigMap": { + "description": "ConfigMap holds configuration data for pods to consume.", + "namespaced": true, "properties": { "apiVersion": { "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources", "type": "string" }, - "driverName": { - "default": "", - "description": "Name of the CSI driver This field is immutable.", - "type": "string" + "binaryData": { + "additionalProperties": { + "format": "byte", + "type": "string" + }, + "description": "BinaryData contains the binary data. Each key must consist of alphanumeric characters, '-', '_' or '.'. BinaryData can contain byte sequences that are not in the UTF-8 range. The keys stored in BinaryData must not overlap with the ones in the Data field, this is enforced during validation process. Using this field will require 1.10+ apiserver and kubelet.", + "type": "object" + }, + "data": { + "additionalProperties": { + "default": "", + "type": "string" + }, + "description": "Data contains the configuration data. Each key must consist of alphanumeric characters, '-', '_' or '.'. Values with non-UTF-8 byte sequences must use the BinaryData field. The keys stored in Data must not overlap with the keys in the BinaryData field, this is enforced during validation process.", + "type": "object" + }, + "immutable": { + "description": "Immutable, if set to true, ensures that data stored in the ConfigMap cannot be updated (only object metadata can be modified). If not set to true, the field can be modified at any time. Defaulted to nil.", + "type": "boolean" }, "kind": { "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", @@ -306165,30 +316133,20 @@ ], "default": {}, "description": "Standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata" - }, - "parameters": { - "additionalProperties": { - "default": "", - "type": "string" - }, - "description": "parameters hold volume attributes defined by the CSI driver. These values are opaque to the Kubernetes and are passed directly to the CSI driver. The underlying storage provider supports changing these attributes on an existing volume, however the parameters field itself is immutable. To invoke a volume update, a new VolumeAttributesClass should be created with new parameters, and the PersistentVolumeClaim should be updated to reference the new VolumeAttributesClass.\n\nThis field is required and must contain at least one key/value pair. The keys cannot be empty, and the maximum number of parameters is 512, with a cumulative max size of 256K. If the CSI driver rejects invalid parameters, the target PersistentVolumeClaim will be set to an \"Infeasible\" state in the modifyVolumeStatus field.", - "type": "object" } }, - "required": [ - "driverName" - ], + "required": [], "type": "object", "x-kubernetes-group-version-kind": [ { - "group": "storage.k8s.io", - "kind": "VolumeAttributesClass", + "group": "", + "kind": "ConfigMap", "version": "v1" } ] }, - "storage.k8s.io/v1/VolumeAttributesClassList": { - "description": "VolumeAttributesClassList is a collection of VolumeAttributesClass objects.", + "v1/ConfigMapList": { + "description": "ConfigMapList is a resource containing a list of ConfigMap objects.", "namespaced": true, "properties": { "apiVersion": { @@ -306196,11 +316154,11 @@ "type": "string" }, "items": { - "description": "items is the list of VolumeAttributesClass objects.", + "description": "Items is the list of ConfigMaps.", "items": { "allOf": [ { - "$ref": "#/components/schemas/io.k8s.api.storage.v1.VolumeAttributesClass" + "$ref": "#/components/schemas/io.k8s.api.core.v1.ConfigMap" } ], "default": {} @@ -306218,7 +316176,7 @@ } ], "default": {}, - "description": "Standard list metadata More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata" + "description": "More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata" } }, "required": [ @@ -306227,15 +316185,15 @@ "type": "object", "x-kubernetes-group-version-kind": [ { - "group": "storage.k8s.io", - "kind": "VolumeAttributesClassList", + "group": "", + "kind": "ConfigMapList", "version": "v1" } ] }, - "template.openshift.io/v1/BrokerTemplateInstance": { - "description": "BrokerTemplateInstance holds the service broker-related state associated with a TemplateInstance. BrokerTemplateInstance is part of an experimental API.\n\nCompatibility level 1: Stable within a major release for a minimum of 12 months or 3 minor releases (whichever is longer).", - "namespaced": false, + "v1/Endpoints": { + "description": "Endpoints is a collection of endpoints that implement the actual service. Example:\n\n\t Name: \"mysvc\",\n\t Subsets: [\n\t {\n\t Addresses: [{\"ip\": \"10.10.1.1\"}, {\"ip\": \"10.10.2.2\"}],\n\t Ports: [{\"name\": \"a\", \"port\": 8675}, {\"name\": \"b\", \"port\": 309}]\n\t },\n\t {\n\t Addresses: [{\"ip\": \"10.10.3.3\"}],\n\t Ports: [{\"name\": \"a\", \"port\": 93}, {\"name\": \"b\", \"port\": 76}]\n\t },\n\t]\n\nEndpoints is a legacy API and does not contain information about all Service features. Use discoveryv1.EndpointSlice for complete information about Service endpoints.\n\nDeprecated: This API is deprecated in v1.33+. Use discoveryv1.EndpointSlice.", + "namespaced": true, "properties": { "apiVersion": { "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources", @@ -306252,32 +316210,34 @@ } ], "default": {}, - "description": "metadata is the standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata" + "description": "Standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata" }, - "spec": { - "allOf": [ - { - "$ref": "#/components/schemas/com.github.openshift.api.template.v1.BrokerTemplateInstanceSpec" - } - ], - "default": {}, - "description": "spec describes the state of this BrokerTemplateInstance." + "subsets": { + "description": "The set of all endpoints is the union of all subsets. Addresses are placed into subsets according to the IPs they share. A single address with multiple ports, some of which are ready and some of which are not (because they come from different containers) will result in the address being displayed in different subsets for the different ports. No address will appear in both Addresses and NotReadyAddresses in the same subset. Sets of addresses and ports that comprise a service.", + "items": { + "allOf": [ + { + "$ref": "#/components/schemas/io.k8s.api.core.v1.EndpointSubset" + } + ], + "default": {} + }, + "type": "array", + "x-kubernetes-list-type": "atomic" } }, - "required": [ - "spec" - ], + "required": [], "type": "object", "x-kubernetes-group-version-kind": [ { - "group": "template.openshift.io", - "kind": "BrokerTemplateInstance", + "group": "", + "kind": "Endpoints", "version": "v1" } ] }, - "template.openshift.io/v1/BrokerTemplateInstanceList": { - "description": "BrokerTemplateInstanceList is a list of BrokerTemplateInstance objects.\n\nCompatibility level 1: Stable within a major release for a minimum of 12 months or 3 minor releases (whichever is longer).", + "v1/EndpointsList": { + "description": "EndpointsList is a list of endpoints. Deprecated: This API is deprecated in v1.33+.", "namespaced": true, "properties": { "apiVersion": { @@ -306285,11 +316245,11 @@ "type": "string" }, "items": { - "description": "items is a list of BrokerTemplateInstances", + "description": "List of endpoints.", "items": { "allOf": [ { - "$ref": "#/components/schemas/com.github.openshift.api.template.v1.BrokerTemplateInstance" + "$ref": "#/components/schemas/io.k8s.api.core.v1.Endpoints" } ], "default": {} @@ -306307,7 +316267,7 @@ } ], "default": {}, - "description": "metadata is the standard list's metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata" + "description": "Standard list metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" } }, "required": [ @@ -306316,34 +316276,68 @@ "type": "object", "x-kubernetes-group-version-kind": [ { - "group": "template.openshift.io", - "kind": "BrokerTemplateInstanceList", + "group": "", + "kind": "EndpointsList", "version": "v1" } ] }, - "template.openshift.io/v1/Template": { - "description": "Template contains the inputs needed to produce a Config.\n\nCompatibility level 1: Stable within a major release for a minimum of 12 months or 3 minor releases (whichever is longer).", + "v1/Event": { + "description": "Event is a report of an event somewhere in the cluster. Events have a limited retention time and triggers and messages may evolve with time. Event consumers should not rely on the timing of an event with a given Reason reflecting a consistent underlying trigger, or the continued existence of events with that Reason. Events should be treated as informative, best-effort, supplemental data.", "namespaced": true, "properties": { + "action": { + "description": "What action was taken/failed regarding to the Regarding object.", + "type": "string" + }, "apiVersion": { "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources", "type": "string" }, + "count": { + "description": "The number of times this event has occurred.", + "format": "int32", + "type": "integer" + }, + "eventTime": { + "allOf": [ + { + "$ref": "#/components/schemas/io.k8s.apimachinery.pkg.apis.meta.v1.MicroTime" + } + ], + "description": "Time when this Event was first observed." + }, + "firstTimestamp": { + "allOf": [ + { + "$ref": "#/components/schemas/io.k8s.apimachinery.pkg.apis.meta.v1.Time" + } + ], + "description": "The time at which the event was first recorded. (Time of server receipt is in TypeMeta.)" + }, + "involvedObject": { + "allOf": [ + { + "$ref": "#/components/schemas/io.k8s.api.core.v1.ObjectReference" + } + ], + "default": {}, + "description": "The object that this event is about." + }, "kind": { "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", "type": "string" }, - "labels": { - "additionalProperties": { - "default": "", - "type": "string" - }, - "description": "labels is a optional set of labels that are applied to every object during the Template to Config transformation.", - "type": "object" + "lastTimestamp": { + "allOf": [ + { + "$ref": "#/components/schemas/io.k8s.apimachinery.pkg.apis.meta.v1.Time" + } + ], + "description": "The time at which the most recent occurrence of this event was recorded." }, "message": { - "description": "message is an optional instructional message that will be displayed when this template is instantiated. This field should inform the user how to utilize the newly created resources. Parameter substitution will be performed on the message before being displayed so that generated credentials and other parameters can be included in the output.", + "description": "A human-readable description of the status of this operation.", "type": "string" }, "metadata": { @@ -306353,94 +316347,67 @@ } ], "default": {}, - "description": "metadata is the standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata" - }, - "objects": { - "description": "objects is an array of resources to include in this template. If a namespace value is hardcoded in the object, it will be removed during template instantiation, however if the namespace value is, or contains, a ${PARAMETER_REFERENCE}, the resolved value after parameter substitution will be respected and the object will be created in that namespace.", - "items": { - "$ref": "#/components/schemas/io.k8s.apimachinery.pkg.runtime.RawExtension" - }, - "type": "array" - }, - "parameters": { - "description": "parameters is an optional array of Parameters used during the Template to Config transformation.", - "items": { - "allOf": [ - { - "$ref": "#/components/schemas/com.github.openshift.api.template.v1.Parameter" - } - ], - "default": {} - }, - "type": "array" - } - }, - "required": [ - "objects" - ], - "type": "object", - "x-kubernetes-group-version-kind": [ - { - "group": "template.openshift.io", - "kind": "Template", - "version": "v1" - } - ] - }, - "template.openshift.io/v1/TemplateInstance": { - "description": "TemplateInstance requests and records the instantiation of a Template. TemplateInstance is part of an experimental API.\n\nCompatibility level 1: Stable within a major release for a minimum of 12 months or 3 minor releases (whichever is longer).", - "namespaced": true, - "properties": { - "apiVersion": { - "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources", - "type": "string" + "description": "Standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata" }, - "kind": { - "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", + "reason": { + "description": "This should be a short, machine understandable string that gives the reason for the transition into the object's current status.", "type": "string" }, - "metadata": { + "related": { "allOf": [ { - "$ref": "#/components/schemas/io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta" + "$ref": "#/components/schemas/io.k8s.api.core.v1.ObjectReference" } ], - "default": {}, - "description": "metadata is the standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata" + "description": "Optional secondary object for more complex actions." }, - "spec": { + "reportingComponent": { + "default": "", + "description": "Name of the controller that emitted this Event, e.g. `kubernetes.io/kubelet`.", + "type": "string" + }, + "reportingInstance": { + "default": "", + "description": "ID of the controller instance, e.g. `kubelet-xyzf`.", + "type": "string" + }, + "series": { "allOf": [ { - "$ref": "#/components/schemas/com.github.openshift.api.template.v1.TemplateInstanceSpec" + "$ref": "#/components/schemas/io.k8s.api.core.v1.EventSeries" } ], - "default": {}, - "description": "spec describes the desired state of this TemplateInstance." + "description": "Data about the Event series this event represents or nil if it's a singleton Event." }, - "status": { + "source": { "allOf": [ { - "$ref": "#/components/schemas/com.github.openshift.api.template.v1.TemplateInstanceStatus" + "$ref": "#/components/schemas/io.k8s.api.core.v1.EventSource" } ], "default": {}, - "description": "status describes the current state of this TemplateInstance." + "description": "The component reporting this event. Should be a short machine understandable string." + }, + "type": { + "description": "Type of this event (Normal, Warning), new types could be added in the future", + "type": "string" } }, "required": [ - "spec" + "metadata", + "involvedObject" ], "type": "object", "x-kubernetes-group-version-kind": [ { - "group": "template.openshift.io", - "kind": "TemplateInstance", + "group": "", + "kind": "Event", "version": "v1" } ] }, - "template.openshift.io/v1/TemplateInstanceList": { - "description": "TemplateInstanceList is a list of TemplateInstance objects.\n\nCompatibility level 1: Stable within a major release for a minimum of 12 months or 3 minor releases (whichever is longer).", + "v1/EventList": { + "description": "EventList is a list of events.", "namespaced": true, "properties": { "apiVersion": { @@ -306448,11 +316415,11 @@ "type": "string" }, "items": { - "description": "items is a list of Templateinstances", + "description": "List of events", "items": { "allOf": [ { - "$ref": "#/components/schemas/com.github.openshift.api.template.v1.TemplateInstance" + "$ref": "#/components/schemas/io.k8s.api.core.v1.Event" } ], "default": {} @@ -306470,7 +316437,7 @@ } ], "default": {}, - "description": "metadata is the standard list's metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata" + "description": "Standard list metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" } }, "required": [ @@ -306479,14 +316446,55 @@ "type": "object", "x-kubernetes-group-version-kind": [ { - "group": "template.openshift.io", - "kind": "TemplateInstanceList", + "group": "", + "kind": "EventList", "version": "v1" } ] }, - "template.openshift.io/v1/TemplateList": { - "description": "TemplateList is a list of Template objects.\n\nCompatibility level 1: Stable within a major release for a minimum of 12 months or 3 minor releases (whichever is longer).", + "v1/LimitRange": { + "description": "LimitRange sets resource usage limits for each kind of resource in a Namespace.", + "namespaced": true, + "properties": { + "apiVersion": { + "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources", + "type": "string" + }, + "kind": { + "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", + "type": "string" + }, + "metadata": { + "allOf": [ + { + "$ref": "#/components/schemas/io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta" + } + ], + "default": {}, + "description": "Standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata" + }, + "spec": { + "allOf": [ + { + "$ref": "#/components/schemas/io.k8s.api.core.v1.LimitRangeSpec" + } + ], + "default": {}, + "description": "Spec defines the limits enforced. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status" + } + }, + "required": [], + "type": "object", + "x-kubernetes-group-version-kind": [ + { + "group": "", + "kind": "LimitRange", + "version": "v1" + } + ] + }, + "v1/LimitRangeList": { + "description": "LimitRangeList is a list of LimitRange items.", "namespaced": true, "properties": { "apiVersion": { @@ -306494,11 +316502,11 @@ "type": "string" }, "items": { - "description": "Items is a list of templates", + "description": "Items is a list of LimitRange objects. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/", "items": { "allOf": [ { - "$ref": "#/components/schemas/com.github.openshift.api.template.v1.Template" + "$ref": "#/components/schemas/io.k8s.api.core.v1.LimitRange" } ], "default": {} @@ -306516,7 +316524,7 @@ } ], "default": {}, - "description": "metadata is the standard list's metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata" + "description": "Standard list metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" } }, "required": [ @@ -306525,15 +316533,15 @@ "type": "object", "x-kubernetes-group-version-kind": [ { - "group": "template.openshift.io", - "kind": "TemplateList", + "group": "", + "kind": "LimitRangeList", "version": "v1" } ] }, - "tuned.openshift.io/v1/Profile": { - "description": "Profile is a specification for a Profile resource.", - "namespaced": true, + "v1/Namespace": { + "description": "Namespace provides a scope for Names. Use of multiple namespaces is optional.", + "namespaced": false, "properties": { "apiVersion": { "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources", @@ -306549,140 +316557,40 @@ "$ref": "#/components/schemas/io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta" } ], + "default": {}, "description": "Standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata" }, "spec": { - "properties": { - "config": { - "properties": { - "debug": { - "description": "option to debug TuneD daemon execution", - "type": "boolean" - }, - "providerName": { - "description": "Name of the cloud provider as taken from the Node providerID: ://", - "type": "string" - }, - "tunedConfig": { - "description": "Global configuration for the TuneD daemon as defined in tuned-main.conf", - "properties": { - "reapply_sysctl": { - "description": "turn reapply_sysctl functionality on/off for the TuneD daemon: true/false", - "type": "boolean" - } - }, - "type": "object" - }, - "tunedProfile": { - "description": "TuneD profile to apply", - "type": "string" - }, - "verbosity": { - "description": "klog logging verbosity", - "type": "integer" - } - }, - "required": [ - "tunedProfile" - ], - "type": "object" - }, - "profile": { - "description": "Tuned profiles.", - "items": { - "description": "A Tuned profile.", - "properties": { - "data": { - "description": "Specification of the Tuned profile to be consumed by the Tuned daemon.", - "type": "string" - }, - "name": { - "description": "Name of the Tuned profile to be used in the recommend section.", - "minLength": 1, - "type": "string" - } - }, - "required": [ - "data", - "name" - ], - "type": "object" - }, - "type": "array" + "allOf": [ + { + "$ref": "#/components/schemas/io.k8s.api.core.v1.NamespaceSpec" } - }, - "required": [ - "config" ], - "type": "object" + "default": {}, + "description": "Spec defines the behavior of the Namespace. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status" }, "status": { - "description": "ProfileStatus is the status for a Profile resource; the status is for internal use only\nand its fields may be changed/removed in the future.", - "properties": { - "conditions": { - "description": "conditions represents the state of the per-node Profile application", - "items": { - "description": "StatusCondition represents a partial state of the per-node Profile application.", - "properties": { - "lastTransitionTime": { - "description": "lastTransitionTime is the time of the last update to the current status property.", - "format": "date-time", - "type": "string" - }, - "message": { - "description": "message provides additional information about the current condition.\nThis is only to be consumed by humans.", - "type": "string" - }, - "reason": { - "description": "reason is the CamelCase reason for the condition's current status.", - "type": "string" - }, - "status": { - "description": "status of the condition, one of True, False, Unknown.", - "type": "string" - }, - "type": { - "description": "type specifies the aspect reported by this condition.", - "type": "string" - } - }, - "required": [ - "lastTransitionTime", - "status", - "type" - ], - "type": "object" - }, - "type": "array" - }, - "observedGeneration": { - "description": "If set, this represents the .metadata.generation that the conditions were set based upon.", - "format": "int64", - "type": "integer" - }, - "tunedProfile": { - "description": "the current profile in use by the Tuned daemon", - "type": "string" + "allOf": [ + { + "$ref": "#/components/schemas/io.k8s.api.core.v1.NamespaceStatus" } - }, - "required": [ - "tunedProfile" ], - "type": "object" + "default": {}, + "description": "Status describes the current status of a Namespace. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status" } }, "required": [], "type": "object", "x-kubernetes-group-version-kind": [ { - "group": "tuned.openshift.io", - "kind": "Profile", + "group": "", + "kind": "Namespace", "version": "v1" } ] }, - "tuned.openshift.io/v1/ProfileList": { - "description": "ProfileList is a list of Profile", + "v1/NamespaceList": { + "description": "NamespaceList is a list of Namespaces.", "namespaced": true, "properties": { "apiVersion": { @@ -306690,9 +316598,14 @@ "type": "string" }, "items": { - "description": "List of profiles. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md", + "description": "Items is the list of Namespace objects in the list. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/", "items": { - "$ref": "#/components/schemas/io.openshift.tuned.v1.Profile" + "allOf": [ + { + "$ref": "#/components/schemas/io.k8s.api.core.v1.Namespace" + } + ], + "default": {} }, "type": "array" }, @@ -306706,6 +316619,7 @@ "$ref": "#/components/schemas/io.k8s.apimachinery.pkg.apis.meta.v1.ListMeta" } ], + "default": {}, "description": "Standard list metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" } }, @@ -306715,15 +316629,15 @@ "type": "object", "x-kubernetes-group-version-kind": [ { - "group": "tuned.openshift.io", - "kind": "ProfileList", + "group": "", + "kind": "NamespaceList", "version": "v1" } ] }, - "tuned.openshift.io/v1/Tuned": { - "description": "Tuned is a collection of rules that allows cluster-wide deployment\nof node-level sysctls and more flexibility to add custom tuning\nspecified by user needs. These rules are translated and passed to all\ncontainerized Tuned daemons running in the cluster in the format that\nthe daemons understand. The responsibility for applying the node-level\ntuning then lies with the containerized Tuned daemons. More info:\nhttps://github.com/openshift/cluster-node-tuning-operator", - "namespaced": true, + "v1/Node": { + "description": "Node is a worker node in Kubernetes. Each node will have a unique identifier in the cache (i.e. in etcd).", + "namespaced": false, "properties": { "apiVersion": { "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources", @@ -306739,190 +316653,40 @@ "$ref": "#/components/schemas/io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta" } ], + "default": {}, "description": "Standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata" }, "spec": { - "description": "spec is the specification of the desired behavior of Tuned. More info:\nhttps://git.k8s.io/community/contributors/devel/api-conventions.md#spec-and-status", - "properties": { - "managementState": { - "description": "managementState indicates whether the registry instance represented\nby this config instance is under operator management or not. Valid\nvalues are Force, Managed, Unmanaged, and Removed.", - "pattern": "^(Managed|Unmanaged|Force|Removed)$", - "type": "string" - }, - "profile": { - "description": "Tuned profiles.", - "items": { - "description": "A Tuned profile.", - "properties": { - "data": { - "description": "Specification of the Tuned profile to be consumed by the Tuned daemon.", - "type": "string" - }, - "name": { - "description": "Name of the Tuned profile to be used in the recommend section.", - "minLength": 1, - "type": "string" - } - }, - "required": [ - "data", - "name" - ], - "type": "object" - }, - "type": "array" - }, - "recommend": { - "description": "Selection logic for all Tuned profiles.", - "items": { - "description": "Selection logic for a single Tuned profile.", - "properties": { - "machineConfigLabels": { - "additionalProperties": { - "type": "string" - }, - "description": "MachineConfigLabels specifies the labels for a MachineConfig. The MachineConfig is created\nautomatically to apply additional host settings (e.g. kernel boot parameters) profile 'Profile'\nneeds and can only be applied by creating a MachineConfig. This involves finding all\nMachineConfigPools with machineConfigSelector matching the MachineConfigLabels and setting the\nprofile 'Profile' on all nodes that match the MachineConfigPools' nodeSelectors.", - "type": "object" - }, - "match": { - "description": "Rules governing application of a Tuned profile connected by logical OR operator.", - "items": { - "description": "Rules governing application of a Tuned profile.", - "properties": { - "label": { - "description": "Node or Pod label name.", - "type": "string" - }, - "match": { - "description": "Additional rules governing application of the tuned profile connected by logical AND operator.", - "items": { - "type": "object", - "x-kubernetes-preserve-unknown-fields": true - }, - "type": "array" - }, - "type": { - "description": "Match type: [node/pod]. If omitted, \"node\" is assumed.", - "enum": [ - "node", - "pod" - ], - "type": "string" - }, - "value": { - "description": "Node or Pod label value. If omitted, the presence of label name is enough to match.", - "type": "string" - } - }, - "required": [ - "label" - ], - "type": "object" - }, - "type": "array" - }, - "operand": { - "description": "Optional operand configuration.", - "properties": { - "debug": { - "description": "turn debugging on/off for the TuneD daemon: true/false (default is false)", - "type": "boolean" - }, - "tunedConfig": { - "description": "Global configuration for the TuneD daemon as defined in tuned-main.conf", - "properties": { - "reapply_sysctl": { - "description": "turn reapply_sysctl functionality on/off for the TuneD daemon: true/false", - "type": "boolean" - } - }, - "type": "object" - }, - "verbosity": { - "description": "klog logging verbosity", - "type": "integer" - } - }, - "type": "object" - }, - "priority": { - "description": "Tuned profile priority. Highest priority is 0.", - "format": "int64", - "minimum": 0, - "type": "integer" - }, - "profile": { - "description": "Name of the Tuned profile to recommend.", - "minLength": 1, - "type": "string" - } - }, - "required": [ - "priority", - "profile" - ], - "type": "object" - }, - "type": "array" + "allOf": [ + { + "$ref": "#/components/schemas/io.k8s.api.core.v1.NodeSpec" } - }, - "type": "object" + ], + "default": {}, + "description": "Spec defines the behavior of a node. https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status" }, "status": { - "description": "TunedStatus is the status for a Tuned resource.", - "properties": { - "conditions": { - "description": "conditions represents the state of the Tuned profile", - "items": { - "description": "StatusCondition represents a partial state of the per-node Profile application.", - "properties": { - "lastTransitionTime": { - "description": "lastTransitionTime is the time of the last update to the current status property.", - "format": "date-time", - "type": "string" - }, - "message": { - "description": "message provides additional information about the current condition.\nThis is only to be consumed by humans.", - "type": "string" - }, - "reason": { - "description": "reason is the CamelCase reason for the condition's current status.", - "type": "string" - }, - "status": { - "description": "status of the condition, one of True, False, Unknown.", - "type": "string" - }, - "type": { - "description": "type specifies the aspect reported by this condition.", - "type": "string" - } - }, - "required": [ - "lastTransitionTime", - "status", - "type" - ], - "type": "object" - }, - "type": "array" + "allOf": [ + { + "$ref": "#/components/schemas/io.k8s.api.core.v1.NodeStatus" } - }, - "type": "object" + ], + "default": {}, + "description": "Most recently observed status of the node. Populated by the system. Read-only. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status" } }, "required": [], "type": "object", "x-kubernetes-group-version-kind": [ { - "group": "tuned.openshift.io", - "kind": "Tuned", + "group": "", + "kind": "Node", "version": "v1" } ] }, - "tuned.openshift.io/v1/TunedList": { - "description": "TunedList is a list of Tuned", + "v1/NodeList": { + "description": "NodeList is the whole list of all Nodes which have been registered with master.", "namespaced": true, "properties": { "apiVersion": { @@ -306930,9 +316694,14 @@ "type": "string" }, "items": { - "description": "List of tuneds. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md", + "description": "List of nodes", "items": { - "$ref": "#/components/schemas/io.openshift.tuned.v1.Tuned" + "allOf": [ + { + "$ref": "#/components/schemas/io.k8s.api.core.v1.Node" + } + ], + "default": {} }, "type": "array" }, @@ -306946,6 +316715,7 @@ "$ref": "#/components/schemas/io.k8s.apimachinery.pkg.apis.meta.v1.ListMeta" } ], + "default": {}, "description": "Standard list metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" } }, @@ -306955,14 +316725,14 @@ "type": "object", "x-kubernetes-group-version-kind": [ { - "group": "tuned.openshift.io", - "kind": "TunedList", + "group": "", + "kind": "NodeList", "version": "v1" } ] }, - "user.openshift.io/v1/Group": { - "description": "Group represents a referenceable set of Users\n\nCompatibility level 1: Stable within a major release for a minimum of 12 months or 3 minor releases (whichever is longer).", + "v1/PersistentVolume": { + "description": "PersistentVolume (PV) is a storage resource provisioned by an administrator. It is analogous to a node. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes", "namespaced": false, "properties": { "apiVersion": { @@ -306980,91 +316750,45 @@ } ], "default": {}, - "description": "metadata is the standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata" - }, - "users": { - "description": "users is the list of users in this group.", - "items": { - "default": "", - "type": "string" - }, - "type": "array" - } - }, - "required": [ - "users" - ], - "type": "object", - "x-kubernetes-group-version-kind": [ - { - "group": "user.openshift.io", - "kind": "Group", - "version": "v1" - } - ] - }, - "user.openshift.io/v1/GroupList": { - "description": "GroupList is a collection of Groups\n\nCompatibility level 1: Stable within a major release for a minimum of 12 months or 3 minor releases (whichever is longer).", - "namespaced": true, - "properties": { - "apiVersion": { - "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources", - "type": "string" - }, - "items": { - "description": "items is the list of groups", - "items": { - "allOf": [ - { - "$ref": "#/components/schemas/com.github.openshift.api.user.v1.Group" - } - ], - "default": {} - }, - "type": "array" + "description": "Standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata" }, - "kind": { - "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", - "type": "string" + "spec": { + "allOf": [ + { + "$ref": "#/components/schemas/io.k8s.api.core.v1.PersistentVolumeSpec" + } + ], + "default": {}, + "description": "spec defines a specification of a persistent volume owned by the cluster. Provisioned by an administrator. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistent-volumes" }, - "metadata": { + "status": { "allOf": [ { - "$ref": "#/components/schemas/io.k8s.apimachinery.pkg.apis.meta.v1.ListMeta" + "$ref": "#/components/schemas/io.k8s.api.core.v1.PersistentVolumeStatus" } ], "default": {}, - "description": "metadata is the standard list's metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata" + "description": "status represents the current information/status for the persistent volume. Populated by the system. Read-only. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistent-volumes" } }, - "required": [ - "items" - ], + "required": [], "type": "object", "x-kubernetes-group-version-kind": [ { - "group": "user.openshift.io", - "kind": "GroupList", + "group": "", + "kind": "PersistentVolume", "version": "v1" } ] }, - "user.openshift.io/v1/Identity": { - "description": "Identity records a successful authentication of a user with an identity provider. The information about the source of authentication is stored on the identity, and the identity is then associated with a single user object. Multiple identities can reference a single user. Information retrieved from the authentication provider is stored in the extra field using a schema determined by the provider.\n\nCompatibility level 1: Stable within a major release for a minimum of 12 months or 3 minor releases (whichever is longer).", - "namespaced": false, + "v1/PersistentVolumeClaim": { + "description": "PersistentVolumeClaim is a user's request for and claim to a persistent volume", + "namespaced": true, "properties": { "apiVersion": { "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources", "type": "string" }, - "extra": { - "additionalProperties": { - "default": "", - "type": "string" - }, - "description": "extra holds extra information about this identity", - "type": "object" - }, "kind": { "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", "type": "string" @@ -307076,44 +316800,39 @@ } ], "default": {}, - "description": "metadata is the standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata" - }, - "providerName": { - "default": "", - "description": "providerName is the source of identity information", - "type": "string" + "description": "Standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata" }, - "providerUserName": { - "default": "", - "description": "providerUserName uniquely represents this identity in the scope of the provider", - "type": "string" + "spec": { + "allOf": [ + { + "$ref": "#/components/schemas/io.k8s.api.core.v1.PersistentVolumeClaimSpec" + } + ], + "default": {}, + "description": "spec defines the desired characteristics of a volume requested by a pod author. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims" }, - "user": { + "status": { "allOf": [ { - "$ref": "#/components/schemas/io.k8s.api.core.v1.ObjectReference" + "$ref": "#/components/schemas/io.k8s.api.core.v1.PersistentVolumeClaimStatus" } ], "default": {}, - "description": "user is a reference to the user this identity is associated with Both Name and UID must be set" + "description": "status represents the current information/status of a persistent volume claim. Read-only. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims" } }, - "required": [ - "providerName", - "providerUserName", - "user" - ], + "required": [], "type": "object", "x-kubernetes-group-version-kind": [ { - "group": "user.openshift.io", - "kind": "Identity", + "group": "", + "kind": "PersistentVolumeClaim", "version": "v1" } ] }, - "user.openshift.io/v1/IdentityList": { - "description": "IdentityList is a collection of Identities\n\nCompatibility level 1: Stable within a major release for a minimum of 12 months or 3 minor releases (whichever is longer).", + "v1/PersistentVolumeClaimList": { + "description": "PersistentVolumeClaimList is a list of PersistentVolumeClaim items.", "namespaced": true, "properties": { "apiVersion": { @@ -307121,11 +316840,11 @@ "type": "string" }, "items": { - "description": "items is the list of identities", + "description": "items is a list of persistent volume claims. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims", "items": { "allOf": [ { - "$ref": "#/components/schemas/com.github.openshift.api.user.v1.Identity" + "$ref": "#/components/schemas/io.k8s.api.core.v1.PersistentVolumeClaim" } ], "default": {} @@ -307143,7 +316862,7 @@ } ], "default": {}, - "description": "metadata is the standard list's metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata" + "description": "Standard list metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" } }, "required": [ @@ -307152,37 +316871,29 @@ "type": "object", "x-kubernetes-group-version-kind": [ { - "group": "user.openshift.io", - "kind": "IdentityList", + "group": "", + "kind": "PersistentVolumeClaimList", "version": "v1" } ] }, - "user.openshift.io/v1/User": { - "description": "Upon log in, every user of the system receives a User and Identity resource. Administrators may directly manipulate the attributes of the users for their own tracking, or set groups via the API. The user name is unique and is chosen based on the value provided by the identity provider - if a user already exists with the incoming name, the user name may have a number appended to it depending on the configuration of the system.\n\nCompatibility level 1: Stable within a major release for a minimum of 12 months or 3 minor releases (whichever is longer).", - "namespaced": false, + "v1/PersistentVolumeList": { + "description": "PersistentVolumeList is a list of PersistentVolume items.", + "namespaced": true, "properties": { "apiVersion": { "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources", "type": "string" }, - "fullName": { - "description": "fullName is the full name of user", - "type": "string" - }, - "groups": { - "description": "groups specifies group names this user is a member of. This field is deprecated and will be removed in a future release. Instead, create a Group object containing the name of this User.", - "items": { - "default": "", - "type": "string" - }, - "type": "array" - }, - "identities": { - "description": "identities are the identities associated with this user", + "items": { + "description": "items is a list of persistent volumes. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes", "items": { - "default": "", - "type": "string" + "allOf": [ + { + "$ref": "#/components/schemas/io.k8s.api.core.v1.PersistentVolume" + } + ], + "default": {} }, "type": "array" }, @@ -307193,42 +316904,33 @@ "metadata": { "allOf": [ { - "$ref": "#/components/schemas/io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta" + "$ref": "#/components/schemas/io.k8s.apimachinery.pkg.apis.meta.v1.ListMeta" } ], "default": {}, - "description": "metadata is the standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata" + "description": "Standard list metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" } }, "required": [ - "groups" + "items" ], "type": "object", "x-kubernetes-group-version-kind": [ { - "group": "user.openshift.io", - "kind": "User", + "group": "", + "kind": "PersistentVolumeList", "version": "v1" } ] }, - "user.openshift.io/v1/UserIdentityMapping": { - "description": "UserIdentityMapping maps a user to an identity\n\nCompatibility level 1: Stable within a major release for a minimum of 12 months or 3 minor releases (whichever is longer).", - "namespaced": false, + "v1/Pod": { + "description": "Pod is a collection of containers that can run on a host. This resource is created by clients and scheduled onto hosts.", + "namespaced": true, "properties": { "apiVersion": { "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources", "type": "string" }, - "identity": { - "allOf": [ - { - "$ref": "#/components/schemas/io.k8s.api.core.v1.ObjectReference" - } - ], - "default": {}, - "description": "identity is a reference to an identity" - }, "kind": { "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", "type": "string" @@ -307240,30 +316942,39 @@ } ], "default": {}, - "description": "metadata is the standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata" + "description": "Standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata" }, - "user": { + "spec": { "allOf": [ { - "$ref": "#/components/schemas/io.k8s.api.core.v1.ObjectReference" + "$ref": "#/components/schemas/io.k8s.api.core.v1.PodSpec" } ], "default": {}, - "description": "user is a reference to a user" + "description": "Specification of the desired behavior of the pod. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status" + }, + "status": { + "allOf": [ + { + "$ref": "#/components/schemas/io.k8s.api.core.v1.PodStatus" + } + ], + "default": {}, + "description": "Most recently observed status of the pod. This data may not be up to date. Populated by the system. Read-only. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status" } }, "required": [], "type": "object", "x-kubernetes-group-version-kind": [ { - "group": "user.openshift.io", - "kind": "UserIdentityMapping", + "group": "", + "kind": "Pod", "version": "v1" } ] }, - "user.openshift.io/v1/UserList": { - "description": "UserList is a collection of Users\n\nCompatibility level 1: Stable within a major release for a minimum of 12 months or 3 minor releases (whichever is longer).", + "v1/PodList": { + "description": "PodList is a list of Pods.", "namespaced": true, "properties": { "apiVersion": { @@ -307271,11 +316982,11 @@ "type": "string" }, "items": { - "description": "items is the list of users", + "description": "List of pods. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md", "items": { "allOf": [ { - "$ref": "#/components/schemas/com.github.openshift.api.user.v1.User" + "$ref": "#/components/schemas/io.k8s.api.core.v1.Pod" } ], "default": {} @@ -307293,7 +317004,7 @@ } ], "default": {}, - "description": "metadata is the standard list's metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata" + "description": "Standard list metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" } }, "required": [ @@ -307302,14 +317013,14 @@ "type": "object", "x-kubernetes-group-version-kind": [ { - "group": "user.openshift.io", - "kind": "UserList", + "group": "", + "kind": "PodList", "version": "v1" } ] }, - "v1/APIGroup": { - "description": "APIGroup contains the name, the supported versions, and the preferred version of a group.", + "v1/PodTemplate": { + "description": "PodTemplate describes a template for creating copies of a predefined pod.", "namespaced": true, "properties": { "apiVersion": { @@ -307320,74 +317031,49 @@ "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", "type": "string" }, - "name": { - "default": "", - "description": "name is the name of the group.", - "type": "string" - }, - "preferredVersion": { + "metadata": { "allOf": [ { - "$ref": "#/components/schemas/io.k8s.apimachinery.pkg.apis.meta.v1.GroupVersionForDiscovery" + "$ref": "#/components/schemas/io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta" } ], "default": {}, - "description": "preferredVersion is the version preferred by the API server, which probably is the storage version." - }, - "serverAddressByClientCIDRs": { - "description": "a map of client CIDR to server address that is serving this group. This is to help clients reach servers in the most network-efficient way possible. Clients can use the appropriate server address as per the CIDR that they match. In case of multiple matches, clients should use the longest matching CIDR. The server returns only those CIDRs that it thinks that the client can match. For example: the master will return an internal IP CIDR only, if the client reaches the server using an internal IP. Server looks at X-Forwarded-For header or X-Real-Ip header or request.RemoteAddr (in that order) to get the client IP.", - "items": { - "allOf": [ - { - "$ref": "#/components/schemas/io.k8s.apimachinery.pkg.apis.meta.v1.ServerAddressByClientCIDR" - } - ], - "default": {} - }, - "type": "array", - "x-kubernetes-list-type": "atomic" + "description": "Standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata" }, - "versions": { - "description": "versions are the versions supported in this group.", - "items": { - "allOf": [ - { - "$ref": "#/components/schemas/io.k8s.apimachinery.pkg.apis.meta.v1.GroupVersionForDiscovery" - } - ], - "default": {} - }, - "type": "array", - "x-kubernetes-list-type": "atomic" + "template": { + "allOf": [ + { + "$ref": "#/components/schemas/io.k8s.api.core.v1.PodTemplateSpec" + } + ], + "default": {}, + "description": "Template defines the pods that will be created from this pod template. https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status" } }, - "required": [ - "name", - "versions" - ], + "required": [], "type": "object", "x-kubernetes-group-version-kind": [ { "group": "", - "kind": "APIGroup", + "kind": "PodTemplate", "version": "v1" } ] }, - "v1/APIGroupList": { - "description": "APIGroupList is a list of APIGroup, to allow clients to discover the API at /apis.", + "v1/PodTemplateList": { + "description": "PodTemplateList is a list of PodTemplates.", "namespaced": true, "properties": { "apiVersion": { "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources", "type": "string" }, - "groups": { - "description": "groups is a list of APIGroup.", + "items": { + "description": "List of pod templates", "items": { "allOf": [ { - "$ref": "#/components/schemas/io.k8s.apimachinery.pkg.apis.meta.v1.APIGroup" + "$ref": "#/components/schemas/io.k8s.api.core.v1.PodTemplate" } ], "default": {} @@ -307397,114 +317083,127 @@ "kind": { "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", "type": "string" + }, + "metadata": { + "allOf": [ + { + "$ref": "#/components/schemas/io.k8s.apimachinery.pkg.apis.meta.v1.ListMeta" + } + ], + "default": {}, + "description": "Standard list metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" } }, "required": [ - "groups" + "items" ], "type": "object", "x-kubernetes-group-version-kind": [ { "group": "", - "kind": "APIGroupList", + "kind": "PodTemplateList", "version": "v1" } ] }, - "v1/APIResourceList": { - "description": "APIResourceList is a list of APIResource, it is used to expose the name of the resources supported in a specific group and version, and if the resource is namespaced.", + "v1/ReplicationController": { + "description": "ReplicationController represents the configuration of a replication controller.", "namespaced": true, "properties": { "apiVersion": { "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources", "type": "string" }, - "groupVersion": { - "default": "", - "description": "groupVersion is the group and version this APIResourceList is for.", - "type": "string" - }, "kind": { "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", "type": "string" }, - "resources": { - "description": "resources contains the name of the resources and if they are namespaced.", - "items": { - "allOf": [ - { - "$ref": "#/components/schemas/io.k8s.apimachinery.pkg.apis.meta.v1.APIResource" - } - ], - "default": {} - }, - "type": "array", - "x-kubernetes-list-type": "atomic" + "metadata": { + "allOf": [ + { + "$ref": "#/components/schemas/io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta" + } + ], + "default": {}, + "description": "If the Labels of a ReplicationController are empty, they are defaulted to be the same as the Pod(s) that the replication controller manages. Standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata" + }, + "spec": { + "allOf": [ + { + "$ref": "#/components/schemas/io.k8s.api.core.v1.ReplicationControllerSpec" + } + ], + "default": {}, + "description": "Spec defines the specification of the desired behavior of the replication controller. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status" + }, + "status": { + "allOf": [ + { + "$ref": "#/components/schemas/io.k8s.api.core.v1.ReplicationControllerStatus" + } + ], + "default": {}, + "description": "Status is the most recently observed status of the replication controller. This data may be out of date by some window of time. Populated by the system. Read-only. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status" } }, - "required": [ - "groupVersion", - "resources" - ], + "required": [], "type": "object", "x-kubernetes-group-version-kind": [ { "group": "", - "kind": "APIResourceList", + "kind": "ReplicationController", "version": "v1" } ] }, - "v1/APIVersions": { - "description": "APIVersions lists the versions that are available, to allow clients to discover the API at /api, which is the root path of the legacy v1 API.", + "v1/ReplicationControllerList": { + "description": "ReplicationControllerList is a collection of replication controllers.", "namespaced": true, "properties": { "apiVersion": { "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources", "type": "string" }, - "kind": { - "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", - "type": "string" - }, - "serverAddressByClientCIDRs": { - "description": "a map of client CIDR to server address that is serving this group. This is to help clients reach servers in the most network-efficient way possible. Clients can use the appropriate server address as per the CIDR that they match. In case of multiple matches, clients should use the longest matching CIDR. The server returns only those CIDRs that it thinks that the client can match. For example: the master will return an internal IP CIDR only, if the client reaches the server using an internal IP. Server looks at X-Forwarded-For header or X-Real-Ip header or request.RemoteAddr (in that order) to get the client IP.", + "items": { + "description": "List of replication controllers. More info: https://kubernetes.io/docs/concepts/workloads/controllers/replicationcontroller", "items": { "allOf": [ { - "$ref": "#/components/schemas/io.k8s.apimachinery.pkg.apis.meta.v1.ServerAddressByClientCIDR" + "$ref": "#/components/schemas/io.k8s.api.core.v1.ReplicationController" } ], "default": {} }, - "type": "array", - "x-kubernetes-list-type": "atomic" + "type": "array" }, - "versions": { - "description": "versions are the api versions that are available.", - "items": { - "default": "", - "type": "string" - }, - "type": "array", - "x-kubernetes-list-type": "atomic" + "kind": { + "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", + "type": "string" + }, + "metadata": { + "allOf": [ + { + "$ref": "#/components/schemas/io.k8s.apimachinery.pkg.apis.meta.v1.ListMeta" + } + ], + "default": {}, + "description": "Standard list metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" } }, "required": [ - "versions", - "serverAddressByClientCIDRs" + "items" ], "type": "object", "x-kubernetes-group-version-kind": [ { "group": "", - "kind": "APIVersions", + "kind": "ReplicationControllerList", "version": "v1" } ] }, - "v1/Binding": { - "description": "Binding ties one object to another; for example, a pod is bound to a node by a scheduler.", + "v1/ResourceQuota": { + "description": "ResourceQuota sets aggregate quota restrictions enforced per namespace", "namespaced": true, "properties": { "apiVersion": { @@ -307524,66 +317223,23 @@ "default": {}, "description": "Standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata" }, - "target": { + "spec": { "allOf": [ { - "$ref": "#/components/schemas/io.k8s.api.core.v1.ObjectReference" + "$ref": "#/components/schemas/io.k8s.api.core.v1.ResourceQuotaSpec" } ], "default": {}, - "description": "The target object that you want to bind to the standard object." - } - }, - "required": [ - "target" - ], - "type": "object", - "x-kubernetes-group-version-kind": [ - { - "group": "", - "kind": "Binding", - "version": "v1" - } - ] - }, - "v1/ComponentStatus": { - "description": "ComponentStatus (and ComponentStatusList) holds the cluster validation info. Deprecated: This API is deprecated in v1.19+", - "namespaced": false, - "properties": { - "apiVersion": { - "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources", - "type": "string" - }, - "conditions": { - "description": "List of component conditions observed", - "items": { - "allOf": [ - { - "$ref": "#/components/schemas/io.k8s.api.core.v1.ComponentCondition" - } - ], - "default": {} - }, - "type": "array", - "x-kubernetes-list-map-keys": [ - "type" - ], - "x-kubernetes-list-type": "map", - "x-kubernetes-patch-merge-key": "type", - "x-kubernetes-patch-strategy": "merge" - }, - "kind": { - "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", - "type": "string" + "description": "Spec defines the desired quota. https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status" }, - "metadata": { + "status": { "allOf": [ { - "$ref": "#/components/schemas/io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta" + "$ref": "#/components/schemas/io.k8s.api.core.v1.ResourceQuotaStatus" } ], "default": {}, - "description": "Standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata" + "description": "Status defines the actual enforced quota and its current usage. https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status" } }, "required": [], @@ -307591,13 +317247,13 @@ "x-kubernetes-group-version-kind": [ { "group": "", - "kind": "ComponentStatus", + "kind": "ResourceQuota", "version": "v1" } ] }, - "v1/ComponentStatusList": { - "description": "Status of all the conditions for the component as a list of ComponentStatus objects. Deprecated: This API is deprecated in v1.19+", + "v1/ResourceQuotaList": { + "description": "ResourceQuotaList is a list of ResourceQuota items.", "namespaced": true, "properties": { "apiVersion": { @@ -307605,11 +317261,11 @@ "type": "string" }, "items": { - "description": "List of ComponentStatus objects.", + "description": "Items is a list of ResourceQuota objects. More info: https://kubernetes.io/docs/concepts/policy/resource-quotas/", "items": { "allOf": [ { - "$ref": "#/components/schemas/io.k8s.api.core.v1.ComponentStatus" + "$ref": "#/components/schemas/io.k8s.api.core.v1.ResourceQuota" } ], "default": {} @@ -307637,37 +317293,29 @@ "x-kubernetes-group-version-kind": [ { "group": "", - "kind": "ComponentStatusList", + "kind": "ResourceQuotaList", "version": "v1" } ] }, - "v1/ConfigMap": { - "description": "ConfigMap holds configuration data for pods to consume.", + "v1/Secret": { + "description": "Secret holds secret data of a certain type. The total bytes of the values in the Data field must be less than MaxSecretSize bytes.", "namespaced": true, "properties": { "apiVersion": { "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources", "type": "string" }, - "binaryData": { - "additionalProperties": { - "format": "byte", - "type": "string" - }, - "description": "BinaryData contains the binary data. Each key must consist of alphanumeric characters, '-', '_' or '.'. BinaryData can contain byte sequences that are not in the UTF-8 range. The keys stored in BinaryData must not overlap with the ones in the Data field, this is enforced during validation process. Using this field will require 1.10+ apiserver and kubelet.", - "type": "object" - }, "data": { "additionalProperties": { - "default": "", + "format": "byte", "type": "string" }, - "description": "Data contains the configuration data. Each key must consist of alphanumeric characters, '-', '_' or '.'. Values with non-UTF-8 byte sequences must use the BinaryData field. The keys stored in Data must not overlap with the keys in the BinaryData field, this is enforced during validation process.", + "description": "Data contains the secret data. Each key must consist of alphanumeric characters, '-', '_' or '.'. The serialized form of the secret data is a base64 encoded string, representing the arbitrary (possibly non-string) data value here. Described in https://tools.ietf.org/html/rfc4648#section-4", "type": "object" }, "immutable": { - "description": "Immutable, if set to true, ensures that data stored in the ConfigMap cannot be updated (only object metadata can be modified). If not set to true, the field can be modified at any time. Defaulted to nil.", + "description": "Immutable, if set to true, ensures that data stored in the Secret cannot be updated (only object metadata can be modified). If not set to true, the field can be modified at any time. Defaulted to nil.", "type": "boolean" }, "kind": { @@ -307682,6 +317330,18 @@ ], "default": {}, "description": "Standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata" + }, + "stringData": { + "additionalProperties": { + "default": "", + "type": "string" + }, + "description": "stringData allows specifying non-binary secret data in string form. It is provided as a write-only input field for convenience. All keys and values are merged into the data field on write, overwriting any existing values. The stringData field is never output when reading from the API.", + "type": "object" + }, + "type": { + "description": "Used to facilitate programmatic handling of secret data. More info: https://kubernetes.io/docs/concepts/configuration/secret/#secret-types", + "type": "string" } }, "required": [], @@ -307689,13 +317349,13 @@ "x-kubernetes-group-version-kind": [ { "group": "", - "kind": "ConfigMap", + "kind": "Secret", "version": "v1" } ] }, - "v1/ConfigMapList": { - "description": "ConfigMapList is a resource containing a list of ConfigMap objects.", + "v1/SecretList": { + "description": "SecretList is a list of Secret.", "namespaced": true, "properties": { "apiVersion": { @@ -307703,11 +317363,11 @@ "type": "string" }, "items": { - "description": "Items is the list of ConfigMaps.", + "description": "Items is a list of secret objects. More info: https://kubernetes.io/docs/concepts/configuration/secret", "items": { "allOf": [ { - "$ref": "#/components/schemas/io.k8s.api.core.v1.ConfigMap" + "$ref": "#/components/schemas/io.k8s.api.core.v1.Secret" } ], "default": {} @@ -307725,7 +317385,7 @@ } ], "default": {}, - "description": "More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata" + "description": "Standard list metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" } }, "required": [ @@ -307735,13 +317395,13 @@ "x-kubernetes-group-version-kind": [ { "group": "", - "kind": "ConfigMapList", + "kind": "SecretList", "version": "v1" } ] }, - "v1/Endpoints": { - "description": "Endpoints is a collection of endpoints that implement the actual service. Example:\n\n\t Name: \"mysvc\",\n\t Subsets: [\n\t {\n\t Addresses: [{\"ip\": \"10.10.1.1\"}, {\"ip\": \"10.10.2.2\"}],\n\t Ports: [{\"name\": \"a\", \"port\": 8675}, {\"name\": \"b\", \"port\": 309}]\n\t },\n\t {\n\t Addresses: [{\"ip\": \"10.10.3.3\"}],\n\t Ports: [{\"name\": \"a\", \"port\": 93}, {\"name\": \"b\", \"port\": 76}]\n\t },\n\t]\n\nEndpoints is a legacy API and does not contain information about all Service features. Use discoveryv1.EndpointSlice for complete information about Service endpoints.\n\nDeprecated: This API is deprecated in v1.33+. Use discoveryv1.EndpointSlice.", + "v1/Service": { + "description": "Service is a named abstraction of software service (for example, mysql) consisting of local port (for example 3306) that the proxy listens on, and the selector that determines which pods will answer requests sent through the proxy.", "namespaced": true, "properties": { "apiVersion": { @@ -307761,18 +317421,90 @@ "default": {}, "description": "Standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata" }, - "subsets": { - "description": "The set of all endpoints is the union of all subsets. Addresses are placed into subsets according to the IPs they share. A single address with multiple ports, some of which are ready and some of which are not (because they come from different containers) will result in the address being displayed in different subsets for the different ports. No address will appear in both Addresses and NotReadyAddresses in the same subset. Sets of addresses and ports that comprise a service.", + "spec": { + "allOf": [ + { + "$ref": "#/components/schemas/io.k8s.api.core.v1.ServiceSpec" + } + ], + "default": {}, + "description": "Spec defines the behavior of a service. https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status" + }, + "status": { + "allOf": [ + { + "$ref": "#/components/schemas/io.k8s.api.core.v1.ServiceStatus" + } + ], + "default": {}, + "description": "Most recently observed status of the service. Populated by the system. Read-only. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status" + } + }, + "required": [], + "type": "object", + "x-kubernetes-group-version-kind": [ + { + "group": "", + "kind": "Service", + "version": "v1" + } + ] + }, + "v1/ServiceAccount": { + "description": "ServiceAccount binds together: * a name, understood by users, and perhaps by peripheral systems, for an identity * a principal that can be authenticated and authorized * a set of secrets", + "namespaced": true, + "properties": { + "apiVersion": { + "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources", + "type": "string" + }, + "automountServiceAccountToken": { + "description": "AutomountServiceAccountToken indicates whether pods running as this service account should have an API token automatically mounted. Can be overridden at the pod level.", + "type": "boolean" + }, + "imagePullSecrets": { + "description": "ImagePullSecrets is a list of references to secrets in the same namespace to use for pulling any images in pods that reference this ServiceAccount. ImagePullSecrets are distinct from Secrets because Secrets can be mounted in the pod, but ImagePullSecrets are only accessed by the kubelet. More info: https://kubernetes.io/docs/concepts/containers/images/#specifying-imagepullsecrets-on-a-pod", "items": { "allOf": [ { - "$ref": "#/components/schemas/io.k8s.api.core.v1.EndpointSubset" + "$ref": "#/components/schemas/io.k8s.api.core.v1.LocalObjectReference" } ], "default": {} }, "type": "array", "x-kubernetes-list-type": "atomic" + }, + "kind": { + "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", + "type": "string" + }, + "metadata": { + "allOf": [ + { + "$ref": "#/components/schemas/io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta" + } + ], + "default": {}, + "description": "Standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata" + }, + "secrets": { + "description": "Secrets is a list of the secrets in the same namespace that pods running using this ServiceAccount are allowed to use. Pods are only limited to this list if this service account has a \"kubernetes.io/enforce-mountable-secrets\" annotation set to \"true\". The \"kubernetes.io/enforce-mountable-secrets\" annotation is deprecated since v1.32. Prefer separate namespaces to isolate access to mounted secrets. This field should not be used to find auto-generated service account token secrets for use outside of pods. Instead, tokens can be requested directly using the TokenRequest API, or service account token secrets can be manually created. More info: https://kubernetes.io/docs/concepts/configuration/secret", + "items": { + "allOf": [ + { + "$ref": "#/components/schemas/io.k8s.api.core.v1.ObjectReference" + } + ], + "default": {} + }, + "type": "array", + "x-kubernetes-list-map-keys": [ + "name" + ], + "x-kubernetes-list-type": "map", + "x-kubernetes-patch-merge-key": "name", + "x-kubernetes-patch-strategy": "merge" } }, "required": [], @@ -307780,13 +317512,13 @@ "x-kubernetes-group-version-kind": [ { "group": "", - "kind": "Endpoints", + "kind": "ServiceAccount", "version": "v1" } ] }, - "v1/EndpointsList": { - "description": "EndpointsList is a list of endpoints. Deprecated: This API is deprecated in v1.33+.", + "v1/ServiceAccountList": { + "description": "ServiceAccountList is a list of ServiceAccount objects", "namespaced": true, "properties": { "apiVersion": { @@ -307794,11 +317526,11 @@ "type": "string" }, "items": { - "description": "List of endpoints.", + "description": "List of ServiceAccounts. More info: https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/", "items": { "allOf": [ { - "$ref": "#/components/schemas/io.k8s.api.core.v1.Endpoints" + "$ref": "#/components/schemas/io.k8s.api.core.v1.ServiceAccount" } ], "default": {} @@ -307826,65 +317558,82 @@ "x-kubernetes-group-version-kind": [ { "group": "", - "kind": "EndpointsList", + "kind": "ServiceAccountList", "version": "v1" } ] }, - "v1/Event": { - "description": "Event is a report of an event somewhere in the cluster. Events have a limited retention time and triggers and messages may evolve with time. Event consumers should not rely on the timing of an event with a given Reason reflecting a consistent underlying trigger, or the continued existence of events with that Reason. Events should be treated as informative, best-effort, supplemental data.", + "v1/ServiceList": { + "description": "ServiceList holds a list of services.", "namespaced": true, "properties": { - "action": { - "description": "What action was taken/failed regarding to the Regarding object.", - "type": "string" - }, "apiVersion": { "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources", "type": "string" }, - "count": { - "description": "The number of times this event has occurred.", - "format": "int32", - "type": "integer" + "items": { + "description": "List of services", + "items": { + "allOf": [ + { + "$ref": "#/components/schemas/io.k8s.api.core.v1.Service" + } + ], + "default": {} + }, + "type": "array" }, - "eventTime": { - "allOf": [ - { - "$ref": "#/components/schemas/io.k8s.apimachinery.pkg.apis.meta.v1.MicroTime" - } - ], - "description": "Time when this Event was first observed." + "kind": { + "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", + "type": "string" }, - "firstTimestamp": { + "metadata": { "allOf": [ { - "$ref": "#/components/schemas/io.k8s.apimachinery.pkg.apis.meta.v1.Time" + "$ref": "#/components/schemas/io.k8s.apimachinery.pkg.apis.meta.v1.ListMeta" } ], - "description": "The time at which the event was first recorded. (Time of server receipt is in TypeMeta.)" + "default": {}, + "description": "Standard list metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + } + }, + "required": [ + "items" + ], + "type": "object", + "x-kubernetes-group-version-kind": [ + { + "group": "", + "kind": "ServiceList", + "version": "v1" + } + ] + }, + "v1/Status": { + "description": "Status is a return value for calls that don't return other objects.", + "namespaced": true, + "properties": { + "apiVersion": { + "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources", + "type": "string" }, - "involvedObject": { + "code": { + "description": "Suggested HTTP return code for this status, 0 if not set.", + "format": "int32", + "type": "integer" + }, + "details": { "allOf": [ { - "$ref": "#/components/schemas/io.k8s.api.core.v1.ObjectReference" + "$ref": "#/components/schemas/io.k8s.apimachinery.pkg.apis.meta.v1.StatusDetails" } ], - "default": {}, - "description": "The object that this event is about." + "description": "Extended data associated with the reason. Each reason may define its own extended details. This field is optional and the data returned is not guaranteed to conform to any schema except that defined by the reason type." }, "kind": { "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", "type": "string" }, - "lastTimestamp": { - "allOf": [ - { - "$ref": "#/components/schemas/io.k8s.apimachinery.pkg.apis.meta.v1.Time" - } - ], - "description": "The time at which the most recent occurrence of this event was recorded." - }, "message": { "description": "A human-readable description of the status of this operation.", "type": "string" @@ -307892,71 +317641,666 @@ "metadata": { "allOf": [ { - "$ref": "#/components/schemas/io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta" + "$ref": "#/components/schemas/io.k8s.apimachinery.pkg.apis.meta.v1.ListMeta" } ], "default": {}, - "description": "Standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata" + "description": "Standard list metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" }, "reason": { - "description": "This should be a short, machine understandable string that gives the reason for the transition into the object's current status.", + "description": "A machine-readable description of why this operation is in the \"Failure\" status. If this value is empty there is no information available. A Reason clarifies an HTTP status code but does not override it.", "type": "string" }, - "related": { - "allOf": [ - { - "$ref": "#/components/schemas/io.k8s.api.core.v1.ObjectReference" - } - ], - "description": "Optional secondary object for more complex actions." - }, - "reportingComponent": { - "default": "", - "description": "Name of the controller that emitted this Event, e.g. `kubernetes.io/kubelet`.", + "status": { + "description": "Status of the operation. One of: \"Success\" or \"Failure\". More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status", + "type": "string" + } + }, + "required": [], + "type": "object", + "x-kubernetes-group-version-kind": [ + { + "group": "", + "kind": "Status", + "version": "v1" + } + ] + }, + "velero.io/v1/Backup": { + "description": "Backup is a Velero resource that represents the capture of Kubernetes\ncluster state at a point in time (API objects and associated volume state).", + "namespaced": true, + "properties": { + "apiVersion": { + "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources", "type": "string" }, - "reportingInstance": { - "default": "", - "description": "ID of the controller instance, e.g. `kubelet-xyzf`.", + "kind": { + "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", "type": "string" }, - "series": { + "metadata": { "allOf": [ { - "$ref": "#/components/schemas/io.k8s.api.core.v1.EventSeries" + "$ref": "#/components/schemas/io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta" } ], - "description": "Data about the Event series this event represents or nil if it's a singleton Event." + "description": "Standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata" }, - "source": { - "allOf": [ - { - "$ref": "#/components/schemas/io.k8s.api.core.v1.EventSource" + "spec": { + "description": "BackupSpec defines the specification for a Velero backup.", + "properties": { + "csiSnapshotTimeout": { + "description": "CSISnapshotTimeout specifies the time used to wait for CSI VolumeSnapshot status turns to\nReadyToUse during creation, before returning error as timeout.\nThe default value is 10 minute.", + "type": "string" + }, + "datamover": { + "description": "DataMover specifies the data mover to be used by the backup.\nIf DataMover is \"\" or \"velero\", the built-in data mover will be used.", + "type": "string" + }, + "defaultVolumesToFsBackup": { + "description": "DefaultVolumesToFsBackup specifies whether pod volume file system backup should be used\nfor all volumes by default.", + "nullable": true, + "type": "boolean" + }, + "defaultVolumesToRestic": { + "description": "DefaultVolumesToRestic specifies whether restic should be used to take a\nbackup of all pod volumes by default.\n\nDeprecated: this field is no longer used and will be removed entirely in future. Use DefaultVolumesToFsBackup instead.", + "nullable": true, + "type": "boolean" + }, + "excludedClusterScopedResources": { + "description": "ExcludedClusterScopedResources is a slice of cluster-scoped\nresource type names to exclude from the backup.\nIf set to \"*\", all cluster-scoped resource types are excluded.\nThe default value is empty.", + "items": { + "type": "string" + }, + "nullable": true, + "type": "array" + }, + "excludedNamespaceScopedResources": { + "description": "ExcludedNamespaceScopedResources is a slice of namespace-scoped\nresource type names to exclude from the backup.\nIf set to \"*\", all namespace-scoped resource types are excluded.\nThe default value is empty.", + "items": { + "type": "string" + }, + "nullable": true, + "type": "array" + }, + "excludedNamespaces": { + "description": "ExcludedNamespaces contains a list of namespaces that are not\nincluded in the backup.", + "items": { + "type": "string" + }, + "nullable": true, + "type": "array" + }, + "excludedResources": { + "description": "ExcludedResources is a slice of resource names that are not\nincluded in the backup.", + "items": { + "type": "string" + }, + "nullable": true, + "type": "array" + }, + "hooks": { + "description": "Hooks represent custom behaviors that should be executed at different phases of the backup.", + "properties": { + "resources": { + "description": "Resources are hooks that should be executed when backing up individual instances of a resource.", + "items": { + "description": "BackupResourceHookSpec defines one or more BackupResourceHooks that should be executed based on\nthe rules defined for namespaces, resources, and label selector.", + "properties": { + "excludedNamespaces": { + "description": "ExcludedNamespaces specifies the namespaces to which this hook spec does not apply.", + "items": { + "type": "string" + }, + "nullable": true, + "type": "array" + }, + "excludedResources": { + "description": "ExcludedResources specifies the resources to which this hook spec does not apply.", + "items": { + "type": "string" + }, + "nullable": true, + "type": "array" + }, + "includedNamespaces": { + "description": "IncludedNamespaces specifies the namespaces to which this hook spec applies. If empty, it applies\nto all namespaces.", + "items": { + "type": "string" + }, + "nullable": true, + "type": "array" + }, + "includedResources": { + "description": "IncludedResources specifies the resources to which this hook spec applies. If empty, it applies\nto all resources.", + "items": { + "type": "string" + }, + "nullable": true, + "type": "array" + }, + "labelSelector": { + "description": "LabelSelector, if specified, filters the resources to which this hook spec applies.", + "nullable": true, + "properties": { + "matchExpressions": { + "description": "matchExpressions is a list of label selector requirements. The requirements are ANDed.", + "items": { + "description": "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values.", + "properties": { + "key": { + "description": "key is the label key that the selector applies to.", + "type": "string" + }, + "operator": { + "description": "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist.", + "type": "string" + }, + "values": { + "description": "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch.", + "items": { + "type": "string" + }, + "type": "array", + "x-kubernetes-list-type": "atomic" + } + }, + "required": [ + "key", + "operator" + ], + "type": "object" + }, + "type": "array", + "x-kubernetes-list-type": "atomic" + }, + "matchLabels": { + "additionalProperties": { + "type": "string" + }, + "description": "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed.", + "type": "object" + } + }, + "type": "object", + "x-kubernetes-map-type": "atomic" + }, + "name": { + "description": "Name is the name of this hook.", + "type": "string" + }, + "post": { + "description": "PostHooks is a list of BackupResourceHooks to execute after storing the item in the backup.\nThese are executed after all \"additional items\" from item actions are processed.", + "items": { + "description": "BackupResourceHook defines a hook for a resource.", + "properties": { + "exec": { + "description": "Exec defines an exec hook.", + "properties": { + "command": { + "description": "Command is the command and arguments to execute.", + "items": { + "type": "string" + }, + "minItems": 1, + "type": "array" + }, + "container": { + "description": "Container is the container in the pod where the command should be executed. If not specified,\nthe pod's first container is used.", + "type": "string" + }, + "onError": { + "description": "OnError specifies how Velero should behave if it encounters an error executing this hook.", + "enum": [ + "Continue", + "Fail" + ], + "type": "string" + }, + "timeout": { + "description": "Timeout defines the maximum amount of time Velero should wait for the hook to complete before\nconsidering the execution a failure.", + "type": "string" + } + }, + "required": [ + "command" + ], + "type": "object" + } + }, + "required": [ + "exec" + ], + "type": "object" + }, + "type": "array" + }, + "pre": { + "description": "PreHooks is a list of BackupResourceHooks to execute prior to storing the item in the backup.\nThese are executed before any \"additional items\" from item actions are processed.", + "items": { + "description": "BackupResourceHook defines a hook for a resource.", + "properties": { + "exec": { + "description": "Exec defines an exec hook.", + "properties": { + "command": { + "description": "Command is the command and arguments to execute.", + "items": { + "type": "string" + }, + "minItems": 1, + "type": "array" + }, + "container": { + "description": "Container is the container in the pod where the command should be executed. If not specified,\nthe pod's first container is used.", + "type": "string" + }, + "onError": { + "description": "OnError specifies how Velero should behave if it encounters an error executing this hook.", + "enum": [ + "Continue", + "Fail" + ], + "type": "string" + }, + "timeout": { + "description": "Timeout defines the maximum amount of time Velero should wait for the hook to complete before\nconsidering the execution a failure.", + "type": "string" + } + }, + "required": [ + "command" + ], + "type": "object" + } + }, + "required": [ + "exec" + ], + "type": "object" + }, + "type": "array" + } + }, + "required": [ + "name" + ], + "type": "object" + }, + "nullable": true, + "type": "array" + } + }, + "type": "object" + }, + "includeClusterResources": { + "description": "IncludeClusterResources specifies whether cluster-scoped resources\nshould be included for consideration in the backup.", + "nullable": true, + "type": "boolean" + }, + "includedClusterScopedResources": { + "description": "IncludedClusterScopedResources is a slice of cluster-scoped\nresource type names to include in the backup.\nIf set to \"*\", all cluster-scoped resource types are included.\nThe default value is empty, which means only related\ncluster-scoped resources are included.", + "items": { + "type": "string" + }, + "nullable": true, + "type": "array" + }, + "includedNamespaceScopedResources": { + "description": "IncludedNamespaceScopedResources is a slice of namespace-scoped\nresource type names to include in the backup.\nThe default value is \"*\".", + "items": { + "type": "string" + }, + "nullable": true, + "type": "array" + }, + "includedNamespaces": { + "description": "IncludedNamespaces is a slice of namespace names to include objects\nfrom. If empty, all namespaces are included.", + "items": { + "type": "string" + }, + "nullable": true, + "type": "array" + }, + "includedResources": { + "description": "IncludedResources is a slice of resource names to include\nin the backup. If empty, all resources are included.", + "items": { + "type": "string" + }, + "nullable": true, + "type": "array" + }, + "itemOperationTimeout": { + "description": "ItemOperationTimeout specifies the time used to wait for asynchronous BackupItemAction operations\nThe default value is 4 hour.", + "type": "string" + }, + "labelSelector": { + "description": "LabelSelector is a metav1.LabelSelector to filter with\nwhen adding individual objects to the backup. If empty\nor nil, all objects are included. Optional.", + "nullable": true, + "properties": { + "matchExpressions": { + "description": "matchExpressions is a list of label selector requirements. The requirements are ANDed.", + "items": { + "description": "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values.", + "properties": { + "key": { + "description": "key is the label key that the selector applies to.", + "type": "string" + }, + "operator": { + "description": "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist.", + "type": "string" + }, + "values": { + "description": "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch.", + "items": { + "type": "string" + }, + "type": "array", + "x-kubernetes-list-type": "atomic" + } + }, + "required": [ + "key", + "operator" + ], + "type": "object" + }, + "type": "array", + "x-kubernetes-list-type": "atomic" + }, + "matchLabels": { + "additionalProperties": { + "type": "string" + }, + "description": "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed.", + "type": "object" + } + }, + "type": "object", + "x-kubernetes-map-type": "atomic" + }, + "metadata": { + "properties": { + "labels": { + "additionalProperties": { + "type": "string" + }, + "type": "object" + } + }, + "type": "object" + }, + "orLabelSelectors": { + "description": "OrLabelSelectors is list of metav1.LabelSelector to filter with\nwhen adding individual objects to the backup. If multiple provided\nthey will be joined by the OR operator. LabelSelector as well as\nOrLabelSelectors cannot co-exist in backup request, only one of them\ncan be used.", + "items": { + "description": "A label selector is a label query over a set of resources. The result of matchLabels and\nmatchExpressions are ANDed. An empty label selector matches all objects. A null\nlabel selector matches no objects.", + "properties": { + "matchExpressions": { + "description": "matchExpressions is a list of label selector requirements. The requirements are ANDed.", + "items": { + "description": "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values.", + "properties": { + "key": { + "description": "key is the label key that the selector applies to.", + "type": "string" + }, + "operator": { + "description": "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist.", + "type": "string" + }, + "values": { + "description": "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch.", + "items": { + "type": "string" + }, + "type": "array", + "x-kubernetes-list-type": "atomic" + } + }, + "required": [ + "key", + "operator" + ], + "type": "object" + }, + "type": "array", + "x-kubernetes-list-type": "atomic" + }, + "matchLabels": { + "additionalProperties": { + "type": "string" + }, + "description": "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed.", + "type": "object" + } + }, + "type": "object", + "x-kubernetes-map-type": "atomic" + }, + "nullable": true, + "type": "array" + }, + "orderedResources": { + "additionalProperties": { + "type": "string" + }, + "description": "OrderedResources specifies the backup order of resources of specific Kind.\nThe map key is the resource name and value is a list of object names separated by commas.\nEach resource name has format \"namespace/objectname\". For cluster resources, simply use \"objectname\".", + "nullable": true, + "type": "object" + }, + "resourcePolicy": { + "description": "ResourcePolicy specifies the referenced resource policies that backup should follow", + "properties": { + "apiGroup": { + "description": "APIGroup is the group for the resource being referenced.\nIf APIGroup is not specified, the specified Kind must be in the core API group.\nFor any other third-party types, APIGroup is required.", + "type": "string" + }, + "kind": { + "description": "Kind is the type of resource being referenced", + "type": "string" + }, + "name": { + "description": "Name is the name of resource being referenced", + "type": "string" + } + }, + "required": [ + "kind", + "name" + ], + "type": "object", + "x-kubernetes-map-type": "atomic" + }, + "snapshotMoveData": { + "description": "SnapshotMoveData specifies whether snapshot data should be moved", + "nullable": true, + "type": "boolean" + }, + "snapshotVolumes": { + "description": "SnapshotVolumes specifies whether to take snapshots\nof any PV's referenced in the set of objects included\nin the Backup.", + "nullable": true, + "type": "boolean" + }, + "storageLocation": { + "description": "StorageLocation is a string containing the name of a BackupStorageLocation where the backup should be stored.", + "type": "string" + }, + "ttl": { + "description": "TTL is a time.Duration-parseable string describing how long\nthe Backup should be retained for.", + "type": "string" + }, + "uploaderConfig": { + "description": "UploaderConfig specifies the configuration for the uploader.", + "nullable": true, + "properties": { + "parallelFilesUpload": { + "description": "ParallelFilesUpload is the number of files parallel uploads to perform when using the uploader.", + "type": "integer" + } + }, + "type": "object" + }, + "volumeGroupSnapshotLabelKey": { + "description": "VolumeGroupSnapshotLabelKey specifies the label key to group PVCs under a VGS.", + "type": "string" + }, + "volumeSnapshotLocations": { + "description": "VolumeSnapshotLocations is a list containing names of VolumeSnapshotLocations associated with this backup.", + "items": { + "type": "string" + }, + "type": "array" } - ], - "default": {}, - "description": "The component reporting this event. Should be a short machine understandable string." + }, + "type": "object" }, - "type": { - "description": "Type of this event (Normal, Warning), new types could be added in the future", - "type": "string" + "status": { + "description": "BackupStatus captures the current status of a Velero backup.", + "properties": { + "backupItemOperationsAttempted": { + "description": "BackupItemOperationsAttempted is the total number of attempted\nasync BackupItemAction operations for this backup.", + "type": "integer" + }, + "backupItemOperationsCompleted": { + "description": "BackupItemOperationsCompleted is the total number of successfully completed\nasync BackupItemAction operations for this backup.", + "type": "integer" + }, + "backupItemOperationsFailed": { + "description": "BackupItemOperationsFailed is the total number of async\nBackupItemAction operations for this backup which ended with an error.", + "type": "integer" + }, + "completionTimestamp": { + "description": "CompletionTimestamp records the time a backup was completed.\nCompletion time is recorded even on failed backups.\nCompletion time is recorded before uploading the backup object.\nThe server's time is used for CompletionTimestamps", + "format": "date-time", + "nullable": true, + "type": "string" + }, + "csiVolumeSnapshotsAttempted": { + "description": "CSIVolumeSnapshotsAttempted is the total number of attempted\nCSI VolumeSnapshots for this backup.", + "type": "integer" + }, + "csiVolumeSnapshotsCompleted": { + "description": "CSIVolumeSnapshotsCompleted is the total number of successfully\ncompleted CSI VolumeSnapshots for this backup.", + "type": "integer" + }, + "errors": { + "description": "Errors is a count of all error messages that were generated during\nexecution of the backup. The actual errors are in the backup's log\nfile in object storage.", + "type": "integer" + }, + "expiration": { + "description": "Expiration is when this Backup is eligible for garbage-collection.", + "format": "date-time", + "nullable": true, + "type": "string" + }, + "failureReason": { + "description": "FailureReason is an error that caused the entire backup to fail.", + "type": "string" + }, + "formatVersion": { + "description": "FormatVersion is the backup format version, including major, minor, and patch version.", + "type": "string" + }, + "hookStatus": { + "description": "HookStatus contains information about the status of the hooks.", + "nullable": true, + "properties": { + "hooksAttempted": { + "description": "HooksAttempted is the total number of attempted hooks\nSpecifically, HooksAttempted represents the number of hooks that failed to execute\nand the number of hooks that executed successfully.", + "type": "integer" + }, + "hooksFailed": { + "description": "HooksFailed is the total number of hooks which ended with an error", + "type": "integer" + } + }, + "type": "object" + }, + "phase": { + "description": "Phase is the current state of the Backup.", + "enum": [ + "New", + "Queued", + "ReadyToStart", + "FailedValidation", + "InProgress", + "WaitingForPluginOperations", + "WaitingForPluginOperationsPartiallyFailed", + "Finalizing", + "FinalizingPartiallyFailed", + "Completed", + "PartiallyFailed", + "Failed", + "Deleting" + ], + "type": "string" + }, + "progress": { + "description": "Progress contains information about the backup's execution progress. Note\nthat this information is best-effort only -- if Velero fails to update it\nduring a backup for any reason, it may be inaccurate/stale.", + "nullable": true, + "properties": { + "itemsBackedUp": { + "description": "ItemsBackedUp is the number of items that have actually been written to the\nbackup tarball so far.", + "type": "integer" + }, + "totalItems": { + "description": "TotalItems is the total number of items to be backed up. This number may change\nthroughout the execution of the backup due to plugins that return additional related\nitems to back up, the velero.io/exclude-from-backup label, and various other\nfilters that happen as items are processed.", + "type": "integer" + } + }, + "type": "object" + }, + "queuePosition": { + "description": "QueuePosition is the position of the backup in the queue.\nOnly relevant when Phase is \"Queued\"", + "type": "integer" + }, + "startTimestamp": { + "description": "StartTimestamp records the time a backup was started.\nSeparate from CreationTimestamp, since that value changes\non restores.\nThe server's time is used for StartTimestamps", + "format": "date-time", + "nullable": true, + "type": "string" + }, + "validationErrors": { + "description": "ValidationErrors is a slice of all validation errors (if\napplicable).", + "items": { + "type": "string" + }, + "nullable": true, + "type": "array" + }, + "version": { + "description": "Version is the backup format major version.\nDeprecated: Please see FormatVersion", + "type": "integer" + }, + "volumeSnapshotsAttempted": { + "description": "VolumeSnapshotsAttempted is the total number of attempted\nvolume snapshots for this backup.", + "type": "integer" + }, + "volumeSnapshotsCompleted": { + "description": "VolumeSnapshotsCompleted is the total number of successfully\ncompleted volume snapshots for this backup.", + "type": "integer" + }, + "warnings": { + "description": "Warnings is a count of all warning messages that were generated during\nexecution of the backup. The actual warnings are in the backup's log\nfile in object storage.", + "type": "integer" + } + }, + "type": "object" } }, - "required": [ - "metadata", - "involvedObject" - ], + "required": [], "type": "object", "x-kubernetes-group-version-kind": [ { - "group": "", - "kind": "Event", + "group": "velero.io", + "kind": "Backup", "version": "v1" } ] }, - "v1/EventList": { - "description": "EventList is a list of events.", + "velero.io/v1/BackupList": { + "description": "BackupList is a list of Backup", "namespaced": true, "properties": { "apiVersion": { @@ -307964,14 +318308,9 @@ "type": "string" }, "items": { - "description": "List of events", + "description": "List of backups. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md", "items": { - "allOf": [ - { - "$ref": "#/components/schemas/io.k8s.api.core.v1.Event" - } - ], - "default": {} + "$ref": "#/components/schemas/io.velero.v1.Backup" }, "type": "array" }, @@ -307985,7 +318324,6 @@ "$ref": "#/components/schemas/io.k8s.apimachinery.pkg.apis.meta.v1.ListMeta" } ], - "default": {}, "description": "Standard list metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" } }, @@ -307995,14 +318333,14 @@ "type": "object", "x-kubernetes-group-version-kind": [ { - "group": "", - "kind": "EventList", + "group": "velero.io", + "kind": "BackupList", "version": "v1" } ] }, - "v1/LimitRange": { - "description": "LimitRange sets resource usage limits for each kind of resource in a Namespace.", + "velero.io/v1/BackupRepository": { + "description": "", "namespaced": true, "properties": { "apiVersion": { @@ -308019,31 +318357,123 @@ "$ref": "#/components/schemas/io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta" } ], - "default": {}, "description": "Standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata" }, "spec": { - "allOf": [ - { - "$ref": "#/components/schemas/io.k8s.api.core.v1.LimitRangeSpec" + "description": "BackupRepositorySpec is the specification for a BackupRepository.", + "properties": { + "backupStorageLocation": { + "description": "BackupStorageLocation is the name of the BackupStorageLocation\nthat should contain this repository.", + "type": "string" + }, + "maintenanceFrequency": { + "description": "MaintenanceFrequency is how often maintenance should be run.", + "type": "string" + }, + "repositoryConfig": { + "additionalProperties": { + "type": "string" + }, + "description": "RepositoryConfig is for repository-specific configuration fields.", + "nullable": true, + "type": "object" + }, + "repositoryType": { + "description": "RepositoryType indicates the type of the backend repository", + "enum": [ + "kopia", + "restic", + "" + ], + "type": "string" + }, + "resticIdentifier": { + "description": "ResticIdentifier is the full restic-compatible string for identifying\nthis repository. This field is only used when RepositoryType is \"restic\".", + "type": "string" + }, + "volumeNamespace": { + "description": "VolumeNamespace is the namespace this backup repository contains\npod volume backups for.", + "type": "string" } + }, + "required": [ + "backupStorageLocation", + "maintenanceFrequency", + "volumeNamespace" ], - "default": {}, - "description": "Spec defines the limits enforced. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status" + "type": "object" + }, + "status": { + "description": "BackupRepositoryStatus is the current status of a BackupRepository.", + "properties": { + "lastMaintenanceTime": { + "description": "LastMaintenanceTime is the last time repo maintenance succeeded.", + "format": "date-time", + "nullable": true, + "type": "string" + }, + "message": { + "description": "Message is a message about the current status of the BackupRepository.", + "type": "string" + }, + "phase": { + "description": "Phase is the current state of the BackupRepository.", + "enum": [ + "New", + "Ready", + "NotReady" + ], + "type": "string" + }, + "recentMaintenance": { + "description": "RecentMaintenance is status of the recent repo maintenance.", + "items": { + "properties": { + "completeTimestamp": { + "description": "CompleteTimestamp is the completion time of the repo maintenance.", + "format": "date-time", + "nullable": true, + "type": "string" + }, + "message": { + "description": "Message is a message about the current status of the repo maintenance.", + "type": "string" + }, + "result": { + "description": "Result is the result of the repo maintenance.", + "enum": [ + "Succeeded", + "Failed" + ], + "type": "string" + }, + "startTimestamp": { + "description": "StartTimestamp is the start time of the repo maintenance.", + "format": "date-time", + "nullable": true, + "type": "string" + } + }, + "type": "object" + }, + "type": "array" + } + }, + "type": "object" } }, "required": [], "type": "object", "x-kubernetes-group-version-kind": [ { - "group": "", - "kind": "LimitRange", + "group": "velero.io", + "kind": "BackupRepository", "version": "v1" } ] }, - "v1/LimitRangeList": { - "description": "LimitRangeList is a list of LimitRange items.", + "velero.io/v1/BackupRepositoryList": { + "description": "BackupRepositoryList is a list of BackupRepository", "namespaced": true, "properties": { "apiVersion": { @@ -308051,14 +318481,9 @@ "type": "string" }, "items": { - "description": "Items is a list of LimitRange objects. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/", + "description": "List of backuprepositories. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md", "items": { - "allOf": [ - { - "$ref": "#/components/schemas/io.k8s.api.core.v1.LimitRange" - } - ], - "default": {} + "$ref": "#/components/schemas/io.velero.v1.BackupRepository" }, "type": "array" }, @@ -308072,7 +318497,6 @@ "$ref": "#/components/schemas/io.k8s.apimachinery.pkg.apis.meta.v1.ListMeta" } ], - "default": {}, "description": "Standard list metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" } }, @@ -308082,15 +318506,15 @@ "type": "object", "x-kubernetes-group-version-kind": [ { - "group": "", - "kind": "LimitRangeList", + "group": "velero.io", + "kind": "BackupRepositoryList", "version": "v1" } ] }, - "v1/Namespace": { - "description": "Namespace provides a scope for Names. Use of multiple namespaces is optional.", - "namespaced": false, + "velero.io/v1/BackupStorageLocation": { + "description": "BackupStorageLocation is a location where Velero stores backup objects", + "namespaced": true, "properties": { "apiVersion": { "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources", @@ -308106,40 +318530,174 @@ "$ref": "#/components/schemas/io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta" } ], - "default": {}, "description": "Standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata" }, "spec": { - "allOf": [ - { - "$ref": "#/components/schemas/io.k8s.api.core.v1.NamespaceSpec" + "description": "BackupStorageLocationSpec defines the desired state of a Velero BackupStorageLocation", + "properties": { + "accessMode": { + "description": "AccessMode defines the permissions for the backup storage location.", + "enum": [ + "ReadOnly", + "ReadWrite" + ], + "type": "string" + }, + "backupSyncPeriod": { + "description": "BackupSyncPeriod defines how frequently to sync backup API objects from object storage. A value of 0 disables sync.", + "nullable": true, + "type": "string" + }, + "config": { + "additionalProperties": { + "type": "string" + }, + "description": "Config is for provider-specific configuration fields.", + "type": "object" + }, + "credential": { + "description": "Credential contains the credential information intended to be used with this location", + "properties": { + "key": { + "description": "The key of the secret to select from. Must be a valid secret key.", + "type": "string" + }, + "name": { + "default": "", + "description": "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names", + "type": "string" + }, + "optional": { + "description": "Specify whether the Secret or its key must be defined", + "type": "boolean" + } + }, + "required": [ + "key" + ], + "type": "object", + "x-kubernetes-map-type": "atomic" + }, + "default": { + "description": "Default indicates this location is the default backup storage location.", + "type": "boolean" + }, + "objectStorage": { + "description": "ObjectStorageLocation specifies the settings necessary to connect to a provider's object storage.", + "properties": { + "bucket": { + "description": "Bucket is the bucket to use for object storage.", + "type": "string" + }, + "caCert": { + "description": "CACert defines a CA bundle to use when verifying TLS connections to the provider.\nDeprecated: Use CACertRef instead.", + "format": "byte", + "type": "string" + }, + "caCertRef": { + "description": "CACertRef is a reference to a Secret containing the CA certificate bundle to use\nwhen verifying TLS connections to the provider. The Secret must be in the same\nnamespace as the BackupStorageLocation.", + "properties": { + "key": { + "description": "The key of the secret to select from. Must be a valid secret key.", + "type": "string" + }, + "name": { + "default": "", + "description": "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names", + "type": "string" + }, + "optional": { + "description": "Specify whether the Secret or its key must be defined", + "type": "boolean" + } + }, + "required": [ + "key" + ], + "type": "object", + "x-kubernetes-map-type": "atomic" + }, + "prefix": { + "description": "Prefix is the path inside a bucket to use for Velero storage. Optional.", + "type": "string" + } + }, + "required": [ + "bucket" + ], + "type": "object" + }, + "provider": { + "description": "Provider is the provider of the backup storage.", + "type": "string" + }, + "validationFrequency": { + "description": "ValidationFrequency defines how frequently to validate the corresponding object storage. A value of 0 disables validation.", + "nullable": true, + "type": "string" } + }, + "required": [ + "objectStorage", + "provider" ], - "default": {}, - "description": "Spec defines the behavior of the Namespace. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status" + "type": "object" }, "status": { - "allOf": [ - { - "$ref": "#/components/schemas/io.k8s.api.core.v1.NamespaceStatus" + "description": "BackupStorageLocationStatus defines the observed state of BackupStorageLocation", + "properties": { + "accessMode": { + "description": "AccessMode is an unused field.\n\nDeprecated: there is now an AccessMode field on the Spec and this field\nwill be removed entirely as of v2.0.", + "enum": [ + "ReadOnly", + "ReadWrite" + ], + "type": "string" + }, + "lastSyncedRevision": { + "description": "LastSyncedRevision is the value of the `metadata/revision` file in the backup\nstorage location the last time the BSL's contents were synced into the cluster.\n\nDeprecated: this field is no longer updated or used for detecting changes to\nthe location's contents and will be removed entirely in v2.0.", + "type": "string" + }, + "lastSyncedTime": { + "description": "LastSyncedTime is the last time the contents of the location were synced into\nthe cluster.", + "format": "date-time", + "nullable": true, + "type": "string" + }, + "lastValidationTime": { + "description": "LastValidationTime is the last time the backup store location was validated\nthe cluster.", + "format": "date-time", + "nullable": true, + "type": "string" + }, + "message": { + "description": "Message is a message about the backup storage location's status.", + "type": "string" + }, + "phase": { + "description": "Phase is the current state of the BackupStorageLocation.", + "enum": [ + "Available", + "Unavailable" + ], + "type": "string" } - ], - "default": {}, - "description": "Status describes the current status of a Namespace. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status" + }, + "type": "object" } }, "required": [], "type": "object", "x-kubernetes-group-version-kind": [ { - "group": "", - "kind": "Namespace", + "group": "velero.io", + "kind": "BackupStorageLocation", "version": "v1" } ] }, - "v1/NamespaceList": { - "description": "NamespaceList is a list of Namespaces.", + "velero.io/v1/BackupStorageLocationList": { + "description": "BackupStorageLocationList is a list of BackupStorageLocation", "namespaced": true, "properties": { "apiVersion": { @@ -308147,14 +318705,9 @@ "type": "string" }, "items": { - "description": "Items is the list of Namespace objects in the list. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/", + "description": "List of backupstoragelocations. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md", "items": { - "allOf": [ - { - "$ref": "#/components/schemas/io.k8s.api.core.v1.Namespace" - } - ], - "default": {} + "$ref": "#/components/schemas/io.velero.v1.BackupStorageLocation" }, "type": "array" }, @@ -308168,7 +318721,6 @@ "$ref": "#/components/schemas/io.k8s.apimachinery.pkg.apis.meta.v1.ListMeta" } ], - "default": {}, "description": "Standard list metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" } }, @@ -308178,15 +318730,15 @@ "type": "object", "x-kubernetes-group-version-kind": [ { - "group": "", - "kind": "NamespaceList", + "group": "velero.io", + "kind": "BackupStorageLocationList", "version": "v1" } ] }, - "v1/Node": { - "description": "Node is a worker node in Kubernetes. Each node will have a unique identifier in the cache (i.e. in etcd).", - "namespaced": false, + "velero.io/v1/DeleteBackupRequest": { + "description": "DeleteBackupRequest is a request to delete one or more backups.", + "namespaced": true, "properties": { "apiVersion": { "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources", @@ -308202,40 +318754,56 @@ "$ref": "#/components/schemas/io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta" } ], - "default": {}, "description": "Standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata" }, "spec": { - "allOf": [ - { - "$ref": "#/components/schemas/io.k8s.api.core.v1.NodeSpec" + "description": "DeleteBackupRequestSpec is the specification for which backups to delete.", + "properties": { + "backupName": { + "type": "string" } + }, + "required": [ + "backupName" ], - "default": {}, - "description": "Spec defines the behavior of a node. https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status" + "type": "object" }, "status": { - "allOf": [ - { - "$ref": "#/components/schemas/io.k8s.api.core.v1.NodeStatus" + "description": "DeleteBackupRequestStatus is the current status of a DeleteBackupRequest.", + "properties": { + "errors": { + "description": "Errors contains any errors that were encountered during the deletion process.", + "items": { + "type": "string" + }, + "nullable": true, + "type": "array" + }, + "phase": { + "description": "Phase is the current state of the DeleteBackupRequest.", + "enum": [ + "New", + "InProgress", + "Processed" + ], + "type": "string" } - ], - "default": {}, - "description": "Most recently observed status of the node. Populated by the system. Read-only. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status" + }, + "type": "object" } }, "required": [], "type": "object", "x-kubernetes-group-version-kind": [ { - "group": "", - "kind": "Node", + "group": "velero.io", + "kind": "DeleteBackupRequest", "version": "v1" } ] }, - "v1/NodeList": { - "description": "NodeList is the whole list of all Nodes which have been registered with master.", + "velero.io/v1/DeleteBackupRequestList": { + "description": "DeleteBackupRequestList is a list of DeleteBackupRequest", "namespaced": true, "properties": { "apiVersion": { @@ -308243,14 +318811,9 @@ "type": "string" }, "items": { - "description": "List of nodes", + "description": "List of deletebackuprequests. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md", "items": { - "allOf": [ - { - "$ref": "#/components/schemas/io.k8s.api.core.v1.Node" - } - ], - "default": {} + "$ref": "#/components/schemas/io.velero.v1.DeleteBackupRequest" }, "type": "array" }, @@ -308264,7 +318827,6 @@ "$ref": "#/components/schemas/io.k8s.apimachinery.pkg.apis.meta.v1.ListMeta" } ], - "default": {}, "description": "Standard list metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" } }, @@ -308274,15 +318836,15 @@ "type": "object", "x-kubernetes-group-version-kind": [ { - "group": "", - "kind": "NodeList", + "group": "velero.io", + "kind": "DeleteBackupRequestList", "version": "v1" } ] }, - "v1/PersistentVolume": { - "description": "PersistentVolume (PV) is a storage resource provisioned by an administrator. It is analogous to a node. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes", - "namespaced": false, + "velero.io/v1/DownloadRequest": { + "description": "DownloadRequest is a request to download an artifact from backup object storage, such as a backup\nlog file.", + "namespaced": true, "properties": { "apiVersion": { "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources", @@ -308298,40 +318860,128 @@ "$ref": "#/components/schemas/io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta" } ], - "default": {}, "description": "Standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata" }, "spec": { - "allOf": [ - { - "$ref": "#/components/schemas/io.k8s.api.core.v1.PersistentVolumeSpec" + "description": "DownloadRequestSpec is the specification for a download request.", + "properties": { + "target": { + "description": "Target is what to download (e.g. logs for a backup).", + "properties": { + "kind": { + "description": "Kind is the type of file to download.", + "enum": [ + "BackupLog", + "BackupContents", + "BackupVolumeSnapshots", + "BackupItemOperations", + "BackupResourceList", + "BackupResults", + "RestoreLog", + "RestoreResults", + "RestoreResourceList", + "RestoreItemOperations", + "CSIBackupVolumeSnapshots", + "CSIBackupVolumeSnapshotContents", + "BackupVolumeInfos", + "RestoreVolumeInfo" + ], + "type": "string" + }, + "name": { + "description": "Name is the name of the Kubernetes resource with which the file is associated.", + "type": "string" + } + }, + "required": [ + "kind", + "name" + ], + "type": "object" } + }, + "required": [ + "target" ], - "default": {}, - "description": "spec defines a specification of a persistent volume owned by the cluster. Provisioned by an administrator. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistent-volumes" + "type": "object" }, "status": { + "description": "DownloadRequestStatus is the current status of a DownloadRequest.", + "properties": { + "downloadURL": { + "description": "DownloadURL contains the pre-signed URL for the target file.", + "type": "string" + }, + "expiration": { + "description": "Expiration is when this DownloadRequest expires and can be deleted by the system.", + "format": "date-time", + "nullable": true, + "type": "string" + }, + "phase": { + "description": "Phase is the current state of the DownloadRequest.", + "enum": [ + "New", + "Processed" + ], + "type": "string" + } + }, + "type": "object" + } + }, + "required": [], + "type": "object", + "x-kubernetes-group-version-kind": [ + { + "group": "velero.io", + "kind": "DownloadRequest", + "version": "v1" + } + ] + }, + "velero.io/v1/DownloadRequestList": { + "description": "DownloadRequestList is a list of DownloadRequest", + "namespaced": true, + "properties": { + "apiVersion": { + "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources", + "type": "string" + }, + "items": { + "description": "List of downloadrequests. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md", + "items": { + "$ref": "#/components/schemas/io.velero.v1.DownloadRequest" + }, + "type": "array" + }, + "kind": { + "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", + "type": "string" + }, + "metadata": { "allOf": [ { - "$ref": "#/components/schemas/io.k8s.api.core.v1.PersistentVolumeStatus" + "$ref": "#/components/schemas/io.k8s.apimachinery.pkg.apis.meta.v1.ListMeta" } ], - "default": {}, - "description": "status represents the current information/status for the persistent volume. Populated by the system. Read-only. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistent-volumes" + "description": "Standard list metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" } }, - "required": [], + "required": [ + "items" + ], "type": "object", "x-kubernetes-group-version-kind": [ { - "group": "", - "kind": "PersistentVolume", + "group": "velero.io", + "kind": "DownloadRequestList", "version": "v1" } ] }, - "v1/PersistentVolumeClaim": { - "description": "PersistentVolumeClaim is a user's request for and claim to a persistent volume", + "velero.io/v1/PodVolumeBackup": { + "description": "", "namespaced": true, "properties": { "apiVersion": { @@ -308348,40 +318998,182 @@ "$ref": "#/components/schemas/io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta" } ], - "default": {}, "description": "Standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata" }, "spec": { - "allOf": [ - { - "$ref": "#/components/schemas/io.k8s.api.core.v1.PersistentVolumeClaimSpec" + "description": "PodVolumeBackupSpec is the specification for a PodVolumeBackup.", + "properties": { + "backupStorageLocation": { + "description": "BackupStorageLocation is the name of the backup storage location\nwhere the backup repository is stored.", + "type": "string" + }, + "cancel": { + "description": "Cancel indicates request to cancel the ongoing PodVolumeBackup. It can be set\nwhen the PodVolumeBackup is in InProgress phase", + "type": "boolean" + }, + "node": { + "description": "Node is the name of the node that the Pod is running on.", + "type": "string" + }, + "pod": { + "description": "Pod is a reference to the pod containing the volume to be backed up.", + "properties": { + "apiVersion": { + "description": "API version of the referent.", + "type": "string" + }, + "fieldPath": { + "description": "If referring to a piece of an object instead of an entire object, this string\nshould contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2].\nFor example, if the object reference is to a container within a pod, this would take on a value like:\n\"spec.containers{name}\" (where \"name\" refers to the name of the container that triggered\nthe event) or if no container name is specified \"spec.containers[2]\" (container with\nindex 2 in this pod). This syntax is chosen only to have some well-defined way of\nreferencing a part of an object.", + "type": "string" + }, + "kind": { + "description": "Kind of the referent.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", + "type": "string" + }, + "name": { + "description": "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names", + "type": "string" + }, + "namespace": { + "description": "Namespace of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/", + "type": "string" + }, + "resourceVersion": { + "description": "Specific resourceVersion to which this reference is made, if any.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency", + "type": "string" + }, + "uid": { + "description": "UID of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids", + "type": "string" + } + }, + "type": "object", + "x-kubernetes-map-type": "atomic" + }, + "repoIdentifier": { + "description": "RepoIdentifier is the backup repository identifier.", + "type": "string" + }, + "tags": { + "additionalProperties": { + "type": "string" + }, + "description": "Tags are a map of key-value pairs that should be applied to the\nvolume backup as tags.", + "type": "object" + }, + "uploaderSettings": { + "additionalProperties": { + "type": "string" + }, + "description": "UploaderSettings are a map of key-value pairs that should be applied to the\nuploader configuration.", + "nullable": true, + "type": "object" + }, + "uploaderType": { + "description": "UploaderType is the type of the uploader to handle the data transfer.", + "enum": [ + "kopia", + "restic", + "" + ], + "type": "string" + }, + "volume": { + "description": "Volume is the name of the volume within the Pod to be backed\nup.", + "type": "string" } + }, + "required": [ + "backupStorageLocation", + "node", + "pod", + "repoIdentifier", + "volume" ], - "default": {}, - "description": "spec defines the desired characteristics of a volume requested by a pod author. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims" + "type": "object" }, "status": { - "allOf": [ - { - "$ref": "#/components/schemas/io.k8s.api.core.v1.PersistentVolumeClaimStatus" + "description": "PodVolumeBackupStatus is the current status of a PodVolumeBackup.", + "properties": { + "acceptedTimestamp": { + "description": "AcceptedTimestamp records the time the pod volume backup is to be prepared.\nThe server's time is used for AcceptedTimestamp", + "format": "date-time", + "nullable": true, + "type": "string" + }, + "completionTimestamp": { + "description": "CompletionTimestamp records the time a backup was completed.\nCompletion time is recorded even on failed backups.\nCompletion time is recorded before uploading the backup object.\nThe server's time is used for CompletionTimestamps", + "format": "date-time", + "nullable": true, + "type": "string" + }, + "incrementalBytes": { + "description": "IncrementalBytes holds the number of bytes new or changed since the last backup", + "format": "int64", + "type": "integer" + }, + "message": { + "description": "Message is a message about the pod volume backup's status.", + "type": "string" + }, + "path": { + "description": "Path is the full path within the controller pod being backed up.", + "type": "string" + }, + "phase": { + "description": "Phase is the current state of the PodVolumeBackup.", + "enum": [ + "New", + "Accepted", + "Prepared", + "InProgress", + "Canceling", + "Canceled", + "Completed", + "Failed" + ], + "type": "string" + }, + "progress": { + "description": "Progress holds the total number of bytes of the volume and the current\nnumber of backed up bytes. This can be used to display progress information\nabout the backup operation.", + "properties": { + "bytesDone": { + "format": "int64", + "type": "integer" + }, + "totalBytes": { + "format": "int64", + "type": "integer" + } + }, + "type": "object" + }, + "snapshotID": { + "description": "SnapshotID is the identifier for the snapshot of the pod volume.", + "type": "string" + }, + "startTimestamp": { + "description": "StartTimestamp records the time a backup was started.\nSeparate from CreationTimestamp, since that value changes\non restores.\nThe server's time is used for StartTimestamps", + "format": "date-time", + "nullable": true, + "type": "string" } - ], - "default": {}, - "description": "status represents the current information/status of a persistent volume claim. Read-only. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims" + }, + "type": "object" } }, "required": [], "type": "object", "x-kubernetes-group-version-kind": [ { - "group": "", - "kind": "PersistentVolumeClaim", + "group": "velero.io", + "kind": "PodVolumeBackup", "version": "v1" } ] }, - "v1/PersistentVolumeClaimList": { - "description": "PersistentVolumeClaimList is a list of PersistentVolumeClaim items.", + "velero.io/v1/PodVolumeBackupList": { + "description": "PodVolumeBackupList is a list of PodVolumeBackup", "namespaced": true, "properties": { "apiVersion": { @@ -308389,14 +319181,9 @@ "type": "string" }, "items": { - "description": "items is a list of persistent volume claims. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims", + "description": "List of podvolumebackups. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md", "items": { - "allOf": [ - { - "$ref": "#/components/schemas/io.k8s.api.core.v1.PersistentVolumeClaim" - } - ], - "default": {} + "$ref": "#/components/schemas/io.velero.v1.PodVolumeBackup" }, "type": "array" }, @@ -308410,7 +319197,6 @@ "$ref": "#/components/schemas/io.k8s.apimachinery.pkg.apis.meta.v1.ListMeta" } ], - "default": {}, "description": "Standard list metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" } }, @@ -308420,14 +319206,200 @@ "type": "object", "x-kubernetes-group-version-kind": [ { - "group": "", - "kind": "PersistentVolumeClaimList", + "group": "velero.io", + "kind": "PodVolumeBackupList", "version": "v1" } ] }, - "v1/PersistentVolumeList": { - "description": "PersistentVolumeList is a list of PersistentVolume items.", + "velero.io/v1/PodVolumeRestore": { + "description": "", + "namespaced": true, + "properties": { + "apiVersion": { + "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources", + "type": "string" + }, + "kind": { + "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", + "type": "string" + }, + "metadata": { + "allOf": [ + { + "$ref": "#/components/schemas/io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta" + } + ], + "description": "Standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata" + }, + "spec": { + "description": "PodVolumeRestoreSpec is the specification for a PodVolumeRestore.", + "properties": { + "backupStorageLocation": { + "description": "BackupStorageLocation is the name of the backup storage location\nwhere the backup repository is stored.", + "type": "string" + }, + "cancel": { + "description": "Cancel indicates request to cancel the ongoing PodVolumeRestore. It can be set\nwhen the PodVolumeRestore is in InProgress phase", + "type": "boolean" + }, + "pod": { + "description": "Pod is a reference to the pod containing the volume to be restored.", + "properties": { + "apiVersion": { + "description": "API version of the referent.", + "type": "string" + }, + "fieldPath": { + "description": "If referring to a piece of an object instead of an entire object, this string\nshould contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2].\nFor example, if the object reference is to a container within a pod, this would take on a value like:\n\"spec.containers{name}\" (where \"name\" refers to the name of the container that triggered\nthe event) or if no container name is specified \"spec.containers[2]\" (container with\nindex 2 in this pod). This syntax is chosen only to have some well-defined way of\nreferencing a part of an object.", + "type": "string" + }, + "kind": { + "description": "Kind of the referent.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", + "type": "string" + }, + "name": { + "description": "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names", + "type": "string" + }, + "namespace": { + "description": "Namespace of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/", + "type": "string" + }, + "resourceVersion": { + "description": "Specific resourceVersion to which this reference is made, if any.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency", + "type": "string" + }, + "uid": { + "description": "UID of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids", + "type": "string" + } + }, + "type": "object", + "x-kubernetes-map-type": "atomic" + }, + "repoIdentifier": { + "description": "RepoIdentifier is the backup repository identifier.", + "type": "string" + }, + "snapshotID": { + "description": "SnapshotID is the ID of the volume snapshot to be restored.", + "type": "string" + }, + "snapshotSize": { + "description": "SnapshotSize is the logical size in Bytes of the snapshot.", + "format": "int64", + "type": "integer" + }, + "sourceNamespace": { + "description": "SourceNamespace is the original namespace for namaspace mapping.", + "type": "string" + }, + "uploaderSettings": { + "additionalProperties": { + "type": "string" + }, + "description": "UploaderSettings are a map of key-value pairs that should be applied to the\nuploader configuration.", + "nullable": true, + "type": "object" + }, + "uploaderType": { + "description": "UploaderType is the type of the uploader to handle the data transfer.", + "enum": [ + "kopia", + "restic", + "" + ], + "type": "string" + }, + "volume": { + "description": "Volume is the name of the volume within the Pod to be restored.", + "type": "string" + } + }, + "required": [ + "backupStorageLocation", + "pod", + "repoIdentifier", + "snapshotID", + "sourceNamespace", + "volume" + ], + "type": "object" + }, + "status": { + "description": "PodVolumeRestoreStatus is the current status of a PodVolumeRestore.", + "properties": { + "acceptedTimestamp": { + "description": "AcceptedTimestamp records the time the pod volume restore is to be prepared.\nThe server's time is used for AcceptedTimestamp", + "format": "date-time", + "nullable": true, + "type": "string" + }, + "completionTimestamp": { + "description": "CompletionTimestamp records the time a restore was completed.\nCompletion time is recorded even on failed restores.\nThe server's time is used for CompletionTimestamps", + "format": "date-time", + "nullable": true, + "type": "string" + }, + "message": { + "description": "Message is a message about the pod volume restore's status.", + "type": "string" + }, + "node": { + "description": "Node is name of the node where the pod volume restore is processed.", + "type": "string" + }, + "phase": { + "description": "Phase is the current state of the PodVolumeRestore.", + "enum": [ + "New", + "Accepted", + "Prepared", + "InProgress", + "Canceling", + "Canceled", + "Completed", + "Failed" + ], + "type": "string" + }, + "progress": { + "description": "Progress holds the total number of bytes of the snapshot and the current\nnumber of restored bytes. This can be used to display progress information\nabout the restore operation.", + "properties": { + "bytesDone": { + "format": "int64", + "type": "integer" + }, + "totalBytes": { + "format": "int64", + "type": "integer" + } + }, + "type": "object" + }, + "startTimestamp": { + "description": "StartTimestamp records the time a restore was started.\nThe server's time is used for StartTimestamps", + "format": "date-time", + "nullable": true, + "type": "string" + } + }, + "type": "object" + } + }, + "required": [], + "type": "object", + "x-kubernetes-group-version-kind": [ + { + "group": "velero.io", + "kind": "PodVolumeRestore", + "version": "v1" + } + ] + }, + "velero.io/v1/PodVolumeRestoreList": { + "description": "PodVolumeRestoreList is a list of PodVolumeRestore", "namespaced": true, "properties": { "apiVersion": { @@ -308435,14 +319407,9 @@ "type": "string" }, "items": { - "description": "items is a list of persistent volumes. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes", + "description": "List of podvolumerestores. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md", "items": { - "allOf": [ - { - "$ref": "#/components/schemas/io.k8s.api.core.v1.PersistentVolume" - } - ], - "default": {} + "$ref": "#/components/schemas/io.velero.v1.PodVolumeRestore" }, "type": "array" }, @@ -308456,7 +319423,6 @@ "$ref": "#/components/schemas/io.k8s.apimachinery.pkg.apis.meta.v1.ListMeta" } ], - "default": {}, "description": "Standard list metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" } }, @@ -308466,14 +319432,14 @@ "type": "object", "x-kubernetes-group-version-kind": [ { - "group": "", - "kind": "PersistentVolumeList", + "group": "velero.io", + "kind": "PodVolumeRestoreList", "version": "v1" } ] }, - "v1/Pod": { - "description": "Pod is a collection of containers that can run on a host. This resource is created by clients and scheduled onto hosts.", + "velero.io/v1/Restore": { + "description": "Restore is a Velero resource that represents the application of\nresources from a Velero backup to a target Kubernetes cluster.", "namespaced": true, "properties": { "apiVersion": { @@ -308490,40 +319456,524 @@ "$ref": "#/components/schemas/io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta" } ], - "default": {}, "description": "Standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata" }, "spec": { - "allOf": [ - { - "$ref": "#/components/schemas/io.k8s.api.core.v1.PodSpec" + "description": "RestoreSpec defines the specification for a Velero restore.", + "properties": { + "backupName": { + "description": "BackupName is the unique name of the Velero backup to restore\nfrom.", + "type": "string" + }, + "excludedNamespaces": { + "description": "ExcludedNamespaces contains a list of namespaces that are not\nincluded in the restore.", + "items": { + "type": "string" + }, + "nullable": true, + "type": "array" + }, + "excludedResources": { + "description": "ExcludedResources is a slice of resource names that are not\nincluded in the restore.", + "items": { + "type": "string" + }, + "nullable": true, + "type": "array" + }, + "existingResourcePolicy": { + "description": "ExistingResourcePolicy specifies the restore behavior for the Kubernetes resource to be restored", + "nullable": true, + "type": "string" + }, + "hooks": { + "description": "Hooks represent custom behaviors that should be executed during or post restore.", + "properties": { + "resources": { + "items": { + "description": "RestoreResourceHookSpec defines one or more RestoreResrouceHooks that should be executed based on\nthe rules defined for namespaces, resources, and label selector.", + "properties": { + "excludedNamespaces": { + "description": "ExcludedNamespaces specifies the namespaces to which this hook spec does not apply.", + "items": { + "type": "string" + }, + "nullable": true, + "type": "array" + }, + "excludedResources": { + "description": "ExcludedResources specifies the resources to which this hook spec does not apply.", + "items": { + "type": "string" + }, + "nullable": true, + "type": "array" + }, + "includedNamespaces": { + "description": "IncludedNamespaces specifies the namespaces to which this hook spec applies. If empty, it applies\nto all namespaces.", + "items": { + "type": "string" + }, + "nullable": true, + "type": "array" + }, + "includedResources": { + "description": "IncludedResources specifies the resources to which this hook spec applies. If empty, it applies\nto all resources.", + "items": { + "type": "string" + }, + "nullable": true, + "type": "array" + }, + "labelSelector": { + "description": "LabelSelector, if specified, filters the resources to which this hook spec applies.", + "nullable": true, + "properties": { + "matchExpressions": { + "description": "matchExpressions is a list of label selector requirements. The requirements are ANDed.", + "items": { + "description": "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values.", + "properties": { + "key": { + "description": "key is the label key that the selector applies to.", + "type": "string" + }, + "operator": { + "description": "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist.", + "type": "string" + }, + "values": { + "description": "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch.", + "items": { + "type": "string" + }, + "type": "array", + "x-kubernetes-list-type": "atomic" + } + }, + "required": [ + "key", + "operator" + ], + "type": "object" + }, + "type": "array", + "x-kubernetes-list-type": "atomic" + }, + "matchLabels": { + "additionalProperties": { + "type": "string" + }, + "description": "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed.", + "type": "object" + } + }, + "type": "object", + "x-kubernetes-map-type": "atomic" + }, + "name": { + "description": "Name is the name of this hook.", + "type": "string" + }, + "postHooks": { + "description": "PostHooks is a list of RestoreResourceHooks to execute during and after restoring a resource.", + "items": { + "description": "RestoreResourceHook defines a restore hook for a resource.", + "properties": { + "exec": { + "description": "Exec defines an exec restore hook.", + "properties": { + "command": { + "description": "Command is the command and arguments to execute from within a container after a pod has been restored.", + "items": { + "type": "string" + }, + "minItems": 1, + "type": "array" + }, + "container": { + "description": "Container is the container in the pod where the command should be executed. If not specified,\nthe pod's first container is used.", + "type": "string" + }, + "execTimeout": { + "description": "ExecTimeout defines the maximum amount of time Velero should wait for the hook to complete before\nconsidering the execution a failure.", + "type": "string" + }, + "onError": { + "description": "OnError specifies how Velero should behave if it encounters an error executing this hook.", + "enum": [ + "Continue", + "Fail" + ], + "type": "string" + }, + "waitForReady": { + "description": "WaitForReady ensures command will be launched when container is Ready instead of Running.", + "nullable": true, + "type": "boolean" + }, + "waitTimeout": { + "description": "WaitTimeout defines the maximum amount of time Velero should wait for the container to be Ready\nbefore attempting to run the command.", + "type": "string" + } + }, + "required": [ + "command" + ], + "type": "object" + }, + "init": { + "description": "Init defines an init restore hook.", + "properties": { + "initContainers": { + "description": "InitContainers is list of init containers to be added to a pod during its restore.", + "items": { + "type": "object", + "x-kubernetes-preserve-unknown-fields": true + }, + "type": "array", + "x-kubernetes-preserve-unknown-fields": true + }, + "timeout": { + "description": "Timeout defines the maximum amount of time Velero should wait for the initContainers to complete.", + "type": "string" + } + }, + "type": "object" + } + }, + "type": "object" + }, + "type": "array" + } + }, + "required": [ + "name" + ], + "type": "object" + }, + "type": "array" + } + }, + "type": "object" + }, + "includeClusterResources": { + "description": "IncludeClusterResources specifies whether cluster-scoped resources\nshould be included for consideration in the restore. If null, defaults\nto true.", + "nullable": true, + "type": "boolean" + }, + "includedNamespaces": { + "description": "IncludedNamespaces is a slice of namespace names to include objects\nfrom. If empty, all namespaces are included.", + "items": { + "type": "string" + }, + "nullable": true, + "type": "array" + }, + "includedResources": { + "description": "IncludedResources is a slice of resource names to include\nin the restore. If empty, all resources in the backup are included.", + "items": { + "type": "string" + }, + "nullable": true, + "type": "array" + }, + "itemOperationTimeout": { + "description": "ItemOperationTimeout specifies the time used to wait for RestoreItemAction operations\nThe default value is 4 hour.", + "type": "string" + }, + "labelSelector": { + "description": "LabelSelector is a metav1.LabelSelector to filter with\nwhen restoring individual objects from the backup. If empty\nor nil, all objects are included. Optional.", + "nullable": true, + "properties": { + "matchExpressions": { + "description": "matchExpressions is a list of label selector requirements. The requirements are ANDed.", + "items": { + "description": "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values.", + "properties": { + "key": { + "description": "key is the label key that the selector applies to.", + "type": "string" + }, + "operator": { + "description": "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist.", + "type": "string" + }, + "values": { + "description": "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch.", + "items": { + "type": "string" + }, + "type": "array", + "x-kubernetes-list-type": "atomic" + } + }, + "required": [ + "key", + "operator" + ], + "type": "object" + }, + "type": "array", + "x-kubernetes-list-type": "atomic" + }, + "matchLabels": { + "additionalProperties": { + "type": "string" + }, + "description": "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed.", + "type": "object" + } + }, + "type": "object", + "x-kubernetes-map-type": "atomic" + }, + "namespaceMapping": { + "additionalProperties": { + "type": "string" + }, + "description": "NamespaceMapping is a map of source namespace names\nto target namespace names to restore into. Any source\nnamespaces not included in the map will be restored into\nnamespaces of the same name.", + "type": "object" + }, + "orLabelSelectors": { + "description": "OrLabelSelectors is list of metav1.LabelSelector to filter with\nwhen restoring individual objects from the backup. If multiple provided\nthey will be joined by the OR operator. LabelSelector as well as\nOrLabelSelectors cannot co-exist in restore request, only one of them\ncan be used", + "items": { + "description": "A label selector is a label query over a set of resources. The result of matchLabels and\nmatchExpressions are ANDed. An empty label selector matches all objects. A null\nlabel selector matches no objects.", + "properties": { + "matchExpressions": { + "description": "matchExpressions is a list of label selector requirements. The requirements are ANDed.", + "items": { + "description": "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values.", + "properties": { + "key": { + "description": "key is the label key that the selector applies to.", + "type": "string" + }, + "operator": { + "description": "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist.", + "type": "string" + }, + "values": { + "description": "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch.", + "items": { + "type": "string" + }, + "type": "array", + "x-kubernetes-list-type": "atomic" + } + }, + "required": [ + "key", + "operator" + ], + "type": "object" + }, + "type": "array", + "x-kubernetes-list-type": "atomic" + }, + "matchLabels": { + "additionalProperties": { + "type": "string" + }, + "description": "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed.", + "type": "object" + } + }, + "type": "object", + "x-kubernetes-map-type": "atomic" + }, + "nullable": true, + "type": "array" + }, + "preserveNodePorts": { + "description": "PreserveNodePorts specifies whether to restore old nodePorts from backup.", + "nullable": true, + "type": "boolean" + }, + "resourceModifier": { + "description": "ResourceModifier specifies the reference to JSON resource patches that should be applied to resources before restoration.", + "nullable": true, + "properties": { + "apiGroup": { + "description": "APIGroup is the group for the resource being referenced.\nIf APIGroup is not specified, the specified Kind must be in the core API group.\nFor any other third-party types, APIGroup is required.", + "type": "string" + }, + "kind": { + "description": "Kind is the type of resource being referenced", + "type": "string" + }, + "name": { + "description": "Name is the name of resource being referenced", + "type": "string" + } + }, + "required": [ + "kind", + "name" + ], + "type": "object", + "x-kubernetes-map-type": "atomic" + }, + "restorePVs": { + "description": "RestorePVs specifies whether to restore all included\nPVs from snapshot", + "nullable": true, + "type": "boolean" + }, + "restoreStatus": { + "description": "RestoreStatus specifies which resources we should restore the status\nfield. If nil, no objects are included. Optional.", + "nullable": true, + "properties": { + "excludedResources": { + "description": "ExcludedResources specifies the resources to which will not restore the status.", + "items": { + "type": "string" + }, + "nullable": true, + "type": "array" + }, + "includedResources": { + "description": "IncludedResources specifies the resources to which will restore the status.\nIf empty, it applies to all resources.", + "items": { + "type": "string" + }, + "nullable": true, + "type": "array" + } + }, + "type": "object" + }, + "scheduleName": { + "description": "ScheduleName is the unique name of the Velero schedule to restore\nfrom. If specified, and BackupName is empty, Velero will restore\nfrom the most recent successful backup created from this schedule.", + "type": "string" + }, + "uploaderConfig": { + "description": "UploaderConfig specifies the configuration for the restore.", + "nullable": true, + "properties": { + "parallelFilesDownload": { + "description": "ParallelFilesDownload is the concurrency number setting for restore.", + "type": "integer" + }, + "writeSparseFiles": { + "description": "WriteSparseFiles is a flag to indicate whether write files sparsely or not.", + "nullable": true, + "type": "boolean" + } + }, + "type": "object" } - ], - "default": {}, - "description": "Specification of the desired behavior of the pod. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status" + }, + "type": "object" }, "status": { - "allOf": [ - { - "$ref": "#/components/schemas/io.k8s.api.core.v1.PodStatus" + "description": "RestoreStatus captures the current status of a Velero restore", + "properties": { + "completionTimestamp": { + "description": "CompletionTimestamp records the time the restore operation was completed.\nCompletion time is recorded even on failed restore.\nThe server's time is used for StartTimestamps", + "format": "date-time", + "nullable": true, + "type": "string" + }, + "errors": { + "description": "Errors is a count of all error messages that were generated during\nexecution of the restore. The actual errors are stored in object storage.", + "type": "integer" + }, + "failureReason": { + "description": "FailureReason is an error that caused the entire restore to fail.", + "type": "string" + }, + "hookStatus": { + "description": "HookStatus contains information about the status of the hooks.", + "nullable": true, + "properties": { + "hooksAttempted": { + "description": "HooksAttempted is the total number of attempted hooks\nSpecifically, HooksAttempted represents the number of hooks that failed to execute\nand the number of hooks that executed successfully.", + "type": "integer" + }, + "hooksFailed": { + "description": "HooksFailed is the total number of hooks which ended with an error", + "type": "integer" + } + }, + "type": "object" + }, + "phase": { + "description": "Phase is the current state of the Restore", + "enum": [ + "New", + "FailedValidation", + "InProgress", + "WaitingForPluginOperations", + "WaitingForPluginOperationsPartiallyFailed", + "Completed", + "PartiallyFailed", + "Failed", + "Finalizing", + "FinalizingPartiallyFailed" + ], + "type": "string" + }, + "progress": { + "description": "Progress contains information about the restore's execution progress. Note\nthat this information is best-effort only -- if Velero fails to update it\nduring a restore for any reason, it may be inaccurate/stale.", + "nullable": true, + "properties": { + "itemsRestored": { + "description": "ItemsRestored is the number of items that have actually been restored so far", + "type": "integer" + }, + "totalItems": { + "description": "TotalItems is the total number of items to be restored. This number may change\nthroughout the execution of the restore due to plugins that return additional related\nitems to restore", + "type": "integer" + } + }, + "type": "object" + }, + "restoreItemOperationsAttempted": { + "description": "RestoreItemOperationsAttempted is the total number of attempted\nasync RestoreItemAction operations for this restore.", + "type": "integer" + }, + "restoreItemOperationsCompleted": { + "description": "RestoreItemOperationsCompleted is the total number of successfully completed\nasync RestoreItemAction operations for this restore.", + "type": "integer" + }, + "restoreItemOperationsFailed": { + "description": "RestoreItemOperationsFailed is the total number of async\nRestoreItemAction operations for this restore which ended with an error.", + "type": "integer" + }, + "startTimestamp": { + "description": "StartTimestamp records the time the restore operation was started.\nThe server's time is used for StartTimestamps", + "format": "date-time", + "nullable": true, + "type": "string" + }, + "validationErrors": { + "description": "ValidationErrors is a slice of all validation errors (if\napplicable)", + "items": { + "type": "string" + }, + "nullable": true, + "type": "array" + }, + "warnings": { + "description": "Warnings is a count of all warning messages that were generated during\nexecution of the restore. The actual warnings are stored in object storage.", + "type": "integer" } - ], - "default": {}, - "description": "Most recently observed status of the pod. This data may not be up to date. Populated by the system. Read-only. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status" + }, + "type": "object" } }, "required": [], "type": "object", "x-kubernetes-group-version-kind": [ { - "group": "", - "kind": "Pod", + "group": "velero.io", + "kind": "Restore", "version": "v1" } ] }, - "v1/PodList": { - "description": "PodList is a list of Pods.", + "velero.io/v1/RestoreList": { + "description": "RestoreList is a list of Restore", "namespaced": true, "properties": { "apiVersion": { @@ -308531,14 +319981,9 @@ "type": "string" }, "items": { - "description": "List of pods. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md", + "description": "List of restores. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md", "items": { - "allOf": [ - { - "$ref": "#/components/schemas/io.k8s.api.core.v1.Pod" - } - ], - "default": {} + "$ref": "#/components/schemas/io.velero.v1.Restore" }, "type": "array" }, @@ -308552,7 +319997,6 @@ "$ref": "#/components/schemas/io.k8s.apimachinery.pkg.apis.meta.v1.ListMeta" } ], - "default": {}, "description": "Standard list metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" } }, @@ -308562,14 +320006,14 @@ "type": "object", "x-kubernetes-group-version-kind": [ { - "group": "", - "kind": "PodList", + "group": "velero.io", + "kind": "RestoreList", "version": "v1" } ] }, - "v1/PodTemplate": { - "description": "PodTemplate describes a template for creating copies of a predefined pod.", + "velero.io/v1/Schedule": { + "description": "Schedule is a Velero resource that represents a pre-scheduled or\nperiodic Backup that should be run.", "namespaced": true, "properties": { "apiVersion": { @@ -308586,31 +320030,551 @@ "$ref": "#/components/schemas/io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta" } ], - "default": {}, "description": "Standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata" }, - "template": { - "allOf": [ - { - "$ref": "#/components/schemas/io.k8s.api.core.v1.PodTemplateSpec" + "spec": { + "description": "ScheduleSpec defines the specification for a Velero schedule", + "properties": { + "paused": { + "description": "Paused specifies whether the schedule is paused or not", + "type": "boolean" + }, + "schedule": { + "description": "Schedule is a Cron expression defining when to run\nthe Backup.", + "type": "string" + }, + "skipImmediately": { + "description": "SkipImmediately specifies whether to skip backup if schedule is due immediately from `schedule.status.lastBackup` timestamp when schedule is unpaused or if schedule is new.\nIf true, backup will be skipped immediately when schedule is unpaused if it is due based on .Status.LastBackupTimestamp or schedule is new, and will run at next schedule time.\nIf false, backup will not be skipped immediately when schedule is unpaused, but will run at next schedule time.\nIf empty, will follow server configuration (default: false).", + "type": "boolean" + }, + "template": { + "description": "Template is the definition of the Backup to be run\non the provided schedule", + "properties": { + "csiSnapshotTimeout": { + "description": "CSISnapshotTimeout specifies the time used to wait for CSI VolumeSnapshot status turns to\nReadyToUse during creation, before returning error as timeout.\nThe default value is 10 minute.", + "type": "string" + }, + "datamover": { + "description": "DataMover specifies the data mover to be used by the backup.\nIf DataMover is \"\" or \"velero\", the built-in data mover will be used.", + "type": "string" + }, + "defaultVolumesToFsBackup": { + "description": "DefaultVolumesToFsBackup specifies whether pod volume file system backup should be used\nfor all volumes by default.", + "nullable": true, + "type": "boolean" + }, + "defaultVolumesToRestic": { + "description": "DefaultVolumesToRestic specifies whether restic should be used to take a\nbackup of all pod volumes by default.\n\nDeprecated: this field is no longer used and will be removed entirely in future. Use DefaultVolumesToFsBackup instead.", + "nullable": true, + "type": "boolean" + }, + "excludedClusterScopedResources": { + "description": "ExcludedClusterScopedResources is a slice of cluster-scoped\nresource type names to exclude from the backup.\nIf set to \"*\", all cluster-scoped resource types are excluded.\nThe default value is empty.", + "items": { + "type": "string" + }, + "nullable": true, + "type": "array" + }, + "excludedNamespaceScopedResources": { + "description": "ExcludedNamespaceScopedResources is a slice of namespace-scoped\nresource type names to exclude from the backup.\nIf set to \"*\", all namespace-scoped resource types are excluded.\nThe default value is empty.", + "items": { + "type": "string" + }, + "nullable": true, + "type": "array" + }, + "excludedNamespaces": { + "description": "ExcludedNamespaces contains a list of namespaces that are not\nincluded in the backup.", + "items": { + "type": "string" + }, + "nullable": true, + "type": "array" + }, + "excludedResources": { + "description": "ExcludedResources is a slice of resource names that are not\nincluded in the backup.", + "items": { + "type": "string" + }, + "nullable": true, + "type": "array" + }, + "hooks": { + "description": "Hooks represent custom behaviors that should be executed at different phases of the backup.", + "properties": { + "resources": { + "description": "Resources are hooks that should be executed when backing up individual instances of a resource.", + "items": { + "description": "BackupResourceHookSpec defines one or more BackupResourceHooks that should be executed based on\nthe rules defined for namespaces, resources, and label selector.", + "properties": { + "excludedNamespaces": { + "description": "ExcludedNamespaces specifies the namespaces to which this hook spec does not apply.", + "items": { + "type": "string" + }, + "nullable": true, + "type": "array" + }, + "excludedResources": { + "description": "ExcludedResources specifies the resources to which this hook spec does not apply.", + "items": { + "type": "string" + }, + "nullable": true, + "type": "array" + }, + "includedNamespaces": { + "description": "IncludedNamespaces specifies the namespaces to which this hook spec applies. If empty, it applies\nto all namespaces.", + "items": { + "type": "string" + }, + "nullable": true, + "type": "array" + }, + "includedResources": { + "description": "IncludedResources specifies the resources to which this hook spec applies. If empty, it applies\nto all resources.", + "items": { + "type": "string" + }, + "nullable": true, + "type": "array" + }, + "labelSelector": { + "description": "LabelSelector, if specified, filters the resources to which this hook spec applies.", + "nullable": true, + "properties": { + "matchExpressions": { + "description": "matchExpressions is a list of label selector requirements. The requirements are ANDed.", + "items": { + "description": "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values.", + "properties": { + "key": { + "description": "key is the label key that the selector applies to.", + "type": "string" + }, + "operator": { + "description": "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist.", + "type": "string" + }, + "values": { + "description": "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch.", + "items": { + "type": "string" + }, + "type": "array", + "x-kubernetes-list-type": "atomic" + } + }, + "required": [ + "key", + "operator" + ], + "type": "object" + }, + "type": "array", + "x-kubernetes-list-type": "atomic" + }, + "matchLabels": { + "additionalProperties": { + "type": "string" + }, + "description": "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed.", + "type": "object" + } + }, + "type": "object", + "x-kubernetes-map-type": "atomic" + }, + "name": { + "description": "Name is the name of this hook.", + "type": "string" + }, + "post": { + "description": "PostHooks is a list of BackupResourceHooks to execute after storing the item in the backup.\nThese are executed after all \"additional items\" from item actions are processed.", + "items": { + "description": "BackupResourceHook defines a hook for a resource.", + "properties": { + "exec": { + "description": "Exec defines an exec hook.", + "properties": { + "command": { + "description": "Command is the command and arguments to execute.", + "items": { + "type": "string" + }, + "minItems": 1, + "type": "array" + }, + "container": { + "description": "Container is the container in the pod where the command should be executed. If not specified,\nthe pod's first container is used.", + "type": "string" + }, + "onError": { + "description": "OnError specifies how Velero should behave if it encounters an error executing this hook.", + "enum": [ + "Continue", + "Fail" + ], + "type": "string" + }, + "timeout": { + "description": "Timeout defines the maximum amount of time Velero should wait for the hook to complete before\nconsidering the execution a failure.", + "type": "string" + } + }, + "required": [ + "command" + ], + "type": "object" + } + }, + "required": [ + "exec" + ], + "type": "object" + }, + "type": "array" + }, + "pre": { + "description": "PreHooks is a list of BackupResourceHooks to execute prior to storing the item in the backup.\nThese are executed before any \"additional items\" from item actions are processed.", + "items": { + "description": "BackupResourceHook defines a hook for a resource.", + "properties": { + "exec": { + "description": "Exec defines an exec hook.", + "properties": { + "command": { + "description": "Command is the command and arguments to execute.", + "items": { + "type": "string" + }, + "minItems": 1, + "type": "array" + }, + "container": { + "description": "Container is the container in the pod where the command should be executed. If not specified,\nthe pod's first container is used.", + "type": "string" + }, + "onError": { + "description": "OnError specifies how Velero should behave if it encounters an error executing this hook.", + "enum": [ + "Continue", + "Fail" + ], + "type": "string" + }, + "timeout": { + "description": "Timeout defines the maximum amount of time Velero should wait for the hook to complete before\nconsidering the execution a failure.", + "type": "string" + } + }, + "required": [ + "command" + ], + "type": "object" + } + }, + "required": [ + "exec" + ], + "type": "object" + }, + "type": "array" + } + }, + "required": [ + "name" + ], + "type": "object" + }, + "nullable": true, + "type": "array" + } + }, + "type": "object" + }, + "includeClusterResources": { + "description": "IncludeClusterResources specifies whether cluster-scoped resources\nshould be included for consideration in the backup.", + "nullable": true, + "type": "boolean" + }, + "includedClusterScopedResources": { + "description": "IncludedClusterScopedResources is a slice of cluster-scoped\nresource type names to include in the backup.\nIf set to \"*\", all cluster-scoped resource types are included.\nThe default value is empty, which means only related\ncluster-scoped resources are included.", + "items": { + "type": "string" + }, + "nullable": true, + "type": "array" + }, + "includedNamespaceScopedResources": { + "description": "IncludedNamespaceScopedResources is a slice of namespace-scoped\nresource type names to include in the backup.\nThe default value is \"*\".", + "items": { + "type": "string" + }, + "nullable": true, + "type": "array" + }, + "includedNamespaces": { + "description": "IncludedNamespaces is a slice of namespace names to include objects\nfrom. If empty, all namespaces are included.", + "items": { + "type": "string" + }, + "nullable": true, + "type": "array" + }, + "includedResources": { + "description": "IncludedResources is a slice of resource names to include\nin the backup. If empty, all resources are included.", + "items": { + "type": "string" + }, + "nullable": true, + "type": "array" + }, + "itemOperationTimeout": { + "description": "ItemOperationTimeout specifies the time used to wait for asynchronous BackupItemAction operations\nThe default value is 4 hour.", + "type": "string" + }, + "labelSelector": { + "description": "LabelSelector is a metav1.LabelSelector to filter with\nwhen adding individual objects to the backup. If empty\nor nil, all objects are included. Optional.", + "nullable": true, + "properties": { + "matchExpressions": { + "description": "matchExpressions is a list of label selector requirements. The requirements are ANDed.", + "items": { + "description": "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values.", + "properties": { + "key": { + "description": "key is the label key that the selector applies to.", + "type": "string" + }, + "operator": { + "description": "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist.", + "type": "string" + }, + "values": { + "description": "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch.", + "items": { + "type": "string" + }, + "type": "array", + "x-kubernetes-list-type": "atomic" + } + }, + "required": [ + "key", + "operator" + ], + "type": "object" + }, + "type": "array", + "x-kubernetes-list-type": "atomic" + }, + "matchLabels": { + "additionalProperties": { + "type": "string" + }, + "description": "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed.", + "type": "object" + } + }, + "type": "object", + "x-kubernetes-map-type": "atomic" + }, + "metadata": { + "properties": { + "labels": { + "additionalProperties": { + "type": "string" + }, + "type": "object" + } + }, + "type": "object" + }, + "orLabelSelectors": { + "description": "OrLabelSelectors is list of metav1.LabelSelector to filter with\nwhen adding individual objects to the backup. If multiple provided\nthey will be joined by the OR operator. LabelSelector as well as\nOrLabelSelectors cannot co-exist in backup request, only one of them\ncan be used.", + "items": { + "description": "A label selector is a label query over a set of resources. The result of matchLabels and\nmatchExpressions are ANDed. An empty label selector matches all objects. A null\nlabel selector matches no objects.", + "properties": { + "matchExpressions": { + "description": "matchExpressions is a list of label selector requirements. The requirements are ANDed.", + "items": { + "description": "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values.", + "properties": { + "key": { + "description": "key is the label key that the selector applies to.", + "type": "string" + }, + "operator": { + "description": "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist.", + "type": "string" + }, + "values": { + "description": "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch.", + "items": { + "type": "string" + }, + "type": "array", + "x-kubernetes-list-type": "atomic" + } + }, + "required": [ + "key", + "operator" + ], + "type": "object" + }, + "type": "array", + "x-kubernetes-list-type": "atomic" + }, + "matchLabels": { + "additionalProperties": { + "type": "string" + }, + "description": "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed.", + "type": "object" + } + }, + "type": "object", + "x-kubernetes-map-type": "atomic" + }, + "nullable": true, + "type": "array" + }, + "orderedResources": { + "additionalProperties": { + "type": "string" + }, + "description": "OrderedResources specifies the backup order of resources of specific Kind.\nThe map key is the resource name and value is a list of object names separated by commas.\nEach resource name has format \"namespace/objectname\". For cluster resources, simply use \"objectname\".", + "nullable": true, + "type": "object" + }, + "resourcePolicy": { + "description": "ResourcePolicy specifies the referenced resource policies that backup should follow", + "properties": { + "apiGroup": { + "description": "APIGroup is the group for the resource being referenced.\nIf APIGroup is not specified, the specified Kind must be in the core API group.\nFor any other third-party types, APIGroup is required.", + "type": "string" + }, + "kind": { + "description": "Kind is the type of resource being referenced", + "type": "string" + }, + "name": { + "description": "Name is the name of resource being referenced", + "type": "string" + } + }, + "required": [ + "kind", + "name" + ], + "type": "object", + "x-kubernetes-map-type": "atomic" + }, + "snapshotMoveData": { + "description": "SnapshotMoveData specifies whether snapshot data should be moved", + "nullable": true, + "type": "boolean" + }, + "snapshotVolumes": { + "description": "SnapshotVolumes specifies whether to take snapshots\nof any PV's referenced in the set of objects included\nin the Backup.", + "nullable": true, + "type": "boolean" + }, + "storageLocation": { + "description": "StorageLocation is a string containing the name of a BackupStorageLocation where the backup should be stored.", + "type": "string" + }, + "ttl": { + "description": "TTL is a time.Duration-parseable string describing how long\nthe Backup should be retained for.", + "type": "string" + }, + "uploaderConfig": { + "description": "UploaderConfig specifies the configuration for the uploader.", + "nullable": true, + "properties": { + "parallelFilesUpload": { + "description": "ParallelFilesUpload is the number of files parallel uploads to perform when using the uploader.", + "type": "integer" + } + }, + "type": "object" + }, + "volumeGroupSnapshotLabelKey": { + "description": "VolumeGroupSnapshotLabelKey specifies the label key to group PVCs under a VGS.", + "type": "string" + }, + "volumeSnapshotLocations": { + "description": "VolumeSnapshotLocations is a list containing names of VolumeSnapshotLocations associated with this backup.", + "items": { + "type": "string" + }, + "type": "array" + } + }, + "type": "object" + }, + "useOwnerReferencesInBackup": { + "description": "UseOwnerReferencesBackup specifies whether to use\nOwnerReferences on backups created by this Schedule.", + "nullable": true, + "type": "boolean" } + }, + "required": [ + "schedule", + "template" ], - "default": {}, - "description": "Template defines the pods that will be created from this pod template. https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status" + "type": "object" + }, + "status": { + "description": "ScheduleStatus captures the current state of a Velero schedule", + "properties": { + "lastBackup": { + "description": "LastBackup is the last time a Backup was run for this\nSchedule schedule", + "format": "date-time", + "nullable": true, + "type": "string" + }, + "lastSkipped": { + "description": "LastSkipped is the last time a Schedule was skipped", + "format": "date-time", + "nullable": true, + "type": "string" + }, + "phase": { + "description": "Phase is the current phase of the Schedule", + "enum": [ + "New", + "Enabled", + "FailedValidation" + ], + "type": "string" + }, + "validationErrors": { + "description": "ValidationErrors is a slice of all validation errors (if\napplicable)", + "items": { + "type": "string" + }, + "type": "array" + } + }, + "type": "object" } }, "required": [], "type": "object", "x-kubernetes-group-version-kind": [ { - "group": "", - "kind": "PodTemplate", + "group": "velero.io", + "kind": "Schedule", "version": "v1" } ] }, - "v1/PodTemplateList": { - "description": "PodTemplateList is a list of PodTemplates.", + "velero.io/v1/ScheduleList": { + "description": "ScheduleList is a list of Schedule", "namespaced": true, "properties": { "apiVersion": { @@ -308618,14 +320582,9 @@ "type": "string" }, "items": { - "description": "List of pod templates", + "description": "List of schedules. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md", "items": { - "allOf": [ - { - "$ref": "#/components/schemas/io.k8s.api.core.v1.PodTemplate" - } - ], - "default": {} + "$ref": "#/components/schemas/io.velero.v1.Schedule" }, "type": "array" }, @@ -308639,7 +320598,6 @@ "$ref": "#/components/schemas/io.k8s.apimachinery.pkg.apis.meta.v1.ListMeta" } ], - "default": {}, "description": "Standard list metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" } }, @@ -308649,14 +320607,14 @@ "type": "object", "x-kubernetes-group-version-kind": [ { - "group": "", - "kind": "PodTemplateList", + "group": "velero.io", + "kind": "ScheduleList", "version": "v1" } ] }, - "v1/ReplicationController": { - "description": "ReplicationController represents the configuration of a replication controller.", + "velero.io/v1/ServerStatusRequest": { + "description": "ServerStatusRequest is a request to access current status information about\nthe Velero server.", "namespaced": true, "properties": { "apiVersion": { @@ -308673,40 +320631,70 @@ "$ref": "#/components/schemas/io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta" } ], - "default": {}, - "description": "If the Labels of a ReplicationController are empty, they are defaulted to be the same as the Pod(s) that the replication controller manages. Standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata" + "description": "Standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata" }, "spec": { - "allOf": [ - { - "$ref": "#/components/schemas/io.k8s.api.core.v1.ReplicationControllerSpec" - } - ], - "default": {}, - "description": "Spec defines the specification of the desired behavior of the replication controller. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status" + "description": "ServerStatusRequestSpec is the specification for a ServerStatusRequest.", + "type": "object" }, "status": { - "allOf": [ - { - "$ref": "#/components/schemas/io.k8s.api.core.v1.ReplicationControllerStatus" + "description": "ServerStatusRequestStatus is the current status of a ServerStatusRequest.", + "properties": { + "phase": { + "description": "Phase is the current lifecycle phase of the ServerStatusRequest.", + "enum": [ + "New", + "Processed" + ], + "type": "string" + }, + "plugins": { + "description": "Plugins list information about the plugins running on the Velero server", + "items": { + "description": "PluginInfo contains attributes of a Velero plugin", + "properties": { + "kind": { + "type": "string" + }, + "name": { + "type": "string" + } + }, + "required": [ + "kind", + "name" + ], + "type": "object" + }, + "nullable": true, + "type": "array" + }, + "processedTimestamp": { + "description": "ProcessedTimestamp is when the ServerStatusRequest was processed\nby the ServerStatusRequestController.", + "format": "date-time", + "nullable": true, + "type": "string" + }, + "serverVersion": { + "description": "ServerVersion is the Velero server version.", + "type": "string" } - ], - "default": {}, - "description": "Status is the most recently observed status of the replication controller. This data may be out of date by some window of time. Populated by the system. Read-only. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status" + }, + "type": "object" } }, "required": [], "type": "object", "x-kubernetes-group-version-kind": [ { - "group": "", - "kind": "ReplicationController", + "group": "velero.io", + "kind": "ServerStatusRequest", "version": "v1" } ] }, - "v1/ReplicationControllerList": { - "description": "ReplicationControllerList is a collection of replication controllers.", + "velero.io/v1/ServerStatusRequestList": { + "description": "ServerStatusRequestList is a list of ServerStatusRequest", "namespaced": true, "properties": { "apiVersion": { @@ -308714,14 +320702,9 @@ "type": "string" }, "items": { - "description": "List of replication controllers. More info: https://kubernetes.io/docs/concepts/workloads/controllers/replicationcontroller", + "description": "List of serverstatusrequests. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md", "items": { - "allOf": [ - { - "$ref": "#/components/schemas/io.k8s.api.core.v1.ReplicationController" - } - ], - "default": {} + "$ref": "#/components/schemas/io.velero.v1.ServerStatusRequest" }, "type": "array" }, @@ -308735,7 +320718,6 @@ "$ref": "#/components/schemas/io.k8s.apimachinery.pkg.apis.meta.v1.ListMeta" } ], - "default": {}, "description": "Standard list metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" } }, @@ -308745,14 +320727,14 @@ "type": "object", "x-kubernetes-group-version-kind": [ { - "group": "", - "kind": "ReplicationControllerList", + "group": "velero.io", + "kind": "ServerStatusRequestList", "version": "v1" } ] }, - "v1/ResourceQuota": { - "description": "ResourceQuota sets aggregate quota restrictions enforced per namespace", + "velero.io/v1/VolumeSnapshotLocation": { + "description": "VolumeSnapshotLocation is a location where Velero stores volume snapshots.", "namespaced": true, "properties": { "apiVersion": { @@ -308769,40 +320751,78 @@ "$ref": "#/components/schemas/io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta" } ], - "default": {}, "description": "Standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata" }, "spec": { - "allOf": [ - { - "$ref": "#/components/schemas/io.k8s.api.core.v1.ResourceQuotaSpec" + "description": "VolumeSnapshotLocationSpec defines the specification for a Velero VolumeSnapshotLocation.", + "properties": { + "config": { + "additionalProperties": { + "type": "string" + }, + "description": "Config is for provider-specific configuration fields.", + "type": "object" + }, + "credential": { + "description": "Credential contains the credential information intended to be used with this location", + "properties": { + "key": { + "description": "The key of the secret to select from. Must be a valid secret key.", + "type": "string" + }, + "name": { + "default": "", + "description": "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names", + "type": "string" + }, + "optional": { + "description": "Specify whether the Secret or its key must be defined", + "type": "boolean" + } + }, + "required": [ + "key" + ], + "type": "object", + "x-kubernetes-map-type": "atomic" + }, + "provider": { + "description": "Provider is the provider of the volume storage.", + "type": "string" } + }, + "required": [ + "provider" ], - "default": {}, - "description": "Spec defines the desired quota. https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status" + "type": "object" }, "status": { - "allOf": [ - { - "$ref": "#/components/schemas/io.k8s.api.core.v1.ResourceQuotaStatus" + "description": "VolumeSnapshotLocationStatus describes the current status of a Velero VolumeSnapshotLocation.", + "properties": { + "phase": { + "description": "VolumeSnapshotLocationPhase is the lifecycle phase of a Velero VolumeSnapshotLocation.", + "enum": [ + "Available", + "Unavailable" + ], + "type": "string" } - ], - "default": {}, - "description": "Status defines the actual enforced quota and its current usage. https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status" + }, + "type": "object" } }, "required": [], "type": "object", "x-kubernetes-group-version-kind": [ { - "group": "", - "kind": "ResourceQuota", + "group": "velero.io", + "kind": "VolumeSnapshotLocation", "version": "v1" } ] }, - "v1/ResourceQuotaList": { - "description": "ResourceQuotaList is a list of ResourceQuota items.", + "velero.io/v1/VolumeSnapshotLocationList": { + "description": "VolumeSnapshotLocationList is a list of VolumeSnapshotLocation", "namespaced": true, "properties": { "apiVersion": { @@ -308810,14 +320830,9 @@ "type": "string" }, "items": { - "description": "Items is a list of ResourceQuota objects. More info: https://kubernetes.io/docs/concepts/policy/resource-quotas/", + "description": "List of volumesnapshotlocations. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md", "items": { - "allOf": [ - { - "$ref": "#/components/schemas/io.k8s.api.core.v1.ResourceQuota" - } - ], - "default": {} + "$ref": "#/components/schemas/io.velero.v1.VolumeSnapshotLocation" }, "type": "array" }, @@ -308831,7 +320846,6 @@ "$ref": "#/components/schemas/io.k8s.apimachinery.pkg.apis.meta.v1.ListMeta" } ], - "default": {}, "description": "Standard list metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" } }, @@ -308841,32 +320855,20 @@ "type": "object", "x-kubernetes-group-version-kind": [ { - "group": "", - "kind": "ResourceQuotaList", + "group": "velero.io", + "kind": "VolumeSnapshotLocationList", "version": "v1" } ] }, - "v1/Secret": { - "description": "Secret holds secret data of a certain type. The total bytes of the values in the Data field must be less than MaxSecretSize bytes.", + "velero.io/v2alpha1/DataDownload": { + "description": "DataDownload acts as the protocol between data mover plugins and data mover controller for the datamover restore operation", "namespaced": true, "properties": { "apiVersion": { "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources", "type": "string" }, - "data": { - "additionalProperties": { - "format": "byte", - "type": "string" - }, - "description": "Data contains the secret data. Each key must consist of alphanumeric characters, '-', '_' or '.'. The serialized form of the secret data is a base64 encoded string, representing the arbitrary (possibly non-string) data value here. Described in https://tools.ietf.org/html/rfc4648#section-4", - "type": "object" - }, - "immutable": { - "description": "Immutable, if set to true, ensures that data stored in the Secret cannot be updated (only object metadata can be modified). If not set to true, the field can be modified at any time. Defaulted to nil.", - "type": "boolean" - }, "kind": { "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", "type": "string" @@ -308877,34 +320879,166 @@ "$ref": "#/components/schemas/io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta" } ], - "default": {}, "description": "Standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata" }, - "stringData": { - "additionalProperties": { - "default": "", - "type": "string" + "spec": { + "description": "DataDownloadSpec is the specification for a DataDownload.", + "properties": { + "backupStorageLocation": { + "description": "BackupStorageLocation is the name of the backup storage location\nwhere the backup repository is stored.", + "type": "string" + }, + "cancel": { + "description": "Cancel indicates request to cancel the ongoing DataDownload. It can be set\nwhen the DataDownload is in InProgress phase", + "type": "boolean" + }, + "dataMoverConfig": { + "additionalProperties": { + "type": "string" + }, + "description": "DataMoverConfig is for data-mover-specific configuration fields.", + "type": "object" + }, + "datamover": { + "description": "DataMover specifies the data mover to be used by the backup.\nIf DataMover is \"\" or \"velero\", the built-in data mover will be used.", + "type": "string" + }, + "nodeOS": { + "description": "NodeOS is OS of the node where the DataDownload is processed.", + "enum": [ + "auto", + "linux", + "windows" + ], + "type": "string" + }, + "operationTimeout": { + "description": "OperationTimeout specifies the time used to wait internal operations,\nbefore returning error as timeout.", + "type": "string" + }, + "snapshotID": { + "description": "SnapshotID is the ID of the Velero backup snapshot to be restored from.", + "type": "string" + }, + "snapshotSize": { + "description": "SnapshotSize is the logical size in Bytes of the snapshot.", + "format": "int64", + "type": "integer" + }, + "sourceNamespace": { + "description": "SourceNamespace is the original namespace where the volume is backed up from.\nIt may be different from SourcePVC's namespace if namespace is remapped during restore.", + "type": "string" + }, + "targetVolume": { + "description": "TargetVolume is the information of the target PVC and PV.", + "properties": { + "namespace": { + "description": "Namespace is the target namespace", + "type": "string" + }, + "pv": { + "description": "PV is the name of the target PV that is created by Velero restore", + "type": "string" + }, + "pvc": { + "description": "PVC is the name of the target PVC that is created by Velero restore", + "type": "string" + } + }, + "required": [ + "namespace", + "pv", + "pvc" + ], + "type": "object" + } }, - "description": "stringData allows specifying non-binary secret data in string form. It is provided as a write-only input field for convenience. All keys and values are merged into the data field on write, overwriting any existing values. The stringData field is never output when reading from the API.", + "required": [ + "backupStorageLocation", + "operationTimeout", + "snapshotID", + "sourceNamespace", + "targetVolume" + ], "type": "object" }, - "type": { - "description": "Used to facilitate programmatic handling of secret data. More info: https://kubernetes.io/docs/concepts/configuration/secret/#secret-types", - "type": "string" + "status": { + "description": "DataDownloadStatus is the current status of a DataDownload.", + "properties": { + "acceptedByNode": { + "description": "Node is name of the node where the DataUpload is prepared.", + "type": "string" + }, + "acceptedTimestamp": { + "description": "AcceptedTimestamp records the time the DataUpload is to be prepared.\nThe server's time is used for AcceptedTimestamp", + "format": "date-time", + "nullable": true, + "type": "string" + }, + "completionTimestamp": { + "description": "CompletionTimestamp records the time a restore was completed.\nCompletion time is recorded even on failed restores.\nThe server's time is used for CompletionTimestamps", + "format": "date-time", + "nullable": true, + "type": "string" + }, + "message": { + "description": "Message is a message about the DataDownload's status.", + "type": "string" + }, + "node": { + "description": "Node is name of the node where the DataDownload is processed.", + "type": "string" + }, + "phase": { + "description": "Phase is the current state of the DataDownload.", + "enum": [ + "New", + "Accepted", + "Prepared", + "InProgress", + "Canceling", + "Canceled", + "Completed", + "Failed" + ], + "type": "string" + }, + "progress": { + "description": "Progress holds the total number of bytes of the snapshot and the current\nnumber of restored bytes. This can be used to display progress information\nabout the restore operation.", + "properties": { + "bytesDone": { + "format": "int64", + "type": "integer" + }, + "totalBytes": { + "format": "int64", + "type": "integer" + } + }, + "type": "object" + }, + "startTimestamp": { + "description": "StartTimestamp records the time a restore was started.\nThe server's time is used for StartTimestamps", + "format": "date-time", + "nullable": true, + "type": "string" + } + }, + "type": "object" } }, "required": [], "type": "object", "x-kubernetes-group-version-kind": [ { - "group": "", - "kind": "Secret", - "version": "v1" + "group": "velero.io", + "kind": "DataDownload", + "version": "v2alpha1" } ] }, - "v1/SecretList": { - "description": "SecretList is a list of Secret.", + "velero.io/v2alpha1/DataDownloadList": { + "description": "DataDownloadList is a list of DataDownload", "namespaced": true, "properties": { "apiVersion": { @@ -308912,14 +321046,9 @@ "type": "string" }, "items": { - "description": "Items is a list of secret objects. More info: https://kubernetes.io/docs/concepts/configuration/secret", + "description": "List of datadownloads. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md", "items": { - "allOf": [ - { - "$ref": "#/components/schemas/io.k8s.api.core.v1.Secret" - } - ], - "default": {} + "$ref": "#/components/schemas/io.velero.v2alpha1.DataDownload" }, "type": "array" }, @@ -308933,7 +321062,6 @@ "$ref": "#/components/schemas/io.k8s.apimachinery.pkg.apis.meta.v1.ListMeta" } ], - "default": {}, "description": "Standard list metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" } }, @@ -308943,14 +321071,14 @@ "type": "object", "x-kubernetes-group-version-kind": [ { - "group": "", - "kind": "SecretList", - "version": "v1" + "group": "velero.io", + "kind": "DataDownloadList", + "version": "v2alpha1" } ] }, - "v1/Service": { - "description": "Service is a named abstraction of software service (for example, mysql) consisting of local port (for example 3306) that the proxy listens on, and the selector that determines which pods will answer requests sent through the proxy.", + "velero.io/v2alpha1/DataUpload": { + "description": "DataUpload acts as the protocol between data mover plugins and data mover controller for the datamover backup operation", "namespaced": true, "properties": { "apiVersion": { @@ -308967,153 +321095,191 @@ "$ref": "#/components/schemas/io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta" } ], - "default": {}, "description": "Standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata" }, "spec": { - "allOf": [ - { - "$ref": "#/components/schemas/io.k8s.api.core.v1.ServiceSpec" + "description": "DataUploadSpec is the specification for a DataUpload.", + "properties": { + "backupStorageLocation": { + "description": "BackupStorageLocation is the name of the backup storage location\nwhere the backup repository is stored.", + "type": "string" + }, + "cancel": { + "description": "Cancel indicates request to cancel the ongoing DataUpload. It can be set\nwhen the DataUpload is in InProgress phase", + "type": "boolean" + }, + "csiSnapshot": { + "description": "If SnapshotType is CSI, CSISnapshot provides the information of the CSI snapshot.", + "nullable": true, + "properties": { + "driver": { + "description": "Driver is the driver used by the VolumeSnapshotContent", + "type": "string" + }, + "snapshotClass": { + "description": "SnapshotClass is the name of the snapshot class that the volume snapshot is created with", + "type": "string" + }, + "storageClass": { + "description": "StorageClass is the name of the storage class of the PVC that the volume snapshot is created from", + "type": "string" + }, + "volumeSnapshot": { + "description": "VolumeSnapshot is the name of the volume snapshot to be backed up", + "type": "string" + } + }, + "required": [ + "storageClass", + "volumeSnapshot" + ], + "type": "object" + }, + "dataMoverConfig": { + "additionalProperties": { + "type": "string" + }, + "description": "DataMoverConfig is for data-mover-specific configuration fields.", + "nullable": true, + "type": "object" + }, + "datamover": { + "description": "DataMover specifies the data mover to be used by the backup.\nIf DataMover is \"\" or \"velero\", the built-in data mover will be used.", + "type": "string" + }, + "operationTimeout": { + "description": "OperationTimeout specifies the time used to wait internal operations,\nbefore returning error as timeout.", + "type": "string" + }, + "snapshotType": { + "description": "SnapshotType is the type of the snapshot to be backed up.", + "type": "string" + }, + "sourceNamespace": { + "description": "SourceNamespace is the original namespace where the volume is backed up from.\nIt is the same namespace for SourcePVC and CSI namespaced objects.", + "type": "string" + }, + "sourcePVC": { + "description": "SourcePVC is the name of the PVC which the snapshot is taken for.", + "type": "string" } + }, + "required": [ + "backupStorageLocation", + "operationTimeout", + "snapshotType", + "sourceNamespace", + "sourcePVC" ], - "default": {}, - "description": "Spec defines the behavior of a service. https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status" + "type": "object" }, "status": { - "allOf": [ - { - "$ref": "#/components/schemas/io.k8s.api.core.v1.ServiceStatus" - } - ], - "default": {}, - "description": "Most recently observed status of the service. Populated by the system. Read-only. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status" - } - }, - "required": [], - "type": "object", - "x-kubernetes-group-version-kind": [ - { - "group": "", - "kind": "Service", - "version": "v1" - } - ] - }, - "v1/ServiceAccount": { - "description": "ServiceAccount binds together: * a name, understood by users, and perhaps by peripheral systems, for an identity * a principal that can be authenticated and authorized * a set of secrets", - "namespaced": true, - "properties": { - "apiVersion": { - "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources", - "type": "string" - }, - "automountServiceAccountToken": { - "description": "AutomountServiceAccountToken indicates whether pods running as this service account should have an API token automatically mounted. Can be overridden at the pod level.", - "type": "boolean" - }, - "imagePullSecrets": { - "description": "ImagePullSecrets is a list of references to secrets in the same namespace to use for pulling any images in pods that reference this ServiceAccount. ImagePullSecrets are distinct from Secrets because Secrets can be mounted in the pod, but ImagePullSecrets are only accessed by the kubelet. More info: https://kubernetes.io/docs/concepts/containers/images/#specifying-imagepullsecrets-on-a-pod", - "items": { - "allOf": [ - { - "$ref": "#/components/schemas/io.k8s.api.core.v1.LocalObjectReference" - } - ], - "default": {} - }, - "type": "array", - "x-kubernetes-list-type": "atomic" - }, - "kind": { - "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", - "type": "string" - }, - "metadata": { - "allOf": [ - { - "$ref": "#/components/schemas/io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta" + "description": "DataUploadStatus is the current status of a DataUpload.", + "properties": { + "acceptedByNode": { + "description": "AcceptedByNode is name of the node where the DataUpload is prepared.", + "type": "string" + }, + "acceptedTimestamp": { + "description": "AcceptedTimestamp records the time the DataUpload is to be prepared.\nThe server's time is used for AcceptedTimestamp", + "format": "date-time", + "nullable": true, + "type": "string" + }, + "completionTimestamp": { + "description": "CompletionTimestamp records the time a backup was completed.\nCompletion time is recorded even on failed backups.\nCompletion time is recorded before uploading the backup object.\nThe server's time is used for CompletionTimestamps", + "format": "date-time", + "nullable": true, + "type": "string" + }, + "dataMoverResult": { + "additionalProperties": { + "type": "string" + }, + "description": "DataMoverResult stores data-mover-specific information as a result of the DataUpload.", + "nullable": true, + "type": "object" + }, + "incrementalBytes": { + "description": "IncrementalBytes holds the number of bytes new or changed since the last backup", + "format": "int64", + "type": "integer" + }, + "message": { + "description": "Message is a message about the DataUpload's status.", + "type": "string" + }, + "node": { + "description": "Node is name of the node where the DataUpload is processed.", + "type": "string" + }, + "nodeOS": { + "description": "NodeOS is OS of the node where the DataUpload is processed.", + "enum": [ + "auto", + "linux", + "windows" + ], + "type": "string" + }, + "path": { + "description": "Path is the full path of the snapshot volume being backed up.", + "type": "string" + }, + "phase": { + "description": "Phase is the current state of the DataUpload.", + "enum": [ + "New", + "Accepted", + "Prepared", + "InProgress", + "Canceling", + "Canceled", + "Completed", + "Failed" + ], + "type": "string" + }, + "progress": { + "description": "Progress holds the total number of bytes of the volume and the current\nnumber of backed up bytes. This can be used to display progress information\nabout the backup operation.", + "properties": { + "bytesDone": { + "format": "int64", + "type": "integer" + }, + "totalBytes": { + "format": "int64", + "type": "integer" + } + }, + "type": "object" + }, + "snapshotID": { + "description": "SnapshotID is the identifier for the snapshot in the backup repository.", + "type": "string" + }, + "startTimestamp": { + "description": "StartTimestamp records the time a backup was started.\nSeparate from CreationTimestamp, since that value changes\non restores.\nThe server's time is used for StartTimestamps", + "format": "date-time", + "nullable": true, + "type": "string" } - ], - "default": {}, - "description": "Standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata" - }, - "secrets": { - "description": "Secrets is a list of the secrets in the same namespace that pods running using this ServiceAccount are allowed to use. Pods are only limited to this list if this service account has a \"kubernetes.io/enforce-mountable-secrets\" annotation set to \"true\". The \"kubernetes.io/enforce-mountable-secrets\" annotation is deprecated since v1.32. Prefer separate namespaces to isolate access to mounted secrets. This field should not be used to find auto-generated service account token secrets for use outside of pods. Instead, tokens can be requested directly using the TokenRequest API, or service account token secrets can be manually created. More info: https://kubernetes.io/docs/concepts/configuration/secret", - "items": { - "allOf": [ - { - "$ref": "#/components/schemas/io.k8s.api.core.v1.ObjectReference" - } - ], - "default": {} }, - "type": "array", - "x-kubernetes-list-map-keys": [ - "name" - ], - "x-kubernetes-list-type": "map", - "x-kubernetes-patch-merge-key": "name", - "x-kubernetes-patch-strategy": "merge" + "type": "object" } }, "required": [], "type": "object", "x-kubernetes-group-version-kind": [ { - "group": "", - "kind": "ServiceAccount", - "version": "v1" - } - ] - }, - "v1/ServiceAccountList": { - "description": "ServiceAccountList is a list of ServiceAccount objects", - "namespaced": true, - "properties": { - "apiVersion": { - "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources", - "type": "string" - }, - "items": { - "description": "List of ServiceAccounts. More info: https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/", - "items": { - "allOf": [ - { - "$ref": "#/components/schemas/io.k8s.api.core.v1.ServiceAccount" - } - ], - "default": {} - }, - "type": "array" - }, - "kind": { - "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", - "type": "string" - }, - "metadata": { - "allOf": [ - { - "$ref": "#/components/schemas/io.k8s.apimachinery.pkg.apis.meta.v1.ListMeta" - } - ], - "default": {}, - "description": "Standard list metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" - } - }, - "required": [ - "items" - ], - "type": "object", - "x-kubernetes-group-version-kind": [ - { - "group": "", - "kind": "ServiceAccountList", - "version": "v1" + "group": "velero.io", + "kind": "DataUpload", + "version": "v2alpha1" } ] }, - "v1/ServiceList": { - "description": "ServiceList holds a list of services.", + "velero.io/v2alpha1/DataUploadList": { + "description": "DataUploadList is a list of DataUpload", "namespaced": true, "properties": { "apiVersion": { @@ -309121,14 +321287,9 @@ "type": "string" }, "items": { - "description": "List of services", + "description": "List of datauploads. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md", "items": { - "allOf": [ - { - "$ref": "#/components/schemas/io.k8s.api.core.v1.Service" - } - ], - "default": {} + "$ref": "#/components/schemas/io.velero.v2alpha1.DataUpload" }, "type": "array" }, @@ -309142,7 +321303,6 @@ "$ref": "#/components/schemas/io.k8s.apimachinery.pkg.apis.meta.v1.ListMeta" } ], - "default": {}, "description": "Standard list metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" } }, @@ -309152,66 +321312,9 @@ "type": "object", "x-kubernetes-group-version-kind": [ { - "group": "", - "kind": "ServiceList", - "version": "v1" - } - ] - }, - "v1/Status": { - "description": "Status is a return value for calls that don't return other objects.", - "namespaced": true, - "properties": { - "apiVersion": { - "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources", - "type": "string" - }, - "code": { - "description": "Suggested HTTP return code for this status, 0 if not set.", - "format": "int32", - "type": "integer" - }, - "details": { - "allOf": [ - { - "$ref": "#/components/schemas/io.k8s.apimachinery.pkg.apis.meta.v1.StatusDetails" - } - ], - "description": "Extended data associated with the reason. Each reason may define its own extended details. This field is optional and the data returned is not guaranteed to conform to any schema except that defined by the reason type." - }, - "kind": { - "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", - "type": "string" - }, - "message": { - "description": "A human-readable description of the status of this operation.", - "type": "string" - }, - "metadata": { - "allOf": [ - { - "$ref": "#/components/schemas/io.k8s.apimachinery.pkg.apis.meta.v1.ListMeta" - } - ], - "default": {}, - "description": "Standard list metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" - }, - "reason": { - "description": "A machine-readable description of why this operation is in the \"Failure\" status. If this value is empty there is no information available. A Reason clarifies an HTTP status code but does not override it.", - "type": "string" - }, - "status": { - "description": "Status of the operation. One of: \"Success\" or \"Failure\". More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status", - "type": "string" - } - }, - "required": [], - "type": "object", - "x-kubernetes-group-version-kind": [ - { - "group": "", - "kind": "Status", - "version": "v1" + "group": "velero.io", + "kind": "DataUploadList", + "version": "v2alpha1" } ] }, diff --git a/ocp_resources/resource.py b/ocp_resources/resource.py index 76593f63b9..279b52cc94 100644 --- a/ocp_resources/resource.py +++ b/ocp_resources/resource.py @@ -494,6 +494,7 @@ class ApiGroup: APPS: str = "apps" APPSTUDIO_REDHAT_COM: str = "appstudio.redhat.com" AUTHENTICATION_K8S_IO: str = "authentication.k8s.io" + BACKUP_KUBEVIRT_IO: str = "backup.kubevirt.io" BATCH: str = "batch" BITNAMI_COM: str = "bitnami.com" CACHING_INTERNAL_KNATIVE_DEV: str = "caching.internal.knative.dev" diff --git a/ocp_resources/virtual_machine_backup.py b/ocp_resources/virtual_machine_backup.py new file mode 100644 index 0000000000..423fe5dc64 --- /dev/null +++ b/ocp_resources/virtual_machine_backup.py @@ -0,0 +1,102 @@ +# Generated using https://github.com/RedHatQE/openshift-python-wrapper/blob/main/class_generator/README.md + + +from typing import Any + +from ocp_resources.exceptions import MissingRequiredArgumentError +from ocp_resources.resource import NamespacedResource + + +class VirtualMachineBackup(NamespacedResource): + """ + VirtualMachineBackup defines the operation of backing up a VM + """ + + api_group: str = NamespacedResource.ApiGroup.BACKUP_KUBEVIRT_IO + + def __init__( + self, + force_full_backup: bool | None = None, + mode: str | None = None, + pvc_name: str | None = None, + skip_quiesce: bool | None = None, + source: dict[str, Any] | None = None, + token_secret_ref: str | None = None, + ttl_duration: str | None = None, + **kwargs: Any, + ) -> None: + r""" + Args: + force_full_backup (bool): ForceFullBackup indicates that a full backup is desired + + mode (str): Mode specifies the way the backup output will be recieved + + pvc_name (str): PvcName required in push mode. Specifies the name of the PVC where the + backup output will be stored + + skip_quiesce (bool): SkipQuiesce indicates whether the VM's filesystem shoule not be + quiesced before the backup + + source (dict[str, Any]): Source specifies the backup source - either a VirtualMachine or a + VirtualMachineBackupTracker. When Kind is VirtualMachine: performs + a backup of the specified VM. When Kind is + VirtualMachineBackupTracker: uses the tracker to get the source VM + and the base checkpoint for incremental backup. The tracker will + be updated with the new checkpoint after backup completion. + + token_secret_ref (str): TokenSecretRef is the name of the secret that will be used to pull the + backup from an associated endpoint + + ttl_duration (str): TtlDuration limits the lifetime of a pull mode backup and its export + If this field is set, after this duration has passed from counting + from CreationTimestamp, the backup is eligible to be automatically + considered as complete. If this field is omitted, a reasonable + default is applied. + + """ + super().__init__(**kwargs) + + self.force_full_backup = force_full_backup + self.mode = mode + self.pvc_name = pvc_name + self.skip_quiesce = skip_quiesce + self.source = source + self.token_secret_ref = token_secret_ref + self.ttl_duration = ttl_duration + + def to_dict(self) -> None: + + super().to_dict() + + if not self.kind_dict and not self.yaml_file: + if self.source is None: + raise MissingRequiredArgumentError(argument="self.source") + + self.res["spec"] = {} + _spec = self.res["spec"] + + _spec["source"] = self.source + + if self.force_full_backup is not None: + _spec["forceFullBackup"] = self.force_full_backup + + if self.mode is not None: + _spec["mode"] = self.mode + + if self.pvc_name is not None: + _spec["pvcName"] = self.pvc_name + + if self.skip_quiesce is not None: + _spec["skipQuiesce"] = self.skip_quiesce + + if self.token_secret_ref is not None: + _spec["tokenSecretRef"] = self.token_secret_ref + + if self.ttl_duration is not None: + _spec["ttlDuration"] = self.ttl_duration + + # End of generated code + + class Mode: + PUSH: str = "Push" + PULL: str = "Pull" diff --git a/ocp_resources/virtual_machine_backup_tracker.py b/ocp_resources/virtual_machine_backup_tracker.py new file mode 100644 index 0000000000..a1c7824eca --- /dev/null +++ b/ocp_resources/virtual_machine_backup_tracker.py @@ -0,0 +1,45 @@ +# Generated using https://github.com/RedHatQE/openshift-python-wrapper/blob/main/class_generator/README.md + + +from typing import Any + +from ocp_resources.exceptions import MissingRequiredArgumentError +from ocp_resources.resource import NamespacedResource + + +class VirtualMachineBackupTracker(NamespacedResource): + """ + VirtualMachineBackupTracker defines the way to track the latest checkpoint of + a backup solution for a vm + """ + + api_group: str = NamespacedResource.ApiGroup.BACKUP_KUBEVIRT_IO + + def __init__( + self, + source: dict[str, Any] | None = None, + **kwargs: Any, + ) -> None: + r""" + Args: + source (dict[str, Any]): Source specifies the VM that this backupTracker is associated with + + """ + super().__init__(**kwargs) + + self.source = source + + def to_dict(self) -> None: + + super().to_dict() + + if not self.kind_dict and not self.yaml_file: + if self.source is None: + raise MissingRequiredArgumentError(argument="self.source") + + self.res["spec"] = {} + _spec = self.res["spec"] + + _spec["source"] = self.source + + # End of generated code